Esempio n. 1
1
 /**
  * Constructor for the base resource class
  *
  * Constructor for the base resource class.
  * If cmid is set create the cm, course, resource objects.
  * and do some checks to make sure people can be here, and so on.
  *
  * @param cmid   integer, the current course module id - not set for new resources
  */
 function resource_base($cmid = 0)
 {
     global $CFG, $COURSE;
     $this->navlinks = array();
     if ($cmid) {
         if (!($this->cm = get_coursemodule_from_id('resource', $cmid))) {
             error("Course Module ID was incorrect");
         }
         if (!($this->course = get_record("course", "id", $this->cm->course))) {
             error("Course is misconfigured");
         }
         if (!($this->resource = get_record("resource", "id", $this->cm->instance))) {
             error("Resource ID was incorrect");
         }
         $this->strresource = get_string("modulename", "resource");
         $this->strresources = get_string("modulenameplural", "resource");
         if (!$this->cm->visible and !has_capability('moodle/course:viewhiddenactivities', get_context_instance(CONTEXT_MODULE, $this->cm->id))) {
             $pagetitle = strip_tags($this->course->shortname . ': ' . $this->strresource);
             $navigation = build_navigation($this->navlinks, $this->cm);
             print_header($pagetitle, $this->course->fullname, $navigation, "", "", true, '', navmenu($this->course, $this->cm));
             notice(get_string("activityiscurrentlyhidden"), "{$CFG->wwwroot}/course/view.php?id={$this->course->id}");
         }
     } else {
         $this->course = $COURSE;
     }
 }
Esempio n. 2
0
function allfriends_content(&$a)
{
    $o = '';
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    if ($a->argc > 1) {
        $cid = intval($a->argv[1]);
    }
    if (!$cid) {
        return;
    }
    $c = q("select name, url, photo from contact where id = %d and uid = %d limit 1", intval($cid), intval(local_user()));
    $a->page['aside'] .= '<div class="vcard">' . '<div class="fn label">' . $c[0]['name'] . '</div>' . '<div id="profile-photo-wrapper">' . '<a href="/contacts/' . $cid . '"><img class="photo" width="175" height="175" 
		src="' . $c[0]['photo'] . '" alt="' . $c[0]['name'] . '" /></div>' . '</div>';
    if (!count($c)) {
        return;
    }
    $o .= '<h2>' . sprintf(t('Friends of %s'), $c[0]['name']) . '</h2>';
    $r = all_friends(local_user(), $cid);
    if (!count($r)) {
        $o .= t('No friends to display.');
        return $o;
    }
    $tpl = get_markup_template('common_friends.tpl');
    foreach ($r as $rr) {
        $o .= replace_macros($tpl, array('$url' => $rr['url'], '$name' => $rr['name'], '$photo' => $rr['photo'], '$tags' => ''));
    }
    $o .= cleardiv();
    //	$o .= paginate($a);
    return $o;
}
 function post()
 {
     if (!local_channel()) {
         return;
     }
     if ($_SESSION['delegate']) {
         return;
     }
     if (!x($_POST, 'qxz_password') || !strlen(trim($_POST['qxz_password']))) {
         return;
     }
     if (!x($_POST, 'verify') || !strlen(trim($_POST['verify']))) {
         return;
     }
     if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
         return;
     }
     $account = \App::get_account();
     $account_id = get_account_id();
     if (!account_verify_password($account['account_email'], $_POST['qxz_password'])) {
         return;
     }
     if ($account['account_password_changed'] != NULL_DATE) {
         $d1 = datetime_convert('UTC', 'UTC', 'now - 48 hours');
         if ($account['account_password_changed'] > d1) {
             notice(t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);
             return;
         }
     }
     $global_remove = intval($_POST['global']);
     account_remove($account_id, 1 - $global_remove);
 }
Esempio n. 4
0
 function get()
 {
     if (argc() > 2 && argv(2) === 'add') {
         $tpl = get_markup_template("settings_oauth_edit.tpl");
         $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), '', t('Name of application')), '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), '$icon' => array('icon', t('Icon url'), '', t('Optional'))));
         return $o;
     }
     if (argc() > 3 && argv(2) === 'edit') {
         $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
         if (!count($r)) {
             notice(t('Application not found.'));
             return;
         }
         $app = $r[0];
         $tpl = get_markup_template("settings_oauth_edit.tpl");
         $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), '$cancel' => t('Cancel'), '$name' => array('name', t('Name'), $app['clname'], ''), '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), '$icon' => array('icon', t('Icon url'), $app['icon'], '')));
         return $o;
     }
     if (argc() > 3 && argv(2) === 'delete') {
         check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
         $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", dbesc(argv(3)), local_channel());
         goaway(z_root() . "/settings/oauth/");
         return;
     }
     $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my \n\t\t\t\tFROM clients\n\t\t\t\tLEFT JOIN tokens ON clients.client_id=tokens.client_id\n\t\t\t\tWHERE clients.uid IN (%d,0)", local_channel(), local_channel());
     $tpl = get_markup_template("settings_oauth.tpl");
     $o .= replace_macros($tpl, array('$form_security_token' => get_form_security_token("settings_oauth"), '$baseurl' => z_root(), '$title' => t('Connected Apps'), '$add' => t('Add application'), '$edit' => t('Edit'), '$delete' => t('Delete'), '$consumerkey' => t('Client key starts with'), '$noname' => t('No name'), '$remove' => t('Remove authorization'), '$apps' => $r));
     return $o;
 }
Esempio n. 5
0
function repair_ostatus_content(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        goaway($_SESSION['return_url']);
        // NOTREACHED
    }
    $o = "<h2>" . t("Resubsribing to OStatus contacts") . "</h2>";
    $uid = local_user();
    $a = get_app();
    $counter = intval($_REQUEST['counter']);
    $r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE\n                `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING));
    if (!$r) {
        return $o . t("Error");
    }
    $total = $r[0]["total"];
    $r = q("SELECT `url` FROM `contact` WHERE\n                `uid` = %d AND `network` = '%s' AND `rel` IN (%d, %d)\n\t\tORDER BY `url`\n\t\tLIMIT %d, 1", intval($uid), dbesc(NETWORK_OSTATUS), intval(CONTACT_IS_FRIEND), intval(CONTACT_IS_SHARING), $counter++);
    if (!$r) {
        $o .= t("Done");
        return $o;
    }
    $o .= "<p>" . $counter . "/" . $total . ": " . $r[0]["url"] . "</p>";
    $o .= "<p>" . t("Keep this window open until done.") . "</p>";
    $result = new_contact($uid, $r[0]["url"], true);
    $a->page['htmlhead'] = '<meta http-equiv="refresh" content="1; URL=' . $a->get_baseurl() . '/repair_ostatus?counter=' . $counter . '">';
    return $o;
}
 public function call_success()
 {
     global $USER, $COURSE, $CFG;
     if (empty($this->_xmlresponse)) {
         if (is_siteadmin($USER->id)) {
             notice(get_string('adminemptyxml', 'adobeconnect'), $CFG->wwwroot . '/admin/settings.php?section=modsettingadobeconnect');
         } else {
             notice(get_string('emptyxml', 'adobeconnect'), '', $COURSE);
         }
     }
     $dom = new DomDocument();
     $dom->loadXML($this->_xmlresponse);
     $domnodelist = $dom->getElementsByTagName('status');
     if ($domnodelist->item(0)->hasAttributes()) {
         $domnode = $domnodelist->item(0)->attributes->getNamedItem('code');
         if (!is_null($domnode)) {
             if (0 == strcmp('ok', $domnode->nodeValue)) {
                 return true;
             } else {
                 return false;
             }
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
Esempio n. 7
0
function notifications_content(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied') . EOL);
        goaway($a->get_baseurl());
    }
    $o = '';
    if ($a->argc > 1 && $a->argv[1] == 'all') {
        $sql_extra = '';
    } else {
        $sql_extra = " AND `ignore` = 0 ";
    }
    $tpl = file_get_contents('view/intros-top.tpl');
    $o .= replace_macros($tpl, array('$hide_url' => strlen($sql_extra) ? 'notifications/all' : 'notifications', '$hide_text' => strlen($sql_extra) ? t('Show Ignored Requests') : t('Hide Ignored Requests')));
    $r = q("SELECT `intro`.`id` AS `intro-id`, `intro`.*, `contact`.* \n\t\tFROM `intro` LEFT JOIN `contact` ON `intro`.`contact-id` = `contact`.`id`\n\t\tWHERE `intro`.`blocked` = 0 {$sql_extra} ");
    if ($r !== false && count($r)) {
        $tpl = file_get_contents("view/intros.tpl");
        foreach ($r as $rr) {
            $o .= replace_macros($tpl, array('$intro_id' => $rr['intro-id'], '$dfrn-id' => $rr['issued-id'], '$uid' => $_SESSION['uid'], '$contact-id' => $rr['contact-id'], '$photo' => x($rr, 'photo') ? $rr['photo'] : "images/default-profile.jpg", '$fullname' => $rr['name'], '$knowyou' => $rr['knowyou'] ? t('yes') : t('no'), '$url' => $rr['url'], '$note' => $rr['note']));
        }
    } else {
        notice(t('No notifications.') . EOL);
    }
    return $o;
}
Esempio n. 8
0
function lostpass_content(&$a)
{
    if (x($_GET, 'verify')) {
        $verify = $_GET['verify'];
        $r = q("SELECT * FROM account WHERE account_reset = '%s' LIMIT 1", dbesc($verify));
        if (!$r) {
            notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
            goaway(z_root());
            return;
        }
        $aid = $r[0]['account_id'];
        $email = $r[0]['account_email'];
        $new_password = autoname(6) . mt_rand(100, 9999);
        $salt = random_string(32);
        $password_encoded = hash('whirlpool', $salt . $new_password);
        $r = q("UPDATE account SET account_salt = '%s', account_password = '******', account_reset = '', account_flags = (account_flags & ~%d) where account_id = %d", dbesc($salt), dbesc($password_encoded), intval(ACCOUNT_UNVERIFIED), intval($aid));
        if ($r) {
            $tpl = get_markup_template('pwdreset.tpl');
            $o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
            info("Your password has been reset." . EOL);
            $email_tpl = get_intltext_template("passchanged_eml.tpl");
            $message = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => sprintf(t('Site Member (%s)'), $email), '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
            $subject = email_header_encode(sprintf(t('Your password has changed at %s'), get_config('system', 'sitename')), 'UTF-8');
            $res = mail($email, $subject, $message, 'From: ' . 'Administrator@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
            return $o;
        }
    } else {
        $tpl = get_markup_template('lostpass.tpl');
        $o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Email Address'), '$submit' => t('Reset')));
        return $o;
    }
}
Esempio n. 9
0
 function get()
 {
     $o = '';
     if (!\App::$profile['profile_uid']) {
         return;
     }
     $observer_hash = get_observer_hash();
     if (!perm_is_allowed(\App::$profile['profile_uid'], $observer_hash, 'view_contacts')) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $o .= '<h2>' . t('Common connections') . '</h2>';
     $t = count_common_friends(\App::$profile['profile_uid'], $observer_hash);
     if (!$t) {
         notice(t('No connections in common.') . EOL);
         return $o;
     }
     $r = common_friends(\App::$profile['profile_uid'], $observer_hash);
     if ($r) {
         $tpl = get_markup_template('common_friends.tpl');
         foreach ($r as $rr) {
             $o .= replace_macros($tpl, array('$url' => $rr['xchan_url'], '$name' => $rr['xchan_name'], '$photo' => $rr['xchan_photo_m'], '$tags' => ''));
         }
         $o .= cleardiv();
     }
     return $o;
 }
Esempio n. 10
0
function viewsrc_content(&$a)
{
    $o = '';
    $sys = get_sys_channel();
    $item_id = argc() > 1 ? intval(argv(1)) : 0;
    $json = argc() > 2 && argv(2) === 'json' ? true : false;
    if (!local_channel()) {
        notice(t('Permission denied.') . EOL);
    }
    if (!$item_id) {
        App::$error = 404;
        notice(t('Item not found.') . EOL);
    }
    $item_normal = item_normal();
    if (local_channel() && $item_id) {
        $r = q("select id, item_flags, item_obscured, body from item where uid in (%d , %d) and id = %d {$item_normal} limit 1", intval(local_channel()), intval($sys['channel_id']), intval($item_id));
        if ($r) {
            if (intval($r[0]['item_obscured'])) {
                $r[0]['body'] = crypto_unencapsulate(json_decode($r[0]['body'], true), get_config('system', 'prvkey'));
            }
            $o = $json ? json_encode($r[0]['body']) : str_replace("\n", '<br />', $r[0]['body']);
        }
    }
    if (is_ajax()) {
        print '<div><i class="icon-pencil"> ' . t('Source of Item') . ' ' . $r[0]['id'] . '</i></div>';
        echo $o;
        killme();
    }
    return $o;
}
Esempio n. 11
0
 function post()
 {
     $using_api = false;
     if (\App::$data['api_info'] && array_key_exists('media', $_FILES)) {
         $using_api = true;
         $user_info = \App::$data['api_info'];
         $nick = $user_info['screen_name'];
         $channel = get_channel_by_nick($user_info['screen_name']);
     } elseif (argc() > 1) {
         $channel = get_channel_by_nick(argv(1));
     }
     if (!$channel) {
         killme();
     }
     $observer = \App::get_observer();
     $def_album = get_pconfig($channel['channel_id'], 'system', 'photo_path');
     $def_attach = get_pconfig($channel['channel_id'], 'system', 'attach_path');
     $r = attach_store($channel, $observer ? $observer['xchan_hash'] : '', '', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'allow_cid' => '<' . $channel['channel_hash'] . '>'));
     if (!$r['success']) {
         notice($r['message'] . EOL);
         killme();
     }
     if (intval($r['data']['is_photo'])) {
         $s = "\n\n" . $r['body'] . "\n\n";
     } else {
         $s = "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
     }
     if ($using_api) {
         return $s;
     }
     echo $s;
     killme();
 }
Esempio n. 12
0
 function get()
 {
     if (!local_channel()) {
         return login();
     }
     $content = '<h3>' . t('Configuration Editor') . '</h3>';
     $content .= '<div class="descriptive-paragraph">' . t('Warning: Changing some settings could render your channel inoperable. Please leave this page unless you are comfortable with and knowledgeable about how to correctly use this feature.') . '</div>' . EOL . EOL;
     if (argc() == 3) {
         $content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL;
         $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '">pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . ']</a>' . EOL . EOL;
         $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . escape_tags(argv(2)) . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . escape_tags(argv(2)) . ']</a> = ' . get_pconfig(local_channel(), escape_tags(argv(1)), escape_tags(argv(2))) . EOL;
         if (in_array(argv(2), $this->disallowed_pconfig())) {
             notice(t('This setting requires special processing and editing has been blocked.') . EOL);
             return $content;
         } else {
             $content .= $this->pconfig_form(escape_tags(argv(1)), escape_tags(argv(2)));
         }
     }
     if (argc() == 2) {
         $content .= '<a href="pconfig">pconfig[' . local_channel() . ']</a>' . EOL;
         load_pconfig(local_channel(), escape_tags(argv(1)));
         foreach (\App::$config[local_channel()][escape_tags(argv(1))] as $k => $x) {
             $content .= '<a href="pconfig/' . escape_tags(argv(1)) . '/' . $k . '" >pconfig[' . local_channel() . '][' . escape_tags(argv(1)) . '][' . $k . ']</a> = ' . escape_tags($x) . EOL;
         }
     }
     if (argc() == 1) {
         $r = q("select * from pconfig where uid = " . local_channel());
         if ($r) {
             foreach ($r as $rr) {
                 $content .= '<a href="' . 'pconfig/' . escape_tags($rr['cat']) . '/' . escape_tags($rr['k']) . '" >pconfig[' . local_channel() . '][' . escape_tags($rr['cat']) . '][' . escape_tags($rr['k']) . ']</a> = ' . escape_tags($rr['v']) . EOL;
             }
         }
     }
     return $content;
 }
Esempio n. 13
0
function follow_post(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        goaway($_SESSION['return_url']);
        // NOTREACHED
    }
    if ($_REQUEST['cancel']) {
        goaway($_SESSION['return_url']);
    }
    $uid = local_user();
    $url = notags(trim($_REQUEST['url']));
    $return_url = $_SESSION['return_url'];
    // Makes the connection request for friendica contacts easier
    // This is just a precaution if maybe this page is called somewhere directly via POST
    $_SESSION["fastlane"] = $url;
    $result = new_contact($uid, $url, true);
    if ($result['success'] == false) {
        if ($result['message']) {
            notice($result['message']);
        }
        goaway($return_url);
    } elseif ($result['cid']) {
        goaway($a->get_baseurl() . '/contacts/' . $result['cid']);
    }
    info(t('Contact added') . EOL);
    if (strstr($return_url, 'contacts')) {
        goaway($a->get_baseurl() . '/contacts/' . $contact_id);
    }
    goaway($return_url);
    // NOTREACHED
}
Esempio n. 14
0
File: group.php Progetto: Mauru/red
/** @file */
function group_add($uid, $name, $public = 0)
{
    $ret = false;
    if (x($uid) && x($name)) {
        $r = group_byname($uid, $name);
        // check for dups
        if ($r !== false) {
            // This could be a problem.
            // Let's assume we've just created a group which we once deleted
            // all the old members are gone, but the group remains so we don't break any security
            // access lists. What we're doing here is reviving the dead group, but old content which
            // was restricted to this group may now be seen by the new group members.
            $z = q("SELECT * FROM `groups` WHERE `id` = %d LIMIT 1", intval($r));
            if (count($z) && $z[0]['deleted']) {
                $r = q("UPDATE `groups` SET `deleted` = 0 WHERE `uid` = %d AND `name` = '%s' LIMIT 1", intval($uid), dbesc($name));
                notice(t('A deleted group with this name was revived. Existing item permissions <strong>may</strong> apply to this group and any future members. If this is not what you intended, please create another group with a different name.') . EOL);
            }
            return true;
        }
        do {
            $dups = false;
            $hash = random_string() . $name;
            $r = q("SELECT id FROM `groups` WHERE hash = '%s' LIMIT 1", dbesc($hash));
            if ($r) {
                $dups = true;
            }
        } while ($dups == true);
        $r = q("INSERT INTO `groups` ( hash, uid, visible, name )\n\t\t\tVALUES( '%s', %d, %d, '%s' ) ", dbesc($hash), intval($uid), intval($public), dbesc($name));
        $ret = $r;
    }
    build_sync_packet($uid, null, true);
    return $ret;
}
Esempio n. 15
0
function lostpass_content(&$a)
{
    if (x($_GET, 'verify')) {
        $verify = $_GET['verify'];
        $hash = hash('whirlpool', $verify);
        $r = q("SELECT * FROM `user` WHERE `pwdreset` = '%s' LIMIT 1", dbesc($hash));
        if (!count($r)) {
            notice(t("Request could not be verified. (You may have previously submitted it.) Password reset failed.") . EOL);
            goaway(z_root());
            return;
        }
        $uid = $r[0]['uid'];
        $username = $r[0]['username'];
        $email = $r[0]['email'];
        $new_password = autoname(6) . mt_rand(100, 9999);
        $new_password_encoded = hash('whirlpool', $new_password);
        $r = q("UPDATE `user` SET `password` = '%s', `pwdreset` = ''  WHERE `uid` = %d LIMIT 1", dbesc($new_password_encoded), intval($uid));
        if ($r) {
            $tpl = get_markup_template('pwdreset.tpl');
            $o .= replace_macros($tpl, array('$lbl1' => t('Password Reset'), '$lbl2' => t('Your password has been reset as requested.'), '$lbl3' => t('Your new password is'), '$lbl4' => t('Save or copy your new password - and then'), '$lbl5' => '<a href="' . $a->get_baseurl() . '">' . t('click here to login') . '</a>.', '$lbl6' => t('Your password may be changed from the <em>Settings</em> page after successful login.'), '$newpass' => $new_password, '$baseurl' => $a->get_baseurl()));
            info("Your password has been reset." . EOL);
            $email_tpl = get_intltext_template("passchanged_eml.tpl");
            $email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$new_password' => $new_password, '$uid' => $newuid));
            $res = mail($email, "Your password has changed at {$a->config['sitename']}", $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
            return $o;
        }
    } else {
        $tpl = get_markup_template('lostpass.tpl');
        $o .= replace_macros($tpl, array('$title' => t('Forgot your Password?'), '$desc' => t('Enter your email address and submit to have your password reset. Then check your email for further instructions.'), '$name' => t('Nickname or Email: '), '$submit' => t('Reset')));
        return $o;
    }
}
Esempio n. 16
0
function removeaccount_post(&$a)
{
    if (!local_user()) {
        return;
    }
    if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
        return;
    }
    if (!x($_POST, 'qxz_password') || !strlen(trim($_POST['qxz_password']))) {
        return;
    }
    if (!x($_POST, 'verify') || !strlen(trim($_POST['verify']))) {
        return;
    }
    if ($_POST['verify'] !== $_SESSION['remove_account_verify']) {
        return;
    }
    $account = $a->get_account();
    $account_id = get_account_id();
    if (!account_verify_password($account['account_email'], $_POST['qxz_password'])) {
        return;
    }
    if ($account['account_password_changed'] != NULL_DATE) {
        $d1 = datetime_convert('UTC', 'UTC', 'now - 48 hours');
        if ($account['account_password_changed'] > d1) {
            notice(t('Account removals are not allowed within 48 hours of changing the account password.') . EOL);
            return;
        }
    }
    require_once 'include/Contact.php';
    $global_remove = intval($_POST['global']);
    account_remove($account_id, true);
}
Esempio n. 17
0
 function get()
 {
     $acc = \App::get_account();
     if (!$acc || $acc['account_id'] != get_account_id()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $default_role = '';
     $aid = get_account_id();
     if ($aid) {
         $r = q("select count(channel_id) as total from channel where channel_account_id = %d", intval($aid));
         if ($r && !intval($r[0]['total'])) {
             $default_role = get_config('system', 'default_permissions_role');
         }
         $limit = account_service_class_fetch(get_account_id(), 'total_identities');
         if ($r && $limit !== false) {
             $channel_usage_message = sprintf(t("You have created %1\$.0f of %2\$.0f allowed channels."), $r[0]['total'], $limit);
         } else {
             $channel_usage_message = '';
         }
     }
     $privacy_role = x($_REQUEST, 'permissions_role') ? $_REQUEST['permissions_role'] : "";
     $perm_roles = \Zotlabs\Access\PermissionRoles::roles();
     if (get_account_techlevel() < 4 && $privacy_role !== 'custom') {
         unset($perm_roles[t('Other')]);
     }
     $name = array('name', t('Name or caption'), x($_REQUEST, 'name') ? $_REQUEST['name'] : '', t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"'), "*");
     $nickhub = '@' . \App::get_hostname();
     $nickname = array('nickname', t('Choose a short nickname'), x($_REQUEST, 'nickname') ? $_REQUEST['nickname'] : '', sprintf(t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub), "*");
     $role = array('permissions_role', t('Channel role and privacy'), $privacy_role ? $privacy_role : 'social', t('Select a channel role with your privacy requirements.') . ' <a href="help/roles" target="_blank">' . t('Read more about roles') . '</a>', $perm_roles);
     $o = replace_macros(get_markup_template('new_channel.tpl'), array('$title' => t('Create Channel'), '$desc' => t('A channel is your identity on this network. It can represent a person, a blog, or a forum to name a few. Channels can make connections with other channels to share information with highly detailed permissions.'), '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, '$default_role' => $default_role, '$nickname' => $nickname, '$submit' => t('Create'), '$channel_usage_message' => $channel_usage_message));
     return $o;
 }
Esempio n. 18
0
 function get()
 {
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     $channel = \App::get_channel();
     $app = null;
     $embed = null;
     if ($_REQUEST['appid']) {
         $r = q("select * from app where app_id = '%s' and app_channel = %d limit 1", dbesc($_REQUEST['appid']), dbesc(local_channel()));
         if ($r) {
             $app = $r[0];
             $term = q("select * from term where otype = %d and oid = %d", intval(TERM_OBJ_APP), intval($r[0]['id']));
             if ($term) {
                 $app['categories'] = '';
                 foreach ($term as $t) {
                     if ($app['categories']) {
                         $app['categories'] .= ',';
                     }
                     $app['categories'] .= $t['term'];
                 }
             }
         }
         $embed = array('embed', t('Embed code'), app_encode($app, true), '', 'onclick="this.select();"');
     }
     return replace_macros(get_markup_template('app_create.tpl'), array('$banner' => $app ? t('Edit App') : t('Create App'), '$app' => $app, '$guid' => $app ? $app['app_id'] : '', '$author' => $app ? $app['app_author'] : $channel['channel_hash'], '$addr' => $app ? $app['app_addr'] : $channel['xchan_addr'], '$name' => array('name', t('Name of app'), $app ? $app['app_name'] : '', t('Required')), '$url' => array('url', t('Location (URL) of app'), $app ? $app['app_url'] : '', t('Required')), '$desc' => array('desc', t('Description'), $app ? $app['app_desc'] : '', ''), '$photo' => array('photo', t('Photo icon URL'), $app ? $app['app_photo'] : '', t('80 x 80 pixels - optional')), '$categories' => array('categories', t('Categories (optional, comma separated list)'), $app ? $app['categories'] : '', ''), '$version' => array('version', t('Version ID'), $app ? $app['app_version'] : '', ''), '$price' => array('price', t('Price of app'), $app ? $app['app_price'] : '', ''), '$page' => array('page', t('Location (URL) to purchase app'), $app ? $app['app_page'] : '', ''), '$system' => $app ? intval($app['app_system']) : 0, '$requires' => $app ? $app['app_requires'] : '', '$embed' => $embed, '$submit' => t('Submit')));
 }
Esempio n. 19
0
function flag_post(&$a)
{
    $id = $_POST['id'];
    $reason = $_POST['reason'];
    $type = 0;
    if ($reason === 'censor') {
        $type = 1;
    } elseif ($reason === 'dead') {
        $type = 2;
    }
    if (!$id || !$type) {
        //		goaway($a->get_baseurl());
        print_r($_POST);
        return;
    }
    $r = q("SELECT * FROM `flag` WHERE `pid` = %d LIMIT 1", intval($id));
    if (!count($r)) {
        $r = q("INSERT INTO `flag` ( `pid`, `reason`, `total` ) VALUES ( %d , %d, 1 ) ", intval($id), intval($type));
        $msg = "An entry ({$id}) has just been flagged for {$reason}.";
        mail('*****@*****.**', "Directory Flag action", $msg);
    } else {
        q("UPDATE `flag` SET `total` = %d WHERE `id` = %d LIMIT 1", intval($r[0]['total']) + 1, intval($r[0]['id']));
    }
    notice("Entry has been flagged.");
    goaway($a->get_baseurl());
}
Esempio n. 20
0
function attach_init(&$a)
{
    if ($a->argc != 2) {
        notice(t('Item not available.') . EOL);
        return;
    }
    $item_id = intval($a->argv[1]);
    // Check for existence, which will also provide us the owner uid
    $r = q("SELECT * FROM `attach` WHERE `id` = %d LIMIT 1", intval($item_id));
    if (!count($r)) {
        notice(t('Item was not found.') . EOL);
        return;
    }
    $sql_extra = permissions_sql($r[0]['uid']);
    // Now we'll see if we can access the attachment
    $r = q("SELECT * FROM `attach` WHERE `id` = '%d' {$sql_extra} LIMIT 1", dbesc($item_id));
    if (!count($r)) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    // Use quotes around the filename to prevent a "multiple Content-Disposition"
    // error in Chrome for filenames with commas in them
    header('Content-type: ' . $r[0]['filetype']);
    header('Content-length: ' . $r[0]['filesize']);
    if (isset($_GET['attachment']) && $_GET['attachment'] === '0') {
        header('Content-disposition: filename="' . $r[0]['filename'] . '"');
    } else {
        header('Content-disposition: attachment; filename="' . $r[0]['filename'] . '"');
    }
    echo $r[0]['data'];
    killme();
    // NOTREACHED
}
Esempio n. 21
0
function hubwall_post(&$a)
{
    if (!is_site_admin()) {
        return;
    }
    $text = trim($_REQUEST['text']);
    if (!$text) {
        return;
    }
    $sender_name = sprintf(t('$1%s Administrator'), \Zotlabs\Lib\System::get_site_name());
    $sender_email = $_REQUEST['sender'];
    $subject = $_REQUEST['subject'];
    $textversion = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "\n"), $text))), ENT_QUOTES, 'UTF-8'));
    $htmlversion = bbcode(stripslashes(str_replace(array("\\r", "\\n"), array("", "<br />\n"), $text)));
    $sql_extra = intval($_REQUEST['test']) ? sprintf(" and account_email = '%s' ", get_config('system', 'admin_email')) : '';
    $recips = q("select account_email from account where account_flags = %d {$sql_extra}", intval(ACCOUNT_OK));
    if (!$recips) {
        notice(t('No recipients found.') . EOL);
        return;
    }
    $total_recips = count($recips);
    $total_delivered = 0;
    foreach ($recips as $recip) {
        $x = \Zotlabs\Lib\Enotify::send(array('fromName' => $sender_name, 'fromEmail' => $sender_email, 'replyTo' => $sender_email, 'toEmail' => $recip['account_email'], 'messageSubject' => $subject, 'htmlVersion' => $htmlversion, 'textVersion' => $textversion));
        if ($x) {
            $total_delivered++;
        }
    }
    info(sprintf(t('%1$d of %2$d messages sent.'), $total_delivered, $total_recips) . EOL);
}
Esempio n. 22
0
function regmod_content(&$a)
{
    global $lang;
    $_SESSION['return_url'] = $a->cmd;
    if (!local_user()) {
        info(t('Please login.') . EOL);
        $o .= '<br /><br />' . login($a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1);
        return $o;
    }
    if (!is_site_admin() || x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
        notice(t('Permission denied.') . EOL);
        return '';
    }
    if ($a->argc != 3) {
        killme();
    }
    $cmd = $a->argv[1];
    $hash = $a->argv[2];
    if ($cmd === 'deny') {
        user_deny($hash);
        goaway($a->get_baseurl() . "/admin/users/");
        killme();
    }
    if ($cmd === 'allow') {
        user_allow($hash);
        goaway($a->get_baseurl() . "/admin/users/");
        killme();
    }
}
Esempio n. 23
0
function bookmarks_content(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    require_once 'include/menu.php';
    require_once 'include/conversation.php';
    $channel = $a->get_channel();
    $o = profile_tabs($a, true, $channel['channel_address']);
    $o .= '<h3>' . t('My Bookmarks') . '</h3>';
    $x = menu_list(local_user(), '', MENU_BOOKMARK);
    if ($x) {
        foreach ($x as $xx) {
            $y = menu_fetch($xx['menu_name'], local_user(), get_observer_hash());
            $o .= menu_render($y, '', true);
        }
    }
    $o .= '<h3>' . t('My Connections Bookmarks') . '</h3>';
    $x = menu_list(local_user(), '', MENU_SYSTEM | MENU_BOOKMARK);
    if ($x) {
        foreach ($x as $xx) {
            $y = menu_fetch($xx['menu_name'], local_user(), get_observer_hash());
            $o .= menu_render($y, '', true);
        }
    }
    return $o;
}
Esempio n. 24
0
function crepair_content(&$a)
{
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $cid = $a->argc > 1 ? intval($a->argv[1]) : 0;
    if ($cid) {
        $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval(local_user()));
    }
    if (!count($r)) {
        notice(t('Contact not found.') . EOL);
        return;
    }
    $contact = $r[0];
    $msg1 = t('Repair Contact Settings');
    $msg2 = t('<strong>WARNING: This is highly advanced</strong> and if you enter incorrect information your communications with this contact may stop working.');
    $msg3 = t('Please use your browser \'Back\' button <strong>now</strong> if you are uncertain what to do on this page.');
    $o .= '<h2>' . $msg1 . '</h2>';
    $o .= '<div class="error-message">' . $msg2 . EOL . EOL . $msg3 . '</div>';
    $o .= EOL . '<a href="contacts/' . $cid . '">' . t('Return to contact editor') . '</a>' . EOL;
    $tpl = get_markup_template('crepair.tpl');
    $o .= replace_macros($tpl, array('$label_name' => t('Name'), '$label_nick' => t('Account Nickname'), '$label_attag' => t('@Tagname - overrides Name/Nickname'), '$label_url' => t('Account URL'), '$label_request' => t('Friend Request URL'), '$label_confirm' => t('Friend Confirm URL'), '$label_notify' => t('Notification Endpoint URL'), '$label_poll' => t('Poll/Feed URL'), '$label_photo' => t('New photo from this URL'), '$contact_name' => $contact['name'], '$contact_nick' => $contact['nick'], '$contact_id' => $contact['id'], '$contact_url' => $contact['url'], '$request' => $contact['request'], '$confirm' => $contact['confirm'], '$notify' => $contact['notify'], '$poll' => $contact['poll'], '$contact_attag' => $contact['attag'], '$lbl_submit' => t('Submit')));
    return $o;
}
Esempio n. 25
0
function suggest_content(&$a)
{
    require_once "mod/proxy.php";
    $o = '';
    if (!local_user()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    $_SESSION['return_url'] = $a->get_baseurl() . '/' . $a->cmd;
    $a->page['aside'] .= findpeople_widget();
    $a->page['aside'] .= follow_widget();
    $r = suggestion_query(local_user());
    if (!count($r)) {
        $o .= t('No suggestions available. If this is a new site, please try again in 24 hours.');
        return $o;
    }
    require_once 'include/contact_selectors.php';
    foreach ($r as $rr) {
        $connlnk = $a->get_baseurl() . '/follow/?url=' . ($rr['connect'] ? $rr['connect'] : $rr['url']);
        $ignlnk = $a->get_baseurl() . '/suggest?ignore=' . $rr['id'];
        $photo_menu = array(array(t("View Profile"), zrl($rr["url"])));
        $photo_menu[] = array(t("Connect/Follow"), $connlnk);
        $photo_menu[] = array(t('Ignore/Hide'), $ignlnk);
        $contact_details = get_contact_details_by_url($rr["url"], local_user());
        $entry = array('url' => zrl($rr['url']), 'itemurl' => $contact_details['addr'] != "" ? $contact_details['addr'] : $rr['url'], 'img_hover' => $rr['url'], 'name' => $rr['name'], 'thumb' => proxy_url($rr['photo'], false, PROXY_SIZE_THUMB), 'details' => $contact_details['location'], 'tags' => $contact_details['keywords'], 'about' => $contact_details['about'], 'account_type' => $contact_details['community'] ? t('Forum') : '', 'ignlnk' => $ignlnk, 'ignid' => $rr['id'], 'conntxt' => t('Connect'), 'connlnk' => $connlnk, 'photo_menu' => $photo_menu, 'ignore' => t('Ignore/Hide'), 'network' => network_to_name($rr['network'], $rr['url']), 'id' => ++$id);
        $entries[] = $entry;
    }
    $tpl = get_markup_template('viewcontact_template.tpl');
    $o .= replace_macros($tpl, array('$title' => t('Friend Suggestions'), '$contacts' => $entries));
    return $o;
}
Esempio n. 26
0
function hcard_init(&$a)
{
    if (argc() > 1) {
        $which = argv(1);
    } else {
        notice(t('Requested profile is not available.') . EOL);
        $a->error = 404;
        return;
    }
    $profile = '';
    $channel = $a->get_channel();
    if (local_channel() && argc() > 2 && argv(2) === 'view') {
        $which = $channel['channel_address'];
        $profile = argv(1);
        $r = q("select profile_guid from profile where id = %d and uid = %d limit 1", intval($profile), intval(local_channel()));
        if (!$r) {
            $profile = '';
        }
        $profile = $r[0]['profile_guid'];
    }
    $a->page['htmlhead'] .= '<link rel="alternate" type="application/atom+xml" href="' . $a->get_baseurl() . '/feed/' . $which . '" />' . "\r\n";
    if (!$profile) {
        $x = q("select channel_id as profile_uid from channel where channel_address = '%s' limit 1", dbesc(argv(1)));
        if ($x) {
            $a->profile = $x[0];
        }
    }
    profile_load($a, $which, $profile);
}
Esempio n. 27
0
 function get()
 {
     require_once 'include/acl_selectors.php';
     if (!local_channel()) {
         notice(t('Permission denied.') . EOL);
         return;
     }
     if (\App::$argc != 2) {
         return;
     }
     $contact_id = intval(\App::$argv[1]);
     $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($contact_id), intval(local_channel()));
     if (!count($r)) {
         notice(t('Contact not found.') . EOL);
         return;
     }
     $contact = $r[0];
     $o = '<h3>' . t('Suggest Friends') . '</h3>';
     $o .= '<div id="fsuggest-desc" >' . sprintf(t('Suggest a friend for %s'), $contact['name']) . '</div>';
     $o .= '<form id="fsuggest-form" action="fsuggest/' . $contact_id . '" method="post" >';
     // FIXME contact_selector deprecated, removed
     //	$o .= contact_selector('suggest','suggest-select', false,
     //		array('size' => 4, 'exclude' => $contact_id, 'networks' => 'DFRN_ONLY', 'single' => true));
     $o .= '<div id="fsuggest-submit-wrapper"><input id="fsuggest-submit" type="submit" name="submit" value="' . t('Submit') . '" /></div>';
     $o .= '</form>';
     return $o;
 }
Esempio n. 28
0
function pdledit_content(&$a)
{
    if (!local_channel()) {
        notice(t('Permission denied.') . EOL);
        return;
    }
    if (argc() > 1) {
        $module = 'mod_' . argv(1) . '.pdl';
    } else {
        $o .= '<h1>' . t('Edit System Page Description') . '</h1>';
        $files = glob('mod/*');
        if ($files) {
            foreach ($files as $f) {
                $name = basename($f, '.php');
                $x = theme_include('mod_' . $name . '.pdl');
                if ($x) {
                    $o .= '<a href="pdledit/' . $name . '" >' . $name . '</a><br />';
                }
            }
        }
        // list module pdl files
        return $o;
    }
    $t = get_pconfig(local_channel(), 'system', $module);
    if (!$t) {
        $t = file_get_contents(theme_include($module));
    }
    if (!$t) {
        notice(t('Layout not found.') . EOL);
        return '';
    }
    $o = replace_macros(get_markup_template('pdledit.tpl'), array('$header' => t('Edit System Page Description'), '$mname' => t('Module Name:'), '$help' => t('Layout Help'), '$module' => argv(1), '$content' => htmlspecialchars($t, ENT_COMPAT, 'UTF-8'), '$submit' => t('Submit')));
    return $o;
}
Esempio n. 29
0
 function build_editform($item, $feedback, $cm)
 {
     global $DB;
     $editurl = new moodle_url('/mod/feedback/edit.php', array('id' => $cm->id));
     //ther are no settings for recaptcha
     if (isset($item->id) and $item->id > 0) {
         notice(get_string('there_are_no_settings_for_recaptcha', 'feedback'), $editurl->out());
         exit;
     }
     //only one recaptcha can be in a feedback
     if ($DB->record_exists('feedback_item', array('feedback' => $feedback->id, 'typ' => $this->type))) {
         notice(get_string('only_one_captcha_allowed', 'feedback'), $editurl->out());
         exit;
     }
     $this->item = $item;
     $this->feedback = $feedback;
     $this->item_form = true;
     //dummy
     $lastposition = $DB->count_records('feedback_item', array('feedback' => $feedback->id));
     $this->item->feedback = $feedback->id;
     $this->item->template = 0;
     $this->item->name = get_string('captcha', 'feedback');
     $this->item->label = get_string('captcha', 'feedback');
     $this->item->presentation = '';
     $this->item->typ = $this->type;
     $this->item->hasvalue = $this->get_hasvalue();
     $this->item->position = $lastposition + 1;
     $this->item->required = 1;
     $this->item->dependitem = 0;
     $this->item->dependvalue = '';
     $this->item->options = '';
 }
Esempio n. 30
0
function merge_platforms($platform_to_merge, $destination_platform)
{
    global $db;
    $db->begin_transaction();
    // First, move all test runs to the test configurations in the destination for all test configurations that
    // exist in both the original platform and the platform into which we're merging.
    if (!$db->query_and_get_affected_rows('UPDATE test_runs SET run_config = destination.config_id
        FROM test_configurations as merged, test_configurations as destination
        WHERE merged.config_platform = $1 AND destination.config_platform = $2
            AND run_config = merged.config_id
            AND destination.config_type = merged.config_type
            AND destination.config_metric = merged.config_metric', array($platform_to_merge, $destination_platform))) {
        $db->rollback_transaction();
        return notice("Failed to migrate test runs for {$platform_to_merge} that have test configurations in {$destination_platform}.");
    }
    // Then migrate test configurations that don't exist in the destination platform to the new platform
    // so that test runs associated with those configurations are moved to the destination.
    if ($db->query_and_get_affected_rows('UPDATE test_configurations SET config_platform = $2
        WHERE config_platform = $1 AND config_metric NOT IN (SELECT config_metric FROM test_configurations WHERE config_platform = $2)', array($platform_to_merge, $destination_platform)) === FALSE) {
        $db->rollback_transaction();
        return notice("Failed to migrate test configurations for {$platform_to_merge}.");
    }
    if ($db->query_and_fetch_all('SELECT * FROM test_runs, test_configurations WHERE run_config = config_id AND config_platform = $1', array($platform_to_merge))) {
        // We should never reach here.
        $db->rollback_transaction();
        return notice('Failed to migrate all test runs.');
    }
    $db->query_and_get_affected_rows('DELETE FROM platforms WHERE platform_id = $1', array($platform_to_merge));
    $db->commit_transaction();
}