/**
* Updates the users last login at field.
* @return boolean whether the update was successful.
*/
public function updateLastLoginAt()
{
if (!$this->isGuest) {
if (($model = $this->loadModel()) !== null) {
$model->lastLoginAt = sqlDateTime();
return $model->save(true, array('lastLoginAt'));
}
}
return false;
}
static function create($username, $password, $email, $title, $firstname, $lastname, $accType = 'user')
{
$dbInsert = new DBObject("users", array("username", "password", "email", "title", "firstname", "lastname", "datecreated", "createdip", "status", "level", "paymentTracker"));
$dbInsert->username = $username;
$dbInsert->password = MD5($password);
$dbInsert->email = $email;
$dbInsert->title = $title;
$dbInsert->firstname = $firstname;
$dbInsert->lastname = $lastname;
$dbInsert->datecreated = sqlDateTime();
$dbInsert->createdip = getUsersIPAddress();
$dbInsert->status = 'active';
$dbInsert->level = 'free user';
$dbInsert->paymentTracker = MD5(time() . $username);
if ($dbInsert->insert()) {
return $dbInsert;
}
return false;
}
protected function saveData()
{
$flds = array('title', 'content', 'active');
foreach ($flds as $fld) {
${$fld} = mysql_real_escape_string($this->{$fld});
}
$dateTimes = array('start');
foreach ($dateTimes as $item) {
${$item} = sqlDateTime($this->{$item});
}
if ($this->id) {
mysql_query("UPDATE newsletters SET Title='{$title}', Content='{$content}', Start='{$start}', Active='{$active}', LastChange=CURRENT_TIMESTAMP WHERE ID={$this->id}");
} else {
mysql_query("INSERT INTO newsletters(Title, Content, Start, Active) VALUES ('{$title}', '{$content}', '{$start}', {$active})");
$this->id = mysql_insert_id();
}
}
private function handle_file_upload($uploaded_file, $name, $size, $type, $error)
{
$fileUpload = new stdClass();
$fileUpload->name = basename(stripslashes($name));
$fileUpload->size = intval($size);
$fileUpload->type = $type;
$fileUpload->error = null;
$extension = end(explode(".", $fileUpload->name));
$fileUpload->error = $this->has_error($uploaded_file, $fileUpload, $error);
if (!$fileUpload->error) {
if (strlen(trim($fileUpload->name)) == 0) {
$fileUpload->error = 'Filename not found.';
}
} elseif (intval($size) == 0) {
$fileUpload->error = 'File received has zero size.';
} elseif (intval($size) > $this->options['max_file_size']) {
$fileUpload->error = 'File received is larger than permitted.';
}
if (!$fileUpload->error && $fileUpload->name) {
if ($fileUpload->name[0] === '.') {
$fileUpload->name = substr($fileUpload->name, 1);
}
$newFilename = MD5(microtime());
// figure out upload type
$file_size = 0;
// select server from pool
$uploadServerId = getAvailableServerId();
$db = Database::getDatabase(true);
$uploadServerDetails = $db->getRow('SELECT * FROM file_server WHERE id = ' . $db->quote($uploadServerId));
// override storage path
if (strlen($uploadServerDetails['storagePath'])) {
$this->options['upload_dir'] = $uploadServerDetails['storagePath'];
if (substr($this->options['upload_dir'], strlen($this->options['upload_dir']) - 1, 1) == '/') {
$this->options['upload_dir'] = substr($this->options['upload_dir'], 0, strlen($this->options['upload_dir']) - 1);
}
$this->options['upload_dir'] .= '/';
}
// move remotely via ftp
if ($uploadServerDetails['serverType'] == 'remote') {
// connect ftp
$conn_id = ftp_connect($uploadServerDetails['ipAddress'], $uploadServerDetails['ftpPort'], 30);
if ($conn_id === false) {
$fileUpload->error = 'Could not connect to file server ' . $uploadServerDetails['ipAddress'];
}
// authenticate
if (!$fileUpload->error) {
$login_result = ftp_login($conn_id, $uploadServerDetails['ftpUsername'], $uploadServerDetails['ftpPassword']);
if ($login_result === false) {
$fileUpload->error = 'Could not authenticate with file server ' . $uploadServerDetails['ipAddress'];
}
}
// create the upload folder
if (!$fileUpload->error) {
$uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2);
if (!ftp_mkdir($conn_id, $uploadPathDir)) {
// Error reporting removed for now as it causes issues with existing folders. Need to add a check in before here
// to see if the folder exists, then create if not.
// $fileUpload->error = 'There was a problem creating the storage folder on '.$uploadServerDetails['ipAddress'];
}
}
// upload via ftp
if (!$fileUpload->error) {
$file_path = $uploadPathDir . '/' . $newFilename;
clearstatcache();
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
// initiate ftp
$ret = ftp_nb_put($conn_id, $file_path, $uploaded_file, FTP_BINARY, FTP_AUTORESUME);
while ($ret == FTP_MOREDATA) {
// continue uploading
$ret = ftp_nb_continue($conn_id);
}
if ($ret != FTP_FINISHED) {
$fileUpload->error = 'There was a problem uploading the file to ' . $uploadServerDetails['ipAddress'];
} else {
$file_size = filesize($uploaded_file);
@unlink($uploaded_file);
}
}
}
// close ftp connection
ftp_close($conn_id);
} else {
// create the upload folder
$uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2);
@mkdir($uploadPathDir);
$file_path = $uploadPathDir . '/' . $newFilename;
clearstatcache();
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
move_uploaded_file($uploaded_file, $file_path);
}
$file_size = filesize($file_path);
}
// check filesize uploaded matches tmp uploaded
if ($file_size === $fileUpload->size) {
$fileUpload->url = $this->options['upload_url'] . rawurlencode($fileUpload->name);
// insert into the db
$fileUpload->size = $file_size;
$fileUpload->delete_url = '~d?' . $this->options['delete_hash'];
$fileUpload->info_url = '~i?' . $this->options['delete_hash'];
$fileUpload->delete_type = 'DELETE';
// create delete hash, make sure it's unique
$deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime());
$existingFile = file::loadByDeleteHash($deleteHash);
while ($existingFile != false) {
$deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime());
$existingFile = file::loadByDeleteHash($deleteHash);
}
// store in db
$db = Database::getDatabase(true);
$dbInsert = new DBObject("file", array("originalFilename", "shortUrl", "fileType", "extension", "fileSize", "localFilePath", "userId", "totalDownload", "uploadedIP", "uploadedDate", "statusId", "deleteHash", "serverId"));
$dbInsert->originalFilename = $fileUpload->name;
$dbInsert->shortUrl = 'temp';
$dbInsert->fileType = $fileUpload->type;
$dbInsert->extension = $extension;
$dbInsert->fileSize = $fileUpload->size;
$dbInsert->localFilePath = substr($file_path, strlen($this->options['upload_dir']), 99999);
// add user id if user is logged in
$dbInsert->userId = NULL;
$Auth = Auth::getAuth();
if ($Auth->loggedIn()) {
$dbInsert->userId = (int) $Auth->id;
}
$dbInsert->totalDownload = 0;
$dbInsert->uploadedIP = getUsersIPAddress();
$dbInsert->uploadedDate = sqlDateTime();
$dbInsert->statusId = 1;
$dbInsert->deleteHash = $deleteHash;
$dbInsert->serverId = $uploadServerId;
if (!$dbInsert->insert()) {
$fileUpload->error = 'abort';
}
// create short url
$tracker = 1;
$shortUrl = file::createShortUrlPart($tracker . $dbInsert->id);
$fileTmp = file::loadByShortUrl($shortUrl);
while ($fileTmp) {
$shortUrl = file::createShortUrlPart($tracker . $dbInsert->id);
$fileTmp = file::loadByShortUrl($shortUrl);
$tracker++;
}
// update short url
file::updateShortUrl($dbInsert->id, $shortUrl);
// update fileUpload with file location
$file = file::loadByShortUrl($shortUrl);
$fileUpload->url = $file->getFullShortUrl();
$fileUpload->delete_url = $file->getDeleteUrl();
$fileUpload->info_url = $file->getInfoUrl();
$fileUpload->stats_url = $file->getStatisticsUrl();
$fileUpload->short_url = $shortUrl;
} else {
if ($this->options['discard_aborted_uploads']) {
//@TODO - made ftp compatible
@unlink($file_path);
@unlink($uploaded_file);
if (!isset($fileUpload->error)) {
$fileUpload->error = 'maxFileSize';
}
}
}
}
return $fileUpload;
}
$response = array();
$response['content'] = "";
$response['javascript'] = "";
$response['errors'] = array();
$response['success'] = 1;
/* validate submission */
if (!isValidIP($ip_address)) {
$response['errors']['ip_address'] = array(t("ip_address_invalid_try_again"));
} else {
$db = Database::getDatabase(true);
$row = $db->getRow('SELECT id FROM banned_ips WHERE ipAddress = ' . $db->quote($ip_address));
if (is_array($row)) {
$response['errors']['ip_address'] = array(t("ip_address_already_blocked"));
}
}
/* insert/update db */
if (COUNT($response['errors']) == 0) {
/* create the intial record */
$dbInsert = new DBObject("banned_ips", array("ipAddress", "banType", "banNotes", "dateBanned"));
$dbInsert->ipAddress = $ip_address;
$dbInsert->banType = $ban_type;
$dbInsert->banNotes = $notes;
$dbInsert->dateBanned = sqlDateTime();
if (!$dbInsert->insert()) {
$response['errors']['ip_address'] = array("error_problem_record");
}
}
if (COUNT($response['errors']) > 0) {
$response['success'] = 0;
}
echo json_encode($response);
