/** * Execute the action * * @return void */ public function execute() { // call parent, this will probably add some general CSS/JS or other required files parent::execute(); // get parameters $term = SpoonFilter::getGetValue('term', null, ''); // validate if ($term == '') { $this->output(self::BAD_REQUEST, null, 'term-parameter is missing.'); } // previous search result $previousTerm = SpoonSession::exists('searchTerm') ? SpoonSession::get('searchTerm') : ''; SpoonSession::set('searchTerm', ''); // save this term? if ($previousTerm != $term) { // format data $this->statistics = array(); $this->statistics['term'] = $term; $this->statistics['language'] = FRONTEND_LANGUAGE; $this->statistics['time'] = FrontendModel::getUTCDate(); $this->statistics['data'] = serialize(array('server' => $_SERVER)); $this->statistics['num_results'] = FrontendSearchModel::getTotal($term); // save data FrontendSearchModel::save($this->statistics); } // save current search term in cookie SpoonSession::set('searchTerm', $term); // output $this->output(self::OK); }
/** * Execute the action */ public function execute() { parent::execute(); // get parameters $searchTerm = SpoonFilter::getPostValue('term', null, ''); $term = SPOON_CHARSET == 'utf-8' ? SpoonFilter::htmlspecialchars($searchTerm) : SpoonFilter::htmlentities($searchTerm); // validate if ($term == '') { $this->output(self::BAD_REQUEST, null, 'term-parameter is missing.'); } // previous search result $previousTerm = SpoonSession::exists('searchTerm') ? SpoonSession::get('searchTerm') : ''; SpoonSession::set('searchTerm', ''); // save this term? if ($previousTerm != $term) { // format data $this->statistics = array(); $this->statistics['term'] = $term; $this->statistics['language'] = FRONTEND_LANGUAGE; $this->statistics['time'] = FrontendModel::getUTCDate(); $this->statistics['data'] = serialize(array('server' => $_SERVER)); $this->statistics['num_results'] = FrontendSearchModel::getTotal($term); // save data FrontendSearchModel::save($this->statistics); } // save current search term in cookie SpoonSession::set('searchTerm', $term); // output $this->output(self::OK); }
/** * Fetch a list of items for a list of ids * * @return array * @param array $ids The ids of the items to grab. */ public static function getForTags(array $ids) { // fetch items $items = (array) FrontendModel::getDB()->getRecords('SELECT i.id, i.title FROM pages AS i INNER JOIN meta AS m ON m.id = i.meta_id WHERE i.status = ? AND i.hidden = ? AND i.language = ? AND i.publish_on <= ? AND i.id IN (' . implode(',', $ids) . ') ORDER BY i.title ASC', array('active', 'N', FRONTEND_LANGUAGE, FrontendModel::getUTCDate('Y-m-d H:i') . ':00')); // has items if (!empty($items)) { // reset url foreach ($items as &$row) { $row['full_url'] = FrontendNavigation::getURL($row['id'], FRONTEND_LANGUAGE); } } // return return $items; }
/** * Fetch a list of subpages of a page. * * @param int $ids The id of the item to grab the subpages for. * @return array */ public static function getSubpages($id) { // fetch items $items = (array) FrontendModel::getDB()->getRecords('SELECT i.id, i.title, m.description, i.parent_id FROM pages AS i INNER JOIN meta AS m ON m.id = i.meta_id WHERE i.parent_id = ? AND i.status = ? AND i.hidden = ? AND i.language = ? AND i.publish_on <= ? ORDER BY i.sequence ASC', array((int) $id, 'active', 'N', FRONTEND_LANGUAGE, FrontendModel::getUTCDate('Y-m-d H:i') . ':00')); // has items if (!empty($items)) { // reset url foreach ($items as &$row) { $row['full_url'] = FrontendNavigation::getURL($row['id'], FRONTEND_LANGUAGE); } } // return return $items; }
/** * Validate the form. */ private function validateForm() { // submitted if ($this->frm->isSubmitted()) { // does the key exists? if (SpoonSession::exists('formbuilder_' . $this->item['id'])) { // calculate difference $diff = time() - (int) SpoonSession::get('formbuilder_' . $this->item['id']); // calculate difference, it it isn't 10 seconds the we tell the user to slow down if ($diff < 10 && $diff != 0) { $this->frm->addError(FL::err('FormTimeout')); } } // validate fields foreach ($this->item['fields'] as $field) { // fieldname $fieldName = 'field' . $field['id']; // skip if ($field['type'] == 'submit' || $field['type'] == 'paragraph' || $field['type'] == 'heading') { continue; } // loop other validations foreach ($field['validations'] as $rule => $settings) { // already has an error so skip if ($this->frm->getField($fieldName)->getErrors() !== null) { continue; } // required if ($rule == 'required') { $this->frm->getField($fieldName)->isFilled($settings['error_message']); } elseif ($rule == 'email') { // only check this if the field is filled, if the field is required it will be validated before if ($this->frm->getField($fieldName)->isFilled()) { $this->frm->getField($fieldName)->isEmail($settings['error_message']); } } elseif ($rule == 'numeric') { // only check this if the field is filled, if the field is required it will be validated before if ($this->frm->getField($fieldName)->isFilled()) { $this->frm->getField($fieldName)->isNumeric($settings['error_message']); } } } } // valid form if ($this->frm->isCorrect()) { // item $data['form_id'] = $this->item['id']; $data['session_id'] = SpoonSession::getSessionId(); $data['sent_on'] = FrontendModel::getUTCDate(); $data['data'] = serialize(array('server' => $_SERVER)); // insert data $dataId = FrontendFormBuilderModel::insertData($data); // init fields array $fields = array(); // loop all fields foreach ($this->item['fields'] as $field) { // skip if ($field['type'] == 'submit' || $field['type'] == 'paragraph' || $field['type'] == 'heading') { continue; } // field data $fieldData['data_id'] = $dataId; $fieldData['label'] = $field['settings']['label']; $fieldData['value'] = $this->frm->getField('field' . $field['id'])->getValue(); // prepare fields for email if ($this->item['method'] == 'database_email') { // add field for email $emailFields[] = array('label' => $field['settings']['label'], 'value' => is_array($fieldData['value']) ? implode(',', $fieldData['value']) : nl2br($fieldData['value'])); } // clean up if (is_array($fieldData['value']) && empty($fieldData['value'])) { $fieldData['value'] = null; } // serialize if ($fieldData['value'] !== null) { $fieldData['value'] = serialize($fieldData['value']); } // save fields data $fields[] = $fieldData; // insert FrontendFormBuilderModel::insertDataField($fieldData); } // need to send mail if ($this->item['method'] == 'database_email') { // build variables $variables['sentOn'] = time(); $variables['name'] = $this->item['name']; $variables['fields'] = $emailFields; // loop recipients foreach ($this->item['email'] as $address) { // add email FrontendMailer::addEmail(sprintf(FL::getMessage('FormBuilderSubject'), $this->item['name']), FRONTEND_MODULES_PATH . '/form_builder/layout/templates/mails/form.tpl', $variables, $address, $this->item['name']); } } // trigger event FrontendModel::triggerEvent('form_builder', 'after_submission', array('form_id' => $this->item['id'], 'data_id' => $dataId, 'data' => $data, 'fields' => $fields, 'visitorId' => FrontendModel::getVisitorId())); // store timestamp in session so we can block excesive usage SpoonSession::set('formbuilder_' . $this->item['id'], time()); // redirect $redirect = SITE_URL . '/' . $this->URL->getQueryString(); $redirect .= stripos($redirect, '?') === false ? '?' : '&'; $redirect .= 'identifier=' . $this->item['identifier']; // redirect with identifier SpoonHTTP::redirect($redirect); } else { // global form errors set if ($this->frm->getErrors() != '') { $this->tpl->assign('formBuilderError', $this->frm->getErrors()); } else { $this->tpl->assign('formBuilderError', FL::err('FormError')); } } } }
/** * Validate the form */ private function validateForm() { // get settings $commentsAllowed = isset($this->settings['allow_comments']) && $this->settings['allow_comments']; // comments aren't allowed so we don't have to validate if (!$commentsAllowed) { return false; } // is the form submitted if ($this->frm->isSubmitted()) { // cleanup the submitted fields, ignore fields that were added by hackers $this->frm->cleanupFields(); // does the key exists? if (SpoonSession::exists('blog_comment_' . $this->record['id'])) { // calculate difference $diff = time() - (int) SpoonSession::get('blog_comment_' . $this->record['id']); // calculate difference, it it isn't 10 seconds the we tell the user to slow down if ($diff < 10 && $diff != 0) { $this->frm->getField('message')->addError(FL::err('CommentTimeout')); } } // validate required fields $this->frm->getField('author')->isFilled(FL::err('AuthorIsRequired')); $this->frm->getField('email')->isEmail(FL::err('EmailIsRequired')); $this->frm->getField('message')->isFilled(FL::err('MessageIsRequired')); // validate optional fields if ($this->frm->getField('website')->isFilled() && $this->frm->getField('website')->getValue() != 'http://') { $this->frm->getField('website')->isURL(FL::err('InvalidURL')); } // no errors? if ($this->frm->isCorrect()) { // get module setting $spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter']; $moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation']; // reformat data $author = $this->frm->getField('author')->getValue(); $email = $this->frm->getField('email')->getValue(); $website = $this->frm->getField('website')->getValue(); if (trim($website) == '' || $website == 'http://') { $website = null; } $text = $this->frm->getField('message')->getValue(); // build array $comment['post_id'] = $this->record['id']; $comment['language'] = FRONTEND_LANGUAGE; $comment['created_on'] = FrontendModel::getUTCDate(); $comment['author'] = $author; $comment['email'] = $email; $comment['website'] = $website; $comment['text'] = $text; $comment['status'] = 'published'; $comment['data'] = serialize(array('server' => $_SERVER)); // get URL for article $permaLink = FrontendNavigation::getURLForBlock('blog', 'detail') . '/' . $this->record['url']; $redirectLink = $permaLink; // is moderation enabled if ($moderationEnabled) { // if the commenter isn't moderated before alter the comment status so it will appear in the moderation queue if (!FrontendBlogModel::isModerated($author, $email)) { $comment['status'] = 'moderation'; } } // should we check if the item is spam if ($spamFilterEnabled) { // check for spam $result = FrontendModel::isSpam($text, SITE_URL . $permaLink, $author, $email, $website); // if the comment is spam alter the comment status so it will appear in the spam queue if ($result) { $comment['status'] = 'spam'; } elseif ($result == 'unknown') { $comment['status'] = 'moderation'; } } // insert comment $comment['id'] = FrontendBlogModel::insertComment($comment); // trigger event FrontendModel::triggerEvent('blog', 'after_add_comment', array('comment' => $comment)); // append a parameter to the URL so we can show moderation if (strpos($redirectLink, '?') === false) { if ($comment['status'] == 'moderation') { $redirectLink .= '?comment=moderation#' . FL::act('Comment'); } if ($comment['status'] == 'spam') { $redirectLink .= '?comment=spam#' . FL::act('Comment'); } if ($comment['status'] == 'published') { $redirectLink .= '?comment=true#comment-' . $comment['id']; } } else { if ($comment['status'] == 'moderation') { $redirectLink .= '&comment=moderation#' . FL::act('Comment'); } if ($comment['status'] == 'spam') { $redirectLink .= '&comment=spam#' . FL::act('Comment'); } if ($comment['status'] == 'published') { $redirectLink .= '&comment=true#comment-' . $comment['id']; } } // set title $comment['post_title'] = $this->record['title']; $comment['post_url'] = $this->record['url']; // notify the admin FrontendBlogModel::notifyAdmin($comment); // store timestamp in session so we can block excesive usage SpoonSession::set('blog_comment_' . $this->record['id'], time()); // store author-data in cookies try { SpoonCookie::set('comment_author', $author, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain()); SpoonCookie::set('comment_email', $email, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain()); SpoonCookie::set('comment_website', $website, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain()); } catch (Exception $e) { // settings cookies isn't allowed, but because this isn't a real problem we ignore the exception } // redirect $this->redirect($redirectLink); } } }
/** * Get related items based on tags * * @return array * @param int $id The id of the item to get related items for. * @param int[optional] $limit The maximum number of items to retrieve. */ public static function getRelated($id, $limit = 5) { // redefine $id = (int) $id; $limit = (int) $limit; // get the related IDs $relatedIDs = (array) FrontendTagsModel::getRelatedItemsByTags($id, 'blog', 'blog'); // no items if (empty($relatedIDs)) { return array(); } // get link $link = FrontendNavigation::getURLForBlock('blog', 'detail'); // get items $items = (array) FrontendModel::getDB()->getRecords('SELECT i.id, i.title, m.url FROM blog_posts AS i INNER JOIN meta AS m ON i.meta_id = m.id WHERE i.status = ? AND i.language = ? AND i.hidden = ? AND i.publish_on <= ? AND i.id IN(' . implode(',', $relatedIDs) . ') ORDER BY i.publish_on DESC, i.id DESC LIMIT ?', array('active', FRONTEND_LANGUAGE, 'N', FrontendModel::getUTCDate('Y-m-d H:i') . ':00', $limit), 'id'); // loop items foreach ($items as &$row) { $row['full_url'] = $link . '/' . $row['url']; } // return return $items; }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtEmail = $this->frm->getField('email'); $txtPassword = $this->frm->getField('password'); // check email if ($txtEmail->isFilled(FL::getError('EmailIsRequired'))) { // valid email? if ($txtEmail->isEmail(FL::getError('EmailIsInvalid'))) { // email already exists? if (FrontendProfilesModel::existsByEmail($txtEmail->getValue())) { // set error $txtEmail->setError(FL::getError('EmailExists')); } } } // check password $txtPassword->isFilled(FL::getError('PasswordIsRequired')); // no errors if ($this->frm->isCorrect()) { // generate salt $salt = FrontendProfilesModel::getRandomString(); // init values $values = array(); // values $values['email'] = $txtEmail->getValue(); $values['password'] = FrontendProfilesModel::getEncryptedString($txtPassword->getValue(), $salt); $values['status'] = 'inactive'; $values['display_name'] = $txtEmail->getValue(); $values['registered_on'] = FrontendModel::getUTCDate(); /* * Add a profile. * We use a try-catch statement to catch errors when more users sign up simultaneously. */ try { // insert profile $profileId = FrontendProfilesModel::insert($values); // use the profile id as url until we have an actual url FrontendProfilesModel::update($profileId, array('url' => FrontendProfilesModel::getUrl($values['display_name']))); // trigger event FrontendModel::triggerEvent('profiles', 'after_register', array('id' => $profileId)); // generate activation key $activationKey = FrontendProfilesModel::getEncryptedString($profileId . microtime(), $salt); // set settings FrontendProfilesModel::setSetting($profileId, 'salt', $salt); FrontendProfilesModel::setSetting($profileId, 'activation_key', $activationKey); // login FrontendProfilesAuthentication::login($profileId); // activation URL $mailValues['activationUrl'] = SITE_URL . FrontendNavigation::getURLForBlock('profiles', 'activate') . '/' . $activationKey; // send email FrontendMailer::addEmail(FL::getMessage('RegisterSubject'), FRONTEND_MODULES_PATH . '/profiles/layout/templates/mails/register.tpl', $mailValues, $values['email'], ''); // redirect $this->redirect(SELF . '?sent=true'); } catch (Exception $e) { // when debugging we need to see the exceptions if (SPOON_DEBUG) { throw $e; } // show error $this->tpl->assign('registerHasFormError', true); } } else { $this->tpl->assign('registerHasFormError', true); } } }
/** * Login a profile. * * @return bool * @param int $profileId Login the profile with this id in. * @param bool[optional] $remember Should we set a cookie for later? */ public static function login($profileId, $remember = false) { // redefine vars $profileId = (int) $profileId; $remember = (bool) $remember; $secretKey = null; // cleanup old sessions self::cleanupOldSessions(); // set profile_logged_in to true SpoonSession::set('frontend_profile_logged_in', true); // should we remember the user? if ($remember) { // generate secret key $secretKey = FrontendProfilesModel::getEncryptedString(SpoonSession::getSessionId(), FrontendProfilesModel::getRandomString()); // set cookie SpoonCookie::set('frontend_profile_secret_key', $secretKey, 60 * 60 * 24 * 31); } // delete all records for this session to prevent duplicate keys (this should never happen) FrontendModel::getDB(true)->delete('profiles_sessions', 'session_id = ?', SpoonSession::getSessionId()); // insert new session record FrontendModel::getDB(true)->insert('profiles_sessions', array('profile_id' => $profileId, 'session_id' => SpoonSession::getSessionId(), 'secret_key' => $secretKey, 'date' => FrontendModel::getUTCDate())); // update last login FrontendProfilesModel::update($profileId, array('last_login' => FrontendModel::getUTCDate())); // load the profile object self::$profile = new FrontendProfilesProfile($profileId); }
/** * Unsubscribes an e-mail address from CampaignMonitor and our database * * @param string $email The e-mail address to unsubscribe. * @param string[optional] $groupId The id of the group to unsubscribe from. * @return bool */ public static function unsubscribe($email, $groupId = null) { // get objects $db = FrontendModel::getDB(true); $cm = self::getCM(); // set group ID $groupId = !empty($groupId) ? $groupId : FrontendMailmotorModel::getDefaultGroupID(); // get group CM ID $groupCMId = self::getCampaignMonitorID('list', $groupId); // group exists if (FrontendMailmotorModel::existsGroup($groupId)) { try { // unsubscribe the email from this group $cm->unsubscribe($email, $groupCMId); } catch (Exception $e) { // stop here if something went wrong with CM return false; } // set variables $subscriber['status'] = 'unsubscribed'; $subscriber['unsubscribed_on'] = FrontendModel::getUTCDate('Y-m-d H:i:s'); // unsubscribe the user $db->update('mailmotor_addresses_groups', $subscriber, 'email = ? AND group_id = ?', array($email, $groupId)); // user unsubscribed return true; } // user not unsubscribed return false; }
/** * Trigger an event * * @param string $module The module that triggers the event. * @param string $eventName The name of the event. * @param mixed[optional] $data The data that should be send to subscribers. */ public static function triggerEvent($module, $eventName, $data = null) { $module = (string) $module; $eventName = (string) $eventName; // create log instance $log = new SpoonLog('custom', PATH_WWW . '/frontend/cache/logs/events'); // logging when we are in debugmode if (SPOON_DEBUG) { $log->write('Event (' . $module . '/' . $eventName . ') triggered.'); } // get all items that subscribe to this event $subscriptions = (array) self::getDB()->getRecords('SELECT i.module, i.callback FROM hooks_subscriptions AS i WHERE i.event_module = ? AND i.event_name = ?', array($module, $eventName)); // any subscriptions? if (!empty($subscriptions)) { // init var $queuedItems = array(); // loop items foreach ($subscriptions as $subscription) { // build record $item['module'] = $subscription['module']; $item['callback'] = $subscription['callback']; $item['data'] = serialize($data); $item['status'] = 'queued'; $item['created_on'] = FrontendModel::getUTCDate(); // add $queuedItems[] = self::getDB(true)->insert('hooks_queue', $item); // logging when we are in debugmode if (SPOON_DEBUG) { $log->write('Callback (' . $subscription['callback'] . ') is subcribed to event (' . $module . '/' . $eventName . ').'); } } // start processing self::startProcessingHooks(); } }
/** * Save statistics */ private function saveStatistics() { // no search term = no search if (!$this->term) { return; } // previous search result $previousTerm = SpoonSession::exists('searchTerm') ? SpoonSession::get('searchTerm') : ''; SpoonSession::set('searchTerm', ''); // save this term? if ($previousTerm != $this->term) { // format data $this->statistics = array(); $this->statistics['term'] = $this->term; $this->statistics['language'] = FRONTEND_LANGUAGE; $this->statistics['time'] = FrontendModel::getUTCDate(); $this->statistics['data'] = serialize(array('server' => $_SERVER)); $this->statistics['num_results'] = $this->pagination['num_items']; // save data FrontendSearchModel::save($this->statistics); } // save current search term in cookie SpoonSession::set('searchTerm', $this->term); }
/** * Get all queued mail ids * * @return array */ public static function getQueuedMailIds() { // return the ids return (array) FrontendModel::getDB()->getColumn('SELECT e.id FROM emails AS e WHERE e.send_on < ?', array(FrontendModel::getUTCDate())); }
/** * Unsubscribes an e-mail address * * @param string $email The mail address to unsubscribe. * @param string[optional] $groupId The id of the group to unsubscribe from. * @return bool */ public static function unsubscribe($email, $groupId = null) { // get objects $db = FrontendModel::getDB(true); // set groupID $groupId = !empty($groupId) ? $groupId : self::getDefaultGroupID(); // unsubscribe the user in CM if (self::existsGroup($groupId)) { // set variables $subscriber['status'] = 'unsubscribed'; $subscriber['unsubscribed_on'] = FrontendModel::getUTCDate('Y-m-d H:i:s'); // unsubscribe the user $db->update('mailmotor_addresses_groups', $subscriber, 'email = ? AND group_id = ?', array($email, $groupId)); // user unsubscribed return true; } // user not unsubscribed return false; }
/** * Saves the feedback * * @param array $feedback */ public static function saveFeedback(array $feedback) { $feedback['created_on'] = FrontendModel::getUTCDate(); unset($feedback['sentOn']); FrontendModel::getDB(true)->insert('faq_feedback', $feedback); }