Esempio n. 1
0
 /**
  * An html form triggers an update via form submit (POST). The function updates data of a specific comment and 
  * displays a message in the result page.
  * 
  * @param StdClass $args
  * @param ReadOnlyObject $action
  * @param ReadWriteObject $mem_redirect
  * @param ReadWriteObject $mem_resend
  * @return false (in case of a failure) or string pointing to a page that displays a single comment
  */
 public function updateCallback(StdClass $args, ReadOnlyObject $action, ReadWriteObject $mem_redirect, ReadWriteObject $mem_resend)
 {
     $errors = $this->model->checkUpdate($args->post);
     if (count($errors) > 0) {
         $mem_redirect->post = $args->post;
         $mem_redirect->errors = $errors;
         return false;
     }
     $a = $this->model->getSingle($args->post['id']);
     $c = $a[0];
     $msg = "Updating comment #" . $args->post['id'] . " previous where=" . $c->TextWhere . " previous text=" . $c->TextFree . " previous Quality=" . $c->Quality;
     MOD_log::get()->write($msg, 'AdminComments');
     $update = $this->model->update($c, $args->post);
     if ($args->post['subset'] == 'from') {
         $mem_redirect->comments = $this->model->getFrom($this->route_vars['id']);
     } else {
         if ($args->post['subset'] == 'to') {
             $mem_redirect->comments = $this->model->getTo($this->route_vars['id']);
         } else {
             $mem_redirect->comments = $this->model->getSubset($args->post['subset']);
         }
     }
     $this->setFlashNotice("Updated comment of " . $args->post['nameFrom'] . " about " . $args->post['nameTo'] . ".");
     return $this->router->url('admin_comments_list_single', array('id' => $args->post['id']), false);
 }
Esempio n. 2
0
 public function index()
 {
     $vw = new ViewWrap($this->_view);
     $P = PVars::getObj('page');
     $request = PRequest::get()->request;
     if (!isset($request[1])) {
         $request[1] = '';
     }
     $TDonationArray = false;
     $error = false;
     $sub = '';
     $sub = $request[1];
     // static pages
     switch ($request[1]) {
         case 'done':
             $error = $this->_model->returnFromPayPal();
             $TDonationArray = $this->_model->getDonations();
             break;
         case 'cancel':
             if (isset($_SESSION["PaypalBW_key"])) {
                 // Log to track wrong donation
                 MOD_log::get()->write("Donation cancelled  [\$_SESSION[\"PaypalBW_key\"]=" . $_SESSION["PaypalBW_key"] . "]", "Donation");
                 break;
             }
         default:
             $TDonationArray = $this->_model->getDonations();
             break;
     }
     $P->content .= $vw->donate($sub, $TDonationArray, $error);
     // teaser content
     $P->teaserBar .= $vw->ShowSimpleTeaser('Donate', $TDonationArray);
     // submenu
     $P->subMenu .= $vw->submenu($sub);
     // User bar on the left
     $P->newBar .= $vw->donateBar($TDonationArray);
 }
Esempio n. 3
0
    /**
     * Returns true if member belongs to group volunteer
     *
     */
    public function returnFromPayPal()
    {
        /*    
        //The donation returns an url as the following
        http://www.bewelcome.org/bw/donations2.php?action=done&tx=0ME24142PE152304A&st=Completed&amt=5.00&cc=EUR&cm=&item_number=&sig=hYUTlSOjBeJvNqfFqc%252fZbrBA4p6c%252fe6EErVp1w18eOBR96p6hzzenPysL%252bFVPZi8YEcONFovQmYn%252b6QF%252fBYoVhGMoaQJCxBQh%252bLAlC0TdgeScs1skk0%252bpY6SyoC%252fNCV1ou69zWRrhDrtsa4SUHibLD%252f1RwGg43iaZjPhB24I6lg%253d
        */
        // save the first immediate return values
        $tx = $tx_token = $_GET['tx'];
        $payment_amount = $_GET['amt'];
        $payment_currency = $_GET['cc'];
        // read the post from PayPal system and add 'cmd'
        $req = 'cmd=_notify-synch';
        $auth_token = "token is not set";
        if (isset($_SYSHCVOL['paypal_authtoken'])) {
            $auth_token = $_SYSHCVOL['paypal_authtoken'];
        }
        $req .= "&tx={$tx_token}&at={$auth_token}";
        /*			 
                 foreach ($_POST as $key => $value) {
                         $value = trim(urlencode(stripslashes($value)));
                         echo "_POST[", $key,"]=",$value,"<br />";
                }
        
                 foreach ($_GET as $key => $value) {
                         $value = trim(urlencode(stripslashes($value)));
                         echo "_GET[", $key,"]=",$value,"<br />";
                }
        */
        // post back to PayPal system to validate
        $header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
        $fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
        // If possible, securely post back to paypal using HTTPS
        // Your PHP server will need to be SSL enabled
        // $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
        if (!$fp) {
            MOD_log::get()->write("Failed to connect to paypal for return value while checking confirmation on paypal", "donation");
            $error = "A problem occured while checking confirmation with paypal";
            return $error;
        } else {
            fputs($fp, $header . $req);
            // sending the query to paypal
            // read the body data
            $res = '';
            $headerdone = false;
            while (!feof($fp)) {
                // while result not received
                $line = fgets($fp, 1024);
                // reading the result
                if (strcmp($line, "\r\n") == 0) {
                    // read the header
                    $headerdone = true;
                } else {
                    if ($headerdone) {
                        MOD_log::get()->write("Requesting paypal for confirmation (\$tx_token=" . $tx_token . ") [" . $line . "]", "donation");
                        // header has been read. now read the contents
                        $res .= $line;
                    }
                }
            }
            // parse the data to read the return variables by paypal
            $lines = explode("\n", $res);
            $keyarray = array();
            if (strcmp($lines[0], "SUCCESS") == 0) {
                for ($i = 1; $i < count($lines); $i++) {
                    // Retrieve the parameters
                    if (strpos($lines[$i], "=")) {
                        list($key, $val) = explode("=", $lines[$i]);
                    }
                    $keyarray[urldecode($key)] = urldecode($val);
                }
                $ItsOK = true;
                $txn_id = $keyarray['txn_id'];
                if ($payment_amount != $keyarray['mc_gross']) {
                    // If amount differs we will not continue
                    $ItsOK = false;
                    MOD_log::get()->write("Problem for \$payment_amount expected=" . $payment_amount . " return par paypal confirmation=" . $keyarray['mc_gross'], "donation");
                }
                if ($payment_currency != $keyarray['mc_currency']) {
                    // If currency differs we will not continue
                    $ItsOK = false;
                    MOD_log::get()->write("Problem for \$payment_currency expected=" . $payment_currency . " return par paypal confirmation=" . $keyarray['mc_currency'], "donation");
                }
                if ($keyarray['txn_id'] != $tx) {
                    // If control code differs we will not continue
                    $ItsOK = false;
                    MOD_log::get()->write("Problem for txn_id expected=" . $tx . " return par paypal confirmation=" . $keyarray['txn_id'], "donation");
                }
                if (!$ItsOK) {
                    $error = "We detected a problem while checking the success of your donation on paypal";
                    return $error;
                }
                $IdMember = 0;
                $IdCountry = 0;
                // This values will remain if the user was not logged
                if (isset($_SESSION["IdMember"])) {
                    $IdMember = $_SESSION["IdMember"];
                    $query = <<<SQL
SELECT geonames_cache.parentCountryId AS IdCountry
FROM  members, addresses, geonames_cache
WHERE members.id={$IdMember}
AND geonames_cache.geonameid = addresses.IdCity
AND members.id = addresses.IdMember
AND addresses.rank = 0
SQL;
                    $result = $this->dao->query($query);
                    $m = $result->fetch(PDB::FETCH_OBJ);
                    $IdCountry = $m->IdCountry;
                }
                $referencepaypal = "ID #" . $keyarray['txn_id'] . " payment_status=" . $keyarray['payment_status'];
                if ($keyarray['mc_currency'] == "USD") {
                    $payment_currency = "\$";
                } else {
                    if ($keyarray['mc_currency'] == "EUR") {
                        $payment_currency = "€";
                    } else {
                        $payment_currency = $keyarray['mc_currency'];
                    }
                }
                $receiver_email = $keyarray['payer_email'];
                // now test if this donation was allready registrated
                $query = '
SELECT *
FROM  donations
WHERE IdMember=' . $IdMember . '
AND referencepaypal LIKE "%' . $referencepaypal . '%"';
                $result = $this->dao->query($query);
                $rr = $result->fetch(PDB::FETCH_OBJ);
                if (isset($rr->id)) {
                    // If a previous version was already existing, it means a double signup
                    MOD_log::get()->write("Same Donation Submited several times for " . $keyarray['mc_gross'] . $payment_currency . " by " . $keyarray['first_name'] . " " . $keyarray['last_name'] . "/" . $receiver_email . " status=" . $payment_status . " [expected" . $_SESSION["PaypalBW_key"] . " received=" . $tx . "]", "Donation");
                    $error = "Your donation is registrated only once , not need to submit twice ;-)";
                    return $error;
                }
                $memo = "";
                if (isset($keyarray['memo'])) {
                    $memo = $keyarray['memo'];
                }
                $query = '
INSERT INTO `donations`
( `IdMember`,`Email`,`StatusPrivate`,`created`,`Amount`,`Money`,`IdCountry`,`namegiven`,`referencepaypal`,`membercomment`,`SystemComment` )
VALUES
(' . $IdMember . ',"' . $receiver_email . '","showamountonly",now(),' . $payment_amount . ',"' . $payment_currency . '",' . $IdCountry . ',"' . $keyarray["first_name"] . ' ' . $keyarray["last_name"] . '","' . $referencepaypal . '","","Via paypal' . ' ' . $keyarray["payment_status"] . ' ' . $memo . '")
';
                $this->dao->exec($query);
                MOD_log::get()->write("donation ID #" . $referencepaypal . " recorded", "donation");
                fclose($fp);
                return;
            }
            // end if verified
            MOD_log::get()->write("can't find verified in paypal return information for ID #" . $tx . " recorded", "donation");
            $error = "not verified";
            return $error;
        }
        // enf if fp
    }
Esempio n. 4
0
 public function index($args = false)
 {
     // First check if the feature is closed
     if ($_SESSION["Param"]->RssFeedIsClosed != 'No') {
         PPHP::PExit();
         // To do find a better exit
         break;
     }
     // end of test "if feature is closed"
     $request = $args->request;
     $model = new RssModel();
     // $request[0] is 'rss', anyway. Don't need to do any ifs and switches for that.
     if (isset($request[1])) {
         $ss = "Querying RSS with ";
         $ss = $ss . "[" . $request[1] . "]";
         if (isset($request[2])) {
             $ss = $ss . "[" . $request[2] . "]";
             if (isset($request[3])) {
                 $ss = $ss . "[" . $request[3] . "]";
                 if (isset($request[4])) {
                     $ss = $ss . "[" . $request[4] . "]";
                 }
             }
         }
         MOD_log::get()->write($ss, "rss");
     }
     switch (isset($request[1]) ? $request[1] : false) {
         /**
          * thread/tagid
          * thread/tagname (TODO?)
          */
         case 'thread':
         case 'threads':
         case 'forumthreads':
             // request is ..bw.org/rss/thread, or ..bw.org/rss/thread/*
             // check if $request[2] identifies a thread id.
             if (!isset($request[2])) {
                 // can't show a thread rss, because the thread id is not given.
                 // show a global rss instead
                 $model->getForumFeed();
                 $page = new PageWithForumRSS();
             } else {
                 if (!$model->getThreadFeed($request[2])) {
                     // an id (or name?) was given, but there is no thread with that id
                     $model->getForumFeed();
                     $page = new PageWithForumRSS();
                 } else {
                     //http://localhost/bw/htdocs/rss/thread/1
                     // cool, found one!!
                     //$model->getThreadFeed($request[2]);
                     $page = new PageWithThreadRSS();
                 }
             }
             break;
             /**
              * tag/tagid
              * tag/tagname (TODO?)
              */
         /**
          * tag/tagid
          * tag/tagname (TODO?)
          */
         case 'tag':
         case 'tags':
             // request is ..bw.org/rss/tag, or ..bw.org/rss/tag/*
             if (!isset($request[2])) {
                 // can't show a thread rss, because the thread id is not given.
                 // show a global rss instead
                 $model->getForumFeed();
                 $page = new PageWithForumRSS();
             } else {
                 if (!$model->getTagFeed($request[2])) {
                     // no such tag found..
                     $model->getForumFeed();
                     $page = new PageWithForumRSS();
                 } else {
                     //$rss = $model->getTagFeed($request[2]);
                     $model->getTagFeed($request[2]);
                     $page = new PageWithTagRSS();
                 }
             }
             break;
             /**
              * blog
              * blog/tag/tagid                
              * blog/tag/tagname 
              * blog/author/username
              */
         /**
          * blog
          * blog/tag/tagid                
          * blog/tag/tagname 
          * blog/author/username
          */
         case 'blog':
             if (!isset($request[2])) {
                 $model->getBlogFeed();
             } else {
                 switch ($request[2]) {
                     case 'tags':
                         if (!isset($request[3]) || !$model->getBlogFeedByTag($request[3])) {
                             // only happens when getBlogFeedByTag() doesn't come up with results
                             $model->getBlogFeed();
                         }
                         break;
                     default:
                         if (isset($request[3]) && $request[3] == 'cat') {
                             // in future: do nothing ;)
                             $model->getBlogFeed();
                         } else {
                             if (!$model->getBlogFeedByAuthor($request[2])) {
                                 $model->getBlogFeed();
                             }
                         }
                 }
             }
             $page = new PageWithBlogRSS();
             break;
         case 'meeting':
         case 'meetings':
             if (!$model->getTagFeed($request[1])) {
                 $model->getForumFeed();
                 $page = new PageWithForumRSS();
             } else {
                 $page = new PageWithTagRSS();
             }
             break;
         default:
             // request is ..bw.org/rss/*, but none of the above
             $page = new RssOverviewPage();
     }
     //TODO: request[1] & request[2] exist = rss/thread/345, rss/tag/help or so
     $page->setModel($model);
     PVars::getObj('page')->output_done = true;
     if (isset($args->get['debug']) && MOD_right::get()->hasRight('debug')) {
         $page->debug = true;
     }
     return $page;
 }
Esempio n. 5
0
    /**
     *
     * FIXME: IdCity is written both to the members and the address table!
     * 		  This is just imitating the strategy of bw/signup.php!
     *  JY Comment : wont fix, this redudancy is on purpose (this is so useful ...)
     *
     * This has NOT been executed:
     * ALTER TABLE members
     * MODIFY COLUMN `id` int( 11 ) NOT NULL COMMENT 'IdMember'
     * As a result, we do NOT use
     * '.$this->dao->nextId('members').',
     *
     */
    public function registerBWMember($vars)
    {
        // ********************************************************************
        // members
        // ********************************************************************
        $query = '
INSERT INTO `members`
(
	`Username`,
	`IdCity`,
	`Gender`,
	`HideGender`,
	`created`,
	`BirthDate`,
	`HideBirthDate`,
	`Accomodation`
)
VALUES
(
	\'' . $vars['username'] . '\',
	' . $vars['geonameid'] . ',
	\'' . $vars['gender'] . '\',
	\'' . $vars['genderhidden'] . '\',
	now(),
	\'' . $vars['iso_date'] . '\',
	\'' . $vars['agehidden'] . '\',
	\'' . $vars['accommodation'] . '\'
)';
        $members = $this->dao->query($query);
        $memberID = $members->insertId();
        $memberEntity = new Member($memberID);
        $vars['password'] = $memberEntity->preparePassword($vars['password']);
        $motherTongue = $this->createEntity('Language', $vars['mothertongue']);
        $memberLanguageEntity = $this->createEntity('MemberLanguage');
        $memberLanguageEntity->setSpokenLanguage($memberEntity, $motherTongue, 'MotherLanguage');
        // Check if selected MotherTongue is in the list of translated languages and set it as preferred language
        $model = new FlaglistModel();
        $languages = $model->getLanguages();
        $languageFilter = function ($lang) {
            return function ($v) use($lang) {
                return $v->id == $lang;
            };
        };
        $filteredLanguages = array_filter($languages, $languageFilter($motherTongue->id));
        if (!empty($filteredLanguages)) {
            $update = "\r\n                INSERT INTO\r\n                    memberspreferences\r\n                SET\r\n                    IdMember = " . $memberEntity->id . ",\r\n                    IdPreference = 1,\r\n                    Value = " . $motherTongue->id;
            $this->dao->query($update);
        }
        $memberEntity->update();
        $memberEntity->setPassword($vars['password']);
        // ********************************************************************
        // e-mail, names/members
        // ********************************************************************
        $cryptedfieldsEmail = MOD_crypt::insertCrypted($vars['email'], "members.Email", $memberID, $memberID, "always");
        $cryptedfieldsFirstname = MOD_crypt::insertCrypted($this->dao->escape(strip_tags($vars['firstname'])), "members.FirstName", $memberID, $memberID);
        $cryptedfieldsSecondname = MOD_crypt::insertCrypted($this->dao->escape(strip_tags($vars['secondname'])), "members.SecondName", $memberID, $memberID);
        $cryptedfieldsLastname = MOD_crypt::insertCrypted($this->dao->escape(strip_tags($vars['lastname'])), "members.LastName", $memberID, $memberID);
        $query = '
UPDATE
	`members`
SET
	`Email`=' . $cryptedfieldsEmail . ',
	`FirstName`=' . $cryptedfieldsFirstname . ',
	`SecondName`=' . $cryptedfieldsSecondname . ',
	`LastName`=' . $cryptedfieldsLastname . '
WHERE
	`id` = ' . $memberID;
        $this->dao->query($query);
        // ********************************************************************
        // address/addresses
        // ********************************************************************
        $query = '
INSERT INTO addresses
(
	`IdMember`,
	`IdCity`,
	`HouseNumber`,
	`StreetName`,
	`Zip`,
	`created`,
	`Explanation`
)
VALUES
(
	' . $memberID . ',
	' . $vars['geonameid'] . ',
    0,
	0,
	0,
	now(),
	0)';
        $s = $this->dao->query($query);
        if (!$s->insertId()) {
            $vars['errors'] = array('inserror');
            return false;
        }
        // ********************************************************************
        // location (where Philipp would put it)
        // ********************************************************************
        $geomodel = new GeoModel();
        if (!$geomodel->addGeonameId($vars['geonameid'], 'member_primary')) {
            $vars['errors'] = array('geoinserterror');
            return false;
        }
        // Only for bugtesting and backwards compatibility the geo-views in our DB
        $CityName = "not found in cities view";
        $geonameId = intval($vars['geonameid']);
        $sqry = "\r\n            SELECT\r\n                name\r\n            FROM\r\n                geonames_cache\r\n            WHERE\r\n                geonameId = {$geonameId}\r\n            ";
        $qry = $this->dao->query($sqry);
        if ($qry) {
            $rr = $qry->fetch(PDB::FETCH_OBJ);
            if (isset($rr->name)) {
                $CityName = $rr->name;
            } else {
                MOD_log::get()->write("Signup bug [" . $sqry . "]" . " (With New Signup !)", "Signup");
            }
        }
        MOD_log::get()->writeIdMember($memberID, "member  <b>" . $vars['username'] . "</b> is signuping with success in city [" . $CityName . "]  using language (" . $_SESSION["lang"] . " IdMember=#" . $memberID . " (With New Signup !)", "Signup");
        return $memberID;
    }
Esempio n. 6
0
 function setupBWSession($m)
 {
     $member_id = (int) $m->id;
     // Set the session identifier
     $_SESSION['IdMember'] = $m->id;
     $_SESSION['Username'] = $m->Username;
     $_SESSION['MemberStatus'] = $_SESSION['Status'] = $m->Status;
     if ($_SESSION['IdMember'] != $m->id) {
         // Check is session work of
         $this->logout();
         throw new PException('Login sanity check failed miserably!');
     }
     // end Check is session work of
     $_SESSION['MemberCryptKey'] = crypt($m->PassWord, "rt");
     // Set the key which will be used for member personal cryptation
     $_SESSION['LogCheck'] = Crc32($_SESSION['MemberCryptKey'] . $m->id);
     // Set the key for checking id and LohCheck (will be restricted in future)
     if ($m->NbRemindWithoutLogingIn > 0) {
         MOD_log::get()->write("This member was having a NbRemindWithoutLogingIn=" . $m->NbRemindWithoutLogingIn, "Login");
     }
     $this->dao->query("\r\nUPDATE\r\n    members\r\nSET\r\n    LogCount  = LogCount+1,\r\n    LastLogin = NOW(),\r\n    NbRemindWithoutLogingIn = 0\r\n\r\nWHERE\r\n    id = {$member_id}\r\n            ");
     // update the LastLogin date
     // Load language prederence (IdPreference=1)
     // todo: come up with interesting idea like ... using just ONE query to load preferences
     if ($preference_language = $this->singleLookup("\r\nSELECT\r\n    memberspreferences.Value  AS language_id,\r\n    ShortCode                 AS language_code\r\nFROM\r\n    memberspreferences,\r\n    languages,\r\n\tpreferences\r\nWHERE\r\n    IdMember                 = {$member_id}    AND\r\n    memberspreferences.Value = languages.id  AND\r\n    IdPreference=preferences.id and preferences.CodeName='PreferenceLanguage'\r\n            ")) {
         $_SESSION['IdLanguage'] = $preference_language->language_id;
         $_SESSION['lang'] = $preference_language->language_code;
     }
     if ($preference_PreferenceDayLight = $this->singleLookup("\r\nSELECT\r\n    memberspreferences.Value\r\nFROM\r\n    memberspreferences,\r\n\tpreferences\r\nWHERE\r\n    IdMember                 = {$member_id}    AND\r\n    IdPreference=preferences.id and preferences.CodeName='PreferenceDayLight'\r\n            ")) {
         $_SESSION['PreferenceDayLight'] = $preference_PreferenceDayLight->Value;
     }
     if ($preference_PreferenceLocalTime = $this->singleLookup("\r\nSELECT\r\n    memberspreferences.Value\r\nFROM\r\n    memberspreferences,\r\n\tpreferences\r\nWHERE\r\n    IdMember                 = {$member_id}    AND\r\n    IdPreference=preferences.id and preferences.CodeName='PreferenceLocalTime'\r\n            ")) {
         $_SESSION["TimeOffset"] = $preference_PreferenceLocalTime->Value;
     }
     // Process the login of the member according to his status
     switch ($m->Status) {
         case "Active":
         case "ActiveHidden":
         case "ChoiceInactive":
         case "NeedMore":
         case "Pending":
             //if (HasRight("Words"))
             //  $_SESSION['switchtrans'] = "on"; // Activate switchtrans oprion if its a translator
             break;
         default:
             throw new PException('SetupBWSession Weird Status!');
             break;
     }
 }
Esempio n. 7
0
 /**
  * index is called when http request = ./forums
  * or during a new topic/edit of a group
  */
 public function index($subforum = false)
 {
     if (PPostHandler::isHandling()) {
         return;
     }
     // Determine the search callback and tell the view about it
     $searchCallbackId = $this->searchProcess();
     $view = $this->_view;
     $view->searchCallbackId = $searchCallbackId;
     $page = $view->page = new RoxGenericPage();
     $request = $this->request;
     if (isset($request[0]) && $request[0] != 'forums') {
         // if this is a ./groups url get the group number if any
         if ($request[0] == "groups" && isset($request[1])) {
             $IdGroup = intval($request[1]);
         }
         $new_request = array();
         $push = false;
         foreach ($request as $r) {
             if ($r == 'forums' or $r == 'forum') {
                 $push = true;
             }
             if ($push == true) {
                 array_push($new_request, $r);
             }
         }
         $request = $new_request;
         $page = $view->page = new PageWithHTMLpart();
     }
     // First check if the feature is closed
     if ($_SESSION["Param"]->FeatureForumClosed != 'No' and !$this->BW_Right->HasRight("Admin")) {
         $this->_view->showFeatureIsClosed();
         PPHP::PExit();
     }
     // end of test "if feature is closed"
     if (APP_User::isBWLoggedIn()) {
         $User = APP_User::login();
     } else {
         $User = false;
     }
     $showSticky = true;
     $this->parseRequest();
     // set uri for correct links in group pages etc.
     $view->uri = $this->uri;
     $page->uri = $this->uri;
     $view->BW_Right = $this->BW_Right;
     $page->BW_Right = $this->BW_Right;
     $this->_model->prepareForum($showSticky);
     // first include the col2-stylesheet
     $page->addStyles .= $view->customStyles();
     $page->currentTab = 'forums';
     // then the userBar
     $page->newBar .= $view->getAsString('userBar');
     // we can't replace this ob_start()
     if ($this->action == self::ACTION_NOT_LOGGED_IN) {
         $this->_redirectNotLoggedIn();
     }
     ob_start();
     if ($this->action == self::ACTION_VOTE_POST) {
         if (!isset($request[2])) {
             die("Need to have a IdPost");
         }
         $IdPost = $request[2];
         if (!isset($request[3])) {
             die("Need to have a vote value");
         }
         $Value = $request[3];
         $this->_model->VoteForPost($IdPost, $Value);
         $this->_model->setThreadId($this->_model->GetIdThread($IdPost));
         $this->isTopLevel = false;
         $this->_model->prepareTopic(true);
         $this->_view->showTopic();
     } elseif ($this->action == self::ACTION_DELETEVOTE_POST) {
         if (!isset($request[2])) {
             die("Need to have a IdPost");
         }
         $IdPost = $request[2];
         $this->_model->DeleteVoteForPost($IdPost);
         $this->_model->setThreadId($this->_model->GetIdThread($IdPost));
         $this->isTopLevel = false;
         $this->_model->prepareTopic(true);
         $this->_view->showTopic();
     } elseif ($this->action == self::ACTION_MODERATOR_FULLEDITPOST) {
         if (!isset($request[2])) {
             die("Need to have a IdPost");
         }
         $IdPost = $request[2];
         if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) {
             MOD_log::get()->write("Trying to edit post #" . $IdPost . " without proper right", "ForumModerator");
             die("You miss right ForumModerator");
         }
         $callbackId = $this->ModeratorEditPostProcess();
         $DataPost = $this->_model->prepareModeratorEditPost($IdPost);
         $this->_view->showModeratorEditPost($callbackId, $DataPost);
         PPostHandler::clearVars($callbackId);
     } elseif ($this->action == self::ACTION_MODERATOR_EDITTAG) {
         if (!isset($request[2])) {
             die("Need to have a IdTag");
         }
         $IdTag = $request[2];
         if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) {
             MOD_log::get()->write("Trying to edit Tag #" . $IdTag . " without proper right", "ForumModerator");
             die("You miss right ForumModerator");
         }
         $callbackId = $this->ModeratorEditTagProcess();
         $DataTag = $this->_model->prepareModeratorEditTag($IdTag);
         $this->_view->showModeratorEditTag($callbackId, $DataTag);
         PPostHandler::clearVars($callbackId);
     } else {
         if ($this->action == self::ACTION_VIEW) {
             if ($this->_model->isTopic()) {
                 $this->_model->prepareTopic(true);
                 $this->_view->showTopic();
             } else {
                 if ($this->isTopLevel) {
                     $this->_model->setTopMode(Forums::CV_TOPMODE_LANDING);
                     $this->_model->prepareForum();
                     $onlymygroupscallbackId = $this->mygroupsonlyProcess();
                     $morelessthreadscallbackid = $this->morelessthreadsProcess();
                     $this->_view->showTopLevelLandingPage($onlymygroupscallbackId, $morelessthreadscallbackid);
                     PPostHandler::clearVars($onlymygroupscallbackId);
                     PPostHandler::clearVars($morelessthreadscallbackid);
                 } else {
                     $this->_model->prepareForum();
                     $this->_view->showForum();
                 }
             }
         } else {
             if ($this->action == self::ACTION_VIEW_CATEGORY) {
                 $this->_view->showTopLevelCategories();
             } else {
                 if ($this->action == self::ACTION_VIEW_LASTPOSTS) {
                     $callbackId = $this->mygroupsonlyProcess();
                     $this->_view->showTopLevelRecentPosts($callbackId);
                     PPostHandler::clearVars($callbackId);
                 } else {
                     if ($this->action == self::ACTION_VIEW_LANDING) {
                         $callbackId = $this->mygroupsonlyProcess();
                         $this->_view->showTopLevelLandingPage($callbackId);
                         PPostHandler::clearVars($callbackId);
                     } else {
                         if ($this->action == self::ACTION_VIEW_FORUM) {
                             $groupsCallback = false;
                             $member = $this->_model->getLoggedInMember();
                             if ($member && $member->Status != 'ChoiceInactive') {
                                 $noForumNewTopicButton = false;
                             } else {
                                 // Don't offer the new topic button to 'silent' members
                                 $noForumNewTopicButton = true;
                             }
                             $this->_view->showTopLevelRecentPosts($groupsCallback, $noForumNewTopicButton);
                         } else {
                             if ($this->action == self::ACTION_VIEW_GROUPS) {
                                 $callbackId = $this->mygroupsonlyProcess();
                                 $this->_view->showTopLevelRecentPosts($callbackId, true);
                                 PPostHandler::clearVars($callbackId);
                             } else {
                                 if ($this->action == self::ACTION_RULES) {
                                     $this->_view->rules();
                                 } else {
                                     if ($this->action == self::ACTION_NEW) {
                                         if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
                                             // Test if the user has right for this, if not rough exit
                                             MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
                                             $words = new MOD_Words();
                                             die($words->get('NotAllowedToPostInForum'));
                                         }
                                         if (!$User) {
                                             PRequest::home();
                                         }
                                         if (isset($request[2]) and $request[2][0] == 'u') {
                                             $IdGroup = substr($request[2], 1);
                                         } else {
                                             if (!isset($IdGroup)) {
                                                 $IdGroup = 0;
                                             }
                                         }
                                         $this->_model->prepareForum();
                                         $callbackId = $this->createProcess();
                                         $this->_view->createTopic($callbackId, $IdGroup);
                                         PPostHandler::clearVars($callbackId);
                                     } else {
                                         if ($this->action == self::ACTION_REPORT_TO_MOD) {
                                             if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
                                                 // Test if the user has right for this, if not rough exit
                                                 MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
                                                 $words = new MOD_Words();
                                                 die($words->get('NotAllowedToPostInForum'));
                                             }
                                             if (!$User) {
                                                 PRequest::home();
                                             }
                                             $callbackId = $this->reportpostProcess();
                                             if (isset($request[2])) {
                                                 if ($request[2] == 'AllMyReport') {
                                                     $DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], "");
                                                     // This retrieve all the reports for the current member
                                                     $this->_view->showReportList($callbackId, $DataPost);
                                                 } elseif ($request[2] == 'MyReportActive') {
                                                     $DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], "('Open','OnDiscussion')");
                                                     // This retrieve the Active current pending report for the current member
                                                     $this->_view->showReportList($callbackId, $DataPost);
                                                 } elseif ($request[2] == 'AllActiveReports') {
                                                     if (!$this->BW_Right->HasRight("ForumModerator")) {
                                                         // if a non forum moderator tries to access this just pull the brakes
                                                         PPHP::PExit();
                                                     }
                                                     $DataPost = $this->_model->prepareReportList(0, "('Open','OnDiscussion')");
                                                     // This retrieve all the current Active pending report
                                                     $this->_view->showReportList($callbackId, $DataPost);
                                                 } else {
                                                     $IdPost = $request[2];
                                                     $IdWriter = $_SESSION["IdMember"];
                                                     if (!empty($request[3]) and $this->BW_Right->HasRight("ForumModerator")) {
                                                         $IdWriter = $request[3];
                                                     }
                                                     $DataPost = $this->_model->prepareModeratorEditPost($IdPost, $this->BW_Right->HasRight('ForumModerator'));
                                                     // We will use the same data as the one used for Moderator edit
                                                     if ($DataPost->Error == 'NoGroupMember') {
                                                         // if someone who isn't a member of the associated group
                                                         // tries to access this just pull the brakes
                                                         PPHP::PExit();
                                                     }
                                                     $DataPost->Report = $this->_model->prepareReportPost($IdPost, $IdWriter);
                                                     $this->_view->showReportPost($callbackId, $DataPost);
                                                 }
                                                 PPostHandler::clearVars($callbackId);
                                             }
                                         } else {
                                             if ($this->action == self::ACTION_REPLY) {
                                                 if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
                                                     // Test if teh user has right for this, if not rough exit
                                                     MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
                                                     $words = new MOD_Words();
                                                     die($words->get('NotAllowedToPostInForum'));
                                                 }
                                                 if (!$User) {
                                                     PRequest::home();
                                                 }
                                                 $this->_model->prepareForum();
                                                 $this->_model->prepareTopic();
                                                 $this->_model->initLastPosts();
                                                 $callbackId = $this->replyProcess();
                                                 $this->_view->replyTopic($callbackId);
                                                 PPostHandler::clearVars($callbackId);
                                             } else {
                                                 if ($this->action == self::ACTION_SUGGEST) {
                                                     // ignore current request, so we can use the last request
                                                     PRequest::ignoreCurrentRequest();
                                                     if (!isset($request[2])) {
                                                         PPHP::PExit();
                                                     }
                                                     $new_tags = $this->_model->suggestTags($request[2]);
                                                     echo $this->_view->generateClickableTagSuggestions($new_tags);
                                                     PPHP::PExit();
                                                 } else {
                                                     if ($this->action == self::ACTION_LOCATIONDROPDOWNS) {
                                                         // ignore current request, so we can use the last request
                                                         PRequest::ignoreCurrentRequest();
                                                         if (!isset($request[2])) {
                                                             PPHP::PExit();
                                                         }
                                                         echo $this->_view->getLocationDropdowns();
                                                         PPHP::PExit();
                                                     } else {
                                                         if ($this->action == self::ACTION_DELETE) {
                                                             if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
                                                                 // Test if the user has right for this, if not rough exit
                                                                 MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
                                                                 $words = new MOD_Words();
                                                                 die($words->get('NotAllowedToPostInForum'));
                                                             }
                                                             if (!$User || !$this->BW_Right->HasRight("ForumModerator", "Delete")) {
                                                                 PRequest::home();
                                                             }
                                                             $this->delProcess();
                                                         } else {
                                                             if ($this->action == self::ACTION_EDIT) {
                                                                 if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
                                                                     // Test if the user has right for this, if not rough exit
                                                                     MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
                                                                     $words = new MOD_Words();
                                                                     die($words->get('NotAllowedToPostInForum'));
                                                                 }
                                                                 if (!$User) {
                                                                     PRequest::home();
                                                                 }
                                                                 $callbackId = $this->editProcess();
                                                                 $this->_model->prepareForum();
                                                                 $this->_model->getEditData($callbackId);
                                                                 $this->_view->editPost($callbackId, false);
                                                                 PPostHandler::clearVars($callbackId);
                                                             } else {
                                                                 if ($this->action == self::ACTION_TRANSLATE) {
                                                                     if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
                                                                         // Test if the user has right for this, if not rough exit
                                                                         MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
                                                                         $words = new MOD_Words();
                                                                         die($words->get('NotAllowedToPostInForum'));
                                                                     }
                                                                     if (!$User) {
                                                                         PRequest::home();
                                                                     }
                                                                     $callbackId = $this->editProcess();
                                                                     $this->_model->prepareForum();
                                                                     $this->_model->getEditData($callbackId);
                                                                     $this->_view->editPost($callbackId, true);
                                                                     PPostHandler::clearVars($callbackId);
                                                                 } else {
                                                                     if ($this->action == self::ACTION_MODEDIT) {
                                                                         if (!$User) {
                                                                             PRequest::home();
                                                                         }
                                                                         $callbackId = $this->editProcess();
                                                                         $this->_model->prepareForum();
                                                                         $this->_model->getEditData($callbackId);
                                                                         $this->_view->ModeditPost($callbackId);
                                                                         PPostHandler::clearVars($callbackId);
                                                                     } else {
                                                                         if ($this->action == self::ACTION_SEARCH_FORUMS) {
                                                                             $this->_view->keyword = $request[2];
                                                                             $this->_view->showSearchResultPage($request[2]);
                                                                             PPostHandler::clearVars($searchCallbackId);
                                                                         } else {
                                                                             if ($this->action == self::ACTION_SEARCH_USERPOSTS) {
                                                                                 if (!isset($request[2])) {
                                                                                     PPHP::PExit();
                                                                                 }
                                                                                 $this->searchUserposts($request[2]);
                                                                             } else {
                                                                                 if ($this->action == self::ACTION_SUBSCRIBE) {
                                                                                     if (!isset($request[2])) {
                                                                                         PPHP::PExit();
                                                                                     }
                                                                                     if ($request[2] == "thread") {
                                                                                         $this->SubscribeThread($request[3]);
                                                                                     }
                                                                                     if ($request[2] == "tag") {
                                                                                         $this->SubscribeTag($request[3]);
                                                                                     }
                                                                                 } else {
                                                                                     if ($this->action == self::ACTION_SEARCH_SUBSCRIPTION) {
                                                                                         /*
                                                                                          * Here the following syntax can be used :
                                                                                          * forums/subscriptions : allow current user to see his subscribtions
                                                                                          * forums/subscriptions/unsubscribe/thread/xxx/yyy : allow current user to unsubscribe from members_threads_subscribed.id xxx with key yyy
                                                                                          * forums/subscriptions/member/xxx : allow a forum moderator to see all subscribtions of member xxx
                                                                                          * forums/subscriptions/thread/xxx : allow a forum moderator to see all subscribers and subscribtions for thread xxx
                                                                                          * forums/subscribe/thread/xxx : subscribe to thread xxx
                                                                                          */
                                                                                         $operation = "";
                                                                                         if (isset($request[2])) {
                                                                                             $operation = $request[2];
                                                                                         }
                                                                                         switch ($operation) {
                                                                                             case "enable":
                                                                                                 if (isset($request[3])) {
                                                                                                     switch ($request[3]) {
                                                                                                         case 'thread':
                                                                                                             $this->EnableThread($request[4]);
                                                                                                             break;
                                                                                                         case 'tag':
                                                                                                             $this->EnableTag($request[4]);
                                                                                                             break;
                                                                                                         case 'group':
                                                                                                             $this->EnableGroup($request[4]);
                                                                                                             break;
                                                                                                     }
                                                                                                 } else {
                                                                                                     $this->enableSubscriptions();
                                                                                                 }
                                                                                                 break;
                                                                                             case "disable":
                                                                                                 if (isset($request[3])) {
                                                                                                     switch ($request[3]) {
                                                                                                         case 'tag':
                                                                                                             $this->DisableTag($request[4]);
                                                                                                             break;
                                                                                                         case 'thread':
                                                                                                             $this->DisableThread($request[4]);
                                                                                                             break;
                                                                                                         case 'group':
                                                                                                             $this->DisableGroup($request[4]);
                                                                                                             break;
                                                                                                     }
                                                                                                 } else {
                                                                                                     $this->disableSubscriptions();
                                                                                                 }
                                                                                                 break;
                                                                                             case "subscribe":
                                                                                                 if (isset($request[3]) and $request[3] == 'group') {
                                                                                                     $this->SubscribeGroup($request[4]);
                                                                                                 }
                                                                                                 break;
                                                                                             case "unsubscribe":
                                                                                                 switch ($request[3]) {
                                                                                                     case 'thread':
                                                                                                         $this->UnsubscribeThread($request[4], $request[5]);
                                                                                                         break;
                                                                                                     case 'tag':
                                                                                                         $this->UnsubscribeTag($request[4], $request[5]);
                                                                                                         break;
                                                                                                     case 'group':
                                                                                                         $this->UnsubscribeGroup($request[4]);
                                                                                                         break;
                                                                                                 }
                                                                                                 break;
                                                                                             default:
                                                                                                 $this->searchSubscriptions();
                                                                                         }
                                                                                     } else {
                                                                                         if (PVars::get()->debug) {
                                                                                             throw new PException('unexpected forum action!');
                                                                                         } else {
                                                                                             PRequest::home();
                                                                                         }
                                                                                     }
                                                                                 }
                                                                             }
                                                                         }
                                                                     }
                                                                 }
                                                             }
                                                         }
                                                     }
                                                 }
                                             }
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     $page->content .= ob_get_contents();
     ob_end_clean();
     $page->newBar .= $view->getAsString('showCategoriesContinentsTagcloud');
     $page->teaserBar .= $view->getAsString('teaser');
     $page->render();
 }
Esempio n. 8
0
 public function signupFormCallback($args, $action, $mem_redirect, $mem_resend)
 {
     //$mem_redirect->post = $vars;
     foreach ($args->post as $key => $value) {
         $_SESSION['SignupBWVars'][$key] = $value;
     }
     $StrLog = "Entering signupFormCallback ";
     if (!empty($args->post["Username"])) {
         $StrLog = $StrLog . " Username=[" . $args->post["Username"] . "]";
     }
     if (!empty($args->post["geonameid"])) {
         $StrLog = $StrLog . " geonameid=[" . $args->post["geonameid"] . "]";
     }
     if (!empty($args->post["iso_date"])) {
         $StrLog = $StrLog . " iso_date=[" . $args->post["iso_date"] . "]";
     }
     MOD_log::get()->write($StrLog, "Signup");
     $vars = $_SESSION['SignupBWVars'];
     $request = $args->request;
     if (isset($request[1]) && $request[1] == '4') {
         $model = new SignupModel();
         $errors = $model->checkRegistrationForm($vars);
         if (count($errors) > 0) {
             // show form again
             $_SESSION['SignupBWVars']['errors'] = $errors;
             $mem_redirect->post = $vars;
             return false;
         }
         $model->polishFormValues($vars);
         if (!($idTB = $model->registerTBMember($vars))) {
             // MyTB registration didn't work
         } else {
             // signup on MyTB successful, yeah.
             $id = $model->registerBWMember($vars);
             $_SESSION['IdMember'] = $id;
             $vars['feedback'] .= $model->takeCareForNonUniqueEmailAddress($vars['email']);
             $vars['feedback'] .= $model->takeCareForComputerUsedByBWMember();
             $model->writeFeedback($vars['feedback']);
             $View = new SignupView($model);
             // TODO: BW 2007-08-19: $_SYSHCVOL['EmailDomainName']
             // look at that ... a two years plus old todo :) ... and now four years plus :P
             // finally 6 years and counting...
             define('DOMAIN_MESSAGE_ID', 'bewelcome.org');
             // TODO: config
             $View->registerMail($vars, $id, $idTB);
             $View->signupTeamMail($vars);
             unset($_SESSION['IdMember']);
             return 'signup/finish';
         }
     }
     return false;
 }
Esempio n. 9
0
 /**
  * FIXME: more or less a copy from method GetStrParam($param, $defaultvalue)
  * clean it up!
  * 
  * FIXME: move to dedicated module or other place
  *
  * POST params are to be handled by platform PT library!
  *  
  * @see /htdocs/bw/lib/FunctionsTools.php 
  */
 private function _getParam($param, $defaultValue = '')
 {
     if (isset($_GET[$param])) {
         $m = $_GET[$param];
     }
     if (!isset($m)) {
         return $defaultValue;
     }
     $m = mysql_real_escape_string($m);
     $m = str_replace("\\n", "\n", $m);
     $m = str_replace("\\r", "\r", $m);
     if (stripos($m, " or ") !== false or stripos($m, " | ") !== false) {
         $L = MOD_log::get();
         $L->write("Warning! GetStrParam trying to use a <b>" . addslashes($m) . "</b> in a param {$param} for " . $_SERVER["PHP_SELF"], "alarm");
     }
     if (empty($m) and $m != "0") {
         // a "0" string must return 0 for the House Number for exemple
         return $defaultValue;
         // Return defaultvalue if none
     } else {
         return $m;
         // Return translated value
     }
 }
Esempio n. 10
0
 function logout()
 {
     if (isset($_SESSION['IdMember'])) {
         MOD_log::get()->write("Logout in bwauth.lib.php", "Login");
         // todo optimize periodically online table because it will be a gruyere
         // remove from online list
         $query = "delete from online where IdMember=" . $_SESSION['IdMember'];
         $this->dao->query($query);
     }
     unset($_SESSION['IdMember']);
     unset($_SESSION['IsVol']);
     unset($_SESSION['Username']);
     unset($_SESSION['MemberStatus']);
     unset($_SESSION['Status']);
     unset($_SESSION["stylesheet"]);
     if (isset($_SESSION['Param'])) {
         unset($_SESSION["Param"]);
     }
     if (isset($_SESSION['TimeOffset'])) {
         unset($_SESSION["TimeOffset"]);
     }
     if (isset($_SESSION['PreferenceDayLight'])) {
         unset($_SESSION["PreferenceDayLight"]);
     }
     if (isset($_SESSION['MemberCryptKey'])) {
         unset($_SESSION['MemberCryptKey']);
     }
     if (isset($_SESSION['LogCheck'])) {
         unset($_SESSION['LogCheck']);
     }
     foreach ($_SESSION as $key => $name) {
         if (strpos($key, "RightLevel") !== false) {
             unset($_SESSION[$key]);
         }
         if (strpos($key, "RightScope") !== false) {
             unset($_SESSION[$key]);
         }
         if (strpos($key, "FlagLevel") !== false) {
             unset($_SESSION[$key]);
         }
         //			if (isset($_SESSION[$key])) print_r( $key ); echo " "; print_r( $name ); echo "<br />\n" ;
     }
     //		die(0) ;
     //$_SESSION = array() ; // Raz the session properly , beware not compatible with signup
     parent::logout();
 }
Esempio n. 11
0
 /**
  * Sends a confirmation e-mail
  *
  * @param string $userId
  */
 public function sendActivationMail(Member $member)
 {
     if (!$member) {
         return false;
     }
     $words = new MOD_words();
     $body = $words->get("SignupBodyActivationMail", $member->Firstname, $member->Secondname, $member->Lastname, PVars::getObj('env')->sitename, $member->Username);
     // set the sender & receiver
     $from = PVars::getObj('mailAddresses')->registration;
     $to = $member->getEmailWithoutPermissionChecks();
     // set the subject
     $subject = $words->get('SignupSubjectActivationMail', PVars::getObj('env')->sitename);
     // Use MOD_mail to create and send a message
     $result = MOD_mail::sendEmail($subject, $from, $to, '', $body);
     //Now check if Swift actually sends it
     if (!$result) {
         MOD_log::get()->write(" in signup view " . __FUNCTION__ . ": Failed to send a mail to [" . $to . "]", "signup");
     }
     return $result;
 }
Esempio n. 12
0
 /**
  * Check ip and cache the result in a session variable
  *
  * @access public
  * @param string $ip
  * @return int On how many DNS Blocklists does $ip figure
  */
 public function checkIp($ip)
 {
     if (isset($_SESSION['dnsblock_' . $ip])) {
         return intval($_SESSION['dnsblock_' . $ip]);
     } elseif ($ip == "127.0.0.1") {
         // never check localhost
         return 0;
     }
     $ip_exploded = explode('.', $ip);
     if (count($ip_exploded) != 4) {
         // this was no ipv4 - ip, abort for now
         return 0;
     } else {
         $ip_reverse = implode('.', array_reverse($ip_exploded));
         $no_blocked = 0;
         if (!isset($this->_dns_list) or empty($this->_dns_list)) {
             MOD_log::get()->write("DNSBlock List is not set or empty. Not checking ...", "DNSBlock");
         } else {
             foreach ($this->_dns_list as $dns) {
                 if (checkdnsrr($ip_reverse . '.' . $dns, "A")) {
                     $no_blocked++;
                 }
             }
             MOD_log::get()->write("Ip {$ip} returns as blocked by {$no_blocked} servers", "DNSBlock");
         }
         $_SESSION['dnsblock_' . $ip] = $no_blocked;
         return $no_blocked;
     }
 }
Esempio n. 13
0
 /**
  * wrapper function for MOD_log::get()
  *
  * @access protected
  * @return object
  */
 protected function getLog()
 {
     return MOD_log::get();
 }
Esempio n. 14
0
 /**
  * Get list of Poppulated places matching $search
  **/
 public function getGeonamesHierarchy($search, $style, $lang = 'en')
 {
     if (strlen($search) <= 1) {
         // Ignore too small queries
         return '';
     }
     $google_conf = PVars::getObj('config_google');
     if (!$google_conf || !$google_conf->geonames_webservice) {
         throw new PException('Google config error!');
     }
     require_once SCRIPT_BASE . 'lib/misc/SPAF_Maps.class.php';
     $spaf = new SPAF_Maps($search);
     $spaf->setConfig('geonames_url', $google_conf->geonames_webservice_custom);
     $spaf->setConfig('style', $style);
     $spaf->setConfig('service', 'hierarchy?geonameId=');
     $spaf->setConfig('lang', $lang);
     //Try to get results - FIRST TIME
     $count = 0;
     $results = @$spaf->getResults();
     while (!$results && ++$count <= 3) {
         //Try to get results - ANOTHER TIME
         if ($count == 1) {
             // still didn't work, so use the commercial geonames webservice
             $spaf->setConfig('geonames_url', $google_conf->geonames_webservice_fallback);
         }
         $spaf->results = false;
         $results = @$spaf->getResults();
         if ($count == 3 && !$results) {
             // giving up
             MOD_log::get()->write("Connection to geonames webservice failed! (free & commercial)", "Geo");
         }
     }
     return $results;
 }
Esempio n. 15
0
 /**
  * Delete several selfuploaded pictures as loggedin owner or with gallery rights
  *
  * @access public
  * @param Object $image Image to be deleted
  * @return boolean
  */
 public function deleteMultiple($images)
 {
     if (!($member = $this->getLoggedInMember())) {
         return false;
     }
     $R = MOD_right::get();
     $GalleryRight = $R->hasRight('Gallery');
     foreach ($images as $image) {
         if (!$image) {
             return false;
         }
         if ($member->get_userid() == $this->imageGalleryOwner('image', $image) || $GalleryRight > 1) {
             $image = $this->imageData($image);
             // Log the deletion to prevent admin abuse
             MOD_log::get()->write("Deleting multiple gallery items #" . $image->id . " filename: " . $image->file . " belonging to user: "******"Gallery");
             $this->deleteThisImage($image);
         } else {
             return false;
         }
     }
 }
Esempio n. 16
0
 /**
  * this function cancels the vote for a given member
  * @IdPoll is the id of the poll
  * @$Email is the mandatory Email which must be provided for a not logged user (optional)
  * @$IdMember id of the member (optional)
  * returns true if the vote is cancelled
  **/
 function CancelVote($IdPoll, $Email = "", $IdMember = 0)
 {
     $rPoll = $this->singleLookup("select * from polls where id=" . $IdPoll);
     if ($rPoll->Status == "Closed") {
         MOD_log::get()->write("Cannot cancel vote from poll #" . $IdPoll . " which is closed", "polls");
         return false;
     }
     if ($rPoll->CanChangeVote == "No") {
         MOD_log::get()->write("Cannot cancel vote from poll #" . $IdPoll . " which doesn't allow to change vote", "polls");
         return false;
     }
     $rContrib = array();
     $wherefordelete = " (false==true) ";
     // very important to avoid to delete all votes
     if (!empty($IdMember)) {
         $rr = $this->singleLookup("select * from polls_contributions where IdPoll=" . $IdPoll);
         if (!isset($rr->id)) {
             return false;
         }
         $wherefordelete = "IdMember='" . $IdMember . "'";
     } elseif (!empty($Email)) {
         $rr = $this->singleLookup("select * from polls_contributions where Email='" . $Email . "'");
         if (!isset($rr->id)) {
             return false;
         }
         $wherefordelete = "Email='" . $Email . "'";
     }
     $rContrib = $this->bulkLookup("select * from polls_record_of_choices  where IdPoll=" . $IdPoll . " and " . $wherefordelete);
     if ($rPoll->TypeOfChoice == 'Exclusive') {
         for ($ii = 0; $ii < count($rContrib); $ii++) {
             // In fact we should have just one record here
             $ss = "update polls_choices set Counter=Counter-1 where id=" . $rContrib[$ii]->IdPollChoice;
             $s = $this->dao->query($ss);
             if (!$s) {
                 throw new PException('Failed to delete a vote ');
             }
         }
         $ss = "delete from polls_contributions where IdPoll=" . $IdPoll . " and " . $wherefordelete;
         $s = $this->dao->query($ss);
         if (!$s) {
             throw new PException('Failed to delete a vote (contribution)');
         }
         $ss = "delete from polls_record_of_choices where IdPollChoice=" . $IdPoll . " and " . $wherefordelete;
         $s = $this->dao->query($ss);
         if (!$s) {
             throw new PException('Failed to delete a vote (polls_record_of_choices)');
         }
         MOD_log::get()->write("Cancelling Exclusive vote from poll #" . $IdPoll . " for IdMember=#" . $IdMember . " " . $Email, "polls");
     }
     if ($rPoll->TypeOfChoice == 'Inclusive') {
         for ($ii = 0; $ii < count($rContrib); $ii++) {
             $ss = "update polls_choices set Counter=Counter-1 where id=" . $rContrib[$ii]->IdPollChoice;
             $s = $this->dao->query($ss);
             if (!$s) {
                 throw new PException('Failed to delete a vote ');
             }
         }
         $ss = "delete from polls_contributions where IdPoll=" . $IdPoll . " and " . $wherefordelete;
         $s = $this->dao->query($ss);
         if (!$s) {
             throw new PException('Failed to delete a vote (contribution)');
         }
         $ss = "delete from polls_record_of_choices where IdPollChoice=" . $IdPoll . " and " . $wherefordelete;
         $s = $this->dao->query($ss);
         if (!$s) {
             throw new PException('Failed to delete a vote (polls_record_of_choices)');
         }
         MOD_log::get()->write("Cancelling Inclusive vote from poll #" . $IdPoll . " for IdMember=#" . $IdMember . " " . $Email, "polls");
     }
     if ($rPoll->TypeOfChoice == 'Ordered') {
         die("Delete of ordered votes not implemented");
     }
     return true;
 }
Esempio n. 17
0
 private function CheckForCaptcha($fields)
 {
     if ($this->CaptchaNeeded($fields['sender_id'])) {
         //      if (($m->NbTrust<=0)or(HasFlag("RequireCaptchaForContact"))) {
         if ($fields["c_verification"] != $_SESSION['ExpectedCaptchaValue']) {
             MOD_log::get()->write("Captcha failed " . $fields["c_verification"] . " entered for " . $_SESSION['ExpectedCaptchaValue'] . " expected (MessagesModel::CheckForCaptcha)", "contactmember");
             return false;
         }
     }
     if (!empty($fields["c_verification"])) {
         // In case the member has filled a captcha with success, log it
         MOD_log::get()->write("Captcha success " . $fields["c_verification"] . " entered (MessagesModel::CheckForCaptcha)", "contactmember");
     }
     return true;
 }
Esempio n. 18
0
 /**
  * This functions is called daily by a cron job to ensure that data of members that asked to leave a year ago
  * are removed from the database.
  *
  * The following is done for each member:
  * - Collect all member trad IDs and delete the rows from the member trads table
  * - set all ids to 0
  * - delete row for this member from address
  * - delete row for this member from user
  * - delete all personal information
  * - Set username to retired_xyz
  */
 public function removeMembers()
 {
     $cryptedTable = PVars::getObj('syshcvol')->Crypted . "cryptedfields";
     $entity = new Member();
     $tableDescription = $entity->getTableDescription();
     $columns = $entity->getColumns();
     $tradIdFields = $entity->get_trads_fields();
     $cryptedFields = $entity->get_crypted_fields();
     $remainingColumns = array_diff($columns, $tradIdFields, $cryptedFields, array('id', 'Status', 'Username', 'password', 'Accomodation'));
     $rawMembers = $this->pdoBulkLookup("\n            SELECT\n                id\n            FROM\n                members\n            WHERE\n                status = 'AskToLeave'\n                AND Username NOT LIKE 'retired\\_%'\n                AND LastLogin < CURDATE() - INTERVAL 1 YEAR\n             ");
     if (count($rawMembers) != 0) {
         MOD_log::get()->write("Removing private data for " . count($rawMembers) . " members.", "Data Retention");
         foreach ($rawMembers as $rawMember) {
             $member = new Member($rawMember->id);
             $username = $member->Username;
             $newUsername = '******' . $member->id;
             $member = $this->_removeCryptedInfo($member, $cryptedTable);
             $member = $this->_removeProfileInfo($member, $tradIdFields);
             $member = $this->_cleanupMembersTable($member, $remainingColumns, $tableDescription);
             $member = $this->_cleanupMemberLanguages($member);
             $member = $this->_updateUserTable($member, $newUsername);
             $this->_removeProfilePictures($member);
             $member->update();
             MOD_log::get()->write("Removed private data for " . $username, "Data Retention");
         }
         MOD_log::get()->write("Removed private data for " . count($rawMembers) . " members.", "Data Retention");
     }
     return count($rawMembers);
 }
Esempio n. 19
0
 /**
  * This function allow to subscribe to a Tag
  *
  * @$IdTag : The Tag we want the user to subscribe to
  * @$ParamIdMember optional IdMember, by default set to 0 in this case current logged member will be used
  * It also check that member is not yet subscribing to Tag
  */
 public function SubscribeTag($IdTag, $ParamIdMember = 0)
 {
     $IdMember = $ParamIdMember;
     if (!empty($_SESSION["IdMember"]) and $IdMember == 0) {
         $IdMember = $_SESSION["IdMember"];
     }
     // Check if there is a previous Subscription
     if ($this->IsTagSubscribed($IdTag, $IdMember)) {
         MOD_log::get()->write("Allready subscribed to IdTag=#" . $IdTag, "Forum");
         return false;
     }
     $key = MD5(rand(100000, 900000));
     $query = "insert into members_tags_subscribed(IdTag,IdSubscriber,UnSubscribeKey)  values(" . $IdTag . "," . $IdMember . ",'" . $this->dao->escape($key) . "')";
     $s = $this->dao->query($query);
     if (!$s) {
         throw new PException('Forum->SubscribeTag to IdTag=#' . $IdTag . ' failed !');
     }
     $IdSubscribe = mysql_insert_id();
     MOD_log::get()->write("Subscribing to IdTag=#" . $IdTag . " IdSubscribe=#" . $IdSubscribe, "Forum");
 }
Esempio n. 20
0
 public function passwordProcess()
 {
     $callbackId = PFunctions::hex2base64(sha1(__METHOD__));
     if (PPostHandler::isHandling()) {
         if (!($User = APP_User::login())) {
             return false;
         }
         $vars =& PPostHandler::getVars();
         $errors = array();
         $messages = array();
         $query = "select id from members where id=" . $_SESSION["IdMember"] . " and PassWord=PASSWORD('" . trim($vars['OldPassword']) . "')";
         $qry = $this->dao->query($query);
         $rr = $qry->fetch(PDB::FETCH_OBJ);
         if (!$rr || !array_key_exists('id', $rr)) {
             $errors[] = 'ChangePasswordInvalidPasswordError';
         }
         if (isset($vars['NewPassword']) && strlen($vars['NewPassword']) > 0) {
             if (strlen($vars['NewPassword']) < 8) {
                 $errors[] = 'ChangePasswordPasswordLengthError';
             }
             if (isset($vars['ConfirmPassword'])) {
                 if (strlen(trim($vars['ConfirmPassword'])) == 0) {
                     $errors[] = 'ChangePasswordConfirmPasswordError';
                 } elseif (trim($vars['NewPassword']) != trim($vars['ConfirmPassword'])) {
                     $errors[] = 'ChangePasswordMatchError';
                 }
             }
         }
         if (count($errors) > 0) {
             $vars['errors'] = $errors;
             return false;
         }
         if (isset($vars['NewPassword']) && strlen($vars['NewPassword']) > 0) {
             //            	$pwenc = MOD_user::passwordEncrypt($vars['NewPassword']);
             //              $query = 'UPDATE `user` SET `pw` = \''.$pwenc.'\' WHERE `id` = '.(int)$User->getId();
             $query = 'UPDATE `members` SET `PassWord` = PASSWORD(\'' . trim($vars['NewPassword']) . '\') WHERE `id` = ' . $_SESSION['IdMember'];
             if ($this->dao->exec($query)) {
                 $messages[] = 'ChangePasswordUpdated';
                 $L = MOD_log::get();
                 $L->write("Password changed", "change password");
             } else {
                 $errors[] = 'ChangePasswordNotUpdated';
             }
         }
         $vars['errors'] = $errors;
         $vars['messages'] = $messages;
         return false;
     } else {
         PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
         return $callbackId;
     }
 }
Esempio n. 21
0
 /**
  * this function inserts 2 new verified members (or replace the record if one from the same verifier exist for this member)
  * @post is the post from the previous form
  * nota a member cannot verified himself
  **/
 public function AddNewVerified($input)
 {
     $vars_all = $this->prepareVerificationData($input);
     $result = array();
     foreach ($vars_all as $vars) {
         // accept both
         if ($m = $this->singleLookup("SELECT  id,Username from members where Status='Active' and id=" . $vars["IdMemberToVerify"])) {
             $IdVerifiedMember = $m->id;
         } else {
             return false;
         }
         // return false if verification failed
         $VerifierLevel = $this->sVerifierLevel($vars['IdVerifier']);
         //      echo "\$post=" ;print_r($post) ;
         $AddressConfirmed = 'False';
         $NameConfirmed = 'False';
         if (isset($vars['NameConfirmed']) and $vars['NameConfirmed'] = 'on') {
             $NameConfirmed = 'True';
         }
         if (isset($vars['AddressConfirmed']) and $vars['AddressConfirmed'] = 'on') {
             $AddressConfirmed = 'True';
         }
         // Check if the current member has allready verified this one, if so it will be an update
         $AllreadyVerified = $this->singleLookup("SELECT  * from verifiedmembers where IdVerifier=" . $vars['IdVerifier'] . " and IdVerified=" . $IdVerifiedMember);
         if (isset($AllreadyVerified->id)) {
             // If the member was already verified : do an update
             $ss = "update verifiedmembers set IdVerifier=" . $vars['IdVerifier'] . ",IdVerified=" . $IdVerifiedMember . ",AddressVerified='" . $AddressConfirmed . "',NameVerified='" . $NameConfirmed . "',Comment='" . mysql_real_escape_string(addslashes($vars["comment"])) . "',Type='" . $VerifierLevel . "' where id=" . $AllreadyVerified->id;
             MOD_log::get()->write("Update Verify members " . $m->Username . " previous value comment[" . $AllreadyVerified->Comment . "] AddressVerified=" . $AllreadyVerified->AddressVerified . ",NameVerified=" . $AllreadyVerified->NameVerified, "VerifyMember");
         } else {
             $ss = "insert into verifiedmembers(created,IdVerifier,IdVerified,AddressVerified,NameVerified,Comment,Type) values(now()," . $vars['IdVerifier'] . "," . $IdVerifiedMember . ",'" . $AddressConfirmed . "','" . $NameConfirmed . "','" . mysql_real_escape_string(addslashes($vars["comment"])) . "','" . $VerifierLevel . "')";
             MOD_log::get()->write("Has verify member " . $m->Username, "VerifyMember");
         }
         $s = $this->dao->query($ss);
         if (!$s) {
             throw new PException('Failed to verify member ' . $m->Username);
         }
         $result[] = $s;
     }
     if (!$result[0] || !$result[1]) {
         return false;
     } else {
         return true;
     }
 }
Esempio n. 22
0
 /**
  * decide which page to show.
  * This method is called automatically
  */
 public function index($args = false)
 {
     $User = APP_User::login();
     // The user must be logged in
     $request = $args->request;
     $model = new PollsModel();
     if (!isset($_SESSION['IdMember'])) {
         $page = new MessagesMustloginPage();
         $page->setRedirectURL(implode('/', $request));
         return $page;
     }
     //        print_r($args->post);
     // look at the request.
     switch (isset($request[1]) ? $request[1] : false) {
         case 'listall':
             $page = new PollsPage("", "listall", $model->LoadList(""));
             break;
         case 'create':
             $page = new PollsPage("", "create");
             break;
         case 'listClose':
             $page = new PollsPage("", "listClose", $model->LoadList("Close"));
             break;
         case 'listOpen':
             $page = new PollsPage("", "listOpen", $model->LoadList("Open"));
             break;
         case 'listProject':
             $page = new PollsPage("", "listProject", $model->LoadList("Project"));
             break;
         case 'cancelvote':
             $IdPoll = isset($request[2]) ? $request[2] : false;
             MOD_log::get()->write("Prepare to contribute cancel vote #" . $IdPoll, "polls");
             if ($model->CancelVote($IdPoll, "", $_SESSION["IdMember"])) {
                 $page = new PollsPage("", "cancelvote");
             } else {
                 $page = new PollsPage("", "votenotcancelable");
             }
             break;
         case 'seeresults':
             $IdPoll = isset($request[2]) ? $request[2] : false;
             if ($Data = $model->GetPollResults($IdPoll)) {
                 $page = new PollsPage("", "seeresults", $Data);
             } else {
                 $page = new PollsPage("", "resultsnotyetavailable");
             }
             break;
         case 'contribute':
             $IdPoll = isset($request[2]) ? $request[2] : false;
             MOD_log::get()->write("Prepare to contribute to poll #" . $IdPoll, "polls");
             if ($model->CanUserContribute($IdPoll)) {
                 $Data = $model->PrepareContribute($IdPoll);
                 $page = new PollsPage("", "contribute", $Data);
             } else {
                 $page = new PollsPage("", "sorryyoucannotcontribute");
             }
             break;
         case 'vote':
             // a nice trick to get all the post args as local variables...
             // they will all be prefixed by 'post_'
             extract($args->post, EXTR_PREFIX_ALL, 'post');
             $IdPoll = $post_IdPoll;
             if ($model->CanUserContribute($IdPoll)) {
                 MOD_log::get()->write("Tryin to vote for poll #" . $IdPoll, "polls");
                 $Data = $model->AddVote($args->post, "", $_SESSION["IdMember"]);
                 $page = new PollsPage("", "votedone", $Data);
             } else {
                 MOD_log::get()->write("Refusing vote for poll #" . $IdPoll, "polls");
                 $page = new PollsPage("", "probablyallreadyvote");
             }
             break;
         case 'update':
             $IdPoll = isset($request[2]) ? $request[2] : false;
             $page = new PollsPage("", "showpoll", $model->LoadPoll($IdPoll));
             break;
         case 'doupdatepoll':
             $IdPoll = $args->post["IdPoll"];
             $model->UpdatePoll($args->post);
             $page = new PollsPage("", "showpoll", $model->LoadPoll($IdPoll));
             break;
         case 'addchoice':
             $IdPoll = $args->post["IdPoll"];
             $model->AddChoice($args->post);
             $page = new PollsPage("", "showpoll", $model->LoadPoll($IdPoll));
             break;
         case 'updatechoice':
             $IdPoll = $args->post["IdPoll"];
             $model->UpdateChoice($args->post);
             $page = new PollsPage("", "showpoll", $model->LoadPoll($IdPoll));
             break;
         case 'createpoll':
             MOD_log::get()->write("Creating a poll ", "polls");
             $model->UpdatePoll($args->post);
             $page = new PollsPage("", "listall", $model->LoadList("Project"));
             break;
         case false:
         default:
         case '':
             // no request[1] was specified
             $page = new PollsPage("", "", $model->LoadList("Open"));
             // Without error
             break;
     }
     // return the $page object,
     // so the framework can call the "$page->render()" function.
     return $page;
 }
Esempio n. 23
0
 /**
  * InsertInFTrad function
  *
  * This InsertInFTrad create a new translatable text in MemberTrad
  * @$ss is for the content of the text
  * @$TableColumn refers to the table and coilumn the trad is associated to
  * @$IdRecord is the num of the record in this table
  * @$_IdMember ; is the id of the member who own the record
  * @$_IdLanguage
  * @$IdTrad  is probably useless (I don't remmber why I defined it)
  *
  *
  * Warning : as default language this function will use by priority :
  * 1) the content of $_IdLanguage if it is set to something else than -1
  * 2) the content of an optional $_POST[IdLanguage] if it is set
  * 3) the content of the current $_SESSION['IdLanguage'] of the current membr if it set
  * 4) The default language (0)
  *
  * returns the id of the created trad
  *
  * Improvment: if the value is empty then nothing is inserted but 0 is returned
  *
  *
  *
  */
 function InsertInMTrad($ss, $TableColumn, $IdRecord, $_IdMember = 0, $_IdLanguage = -1, $IdTrad = -1)
 {
     if ($ss == "") {
         // No need to insert an empty record in memberstrads
         return 0;
     }
     if ($_IdMember == 0) {
         // by default it is current member
         $IdMember = $_SESSION['IdMember'];
     } else {
         $IdMember = $_IdMember;
     }
     if ($_IdLanguage == -1) {
         $IdLanguage = $this->_langWrite;
     } else {
         $IdLanguage = $_IdLanguage;
     }
     $IdOwner = $IdMember;
     $IdTranslator = $_SESSION['IdMember'];
     // the recorded translator will always be the current logged member
     if (strpos($ss, "\\'") !== false) {
         $Sentence = $ss;
         $page = "";
         if (isset($_SERVER["PHP_SELF"])) {
             $page = $_SERVER["PHP_SELF"];
         }
         MOD_log::get()->write("in module word->InsertInMTrad, for IdTrad=" . $IdTrad . " The sentence is already escaped with a quote page [" . $page . "]", "Bug");
     } elseif (strpos($ss, '\\"') !== false) {
         $Sentence = $ss;
         $page = "";
         if (isset($_SERVER["PHP_SELF"])) {
             $page = $_SERVER["PHP_SELF"];
         }
         MOD_log::get()->write("in module word->InsertInMTrad, for IdTrad=" . $IdTrad . " The sentence is already escaped with a double quote page [" . $page . "]", "Bug");
     } else {
         $Sentence = $this->_dao->escape($ss);
     }
     $str = "LOCK TABLES memberstrads WRITE";
     $s = $this->_dao->query($str);
     // \todo: Check result?
     if ($IdTrad <= 0) {
         // Compute a new IdTrad
         $s = $this->_dao->query("Select max(IdTrad) as maxi, min(IdTrad) as mini from memberstrads");
         if (!$s) {
             // Unlock table before throwing exception!
             $this->_dao > query("UNLOCK TABLES");
             throw new PException('Failed in InsertInMTrad searching Next max IdTrad');
         }
         $rr = $s->fetch(PDB::FETCH_OBJ);
         if (isset($rr->maxi)) {
             // get
             $IdTrad = max(abs($rr->mini), $rr->maxi) + 1;
         } else {
             $IdTrad = 1;
         }
     }
     $str = "insert into memberstrads(TableColumn,IdRecord,IdLanguage,IdOwner,IdTrad,IdTranslator,Sentence,created) ";
     $str .= "Values('" . $TableColumn . "'," . $IdRecord . "," . $IdLanguage . "," . $IdOwner . "," . $IdTrad . "," . $IdTranslator . ",\"" . $Sentence . "\",now())";
     $s = $this->_dao->query($str);
     if (!$s) {
         // Unlock table before throwing exception!
         $this->_dao > query("UNLOCK TABLES");
         throw new PException('Failed in InsertInMTrad inserting in membertrads');
     }
     // unlock membertrads table, the other table can be updated without lock.
     $this->_dao->query("UNLOCK TABLES");
     // update the IdTrad in the original table (if the TableColumn was given properly and the IdRecord too)
     if (!empty($TableColumn) and !empty($Idrecord)) {
         $table = explode(".", $TableColumn);
         $str = "update " . $table[0] . " set " . $TableColumn . "=" . $IdTrad . " where " . $table[0] . ".id=" . $IdRecord;
         $s = $this->_dao->query($str);
         if (!$s) {
             throw new PException('Failed in InsertInMTrad updating table column [%s]');
         }
     }
     return $IdTrad;
 }
Esempio n. 24
0
 /**
  * sets a new password for this member
  *
  * @param string $pw - new password as string
  * @param boolean $noisy used during data retention to avoid password changed logs
  *
  * @access public
  * @return bool
  */
 public function setPassword($pw, $noisy = true)
 {
     if (!$this->isLoaded()) {
         return false;
     }
     $pw = $this->preparePassword($pw);
     $query = "UPDATE `members` SET `PassWord` = PASSWORD('" . $pw . "') WHERE `id` = " . $this->id;
     if ($this->dao->exec($query)) {
         if ($noisy) {
             $L = MOD_log::get();
             $L->write("Password changed", "change password");
         }
         return true;
     } else {
         return false;
     }
 }
Esempio n. 25
0
 private function _checkIfMoreMembersThanEverAreOnline()
 {
     // TODO: does the table params and its idea really make sense???
     // TODO: is this an appropriate place to do the check?
     // Check, if a record (more members than ever before) is established
     if (!($result = $this->dao->query("\r\nSELECT recordonline\r\nFROM params\r\n            "))) {
         // eek, something wrong with query..
     } else {
         if (!($row = $result->fetch(PDB::FETCH_OBJ))) {
             // ok, nothing found.. what to do?
         } else {
             // check if this is a new record!
             if ($this->howManyMembersOnline() > $row->recordonline) {
                 // more members than ever before are online!!
                 MOD_log::get()->write('New record established, ' . $_SESSION['WhoIsOnlineCount'] . ' members online!', 'Record');
                 $recordonline = $_SESSION['WhoIsOnlineCount'];
                 $this->dao->query("\r\nUPDATE params\r\nSET recordonline = {$recordonline}\r\n                    ");
             }
         }
     }
 }