Esempio n. 1
0
 public function post($params)
 {
     $adm = $this->app->user_manager->is_admin();
     if (defined("MW_API_CALL")) {
         //            $validate_token = $this->app->user_manager->csrf_validate($params);
         //            if (!$adm) {
         //                if ($validate_token == false) {
         //                    return array('error' => 'Invalid token!');
         //                }
         //            }
     }
     $before_process = $this->app->event_manager->trigger('mw.forms_manager.before_post', $params);
     if (is_array($before_process) and !empty($before_process)) {
         foreach ($before_process as $before_process_item) {
             if ($before_process_item === false) {
                 return;
             }
         }
     }
     $table = MW_DB_TABLE_FORMS_DATA;
     mw_var('FORCE_SAVE', $table);
     if (isset($params['id'])) {
         if ($adm == false) {
             return array('error' => 'Error: Only admin can edit forms!');
         }
     }
     $for = 'module';
     if (isset($params['for'])) {
         $for = $params['for'];
     }
     if (isset($params['for_id'])) {
         $for_id = $params['for_id'];
     } else {
         if (isset($params['data-id'])) {
             $for_id = $params['data-id'];
         } else {
             if (isset($params['id'])) {
                 $for_id = $params['id'];
             }
         }
     }
     if (isset($params['rel_id'])) {
         $for_id = $params['rel_id'];
     }
     if (!isset($for_id)) {
         return array('error' => 'Please provide for_id parameter with module id');
     }
     $dis_cap = $this->app->option_manager->get('disable_captcha', $for_id) == 'y';
     if ($dis_cap == false) {
         if (!isset($params['captcha'])) {
             return array('error' => 'Please enter the captcha answer!');
         } else {
             if ($for_id != false) {
                 $validate_captcha = mw()->captcha->validate($params['captcha'], $for_id);
             } else {
                 $validate_captcha = mw()->captcha->validate($params['captcha']);
             }
             if (!$validate_captcha) {
                 if ($adm == false) {
                     return array('error' => 'Invalid captcha answer!', 'captcha_error' => true);
                 }
             }
         }
     }
     // if ($for=='module'){
     $list_id = $this->app->option_manager->get('list_id', $for_id);
     //  }
     $email_to = $this->app->option_manager->get('email_to', $for_id);
     $email_bcc = $this->app->option_manager->get('email_bcc', $for_id);
     $email_autorespond = $this->app->option_manager->get('email_autorespond', $for_id);
     $email_autorespond_subject = $this->app->option_manager->get('email_autorespond_subject', $for_id);
     if (!isset($list_id) or $list_id == false) {
         $list_id = 0;
     }
     $to_save = array();
     $fields_data = array();
     $get_fields = array();
     $get_fields['rel_type'] = $for;
     $get_fields['rel_id'] = $for_id;
     $get_fields['return_full'] = true;
     $more = $this->app->fields_manager->get($get_fields);
     $cf_to_save = array();
     if (!empty($more)) {
         foreach ($more as $item) {
             if (isset($item['name'])) {
                 $cfn = $item['name'];
                 $cfn2 = str_replace(' ', '_', $cfn);
                 if (isset($params[$cfn2]) and $params[$cfn2] != false) {
                     $fields_data[$cfn2] = $params[$cfn2];
                     $item['value'] = $params[$cfn2];
                     $cf_to_save[$cfn] = $item;
                 } elseif (isset($params[$cfn]) and $params[$cfn] != false) {
                     $fields_data[$cfn] = $params[$cfn];
                     $item['value'] = $params[$cfn2];
                     $cf_to_save[$cfn] = $item;
                 }
             }
         }
     } else {
         $cf_to_save = $params;
     }
     $to_save['list_id'] = $list_id;
     $to_save['rel_id'] = $for_id;
     $to_save['rel_type'] = $for;
     $to_save['user_ip'] = MW_USER_IP;
     if (isset($params['module_name'])) {
         $to_save['module_name'] = $params['module_name'];
     }
     if (!empty($fields_data)) {
         $to_save['form_values'] = json_encode($fields_data);
     } else {
         $to_save['form_values'] = json_encode($params);
     }
     $save = $this->app->database_manager->save($table, $to_save);
     $event_params = $params;
     $event_params['saved_form_entry_id'] = $save;
     $this->app->event_manager->trigger('mw.forms_manager.after_post', $event_params);
     if (isset($params['module_name'])) {
         $pp_arr = $params;
         $pp_arr['ip'] = MW_USER_IP;
         unset($pp_arr['module_name']);
         if (isset($pp_arr['rel_type'])) {
             unset($pp_arr['rel_type']);
         }
         if (isset($pp_arr['rel_id'])) {
             unset($pp_arr['rel_id']);
         }
         if (isset($pp_arr['list_id'])) {
             unset($pp_arr['list_id']);
         }
         if (isset($pp_arr['for'])) {
             unset($pp_arr['for']);
         }
         if (isset($pp_arr['for_id'])) {
             unset($pp_arr['for_id']);
         }
         $notif = array();
         $notif['module'] = $params['module_name'];
         $notif['rel_type'] = 'forms_lists';
         $notif['rel_id'] = $list_id;
         $notif['title'] = "New form entry";
         $notif['description'] = "You have new form entry";
         $notif['content'] = "You have new form entry from " . $this->app->url_manager->current(1) . '<br />' . $this->app->format->array_to_ul($pp_arr);
         $this->app->notifications_manager->save($notif);
         if ($email_to == false) {
             $email_to = $this->app->option_manager->get('email_from', 'email');
         }
         $admin_user_mails = array();
         if ($email_to == false) {
             $admins = $this->app->user_manager->get_all('is_admin=1');
             if (is_array($admins) and !empty($admins)) {
                 foreach ($admins as $admin) {
                     if (isset($admin['email']) and filter_var($admin['email'], FILTER_VALIDATE_EMAIL)) {
                         $admin_user_mails[] = $admin['email'];
                         $email_to = $admin['email'];
                     }
                 }
             }
         }
         if ($email_to != false) {
             $mail_sj = "Thank you!";
             $mail_autoresp = "Thank you for your request!";
             if ($email_autorespond_subject != false) {
                 $mail_sj = $email_autorespond_subject;
             }
             if ($email_autorespond != false) {
                 $mail_autoresp = $email_autorespond;
             }
             $mail_autoresp = $mail_autoresp . $this->app->format->array_to_ul($pp_arr);
             $user_mails = array();
             if (isset($admin_user_mails) and !empty($admin_user_mails)) {
                 $user_mails = $admin_user_mails;
             }
             $user_mails[] = $email_to;
             if (isset($email_bcc) and filter_var($email_bcc, FILTER_VALIDATE_EMAIL)) {
                 $user_mails[] = $email_bcc;
             }
             $email_from = false;
             if (isset($cf_to_save) and !empty($cf_to_save)) {
                 foreach ($cf_to_save as $value) {
                     if (is_array($value) and isset($value['value'])) {
                         $to = $value['value'];
                     } else {
                         $to = $value;
                     }
                     if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
                         $user_mails[] = $to;
                         $email_from = $to;
                     }
                 }
             } else {
             }
             if (!empty($user_mails)) {
                 array_unique($user_mails);
                 foreach ($user_mails as $value) {
                     $sender = new \Microweber\Utils\MailSender();
                     $sender->send($value, $mail_sj, $mail_autoresp);
                 }
             }
         }
     }
     return $save;
 }
Esempio n. 2
0
 public function confirm_email_send($order_id, $to = false, $no_cache = false, $skip_enabled_check = false)
 {
     $ord_data = $this->get_order_by_id($order_id);
     if (is_array($ord_data)) {
         if ($skip_enabled_check == false) {
             $order_email_enabled = $this->app->option_manager->get('order_email_enabled', 'orders');
         } else {
             $order_email_enabled = $skip_enabled_check;
         }
         if ($order_email_enabled == true) {
             $order_email_subject = $this->app->option_manager->get('order_email_subject', 'orders');
             $order_email_content = $this->app->option_manager->get('order_email_content', 'orders');
             $order_email_cc = $this->app->option_manager->get('order_email_cc', 'orders');
             $order_email_send_when = $this->app->option_manager->get('order_email_send_when', 'orders');
             if ($order_email_send_when == 'order_paid') {
                 if (isset($ord_data['is_paid']) and $ord_data['is_paid'] == false) {
                     return;
                 }
             }
             if ($order_email_subject == false or trim($order_email_subject) == '') {
                 $order_email_subject = "Thank you for your order!";
             }
             if ($to == false) {
                 $to = $ord_data['email'];
             }
             if ($order_email_content != false and trim($order_email_subject) != '') {
                 if (!empty($ord_data)) {
                     $cart_items = $this->get_cart('fields=title,qty,price,custom_fields_data&order_id=' . $ord_data['id'] . '&no_session_id=' . mw()->user_manager->session_id());
                     // $cart_items = $this->order_items($ord_data['id']);
                     $order_items_html = $this->app->format->array_to_ul($cart_items);
                     // dd($order_items_html);
                     $order_email_content = str_replace('{cart_items}', $order_items_html, $order_email_content);
                     foreach ($ord_data as $key => $value) {
                         if (!is_array($value) and is_string($key)) {
                             if (strtolower($key) == 'amount') {
                                 $value = number_format($value, 2);
                             }
                             $order_email_content = str_ireplace('{' . $key . '}', $value, $order_email_content);
                         }
                     }
                 }
                 //
                 if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
                     $sender = new \Microweber\Utils\MailSender();
                     $sender->send($to, $order_email_subject, $order_email_content);
                     $cc = false;
                     if (isset($order_email_cc) and filter_var($order_email_cc, FILTER_VALIDATE_EMAIL)) {
                         $cc = $order_email_cc;
                         $sender->send($cc, $order_email_subject, $order_email_content);
                     }
                     return true;
                 }
             }
         }
     }
 }
Esempio n. 3
0
 public function confirm_email_send($order_id, $to = false, $no_cache = false, $skip_enabled_check = false)
 {
     $ord_data = $this->get_order_by_id($order_id);
     if (is_array($ord_data)) {
         if ($skip_enabled_check == false) {
             $order_email_enabled = $this->app->option_manager->get('order_email_enabled', 'orders');
         } else {
             $order_email_enabled = $skip_enabled_check;
         }
         if ($order_email_enabled == true) {
             $order_email_subject = $this->app->option_manager->get('order_email_subject', 'orders');
             $order_email_content = $this->app->option_manager->get('order_email_content', 'orders');
             $order_email_cc = $this->app->option_manager->get('order_email_cc', 'orders');
             $order_email_send_when = $this->app->option_manager->get('order_email_send_when', 'orders');
             if ($order_email_send_when == 'order_paid' and !$skip_enabled_check) {
                 if (isset($ord_data['is_paid']) and $ord_data['is_paid'] == false) {
                     return;
                 }
             }
             if ($order_email_subject == false or trim($order_email_subject) == '') {
                 $order_email_subject = "Thank you for your order!";
             }
             if ($to == false) {
                 $to = $ord_data['email'];
             }
             if ($order_email_content != false and trim($order_email_subject) != '') {
                 $cart_items = array();
                 if (!empty($ord_data)) {
                     $cart_items = $this->get_cart('order_id=' . $ord_data['id'] . '&no_session_id=' . mw()->user_manager->session_id());
                     // $cart_items = $this->order_items($ord_data['id']);
                     $order_items_html = $this->app->format->array_to_ul($cart_items);
                     $order_email_content = str_replace('{cart_items}', $order_items_html, $order_email_content);
                     $order_email_content = str_replace('{date}', date("F jS, Y", strtotime($ord_data['created_at'])), $order_email_content);
                     foreach ($ord_data as $key => $value) {
                         if (!is_array($value) and is_string($key)) {
                             if (strtolower($key) == 'amount') {
                                 $value = number_format($value, 2);
                             }
                             $order_email_content = str_ireplace('{' . $key . '}', $value, $order_email_content);
                         }
                     }
                 }
                 $twig = new \Twig_Environment(new \Twig_Loader_String());
                 $order_email_content = $twig->render($order_email_content, array("cart" => $cart_items, "order" => $ord_data));
                 if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
                     $sender = new \Microweber\Utils\MailSender();
                     $sender->send($to, $order_email_subject, $order_email_content);
                     $cc = false;
                     if (isset($order_email_cc) and filter_var($order_email_cc, FILTER_VALIDATE_EMAIL)) {
                         $cc = $order_email_cc;
                         $sender->send($cc, $order_email_subject, $order_email_content, false, $no_cache);
                     }
                     return true;
                 }
             }
         }
     }
 }
Esempio n. 4
0
 public function send_forgot_password($params)
 {
     if (!isset($params['captcha'])) {
         return array('error' => 'Please enter the captcha answer!');
     } else {
         $validate_captcha = $this->app->captcha->validate($params['captcha']);
         if ($validate_captcha == false) {
             return array('error' => 'Invalid captcha answer!', 'captcha_error' => true);
         }
     }
     if (isset($params['email'])) {
         //return array('error' => 'Enter username or email!');
     } else {
         if (!isset($params['username']) or trim($params['username']) == '') {
             return array('error' => 'Enter username or email!');
         }
     }
     $data_res = false;
     $data = false;
     if (isset($params) and !empty($params)) {
         $user = isset($params['username']) ? $params['username'] : false;
         $email = isset($params['email']) ? $params['email'] : false;
         $data = array();
         if (trim($user != '')) {
             $data1 = array();
             $data1['username'] = $user;
             $data = array();
             if (trim($user != '')) {
                 $data = $this->get_all($data1);
                 if ($data == false) {
                     $data1 = array();
                     $data1['email'] = $user;
                     $data = $this->get_all($data1);
                 }
             }
         } elseif (trim($email != '')) {
             $data1 = array();
             $data1['email'] = $email;
             $data = array();
             if (trim($email != '')) {
                 $data = $this->get_all($data1);
             }
         }
         if (isset($data[0])) {
             $data_res = $data[0];
         }
         if (!is_array($data_res)) {
             return array('error' => 'Enter right username or email!');
         } else {
             $to = $data_res['email'];
             if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
                 $subject = "Password reset!";
                 $content = "Hello, {$data_res['username']} <br> ";
                 $content .= "You have requested a password reset link from IP address: " . MW_USER_IP . "<br><br> ";
                 $security = array();
                 $security['ip'] = MW_USER_IP;
                 //  $security['hash'] = $this->app->format->array_to_base64($data_res);
                 $function_cache_id = md5(rand()) . uniqid() . rand() . str_random(40);
                 if (isset($data_res['id'])) {
                     $data_to_save = array();
                     $data_to_save['id'] = $data_res['id'];
                     $data_to_save['password_reset_hash'] = $function_cache_id;
                     $table = $this->tables['users'];
                     mw_var('FORCE_SAVE', $table);
                     $save = $this->app->database_manager->save($table, $data_to_save);
                 }
                 $base_link = $this->app->url_manager->current(1);
                 $cur_template = template_dir();
                 $cur_template_file = normalize_path($cur_template . 'login.php', false);
                 $cur_template_file2 = normalize_path($cur_template . 'forgot_password.php', false);
                 if (is_file($cur_template_file)) {
                     $base_link = site_url('login');
                 } elseif (is_file($cur_template_file2)) {
                     $base_link = site_url('forgot_password');
                 }
                 $pass_reset_link = $base_link . '?reset_password_link=' . $function_cache_id;
                 $notif = array();
                 $notif['module'] = "users";
                 $notif['rel_type'] = 'users';
                 $notif['rel_id'] = $data_to_save['id'];
                 $notif['title'] = "Password reset link sent";
                 $content_notif = "User with id: {$data_to_save['id']} and email: {$to}  has requested a password reset link";
                 $notif['description'] = $content_notif;
                 $this->app->log_manager->save($notif);
                 $content .= "Click here to reset your password  <a href='{$pass_reset_link}'>" . $pass_reset_link . "</a><br><br> ";
                 $sender = new \Microweber\Utils\MailSender();
                 $sender->send($to, $subject, $content);
                 return array('success' => 'Your password reset link has been sent to ' . $to);
             } else {
                 return array('error' => 'Error: the user doesn\'t have a valid email address!');
             }
         }
     }
 }
Esempio n. 5
0
function post_comment($data)
{
    $adm = is_admin();
    $table = MODULE_DB_COMMENTS;
    mw_var('FORCE_SAVE', $table);
    if (isset($data['id'])) {
        if ($adm == false) {
            error('Error: Only admin can edit comments!');
        }
    }
    if (defined("MW_API_CALL")) {
        if (!$adm) {
            $validate_token = mw()->user_manager->csrf_validate($data);
            if ($validate_token == false) {
                return array('error' => 'Invalid token!');
            }
        }
    }
    if (isset($data['action']) and isset($data['id'])) {
        if ($adm == false) {
            error('Error: Only admin can edit comments!');
        } else {
            $action = strtolower($data['action']);
            switch ($action) {
                case 'publish':
                    $data['is_moderated'] = 1;
                    break;
                case 'unpublish':
                    $data['is_moderated'] = 0;
                    break;
                case 'spam':
                    $data['is_moderated'] = 0;
                    break;
                case 'delete':
                    $del = mw()->database_manager->delete_by_id($table, $id = intval($data['id']), $field_name = 'id');
                    return array('success' => 'Deleted comment with id:' . $id);
                    return $del;
                    break;
                default:
                    break;
            }
        }
    } else {
        if (isset($data['rel'])) {
            $data['rel_type'] = $data['rel'];
        }
        if (!isset($data['rel_type'])) {
            return array('error' => 'Error: invalid data');
        }
        if (!isset($data['rel_id'])) {
            return array('error' => 'Error: invalid data');
        } else {
            if (trim($data['rel_id']) == '') {
                return array('error' => 'Error: invalid data');
            }
        }
        if (!isset($data['captcha'])) {
            return array('error' => 'Please enter the captcha answer!');
        } else {
            $cap = mw()->user_manager->session_get('captcha');
            if (isset($data['module_id'])) {
                $captcha_sid = 'captcha_' . $data['module_id'];
                $cap_sid = mw()->user_manager->session_get($captcha_sid);
                if ($cap_sid != false) {
                    $cap = $cap_sid;
                }
            }
            if ($cap == false) {
                return array('error' => 'You must load a captcha first!');
            }
            if (intval($data['captcha']) != $cap) {
                if ($adm == false) {
                    return array('error' => 'Invalid captcha answer!');
                }
            }
        }
    }
    if (!isset($data['id']) and isset($data['comment_body'])) {
        if (!isset($data['comment_email']) and user_id() == 0) {
            return array('error' => 'You must type your email or be logged in order to comment.');
        }
        $ref = mw()->url_manager->current(1);
        if ($ref != false and $ref != '') {
            $data['from_url'] = htmlentities(strip_tags(mw()->url_manager->current(1)));
        }
    }
    if ($adm == true and !isset($data['id']) and !isset($data['is_moderated'])) {
        $data['is_moderated'] = '1';
    } else {
        $require_moderation = get_option('require_moderation', 'comments');
        if ($require_moderation != 'y') {
            $data['is_moderated'] = '0';
        }
    }
    if (!isset($data['id'])) {
        $data['is_new'] = '1';
    }
    $data['allow_html'] = true;
    $data = mw()->format->clean_xss($data);
    $saved_data = mw()->database_manager->save($table, $data);
    if (!isset($data['id']) and isset($data['comment_body'])) {
        $notif = array();
        $notif['module'] = "comments";
        $notif['rel_type'] = $data['rel_type'];
        $notif['rel_id'] = $data['rel_id'];
        $notif['title'] = "You have new comment";
        $notif['description'] = "New comment is posted on " . mw()->url_manager->current(1);
        $notif['content'] = mw()->format->limit(strip_tags($data['comment_body']), 800);
        $notf_id = mw()->notifications_manager->save($notif);
        $data['moderate'] = admin_url('view:modules/load_module:comments/mw_notif:' . $notf_id);
        $email_on_new_comment = get_option('email_on_new_comment', 'comments') == 'y';
        $to = get_option('email_on_new_comment_value', 'comments');
        if ($email_on_new_comment == true) {
            $subject = "You have new comment";
            $message = "Hi, <br/> You have new comment posted on " . mw()->url_manager->current(1) . ' <br /> ';
            $message .= "IP:" . MW_USER_IP . ' <br /> ';
            $message .= mw()->format->array_to_ul($data);
            $sender = new \Microweber\Utils\MailSender();
            $sender->send($to, $subject, $message);
        }
    }
    return $saved_data;
}