/**
* Generates and returns CSRF token
*
* @return string
*/
public static function generateToken()
{
$tokenList = self::getTokenList();
$token = base64_encode(time() . UTIL_String::getRandomString(32));
$tokenList[$token] = time();
self::saveTokenList($tokenList);
return $token;
}
public function prepareButton($params)
{
$appId = OW::getConfig()->getValue('contactimporter', 'facebook_app_id');
if (empty($appId)) {
return;
}
$staticUrl = OW::getPluginManager()->getPlugin('contactimporter')->getStaticUrl();
$document = OW::getDocument();
$document->addScript($staticUrl . 'js/facebook.js');
$userId = OW::getUser()->getId();
$fbLibUrl = 'http://connect.facebook.net/en_US/all.js';
$code = UTIL_String::getRandomString(20);
BOL_UserService::getInstance()->saveUserInvitation($userId, $code);
$urlForInvite = OW::getRequest()->buildUrlQueryString(OW::getRouter()->urlForRoute('base_join'), array('code' => $code));
$js = UTIL_JsGenerator::newInstance();
$js->newObject(array('window', 'CONTACTIMPORTER_FaceBook'), 'CI_Facebook', array($fbLibUrl, $userId, $urlForInvite));
$fbParams = array('appId' => $appId, 'status' => true, 'cookie' => true, 'xfbml' => true);
$js->callFunction(array('CONTACTIMPORTER_FaceBook', 'init'), array($fbParams));
$document->addOnloadScript((string) $js);
OW::getLanguage()->addKeyForJs('contactimporter', 'facebook_inv_message_text');
OW::getLanguage()->addKeyForJs('contactimporter', 'facebook_after_invite_feedback');
return array('iconUrl' => $staticUrl . 'img/f.png', 'onclick' => "CONTACTIMPORTER_FaceBook.request(); return false;");
}
public function send()
{
if (empty($_POST['emailList'])) {
exit(json_encode(array('success' => false, 'message' => OW::getLanguage()->text('contactimporter', 'email_send_error_empty_email_list'))));
}
if (count($_POST['emailList']) > (int) OW::getConfig()->getValue('base', 'user_invites_limit')) {
exit(json_encode(array('success' => false, 'message' => OW::getLanguage()->text('contactimporter', 'email_send_error_max_limit_message', array('limit' => (int) OW::getConfig()->getValue('base', 'user_invites_limit'))))));
}
$userId = OW::getUser()->getId();
$displayName = BOL_UserService::getInstance()->getDisplayName($userId);
$vars = array('inviter' => $displayName, 'siteName' => OW::getConfig()->getValue('base', 'site_name'), 'customMessage' => empty($_POST['text']) ? null : trim($_POST['text']));
foreach ($_POST['emailList'] as $email) {
$code = UTIL_String::getRandomString(20);
BOL_UserService::getInstance()->saveUserInvitation($userId, $code);
$vars['siteInviteURL'] = OW::getRequest()->buildUrlQueryString(OW::getRouter()->urlForRoute('base_join'), array('code' => $code));
$mail = OW::getMailer()->createMail();
$mail->setSubject(OW::getLanguage()->text('contactimporter', 'mail_email_invite_subject', $vars));
$mail->setHtmlContent(OW::getLanguage()->text('contactimporter', 'mail_email_invite_' . (empty($_POST['text']) ? '' : 'msg_') . 'html', $vars));
$mail->setTextContent(OW::getLanguage()->text('contactimporter', 'mail_email_invite_' . (empty($_POST['text']) ? '' : 'msg_') . 'txt', $vars));
$mail->addRecipientEmail($email);
OW::getMailer()->addToQueue($mail);
}
exit(json_encode(array('success' => true, 'message' => OW::getLanguage()->text('contactimporter', 'email_send_success', array('count' => count($_POST['emailList']))))));
}
/**
* @param integer $userId
* @return BOL_UserResetPassword
*/
public function getNewResetPassword($userId)
{
$resetPassword = new BOL_UserResetPassword();
$resetPassword->setUserId($userId);
$resetPassword->setExpirationTimeStamp(time() + self::PASSWORD_RESET_CODE_EXPIRATION_TIME);
$resetPassword->setUpdateTimeStamp(time() + self::PASSWORD_RESET_CODE_UPDATE_TIME);
$resetPassword->setCode(md5(UTIL_String::getRandomString(8, 5)));
$this->resetPasswordDao->save($resetPassword);
return $resetPassword;
}
public function passwordProtection()
{
$language = OW::getLanguage();
$form = new Form('password_protection');
$form->setAjax(true);
$form->setAction(OW::getRouter()->urlFor('BASE_CTRL_BaseDocument', 'passwordProtection'));
$form->setAjaxDataType(Form::AJAX_DATA_TYPE_SCRIPT);
$password = new PasswordField('password');
$form->addElement($password);
$submit = new Submit('submit');
$submit->setValue(OW::getLanguage()->text('base', 'password_protection_submit_label'));
$form->addElement($submit);
$this->addForm($form);
if (OW::getRequest()->isAjax() && $form->isValid($_POST)) {
$data = $form->getValues();
$password = OW::getConfig()->getValue('base', 'guests_can_view_password');
$cryptedPassword = crypt($data['password'], OW_PASSWORD_SALT);
if (!empty($data['password']) && $cryptedPassword === $password) {
setcookie('base_password_protection', UTIL_String::getRandomString(), time() + 86400 * 30, '/');
echo "OW.info('" . OW::getLanguage()->text('base', 'password_protection_success_message') . "');window.location.reload();";
} else {
echo "OW.error('" . OW::getLanguage()->text('base', 'password_protection_error_message') . "');";
}
exit;
}
OW::getDocument()->setHeading($language->text('base', 'password_protection_text'));
OW::getDocument()->getMasterPage()->setTemplate(OW::getThemeManager()->getMasterPageTemplate('mobile_blank'));
}
public function onUserLoginSetAdminCookie(OW_Event $event)
{
$params = $event->getParams();
if (BOL_AuthorizationService::getInstance()->isSuperModerator($params['userId'])) {
$newToken = UTIL_String::getRandomString(32);
OW::getConfig()->saveConfig('base', 'admin_cookie', $newToken);
setcookie('adminToken', $newToken, time() + 3600 * 24 * 100, '/', null, false, true);
}
}
protected function addFakeQuestions()
{
$step = $this->getStep();
$realQuestionList = array();
$valueList = $this->questionValuesList;
$this->questionValuesList = array();
$this->sortedQuestionsList = array();
$this->questionListBySection = array();
$section = '';
$oldQuestionList = OW::getSession()->get(self::SESSION_REAL_QUESTION_LIST);
$allQuestionList = OW::getSession()->get(self::SESSION_ALL_QUESTION_LIST);
if (!empty($oldQuestionList) && !empty($oldQuestionList)) {
$realQuestionList = $oldQuestionList;
$this->sortedQuestionsList = $allQuestionList;
foreach ($this->sortedQuestionsList as $key => $question) {
$this->questionListBySection[$question['sectionName']][] = $question;
if ($question['fake'] == true) {
$this->addDisplayNoneClass(preg_replace('/\\s+(ow_alt1|ow_alt2)/', '', $question['trClass']));
} else {
$this->addEmptyClass(preg_replace('/\\s+(ow_alt1|ow_alt2)/', '', $question['trClass']));
}
if (!empty($valueList[$question['realName']])) {
$this->questionValuesList[$question['name']] = $valueList[$question['realName']];
}
}
} else {
foreach ($this->questions as $sort => $question) {
if ((string) $question['base'] === '0' && $step === 2 || $step === 1) {
if ($section !== $question['sectionName']) {
$section = $question['sectionName'];
}
$event = new OW_Event('base.questions_field_add_fake_questions', $question, true);
OW::getEventManager()->trigger($event);
$addFakes = $event->getData();
if (!$addFakes || in_array($this->questions[$sort]['presentation'], array('password', 'range'))) {
$this->questions[$sort]['fake'] = false;
$this->questions[$sort]['realName'] = $question['name'];
$this->questions[$sort]['trClass'] = $this->toggleQuestionClass();
if ($this->questions[$sort]['presentation'] == 'password') {
$this->toggleQuestionClass();
}
$this->sortedQuestionsList[$question['name']] = $this->questions[$sort];
$this->questionListBySection[$section][] = $this->questions[$sort];
if (!empty($valueList[$question['name']])) {
$this->questionValuesList[$question['name']] = $valueList[$question['name']];
}
continue;
}
$fakesCount = rand(2, 5);
$fakesCount = $fakesCount + 1;
$randId = rand(0, $fakesCount);
for ($i = 0; $i <= $fakesCount; $i++) {
$randName = uniqid(UTIL_String::getRandomString(rand(5, 13), 2));
$question['trClass'] = uniqid('ow_' . UTIL_String::getRandomString(rand(5, 10), 2));
if ($i == $randId) {
$realQuestionList[$randName] = $this->questions[$sort]['name'];
$question['fake'] = false;
$question['required'] = $this->questions[$sort]['required'];
$this->addEmptyClass($question['trClass']);
$question['trClass'] = $question['trClass'] . " " . $this->toggleQuestionClass();
} else {
$question['required'] = 0;
$question['fake'] = true;
$this->addDisplayNoneClass($question['trClass']);
$question['trClass'] = $question['trClass'] . " " . $this->randQuestionClass();
}
$question['realName'] = $this->questions[$sort]['name'];
$question['name'] = $randName;
$this->sortedQuestionsList[$randName] = $question;
if (!empty($valueList[$this->questions[$sort]['name']])) {
$this->questionValuesList[$randName] = $valueList[$this->questions[$sort]['name']];
}
$this->questionListBySection[$section][] = $question;
}
}
}
}
if (OW::getRequest()->isPost()) {
$this->post = $_POST;
if (empty($oldQuestionList)) {
$oldQuestionList = array();
}
if (empty($allQuestionList)) {
$allQuestionList = array();
}
if ($oldQuestionList && $allQuestionList) {
foreach ($oldQuestionList as $key => $value) {
$newKey = array_search($value, $realQuestionList);
if ($newKey !== false && isset($_POST[$key]) && isset($realQuestionList[$newKey])) {
$this->post[$newKey] = $_POST[$key];
}
}
foreach ($allQuestionList as $question) {
if (!empty($question['fake']) && !empty($_POST[$question['name']])) {
$this->isBot = true;
}
}
}
}
if ($this->isBot) {
$event = new OW_Event('base.bot_detected', array('isBot' => true));
OW::getEventManager()->trigger($event);
}
OW::getSession()->set(self::SESSION_REAL_QUESTION_LIST, $realQuestionList);
OW::getSession()->set(self::SESSION_ALL_QUESTION_LIST, $this->sortedQuestionsList);
}
/**
* Updates themes list and regenerates cache of each theme
*/
public function clearThemeCache()
{
$this->themeService->updateThemeList();
$this->themeService->processAllThemes();
if (OW::getConfig()->configExists("base", "cachedEntitiesPostfix")) {
OW::getConfig()->saveConfig("base", "cachedEntitiesPostfix", UTIL_String::getRandomString());
}
}
/**
* Generates randow ID for HTML tags.
*
* @param string $prefix
* @return string
*/
public static function generateAutoId($prefix = null)
{
$prefix = $prefix === null ? 'auto_id' : trim($prefix);
return $prefix . '_' . UTIL_String::getRandomString(8, UTIL_String::RND_STR_ALPHA_NUMERIC);
}
/**
* Updates plugin DB after manual source upload
*
* @param array $params
*/
public function manualUpdateRequest(array $params)
{
$language = OW::getLanguage();
$feedback = OW::getFeedback();
$urlToRedirect = OW::getRouter()->urlForRoute("admin_plugins_installed");
$pluginDto = null;
// check if plugin key was provided
if (!empty($params["key"])) {
$pluginDto = $this->pluginService->findPluginByKey(trim($params["key"]));
}
// try to get item for manual update from DB
if (!$pluginDto) {
$pluginDto = $this->pluginService->findNextManualUpdatePlugin();
}
if (!empty($_GET["mode"])) {
switch (trim($_GET["mode"])) {
case "plugin_up_to_date":
$feedback->warning($language->text("admin", "manage_plugins_up_to_date_message"));
break;
case "plugin_update_success":
if ($pluginDto !== null) {
OW::getEventManager()->trigger(new OW_Event(OW_EventManager::ON_AFTER_PLUGIN_UPDATE, array("pluginKey" => $pluginDto->getKey())));
}
$feedback->info($language->text("admin", "manage_plugins_update_success_message"));
break;
default:
$feedback->error($language->text("admin", "manage_plugins_update_process_error"));
break;
}
$this->redirect($urlToRedirect);
}
// if nothing was found for update or everything is up to date
if (!$pluginDto || (int) $pluginDto->getUpdate() != BOL_PluginService::PLUGIN_STATUS_MANUAL_UPDATE) {
$feedback->warning(OW::getLanguage()->text("admin", "no_plugins_for_manual_updates"));
$this->redirect($urlToRedirect);
}
$this->assign("text", $language->text("admin", "manage_plugins_manual_update_request", array("name" => $pluginDto->getTitle())));
$params = array("plugin" => $pluginDto->getKey(), "back-uri" => urlencode(OW::getRequest()->getRequestUri()), "addParam" => UTIL_String::getRandomString());
$this->assign("redirectUrl", OW::getRequest()->buildUrlQueryString($this->storageService->getUpdaterUrl(), $params));
}
public function send()
{
$request = json_decode($_POST['request'], true);
$userId = OW::getUser()->getId();
$displayName = BOL_UserService::getInstance()->getDisplayName($userId);
foreach ($request['contacts'] as $email) {
$code = UTIL_String::getRandomString(20);
BOL_UserService::getInstance()->saveUserInvitation($userId, $code);
$inviteUrl = OW::getRequest()->buildUrlQueryString(OW::getRouter()->urlForRoute('base_join'), array('code' => $code));
$assigns = array('url' => $inviteUrl, 'message' => empty($request['message']) ? '' : $request['message'], 'user' => $displayName);
$tpl = empty($request['message']) ? 'mail_google_invite' : 'mail_google_invite_msg';
$mail = OW::getMailer()->createMail();
$mail->setSubject(OW::getLanguage()->text('contactimporter', 'mail_google_invite_subject', $assigns));
$mail->setHtmlContent(OW::getLanguage()->text('contactimporter', $tpl . '_html', $assigns));
$mail->setTextContent(OW::getLanguage()->text('contactimporter', $tpl . '_txt', $assigns));
$mail->addRecipientEmail($email);
OW::getMailer()->addToQueue($mail);
}
$message = OW::getLanguage()->text('contactimporter', 'google_send_success', array('count' => count($request['contacts'])));
exit($message);
}
public function install($params = array())
{
$success = true;
$configFile = OW_DIR_INC . 'config.php';
$dirs = array(OW_DIR_PLUGINFILES, OW_DIR_USERFILES, OW_DIR_STATIC, OW_DIR_SMARTY . 'template_c' . DS, OW_DIR_LOG);
$errorDirs = array();
$this->checkWritable($dirs, $errorDirs);
$doInstall = isset($params["action"]);
if (OW::getRequest()->isPost() || $doInstall) {
if (!empty($_POST['isConfigWritable'])) {
@file_put_contents($configFile, $_POST['configContent']);
$this->redirect(OW::getRouter()->urlForRoute("install-action", array("action" => "install")));
}
if (!empty($errorDirs)) {
//INSTALL::getFeedback()->errorMessage('Some directories are not writable');
$this->redirect(OW::getRouter()->urlForRoute("install"));
}
try {
OW::getDbo();
} catch (InvalidArgumentException $e) {
INSTALL::getFeedback()->errorMessage('<b>ow_includes/config.php</b> file is incorrect. Update it with details provided below.');
$this->redirect(OW::getRouter()->urlForRoute("install"));
}
try {
$this->sqlImport(INSTALL_DIR_FILES . 'install.sql');
} catch (Exception $e) {
INSTALL::getFeedback()->errorMessage($e->getMessage());
$this->redirect(OW::getRouter()->urlForRoute("install"));
}
try {
OW::getConfig()->saveConfig('base', 'site_installed', 0);
} catch (Exception $e) {
OW::getConfig()->addConfig('base', 'site_installed', 0);
}
if (isset($_POST['continue']) || $doInstall) {
$this->redirect(OW::getRouter()->urlForRoute('plugins'));
}
}
$this->setPageTitle('Installation');
INSTALL::getStepIndicator()->activate('install');
$configContent = file_get_contents(INSTALL_DIR_FILES . 'config.txt');
$data = INSTALL::getStorage()->getAll();
$hostInfo = explode(':', $data['db_host']);
$data['db_host'] = $hostInfo[0];
$data['db_port'] = empty($hostInfo[1]) ? 'null' : '"' . $hostInfo[1] . '"';
$data['password_salt'] = UTIL_String::getRandomString(16);
$search = array();
$replace = array();
foreach ($data as $name => $value) {
$search[] = '{$' . $name . '}';
$replace[] = $value;
}
$outConfigContent = str_replace($search, $replace, $configContent);
$this->assign('configContent', $outConfigContent);
$this->assign('dirs', $errorDirs);
$this->assign('isConfigWritable', is_writable($configFile));
}
