public function action_index() { //template header $this->template->title = __('Contact Us'); $this->template->meta_description = __('Contact') . ' ' . core::config('general.site_name'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Contact Us'))); if ($this->request->post()) { //captcha check if (captcha::check('contact')) { //check if user is loged in if (Auth::instance()->logged_in()) { $email_from = Auth::instance()->get_user()->email; $name_from = Auth::instance()->get_user()->name; } else { $email_from = core::post('email'); $name_from = core::post('name'); } //akismet spam filter if (!core::akismet($name_from, $email_from, core::post('message'))) { $replace = array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => $name_from, '[EMAIL.FROM]' => $email_from); if (Email::content(core::config('email.notify_email'), core::config('general.site_name'), $email_from, $name_from, 'contact-admin', $replace)) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::WARNING, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Wrong captcha')); } } $this->template->content = View::factory('pages/contact'); }
function gorusKaydet() { captcha::check("index.php?option=com_yeterlilik_taslak&view=gorus_bildir&standartId=" . JRequest::getVar("standartId")); $db =& JFactory::getOracleDBO(); $model = $this->getModel('gorus_kaydet'); $post = JRequest::get('post'); $message = $model->gorusKaydet($db, $post); $this->setRedirect('index.php', $message); }
function ewiki_edit_save_antibot_checkbox(&$save, &$data) { global $ewiki_errmsg; if (!$GLOBALS["ewiki_no_bot"]) { include_once "plugins/lib/captcha.php"; if (!captcha::check()) { $save = NULL; $ewiki_errmsg = "Access Forbidden. You did not successfully pass the captcha."; } else { $GLOBALS["ewiki_no_bot"] = 1; } } }
function display($tpl = null) { global $mainframe; $redirect = "index.php?option=com_belge_sorgula&view=belge_sorgula"; $model =& $this->getModel(); $layout = JRequest::getVar("layout"); $kimlik_no = $_POST["kimlik_no"]; //SORGU SONUC if (isset($layout) && $layout == "sorgu_sonuc") { //Captcha captcha::check($redirect); //Kimlik No if (!isset($_POST['kimlik_no']) || empty($_POST['kimlik_no'])) { JError::raiseWarning(100, "Lütfen T.C. Kimlik No Giriniz"); $mainframe->redirect($redirect); } else { $data = $model->getBelgeDataByTcKimlikNo($kimlik_no); $this->assignRef('data', $data); } } parent::display($tpl); }
public function action_userprofile_contact() { $user = new Model_User($this->request->param('id')); //message to user if ($user->loaded() and $this->request->post()) { if (captcha::check('contact')) { //akismet spam filter if (!core::akismet(core::post('name'), core::post('email'), core::post('message'))) { $ret = $user->email('userprofile.contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => core::post('name'), '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => core::post('email')), core::post('email'), core::post('name')); //if succesfully sent if ($ret) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('You made some mistake')); } Request::current()->redirect(Route::url('profile', array('seoname' => $user->seoname))); } }
$document =& JFactory::getDocument(); $document->addScript(SITE_URL . '/templates/elegance/js/paginate.min.js'); $document->addScript(SITE_URL . '/templates/elegance/js/tablesort.min.js'); ?> <div class="sinavGirisBaslik">Yeterlilik Taslakları</div> <?php $gorev = isset($_POST['gorev']) ? $_POST['gorev'] : "goster"; $itemId = JRequest::getVar('Itemid'); $itemId = isset($itemId) ? $itemId : JRequest::getVar('prevItemId'); $itemIdStr = isset($itemId) ? '&prevItemId=' . $itemId : ''; $itemIdStrOrj = isset($itemId) ? '&Itemid=' . $itemId : ''; if ($gorev == "goster") { formGoster($itemIdStr); } else { if ($gorev == "hepsi") { captcha::check("?option=com_yeterlilik_taslak_ara&gorev=goster&Itemid={$itemId}"); hepsiIleListele($itemIdStrOrj); } } function formGoster($itemIdStr) { $db =& JFactory::getOracleDBO(); ?> <form action="?option=com_yeterlilik_taslak_ara<?php echo $itemIdStr; ?> " method="post"> <input type="hidden" value="hepsi" name="gorev" /> <table> <tr> <td width="200">Sektöre göre ara</td>
public function home() { global $core, $user; $tree = $this->valid_tree(); $v = $this->__(_array_keys(w('is_comment is_form'), 0)); // Form posting enabled and form submitted if ($v['is_form'] && _button()) { if (!is_ghost()) { _fatal(405); } if (!$tree['tree_form']) { _fatal(); } $sql_fields = 'SELECT form_alias, form_required, form_legend, form_regex, FROM _form_fields WHERE form_tree = ? ORDER BY form_order'; if (!($form = _rowset(sql_filter($sql_fields, $tree['tree_id']), 'form_alias'))) { $form = _rowset(sql_filter($sql_fields, 0), 'form_alias'); } $form['secure'] = array('form_required' => 1, 'form_regex' => '^([a-zA-Z]+)$', 'form_alias' => 'secure', 'form_type' => 'text', 'form_legend' => _lang('XCF_LEGEND')); foreach ($form as $row) { $v = array_merge($v, $this->__(array($row['form_alias']))); if (!f($v[$row['form_alias']])) { if ($row['form_required']) { $this->_error(sprintf(_lang('E_COMMENT_FIELD_EMPTY'), $row['form_legend']), false); } continue; } if (f($row['form_regex']) && !preg_match('#' . $row['form_regex'] . '#is', $v[$row['form_alias']])) { $this->_error(sprintf(_lang('E_COMMENT_FIELD_BAD'), $row['form_legend']), false); if ($row['form_alias'] == 'secure') { $v[$row['form_alias']] = ''; } } } require_once XFS . 'core/xcf.php'; $xcf = new captcha(); if ($xcf->check($v['secure']) === false) { $v['secure'] = ''; $this->_error('#E_COMMENT_INVALID_CAPTCHA'); } unset($xcf); require_once XFS . 'core/emailer.php'; $emailer = new emailer(); $emailer->set_decode(true); $emailer->format('plain'); $emailer->from($v['address']); $emailer->set_subject(_rm_acute($v['subject'])); $emailer->use_template('contact_email'); if (f($core->v('default_email'))) { $tree['tree_form_email'] .= (f($tree['tree_form_email']) ? ';' : '') . $core->v('default_email'); } $form_addresses = array_map('trim', array_unique(explode(';', $tree['tree_form_email']))); foreach ($form_addresses as $i => $address) { $row_f = !$i ? 'email_address' : 'cc'; $emailer->{$row_f}($address); } unset($v['secure']); $content = w(); foreach ($form as $row) { if (!f($v[$row['form_alias']])) { continue; } $content[] = $row['form_legend'] . ":\n" . $v[$row['form_alias']]; } $emailer->assign_vars(array('CONTENT' => implode("\n\n", $content), 'FORM_ARTICLE' => $tree['tree_subject'])); $emailer->send(); $emailer->reset(); $response = array('lang' => _lang('FORM_SUCCESS')); $this->e(json_encode($response)); } // Comment posting enabled and form submitted. if ($v['is_comment'] && _button()) { if (!$tree['tree_allow_comments']) { _fatal(); } $cv = $this->__(w('comment_username comment_address comment_website comment_message comment_security')); $comment_time = time(); if (!$user->v('is_member')) { foreach ($cv as $cv_k => $cv_v) { if (!f($cv_v)) { $this->error('E_COMMENT_FILL_FIELDS'); break; } } if (!$this->errors()) { $sql = 'SELECT comment_time FROM _comments WHERE comment_ip = ? AND comment_status = 0'; if ($row_flood = _fieldrow(sql_filter($sql, $user->ip))) { if ($comment_time - $row_flood['comment_time'] < 30) { $this->error('E_COMMENT_FLOOD_TIME'); } } } // CAPTCHA verification require_once XFS . 'core/xcf.php'; $xcf = new captcha(); if ($xcf->check($cv['comment_security']) === false) { $cv['comment_security'] = ''; $this->error('E_COMMENT_INVALID_CAPTCHA'); } unset($xcf); } if (!$this->errors()) { $approve_comments = !$user->v('is_member') ? $tree['tree_approve_comments'] : 1; $sql_insert = array('tree' => (int) $tree['tree_id'], 'uid' => (int) $user->v('user_id'), 'username' => $cv['comment_username'], 'email' => $cv['comment_address'], 'website' => $cv['comment_website'], 'ip' => $user->ip, 'status' => (int) $approve_comments, 'time' => (int) $comment_time, 'message' => $cv['comment_message']); $sql = 'INSERT INTO _comments' . _build_array('INSERT', prefix('comment', $sql_insert)); _sql($sql); if ($approve_comments) { $sql = 'UPDATE _tree SET tree_comments = tree_comments + 1 WHERE tree_id = ?'; _sql(sql_filter($sql, $tree['tree_id'])); } // Send new comment email notification for approval. if (!$approve_comments) { unset($cv['comment_security']); require_once XFS . 'core/emailer.php'; $emailer = new emailer(); $emailer->from($cv['comment_address']); $emailer->use_template('comment_approval'); if (f($tree['tree_form_email'])) { $tree['tree_form_email'] = $core->v('default_comments_email'); } foreach (explode(';', $tree['tree_form_email']) as $i => $row) { $row_f = !$i ? 'email_address' : 'cc'; $emailer->{$row_f}($row); } $input = w(); foreach ($cv as $row_k => $row_v) { if (!f($row_v)) { continue; } if ($row_k == 'comment_message') { $row_v = str_replace("\r\n", '<br />', $row_v); } $input[] = '< ' . $row_v; } $emailer->assign_vars(array('U_APPROVAL' => _link(_rewrite($tree), array('x1' => 'comments')), 'INPUT_FIELDS' => implode('<br /><br />', $input), 'FROM_USERNAME' => $cv['comment_username'])); $emailer->send(); $emailer->reset(); } redirect(_link(_rewrite($tree))); } if ($this->errors()) { if (is_ghost()) { $this->e('!'); } _style('comments_error', array('MESSAGE' => $this->get_errors())); } } // if (f($tree['tree_redirect'])) { if (preg_match('#^[a-z0-9\\-\\_]+$#is', $tree['tree_redirect'])) { $tree['tree_redirect'] = _link($tree['tree_redirect']); } redirect($tree['tree_redirect']); } // if ($tree['tree_parent']) { $sql = 'SELECT * FROM _tree WHERE tree_id = ?'; $parent = _fieldrow(sql_filter($sql, $tree['tree_parent'])); if ($tree['tree_level'] > 2) { $sql = 'SELECT * FROM _tree WHERE tree_id = ?'; $subparent = _fieldrow(sql_filter($sql, $parent['tree_parent'])); } } if ($tree['tree_node']) { $sql = 'SELECT * FROM _tree WHERE tree_id = ?'; $node = _fieldrow(sql_filter($sql, $tree['tree_node'])); } // if (@method_exists($this, 'cf_' . _rewrite($tree))) { $this->{'cf_' . _rewrite($tree)}($tree); } // $sql = 'SELECT * FROM _tree WHERE tree_parent = ? AND tree_child_hide = 0 ORDER BY ??'; $childs = _rowset(sql_filter($sql, $tree['tree_id'], $this->child_order($tree))); foreach ($childs as $i => $row) { if (!$i) { $sql = 'SELECT image_id, image_tree, image_extension FROM _images WHERE image_tree IN (??) ORDER BY RAND()'; $images_child = _rowset(sql_filter($sql, _implode(',', array_keys($childs))), 'tree_id'); _style('tree_child1', array('ORDER_URL' => _link($tree['tree_id'], array('order', 0, 0, 0, 0)))); } _style('tree_child.row', array('ITEM' => $row['tree_id'], 'URL' => _link(_rewrite($row)), 'SUBJECT' => $row['tree_subject'], 'CONTENT' => $row['tree_content'], 'EDITED' => _format_date($row['tree_edited']), 'IMAGE' => isset($images_child[$row['tree_id']]) ? $images_child[$row['tree_id']]['image_id'] . '.' . $images_child[$row['tree_id']]['image_extension'] : 'default.gif')); } // Comments if ($tree['tree_allow_comments'] && $tree['tree_comments']) { $sql = 'SELECT c.comment_id, c.comment_username, c.comment_website, c.comment_time, c.comment_message, m.user_username FROM _comments c, _members m WHERE c.comment_tree = ? AND c.comment_status = 1 AND c.comment_uid = m.user_id ORDER BY c.comment_time DESC'; $comments = _rowset(sql_filter($sql, $tree['tree_id'])); foreach ($comments as $i => $row) { if (!$i) { _style('comments'); } _style('comments.row', array('ID' => $row['comment_id'], 'SUSERNAME' => $row['user_username'], 'USERNAME' => $row['comment_username'], 'WEBSITE' => $row['comment_website'], 'TIME' => _format_date($row['comment_time']), 'MESSAGE' => str_replace("\n", '<br />', $row['comment_message']))); } } // if ($this->css_parent($tree)) { $sql = 'SELECT * FROM _tree WHERE tree_parent = ? AND tree_child_hide = 0 ORDER BY ??'; $childs_parent = _rowset(sql_filter($sql, $this->css_var($tree), $this->child_order($tree))); foreach ($childs_parent as $i => $row) { if (!$i) { $sql = 'SELECT image_id, image_tree, image_extension FROM _images WHERE image_tree IN (??) ORDER BY RAND()'; $images_child_parent = _rowset(sql_filter($sql, _implode(',', array_keys($childs_parent))), 'tree_id'); _style('tree_child', array('ORDER_URL' => _link($tree['tree_id'], array('order', 0, 0, 0, 0)))); } _style('tree_child_parent.row', array('ITEM' => $row['tree_id'], 'URL' => _link(_rewrite($row)), 'TITLE' => $row['tree_subject'], 'IMAGE' => isset($images_child_parent[$row['tree_id']]) ? $images_child_parent[$row['tree_id']]['image_id'] . '.' . $images_child_parent[$row['tree_id']]['image_extension'] : 'default.gif')); } } if ($tree['tree_downloads']) { $sql = 'SELECT * FROM _downloads WHERE download_tree = ? ORDER BY download_order'; $downloads = _rowset(sql_filter($sql, $tree['tree_id'])); foreach ($downloads as $i => $row) { if (!$i) { _style('downloads', array('ORDER_URL' => _link($tree['tree_id'], array('orderd', 0, 0, 0, 0)))); } _style('downloads.row', array('ITEM' => $row['download_id'], 'DOWNLOAD' => _link('get', $row['download_alias'] . '.' . $row['download_extension']), 'TITLE' => $row['download_title'])); } } // if ($tree['tree_form']) { $sql = 'SELECT * FROM _form_fields WHERE form_tree = ? ORDER BY form_order'; $form = _rowset(sql_filter($sql, $tree['tree_id']), 'form_alias'); if (!count($form)) { $sql = 'SELECT * FROM _form_fields WHERE form_tree = 0 ORDER BY form_order'; $form = _rowset($sql, 'form_alias'); } $form['secure'] = array('form_required' => 1, 'form_regex' => '^([a-zA-Z]+)$', 'form_alias' => 'secure', 'form_type' => 'text', 'form_legend' => 'Imagen de seguridad'); _style('form', array('URL' => _link(_rewrite($tree)))); foreach ($form as $row) { _style('form.row', array('ALIAS' => $row['form_alias'], 'REQUIRED' => $row['form_required'], 'LEGEND' => _lang($row['form_legend']), 'TYPE' => $row['form_type'], 'PAGE' => $tree['tree_alias'])); foreach ($row as $row_k => $row_v) { if (preg_match('#^form_(alias|type)$#is', $row_k)) { if ($row_k == 'form_alias') { $row_k = 'name'; } _style('form.row.attrib', array('ATTRIB' => str_replace('form_', '', $row_k), 'VALUE' => $row_v)); } } } } $s_css_page = ''; if (@file_exists('./style/css/_tree_' . _rewrite($tree) . '.css')) { $s_css_page = _rewrite($tree) . '/'; } elseif ($this->css_parent($tree)) { if (!f($tree['tree_css_var'])) { $tree['tree_css_var'] = 'parent'; } $ary_css_var = false; switch ($tree['tree_css_var']) { case 'parent': case 'subparent': case 'node': $ary_css_var = ${$tree['tree_css_var']}; break; default: if (is_numb($tree['tree_css_var'])) { $sql = 'SELECT * FROM _tree WHERE tree_id = ?'; if ($css_var_row = _fieldrow(sql_filter($sql, $tree['tree_css_var']))) { $ary_css_var = $css_var_row; } } break; } if ($ary_css_var !== false) { $s_css_page = _rewrite($ary_css_var) . '/'; } } v_style(array('S_IMAGES' => $core->v('address') . 'container/images/a_' . ($this->css_parent($tree) ? $this->css_var($tree) : $tree['tree_id']) . '/', 'V_TREE' => $tree['tree_id'], 'V_CSS' => $s_css_page, 'V_SUBJECT' => $tree['tree_subject'], 'V_CONTENT' => _message($tree['tree_content']), 'V_COMMENTS' => $tree['tree_comments'], 'V_ALLOW_COMMENTS' => $tree['tree_allow_comments'], 'V_ALLOW_FORM' => $tree['tree_form'], 'U_COMMENTS' => _link(_rewrite($tree)), 'U_XCF' => _link(_rewrite($tree) . '-xs.jpg', false, false))); $tree['tree_subject'] = strip_tags($tree['tree_subject']); // if ($tree['tree_alias'] != 'home') { if ($node['tree_id'] != $parent['tree_id']) { $this->navigation($node['tree_subject'], _rewrite($node)); } if ($tree['tree_level'] > 2) { if ($parent['tree_id'] && $node['tree_id'] && $tree['tree_level'] > 3) { $this->navigation('...'); } $this->navigation($subparent['tree_subject'], _rewrite($subparent)); } if ($parent['tree_id']) { $this->navigation($parent['tree_subject'], _rewrite($parent)); } $this->navigation($tree['tree_subject'], _rewrite($tree)); } if ($user->v('is_member')) { $tree['tree_cp'] = 1; $i = 0; $auth_tree = array('create', 'modify', 'remove'); foreach ($auth_tree as $row) { if (_auth_get('cp_' . $row)) { if (!$i) { _style('auth'); } _style('auth.row', array('U_AUTH' => _link('cp', array($row, _rewrite($tree))), 'V_NAME' => _lang('CP_AUTH_' . $row))); $i++; } } } // $this->_template('tree'); if (f($tree['tree_template']) && @file_exists('./style/custom/' . $tree['tree_template'] . '.htm')) { $this->_template('custom/' . $tree['tree_template']); } // TODO: 304 header response header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $tree['tree_edited']) . ' GMT'); return; }
/** * * Display reviews advert. * @throws HTTP_Exception_404 * */ public function action_reviews() { $seotitle = $this->request->param('seotitle', NULL); if ($seotitle !== NULL and Core::config('advertisement.reviews') == 1) { $ad = new Model_Ad(); $ad->where('seotitle', '=', $seotitle)->where('status', '!=', Model_Ad::STATUS_SPAM)->limit(1)->cached()->find(); if ($ad->loaded()) { $errors = NULL; //adding a new review if ($this->request->post() and Auth::instance()->logged_in()) { $user = Auth::instance()->get_user(); //only able to review if bought the product if (Core::config('advertisement.reviews_paid') == 1) { $order = new Model_Order(); $order->where('id_ad', '=', $ad->id_ad)->where('id_user', '=', $user->id_user)->where('id_product', '=', Model_Order::PRODUCT_AD_SELL)->where('status', '=', Model_Order::STATUS_PAID)->find(); if (!$order->loaded()) { Alert::set(Alert::ERROR, __('You can only add a review if you bought this product')); $this->redirect(Route::url('ad-review', array('seotitle' => $ad->seotitle))); } } //not allowing to review to yourself if ($user->id_user == $ad->id_user) { Alert::set(Alert::ERROR, __('You can not review yourself.')); $this->redirect(Route::url('ad-review', array('seotitle' => $ad->seotitle))); } $review = new Model_Review(); $review->where('id_ad', '=', $ad->id_ad)->where_open()->or_where('id_user', '=', $user->id_user)->or_where('ip_address', '=', ip2long(Request::$client_ip))->where_close()->find(); //d($review); if (!$review->loaded()) { if (captcha::check('review')) { $validation = Validation::factory($this->request->post())->rule('rate', 'numeric')->rule('description', 'not_empty')->rule('description', 'min_length', array(':value', 5))->rule('description', 'max_length', array(':value', 1000)); if ($validation->check()) { $rate = core::post('rate'); if ($rate > Model_Review::RATE_MAX) { $rate = Model_Review::RATE_MAX; } elseif ($rate < 0) { $rate = 0; } $review = new Model_Review(); $review->id_user = $user->id_user; $review->id_ad = $ad->id_ad; $review->description = core::post('description'); $review->status = Model_Review::STATUS_ACTIVE; $review->ip_address = ip2long(Request::$client_ip); $review->rate = $rate; $review->save(); //email product owner?? notify him of new review $ad->user->email('ad-review', array('[AD.TITLE]' => $ad->title, '[RATE]' => $review->rate, '[DESCRIPTION]' => $review->description, '[URL.QL]' => $ad->user->ql('ad-review', array('seotitle' => $ad->seotitle)))); $ad->recalculate_rate(); $ad->user->recalculate_rate(); Alert::set(Alert::SUCCESS, __('Thanks for your review!')); } else { $errors = $validation->errors('ad'); foreach ($errors as $f => $err) { Alert::set(Alert::ALERT, $err); } } } else { Alert::set(Alert::ERROR, __('Wrong Captcha')); } } else { Alert::set(Alert::ERROR, __('You already added a review')); } } $this->template->scripts['footer'][] = 'js/jquery.raty.min.js'; $this->template->scripts['footer'][] = 'js/review.js'; Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); Breadcrumbs::add(Breadcrumb::factory()->set_title($ad->title)->set_url(Route::url('ad', array('seotitle' => $ad->seotitle, 'category' => $ad->category->seoname)))); $this->template->title = $ad->title . ' - ' . __('Reviews'); Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Reviews'))); $this->template->meta_description = text::removebbcode($ad->description); $permission = TRUE; //permission to add hit to advert and give access rights. $auth_user = Auth::instance(); if (!$auth_user->logged_in() or $auth_user->get_user()->id_user != $ad->id_user and ($auth_user->get_user()->id_role != Model_Role::ROLE_ADMIN and $auth_user->get_user()->id_role != Model_Role::ROLE_MODERATOR) or $auth_user->get_user()->id_role != Model_Role::ROLE_ADMIN and $auth_user->get_user()->id_role != Model_Role::ROLE_MODERATOR) { $permission = FALSE; $user = NULL; } else { $user = $auth_user->get_user()->id_user; } $captcha_show = core::config('advertisement.captcha'); if ($ad->get_first_image() !== NULL) { Controller::$image = $ad->get_first_image(); } $reviews = new Model_Review(); $reviews = $reviews->where('id_ad', '=', $ad->id_ad)->where('status', '=', Model_Review::STATUS_ACTIVE)->find_all(); $this->template->bind('content', $content); $this->template->content = View::factory('pages/ad/reviews', array('ad' => $ad, 'permission' => $permission, 'captcha_show' => $captcha_show, 'user' => $user, 'reviews' => $reviews, 'errors' => $errors)); } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } } else { //throw 404 throw HTTP_Exception::factory(404, __('Page not found')); } }
/** * Simple register for user * */ public function action_register() { //validates captcha if (Core::post('ajaxValidateCaptcha')) { $this->auto_render = FALSE; $this->template = View::factory('js'); if (captcha::check('register', TRUE)) { $this->template->content = 'true'; } else { $this->template->content = 'false'; } return; } $this->template->meta_description = __('Create a new profile at') . ' ' . core::config('general.site_name'); $this->template->content = View::factory('pages/auth/register'); $this->template->content->msg = ''; //if user loged in redirect home if (Auth::instance()->logged_in()) { $this->redirect(Route::get('oc-panel')->uri()); } elseif ($this->request->post()) { if (captcha::check('register')) { $validation = Validation::factory($this->request->post())->rule('name', 'not_empty')->rule('email', 'not_empty')->rule('email', 'email')->rule('email', 'email_domain')->rule('password1', 'not_empty')->rule('password2', 'not_empty')->rule('password1', 'matches', array(':validation', 'password1', 'password2')); if (core::post('cf_vatnumber') and core::post('cf_vatcountry')) { if (!euvat::verify_vies(core::post('cf_vatnumber'), core::post('cf_vatcountry'))) { Alert::set(Alert::ERROR, __('Invalid EU Vat Number, please verify number and country match')); $this->redirect(Route::url('oc-panel', array('controller' => 'auth', 'action' => 'register'))); } } if ($validation->check()) { //posting data so try to remember password if (CSRF::valid('register')) { $email = core::post('email'); //check we have this email in the DB $user = new Model_User(); $user = $user->where('email', '=', $email)->limit(1)->find(); if ($user->loaded()) { Form::set_errors(array(__('User already exists'))); } else { //creating the user $user = Model_User::create_email($email, core::post('name'), core::post('password1')); //add custom fields $save_cf = FALSE; foreach ($this->request->post() as $custom_field => $value) { if (strpos($custom_field, 'cf_') !== FALSE) { $user->{$custom_field} = $value; $save_cf = TRUE; } } //saves the user only if there was CF if ($save_cf === TRUE) { $user->save(); } //login the user Auth::instance()->login(core::post('email'), core::post('password1')); Alert::set(Alert::SUCCESS, __('Welcome!')); //login the user $this->redirect(Core::post('auth_redirect', Route::url('oc-panel'))); } } } else { $errors = $validation->errors('auth'); foreach ($errors as $error) { Alert::set(Alert::ALERT, $error); } } } else { Alert::set(Alert::ALERT, __('Captcha is not correct')); } } //template header $this->template->title = __('Register new user'); }
function check($form) { global $_out; $xml = new xml($form); $res = $xml->query('.//field[@check]', $form); $arrEmptyOrFlags = array(); foreach ($res as $field) { $val = param($field->getAttribute('name')); if (preg_match('/empty-or-([^\\s"]+)/', $field->getAttribute('check'), $m) && ($field2 = $xml->query('.//field[@name="' . $m[1] . '"]', $form)->item(0))) { if (!in_array($m[1], $arrEmptyOrFlags)) { $arrEmptyOrFlags[] = $field->getAttribute('name'); if ($this->validateFieldValue($form, $field, $val) && $this->validateFieldValue($form, $field2, param($m[1]))) { $this->err('Field "' . $field->getAttribute('label') . '" or "' . $field2->getAttribute('label') . '" required'); } } continue; } if ($err = $this->validateFieldValue($form, $field, $val)) { $this->err($err); } } if ($this->hasCaptcha($form)) { $captcha = new captcha(); $captcha->setLanguage($_out->getLang()); $captcha->setParamName('captcha'); if (!$captcha->check()) { $this->err('The result of the expression in the image incorrectly'); } } return $this->hasErrors(); }
function addcom() { global $db, $apx, $user; $_POST['mid'] = (int) $_POST['mid']; if (!$_POST['mid']) { die('missing mID!'); } //if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!'); $apx->lang->drop('add', 'comments'); list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC"); //Captcha prüfen if ($this->set['captcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchafailed = $captcha->check(); } if ($user->info['userid']) { if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if ($this->set['mod'] && !$user->is_team_member()) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['userid'] = $user->info['userid']; $_POST['username'] = $user->info['username']; $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active'); $comid = $db->insert_id(); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } elseif ($this->set['pub']) { if (!checkmail($_POST['email'])) { if ($this->set['req_email']) { $emailnotvalid = true; } else { $_POST['email'] = ''; } } if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($_POST['notify'] && !$_POST['email']) { message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($emailnotvalid) { message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if (substr($_POST['homepage'], 0, 4) == 'www.') { $_POST['homepage'] = 'http://' . $_POST['homepage']; } if ($this->set['mod']) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active'); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } }
$document =& JFactory::getDocument(); $document->addScript(SITE_URL . '/templates/elegance/js/paginate.min.js'); $document->addScript(SITE_URL . '/templates/elegance/js/tablesort.min.js'); $gorev = JRequest::getVar('gorev'); $itemId = JRequest::getVar('Itemid'); $itemId = isset($itemId) ? $itemId : JRequest::getVar('prevItemId'); $itemIdStr = isset($itemId) ? '&prevItemId=' . $itemId : ''; $itemIdStrOrj = isset($itemId) ? '&Itemid=' . $itemId : ''; ?> <div class="sinavGirisBaslik">Yetkilendirilmiş Kuruluşlar</div> <?php if ($gorev == "goster" || $gorev == '') { formGoster($itemIdStr); } else { if ($gorev == "hepsi") { captcha::check("index.php?option=com_yetkilendirilmis_kurulus_ara&gorev=goster&Itemid={$itemId}"); hepsiIleListele($itemIdStrOrj); } else { if ($gorev == "tumu") { tumunuListele($itemIdStrOrj); } else { if ($gorev == "ayrinti") { kurulusBilgiListele($itemIdStrOrj); } } } } function formGoster($itemIdStr) { $db =& JFactory::getOracleDBO(); ?>
/** * Simple register for user * */ public function action_register() { //validates captcha if (Core::post('ajaxValidateCaptcha')) { $this->auto_render = FALSE; $this->template = View::factory('js'); if (captcha::check('register', TRUE)) { $this->template->content = 'true'; } else { $this->template->content = 'false'; } return; } $this->template->content = View::factory('pages/auth/register'); $this->template->content->msg = ''; //if user loged in redirect home if (Auth::instance()->logged_in()) { $this->redirect(Route::get('oc-panel')->uri()); } elseif ($this->request->post()) { if (captcha::check('register')) { $validation = Validation::factory($this->request->post())->rule('name', 'not_empty')->rule('email', 'not_empty')->rule('email', 'email')->rule('password1', 'not_empty')->rule('password2', 'not_empty')->rule('password1', 'matches', array(':validation', 'password1', 'password2')); if ($validation->check()) { //posting data so try to remember password if (CSRF::valid('register')) { $email = core::post('email'); //check we have this email in the DB $user = new Model_User(); $user = $user->where('email', '=', $email)->limit(1)->find(); if ($user->loaded()) { Form::set_errors(array(__('User already exists'))); } else { //creating the user $user = Model_User::create_email($email, core::post('name'), core::post('password1')); //login the user Auth::instance()->login(core::post('email'), core::post('password1')); Alert::set(Alert::SUCCESS, __('Welcome!')); //login the user $this->redirect(Core::post('auth_redirect', Route::url('oc-panel'))); } } } else { $errors = $validation->errors('auth'); foreach ($errors as $error) { Alert::set(Alert::ALERT, $error); } } } else { Alert::set(Alert::ALERT, __('Captcha is not correct')); } } //template header $this->template->title = __('Register new user'); $this->template->meta_description = __('Create a new profile at') . ' ' . Core::config('general.site_name'); }
?> <div class="sinavGirisBaslik"><?php echo $baslik; ?> </div> <?php $gorev = isset($_POST['gorev']) ? $_POST['gorev'] : "goster"; $itemId = JRequest::getVar('Itemid'); $itemId = isset($itemId) ? $itemId : JRequest::getVar('prevItemId'); $itemIdStr = isset($itemId) ? '&prevItemId=' . $itemId : ''; $itemIdStrOrj = isset($itemId) ? '&Itemid=' . $itemId : ''; if ($gorev == "goster") { formGoster($itemIdStr, $protokolStr, $gorusStr); } else { if ($gorev == "hepsi") { captcha::check("index.php?option=com_meslek_std_taslak_ara&gorev=goster{$protokolStr}&Itemid={$itemId}"); hepsiIleListele($itemIdStrOrj, $isProtokol, $protokolStr, $isGorus, $gorusStr); } } function formGoster($itemIdStr, $protokolStr, $gorusStr) { $db =& JFactory::getOracleDBO(); ?> <form action="index.php?option=com_meslek_std_taslak_ara<?php echo $protokolStr; echo $gorusStr; echo $itemIdStr; ?> " method="post"><input type="hidden" value="hepsi" name="gorev" />
?> <div class="sinavGirisBaslik"><?php echo $baslik; ?> </div> <?php $gorev = isset($_POST['gorev']) ? $_POST['gorev'] : "goster"; $itemId = JRequest::getVar('Itemid'); $itemId = isset($itemId) ? $itemId : JRequest::getVar('prevItemId'); $itemIdStr = isset($itemId) ? '&prevItemId=' . $itemId : ''; $itemIdStrOrj = isset($itemId) ? '&Itemid=' . $itemId : ''; if ($gorev == "goster") { formGoster($itemIdStr, $protokolStr, $gorusStr); } else { if ($gorev == "hepsi") { captcha::check("index.php?option=com_yeterlilik_taslak_ara&gorev=goster{$protokolStr}&Itemid={$itemId}"); hepsiIleListele($itemIdStrOrj, $isProtokol, $protokolStr, $isGorus, $gorusStr); } } function formGoster($itemIdStr, $protokolStr, $gorusStr) { $db =& JFactory::getOracleDBO(); ?> <form action="index.php?option=com_yeterlilik_taslak_ara<?php echo $protokolStr; echo $gorusStr; echo $itemIdStr; ?> " method="post"> <input type="hidden" value="hepsi" name="gorev" /> <table>
public function action_userprofile_contact() { $user_to = new Model_User($this->request->param('id')); //message to user if ($user_to->loaded() and $this->request->post()) { if (captcha::check('contact')) { //check if user is loged in if (Auth::instance()->logged_in()) { $email_from = Auth::instance()->get_user()->email; $name_from = Auth::instance()->get_user()->name; } else { $email_from = core::post('email'); $name_from = core::post('name'); } //require login to contact if (core::config('general.messaging') == TRUE and !Auth::instance()->logged_in()) { Alert::set(Alert::INFO, __('Please, login before contacting')); HTTP::redirect(Route::url('oc-panel')); } //akismet spam filter if (!core::akismet($name_from, $email_from, core::post('message'))) { if (core::config('general.messaging')) { $ret = Model_Message::send_user(core::post('message'), $this->user, $user_to); } else { $ret = $user_to->email('user-profile-contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => $name_from, '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => $email_from), $email_from, $name_from); } //if succesfully sent if ($ret) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Captcha is not correct')); } HTTP::redirect(Route::url('profile', array('seoname' => $user_to->seoname))); } }
function login() { // Check for request forgeries JRequest::checkToken('request') or jexit('Invalid Token'); captcha::check("index.php"); global $mainframe; if ($return = JRequest::getVar('return', '', 'method', 'base64')) { $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } } $options = array(); $options['remember'] = JRequest::getBool('remember', false); $options['return'] = $return; $credentials = array(); $credentials['username'] = JRequest::getVar('username', '', 'method', 'username'); $credentials['password'] = JRequest::getString('passwd', '', 'post', JREQUEST_ALLOWRAW); //preform the login action $error = $mainframe->login($credentials, $options); if (!JError::isError($error)) { // Redirect if the return url is not registration or login if (!$return) { $return = 'index.php?option=com_user'; } else { $db =& JFactory::getDBO(); //Mysql $user =& JFactory::getUser(); $tgUserId = $user->getOracleUserId(); $active = $user->getActive(); if ($tgUserId != null) { // Kurum kaydi yapmissa $dbOrc =& JFactory::getOracleDBO(); //Oracle if ($active == null or $active == 0) { //Sadece 1 kere girmeli if ($this->getPersonelDurum($dbOrc, $tgUserId)) { $this->activateUser($db, $user->id); $tips = $this->getBasvuruTip($dbOrc, $tgUserId); for ($i = 0; $i < count($tips); $i++) { switch ($tips[$i]) { case 1: //Meslek Standardi $role = T1_ROLE_ID; $group = T1_GROUP_ID; $function = T1_FUNCTION_ID; break; case 2: //Yeterlilik $role = T2_ROLE_ID; $group = T2_GROUP_ID; $function = T2_FUNCTION_ID; break; case 3: //Sinav ve Belgelendirme $role = T3_ROLE_ID; $group = T3_GROUP_ID; $function = T3_FUNCTION_ID; break; case 4: //Akreditasyon $role = T4_ROLE_ID; $group = T4_GROUP_ID; $function = T4_FUNCTION_ID; break; } if ($i == 0) { //ilk seferde update et $this->updateAclGroup($db, $user, $group, $role, $function); } else { //digerlerini insert et $this->insertAclGroup($db, $user, $group, $role, $function); } } //End for } else { if ($active == null) { //Daha Kurulus basvuru onay almamis //Mesaj } } } else { if ($active == 1) { //Kurulus Basvurusu Onaylanmis $kurulus_durum = $this->getKurulusDurum($dbOrc, $tgUserId); if ($kurulus_durum != 1) { //En az bir basvurusu onaylanmis switch ($kurulus_durum) { case 2: //Yetkilendirilmis Meslek Standardi Kurulusu //$role = YT1_ROLE_ID; //$group = YT1_GROUP_ID; //$function = YT1_FUNCTION_ID; $roleArr = array(YT1_ROLE_ID); $groupArr = array(YT1_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID); //YET ve SvB sil //$this->deleteAclGroup ($db, $user, YT2_GROUP_ID); //$this->deleteAclGroup ($db, $user, YT3_GROUP_ID); //Gruba Uye Degilse Ekle //if (!FormFactory::checkAclGroupId ($user->id, $group)) // $this->insertAclGroup ($db, $user, $group, $role, $function); break; case 3: //Yetkilendirilmis Yeterlilik Kurulusu //$role = YT2_ROLE_ID; //$group = YT2_GROUP_ID; //$function = YT2_FUNCTION_ID; $roleArr = array(YT2_ROLE_ID); $groupArr = array(YT2_GROUP_ID); $functionArr = array(YT2_FUNCTION_ID); //MSTD ve SvB sil //$this->deleteAclGroup ($db, $user, YT1_GROUP_ID); //$this->deleteAclGroup ($db, $user, YT3_GROUP_ID); //Gruba Uye Degilse Ekle //if (!FormFactory::checkAclGroupId ($user->id, $group)) // $this->insertAclGroup ($db, $user, $group, $role, $function); break; case 4: //Yetkilendirilmis Belgelendirme Kurulusu //$role = YT3_ROLE_ID; //$group = YT3_GROUP_ID; //$function = YT3_FUNCTION_ID; $roleArr = array(YT3_ROLE_ID); $groupArr = array(YT3_GROUP_ID); $functionArr = array(YT3_FUNCTION_ID); //MSTD ve YET sil //$this->deleteAclGroup ($db, $user, YT1_GROUP_ID); //$this->deleteAclGroup ($db, $user, YT2_GROUP_ID); //Gruba Uye Degilse Ekle //if (!FormFactory::checkAclGroupId ($user->id, $group)) // $this->insertAclGroup ($db, $user, $group, $role, $function); break; case 5: $roleArr = array(YT4_ROLE_ID); $groupArr = array(YT4_GROUP_ID); $functionArr = array(YT4_FUNCTION_ID); break; case 6: //MSTD ve YET $roleArr = array(YT1_ROLE_ID, YT2_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT2_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT2_FUNCTION_ID); //SvB sil //$this->deleteAclGroup ($db, $user, YT3_GROUP_ID); break; case 7: //MSTD ve SvB $roleArr = array(YT1_ROLE_ID, YT3_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT3_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT3_FUNCTION_ID); //YET sil //$this->deleteAclGroup ($db, $user, YT2_GROUP_ID); break; case 8: //MSTD ve AKR $roleArr = array(YT1_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT4_FUNCTION_ID); break; case 9: //YET ve SvB $roleArr = array(YT2_ROLE_ID, YT3_ROLE_ID); $groupArr = array(YT2_GROUP_ID, YT3_GROUP_ID); $functionArr = array(YT2_FUNCTION_ID, YT3_FUNCTION_ID); //MSTD sil //$this->deleteAclGroup ($db, $user, YT1_GROUP_ID); break; case 10: //YET ve AKR $roleArr = array(YT2_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT2_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT2_FUNCTION_ID, YT4_FUNCTION_ID); break; case 11: //SvB ve AKR $roleArr = array(YT3_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT3_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT3_FUNCTION_ID, YT4_FUNCTION_ID); break; case 12: //MSTD, YET ve SvB $roleArr = array(YT1_ROLE_ID, YT2_ROLE_ID, YT3_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT2_GROUP_ID, YT3_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT2_FUNCTION_ID, YT3_FUNCTION_ID); break; case 13: //MSTD, YET ve AKR $roleArr = array(YT1_ROLE_ID, YT2_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT2_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT2_FUNCTION_ID, YT4_FUNCTION_ID); break; case 14: //MSTD, SvB ve AKR $roleArr = array(YT1_ROLE_ID, YT3_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT3_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT3_FUNCTION_ID, YT4_FUNCTION_ID); break; case 15: //SvB, YET ve AKR $roleArr = array(YT2_ROLE_ID, YT3_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT2_GROUP_ID, YT3_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT2_FUNCTION_ID, YT3_FUNCTION_ID, YT4_FUNCTION_ID); break; case 16: //4'u Birden $roleArr = array(YT1_ROLE_ID, YT2_ROLE_ID, YT3_ROLE_ID, YT4_ROLE_ID); $groupArr = array(YT1_GROUP_ID, YT2_GROUP_ID, YT3_GROUP_ID, YT4_GROUP_ID); $functionArr = array(YT1_FUNCTION_ID, YT2_FUNCTION_ID, YT3_FUNCTION_ID, YT4_FUNCTION_ID); break; } //T1, T2, T3, T4 silinmeyecek $this->deleteAllAclGroups($db, $user); for ($i = 0; $i < count($roleArr); $i++) { $role = $roleArr[$i]; $group = $groupArr[$i]; $function = $functionArr[$i]; //Gruba Uye Degilse Ekle if (!FormFactory::checkAclGroupId($user->id, $group)) { $this->insertAclGroup($db, $user, $group, $role, $function); } } } else { // Hicbir basvurusu onayli degil //T1, T2, T3, T4 silinmeyecek $this->deleteAllAclGroups($db, $user); } } else { if ($active == 2) { // SEKTOR SORUMLUSU //Meslek veya Yeterlilik grubunu sec $tip = $this->getSektorSorumlusuTip($dbOrc, $tgUserId); switch ($tip) { case MS_SEKTOR_TIPI: //Meslek Standart Sektor Sorumlusu $role = MS_SEKTOR_SORUMLUSU_ROLE_ID; $group = MS_SEKTOR_SORUMLUSU_GROUP_ID; $function = MS_SEKTOR_SORUMLUSU_FUNCTION_ID; $this->deleteAclGroup($db, $user, YET_SEKTOR_SORUMLUSU_GROUP_ID); //Gruba Uye Degilse Ekle if (!FormFactory::checkAclGroupId($user->id, $group)) { $this->insertAclGroup($db, $user, $group, $role, $function); } break; case YET_SEKTOR_TIPI: //Yeterlilik Sektor Sorumlusu $role = YET_SEKTOR_SORUMLUSU_ROLE_ID; $group = YET_SEKTOR_SORUMLUSU_GROUP_ID; $function = YET_SEKTOR_SORUMLUSU_FUNCTION_ID; $this->deleteAclGroup($db, $user, MS_SEKTOR_SORUMLUSU_GROUP_ID); //Gruba Uye Degilse Ekle if (!FormFactory::checkAclGroupId($user->id, $group)) { $this->insertAclGroup($db, $user, $group, $role, $function); } break; case 3: //Ikisi birden $roleArr = array(YET_SEKTOR_SORUMLUSU_ROLE_ID, MS_SEKTOR_SORUMLUSU_ROLE_ID); $groupArr = array(YET_SEKTOR_SORUMLUSU_GROUP_ID, MS_SEKTOR_SORUMLUSU_GROUP_ID); $functionArr = array(YET_SEKTOR_SORUMLUSU_FUNCTION_ID, MS_SEKTOR_SORUMLUSU_FUNCTION_ID); for ($i = 0; $i < count($roleArr); $i++) { $role = $roleArr[$i]; $group = $groupArr[$i]; $function = $functionArr[$i]; //Gruba Uye Degilse Ekle if (!FormFactory::checkAclGroupId($user->id, $group)) { $this->insertAclGroup($db, $user, $group, $role, $function); } } } //$mainframe->redirect( $return , "sektor sorumlusu"); } else { if ($active == 7) { $role = 26; $group = 26; $function = 18; $this->deleteAclGroup($db, $user, 26); //Gruba Uye Degilse Ekle if (!FormFactory::checkAclGroupId($user->id, $group)) { $this->insertAclGroup($db, $user, $group, $role, $function); } } } } } } } $mainframe->redirect($return); } else { // Facilitate third party login forms if (!$return) { $return = 'index.php?option=com_user&view=login'; } // Redirect to a login form $mainframe->redirect($return); } }
<br /> <img alt="captcha" src="<?php //kode untuk menampilkan captcha! echo captcha::image_url('pesan'); ?> "> <br /> <input id="captcha" name="captcha" type="text" /> <br /> <input type="submit" /> </form> </div> <?php //cara mengecek apakah input capthca user //benar atau salah if ($_POST) { if (captcha::check('pesan')) { echo ' captcha! OK! <br>'; /*Di bagian ini bisa anda ganti dengan code untuk menyimpan data kedatabase atau pemrosesan lainnya sesuai kebutuhan */ echo "Nama :" . $_POST['nama'] . "<br/>"; echo "<p>Pesan :" . $_POST['pesan'] . "<br/>"; } else { echo "captcha salah, silahkan ulangi!"; } } ?> </body> </html>
$document->addStyleSheet(SITE_URL . '/templates/elegance/css/jscal2.css'); $post = JRequest::get('post'); $get = JRequest::get('get'); ?> <div class="sinavGirisBaslik">Meslek Standartları</div> <?php $gorev = isset($post['gorev']) ? $post['gorev'] : "goster"; $itemId = JRequest::getVar('Itemid'); $itemId = isset($itemId) ? $itemId : JRequest::getVar('prevItemId'); $itemIdStr = isset($itemId) ? '&prevItemId=' . $itemId : ''; $itemIdStrOrj = isset($itemId) ? '&Itemid=' . $itemId : ''; if ($gorev == "goster") { formGoster($itemIdStr); } else { if ($gorev == "hepsi") { captcha::check("index.php?option=com_meslek_std_ara&gorev=goster&Itemid=" . $itemId); hepsiIleListele($itemIdStrOrj); } } function formGoster($itemIdStr) { $db =& JFactory::getOracleDBO(); ?> <form action="index.php?option=com_meslek_std_ara<?php echo $itemIdStr; ?> " method="post"> <input type="hidden" value="hepsi" name="gorev" /> <table> <tr> <td width="200">Sektöre göre ara</td>
function _form_home() { global $core, $user, $style; $tree = $this->valid_tree(); if (!$tree['tree_form']) { _fatal(); } if ($tree['tree_parent']) { $sql = 'SELECT * FROM _tree WHERE tree_id = ' . (int) $tree['tree_parent']; $parent = $this->_fieldrow($sql); if ($tree['tree_level'] > 2) { $sql = 'SELECT * FROM _tree WHERE tree_id = ' . (int) $parent['tree_parent']; $subparent = $this->_fieldrow($sql); } } if ($tree['tree_node']) { $sql = 'SELECT * FROM _tree WHERE tree_id = ' . (int) $tree['tree_node']; $node = $this->_fieldrow($sql); } // $sql = 'SELECT * FROM _form_fields WHERE form_tree = ' . (int) $tree['tree_id'] . ' ORDER BY form_order'; $form = $this->_rowset($sql, 'form_alias'); if (!count($form)) { $sql = 'SELECT * FROM _form_fields WHERE form_tree = 0 ORDER BY form_order'; $form = $this->_rowset($sql, 'form_alias'); } $form['ctkey'] = array('form_required' => 1, 'form_regex' => '^([a-zA-Z]+)$', 'form_alias' => 'ctkey', 'form_type' => 'text', 'form_legend' => 'Imagen de seguridad'); if (_button()) { $va = array(); foreach ($form as $row) { $va[] = $row['form_alias']; } $v = $this->__($va); foreach ($form as $row) { if (empty($v[$row['form_alias']])) { if ($row['form_required']) { $this->error(sprintf(_lang('E_COMMENT_FIELD_EMPTY'), $row['form_legend']), false); } continue; } if (!empty($row['form_regex']) && !preg_match('#' . $row['form_regex'] . '#is', $v[$row['form_alias']])) { $this->error(sprintf(_lang('E_COMMENT_FIELD_BAD'), $row['form_legend']), false); if ($row['form_alias'] == 'ctkey') { $v[$row['form_alias']] = ''; } } } if (!$this->errors()) { include XFS . 'core/xcf.php'; $xcf = new captcha(); if ($xcf->check($v['ctkey']) === false) { $v['ctkey'] = ''; $this->error('E_COMMENT_INVALID_CAPTCHA'); } unset($xcf); } if (!$this->errors()) { include XFS . 'core/emailer.php'; $emailer = new emailer(); $v['subject'] = preg_replace('#\\&([A-Za-z]+){1}(.*?)\\;#e', "substr('\\1', 0, 1)", $v['subject']); $emailer->from($v['email']); $emailer->set_subject($v['subject']); $emailer->use_template('contact_email', $core->v('default_lang')); foreach (explode(';', $tree['tree_form_email']) as $i => $address) { $row_f = !$i ? 'email_address' : 'cc'; $emailer->{$row_f}($address); } $emailer->cc($core->v('default_email')); unset($v['ctkey']); $html = array(); foreach ($form as $row) { if (empty($v[$row['form_alias']])) { continue; } if ($row['form_alias'] == 'message') { $v['message'] = str_replace("\r\n", '<br />', $v['message']); } $html[] = '<strong>' . $row['form_legend'] . ':</strong><br />' . $v[$row['form_alias']]; } $emailer->assign_vars(array('HTML_FIELDS' => implode('<br /><br />', $html), 'FROM_USERNAME' => $v['nombre'], 'FORM_ARTICLE' => $tree['tree_subject'])); $emailer->send(); $emailer->reset(); // $style->assign_block_vars('sent', array('THANKS' => _lang('CONTACT_THANKS'))); } } if (!_button() || $this->errors()) { if ($this->errors()) { $style->assign_block_vars('error', array('MESSAGE' => error_list($this->error))); } $ff = 'form_'; $fff = 'alias|type'; $style->assign_block_vars('form', array()); foreach ($form as $row) { $style->assign_block_vars('form.row', array('ALIAS' => $row[$ff . 'alias'], 'REQUIRED' => $row[$ff . 'required'], 'LEGEND' => $row[$ff . 'legend'], 'TYPE' => $row[$ff . 'type'], 'ERROR' => isset($error[$row[$ff . 'alias']]), 'VALUE' => isset($v[$row[$ff . 'alias']]) ? $v[$row[$ff . 'alias']] : '')); foreach ($row as $row_k => $row_v) { if (preg_match('#^' . $ff . '(' . $fff . ')$#is', $row_k)) { if ($row_k == 'form_alias') { $row_k = 'name'; } $style->assign_block_vars('form.row.attrib', array('ATTRIB' => str_replace($ff, '', $row_k), 'VALUE' => $row_v)); } } } } // $s_css_page = ''; if (@file_exists('./style/css/_tree_' . $this->alias_id($tree) . '.css')) { $s_css_page = $this->alias_id($tree) . '/'; } elseif ($this->css_parent($tree)) { if (empty($tree['tree_css_var'])) { $tree['tree_css_var'] = 'parent'; } $ary_css_var = false; switch ($tree['tree_css_var']) { case 'parent': case 'subparent': case 'node': $ary_css_var = ${$tree['tree_css_var']}; break; default: if (is_numeric($tree['tree_css_var'])) { $sql = 'SELECT * FROM _tree WHERE tree_id = ' . (int) $tree['tree_css_var']; if ($css_var_row = $this->_fieldrow($sql)) { $ary_css_var = $css_var_row; } } break; } if ($ary_css_var !== false) { $s_css_page = $this->alias_id($ary_css_var) . '/'; } } // $tv = array('ADI' => $core->v('address') . 'container/images/a_' . ($this->css_parent($tree) ? $this->css_var($tree) : $tree['tree_id']) . '/', 'V_TREE' => $tree['tree_id'], 'V_CSS' => $s_css_page, 'V_SUBJECT' => $tree['tree_subject']); $this->as_vars($tv); // if ($tree['tree_alias'] != 'home') { if ($node['tree_id'] != $parent['tree_id']) { $this->navigation($node['tree_subject'], $this->alias_id($node)); } if ($tree['tree_level'] > 2) { if ($parent['tree_id'] && $node['tree_id'] && $tree['tree_level'] > 3) { $this->navigation('...'); } $this->navigation($subparent['tree_subject'], $this->alias_id($subparent)); } if ($parent['tree_id']) { $this->navigation($parent['tree_subject'], $this->alias_id($parent)); } $this->navigation($tree['tree_subject'], $this->alias_id($tree)); } //$tree['tree_subject'] = strip_tags($tree['tree_subject']); // $this->template = 'default.form'; if (!empty($tree['tree_template']) && @file_exists('./style/pages/form.' . $tree['tree_template'] . '.htm')) { $this->template = 'pages/form.' . $tree['tree_template']; } return; }
/** * * NEW ADVERTISEMENT * */ public function action_index() { //Detect early spam users, show him alert if (core::config('general.black_list') == TRUE and Model_User::is_spam(Core::post('email')) === TRUE) { Alert::set(Alert::ALERT, __('Your profile has been disable for posting, due to recent spam content! If you think this is a mistake please contact us.')); $this->redirect('default'); } //advertisement.only_admin_post if (Core::config('advertisement.only_admin_post') == 1 and (!Auth::instance()->logged_in() or Auth::instance()->logged_in() and Auth::instance()->get_user()->id_role != Model_Role::ROLE_ADMIN)) { $this->redirect('default'); } if (Core::post('ajaxValidateCaptcha')) { $this->auto_render = FALSE; $this->template = View::factory('js'); if (captcha::check('publish_new', TRUE)) { $this->template->content = 'true'; } else { $this->template->content = 'false'; } return; } //template header $this->template->title = __('Publish new advertisement'); $this->template->meta_description = __('Publish new advertisement'); $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen', 'css/jasny-bootstrap.min.css' => 'screen', '//cdn.jsdelivr.net/sweetalert/0.1.2/sweet-alert.min.css' => 'screen'); $this->template->scripts['footer'][] = 'js/jquery.sceditor.bbcode.min.js'; $this->template->scripts['footer'][] = 'js/jasny-bootstrap.min.js'; $this->template->scripts['footer'][] = 'js/jquery.chained.min.js'; $this->template->scripts['footer'][] = '//cdn.jsdelivr.net/sweetalert/0.1.2/sweet-alert.min.js'; $this->template->scripts['footer'][] = '//cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.10/ouibounce.min.js'; if (core::config('advertisement.map_pub_new')) { $this->template->scripts['footer'][] = '//maps.google.com/maps/api/js?sensor=false&libraries=geometry&v=3.7'; $this->template->scripts['footer'][] = '//cdn.jsdelivr.net/gmaps/0.4.15/gmaps.min.js'; } $this->template->scripts['footer'][] = 'js/new.js?v=' . Core::VERSION; // redirect to login, if conditions are met if (core::config('advertisement.login_to_post') == TRUE and !Auth::instance()->logged_in()) { Alert::set(Alert::INFO, __('Please, login before posting advertisement!')); HTTP::redirect(Route::url('oc-panel', array('controller' => 'auth', 'action' => 'login'))); } //find all, for populating form select fields $categories = Model_Category::get_as_array(); $order_categories = Model_Category::get_multidimensional(); $order_parent_deep = Model_Category::get_by_deep(); // NO categories redirect ADMIN to categories panel if (count($order_categories) == 0) { if (Auth::instance()->logged_in() and Auth::instance()->get_user()->id_role == Model_Role::ROLE_ADMIN) { Alert::set(Alert::INFO, __('Please, first create some categories.')); $this->redirect(Route::url('oc-panel', array('controller' => 'category', 'action' => 'index'))); } else { Alert::set(Alert::INFO, __('Posting advertisements is not yet available.')); $this->redirect('default'); } } //get locations $locations = Model_Location::get_as_array(); $order_locations = Model_Location::get_multidimensional(); $loc_parent_deep = Model_Location::get_by_deep(); // bool values from DB, to show or hide this fields in view $form_show = array('captcha' => core::config('advertisement.captcha'), 'website' => core::config('advertisement.website'), 'phone' => core::config('advertisement.phone'), 'location' => core::config('advertisement.location'), 'address' => core::config('advertisement.address'), 'price' => core::config('advertisement.price')); $id_category = NULL; $selected_category = new Model_Category(); //if theres a category by post or by get if (Core::request('category') !== NULL) { if (is_numeric(Core::request('category'))) { $selected_category->where('id_category', '=', core::request('category'))->limit(1)->find(); } else { $selected_category->where('seoname', '=', core::request('category'))->limit(1)->find(); } if ($selected_category->loaded()) { $id_category = $selected_category->id_category; } } $id_location = NULL; $selected_location = new Model_Location(); //if theres a location by post or by get if (Core::request('location') !== NULL) { if (is_numeric(Core::request('location'))) { $selected_location->where('id_location', '=', core::request('location'))->limit(1)->find(); } else { $selected_location->where('seoname', '=', core::request('location'))->limit(1)->find(); } if ($selected_location->loaded()) { $id_location = $selected_location->id_location; } } //render view publish new $this->template->content = View::factory('pages/ad/new', array('categories' => $categories, 'order_categories' => $order_categories, 'order_parent_deep' => $order_parent_deep, 'locations' => $locations, 'order_locations' => $order_locations, 'loc_parent_deep' => $loc_parent_deep, 'form_show' => $form_show, 'id_category' => $id_category, 'selected_category' => $selected_category, 'id_location' => $id_location, 'selected_location' => $selected_location, 'fields' => Model_Field::get_all())); if ($this->request->post()) { if (captcha::check('publish_new')) { $data = $this->request->post(); $validation = Validation::factory($data); //validate location since its optional if (core::config('advertisement.location')) { if (count($locations) > 1) { $validation = $validation->rule('location', 'not_empty')->rule('location', 'digit'); } } //user is not logged in validate input if (!Auth::instance()->logged_in()) { $validation = $validation->rule('email', 'not_empty')->rule('email', 'email')->rule('name', 'not_empty')->rule('name', 'min_length', array(':value', 2))->rule('name', 'max_length', array(':value', 145)); } if ($validation->check()) { // User detection, if doesnt exists create if (!Auth::instance()->logged_in()) { $user = Model_User::create_email(core::post('email'), core::post('name')); } else { $user = Auth::instance()->get_user(); } //to make it backward compatible with older themes: UGLY!! if (isset($data['category']) and is_numeric($data['category'])) { $data['id_category'] = $data['category']; unset($data['category']); } if (isset($data['location']) and is_numeric($data['location'])) { $data['id_location'] = $data['location']; unset($data['location']); } //lets create!! $return = Model_Ad::new_ad($data, $user); //there was an error on the validation if (isset($return['validation_errors']) and is_array($return['validation_errors'])) { foreach ($return['validation_errors'] as $f => $err) { Alert::set(Alert::ALERT, $err); } } elseif (isset($return['error'])) { Alert::set($return['error_type'], $return['error']); } elseif (isset($return['message']) and isset($return['ad'])) { $new_ad = $return['ad']; // IMAGE UPLOAD $filename = NULL; for ($i = 0; $i < core::config('advertisement.num_images'); $i++) { if (isset($_FILES['image' . $i])) { $filename = $new_ad->save_image($_FILES['image' . $i]); } if ($filename) { $new_ad->has_images++; } } //since theres images save the ad again... if ($new_ad->has_images > 0) { try { $new_ad->save(); } catch (Exception $e) { throw HTTP_Exception::factory(500, $e->getMessage()); } } Alert::set(Alert::SUCCESS, $return['message']); //redirect user if (isset($return['checkout_url']) and !empty($return['checkout_url'])) { $this->redirect($return['checkout_url']); } else { $this->redirect(Route::url('default', array('action' => 'thanks', 'controller' => 'ad', 'id' => $new_ad->id_ad))); } } } else { $errors = $validation->errors('ad'); foreach ($errors as $f => $err) { Alert::set(Alert::ALERT, $err); } } } else { Alert::set(Alert::ALERT, __('Captcha is not correct')); } } }
$can_edit = true; } // Is participant. dbi_free_result($res); } else { $error = $dberror . dbi_error(); } } if (!$can_edit && empty($error)) { $error = print_not_auth(6); } // CAPTCHA if (file_exists('includes/classes/captcha/captcha.php') && $login == '__public__' && !empty($ENABLE_CAPTCHA) && $ENABLE_CAPTCHA == 'Y') { if (function_exists('imagecreatetruecolor')) { include_once 'includes/classes/captcha/captcha.php'; $res = captcha::check(); if (!$res) { $error = translate('You must enter the anti-spam text on the previous page.'); } } else { // Should have seen warning on edit_entry.php, so no warning here... } } // If display of participants is disabled, set the participant list // to the event creator. This also works for single-user mode. // Basically, if no participants were selected (because there // was no selection list available in the form or because the user // refused to select any participant from the list), then we will // assume the only participant is the current user. if (empty($participants[0])) { $participants[0] = $login;
function display($tpl = null) { global $mainframe; $user =& JFactory::getUser(); $group_id = T3_GROUP_ID; $group_id2 = MS_SEKTOR_SORUMLUSU_GROUP_ID; $group_id3 = YET_SEKTOR_SORUMLUSU_GROUP_ID; $group_id4 = YT3_GROUP_ID; $message = YETKI_MESAJ; $aut = FormFactory2::checkAuthorization($user, $group_id); $aut2 = FormFactory2::checkAuthorization($user, $group_id2); $aut3 = FormFactory2::checkAuthorization($user, $group_id3); $aut4 = FormFactory2::checkAuthorization($user, $group_id4); $user_id = $user->getOracleUserId(); $redirect = "index.php?option=com_sertifika_sorgula&view=sertifika_sorgula"; $model =& $this->getModel(); $layout = JRequest::getVar("layout"); $kimlik_no = $_POST["kimlik_no"]; if ($_GET['tarih']) { $tarih = $_GET['tarih']; } else { $tarih = $_POST["tarih"]; } if ($_GET['userId']) { $kurulus = $_GET['userId']; } else { if (!empty($_POST["kurulus_id"]) || $aut2 || $aut3) { $kurulus = $_POST["kurulus_id"]; } else { if ($aut || $aut4) { $kurulus = $user_id; } } } $yeterlilik = $_POST["yet_id"]; //SORGU SONUC if (isset($layout) && $layout == "sorgu_sonuc") { //Captcha if ($user_id == null || empty($user_id)) { captcha::check($redirect); } //Kimlik No if (empty($kimlik_no) && empty($kurulus) && empty($tarih) && empty($yeterlilik)) { JError::raiseWarning(100, "Lütfen Gerekli Alanlardan En Az Birini Doldurunuz."); $mainframe->redirect($redirect); } else { if (!empty($kimlik_no) && !empty($kurulus) && !empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByHepsi($kimlik_no, $kurulus, $tarih, $yeterlilik); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && !empty($kurulus) && !empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByTCKURTAR($kimlik_no, $kurulus, $tarih); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && !empty($kurulus) && empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByTCKURYET($kimlik_no, $kurulus, $yeterlilik); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && empty($kurulus) && !empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByTCTARYET($kimlik_no, $tarih, $yeterlilik); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && !empty($kurulus) && !empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByKURTARYET($kurulus, $tarih, $yeterlilik); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && !empty($kurulus) && empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByKURYET($kurulus, $yeterlilik); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && !empty($kurulus) && !empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByKURTAR($kurulus, $tarih); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && !empty($kurulus) && empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByKURTC($kurulus, $kimlik_no); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && empty($kurulus) && !empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByYETTAR($yeterlilik, $tarih); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && empty($kurulus) && empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByYETTC($yeterlilik, $kimlik_no); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && empty($kurulus) && !empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByTARTC($tarih, $kimlik_no); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && empty($kurulus) && empty($tarih) && !empty($yeterlilik)) { $data = $model->getBelgeDataByYeterlilik($yeterlilik); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && empty($kurulus) && !empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByTarih($tarih); $this->assignRef('data', $data); } else { if (empty($kimlik_no) && !empty($kurulus) && empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByKurulus($kurulus); $this->assignRef('data', $data); } else { if (!empty($kimlik_no) && empty($kurulus) && empty($tarih) && empty($yeterlilik)) { $data = $model->getBelgeDataByTcKimlikNo($kimlik_no); $this->assignRef('data', $data); } } } } } } } } } } } } } } } } } $session =& JFactory::getSession(); $session->set('data', $data); $kuruluslar = $model->getKurulus(); $yeterlilikler = $model->getYeterlilik(); $this->assignRef('kuruluslar', $kuruluslar); $this->assignRef('yeterlilik', $yeterlilikler); $kullanici1 = 1; $kullanici2 = 2; $kullanici3 = 3; if ($aut || $aut4) { $this->assignRef('user', $kullanici1); } else { if ($aut2 || $aut3) { $this->assignRef('user', $kullanici2); } else { $this->assignRef('user', $kullanici3); } } parent::display($tpl); }
function check($form) { $xml = new xml($form); $res = $xml->query('.//field[@check]', $form); $pswd = null; foreach ($res as $field) { $val = param($field->getAttribute('name')); switch ($field->getAttribute('type')) { case 'file': if (strstr($field->getAttribute('check'), 'empty') && count($_FILES) == 0) { $this->err('The file is not attached'); } if ($field->getAttribute('accept') && count($_FILES) > 0 && ($files = $_FILES[$field->getAttribute('name')])) { $arrAccept = explode(',', $field->getAttribute('accept')); switch (is_array($files['error'])) { case true: foreach ($files['error'] as $i => $code) { if ($code == 0 && !in_array($files['type'][$i], $arrAccept)) { $this->err('Invalid format of attached file. File name is "' . $files['name'][$i] . '"'); } if ($code == 0 && ($maxSize = $field->getAttribute('maxFileSize')) && $files['size'][$i] > $maxSize) { $this->err('Exceeded the allowable size of the file. File name is "' . $files['name'][$i] . '"'); } } break; case false: if ($files['error'] == 0 && !in_array($files['type'], $arrAccept)) { $this->err('Invalid format of attached file'); } if ($files['error'] == 0 && ($maxSize = $field->getAttribute('maxFileSize')) && $files['size'] > $maxSize) { $this->err('Exceeded the allowable size of the uploaded file'); } break; } } break; case 'password': if (!$pswd && $field->getAttribute('name') == 'password') { $pswd = $val; } if (isset($pswd) && $field->getAttribute('name') == 'password-check' && $pswd != $val) { $this->err('The entered passwords do not match'); } if (strstr($field->getAttribute('check'), 'empty') && !$val) { $this->err('Field "' . $field->getAttribute('label') . '" is not filled'); } break; case 'email': if ($val && !mymail::isEmail($val)) { $this->err('E-mail in field "' . $field->getAttribute('label') . '" incorrectly'); } break; case 'checkbox': case 'radio': if (!$val) { $this->err('Field "' . $field->getAttribute('label') . '" not observed'); } break; default: $mysql = new mysql(); if ($field->getAttribute('login') && ($res = $mysql->query("SELECT `login` FROM `" . $mysql->getTableName($form->getAttribute('dbTable')) . "` WHERE `login`='" . ($val ? $val : null) . "'", true))) { $this->err('A user with this login ' . $val . ' already exists.'); } if ($field->getAttribute('type') != 'captcha') { if (strstr($field->getAttribute('check'), 'empty') && !$val) { $this->err('Field "' . $field->getAttribute('label') . '" is not filled'); } } else { if ($field->getAttribute('show') && strstr($field->getAttribute('check'), 'empty') && !$val) { $this->err('Field "' . $field->getAttribute('label') . '" is not filled'); } } } } if ($this->hasCaptcha($form)) { $captcha = new captcha(); $captcha->setParamName('captcha'); if (!$captcha->check()) { $this->err('The result of the expression in the image incorrectly'); } } return $this->hasErrors(); }
//////////////////////////////////////////////////////////////////////////////////////////////////////// require 'lib/_start.php'; //////////////////////////////////////////////////////////// SYSTEMSTART /// //////////////////////////////////////////////////////////////////////////////////////////////////////// $apx->module('links'); $apx->lang->drop('send'); headline($apx->lang->get('HEADLINE'), mklink('sendlink.php', 'sendlink.html')); titlebar($apx->lang->get('HEADLINE')); //////////////////////////////////////////////////////////////////////////////////////////////////////// if ($_POST['send']) { list($spam) = $db->first("SELECT addtime FROM " . PRE . "_links WHERE send_ip='" . get_remoteaddr() . "' ORDER BY addtime DESC"); //Captcha prüfen if ($set['links']['captcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchafailed = $captcha->check(); } if ($captchafailed) { message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()'); } elseif (!$_POST['send_username'] && !$user->info['userid'] || !$_POST['catid'] || !$_POST['title'] || !$_POST['url'] || !$_POST['text']) { message('back'); } elseif ($spam + $set['links']['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_BLOCKSPAM', array('SEC' => $spam + $set['links']['spamprot'] * 60 - time())), 'back'); } else { if ($user->info['userid']) { $_POST['userid'] = $user->info['userid']; $_POST['send_username'] = $_POST['send_email'] = ''; } else { $_POST['userid'] = 0; } $_POST['addtime'] = time();
/** * * NEW ADVERTISEMENT * */ public function action_index() { //advertisement.only_admin_post if (Core::config('advertisement.only_admin_post') == TRUE and (!Auth::instance()->logged_in() or Auth::instance()->logged_in() and !$this->user->is_admin())) { $this->redirect(Route::url('default')); } elseif ((Core::config('advertisement.login_to_post') == TRUE or Core::config('payment.stripe_connect') == TRUE or Core::config('general.subscriptions') == TRUE) and !Auth::instance()->logged_in()) { Alert::set(Alert::INFO, __('Please, login before posting advertisement!')); HTTP::redirect(Route::url('oc-panel', array('controller' => 'auth', 'action' => 'login')) . '?auth_redirect=' . URL::current()); } elseif (core::config('general.black_list') == TRUE and Model_User::is_spam(Core::post('email')) === TRUE) { Alert::set(Alert::ALERT, __('Your profile has been disable for posting, due to recent spam content! If you think this is a mistake please contact us.')); $this->redirect(Route::url('default')); } elseif (Core::config('payment.stripe_connect') == TRUE and empty($this->user->stripe_user_id)) { Alert::set(Alert::INFO, __('Please, connect with Stripe')); $this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'edit'))); } elseif (Core::config('general.subscriptions') == TRUE and Theme::get('premium') == TRUE) { $subscription = $this->user->subscription(); //if theres no subscription or expired or without free ads if (!$subscription->loaded() or $subscription->loaded() and (Date::mysql2unix($subscription->expire_date) < time() or $subscription->amount_ads_left == 0)) { Alert::set(Alert::INFO, __('Please, choose a plan first')); HTTP::redirect(Route::url('pricing')); } } //validates captcha if (Core::post('ajaxValidateCaptcha')) { $this->auto_render = FALSE; $this->template = View::factory('js'); if (captcha::check('publish_new', TRUE)) { $this->template->content = 'true'; } else { $this->template->content = 'false'; } return; } Controller::$full_width = TRUE; //template header $this->template->title = __('Publish new advertisement'); $this->template->meta_description = __('Publish new advertisement'); $this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen', 'css/jasny-bootstrap.min.css' => 'screen', '//cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.1/css/selectize.bootstrap3.min.css' => 'screen', '//cdn.jsdelivr.net/sweetalert/1.1.3/sweetalert.css' => 'screen'); $this->template->scripts['footer'][] = 'js/jquery.sceditor.bbcode.min.js'; $this->template->scripts['footer'][] = 'js/jasny-bootstrap.min.js'; $this->template->scripts['footer'][] = '//cdn.jsdelivr.net/sweetalert/1.1.3/sweetalert.min.js'; $this->template->scripts['footer'][] = '//cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.1/js/standalone/selectize.min.js'; $this->template->scripts['footer'][] = '//cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.10/ouibounce.min.js'; $this->template->scripts['footer'][] = 'js/canvasResize.js'; if (core::config('advertisement.map_pub_new')) { $this->template->scripts['async_defer'][] = '//maps.google.com/maps/api/js?libraries=geometry&v=3&key=' . core::config("advertisement.gm_api_key") . '&callback=initLocationsGMap'; } $this->template->scripts['footer'][] = 'js/new.js?v=' . Core::VERSION; $categories = new Model_Category(); $categories = $categories->where('id_category_parent', '=', '1'); // NO categories redirect ADMIN to categories panel if ($categories->count_all() == 0) { if (Auth::instance()->logged_in() and Auth::instance()->get_user()->is_admin()) { Alert::set(Alert::INFO, __('Please, first create some categories.')); $this->redirect(Route::url('oc-panel', array('controller' => 'category', 'action' => 'index'))); } else { Alert::set(Alert::INFO, __('Posting advertisements is not yet available.')); $this->redirect(Route::url('default')); } } //get locations $locations = new Model_Location(); $locations = $locations->where('id_location', '!=', '1'); // bool values from DB, to show or hide this fields in view $form_show = array('captcha' => core::config('advertisement.captcha'), 'website' => core::config('advertisement.website'), 'phone' => core::config('advertisement.phone'), 'location' => core::config('advertisement.location'), 'description' => core::config('advertisement.description'), 'address' => core::config('advertisement.address'), 'price' => core::config('advertisement.price')); $id_category = NULL; $selected_category = new Model_Category(); //if theres a category by post or by get if (Core::request('category') !== NULL) { if (is_numeric(Core::request('category'))) { $selected_category->where('id_category', '=', core::request('category'))->limit(1)->find(); } else { $selected_category->where('seoname', '=', core::request('category'))->limit(1)->find(); } if ($selected_category->loaded()) { $id_category = $selected_category->id_category; } } $id_location = NULL; $selected_location = new Model_Location(); //if theres a location by post or by get if (Core::request('location') !== NULL) { if (is_numeric(Core::request('location'))) { $selected_location->where('id_location', '=', core::request('location'))->limit(1)->find(); } else { $selected_location->where('seoname', '=', core::request('location'))->limit(1)->find(); } if ($selected_location->loaded()) { $id_location = $selected_location->id_location; } } //render view publish new $this->template->content = View::factory('pages/ad/new', array('form_show' => $form_show, 'id_category' => $id_category, 'selected_category' => $selected_category, 'id_location' => $id_location, 'selected_location' => $selected_location, 'fields' => Model_Field::get_all())); if ($this->request->post()) { if (captcha::check('publish_new')) { $data = $this->request->post(); $validation = Validation::factory($data); //validate location since its optional if (core::config('advertisement.location')) { if ($locations->count_all() > 1) { $validation = $validation->rule('location', 'not_empty')->rule('location', 'digit'); } } //user is not logged in validate input if (!Auth::instance()->logged_in()) { $validation = $validation->rule('email', 'not_empty')->rule('email', 'email')->rule('email', 'email_domain')->rule('name', 'not_empty')->rule('name', 'min_length', array(':value', 2))->rule('name', 'max_length', array(':value', 145)); } // Optional banned words validation if (core::config('advertisement.validate_banned_words')) { $validation = $validation->rule('title', 'no_banned_words'); $validation = $validation->rule('description', 'no_banned_words'); } if ($validation->check()) { // User detection, if doesnt exists create if (!Auth::instance()->logged_in()) { $user = Model_User::create_email(core::post('email'), core::post('name')); } else { $user = Auth::instance()->get_user(); } //to make it backward compatible with older themes: UGLY!! if (isset($data['category']) and is_numeric($data['category'])) { $data['id_category'] = $data['category']; unset($data['category']); } if (isset($data['location']) and is_numeric($data['location'])) { $data['id_location'] = $data['location']; unset($data['location']); } //lets create!! $return = Model_Ad::new_ad($data, $user); //there was an error on the validation if (isset($return['validation_errors']) and is_array($return['validation_errors'])) { foreach ($return['validation_errors'] as $f => $err) { Alert::set(Alert::ALERT, $err); } } elseif (isset($return['error'])) { Alert::set($return['error_type'], $return['error']); } elseif (isset($return['message']) and isset($return['ad'])) { $new_ad = $return['ad']; // IMAGE UPLOAD $filename = NULL; for ($i = 0; $i < core::config('advertisement.num_images'); $i++) { if (Core::post('base64_image' . $i)) { $filename = $new_ad->save_base64_image(Core::post('base64_image' . $i)); } elseif (isset($_FILES['image' . $i])) { $filename = $new_ad->save_image($_FILES['image' . $i]); } } Alert::set(Alert::SUCCESS, $return['message']); //redirect user if (isset($return['checkout_url']) and !empty($return['checkout_url'])) { $this->redirect($return['checkout_url']); } else { $this->redirect(Route::url('default', array('action' => 'thanks', 'controller' => 'ad', 'id' => $new_ad->id_ad))); } } } else { $errors = $validation->errors('ad'); foreach ($errors as $f => $err) { Alert::set(Alert::ALERT, $err); } } } else { Alert::set(Alert::ALERT, __('Captcha is not correct')); } } }
/** * 登录处理 */ public function doLogAction() { $account = safe::filterPost('account'); $password = $_POST['password']; $captcha = safe::filterPost('captcha', '/^[a-zA-Z]{4}$/'); $data = array('errorCode' => 0); $captchaObj = new captcha(); if ($account == '') { $data['errorCode'] = 1; } else { if ($password == '') { $data['errorCode'] = 2; } else { if ($captcha == '') { $data['errorCode'] = 3; } else { if (!$captchaObj->check($captcha)) { //验证码是否正确 $data['errorCode'] = 4; } else { $userModel = new UserModel(); $userData = $userModel->checkUser($account, $password); if (empty($userData)) { //账户密码错误 $data['errorCode'] = 5; } else { //登录成功 $checkRight = new checkRight(); $checkRight->loginAfter($userData); } } } } } $data['returnUrl'] = isset($_POST['callback']) && $_POST['callback'] != '' ? trim($_POST['callback']) : url::createUrl('/'); echo JSON::encode($data); return false; }
<?php defined('_JEXEC') or die('Restricted access'); require_once 'libraries/form/captcha.php'; $document =& JFactory::getDocument(); $document->addScript(SITE_URL . '/templates/elegance/js/paginate.min.js'); $document->addScript(SITE_URL . '/templates/elegance/js/tablesort.min.js'); global $mainframe; $session =& JFactory::getSession(); captcha::check("index.php?option=com_chronocontact&Itemid=195"); //Security Code Check //////////////////////////////////////////////////// //$code = $session->get('security_code'); //$v_code = JRequest::getVar('verify_code'); //if(($code != $v_code )) { // $message = "Doğrulama Kodunu yanlış girdiniz. Lütfen tekrar deneyin."; // $mainframe->redirect("index.php?option=com_chronocontact&Itemid=195", $message); //} ////////////////////////////////////////////////// if (!isset($_POST['kimlik_no'])) { echo "Hata oluştu."; } else { $kimlikNo = $_POST['kimlik_no']; $db =& JFactory::getOracleDBO(); $sonuclar = kimlikNoIleAraGenel($db, $kimlikNo); $rv = sinavSonuclariniGoster($sonuclar); if ($rv == -1) { echo '<div class="sonucBulunamadi">Sonuç bulunamadı.</div>'; } } /*function OgrBilgi($sinavsonuc, $ogr, $rowCount, $rowClass){
/** * add a repply to a topic * @param Model_Post $topic * @param Model_Forum $forum */ public function add_topic_reply(Model_Post $topic, Model_Forum $forum) { //if loged in add styles and check for post if (Auth::instance()->logged_in()) { $this->template->styles = array('css/jquery.sceditor.min.css' => 'screen'); $this->template->scripts['footer'] = array('js/jquery.sceditor.min.js?v=144', 'js/jquery.sceditor.bbcode.min.js', 'js/forum-new.js'); $errors = NULL; if ($this->request->post()) { //captcha check if (captcha::check('new-reply-topic')) { $user = Auth::instance()->get_user(); //akismet spam filter if (!core::akismet($user->name, $user->email, core::post('description'))) { $validation = Validation::factory($this->request->post())->rule('description', 'not_empty')->rule('description', 'max_length', array(':value', 1000))->rule('description', 'min_length', array(':value', 5)); if ($validation->check()) { $reply = new Model_Post(); $reply->id_user = $user->id_user; $reply->id_forum = $forum->id_forum; $reply->id_post_parent = $topic->id_post; $reply->title = mb_substr(core::post('description'), 0, 145); $reply->seotitle = $reply->gen_seotitle($reply->title); $reply->description = Text::banned_words(core::post('description')); $reply->status = Model_Post::STATUS_ACTIVE; $reply->ip_address = ip2long(Request::$client_ip); $reply->save(); //set empty since they already replied Request::current()->post('description', ''); Alert::set(Alert::SUCCESS, __('Reply added, thanks!')); } else { $errors = $validation->errors('ad'); } } else { Alert::set(Alert::ERROR, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Check the form for errors')); } } return $errors; } }
public function action_userprofile_contact() { $user = new Model_User($this->request->param('id')); //message to user if ($user->loaded() and $this->request->post()) { if (captcha::check('contact')) { //check if user is loged in if (Auth::instance()->logged_in()) { $email_from = Auth::instance()->get_user()->email; $name_from = Auth::instance()->get_user()->name; } else { $email_from = core::post('email'); $name_from = core::post('name'); } //akismet spam filter if (!core::akismet($name_from, $email_from, core::post('message'))) { if (core::config('general.messaging')) { $ret = Model_Message::send_user(core::post('message'), $this->user->id_user, $user->id_user); if ($ret !== FALSE) { $user->email('messaging-user-contact', array('[FROM.NAME]' => $this->user->name, '[TO.NAME]' => $user->name, '[DESCRIPTION]' => core::post('message'), '[URL.QL]' => $user->ql('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => $ret->id_message)))); } } else { $ret = $user->email('user-profile-contact', array('[EMAIL.BODY]' => core::post('message'), '[EMAIL.SENDER]' => $name_from, '[EMAIL.SUBJECT]' => core::post('subject'), '[EMAIL.FROM]' => $email_from), $email_from, core::post('name')); } //if succesfully sent if ($ret) { Alert::set(Alert::SUCCESS, __('Your message has been sent')); } else { Alert::set(Alert::ERROR, __('Message not sent')); } } else { Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.')); } } else { Alert::set(Alert::ERROR, __('Captcha is not correct')); } HTTP::redirect(Route::url('profile', array('seoname' => $user->seoname))); } }