function _cbadmin_emailUsers( &$rows, $emailSubject, $emailBody, $limitstart, $limit, $total, $simulationMode ) {
global $_PLUGINS;
// simple spoof check security
cbSpoofCheck( 'cbadmingui' );
cbRegAntiSpamCheck();
$cbNotification = new cbNotification();
$mode = 1; // html
$usernames = '';
foreach ( $rows as $row ) {
$user = CBuser::getUserDataInstance( (int) $row->id );
$usernames .= ( $usernames ? ', ' : '' ) . htmlspecialchars( $user->username );
if ( $simulationMode ) {
$usernames .= ' (' . htmlspecialchars( CBTxt::T('email not send: simulation mode') ) . ')';
} else {
$extraStrings = array();
$_PLUGINS->trigger( 'onBeforeBackendUserEmail', array( &$user, &$emailSubject, &$emailBody, $mode, &$extraStrings, $simulationMode ) );
if ( ! $cbNotification->sendFromSystem( $user, $emailSubject, $this->_cbadmin_makeLinksAbsolute( $emailBody ), true, $mode, null, null, null, $extraStrings, false ) ) {
$usernames .= ': <span class="cb_result_error">' . htmlspecialchars( CBTxt::T('Error sending email!') ) . '</span>';
}
}
}
if ( $total < $limit ) {
$limit = $total;
}
ob_start();
$usersView = _CBloadView( 'users' );
$usersView->ajaxResults( $usernames, $emailSubject, $this->_cbadmin_makeLinksAbsolute( $emailBody ), $limitstart, $limit, $total );
$html = ob_get_contents();
ob_end_clean();
$reply = array( 'result' => 1,
'htmlcontent' => $html );
if ( ! ( $total - ( $limitstart + $limit ) > 0 ) ) {
$reply['result'] = 2;
}
echo json_encode( $reply );
sleep(3);
}
/**
* Activates a user
* user plugins must have been loaded
*
* @param UserTable $user
* @param int $ui 1=frontend, 2=backend, 0=no UI: machine-machine UI
* @param string $cause (one of: 'UserRegistration', 'UserConfirmation', 'UserApproval', 'NewUser', 'UpdateUser')
* @param boolean $mailToAdmins true if the standard new-user email should be sent to admins if moderator emails are enabled
* @param boolean $mailToUser true if the welcome new user email (from CB config) should be sent to the new user
* @param boolean $triggerBeforeActivate
* @return array Texts to display
*/
function activateUser(&$user, $ui, $cause, $mailToAdmins = true, $mailToUser = true, $triggerBeforeActivate = true)
{
global $ueConfig, $_PLUGINS;
static $notificationsSent = array();
$activate = $user->confirmed && $user->approved == 1;
$showSysMessage = true;
$savedLanguage = CBTxt::setLanguage($user->getUserLanguage());
$messagesToUser = getActivationMessage($user, $cause);
CBTxt::setLanguage($savedLanguage);
if ($cause == 'UserConfirmation' && $user->approved == 0) {
$activate = false;
$msg = array('emailAdminSubject' => array('sys' => CBTxt::T('UE_REG_ADMIN_PA_SUB', 'ACTION REQUIRED! New user sign up request pending approval')), 'emailAdminMessage' => array('sys' => CBTxt::T('UE_REG_ADMIN_PA_MSG', "A new user has signed up at [SITEURL] and requires approval.\nThis email contains their details\n\nName - [NAME]\nE-mail - [EMAILADDRESS]\nUsername - [USERNAME]\n\n\nPlease do not respond to this message as it is automatically generated and is for informational purposes only.\n")), 'emailUserSubject' => array(), 'emailUserMessage' => array());
} elseif ($user->confirmed == 0) {
$msg = array('emailAdminSubject' => array(), 'emailAdminMessage' => array());
$savedLanguage = CBTxt::setLanguage($user->getUserLanguage());
$msg['emailUserSubject'] = array('sys' => CBTxt::T(stripslashes($ueConfig['reg_pend_appr_sub'])));
$msg['emailUserMessage'] = array('sys' => CBTxt::T(stripslashes($ueConfig['reg_pend_appr_msg'])));
CBTxt::setLanguage($savedLanguage);
} elseif ($cause == 'SameUserRegistrationAgain') {
$activate = false;
$msg = array('emailAdminSubject' => array(), 'emailAdminMessage' => array(), 'emailUserSubject' => array(), 'emailUserMessage' => array());
} elseif ($user->confirmed && !($user->approved == 1)) {
$msg = array('emailAdminSubject' => array('sys' => CBTxt::T('UE_REG_ADMIN_PA_SUB', 'ACTION REQUIRED! New user sign up request pending approval')), 'emailAdminMessage' => array('sys' => CBTxt::T('UE_REG_ADMIN_PA_MSG', "A new user has signed up at [SITEURL] and requires approval.\nThis email contains their details\n\nName - [NAME]\nE-mail - [EMAILADDRESS]\nUsername - [USERNAME]\n\n\nPlease do not respond to this message as it is automatically generated and is for informational purposes only.\n")));
$savedLanguage = CBTxt::setLanguage($user->getUserLanguage());
$msg['emailUserSubject'] = array('sys' => CBTxt::T(stripslashes($ueConfig['reg_pend_appr_sub'])));
$msg['emailUserMessage'] = array('sys' => CBTxt::T(stripslashes($ueConfig['reg_pend_appr_msg'])));
CBTxt::setLanguage($savedLanguage);
} elseif ($user->confirmed && $user->approved == 1) {
$msg = array('emailAdminSubject' => array('sys' => CBTxt::T('UE_REG_ADMIN_SUB', 'New user sign up')), 'emailAdminMessage' => array('sys' => CBTxt::T('UE_REG_ADMIN_MSG', "A new user has signed up at [SITEURL].\nThis email contains their details\n\nName - [NAME]\nE-mail - [EMAILADDRESS]\nUsername - [USERNAME]\n\n\nPlease do not respond to this message as it is automatically generated and is for information purposes only.\n")));
$savedLanguage = CBTxt::setLanguage($user->getUserLanguage());
$msg['emailUserSubject'] = array('sys' => CBTxt::T(stripslashes($ueConfig['reg_welcome_sub'])));
$msg['emailUserMessage'] = array('sys' => CBTxt::T(stripslashes($ueConfig['reg_welcome_msg'])));
CBTxt::setLanguage($savedLanguage);
}
$msg['messagesToUser'] = $messagesToUser;
if ($triggerBeforeActivate) {
$results = $_PLUGINS->trigger('onBeforeUserActive', array(&$user, $ui, $cause, $mailToAdmins, $mailToUser));
if ($_PLUGINS->is_errors() && $ui != 0) {
echo $_PLUGINS->getErrorMSG('<br />');
}
foreach ($results as $res) {
if (is_array($res)) {
$activate = $activate && $res['activate'];
$mailToAdmins = $mailToAdmins && $res['mailToAdmins'];
$mailToUser = $mailToUser && $res['mailToUser'];
$showSysMessage = $showSysMessage && $res['showSysMessage'];
foreach (array_keys($msg) as $key) {
if (isset($res[$key]) && $res[$key]) {
array_push($msg[$key], $res[$key]);
}
}
}
}
if (!($mailToAdmins && $ueConfig['moderatorEmail'] == 1)) {
unset($msg['emailAdminSubject']['sys']);
unset($msg['emailAdminMessage']['sys']);
}
if (!$mailToUser) {
unset($msg['emailUserSubject']['sys']);
unset($msg['emailUserMessage']['sys']);
}
if (!$showSysMessage) {
unset($msg['messagesToUser']['sys']);
}
}
if ($activate) {
$user->block = 0;
$user->storeBlock(false);
$user->removeActivationCode();
}
if ($activate) {
$_PLUGINS->trigger('onUserActive', array(&$user, $ui, $cause, $mailToAdmins, $mailToUser));
if ($_PLUGINS->is_errors() && $ui != 0) {
$msg['messagesToUser'] = $_PLUGINS->getErrorMSG('<br />') . $msg['messagesToUser'];
}
}
if (!isset($notificationsSent[$user->id][$user->confirmed][$user->approved][$user->block])) {
// in case done several times (e.g. plugins), avoid resending messages.
$cbNotification = new cbNotification();
if ($ueConfig['moderatorEmail'] && count($msg['emailAdminMessage'])) {
$pwd = $user->password;
$user->password = null;
$cbNotification->sendToModerators(implode(', ', $msg['emailAdminSubject']), $cbNotification->_replaceVariables(implode('\\n\\n', $msg['emailAdminMessage']), $user));
$user->password = $pwd;
}
if (count($msg['emailUserMessage'])) {
$cbNotification->sendFromSystem($user, implode(', ', $msg['emailUserSubject']), implode('\\n\\n', $msg['emailUserMessage']), true, isset($ueConfig['reg_email_html']) ? (int) $ueConfig['reg_email_html'] : 0);
}
$notificationsSent[$user->id][$user->confirmed][$user->approved][$user->block] = true;
}
return $msg['messagesToUser'];
}
/**
* Prepares field data for saving to database (safe transfer from $postdata to $user)
* Override
*
* @param FieldTable $field
* @param UserTable $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit)
* @param array $postdata Typically $_POST (but not necessarily), filtering required.
* @param string $reason 'edit' for save profile edit, 'register' for registration, 'search' for searches
*/
public function prepareFieldDataSave(&$field, &$user, &$postdata, $reason)
{
global $_CB_framework, $_FILES;
$this->_prepareFieldMetaSave($field, $user, $postdata, $reason);
$col = $field->name;
$colapproved = $col . 'approved';
$col_choice = $col . '__choice';
$col_file = $col . '__file';
$col_gallery = $col . '__gallery';
$choice = stripslashes(cbGetParam($postdata, $col_choice));
switch ($choice) {
case 'upload':
$value = isset($_FILES[$col_file]) ? $_FILES[$col_file] : null;
// Image is uploaded in the commit, but lets validate it here as well:
$this->validate($field, $user, $choice, $value, $postdata, $reason);
break;
case 'gallery':
$newAvatar = stripslashes(cbGetParam($postdata, $col_gallery));
if ($this->validate($field, $user, $choice, $newAvatar, $postdata, $reason)) {
$value = 'gallery/' . $newAvatar;
if (isset($user->{$col})) {
$this->_logFieldUpdate($field, $user, $reason, $user->{$col}, $value);
}
deleteAvatar($user->{$col});
// delete old avatar
$user->{$col} = $value;
$user->{$colapproved} = 1;
}
break;
case 'delete':
if ($user->id && $user->{$col} != null && $user->{$col} != '') {
global $_CB_database;
if (isset($user->{$col})) {
$this->_logFieldUpdate($field, $user, $reason, $user->{$col}, '');
}
deleteAvatar($user->{$col});
// delete old avatar
$user->{$col} = null;
// this will not update, so we do query below:
$user->{$colapproved} = 1;
$query = 'UPDATE ' . $_CB_database->NameQuote($field->table) . "\n SET " . $_CB_database->NameQuote($col) . ' = NULL' . ', ' . $_CB_database->NameQuote($col . 'approved') . ' = 1' . ', ' . $_CB_database->NameQuote('lastupdatedate') . ' = ' . $_CB_database->Quote($_CB_framework->dateDbOfNow()) . "\n WHERE " . $_CB_database->NameQuote('id') . ' = ' . (int) $user->id;
$_CB_database->setQuery($query);
$_CB_database->query();
}
break;
case 'approve':
if (isset($user->{$col}) && $_CB_framework->getUi() == 2 && $user->id && $user->{$col} != null && $user->{$colapproved} == 0) {
$this->_logFieldUpdate($field, $user, $reason, '', $user->{$col});
// here we are missing the old value, so can't give it...
$user->{$colapproved} = 1;
$user->lastupdatedate = $_CB_framework->dateDbOfNow();
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem($user, CBTxt::T('UE_IMAGEAPPROVED_SUB', 'Image Approved'), CBTxt::T('UE_IMAGEAPPROVED_MSG', 'Your image has been approved by a moderator.'));
}
break;
case '':
default:
$this->validate($field, $user, $choice, $newAvatar, $postdata, $reason);
break;
}
}
/**
* Sends a PM or Email notification with substitutions based off configuration
*
* @param int $type 1: Email, 2: PM, 3: Moderators, 4: Auto
* @param UserTable|int|null $from
* @param UserTable|int|string $to
* @param string $subject
* @param string $body
* @param GroupTable $group
* @param array $extra
* @return bool
*/
static public function sendNotification( $type, $from, $to, $subject, $body, $group, $extra = array() )
{
global $_CB_framework, $_PLUGINS;
if ( ( ! $subject ) || ( ! $body ) || ( ! $group->get( 'id' ) ) || ( $group->get( 'published', 1 ) != 1 ) || ( ! $group->category()->get( 'published', 1 ) ) || ( ! $to ) ) {
return false;
}
if ( $from instanceof UserTable ) {
$fromUser = $from;
} elseif ( is_int( $from ) ) {
$fromUser = \CBuser::getUserDataInstance( $from );
} else {
$fromUser = null;
}
if ( $to instanceof UserTable ) {
$toUser = $to;
} elseif ( is_int( $to ) ) {
$toUser = \CBuser::getUserDataInstance( $to );
} else {
$toUser = null;
}
if ( $fromUser && $toUser && ( $fromUser->get( 'id' ) == $toUser->get( 'id' ) ) ) {
return false;
}
static $plugin = null;
static $params = null;
if ( ! $params ) {
$plugin = $_PLUGINS->getLoadedPlugin( 'user', 'cbgroupjive' );
$params = $_PLUGINS->getPluginParams( $plugin );
}
$notifyBy = (int) $params->get( 'notifications_notifyby', 1 );
$fromName = $params->get( 'notifications_from_name', null );
$fromEmail = $params->get( 'notifications_from_address', null );
$cbUser = \CBuser::getInstance( ( $fromUser ? (int) $fromUser->get( 'id' ) : ( $toUser ? (int) $toUser->get( 'id' ) : 0 ) ), false );
$user = $cbUser->getUserData();
$extras = array( 'category_id' => (int) $group->category()->get( 'id' ),
'category_name' => ( $group->category()->get( 'id' ) ? CBTxt::T( $group->category()->get( 'name' ) ) : CBTxt::T( 'Uncategorized' ) ),
'category' => '<a href="' . $_CB_framework->pluginClassUrl( $plugin->element, false, array( 'action' => 'categories', 'func' => 'show', 'id' => (int) $group->get( 'category' ) ) ) . '">' . ( $group->category()->get( 'id' ) ? CBTxt::T( $group->category()->get( 'name' ) ) : CBTxt::T( 'Uncategorized' ) ) . '</a>',
'group_id' => (int) $group->get( 'id' ),
'group_name' => htmlspecialchars( CBTxt::T( $group->get( 'name' ) ) ),
'group' => '<a href="' . $_CB_framework->pluginClassUrl( $plugin->element, false, array( 'action' => 'groups', 'func' => 'show', 'id' => (int) $group->get( 'id' ) ) ) . '">' . htmlspecialchars( CBTxt::T( $group->get( 'name' ) ) ) . '</a>',
'user' => '<a href="' . $_CB_framework->viewUrl( 'userprofile', false, array( 'user' => (int) $user->get( 'id' ) ) ) . '">' . getNameFormat( $user->get( 'name' ), $user->get( 'username' ), Application::Config()->get( 'name_format', 3 ) ) . '</a>'
);
if ( ! $toUser ) {
$extras['email'] = $to;
$extras['name'] = $to;
$extras['username'] = $to;
}
$extras = array_merge( $extras, $extra );
$subject = $cbUser->replaceUserVars( $subject, true, false, $extras, false );
$body = $cbUser->replaceUserVars( $body, false, false, $extras, false );
if ( $type == 4 ) {
$type = ( $notifyBy == 2 ? 2 : 1 );
}
$notification = new \cbNotification();
if ( $type == 3 ) {
// Moderator Notification:
$notification->sendToModerators( $subject, $body, false, 1 );
} elseif ( ( $type == 2 ) && $toUser ) {
// PM Notification:
if ( ! $toUser->get( 'id' ) ) {
return false;
}
$notification->sendUserPMSmsg( $toUser, 0, $subject, $body, true, false, 1, $extras );
} else {
// Email Notification:
if ( $toUser ) {
if ( ! $toUser->get( 'id' ) ) {
return false;
}
$notification->sendFromSystem( $toUser, $subject, $body, 1, 1, null, null, null, $extras, true, $fromName, $fromEmail );
} else {
$userTo = new UserTable();
$userTo->set( 'email', $to );
$userTo->set( 'name', $to );
$userTo->set( 'username', $to );
$notification->sendFromSystem( $userTo, $subject, $body, 1, 1, null, null, null, $extras, true, $fromName, $fromEmail );
}
}
return true;
}
/**
* @param int $userId
* @param UserTable $user
* @return mixed
*/
public function deleteUser( $userId, $user )
{
global $_CB_framework, $_PLUGINS;
if ( ! $userId ) {
$userId = $user->get( 'id' );
}
$profileUrl = $_CB_framework->userProfileUrl( $userId, false );
if ( ! $userId ) {
$profileUrl = 'index.php';
}
if ( $this->getDeleteField( $userId, $user ) ) {
$cbUser = CBuser::getInstance( $userId, false );
$deleteUser = $cbUser->getUserData();
$_PLUGINS->trigger( 'privacy_onBeforeAccountDelete', array( &$deleteUser, $user ) );
if ( $deleteUser->delete( $userId ) ) {
$closed = new cbprivacyClosedTable();
$closed->set( 'user_id', (int) $deleteUser->get( 'id' ) );
$closed->set( 'username', $deleteUser->get( 'username' ) );
$closed->set( 'name', $deleteUser->get( 'name' ) );
$closed->set( 'email', $deleteUser->get( 'email' ) );
$closed->set( 'type', 'delete' );
$closed->set( 'date', $_CB_framework->getUTCDate() );
$closed->set( 'reason', $this->input( 'reason', null, GetterInterface::STRING ) );
$closed->store();
$notification = new cbNotification();
$extra = array( 'ip_address' => cbGetIPlist(),
'reason' => $closed->get( 'reason' ),
'date' => $closed->get( 'date' )
);
$subject = $cbUser->replaceUserVars( CBTxt::T( 'User Account Deleted' ), true, false, $extra, false );
$body = $cbUser->replaceUserVars( CBTxt::T( 'Name: [name]<br />Username: [username]<br />Email: [email]<br />IP Address: [ip_address]<br />Date: [date]<br /><br />[reason]<br /><br />' ), false, false, $extra, false );
if ( $subject && $body ) {
$notification->sendToModerators( $subject, $body, false, 1 );
}
$subject = CBTxt::T( 'Your Account has been Deleted' );
$body = CBTxt::T( 'This is a notice that your account [username] on [siteurl] has been deleted.' );
if ( $subject && $body ) {
$notification->sendFromSystem( $deleteUser, $subject, $body, true, 1, null, null, null, $extra );
}
$_PLUGINS->trigger( 'privacy_onAfterAccountDelete', array( $deleteUser, $user ) );
cbRedirect( 'index.php', CBTxt::T( 'Account deleted successfully!' ) );
} else {
cbRedirect( $profileUrl, CBTxt::T( 'ACCOUNT_FAILED_TO_DELETE', 'Account failed to delete! Error: [error]', array( '[error]' => $deleteUser->getError() ) ), 'error' );
}
}
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
}
function rejectUser($uids) {
global $_CB_framework, $_CB_database, $ueConfig, $_POST, $_PLUGINS;
$andItemid = getCBprofileItemid();
// simple spoof check security
cbSpoofCheck( 'pendingApprovalUsers' );
if($ueConfig['allowModUserApproval']==0) {
echo _UE_FUNCTIONALITY_DISABLED;
exit();
}
$isModerator=isModerator( $_CB_framework->myId() );
if (!$isModerator){
cbNotAuth();
return;
}
$cbNotification= new cbNotification();
foreach($uids AS $uid) {
$query = "SELECT * FROM #__comprofiler c, #__users u WHERE c.id=u.id AND c.id = " . (int) $uid;
$_CB_database->setQuery($query);
$user = $_CB_database->loadObjectList();
$row = $user[0];
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger( 'onBeforeUserApproval', array($row,false));
if($_PLUGINS->is_errors()) {
cbRedirect( cbSef("index.php?option=$option&task=pendingApprovalUser".($Itemid ? "&Itemid=". (int) $Itemid : ""), false ), $_PLUGINS->getErrorMSG(), 'error' );
return;
}
$sql="UPDATE #__comprofiler SET approved=2 WHERE id=" . (int) $uid;
$_CB_database->SetQuery($sql);
$_CB_database->query();
$_PLUGINS->trigger( 'onAfterUserApproval', array($row,false,true));
$cbNotification->sendFromSystem(cbGetEscaped($uid),_UE_REG_REJECT_SUB,sprintf(_UE_USERREJECT_MSG,$_CB_framework->getCfg( 'sitename' ), stripslashes( cbGetParam( $_POST, 'comment' . $uid, '' ) ) ) );
}
cbRedirect( cbSef( 'index.php?option=com_comprofiler&task=pendingApprovalUser' . $andItemid, false ),(count($uids))?count($uids)." "._UE_USERREJECT_SUCCESSFUL:"");
}
/**
* Activates a user
* user plugins must have been loaded
*
* @param moscomprofilerUser $user
* @param int $ui 1=frontend, 2=backend, 0=no UI: machine-machine UI
* @param string $cause (one of: 'UserRegistration', 'UserConfirmation', 'UserApproval', 'NewUser', 'UpdateUser')
* @param boolean $mailToAdmins true if the standard new-user email should be sent to admins if moderator emails are enabled
* @param boolean $mailToUser true if the welcome new user email (from CB config) should be sent to the new user
* @param boolean $triggerBeforeActivate
* @return array of string texts to display
*/
function activateUser(&$user, $ui, $cause, $mailToAdmins = true, $mailToUser = true, $triggerBeforeActivate = true)
{
global $_CB_database, $ueConfig, $_PLUGINS;
static $notificationsSent = array();
$activate = $user->confirmed && $user->approved == 1;
$showSysMessage = true;
$messagesToUser = getActivationMessage($user, $cause);
if ($cause == 'UserConfirmation' && $user->approved == 0) {
$activate = false;
$msg = array('emailAdminSubject' => array('sys' => _UE_REG_ADMIN_PA_SUB), 'emailAdminMessage' => array('sys' => _UE_REG_ADMIN_PA_MSG), 'emailUserSubject' => array(), 'emailUserMessage' => array());
} elseif ($user->confirmed == 0) {
$msg = array('emailAdminSubject' => array(), 'emailAdminMessage' => array(), 'emailUserSubject' => array('sys' => getLangDefinition(stripslashes($ueConfig['reg_pend_appr_sub']))), 'emailUserMessage' => array('sys' => getLangDefinition(stripslashes($ueConfig['reg_pend_appr_msg']))));
} elseif ($cause == 'SameUserRegistrationAgain') {
$activate = false;
$msg = array('emailAdminSubject' => array(), 'emailAdminMessage' => array(), 'emailUserSubject' => array(), 'emailUserMessage' => array());
} elseif ($user->confirmed && !($user->approved == 1)) {
$msg = array('emailAdminSubject' => array('sys' => _UE_REG_ADMIN_PA_SUB), 'emailAdminMessage' => array('sys' => _UE_REG_ADMIN_PA_MSG), 'emailUserSubject' => array('sys' => getLangDefinition(stripslashes($ueConfig['reg_pend_appr_sub']))), 'emailUserMessage' => array('sys' => getLangDefinition(stripslashes($ueConfig['reg_pend_appr_msg']))));
} elseif ($user->confirmed && $user->approved == 1) {
$msg = array('emailAdminSubject' => array('sys' => _UE_REG_ADMIN_SUB), 'emailAdminMessage' => array('sys' => _UE_REG_ADMIN_MSG), 'emailUserSubject' => array('sys' => getLangDefinition(stripslashes($ueConfig['reg_welcome_sub']))), 'emailUserMessage' => array('sys' => getLangDefinition(stripslashes($ueConfig['reg_welcome_msg']))));
}
$msg['messagesToUser'] = $messagesToUser;
if ($triggerBeforeActivate) {
$results = $_PLUGINS->trigger('onBeforeUserActive', array(&$user, $ui, $cause, $mailToAdmins, $mailToUser));
if ($_PLUGINS->is_errors() && $ui != 0) {
echo $_PLUGINS->getErrorMSG('<br />');
}
foreach ($results as $res) {
if (is_array($res)) {
$activate = $activate && $res['activate'];
$mailToAdmins = $mailToAdmins && $res['mailToAdmins'];
$mailToUser = $mailToUser && $res['mailToUser'];
$showSysMessage = $showSysMessage && $res['showSysMessage'];
foreach (array_keys($msg) as $key) {
if (isset($res[$key]) && $res[$key]) {
array_push($msg[$key], $res[$key]);
}
}
}
}
if (!($mailToAdmins && $ueConfig['moderatorEmail'] == 1)) {
unset($msg['emailAdminSubject']['sys']);
unset($msg['emailAdminMessage']['sys']);
}
if (!$mailToUser) {
unset($msg['emailUserSubject']['sys']);
unset($msg['emailUserMessage']['sys']);
}
if (!$showSysMessage) {
unset($msg['messagesToUser']['sys']);
}
}
if ($activate) {
$user->block = 0;
$user->storeBlock(false);
$user->removeActivationCode();
}
if ($activate) {
$_PLUGINS->trigger('onUserActive', array(&$user, $ui, $cause, $mailToAdmins, $mailToUser));
if ($_PLUGINS->is_errors() && $ui != 0) {
$msg['messagesToUser'] = $_PLUGINS->getErrorMSG('<br />') . $msg['messagesToUser'];
}
}
if (!isset($notificationsSent[$user->id][$user->confirmed][$user->approved][$user->block])) {
// in case done several times (e.g. plugins), avoid resending messages.
$cbNotification = new cbNotification();
if ($ueConfig['moderatorEmail'] && count($msg['emailAdminMessage'])) {
$pwd = $user->password;
$user->password = null;
$cbNotification->sendToModerators(implode(', ', $msg['emailAdminSubject']), $cbNotification->_replaceVariables(implode('\\n\\n', $msg['emailAdminMessage']), $user));
$user->password = $pwd;
}
if (count($msg['emailUserMessage'])) {
$cbNotification->sendFromSystem($user, implode(', ', $msg['emailUserSubject']), implode('\\n\\n', $msg['emailUserMessage']));
}
$notificationsSent[$user->id][$user->confirmed][$user->approved][$user->block] = true;
}
return $msg['messagesToUser'];
}
/**
* Sends appropriate email depending on status.
* Should be called only once upon each change of this something,
*
* @param UserTable $user
* @param string $cause 'PaidSubscription' (first activation only), 'SubscriptionActivated' (renewals, cancellation reversals), 'SubscriptionDeactivated', 'Denied'
* @param string $reason 'N' new subscription, 'R' renewal, 'U'=update )
* @param int $autorenewed 0: not auto-renewing (manually renewed), 1: automatically renewed (if $reason == 'R')
*/
public function sendNewStatusEmail( &$user, $cause, $reason, $autorenewed = 0 ) {
global $_CB_framework;
if ( ! is_object( $user ) ) {
return;
}
$emailkind = null;
if ( ( $this->status == 'A' ) && ( $cause == 'PaidSubscription' ) && ( $reason != 'R' ) ) {
$emailkind = 'thankyou';
} elseif ( ( $this->status == 'A' ) && ( $cause == 'PaidSubscription' ) && ( $reason == 'R' ) && ( $autorenewed == 0 ) ) {
$emailkind = 'renewal';
} elseif ( ( $this->status == 'A' ) && ( $cause == 'PaidSubscription' ) && ( $reason == 'R' ) && ( $autorenewed == 1 ) ) {
$emailkind = 'autorenewal';
} elseif ( ( $this->status == 'X' ) && ( $cause == 'Denied' ) ) {
$emailkind = 'expiration';
} elseif ( ( $this->status == 'C' ) && ( $cause == 'Denied' ) && ( $user->id == $_CB_framework->myId() ) && ( $_CB_framework->getUi() == 1 ) ) {
$emailkind = 'cancelled'; // by the user only in frontend
} elseif ( ( $cause == 'Pending' ) && ( $reason != 'R' ) && ( $autorenewed == 0 ) ) {
$emailkind = 'pendingfirst';
} elseif ( ( $cause == 'Pending' ) && ( $reason == 'R' ) && ( $autorenewed == 0 ) ) {
$emailkind = 'pendingrenewal';
}
if ( $emailkind ) {
// email to user only if activated for the first time:
$plan = $this->getPlan();
if ( ! $plan ) {
return;
}
cbimport( 'cb.tabs' ); // for cbNotification and comprofilerMail()
cbimport( 'language.front' ); // for _UE_EMAILFOOTER translation
$mailHtml = ( $plan->get( $emailkind . 'emailhtml' ) == '1' ? 1 : 0 );
$mailSubject = $this->getPersonalized( $emailkind . 'emailsubject', false, false );
$mailBody = $this->getPersonalized( $emailkind . 'emailbody', $mailHtml );
$mailCC = trim( $plan->get( $emailkind . 'emailcc' ) );
$mailBCC = trim( $plan->get( $emailkind . 'emailbcc' ) );
$mailAttachments = trim( $plan->get( $emailkind . 'emailattachments' ) );
if ( $mailCC != '' ) {
$mailCC = preg_split( '/ *, */', $mailCC );
} else {
$mailCC = null;
}
if ( $mailBCC != '' ) {
$mailBCC = preg_split( '/ *, */', $mailBCC );
} else {
$mailBCC = null;
}
if ( $mailAttachments != '' ) {
$mailAttachments = preg_split( '/ *, */', $mailAttachments );
} else {
$mailAttachments = null;
}
if ( $mailSubject || $mailBody ) {
$notifier = new cbNotification();
$notifier->sendFromSystem( $user, $mailSubject, $mailBody, true, $mailHtml, $mailCC, $mailBCC, $mailAttachments );
}
} //TBD: else email in case of deactivation
}
/**
* Logins on host CMS using any allowed authentication methods
*
* @param string $username The username
* @param string|boolean $password Well, The password OR strictly boolean false for login without password
* @param boolean $rememberMe If login should be remembered in a cookie to be sent back to user's browser
* @param boolean $message If an alert message should be prepared on successful login
* @param string $return IN & OUT: IN: return URL NOT SEFED for normal login completition (unless an event says different), OUT: redirection url (no htmlspecialchars) NOT SEFED
* @param array $messagesToUser OUT: messages to display to user (html)
* @param array $alertMessages OUT: messages to alert to user (text)
* @param int $loginType 0: username, 1: email, 2: username or email, 3: username, email or CMS authentication
* @param string $secretKey secretKey used for two step authentication
* @return string Error message if error
*/
public function login($username, $password, $rememberMe, $message, &$return, &$messagesToUser, &$alertMessages, $loginType = 0, $secretKey = null)
{
global $_CB_framework, $ueConfig, $_PLUGINS;
$returnURL = null;
$loggedIn = false;
if (!$username || !$password && $password !== false) {
$resultError = CBTxt::T('LOGIN_INCOMPLETE', 'Please complete the username and password fields.');
} else {
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeLogin', array(&$username, &$password, &$secretKey));
$resultError = null;
$showSysMessage = true;
$stopLogin = false;
$firstLogin = false;
$row = new UserTable();
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG();
} else {
$foundUser = false;
// Try login by CB authentication trigger:
$_PLUGINS->trigger('onLoginAuthentication', array(&$username, &$password, &$row, $loginType, &$foundUser, &$stopLogin, &$resultError, &$messagesToUser, &$alertMessages, &$return, &$secretKey));
if (!$foundUser) {
if ($loginType != 2) {
// login by username:
$foundUser = $row->loadByUsername($username) && ($password === false || $row->verifyPassword($password));
}
if (!$foundUser && $loginType >= 1) {
// login by email:
$foundUser = $row->loadByEmail($username) && ($password === false || $row->verifyPassword($password));
if ($foundUser) {
$username = $row->username;
}
}
if (!$foundUser && $loginType > 2) {
// If no result, try login by CMS authentication:
if ($_CB_framework->login($username, $password, $rememberMe, null, $secretKey)) {
$foundUser = $row->load((int) $_CB_framework->myId());
// core user might not have username set, so we use id (bug #3303 fix)
$this->cbSplitSingleName($row);
$row->confirmed = 1;
$row->approved = 1;
$row->store();
// synchronizes with comprofiler table
$loggedIn = true;
}
}
}
if ($foundUser) {
$returnPluginsOverrides = null;
$pluginResults = $_PLUGINS->trigger('onDuringLogin', array(&$row, 1, &$returnPluginsOverrides));
if ($returnPluginsOverrides) {
$return = $returnPluginsOverrides;
}
if (is_array($pluginResults) && count($pluginResults)) {
foreach ($pluginResults as $res) {
if (is_array($res)) {
if (isset($res['messagesToUser'])) {
$messagesToUser[] = $res['messagesToUser'];
}
if (isset($res['alertMessage'])) {
$alertMessages[] = $res['alertMessage'];
}
if (isset($res['showSysMessage'])) {
$showSysMessage = $showSysMessage && $res['showSysMessage'];
}
if (isset($res['stopLogin'])) {
$stopLogin = $stopLogin || $res['stopLogin'];
}
}
}
}
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG();
} elseif ($stopLogin) {
// login stopped: don't even check for errors...
} elseif ($row->approved == 2) {
$resultError = CBTxt::T('LOGIN_REJECTED', 'Your sign up request was rejected!');
} elseif ($row->confirmed != 1) {
if ($row->cbactivation == '') {
$row->store();
// just in case the activation code was missing
}
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem($row->id, CBTxt::T(stripslashes($ueConfig['reg_pend_appr_sub'])), CBTxt::T(stripslashes($ueConfig['reg_pend_appr_msg'])), true, isset($ueConfig['reg_email_html']) ? (int) $ueConfig['reg_email_html'] : 0);
$resultError = CBTxt::T('LOGIN_NOT_CONFIRMED', 'Your sign up process is not yet complete! Please check again your email for further instructions that have just been resent. If you don\'t find the email, check your spam-box. Make sure that your email account options are not set to immediately delete spam. If that was the case, just try logging in again to receive a new instructions email.');
} elseif ($row->approved == 0) {
$resultError = CBTxt::T('LOGIN_NOT_APPROVED', 'Your account has not yet been approved!');
} elseif ($row->block == 1) {
$resultError = CBTxt::T('LOGIN_BLOCKED', 'Your login is blocked.');
} elseif ($row->lastvisitDate == '0000-00-00 00:00:00') {
$firstLogin = true;
if (isset($ueConfig['reg_first_visit_url']) and $ueConfig['reg_first_visit_url'] != "") {
$return = $ueConfig['reg_first_visit_url'];
} else {
if ($returnPluginsOverrides) {
$return = $returnPluginsOverrides;
// by default return to homepage on first login (or on page overridden by plugin).
}
}
$_PLUGINS->trigger('onBeforeFirstLogin', array(&$row, $username, $password, &$return, $secretKey));
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG("<br />");
}
}
} else {
if ($loginType < 2) {
$resultError = CBTxt::T('LOGIN_INCORRECT_USER_NOT_FOUND LOGIN_INCORRECT', 'Incorrect username or password. Please try again.');
} else {
$resultError = CBTxt::T('UE_INCORRECT_EMAIL_OR_PASSWORD', 'Incorrect email or password. Please try again.');
}
}
}
if ($resultError) {
if ($showSysMessage) {
$alertMessages[] = $resultError;
}
} elseif (!$stopLogin) {
if (!$loggedIn) {
$_PLUGINS->trigger('onDoLoginNow', array($username, $password, $rememberMe, &$row, &$loggedIn, &$resultError, &$messagesToUser, &$alertMessages, &$return, $secretKey));
}
if (!$loggedIn) {
$_CB_framework->login($username, $password, $rememberMe, null, $secretKey);
$loggedIn = true;
}
if ($firstLogin) {
$_PLUGINS->trigger('onAfterFirstLogin', array(&$row, $loggedIn));
}
$_PLUGINS->trigger('onAfterLogin', array(&$row, $loggedIn));
if ($loggedIn && $message && $showSysMessage) {
$alertMessages[] = CBTxt::T('LOGIN_SUCCESS', 'You have successfully logged in');
}
if (!$loggedIn) {
$resultError = CBTxt::T('LOGIN_INCORRECT_USER_AUTHENTICATION_FAILED LOGIN_INCORRECT', 'Incorrect username or password. Please try again.');
}
// changing com_comprofiler to comprofiler is a quick-fix for SEF ON on return path...
if ($return && !(strpos($return, 'comprofiler') && (strpos($return, 'login') || strpos($return, 'logout') || strpos($return, 'registers') || strpos(strtolower($return), 'lostpassword')))) {
// checks for the presence of a return url
// and ensures that this url is not the registration or login pages
$returnURL = $return;
} elseif (!$returnURL) {
$returnURL = 'index.php';
}
}
}
if (!$loggedIn) {
$_PLUGINS->trigger('onLoginFailed', array(&$resultError, &$returnURL));
}
$return = $returnURL;
return $resultError;
}
/**
* Logins on host CMS using any allowed authentication methods
*
* @param string $username The username
* @param string|boolean $password Well, The password OR strictly boolean false for login without password
* @param boolean $rememberMe If login should be remembered in a cookie to be sent back to user's browser
* @param boolean $message If an alert message should be prepared on successful login
* @param string $return IN & OUT: IN: return URL NOT SEFED for normal login completition (unless an event says different), OUT: redirection url (no htmlspecialchars) NOT SEFED
* @param array $messagesToUser OUT: messages to display to user (html)
* @param array $alertmessages OUT: messages to alert to user (text)
* @param int $loginType 0: username, 1: email, 2: username or email, 3: username, email or CMS authentication
*/
function login( $username, $password, $rememberMe, $message, &$return, &$messagesToUser, &$alertmessages, $loginType = 0 ) {
global $_CB_database, $_CB_framework, $ueConfig, $_PLUGINS;
$returnURL = null;
if ( ( ! $username ) || ( ( ! $password ) && ( $password !== false ) ) ) {
$resultError = _LOGIN_INCOMPLETE;
} else {
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger( 'onBeforeLogin', array( &$username, &$password ) );
$resultError = null;
$showSysMessage = true;
$stopLogin = false;
$loggedIn = false;
if($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG();
} else {
$row = new moscomprofilerUser( $_CB_database );
$foundUser = false;
// Try login by CB authentication trigger:
$_PLUGINS->trigger( 'onLoginAuthentication', array( &$username, &$password, &$row, $loginType, &$foundUser, &$stopLogin, &$resultError, &$messagesToUser, &$alertmessages, &$return ) );
if ( ! $foundUser ) {
if ( $loginType != 2 ) {
// login by username:
$foundUser = $row->loadByUsername( stripslashes( $username ) ) && ( ( $password === false ) || $row->verifyPassword( $password ) );
}
if ( ( ! $foundUser ) && ( $loginType >= 1 ) ) {
// login by email:
$foundUser = $row->loadByEmail( stripslashes( $username ) ) && ( ( $password === false ) || $row->verifyPassword( $password ) );
if ( $foundUser ) {
$username = $row->username;
}
}
if ( ( ! $foundUser ) && ( $loginType > 2 ) ) {
// If no result, try login by CMS authentication:
if ( $_CB_framework->login( $username, $password, $rememberMe ) ) {
$foundUser = $row->loadByUsername( stripslashes( $username ) );
cbSplitSingleName( $row );
$row->confirmed = 1;
$row->approved = 1;
$row->store(); // synchronizes with comprofiler table
$loggedIn = true;
}
}
}
if ( $foundUser ) {
$returnPluginsOverrides = null;
$pluginResults = $_PLUGINS->trigger( 'onDuringLogin', array( &$row, 1, &$returnPluginsOverrides ) );
if ( $returnPluginsOverrides ) {
$return = $returnPluginsOverrides;
}
if ( is_array( $pluginResults ) && count( $pluginResults ) ) {
foreach ( $pluginResults as $res ) {
if ( is_array( $res ) ) {
if ( isset( $res['messagesToUser'] ) ) {
$messagesToUser[] = $res['messagesToUser'];
}
if ( isset( $res['alertMessage'] ) ) {
$alertmessages[] = $res['alertMessage'];
}
if ( isset( $res['showSysMessage'] ) ) {
$showSysMessage = $showSysMessage && $res['showSysMessage'];
}
if ( isset( $res['stopLogin'] ) ) {
$stopLogin = $stopLogin || $res['stopLogin'];
}
}
}
}
if($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG();
}
elseif ( $stopLogin ) {
// login stopped: don't even check for errors...
}
elseif ($row->approved == 2){
$resultError = _LOGIN_REJECTED;
}
elseif ($row->confirmed != 1){
if ( $row->cbactivation == '' ) {
$row->store(); // just in case the activation code was missing
}
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem($row->id,getLangDefinition(stripslashes($ueConfig['reg_pend_appr_sub'])),getLangDefinition(stripslashes($ueConfig['reg_pend_appr_msg'])));
$resultError = _LOGIN_NOT_CONFIRMED;
}
elseif ($row->approved == 0){
$resultError = _LOGIN_NOT_APPROVED;
}
elseif ($row->block == 1) {
$resultError = _UE_LOGIN_BLOCKED;
}
elseif ($row->lastvisitDate == '0000-00-00 00:00:00') {
if (isset($ueConfig['reg_first_visit_url']) and ($ueConfig['reg_first_visit_url'] != "")) {
$return = $ueConfig['reg_first_visit_url'];
} else {
$return = $returnPluginsOverrides; // by default return to homepage on first login (or on page overridden by plugin).
}
$_PLUGINS->trigger( 'onBeforeFirstLogin', array( &$row, $username, $password, &$return ));
if ($_PLUGINS->is_errors()) {
$resultError = $_PLUGINS->getErrorMSG( "<br />" );
}
}
} else {
if ( $loginType < 2 ) {
$resultError = _LOGIN_INCORRECT;
} else {
$resultError = _UE_INCORRECT_EMAIL_OR_PASSWORD;
}
}
}
if ( $resultError ) {
if ( $showSysMessage ) {
$alertmessages[] = $resultError;
}
} elseif ( ! $stopLogin ) {
if ( ! $loggedIn ) {
$_PLUGINS->trigger( 'onDoLoginNow', array( $username, $password, $rememberMe, &$row, &$loggedIn, &$resultError, &$messagesToUser, &$alertmessages, &$return ) );
}
if ( ! $loggedIn ) {
$_CB_framework->login( $username, $password, $rememberMe );
$loggedIn = true;
}
$_PLUGINS->trigger( 'onAfterLogin', array( &$row, $loggedIn ) );
if ( $loggedIn && $message && $showSysMessage ) {
$alertmessages[] = _LOGIN_SUCCESS;
}
if ( ! $loggedIn ) {
$resultError = _LOGIN_INCORRECT;
}
// changing com_comprofiler to comprofiler is a quick-fix for SEF ON on return path...
if ( $return && !( strpos( $return, 'comprofiler' /* 'com_comprofiler' */ ) && ( strpos( $return, 'login') || strpos( $return, 'logout') || strpos( $return, 'registers' ) || strpos( strtolower( $return ), 'lostpassword' ) ) ) ) {
// checks for the presence of a return url
// and ensures that this url is not the registration or login pages
$returnURL = $return;
} elseif ( ! $returnURL ) {
$returnURL = 'index.php';
}
}
}
$return = $returnURL;
return $resultError;
}
function pgNotify($id,$user,$notification_action) {
global $_CB_framework, $res_1, $res_2, $res_3;
$res_1 = $res_2 = $res_3 = true;
switch ($notification_action) {
case 'MODERATOR-APPROVE':
// Notify end user about approval
$tabparams = $this->_pgGetTabParameters($user);
if($tabparams["pgmoderatornotification"] && ($_CB_framework->myId() != $user->id)){
$cbNotification = new cbNotification();
$messagebody = CBTxt::Th("A Gallery item in your Gallery Tab has just been approved by a moderator.\n\n\n"
."Please do not respond to this message as it is automatically generated and is for information purposes only\n"
);
//eval ("\$messagebody = \"$messagebody\";");
if (!$cbNotification->sendFromSystem($user->id,CBTxt::Th("Your Gallery Item has been approved!"),$messagebody)) {
$this->_setErrorMSG("CB Gallery failed to send user email approval notification");
$res_1 = false;
}
}
break;
case 'MODERATOR-DELETE':
// Notify end-user about deletion
$tabparams = $this->_pgGetTabParameters($user);
if($tabparams["pgmoderatornotification"] && ($_CB_framework->myId() != $user->id)){
$cbNotification = new cbNotification();
$messagebody = CBTxt::Th("A Gallery item in your Gallery Tab has just been deleted by a moderator.\n\n\n"
."If you feel that this action is unjustified please contact one of our moderators.\n"
."Please do not respond to this message as it is automatically generated and is for information purposes only\n"
);
//eval ("\$messagebody = \"$messagebody\";");
if (!$cbNotification->sendFromSystem($user->id,CBTxt::Th("Your Gallery Item has been deleted!"),$messagebody)) {
$this->_setErrorMSG("CB Gallery failed to send moderation deletion email");
$res_2 = false;
}
}
break;
case 'MODERATOR-REVOKE':
// Notify end-user about item revoke
$tabparams = $this->_pgGetTabParameters($user);
if($tabparams["pgmoderatornotification"] && ($_CB_framework->myId() != $user->id)){
$cbNotification = new cbNotification();
$messagebody = CBTxt::Th("A Gallery item in your Gallery Tab has just been revoked by a moderator.\n\n\n"
."If you feel that this action is unjustified please contact one of our moderators.\n"
."Please do not respond to this message as it is automatically generated and is for information purposes only\n"
);
//eval ("\$messagebody = \"$messagebody\";");
if (!$cbNotification->sendFromSystem($user->id,CBTxt::Th("Your Gallery Item has been revoked!"),$messagebody)) {
$this->_setErrorMSG("CB Gallery failed to send moderation revocation email");
$res_3 = false;
}
}
break;
default:
break;
}
if (!($res_1 && $res_2 && $res_3)) {
$this->raiseError(0);
}
return $res_1 && $res_2 && $res_3;
}
/**
* Outputs legacy user mass mailer and user reconfirm email display
*
* @param string $option
* @param string $task
* @param int[] $cid
* @return bool
* @deprecated 2.0
*/
public function showUsers($option, $task, $cid)
{
global $_CB_framework, $_CB_database, $ueConfig, $_PLUGINS;
cbimport('language.all');
cbimport('cb.tabs');
cbimport('cb.params');
cbimport('cb.pagination');
cbimport('cb.lists');
// We just need the user rows as we've already filtered down the IDs in user management:
$query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . " AS c" . "\n INNER JOIN " . $_CB_database->NameQuote('#__users') . " AS u" . ' ON u.' . $_CB_database->NameQuote('id') . ' = c.' . $_CB_database->NameQuote('id') . "\n WHERE u." . $_CB_database->NameQuote('id') . " IN ( " . implode(', ', cbArrayToInts($cid)) . " )";
$_CB_database->setQuery($query);
$rows = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\UserTable', array($_CB_database));
$total = count($rows);
if ($task == 'resendconfirmationemails') {
if (!$rows) {
cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => $task)), 'error');
}
$count = 0;
/** @var UserTable[] $rows */
foreach ($rows as $row) {
if ($row->confirmed == 0) {
if ($row->cbactivation == '') {
// Generate a new confirmation code if the user doesn't have one (requires email confirmation to be enabled):
$row->store();
}
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem($row->id, CBTxt::T($ueConfig['reg_pend_appr_sub']), CBTxt::T($ueConfig['reg_pend_appr_msg']), true, isset($ueConfig['reg_email_html']) ? (int) $ueConfig['reg_email_html'] : 0);
++$count;
}
}
cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SENT_CONFIRMATION_EMAILS_TO_NUM_USERS_USERS', 'Sent confirmation emails to [NUM_USERS] users', array('[NUM_USERS]' => $count)));
} else {
$emailSubject = stripslashes(cbGetParam($_POST, 'emailsubject', ''));
$emailBody = stripslashes(rawurldecode(cbGetParam($_POST, 'emailbody', '', _CB_ALLOWRAW | _CB_NOTRIM)));
$emailAttach = stripslashes(cbGetParam($_POST, 'emailattach', ''));
$emailsPerBatch = stripslashes(cbGetParam($_POST, 'emailsperbatch', 50));
$emailsBatch = stripslashes(cbGetParam($_POST, 'emailsbatch', 0));
$emailFromName = stripslashes(cbGetParam($_POST, 'emailfromname', ''));
$emailFromAddr = stripslashes(cbGetParam($_POST, 'emailfromaddr', ''));
$emailReplyName = stripslashes(cbGetParam($_POST, 'emailreplyname', ''));
$emailReplyAddr = stripslashes(cbGetParam($_POST, 'emailreplyaddr', ''));
$emailPause = stripslashes(cbGetParam($_POST, 'emailpause', 30));
$simulationMode = stripslashes(cbGetParam($_POST, 'simulationmode', ''));
// B/C trigger variables:
if (count($cid) > 0 && count($cid) < $total) {
$total = count($cid);
}
$pageNav = new cbPageNav($total, 0, 10);
$search = '';
$lists = array();
$inputTextExtras = null;
$select_tag_attribs = null;
if ($task == 'emailusers') {
if (!$rows) {
cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => $task)), 'error');
}
$pluginRows = $_PLUGINS->trigger('onBeforeBackendUsersEmailForm', array(&$rows, &$pageNav, &$search, &$lists, &$cid, &$emailSubject, &$emailBody, &$inputTextExtras, &$select_tag_attribs, $simulationMode, $option, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr));
$usersView = _CBloadView('users');
/** @var CBView_users $usersView */
$usersView->emailUsers($rows, $emailSubject, $emailBody, $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsPerBatch, $emailsBatch, $emailPause, $simulationMode, $pluginRows);
} elseif ($task == 'startemailusers') {
$pluginRows = $_PLUGINS->trigger('onBeforeBackendUsersEmailStart', array(&$rows, $total, $search, $lists, $cid, &$emailSubject, &$emailBody, &$inputTextExtras, $simulationMode, $option, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr));
$usersView = _CBloadView('users');
/** @var CBView_users $usersView */
$usersView->startEmailUsers($rows, $emailSubject, $emailBody, $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsPerBatch, $emailsBatch, $emailPause, $simulationMode, $pluginRows);
} elseif ($task == 'ajaxemailusers') {
cbSpoofCheck('cbadmingui');
cbRegAntiSpamCheck();
$cbNotification = new cbNotification();
$mode = 1;
// html
$errors = 0;
$success = array();
$failed = array();
$users = array_slice($rows, $emailsBatch, $emailsPerBatch);
if ($simulationMode) {
$success = array('<div class="alert alert-info">' . CBTxt::T('Emails do not send in simulation mode') . '</div>');
} else {
foreach ($users as $user) {
$extraStrings = array();
$_PLUGINS->trigger('onBeforeBackendUserEmail', array(&$user, &$emailSubject, &$emailBody, $mode, &$extraStrings, $simulationMode, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr));
$attachments = cbReplaceVars($emailAttach, $user, $mode, true, $extraStrings);
if ($attachments) {
$attachments = preg_split(' *, *', $attachments);
} else {
$attachments = null;
}
if (!$cbNotification->sendFromSystem($user, $emailSubject, $this->makeLinksAbsolute($emailBody), true, $mode, null, null, $attachments, $extraStrings, false, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr)) {
$failed[] = '<div class="alert alert-danger">' . '<strong>' . htmlspecialchars($user->name . ' <' . $user->email . '>') . '</strong>: ' . CBTxt::Th('ERROR_SENDING_EMAIL_ERRORMSG', 'Error sending email: [ERROR_MSG]', array('[ERROR_MSG]' => $cbNotification->errorMSG)) . '</div>';
++$errors;
} else {
$success[] = htmlspecialchars($user->name . ' <' . $user->email . '>');
}
}
}
$usernames = implode(', ', $success) . implode('', $failed);
if ($total < $emailsPerBatch) {
$limit = $total;
} else {
$limit = $emailsPerBatch;
}
ob_start();
$usersView = _CBloadView('users');
/** @var CBView_users $usersView */
$usersView->ajaxResults($usernames, $emailSubject, $this->makeLinksAbsolute($emailBody), $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsBatch, $limit, $total, $errors);
$html = ob_get_contents();
ob_end_clean();
$reply = array('result' => 1, 'htmlcontent' => $html);
if (!($total - ((int) $emailsBatch + (int) $emailsPerBatch) > 0)) {
$reply['result'] = 2;
}
echo json_encode($reply);
}
}
}
/**
* Prepares field data for saving to database (safe transfer from $postdata to $user)
* Override
*
* @param moscomprofilerFields $field
* @param moscomprofilerUser $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit)
* @param array $postdata Typically $_POST (but not necessarily), filtering required.
* @param string $reason 'edit' for save profile edit, 'register' for registration, 'search' for searches
*/
function prepareFieldDataSave( &$field, &$user, &$postdata, $reason ) {
global $_CB_framework, $ueConfig, $_PLUGINS, $_FILES;
$this->_prepareFieldMetaSave( $field, $user, $postdata, $reason );
$col = $field->name;
$colapproved = $col . 'approved';
$col_choice = $col . '__choice';
$col_file = $col . '__file';
$col_gallery = $col . '__gallery';
$choice = stripslashes( cbGetParam( $postdata, $col_choice ) );
switch ( $choice ) {
case 'upload':
$value = ( isset( $_FILES[$col_file] ) ? $_FILES[$col_file] : null );
if ( $this->validate( $field, $user, $choice, $value, $postdata, $reason ) ) {
$_PLUGINS->loadPluginGroup( 'user' );
$isModerator = isModerator( $_CB_framework->myId() );
$_PLUGINS->trigger( 'onBeforeUserAvatarUpdate', array( &$user, &$user, $isModerator, &$value['tmp_name'] ) );
if ( $_PLUGINS->is_errors() ) {
$this->_setErrorMSG( $_PLUGINS->getErrorMSG() );
}
$imgToolBox = new imgToolBox();
$imgToolBox->_conversiontype = $ueConfig['conversiontype'];
$imgToolBox->_IM_path = $ueConfig['im_path'];
$imgToolBox->_NETPBM_path = $ueConfig['netpbm_path'];
$imgToolBox->_maxsize = $this->_getImageFieldParam( $field, 'avatarSize' );
$imgToolBox->_maxwidth = $this->_getImageFieldParam( $field, 'avatarWidth' );
$imgToolBox->_maxheight = $this->_getImageFieldParam( $field, 'avatarHeight' );
$imgToolBox->_thumbwidth = $this->_getImageFieldParam( $field, 'thumbWidth' );
$imgToolBox->_thumbheight = $this->_getImageFieldParam( $field, 'thumbHeight' );
$imgToolBox->_debug = 0;
$allwaysResize = ( isset( $ueConfig['avatarResizeAlways'] ) ? $ueConfig['avatarResizeAlways'] : 1 );
$fileNameInDir = ( $col == 'avatar' ? '' : $col . '_' ) . uniqid( $user->id . '_' );
$newFileName = $imgToolBox->processImage( $value, $fileNameInDir, $_CB_framework->getCfg( 'absolute_path' ) . '/images/comprofiler/', 0, 0, 1, $allwaysResize );
if ( ! $newFileName ) {
$this->_setValidationError( $field, $user, $reason, $imgToolBox->_errMSG ); // needed if uploaded file fails in imgToolbox
//BB: maybe this needed instead ? :
// $this->_setErrorMSG( $imgToolBox->_errMSG );
return;
}
if ( isset( $user->$col ) && ! ( ( $col == 'avatar' ) && ( $ueConfig['avatarUploadApproval'] == 1 ) && ( $isModerator == 0 ) ) ) {
// if auto-approved: //TBD: else need to log update on image approval !
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, $newFileName );
}
if ( isset( $user->$col ) && ( $user->$col != '' ) ) {
deleteAvatar( $user->$col );
}
if ( ( $col == 'avatar' ) && ( $ueConfig['avatarUploadApproval'] == 1 ) && ( $isModerator == 0 ) ) {
$cbNotification = new cbNotification();
$cbNotification->sendToModerators( _UE_IMAGE_ADMIN_SUB, _UE_IMAGE_ADMIN_MSG );
$user->$col = $newFileName;
$user->$colapproved = 0;
} else {
$user->$col = $newFileName;
$user->$colapproved = 1;
}
$_PLUGINS->trigger( 'onAfterUserAvatarUpdate', array( &$user, &$user, $isModerator, $newFileName ) );
}
break;
case 'gallery':
$newAvatar = stripslashes( cbGetParam( $postdata, $col_gallery ) );
if ( $this->validate( $field, $user, $choice, $newAvatar, $postdata, $reason ) ) {
$value = 'gallery/' . $newAvatar;
if ( isset( $user->$col ) ) {
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, $value );
}
deleteAvatar( $user->$col ); // delete old avatar
$user->$col = $value;
$user->$colapproved = 1;
}
break;
case 'delete':
if ( $user->id && ( $user->$col != null ) && ( $user->$col != '' ) ) {
global $_CB_database;
if ( isset( $user->$col ) ) {
$this->_logFieldUpdate( $field, $user, $reason, $user->$col, '' );
}
deleteAvatar( $user->$col ); // delete old avatar
$user->$col = null; // this will not update, so we do query below:
$user->$colapproved = 1;
$query = 'UPDATE ' . $_CB_database->NameQuote( $field->table )
. "\n SET " . $_CB_database->NameQuote( $col ) . ' = NULL'
. ', ' . $_CB_database->NameQuote( $col . 'approved' ) . ' = 1'
. ', ' . $_CB_database->NameQuote( 'lastupdatedate' ) . ' = ' . $_CB_database->Quote( $_CB_framework->dateDbOfNow() )
. "\n WHERE " . $_CB_database->NameQuote( 'id' ) . ' = ' . (int) $user->id;
$_CB_database->setQuery( $query );
$_CB_database->query();
}
break;
case 'approve':
if ( isset( $user->$col ) && ( $_CB_framework->getUi() == 2 ) && $user->id && ( $user->$col != null ) && ( $user->$colapproved == 0 ) ) {
$this->_logFieldUpdate( $field, $user, $reason, '', $user->$col ); // here we are missing the old value, so can't give it...
$user->$colapproved = 1;
$user->lastupdatedate = $_CB_framework->dateDbOfNow();
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem( $user, _UE_IMAGEAPPROVED_SUB, _UE_IMAGEAPPROVED_MSG );
}
break;
case '':
default:
$this->validate( $field, $user, $choice, $newAvatar, $postdata, $reason );
break;
}
}
function approveImage()
{
global $_CB_framework, $_CB_database, $_POST, $_REQUEST, $_SERVER;
// simple spoof check security for posts (menus do gets):
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
cbSpoofCheck('moderateimages');
}
$isModerator = Application::MyUser()->isGlobalModerator();
if (!$isModerator) {
cbNotAuth(true);
return;
}
$avatars = array();
if (isset($_POST['avatar'])) {
$avatars = cbGetParam($_POST, 'avatar');
} else {
$avatars[] = cbGetParam($_REQUEST, 'avatars');
}
if (isset($_POST['images'])) {
$userImages = cbGetParam($_POST, 'images');
} else {
$userImages = cbGetParam($_REQUEST, 'images');
}
if (isset($_POST['act'])) {
$act = cbGetParam($_POST, 'act');
} else {
$act = cbGetParam($_REQUEST, 'flag');
}
$cbNotification = new cbNotification();
if ($act == '1') {
if ($avatars) {
foreach ($avatars as $avatar) {
$query = 'UPDATE ' . $_CB_database->NameQuote('#__comprofiler') . "\n SET " . $_CB_database->NameQuote('avatarapproved') . " = 1" . ', ' . $_CB_database->NameQuote('lastupdatedate') . ' = ' . $_CB_database->Quote($_CB_framework->dateDbOfNow()) . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . (int) $avatar;
$_CB_database->setQuery($query);
$_CB_database->query();
$cbNotification->sendFromSystem((int) $avatar, CBTxt::T('UE_IMAGEAPPROVED_SUB', 'Image Approved'), CBTxt::T('UE_IMAGEAPPROVED_MSG', 'Your image has been approved by a moderator.'));
}
}
if ($userImages) {
foreach ($userImages as $user => $images) {
$imageColumns = array();
foreach ($images as $image) {
$imageColumns[] = $_CB_database->NameQuote($image . 'approved') . ' = 1';
}
$query = 'UPDATE ' . $_CB_database->NameQuote('#__comprofiler') . "\n SET " . implode(', ', $imageColumns) . ', ' . $_CB_database->NameQuote('lastupdatedate') . ' = ' . $_CB_database->Quote($_CB_framework->dateDbOfNow()) . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . (int) $user;
$_CB_database->setQuery($query);
$_CB_database->query();
$cbNotification->sendFromSystem((int) $user, CBTxt::T('UE_IMAGEAPPROVED_SUB', 'Image Approved'), CBTxt::T('UE_IMAGEAPPROVED_MSG', 'Your image has been approved by a moderator.'));
}
}
} else {
if ($avatars) {
foreach ($avatars as $avatar) {
$query = 'SELECT ' . $_CB_database->NameQuote('avatar') . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . (int) $avatar;
$_CB_database->setQuery($query);
$file = $_CB_database->loadResult();
if (preg_match("/gallery\\//i", $file) == false && is_file($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/' . $file)) {
unlink($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/' . $file);
if (is_file($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/tn' . $file)) {
unlink($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/tn' . $file);
}
}
$query = 'UPDATE ' . $_CB_database->NameQuote('#__comprofiler') . "\n SET " . $_CB_database->NameQuote('avatarapproved') . " = 1" . ', ' . $_CB_database->NameQuote('avatar') . ' = NULL' . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . (int) $avatar;
$_CB_database->setQuery($query);
$_CB_database->query();
$cbNotification->sendFromSystem((int) $avatar, CBTxt::T('UE_IMAGEREJECTED_SUB', 'Image Rejected'), CBTxt::T('UE_IMAGEREJECTED_MSG', 'Your image has been rejected by a moderator. Please log in and submit a new image.'));
}
}
if ($userImages) {
foreach ($userImages as $user => $images) {
$imageColumns = array();
foreach ($images as $image) {
$imageColumns[] = $_CB_database->NameQuote($image . 'approved') . ' = 1' . ', ' . $_CB_database->NameQuote($image) . ' = NULL';
$query = 'SELECT ' . $_CB_database->NameQuote($image) . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . (int) $user;
$_CB_database->setQuery($query);
$file = $_CB_database->loadResult();
if (preg_match("/gallery\\//i", $file) == false && is_file($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/' . $file)) {
unlink($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/' . $file);
if (is_file($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/tn' . $file)) {
unlink($_CB_framework->getCfg('absolute_path') . '/images/comprofiler/tn' . $file);
}
}
}
$query = 'UPDATE ' . $_CB_database->NameQuote('#__comprofiler') . "\n SET " . implode(', ', $imageColumns) . "\n WHERE " . $_CB_database->NameQuote('id') . " = " . (int) $user;
$_CB_database->setQuery($query);
$_CB_database->query();
$cbNotification->sendFromSystem((int) $user, CBTxt::T('UE_IMAGEREJECTED_SUB', 'Image Rejected'), CBTxt::T('UE_IMAGEREJECTED_MSG', 'Your image has been rejected by a moderator. Please log in and submit a new image.'));
}
}
}
cbRedirect($_CB_framework->viewUrl('moderateimages', false), CBTxt::Th('UE_USERIMAGEMODERATED_SUCCESSFUL', 'User Image Successfully Moderated!'));
}
function pbEdit( $id, $userId, $curruser, $iAmModerator, $tab )
{
global $_CB_database, $ueConfig;
$postertitle = $this->_getReqParam( 'postertitle', null );
$postercomment = $this->_getReqParam( 'postercomments', null );
$postername = $this->_getReqParam( 'postername', null );
$posterlocation = $this->_getReqParam( 'posterlocation', null );
$posteremail = $this->_getReqParam( 'posteremail', null );
$posterurl = $this->_getReqParam( 'posterurl', null );
$posterid = Application::MyUser()->getUserId();
$posterip = cbGetIPlist();
$postervote = $this->_getReqParam( 'postervote', 'NULL' );
$editedbyname = ( $posterid ? getNameFormat( $curruser->name, $curruser->username, $ueConfig['name_format'] ) : stripslashes( $postername ) );
$query = 'UPDATE #__comprofiler_plug_profilebook'
. ' SET editdate = NOW()'
. ( $posterid ? ', editedbyid = ' . $posterid : '' )
. ', editedbyname = ' . $_CB_database->Quote( $editedbyname )
. ', postername = ' . $_CB_database->Quote( stripslashes( $postername ) )
. ( $posteremail ? ', posteremail = ' . $_CB_database->Quote( stripslashes( $posteremail ) ) : '' )
. ', posterlocation = ' . $_CB_database->Quote( stripslashes( $posterlocation ) )
. ', postertitle = ' . $_CB_database->Quote( stripslashes( $postertitle ) )
. ', postercomment = ' . $_CB_database->Quote( stripslashes( $postercomment ) )
. ', postervote = ' . (int) $postervote
. ', posterip = ' . $_CB_database->Quote( $posterip )
// . ( $published !== null ? ', published = ' . (int) $published : '' )
. ', posterurl = ' . $_CB_database->Quote( stripslashes( $posterurl ) )
. ' WHERE id = ' . (int) $id
. ' AND userid = ' . (int) $userId
. ( $iAmModerator ? '' : ' AND posterid = ' . (int) $posterid )
;
$_CB_database->setQuery( $query );
$_CB_database->query();
$notify = $this->getUserParam( $userId, 'notifyme' );
$res = true;
if ( $notify && ( $userId != $posterid ) ) {
$autoPublish = $this->getUserParam( $userId, 'autopublish' );
$cbNotification = new cbNotification( );
$res = $cbNotification->sendFromSystem( (int) $userId, sprintf( CBTxt::T( "An entry in your %s has just been updated" ), CBTxt::T( $tab->title ) ),
sprintf( CBTxt::T( "%s has just submitted an edited entry for %s in your %s." ), $editedbyname, $postername, CBTxt::T( $tab->title ) )
. ( $iAmModerator ? '' : sprintf( $autoPublish ? CBTxt::T( "\n\nYour current setting is that new entries in your %1\$s are automatically published. To see the new entry, please login. You can then see the new entry and take appropriate action if needed. Direct access to your %1\$s:\n%2\$s\n" )
: CBTxt::T( "\n\nYour current setting is that you need to review entries in your %1\$s. Please login, review the new entry and publish if you agree. Direct access to your %1\$s:\n%2\$s\n" ),
CBTxt::T( $tab->title ), cbUnHtmlspecialchars( $this->_getAbsURLwithParam( array() ) ) ) ) );
}
return $res;
}