Esempio n. 1
0
 public function make()
 {
     $dir = system::getInstance()->get('dir');
     if (system::getInstance()->isLatinOrNumeric($dir) && system::getInstance()->length($dir) > 0 && user::getInstance()->get('id') > 0 && $_FILES['img'] != null) {
         $isIframe = $_POST["iframe"] ? true : false;
         $idarea = $_POST["idarea"];
         $obj = extension::getInstance()->call(extension::TYPE_HOOK, 'file');
         if (!is_object($obj)) {
             exit;
         }
         $result = $obj->uploadImage('/' . $dir . '/', $_FILES['img']);
         $fulllink = property::getInstance()->get('script_url') . "/upload/{$dir}/" . $result;
         if ($isIframe) {
             if ($result != null) {
                 echo '<html><body>OK<script>window.parent.$("#' . $idarea . '").insertImage("' . $fulllink . '","' . $fulllink . '").closeModal().updateUI();</script></body></html>';
             } else {
                 echo '<html><body>ERROR<script>window.parent.alert("Image upload error.");</script></body></html>';
             }
         } else {
             header("Content-type: text/javascript");
             if ($result != null) {
                 $json_response = array('status' => '1', 'msg' => 'ok', 'image_link' => $fulllink, 'thumb_link' => $fulllink);
             } else {
                 $json_response = array('status' => '0', 'msg' => 'error');
             }
             echo stripslashes(json_encode($json_response));
         }
     }
 }
Esempio n. 2
0
 private function viewStreamList()
 {
     csrf::getInstance()->buildToken();
     $params = array();
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $page_index = (int) system::getInstance()->get('index');
     $db_index = $page_index * self::ITEM_PER_PAGE;
     if (system::getInstance()->post('deleteSelected') && csrf::getInstance()->check()) {
         if (permission::getInstance()->have('global/owner') || permission::getInstance()->have('admin/components/stream/delete')) {
             $toDelete = system::getInstance()->post('check_array');
             if (is_array($toDelete) && sizeof($toDelete) > 0) {
                 $listDelete = system::getInstance()->altimplode(',', $toDelete);
                 if (system::getInstance()->isIntList($listDelete)) {
                     database::getInstance()->con()->query("DELETE FROM " . property::getInstance()->get('db_prefix') . "_com_stream WHERE id IN (" . $listDelete . ")");
                 }
             }
         }
     }
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_stream ORDER BY `date` DESC LIMIT ?," . self::ITEM_PER_PAGE);
     $stmt->bindParam(1, $db_index, \PDO::PARAM_INT);
     $stmt->execute();
     $resultAll = $stmt->fetchAll(\PDO::FETCH_ASSOC);
     $stmt = null;
     $ids = system::getInstance()->extractFromMultyArray('caster_id', $resultAll);
     user::getInstance()->listload($ids);
     foreach ($resultAll as $row) {
         $params['stream'][] = array('id' => $row['id'], 'type' => $row['type'], 'user_id' => $row['caster_id'], 'user_name' => user::getInstance()->get('nick', $row['caster_id']), 'url' => $row['target_object'], 'text' => system::getInstance()->nohtml($row['text_preview']), 'date' => system::getInstance()->todate($row['date'], 'h'));
     }
     $count_all = extension::getInstance()->call(extension::TYPE_COMPONENT, 'stream', false)->streamCount();
     $params['pagination'] = template::getInstance()->showFastPagination($page_index, self::ITEM_PER_PAGE, $count_all, '?object=components&action=stream&index=');
     return template::getInstance()->twigRender('components/stream/list.tpl', $params);
 }
Esempio n. 3
0
 public function urlRelativeToAbsolute($url)
 {
     if (!system::getInstance()->prefixEquals($url, 'http')) {
         $url = property::getInstance()->get('url') . $url;
     }
     return $url;
 }
Esempio n. 4
0
 public function make()
 {
     $comment_count = extension::getInstance()->getConfig('last_count', 'lastcomments', 'modules', 'int');
     if ($comment_count < 1) {
         $comment_count = 1;
     }
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE `pathway` != '' AND moderate = '0' ORDER BY `time` DESC LIMIT 0,?");
     $stmt->bindParam(1, $comment_count, PDO::PARAM_INT);
     $stmt->execute();
     $res = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $stmt = null;
     if (sizeof($res) > 0) {
         // have comments in db
         $max_comment_char_size = extension::getInstance()->getConfig('text_length', 'lastcomments', 'modules', 'int');
         $prepared_userlist = system::getInstance()->extractFromMultyArray('author', $res);
         user::getInstance()->listload($prepared_userlist);
         $params = array();
         foreach ($res as $result) {
             $comment_text = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->nobbcode($result['comment']);
             $params['comment'][] = array('user_id' => $result['author'], 'user_name' => user::getInstance()->get('nick', $result['author']), 'user_avatar' => user::getInstance()->buildAvatar('small', $result['author']), 'uri' => $result['pathway'], 'preview' => system::getInstance()->altsubstr($comment_text, 0, $max_comment_char_size), 'date' => system::getInstance()->toDate($result['time'], 'd'), 'guest_name' => system::getInstance()->nohtml($result['guest_name']));
         }
         $render = template::getInstance()->twigRender('modules/lastcomments/lastcomments.tpl', array('local' => $params));
         template::getInstance()->set(template::TYPE_MODULE, 'lastcomments', $render);
     }
 }
Esempio n. 5
0
 public function make()
 {
     $params = array();
     $news_count = extension::getInstance()->getConfig('new_count', 'news_new', extension::TYPE_MODULE, 'int');
     if ($news_count < 1) {
         $news_count = 1;
     }
     $stmt = database::getInstance()->con()->prepare("SELECT a.id,a.title,a.link,b.path FROM " . property::getInstance()->get('db_prefix') . "_com_news_entery a," . property::getInstance()->get('db_prefix') . "_com_news_category b\n                        WHERE a.category = b.category_id AND a.display > 0 ORDER BY a.date DESC LIMIT 0,?");
     $stmt->bindParam(1, $news_count, \PDO::PARAM_INT);
     $stmt->execute();
     $result = $stmt->fetchAll(\PDO::FETCH_ASSOC);
     $stmt = null;
     foreach ($result as $row) {
         $full_path = null;
         $image = null;
         if (property::getInstance()->get('use_multi_language')) {
             $full_path .= '/' . language::getInstance()->getUseLanguage();
         }
         $full_path .= '/news/';
         if ($row['path'] != null) {
             $full_path .= $row['path'] . '/';
         }
         $full_path .= $row['link'];
         $serial_title = system::getInstance()->altstripslashes(unserialize($row['title']));
         if (file_exists(root . '/upload/news/poster_' . $row['id'] . '.jpg')) {
             $image = 'poster_' . $row['id'];
         }
         $params['latest'][] = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'image' => $image, 'pathway' => $full_path);
     }
     $tmp = template::getInstance()->twigRender('modules/news_new/list.tpl', array('local' => $params));
     template::getInstance()->set(template::TYPE_MODULE, 'news_new', $tmp);
 }
Esempio n. 6
0
 public function make()
 {
     $post_id = (int) system::getInstance()->get('id');
     $user_id = (int) user::getInstance()->get('id');
     $message = system::getInstance()->nohtml(system::getInstance()->post('message'));
     // thank unknown tester for detect XSS vuln
     $time_between_posts = extension::getInstance()->getConfig('wall_post_delay', 'user', 'components', 'int');
     if ($post_id > 0 && $user_id > 0 && system::getInstance()->length($message) > 0 && permission::getInstance()->have('global/write')) {
         $stmt = database::getInstance()->con()->prepare("SELECT time FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE poster = ? ORDER BY id DESC LIMIT 1");
         $stmt->bindParam(1, $user_id, PDO::PARAM_INT);
         $stmt->execute();
         $res = $stmt->fetch();
         $last_post_time = $res['time'];
         $stmt = null;
         $current_time = time();
         if ($current_time - $last_post_time >= $time_between_posts) {
             $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_wall_answer (wall_post_id, poster, message, time) VALUES(?, ?, ?, ?)");
             $stmt->bindParam(1, $post_id, PDO::PARAM_INT);
             $stmt->bindParam(2, $user_id, PDO::PARAM_INT);
             $stmt->bindParam(3, $message, PDO::PARAM_STR);
             $stmt->bindParam(4, $current_time, PDO::PARAM_INT);
             $stmt->execute();
             $stmt = null;
         }
     }
     api::getInstance()->call('front', 'wallview')->make();
     // refresh list
 }
Esempio n. 7
0
 public function make()
 {
     if (user::getInstance()->get('id') > 0) {
         $userid = user::getInstance()->get('id');
         $title = system::getInstance()->nohtml(system::getInstance()->post('title'));
         $url = system::getInstance()->nohtml(system::getInstance()->post('url'));
         // only self domain
         if (system::getInstance()->prefixEquals($url, property::getInstance()->get('script_url')) && filter_var($url, FILTER_VALIDATE_URL) && system::getInstance()->length($title) > 0) {
             $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_user_bookmarks WHERE target = ? AND href = ?");
             $stmt->bindParam(1, $userid, PDO::PARAM_INT);
             $stmt->bindParam(2, $url, PDO::PARAM_STR);
             $stmt->execute();
             $res = $stmt->fetch();
             $stmt = null;
             if ($res[0] < 1) {
                 $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_user_bookmarks (`target`, `title`, `href`) VALUES (?, ?, ?)");
                 $stmt->bindParam(1, $userid, PDO::PARAM_INT);
                 $stmt->bindParam(2, $title, PDO::PARAM_STR);
                 $stmt->bindParam(3, $url, PDO::PARAM_STR);
                 $stmt->execute();
                 $stmt = null;
             }
         }
     }
 }
Esempio n. 8
0
 private function getFeedCount()
 {
     $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_com_feedback");
     $stmt->execute();
     $res = $stmt->fetch();
     $stmt = null;
     return $res[0];
 }
Esempio n. 9
0
 public function make()
 {
     $comment_id = (int) system::getInstance()->get('id');
     if (user::getInstance()->get('id') > 0 && permission::getInstance()->have('comment/delete') && $comment_id > 0) {
         $stmt = database::getInstance()->con()->prepare("DELETE FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
         $stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
         $stmt->execute();
     }
 }
Esempio n. 10
0
 public function show()
 {
     $captcha_type = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks');
     if ($captcha_type == "recaptcha") {
         require_once root . "/resource/recaptcha/recaptchalib.php";
         return recaptcha_get_html(extension::getInstance()->getConfig('captcha_publickey', 'captcha', 'hooks'));
     }
     return property::getInstance()->get('script_url') . '/resource/ccaptcha/captcha.php';
 }
Esempio n. 11
0
 function get_html($tree = null)
 {
     $this->autolinks = false;
     $text = '';
     foreach ($this->tree as $val) {
         if ('text' == $val['type']) {
             $text .= $val['str'];
         }
     }
     $href = '';
     if (isset($this->attrib['url'])) {
         $href = $this->attrib['url'];
     }
     if (!$href && isset($this->attrib['a'])) {
         $href = $this->attrib['a'];
     }
     if (!$href && isset($this->attrib['href'])) {
         $href = $this->attrib['href'];
     }
     if (!$href && !isset($this->attrib['anchor'])) {
         $href = $text;
     }
     $href = $this->checkUrl($href);
     $attr = 'class="bb"';
     if ($href) {
         if (system::getInstance()->prefixEquals($href, property::getInstance()->get('url')) || $href == property::getInstance()->get('url')) {
             $attr .= ' href="' . $href . '"';
         } else {
             $attr .= ' href="' . $href . '" rel="nofollow"';
         }
     }
     if (isset($this->attrib['title'])) {
         $title = $this->attrib['title'];
         $attr .= ' title="' . htmlspecialchars($title) . '"';
     }
     $id = '';
     if (isset($this->attrib['id'])) {
         $id = $this->attrib['id'];
     }
     if (!$id && isset($this->attrib['name'])) {
         $id = $this->attrib['name'];
     }
     if (!$id && isset($this->attrib['anchor'])) {
         $id = $this->attrib['anchor'];
         if (!$id) {
             $id = $text;
         }
     }
     if ($id) {
         if ($id[0] < 'A' || $id[0] > 'z') {
             $id = 'bb' . $id;
         }
         $attr .= ' id="' . htmlspecialchars($id) . '"';
     }
     return '<a ' . $attr . ' target="_blank">' . parent::get_html($this->tree) . '</a>';
 }
Esempio n. 12
0
 private function buildTagCloud()
 {
     $tag_count = extension::getInstance()->getConfig('tag_count', 'tagcloud', 'modules', 'int');
     $stmt = database::getInstance()->con()->prepare("SELECT SQL_CALC_FOUND_ROWS tag, COUNT(*) AS count FROM " . property::getInstance()->get('db_prefix') . "_mod_tags WHERE object_type = 'news' GROUP BY tag ORDER BY count DESC LIMIT 0,?");
     $stmt->bindParam(1, $tag_count, PDO::PARAM_INT);
     $stmt->execute();
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $stmt = null;
     return template::getInstance()->twigRender('modules/tagcloud/cloud.tpl', array('local' => $result));
 }
Esempio n. 13
0
 /**
  * Search and replace URL's for site mirrors
  * @param $text
  * @param bool $special_syntax
  * @return array|mixed
  */
 public function fix($text, $special_syntax = true)
 {
     if (!system::getInstance()->contains(';', property::getInstance()->get('source_url'))) {
         // if only single url is defined
         return $text;
     }
     if (is_array($text)) {
         $result = array();
         foreach ($text as $language => $i_text) {
             $result[$language] = $this->fix($i_text);
         }
         return $result;
     } else {
         if (!$special_syntax) {
             $text = system::getInstance()->nohtml($text);
             $bbobject = extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml');
             if (is_object($bbobject)) {
                 $text = $bbobject->nobbcode($text);
             }
         }
         $available_url = system::getInstance()->altexplode(';', property::getInstance()->get('source_url'));
         $used_url = property::getInstance()->get('script_url');
         $result = str_replace($available_url, $used_url, $text);
         if (property::getInstance()->get('user_friendly_url')) {
             // if url/index.php/ is used
             // url/index.php/ to url/
             $no_humanurls = $used_url . '/index.php/';
             $result = str_replace($no_humanurls, $used_url . '/', $result);
         } else {
             // try to set links to non-user friendly model /index.php/lang/ from /lang/
             foreach (language::getInstance()->getAvailable() as $s_lang) {
                 $source_human_urls = $used_url . '/' . $s_lang . '/';
                 $replacement_human_urls = $used_url . '/index.php/' . $s_lang . '/';
                 $result = str_replace($source_human_urls, $replacement_human_urls, $result);
             }
         }
         // if disabled multi-lang
         // /ru/page.html to /page.html, /index.php/ru/page.html to /index.php/page.html
         if (!property::getInstance()->get('use_multi_language')) {
             $to_replace = array();
             $replacement = null;
             foreach (language::getInstance()->getAvailable() as $s_lang) {
                 $to_replace[] = $used_url . '/index.php/' . $s_lang . '/';
                 $to_replace[] = $used_url . '/' . $s_lang . '/';
             }
             if (property::getInstance()->get('user_friendly_url')) {
                 $replacement = $used_url . '/';
             } else {
                 $replacement = $used_url . '/index.php/';
             }
             $result = str_replace($to_replace, $replacement, $result);
         }
         return $result;
     }
 }
Esempio n. 14
0
 /**
  * Comments count by URI
  * @param string|null $way
  * @return mixed
  */
 public function getCount($way = null)
 {
     if (is_null($way)) {
         $way = router::getInstance()->getUriString();
     }
     $stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = 0");
     $stmt->bindParam(1, $way, PDO::PARAM_STR);
     $stmt->execute();
     $resultSet = $stmt->fetch();
     return $resultSet[0];
 }
Esempio n. 15
0
 public function make()
 {
     $post_id = (int) system::getInstance()->get('id');
     $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_user_wall_answer WHERE wall_post_id = ? ORDER BY id DESC");
     $stmt->bindParam(1, $post_id, PDO::PARAM_INT);
     $stmt->execute();
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     user::getInstance()->listload(system::getInstance()->extractFromMultyArray('poster', $result));
     $params = array();
     foreach ($result as $item) {
         $params['answer'][] = array('poster_id' => $item['poster'], 'poster_name' => user::getInstance()->get('nick', $item['poster']), 'poster_avatar' => user::getInstance()->buildAvatar('small', $item['poster']), 'message' => $item['message'], 'time' => system::getInstance()->toDate($item['time'], 'h'));
     }
     echo template::getInstance()->twigRender('components/user/profile/profile_answer.tpl', array('local' => $params));
 }
Esempio n. 16
0
 public function make()
 {
     $url = system::getInstance()->get('url');
     if (!filter_var($url, FILTER_VALIDATE_URL)) {
         $url_decode = @base64_decode($url);
         if (filter_var($url_decode, FILTER_VALIDATE_URL)) {
             $url = $url_decode;
         } else {
             $url = property::getInstance()->get('url');
         }
     }
     $theme = "<html>\n                <head>\n                    <meta http-equiv=\"refresh\" content=\"0; url={$url}\">\n                    <script type=\"text/javascript\">\n                        location.href = \"{$url}\";\n                    </script>\n                </head>\n                <body>\n                Redirecting ... <br />\n                <strong>Link: <noindex><a href=\"{$url}\" rel=\"nofollow\">{$url}</a></noindex></strong>\n                </body>\n                </html>";
     echo $theme;
 }
Esempio n. 17
0
 private function searchOnPage($query)
 {
     $params = array();
     $queryBuild = '%' . $query . '%';
     $stmt = database::getInstance()->con()->prepare("SELECT title,text,pathway,date FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE text like ? OR title like ? ORDER BY `date` LIMIT 50");
     $stmt->bindParam(1, $queryBuild, PDO::PARAM_STR);
     $stmt->bindParam(2, $queryBuild, PDO::PARAM_STR);
     $stmt->execute();
     $compiled_body = null;
     while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
         $title = unserialize($result['title']);
         $serial_text = unserialize($result['text']);
         $text = system::getInstance()->altsubstr(system::getInstance()->nohtml($serial_text[language::getInstance()->getUseLanguage()]), 0, 200);
         $link = "static/" . $result['pathway'];
         $params['static'][] = array('link' => $link, 'title' => $title[language::getInstance()->getUseLanguage()], 'snippet' => $text, 'date' => system::getInstance()->toDate($result['date'], 'h'));
     }
     return $params;
 }
Esempio n. 18
0
 public function make()
 {
     $to = system::getInstance()->get('to');
     $refer = $_SERVER['HTTP_REFERER'];
     if (language::getInstance()->canUse($to) && system::getInstance()->prefixEquals($refer, property::getInstance()->get('url'))) {
         $uri = system::getInstance()->altexplode('/', substr($refer, strlen(property::getInstance()->get('url'))));
         if (!property::getInstance()->get('user_friendly_url')) {
             array_shift($uri);
         }
         array_shift($uri);
         $uri_no_lang = system::getInstance()->altimplode('/', $uri);
         $uri_target = '/' . $to . '/';
         $uri_target .= $uri_no_lang;
         system::getInstance()->redirect($uri_target);
     } else {
         system::getInstance()->redirect();
     }
 }
Esempio n. 19
0
 public function make()
 {
     $obj = api::getInstance()->call('front', 'commentedit');
     if (is_object($obj)) {
         $comment_id = (int) system::getInstance()->post('comment_id');
         if (!$obj->canEdit($comment_id)) {
             return null;
         }
         $comment_text = system::getInstance()->nohtml(system::getInstance()->post('comment_text'), true);
         if ($comment_id > 0 && strlen($comment_text) > 0) {
             $stmt = database::getInstance()->con()->prepare("UPDATE " . property::getInstance()->get('db_prefix') . "_mod_comments set comment = ? where id = ?");
             $stmt->bindParam(1, $comment_text, PDO::PARAM_STR);
             $stmt->bindParam(2, $comment_id, PDO::PARAM_INT);
             $stmt->execute();
             $stmt = null;
         }
     }
 }
Esempio n. 20
0
 /**
  * Get comment list
  * @param null $way
  * @param int $end
  * @param bool $show_all
  * @return array
  */
 public function getCommentsParams($way = null, $end = 0, $show_all = false)
 {
     $userid = user::getInstance()->get('id');
     $stmt = null;
     if (is_null($way)) {
         $way = router::getInstance()->getUriString();
     }
     if ($show_all) {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC");
         $stmt->bindParam(1, $way, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $comment_count = extension::getInstance()->getConfig('comments_count', 'comments', 'modules', 'int');
         if ($end < 1) {
             $end = 1;
         }
         $end *= $comment_count;
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE pathway = ? AND moderate = '0' ORDER BY id DESC LIMIT 0,?");
         $stmt->bindParam(1, $way, PDO::PARAM_STR);
         $stmt->bindParam(2, $end, PDO::PARAM_INT);
         $stmt->execute();
     }
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     user::getInstance()->listload(system::getInstance()->extractFromMultyArray('author', $result));
     $params = array();
     foreach ($result as $item) {
         $poster_id = $item['author'];
         $can_edit = false;
         $can_delete = false;
         $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
         if ($userid > 0) {
             if ($poster_id == $userid && time() - $item['time'] <= $editconfig || permission::getInstance()->have('comment/edit')) {
                 $can_edit = true;
             }
             if (permission::getInstance()->have('comment/delete')) {
                 $can_delete = true;
             }
         }
         $params[] = array('author_id' => $poster_id, 'author_nick' => user::getInstance()->get('nick', $poster_id), 'author_avatar' => user::getInstance()->buildAvatar('small', $poster_id), 'comment_text' => extension::getInstance()->call(extension::TYPE_HOOK, 'bbtohtml')->bbcode2html($item['comment']), 'comment_date' => system::getInstance()->toDate($item['time'], 'h'), 'unixtime' => $item['time'], 'comment_id' => $item['id'], 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'guest_name' => system::getInstance()->nohtml($item['guest_name']));
     }
     $stmt = null;
     return $params;
 }
Esempio n. 21
0
 private function viewUpload()
 {
     $file = $_FILES['files'];
     $news_id = (int) system::getInstance()->get('id');
     if ($file['size'] < 1 || !is_int($news_id) || $news_id < 1) {
         return;
     }
     $dir = self::FILES_PATH . $news_id . '/';
     $full_img = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage($dir . 'orig/', $file);
     if (!$full_img) {
         return;
     }
     $full_path = root . '/upload' . $dir . 'orig/' . $full_img;
     $dx = extension::getInstance()->getConfig('gallery_dx', 'news', extension::TYPE_COMPONENT, 'int');
     $dy = extension::getInstance()->getConfig('gallery_dy', 'news', extension::TYPE_COMPONENT, 'int');
     $thumb_img = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadResizedImage($dir . 'thumb/', $full_path, $dx, $dy, $full_img);
     $output[] = array('name' => $full_img, 'url' => property::getInstance()->get('script_url') . '/upload' . $dir . 'orig/' . $full_img, 'thumbnailUrl' => property::getInstance()->get('script_url') . '/upload' . $dir . 'thumb/' . $thumb_img);
     echo json_encode(array('files' => $output));
 }
Esempio n. 22
0
 public function make()
 {
     $params = array();
     $params['captcha_full'] = extension::getInstance()->getConfig('captcha_type', 'captcha', 'hooks') == "recaptcha" ? true : false;
     $params['captcha'] = extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->show();
     if (system::getInstance()->post('dofeedback')) {
         $poster_name = system::getInstance()->nohtml(system::getInstance()->post('topic_name'));
         $topic_title = system::getInstance()->nohtml(system::getInstance()->post('topic_title'));
         $topic_text = system::getInstance()->nohtml(system::getInstance()->post('topic_body'));
         $poster_email = user::getInstance()->get('id') > 0 ? user::getInstance()->get('email') : system::getInstance()->post('topic_email');
         $captcha = system::getInstance()->post('captcha');
         $date = time();
         if (!filter_var($poster_email, FILTER_VALIDATE_EMAIL)) {
             $params['notify']['wrong_email'] = true;
         }
         if (system::getInstance()->length($topic_title) < 3 || system::getInstance()->length($topic_title) > 70) {
             $params['notify']['wrong_title'] = true;
         }
         if (system::getInstance()->length($poster_name) < 3 || system::getInstance()->length($poster_name) > 50) {
             $params['notify']['wrong_name'] = true;
         }
         if (system::getInstance()->length($topic_text) < 10) {
             $params['notify']['wrong_text'] = true;
         }
         if (!extension::getInstance()->call(extension::TYPE_HOOK, 'captcha')->validate($captcha)) {
             $params['notify']['wrong_captcha'] = true;
         }
         if (sizeof($params['notify']) == 0) {
             $stmt = database::getInstance()->con()->prepare("INSERT INTO " . property::getInstance()->get('db_prefix') . "_com_feedback (`from_name`, `from_email`, `title`, `text`, `time`) VALUES (?, ?, ?, ?, ?)");
             $stmt->bindParam(1, $poster_name, PDO::PARAM_STR);
             $stmt->bindParam(2, $poster_email, PDO::PARAM_STR);
             $stmt->bindParam(3, $topic_title, PDO::PARAM_STR);
             $stmt->bindParam(4, $topic_text, PDO::PARAM_STR);
             $stmt->bindParam(5, $date, PDO::PARAM_INT);
             $stmt->execute();
             $params['notify']['success'] = true;
         }
     }
     meta::getInstance()->add('title', language::getInstance()->get('feedback_form_title'));
     $render = template::getInstance()->twigRender('components/feedback/form.tpl', array('local' => $params));
     template::getInstance()->set(template::TYPE_CONTENT, 'body', $render);
 }
Esempio n. 23
0
 public function make()
 {
     if ($_FILES['upload'] == null) {
         return null;
     }
     $type = (int) system::getInstance()->get('type');
     $result = false;
     $save_folder = false;
     $allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
     foreach ($allow_ext as $key => $value) {
         // no dots
         $nodot = str_replace('.', '', $value);
         if (system::getInstance()->length($nodot) > 0) {
             $allow_ext[$key] = $nodot;
         }
     }
     switch ($type) {
         case 1:
             if (permission::getInstance()->have('admin/imagebrowser')) {
                 $result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadImage('/images/', $_FILES['upload']);
                 $save_folder = 'images';
             }
             break;
         case 2:
             if (permission::getInstance()->have('admin/flashbrowser')) {
                 $result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/flash/', $_FILES['upload'], array('swf'));
                 $save_folder = 'flash';
             }
             break;
         default:
             if (permission::getInstance()->have('admin/filebrowser')) {
                 $result = extension::getInstance()->call(extension::TYPE_HOOK, 'file')->uploadFile('/other/', $_FILES['upload'], $allow_ext);
                 $save_folder = 'other';
             }
             break;
     }
     if (!$result || !$save_folder) {
         echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "", "' . language::getInstance()->get('fileupload_api_error') . '");</script></body></html>';
     } else {
         echo '<html><body><script type="text/javascript">window.parent.CKEDITOR.tools.callFunction("' . $_GET['CKEditorFuncNum'] . '", "' . property::getInstance()->get('script_url') . '/upload/' . $save_folder . '/' . $result . '");</script></body></html>';
     }
 }
Esempio n. 24
0
 public function make()
 {
     if (!permission::getInstance()->have('admin/filemanager')) {
         return;
     }
     include_once root . '/resource/elfinder/php/elFinderConnector.class.php';
     include_once root . '/resource/elfinder/php/elFinder.class.php';
     include_once root . '/resource/elfinder/php/elFinderVolumeDriver.class.php';
     include_once root . '/resource/elfinder/php/elFinderVolumeLocalFileSystem.class.php';
     function access($attr, $path, $data, $volume)
     {
         return strpos(basename($path), '.') === 0 ? !($attr == 'read' || $attr == 'write') : null;
         // else elFinder decide it itself
     }
     if (!file_exists(root . '/upload/')) {
         system::getInstance()->createDirectory(root . '/upload/', 0755);
     }
     $opts = array('roots' => array(array('driver' => 'LocalFileSystem', 'path' => root . '/upload/', 'URL' => property::getInstance()->get('script_url') . '/upload/', 'accessControl' => 'access')));
     $connector = new elFinderConnector(new elFinder($opts));
     $connector->run();
 }
Esempio n. 25
0
 private function browseAll()
 {
     $result = array();
     $path = root . '/upload/other/';
     $allow_ext = system::getInstance()->altexplode(';', property::getInstance()->get('upload_allowed_ext'));
     foreach ($allow_ext as $key => $value) {
         // no dots
         $nodot = str_replace('.', '', $value);
         if (system::getInstance()->length($nodot) > 0) {
             $allow_ext[$key] = $nodot;
         }
     }
     foreach (scandir($path) as $file) {
         $f_pharse = system::getInstance()->altexplode('.', $file);
         $file_ext = array_pop($f_pharse);
         if (in_array($file_ext, $allow_ext)) {
             $result[] = array('path' => system::getInstance()->get('script_url') . 'upload/flash/' . $file, 'name' => system::getInstance()->nohtml($file));
         }
     }
     return $result;
 }
Esempio n. 26
0
 private function showNewPmCount()
 {
     $userid = user::getInstance()->get('id');
     $lastpmview = user::getInstance()->get('lastpmview');
     //$stmt = database::getInstance()->con()->prepare("SELECT COUNT(*) FROM ".property::getInstance()->get('db_prefix')."_user_messages WHERE `to` = ? AND timeupdate >= ?");
     $stmt = database::getInstance()->con()->prepare("SELECT COUNT(DISTINCT msg.id) FROM " . property::getInstance()->get('db_prefix') . "_user_messages as msg\n            LEFT OUTER JOIN " . property::getInstance()->get('db_prefix') . "_user_messages_answer as ans ON msg.id = ans.topic\n            WHERE (msg.to = ? OR ans.from != ?) AND (msg.timeupdate >= ? OR ans.time >= ?) GROUP BY msg.id");
     $stmt->bindParam(1, $userid, \PDO::PARAM_INT);
     $stmt->bindParam(2, $userid, \PDO::PARAM_INT);
     $stmt->bindParam(3, $lastpmview, \PDO::PARAM_INT);
     $stmt->bindParam(4, $lastpmview, \PDO::PARAM_INT);
     //$stmt->bindParam(1, $userid, PDO::PARAM_INT);
     //$stmt->bindParam(2, $lastpmview, PDO::PARAM_INT);
     $stmt->execute();
     $result = $stmt->fetch();
     $stmt = null;
     $new_pm_count = $result[0];
     if ($new_pm_count < 1) {
         $new_pm_count = 0;
     }
     template::getInstance()->set(template::TYPE_MODULE, 'message_new_count', $new_pm_count);
 }
Esempio n. 27
0
 public function make()
 {
     $params = array();
     if (system::getInstance()->post('submit')) {
         if (admin::getInstance()->saveExtensionConfigs()) {
             $params['notify']['save_success'] = true;
         }
     }
     $params['extension']['title'] = admin::getInstance()->viewCurrentExtensionTitle();
     $params['config']['show_date'] = extension::getInstance()->getConfig('show_date', 'static_on_main', extension::TYPE_MODULE, 'int');
     $params['config']['news_id'] = extension::getInstance()->getConfig('news_id', 'static_on_main', extension::TYPE_MODULE, 'int');
     $stmt = database::getInstance()->con()->prepare("SELECT `id`, `title` FROM " . property::getInstance()->get('db_prefix') . "_com_static ORDER BY `id` DESC");
     $stmt->execute();
     $resultAll = $stmt->fetchAll(PDO::FETCH_ASSOC);
     foreach ($resultAll as $row) {
         $serial_title = unserialize($row['title']);
         $params['staticpages'][] = array('id' => $row['id'], 'title' => $serial_title[language::getInstance()->getUseLanguage()]);
     }
     $stmt = null;
     return template::getInstance()->twigRender('modules/static_on_main/settings.tpl', $params);
 }
Esempio n. 28
0
 /**
  * Set in body position static page for $pathway
  * @param string $pathway
  * @param int $id
  * @param boolean $show_date
  * @param boolean $is_main
  * @return string|null
  */
 public function display($pathway, $id = null, $show_date = true, $is_main = false)
 {
     $stmt = null;
     if (is_null($id)) {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE pathway = ?");
         $stmt->bindParam(1, $pathway, PDO::PARAM_STR);
         $stmt->execute();
     } else {
         $stmt = database::getInstance()->con()->prepare("SELECT * FROM " . property::getInstance()->get('db_prefix') . "_com_static WHERE id = ?");
         $stmt->bindParam(1, $id, PDO::PARAM_INT);
         $stmt->execute();
     }
     if ($stmt != null && ($result = $stmt->fetch())) {
         $serial_title = unserialize($result['title']);
         $serial_text = unserialize($result['text']);
         $serial_keywords = unserialize($result['keywords']);
         $serial_description = unserialize($result['description']);
         if (system::getInstance()->length($serial_title[language::getInstance()->getUseLanguage()]) < 1 || system::getInstance()->length($serial_text[language::getInstance()->getUseLanguage()]) < 1) {
             return null;
         }
         $urlfix_object = extension::getInstance()->call(extension::TYPE_HOOK, 'urlfixer');
         if (is_object($urlfix_object)) {
             $serial_text = $urlfix_object->fix($serial_text);
         }
         if ($pathway) {
             meta::getInstance()->add('title', $serial_title[language::getInstance()->getUseLanguage()]);
             meta::getInstance()->add('keywords', $serial_keywords[language::getInstance()->getUseLanguage()]);
             meta::getInstance()->add('description', $serial_description[language::getInstance()->getUseLanguage()]);
         }
         $params = array('title' => $serial_title[language::getInstance()->getUseLanguage()], 'text' => $serial_text[language::getInstance()->getUseLanguage()], 'date' => system::getInstance()->toDate($result['date'], 'd'), 'show_date' => $show_date, 'is_main' => $is_main, 'pathway' => property::getInstance()->get('url') . '/static/' . $pathway);
         if (system::getInstance()->get('print') == 'true') {
             template::getInstance()->justPrint(template::getInstance()->twigRender('components/static/print.tpl', array('local' => $params)));
         }
         return template::getInstance()->twigRender('components/static/page.tpl', array('local' => $params));
     }
     return null;
 }
Esempio n. 29
0
 public function send($to, $title, $text, $ownername = null)
 {
     if (is_null($this->mailer)) {
         require_once root . '/resource/phpmailer/class.phpmailer.php';
         $this->mailer = new PHPMailer(true);
     }
     if (property::getInstance()->get('mail_smtp_use') != 0) {
         $this->mailer->IsSMTP();
         // telling the class to use SMTP
         $this->mailer->SMTPDebug = 0;
         // enables SMTP debug information (for testing)
         $this->mailer->SMTPAuth = property::getInstance()->get('mail_smtp_auth');
         // enable SMTP authentication
         $this->mailer->Host = property::getInstance()->get('mail_smtp_host');
         // sets the SMTP server
         $this->mailer->Port = property::getInstance()->get('mail_smtp_port');
         // set the SMTP port for the GMAIL server
         $this->mailer->Username = property::getInstance()->get('mail_smtp_login');
         // SMTP account username
         $this->mailer->Password = property::getInstance()->get('mail_smtp_password');
         // SMTP account password
         $this->mailer->SetFrom(property::getInstance()->get('mail_from'), property::getInstance()->get('mail_ownername'));
         $this->mailer->AddReplyTo(property::getInstance()->get('mail_from'), property::getInstance()->get('mail_ownername'));
         $this->mailer->Subject = $title;
         $this->mailer->AltBody = "To view the message, please use an HTML compatible email viewer!";
         // optional, comment out and test
         $this->mailer->MsgHTML($text);
         $this->mailer->AddAddress($to, $ownername);
         $this->mailer->IsHTML(true);
         return $this->mailer->Send();
     } else {
         $headers = 'MIME-Version: 1.0' . "\r\n";
         $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
         $headers .= 'From: ' . property::getInstance()->get('mail_from') . "\r\n";
         return mail($to, $title, $text, $headers);
     }
 }
Esempio n. 30
0
 public function canEdit($comment_id)
 {
     if (permission::getInstance()->have('global/owner')) {
         // no limits for full admin
         return true;
     }
     if (user::getInstance()->get('id') < 1) {
         return false;
     }
     if (!permission::getInstance()->have('global/write')) {
         return false;
     }
     $userid = user::getInstance()->get('id');
     $stmt = database::getInstance()->con()->prepare("SELECT author,time FROM " . property::getInstance()->get('db_prefix') . "_mod_comments WHERE id = ?");
     $stmt->bindParam(1, $comment_id, PDO::PARAM_INT);
     $stmt->execute();
     if ($result = $stmt->fetch()) {
         $editconfig = extension::getInstance()->getConfig('edit_time', 'comments', 'modules', 'int');
         if ($result['author'] != $userid || time() - $result['time'] > $editconfig && !permission::getInstance()->have('comment/edit')) {
             return false;
         }
     }
     return true;
 }