/**
* Saves the user edit tab postdata into the tab's permanent storage
* @param moscomprofilerTab $tab the tab database entry
* @param moscomprofilerUser $user the user being displayed
* @param int $ui 1 for front-end, 2 for back-end
* @param array $postdata _POST data for saving edited tab content as generated with getEditTab
* @return mixed either string HTML for tab content, or false if ErrorMSG generated
*/
function saveEditTab($tab, &$user, $ui, $postdata)
{
global $my, $_CB_framework, $_POST, $mainframe;
// $mainframe needed by the require
if (intval($_CB_framework->myId()) < 1) {
cbNotAuth();
return;
}
if (!$this->_CheckYancInstalled()) {
return;
}
require_once $_CB_framework->getCfg('absolute_path') . _NEWSLETTERFILE;
$newslettersSubscriptions = new YancSubscription();
$lists = cbGetParam($_POST, 'newsLitems', array(0));
$html = cbGetParam($_POST, 'newsLhtml', 0);
$subscribemessage = !($ui == 2 && $user->approved && $user->confirmed);
$result = $newslettersSubscriptions->saveMassSubscribe($user, $lists, $html, $subscribemessage);
if ($result) {
$this->_setErrorMSG($result);
}
}
/**
* Displays specific plans
*
* @param int[]|null $plans
* @param int[]|null $plansToPreselect
* @param UserTable $user
* @param string $introText
* @return null|string
*/
public static function displaySpecificPlans($plans, $plansToPreselect, $user, $introText)
{
global $_CB_framework, $_PLUGINS, $ueConfig;
$return = '';
$subscriptionsGUI = new cbpaidControllerUI();
if (is_array($plans) && count($plans) == 0) {
$return .= '<div class="message">' . _UE_NOT_AUTHORIZED . ($user === null ? ' ' . _UE_DO_LOGIN : '') . '</div>';
} else {
$subscriptionsGUI->setShowOnlyPlans($plans);
$subscriptionsGUI->setSelectedPlans($plansToPreselect);
if ($user === null) {
// Show registration form:
if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1')) {
cbNotAuth();
return null;
}
if ($_CB_framework->myId()) {
$return .= '<div class="error">' . _UE_ALREADY_LOGGED_IN . '</div>';
return self::displayWithTemplate($return);
}
$fieldsQuery = null;
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin');
$regErrorMSG = null;
$results = $_PLUGINS->trigger('onBeforeRegisterForm', array('com_comprofiler', isset($ueConfig['emailpass']) ? $ueConfig['emailpass'] : '******', &$regErrorMSG, $fieldsQuery));
if ($_PLUGINS->is_errors()) {
$return .= "<script type=\"text/javascript\">alert('" . addslashes($_PLUGINS->getErrorMSG(" ; ")) . "'); </script>\n";
$return .= $_PLUGINS->getErrorMSG("<br />");
return self::displayWithTemplate($return);
}
if (implode('', $results) != "") {
$allResults = implode("</div><div>", $results);
$return .= "<div>" . $allResults . "</div>";
return self::displayWithTemplate($return);
}
$loginOrRegister = CBPTXT::Th(cbpaidApp::settingsParams()->get('plansLoginOrRegisterText', "If you already have an account, please login first. Otherwise you need to register using this form."));
$userComplete = new UserTable();
$option = 'com_comprofiler';
$emailpass = isset($ueConfig['emailpass']) ? $ueConfig['emailpass'] : '******';
$regErrorMSG = $loginOrRegister . ' ' . $introText;
ob_start();
$null = null;
HTML_comprofiler::registerForm($option, $emailpass, $userComplete, $null, $regErrorMSG, true);
$return .= ob_get_contents();
ob_end_clean();
} else {
// User logged in: Show upgrade form:
$itsmyself = true;
$params = cbpaidApp::settingsParams();
$subTxt = CBPTXT::T($params->get('subscriptions_name', 'subscriptions'));
$title = ucfirst($subTxt);
if ($title) {
$return .= '<div class="contentheading" id="cbregProfileTitle">' . $title . "</div>\n";
}
if ($introText) {
$return .= '<div class="contentpane">' . $introText . '</div>';
}
$return .= $subscriptionsGUI->getShowSubscriptionUpgrades($user, $itsmyself);
}
$subscriptionsGUI->setShowOnlyPlans(null);
}
return self::displayWithTemplate($return);
}
function processConnectionActions($connectionids) {
global $_CB_framework, $ueConfig, $_POST;
// simple spoof check security
cbSpoofCheck( 'manageConnections' );
if(!$ueConfig['allowConnections']) {
echo _UE_FUNCTIONALITY_DISABLED;
return;
}
if ( ! ( $_CB_framework->myId() > 0 ) ) {
cbNotAuth();
return;
}
$cbCon = new cbConnection( $_CB_framework->myId() );
if (is_array($connectionids)) {
foreach($connectionids AS $cid) {
$action = cbGetParam( $_POST, $cid . 'action' );
if ( $action== 'd' ) {
$cbCon->denyConnection( $_CB_framework->myId(), $cid );
} elseif ( $action == 'a' ) {
$cbCon->acceptConnection( $_CB_framework->myId(), $cid );
}
}
}
$error = $cbCon->getErrorMSG();
if ( $error ) {
cbRedirect( cbSef( 'index.php?option=com_comprofiler&task=manageConnections' . getCBprofileItemid(), false ), $error, 'error' );
} else {
cbRedirect( cbSef( 'index.php?option=com_comprofiler&task=manageConnections' . getCBprofileItemid(), false ),
( is_array($connectionids) ) ? _UE_CONNECTIONACTIONSSUCCESSFULL : null );
}
return;
}
/**
* @param string $option
*/
function saveRegistrationNOCHECKSLOL($option)
{
global $_CB_framework, $_CB_database, $ueConfig, $_POST, $_PLUGINS;
// Check rights to access:
if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1') || $_CB_framework->myId()) {
cbNotAuth();
return;
}
if (!isset($ueConfig['emailpass'])) {
$ueConfig['emailpass'] = '******';
}
$userComplete = new moscomprofilerUser($_CB_database);
// Pre-registration trigger:
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onStartSaveUserRegistration', array());
if ($_PLUGINS->is_errors()) {
echo "<script type=\"text/javascript\">alert('" . addslashes($_PLUGINS->getErrorMSG()) . "'); </script>\n";
$oldUserComplete = new moscomprofilerUser($_CB_database);
$userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG("<br />"));
return;
}
// Check if this user already registered with exactly this username and password:
$username = cbGetParam($_POST, 'username', '');
$usernameExists = $userComplete->loadByUsername($username);
if ($usernameExists) {
$password = cbGetParam($_POST, 'password', '', _CB_ALLOWRAW);
if ($userComplete->verifyPassword($password)) {
$pwd_md5 = $userComplete->password;
$userComplete->password = $password;
$messagesToUser = activateUser($userComplete, 1, 'SameUserRegistrationAgain');
$userComplete->password = $pwd_md5;
echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n";
return;
} else {
$msg = sprintf(_UE_USERNAME_ALREADY_EXISTS, $username);
echo "<script type=\"text/javascript\">alert('" . addslashes($msg) . "'); </script>\n";
$oldUserComplete = new moscomprofilerUser($_CB_database);
$userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, htmlspecialchars($msg));
return;
}
}
// Store and check terms and conditions accepted (not a field yet !!!!):
if (isset($_POST['acceptedterms'])) {
$userComplete->acceptedterms = (int) cbGetParam($_POST, 'acceptedterms', 0) == 1 ? 1 : 0;
} else {
$userComplete->acceptedterms = null;
}
if ($ueConfig['reg_enable_toc']) {
if ($userComplete->acceptedterms != 1) {
echo "<script type=\"text/javascript\">alert('" . addslashes(cbUnHtmlspecialchars(_UE_TOC_REQUIRED)) . "'); </script>\n";
$oldUserComplete = new moscomprofilerUser($_CB_database);
$userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, _UE_TOC_REQUIRED . '<br />');
return;
}
}
// Set id to 0 for autoincrement and store IP address used for registration:
$userComplete->id = 0;
$userComplete->registeripaddr = cbGetIPlist();
// Store new user state:
$saveResult = $userComplete->saveSafely($_POST, $_CB_framework->getUi(), 'register');
if ($saveResult === false) {
echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n";
HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
return;
}
if ($saveResult['ok'] === true) {
$messagesToUser = activateUser($userComplete, 1, "UserRegistration");
}
foreach ($saveResult['tabs'] as $res) {
if ($res) {
$messagesToUser[] = $res;
}
}
if ($saveResult['ok'] === false) {
echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n";
HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
return;
}
$_PLUGINS->trigger('onAfterUserRegistrationMailsSent', array(&$userComplete, &$userComplete, &$messagesToUser, $ueConfig['reg_confirmation'], $ueConfig['reg_admin_approval'], true));
foreach ($saveResult['after'] as $res) {
if ($res) {
echo "\n<div>" . $res . "</div>\n";
}
}
if ($_PLUGINS->is_errors()) {
echo $_PLUGINS->getErrorMSG();
HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG());
return;
}
echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n";
}
/**
* WARNING: UNCHECKED ACCESS! On purpose unchecked access for M2M operations
* Generates the HTML to display for a specific component-like page for the tab. WARNING: unchecked access !
* @param TabTable|null $tab the tab database entry
* @param UserTable $user the user being displayed
* @param int $ui 1 for front-end, 2 for back-end
* @param array $postdata _POST data for saving edited tab content as generated with getEditTab
* @return mixed either string HTML for tab content, or false if ErrorMSG generated
*/
public function getTabComponent( /** @noinspection PhpUnusedParameterInspection */ $tab, $user, $ui, $postdata ) {
global $_CB_database, $_CB_framework, $_POST;
$return = '';
$paid = false;
$oldignoreuserabort = ignore_user_abort(true);
$allowHumanHtmlOutput = true; // this will be reverted in case of M2M server-to-server notifications
$act = $this->base->_getReqParam( 'act' );
$actPosted = isset($_POST[$this->base->_getPagingParamName('act')]);
if ( $act === null ) {
$act = $this->base->input( 'act', null, GetterInterface::COMMAND );
$actPosted = $this->base->input( 'post/act', null, GetterInterface::COMMAND ) !== null;
}
$post_user_id = (int) cbGetParam( $_GET, 'user', 0 );
if ( $actPosted && ( $post_user_id > 0 ) ) {
$access = false;
$myId = $_CB_framework->myId();
if ( is_object( $user ) ) {
if ( $myId == 0 ) {
if ( in_array( $act, array( 'saveeditinvoiceaddress', 'saveeditbasketintegration', 'showbskt' ) ) ) {
$access = true;
} else {
$paidsubsManager =& cbpaidSubscriptionsMgr::getInstance();
if ( ! $paidsubsManager->checkExpireMe( __FUNCTION__, $user->id, false ) ) {
// expired subscriptions: we will allow limited access to:
if ( in_array( $act, array( 'upgrade', 'pay', 'reactivate', 'resubscribe', 'display_subscriptions' ) ) ) {
$access = true;
}
}
}
} else {
if ( ( $ui == 1 && ( $user->id == $myId ) )
|| ( cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionmanage' ) ) ) {
$access = true;
}
}
} else {
$return = CBPTXT::T("User does not exist") . '.';
}
if ( ! $access ) {
$return .= '<br />' . CBPTXT::T("Not authorized action") . '.';
return $return;
}
cbSpoofCheck( 'plugin' ); // anti-spoofing check
// renew or upgrade subscription payment form:
$params = $this->params;
$now = $_CB_framework->now();
$subscriptionsGUI = new cbpaidControllerUI();
$subscriptionIds = $subscriptionsGUI->getEditPostedBoxes( 'id' );
if ( $subscriptionIds == array( 0 ) ) {
$subscriptionIds = array();
}
if ( $post_user_id && ( $user->id == $post_user_id ) ) {
outputCbTemplate();
$this->base->outputRegTemplate();
outputCbJs();
switch ( $act ) {
case 'upgrade': // upgrade an existing subscription
// display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present:
$chosenPlans = $subscriptionsGUI->getAndCheckChosenUpgradePlans( $postdata, $user, $now );
if ( ( ! is_array( $chosenPlans ) ) || ( count( $chosenPlans ) == 0 ) ) {
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$return .= ( is_string( $chosenPlans ) ? $chosenPlans . '<br />' : '' )
. sprintf( CBPTXT::Th("Please press back button and select the %s plan to which you would like to upgrade."), $subTxt );
break;
}
$introText = CBPTXT::Th( $params->get( 'intro_text_upgrade', null ) );
//TBD: check if already exists (reload protection):
$paymentBasket = cbpaidControllerOrder::createSubscriptionsAndPayment( $user, $chosenPlans, $postdata, $subscriptionIds, null, 'R', CBPTXT::T("Upgrade"), 'U' );
if ( is_object( $paymentBasket ) ) {
$return = cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
} else {
$return = $paymentBasket; // show messages as nothing to pay.
}
break;
case 'pay': // pay for an unpaid subscription
// display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present:
$plan = $this->base->_getReqParam( 'plan' );
if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$return .= sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
break;
}
$plansMgr =& cbpaidPlansMgr::getInstance();
$chosenPlans = array();
$chosenPlans[(int) $plan] = $plansMgr->loadPlan( (int) $plan );
$introText = CBPTXT::Th( $params->get( 'intro_text', null ) );
$paymentStatus = null;
$return = cbpaidControllerOrder::showPaymentForm( $user, $chosenPlans, $introText, $subscriptionIds, $paymentStatus );
break;
case 'renew': // renew a still valid subscription
case 'reactivate': // reactivate an expired subscription
case 'resubscribe': // resubscribe a cancelled subscription
// display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present:
$plan = $this->base->_getReqParam( 'plan' );
if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$return .= sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
break;
}
$plansMgr =& cbpaidPlansMgr::getInstance();
$chosenPlans = array();
$chosenPlans[(int) $plan] = $plansMgr->loadPlan( (int) $plan );
$paidSomethingMgr =& cbpaidSomethingMgr::getInstance();
$subscription = $paidSomethingMgr->loadSomething( $subscriptionIds[$plan][0], $subscriptionIds[$plan][1] );
global $_PLUGINS;
$_PLUGINS->loadPluginGroup( 'user', 'cbsubs.' );
$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin');
$_PLUGINS->trigger( 'onCPayAfterPlanRenewalSelected', array( &$chosenPlans[(int) $plan], &$subscription, $act ) );
if ( $_PLUGINS->is_errors() ) {
$return .= $_PLUGINS->getErrorMSG();
break;
}
$introText = CBPTXT::Th( $params->get( 'intro_text_renew', null ) );
//TBD: check if already exists (reload protection):
$paymentBasket = cbpaidControllerOrder::createSubscriptionsAndPayment( $user, $chosenPlans, $postdata, $subscriptionIds, null, null, CBPTXT::T("Renew"), 'R' );
if ( is_object( $paymentBasket ) ) {
$return = cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
} else {
$return = $paymentBasket; // show messages as nothing to pay.
}
break;
case 'unsubscribe': // request to unsubscribe an active subscription
// display unsubscribe confirmation form:
$plan = $this->base->_getReqParam( 'plan' );
if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$return .= sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
break;
}
$introText = CBPTXT::Th( $params->get( 'unsubscribe_intro_text' , null ) );
$return = $subscriptionsGUI->showUnsubscribeForm( $user, $introText, (int) $plan, (int) $subscriptionIds[$plan][1] );
break;
case 'confirm_unsubscribe': // confirm previous request to unsubscribe an active subscription
// unsubscribe confirmed:
$plan = $this->base->_getReqParam( 'plan' );
if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
$subTxt = CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
$return .= sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
break;
}
if ( ( $plan ) && ( count( $subscriptionIds ) == 1 ) ) {
$unsubscribeConfText = CBPTXT::Th( $params->get( 'unsubscribe_confirmation_text', null ) );
$return = cbpaidControllerOrder::doUnsubscribeConfirm( $user, $unsubscribeConfText, (int) $plan, (int) $subscriptionIds[$plan][1] );
}
break;
case 'display_subscriptions':
// unsubscribe cancelled: display subscriptions:
$return = $this->base->displayUserTab( $user );
break;
case 'showinvoice':
// shows a particular user invoice:
if ( $params->get( 'show_invoices', 1 ) ) {
$invoiceNo = $this->base->_getReqParam( 'invoice' );
$return = $this->showInvoice( $invoiceNo, $user );
}
break;
case 'saveeditinvoiceaddress':
case 'editinvoiceaddress': // this is the case of reload of invoicing address
$invoicingAddressQuery = $params->get( 'invoicing_address_query' );
if ( $invoicingAddressQuery > 0 ) {
$basketId = $this->base->_getReqParam( 'basket', 0 );
$hashToCheck = $this->base->_getReqParam( 'bck' );
$paymentBasket = new cbpaidPaymentBasket( $_CB_database );
if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
if ( ( $act == 'saveeditinvoiceaddress' ) && $this->base->input( 'actbutton', null, GetterInterface::COMMAND ) ) { // IE7-8 will return text instead of value and IE6 will return button all the time http://www.dev-archive.net/articles/forms/multiple-submit-buttons.html
$return = $paymentBasket->saveInvoicingAddressForm( $user );
if ( $return === null ) {
$paymentBasket->storeInvoicingDefaultAddress();
$introText = CBPTXT::Th( $params->get( 'intro_text', null ) );
$return .= cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
}
} else {
// invoice has reloaded itself (e.g. for country change):
$return = $paymentBasket->renderInvoicingAddressForm( $user );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
break;
case 'saverecordpayment':
case 'editrecordpayment': // this is the case of reload of the form
$basketId = $this->base->_getReqParam( 'basket', 0 );
$hashToCheck = $this->base->_getReqParam( 'bck' );
$paymentBasket = new cbpaidPaymentBasket( $_CB_database );
if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status != 'Completed' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
if ( $paymentBasket->authoriseAction( 'cbsubs.recordpayments' ) ) {
if ( ( $act == 'saverecordpayment' ) && $this->base->input( 'actbutton', null, GetterInterface::COMMAND ) ) { // IE7-8 will return text instead of value and IE6 will return button all the time http://www.dev-archive.net/articles/forms/multiple-submit-buttons.html
$return = cbpaidRecordBasketPayment::saveRecordPayment( $paymentBasket->id );
if ( $return === null ) {
$return .= CBPTXT::T("Payment recorded.")
. ' <a href="' . $_CB_framework->userProfileUrl( $paymentBasket->user_id, true ) . '">'
. CBPTXT::Th("View user profile")
. '</a>';
}
} else {
// invoice has reloaded itself (e.g. for country change):
$return = cbpaidRecordBasketPayment::displayRecordPaymentForm( $paymentBasket->id );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
break;
default:
cbNotAuth();
return '';
break;
}
}
} elseif ( $this->base->_getReqParam( 'account' ) && ( ( (int) cbGetParam( $_GET, 'user', 0 ) ) > 0 ) ) {
$account = $this->base->_getReqParam( 'account' );
$post_user_id = (int) cbGetParam( $_GET, 'user', 0 );
$user = CBuser::getUserDataInstance( (int) $post_user_id );
if ( $user->id ) {
if ( isset( $_SESSION['cbsubs']['expireduser'] ) && ( $_SESSION['cbsubs']['expireduser'] == $user->id ) ) {
// expired subscriptions of membership: show possibilities:
$subscriptionsGUI = new cbpaidControllerUI();
outputCbTemplate();
$this->base->outputRegTemplate();
outputCbJs();
switch ( $account ) {
case 'expired':
$paidsubsManager =& cbpaidSubscriptionsMgr::getInstance();
if ( ! $paidsubsManager->checkExpireMe( __FUNCTION__, $user->id, false ) ) {
// no valid membership:
$return = $subscriptionsGUI->getShowSubscriptionUpgrades( $user, true );
}
break;
default:
break;
}
} else {
$return = CBPTXT::Th("Browser cookies must be enabled.");
}
}
} elseif ( in_array( $act, array( 'setbsktpmtmeth', 'setbsktcurrency' ) ) ) {
cbSpoofCheck( 'plugin' ); // anti-spoofing check
$params = $this->params;
outputCbTemplate();
$this->base->outputRegTemplate();
outputCbJs();
$basketId = $this->base->_getReqParam( 'bskt', 0 );
$hashToCheck = $this->base->_getReqParam( 'bck' );
$paymentBasket = new cbpaidPaymentBasket( $_CB_database );
if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
switch ( $act ) {
case 'setbsktpmtmeth':
if ( $params->get( 'payment_method_selection_type' ) == 'radios' ) {
$chosenPaymentMethod = cbGetParam( $_POST, 'payment_method' );
$introText = CBPTXT::Th( $params->get( 'intro_text', null ) );
$return = $paymentBasket->saveBasketPaymentMethodForm( $user, $introText, $chosenPaymentMethod );
if ( $return === null ) {
$return .= cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
break;
case 'setbsktcurrency':
if ( $params->get( 'allow_select_currency', '0' ) ) {
$newCurrency = cbGetParam( $_POST, 'currency' );
if ( $newCurrency ) {
if ( in_array( $newCurrency, cbpaidControllerPaychoices::getInstance()->getAllCurrencies() ) ) {
$paymentBasket->changeCurrency( $newCurrency );
} else {
$this->base->_setErrorMSG( CBPTXT::T("This currency is not allowed") );
}
$introText = CBPTXT::Th( $params->get( 'intro_text', null ) );
$return .= cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Changes of currency of orders are not authorized") );
}
break;
default:
cbNotAuth();
return '';
break;
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
} elseif ( $act == 'cbsubsclass' ) {
$pluginName = $this->base->_getReqParam( 'class' );
if ( preg_match( '/^[a-z]+$/', $pluginName ) ) {
$element = 'cbsubs.' . $pluginName;
global $_PLUGINS;
$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin', $element );
$loadedPlugins =& $_PLUGINS->getLoadedPluginGroup( 'user/plug_cbpaidsubscriptions/plugin' );
$params = $this->params;
foreach ($loadedPlugins as $p ) {
if ( $p->element == $element ) {
$pluginId = $p->id;
$args = array( &$user, &$params, &$postdata );
/** @noinspection PhpUndefinedCallbackInspection */
$return = $_PLUGINS->call( $pluginId, 'executeTask', 'getcbsubs' . $pluginName . 'Tab', $args, null );
break;
}
}
}
} elseif ( $act && ( ! in_array( $act, array( 'showbskt', 'setbsktpmtmeth' ) ) ) && ( ( (int) cbGetParam( $_GET, 'user', 0 ) ) > 0 ) ) {
if ( ! is_object( $user ) ) {
return CBPTXT::T("User does not exist.");
}
$params = $this->params;
$post_user_id = (int) cbGetParam( $_GET, 'user', 0 );
if ( $post_user_id && ( ( $user->id == $post_user_id ) || ( cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionmanage' ) ) ) ) {
outputCbTemplate();
$this->base->outputRegTemplate();
outputCbJs();
switch ( $act ) {
case 'showinvoice':
if ( $params->get( 'show_invoices', 1 ) ) {
$invoiceNo = $this->base->_getReqParam( 'invoice', 0 );
// This also checks for cbpaidApp::authoriseAction on cbsubs.sales or cbsubs.financial access permissions:
$return = $this->showInvoice( $invoiceNo, $user );
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
break;
case 'showinvoiceslist':
$showInvoices = $params->get( 'show_invoices', 1 );
$invoicesShowPeriod = $params->get( 'invoices_show_period', '0000-06-00 00:00:00' );
$itsmyself = ( $_CB_framework->myId() == $user->id );
if ( $showInvoices && ( $itsmyself || ( cbpaidApp::authoriseAction( 'cbsubs.sales' ) || cbpaidApp::authoriseAction( 'cbsubs.financial' ) ) ) ) {
$subscriptionsGUI = new cbpaidControllerUI();
$invoices = $this->_getInvoices( $user, $invoicesShowPeriod, false );
if ( $invoicesShowPeriod && ( $invoicesShowPeriod != '0000-00-00 00:00:00' ) ) {
$cbpaidTimes =& cbpaidTimes::getInstance();
$periodText = $cbpaidTimes->renderPeriod( $invoicesShowPeriod, 1, false );
} else {
$periodText = '';
}
$return .= $subscriptionsGUI->showInvoicesList( $invoices, $user, $itsmyself, $periodText );
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
break;
case 'editinvoiceaddress': // this is the case of the initial edit address link
if ( $params->get( 'invoicing_address_query' ) > 0 ) {
$basketId = $this->base->_getReqParam( 'basket', 0 );
$hashToCheck = $this->base->_getReqParam( 'bck' );
$paymentBasket = new cbpaidPaymentBasket( $_CB_database );
if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
$return = $paymentBasket->renderInvoicingAddressForm( $user );
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
break;
case 'showrecordpayment':
$paymentBasketId = $this->base->_getReqParam( 'recordpayment', 0 );
if ( $paymentBasketId ) {
$paymentBasket = new cbpaidPaymentBasket();
if ( $paymentBasket->load( (int) $paymentBasketId ) && $paymentBasket->authoriseAction( 'cbsubs.recordpayments' ) ) {
// Auto-loads class: and authorization is checked inside:
$return = cbpaidRecordBasketPayment::displayRecordPaymentForm( $paymentBasketId );
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
break;
default:
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
break;
}
}
} elseif ( $act == 'showbskt' && ( ( ( (int) cbGetParam( $_GET, 'user', 0 ) ) > 0 ) ) || ( $this->base->_getReqParam( 'bskt', 0 ) && $this->base->_getReqParam( 'bck' ) ) ) {
$basketId = $this->base->_getReqParam( 'bskt', 0 );
$hashToCheck = $this->base->_getReqParam( 'bck' );
// Basket integrations saving/editing url:
if ( in_array($act, array( 'saveeditbasketintegration', 'editbasketintegration' ) ) ) { // edit is the case of edit or reload of integration form
$integration = $this->base->_getReqParam( 'integration' );
$paymentBasket = new cbpaidPaymentBasket( $_CB_database );
if ( preg_match( '/^[a-z]+$/', $integration ) && $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
global $_PLUGINS;
$element = 'cbsubs.' . $integration;
$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin', $element );
$results = $_PLUGINS->trigger( 'onCPayEditBasketIntegration', array( $integration, $act, &$paymentBasket ) );
$return = null;
foreach ( $results as $r ) {
if ( $r ) {
$return .= $r;
}
}
if ( $act == 'editbasketintegration' ) {
if ( $return !== null ) {
return $return;
}
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
}
$post_user_id = (int) cbGetParam( $_GET, 'user', 0 );
if ( $post_user_id && ! ( ( is_object( $user ) && ( $user->id == $post_user_id ) ) ) ) {
return CBPTXT::T("User does not exist.");
}
outputCbTemplate();
$this->base->outputRegTemplate();
outputCbJs();
$params = $this->params;
$paymentBasket = new cbpaidPaymentBasket( $_CB_database );
if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) ) {
if ( ! $post_user_id ) {
$cbUser =& CBuser::getInstance( (int) $paymentBasket->user_id );
$user =& $cbUser->getUserData();
if ( ( ! is_object( $user ) ) || ! $user->id ) {
return CBPTXT::T("User does not exist.");
}
}
if ( ( $hashToCheck && $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) )
|| ( ( ! $hashToCheck ) && $paymentBasket->user_id && ( $paymentBasket->user_id == $_CB_framework->myId() ) ) )
{
$introText = CBPTXT::Th( $params->get( 'intro_text', null ) );
$return .= cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
} else {
$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
}
} else {
$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
}
// } elseif ( isset($_REQUEST['result']) && isset( $_REQUEST['user'] ) && ( $_REQUEST['user'] > 0 ) ) {
} elseif ( isset($_REQUEST['result']) && ( $this->base->_getReqParam('method') || $this->base->_getReqParam('gacctno') ) ) {
// don't check license here so initiated payments can complete !
$params = $this->params;
$method = $this->base->_getReqParam('method');
if ( ( $method == 'freetrial' ) || ( $method == 'cancelpay' ) ) {
cbpaidApp::import( 'processors.freetrial.freetrial' );
cbpaidApp::import( 'processors.cancelpay.cancelpay' );
$className = 'cbpaidGatewayAccount' . $method;
$payAccount = new $className( $_CB_database );
} else {
$gateAccount = $this->base->_getReqParam('gacctno');
$payAccount = cbpaidControllerPaychoices::getInstance()->getPayAccount( $gateAccount );
if ( ! $payAccount ) {
return '';
}
}
$payClass = $payAccount->getPayMean();
$paymentBasket = new cbpaidPaymentBasket($_CB_database);
if ( $payClass && ( ( $this->base->_getReqParam('method') == $payClass->getPayName() ) || ( $this->base->_getReqParam('method') == null ) ) && $payClass->hashPdtBackCheck( $this->base->_getReqParam('pdtback') ) ) {
// output for resultNotification: $return and $allowHumanHtmlOutput
$return = $payClass->resultNotification( $paymentBasket, $postdata, $allowHumanHtmlOutput );
}
if ( ! $paymentBasket->id ) {
$this->base->_setErrorMSG(CBPTXT::T("No suitable basket found."));
} else {
$user =& CBuser::getUserDataInstance( (int) $paymentBasket->user_id );
if ( $paymentBasket->payment_status == 'RegistrationCancelled' ) {
// registration cancelled: delete payment basket and delete user after checking that he is not yet active:
if ( $paymentBasket->load( (int) $paymentBasket->id ) ) {
if ( $payClass->hashPdtBackCheck( $this->base->_getReqParam('pdtback') ) && ( ( $paymentBasket->payment_status == 'NotInitiated' ) || ( ( $paymentBasket->payment_status === 'Pending' ) && ( $paymentBasket->payment_method === 'offline' ) ) ) ) {
$notification = new cbpaidPaymentNotification();
$notification->initNotification( $payClass, 0, 'P', $paymentBasket->payment_status, $paymentBasket->payment_type, null, $_CB_framework->now(), $paymentBasket->charset );
$payClass->updatePaymentStatus( $paymentBasket, 'web_accept', 'RegistrationCancelled', $notification, 0, 0, 0, true );
// This is a notification or a return to site after payment, we want to log any error happening in third-party stuff in case:
cbpaidErrorHandler::keepTurnedOn();
}
}
}
if ( $allowHumanHtmlOutput ) {
// If frontend, we display result, otherwise, If Server-to-server notification: do not display any additional text here !
switch ( $paymentBasket->payment_status ) {
case 'Completed':
// PayPal recommends including the following information with the confirmation:
// - Item name
// - Amount paid
// - Payer email
// - Shipping address
$newMsg = sprintf( CBPTXT::Th("Thank you for your payment of %s for the %s %s."), $paymentBasket->renderPrice(),
$paymentBasket->item_name,
htmlspecialchars( $payClass->getTxtUsingAccount( $paymentBasket ) ) ) // ' using your paypal account ' . $paymentBasket->payer_email
. ' ' . $payClass->getTxtNextStep( $paymentBasket );
// . "Your transaction has been completed, and a receipt for your purchase has been emailed to you by PayPal. "
// . "You may log into your account at www.paypal.com to view details of this transaction.</p>\n";
if ( $params->get( 'show_invoices' ) ) {
$itsmyself = ( $_CB_framework->myId() == $user->id );
$subscriptionsGUI = new cbpaidControllerUI();
$newMsg .= '<p id="cbregviewinvoicelink">'
. $subscriptionsGUI->getInvoiceShowAhtml( $paymentBasket, $user, $itsmyself, CBPTXT::Th("View printable invoice") )
. '</p>'
;
}
$paid = true;
break;
case 'Pending':
$newMsg = sprintf( CBPTXT::Th("Thank you for initiating the payment of %s for the %s %s."), $paymentBasket->renderPrice(),
$paymentBasket->item_name,
htmlspecialchars( $payClass->getTxtUsingAccount( $paymentBasket ) ) ) // ' using your paypal account ' . $paymentBasket->payer_email
. ' ' . $payClass->getTxtNextStep( $paymentBasket );
// . "Your payment is currently being processed. "
// . "A receipt for your purchase will be emailed to you by PayPal once processing is complete. "
// . "You may log into your account at www.paypal.com to view status details of this transaction.</p>\n";
break;
case 'RegistrationCancelled':
$newMsg = $payClass->getTxtNextStep( $paymentBasket );
break;
case 'FreeTrial':
$newMsg = CBPTXT::Th("Thank you for subscribing to") . ' ' . $paymentBasket->item_name . '.'
. ' ' . $payClass->getTxtNextStep( $paymentBasket );
break;
case null:
$newMsg = CBPTXT::T("Payment basket does not exist.");
break;
case 'NotInitiated':
$newMsg = '';
break;
case 'RedisplayOriginalBasket':
if ( $paymentBasket->load( (int) $paymentBasket->id ) && ( $paymentBasket->payment_status == 'NotInitiated' ) ) {
$introText = CBPTXT::Th( $params->get( 'intro_text', null ) );
$return .= cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
}
$newMsg = '';
break;
case 'Processed':
case 'Denied':
case 'Reversed':
case 'Refunded':
case 'Partially-Refunded':
default:
$newMsg = $payClass->getTxtNextStep( $paymentBasket );
// "<p>Your transaction is not cleared and has currently following status: <strong>" . $paymentBasket->payment_status . ".</strong></p>"
// . "<p>You may log into your account at www.paypal.com to view status details of this transaction.</p>";
break;
}
if ( in_array( $paymentBasket->payment_status, array( 'Completed', 'Pending' ) ) ) {
$subscriptions = $paymentBasket->getSubscriptions();
$texts = array(); // avoid repeating several times identical texts:
if ( is_array( $subscriptions ) ) {
foreach ( $subscriptions as $sub ) {
/** @var $sub cbpaidSomething */
$thankYouParam = ( $paymentBasket->payment_status == 'Completed') ? 'thankyoutextcompleted' : 'thankyoutextpending';
$thankYouText = $sub->getPersonalized( $thankYouParam, true );
if ( $thankYouText && ! in_array( $thankYouText, $texts ) ) {
$texts[] = $thankYouText;
if ( strpos( $thankYouText, '<' ) === false ) {
$msgTag = 'p';
} else {
$msgTag = 'div';
}
$newMsg .= '<' . $msgTag . ' class="cbregThanks" id="cbregThanks' . $sub->plan_id . '">' . $thankYouText . '</' . $msgTag . ">\n";
}
}
}
}
if ( $newMsg ) {
$return .= '<div>' . $newMsg . '</div>';
}
if ( $paid && ( $_CB_framework->myId() < 1 ) && ( cbGetParam( $_REQUEST, 'user', 0 ) == $paymentBasket->user_id ) ) {
$_CB_database->setQuery( "SELECT * FROM #__comprofiler c, #__users u WHERE c.id=u.id AND c.id=".(int) $paymentBasket->user_id );
if ( $_CB_database->loadObject( $user ) && ( $user->lastvisitDate == '0000-00-00 00:00:00' ) ) {
$return = '<p>' . implode( '', getActivationMessage( $user, 'UserRegistration' ) ) . '</p>' . $return;
}
}
}
}
} else {
cbNotAuth();
return ' ' . CBPTXT::T("No result.");
}
if ( $allowHumanHtmlOutput ) {
$allErrorMsgs = $this->base->getErrorMSG( '</div><div class="error">' );
if ( $allErrorMsgs ) {
$errorMsg = '<div class="error">' . $allErrorMsgs . '</div>';
} else {
$errorMsg = null;
}
/** @var string $return */
if ( ( $return == '' ) && ( $errorMsg ) ) {
$this->base->outputRegTemplate();
$return = $errorMsg . '<br /><br />' . $return;
$return .= cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, '' );
} else {
$return = $errorMsg . $return;
}
}
if ( ! is_null( $oldignoreuserabort ) ) {
ignore_user_abort($oldignoreuserabort);
}
return $return;
}
/**
* Saves the user edit tab postdata into the tab's permanent storage
*
* @param TabTable $tab the tab database entry
* @param UserTable $user the user being displayed
* @param int $ui 1 for front-end, 2 for back-end
* @param array $postdata _POST data for saving edited tab content as generated with getEditTab
* @return string|boolean Either string HTML for tab content, or false if ErrorMSG generated
*/
public function saveEditTab( $tab, &$user, $ui, $postdata ) {
global $_CB_framework, $_PLUGINS;
// var_export( $_POST ); exit;
if ( $ui != 2 ) {
return null;
}
if(intval( $_CB_framework->myId() ) < 1) {
cbNotAuth();
return null;
}
cbpaidErrorHandler::on();
if ( cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionview' ) && cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionmanage' ) ) {
$now = $_CB_framework->now();
/*
$params = cbGetParam( $_REQUEST, 'subscriptionparams', '' );
$cb_subs_params = Registry::getRawParamsUnescaped( $params, false );
$user->cb_subs_params = $cb_subs_params;
*/
$subscriptionsGUI = new cbpaidControllerUI();
if ( ( $ui == 2 ) && ( $user->id == 0 ) ) {
$chosenPlans = $subscriptionsGUI->getAndCheckChosenRegistrationPlans( $postdata, $user );
} else {
$chosenPlans = $subscriptionsGUI->getAndCheckChosenUpgradePlans( $postdata, $user, $now );
}
if ( ! is_array( $chosenPlans ) ) {
$_PLUGINS->_setErrorMSG( $chosenPlans );
$_PLUGINS->raiseError( 1 );
return false;
}
// Renew / Pay / Reactivate buttons -> checkboxes: subscriptionpay or subscriptionrenew or subscriptionunsubscribe: value is subscription_id.
$unsubscribe = $subscriptionsGUI->getEditPostedBoxes( 'unsubscribe' );
$renew = $subscriptionsGUI->getEditPostedBoxes( 'renew' );
$reactivate = $subscriptionsGUI->getEditPostedBoxes( 'reactivate' );
$resubscribe = $subscriptionsGUI->getEditPostedBoxes( 'resubscribe' );
$pay = $subscriptionsGUI->getEditPostedBoxes( 'pay' );
$delete = $subscriptionsGUI->getEditPostedBoxes( 'delete' );
// Plan upgrade possibilities: values: subscription_id or null, act='upgrade', $plan= plan number or 0
$act = $this->_getReqParam( 'act' );
$subscriptionIds = $subscriptionsGUI->getEditPostedBoxes( 'id' );
$paidSomethinMgr =& cbpaidSomethingMgr::getInstance();
foreach ( $unsubscribe as $ps ) {
// only unsubscribe (and maybe upgrade, means resubscribe):
$subscription = $paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
if ( $subscription ) {
// $subscription->deactivate( $user, 'C' ); // cancelled
$resultErrMessage = cbpaidControllerOrder::doUnsubscribeConfirm( $user, null, $subscription->plan_id, $subscription->id );
if ( $resultErrMessage === false ) {
$_PLUGINS->_setErrorMSG( $this->getErrorMSG() );
$_PLUGINS->raiseError(1);
return false;
}
}
}
foreach ( $renew as $ps ) {
// only renew:
$subscription = $paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
if ( $subscription ) {
$subscription->activate( $user, $now, true, 'R' );
}
}
foreach ( $reactivate as $ps ) {
// only renew:
$subscription = $paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
if ( $subscription ) {
$subscription->activate( $user, $now, true, 'R' );
}
}
foreach ( $resubscribe as $ps ) {
// only renew:
$subscription = $paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
if ( $subscription ) {
$subscription->activate( $user, $now, true, 'R' );
}
}
foreach ( $pay as $ps ) {
// only renew:
$subscription = $paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
if ( $subscription ) {
$subscription->activate( $user, $now, true, 'N' );
}
}
foreach ( $delete as $ps ) {
// only renew:
$subscription = $paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
if ( $subscription ) {
$newPlanId = null;
$unifiedStatus = 'Denied';
if ( $subscription->canDelete() ) {
$subscription->revert( $user, $newPlanId, $unifiedStatus );
$subscription->historySetMessage( 'Subscription deleted from administration backend' );
if ( ! $subscription->delete( ) ) {
$_PLUGINS->_setErrorMSG( $subscription->getError() );
$_PLUGINS->raiseError( 1 );
return false;
}
} else {
$_PLUGINS->_setErrorMSG( $subscription->getError() );
$_PLUGINS->raiseError( 1 );
return false;
}
}
}
if ( $chosenPlans && ( count( $chosenPlans ) > 0 ) ) {
if ( $act == 'upgrade' ) {
if ( $user->id ) {
// upgrade existing ones:
cbpaidControllerOrder::createSubscriptionsAndPayment( $user, $chosenPlans, $postdata, $subscriptionIds, null, 'I', null, 'U', 'free' );
} else {
// when creating a user in backend, there is no user->id yet, so we need to defer the call (just below):
global $_CBSUBS_temp_backend_create;
$_CBSUBS_temp_backend_create = array( array( 'cbpaidControllerOrder', 'createSubscriptionsAndPayment' ), array( &$user, $chosenPlans, $postdata, $subscriptionIds, null, 'I', null, 'U', 'free' ));
}
}
}
}
cbpaidErrorHandler::off();
return null;
}
function viewReports($option, $uid, $act)
{
global $_CB_framework, $_CB_database, $ueConfig, $_REQUEST;
$isModerator = isModerator($_CB_framework->myId());
if ($isModerator == 0) {
cbNotAuth();
return;
}
$Itemid = $_CB_framework->itemid();
$ue_base_url = "index.php?option=com_comprofiler&task=viewReports" . ($Itemid ? "&Itemid=" . (int) $Itemid : "");
// Base URL string
$query = "SELECT count(*) FROM #__comprofiler_userreports WHERE " . ($act == 1 ? '' : "reportedstatus=0 AND ") . "reporteduser="******"SELECT u2.name as reportedbyname, u2.username as reportedbyusername, u.name as reportedname, u.username as reportedusername, ur.* FROM #__users u, #__comprofiler_userreports ur, #__users u2 WHERE u.id=ur.reporteduser AND u2.id=ur.reportedbyuser AND " . ($act == 1 ? '' : "ur.reportedstatus=0 AND ") . "ur.reporteduser="******" ORDER BY ur.reporteduser,ur.reportedondate";
$_CB_database->setQuery($query, $limitstart, $limit);
$row = $_CB_database->loadObjectList();
outputCbTemplate(1);
?>
<!-- TAB -->
<div class="componentheading"><?php
echo _UE_MODERATE_TITLE;
?>
</div><br /><br />
<?php
if ($total < 1) {
echo _UE_NOREPORTSTOPROCESS;
return;
}
?>
<div class='contentheading'><?php
echo _UE_USERREPORT;
?>
</div><br />
<?php
if ($total > $limit) {
?>
<div style="width:100%;text-align:center;"><?php
echo writePagesLinks($limitstart, $limit, $total, $ue_base_url);
?>
</div><hr />
<?php
}
?>
<table width='98%' border='0' cellpadding='4' cellspacing='1'>
<thead><tr align='left' class="sectiontableheader">
<th><?php
echo _UE_REPORTEDUSER;
?>
</th>
<th><?php
echo _UE_REPORT;
?>
</th>
<th><?php
echo _UE_REPORTEDONDATE;
?>
</th>
<th><?php
echo _UE_REPORTEDBY;
?>
</th>
<th><?php
echo _UE_REPORTSTATUS;
?>
</th>
</tr></thead>
<?php
for ($i = 0; $i < count($row); $i++) {
$class = "sectiontableentry" . (1 + $i % 2);
echo "<tr align='left' valign='middle' class='" . $class . "'>";
echo "<td><a href='" . cbSef("index.php?option=com_comprofiler&task=userProfile&user="******"&Itemid=" . (int) $Itemid : "")) . "'>" . getNameFormat($row[$i]->reportedname, $row[$i]->reportedusername, $ueConfig['name_format']) . "</a></td>";
echo "<td>" . $row[$i]->reportexplaination . "</td>";
echo "<td>" . dateConverter($row[$i]->reportedondate, 'Y-m-d', $ueConfig['date_format']) . "</td>";
echo "<td><a href='" . cbSef("index.php?option=com_comprofiler&task=userProfile&user="******"&Itemid=" . (int) $Itemid : "")) . "'>" . getNameFormat($row[$i]->reportedbyname, $row[$i]->reportedbyusername, $ueConfig['name_format']) . "</a></td>";
echo "<td>" . ($row[$i]->reportedstatus ? '<span style="color:green;">' . _UE_REPORTSTATUS_PROCESSED . '</span>' : '<span style="color:red;font-weight:bold;">' . _UE_REPORTSTATUS_OPEN . '</span>') . "</td>";
echo "</tr>\n";
}
echo "</table>\n";
if ($total > $limit) {
?>
<hr /><div style="width:100%;text-align:center;"><?php
echo writePagesLinks($limitstart, $limit, $total, $ue_base_url);
?>
</div>
<?php
}
echo "<br /><div style='width:100%;text-align:center;'>\n";
echo "<form action='" . cbSef('index.php?option=com_comprofiler&task=moderateReports' . ($Itemid ? "&Itemid=" . (int) $Itemid : "")) . "' method='post' name='adminForm'>\n";
echo '<input class="button" type="submit" value="' . _UE_USERREPORT_MODERATE . "\" />\n";
echo "</form>\n</div>\n";
}
function viewReports($option, $uid, $act)
{
global $_CB_framework, $_CB_database, $_PLUGINS, $_REQUEST;
$_PLUGINS->loadPluginGroup('user');
$results = $_PLUGINS->trigger('onBeforeViewReportsFormDisplay', array($uid, $act));
if ($_PLUGINS->is_errors()) {
echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
exit;
}
$isModerator = Application::MyUser()->isGlobalModerator();
if (!$isModerator) {
cbNotAuth();
return;
}
$query = 'SELECT COUNT(*)' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_userreports') . "\n WHERE " . $_CB_database->NameQuote('reporteduser') . " = " . (int) $uid . ($act == 1 ? "\n AND " . $_CB_database->NameQuote('reportedstatus') . " = 0" : null);
$_CB_database->setQuery($query);
$total = $_CB_database->loadResult();
$limitstart = (int) getPagesLimitStart($_REQUEST);
$limit = 20;
if ($limit > $total) {
$limitstart = 0;
}
$query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_userreports') . "\n WHERE " . $_CB_database->NameQuote('reporteduser') . " = " . (int) $uid . ($act == 1 ? "\n AND " . $_CB_database->NameQuote('reportedstatus') . " = 0" : null) . "\n ORDER BY " . $_CB_database->NameQuote('reporteduser') . ", " . $_CB_database->NameQuote('reportedondate');
$_CB_database->setQuery($query, $limitstart, $limit);
$rows = $_CB_database->loadObjectList();
outputCbTemplate(1);
$return = '<div class="cbViewReports cb_template cb_template_' . selectTemplate('dir') . '">';
if (is_array($results)) {
$return .= implode('', $results);
}
$return .= '<div class="page-header"><h3>' . CBTxt::Th('UE_USERREPORT', 'User Report') . '</h3></div>';
if ($total < 1) {
$return .= CBTxt::Th('UE_NOREPORTSTOPROCESS', 'No User Reports to Process');
} else {
$return .= '<form action="' . $_CB_framework->viewUrl('moderatereports') . '" method="post" id="adminForm" name="adminForm" class="cb_form form-auto">' . '<table class="table table-hover table-responsive">' . '<thead>' . '<tr>' . '<th style="width: 20%;" class="text-left">' . CBTxt::Th('UE_REPORTEDUSER', 'Reported User') . '</th>' . '<th style="width: 20%;" class="text-left">' . CBTxt::Th('UE_REPORT', 'Report') . '</th>' . '<th style="width: 20%;" class="text-left xs-hidden">' . CBTxt::Th('UE_REPORTEDONDATE', 'Report Date') . '</th>' . '<th style="width: 20%;" class="text-left xs-hidden">' . CBTxt::Th('UE_REPORTEDBY', 'Reported By') . '</th>' . '<th style="width: 20%;" class="text-left">' . CBTxt::Th('UE_REPORTSTATUS', 'Report status') . '</th>' . '</tr>' . '</thead>' . '<tbody>';
for ($i = 0; $i < count($rows); $i++) {
$row = $rows[$i];
$return .= '<tr>' . '<td style="width: 20%;" class="text-left">' . CBuser::getInstance((int) $row->reporteduser, false)->getField('formatname', null, 'html', 'none', 'list', 0, true) . '</td>' . '<td style="width: 20%;" class="text-left">' . $row->reportexplaination . '</td>' . '<td style="width: 20%;" class="text-left xs-hidden">' . cbFormatDate($row->reportedondate) . '</td>' . '<td style="width: 20%;" class="text-left xs-hidden">' . CBuser::getInstance((int) $row->reportedbyuser, false)->getField('formatname', null, 'html', 'none', 'list', 0, true) . '</td>' . '<td style="width: 20%;" class="text-left ' . ($row->reportedstatus ? 'text-success' : 'text-danger') . '">' . ($row->reportedstatus ? CBTxt::Th('UE_REPORTSTATUS_PROCESSED', 'Processed') : CBTxt::Th('UE_REPORTSTATUS_OPEN', 'Open')) . '</td>' . '</tr>';
}
$return .= '</tbody>' . '</table>' . '<div class="form-group cb_form_line clearfix">' . '<input type="submit" class="btn btn-primary cbViewReportsMod" value="' . htmlspecialchars(CBTxt::Th('UE_USERREPORT_MODERATE', 'Moderate User Reports')) . '" />' . '</div>' . '</form>';
if ($total > $limit) {
$return .= '<div class="form-group cb_form_line text-center clearfix">' . writePagesLinks($limitstart, $limit, $total, $_CB_framework->viewUrl('viewreports')) . '</div>';
}
}
$return .= '</div>';
echo $return;
}
function acceptConnection($userid, $connectionid, $act = 'connections')
{
global $_CB_framework, $ueConfig, $_PLUGINS;
if (!$ueConfig['allowConnections']) {
$msg = CBTxt::Th('UE_FUNCTIONALITY_DISABLED', 'This functionality is currently disabled.');
} elseif (!($_CB_framework->myId() > 0)) {
cbNotAuth(true);
return;
} else {
$msg = null;
}
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeAcceptConnectionRequest', array($userid, $connectionid, &$msg, $act));
if ($msg) {
$_CB_framework->enqueueMessage($msg, 'error');
return;
}
$cbCon = new cbConnection($userid);
if ($cbCon->isConnectionPending($userid, $connectionid) === false) {
$_CB_framework->enqueueMessage(CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'), 'error');
return;
} else {
if (!$cbCon->acceptConnection($userid, $connectionid)) {
$msg = $cbCon->getErrorMSG();
} else {
$msg = $cbCon->getUserMSG();
}
}
if ($act == 'connections') {
cbRedirectToProfile($userid, $msg, null, 'getConnectionTab');
} elseif ($act == 'manage') {
cbRedirectToProfile($connectionid, $msg, 'manageconnections', 'cbtabconnections');
} else {
cbRedirectToProfile($connectionid, $msg);
}
}