/**
* Admin settings for the Users plugin
*/
public function settings($h)
{
// If the form has been submitted, go and save the data...
if ($h->cage->post->getAlpha('submitted') == 'true') {
$this->saveSettings($h);
}
echo "<h1>" . $h->lang["recaptcha_settings_header"] . "</h1>\n";
// Get settings from database if they exist...
$recaptcha_settings = $h->getSerializedSettings();
$pubkey = $recaptcha_settings['pubkey'];
$privkey = $recaptcha_settings['privkey'];
//...otherwise set to blank:
if (!$pubkey) {
$pubkey = '';
}
if (!$privkey) {
$privkey = '';
}
echo "<form name='recaptcha_settings_form' action='" . BASEURL . "admin_index.php?page=plugin_settings&plugin=recaptcha' method='post'>\n";
$thisdomain = rstrtrim(str_replace("http://", "", BASEURL), '/');
echo "<p>" . $h->lang["recaptcha_settings_desc"] . " <a href='http://recaptcha.net/api/getkey?domain=" . $thisdomain . "&app=HotaruCMS'>reCAPTCHA.net</a>.</p><br />\n";
echo " " . $h->lang["recaptcha_settings_public_key"] . ": <input type='text' name='rc_pubkey' size=50 value='" . $pubkey . "'><br /><br />\n";
echo " " . $h->lang["recaptcha_settings_private_key"] . ": <input type='text' name='rc_privkey' size=50 value='" . $privkey . "'><br /><br />\n";
echo "<input type='hidden' name='submitted' value='true' />\n";
echo "<input type='submit' value='" . $h->lang["main_form_save"] . "' />\n";
echo "<input type='hidden' name='csrf' value='" . $h->csrfToken . "' />\n";
echo "</form><br />\n";
/* *************************************
* RECAPTCHA TEST START
* ********************************** */
echo $h->lang["recaptcha_settings_example"] . "<br /><br />";
if ($h->cage->post->getAlpha('submitted') == 'test') {
$result = $h->pluginHook('check_recaptcha');
// This hook checks the captcha
if ($result['ReCaptcha_check_recaptcha'] == 'success') {
$h->showMessage($h->lang["recaptcha_success"], 'green');
// success message
} elseif ($result['ReCaptcha_check_recaptcha'] == 'empty') {
$h->showMessage($h->lang["recaptcha_empty"], 'red');
// empty message
} else {
$h->showMessage($h->lang["recaptcha_error"], 'red');
// error message
}
echo "<br />";
}
echo "<form name='recaptcha_settings_test' action='" . BASEURL . "admin_index.php?page=plugin_settings&plugin=recaptcha' method='post'>\n";
$h->pluginHook('show_recaptcha');
echo "<input type='hidden' name='submitted' value='test' />\n";
echo "<input type='submit' value='" . $h->lang["recaptcha_settings_do_test"] . "' />\n";
echo "<input type='hidden' name='csrf' value='" . $h->csrfToken . "' />\n";
echo "</form><br />\n";
/* *************************************
* RECAPTCHA TEST END
* ********************************** */
}
/**
* Adds a note in User Manager about the user having pending or buried posts
*/
public function user_manager_details($h)
{
list($output, $user) = $h->vars['user_manager_details'];
// Check to see if this user has any pending or buried posts:
$sql = "SELECT post_id, post_status FROM " . TABLE_POSTS . " WHERE post_author = %d AND (post_status = %s OR post_status = %s) ORDER BY post_date DESC";
if (!isset($h->vars['post_manager_flags'])) {
$flags = $h->db->get_results($h->db->prepare($sql, $user->user_id, 'pending', 'buried'));
} else {
$flags = $h->vars['post_manager_flags'];
// retrieve from memory
}
if ($flags) {
$output .= "<br /><b>" . $h->lang["post_man_flagged_reasons"] . "</b>";
foreach ($flags as $flag) {
$h->readPost($flag->post_id);
$output .= "<a href='" . $h->url(array('page' => $flag->post_id)) . "' title='" . $h->lang["post_man_flags_title"] . $h->post->title . "'>" . $flag->post_status . "</a>, ";
}
$output = rstrtrim($output, ", ");
$h->vars['user_manager_details'] = array($output, $user);
}
}
/**
* Gets all the posts from the database
*
* @param array $vars - search parameters
* @param int $limit - no. of rows to retrieve
* @param bool $all - true to retrieve ALL rows, else default 20
* @param string $select - the select clause
* @param string $orderby - the order by clause
* @return array|false $prepare_array is the prepared SQL statement
*
* Example usage: $post->filter(array('post_tags LIKE %s' => '%tokyo%'), 10);
*/
public function filter($vars = array(), $limit = 0, $all = false, $select = '*', $orderby = 'post_date DESC')
{
if (!isset($filter)) {
$filter = '';
}
$prepare_array = array();
$prepare_array[0] = "temp";
// placeholder to be later filled with the SQL query.
// default to posts of type "news" if not otherwise set
if (!isset($vars['post_type = %s'])) {
$vars['post_type = %s'] = 'news';
}
if (!empty($vars)) {
$filter = " WHERE ";
foreach ($vars as $key => $value) {
$filter .= $key . " AND ";
// e.g. " post_tags LIKE %s "
// Push the values of %s and %d into the prepare_array
// sometimes the filter might contain multiple values, eg.
// WHERE post_status = %s OR post_status = %s. In that case,
// the values are stored in an array, e.g. array('top', 'new').
if (is_array($value)) {
foreach ($value as $v) {
array_push($prepare_array, $v);
}
} else {
// otherwise, push the single value into $prepared_array:
array_push($prepare_array, $value);
}
}
$filter = rstrtrim($filter, " AND ");
}
if ($all == true) {
$limit = '';
} elseif ($limit == 0) {
$limit = " LIMIT 20";
} else {
$limit = " LIMIT " . $limit;
}
if ($orderby) {
$orderby = "ORDER BY " . $orderby;
}
$sql = "SELECT " . $select . " FROM " . TABLE_POSTS . $filter . " " . $orderby . $limit;
$prepare_array[0] = $sql;
// $prepare_array needs to be passed to $this->db->prepare, i.e. $this->db->get_results($this->db->prepare($prepare_array));
if ($prepare_array) {
return $prepare_array;
} else {
return false;
}
}
/**
* Generate either default or friendly urls
*
* @param array $parameters an array of pairs, e.g. 'page' => 'about'
* @param string $head either 'index' or 'admin'
* @return string
*/
public function url($h, $parameters = array(), $head = 'index')
{
if (FRIENDLY_URLS == "false") {
if ($head == 'index') {
$url = BASEURL . 'index.php?';
} elseif ($head == 'admin') {
$url = BASEURL . 'admin_index.php?';
} else {
// Error. $head must be index or admin
}
if (empty($parameters)) {
$url = rtrim($url, '?');
return $url;
}
foreach ($parameters as $key => $value) {
$url .= $key . '=' . $value . '&';
}
return rstrtrim($url, '&');
}
if (FRIENDLY_URLS == "true") {
if ($head == 'index') {
$url = BASEURL;
} elseif ($head == 'admin') {
$url = BASEURL . 'admin/';
} else {
$url = BASEURL . $head . '/';
}
foreach ($parameters as $key => $value) {
if ($key == 'page' && is_numeric($value)) {
// must be a post, let's get the post_url after we've read the post (if necessary)
if (!$h->post->url) {
$h->readPost($value);
}
$value = $h->post->url;
// if we're using categories and the category is not "all"...
if ($h->isActive('categories') && $h->post->category != 1) {
$url .= $h->getCatSafeName($h->post->category) . '/';
}
$url .= $value . '/';
} elseif ($key == 'category' && is_numeric($value)) {
$url .= $key . '/' . $h->getCatSafeName($value) . '/';
} elseif ($key == 'page') {
// don't show "page" in the url, only the value
$url .= $value . '/';
} else {
$url .= $key . '/' . $value . '/';
}
}
return $url;
}
}
/**
* Get full details of all users or batches of users, sorted alphabetically
*
* @param array $id_array - optional array of user ids
* @param int $start - LIMIT $start $range (optional)
* @param int $range - LIMIT $start $range (optional)
* @return array
*/
public function userListFull($h, $id_array = array(), $start = 0, $range = 0)
{
if (!$id_array) {
// get all users
$sql = "SELECT * FROM " . TABLE_USERS . " ORDER BY user_username ASC";
$results = $h->db->get_results($sql);
} else {
// for grabbing
if ($range) {
$limit = " LIMIT " . $start . ", " . $range;
}
$sql = "SELECT * FROM " . TABLE_USERS . " WHERE ";
for ($i = 0; $i < count($id_array); $i++) {
$sql .= "user_id = %d OR ";
}
$sql = rstrtrim($sql, "OR ");
// strip trailing OR
$sql .= " ORDER BY user_username ASC" . $limit;
$prepare_array[0] = $sql;
$prepare_array = array_merge($prepare_array, $id_array);
$results = $h->db->get_results($h->db->prepare($prepare_array));
}
return $results;
}
/**
* Displays the flags next to the post title.
*/
public function sb_base_show_post_title($h)
{
if (!isset($h->vars['flagged']) || !$h->vars['flagged']) {
return false;
}
$why_list = "";
foreach ($h->vars['reasons'] as $why) {
$alert_lang = "vote_alert_reason_" . $why;
if (isset($h->lang[$alert_lang])) {
$why_list .= $h->lang[$alert_lang] . ", ";
}
}
$why_list = rstrtrim($why_list, ", ");
// removes trailing comma
// $h->vars['flag_count'] got from above function
$h->vars['flag_why'] = $why_list;
$h->displayTemplate('updown_voting_alert', 'updown_voting', false);
}
/**
* Orders the plugin hooks by plugin_order
*/
public function sortPluginHooks($h)
{
$sql = "SELECT p.plugin_folder, p.plugin_order, p.plugin_id, h.* FROM " . TABLE_PLUGINHOOKS . " h, " . TABLE_PLUGINS . " p WHERE p.plugin_folder = h.plugin_folder ORDER BY p.plugin_order ASC";
$rows = $h->db->get_results($h->db->prepare($sql));
// Remove all hooks for this site
$h->db->query($h->db->prepare("TRUNCATE TABLE " . TABLE_PLUGINHOOKS));
$values = '';
$pvalues = array();
$pvalues[0] = "temp";
// will be filled with $sql
// Add plugin hooks back into the hooks table
if ($rows) {
foreach ($rows as $row) {
$values .= "(%s, %s, %d), ";
array_push($pvalues, $row->plugin_folder);
array_push($pvalues, $row->plugin_hook);
array_push($pvalues, $h->currentUser->id);
}
$values = rstrtrim($values, ", ");
// strip off trailing comma
$pvalues[0] = "INSERT INTO " . TABLE_PLUGINHOOKS . " (plugin_folder, plugin_hook, plugin_updateby) VALUES " . $values;
$h->db->query($h->db->prepare($pvalues));
}
}
/**
* Adds a note in User Manager about the user being flagged
*/
public function user_manager_details($h)
{
list($output, $user) = $h->vars['user_manager_details'];
// Check to see if this user has any stop_spam_flags:
$sql = "SELECT usermeta_value FROM " . TABLE_USERMETA . " WHERE usermeta_userid = %d AND usermeta_key = %s";
if (!isset($h->vars['stop_spam_flags'])) {
$flags = $h->db->get_var($h->db->prepare($sql, $user->user_id, 'stop_spam_flags'));
} else {
$flags = $h->vars['stop_spam_flags'];
// retrieve from memory
}
if ($flags) {
$flags = unserialize($flags);
$output .= "<br /><b>" . $h->lang['stop_spam_flagged_reasons'] . "</b><span style='color: red;'>";
foreach ($flags as $flag) {
$output .= $flag . ", ";
}
$output = rstrtrim($output, ", ");
$output .= "</span>";
$h->vars['user_manager_details'] = array($output);
}
}
} else {
echo $plug['name'] . " " . $plug['version'] . "</td>\n";
}
echo "<td class='table_order'>" . $plug['order_output'] . "</td>\n";
echo "<td class='table_uninstall'>\n";
echo "<a class='table_drop_down' href='#'><img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/" . $info_icon . "'></a>\n";
echo " " . $plug['install'] . "</td>\n";
echo "</tr>\n";
echo "<tr class='table_tr_details' style='display:none;'><td colspan=3 class='table_description'>\n";
echo $plug['description'] . "<br />";
$requires = "";
foreach ($plug['requires'] as $key => $value) {
$requires .= $key . " " . $value . ", ";
}
if ($requires != "") {
echo $h->lang["admin_theme_plugins_requires"] . " " . rstrtrim($requires, ", ");
} else {
echo $h->lang["admin_theme_plugins_no_plugins"];
}
if (isset($plug['author'])) {
echo "<br />" . $h->lang["admin_theme_plugins_author"] . ": \n";
}
if (isset($plug['authorurl'])) {
echo "<a href='" . $plug['authorurl'] . "' title='" . $plug['authorurl'] . "'>";
}
if (isset($plug['author'])) {
echo $plug['author'];
}
if (isset($plug['authorurl'])) {
echo "</a>\n";
}
/**
* @param $url
* @param $modelName
* @return SeoFriendlyUrl
*/
public static function getForView($url, $modelName)
{
if (param('urlExtension')) {
$url = rstrtrim($url, '.html');
}
$seo = SeoFriendlyUrl::model()->findByAttributes(array('model_name' => $modelName, 'url_' . Yii::app()->language => $url));
if ($seo) {
$activeLangs = Lang::getActiveLangs();
foreach ($activeLangs as $lang) {
$field = 'url_' . $lang;
if (isset(self::$_prefixUrlArray[$modelName]) && isset($seo->{$field})) {
$prefix = $seo->direct_url ? '' : ($lang == Lang::getDefaultLang() ? '' : $lang . '/') . self::$_prefixUrlArray[$modelName];
if ($seo->{$field}) {
self::$seoLangUrls[$lang] = Yii::app()->baseUrl . '/' . $prefix . $seo->{$field} . (param('urlExtension') ? '.html' : '');
} else {
self::$seoLangUrls[$lang] = Yii::app()->baseUrl . '/' . $prefix . $seo->model_id;
}
//deb(self::$seoLangUrls);exit;
}
}
}
return $seo;
}
/**
* Build the WHERE string
*
* @return string
*/
public function buildWhere()
{
if (!$this->where) {
return '';
}
$filter = " WHERE ";
foreach ($this->where as $key => $value) {
$filter .= $key . " AND ";
// e.g. " post_tags LIKE %s "
// Push the values of %s and %d into the prepare_array
// sometimes the filter might contain multiple values, eg.
// WHERE post_status = %s OR post_status = %s. In that case,
// the values are stored in an array, e.g. array('top', 'new').
if (is_array($value)) {
foreach ($value as $v) {
array_push($this->prepare_array, $v);
}
} else {
// otherwise, push the single value into $this->prepare_array:
array_push($this->prepare_array, $value);
}
}
$filter = rstrtrim($filter, " AND ");
// strip off trailing AND
return $filter;
}
/**
* Generate either default or friendly urls
*
* @param array $parameters an array of pairs, e.g. 'page' => 'about'
* @param string $head either 'index' or 'admin'
* @return string
*/
public function url($h, $parameters = array(), $head = 'index')
{
$url = '';
if (FRIENDLY_URLS == "false") {
if ($head == 'index') {
$url = SITEURL . 'index.php?';
} elseif ($head == 'admin') {
$url = SITEURL . 'admin_index.php?';
} else {
// Error. $head must be index or admin
}
if (empty($parameters)) {
$url = rtrim($url, '?');
return $url;
}
foreach ($parameters as $key => $value) {
$url .= $key . '=' . $value . '&';
}
return rstrtrim($url, '&');
} elseif (FRIENDLY_URLS == "true") {
if ($head == 'index') {
$url = SITEURL;
} elseif ($head == 'admin') {
$url = SITEURL . 'admin/';
} else {
$url = SITEURL . $head . '/';
}
foreach ($parameters as $key => $value) {
// added in for pages like show all comments, activity
if ($key == 'postUrl') {
return SITEURL . $value;
}
if ($key == 'page' && is_numeric($value)) {
// find the url
$value = $h->post->url;
// if we're using categories and the category is not "all"...
// if ($h->isActive('categories') && $h->post->category > 1) {
// $url .= $h->getCatSafeName($h->post->category) . '/';
// }
$url .= $value . '/';
} elseif ($key == 'category' && is_numeric($value)) {
$url .= $key . '/' . $h->getCatSafeName($value) . '/';
} elseif ($key == 'page') {
// don't show "page" in the url, only the value
$url .= $value . '/';
} else {
$url .= $key . '/' . $value . '/';
}
}
//print '|' . $url . '|';
return $url;
}
}
/**
* Admin settings for the Users plugin
*/
public function settings($h)
{
// If the form has been submitted, go and save the data...
if ($h->cage->post->getAlpha('submitted') == 'true') {
$this->saveSettings($h);
}
echo "<h1>" . $h->lang["user_signin_settings_header"] . "</h1>\n";
// Get settings from database if they exist...
$user_signin_settings = $h->getSerializedSettings();
$recaptcha_enabled = $user_signin_settings['recaptcha_enabled'];
$emailconf_enabled = $user_signin_settings['emailconf_enabled'];
$reg_status = $user_signin_settings['registration_status'];
$email_notify = $user_signin_settings['email_notify'];
$email_mods = $user_signin_settings['email_notify_mods'];
$h->pluginHook('user_signin_settings_get_values');
//...otherwise set to blank:
if (!$recaptcha_enabled) {
$recaptcha_enabled = '';
}
if (!$emailconf_enabled) {
$emailconf_enabled = '';
}
if (!$reg_status) {
$reg_status = 'member';
}
if (!$email_notify) {
$email_notify = '';
}
if (!$email_mods) {
$email_mods = array();
}
echo "<form name='user_signin_settings_form' action='" . BASEURL . "admin_index.php?page=plugin_settings&plugin=user_signin' method='post'>\n";
echo "<p>" . $h->lang["user_signin_settings_instructions"] . "</p><br />";
echo "<b>" . $h->lang["user_signin_settings_registration"] . "</b><br /><br />";
$thisdomain = rstrtrim(str_replace("http://", "", BASEURL), '/');
echo "<input type='checkbox' name='rc_enabled' value='enabled' " . $recaptcha_enabled . " > " . $h->lang["user_signin_settings_recaptcha_enable"] . "<br /><br />\n";
echo "<input type='checkbox' name='emailconf' value='emailconf' " . $emailconf_enabled . "> " . $h->lang["user_signin_settings_email_conf"] . "<br /><br />\n";
// reg_status radio buttons:
switch ($reg_status) {
case 'pending':
$checked_rs_pend = 'checked';
$checked_rs_undermod = '';
$checked_rs_member = '';
break;
case 'undermod':
$checked_rs_pend = '';
$checked_rs_undermod = 'checked';
$checked_rs_member = '';
break;
default:
$checked_rs_pend = '';
$checked_rs_undermod = '';
$checked_rs_member = 'checked';
}
echo $h->lang["user_signin_settings_reg_status"] . "\n";
echo "<input type='radio' name='regstatus' value='pending' " . $checked_rs_pend . ">";
echo " " . $h->lang["user_signin_settings_reg_status_pending"] . " \n";
echo "<input type='radio' name='regstatus' value='undermod' " . $checked_rs_undermod . ">";
echo " " . $h->lang["user_signin_settings_reg_status_undermod"] . " \n";
echo "<input type='radio' name='regstatus' value='member' " . $checked_rs_member . ">";
echo " " . $h->lang["user_signin_settings_reg_status_member"] . " <br /><br />\n";
// email_notify:
echo "<input type='checkbox' name='email_notify' value='email_notify' id='email_notify' " . $email_notify . "> " . $h->lang["user_signin_settings_email_notify"] . "<br /><br />\n";
$admins = $h->getMods('can_access_admin', 'yes');
if (!$email_notify) {
$show_admins = 'display: none;';
} else {
$show_admins = '';
}
echo "<div id='email_notify_options' style='margin-left: 2.0em; " . $show_admins . "'>";
if ($admins) {
echo "<table>\n";
foreach ($admins as $ad) {
if (array_key_exists($ad['id'], $email_mods)) {
switch ($email_mods[$ad['id']]['type']) {
case 'all':
$checked_all = 'checked';
$checked_pend = '';
$checked_none = '';
break;
case 'pending':
$checked_all = '';
$checked_pend = 'checked';
$checked_none = '';
break;
default:
$checked_all = '';
$checked_pend = '';
$checked_none = 'checked';
}
} else {
$checked_all = '';
$checked_pend = '';
$checked_none = 'checked';
}
echo "<tr>\n";
echo "<td><b>" . ucfirst($ad['name']) . "</b></td>\n";
echo "<td><input type='radio' name='emailmod[" . $ad['id'] . "][" . $ad['email'] . "]' value='all' " . $checked_all . ">";
echo " " . $h->lang["user_signin_settings_email_notify_all"] . "</td>\n";
echo "<td><input type='radio' name='emailmod[" . $ad['id'] . "][" . $ad['email'] . "]' value='pending' " . $checked_pend . ">";
echo " " . $h->lang["user_signin_settings_email_notify_pending"] . "</td>\n";
echo "<td><input type='radio' name='emailmod[" . $ad['id'] . "][" . $ad['email'] . "]' value='none' " . $checked_none . ">";
echo " " . $h->lang["user_signin_settings_email_notify_none"] . "</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
echo "</div>";
$h->pluginHook('user_signin_settings_form');
echo "<br /><br />\n";
echo "<input type='hidden' name='submitted' value='true' />\n";
echo "<input type='submit' value='" . $h->lang["user_signin_settings_save"] . "' />\n";
echo "<input type='hidden' name='csrf' value='" . $h->csrfToken . "' />\n";
echo "</form>\n";
}
function uf_mkdir($mk_path)
{
$mkdir_array = array();
$path_array = split("/", $mk_path);
$path_count = count($path_array);
for ($step = $path_count; $step >= 0; $step--) {
if (is_dir($mk_path) == false) {
$path_name = $path_array[$step - 1];
if (strlen($path_name) > 0) {
array_push($mkdir_array, $path_name);
}
$mk_path = rstrtrim($mk_path, strrchr($mk_path, "/"));
} else {
$step = 0;
}
}
$path_count = count($mkdir_array);
for ($step = $path_count; $step > 0; $step--) {
$mk_path = $mk_path . "/" . $mkdir_array[$step - 1];
mkdir($mk_path);
}
}
/**
* Remove activity
*
* @param array $args e.g. array('userid'=>4, 'key'=>'post', 'value'=>'6408')
*/
public function removeActivity($h, $args = array())
{
if (!isset($args['userid'])) {
$args['userid'] = $h->currentUser->id;
}
$prepare = array();
$prepare[0] = "temp";
$sql = "DELETE FROM " . TABLE_USERACTIVITY . " WHERE ";
if (isset($args['archived'])) {
$sql .= "useract_archived = %s AND ";
array_push($prepare, $args['archived']);
}
if (isset($args['userid'])) {
$sql .= "useract_userid = %s AND ";
array_push($prepare, $args['userid']);
}
if (isset($args['status'])) {
$sql .= "useract_status = %s AND ";
array_push($prepare, $args['status']);
}
if (isset($args['key'])) {
$sql .= "useract_key = %s AND ";
array_push($prepare, $args['key']);
}
if (isset($args['value'])) {
$sql .= "useract_value = %s AND ";
array_push($prepare, $args['value']);
}
if (isset($args['key2'])) {
$sql .= "useract_key2 = %s AND ";
array_push($prepare, $args['key2']);
}
if (isset($args['value2'])) {
$sql .= "useract_value2 = %s AND ";
array_push($prepare, $args['value2']);
}
$prepare[0] = rstrtrim($sql, " AND ");
// replace "temp" with full $sql
return $h->db->query($h->db->prepare($prepare));
}