/** * @override */ public function handleRequest() { // HTTP headers for no cache etc header('Content-type: text/plain; charset=UTF-8'); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // Get parameters $chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0; $chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0; $fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : ''; $fileCount = $_GET['files']; if (\FWValidator::is_file_ending_harmless($fileName)) { try { $this->addChunk($fileName, $chunk, $chunks); } catch (UploaderException $e) { die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "' . $e->getMessage() . '"}, "id" : "id"}'); } } else { if ($chunk == 0) { // only count first chunk // TODO: there must be a way to cancel the upload process on the client side $this->addHarmfulFileToResponse($fileName); } } if ($chunk == $chunks - 1) { //upload finished $this->handleCallback($fileCount); } die('{"jsonrpc" : "2.0", "result" : null, "id" : "id"}'); }
/** * @override */ public function handleRequest() { global $_FILES; //get a writable directory $targetDir = '/upload_' . $this->uploadId; $tempPath = $_SESSION->getTempPath(); $webTempPath = $_SESSION->getWebTempPath(); //make sure target directory exists if (!file_exists($tempPath . $targetDir)) { \Cx\Lib\FileSystem\FileSystem::make_folder($webTempPath . $targetDir); } //move all uploaded file to this upload's temp directory foreach ($_FILES["uploaderFiles"]["error"] as $key => $error) { if ($error == UPLOAD_ERR_OK) { $tmpName = $_FILES["uploaderFiles"]["tmp_name"][$key]; $name = $_FILES["uploaderFiles"]["name"][$key]; if (!\FWValidator::is_file_ending_harmless($name)) { die('Error:' . sprintf('The file %s was refused due to its file extension which is not allowed!', htmlentities($name, ENT_QUOTES, CONTREXX_CHARSET))); } //TODO: Uploader::addChunk does this also -> centralize in function // remember the "raw" file name, we want to store all original // file names in the session. $originalFileName = $name; // Clean the fileName for security reasons // we're using a-zA-Z0-9 instead of \w because of the umlauts. // linux excludes them from \w, windows includes them. we do not want different // behaviours on different operating systems. $name = preg_replace('/[^a-zA-Z0-9\\._-]+/', '', $name); $originalFileNames = array(); if (isset($_SESSION['upload']['handlers'][$this->uploadId]['originalFileNames'])) { $originalFileNames = $_SESSION['upload']['handlers'][$this->uploadId]['originalFileNames']; } $originalFileNames[$name] = $originalFileName; $_SESSION['upload']['handlers'][$this->uploadId]['originalFileNames'] = $originalFileNames; //end of TODO-region //move file somewhere we know both the web- and normal path... @move_uploaded_file($tmpName, ASCMS_TEMP_PATH . '/' . $name); //...then do a safe-mode-safe (yeah) move operation \Cx\Lib\FileSystem\FileSystem::move(ASCMS_TEMP_WEB_PATH . '/' . $name, $webTempPath . $targetDir . '/' . $name, true); } } //and call back. $this->notifyCallback(); //redirect the user where he belongs $this->redirect(); }
public function getDetailPage() { global $_ARRAYLANG, $objDatabase; $cx = \Cx\Core\Core\Controller\Cx::instanciate(); $file = str_replace($cx->getWebsiteOffsetPath(), '', $_GET["path"]) . $_GET["file"]; $objResult = $objDatabase->Execute("SELECT `id`, `file`, `source`, `hash`, `check`, `expiration_date` FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'"); $existing = $objResult !== false && $objResult->RecordCount() > 0; if ($_GET["switch"]) { if ($existing) { $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'"); } else { $hash = FileSharingLib::createHash(); $check = FileSharingLib::createCheck($hash); $source = str_replace($cx->getWebsiteOffsetPath(), '', $_GET["path"]) . $_GET["file"]; $objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_filesharing (`file`, `source`, `hash`, `check`) VALUES ('" . contrexx_raw2db($source) . "', '" . contrexx_raw2db($source) . "', '" . contrexx_raw2db($hash) . "', '" . contrexx_raw2db($check) . "')"); } $existing = !$existing; } if ($existing) { $this->_objTpl->setVariable(array('FILE_STATUS' => $_ARRAYLANG["TXT_FILESHARING_SHARED"], 'FILE_STATUS_SWITCH' => $_ARRAYLANG["TXT_FILESHARING_STOP_SHARING"], 'FILE_STATUS_SWITCH_HREF' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"] . '&switch=1')); $this->_objTpl->touchBlock('shared'); } else { $this->_objTpl->setVariable(array('FILE_STATUS' => $_ARRAYLANG["TXT_FILESHARING_NOT_SHARED"], 'FILE_STATUS_SWITCH' => $_ARRAYLANG["TXT_FILESHARING_START_SHARING"], 'FILE_STATUS_SWITCH_HREF' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"] . '&switch=1')); $this->_objTpl->hideBlock('shared'); } if ($_POST["shareFiles"]) { $emails = array(); foreach (preg_split('/[;,\\s]+/', $_POST["email"]) as $email) { if (\FWValidator::isEmail($email)) { $emails[] = contrexx_input2raw($email); } } if (count($emails) > 0) { FileSharingLib::sendMail($objResult->fields["id"], $_POST["subject"], $emails, $_POST["message"]); } } elseif ($_POST["saveExpiration"]) { if ($_POST["expiration"]) { $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = NULL WHERE `id` = " . $objResult->fields["id"]); } else { $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = '" . date('Y-m-d H:i:s', strtotime($_POST["expirationDate"])) . "' WHERE `id` = " . $objResult->fields["id"]); } } $objResult = $objDatabase->Execute("SELECT `id`, `hash`, `check`, `expiration_date` FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'"); $this->_objTpl->setVariable(array('FORM_ACTION' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"], 'FORM_METHOD' => 'POST', 'FILESHARING_INFO' => $_ARRAYLANG['TXT_FILESHARING_INFO'], 'FILESHARING_LINK_BACK_HREF' => 'index.php?cmd=Media&archive=FileSharing&path=' . $_GET["path"], 'FILESHARING_LINK_BACK' => $_ARRAYLANG['TXT_FILESHARING_LINK_BACK'], 'FILESHARING_DOWNLOAD_LINK' => $_ARRAYLANG['TXT_FILESHARING_DOWNLOAD_LINK'], 'FILE_DOWNLOAD_LINK_HREF' => FileSharingLib::getDownloadLink($objResult->fields["id"]), 'FILE_DELETE_LINK_HREF' => FileSharingLib::getDeleteLink($objResult->fields["id"]), 'FILESHARING_DELETE_LINK' => $_ARRAYLANG['TXT_FILESHARING_DELETE_LINK'], 'FILESHARING_STATUS' => $_ARRAYLANG['TXT_FILESHARING_STATUS'], 'FILESHARING_EXPIRATION' => $_ARRAYLANG['TXT_FILESHARING_EXPIRATION'], 'FILESHARING_NEVER' => $_ARRAYLANG['TXT_FILESHARING_NEVER'], 'FILESHARING_EXPIRATION_CHECKED' => htmlentities($objResult->fields["expiration_date"] == NULL ? 'checked="checked"' : '', ENT_QUOTES, CONTREXX_CHARSET), 'FILESHARING_EXPIRATION_DATE' => htmlentities($objResult->fields["expiration_date"] != NULL ? date('d.m.Y H:i', strtotime($objResult->fields["expiration_date"])) : date('d.m.Y H:i', time() + 3600 * 24 * 7), ENT_QUOTES, CONTREXX_CHARSET), 'FILESHARING_SEND_MAIL' => $_ARRAYLANG['TXT_FILESHARING_SEND_MAIL'], 'FILESHARING_EMAIL' => $_ARRAYLANG["TXT_FILESHARING_EMAIL"], 'FILESHARING_EMAIL_INFO' => $_ARRAYLANG["TXT_FILESHARING_EMAIL_INFO"], 'FILESHARING_SUBJECT' => $_ARRAYLANG["TXT_FILESHARING_SUBJECT"], 'FILESHARING_SUBJECT_INFO' => $_ARRAYLANG["TXT_FILESHARING_SUBJECT_INFO"], 'FILESHARING_MESSAGE' => $_ARRAYLANG["TXT_FILESHARING_MESSAGE"], 'FILESHARING_MESSAGE_INFO' => $_ARRAYLANG["TXT_FILESHARING_MESSAGE_INFO"], 'FILESHARING_SEND' => $_ARRAYLANG["TXT_FILESHARING_SEND"], 'FILESHARING_SAVE' => $_ARRAYLANG["TXT_FILESHARING_SAVE"], 'TXT_CORE_MAILTEMPLATE_NOTE_TO' => $_ARRAYLANG['TXT_CORE_MAILTEMPLATE_NOTE_TO'])); }
/** * @override */ public function handleRequest() { // Get parameters $chunk = $_POST['partitionIndex']; $chunks = $_POST['partitionCount']; $fileName = contrexx_stripslashes($_FILES['file']['name']); $fileCount = $_GET['files']; // check if the file has a valid file extension if (\FWValidator::is_file_ending_harmless($fileName)) { try { $this->addChunk($fileName, $chunk, $chunks); } catch (UploaderException $e) { die('Error:' . $e->getMessage()); } if ($chunk == $chunks - 1) { //upload of current file finished $this->handleCallback($fileCount); } } else { $this->addHarmfulFileToResponse($fileName); } die(0); }
/** * Sends an email with the contact details to the responsible persons * * This methode sends an email to all email addresses that are defined in the * option "Receiver address(es)" of the requested contact form. * @access private * @global array * @global array * @param array Details of the contact request * @see _getEmailAdressOfString(), phpmailer::From, phpmailer::FromName, phpmailer::AddReplyTo(), phpmailer::Subject, phpmailer::IsHTML(), phpmailer::Body, phpmailer::AddAddress(), phpmailer::Send(), phpmailer::ClearAddresses() */ private function sendMail($arrFormData) { global $_ARRAYLANG, $_CONFIG; $plaintextBody = ''; $replyAddress = ''; $firstname = ''; $lastname = ''; $senderName = ''; $isHtml = $arrFormData['htmlMail'] == 1 ? true : false; // stop send process in case no real data had been submitted if (!isset($arrFormData['data']) && !isset($arrFormData['uploadedFiles'])) { return false; } // check if we shall send the email as multipart (text/html) if ($isHtml) { // setup html mail template $objTemplate = new \Cx\Core\Html\Sigma('.'); $objTemplate->setErrorHandling(PEAR_ERROR_DIE); $objTemplate->setTemplate($arrFormData['mailTemplate']); $objTemplate->setVariable(array('DATE' => date(ASCMS_DATE_FORMAT, $arrFormData['meta']['time']), 'HOSTNAME' => contrexx_raw2xhtml($arrFormData['meta']['host']), 'IP_ADDRESS' => contrexx_raw2xhtml($arrFormData['meta']['ipaddress']), 'BROWSER_LANGUAGE' => contrexx_raw2xhtml($arrFormData['meta']['lang']), 'BROWSER_VERSION' => contrexx_raw2xhtml($arrFormData['meta']['browser']))); } // TODO: check if we have to excape $arrRecipients later in the code $arrRecipients = $this->getRecipients(intval($_GET['cmd'])); // calculate the longest field label. // this will be used to correctly align all user submitted data in the plaintext e-mail // TODO: check if the label of upload-fields are taken into account as well $maxlength = 0; foreach ($arrFormData['fields'] as $arrField) { $length = strlen($arrField['lang'][FRONTEND_LANG_ID]['name']); $maxlength = $maxlength < $length ? $length : $maxlength; } // try to fetch a user submitted e-mail address to which we will send a copy to if (!empty($arrFormData['fields'])) { foreach ($arrFormData['fields'] as $fieldId => $arrField) { // check if field validation is set to e-mail if ($arrField['check_type'] == '2') { $mail = trim($arrFormData['data'][$fieldId]); if (\FWValidator::isEmail($mail)) { $replyAddress = $mail; break; } } if ($arrField['type'] == 'special') { switch ($arrField['special_type']) { case 'access_firstname': $firstname = trim($arrFormData['data'][$fieldId]); break; case 'access_lastname': $lastname = trim($arrFormData['data'][$fieldId]); break; default: break; } } } } if ($arrFormData['useEmailOfSender'] == 1 && (!empty($firstname) || !empty($lastname))) { $senderName = trim($firstname . ' ' . $lastname); } else { $senderName = $_CONFIG['coreGlobalPageTitle']; } // a recipient mail address which has been picked by sender $chosenMailRecipient = null; // fill the html and plaintext body with the submitted form data foreach ($arrFormData['fields'] as $fieldId => $arrField) { if ($fieldId == 'unique_id') { //generated for uploader. no interesting mail content. continue; } $htmlValue = ''; $plaintextValue = ''; $textAreaKeys = array(); switch ($arrField['type']) { case 'label': case 'fieldset': // TODO: parse TH row instead // TODO: parse TH row instead case 'horizontalLine': // TODO: add visual horizontal line // we need to use a 'continue 2' here to first break out of the switch and then move over to the next iteration of the foreach loop continue 2; break; case 'file': case 'multi_file': $htmlValue = ""; $plaintextValue = ""; if (isset($arrFormData['uploadedFiles'][$fieldId])) { $htmlValue = "<ul>"; foreach ($arrFormData['uploadedFiles'][$fieldId] as $file) { $htmlValue .= "<li><a href='" . ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . \Env::get('cx')->getWebsiteOffsetPath() . contrexx_raw2xhtml($file['path']) . "' >" . contrexx_raw2xhtml($file['name']) . "</a></li>"; $plaintextValue .= ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . \Env::get('cx')->getWebsiteOffsetPath() . $file['path'] . "\r\n"; } $htmlValue .= "</ul>"; } break; case 'checkbox': $plaintextValue = !empty($arrFormData['data'][$fieldId]) ? $_ARRAYLANG['TXT_CONTACT_YES'] : $_ARRAYLANG['TXT_CONTACT_NO']; $htmlValue = $plaintextValue; break; case 'recipient': // TODO: check for XSS $plaintextValue = $arrRecipients[$arrFormData['data'][$fieldId]]['lang'][FRONTEND_LANG_ID]; $htmlValue = $plaintextValue; $chosenMailRecipient = $arrRecipients[$arrFormData['data'][$fieldId]]['email']; break; case 'textarea': //we need to know all textareas - they're indented differently then the rest of the other field types $textAreaKeys[] = $fieldId; default: $plaintextValue = isset($arrFormData['data'][$fieldId]) ? $arrFormData['data'][$fieldId] : ''; $htmlValue = contrexx_raw2xhtml($plaintextValue); break; } $fieldLabel = $arrField['lang'][FRONTEND_LANG_ID]['name']; // try to fetch an e-mail address from submitted form date in case we were unable to fetch one from an input type with e-mail validation if (empty($replyAddress)) { $mail = $this->_getEmailAdressOfString($plaintextValue); if (\FWValidator::isEmail($mail)) { $replyAddress = $mail; } } // parse html body if ($isHtml) { if (!empty($htmlValue)) { if ($objTemplate->blockExists('field_' . $fieldId)) { // parse field specific template block $objTemplate->setVariable(array('FIELD_' . $fieldId . '_LABEL' => contrexx_raw2xhtml($fieldLabel), 'FIELD_' . $fieldId . '_VALUE' => $htmlValue)); $objTemplate->parse('field_' . $fieldId); } elseif ($objTemplate->blockExists('form_field')) { // parse regular field template block $objTemplate->setVariable(array('FIELD_LABEL' => contrexx_raw2xhtml($fieldLabel), 'FIELD_VALUE' => $htmlValue)); $objTemplate->parse('form_field'); } } elseif ($objTemplate->blockExists('field_' . $fieldId)) { // hide field specific template block, if present $objTemplate->hideBlock('field_' . $fieldId); } } // parse plaintext body $tabCount = $maxlength - strlen($fieldLabel); $tabs = $tabCount == 0 ? 1 : $tabCount + 1; // TODO: what is this all about? - $value is undefined if ($arrFormData['fields'][$fieldId]['type'] == 'recipient') { $value = $arrRecipients[$value]['lang'][FRONTEND_LANG_ID]; } if (in_array($fieldId, $textAreaKeys)) { // we're dealing with a textarea, don't indent value $plaintextBody .= $fieldLabel . ":\n" . $plaintextValue . "\n"; } else { $plaintextBody .= $fieldLabel . str_repeat(" ", $tabs) . ": " . $plaintextValue . "\n"; } } $arrSettings = $this->getSettings(); // TODO: this is some fixed plaintext message data -> must be ported to html body $message = $_ARRAYLANG['TXT_CONTACT_TRANSFERED_DATA_FROM'] . " " . $_CONFIG['domainUrl'] . "\n\n"; if ($arrSettings['fieldMetaDate']) { $message .= $_ARRAYLANG['TXT_CONTACT_DATE'] . " " . date(ASCMS_DATE_FORMAT, $arrFormData['meta']['time']) . "\n\n"; } $message .= $plaintextBody . "\n\n"; if ($arrSettings['fieldMetaHost']) { $message .= $_ARRAYLANG['TXT_CONTACT_HOSTNAME'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['host']) . "\n"; } if ($arrSettings['fieldMetaIP']) { $message .= $_ARRAYLANG['TXT_CONTACT_IP_ADDRESS'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['ipaddress']) . "\n"; } if ($arrSettings['fieldMetaLang']) { $message .= $_ARRAYLANG['TXT_CONTACT_BROWSER_LANGUAGE'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['lang']) . "\n"; } $message .= $_ARRAYLANG['TXT_CONTACT_BROWSER_VERSION'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['browser']) . "\n"; if (@(include_once \Env::get('cx')->getCodeBaseLibraryPath() . '/phpmailer/class.phpmailer.php')) { $objMail = new \phpmailer(); if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once \Env::get('cx')->getCodeBaseCorePath() . '/SmtpSettings.class.php')) { if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) { $objMail->IsSMTP(); $objMail->Host = $arrSmtp['hostname']; $objMail->Port = $arrSmtp['port']; $objMail->SMTPAuth = true; $objMail->Username = $arrSmtp['username']; $objMail->Password = $arrSmtp['password']; } } $objMail->CharSet = CONTREXX_CHARSET; $objMail->From = $_CONFIG['coreAdminEmail']; $objMail->FromName = $senderName; if (!empty($replyAddress)) { $objMail->AddReplyTo($replyAddress); if ($arrFormData['sendCopy'] == 1) { $objMail->AddAddress($replyAddress); } if ($arrFormData['useEmailOfSender'] == 1) { $objMail->From = $replyAddress; } } $objMail->Subject = $arrFormData['subject']; if ($isHtml) { $objMail->Body = $objTemplate->get(); $objMail->AltBody = $message; } else { $objMail->IsHTML(false); $objMail->Body = $message; } // attach submitted files to email if (count($arrFormData['uploadedFiles']) > 0 && $arrFormData['sendAttachment'] == 1) { foreach ($arrFormData['uploadedFiles'] as $arrFilesOfField) { foreach ($arrFilesOfField as $file) { $objMail->AddAttachment(\Env::get('cx')->getWebsiteDocumentRootPath() . $file['path'], $file['name']); } } } if ($chosenMailRecipient !== null) { if (!empty($chosenMailRecipient)) { $objMail->AddAddress($chosenMailRecipient); $objMail->Send(); $objMail->ClearAddresses(); } } else { foreach ($arrFormData['emails'] as $sendTo) { if (!empty($sendTo)) { $objMail->AddAddress($sendTo); $objMail->Send(); $objMail->ClearAddresses(); } } } } return true; }
/** * Get currencyId by crm id * * @param integer $crmId crm id * * @return mixed null or currencyId */ public static function getCurrencyIdByCrmId($crmId) { if (\FWValidator::isEmpty($crmId)) { return null; } $db = \Env::get('cx')->getDb()->getAdoDb(); $currencyId = $db->GetOne("SELECT `customer_currency` FROM `" . DBPREFIX . "module_crm_contacts` WHERE `id` = " . intval($crmId)); return $currencyId; }
/** * Create a new Order * * @param integer $productId productId * @param object $objUser \User object * @param string $transactionReference transactionReference * @param array $subscriptionOptions subscriptionOptions * * @return boolean * @throws OrderRepositoryException */ public function createOrder($productId, \Cx\Modules\Crm\Model\Entity\Currency $currency, \User $objUser, $transactionReference, $subscriptionOptions = array()) { if (\FWValidator::isEmpty($productId) || \FWValidator::isEmpty($subscriptionOptions) || \FWValidator::isEmpty($transactionReference) || \FWValidator::isEmpty($currency)) { return; } $contactId = $objUser->getCrmUserId(); if (\FWValidator::isEmpty($contactId)) { return; } try { $order = new \Cx\Modules\Order\Model\Entity\Order(); $order->setContactId($contactId); $order->setCurrency($currency); $productRepository = \Env::get('em')->getRepository('Cx\\Modules\\Pim\\Model\\Entity\\Product'); $product = $productRepository->findOneBy(array('id' => $productId)); //create subscription $subscription = $order->createSubscription($product, $subscriptionOptions); // set discount price for first payment period of subscription if (!empty($subscriptionOptions['oneTimeSalePrice'])) { $subscription->setPaymentAmount($subscriptionOptions['oneTimeSalePrice']); } $order->billSubscriptions(); $invoices = $order->getInvoices(); if (!empty($invoices)) { \DBG::msg(__METHOD__ . ": order has invoices"); $paymentRepo = \Env::get('em')->getRepository('\\Cx\\Modules\\Order\\Model\\Entity\\Payment'); foreach ($invoices as $invoice) { if (!$invoice->getPaid()) { \DBG::msg(__METHOD__ . ": lookup payment with transaction-reference {$transactionReference} and amount " . $invoice->getAmount()); $payment = $paymentRepo->findOneByCriteria(array('amount' => $invoice->getAmount(), 'transactionReference' => $transactionReference, 'invoice' => null)); if ($payment) { \DBG::msg(__METHOD__ . ": payment found"); //set subscription-id to Subscription::$externalSubscriptionId if ($subscription) { \DBG::msg(__METHOD__ . ": trying to link to new subscription to the external subscription ID"); $referenceArry = explode('|', $payment->getTransactionReference()); if (isset($referenceArry[4]) && !empty($referenceArry[4])) { $subscription->setExternalSubscriptionId($referenceArry[4]); } } $transactionData = $payment->getTransactionData(); if (!\FWValidator::isEmpty($transactionData) && isset($transactionData['contact']) && isset($transactionData['contact']['id'])) { \DBG::msg(__METHOD__ . ": set externalPaymentCustomerIdProfileAttributeId of user to " . $transactionData['contact']['id']); $objUser->setProfile(array(\Cx\Core\Setting\Controller\Setting::getValue('externalPaymentCustomerIdProfileAttributeId', 'MultiSite') => array(0 => $transactionData['contact']['id'])), true); if (!$objUser->store()) { \DBG::msg('Order::createOrder() Updating user failed: ' . $objUser->getErrorMsg()); } } $invoice->addPayment($payment); $payment->setInvoice($invoice); \Env::get('em')->persist($invoice); \Env::get('em')->persist($payment); break; } } } } \Env::get('em')->persist($order); \Env::get('em')->flush(); return $order; } catch (\Exception $e) { throw new OrderRepositoryException($e->getMessage()); } }
/** * creates the upload page for the frontend */ private function uploadPage() { global $_ARRAYLANG, $objDatabase, $_CONFIG; $params = $this->objUrl->getParamArray(); // the upload is finished and the script has to send a mail and assign the expiration dates if (!empty($this->files) && $_POST["accept_terms"]) { // set expiration time $cmd = \Env::get("Resolver")->getCmd(); if ($cmd != "downloads") { $expiration_date = date("Y-m-d H:i:s", time() + $_POST["expiration"]); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = '" . contrexx_raw2db($expiration_date) . "' WHERE `upload_id` = '" . intval($params["uploadId"]) . "'"); } // send the mail to the reciever if (\FWValidator::isEmail($_POST["email"])) { parent::sendMail($params["uploadId"], $_POST["subject"], array($_POST["email"]), $_POST["message"]); } // send the mail to the administrator parent::sendMail($params["uploadId"], null, array($_CONFIG['coreAdminEmail']), $_POST["message"]); // reset the upload id so the uploads are invisible now $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `upload_id` = NULL WHERE `upload_id` = " . intval($params["uploadId"])); $this->getFileList(); } else { $this->getForm(); } // set the template-variables for the expiration dates foreach ($_ARRAYLANG["TXT_FILESHARING_EXPIRATION_DATES"] as $placeholder => $value) { $this->objTemplate->setVariable(strtoupper($placeholder), $value); } }
private function fetchSubmittedData() { // set default values $data['newsText'] = ''; $data['newsTeaserText'] = ''; $data['newsTitle'] = ''; $data['newsRedirect'] = 'http://'; $data['newsSource'] = 'http://'; $data['newsUrl1'] = 'http://'; $data['newsUrl2'] = 'http://'; $data['newsCat'] = ''; $data['newsType'] = ''; $data['newsTypeRedirect'] = 0; if (!isset($_POST['submitNews'])) { return array(false, $data); } $objValidator = new \FWValidator(); // set POST data $data['newsTitle'] = contrexx_input2raw(html_entity_decode($_POST['newsTitle'], ENT_QUOTES, CONTREXX_CHARSET)); $data['newsTeaserText'] = contrexx_input2raw(html_entity_decode($_POST['newsTeaserText'], ENT_QUOTES, CONTREXX_CHARSET)); $data['newsRedirect'] = $objValidator->getUrl(contrexx_input2raw(html_entity_decode($_POST['newsRedirect'], ENT_QUOTES, CONTREXX_CHARSET))); $data['newsText'] = contrexx_remove_script_tags($this->filterBodyTag(contrexx_input2raw(html_entity_decode($_POST['newsText'], ENT_QUOTES, CONTREXX_CHARSET)))); $data['newsSource'] = $objValidator->getUrl(contrexx_input2raw(html_entity_decode($_POST['newsSource'], ENT_QUOTES, CONTREXX_CHARSET))); $data['newsUrl1'] = $objValidator->getUrl(contrexx_input2raw(html_entity_decode($_POST['newsUrl1'], ENT_QUOTES, CONTREXX_CHARSET))); $data['newsUrl2'] = $objValidator->getUrl(contrexx_input2raw(html_entity_decode($_POST['newsUrl2'], ENT_QUOTES, CONTREXX_CHARSET))); $data['newsCat'] = !empty($_POST['newsCat']) ? contrexx_input2raw($_POST['newsCat']) : array(); $data['newsType'] = !empty($_POST['newsType']) ? intval($_POST['newsType']) : 0; $data['newsTypeRedirect'] = !empty($_POST['newsTypeRedirect']) ? true : false; $data['enableRelatedNews'] = !empty($this->arrSettings['use_related_news']) ? 1 : 0; $data['relatedNews'] = !empty($_POST['relatedNews']) ? contrexx_input2raw($_POST['relatedNews']) : array(); $data['enableTags'] = !empty($this->arrSettings['news_use_tags']) ? 1 : 0; $data['newsTags'] = !empty($_POST['newsTags']) ? contrexx_input2raw($_POST['newsTags']) : array(); return array(true, $data); }
/** * Save the cam's settings * */ function saveCam() { global $objDatabase; $id = intval($_POST['id']); if (!$id) { return false; } $currentImagePath = \Cx\Lib\FileSystem\FileSystem::sanitizePath(contrexx_input2raw($_POST['currentImagePath'])); if (!\FWValidator::isUri($currentImagePath) && strpos($currentImagePath, '/') !== 0) { $currentImagePath = '/' . $currentImagePath; } $maxImageWidth = intval($_POST['maxImageWidth']); $archivePath = \Cx\Lib\FileSystem\FileSystem::sanitizePath(contrexx_input2raw($_POST['archivePath'])); if (!\FWValidator::isUri($archivePath) && strpos($archivePath, '/') !== 0) { $archivePath = '/' . $archivePath; } $thumbnailPath = \Cx\Lib\FileSystem\FileSystem::sanitizePath(contrexx_input2raw($_POST['thumbnailPath'])); if (!\FWValidator::isUri($thumbnailPath) && strpos($thumbnailPath, '/') !== 0) { $thumbnailPath = '/' . $thumbnailPath; } $thumbMaxSize = intval($_POST['thumbMaxSize']); $shadowboxActivate = intval($_POST['shadowboxActivate']); $hourFrom = intval($_POST['hourFrom']); $hourTill = intval($_POST['hourTill']); $minuteFrom = intval($_POST['minuteFrom']); $minuteTill = intval($_POST['minuteTill']); $showFrom = mktime($hourFrom, $minuteFrom); $showTill = mktime($hourTill, $minuteTill); $query = " UPDATE " . DBPREFIX . "module_livecam\n SET currentImagePath = '" . contrexx_raw2db($currentImagePath) . "',\n maxImageWidth = " . $maxImageWidth . ",\n archivePath = '" . contrexx_raw2db($archivePath) . "',\n thumbnailPath = '" . contrexx_raw2db($thumbnailPath) . "',\n thumbMaxSize = " . $thumbMaxSize . ",\n shadowboxActivate = '" . $shadowboxActivate . "',\n showFrom = {$showFrom},\n showTill = {$showTill}\n WHERE id = " . $id; if ($objDatabase->Execute($query) === false) { // return a 500 or so header("HTTP/1.0 500 Internal Server Error"); die; } die; }
/** * Validate an E-mail address * * @param string unvalidated email string * @return boolean * @access public */ function isEmail($email) { require_once ASCMS_FRAMEWORK_PATH . '/Validator.class.php'; return FWValidator::isEmail($email); }
/** * Terminate expired Subscriptions * * This method does call the method Subscription::terminate() on all Subscriptions * that are expired (Subscription::$expirationDate < now), but are still * active (Subscription::$state = active) or have been cancelled (Subscription::$state = cancelled). * Expired Subscriptions that are inactive (Subscription::$state = inactive) are not * terminated as long as they are inactive. This allows a Subscription to be re-activated * and resetting a new expiration date without having the Subscription automatically * being terminated. */ public function terminateExpiredSubscriptions() { $subscriptionRepo = \Env::get('em')->getRepository('Cx\\Modules\\Order\\Model\\Entity\\Subscription'); $subscriptions = $subscriptionRepo->getExpiredSubscriptions(array(\Cx\Modules\Order\Model\Entity\Subscription::STATE_ACTIVE, \Cx\Modules\Order\Model\Entity\Subscription::STATE_CANCELLED)); if (\FWValidator::isEmpty($subscriptions)) { return; } foreach ($subscriptions as $subscription) { $subscription->terminate(); } \Env::get('em')->flush(); }
/** * Get the user details link * * @param mixed $user \User or * \Cx\Core\User\Model\Entity\User or * $userId (Id of a user) * * @return string Returns the parsed user detail link(crm and access) */ public static function getParsedUserLink($user) { global $_CORELANG; if ($user instanceof \Cx\Core\User\Model\Entity\User) { $user = self::getFWUserObject()->objUser->getUser($user->getId()); } if (!is_object($user)) { $user = self::getFWUserObject()->objUser->getUser($user); } if (!$user instanceof \User) { return ''; } $crmDetailImg = ''; if (!\FWValidator::isEmpty($user->getCrmUserId())) { $crmDetailImg = "<a href='index.php?cmd=Crm&act=customers&tpl=showcustdetail&id={$user->getCrmUserId()}'\n title='{$_CORELANG['TXT_CORE_EDIT_USER_CRM_ACCOUNT']}'>\n <img\n src='../core/Core/View/Media/navigation_level_1_189.png'\n width='16' height='16'\n alt='{$_CORELANG['TXT_CORE_EDIT_USER_CRM_ACCOUNT']}'\n />\n </a>"; } return "<a href='index.php?cmd=Access&act=user&tpl=modify&id={$user->getId()}'\n title='{$_CORELANG['TXT_EDIT_USER_ACCOUNT']}'>" . self::getParsedUserTitle($user) . "</a>" . $crmDetailImg; }
function send() { global $objDatabase, $_ARRAYLANG, $_CONFIG; $this->_objTpl->setTemplate($this->pageContent); // Initialize variables $code = substr(md5(rand()), 1, 10); $url = \Cx\Core\Routing\Url::fromModuleAndCmd('Ecard', 'show', '', array('code' => $code))->toString(); // Initialize POST variables $id = intval($_POST['selectedEcard']); $message = contrexx_addslashes($_POST['ecardMessage']); $recipientSalutation = contrexx_stripslashes($_POST['ecardRecipientSalutation']); $senderName = contrexx_stripslashes($_POST['ecardSenderName']); $senderEmail = \FWValidator::isEmail($_POST['ecardSenderEmail']) ? $_POST['ecardSenderEmail'] : ''; $recipientName = contrexx_stripslashes($_POST['ecardRecipientName']); $recipientEmail = \FWValidator::isEmail($_POST['ecardRecipientEmail']) ? $_POST['ecardRecipientEmail'] : ''; if (empty($senderEmail) || empty($recipientEmail)) { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR'])); return false; } $query = "\n SELECT `setting_name`, `setting_value`\n FROM " . DBPREFIX . "module_ecard_settings"; $objResult = $objDatabase->Execute($query); while (!$objResult->EOF) { switch ($objResult->fields['setting_name']) { case 'validdays': $validdays = $objResult->fields['setting_value']; break; // Never used // case 'greetings': // $greetings = $objResult->fields['setting_value']; // break; // Never used // case 'greetings': // $greetings = $objResult->fields['setting_value']; // break; case 'subject': $subject = $objResult->fields['setting_value']; break; case 'emailText': $emailText = strip_tags($objResult->fields['setting_value']); break; } $objResult->MoveNext(); } $timeToLife = $validdays * 86400; // Replace placeholders with used in notification mail with user data $emailText = str_replace('[[ECARD_RECIPIENT_SALUTATION]]', $recipientSalutation, $emailText); $emailText = str_replace('[[ECARD_RECIPIENT_NAME]]', $recipientName, $emailText); $emailText = str_replace('[[ECARD_RECIPIENT_EMAIL]]', $recipientEmail, $emailText); $emailText = str_replace('[[ECARD_SENDER_NAME]]', $senderName, $emailText); $emailText = str_replace('[[ECARD_SENDER_EMAIL]]', $senderEmail, $emailText); $emailText = str_replace('[[ECARD_VALID_DAYS]]', $validdays, $emailText); $emailText = str_replace('[[ECARD_URL]]', $url, $emailText); $body = $emailText; // Insert ecard to DB $query = "\n INSERT INTO `" . DBPREFIX . "module_ecard_ecards` (\n code, date, TTL, salutation,\n senderName, senderEmail,\n recipientName, recipientEmail,\n message\n ) VALUES (\n '" . $code . "',\n '" . time() . "',\n '" . $timeToLife . "',\n '" . addslashes($recipientSalutation) . "',\n '" . addslashes($senderName) . "',\n '" . $senderEmail . "',\n '" . addslashes($recipientName) . "',\n '" . $recipientEmail . "',\n '" . $message . "');"; if ($objDatabase->Execute($query)) { $query = "\n SELECT setting_value\n FROM " . DBPREFIX . "module_ecard_settings\n WHERE setting_name='motive_{$id}'"; $objResult = $objDatabase->SelectLimit($query, 1); // Copy motive to new file with $code as filename $fileExtension = preg_replace('/^.+(\\.[^\\.]+)$/', '$1', $objResult->fields['setting_value']); $fileName = $objResult->fields['setting_value']; $objFile = new \File(); if ($objFile->copyFile(ASCMS_ECARD_OPTIMIZED_PATH . '/', $fileName, ASCMS_ECARD_SEND_ECARDS_PATH . '/', $code . $fileExtension)) { $objMail = new \phpmailer(); // Check e-mail settings if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once ASCMS_CORE_PATH . '/SmtpSettings.class.php')) { $objSmtpSettings = new \SmtpSettings(); if (($arrSmtp = $objSmtpSettings->getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) { $objMail->IsSMTP(); $objMail->Host = $arrSmtp['hostname']; $objMail->Port = $arrSmtp['port']; $objMail->SMTPAuth = true; $objMail->Username = $arrSmtp['username']; $objMail->Password = $arrSmtp['password']; } } // Send notification mail to ecard-recipient $objMail->CharSet = CONTREXX_CHARSET; $objMail->SetFrom($senderEmail, $senderName); $objMail->Subject = $subject; $objMail->IsHTML(false); $objMail->Body = $body; $objMail->AddAddress($recipientEmail); if ($objMail->Send()) { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_HAS_BEEN_SENT'])); } else { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_MAIL_SENDING_ERROR'])); } } } else { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR'])); } }
/** * Sets the placeholders used for the event list view * * @param object $objTpl Template object * @param integer $type Event type * * @return null */ function showEventList($objTpl, $type = '') { global $objInit, $_ARRAYLANG, $_LANGID; $this->getFrontendLanguages(); //if($objInit->mode == 'backend') { $i = 0; foreach ($this->eventList as $key => $objEvent) { $objCategory = new \Cx\Modules\Calendar\Controller\CalendarCategory(intval($objEvent->catId)); $showIn = explode(",", $objEvent->showIn); $languages = ''; if (count(\FWLanguage::getActiveFrontendLanguages()) > 1) { $langState = array(); foreach ($this->arrFrontendLanguages as $langKey => $arrLang) { if (in_array($arrLang['id'], $showIn)) { $langState[$langKey] = 'active'; } } $languages = \Html::getLanguageIcons($langState, 'index.php?cmd=Calendar&act=modify_event&id=' . $objEvent->id . '&langId=%1$d' . ($type == 'confirm' ? "&confirm=1" : "")); if ($type == 'confirm' && $objTpl->blockExists('txt_languages_block_confirm_list')) { $objTpl->touchBlock('txt_languages_block_confirm_list'); } elseif ($objTpl->blockExists('txt_languages_block')) { $objTpl->touchBlock('txt_languages_block'); } } else { if ($type == 'confirm' && $objTpl->blockExists('txt_languages_block_confirm_list')) { $objTpl->hideBlock('txt_languages_block_confirm_list'); } elseif ($objTpl->blockExists('txt_languages_block')) { $objTpl->hideBlock('txt_languages_block'); } } list($priority, $priorityImg) = $this->getPriorityImage($objEvent); $plainDescription = contrexx_html2plaintext($objEvent->description); if (strlen($plainDescription) > 100) { $points = '...'; } else { $points = ''; } $parts = explode("\n", wordwrap($plainDescription, 100, "\n")); $attachNamePos = strrpos($objEvent->attach, '/'); $attachNamelength = strlen($objEvent->attach); $attachName = substr($objEvent->attach, $attachNamePos + 1, $attachNamelength); $hostUri = ''; $hostTarget = ''; if ($objEvent->external) { $objHost = new \Cx\Modules\Calendar\Controller\CalendarHost($objEvent->hostId); if (substr($objHost->uri, -1) != '/') { $hostUri = $objHost->uri . '/'; } else { $hostUri = $objHost->uri; } if (substr($hostUri, 0, 7) != 'http://') { $hostUri = "http://" . $hostUri; } $hostTarget = 'target="_blank"'; } $copyLink = ''; if ($objInit->mode == 'backend') { $editLink = 'index.php?cmd=' . $this->moduleName . '&act=modify_event&id=' . $objEvent->id . ($type == 'confirm' ? "&confirm=1" : ""); $copyLink = $editLink . "&copy=1"; } else { $editLink = CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '&cmd=edit&id=' . $objEvent->id; } $picThumb = file_exists(\Env::get('cx')->getWebsitePath() . "{$objEvent->pic}.thumb") ? "{$objEvent->pic}.thumb" : ($objEvent->pic != '' ? $objEvent->pic : ''); $placeWebsite = $objEvent->place_website != '' ? "<a href='" . $objEvent->place_website . "' target='_blank' >" . $objEvent->place_website . "</a>" : ""; $placeWebsiteSource = $objEvent->place_website; $placeLink = $objEvent->place_link != '' ? "<a href='" . $objEvent->place_link . "' target='_blank' >" . $objEvent->place_link . "</a>" : ""; $placeLinkSource = $objEvent->place_link; if ($this->arrSettings['placeData'] > 1 && $objEvent->locationType == 2) { $objEvent->loadPlaceFromMediadir($objEvent->place_mediadir_id, 'place'); list($placeLink, $placeLinkSource) = $objEvent->loadPlaceLinkFromMediadir($objEvent->place_mediadir_id, 'place'); } $hostWebsite = $objEvent->org_website != '' ? "<a href='" . $objEvent->org_website . "' target='_blank' >" . $objEvent->org_website . "</a>" : ""; $hostWebsiteSource = $objEvent->org_website; $hostLink = $objEvent->org_link != '' ? "<a href='" . $objEvent->org_link . "' target='_blank' >" . $objEvent->org_link . "</a>" : ""; $hostLinkSource = $objEvent->org_link; if ($this->arrSettings['placeDataHost'] > 1 && $objEvent->hostType == 2) { $objEvent->loadPlaceFromMediadir($objEvent->host_mediadir_id, 'host'); list($hostLink, $hostLinkSource) = $objEvent->loadPlaceLinkFromMediadir($objEvent->host_mediadir_id, 'host'); } $startDate = $objEvent->startDate; $endDate = $objEvent->endDate; if ($objEvent->numSubscriber) { $freeSeats = \FWValidator::isEmpty($objEvent->getFreePlaces()) ? '0 (' . $_ARRAYLANG['TXT_CALENDAR_SAVE_IN_WAITLIST'] . ')' : $objEvent->getFreePlaces(); } else { $freeSeats = $_ARRAYLANG['TXT_CALENDAR_YES']; } if (in_array($objEvent->registration, array(CalendarEvent::EVENT_REGISTRATION_NONE, CalendarEvent::EVENT_REGISTRATION_EXTERNAL))) { $freeSeats = $_ARRAYLANG['TXT_CALENDAR_NOT_SPECIFIED']; } $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_ROW' => $i % 2 == 0 ? 'row1' : 'row2', $this->moduleLangVar . '_EVENT_LED' => $objEvent->status == 0 ? 'red' : 'green', $this->moduleLangVar . '_EVENT_STATUS' => $objEvent->status == 0 ? $_ARRAYLANG['TXT_CALENDAR_INACTIVE'] : $_ARRAYLANG['TXT_CALENDAR_ACTIVE'], $this->moduleLangVar . '_EVENT_ID' => $objEvent->id, $this->moduleLangVar . '_EVENT_TITLE' => $objEvent->title, $this->moduleLangVar . '_EVENT_TEASER' => $objEvent->teaser, $this->moduleLangVar . '_EVENT_PICTURE' => $objEvent->pic != '' ? '<img src="' . $objEvent->pic . '" alt="' . $objEvent->title . '" title="' . $objEvent->title . '" />' : '', $this->moduleLangVar . '_EVENT_PICTURE_SOURCE' => $objEvent->pic, $this->moduleLangVar . '_EVENT_THUMBNAIL' => $objEvent->pic != '' ? '<img src="' . $picThumb . '" alt="' . $objEvent->title . '" title="' . $objEvent->title . '" />' : '', $this->moduleLangVar . '_EVENT_PRIORITY' => $priority, $this->moduleLangVar . '_EVENT_PRIORITY_IMG' => $priorityImg, $this->moduleLangVar . '_EVENT_PLACE' => $objEvent->place, $this->moduleLangVar . '_EVENT_DESCRIPTION' => $objEvent->description, $this->moduleLangVar . '_EVENT_SHORT_DESCRIPTION' => $parts[0] . $points, $this->moduleLangVar . '_EVENT_LINK' => $objEvent->link ? "<a href='" . $objEvent->link . "' target='_blank' >" . $objEvent->link . "</a>" : "", $this->moduleLangVar . '_EVENT_LINK_SOURCE' => $objEvent->link, $this->moduleLangVar . '_EVENT_ATTACHMENT' => $objEvent->attach != '' ? '<a href="' . $hostUri . $objEvent->attach . '" target="_blank" >' . $attachName . '</a>' : '', $this->moduleLangVar . '_EVENT_ATTACHMENT_SOURCE' => $objEvent->attach, $this->moduleLangVar . '_EVENT_START' => $this->format2userDateTime($startDate), $this->moduleLangVar . '_EVENT_START_DATE' => $this->format2userDate($startDate), $this->moduleLangVar . '_EVENT_START_TIME' => $this->format2userTime($startDate), $this->moduleLangVar . '_EVENT_DATE' => $this->format2userDate($startDate), $this->moduleLangVar . '_EVENT_END' => $this->format2userDateTime($endDate), $this->moduleLangVar . '_EVENT_END_DATE' => $this->format2userDate($endDate), $this->moduleLangVar . '_EVENT_END_TIME' => $this->format2userTime($endDate), $this->moduleLangVar . '_EVENT_LANGUAGES' => $languages, $this->moduleLangVar . '_EVENT_CATEGORY' => $objCategory->name, $this->moduleLangVar . '_EVENT_EXPORT_LINK' => $hostUri . 'index.php?section=' . $this->moduleName . '&export=' . $objEvent->id, $this->moduleLangVar . '_EVENT_EXPORT_ICON' => '<a href="' . $hostUri . 'index.php?section=' . $this->moduleName . '&export=' . $objEvent->id . '"><img src="modules/Calendar/View/Media/ical_export.gif" border="0" title="' . $_ARRAYLANG['TXT_CALENDAR_EXPORT_ICAL_EVENT'] . '" alt="' . $_ARRAYLANG['TXT_CALENDAR_EXPORT_ICAL_EVENT'] . '" /></a>', $this->moduleLangVar . '_EVENT_EDIT_LINK' => $editLink, $this->moduleLangVar . '_EVENT_COPY_LINK' => $copyLink, $this->moduleLangVar . '_EVENT_SERIES' => $objEvent->seriesStatus == 1 ? '<img src="' . ASCMS_MODULE_WEB_PATH . '/' . $this->moduleName . '/View/Media/Repeat.png" border="0"/>' : '<i>' . $_ARRAYLANG['TXT_CALENDAR_NO_SERIES'] . '</i>', $this->moduleLangVar . '_EVENT_FREE_PLACES' => $freeSeats, $this->moduleLangVar . '_EVENT_ACCESS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_ACCESS_' . $objEvent->access])); if ($objEvent->showDetailView) { $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_DETAIL_LINK' => $objEvent->type == 0 ? self::_getDetailLink($objEvent) : $objEvent->arrData['redirect'][$_LANGID], $this->moduleLangVar . '_EVENT_DETAIL_TARGET' => $objEvent->type == 0 ? '_self' : '_blank')); if ($objTpl->blockExists('event_detail_view')) { $objTpl->touchBlock('event_detail_view'); } if ($objTpl->blockExists('event_no_detail_view')) { $objTpl->hideBlock('event_no_detail_view'); } } else { $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_DETAIL_LINK' => '#', $this->moduleLangVar . '_EVENT_DETAIL_TARGET' => '')); if ($objTpl->blockExists('event_detail_view')) { $objTpl->hideBlock('event_detail_view'); } if ($objTpl->blockExists('event_no_detail_view')) { $objTpl->touchBlock('event_no_detail_view'); } } $hasPlaceMap = !empty($objEvent->place_map) && file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->place_map); if ($hasPlaceMap) { $arrInfo = getimagesize(\Env::get('cx')->getWebsitePath() . $objEvent->place_map); $picWidth = $arrInfo[0] + 20; $picHeight = $arrInfo[1] + 20; } $map_thumb_name = file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->place_map . ".thumb") ? $objEvent->place_map . ".thumb" : $objEvent->place_map; $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_LOCATION_PLACE' => $objEvent->place, $this->moduleLangVar . '_EVENT_LOCATION_ADDRESS' => $objEvent->place_street, $this->moduleLangVar . '_EVENT_LOCATION_ZIP' => $objEvent->place_zip, $this->moduleLangVar . '_EVENT_LOCATION_CITY' => $objEvent->place_city, $this->moduleLangVar . '_EVENT_LOCATION_COUNTRY' => $objEvent->place_country, $this->moduleLangVar . '_EVENT_LOCATION_WEBSITE' => $placeWebsite, $this->moduleLangVar . '_EVENT_LOCATION_WEBSITE_SOURCE' => $placeWebsiteSource, $this->moduleLangVar . '_EVENT_LOCATION_LINK' => $placeLink, $this->moduleLangVar . '_EVENT_LOCATION_LINK_SOURCE' => $placeLinkSource, $this->moduleLangVar . '_EVENT_LOCATION_PHONE' => $objEvent->place_phone, $this->moduleLangVar . '_EVENT_LOCATION_MAP_LINK' => $hasPlaceMap ? '<a href="' . $objEvent->place_map . '" onClick="window.open(this.href,\'\',\'resizable=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=no,fullscreen=no,dependent=no,width=' . $picWidth . ',height=' . $picHeight . ',status\'); return false">' . $_ARRAYLANG['TXT_CALENDAR_MAP'] . '</a>' : "", $this->moduleLangVar . '_EVENT_LOCATION_MAP_THUMBNAIL' => $hasPlaceMap ? '<a href="' . $objEvent->place_map . '" onClick="window.open(this.href,\'\',\'resizable=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=no,fullscreen=no,dependent=no,width=' . $picWidth . ',height=' . $picHeight . ',status\'); return false"><img src="' . $map_thumb_name . '" border="0" alt="' . $objEvent->place_map . '" /></a>' : "", $this->moduleLangVar . '_EVENT_LOCATION_MAP_SOURCE' => $hasPlaceMap ? $objEvent->place_map : '', $this->moduleLangVar . '_EVENT_HOST' => $objEvent->org_name, $this->moduleLangVar . '_EVENT_HOST_ADDRESS' => $objEvent->org_street, $this->moduleLangVar . '_EVENT_HOST_ZIP' => $objEvent->org_zip, $this->moduleLangVar . '_EVENT_HOST_CITY' => $objEvent->org_city, $this->moduleLangVar . '_EVENT_HOST_COUNTRY' => $objEvent->org_country, $this->moduleLangVar . '_EVENT_HOST_WEBSITE' => $hostWebsite, $this->moduleLangVar . '_EVENT_HOST_WEBSITE_SOURCE' => $hostWebsiteSource, $this->moduleLangVar . '_EVENT_HOST_LINK' => $hostLink, $this->moduleLangVar . '_EVENT_HOST_LINK_SOURCE' => $hostLinkSource, $this->moduleLangVar . '_EVENT_HOST_PHONE' => $objEvent->org_phone, $this->moduleLangVar . '_EVENT_HOST_EMAIL' => $objEvent->org_email != '' ? "<a href='mailto:" . $objEvent->org_email . "' >" . $objEvent->org_email . "</a>" : "", $this->moduleLangVar . '_EVENT_HOST_EMAIL_SOURCE' => $objEvent->org_email)); if ($objTpl->blockExists('event_location_website')) { if (empty($placeWebsite)) { $objTpl->hideBlock('event_location_website'); } else { $objTpl->touchBlock('event_location_website'); } } if ($objTpl->blockExists('event_location_link')) { if (empty($placeLink)) { $objTpl->hideBlock('event_location_link'); } else { $objTpl->touchBlock('event_location_link'); } } if ($objTpl->blockExists('event_location_phone')) { if (empty($objEvent->place_phone)) { $objTpl->hideBlock('event_location_phone'); } else { $objTpl->touchBlock('event_location_phone'); } } if ($objTpl->blockExists('event_location_map')) { if ($hasPlaceMap) { $objTpl->touchBlock('event_location_map'); } else { $objTpl->hideBlock('event_location_map'); } } if ($objTpl->blockExists('event_host_website')) { if (empty($hostWebsite)) { $objTpl->hideBlock('event_host_website'); } else { $objTpl->touchBlock('event_host_website'); } } if ($objTpl->blockExists('event_host_link')) { if (empty($hostLink)) { $objTpl->hideBlock('event_host_link'); } else { $objTpl->touchBlock('event_host_link'); } } if ($objTpl->blockExists('event_host_phone')) { if (empty($objEvent->org_phone)) { $objTpl->hideBlock('event_host_phone'); } else { $objTpl->touchBlock('event_host_phone'); } } if ($objTpl->blockExists('event_host_email')) { if (empty($objEvent->org_email)) { $objTpl->hideBlock('event_host_email'); } else { $objTpl->touchBlock('event_host_email'); } } if ($objInit->mode == 'backend') { $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_COUNT_REG' => $objEvent->getRegistrationCount(), $this->moduleLangVar . '_EVENT_COUNT_DEREG' => $objEvent->getCancellationCount(), $this->moduleLangVar . '_EVENT_COUNT_WAITLIST' => $objEvent->getWaitlistCount())); } $i++; // show date block if ($objTpl->blockExists('calendarDateList')) { $showStartDateList = $objEvent->useCustomDateDisplay ? $objEvent->showStartDateList : $this->arrSettings['showStartDateList'] == 1; $showEndDateList = $objEvent->useCustomDateDisplay ? $objEvent->showEndDateList : $this->arrSettings['showEndDateList'] == 1; $showStartTimeList = $objEvent->all_day ? false : ($objEvent->useCustomDateDisplay ? $objEvent->showStartTimeList : $this->arrSettings['showStartTimeList'] == 1); $showEndTimeList = $objEvent->all_day ? false : ($objEvent->useCustomDateDisplay ? $objEvent->showEndTimeList : $this->arrSettings['showEndTimeList'] == 1); $showTimeTypeList = $objEvent->useCustomDateDisplay ? $objEvent->showTimeTypeList : 1; // get date for several days format > show starttime with startdate and endtime with enddate > only if several days event and all values (dates/times) are displayed if ($this->format2userDate($startDate) != $this->format2userDate($endDate) && ($showStartDateList && $showEndDateList && $showStartTimeList && $showEndTimeList)) { //part 1 $part = 1; $this->getMultiDateBlock($objEvent, $this->arrSettings['separatorDateTimeList'], $this->arrSettings['separatorSeveralDaysList'], $this->arrSettings['showClockList'] == 1, $part); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_LIST' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_LIST' => $this->sepDateTime, $this->moduleLangVar . '_TIME_LIST' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_LIST' => $this->clock)); $objTpl->parse('calendarDateList'); //part 2 $part = 2; $this->getMultiDateBlock($objEvent, $this->arrSettings['separatorDateTimeList'], $this->arrSettings['separatorSeveralDaysList'], $this->arrSettings['showClockList'] == 1, $part); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_LIST' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_LIST' => $this->sepDateTime, $this->moduleLangVar . '_TIME_LIST' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_LIST' => $this->clock)); $objTpl->parse('calendarDateList'); } else { // get date for single day format $this->getSingleDateBlock($objEvent, $showStartDateList, $showEndDateList, $this->arrSettings['separatorDateList'], $showTimeTypeList, $showStartTimeList, $showEndTimeList, $this->arrSettings['separatorDateTimeList'], $this->arrSettings['separatorTimeList'], $this->arrSettings['showClockList'] == 1); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_LIST' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_LIST' => $this->sepDateTime, $this->moduleLangVar . '_TIME_LIST' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_LIST' => $this->clock)); $objTpl->parse('calendarDateList'); } } if ($objInit->mode == \Cx\Core\Core\Controller\Cx::MODE_FRONTEND) { $this->parseRegistrationPlaceholders($objTpl, $objEvent, $hostUri, $hostTarget); } if ($type == 'confirm') { if ($objTpl->blockExists('eventConfirmList')) { $objTpl->parse('eventConfirmList'); } } else { if ($objTpl->blockExists('eventList')) { $objTpl->parse('eventList'); } if ($objTpl->blockExists('calendar_headlines_row')) { $objTpl->parse('calendar_headlines_row'); } } } if (count($this->eventList) == 0 && $type != 'confirm') { $objTpl->hideBlock('eventList'); $objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_NO_EVENTS' => $_ARRAYLANG['TXT_CALENDAR_EVENTS_NO'])); $objTpl->parse('emptyEventList'); } //} }
/** * this is called as soon as uploads have finished. * takes care of moving them to the right folder * * @return string the directory to move to */ public static function uploadFinished($tempPath, $tempWebPath, $data, $uploadId, $fileInfos) { $path = $data['path']; $webPath = $data['webPath']; //we remember the names of the uploaded files here. they are stored in the session afterwards, //so we can later display them highlighted. $arrFiles = array(); //rename files, delete unwanted $arrFilesToRename = array(); //used to remember the files we need to rename $h = opendir($tempPath); while (false !== ($file = readdir($h))) { $info = pathinfo($file); //skip . and .. if ($file == '.' || $file == '..') { continue; } $file = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($file); //delete potentially malicious files if (!\FWValidator::is_file_ending_harmless($file)) { @unlink($tempPath . '/' . $file); continue; } //check if file needs to be renamed $newName = ''; $suffix = ''; if (file_exists($path . $file)) { $suffix = '_' . time(); if (empty($_REQUEST['uploadForceOverwrite']) || !intval($_REQUEST['uploadForceOverwrite'] > 0)) { $newName = $info['filename'] . $suffix . '.' . $info['extension']; $arrFilesToRename[$file] = $newName; array_push($arrFiles, $newName); } } else { array_push($arrFiles, $file); } } //rename files where needed foreach ($arrFilesToRename as $oldName => $newName) { rename($tempPath . '/' . $oldName, $tempPath . '/' . $newName); } //create thumbnails // foreach($arrFiles as $file) { // $fileType = pathinfo($file); // if ($fileType['extension'] == 'jpg' || $fileType['extension'] == 'jpeg' || $fileType['extension'] == 'png' || $fileType['extension'] == 'gif') { // $objFile = new File(); // $_objImage = new ImageManager(); // $_objImage->_createThumbWhq($tempPath.'/', $tempWebPath.'/', $file, 1e10, 80, 90); // // if ($objFile->setChmod($tempPath, $tempWebPath, ImageManager::getThumbnailFilename($file))) // $this->_pushStatusMessage(sprintf($_ARRAYLANG['TXT_FILEBROWSER_THUMBNAIL_SUCCESSFULLY_CREATED'], $strWebPath.$file)); // } // } //remember the uploaded files if (isset($_SESSION["filebrowser_upload_files_{$uploadId}"])) { //do not overwrite already uploaded files $arrFiles = array_merge($_SESSION["filebrowser_upload_files_{$uploadId}"], $arrFiles); } $_SESSION["filebrowser_upload_files_{$uploadId}"] = $arrFiles; /* unwanted files have been deleted, unallowed filenames corrected. we can now simply return the desired target path, as only valid files are present in $tempPath */ return array($path, $webPath); }
/** * Update guestbook * * @global ADONewConnection * @global array */ function _update() { global $objDatabase, $_ARRAYLANG; $guestbookId = intval($_GET['id']); $error = ""; if (!empty($guestbookId)) { $forename = contrexx_addslashes(strip_tags($_POST['forename'])); $name = contrexx_addslashes(strip_tags($_POST['name'])); $gender = contrexx_addslashes(strip_tags($_POST['malefemale'])); $mail = isset($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : ''; $url = isset($_POST['url']) && strlen($_POST['url']) > 7 ? contrexx_addslashes(strip_tags($_POST['url'])) : ""; $comment = contrexx_addslashes(strip_tags($_POST['comment'])); $location = contrexx_addslashes(strip_tags($_POST['location'])); $ip = contrexx_addslashes(strip_tags($_POST['ip'])); $date = contrexx_addslashes(strip_tags($_POST['datetime'])); $objValidator = new \FWValidator(); if (!empty($url)) { if (!$this->isUrl($url)) { $error .= $_ARRAYLANG['TXT_INVALID_INTERNET_ADDRESS'] . "<br />"; } } if (!$objValidator->isEmail($mail)) { $error .= $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS'] . "<br />"; } if (!empty($forename) && !empty($name)) { $query = "UPDATE " . DBPREFIX . "module_guestbook\n SET forename='{$forename}',\n name='{$name}',\n gender='{$gender}',\n email='{$mail}',\n url='{$url}',\n comment='{$comment}',\n location='{$location}',\n ip='{$ip}',\n datetime='{$date}',\n lang_id='{$this->langId}'\n WHERE id={$guestbookId}"; $objDatabase->Execute($query); } } if (empty($error)) { $this->strOkMessage = $_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL']; } else { $this->strErrMessage = $error; } }
/** * Check that a string looks roughly like an email address should * Static so it can be used without instantiation * Tries to use PHP built-in validator in the filter extension (from PHP 5.2), falls back to a reasonably competent regex validator * Conforms approximately to RFC2822 * @link http://www.hexillion.com/samples/#Regex Original pattern found here * @param string $address The email address to check * @return boolean * @static * @access public */ public static function ValidateAddress($address) { return FWValidator::isEmail($address); /* if (function_exists('filter_var')) { //Introduced in PHP 5.2 */ /* if(filter_var($address, FILTER_VALIDATE_EMAIL) === FALSE) { */ /* return false; */ /* } else { */ /* return true; */ /* } */ /* } else { */ /* return preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_-]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $address); */ /* } */ }
function _editUser() { global $objDatabase, $_ARRAYLANG, $_CORELANG; $activeFrontendlang = \FWLanguage::getActiveFrontendLanguages(); $copy = isset($_REQUEST['copy']) && $_REQUEST['copy'] == 1; $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; $recipientEmail = ''; $recipientUri = ''; $recipientSex = ''; $recipientSalutation = 0; $recipientTitle = ''; $recipientPosition = ''; $recipientIndustrySector = ''; $recipientPhoneMobile = ''; $recipientPhonePrivate = ''; $recipientFax = ''; $recipientNotes = ''; $recipientLastname = ''; $recipientFirstname = ''; $recipientCompany = ''; $recipientAddress = ''; $recipientZip = ''; $recipientCity = ''; $recipientCountry = ''; $recipientPhoneOffice = ''; $recipientBirthday = ''; $recipientLanguage = count($activeFrontendlang) == 1 ? key($activeFrontendlang) : ''; $recipientStatus = isset($_POST['newsletter_recipient_status']) ? 1 : (empty($_POST) ? 1 : 0); $arrAssociatedLists = array(); $recipientSendEmailId = isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0; $recipientSendMailDisplay = false; if (isset($_POST['newsletter_recipient_email'])) { $recipientEmail = $_POST['newsletter_recipient_email']; } if (isset($_POST['newsletter_recipient_uri'])) { $recipientUri = $_POST['newsletter_recipient_uri']; } if (isset($_POST['newsletter_recipient_sex'])) { $recipientSex = in_array($_POST['newsletter_recipient_sex'], array('f', 'm')) ? $_POST['newsletter_recipient_sex'] : ''; } if (isset($_POST['newsletter_recipient_salutation'])) { // TODO: use FWUSER $arrRecipientSalutation = $this->_getRecipientTitles(); $recipientSalutation = in_array($_POST['newsletter_recipient_salutation'], array_keys($arrRecipientSalutation)) ? intval($_POST['newsletter_recipient_salutation']) : 0; } if (isset($_POST['newsletter_recipient_lastname'])) { $recipientLastname = $_POST['newsletter_recipient_lastname']; } if (isset($_POST['newsletter_recipient_firstname'])) { $recipientFirstname = $_POST['newsletter_recipient_firstname']; } if (isset($_POST['newsletter_recipient_company'])) { $recipientCompany = $_POST['newsletter_recipient_company']; } if (isset($_POST['newsletter_recipient_address'])) { $recipientAddress = $_POST['newsletter_recipient_address']; } if (isset($_POST['newsletter_recipient_zip'])) { $recipientZip = $_POST['newsletter_recipient_zip']; } if (isset($_POST['newsletter_recipient_city'])) { $recipientCity = $_POST['newsletter_recipient_city']; } if (isset($_POST['newsletter_country_id'])) { $recipientCountry = $_POST['newsletter_country_id']; } if (isset($_POST['newsletter_recipient_phone_office'])) { $recipientPhoneOffice = $_POST['newsletter_recipient_phone_office']; } if (isset($_POST['newsletter_recipient_notes'])) { $recipientNotes = $_POST['newsletter_recipient_notes']; } if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) { $recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']); } if (isset($_POST['newsletter_recipient_title'])) { $recipientTitle = $_POST['newsletter_recipient_title']; } if (isset($_POST['newsletter_recipient_position'])) { $recipientPosition = $_POST['newsletter_recipient_position']; } if (isset($_POST['newsletter_recipient_industry_sector'])) { $recipientIndustrySector = $_POST['newsletter_recipient_industry_sector']; } if (isset($_POST['newsletter_recipient_phone_mobile'])) { $recipientPhoneMobile = $_POST['newsletter_recipient_phone_mobile']; } if (isset($_POST['newsletter_recipient_phone_private'])) { $recipientPhonePrivate = $_POST['newsletter_recipient_phone_private']; } if (isset($_POST['newsletter_recipient_fax'])) { $recipientFax = $_POST['newsletter_recipient_fax']; } if (isset($_POST['language'])) { $recipientLanguage = $_POST['language']; } if (isset($_POST['newsletter_recipient_associated_list'])) { foreach ($_POST['newsletter_recipient_associated_list'] as $listId => $status) { if (intval($status) == 1) { array_push($arrAssociatedLists, intval($listId)); } } } // Get interface settings $objInterface = $objDatabase->Execute('SELECT `setvalue` FROM `' . DBPREFIX . 'module_newsletter_settings` WHERE `setname` = "recipient_attribute_status"'); $recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true); if (isset($_POST['newsletter_recipient_save'])) { $objValidator = new \FWValidator(); if ($objValidator->isEmail($recipientEmail)) { if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) { if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId, $copy)) { //reset the $recipientId on copy function $recipientId = $copy ? 0 : $recipientId; if ($recipientId > 0) { if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) { self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_UPDATED_SUCCESSFULLY']; return $this->_userList(); } else { // fall back to old recipient id, if any error occurs on copy $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_UPDATE_RECIPIENT']; } } else { if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) { if (!empty($recipientSendEmailId)) { $objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1); $recipientId = $objRecipient->fields['id']; $this->insertTmpEmail($recipientSendEmailId, $recipientEmail, self::USER_TYPE_NEWSLETTER); // setting TmpEntry=1 will set the newsletter status=1, this will force an imediate stop in the newsletter send procedere. if ($this->SendEmail($recipientId, $recipientSendEmailId, $recipientEmail, 1, self::USER_TYPE_NEWSLETTER) == false) { // fall back to old recipient id, if any error occurs on copy $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; self::$strErrMessage .= $_ARRAYLANG['TXT_SENDING_MESSAGE_ERROR']; } else { $objRecipientCount = $objDatabase->execute('SELECT subject FROM ' . DBPREFIX . 'module_newsletter WHERE id=' . intval($recipientSendEmailId)); $newsTitle = $objRecipientCount->fields['subject']; // TODO: Unused // $objUpdateCount = $objDatabase->execute(' UPDATE ' . DBPREFIX . 'module_newsletter SET recipient_count = recipient_count+1 WHERE id=' . intval($recipientSendEmailId)); self::$strOkMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MAIL_SEND_SUCCESSFULLY'] . '<br />', '<strong>' . $newsTitle . '</strong>'); } } self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_SAVED_SUCCESSFULLY']; return $this->_userList(); } else { // fall back to old recipient id, if any error occurs on copy $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_SAVE_RECIPIENT']; } } } elseif (empty($recipientId)) { $objRecipient = $objDatabase->SelectLimit("SELECT id, language, status, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1); $recipientId = $objRecipient->fields['id']; $recipientLanguage = $objRecipient->fields['language']; $recipientStatus = $objRecipient->fields['status']; $recipientNotes = !empty($objRecipient->fields['notes']) ? $objRecipient->fields['notes'] . ' ' . $recipientNotes : $recipientNotes; $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND id!=" . ($copy ? 0 : $recipientId), 1); self::$strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS'], '<a href="index.php?cmd=Newsletter&act=users&tpl=edit&id=' . $objResult->fields['id'] . '" target="_blank">' . $_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS_CLICK_HERE'] . '</a>'); } } else { self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR']; } } else { self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_INVALIDE_EMAIL_ADDRESS']; } } elseif ($recipientId > 0) { $objRecipient = $objDatabase->SelectLimit("SELECT email, uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1); if ($objRecipient !== false && $objRecipient->RecordCount() == 1) { $recipientEmail = $objRecipient->fields['email']; $recipientUri = $objRecipient->fields['uri']; $recipientSex = $objRecipient->fields['sex']; $recipientSalutation = $objRecipient->fields['salutation']; $recipientTitle = $objRecipient->fields['title']; $recipientLastname = $objRecipient->fields['lastname']; $recipientFirstname = $objRecipient->fields['firstname']; $recipientPosition = $objRecipient->fields['position']; $recipientCompany = $objRecipient->fields['company']; $recipientIndustrySector = $objRecipient->fields['industry_sector']; $recipientAddress = $objRecipient->fields['address']; $recipientZip = $objRecipient->fields['zip']; $recipientCity = $objRecipient->fields['city']; $recipientCountry = $objRecipient->fields['country_id']; $recipientPhoneOffice = $objRecipient->fields['phone_office']; $recipientPhonePrivate = $objRecipient->fields['phone_private']; $recipientPhoneMobile = $objRecipient->fields['phone_mobile']; $recipientFax = $objRecipient->fields['fax']; $recipientBirthday = $objRecipient->fields['birthday']; $recipientLanguage = $objRecipient->fields['language']; $recipientStatus = $objRecipient->fields['status']; $recipientNotes = $objRecipient->fields['notes']; $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"checked"' : '')); $this->_objTpl->parse('newsletter_mail_associated_list_' . $column); $listNr++; } if (count($activeFrontendlang) > 1) { foreach ($activeFrontendlang as $lang) { $selected = $lang['id'] == $recipientLanguage ? 'selected="selected"' : ''; $this->_objTpl->setVariable(array('NEWSLETTER_LANGUAGE_ID' => contrexx_raw2xhtml($lang['id']), 'NEWSLETTER_LANGUAGE_NAME' => contrexx_raw2xhtml($lang['name']), 'NEWSLETTER_LANGUAGES_SELECTED' => $selected)); $this->_objTpl->parse('languages'); } $languageOptionDisplay = true; } else { $this->_objTpl->hideBlock('languageOption'); } if (empty($recipientId) || $copy) { $objNewsletterMails = $objDatabase->Execute('SELECT id, subject FROM ' . DBPREFIX . 'module_newsletter ORDER BY status, id DESC'); while (!$objNewsletterMails->EOF) { $selected = $recipientSendEmailId == $objNewsletterMails->fields['id'] ? 'selected="selected"' : ''; $this->_objTpl->setVariable(array('NEWSLETTER_EMAIL_ID' => contrexx_raw2xhtml($objNewsletterMails->fields['id']), 'NEWSLETTER_EMAIL_NAME' => contrexx_raw2xhtml($objNewsletterMails->fields['subject']), 'NEWSLETTER_EMAIL_SELECTED' => $selected)); $this->_objTpl->parse('allMails'); $objNewsletterMails->MoveNext(); } $recipientSendMailDisplay = true; } else { $this->_objTpl->hideBlock('sendEmail'); } // Display settings recipient general attributes $sendMailRowClass = $languageOptionDisplay ? 'row2' : 'row1'; if ($languageOptionDisplay && $recipientSendMailDisplay) { $associatedListRowClass = 'row1'; } elseif ($languageOptionDisplay || $recipientSendMailDisplay) { $associatedListRowClass = 'row2'; } else { $associatedListRowClass = 'row1'; } $recipientNotesRowClass = $associatedListRowClass == 'row1' ? 'row2' : 'row1'; $this->_objTpl->setVariable(array('NEWSLETTER_SEND_EMAIL_ROWCLASS' => $sendMailRowClass, 'NEWSLETTER_ASSOCIATED_LISTS_ROWCLASS' => $associatedListRowClass, 'NEWSLETTER_NOTES_ROWCLASS' => $recipientNotesRowClass)); //display settings recipient profile detials $recipientAttributeDisplay = false; foreach ($recipientAttributeStatus as $value) { if ($value['active']) { $recipientAttributeDisplay = true; break; } } $profileRowCount = 0; $recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website'); if ($recipientAttributeDisplay) { foreach ($recipientAttributesArray as $attribute) { if ($recipientAttributeStatus[$attribute]['active'] && $this->_objTpl->blockExists($attribute)) { $this->_objTpl->touchBlock($attribute); $this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_ROW_CLASS' => $profileRowCount % 2 == 0 ? 'row2' : 'row1', 'NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : '')); $profileRowCount++; } else { $this->_objTpl->hideBlock($attribute); } } } else { $this->_objTpl->hideBlock('recipientProfileAttributes'); } $filterParams = (!empty($_GET['newsletterListId']) ? '&newsletterListId=' . contrexx_input2raw($_GET['newsletterListId']) : '') . (!empty($_GET['filterkeyword']) ? '&filterkeyword=' . contrexx_input2raw($_GET['filterkeyword']) : '') . (!empty($_GET['filterattribute']) ? '&filterattribute=' . contrexx_input2raw($_GET['filterattribute']) : '') . (!empty($_GET['filterStatus']) ? '&filterStatus=' . contrexx_input2raw($_GET['filterStatus']) : ''); $this->_objTpl->setVariable(array('NEWSLETTER_RECIPIENT_ID' => $recipientId, 'NEWSLETTER_RECIPIENT_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'TXT_NEWSLETTER_STATUS' => $_ARRAYLANG['TXT_NEWSLETTER_STATUS'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'TXT_NEWSLETTER_ASSOCIATED_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_ASSOCIATED_LISTS'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_PROFILE' => $_ARRAYLANG['TXT_NEWSLETTER_PROFILE'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'NEWSLETTER_RECIPIENT_STATUS' => $recipientStatus == '1' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_URI' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FEMALE' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_MALE' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="newsletter_recipient_salutation" style="width:296px" size="1"'), 'NEWSLETTER_RECIPIENT_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_RECIPIENT_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_BIRTHDAY' => htmlentities($recipientBirthday, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COPY' => $copy ? 1 : 0, 'TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'], 'TXT_CANCEL' => $_CORELANG['TXT_CANCEL'], 'TXT_NEWSLETTER_DO_NOT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_DO_NOT_SEND_EMAIL'], 'TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR'], 'NEWSLETTER_FILTER_PARAMS' => $filterParams)); $this->_objTpl->parse('module_newsletter_user_edit'); return true; }
/** * Validate user input data. * * @access private * @param array $arrUserData user input data from submitted form * @return array $arrFieldsToHighlight contains all fields which need to be highlighted */ private function validateUserData($arrUserData) { global $_ARRAYLANG; $arrFieldsToHighlight = array(); foreach ($arrUserData['numeric'] as $key => $field) { if (!empty($field['mandatory'])) { if (empty($field['value'])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } if (strlen($field['value']) > $field['length']) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } if (!empty($field['value']) && !is_numeric($field['value'])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_NOT_NUMERIC']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } if (!empty($field['value']) && $field['value'] < 1) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_NOT_POSITIVE']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } foreach ($arrUserData['text'] as $key => $field) { if (!empty($field['mandatory'])) { if (empty($field['value'])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } if (strlen($field['value']) > $field['length']) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } foreach ($arrUserData['selection'] as $key => $field) { if (!empty($field['mandatory'])) { if (empty($field['value'])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_SELECTION_EMPTY']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } if (!empty($field['value']) && !isset($field['options'][$field['value']])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_SELECTION_INVALID_OPTION']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } foreach ($arrUserData['email'] as $key => $field) { if (!empty($field['mandatory'])) { if (empty($field['value'])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } if (strlen($field['value']) > $field['length']) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } if (!empty($field['value']) && !\FWValidator::isEmail($field['value'])) { $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_INVALID_EMAIL']; $msg = str_replace('{FIELD_NAME}', $field['name'], $msg); $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg); $this->arrStatusMessages['error'][] = $msg; $arrFieldsToHighlight[$key] = ''; continue; } } return $arrFieldsToHighlight; }
/** * Validate the email * * @param string $string * @return boolean result */ function isEmail($string) { return \FWValidator::isEmail($string); }
/** * Verifies the account data present in the session * @param boolean $silent If true, no messages are created. * Defaults to false * @return boolean True if the account data is complete * and valid, false otherwise */ static function verify_account($silent = false) { global $_ARRAYLANG; //\DBG::log("Verify account"); $status = true; //\DBG::log("POST: ". var_export($_POST, true)); if (isset($_POST) && !self::verifySessionAddress()) { if ($silent) { return false; } $status = \Message::error($_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS']); } // Registered Customers are okay now if (self::$objCustomer) { return $status; } if (\Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_MANDATORY || \Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_OPTIONAL && empty($_SESSION['shop']['dont_register'])) { if (isset($_SESSION['shop']['password']) && !\User::isValidPassword($_SESSION['shop']['password'])) { if ($silent) { return false; } global $objInit; $objInit->loadLanguageData('Access'); $status = \Message::error(\Cx\Core_Modules\Access\Controller\AccessLib::getPasswordInfo()); } } else { // User is not trying to register, so she doesn't need a password. // Mind that this is necessary in order to avoid passwords filled // in automatically by the browser, which may be wrong, or // invalid, or both. $_SESSION['shop']['password'] = NULL; } if (isset($_SESSION['shop']['email']) && !\FWValidator::isEmail($_SESSION['shop']['email'])) { if ($silent) { return false; } $status = \Message::error($_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS']); } if (!$status) { return false; } if (isset($_SESSION['shop']['email'])) { // Ignore "unregistered" Customers. These will silently be updated if (Customer::getUnregisteredByEmail($_SESSION['shop']['email'])) { return true; } $objUser = new \User(); $objUser->setUsername($_SESSION['shop']['email']); $objUser->setEmail($_SESSION['shop']['email']); \Message::save(); // This method will set an error message we don't want here // (as soon as it uses the Message class, that is) if (!($objUser->validateUsername() && $objUser->validateEmail())) { //\DBG::log("Shop::verify_account(): Username or e-mail in use"); \Message::restore(); $_POST['email'] = $_SESSION['shop']['email'] = NULL; if ($silent) { return false; } return \Message::error(sprintf($_ARRAYLANG['TXT_EMAIL_USED_BY_OTHER_CUSTOMER'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'account')))) || \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_GOTO_SENDPASS'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'sendpass'))); } \Message::restore(); } return $status; }
/** * performs the registratio page * * @return null */ function showRegistrationForm() { global $_ARRAYLANG, $_CORELANG; $this->_objTpl->setTemplate($this->pageContent, true, true); $objFWUser = \FWUser::getFWUserObject(); $objUser = $objFWUser->objUser; $userId = intval($objUser->getId()); $userLogin = $objUser->login(); $captchaCheck = true; if (!$userLogin && isset($_POST['submitRegistration'])) { $captchaCheck = \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check(); if (!$captchaCheck) { $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ERROR' => '<span class="text-danger">' . $_ARRAYLANG['TXT_CALENDAR_INVALID_CAPTCHA_CODE'] . '</span>')); } } $objEvent = $this->objEventManager->eventList[0]; if (empty($objEvent)) { \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName, '')); return; } if (!$objEvent->status) { \Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName, '')); return; } if ($objEvent->access == 1 && !\FWUser::getFWUserObject()->objUser->login()) { $link = base64_encode(CONTREXX_SCRIPT_PATH . '?' . $_SERVER['QUERY_STRING']); \Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_SCRIPT_PATH . "?section=Login&redirect=" . $link); return; } $dateForPageTitle = $objEvent->startDate; $this->pageTitle = $this->format2userDate($dateForPageTitle) . ": " . html_entity_decode($objEvent->title, ENT_QUOTES, CONTREXX_CHARSET); // Only show registration form if event lies in the future if (time() <= $objEvent->startDate->getTimestamp()) { // Only show registration form if event accepts registrations. // Event accepts registrations, if registration is set up and // - no attendee limit is set // - or if there are still free places available if ($objEvent->registration == CalendarEvent::EVENT_REGISTRATION_INTERNAL && (empty($objEvent->numSubscriber) || !\FWValidator::isEmpty($objEvent->getFreePlaces()))) { $this->_objTpl->setVariable(array($this->moduleLangVar . '_EVENT_ID' => intval($_REQUEST['id']), $this->moduleLangVar . '_FORM_ID' => intval($objEvent->registrationForm), $this->moduleLangVar . '_EVENT_DATE' => intval($_REQUEST['date']), $this->moduleLangVar . '_USER_ID' => $userId, 'TXT_' . $this->moduleLangVar . '_REGISTRATION_SUBMIT' => $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUBMIT'])); $objFormManager = new \Cx\Modules\Calendar\Controller\CalendarFormManager(); $objFormManager->setEvent($objEvent); $objFormManager->getFormList(); //$objFormManager->showForm($this->_objTpl,intval($objEvent->registrationForm), 2, $objEvent->ticketSales); // Made the ticket sales always true, because ticket functionality currently not implemented $objFormManager->showForm($this->_objTpl, intval($objEvent->registrationForm), 2, true); /* if ($this->arrSettings['paymentStatus'] == '1' && $objEvent->ticketSales && ($this->arrSettings['paymentBillStatus'] == '1' || $this->arrSettings['paymentYellowpayStatus'] == '1')) { $paymentMethods = '<select class="calendarSelect" name="paymentMethod">'; $paymentMethods .= $this->arrSettings['paymentBillStatus'] == '1' || $objEvent->price == 0 ? '<option value="1">'.$_ARRAYLANG['TXT_CALENDAR_PAYMENT_BILL'].'</option>' : ''; $paymentMethods .= $this->arrSettings['paymentYellowpayStatus'] == '1' && $objEvent->price > 0 ? '<option value="2">'.$_ARRAYLANG['TXT_CALENDAR_PAYMENT_YELLOWPAY'].'</option>' : ''; $paymentMethods .= '</select>'; $this->_objTpl->setVariable(array( 'TXT_'.$this->moduleLangVar.'_PAYMENT_METHOD' => $_ARRAYLANG['TXT_CALENDAR_PAYMENT_METHOD'], $this->moduleLangVar.'_PAYMENT_METHODS' => $paymentMethods, )); $this->_objTpl->parse('calendarRegistrationPayment'); } else { $this->_objTpl->hideBlock('calendarRegistrationPayment'); } */ if (!$userLogin) { $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], $this->moduleLangVar . '_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode())); $this->_objTpl->parse('calendarRegistrationCaptcha'); } else { $this->_objTpl->hideBlock('calendarRegistrationCaptcha'); } if (isset($_POST['submitRegistration']) && $captchaCheck) { $objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(intval($_POST['form'])); if ($objRegistration->save($_POST)) { if ($objRegistration->saveIn == 2) { $status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED_WAITLIST']; } else { if ($objRegistration->saveIn == 0) { $status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED_SIGNOFF']; } else { $status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED']; /* if($_POST["paymentMethod"] == 2) { $objRegistration->get($objRegistration->id); $objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($objRegistration->eventId); $this->getSettings(); $amount = (int) $objEvent->price * 100; $status .= \Cx\Modules\Calendar\Controller\CalendarPayment::_yellowpay(array("orderID" => $objRegistration->id, "amount" => $amount, "currency" => $this->arrSettings["paymentCurrency"], "language" => "DE")); } */ } } $this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $status)); $this->_objTpl->touchBlock('calendarRegistrationStatus'); $this->_objTpl->hideBlock('calendarRegistrationForm'); } else { $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ERROR' => '<span class="text-danger">' . $_ARRAYLANG['TXT_CALENDAR_CHECK_REQUIRED'] . '</span>')); $this->_objTpl->parse('calendarRegistrationForm'); $this->_objTpl->hideBlock('calendarRegistrationStatus'); } } else { $this->_objTpl->parse('calendarRegistrationForm'); $this->_objTpl->hideBlock('calendarRegistrationStatus'); } } else { $this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_FULLY_BLOCKED'])); $this->_objTpl->touchBlock('calendarRegistrationStatus'); $this->_objTpl->hideBlock('calendarRegistrationForm'); } } else { $this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_IN_PAST'])); $this->_objTpl->touchBlock('calendarRegistrationStatus'); $this->_objTpl->hideBlock('calendarRegistrationForm'); } }
/** * checks input */ function checkInput() { global $_ARRAYLANG; $objValidator = new \FWValidator(); $captchaCheck = true; $_POST['forename'] = strip_tags(contrexx_stripslashes($_POST['forename'])); $_POST['name'] = strip_tags(contrexx_stripslashes($_POST['name'])); $_POST['comment'] = htmlentities(strip_tags(contrexx_stripslashes($_POST['comment'])), ENT_QUOTES, CONTREXX_CHARSET); $_POST['location'] = strip_tags(contrexx_stripslashes($_POST['location'])); $_POST['email'] = strip_tags(contrexx_stripslashes($_POST['email'])); $_POST['url'] = strip_tags(contrexx_stripslashes($_POST['url'])); if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { $captchaCheck = false; } if (empty($_POST['name']) || empty($_POST['forename'])) { $this->makeError($_ARRAYLANG['TXT_NAME']); } if (empty($_POST['comment'])) { $this->makeError($_ARRAYLANG['TXT_COMMENT']); } if (empty($_POST['malefemale'])) { $this->makeError($_ARRAYLANG['TXT_SEX']); } if (empty($_POST['location'])) { $this->makeError($_ARRAYLANG['TXT_LOCATION']); } if (!$objValidator->isEmail($_POST['email'])) { $this->makeError($_ARRAYLANG['TXT_EMAIL']); } if (empty($this->error) && $captchaCheck) { return true; } else { return false; } }
public function setWebsite($website) { $this->website = \FWValidator::getUrl($website); }
/** * Save the registration * * @param array $data posted data from the form * * @return boolean true if the registration saved, false otherwise */ function save($data) { global $objDatabase, $objInit, $_LANGID; /* foreach ($this->form->inputfields as $key => $arrInputfield) { if($arrInputfield['type'] == 'selectBillingAddress') { $affiliationStatus = $data['registrationField'][$arrInputfield['id']]; } } */ foreach ($this->form->inputfields as $key => $arrInputfield) { /* if($affiliationStatus == 'sameAsContact') { if($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']]) && $arrInputfield['affiliation'] != 'billing') { return false; } if($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail' && $arrInputfield['affiliation'] != 'billing') { $objValidator = new FWValidator(); if(!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) { return false; } } } else { */ if ($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']])) { return false; } if ($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail') { $objValidator = new \FWValidator(); if (!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) { return false; } } /* } */ } $regId = intval($data['regid']); $eventId = intval($data['id']); $formId = intval($data['form']); $eventDate = intval($data['date']); $userId = intval($data['userid']); $objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($eventId); if ($objEvent->seriesStatus && $objEvent->independentSeries) { $eventDate = isset($data['registrationEventDate']) ? contrexx_input2int($data['registrationEventDate']) : $eventDate; $endDate = new \DateTime(); $endDate->modify('+10 years'); $eventManager = new CalendarEventManager(null, $endDate); $eventManager->getEvent($objEvent, $eventDate, true); $objEvent = $eventManager->eventList[0]; if (empty($objEvent)) { return false; } } $query = ' SELECT `id` FROM `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field` WHERE `form` = ' . $formId . ' AND `type` = "seating" LIMIT 1 '; $objResult = $objDatabase->Execute($query); $numSeating = intval($data['registrationField'][$objResult->fields['id']]); $type = empty($regId) && intval($objEvent->getFreePlaces() - $numSeating) < 0 ? 2 : (isset($data['registrationType']) ? intval($data['registrationType']) : 1); $this->saveIn = intval($type); $paymentMethod = intval($data['paymentMethod']); $paid = intval($data['paid']); $hostName = 0; $ipAddress = 0; $key = $this->generateKey(); if ($regId == 0) { $submissionDate = $this->getDbDateTimeFromIntern($this->getInternDateTimeFromUser()); $query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration SET `event_id` = ' . $eventId . ', `submission_date` = "' . $submissionDate->format('Y-m-d H:i:s') . '", `date` = ' . $eventDate . ', `host_name` = "' . $hostName . '", `ip_address` = "' . $ipAddress . '", `type` = ' . $type . ', `key` = "' . $key . '", `user_id` = ' . $userId . ', `lang_id` = ' . $_LANGID . ', `export` = 0, `payment_method` = ' . $paymentMethod . ', `paid` = ' . $paid . ' '; $objResult = $objDatabase->Execute($query); if ($objResult !== false) { $this->id = $objDatabase->Insert_ID(); } else { return false; } } else { $query = 'UPDATE `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration` SET `event_id` = ' . $eventId . ', `date` = ' . $eventDate . ', `host_name` = ' . $hostName . ', `ip_address` = ' . $ipAddress . ', `key` = "' . $key . '", `user_id` = ' . $userId . ', `type` = ' . $type . ', `lang_id` = ' . $_LANGID . ', `payment_method` = ' . $paymentMethod . ', `paid` = ' . $paid . ' WHERE `id` = ' . $regId; $objResult = $objDatabase->Execute($query); if ($objResult === false) { return false; } } if ($regId != 0) { $this->id = $regId; $deleteQuery = 'DELETE FROM ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value WHERE `reg_id` = ' . $this->id; $objDeleteResult = $objDatabase->Execute($deleteQuery); if ($objDeleteResult === false) { return false; } } foreach ($this->form->inputfields as $key => $arrInputfield) { $value = $data['registrationField'][$arrInputfield['id']]; $id = $arrInputfield['id']; if (is_array($value)) { $subvalue = array(); foreach ($value as $key => $element) { if (!empty($data['registrationFieldAdditional'][$id][$element - 1])) { $subvalue[] = $element . '[[' . $data['registrationFieldAdditional'][$id][$element - 1] . ']]'; } else { $subvalue[] = $element; } } $value = join(",", $subvalue); } else { if (isset($data['registrationFieldAdditional'][$id][$value - 1])) { $value = $value . "[[" . $data['registrationFieldAdditional'][$id][$value - 1] . "]]"; } } $query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value (`reg_id`, `field_id`, `value`) VALUES (' . $this->id . ', ' . $id . ', "' . contrexx_input2db($value) . '")'; $objResult = $objDatabase->Execute($query); if ($objResult === false) { return false; } } if ($objInit->mode == 'frontend') { $objMailManager = new \Cx\Modules\Calendar\Controller\CalendarMailManager(); $templateId = $objEvent->emailTemplate[FRONTEND_LANG_ID]; $objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_CONFIRM_REG, $this->id, $templateId); $objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_ALERT_REG, $this->id); } return true; }
/** * This function returns the ViewGeneration options for a given entityClass * * @access protected * @global $_ARRAYLANG * @param $entityClassName contains the FQCN from entity * @return array with options */ protected function getViewGeneratorOptions($entityClassName) { global $_ARRAYLANG; $classNameParts = explode('\\', $entityClassName); $classIdentifier = end($classNameParts); $langVarName = 'TXT_' . strtoupper($this->getType() . '_' . $this->getName() . '_ACT_' . $classIdentifier); $header = ''; if (isset($_ARRAYLANG[$langVarName])) { $header = $_ARRAYLANG[$langVarName]; } switch ($entityClassName) { case 'Cx\\Modules\\Order\\Model\\Entity\\Order': return array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_ACT_DEFAULT'], 'functions' => array('add' => true, 'edit' => true, 'delete' => true, 'sorting' => true, 'paging' => true, 'filtering' => false), 'fields' => array('contactId' => array('header' => 'contactId', 'table' => array('parse' => function ($value) { global $_ARRAYLANG; $userId = \Cx\Modules\Crm\Controller\CrmLibrary::getUserIdByCrmUserId($value); $userName = \FWUser::getParsedUserTitle($userId); $crmDetailLink = "<a href='index.php?cmd=Crm&act=customers&tpl=showcustdetail&id={$value}'\n title='{$_ARRAYLANG['TXT_MODULE_ORDER_CRM_CONTACT']}'>\n <img\n src='" . \Env::get('cx')->getCodeBaseCoreWebPath() . "/Core/View/Media/navigation_level_1_189.png'\n width='16' height='16'\n alt='{$_ARRAYLANG['TXT_MODULE_ORDER_CRM_CONTACT']}'\n />\n </a>"; $url = "<a href='index.php?cmd=Access&act=user&tpl=modify&id={$userId}'\n title='{$_ARRAYLANG['TXT_MODULE_ORDER_MODIY_USER_ACCOUNT']}'>" . $userName . "</a>" . $crmDetailLink; return $url; })), 'subscriptions' => array('header' => 'subscriptions', 'table' => array('parse' => function ($subscriptions) { $result = array(); foreach ($subscriptions as $subscription) { $productEntity = $subscription->getProductEntity(); if (!$productEntity) { continue; } $productEntityName = $subscription->getProduct()->getName(); $productEditLink = $productEntity; if (method_exists($productEntity, 'getEditLink')) { $productEditLink = $productEntity->getEditLink(); } $subscriptionEditUrl = '<a href=index.php?cmd=Order&act=subscription&editid=' . $subscription->getId() . '>' . $productEntityName . '</a>'; $result[] = $subscriptionEditUrl . ' (' . $productEditLink . ')'; } return implode(', ', $result); })))); break; case 'Cx\\Modules\\Order\\Model\\Entity\\Subscription': return array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_ACT_SUBSCRIPTION'], 'functions' => array('add' => true, 'edit' => true, 'delete' => true, 'sorting' => true, 'paging' => true, 'filtering' => false), 'fields' => array('id' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_ID']), 'subscriptionDate' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_DATE']), 'expirationDate' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_EXPIRATION_DATE']), 'productEntityId' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_PRODUCT_ENTITY'], 'table' => array('parse' => function ($value, $rowData) { $subscriptionRepo = \Env::get('em')->getRepository('Cx\\Modules\\Order\\Model\\Entity\\Subscription'); $subscription = $subscriptionRepo->findOneBy(array('id' => $rowData['id'])); $productEntity = $subscription->getProductEntity(); if (!$productEntity) { return; } $productEditLink = $productEntity; if (method_exists($productEntity, 'getEditLink')) { $productEditLink = $productEntity->getEditLink(); } return $productEditLink; })), 'paymentAmount' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_PAYMENT_AMOUNT'], 'table' => array('parse' => function ($value, $rowData) { if (\FWValidator::isEmpty(floatval($value))) { return null; } $subscriptionRepo = \Env::get('em')->getRepository('Cx\\Modules\\Order\\Model\\Entity\\Subscription'); $subscription = $subscriptionRepo->findOneBy(array('id' => $rowData['id'])); $currency = ''; $order = $subscription->getOrder(); if ($order) { $currency = !\FWValidator::isEmpty($order->getCurrency()) ? $order->getCurrency() : ''; } $paymentInterval = $subscription->getRenewalUnit(); return $value . ' ' . $currency . ' / ' . $paymentInterval; })), 'renewalUnit' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_RENEWAL_UNIT'], 'table' => array('parse' => function ($value, $rowData) { if (empty($value)) { return null; } $subscriptionRepo = \Env::get('em')->getRepository('Cx\\Modules\\Order\\Model\\Entity\\Subscription'); $subscription = $subscriptionRepo->findOneBy(array('id' => $rowData['id'])); $renewalDate = ''; if ($subscription->getRenewalDate()) { $renewalDate = $subscription->getRenewalDate(); $quantifier = $subscription->getRenewalQuantifier(); $renewalDate->modify("-{$quantifier} {$value}"); return $renewalDate->format('d.M.Y H:i:s'); } return $renewalDate; })), 'renewalQuantifier' => array('showOverview' => false), 'renewalDate' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_RENEWAL_DATE']), 'description' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_DESCRIPTION']), 'state' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_STATE']), 'terminationDate' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_TERMI_DATE']), 'note' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_NOTE']), 'product' => array('header' => $_ARRAYLANG['TXT_MODULE_ORDER_SUBSCRIPTION_PRODUCT'], 'table' => array('parse' => function ($value, $rowData) { $subscriptionRepo = \Env::get('em')->getRepository('Cx\\Modules\\Order\\Model\\Entity\\Subscription'); $subscription = $subscriptionRepo->findOneBy(array('id' => $rowData['id'])); $product = $subscription->getProduct(); if (!$product) { return; } return $product->getName(); })), 'paymentState' => array('showOverview' => false), 'externalSubscriptionId' => array('showOverview' => false), 'order' => array('showOverview' => false))); break; default: return array('header' => $header, 'functions' => array('add' => true, 'edit' => true, 'delete' => true, 'sorting' => true, 'paging' => true, 'filtering' => false)); } }
/** * Upload Finished callback * * This is called as soon as uploads have finished. * takes care of moving them to the right folder * * @param string $tempPath Path to the temporary directory containing the files at this moment * @param string $tempWebPath Points to the same folder as tempPath, but relative to the webroot * @param array $data Data given to setData() when creating the uploader * @param string $uploadId unique session id for the current upload * @param array $fileInfos uploaded file informations * @param array $response uploaded status * * @return array path and webpath */ public static function uploadFinished($tempPath, $tempWebPath, $data, $uploadId, $fileInfos, $response) { $path = $data['path']; $webPath = $data['webPath']; $objCategory = Category::getCategory($data['category_id']); // check for sufficient permissions if ($objCategory->getAddFilesAccessId() && !\Permission::checkAccess($objCategory->getAddFilesAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != \FWUser::getFWUserObject()->objUser->getId()) { return; } //we remember the names of the uploaded files here. they are stored in the session afterwards, //so we can later display them highlighted. $arrFiles = array(); $uploadFiles = array(); //rename files, delete unwanted $arrFilesToRename = array(); //used to remember the files we need to rename $h = opendir($tempPath); if (!$h) { return array($path, $webPath); } while (false !== ($file = readdir($h))) { //skip . and .. if ($file == '.' || $file == '..') { continue; } try { //delete potentially malicious files $objTempFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $file); if (!\FWValidator::is_file_ending_harmless($file)) { $objTempFile->delete(); continue; } $cleanFile = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($file); if ($cleanFile != $file) { $objTempFile->rename($tempPath . '/' . $cleanFile, false); $file = $cleanFile; } $info = pathinfo($file); //check if file needs to be renamed $newName = ''; $suffix = ''; if (file_exists($path . '/' . $file)) { $suffix = '_' . time(); $newName = $info['filename'] . $suffix . '.' . $info['extension']; $arrFilesToRename[$file] = $newName; array_push($arrFiles, $newName); } if (!isset($arrFilesToRename[$file])) { array_push($uploadFiles, $file); } //rename files where needed foreach ($arrFilesToRename as $oldName => $newName) { $objTempFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $oldName); $objTempFile->rename($tempPath . '/' . $newName, false); array_push($uploadFiles, $newName); } //move file from temp path into target folder $objImage = new \ImageManager(); foreach ($uploadFiles as $fileName) { $objFile = new \Cx\Lib\FileSystem\File($tempPath . '/' . $fileName); $objFile->move($path . '/' . $fileName, false); \Cx\Core\Core\Controller\Cx::instanciate()->getMediaSourceManager()->getThumbnailGenerator()->createThumbnailFromPath($path . '/' . $fileName); } } catch (\Cx\Lib\FileSystem\FileSystemException $e) { \DBG::msg($e->getMessage()); } $objDownloads = new downloads(''); $objDownloads->addDownloadFromUpload($info['filename'], $info['extension'], $suffix, $objCategory, $objDownloads, $fileInfos['name']); } return array($path, $webPath); }
/** * Copy the Upload the image to the path * Note: validation should be done before calling this function * * @param string $filePath Temp path of the uploaded media * * @return boolean|string relative path of the uploaded file, false otherwise */ function uploadMedia($filePath) { if ($filePath == '' || !\FWValidator::is_file_ending_harmless($filePath)) { return false; } $fileName = basename($filePath); //get extension $arrFileInfo = pathinfo($fileName); $fileExtension = !empty($arrFileInfo['extension']) ? '.' . $arrFileInfo['extension'] : ''; $fileBasename = $arrFileInfo['filename']; $randomSum = rand(10, 99); //encode filename if ($this->arrSettings['settingsEncryptFilenames'] == 1) { $fileName = md5($randomSum . $fileBasename) . $fileExtension; } //check filename if (file_exists($this->imagePath . 'uploads/' . $fileName)) { $fileName = $fileBasename . '_' . time() . $fileExtension; } //upload file if (\Cx\Lib\FileSystem\FileSystem::copy_file($filePath, $this->imagePath . 'uploads/' . $fileName) !== false) { $objFile = new \File(); $objFile->setChmod($this->imagePath, $this->imageWebPath, 'uploads/' . $fileName); return $this->imageWebPath . 'uploads/' . $fileName; } else { return false; } }
/** * upload media * * upload added media * * @access public * @return string $fileName */ function uploadMedia($name, $path) { //check file array if (isset($_FILES) && !empty($_FILES)) { //get file info $status = ""; $tmpFile = $_FILES[$name]['tmp_name']; $fileName = $_FILES[$name]['name']; $fileType = $_FILES[$name]['type']; $this->fileSize = $_FILES[$name]['size']; if ($fileName != "" && \FWValidator::is_file_ending_harmless($fileName)) { //check extension $info = pathinfo($fileName); $exte = $info['extension']; $exte = !empty($exte) ? '.' . $exte : ''; $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte)); $rand = rand(10, 99); $arrSettings = $this->getSettings(); if ($arrSettings['encodeFilename']['value'] == 1) { $fileName = md5($rand . $part1) . $exte; } //check file if (file_exists($this->mediaPath . $path . $fileName)) { // TODO: $x is never set! // $fileName = $part1 . '_' . (time() + $x) . $exte; $fileName = $part1 . '_' . time() . $exte; } //check extension $info = pathinfo($fileName); $exte = $info['extension']; $exte = !empty($exte) ? '.' . $exte : ''; $part1 = substr($fileName, 0, strlen($fileName) - strlen($exte)); $rand = rand(10, 99); $arrSettings = $this->getSettings(); if ($arrSettings['encodeFilename']['value'] == 1) { $fileName = md5($rand . $part1) . $exte; } //check file if (file_exists($this->mediaPath . $path . $fileName)) { // TODO: $x is never set! // $fileName = $part1 . '_' . (time() + $x) . $exte; $fileName = $part1 . '_' . time() . $exte; } //upload file if (@move_uploaded_file($tmpFile, $this->mediaPath . $path . $fileName)) { $obj_file = new \File(); $obj_file->setChmod($this->mediaPath, $this->mediaWebPath, $path . $fileName); $status = $fileName; } else { $status = "error"; } //make thumb if (($fileType == "image/gif" || $fileType == "image/jpeg" || $fileType == "image/jpg" || $fileType == "image/png") && $path != "uploads/") { $this->createThumb($fileName, $path); } } else { $status = "error"; } } return $status; }