コード例 #1
0
ファイル: sendmail.adm.class.php プロジェクト: Sywooch/dobox 
 /**
  * Редактирование шаблона письма. 
  * @param string $sTemplateKey(tpl) ключ шаблона
  */
 function template_edit()
 {
     if (!$this->haveAccessTo('templates-edit')) {
         return $this->showAccessDenied();
     }
     $sTemplateKey = Func::POSTGET('tpl', true);
     if (empty($sTemplateKey)) {
         $this->adminRedirect(Errors::IMPOSSIBLE, 'template_listing');
     }
     $aTemplateData = $this->getMailTemplateFromFile($sTemplateKey);
     if (bff::$isPost) {
         $aTemplateData['body'] = Func::POST('tpl_body', true);
         $aTemplateData['subject'] = Func::POST('tpl_subject', true);
         if ($aTemplateData['body'] == '') {
             $this->errors->set('no_tpl');
         } else {
             if (get_magic_quotes_gpc()) {
                 $aTemplateData['body'] = stripslashes($aTemplateData['body']);
             }
             $this->saveMailTemplateToFile($sTemplateKey, $aTemplateData);
             $this->adminRedirect(Errors::SUCCESSFULL, 'template_listing');
         }
     }
     $aTemplateData['body'] = htmlspecialchars($aTemplateData['body']);
     $this->tplAssign('aData', array('keyword' => $sTemplateKey, 'description' => $this->aTemplates[$sTemplateKey]['description'], 'vars' => $this->aTemplates[$sTemplateKey]['vars'], 'title' => $this->aTemplates[$sTemplateKey]['title'], 'tpl' => $aTemplateData, 'clientside' => 0));
     return $this->tplFetch('admin.template.form.tpl', PATH_CORE . 'modules/sendmail/tpl/' . LANG_DEFAULT . '/');
 }
コード例 #2
0
ファイル: ban.adm.class.php プロジェクト: Sywooch/dobox 
 function users()
 {
     if (!$this->haveAccessTo('ban')) {
         return $this->showAccessDenied();
     }
     $aData = array();
     if (Func::isPostMethod()) {
         if (Func::POST('action') == 'massdel') {
             $mBanID = func::POST('banid', false);
             $this->removeBan($mBanID);
         } else {
             $sMode = Func::POST('banmode');
             if (empty($sMode)) {
                 $sMode = 'ip';
             }
             $ban = func::POST('ban_' . $sMode, true);
             $nBanPeriod = func::POST('banlength', false, true);
             $nBanPeriodDate = func::POST('bandate', true);
             $nExclude = func::POST('exclude') ? 1 : 0;
             $sDescription = func::POST('description', true);
             $sReason = func::POST('reason', true);
             if (!empty($ban)) {
                 $this->createBan($sMode, $ban, $nBanPeriod, $nBanPeriodDate, $nExclude, $sDescription, $sReason);
                 $this->adminRedirect(Errors::SUCCESSFULL, 'users');
             }
         }
     }
     $aBanEndText = array(0 => 'бессрочно', 30 => '30 минут', 60 => '1 час', 360 => '6 часов', 1440 => '1 день', 10080 => '7 дней', 20160 => '2 недели', 40320 => '1 месяц');
     /*                                     
        `uid` int(11) unsigned NOT NULL default '0',
        `ip` varchar(40) NOT NULL default '',
        `email` varchar(100) NOT NULL default '',
        `started` int(11) unsigned NOT NULL default '0',
        `finished` int(11) unsigned NOT NULL default '0',
        `exclude` tinyint(1) unsigned NOT NULL default '0',
        `description` varchar(255) NOT NULL default '',
        `reason` varchar(255) NOT NULL default '',
        `status` tinyint(1) unsigned NOT NULL default '0',  
     */
     $aData['bans'] = $this->db->select('SELECT B.* 
                                    FROM ' . TABLE_USERS_BANLIST . ' B
                                    WHERE (B.finished >= ' . time() . ' OR B.finished = 0) 
                                    ORDER BY B.ip, B.email');
     foreach ($aData['bans'] as $key => &$ban) {
         $timeLength = $ban['finished'] ? ($ban['finished'] - $ban['started']) / 60 : 0;
         $ban['till'] = isset($aBanEndText[$timeLength]) ? $aBanEndText[$timeLength] : '';
         $ban['finished_formated'] = date('Y-m-d H:i:s', $ban['finished']);
         //0000-00-00 00:00:00
     }
     $this->tplAssign('aData', $aData);
     $this->adminCustomCenterArea();
     return $this->tplFetch('admin.listing.tpl');
 }
コード例 #3
0
ファイル: users.class.php プロジェクト: Sywooch/dobox 
 function login()
 {
     if ($this->security->isLogined()) {
         Func::JSRedirect(SITEURL);
     }
     config::set('title', 'Авторизация - ' . config::get('title', ''));
     $sEmail = '';
     if (Func::isPostMethod()) {
         $sEmail = Func::POST('email', true);
         if (!$sEmail) {
             $this->errors->set('no_email');
         }
         $sPassword = Func::POST('password', true);
         if (!$sPassword) {
             $this->errors->set('no_password');
         }
         if ($this->errors->no()) {
             $sBlocked = $this->security->checkBan(false, func::getRemoteAddress(), false, true);
             if ($sBlocked) {
                 return $this->showForbidden('В доступе отказано', $sBlocked);
             }
             $nResult = $this->userAUTH($sEmail, $sPassword, null, true);
             if ($nResult == 0) {
                 $this->errors->set('email_and_password_unknow', '', false, $sEmail);
             } else {
                 if ($nResult == -1) {
                     return $this->showForbidden('аккаунт заблокирован', 'Аккаунт заблокирован');
                 } else {
                     if ($nResult == -2) {
                         return $this->showForbidden('аккаунт удален', 'Аккаунт удален');
                     } else {
                         if (array_key_exists('remember_me', $_POST)) {
                             $this->security->setRememberMe('u', $sLogin, $sPassword);
                         }
                         $sRedirectURL = $_SERVER['HTTP_REFERER'];
                         if ($sRedirectURL == SITEURL . '/user/login/' || $sRedirectURL == SITEURL . '/user/registration/') {
                             $sRedirectURL = SITEURL . '/user/profile/';
                         }
                         Func::JSRedirect($sRedirectURL);
                     }
                 }
             }
         }
         $aData = $_POST;
     }
     $this->tplAssign('email', $sEmail);
     $this->tplAssign('aErrors', $this->errors->show());
     return $this->tplFetch('member.login.tpl');
 }
コード例 #4
0
ファイル: sitemap.adm.class.php プロジェクト: Sywooch/dobox 
 function edit()
 {
     if (!$this->haveAccessTo('edit')) {
         return $this->showAccessDenied();
     }
     if (($nRecordID = Func::POSTGET('rec', false, true)) <= 0) {
         $this->adminRedirect(Errors::IMPOSSIBLE);
     }
     $aData = array('pid_options' => '');
     if (Func::isPostMethod()) {
         $sMenuTitle = Func::POST('menu_title', true);
         $sKeyword = Func::POST('keyword', true);
         $sMetaKeywords = Func::POST('mkeywords', true);
         $sMetaDescription = Func::POST('mdescription', true);
         $sMenuTarget = Func::POST('menu_target');
         if (!in_array($sMenuTarget, array('_self', '_blank'))) {
             $sMenuTarget = '_self';
         }
         $sMenuLink = Func::POST('menu_link', true);
         if (!$sMenuTitle || !trim($sMenuTitle)) {
             $this->errors->set('empty:title');
         }
         if ($this->errors->no()) {
             $sQuery = 'UPDATE ' . TABLE_SITEMAP . '
                         SET menu_title = ' . $this->db->str2sql($sMenuTitle) . ',
                             ' . (FORDEV ? 'keyword = ' . $this->db->str2sql($sKeyword) . ', ' : '') . '
                             menu_link = ' . $this->db->str2sql($sMenuLink) . ',   
                             menu_target=' . $this->db->str2sql($sMenuTarget) . ',
                             mkeywords = ' . $this->db->str2sql($sMetaKeywords) . ',
                             mdescription = ' . $this->db->str2sql($sMetaDescription) . '
                         WHERE node_id=' . $nRecordID;
             $this->db->execute($sQuery);
             $this->adminRedirect(Errors::SUCCESSFULL);
         }
         $aData = $_POST;
         $aData['id'] = $nRecordID;
     } else {
         $sQuery = 'SELECT *
                     FROM ' . TABLE_SITEMAP_TREE . ' T,
                          ' . TABLE_SITEMAP . ' I
                     WHERE T.id=' . $nRecordID . ' AND I.node_id = T.id';
         $aData = $this->db->one_array($sQuery);
         $aData = func::array_2_htmlspecialchars($aData);
     }
     $aParentsID = $this->tree_getNodeParentsID($aData['id']);
     if (!empty($aParentsID)) {
         $sQuery = 'SELECT menu_title
                    FROM ' . TABLE_SITEMAP_TREE . ' T,
                         ' . TABLE_SITEMAP . ' I
                    WHERE id IN (' . implode(',', $aParentsID) . ') AND I.node_id = T.id
                    ORDER BY T.id';
         $aData['pid_options'] = '' . ucwords(implode(' > ', $this->db->select_one_column($sQuery))) . '';
     }
     $this->tplAssign('aData', $aData);
     $this->tplAssign('target_options', $this->getTargetsOptions($this->aTargets, $aData['menu_target']));
     $this->tplAssign('rec', $nRecordID);
     return $this->tplFetch('admin.edit.tpl');
 }
コード例 #5
0
ファイル: users.adm.class.php プロジェクト: Sywooch/dobox 
 function profile()
 {
     if (!$this->haveAccessTo('profile')) {
         return $this->showAccessDenied();
     }
     $bChangeLogin = 0;
     //1 - для изменения логина
     $nUserID = $this->security->getUserID();
     if (!$nUserID) {
         $this->adminRedirect(Errors::IMPOSSIBLE, 'login');
     }
     if (Func::isPostMethod()) {
         $sEmail = Func::POST('email', true);
         $nEmailHash = Func::getEmailHash($sEmail);
         if (!$sEmail || !Func::IsEmailAddress($sEmail)) {
             $this->errors->set('no_email');
         }
         $bChangePassword = Func::POST('changepass');
         if ($this->errors->no() && $bChangePassword == 1) {
             $sPasswordCur = Func::POST('password0', true);
             $sPassword1 = Func::POST('password1', true);
             $sPassword2 = Func::POST('password2', true);
             if (empty($sPasswordCur)) {
                 $this->errors->set('no_password_current');
             }
             $sPasswordCurReal = $this->db->one_data('SELECT password FROM ' . TABLE_USERS . ' WHERE user_id=' . $nUserID . ' LIMIT 1');
             if ($sPasswordCurReal != $this->security->getUserPasswordMD5($sPasswordCur)) {
                 $this->errors->set('current_password_missmatch');
             } else {
                 if (!$sPassword1) {
                     $this->errors->set('no_password_new');
                 } elseif ($sPassword1 !== $sPassword2) {
                     $this->errors->set('password_confirmation');
                 }
             }
         }
         if ($this->errors->no() && $bChangeLogin) {
             $sLogin = Func::POST('login', true);
             if (!$sLogin) {
                 $this->errors->set('no_login');
             } elseif (!Func::checkLoginName($sLogin)) {
                 $this->errors->set('login_please_use_simple_chars');
             }
             //check if login exist
             $res = $this->db->one_data('SELECT user_id FROM ' . TABLE_USERS . ' 
                                    WHERE login='******'login_exists');
             }
         }
         if ($this->errors->no()) {
             $sQuery = 'UPDATE ' . TABLE_USERS . '
                        SET email = ' . $this->db->str2sql($sEmail) . '
                             ' . ($bChangeLogin ? ' , login = '******' ' : '') . ' 
                             ' . ($bChangePassword ? ' , password = '******' ' : '') . '
                        WHERE user_id=' . $nUserID;
             $this->db->execute($sQuery);
             $this->security->expire();
             $this->adminRedirect(Errors::SUCCESSFULL, 'profile');
         }
     }
     $aData = array('user_id' => $nUserID, 'login' => $this->security->getUserLogin(), 'avatar' => $this->security->getUserInfo('avatar'), 'email' => $this->security->getUserEmail(), 'tuid' => $this->makeTUID($nUserID), 'changelogin' => $bChangeLogin);
     $this->tplAssign('aData', $aData);
     return $this->tplFetch('admin.profile.tpl');
 }
コード例 #6
0
ファイル: dev.adm.class.php プロジェクト: Sywooch/dobox 
 function mm_add()
 {
     if (!FORDEV || !$this->security->isSuperAdmin()) {
         return $this->showAccessDenied();
     }
     $aData = array('method' => '', 'title' => '', 'module' => '');
     if (Func::isPostMethod()) {
         $sMethod = Func::POST('method', true);
         $sTitle = Func::POST('title', true);
         $sModule = $this->db->str2sql(Func::POST('module'));
         Func::setSESSION('save_module', $sModule);
         if (!$sMethod) {
             $sMethod = $sModule;
         }
         if (!$sTitle) {
             $sTitle = ucwords($sModule . ' ' . $sMethod);
         }
         //get max module number
         $nNumber = (int) $this->db->one_data('SELECT max(number) FROM ' . TABLE_MODULE_METHODS . " \n                                            WHERE module={$sModule} AND method!={$sModule} ");
         $nNumber++;
         //insert module-method
         $this->db->execute('INSERT INTO ' . TABLE_MODULE_METHODS . " (module, method, title, number)\n                       VALUES ({$sModule}, " . $this->db->str2sql($sMethod) . ', ' . $this->db->str2sql($sTitle) . ", {$nNumber})");
         if ($this->errors->no()) {
             $this->adminRedirect(Errors::SUCCESSFULL, 'mm_listing');
         }
     }
     if (!$aData['module']) {
         $aData['module'] = Func::SESSION('save_module');
     }
     $aModules = CDir::getDirs(PATH_MODULES, false, false, false);
     foreach ($aModules as $k => $v) {
         if ($v[0] != '.' && $v[0] != '_') {
             $aModules[$v] = $v;
         }
         unset($aModules[$k]);
     }
     $this->tplAssign(array('aModules' => $aModules, 'aData' => $aData));
     return $this->tplFetch('admin.mm.create.tpl');
 }
コード例 #7
0
ファイル: banners.adm.class.php プロジェクト: Sywooch/dobox 
 function ajax()
 {
     switch (Func::POSTGET('act')) {
         case 'position_toggle':
             if (!$this->haveAccessTo('edit')) {
                 $this->ajaxResponse(Errors::ACCESSDENIED);
             }
             $sKey = Func::POST('keyword', true);
             if (empty($sKey) || !isset($this->positions[$sKey])) {
                 $this->errors->set(Errors::IMPOSSIBLE);
                 $this->ajaxResponse(null);
             } else {
                 $this->positions[$sKey]['enabled'] = $this->positions[$sKey]['enabled'] == 1 ? 0 : 1;
                 $this->savePositions($this->positions);
                 $this->ajaxResponse($this->positions[$sKey]['enabled'] == 1 ? 'Y' : 'N');
             }
             break;
         case 'banner_toggle':
             if (!$this->haveAccessTo('edit')) {
                 $this->ajaxResponse(Errors::ACCESSDENIED);
             }
             $nRecordID = Func::POSTGET('rec', false, true);
             if (!$nRecordID) {
                 $this->ajaxResponse(Errors::IMPOSSIBLE);
             }
             $aBnInfo = $this->db->one_array('SELECT position, enabled FROM ' . TABLE_BANNERS . ' WHERE id =' . $nRecordID);
             /* Проверка возможно ли включить баннер( не используется ли на неротируемой позиции другой баннер) */
             if ($aBnInfo['enabled'] == 0 && $this->checkRotation($aBnInfo['position'])) {
                 $this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET enabled= 1 WHERE id=' . $nRecordID);
             } elseif ($aBnInfo['enabled'] == 1) {
                 $this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET enabled= 0 WHERE id=' . $nRecordID);
             } else {
                 $this->errors->set('no_rotation');
                 $this->ajaxResponse(0);
             }
             $this->ajaxResponse($aBnInfo['enabled'] == 0 ? 'Y' : 'N');
             break;
     }
     $this->ajaxResponse(Errors::IMPOSSIBLE);
 }