function _languageFooterSelectorDropDown() { $words = new MOD_words(); $langsel = ''; $request_string = htmlspecialchars(implode('/', PVars::get()->request), ENT_QUOTES); $langsel = ' <select id="language" name="language" class="combo" onchange="window.location.href=this.value; return false">'; $langsel .= _languageOptions($words) . '</select>'; return $langsel; }
/** * @param string $category optional value to set the page of the texts * we're looking for (this needs an additional column in the * words table) */ public function __construct($category = null) { $this->_lang = PVars::get()->lang; $this->WordMemcache = new MOD_bw_memcache("words", "Sentence", "code"); if (!empty($category)) { $this->_whereCategory = ' `category`=\'' . $category . '\''; } if (isset($_SESSION['IdLanguage'])) { $this->_langWrite = $_SESSION['IdLanguage']; } else { $this->_langWrite = 0; } $db_vars = PVars::getObj('config_rdbms'); if (!$db_vars) { throw new PException('DB config error!'); } $dao = PDB::get($db_vars->dsn, $db_vars->user, $db_vars->password); $this->_dao =& $dao; $R = MOD_right::get(); if ($R->hasRight("Words", $this->_lang)) { $this->_offerTranslationLink = true; } // read translation mode from $_SESSION['tr_mode'] if (array_key_exists("tr_mode", $_SESSION)) { $this->_trMode = $_SESSION['tr_mode']; } else { if (array_key_exists("tr_mode", $_SESSION)) { $this->_trMode = $_SESSION['tr_mode']; } else { if ($this->_offerTranslationLink) { $this->_trMode = 'translate'; } else { $this->_trMode = 'browse'; } } } switch ($this->_trMode) { case 'browse': case 'proofread': // not yet implemented break; case 'edit': case 'translate': if ($this->_offerTranslationLink) { break; } default: if ($this->_offerTranslationLink) { $this->_trMode = 'translate'; } else { $this->_trMode = 'browse'; } } }
public function __construct($file) { $this->_lang = PVars::get()->lang; // $fallbackLangFile = TEXT_DIR.$this->_fallbackLang.'/'.$file; // $langFile = TEXT_DIR.$this->_lang.'/'.$file; //if (!file_exists($fallbackLangFile) || !is_readable($fallbackLangFile)) // throw new PException('Fallback language file not found!'); //if (!file_exists($langFile) || !is_readable($langFile)) // $langFile = $fallbackLangFile; //$this->langFile = $langFile; //$this->fallbackLangFile = $fallbackLangFile; }
public static function get() { if (!isset(self::$_instance) || get_class(self::$_instance) != __CLASS__) { if (isset($_SESSION) && is_array($_SESSION) && array_key_exists('PostHandler', $_SESSION) && !empty($_SESSION['PostHandler'])) { self::$_instance = unserialize($_SESSION['PostHandler']); unset($_SESSION['PostHandler']); } else { $c = __CLASS__; self::$_instance = new $c(); } } if (self::$_instance->_postHandling) { return false; } if (is_array($_POST) && count($_POST) > 0) { self::$_instance->_postHandling = true; self::$_instance->save(); $_SESSION['PostHandler'] = serialize(self::$_instance); $req = $_SERVER['REQUEST_URI']; if (!PVars::get()->cookiesAccepted) { $req = parse_url($req); $query = array(); if (isset($request['query'])) { parse_str($request['query'], $query); } if (is_array($query) && !array_key_exists(session_name(), $query)) { $query[session_name()] = session_id(); $queries = array(); foreach ($query as $k => $q) { $queries[] = $k . '=' . $q; } $req['query'] = implode('&', $queries); } $req = PFunctions::glueParsedUrl($req); } session_write_close(); header('Location: ' . $req); PPHP::PExit(); } else { $_SESSION['PostHandler'] = serialize(self::$_instance); self::$_instance->_postHandling = false; } return self::$_instance; }
/** * central starting point. * to be called in htdocs/index.php */ function launch() { $env_explore = $this->initializeGlobalState(); try { // find an app and run it. $this->chooseAndRunApplication($env_explore); } catch (Exception $e) { ExceptionLogger::logException($e); $debug = true; if (class_exists('PVars') && !($debug = PVars::get()->debug)) { $debug = false; } if (class_exists('ExceptionPage') && $debug) { $page = new ExceptionPage(); $page->exception = $e; $page->render(); } elseif ($debug) { echo ' <h2>A terrible ' . get_class($e) . ' was thrown</h2> <p>RoxLauncher is feeling sorry.</p> <pre>'; print_r($e); echo ' </pre>'; } else { echo <<<HTML <html> <head><title>BeWelcome</title></head> <body style="width:100%; margin: 0; padding: 0; background: #f7f7f7 url(../images/bggrey.png) top left "> <div style="background: #f37000; border-bottom: 1px solid white; height: 49px"> <div style="margin:0 auto; width:960px;"> <div style="margin:0 auto;"><img style="padding: 7px;" src="../images/logo_index_top.png" /></div> </div> </div> <div style="margin:0 auto; width:960px;"><h1>Well,</h1> <p>this is awkward. We couldn't serve your page.</p> <p>You might have found a bug or our server is currently updating some really important stuff to keep it secure.</p> <p>Please try again in a minute or two.</p></div></div> </html> HTML; } } }
protected function setBaseUri() { $env = PVars::get()->env; $override_conds = isset($env["baseuri_override"]) && $env["baseuri_override"]; $http_ref_conds = isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], 'http://') !== false; //sometimes we will be sending data via ssl even while the user //is browsing on http. the http_referer conditions keep user from //being automatically rerouted onto https $https_conds = isset($_SERVER['HTTPS']) && isset($env["baseuri_https"]) && $env["baseuri_https"] && !$http_ref_conds; $http_conds = isset($env["baseuri_http"]) && $env["baseuri_http"]; if ($override_conds) { $env["baseuri"] = $env["baseuri_override"]; } elseif ($https_conds) { $env["baseuri"] = $env["baseuri_https"]; } elseif ($http_conds) { $env["baseuri"] = $env["baseuri_http"]; } else { //TODO: error logging } PVars::register('env', $env); }
<a style="display:inline" href="http://trac.bewelcome.org/">BW Rox</a> rev. <a href="http://github.com/BeWelcome/rox/commit/<?php echo $versionInfo; ?> "><?php echo $versionInfo; ?> </a> (<span title="<?php echo $deploymentDateTime; ?> "><?php echo $deploymentDate; ?> </span>)</em></p> <?php // List of DB queries with execution time if (PVars::get()->debug) { $R = MOD_right::get(); if ($R->HasRight("Debug", "DB_QUERY")) { ?> <p> <a style="cursor:pointer;" onclick="$('query_list').toggle();">DB queries</a> </p> <div id='query_list' style="display:none;"> <?php foreach ($query_list as $key => $query) { echo $key + 1 . ": {$query}<br />\n"; } } }
<div> <!-- Build: <?php echo PVars::get()->build; ?> Templates: <?php echo basename(TEMPLATE_DIR); ?> --> </div>
protected function debugInfo() { if (PVars::get()->debug) { require TEMPLATE_DIR . 'shared/roxpage/debuginfo.php'; } }
/** * Processing creation of a blog. * * This is a POST callback function. * * Sets following errors in POST vars: * title - invalid(empty) title. * text - invalid(empty) text. * startdate - wrongly formatted start date. * enddate - wrongly formatted end date. * duration - empty enddate and invalid duration. * category - category is not belonging to user. * trip - trip is not belonging to user. * inserror - error performing db insertion. * tagerror - error while updating tags. */ public function createProcess($args, $action, $mem_redirect, $mem_resend) { if (!($member = $this->_model->getLoggedInMember())) { return false; } $vars = $args->post; $mem_redirect->post = $args->post; if (isset($vars['txt'])) { $vars['txt'] = $this->_cleanupText($vars['txt']); } if (!$this->_validateVars($vars)) { return false; } if (!($userId = $member->id)) { $vars['errors'] = array('inserror'); return false; } $flags = 0; /* removed from use, referencing user app if (isset($vars['flag-sticky']) && $User->hasRight('write_sticky@blog')) { $flags = ($flags | Blog::FLAG_STICKY); } */ if (!isset($vars['vis'])) { $vars['vis'] = 'pub'; } // Default (if none set: public) switch ($vars['vis']) { case 'pub': break; case 'prt': $flags = $flags | Blog::FLAG_VIEW_PROTECTED; break; default: $flags = $flags | Blog::FLAG_VIEW_PRIVATE; break; } $trip = isset($vars['tr']) && strcmp($vars['tr'], '') != 0 ? (int) $vars['tr'] : false; $blogId = $this->_model->createEntry($flags, $userId, $trip); if (isset($vars['date']) && (strlen($vars['date']) <= 10 && strlen($vars['date']) > 8)) { list($day, $month, $year) = preg_split('/[\\/.-]/', $vars['date']); if (substr($month, 0, 1) == '0') { $month = substr($month, 1, 2); } if (substr($day, 0, 1) == '0') { $day = substr($day, 1, 2); } $start = mktime(0, 0, 0, (int) $month, (int) $day, (int) $year); $start = date('YmdHis', $start); } else { $start = false; } // Check if the location already exists in our DB and add it if necessary if ($vars['geonameid'] && $vars['latitude'] && $vars['longitude'] && $vars['geonamename'] && $vars['geonamecountrycode'] && $vars['admincode']) { $geoname_ok = $this->_model->checkGeonamesCache($vars['geonameid']); } else { $geoname_ok = false; } $start = is_null($start) ? false : $start; $geonameId = $geoname_ok ? $vars['geonameid'] : false; try { $this->_model->createData($blogId, $vars['t'], $vars['txt'], $start, $geonameId); } catch (PException $e) { if (PVars::get()->debug) { throw $e; } else { error_log($e->__toString()); } // rollback! $this->_model->deleteEntry($blogId); $vars['errors'] = array('inserror'); return false; } if ($trip) { $this->_model->setTripPosition($trip, $blogId); } if (!$this->_model->updateTags($blogId, explode(',', $vars['tags']))) { $vars['errors'] = array('tagerror'); return false; } // 'Touch' the corresponding trip! if ($trip) { $TripModel = new Trip(); $TripModel->touchTrip($trip); } $request = PRequest::get()->request; if ($request[0] == 'trip') { return implode('/', $request) . '/finish'; } return 'blog/create/finish/' . $blogId; }
public function query($query) { if (PVars::get()->debug) { $start_time = microtime(true); } $q = @mysql_query($query, $this->_dao->cr); if (!$q) { $e = new PException('MySQL error!', 1000); $e->addInfo('Statement: ' . $query); $e->addInfo($this->_dao->getErrNo()); $e->addInfo($this->_dao->getErrMsg()); throw $e; } $this->result = $q; $this->pos = 0; $q = PVars::get()->queries + 1; PVars::register('queries', $q); if (PVars::get()->debug) { $q = PVars::get()->query_history; $query_time = sprintf("%.1f", (microtime(true) - $start_time) * 1000); $q[] = "({$query_time} ms) {$query}"; PVars::register('query_history', $q); } return true; }
/** */ public function index() { $vw = new ViewWrap($this->_view); $P = PVars::getObj('page'); // First check if the feature is closed if ($_SESSION["Param"]->FeatureSearchPageIsClosed != 'No') { $P->content = $this->_view->showFeatureIsClosed(); return; } // end of test "if feature is closed" if (PPostHandler::isHandling()) { return; } $request = PRequest::get()->request; if (!isset($request[1])) { $request[1] = ''; } // Route quicksearch if ($request[0] == 'quicksearch') { $error = false; // static pages switch ($request[1]) { case '': $searchtext = isset($_GET["vars"]) ? $_GET['vars'] : ''; // Because of old way to use the QuickSearch with a get break; default: $searchtext = $request[1]; break; } $TReturn = $this->_model->quicksearch($searchtext); if (count($TReturn->TMembers) == 1 and count($TReturn->TPlaces) == 0 and count($TReturn->TForumTags) == 0) { $loc = "members/" . $TReturn->TMembers[0]->Username; header('Location: ' . $loc); PPHP::PExit(); } else { if (count($TReturn->TMembers) == 0 and count($TReturn->TPlaces) == 1 and count($TReturn->TForumTags) == 0) { $loc = $TReturn->TPlaces[0]->link; header('Location: ' . $loc); PPHP::PExit(); } else { if (count($TReturn->TMembers) == 0 and count($TReturn->TPlaces) == 0 and count($TReturn->TForumTags) == 1) { $loc = "forums/t" . $TReturn->TForumTags[0]->IdTag; header('Location: ' . $loc); PPHP::PExit(); } } } $P->content .= $vw->quicksearch_results($TReturn); return $P; } if ($request[0] != 'searchmembers') { header('Location: searchmembers'); PPHP::PExit(); } // fix a problem with Opera javascript, which sends a 'searchmembers/searchmembers/ajax' request if ($request[1] === 'searchmembers') { $request = array_slice($request, 1); } // default mapstyle: $mapstyle = 'mapon'; $queries = ''; $varsOnLoad = ''; $varsGet = ''; if (isset($request[1])) { switch ($request[1]) { case 'mapoff': $mapstyle = "mapoff"; $_SESSION['SearchMembersTList'] = array(); break; case 'mapon': $mapstyle = "mapon"; $_SESSION['SearchMembersTList'] = array(); break; case 'queries': if (PVars::get()->debug) { $R = MOD_right::get(); if ($R->HasRight("Debug", "DB_QUERY")) { $queries = true; $mapstyle = "mapoff"; } } break; default: if (isset($_SESSION['SearchMapStyle']) and $_SESSION['SearchMapStyle']) { $mapstyle = $_SESSION['SearchMapStyle']; } break; } } // Store the MapStyle in session $_SESSION['SearchMapStyle'] = $mapstyle; // Check wether there are latest search results and variables from the session if (!$queries && isset($_SESSION['SearchMembersTList'])) { if ($_SESSION['SearchMembersTList'] && $_SESSION['SearchMembersVars']) { $varsOnLoad = $_SESSION['SearchMembersVars']; } } switch ($request[1]) { case 'ajax': if (isset($request[2]) and $request[2] == "varsonload") { $vars['varsOnLoad'] = true; // Read the latest search results and variables from the session if (!empty($_SESSION['SearchMembersTList'])) { $TList = $_SESSION['SearchMembersTList']; } if (!empty($_SESSION['SearchMembersVars'])) { $vars = $_SESSION['SearchMembersVars']; } if (isset($request[3])) { $vars['OrderBy'] = $request[3]; $TList = $this->_model->search($vars); } } else { $vars = isset($_GET) ? $_GET : array(); if (isset($request[2]) && $request[2] == "queries") { $vars['queries'] = true; } if (!isset($TList)) { $TList = $this->_model->search($vars); } } $this->_view->searchmembers_ajax($TList, $vars, $mapstyle); // Store latest search results and variables in session $_SESSION['SearchMembersTList'] = $TList; $_SESSION['SearchMembersVars'] = $vars; PPHP::PExit(); break; /* quicksearch shouldn't go through this route case 'quicksearch': $mapstyle = "mapoff"; // First check if the QuickSearch feature is closed if ($_SESSION["Param"]->FeatureQuickSearchIsClosed!='No') { $this->_view->showFeatureIsClosed(); PPHP::PExit(); break ; } // end of test "if QuickSearch feature is closed" if (isset($request[2])) { // The parameter to search for can be for the form searchmember/quicksearch/ value $searchtext=$request[2] ; } if (isset($_GET['searchtext'])) { // The parameter can come from the main menu $searchtext = $_GET['searchtext']; } if (isset($_POST['searchtext'])) { // The parameter can come from the quicksearch form $searchtext = $_POST['searchtext']; } // die('here searchtext={'.$searchtext.'}') ; if (!empty($searchtext)) { $TReturn=$this->_model->quicksearch($searchtext) ; if ((count($TReturn->TMembers)==1) and (count($TReturn->TPlaces)==0) and (count($TReturn->TForumTags)==0)) { $loc="members/".$TReturn->TMembers[0]->Username ; header('Location: '.$loc); PPHP::PExit(); } else if ((count($TReturn->TMembers)==0) and (count($TReturn->TPlaces)==1) and (count($TReturn->TForumTags)==0)) { $loc=$TReturn->TPlaces[0]->link ; header('Location: '.$loc); PPHP::PExit(); } else if ((count($TReturn->TMembers)==0) and (count($TReturn->TPlaces)==0) and (count($TReturn->TForumTags)==1)) { $loc="forums/t".$TReturn->TForumTags[0]->IdTag ; header('Location: '.$loc); PPHP::PExit(); } $P->content .= $vw->quicksearch_results($TReturn); } else { $vars = PPostHandler::getVars('quicksearch_callbackId'); PPostHandler::clearVars('quicksearch_callbackId'); // first include the col2-stylesheet $P->addStyles .= $this->_view->customStyles($mapstyle,$quicksearch=1); // now the teaser content $P->teaserBar .= $vw->teaserquicksearch($mapstyle); $P->content .= $vw->quicksearch_form(); } break; // Backwards compatibility case 'index': $loc = PVars::getObj('env')->baseuri; $loc .= 'searchmembers'; if(isset($request[2])) {$loc .= '/'.$request[2];} elseif(isset($request[3])) {$loc .= '/'.$request[3];} header('Location: '.$loc); PPHP::PExit(); break; */ /* quicksearch shouldn't go through this route case 'quicksearch': $mapstyle = "mapoff"; // First check if the QuickSearch feature is closed if ($_SESSION["Param"]->FeatureQuickSearchIsClosed!='No') { $this->_view->showFeatureIsClosed(); PPHP::PExit(); break ; } // end of test "if QuickSearch feature is closed" if (isset($request[2])) { // The parameter to search for can be for the form searchmember/quicksearch/ value $searchtext=$request[2] ; } if (isset($_GET['searchtext'])) { // The parameter can come from the main menu $searchtext = $_GET['searchtext']; } if (isset($_POST['searchtext'])) { // The parameter can come from the quicksearch form $searchtext = $_POST['searchtext']; } // die('here searchtext={'.$searchtext.'}') ; if (!empty($searchtext)) { $TReturn=$this->_model->quicksearch($searchtext) ; if ((count($TReturn->TMembers)==1) and (count($TReturn->TPlaces)==0) and (count($TReturn->TForumTags)==0)) { $loc="members/".$TReturn->TMembers[0]->Username ; header('Location: '.$loc); PPHP::PExit(); } else if ((count($TReturn->TMembers)==0) and (count($TReturn->TPlaces)==1) and (count($TReturn->TForumTags)==0)) { $loc=$TReturn->TPlaces[0]->link ; header('Location: '.$loc); PPHP::PExit(); } else if ((count($TReturn->TMembers)==0) and (count($TReturn->TPlaces)==0) and (count($TReturn->TForumTags)==1)) { $loc="forums/t".$TReturn->TForumTags[0]->IdTag ; header('Location: '.$loc); PPHP::PExit(); } $P->content .= $vw->quicksearch_results($TReturn); } else { $vars = PPostHandler::getVars('quicksearch_callbackId'); PPostHandler::clearVars('quicksearch_callbackId'); // first include the col2-stylesheet $P->addStyles .= $this->_view->customStyles($mapstyle,$quicksearch=1); // now the teaser content $P->teaserBar .= $vw->teaserquicksearch($mapstyle); $P->content .= $vw->quicksearch_form(); } break; // Backwards compatibility case 'index': $loc = PVars::getObj('env')->baseuri; $loc .= 'searchmembers'; if(isset($request[2])) {$loc .= '/'.$request[2];} elseif(isset($request[3])) {$loc .= '/'.$request[3];} header('Location: '.$loc); PPHP::PExit(); break; */ default: $words = new MOD_words(); $P->addStyles = $this->_view->customStyles($mapstyle); $google_conf = PVars::getObj('config_google'); $P->title = $words->getBuffered('searchmembersTitle') . " - BeWelcome"; $P->currentTab = 'searchmembers'; $P->currentSubTab = 'searchmembers'; $subTab = 'index'; // prepare sort order for both the filters and the userbar $sortorder = $this->_model->get_sort_order(); $P->teaserBar = $vw->teaser($mapstyle, $sortorder, $varsOnLoad); $P->teaserBar .= $vw->searchmembersFilters($this->_model->sql_get_groups(), $this->_model->sql_get_set("members", "Accomodation"), $this->_model->sql_get_set("members", "TypicOffer"), $sortorder); $P->content = $vw->search_column_col3($sortorder, $queries, $mapstyle, $varsOnLoad, $varsGet, $this->_model->sql_get_set("members", "Accomodation")); /*$P->content = $vw->memberlist($mapstyle,$sortorder); $P->content .= $vw->searchmembers( $queries, $mapstyle, $varsOnLoad, $varsGet, $this->_model->sql_get_set("members", "Accomodation") ); */ $P->show_volunteerbar = false; break; } }
/** * Sends a confirmation e-mail * * @param string $userId */ public function registerMail($userId) { $User = $this->_model->getUser($userId); if (!$User) { return false; } $handle = $User->handle; $email = $User->email; $key = APP_User::getSetting($userId, 'regkey'); if (!$key) { return false; } $key = $key->value; $confirmUrl = PVars::getObj('env')->baseuri . 'user/confirm/' . $handle . '/' . $key; $registerMailText = array(); require SCRIPT_BASE . 'text/' . PVars::get()->lang . '/apps/user/register.php'; $from = $registerMailText['from_name'] . ' <' . PVars::getObj('config_mailAddresses')->registration . '>'; $subject = $registerMailText['subject']; $Mail = new MOD_mail_Multipart(); $logoCid = $Mail->addAttachment(HTDOCS_BASE . 'images/logo.png', 'image/png'); ob_start(); require 'templates/register_html.php'; $mailHTML = ob_get_contents(); ob_end_clean(); $mailText = ''; require 'templates/register_plain.php'; $Mail->addMessage($mailText); $Mail->addMessage($mailHTML, 'text/html'); $Mail->buildMessage(); $Mailer = Mail::factory(PVars::getObj('config_smtp')->backend, PVars::get()->config_smtp); if (is_a($Mailer, 'PEAR_Error')) { $e = new PException($Mailer->getMessage()); $e->addMessage($Mailer->getDebugInfo()); throw $e; } $rcpts = $email; $header = $Mail->header; $header['From'] = $from; $header['To'] = $email; $header['Subject'] = $subject; $header['Message-Id'] = '<reg' . $userId . '.' . sha1(uniqid(rand())) . '@myTravelbook>'; $r = @$Mailer->send($rcpts, $header, $Mail->message); if (is_object($r) && is_a($r, 'PEAR_Error')) { $e = new PException($r->getMessage()); $e->addInfo($r->getDebugInfo()); throw $e; } }
/** * Fetch all required data for the view to display a forum * this data are stored in $this->board */ public function prepareForum($showsticky = true) { if (!$this->geonameid && !$this->countrycode && !$this->continent && !$this->IdGroup) { if ($this->TopMode == Forums::CV_TOPMODE_CATEGORY) { $this->boardTopLevelCategories(); } elseif ($this->TopMode == Forums::CV_TOPMODE_LASTPOSTS) { $this->boardTopLevelLastPosts($showsticky); } elseif ($this->TopMode == Forums::CV_TOPMODE_LANDING) { $this->boardTopLevelLanding($showsticky); } elseif ($this->TopMode == Forums::CV_TOPMODE_FORUM) { $this->boardTopLevelForum($showsticky); } elseif ($this->TopMode == Forums::CV_TOPMODE_GROUPS) { $this->boardTopLevelGroups($showsticky); } else { $this->boardTopLevelLanding($showsticky); } } else { if ($this->continent && !$this->geonameid && !$this->countrycode) { $this->boardContinent(); } else { if ($this->IdGroup) { $this->boardGroup($showsticky); } else { if (isset($this->admincode) && $this->admincode && $this->continent && $this->countrycode && !$this->geonameid) { $this->boardadminCode(); } else { if ($this->continent && $this->countrycode && !$this->geonameid) { $this->boardCountry(); } else { if ($this->continent && $this->countrycode && $this->geonameid && isset($this->admincode) && $this->admincode) { $this->boardLocation(); } else { if (PVars::get()->debug) { throw new PException('Invalid Request'); } else { PRequest::home(); } } } } } } } }
protected function translator_block() { if (MOD_right::get()->hasRight("Words", PVars::get()->lang)) { ?> <div id="translator" class="float_right"><?php $request_string = implode('/', PVars::get()->request); $rox_tr = PVars::getObj("env")->baseuri . "rox/tr_mode"; $words = new MOD_words(); switch ($words->getTrMode()) { case 'translate': ?> <a href="<?php echo $rox_tr; ?> /browse/<?php echo $request_string; ?> ">browse</a> <strong>translate</strong> <a href="<?php echo $rox_tr; ?> /edit/<?php echo $request_string; ?> ">edit</a> <?php break; case 'edit': ?> <a href="<?php echo $rox_tr; ?> /browse/<?php echo $request_string; ?> ">browse</a> <a href="<?php echo $rox_tr; ?> /translate/<?php echo $request_string; ?> ">translate</a> <strong>edit</strong> <?php break; default: case 'browse': ?> <strong>browse</strong> <a href="<?php echo $rox_tr; ?> /translate/<?php echo $request_string; ?> ">translate</a> <a href="<?php echo $rox_tr; ?> /edit/<?php echo $request_string; ?> ">edit</a> <?php break; } ?> </div><?php } }
* once htdocs/bw/layout/footer.php is gone */ function _getVersionInfo() { $revisionFile = "../revision.txt"; if (file_exists($revisionFile)) { $version = substr(file_get_contents($revisionFile), 0, 7); } else { $version = "0000000"; } return $version; } $versionInfo = _getVersionInfo(); // Deployment date and time $mtime = filemtime(__FILE__); $deploymentDate = date("j M Y", $mtime); $deploymentDateTime = date(DATE_RSS, $mtime); /** * used in footer */ function _getBugreportLink() { $url = PVars::getObj("env")->baseuri . "feedback?"; $url .= "IdCategory=1&"; $url .= "RequestURI="; $url .= urlencode('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); return $url; } $bugreportLink = _getBugreportLink(); $query_list = PVars::get()->query_history;
/** * Processing registration * * This is a POST callback function * * Sets following errors in POST-vars: * username - general username fault * uinuse - username already in use * email - general email fault, email format error * einuse - email in use * pw - general password fault * pwmismatch - password mismatch * inserror - error performing db insertion * * @param void */ public function registerProcess() { $c = PFunctions::hex2base64(sha1(__METHOD__)); if (PPostHandler::isHandling()) { $vars =& PPostHandler::getVars(); $errors = array(); // check username if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) { $errors[] = 'username'; } elseif ($this->handleInUse($vars['u'])) { $errors[] = 'uinuse'; } // email if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) { $errors[] = 'email'; } elseif ($this->emailInUse($vars['e'])) { $errors[] = 'einuse'; } // password if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) { $errors[] = 'pw'; } elseif ($vars['p'] != $vars['pc']) { $errors[] = 'pwmismatch'; } else { if (substr_count($vars['p'], '*') != strlen($vars['p'])) { // set encoded pw $vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']); $shadow = str_repeat('*', strlen($vars['p'])); $vars['p'] = $shadow; $vars['pc'] = $shadow; } } if (count($errors) > 0) { $vars['errors'] = $errors; return false; } $Auth = new MOD_user_Auth(); $authId = $Auth->checkAuth('defaultUser'); $query = ' INSERT INTO `user` (`id`, `auth_id`, `handle`, `email`, `pw`, `active`) VALUES ( ' . $this->dao->nextId('user') . ', ' . (int) $authId . ', \'' . $this->dao->escape($vars['u']) . '\', \'' . $this->dao->escape($vars['e']) . '\', \'' . $this->dao->escape($vars['pwenc']) . '\', 0 )'; $s = $this->dao->query($query); if (!$s->insertId()) { $vars['errors'] = array('inserror'); return false; } $userId = $s->insertId(); $key = PFunctions::randomString(16); // save register key if (!APP_User::addSetting($userId, 'regkey', $key)) { $vars['errors'] = array('inserror'); return false; } // save lang if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) { $vars['errors'] = array('inserror'); return false; } $View = new UserView($this); $View->registerMail($userId); PPostHandler::clearVars(); return PVars::getObj('env')->baseuri . 'user/register/finish'; } else { PPostHandler::setCallback($c, __CLASS__, __FUNCTION__); return $c; } }
/** * index is called when http request = ./forums * or during a new topic/edit of a group */ public function index($subforum = false) { if (PPostHandler::isHandling()) { return; } // Determine the search callback and tell the view about it $searchCallbackId = $this->searchProcess(); $view = $this->_view; $view->searchCallbackId = $searchCallbackId; $page = $view->page = new RoxGenericPage(); $request = $this->request; if (isset($request[0]) && $request[0] != 'forums') { // if this is a ./groups url get the group number if any if ($request[0] == "groups" && isset($request[1])) { $IdGroup = intval($request[1]); } $new_request = array(); $push = false; foreach ($request as $r) { if ($r == 'forums' or $r == 'forum') { $push = true; } if ($push == true) { array_push($new_request, $r); } } $request = $new_request; $page = $view->page = new PageWithHTMLpart(); } // First check if the feature is closed if ($_SESSION["Param"]->FeatureForumClosed != 'No' and !$this->BW_Right->HasRight("Admin")) { $this->_view->showFeatureIsClosed(); PPHP::PExit(); } // end of test "if feature is closed" if (APP_User::isBWLoggedIn()) { $User = APP_User::login(); } else { $User = false; } $showSticky = true; $this->parseRequest(); // set uri for correct links in group pages etc. $view->uri = $this->uri; $page->uri = $this->uri; $view->BW_Right = $this->BW_Right; $page->BW_Right = $this->BW_Right; $this->_model->prepareForum($showSticky); // first include the col2-stylesheet $page->addStyles .= $view->customStyles(); $page->currentTab = 'forums'; // then the userBar $page->newBar .= $view->getAsString('userBar'); // we can't replace this ob_start() if ($this->action == self::ACTION_NOT_LOGGED_IN) { $this->_redirectNotLoggedIn(); } ob_start(); if ($this->action == self::ACTION_VOTE_POST) { if (!isset($request[2])) { die("Need to have a IdPost"); } $IdPost = $request[2]; if (!isset($request[3])) { die("Need to have a vote value"); } $Value = $request[3]; $this->_model->VoteForPost($IdPost, $Value); $this->_model->setThreadId($this->_model->GetIdThread($IdPost)); $this->isTopLevel = false; $this->_model->prepareTopic(true); $this->_view->showTopic(); } elseif ($this->action == self::ACTION_DELETEVOTE_POST) { if (!isset($request[2])) { die("Need to have a IdPost"); } $IdPost = $request[2]; $this->_model->DeleteVoteForPost($IdPost); $this->_model->setThreadId($this->_model->GetIdThread($IdPost)); $this->isTopLevel = false; $this->_model->prepareTopic(true); $this->_view->showTopic(); } elseif ($this->action == self::ACTION_MODERATOR_FULLEDITPOST) { if (!isset($request[2])) { die("Need to have a IdPost"); } $IdPost = $request[2]; if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) { MOD_log::get()->write("Trying to edit post #" . $IdPost . " without proper right", "ForumModerator"); die("You miss right ForumModerator"); } $callbackId = $this->ModeratorEditPostProcess(); $DataPost = $this->_model->prepareModeratorEditPost($IdPost); $this->_view->showModeratorEditPost($callbackId, $DataPost); PPostHandler::clearVars($callbackId); } elseif ($this->action == self::ACTION_MODERATOR_EDITTAG) { if (!isset($request[2])) { die("Need to have a IdTag"); } $IdTag = $request[2]; if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) { MOD_log::get()->write("Trying to edit Tag #" . $IdTag . " without proper right", "ForumModerator"); die("You miss right ForumModerator"); } $callbackId = $this->ModeratorEditTagProcess(); $DataTag = $this->_model->prepareModeratorEditTag($IdTag); $this->_view->showModeratorEditTag($callbackId, $DataTag); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_VIEW) { if ($this->_model->isTopic()) { $this->_model->prepareTopic(true); $this->_view->showTopic(); } else { if ($this->isTopLevel) { $this->_model->setTopMode(Forums::CV_TOPMODE_LANDING); $this->_model->prepareForum(); $onlymygroupscallbackId = $this->mygroupsonlyProcess(); $morelessthreadscallbackid = $this->morelessthreadsProcess(); $this->_view->showTopLevelLandingPage($onlymygroupscallbackId, $morelessthreadscallbackid); PPostHandler::clearVars($onlymygroupscallbackId); PPostHandler::clearVars($morelessthreadscallbackid); } else { $this->_model->prepareForum(); $this->_view->showForum(); } } } else { if ($this->action == self::ACTION_VIEW_CATEGORY) { $this->_view->showTopLevelCategories(); } else { if ($this->action == self::ACTION_VIEW_LASTPOSTS) { $callbackId = $this->mygroupsonlyProcess(); $this->_view->showTopLevelRecentPosts($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_VIEW_LANDING) { $callbackId = $this->mygroupsonlyProcess(); $this->_view->showTopLevelLandingPage($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_VIEW_FORUM) { $groupsCallback = false; $member = $this->_model->getLoggedInMember(); if ($member && $member->Status != 'ChoiceInactive') { $noForumNewTopicButton = false; } else { // Don't offer the new topic button to 'silent' members $noForumNewTopicButton = true; } $this->_view->showTopLevelRecentPosts($groupsCallback, $noForumNewTopicButton); } else { if ($this->action == self::ACTION_VIEW_GROUPS) { $callbackId = $this->mygroupsonlyProcess(); $this->_view->showTopLevelRecentPosts($callbackId, true); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_RULES) { $this->_view->rules(); } else { if ($this->action == self::ACTION_NEW) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } if (isset($request[2]) and $request[2][0] == 'u') { $IdGroup = substr($request[2], 1); } else { if (!isset($IdGroup)) { $IdGroup = 0; } } $this->_model->prepareForum(); $callbackId = $this->createProcess(); $this->_view->createTopic($callbackId, $IdGroup); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_REPORT_TO_MOD) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $callbackId = $this->reportpostProcess(); if (isset($request[2])) { if ($request[2] == 'AllMyReport') { $DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], ""); // This retrieve all the reports for the current member $this->_view->showReportList($callbackId, $DataPost); } elseif ($request[2] == 'MyReportActive') { $DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], "('Open','OnDiscussion')"); // This retrieve the Active current pending report for the current member $this->_view->showReportList($callbackId, $DataPost); } elseif ($request[2] == 'AllActiveReports') { if (!$this->BW_Right->HasRight("ForumModerator")) { // if a non forum moderator tries to access this just pull the brakes PPHP::PExit(); } $DataPost = $this->_model->prepareReportList(0, "('Open','OnDiscussion')"); // This retrieve all the current Active pending report $this->_view->showReportList($callbackId, $DataPost); } else { $IdPost = $request[2]; $IdWriter = $_SESSION["IdMember"]; if (!empty($request[3]) and $this->BW_Right->HasRight("ForumModerator")) { $IdWriter = $request[3]; } $DataPost = $this->_model->prepareModeratorEditPost($IdPost, $this->BW_Right->HasRight('ForumModerator')); // We will use the same data as the one used for Moderator edit if ($DataPost->Error == 'NoGroupMember') { // if someone who isn't a member of the associated group // tries to access this just pull the brakes PPHP::PExit(); } $DataPost->Report = $this->_model->prepareReportPost($IdPost, $IdWriter); $this->_view->showReportPost($callbackId, $DataPost); } PPostHandler::clearVars($callbackId); } } else { if ($this->action == self::ACTION_REPLY) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if teh user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $this->_model->prepareForum(); $this->_model->prepareTopic(); $this->_model->initLastPosts(); $callbackId = $this->replyProcess(); $this->_view->replyTopic($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_SUGGEST) { // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { PPHP::PExit(); } $new_tags = $this->_model->suggestTags($request[2]); echo $this->_view->generateClickableTagSuggestions($new_tags); PPHP::PExit(); } else { if ($this->action == self::ACTION_LOCATIONDROPDOWNS) { // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { PPHP::PExit(); } echo $this->_view->getLocationDropdowns(); PPHP::PExit(); } else { if ($this->action == self::ACTION_DELETE) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User || !$this->BW_Right->HasRight("ForumModerator", "Delete")) { PRequest::home(); } $this->delProcess(); } else { if ($this->action == self::ACTION_EDIT) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $callbackId = $this->editProcess(); $this->_model->prepareForum(); $this->_model->getEditData($callbackId); $this->_view->editPost($callbackId, false); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_TRANSLATE) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $callbackId = $this->editProcess(); $this->_model->prepareForum(); $this->_model->getEditData($callbackId); $this->_view->editPost($callbackId, true); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_MODEDIT) { if (!$User) { PRequest::home(); } $callbackId = $this->editProcess(); $this->_model->prepareForum(); $this->_model->getEditData($callbackId); $this->_view->ModeditPost($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_SEARCH_FORUMS) { $this->_view->keyword = $request[2]; $this->_view->showSearchResultPage($request[2]); PPostHandler::clearVars($searchCallbackId); } else { if ($this->action == self::ACTION_SEARCH_USERPOSTS) { if (!isset($request[2])) { PPHP::PExit(); } $this->searchUserposts($request[2]); } else { if ($this->action == self::ACTION_SUBSCRIBE) { if (!isset($request[2])) { PPHP::PExit(); } if ($request[2] == "thread") { $this->SubscribeThread($request[3]); } if ($request[2] == "tag") { $this->SubscribeTag($request[3]); } } else { if ($this->action == self::ACTION_SEARCH_SUBSCRIPTION) { /* * Here the following syntax can be used : * forums/subscriptions : allow current user to see his subscribtions * forums/subscriptions/unsubscribe/thread/xxx/yyy : allow current user to unsubscribe from members_threads_subscribed.id xxx with key yyy * forums/subscriptions/member/xxx : allow a forum moderator to see all subscribtions of member xxx * forums/subscriptions/thread/xxx : allow a forum moderator to see all subscribers and subscribtions for thread xxx * forums/subscribe/thread/xxx : subscribe to thread xxx */ $operation = ""; if (isset($request[2])) { $operation = $request[2]; } switch ($operation) { case "enable": if (isset($request[3])) { switch ($request[3]) { case 'thread': $this->EnableThread($request[4]); break; case 'tag': $this->EnableTag($request[4]); break; case 'group': $this->EnableGroup($request[4]); break; } } else { $this->enableSubscriptions(); } break; case "disable": if (isset($request[3])) { switch ($request[3]) { case 'tag': $this->DisableTag($request[4]); break; case 'thread': $this->DisableThread($request[4]); break; case 'group': $this->DisableGroup($request[4]); break; } } else { $this->disableSubscriptions(); } break; case "subscribe": if (isset($request[3]) and $request[3] == 'group') { $this->SubscribeGroup($request[4]); } break; case "unsubscribe": switch ($request[3]) { case 'thread': $this->UnsubscribeThread($request[4], $request[5]); break; case 'tag': $this->UnsubscribeTag($request[4], $request[5]); break; case 'group': $this->UnsubscribeGroup($request[4]); break; } break; default: $this->searchSubscriptions(); } } else { if (PVars::get()->debug) { throw new PException('unexpected forum action!'); } else { PRequest::home(); } } } } } } } } } } } } } } } } } } } } } } $page->content .= ob_get_contents(); ob_end_clean(); $page->newBar .= $view->getAsString('showCategoriesContinentsTagcloud'); $page->teaserBar .= $view->getAsString('teaser'); $page->render(); }
/** * Delete a row from a table * * @access public * @return bool * @throws EntityException */ public function delete() { if (!$this->_has_loaded || !$this->isPKSet()) { return false; } if (!($where = $this->preparePKWhereString())) { return false; } $query = <<<SQL DELETE FROM `{$this->getTableName()}` WHERE {$where} SQL; try { $this->dao->exec($query); } catch (Exception $e) { if (PVars::get()->debug) { throw new EntityException("Failed to delete row from {$this->getTableName()} with sql: {$query}"); } return false; } // make sure entity can't be used after this $this->wipeEntity(); // TODO: check result before returning it return true; }
/** * checks if current user has given right * * @param string $right * @return boolean */ public function hasRight($right) { if (!$this->authId) { return false; } if (!($rightId = $this->checkRight($right))) { return false; } if (!($right = $this->_parseRight($right))) { return false; } if (PVars::get()->debug) { $t = microtime(); PSurveillance::setPoint('MOD_user_auth' . $t); } $query = ' SELECT r.`id` FROM `mod_user_auth` AS a LEFT JOIN `mod_user_authrights` AS ar ON ar.`auth_id` = a.`id` LEFT JOIN `mod_user_rights` AS r ON r.`id` = ar.`right_id` LEFT JOIN `mod_user_groupauth` AS ga ON ga.`auth_id` = a.`id` LEFT JOIN `mod_user_authgroups` AS g ON g.`id` = ga.`group_id` LEFT JOIN `mod_user_grouprights` AS gr ON gr.`group_id` = g.`id` LEFT JOIN `mod_user_implications` AS i ON r.`has_implied` = 1 AND i.`right_id` = r.`id` LEFT JOIN `mod_user_rights` AS r2 ON r2.`id` = gr.`right_id` LEFT JOIN `mod_user_implications` AS i2 ON r2.`has_implied` = 1 AND i2.`right_id` = r2.`id` WHERE a.`id` = ' . (int) $this->authId . ' AND (r.`id` = ' . (int) $rightId . ' OR gr.`right_id` = ' . (int) $rightId . ' OR i.`implies_id` = ' . (int) $rightId . ' OR i2.`implies_id` = ' . (int) $rightId . ') '; $s = $this->dao->query($query); if (!isset($right['app'])) { $right['app'] = null; } if (PVars::get()->debug) { PSurveillance::setPoint('eoMOD_user_auth' . $t); } return $s->numRows(); }
/** * executes a statement and returns the no of affected rows * * @param string $statement * @return int */ public function exec($statement) { try { if (!$this->ready()) { throw new PException('MySQL connection not ready!'); } $q = $this->_MySQLi->query($statement); if (!$q) { throw new PException('MySQL error!', 1000); } $qcount = PVars::get()->queries + 1; PVars::register('queries', $qcount); if (is_object($q)) { return $q->affected_rows; } else { return $q; } } catch (PException $e) { throw $e; } }
/** * remove session login cookie * * @param void * @return boolean */ public function removeCookie() { if (!PVars::get()->cookiesAccepted) { return false; } if (!isset($_COOKIE) || !is_array($_COOKIE)) { return false; } $env = PVars::getObj('env'); if (isset($_COOKIE[$env->cookie_prefix . 'userid'])) { self::addSetting($_COOKIE[$env->cookie_prefix . 'userid'], 'skey'); setcookie($env->cookie_prefix . 'userid', '', time() - 3600, '/'); } if (isset($_COOKIE[$env->cookie_prefix . 'userkey'])) { setcookie($env->cookie_prefix . 'userkey', '', time() - 3600, '/'); } if (isset($_COOKIE[$env->cookie_prefix . 'ep'])) { setcookie($env->cookie_prefix . 'ep', '', time() - 3600, '/'); } return true; }
/** * prepares a statement * * returns the key of the statement * * @param string $statement * @return int */ public function prepare($statement) { if (PVars::get()->debug) { $tm = microtime(); PSurveillance::setPoint('statement_prepare' . $tm); } if (isset($this->result) && $this->result) { $this->result->close(); unset($this->result); } $statement = $this->_dao->MySQLi->prepare($statement); if (!$statement) { $e = new PException('Could not prepare statement!', 1000); $e->addInfo($this->_dao->getErrNo()); $e->addInfo($this->_dao->getErrMsg()); throw $e; } $this->_statement[] = $statement; end($this->_statement); $k = key($this->_statement); $this->_bound = array(); if (PVars::get()->debug) { PSurveillance::setPoint('eostatement_prepare' . $tm); } $this->_i = $k; return $k; }
public function registerTBMember($vars) { $Auth = new MOD_bw_user_Auth(); $authId = $Auth->checkAuth('defaultUser'); // TODO: we shouldn't use mysql's password(), // but for now it's to get nearer to the BW style $query = ' INSERT INTO `user` (`id`, `auth_id`, `handle`, `email`, `active`) VALUES ( ' . $this->dao->nextId('user') . ', ' . (int) $authId . ', \'' . $vars['username'] . '\', \'' . $vars['email'] . '\', 0 )'; $s = $this->dao->query($query); if (!$s->insertId()) { $vars['errors'] = array('inserror'); return false; } $userId = $s->insertId(); $key = PFunctions::randomString(16); // save register key if (!APP_User::addSetting($userId, 'regkey', $key)) { $vars['errors'] = array('inserror'); return false; } // save lang if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) { $vars['errors'] = array('inserror'); return false; } return $userId; }
/** * executes a statement and returns the no of affected rows * * @param string $statement * @return int */ public function exec($statement) { try { if (!$this->ready()) { throw new PException('MySQL connection not ready!'); } $q = @mysql_query($statement, $this->_cr); if (!$q) { throw new PException('MySQL error!', 1000); } $q = PVars::get()->queries + 1; PVars::register('queries', $q); return mysql_affected_rows($this->_cr); } catch (PException $e) { throw $e; } }