/** * Deletes a category * @param int $iId * @return bool */ public function deleteCategory($iId) { Phpfox::isAdmin(true); $this->database()->delete(Phpfox::getT('app_category'), 'category_id = ' . (int) $iId); $this->database()->delete(Phpfox::getT('app_category_data'), 'category_id = ' . (int) $iId); return true; }
/** * Gets the bulletins to show in the entry block, this complies with the admin panel settings for * how many to show in front page and if the bulletins are private or not, also with the cache time out * Private bulletins are never cached or it would lead to too many cache files. * @param $iId integer User id for which we filter, we check if this user has permission to see every message or we filter out * @return array */ public function getBulletins($iId) { // we need to show all the bulletins that this user can see // we need to know if the admin has set it so only friends can view bulletins if (Phpfox::getParam('bulletin.is_bulletin_public') || Phpfox::isAdmin()) { // check the cache first // we do a simple get if (Phpfox::getParam('bulletin.bulletin_do_cache')) { $sCacheId = $this->cache()->set('bulletin'); if (!($aRows = $this->cache()->get($sCacheId, Phpfox::getParam('bulletin.cache_time_out')))) { $aRows = $this->database()->select('b.bulletin_id, b.view_id, b.title, b.time_stamp, b.total_comment, b.total_attachment, ' . Phpfox::getUserField())->from($this->_sTable, 'b')->join(Phpfox::getT('user'), 'u', 'u.user_id = b.user_id')->order('b.time_stamp DESC')->where('b.view_id = 0')->limit(Phpfox::getParam('bulletin.how_many_show_in_front_page'))->execute('getSlaveRows'); if (!empty($aRows)) { foreach ($aRows as $iKey => $aRow) { $aRows[$iKey]['posted_on'] = Phpfox::getPhrase('bulletin.posted_on_time_stamp_by_user_link', array('item_time_stamp' => Phpfox::getTime(Phpfox::getParam('bulletin.bulletin_view_timestamp'), $aRow['time_stamp']), 'user' => $aRow)); } $this->cache()->save($sCacheId, $aRows); } } return $aRows; } $aRows = $this->database()->select('b.bulletin_id, b.title, b.view_id, b.time_stamp, b.total_comment, b.total_attachment, ' . Phpfox::getUserField())->from($this->_sTable, 'b')->join(Phpfox::getT('user'), 'u', 'u.user_id = b.user_id')->order('b.time_stamp DESC')->limit(Phpfox::getParam('bulletin.how_many_show_in_front_page'))->execute('getSlaveRows'); foreach ($aRows as $iKey => $aRow) { $aRows[$iKey]['posted_on'] = Phpfox::getPhrase('bulletin.posted_on_time_stamp_by_user_link', array('item_time_stamp' => Phpfox::getTime(Phpfox::getParam('bulletin.bulletin_view_timestamp'), $aRow['time_stamp']), 'user' => $aRow)); } return $aRows; } // Private bulletins, cache the ones this oner can see $aRows = $this->database()->select('DISTINCT b.bulletin_id, b.title, b.view_id, b.time_stamp, b.total_comment, b.total_attachment, ' . Phpfox::getUserField())->from($this->_sTable, 'b')->join(Phpfox::getT('friend'), 'f', '(f.friend_user_id = ' . (int) $iId . ' AND f.user_id = b.user_id) OR b.user_id = ' . (int) $iId)->join(Phpfox::getT('user'), 'u', 'b.user_id = u.user_id')->order('b.time_stamp DESC')->limit(Phpfox::getParam('bulletin.how_many_show_in_front_page'))->execute('getSlaveRows'); foreach ($aRows as $iKey => $aRow) { $aRows[$iKey]['posted_on'] = Phpfox::getPhrase('bulletin.posted_on_time_stamp_by_user_link', array('item_time_stamp' => Phpfox::getTime(Phpfox::getParam('bulletin.bulletin_view_timestamp'), $aRow['time_stamp']), 'user' => $aRow)); } return $aRows; }
public function compose() { Phpfox::isUser(true); $aUser = Phpfox::getService('user')->get($this->get('user_id'), true); $this->setTitle(Phpfox::getPhrase('interact.interact_with_user', array('fname' => $aUser['full_name']))); if (!Phpfox::getService('user.privacy')->hasAccess($aUser['user_id'], 'interact.can_interact')) { echo Phpfox::getPhrase('interact.unable_privacy'); return false; } if (Phpfox::getParam('interact.interact_friends_only')) { if (!Phpfox::getService('friend')->isFriend($aUser['user_id'], Phpfox::getUserId())) { echo Phpfox::getPhrase('interact.unable_friend'); return false; } } if (Phpfox::getUserParam('interact.enable_interactions')) { $iAllowed = Phpfox::getUserParam('interact.send_per_hour'); if ($iAllowed != 0) { $iHourSent = Phpfox::getLib('database')->select('COUNT(id)')->from(Phpfox::getT('interactions_main'))->where('is_reply = 0 AND sender_id = ' . Phpfox::getUserId() . ' AND time >= ' . (time() - 3600))->execute('getSlaveField'); if (!Phpfox::isAdmin() && $iHourSent >= $iAllowed && $this->get('reply') == 0) { echo Phpfox::getPhrase('interact.flood_control', array('allowed' => $iAllowed)); return false; } } $iItemId = 0; if ($this->get('item_id')) { $iItemId = $this->get('item_id'); } Phpfox::getBlock('interact.compose', array('int_id' => $this->get('int_id'), 'user_id' => $this->get('user_id'), 'item_id' => $iItemId, 'is_reply' => $this->get('reply') ? $this->get('reply') : 0)); echo '<script type="text/javascript">$Core.loadInit();</script>'; } else { echo Phpfox::getPhrase('interact.no_permission'); return false; } }
/** * Class process method wnich is used to execute this component. */ public function process() { Phpfox::isAdmin(true); if (!($aLog = Phpfox::getService('core.admincp')->getAdminLoginLog($this->request()->get('login_id')))) { return false; } $this->template()->assign(array('aLog' => $aLog)); }
public function deleteNoFollow() { Phpfox::isAdmin(true); foreach ((array) $this->get('id') as $iId) { Phpfox::getService('admincp.seo.process')->deleteNoFollow($iId); $this->remove('#js_id_row_' . $iId); } $this->call('$(\'#js_check_box_all\').attr(\'checked\', false);'); }
/** * This function validates the permission to send a PM to another user, it * takes into account the user group setting: mail.can_compose_message * the privacy setting by the receiving user: mail.send_message * and if the receiving user is blocked by the sender user or viceversa * Also checks on other user group based restrictions * @param int $iUser The user id of the member trying to send a message * @return boolean true if its ok to send the message, false otherwise */ public function canMessageUser($iUser) { (($sPlugin = Phpfox_Plugin::get('mail.service_mail_canmessageuser_1')) ? eval($sPlugin) : false); if (isset($bCanOverrideChecks)) { return true; } // 1. user group setting: if (!Phpfox::getUserParam('mail.can_compose_message')) { return false; } // 2. Privacy setting check $iPrivacy = $this->database()->select('user_value') ->from(Phpfox::getT('user_privacy')) ->where('user_id = ' . (int)$iUser . ' AND user_privacy = "mail.send_message"') ->execute('getSlaveField'); if (!empty($iPrivacy) && !Phpfox::isAdmin()) { if ($iPrivacy == 4) // No one { return false; } else if($iPrivacy == 1 && !Phpfox::isUser()) // trivial case { return false; } else if ($iPrivacy == 2 && !Phpfox::getService('friend')->isFriend(Phpfox::getUserId(), $iUser, false)) // friends only { return false; } } // 3. Blocked users if (!Phpfox::isAdmin() && (Phpfox::getService('user.block')->isBlocked(Phpfox::getUserId(), $iUser) > 0 || Phpfox::getService('user.block')->isBlocked($iUser, Phpfox::getUserId()) > 0)) { return false; } // 4. Sending message to oneself vs the setting mail.can_message_self if ($iUser == Phpfox::getUserId() && !Phpfox::getUserParam('mail.can_message_self')) { return false; } // 5. User group setting (different from check 2 since that is user specific) if ((Phpfox::getUserParam('mail.restrict_message_to_friends') == true) && (Phpfox::getService('friend')->isFriend(Phpfox::getUserId(), $iUser, false) == false) && (Phpfox::getUserParam('mail.override_restrict_message_to_friends') == false)) { return false; } // then its ok return true; }
public function dumpCache() { Phpfox::isAdmin(true); $aFiles = Phpfox::getLib('file')->getAllFiles(PHPFOX_DIR_CACHE); foreach ($aFiles as $sFile) { unlink($sFile); } $aFiles = Phpfox::getLib('file')->getAllFiles(PHPFOX_DIR_CACHE); $this->html('#dump_cache_button_text', Phpfox::getPhrase('sysop.dump_cache') . ' (' . count($aFiles) . ' ' . Phpfox::getPhrase('sysop.files') . ')'); $this->call('blinkStatus("cache_dump_status");'); }
private function _view($sView) { switch ($sView) { case 'pending_entries': Phpfox::isUser(true); if (!Phpfox::isAdmin()) { $this->search()->setCondition('AND en.status = 0 and ct.user_id = ' . PHpfox::getUserId()); } else { $this->search()->setCondition('AND en.status = 0 '); } break; default: Phpfox::isUser(true); $this->search()->setCondition('AND en.user_id = ' . Phpfox::getUserId()); break; } }
/** This function updates the site wide rewrites, not the redirects. * This is called from AdminCP -> Tools -> SEO -> URL Rewrite * @version 3.7.0 * @param $aRewrites array [ {rewrite_id: #, original_url: string, replacement_url : string }, {... ] */ public function updateRewrites($aRewrites) { Phpfox::isAdmin(true); $oParse = Phpfox::getLib('parse.input'); foreach ($aRewrites as $aRewrite) { if (!isset($aRewrite['rewrite_id']) || !isset($aRewrite['remove']) && (!isset($aRewrite['original_url']) || !isset($aRewrite['replacement_url']))) { continue; } if (!isset($aRewrite['remove']) && strpos($aRewrite['original_url'], ' ') !== false) { Phpfox_Error::set('This is not a valid url: "' . $aRewrite['original_url'] . '"'); continue; } if (!isset($aRewrite['remove']) && strpos($aRewrite['replacement_url'], ' ') !== false) { Phpfox_Error::set('This is not a valid url: "' . $aRewrite['replacement_url'] . '"'); continue; } // Invalid params from the otiringal url if (isset($aRewrite['original_url'])) { $aRewrite['original_url'] = str_replace('_', '', $aRewrite['original_url']); } if (is_numeric($aRewrite['rewrite_id']) && $aRewrite['rewrite_id'] > 0 && (int) $aRewrite['rewrite_id'] == $aRewrite['rewrite_id']) { if (isset($aRewrite['remove'])) { $this->database()->delete(Phpfox::getT('rewrite'), 'rewrite_id = ' . (int) $aRewrite['rewrite_id']); } else { $aRewrite['original_url'] = trim($aRewrite['original_url'], '/'); $aRewrite['replacement_url'] = trim($aRewrite['replacement_url'], '/'); $this->database()->update(Phpfox::getT('rewrite'), array('url' => $oParse->clean($aRewrite['original_url']), 'replacement' => $oParse->clean($aRewrite['replacement_url'])), 'rewrite_id = ' . (int) $aRewrite['rewrite_id']); } } else { $aRewrite['original_url'] = trim($aRewrite['original_url'], '/'); $aRewrite['replacement_url'] = trim($aRewrite['replacement_url'], '/'); $this->database()->insert(Phpfox::getT('rewrite'), array('url' => $oParse->clean($aRewrite['original_url']), 'replacement' => $oParse->clean($aRewrite['replacement_url']))); } } $iCacheId = Phpfox::getLib('cache')->set('rewrite'); Phpfox::getLib('cache')->remove($iCacheId); $iReverseCacheId = Phpfox::getLib('cache')->set('rewrite_reverse'); Phpfox::getLib('cache')->remove($iReverseCacheId); return true; }
/** * This controller orchestrates to register a new application */ public function process() { $bIsAdd = $bIsEdit = false; Phpfox::getUserParam('apps.can_add_app', true); if (!Phpfox::getParam('apps.enable_api_support')) { //return Phpfox_Error::display('No api'); } if ($aVals = $this->request()->getArray('app')) { $bIsAdd = true; $aApp = Phpfox::getService('apps.process')->addApp($aVals); if ($aApp == false) { $this->template()->assign(array('sErrorMessage' => Phpfox_Error::get())); } else { $this->url()->send('apps.add', array('id' => $aApp['app_id']), Phpfox::getPhrase('apps.app_successfully_created')); } } if (($iId = $this->request()->getInt('id')) && $this->request()->get('req2') == 'add') { // is editing an app $aApp = Phpfox::getService('apps')->getAppById($iId); $this->template()->assign('aForms', $aApp); $bIsEdit = true; $aMenus = array('general' => Phpfox::getPhrase('apps.general'), 'photo' => Phpfox::getPhrase('apps.photo'), 'url' => Phpfox::getPhrase('apps.url')); $this->template()->buildPageMenu('js_apps_block', $aMenus, array('link' => Phpfox::permalink('apps', $aApp['app_id'], $aApp['app_title']), 'phrase' => Phpfox::getPhrase('apps.view_this_app'))); if ($aVals = $this->request()->getArray('val')) { if (Phpfox::getService('apps.process')->updateApp($aVals, $aApp)) { $this->url()->send('apps.add', array('id' => $aApp['app_id']), Phpfox::getPhrase('apps.successfully_updated_the_app')); } } // check that this user is owner of the app // we can have a user group setting here if ($aApp['user_id'] != Phpfox::getUserId() && !Phpfox::isAdmin()) { Phpfox_Error::display(Phpfox::getPhrase('apps.you_are_not_allowed_to_edit_this_app')); } else { $this->template()->assign(array('aApp' => $aApp))->setHeader(array('index.js' => 'module_apps')); } } $aCategories = Phpfox::getService('apps.category')->getAllCategories(); $this->template()->setTitle($bIsEdit ? Phpfox::getPhrase('apps.editing_app') . ': ' . $aApp['app_title'] : Phpfox::getPhrase('apps.create_an_app'))->setFullSite()->setBreadcrumb(Phpfox::getPhrase('apps.apps'), $this->url()->makeUrl('apps'))->setBreadcrumb($bIsEdit ? Phpfox::getPhrase('apps.editing_app') . ': ' . $aApp['app_title'] : Phpfox::getPhrase('apps.create_an_app'), $this->url()->makeUrl('apps.add'), true)->assign(array('aCategories' => $aCategories)); }
/** * This function is called from the add controller when a user submitted an edited * version of their app. * @param type $aVals * @param type $aApp */ public function updateApp($aVals) { // get the app and make sure this user is allowed to edit it $aApp = Phpfox::getService('apps')->getAppById($aVals['app_id']); if (empty($aApp) || ($aApp['user_id'] != Phpfox::getUserId() && !Phpfox::isAdmin())) { return Phpfox_Error::set(Phpfox::getPhrase('apps.cannot_edit_this_app')); } $oParse = Phpfox::getLib('parse.input'); $sUrl = rtrim($oParse->clean($aVals['app_url']), '/') . '/'; if (!preg_match('/^(http|https):\/\/(.*)$/i', $sUrl)) { return Phpfox_Error::set(Phpfox::getPhrase('apps.please_provide_a_valid_url')); } $this->database()->update(Phpfox::getT('app'), array( 'app_title' => $oParse->clean($aVals['title']), 'app_description' => $oParse->clean($aVals['description']), 'app_url' => $sUrl ), 'app_id = ' . $aApp['app_id']); if (!empty($_FILES['image']['name'])) { // Upload this picture before deleting the old one $oFile = Phpfox::getLib('file'); $oImage = Phpfox::getLib('image'); Phpfox::getLib('file')->load('image'); $sFileName = $oFile->upload('image', Phpfox::getParam('app.dir_image'), $aApp['app_id']); $this->database()->update(Phpfox::getT('app'), array('image_path' => $sFileName), 'app_id = ' . $aApp['app_id']); // Create thumbnail $oImage->createThumbnail(Phpfox::getParam('app.dir_image') . sprintf($sFileName, ''), Phpfox::getParam('app.dir_image') . sprintf($sFileName, '_200'), 200, 200); $iSize = 50; $oImage->createThumbnail(Phpfox::getParam('app.dir_image') . sprintf($sFileName, ''), Phpfox::getParam('app.dir_image') . sprintf($sFileName, '_' . $iSize), $iSize, $iSize); $oImage->createThumbnail(Phpfox::getParam('app.dir_image') . sprintf($sFileName . '', ''), Phpfox::getParam('app.dir_image') . sprintf($sFileName, '_square'), $iSize, $iSize, false); // update the image from the database $this->database()->update(Phpfox::getT('app'), array('image_path' => $sFileName), 'app_id = ' . $aApp['app_id']); // now we can delete the old image if (!empty($aApp['image_path'])) { if (file_exists(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], ''))) { Phpfox::getLib('file')->unlink(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], '')); } if (file_exists(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], '_' . $iSize))) { Phpfox::getLib('file')->unlink(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], '_' . $iSize)); } } } // update the category for this app $this->database()->delete(Phpfox::getT('app_category_data'), 'app_id = ' . $aApp['app_id']); $this->database()->insert(Phpfox::getT('app_category_data'), array( 'category_id' => (int)$aVals['category'], 'app_id' => $aApp['app_id'] )); return true; }
public function clearIgnore() { Phpfox::isAdmin(); Phpfox::getService('generator.image.process')->clearIgnoreList(); $this->call('alert("Ignore list cleared.");'); }
/** * Gets all the sites custom menus, such as the Main, Header, Footer and Sub menus. * Since information is stored in the database we cache the information so we only run * the query once. * * @param sting $sConnection Current page we are viewing (Example: account/login) * @return array $aMenus Is an array of the menus data */ public function getMenu($sConnection = null) { $oCache = Phpfox::getLib('cache'); $oDb = Phpfox_Database::instance(); $oReq = Phpfox_Request::instance(); ($sPlugin = Phpfox_Plugin::get('template_template_getmenu_1')) ? eval($sPlugin) : false; $aMenus = array(); $bIsModulePage = false; if ($sConnection === null) { $sConnection = Phpfox_Module::instance()->getFullControllerName(); $bIsModulePage = true; $sConnection = preg_replace('/(.*)\\.profile/i', '\\1.index', $sConnection); if ($sConnection == 'user.photo' && $oReq->get('req3') == 'register' || $sConnection == 'invite.index' && $oReq->get('req2') == 'register') { return array(); } } //$sConnection = strtolower($sConnection); $sConnection = strtolower(str_replace('/', '.', $sConnection)); if ($sConnection == 'profile.private') { return array(); } $sCachedId = $oCache->set(array('theme', 'menu_' . str_replace(array('/', '\\'), '_', $sConnection) . (Phpfox::isUser() ? Phpfox::getUserBy('user_group_id') : 0))); if (!($aMenus = $oCache->get($sCachedId)) && is_bool($aMenus) && !$aMenus) { $aParts = explode('.', $sConnection); $aMenus1 = $this->_getMenu($sConnection); $aCached = array(); foreach ($aMenus1 as $aMenu1) { $aCached[] = $aMenu1['menu_id']; } $aMenus2 = $this->_getMenu($aParts[0]); foreach ($aMenus2 as $iKey => $aMenu2) { if (in_array($aMenu2['menu_id'], $aCached)) { unset($aMenus2[$iKey]); } } $aFinal = array_merge($aMenus1, $aMenus2); $aMenus = array(); foreach ($aFinal as $aMenu) { // test if this menu points to a real location if (isset($aMenu['url']) && !empty($aMenu['url']) && strpos($aMenu['url'], 'http') !== false) { $aMenu['external'] = true; } else { if (isset($aMenu['url']) && $aMenu['url'] == '#') { $aMenu['no_link'] = true; } } // $aChildren1 = array(); if ($aMenu['parent_id'] > 0) { continue; } /* if ($aMenu['m_connection'] == 'main' || $aMenu['m_connection'] == 'main_right' || $aMenu['m_connection'] == 'application') { $aChildParts = explode('.', $aMenu['url']); $aChildren1 = $this->_getMenu('', $aMenu['menu_id']); } $aMenu['children'] = $aChildren1; * */ $aMenus[$aMenu['menu_id']] = $aMenu; } $aParents = Phpfox_Database::instance()->select('m.menu_id, m.parent_id, m.m_connection, m.var_name, m.disallow_access, mo.module_id AS module, m.url_value AS url, mo.is_active AS module_is_active')->from(Phpfox::getT('menu'), 'm')->join(Phpfox::getT('module'), 'mo', 'mo.module_id = m.module_id AND mo.is_active = 1')->join(Phpfox::getT('product'), 'p', 'm.product_id = p.product_id AND p.is_active = 1')->where("m.parent_id > 0 AND m.is_active = 1")->order('m.ordering ASC')->execute('getRows'); if (count($aParents)) { foreach ($aParents as $aParent) { if (!isset($aMenus[$aParent['parent_id']])) { continue; } if (isset($aParent['url']) && $aParent['url'] == 'profile.designer' && Phpfox::getUserParam('profile.can_custom_design_own_profile') == false) { continue; } $aMenus[$aParent['parent_id']]['children'][] = $aParent; } } if ($sPlugin = Phpfox_Plugin::get('template_template_getmenu_2')) { eval($sPlugin); } $oCache->save($sCachedId, $aMenus); } if (isset($this->_aMenus[$sConnection])) { $aMenus = [$this->_aMenus[$sConnection]]; } if (!is_array($aMenus)) { return array(); } if ($sConnection == 'main' && Phpfox::isUser()) { $aUserMenusCache = array(); $sUserMenuCache = Phpfox::getLib('cache')->set(array('user', 'nbselectname_' . Phpfox::getUserId())); if (!($aUserMenusCache = Phpfox::getLib('cache')->get($sUserMenuCache))) { $aUserMenus = Phpfox_Database::instance()->select('*')->from(Phpfox::getT('theme_umenu'))->where('user_id = ' . (int) Phpfox::getUserId())->execute('getSlaveRows'); foreach ((array) $aUserMenus as $aUserMenu) { $aUserMenusCache[$aUserMenu['menu_id']] = true; } Phpfox::getLib('cache')->save($sUserMenuCache, $aUserMenusCache); } } foreach ($aMenus as $iKey => $aMenu) { if (substr($aMenu['url'], 0, 1) == '#') { $aMenus[$iKey]['css_name'] = 'js_core_menu_' . str_replace('#', '', str_replace('-', '_', $aMenu['url'])); } if (($aMenu['url'] == 'ad' || $aMenu['url'] == 'ad.index') && !Phpfox::getUserParam('ad.can_create_ad_campaigns')) { unset($aMenus[$iKey]); continue; } if ($aMenu['url'] == 'mail.compose' && Phpfox::getUserParam('mail.restrict_message_to_friends') && !Phpfox::isModule('friend')) { unset($aMenus[$iKey]); continue; } if (isset($aUserMenusCache[$aMenu['menu_id']])) { $aMenus[$iKey]['is_force_hidden'] = true; } /* if (Phpfox::isModule('pages') && (Phpfox::getService('pages')->isViewMode() || defined('PHPFOX_IS_PAGES_VIEW')) && $aMenu['url'] == 'photo.add') { $aPage = Phpfox::getService('pages')->getPage(); $aMenus[$iKey]['url'] = 'photo.add.module_pages.item_' . $aPage['page_id']; } */ // Bug: http://www.phpfox.com/tracker/view/14383/ if (defined('PHPFOX_IS_PAGES_VIEW')) { if (Phpfox::isModule('pages') && $aMenu['url'] == 'blog.add') { $iPage = $this->_aVars['aPage']['page_id']; $aMenus[$iKey]['url'] = 'blog.add.module_pages.item_' . $iPage; } if (Phpfox::isModule('pages') && $aMenu['url'] == 'event.add') { $iPage = $this->_aVars['aPage']['page_id']; $aMenus[$iKey]['url'] = 'event.add.module_pages.item_' . $iPage; } if (Phpfox::isModule('pages') && $aMenu['url'] == 'music.add') { $iPage = $this->_aVars['aPage']['page_id']; $aMenus[$iKey]['url'] = 'music.add.module_pages.item_' . $iPage; } if (Phpfox::isModule('pages') && $aMenu['url'] == 'video.add') { $iPage = $this->_aVars['aPage']['page_id']; $aMenus[$iKey]['url'] = 'video.add.module_pages.item_' . $iPage; } if (Phpfox::isModule('pages') && $aMenu['url'] == 'photo.add') { $iPage = $this->_aVars['aPage']['page_id']; $aMenus[$iKey]['url'] = 'photo.add.module_pages.item_' . $iPage; } } if ($aMenu['url'] == $oReq->get('req1') || empty($aMenu['url']) && $oReq->get('req1') == PHPFOX_MODULE_CORE || $this->_sUrl !== null && $this->_sUrl == $aMenu['url'] || str_replace('/', '.', $oReq->get('req1') . $oReq->get('req2')) == str_replace('.', '', $aMenu['url'])) { $aMenus[$iKey]['is_selected'] = true; } if ($aMenu['url'] == 'admincp') { if (!Phpfox::isAdmin()) { unset($aMenus[$iKey]); continue; } } else { if (!empty($aMenu['disallow_access'])) { $aUserGroups = unserialize($aMenu['disallow_access']); if (in_array(Phpfox::getUserBy('user_group_id'), $aUserGroups)) { unset($aMenus[$iKey]); continue; } } if (isset($aMenu['children']) && is_array($aMenu['children'])) { foreach ($aMenu['children'] as $iChildMenuMain => $aChildMenuMain) { if (!empty($aChildMenuMain['disallow_access'])) { $aUserGroups = unserialize($aChildMenuMain['disallow_access']); if (in_array(Phpfox::getUserBy('user_group_id'), $aUserGroups)) { unset($aMenus[$iKey]['children'][$iChildMenuMain]); //break; } } } } } if (isset($this->_aNewUrl[$sConnection])) { $aMenus[$iKey]['url'] = $this->_aNewUrl[$sConnection][0] . '.' . implode('.', $this->_aNewUrl[$sConnection][1]) . '.' . $aMenu['url']; } if (isset($this->_aRemoveUrl[$sConnection][$aMenu['url']])) { unset($aMenus[$iKey]); continue; } if ($sConnection == 'explore') { $aMenus[$iKey]['module_image'] = $this->getStyle('image', 'module/' . $aMenu['module'] . '.png'); if (!file_exists(str_replace(Phpfox::getParam('core.path'), PHPFOX_DIR, $aMenus[$iKey]['module_image']))) { unset($aMenus[$iKey]['module_image']); } } if (isset($aMenu['children'])) { foreach ($aMenu['children'] as $iChildKey => $aChild) { if ($aChild['m_connection'] == 'video.index' && $aChild['url'] == 'video.upload' && !Phpfox::getParam('video.allow_video_uploading')) { unset($aMenus[$iKey]['children'][$iChildKey]); } } } } return $aMenus; }
/** * Shows the "pop up" when denying a user from the adminCP */ public function showDenyUser() { Phpfox::isAdmin(true); $iUser = (int) $this->get('iUser'); Phpfox::getBlock('user.admincp.denyUser', array('iUser' => $iUser)); }
public function isAdmin() { return \Phpfox::isAdmin(); }
* Route to view a video */ (new Core\Route('/videos/:id'))->where([':id' => '([0-9]+)'])->run(function (\Core\Controller $Controller, $id) { // Get the feed based on the ID# $video = (new Api\Feed())->get($id); // Use the Link service to get the current HTML embed code $response = Link_Service_Link::instance()->getLink($video->content->url); $video->html = $response['embed_code']; // Set the pages section, title and h1 based on the video details $Controller->title($video->content->title)->section('Videos', '/videos')->h1($video->content->title, '/videos/' . $video->id); // Render the page return $Controller->render('view.html', ['video' => $video, 'videoId' => $id]); }); /** * Load all the videos */ (new Core\Route('/videos'))->run(function (\Core\Controller $Controller) { $Controller->title('Videos')->section('Videos', '/videos')->asset('@static/jquery/plugin/jquery.mosaicflow.min.js'); $videos = (new Api\Feed())->get(['type_id' => 'PHPfox_VideoFeed', 'limit' => 20]); return $Controller->render('index.html', ['videos' => $videos]); }); new Core\Route('/videos/delete/:id', function (\Core\Controller $controller, $id) { \Phpfox::isAdmin(true); $video = (new Api\Feed())->get($id); if (!isset($video->id)) { return false; } (new Core\Db())->delete(':feed', ['feed_id' => (int) $id]); \Phpfox::addMessage(_p('Video successfully deleted!')); $controller->url->send('/videos'); });
public function __construct() { $Template = \Phpfox_Template::instance(); $this->_loader = new View\Loader(); $dir = $Template->theme()->get()->getPath() . 'html'; if (is_dir($dir)) { $this->_loader->addPath($dir, 'Theme'); } $this->_loader->addPath(PHPFOX_DIR . 'theme/default/html', 'Theme'); $this->_loader->addPath(PHPFOX_DIR . 'views', 'Base'); $this->_env = new View\Environment($this->_loader, array('cache' => defined('PHPFOX_IS_TECHIE') && PHPFOX_IS_TECHIE || defined('PHPFOX_NO_TEMPLATE_CACHE') ? false : PHPFOX_DIR_FILE . 'cache/twig/', 'autoescape' => false)); $this->_env->setBaseTemplateClass('Core\\View\\Base'); $this->_env->addFunction(new \Twig_SimpleFunction('url', function ($url, $params = []) { return \Phpfox_Url::instance()->makeUrl($url, $params); })); $this->_env->addFunction(new \Twig_SimpleFunction('is_user', function () { return \Phpfox::isUser(); })); $this->_env->addFunction(new \Twig_SimpleFunction('is_admin', function () { return \Phpfox::isAdmin(); })); $this->_env->addFunction(new \Twig_SimpleFunction('setting', function () { return call_user_func_array('setting', func_get_args()); })); $this->_env->addFunction(new \Twig_SimpleFunction('user', function () { return call_user_func_array('user', func_get_args()); })); $this->_env->addFunction(new \Twig_SimpleFunction('phrase', function () { return call_user_func_array('phrase', func_get_args()); })); $this->_env->addFunction(new \Twig_SimpleFunction('comments', function () { \Phpfox::getBlock('feed.comment'); return ''; })); $this->_env->addFunction(new \Twig_SimpleFunction('payment', function ($params) { $params = new \Core\Object($params); \Phpfox::getBlock('api.gateway.form', ['gateway_data' => ['item_number' => '@App/' . $params->callback . '|' . $params->id, 'currency_code' => 'USD', 'amount' => $params->amount, 'item_name' => $params->name, 'return' => $params->return, 'recurring' => '', 'recurring_cost' => '', 'alternative_cost' => '', 'alternative_recurring_cost' => '']]); return ''; })); $this->_env->addFunction(new \Twig_SimpleFunction('pager', function () { $u = \Phpfox_Url::instance(); if (!isset($_GET['page'])) { $_GET['page'] = 1; } $_GET['page']++; $u->setParam('page', $_GET['page']); $url = $u->current(); $html = ' <div class="js_pager_view_more_link"> <a href="' . $url . '" class="next_page"> <i class="fa fa-spin fa-circle-o-notch"></i> <span>View More</span> </a> </div> '; return $html; })); $this->_env->addFunction(new \Twig_SimpleFunction('_p', function () { return call_user_func_array('_p', func_get_args()); })); }
public function updateCompare($aVals) { Phpfox::isAdmin(true); $oParse = Phpfox::getLib('parse.input'); // 1. Delete every record we have $this->database()->query('TRUNCATE ' . Phpfox::getT('subscribe_compare')); $iEmpty = 0; // 2. Go through each of the features foreach ($aVals as $aRow) { $aValue = array(); // 2.1 Go through each of the packages foreach ($aRow['package'] as $iPackageId => $aValues) { if ($aValues['radio'] > 0) { $aValue[] = array('package_id' => $iPackageId, 'value' => $aValues['radio'] == 1 ? 'img_accept.png' : 'img_cross.png'); } else { if (!empty($aValues['text'])) { $aValue[] = array('package_id' => $iPackageId, 'value' => $oParse->clean($aValues['text'])); } } } // 3. Insert this row if (!empty($aValue)) { // 3.1 if the title is empty then add our magic title to hide it if (empty($aRow['title'])) { $aRow['title'] = 'no-feature-title-' . $iEmpty; $iEmpty++; } // 3.2 insert! $this->database()->insert(Phpfox::getT('subscribe_compare'), array('feature_title' => $oParse->clean($aRow['title']), 'feature_value' => json_encode($aValue))); } } return true; }
public function removeCoverPhoto($iPageId) { if (!Phpfox::isAdmin()) { $bIsAdmin = $this->database()->select('user_id')->from(Phpfox::getT('pages_admin'))->where('page_id = ' . (int) $iPageId . ' AND user_id = ' . Phpfox::getUserId())->execute('getSlaveField'); if (empty($bIsAdmin)) { return Phpfox_Error::set('User is not an admin'); } } $this->database()->update(Phpfox::getT('pages'), array('cover_photo_id' => '', 'cover_photo_position' => ''), 'page_id = ' . (int) $iPageId); return true; }
public function canRemoveEntryFromWinningList($iEntryId, $iUserId) { $aEntry = Phpfox::getService('contest.entry')->getEntryForCheckingPermission($iEntryId); if (!$aEntry) { return false; } if (!$this->canViewBrowseContest($aEntry['contest_id'], $iUserId)) { return false; } $aContest = Phpfox::getService('contest.contest')->getContestForCheckingPermission($aEntry['contest_id']); if ($iUserId != $aContest['user_id'] && !Phpfox::isAdmin()) { return false; } if (!in_array($aContest['contest_status'], array(Phpfox::getService('contest.constant')->getContestStatusIdByStatusName('closed')))) { return false; } if (!Phpfox::getService("contest.entry")->CheckExistEntryWinning($iEntryId)) { return false; } return true; }
/** * Class process method wnich is used to execute this component. */ public function process() { Phpfox::isUser(true); header("Cache-Control: no-cache, must-revalidate"); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); list($bIsRegistration, $sNextUrl) = $this->url()->isRegistration(3); (($sPlugin = Phpfox_Plugin::get('user.component_controller_photo_1')) ? eval($sPlugin) : false); $bIsProcess = false; if ($this->request()->get('req3') == 'process') { if (($sStep = $this->request()->get('step'))) { $bIsProcess = true; $aCacheImage = unserialize(base64_decode(urldecode($sStep))); } } (($sPlugin = Phpfox_Plugin::get('user.component_controller_photo_2')) ? eval($sPlugin) : false); if ($aVals = $this->request()->getArray('val')) { $aImage = Phpfox::getLib('file')->load('image', array('jpg', 'gif', 'png'), (Phpfox::getUserParam('user.max_upload_size_profile_photo') === 0 ? null : (Phpfox::getUserParam('user.max_upload_size_profile_photo') / 1024))); if (!empty($aImage['name'])) { $iUserId = Phpfox::getUserId(); if (isset($aVals['is_iframe']) && Phpfox::isAdmin()) { $iUserId = (int) $aVals['user_id']; } if (($aImage = Phpfox::getService('user.process')->uploadImage($iUserId, (isset($aVals['is_iframe']) ? true : (Phpfox::getUserParam('user.force_cropping_tool_for_photos') ? false : true)))) !== false) { if (isset($aVals['is_iframe'])) { $sImage = Phpfox::getLib('image.helper')->display(array( 'server_id' => $aImage['server_id'], 'path' => 'core.url_user', 'file' => $aImage['user_image'], 'suffix' => '_75', 'max_width' => 75, 'max_height' => 75, 'thickbox' => true, 'time_stamp' => true ) ); echo "<script type=\"text/javascript\">window.parent.document.getElementById('js_user_photo_" . $iUserId . "').innerHTML = '{$sImage}'; window.parent.tb_remove();</script>"; exit; } else { if (Phpfox::getUserParam('user.force_cropping_tool_for_photos')) { $this->url()->send('user.photo.process', array('step' => urlencode(base64_encode(serialize($aImage))))); } else { if ($bIsRegistration === true) { $this->url()->send($sNextUrl, null, Phpfox::getPhrase('user.profile_photo_successfully_uploaded')); } else { $this->url()->send('user.photo', null, Phpfox::getPhrase('user.profile_photo_successfully_uploaded')); } } } } } } if (isset($aVals['is_iframe'])) { exit; } $sImage = Phpfox::getLib('image.helper')->display(array( 'server_id' => Phpfox::getUserBy('server_id'), 'title' => Phpfox::getUserBy('full_name'), 'path' => 'core.url_user', 'file' => ($bIsProcess === true ? $aCacheImage['user_image'] : Phpfox::getUserBy('user_image')), 'suffix' => '', 'max_width' => 500, 'max_height' => 500, 'no_default' => true, 'time_stamp' => true, 'id' => 'user_profile_photo', 'class' => 'border' ) ); $sImageThumb = Phpfox::getLib('image.helper')->display(array( 'server_id' => Phpfox::getUserBy('server_id'), 'title' => Phpfox::getUserBy('full_name'), 'path' => 'core.url_user', 'file' => Phpfox::getUserBy('user_image'), 'suffix' => '_120', 'max_width' => 120, 'max_height' => 120, 'no_default' => true, 'time_stamp' => true, 'class' => 'border' ) ); $sImageAvatar = Phpfox::getLib('image.helper')->display(array( 'server_id' => Phpfox::getUserBy('server_id'), 'title' => Phpfox::getUserBy('full_name'), 'path' => 'core.url_user', 'file' => Phpfox::getUserBy('user_image'), 'suffix' => '_75_square', 'max_width' => 75, 'max_height' => 75, 'no_default' => true, 'time_stamp' => true, 'class' => 'border' ) ); $sPageTitle = ($bIsRegistration ? Phpfox::getPhrase('user.upload_profile_picture') : Phpfox::getPhrase('user.edit_profile_picture')); (($sPlugin = Phpfox_Plugin::get('user.component_controller_photo_3')) ? eval($sPlugin) : false); $this->template()->setTitle($sPageTitle) ->setBreadcrumb($sPageTitle) ->setFullSite() ->setPhrase(array( 'core.select_a_file_to_upload' ) ) ->setHeader(array( 'progress.js' => 'static_script', '<script type="text/javascript">$Behavior.changeUserPhoto = function(){ if ($Core.exists(\'#js_photo_form_holder\')) { oProgressBar = {holder: \'#js_photo_form_holder\', progress_id: \'#js_progress_bar\', uploader: \'#js_progress_uploader\', add_more: false, max_upload: 1, total: 1, frame_id: \'js_upload_frame\', file_id: \'image\'}; $Core.progressBarInit(); } }</script>' ) ) ->assign(array( 'sProfileImage' => $sImage, 'sImageThumb' => $sImageThumb, 'sImageAvatar' => $sImageAvatar, 'sProfileImage2' => str_replace('id="user_profile_photo"', 'id="js_profile_photo_preview"', $sImage), 'bIsRegistration' => $bIsRegistration, 'sNextUrl' => $this->url()->makeUrl($sNextUrl), 'bIsProcess' => $bIsProcess, 'sCacheImage' => ($bIsProcess ? $aCacheImage['user_image'] : ''), 'iMaxFileSize' => (Phpfox::getUserParam('user.max_upload_size_profile_photo') === 0 ? null : ((Phpfox::getUserParam('user.max_upload_size_profile_photo') / 1024) * 1048576)) ) ); if ((Phpfox::getUserBy('user_image') && !empty($sImage)) || ($bIsProcess === true && !empty($sImage))) { if (Phpfox::getParam('core.allow_cdn') && Phpfox::getUserBy('server_id') > 0) { preg_match("/src=\"(.*?)\"/", $sImage, $aMatches); list($iWidth, $iHeight) = getimagesize($aMatches[1]); } else { preg_match("/height=\"(.*?)\" width=\"(.*?)\"/", $sImage, $aMatches); $iHeight = $aMatches[1]; $iWidth = $aMatches[2]; } $this->template()->setHeader('cache', array( 'jquery/plugin/jquery.crop.js' => 'static_script', '<script type="text/javascript">$Core.photo_crop.init({width: 75, height: 75, image_width: ' . $iWidth . ', image_height: ' . $iHeight . '});</script>' ) ) ->assign(array( 'iImageHeight' => $iHeight, 'iImageWidth' => $iWidth ) ); } }
public function deleteByValue($sType, $sValue) { Phpfox::isAdmin(true); $this->database()->delete($this->_sTable, 'type_id = \'' . $this->database()->escape($sType) . '\' AND find_value = \'' . $this->database()->escape($sValue) . '\''); $this->cache()->remove('ban', 'substr'); return true; }
public function countForSearch($sType, $sView) { $iType = Phpfox::getService('contest.constant')->getContestTypeIdByTypeName($sType); $sCond = 'c.is_deleted = 0 AND c.type = ' . $iType; switch ($sView) { case 'my_entries': $sCond .= ' AND e.user_id = ' . Phpfox::getUserId(); break; case 'pending_entries': $sCond .= ' AND e.status = 0'; if (!Phpfox::isAdmin()) { $sCond .= ' AND c.user_id = ' . Phpfox::getUserId(); } break; } $iCnt = $this->database()->select('COUNT(*)')->from($this->_sTable, 'e')->join(Phpfox::getT('contest'), 'c', 'c.contest_id = e.contest_id')->join(Phpfox::getT('user'), 'u', 'u.user_id = e.user_id')->where($sCond)->execute('getSlaveField'); return $iCnt; }
public function updateNote($sNote) { Phpfox::isAdmin(true); $this->database()->update(Phpfox::getT('setting'), array('value_actual' => $this->preParse()->clean($sNote)), 'module_id = \'core\' AND var_name = \'global_admincp_note\''); $this->cache()->remove('admincp_note'); }
/** * This function is called from an ajax function in the AdminCP to dis/enabling a sponsored campaign. * * @param int $iId * @param int $iType * @return bool TRUE on success, FALSE on failure. */ public function updateSponsorActivity($iId, $iType) { Phpfox::isUser(true); // get the item to check for ownership $aAd = $this->database()->select('user_id, item_id, module_id')->from(Phpfox::getT('ad_sponsor'))->where('sponsor_id = ' . (int) $iId)->execute('getSlaveRow'); $iUser = $aAd['user_id']; $bIsOwner = $iUser == Phpfox::getUserId(); if ($bIsOwner || Phpfox::isAdmin()) { if ($iType == '1') { if (!defined('PHPFOX_API_CALLBACK')) { define('PHPFOX_API_CALLBACK', true); } $sModule = $aAd['module_id']; $sSection = ''; if (strpos($sModule, '-') !== false) { $aModule = explode('-', $sModule); $sModule = $aModule[0]; $sSection = $aModule[1]; } Phpfox::callback($sModule . '.enableSponsor', array('item_id' => $aAd['item_id'], 'section' => $sSection)); } $this->database()->update(Phpfox::getT('ad_sponsor'), array('is_custom' => $iType == 1 ? '3' : '2', 'is_active' => (int) ($iType == '1' ? 1 : 0)), 'sponsor_id = ' . (int) $iId); $this->cache()->remove('ad', 'substr'); return true; } else { return Phpfox_Error::set('You cant do that... '); } }
if ($time <= $old) { continue; } $total++; $blogs .= '<li style="padding-bottom: 10px;"><a href="' . $item->link . '">' . $item->title . '</a><div class="extra_info">' . \Phpfox::getLib('date')->convertTime($time) . '</div></li>'; } // } } $blogs .= '</ul>'; if (!$total) { return; } echo $blogs; }); new Route('/admincp', function (Controller $controller) { if (!\Phpfox::isAdmin()) { return ''; } $token = setting('pf_wp_d_token'); if (!$token) { $token = md5(uniqid()); $app = (new App())->get('PHPfox_Wordpress_Discuss'); $setting = new Setting\Service($app); $setting->save(['pf_wp_d_token' => $token]); } return $controller->render('admincp.html', ['hookUrl' => $controller->url->make('/wordpress-discuss/new-post/' . $token)]); }); new Route('/new-post/:token', function (Controller $controller, $token) { $tokenSetting = setting('pf_wp_d_token'); if (empty($tokenSetting)) { throw error('Token has not been created yet.');
/** * Starts the phpFox engine. Used to get and display the pages controller. * */ public static function run() { if (isset($_REQUEST['m9callback'])) { header('Content-type: application/json'); try { $Home = new Core\Home(PHPFOX_LICENSE_ID, PHPFOX_LICENSE_KEY); $callback = $_REQUEST['m9callback']; unset($_GET['m9callback'], $_GET['do']); if (!$_GET) { $_GET = []; } echo json_encode(call_user_func([$Home, $callback], $_GET)); } catch (\Exception $e) { // throw new \Exception($e->getMessage(), 0, $e); echo json_encode(['error' => $e->getMessage()]); } exit; } $oTpl = Phpfox_Template::instance(); $aLocale = Phpfox_Locale::instance()->getLang(); $oReq = Phpfox_Request::instance(); $oModule = Phpfox_Module::instance(); if ($oReq->segment(1) == 'favicon.ico') { header('Content-type: image/x-icon'); echo file_get_contents('http://www.phpfox.com/favicon.ico'); exit; } $aStaticFolders = ['file', 'static', 'module', 'apps', 'Apps', 'themes']; if (in_array($oReq->segment(1), $aStaticFolders) || $oReq->segment(1) == 'theme' && $oReq->segment(2) != 'demo' && $oReq->segment(1) == 'theme' && $oReq->segment(2) != 'sample') { $sUri = Phpfox_Url::instance()->getUri(); if ($sUri == '/static/ajax.php') { $oAjax = Phpfox_Ajax::instance(); $oAjax->process(); echo $oAjax->getData(); exit; } if (Phpfox::getParam('core.url_rewrite') == '1') { header("HTTP/1.0 404 Not Found"); header('Content-type: application/json'); echo json_encode(['error' => 404]); exit; } $HTTPCache = new Core\HTTP\Cache(); $HTTPCache->checkCache(); $sDir = PHPFOX_DIR; if ($oReq->segment(1) == 'Apps' || $oReq->segment(1) == 'apps' || $oReq->segment(1) == 'themes') { $sDir = PHPFOX_DIR_SITE; } $sPath = $sDir . ltrim($sUri, '/'); if ($oReq->segment(1) == 'themes' && $oReq->segment(2) == 'default') { $sPath = PHPFOX_DIR . str_replace('themes/default', 'theme/default', $sUri); } if ($oReq->segment(3) == 'emoticon') { $sPath = str_replace('/file/pic/emoticon/default/', PHPFOX_DIR . 'static/image/emoticon/', $sUri); } $sType = Phpfox_File::instance()->mime($sUri); $sExt = Phpfox_File::instance()->extension($sUri); if (!file_exists($sPath)) { $sPath = str_replace('PF.Base', 'PF.Base/..', $sPath); // header('Content-type: ' . $sType); if (!file_exists($sPath)) { header("HTTP/1.0 404 Not Found"); header('Content-type: application/json'); echo json_encode(['error' => 404]); exit; } } // header('Content-type: ' . $sType); $HTTPCache->cache($sType, filemtime($sPath), 7); if ($oReq->segment(1) == 'themes') { $Theme = $oTpl->theme()->get(); $Service = new Core\Theme\Service($Theme); if ($sType == 'text/css') { echo $Service->css()->getParsed(); } else { echo $Service->js()->get(); } } else { echo @file_get_contents($sPath); } exit; } ($sPlugin = Phpfox_Plugin::get('run_start')) ? eval($sPlugin) : false; // Load module blocks $oModule->loadBlocks(); if (!Phpfox::getParam('core.branding')) { $oTpl->setHeader(array('<meta name="author" content="PHPfox" />')); } if (strtolower(Phpfox_Request::instance()->get('req1')) == Phpfox::getParam('admincp.admin_cp')) { self::$_bIsAdminCp = true; } $View = $oModule->setController(); if ($View instanceof Core\View) { } else { if (!self::$_bIsAdminCp) { $View = new Core\View(); } } if (!PHPFOX_IS_AJAX_PAGE) { $oTpl->setImage(array('ajax_small' => 'ajax/small.gif', 'ajax_large' => 'ajax/large.gif', 'loading_animation' => 'misc/loading_animation.gif', 'close' => 'misc/close.gif', 'move' => 'misc/move.png', 'calendar' => 'jquery/calendar.gif')); $oTpl->setHeader(array('<meta name="viewport" content="width=320; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;" />', '<meta http-equiv="Content-Type" content="text/html; charset=' . $aLocale['charset'] . '" />', '<meta http-equiv="cache-control" content="no-cache" />', '<meta http-equiv="expires" content="-1" />', '<meta http-equiv="pragma" content="no-cache" />', '<link rel="shortcut icon" type="image/x-icon" href="' . Phpfox::getParam('core.path') . 'favicon.ico?v=' . $oTpl->getStaticVersion() . '" />'))->setMeta('keywords', Phpfox_Locale::instance()->convert(Phpfox::getParam('core.keywords')))->setMeta('robots', 'index,follow'); $oTpl->setHeader('cache', Phpfox::getMasterFiles()); if (Phpfox::isModule('friend')) { $oTpl->setPhrase(array('friend.show_more_results_for_search_term')); } if (PHPFOX_DEBUG) { $oTpl->setHeader('cache', array('debug.css' => 'style_css')); } if (!Phpfox::isMobile() && Phpfox::isUser() && Phpfox::getParam('user.enable_user_tooltip')) { $oTpl->setHeader('cache', array('user_info.js' => 'static_script')); } if (Phpfox::isModule('captcha') && Phpfox::getParam('captcha.recaptcha')) { // http://www.phpfox.com/tracker/view/14456/ $sUrl = (Phpfox::getParam('core.force_https_secure_pages') ? 'https' : 'http') . "://www.google.com/recaptcha/api/js/recaptcha_ajax.js"; $oTpl->setHeader('<script type="text/javascript" src="' . $sUrl . '"></script>'); } } if ($sPlugin = Phpfox_Plugin::get('get_controller')) { eval($sPlugin); } $oTpl->assign(['aGlobalUser' => Phpfox::isUser() ? Phpfox::getUserBy(null) : array()]); $oModule->getController(); Phpfox::getService('admincp.seo')->setHeaders(); if (!defined('PHPFOX_DONT_SAVE_PAGE')) { Phpfox::getLib('session')->set('redirect', Phpfox_Url::instance()->getFullUrl(true)); } if (!defined('PHPFOX_NO_CSRF')) { Phpfox::getService('log.session')->verifyToken(); } ($sPlugin = Phpfox_Plugin::get('run')) ? eval($sPlugin) : false; if (!self::isAdminPanel()) { if (!Phpfox::isMobile() && !PHPFOX_IS_AJAX_PAGE && Phpfox::isModule('rss') && !defined('PHPFOX_IS_USER_PROFILE')) { $aFeeds = Phpfox::getService('rss')->getLinks(); if (is_array($aFeeds) && count($aFeeds)) { foreach ($aFeeds as $sLink => $sPhrase) { $oTpl->setHeader('<link rel="alternate" type="application/rss+xml" title="' . $sPhrase . '" href="' . $sLink . '" />'); } } } $aPageLastLogin = Phpfox::isModule('pages') && Phpfox::getUserBy('profile_page_id') ? Phpfox::getService('pages')->getLastLogin() : false; $oTpl->assign(array('aMainMenus' => $oTpl->getMenu('main'), 'aSubMenus' => $oTpl->getMenu(), 'bIsUsersProfilePage' => defined('PHPFOX_IS_USER_PROFILE') ? true : false, 'sGlobalUserFullName' => Phpfox::isUser() ? Phpfox::getUserBy('full_name') : null, 'sFullControllerName' => str_replace(array('.', '/'), '_', Phpfox_Module::instance()->getFullControllerName()), 'iGlobalProfilePageId' => Phpfox::getUserBy('profile_page_id'), 'aGlobalProfilePageLogin' => $aPageLastLogin)); $oTpl->setEditor(); if (Phpfox::isModule('captcha')) { $sCaptchaHeader = Phpfox::getParam('captcha.recaptcha_header'); if (strlen(preg_replace('/\\s\\s+/', '', $sCaptchaHeader)) > 0) { $oTpl->setHeader(array($sCaptchaHeader)); } } if (Phpfox::isModule('notification') && Phpfox::isUser() && Phpfox::getParam('notification.notify_on_new_request')) { $oTpl->setHeader('cache', array('update.js' => 'module_notification')); } } if (!PHPFOX_IS_AJAX_PAGE && ($sHeaderFile = $oTpl->getHeaderFile())) { ($sPlugin = Phpfox_Plugin::get('run_get_header_file_1')) ? eval($sPlugin) : false; require_once $sHeaderFile; } list($aBreadCrumbs, $aBreadCrumbTitle) = $oTpl->getBreadCrumb(); $oTpl->assign(array('aErrors' => Phpfox_Error::getDisplay() ? Phpfox_Error::get() : array(), 'sPublicMessage' => Phpfox::getMessage(), 'sLocaleDirection' => $aLocale['direction'], 'sLocaleCode' => $aLocale['language_code'], 'sLocaleFlagId' => $aLocale['image'], 'sLocaleName' => $aLocale['title'], 'aBreadCrumbs' => $aBreadCrumbs, 'aBreadCrumbTitle' => $aBreadCrumbTitle, 'sCopyright' => '© ' . Phpfox::getPhrase('core.copyright') . ' ' . Phpfox::getParam('core.site_copyright'))); Phpfox::clearMessage(); unset($_SESSION['phpfox']['image']); if (Phpfox::getParam('core.cron')) { require_once PHPFOX_DIR_CRON . 'exec.php'; } if ($oReq->isPost()) { header('X-Is-Posted: true'); exit; } if ($oReq->get('is_ajax_get')) { header('X-Is-Get: true'); exit; } if (defined('PHPFOX_SITE_IS_OFFLINE')) { $oTpl->sDisplayLayout = 'blank'; unset($View); } if (!PHPFOX_IS_AJAX_PAGE && $oTpl->sDisplayLayout && !isset($View) || !PHPFOX_IS_AJAX_PAGE && self::isAdminPanel()) { $oTpl->getLayout($oTpl->sDisplayLayout); } if (PHPFOX_IS_AJAX_PAGE) { header('Content-type: application/json; charset=utf-8'); /* if (isset($View) && $View instanceof \Core\View) { $content = $View->getContent(); } else { Phpfox_Module::instance()->getControllerTemplate(); $content = ob_get_contents(); ob_clean(); } */ if ($View instanceof \Core\View) { $content = $View->getContent(); } else { Phpfox_Module::instance()->getControllerTemplate(); $content = ob_get_contents(); ob_clean(); } $oTpl->getLayout('breadcrumb'); $breadcrumb = ob_get_contents(); ob_clean(); $aHeaderFiles = Phpfox_Template::instance()->getHeader(true); $aCss = []; $aLoadFiles = []; foreach ($aHeaderFiles as $sHeaderFile) { if (!is_string($sHeaderFile)) { continue; } if (preg_match('/<style(.*)>(.*)<\\/style>/i', $sHeaderFile)) { $aCss[] = strip_tags($sHeaderFile); continue; } if (preg_match('/href=(["\']?([^"\'>]+)["\']?)/', $sHeaderFile, $aMatches) > 0 && strpos($aMatches[1], '.css') !== false) { $sHeaderFile = str_replace(array('"', "'"), '', $aMatches[1]); $sHeaderFile = substr($sHeaderFile, 0, strpos($sHeaderFile, '?')); } $sHeaderFile = strip_tags($sHeaderFile); $sNew = preg_replace('/\\s+/', '', $sHeaderFile); if (empty($sNew)) { continue; } $aLoadFiles[] = $sHeaderFile; } $blocks = []; foreach (range(1, 12) as $location) { if ($location == 3) { echo \Phpfox_Template::instance()->getSubMenu(); } $aBlocks = Phpfox_Module::instance()->getModuleBlocks($location); $blocks[$location] = []; foreach ($aBlocks as $sBlock) { Phpfox::getBlock($sBlock); $blocks[$location][] = ob_get_contents(); ob_clean(); } } $oTpl->getLayout('search'); $search = ob_get_contents(); ob_clean(); Phpfox::getBlock('core.template-menusub'); $menuSub = ob_get_contents(); ob_clean(); $h1 = ''; if (isset($aBreadCrumbTitle[1])) { $h1 .= '<h1><a href="' . $aBreadCrumbTitle[1] . '">' . Phpfox_Parse_Output::instance()->clean($aBreadCrumbTitle[0]) . '</a></h1>'; } $oTpl->getLayout('error'); $error = ob_get_contents(); ob_clean(); $controller = Phpfox_Module::instance()->getFullControllerName(); $data = json_encode(['content' => str_replace(['''], ["'"], Phpfox_Parse_Input::instance()->convert($content)), 'title' => html_entity_decode($oTpl->instance()->getTitle()), 'phrases' => Phpfox_Template::instance()->getPhrases(), 'files' => $aLoadFiles, 'css' => $aCss, 'breadcrumb' => $breadcrumb, 'blocks' => $blocks, 'search' => $search, 'menuSub' => $menuSub, 'id' => Phpfox_Module::instance()->getPageId(), 'class' => Phpfox_Module::instance()->getPageClass(), 'h1' => $h1, 'h1_clean' => strip_tags($h1), 'error' => $error, 'controller_e' => Phpfox::isAdmin() ? Phpfox_Url::instance()->makeUrl('admincp.element.edit', ['controller' => base64_encode(Phpfox_Module::instance()->getFullControllerName())]) : null, 'meta' => Phpfox_Template::instance()->getPageMeta(), 'keep_body' => Phpfox_Template::instance()->keepBody()]); // header("Content-length: " . strlen($data)); echo $data; // sleep(4); } else { if (isset($View)) { echo $View->getContent(); } } }
/** * This function resembles $this->check but it also handles banning and is a more direct approach * and handles redirection and db insertion * This function is called in every Service as opposed to a Library mainly because there may be * cases where it becomes too restrictive * If the user groups affected is an empty array, it assumes that it affects every user group. * This function has been implemented in the following services * - Blog.process (Add, update, updateBlogText, updateBlogTitle) * - Bulletin.process (Add, update) * - Comment.process (Add, updateText) * - Event.process (Add, massEmail, update) * - Forum.post.process (Add, update, updateText) * - Forum.thread.process (Add, update) * - Group.process (Add, update) * - Im.process (addText) * - Mail.process (Add) * - Marketplace.process (Add, update) * - Music.process (upload) * - Music.album.process (add, update) * - Music.genre.process (add, update) * - Music.song.process (setName) * - Newsletter.process (add) * - Page.process (add) * - Photo.process (add) * - Photo.album.process (add, updateTitle) * - Photo.category.process (add) * - Photo.tag.process (add) * - Poll.process (add, updateAnswer) * - Quiz.process (add, update) * - Share.process (add, sendEmails) * - Shoutbox.process (add) * - Video.process (update) * - Video.category.process (add) * - User.process (updateStatus:2.1.0 RC1) * @param string $sValue * @return false on fail. In some situations it doesnt help echo'ing here (comment) */ public function checkAutomaticBan($sValue) { /* Extra protection for admins so they dont get banned automatically. */ if (Phpfox::isAdmin() || empty($sValue)) { return true; } if (is_array($sValue)) { $sValue = $this->_flatten($sValue); } $aFilters = $this->database()->select('*')->from($this->_sTable)->where('type_id = "word"')->execute('getRows'); foreach ($aFilters as $iKey => $aFilter) { $aUserGroupsAffected = unserialize($aFilter['user_groups_affected']); if (is_array($aUserGroupsAffected) && !empty($aUserGroupsAffected) && in_array(Phpfox::getUserBy('user_group_id'), $aUserGroupsAffected) == false) { continue; } $sFilter = '' . str_replace('*', '*', $aFilter['find_value']) . ''; //$sFilter = str_replace(array(' *', '* '),'*', $sFilter); $bBan = false; $sFilter = str_replace("/", "\\/", $sFilter); $sFilter = str_replace('*', '*', $sFilter); if (preg_match('/\\*/i', $sFilter)) { $sFilter = str_replace(array('.', '*'), array('\\.', '(.*?)'), $sFilter); $bBan = preg_match('/' . $sFilter . '/is', $sValue); } else { $bBan = preg_match("/(\\W)" . $sFilter . "(\\W)/i", $sValue); if (!$bBan) { $bBan = preg_match("/^" . $sFilter . "(\\W)/i", $sValue); } if (!$bBan) { $bBan = preg_match("/(\\W)" . $sFilter . "\$/i", $sValue); } if (!$bBan) { $bBan = preg_match("/^" . $sFilter . "\$/i", $sValue); } } if ($bBan) { if ($aFilter['days_banned'] === null) { return true; } $this->database()->insert(Phpfox::getT('ban_data'), array('ban_id' => $aFilter['ban_id'], 'user_id' => Phpfox::getUserId(), 'start_time_stamp' => PHPFOX_TIME, 'end_time_stamp' => $aFilter['days_banned'] > 0 ? PHPFOX_TIME + $aFilter['days_banned'] * 86400 : 0, 'return_user_group' => $aFilter['return_user_group'], 'reason' => $aFilter['reason'])); define('PHPFOX_USER_IS_BANNED', true); $aFilter['reason'] = str_replace(''', "'", $aFilter['reason']); $sReason = preg_replace('/\\{phrase var=\'(.*)\'\\}/ise', "'' . Phpfox::getPhrase('\\1',array(), false, null, '" . Phpfox::getUserBy('language_id') . "') . ''", $aFilter['reason']); // Related to issue 14487 this is a "best guess" fallback $iUserGroupId = Phpfox::getParam('core.banned_user_group_id'); if ($iUserGroupId == 0) { $iUserGroupId = 5; } $this->database()->update(Phpfox::getT('user'), array('user_group_id' => $iUserGroupId), 'user_id = ' . (int) Phpfox::getUserId()); Phpfox::getService('user.auth')->logout(); if (defined('PHPFOX_IS_AJAX') && PHPFOX_IS_AJAX) { echo 'alert("' . $sReason . '");'; echo 'window.location.reload(true);'; } else { Phpfox::getLib('url')->send('', array(), $sReason); } return false; } } return true; }
public function removeRewrite() { Phpfox::isAdmin(true); Phpfox::getService('core.redirect.process')->removeRewrite($this->get('id')); }
public function updateCoverPosition($iFeventId, $iPosition) { $aFevent = Phpfox::getService('fevent')->getForEdit($iFeventId); if (!isset($aFevent['fevent_id'])) { return false; } if ($aFevent['user_id'] != Phpfox::getUserId() && !Phpfox::isAdmin()) { return Phpfox_Error::set('User is not an admin'); } $this->database()->update(Phpfox::getT('fevent'), array('cover_photo_position' => (int) $iPosition), 'fevent_id = ' . (int) $iFeventId); return true; }