public function delete()
{
$options = WebApp::post('options') === NULL ? array() : strgetcsv(WebApp::post('options'));
if (count($options) == 0) {
return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL);
}
foreach ($options as $option) {
$validated = GUMP::is_valid(array('opt' => $option), array('opt' => 'integer'));
if ($validated !== true) {
return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL);
}
}
$delete = $this->mySQL_w->prepare("DELETE FROM `core_options` WHERE `id`=?");
$affected_rows = 0;
foreach ($options as $id) {
$delete->bind_param('i', $id);
$delete->execute();
$delete->store_result();
$affected_rows += $delete->affected_rows;
}
if ($affected_rows == count($options)) {
$this->parent->parent->logEvent($this::name_space, 'Deleted options: ' . csvgetstr($options));
return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted selected option(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Deleted some options: ' . csvgetstr($options));
return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted ' . $affected_rows . '/' . count($options) . ' selected option(s)!<br /><small>Possible cause: <code>Unknown</code></small>', B_T_WARNING);
}
}
public function clear_status_msg()
{
$msg_id = WebApp::get('msg_id');
if ($msg_id === NULL) {
$msg_id = WebApp::post('msg_id');
}
if ($msg_id === NULL) {
$this->parent->parent->debug($this::name_space . ': MSG ID was not provided!');
return new ActionResult($this, '/', 0, 'Failed to clear status message. No ID found.', B_T_FAIL);
}
$msg_id = trim(str_replace('alert_', '', $msg_id));
$msg_id = base64_decode($msg_id);
Session::del('status_msg', $msg_id);
$this->parent->parent->debug($this::name_space . ': MSG ID "' . $msg_id . '" was ' . (Session::get('status_msg', $msg_id) === NULL ? '' : 'not ') . 'cleared');
return new ActionResult($this, '/', 0, 'Cleared status message.', B_T_SUCCESS);
}
function add()
{
$title = WebApp::post('title') === NULL ? '' : WebApp::post('title');
$p_from = WebApp::post('p_from') === '' ? NULL : getSQLDate(WebApp::post('p_from'));
$p_to = WebApp::post('p_to') === '' ? NULL : getSQLDate(WebApp::post('p_to'));
$article = WebApp::post('article') === NULL ? '' : WebApp::post('article');
$user = $this->parent->parent->user->getUserID();
$group = $this->parent->parent->user->getGroup();
$aid = removeSpecialChars($title);
$article_add = $this->mySQL_w->prepare("INSERT INTO `news_articles` (`title`,`aid`,`user`,`group`,`article`,`date_p`,`publish_f`,`publish_u`) VALUES(?,?,?,?,?,NOW(),?,?)");
if ($article_add == false) {
return new ActionResult($this, '/admin/news/article_add', 0, 'Failed to save article.<br />Error: <code>Query failed</code>', B_T_FAIL);
}
$article_add->bind_param('ssiisss', $title, $aid, $user, $group, $article, $p_from, $p_to);
$article_add->execute();
$article_add->store_result();
if ($article_add->affected_rows == 1) {
$this->parent->parent->logEvent($this::name_space, 'Added article ' . $title);
return new ActionResult($this, '/admin/news/article_view', 1, 'Successfully saved article!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Failed to add article ' . $title);
return new ActionResult($this, '/admin/news/article_add', 0, 'Failed to add article.<br />Error: <code>' . $this->mySQL_w->error . '</code>', B_T_FAIL);
}
}
public function save()
{
if (WebApp::post('mysql_r_pass') === '') {
WebApp::post('mysql_r_pass', $this->parent->parent->config->config['mysql']['r']['pass']);
}
if (WebApp::post('mysql_w_pass') === '') {
WebApp::post('mysql_r_pass', $this->parent->parent->config->config['mysql']['w']['pass']);
}
$gump = new GUMP();
$gump->validation_rules(array('core_errors' => 'required|boolean', 'core_maintenance' => 'required|boolean', 'core_debug' => 'required|boolean', 'core_https_a' => 'required|boolean', 'core_https_f' => 'required|boolean', 'core_cdn' => 'required', 'mysql_db' => 'required', 'mysql_r_user' => 'required', 'mysql_r_host' => 'required', 'mysql_r_port' => 'required|integer', 'mysql_w_user' => 'required', 'mysql_w_host' => 'required', 'mysql_w_port' => 'required|integer', 'reCAPTCHA_pub' => 'required|alpha_dash', 'reCAPTCHA_priv' => 'required|alpha_dash'));
$gump->filter_rules(array('core_cdn' => 'trim|urlencode'));
$valid_data = $gump->run($_POST);
if ($valid_data === false) {
return new ActionResult($this, '/admin/core/config_edit', 0, 'Failed to save config!<br />Error: <code>Please check you have completed all fields as instructed.</code>', B_T_FAIL);
}
$configFile = fopen(__LIBDIR__ . '/config.inc.php', 'w');
if (fwrite($configFile, $this->getFile($valid_data))) {
fclose($configFile);
return new ActionResult($this, '/admin/core/config_view', 1, 'Succeesfully saved config!', B_T_SUCCESS);
} else {
fclose($configFile);
return new ActionResult($this, '/admin/core/config_edit', 0, 'Failed to save config!', B_T_SFAIL);
}
}
public function backup()
{
if (!$this->accessAdminPage(3)) {
return new ActionResult($this, '/admin/modules/', 1, 'You are not allowed to do that', B_T_FAIL);
}
$backups = WebApp::post('backups') === NULL ? array() : strgetcsv(WebApp::post('backups'));
if (count($backups) == 0) {
$backups = WebApp::get('m') === NULL ? array() : array(WebApp::get('m'));
}
if (count($backups) == 0) {
return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL);
}
foreach ($backups as $backup) {
$validated = GUMP::is_valid(array('bk' => $backup), array('bk' => 'integer'));
if ($validated !== true) {
return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL);
}
}
$location = __BACKUP__ . DIRECTORY_SEPARATOR . date(DATET_BKUP) . DIRECTORY_SEPARATOR;
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'resources' . DIRECTORY_SEPARATOR . 'backup.php';
$result = array();
foreach ($backups as $module) {
$backup = new Backup($this->parent);
if (!$backup->setLocation($location)) {
return new CronResult($this, false, 'Failed to create backup dir: ' . DIRECTORY_SEPARATOR . 'backup' . str_replace(__BACKUP__, '', $location . $module));
}
if (!$backup->setID($module)) {
return new CronResult($this, false, 'Failed to setID for ' . $module);
}
$results[$module] = $backup->backup();
unset($backup);
}
$msg = '';
$status = true;
foreach ($results as $ns => $data) {
$msg .= '"' . $ns . '": ' . $data['msg'] . PHP_EOL;
if (!$data['s']) {
$status = false;
}
}
if ($status) {
$msg = 'Backup was completed for selected module(s)!';
$type = B_T_SUCCESS;
} else {
$msg = 'Backup was completed but failed for some/all module(s). Details as follows:' . PHP_EOL . $msg;
$type = B_T_WARNING;
}
$this->parent->parent->logEvent($this::name_space, 'Back up modules: ' . csvgetstr($backups));
return new ActionResult($this, '/admin/modules/backup', 1, $msg, $type);
}
function edit_details()
{
$userid = WebApp::post('userid') === NULL ? '' : WebApp::post('userid');
$f_name = WebApp::post('f_name') === NULL ? '' : WebApp::post('f_name');
$s_name = WebApp::post('s_name') === NULL ? '' : WebApp::post('s_name');
$username = WebApp::post('username') === NULL ? '' : WebApp::post('username');
//$old_email = (WebApp::post('old_email')===NULL)? '' :WebApp::post('old_email');
//$email = (WebApp::post('email')===NULL)? '' :WebApp::post('email');
if ($userid != $this->parent->parent->user->getUserID()) {
return new ActionResult($this, '/user/profile/details', 0, 'Failed save details.<br />Error: <code>User IDs don\'t match</code>', B_T_FAIL);
}
if ($f_name == '' || $s_name == '') {
return new ActionResult($this, '/admin/user/user_edit', 0, 'Failed to edit user.<br />Error: <code>Name must not be empty</code>', B_T_FAIL);
}
$update = $this->mySQL_w->prepare("UPDATE `core_users` SET `f_name`=?,`s_name`=? WHERE `id`=?");
if ($update === false) {
return new ActionResult($this, '/user/profile/details', 0, 'Failed save details!', B_T_FAIL);
}
$update->bind_param('ssi', $f_name, $s_name, $userid);
$update->execute();
$update->store_result();
if ($update->affected_rows == 0) {
return new ActionResult($this, '/user/profile/details', 0, 'Nothing to change', B_T_INFO);
}
/*if($old_email != $email){
return $this->genActivation($email, 'email', array('f'=>'/user/activate', 's'=>'/user/activate'));
}else{*/
return new ActionResult($this, '/user/profile', 1, 'Saved details!', B_T_SUCCESS);
//}
}
/**
* Installer::preInstall()
*
* @return
*/
public function preInstall()
{
// Get the details from post
$mode = WebApp::post('method');
// Check which mode we are operating in
if ($mode == 'zip') {
// Get the zip file
$file = $this->parent->parent->files('zip_file');
// Deal with upload errors
switch ($file) {
// Failed to upload (we couldn't find it)
case _ACTION_FAIL_1:
$this->parent->parent->debug($this::name_space . ': Module package failed to upload.');
Session::set($this::name_space, 'msg', 'Module package failed to upload.');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
return new ActionResult($this, '/admin/modules/install', 0, 'Module package failed to upload.', B_T_FAIL);
break;
// No file was uploaded
// No file was uploaded
case _ACTION_FAIL_2:
$this->parent->parent->debug($this::name_space . ': No module package was uploaded to install!');
Session::set($this::name_space, 'msg', 'No module package was uploaded to install!');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
return new ActionResult($this, '/admin/modules/install', 0, 'No module package was uploaded to install!', B_T_FAIL);
break;
// Upload was too large
// Upload was too large
case _ACTION_FAIL_3:
$this->parent->parent->debug($this::name_space . ': Module was larger than the max upload size');
Session::set($this::name_space, 'msg', 'Module was larger than the max upload size!');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
return new ActionResult($this, '/admin/modules/install', 0, 'Module was larger than the max upload size!', B_T_FAIL);
break;
// File wasn't in whitelist/was in blacklist
// File wasn't in whitelist/was in blacklist
case _ACTION_FAIL_4:
$this->parent->parent->debug($this::name_space . ': Incorrect module format!');
Session::set($this::name_space, 'msg', 'Incorrect module format!');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
return new ActionResult($this, '/admin/modules/install', 0, 'Incorrect module format!', B_T_FAIL);
break;
// For some reason we couldn't move the uploaded file from the system temp dir to our temp dir
// For some reason we couldn't move the uploaded file from the system temp dir to our temp dir
case _ACTION_FAIL_5:
$this->parent->parent->debug($this::name_space . ': Could not access module package.');
Session::set($this::name_space, 'msg', 'Could not access module package!');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
return new ActionResult($this, '/admin/modules/install', 0, 'Could not access module package.', B_T_FAIL);
break;
// Something else went wrong with the uplaod - probably left for future php updates
// Something else went wrong with the uplaod - probably left for future php updates
case _ACTION_UNSPEC:
$this->parent->parent->debug($this::name_space . ': Something went wrong with the upload, try again');
Session::set($this::name_space, 'msg', 'Something went wrong with the upload, try again!');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
return new ActionResult($this, '/admin/modules/install', 0, 'Something went wrong with the upload, try again', B_T_FAIL);
break;
// There were no erros so we can continue
// There were no erros so we can continue
default:
// Extract the zip file
$file = $this->extractZip($file);
// Use the temp dir (from the extraction)
if ($file !== false) {
// Generate a reference hash
$hash = ranString(4);
// Set the session reference
Session::set($this::name_space, 'install_from' . $hash, $file);
//Navigate to the instal page
$this->parent->parent->addHeader('Location', '/admin/modules/install/' . $hash);
// We still need to return an ActionResult object to the controller, otherwise it'll get its knickers in a twist
return new ActionResult($this, '/admin/modules/install/' . $hash, 1, '', B_T_INFO);
} else {
// The uploaded file wasn't a zip, so give the user a message to see when they navigate
Session::set($this::name_space, 'msg', 'Failed to extract zip file!');
$this->parent->parent->addHeader('Location', '/admin/modules/install/');
// Yet again we need to return an ActionResult object as stated above ^^
return new ActionResult($this, '/admin/modules/install/', 0, 'Failed to extract zip file!', B_T_FAIL);
}
}
// We are installing from a directory, so we can skip the zip stuff and get straight to busines
} elseif ($mode == 'dir') {
// Get the full directory path
$file = __EXECDIR__ . WebApp::post('directory');
// Generate a reference hash
$hash = ranString(4);
// Set the install sesion stuff
Session::set($this::name_space, 'install_from' . $hash, $file);
// Navigate to the install page
$this->parent->parent->addHeader('Location', '/admin/modules/install/' . $hash);
// Yup, we are returning an ActionResult again... are you getting the message yet?
return new ActionResult($this, '/admin/modules/install/' . $hash, 1, 'Installing module…', B_T_SUCCESS);
}
}
function disable()
{
$groups = WebApp::post('groups') === NULL ? array() : strgetcsv(WebApp::post('groups'));
if (count($groups) == 0) {
$groups = WebApp::get('g') === NULL ? array() : strgetcsv(WebApp::get('g'));
}
if (count($groups) == 0) {
return new ActionResult($this, '/admin/user/group_view', 0, 'No group(s) were selected!', B_T_FAIL);
}
$update_query = $this->mySQL_w->prepare("UPDATE `core_groups` SET `en`=0 WHERE `GID`=?");
foreach ($groups as $GID) {
if ($this->inGroup($GID, false, false)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to disable own group');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a group that you are a member of</code>', B_T_FAIL);
}
if ($GID < 1000 && !$this->inGroup(1)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to disable core group');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a core group</code>', B_T_FAIL);
}
}
$affected_rows = 0;
foreach ($groups as $GID) {
$update_query->bind_param('i', $GID);
$update_query->execute();
$update_query->store_result();
$affected_rows += $update_query->affected_rows;
}
if ($affected_rows == count($groups)) {
$this->parent->parent->logEvent($this::name_space, 'Disabled groups ' . csvgetstr($groups));
return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled selected group(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Disabled some of groups ' . csvgetstr($groups));
return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled ' . $affected_rows . '/' . count($groups) . ' selected group(s)!<br /><small>Possible cause: <code>Group was already disabled</code></small>', B_T_WARNING);
}
}
public function session_lock()
{
if (!$this->accessAdminPage(20)) {
return new ActionResult($this, '/admin/user/user_view', 0, 'You are not allowed to do that', B_T_FAIL);
}
if (WebApp::get('m') === 'm') {
$sessID = WebApp::post('sessions') === NULL ? array() : strgetcsv(WebApp::post('sessions'));
if (count($sessID) === 0) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Session IDs cannot be blank!', B_T_FAIL);
}
} else {
$sessID = WebApp::get('cat4');
if ($sessID === NULL || $sessID == '') {
return new ActionResult($this, '/admin/user/user_view', 0, 'Session\'s ID cannot be blank!', B_T_FAIL);
}
$sessID = array($sessID);
}
$destroy_query = $this->mySQL_w->prepare("UPDATE `core_sessions` SET `auth`=1 WHERE `id`=?");
$affected_rows = 0;
foreach ($sessID as $ID) {
$destroy_query->bind_param('i', $ID);
$destroy_query->execute();
$destroy_query->store_result();
$affected_rows = +$destroy_query->affected_rows;
}
if ($affected_rows == count($sessID)) {
$this->parent->parent->logEvent($this::name_space, 'Locked session(s)');
return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Session(s) were locked!', B_T_SUCCESS);
} elseif ($affected_rows == 0) {
$this->parent->parent->logEvent($this::name_space, 'Failed to lock session(s)');
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to lock any sessions!', B_T_FAIL);
} else {
$this->parent->parent->logEvent($this::name_space, 'Locked some sessions, but failed to lock the rest!');
return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Some sessions were locked!', B_T_WARNING);
}
}
function delete()
{
$locations = WebApp::post('locations') === NULL ? array() : strgetcsv(WebApp::post('locations'));
if (count($locations) == 0) {
return new ActionResult($this, '/admin/location', 0, 'No locations(s) were selected!', B_T_FAIL, array('form' => array('pwd' => '')));
}
$check_query = $this->mySQL_w->prepare("SELECT `ID` FROM `location` WHERE `ID`=?");
if ($check_query === false) {
return new ActionResult($this, '/admin/location', 0, 'Failed to delete location(s)!<br />Error: <code>Check query failed</code>', B_T_FAIL);
}
foreach ($locations as $ID) {
$check_query->bind_param('i', $ID);
$check_query->execute();
$check_query->store_result();
if ($check_query->num_rows != 1) {
return new ActionResult($this, '/admin/location', 1, 'Failed to delete location(s)!<br />Error: <code>Location doesn\'t exist</code>', B_T_INFO);
}
}
$check_query->free_result();
$delete_query = $this->mySQL_w->prepare("DELETE FROM `location` WHERE `id`=?");
if ($delete_query === false) {
return new ActionResult($this, '/admin/location', 0, 'Failed delete location(s)!<br />Error: <code>Update query failed</code>', B_T_FAIL);
}
$affected_rows = 0;
foreach ($locations as $ID) {
$delete_query->bind_param('i', $ID);
$delete_query->execute();
$delete_query->store_result();
$affected_rows += $delete_query->affected_rows;
}
if ($affected_rows == count($locations)) {
$this->parent->parent->logEvent($this::name_space, 'Deleted ' . csvgetstr($locations));
return new ActionResult($this, '/admin/location', 1, 'Successfully deleted selected location(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Deleted some of ' . csvgetstr($locations));
return new ActionResult($this, '/admin/location', 1, 'Successfully deleted ' . $affected_rows . '/' . count($locations) . ' selected location(s)!<br /><small>Possible cause: <code>Location with that ID may not exist</code></small>', B_T_WARNING);
}
}
/**
* Updater::preUpdate()
*
* @return
*/
public function preUpdate()
{
$conf = WebApp::post('conf');
$module = WebApp::post('mod');
$page = WebApp::post('page');
$mode = WebApp::post('method');
if ($conf != 1) {
Session::set($this::name_space, 'msg', 'You haven\'t confirmed this action!');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, '', B_T_FAIL);
}
// Check which mode we are operating in
if ($mode == 'zip') {
// Get the ZIP file
$file = $this->parent->parent->files('zip_file');
// Deal with upload errors
switch ($file) {
// Failed to upload (we couldn't find it)
case _ACTION_FAIL_1:
$this->parent->parent->debug($this::name_space . ': Module package failed to upload.');
Session::set($this::name_space, 'msg', 'Module package failed to upload.');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Module package failed to upload.', B_T_FAIL);
break;
// No file was uploaded
// No file was uploaded
case _ACTION_FAIL_2:
$this->parent->parent->debug($this::name_space . ': No module package was uploaded to update!');
Session::set($this::name_space, 'msg', 'No module package was uploaded to update!');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'No module package was uploaded to update!', B_T_FAIL);
break;
// Uploade was too large
// Uploade was too large
case _ACTION_FAIL_3:
$this->parent->parent->debug($this::name_space . ': Module was larger than the max upload size');
Session::set($this::name_space, 'msg', 'Module was larger than the max upload size!');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Module was larger than the max upload size!', B_T_FAIL);
break;
// File wasn't in whitelist/was in blacklist
// File wasn't in whitelist/was in blacklist
case _ACTION_FAIL_4:
$this->parent->parent->debug($this::name_space . ': Incorrect module format!');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Incorrect module format!', B_T_FAIL);
break;
// For some reason we couldn't move the uploaded file from the system temp dir into our temp dir (__EXECDIR__/temp)
// For some reason we couldn't move the uploaded file from the system temp dir into our temp dir (__EXECDIR__/temp)
case _ACTION_FAIL_5:
$this->parent->parent->debug($this::name_space . ': Could not access module package.');
Session::set($this::name_space, 'msg', 'Could not access module package!');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Could not access module package.', B_T_FAIL);
break;
// Something else went wrong with the upload - probably left for future php updates
// Something else went wrong with the upload - probably left for future php updates
case _ACTION_UNSPEC:
$this->parent->parent->debug($this::name_space . ': Something went wrong with the upload, try again');
Session::set($this::name_space, 'msg', 'Something went wrong with the upload, try again!');
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Something went wrong with the upload, try again', B_T_FAIL);
break;
// There were no errors so we can continue
// There were no errors so we can continue
default:
// Extract the zip file
$file = $this->extractZip($file);
// Use the temp dir (from the extraction)
if ($file === false) {
// The uploaded wasn't a zip, so give the user a message to say so
Session::set($this::name_space, 'msg', 'Failed to extract zip file!');
// Now we send them back to the update page so they can select the correct file (hopefully)
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module);
return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Failed to extract zip file!', B_T_FAIL);
}
// Create a random reference hash
$hash = ranString(4);
// Set the session variables
Session::set($this::name_space, 'update_from_' . $hash . '_dir', $file);
Session::set($this::name_space, 'update_from_' . $hash . '_ns', $module);
Session::set($this::name_space, 'update_from_' . $hash . '_page', $page);
// Navigate to the new page
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module . '/' . $hash);
// We still need to return what we are doing to the controller (don't remove... took ages to work out why it crashed here!)
return new ActionResult($this, '/admin/modules/update/' . $module . '/' . $hash, 1, '', B_T_SUCCESS);
}
// We are updating from a directory so we can bypass the zip extraction bits and bobs
} elseif ($mode == 'dir') {
// Get the full directory path
$file = __EXECDIR__ . WebApp::post('directory');
// Create a random reference hash
$hash = ranString(4);
// Set the session variables
Session::set($this::name_space, 'update_from_' . $hash . '_dir', $file);
Session::set($this::name_space, 'update_from_' . $hash . '_ns', $module);
Session::set($this::name_space, 'update_from_' . $hash . '_page', $page);
// Navigate to the new page
$this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module . '/' . $hash);
// We still need to return what we are doing to the controller [don't remove... yup, same mistake twice :-)]
return new ActionResult($this, '/admin/modules/update/' . $module . '/' . $hash, 1, '', B_T_SUCCESS);
}
}
public function send()
{
if (!$this->accessAdminPage(0)) {
return new ActionResult($this, '/admin/email', 0, 'You are not allowed to send emails!', B_T_FAIL);
}
$check = $this->checknames();
if ($check->status == 0) {
return $check;
} else {
Session::del('status_msg', $check->id);
}
$to = WebApp::post('to');
$subject = WebApp::post('subject');
$message = WebApp::post('message');
$mail = new Emailer();
$mail->setFrom($this->parent->parent->user->getUsername() . '@biggleswadesc.org', $this->parent->parent->user->getFullName());
$mail->Subject = $subject;
$mail->msgHTML($message);
$mail->AltBody = 'To view the message, please use an HTML compatible email viewer!';
$to = strgetcsv(WebApp::post('to'));
// Fetches emails from usernames
$user_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`), `email` FROM `core_users` WHERE `username`=?");
// Fetches names and emails from p_group names
$p_group_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`),`email` FROM `core_users`\nINNER JOIN `core_groups` ON `p_group`=`GID` AND `core_groups`.`name`=? AND `type`='p'");
// Fetches names and emails from s_group names through link table (core_sgroup)
$s_group_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`),`email` FROM `core_users`\nINNER JOIN `core_groups` ON `core_groups`.`name`=? AND `type`='s'\nINNER JOIN `core_sgroup` ON `core_sgroup`.`user`=`core_users`.`id` AND `core_groups`.`GID`=`core_sgroup`.`group`");
$email_addresses = array();
foreach ($to as $name) {
$name = trim($name);
if (filter_var($name, FILTER_VALIDATE_EMAIL)) {
$email_addresses[$name] = $name;
} else {
// Check if name is user
$user_query->bind_param('s', $name);
$user_query->bind_result($fullName, $email);
$user_query->execute();
$user_query->store_result();
if ($user_query->num_rows == 1) {
$this->parent->parent->debug($this::name_space . ': Address is for user');
// deal with user
$user_query->fetch();
$email_addresses[$email] = $fullName;
$user_query->free_result();
$user_query->reset();
} else {
// Check if name is pgroup
$user_query->free_result();
$p_group_query->bind_param('s', $name);
$p_group_query->bind_result($fullName, $email);
$p_group_query->execute();
$p_group_query->store_result();
if ($p_group_query->num_rows != 0) {
while ($p_group_query->fetch()) {
$email_addresses[$email] = $fullName;
}
$p_group_query->free_result();
$p_group_query->reset();
} else {
$p_group_query->free_result();
$p_group_query->reset();
// Check sgroup
$s_group_query->bind_param('s', $name);
$s_group_query->bind_result($fullName, $email);
$s_group_query->execute();
$s_group_query->store_result();
if ($s_group_query->num_rows != 0) {
// Deal with sgroup
while ($s_group_query->fetch()) {
$email_addresses[$email] = $fullName;
}
}
$s_group_query->free_result();
$s_group_query->reset();
}
}
}
}
$failed = array();
foreach ($email_addresses as $email => $name) {
$mail->addAddress($email, $name);
if (!$mail->send()) {
$failed[] = $email;
$this->parent->parent->debug($this::name_space . ': Did not send mail to ' . $email);
$this->parent->parent->debug('Reason: ' . $mail->ErrorInfo);
} else {
$this->parent->parent->debug($this::name_space . ': Sent mail to ' . $email);
}
$mail->clearAddresses();
}
if (count($failed) == 0) {
return new ActionResult($this, '/admin/email', 1, 'Email was successfully sent!', B_T_SUCCESS);
} else {
return new ActionResult($this, '/admin/email', 0, 'Email was sent to except:<code>' . implode(', ', $failed) . '</code>', B_T_WARNING);
}
}
