/** exdoc * Loads permission data from the database for the specified user. * * @param User $user the user to load permissions for. * * @node Subsystems:expPermissions */ public static function load($user) { global $db, $exponent_permissions_r; // The $has_admin boolean will be flipped to true if the user has any administrate permission anywhere. // It will be used for figuring out the allowable UI levels. // $has_admin = 0; // Clear the global permissions array; $exponent_permissions_r = array(); if ($user == null) { // If the user is not logged in, they have no permissions. return; } if ($user->is_acting_admin == 0) { // Retrieve all of the explicit user permissions, by user id foreach ($db->selectObjects('userpermission', 'uid=' . $user->id) as $obj) { $exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1; } // Retrieve all of the implicit user permissions (by virtue of group membership). foreach ($db->selectObjects('groupmembership', 'member_id=' . $user->id) as $memb) { foreach ($db->selectObjects('grouppermission', 'gid=' . $memb->group_id) as $obj) { $exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1; } } // Retrieve all of the implicit user permissions (by virtue of subscriptions). foreach ($db->selectObjects('subscriptions_users', 'user_id=' . $user->id) as $memb) { foreach ($db->selectObjects('subscriptionpermission', 'subscription_id=' . $memb->subscription_id) as $obj) { $exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1; } } } expSession::set('permissions', $exponent_permissions_r); }
/** * Smarty {is_logged_in} modifier plugin * * Type: modifier<br> * Name: is_logged_in<br> * Purpose: determine if user is logged in * * @param array * @return array */ function smarty_modifier_is_logged_in($string) { if (expSession::loggedIn()) { return true; } else { return false; } }
function addToCart($params) { global $order; expSession::set('params', $params); //get the configuration $cfg->mod = "ecomconfig"; $cfg->src = "@globalstoresettings"; $cfg->int = ""; $config = new expConfig($cfg); $this->config = empty($catConfig->config) || @$catConfig->config['use_global'] == 1 ? $config->config : $catConfig->config; $min_amount = $this->config['minimum_gift_card_purchase']; $custom_message_product = $this->config['custom_message_product']; if (empty($params['product_id'])) { flash('error', gt("Please specify the style of the gift card you want to purchase.")); expHistory::back(); } if (empty($params['card_amount']) && empty($params['card_amount_txt'])) { flash('error', gt("You need to specify the card amount for the gift card.")); expHistory::back(); } else { // eDebug($params, true); $item = new orderitem($params); $sm = $order->getCurrentShippingMethod(); $item->shippingmethods_id = $sm->id; if (isset($params['card_amount_txt'])) { $params['card_amount_txt'] = preg_replace("/[^0-9.]/", "", $params['card_amount_txt']); } if (!empty($params['card_amount_txt']) && $params['card_amount_txt'] > 0) { $item->products_price = preg_replace("/[^0-9.]/", "", $params['card_amount_txt']); } else { $item->products_price = preg_replace("/[^0-9.]/", "", $params['card_amount']); } if ($item->products_price < $min_amount) { flash('error', gt("The minimum amount of gift card is") . " " . $min_amount); expHistory::back(); } $item->products_name = expCore::getCurrencySymbol() . $params['card_amount'] . ' ' . $this->title . " Style Gift Card"; if (!empty($params['toname'])) { $ed['To'] = isset($params['toname']) ? $params['toname'] : ''; } if (!empty($params['fromname'])) { $ed['From'] = isset($params['fromname']) ? $params['fromname'] : ''; } if (!empty($params['msg'])) { $ed['Message'] = isset($params['msg']) ? $params['msg'] : ''; $item->products_price += $custom_message_product; $item->products_name = $item->products_name . " (with message)"; } $item->extra_data = serialize($ed); // we need to unset the orderitem's ID to force a new entry..other wise we will overwrite any // other giftcards in the cart already $item->id = null; $item->quantity = $this->getDefaultQuantity(); $item->save(); return true; } }
/** * Smarty {get_user} function plugin * * Type: function<br> * Name: get_user<br> * Purpose: get user name * * @param $params * @param \Smarty $smarty * @return bool */ function smarty_function_get_user($params, &$smarty) { if (expSession::loggedIn()) { global $user; if (isset($params['assign'])) { $smarty->assign($params['assign'], $user); } else { echo $user->username; } } }
function userForm() { // make sure we have some billing options saved. //if (empty($this->opts)) return false; //exponent_javascript_toFoot('creditcard',"",null,'', URL_FULL.'framework/core/subsystems/forms/js/AuthorizeNet.validate.js'); //$opts->first_name = isset($this->opts->first_name) ? $this->opts->first_name : null; //$opts->last_name = isset($this->opts->last_name) ? $this->opts->last_name : null; $this->opts = expSession::get('billing_options'); $opts->cc_type = isset($this->opts->cc_type) ? $this->opts->cc_type : null; $opts->cc_number = isset($this->opts->cc_number) ? $this->opts->cc_number : null; $opts->exp_month = isset($this->opts->exp_month) ? $this->opts->exp_month : null; $opts->exp_year = isset($this->opts->exp_year) ? $this->opts->exp_year : null; $opts->cvv = isset($this->opts->cvv) ? $this->opts->cvv : null; $form = ''; /* FIXME: hard coded options!! if ($config_object->accept_amex) $cards["AmExCard"] = "American Express"; if ($config_object->accept_discover) $cards["DiscoverCard"] = "Discover"; if ($config_object->accept_mastercard) $cards["MasterCard"] = "MasterCard"; if ($config_object->accept_visa) $cards["VisaCard"] = "Visa"; */ //$fname = new textcontrol($opts->first_name); //$lname = new textcontrol($opts->last_name); /* $cardtypes = new dropdowncontrol($opts->cc_type,$this->getAvailableCards()); $cardnumber = new textcontrol($opts->cc_number,20,false,20,"integer", true); $expiration = new monthyearcontrol($opts->exp_month, $opts->exp_year); $cvv = new textcontrol($opts->cvv,4,false,4,"integer", true); $cvvhelp = new htmlcontrol("<a href='http://en.wikipedia.org/wiki/Card_Verification_Value' target='_blank'>What's this?</a>"); */ $cardtypes = new dropdowncontrol("", $this->getAvailableCards()); $cardnumber = new textcontrol("", 20, false, 20, "integer", true); $expiration = new monthyearcontrol("", ""); $cvv = new textcontrol("", 4, false, 4, "integer", true); //$cvvhelp = new htmlcontrol("<a href='http://en.wikipedia.org/wiki/Card_Verification_Value' target='_blank'>What's this?</a>"); $cardtypes->id = "cc_type"; $cardnumber->id = "cc_number"; $expiration->id = "expiration"; $cvv->id = "cvv"; $cvv->size = 5; //$cvvhelp->id = "cvvhelp"; //$form .= $fname->toHTML("First Name", "first_name"); //$form .= $lname->toHTML("Last Name", "last_name"); $form .= $cardtypes->toHTML("Card Type", "cc_type"); $form .= $cardnumber->toHTML("Card #", "cc_number"); //$form .= "<strong class=\"example\">Example: 1234567890987654</strong>"; $form .= $expiration->toHTML("Expiration", "expiration"); $form .= $cvv->toHTML("CVV # <br /><a href='http://en.wikipedia.org/wiki/Card_Verification_Value' target='_blank'>What's this?</a>", 'cvv'); //$form .= $cvvhelp->toHTML('', 'cvvhelp'); //$form .= "<a class=\"exp-ecom-link-dis continue\" href=\"#\" id=\"checkoutnow\"><strong><em>Continue Checkout</em></strong></a>"; //$form .= '<input id="cont-checkout" type="submit" value="Continue Checkout">'; return $form; }
function update($values, $object) { if ($object == null) { $object = new uploadcontrol(); } if ($values['identifier'] == "") { $post = $_POST; $post['_formError'] = gt('Identifier is required.'); expSession::set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; return $object; }
static function delete($object, $rerank = false) { if ($object == null) { return false; } $internal = unserialize($object->internal); global $db; $section = expSession::get("last_section"); $secref = $db->selectObject("sectionref", "module='" . $internal->mod . "' AND source='" . $internal->src . "' AND internal='" . $internal->int . "' AND section={$section}"); if ($secref) { $secref->refcount -= 1; $db->updateObject($secref, "sectionref", "module='" . $internal->mod . "' AND source='" . $internal->src . "' AND internal='" . $internal->int . "' AND section={$section}"); } // Fix ranks if ($rerank) { $db->decrement("container", "rank", 1, "external='" . $object->external . "' AND rank > " . $object->rank); } }
function update($values, $object) { if ($object == null) { $object = new antispamcontrol(); } if ($values['identifier'] == "") { $post = $_POST; $post['_formError'] = gt('Identifier is required.'); expSession::set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; $object->size = intval($values['size']); $object->maxlength = intval($values['maxlength']); $object->required = isset($values['required']); return $object; }
/** * Smarty {permissions} block plugin * * Type: block<br> * Name: permissions<br> * Purpose: Set up a permissions block * * @param $params * @param $content * @param \Smarty $smarty * @param $repeat * @return string */ function smarty_block_permissions($params, $content, &$smarty, &$repeat) { if ($content) { global $user, $css_core; if (empty($_GET['recymod'])) { $uilevel = 99; if (expSession::exists("uilevel")) { $uilevel = expSession::get("uilevel"); } if (empty($css_core['admin-global'])) { expCSS::pushToHead(array("corecss" => "admin-global")); } if (isset($uilevel) && $uilevel == UILEVEL_PREVIEW || !$user->isLoggedIn()) { $cntnt = ""; } else { $cntnt = isset($uilevel) && $uilevel == UILEVEL_PREVIEW || !$user->isLoggedIn() ? "" : $content; } return $cntnt; } } }
public static function login($username, $password) { global $db, $user; // Retrieve the user object from the database. This may be null, if the username is non-existent. $user = new user($db->selectValue('user', 'id', "username='******'")); // if the user object doesn't have an id then we didn't find a valid user account with this username if (empty($user->id)) { return false; } // try to authenticate the user - use the authentication type specified in the site config if (USE_LDAP == 1 && (empty($user) || $user->is_ldap == 1)) { $ldap = new expLDAP(); $ldap->connect(); $authenticated = $ldap->authenticate($ldap->getLdapUserDN($username), $password); if ($authenticated) { if (empty($user)) { $user = $ldap->addLdapUserToDatabase($username, $password); } } $ldap->close(); } else { $authenticated = $user->authenticate($password); } if ($authenticated) { // Call on the Sessions subsystem to log the user into the site. expSession::login($user); //Update the last login timestamp for this user. $user->updateLastLogin(); } // $obj = new stdClass(); // $obj->user_id = $user->id; // $obj->timestamp = time(); // $obj->ip_address = exponent_users_getRealIpAddr(); // $obj->authenticated = $authenticated; // $db->insertObject($obj, "user_loginAttempts"); // // return $user; }
function __construct($module, $view = null, $loc = null, $caching = false, $type = null) { $type = !isset($type) ? 'modules' : $type; //parent::__construct("modules", $module, $view); parent::__construct($type, $module, $view); $this->viewparams = expTemplate::getViewParams($this->viewfile); if ($loc == null) { $loc = expCore::makeLocation($module); } $this->tpl->assign("__loc", $loc); $this->tpl->assign("__name", $module); // View Config global $db; $container_key = serialize($loc); $cache = expSession::getCacheValue('containermodule'); if (isset($cache[$container_key])) { $container = $cache[$container_key]; } else { $container = $db->selectObject("container", "internal='" . $container_key . "'"); $cache[$container_key] = $container; } $this->viewconfig = $container && isset($container->view_data) && $container->view_data != "" ? unserialize($container->view_data) : array(); $this->tpl->assign("__viewconfig", $this->viewconfig); }
<?php ################################################## # # Copyright (c) 2004-2011 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } echo json_encode(expSession::set($_REQUEST['var'], $_REQUEST['value']));
/** * Routine to check for installation or upgrade */ public static function checkVersion() { global $db, $user; $swversion->major = EXPONENT_VERSION_MAJOR; $swversion->minor = EXPONENT_VERSION_MINOR; $swversion->revision = EXPONENT_VERSION_REVISION; $swversion->type = EXPONENT_VERSION_TYPE; $swversion->iteration = EXPONENT_VERSION_ITERATION; $swversion->builddate = EXPONENT_VERSION_BUILDDATE; // check database version against installed software version if ($db->havedb) { if ($user->isAdmin()) { $dbversion = $db->selectObject('version', 1); if (empty($dbversion)) { $dbversion->major = 0; $dbversion->minor = 0; $dbversion->revision = 0; $dbversion->type = ''; $dbversion->iteration = ''; } // check if software version is newer than database version if (self::compareVersion($dbversion, $swversion)) { $oldvers = $dbversion->major . '.' . $dbversion->minor . '.' . $dbversion->revision . ($dbversion->type ? $dbversion->type : '') . ($dbversion->iteration ? $dbversion->iteration : ''); $newvers = $swversion->major . '.' . $swversion->minor . '.' . $swversion->revision . ($swversion->type ? $swversion->type : '') . ($swversion->iteration ? $swversion->iteration : ''); flash('message', gt('The database requires upgrading from') . ' v' . $oldvers . ' ' . gt('to') . ' v' . $newvers . '<br><a href="' . makelink(array("controller" => "administration", "action" => "install_exponent")) . '">' . gt('Click here to Upgrade your website') . '</a>'); } } } else { // database is unavailable, so show us as being offline $template = new standalonetemplate('_maintenance'); $template->assign("db_down", true); $template->output(); exit; } // check if online version is newer than installed software version, but only once per session if ($user->isAdmin()) { if (!expSession::is_set('update-check')) { $onlineVer = self::getOnlineVersion(); expSession::set('update-check', '1'); if (self::compareVersion($swversion, $onlineVer)) { $newvers = $onlineVer->major . '.' . $onlineVer->minor . '.' . $onlineVer->revision . ($onlineVer->type ? $onlineVer->type : '') . ($onlineVer->iteration ? $onlineVer->iteration : ''); flash('message', gt('A newer version of Exponent is available') . ': v' . $newvers . ' ' . gt('was released') . ' ' . expDateTime::format_date($onlineVer->builddate) . '<br><a href="https://github.com/exponentcms/exponent-cms/downloads" target="_blank">' . gt('Click here to see available Downloads') . '</a>'); } } } }
function update($values, $object) { if ($values['identifier'] == "") { $post = $_POST; $post['_formError'] = gt('Identifier is required.'); expSession::set("last_POST", $post); return null; } if ($object == null) { $object = new dropdowncontrol(); } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; $object->items = listbuildercontrol::parseData($values, 'items', true); $object->size = intval($values['size']) <= 0 ? 1 : intval($values['size']); $object->required = isset($values['required']); return $object; }
# Copyright (c) 2004-2011 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## /** @define "BASE" "../../../../.." */ if (!defined('EXPONENT')) { exit(''); } $errors = null; $continue = URL_FULL . 'index.php?section=' . SITE_DEFAULT_SECTION; expSession::clearAllUsersSessionCache(); $template = new template('importer', '_eql_results', $loc); //GREP:UPLOADCHECK if (!expFile::restoreDatabase($db, $_FILES['file']['tmp_name'], $errors)) { $template->assign('success', 0); $template->assign('errors', $errors); } else { $template->assign('success', 1); $template->assign('continue', $continue); } $template->output();
# This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## /** @define "BASE" "../../../../.." */ if (!defined('EXPONENT')) { exit(''); } $dest_dir = $_POST['dest_dir']; $files = array(); foreach (array_keys($_POST['mods']) as $file) { $files[$file] = expFile::canCreate(BASE . 'files/' . $file); // if (class_exists($mod)) { // $files[$mod][0] = call_user_func(array($mod,'name')); // } // foreach (array_keys(expFile::listFlat($dest_dir.'/files',1,null,array(),$dest_dir.'/files/')) as $file) { // $files[$mod][1][$file] = expFile::canCreate(BASE.'files/'.$file); // } } expSession::set('dest_dir', $dest_dir); expSession::set('files_data', $files); $template = new template('importer', '_files_verifyFiles'); $template->assign('files_data', $files); $template->output();
# This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } //expSession::un_set('installer_config'); expSession::clearAllSessionData(); global $user; if (isset($_REQUEST['upgrade'])) { // upgrades hit this // if (unlink(BASE.'install/not_configured')) { $leaveinstaller = unlink(BASE . 'install/not_configured') || !file_exists(BASE . 'install/not_configured'); if ($leaveinstaller) { echo '<h2>' . gt('You\'re all set!') . "</h2>"; echo '<p>' . gt('Take me to your leader') . "</p>"; } else { echo '<h2>' . gt('Hmmmm....') . "</h2>"; echo '<p>' . gt('We weren\'t able to remove /install/not_configured. Remove this file manually to complete your upgrade.') . "</p>"; } ?> <p><?php echo gt('Log back in to start using all your fancy new enhancements!');
static function getUserCart() { global $db, $user, $router; $sessAr = expSession::get('verify_shopper'); // initialize this users cart if they have ecomm installed. $active = $db->selectValue('modstate', 'active', 'module="storeController"'); if (!expModules::controllerExists('cart') || empty($active)) { // if ecomm is turned off, no cart. return null; } else { if (isset($router->params['controller']) && $router->params['controller'] == 'order' && ($router->params['action'] == 'verifyReturnShopper' || $router->params['action'] == 'verifyAndRestoreCart' || $router->params['action'] == 'clearCart') && (!isset($sessAr['validated']) || $sessAr['validated'] != true)) { return new order(); } else { // if ecomm is turned off, no cart. //$active = ; if (empty($active)) { return null; } $order = new order(); //initialize a new order object to use the find function from. $ticket = expSession::getTicketString(); //get this users session ticket. this is how we track anonymous users. // grab the origional referrer from the session table so that we can transfer it into the cart where it will be used for reporting purposes // sessions are temporary so we can't report on the referrer in the session table itsef because it may not be there // and we can't just get the referrer ar this point becaues the user likely navigated the site a bit and we want the origional referring site $orig_referrer = $db->selectValue('sessionticket', 'referrer', "`ticket`='" . $ticket . "'"); //see if we have a LIVE and ACTIVE session w/ cart and grab it if so $sessioncart = $order->find('first', "invoice_id='' AND sessionticket_ticket='" . $ticket . "'"); //check to see if the user is logged in, and if so grab their existing cart if (!empty($user) && $user->isLoggedIn()) { $usercart = $order->find('first', "invoice_id='' AND user_id=" . $user->id); } //eDebug($sessioncart); //eDebug($usercart); //enter here if we have NO ACTIVE SESSION CART -OR- We're awaiting a potential cart retore if (empty($sessioncart->id) || $sessAr['awaiting_choice'] == true) { if (empty($usercart->id)) { // no SESSION cart was found and user is not logged in... //let's see if they have a cart_id cookie set and we'll snag that if so //they won't have any user data, since they are "logged in" once they get to //checkout, so all we're really doing here is populating a cart for return //shoppers $cookie_cart_id = isset($_COOKIE['cid']) ? $_COOKIE['cid'] : 0; //eDebug($cookie_cart_id,true); if ($cookie_cart_id) { $tmpCart = new order($cookie_cart_id); if ($tmpCart->id != $cookie_cart_id) { //cookie set, but we gots no cart in the DB so act as if we had no cookie $cart = new order(); $cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer, 'return_count' => $cart->setReturnCount($orig_referrer))); order::setCartCookie($cart); } else { $u = new user($tmpCart->user_id); //1) Was Not logged in if (empty($tmpCart->user_id)) { $cart = new order($cookie_cart_id); //update the session ticket and return count $cart->update(array('sessionticket_ticket' => $ticket, 'return_count' => $cart->setReturnCount($orig_referrer))); order::setCartCookie($cart); flash('message', gt('Welcome back')); } else { if (!empty($tmpCart->user_id)) { //check for is admin first if ($u->isActingAdmin() || $u->isAdmin()) { //no need to restore anything. $cart = new order(); $cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer)); order::setCartCookie($cart); } else { if (!empty($tmpCart->user_id) && count($tmpCart->orderitem) == 0) { //silently copy tracking data from old order and continue on $cart = new order(); $cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer, 'return_count' => $tmpCart->setReturnCount($orig_referrer))); order::setCartCookie($cart); flash('message', gt('Welcome back')); } else { if (!empty($tmpCart->user_id) && count($tmpCart->orderitem) > 0) { //3) Was Logged in w/ NON-?real user? account //eDebug(expUtil::right($u->username,10),true); if ($u->isTempUser()) { if (isset($sessAr['validated']) && $sessAr['validated']) { //already went through validation and we're good to go $cart = new order($sessAr['cid']); //update the session ticket and return count $cart->update(array('sessionticket_ticket' => $ticket, 'return_count' => $cart->mergeReturnCount($sessioncart->return_count), 'orig_referrer' => $sessioncart->orig_referrer)); order::setCartCookie($cart); expSession::un_set('verify_shopper'); $user = new user($cart->user_id); expSession::login($user); //Update the last login timestamp for this user. $user->updateLastLogin(); flash('message', gt('Welcome back') . ' ' . $sessAr['firstname'] . '! ' . gt('Your shopping cart has been restored - you may continue shopping or') . ' <a href="' . makelink(array("controller" => "cart", "action" => "checkout")) . '">checkout</a> ' . gt('at your convenience.')); } else { //send to verification? If user has elected to restore their cart //eDebug($_SESSION); if (isset($sessAr['awaiting_choice']) && $sessAr['awaiting_choice'] == true) { /*expSession::set('verify_shopper',array('au'=>1,'orig_path'=>$router->current_url, 'firstname'=>$u->firstname, 'cid'=>$cookie_cart_id)); redirect_to(array("controller"=>"order",'action'=>'verifyReturnShopper')); orderController::verifyReturnShopper();*/ //just give em the sessioncart $cart = $sessioncart; if (count($cart->orderitem) > 0) { //added items to current cart, so we'll assume they do not want to restore the previous at this point expSession::un_set('verify_shopper'); order::setCartCookie($cart); } else { flash('message', gt('Welcome back') . ' ' . $u->firstname . '! ' . gt('We see that you have shopped with us before.') . '<br><br><a id="submit-verify" href="' . makelink(array("controller" => "order", "action" => "verifyReturnShopper")) . '" rel="nofollow">' . gt('Click Here to Restore Your Previous Shopping Cart') . '</a><br><br><a class="exp-ecom-link" href="' . makelink(array("controller" => "order", "action" => "clearCart", "id" => $cookie_cart_id)) . '">' . gt('Click Here To Start a New Shopping Cart') . '</a>'); $sessAr['orig_path'] = $router->current_url; expSession::set('verify_shopper', $sessAr); } } else { //first time...create a default cart, issue message, set session, rinse, repeat $cart = new order(); $cart->update(array("sessionticket_ticket" => $ticket, 'return_count' => $cart->setReturnCount($orig_referrer))); expSession::set('verify_shopper', array('au' => 1, 'orig_path' => $router->current_url, 'firstname' => $u->firstname, 'cid' => $cookie_cart_id, 'awaiting_choice' => true)); //order::setCartCookie($cart); flash('message', gt('Welcome back') . ' ' . $u->firstname . '! ' . gt('We see that you have shopped with us before.') . '<br><br><a id="submit-verify" href="' . makelink(array("controller" => "order", "action" => "verifyReturnShopper")) . '" rel="nofollow">' . gt('Click Here to Restore Your Previous Shopping Cart') . '</a><br><br><a class="exp-ecom-link" href="' . makelink(array("controller" => "order", "action" => "clearCart", "id" => $cookie_cart_id)) . '">' . gt('Click Here To Start a New Shopping Cart') . '</a>'); } } } else { //prompt to login and restore, otherwise reset and start fresh //this should be all we need to do here //redirect_to(array("controller"=>"order",'action'=>'verifyReturnShopper','au'=>'0')); $cart = new order(); $cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer)); order::setCartCookie($cart); flash('message', gt('Welcome back') . ' ' . $u->firstname . '! ' . gt('If you would like to pick up where you left off, click here to login and your previous shopping cart will be restored.')); } } } } } } } } else { $cart = new order(); $cart->update(array("sessionticket_ticket" => $ticket, 'user_id' => $user->id, 'orig_referrer' => $orig_referrer)); order::setCartCookie($cart); } } else { //user is logged in, so we grab their usercart and update the session ticket only //$usercart->update(array('sessionticket_ticket'=>$ticket, 'orig_referrer'=>$orig_referrer)); $usercart->update(array('sessionticket_ticket' => $ticket)); $cart = $usercart; } //enter here if we HAVE an ACTIVE session/cart, but the user is not logged in } elseif (!empty($sessioncart->id) && $user->id == 0) { // the user isn't logged in yet...the session cart will do for now. $cart = $sessioncart; // if we hit here we've found a session cart AND a usercart because the user just logged in // and had both...that means we need to merge them } elseif (!empty($sessioncart->id) && !empty($usercart->id)) { // if we hit here we've found a session cart and a usercart...that means we need to merge them // if it's not the same cart. if ($sessioncart->id == $usercart->id) { $cart = $sessioncart; } else { // if the old user cart had gone through any of the checkout process before, than we // will clean that data out now and start fresh. $usercart->cleanOrderitems(); //merge the current session cart with previously saved user cart. foreach ($sessioncart->orderitem as $orderitem) { $orderitem->merge(array('orders_id' => $usercart->id, 'user_id' => $user->id)); } //if session cart HAS coupon codes, delete usercart codes and copy new code to usercart, else leave be if (count($sessioncart->getOrderDiscounts())) { foreach ($usercart->getOrderDiscounts() as $od) { $od->delete(); } foreach ($sessioncart->getOrderDiscounts() as $sod) { $sod->orders_id = $usercart->id; $sod->save(); } } $cart = new order($usercart->id); $sessioncart->delete(); } order::setCartCookie($cart); expSession::un_set('verify_shopper'); // the user doesn't have a cart with his/her user id in it. this probably means they just // logged in so we need to update the cart with the new user id information. } elseif (!empty($sessioncart->id) && (empty($usercart->id) && $user->isLoggedIn())) { //$sessioncart->update(array('user_id'=>$user->id, 'orig_referrer'=>$orig_referrer)); $sessioncart->update(array('user_id' => $user->id)); $cart = $sessioncart; } $cart->item_count = 0; foreach ($cart->orderitem as $items) { if ($items->product->requiresShipping && !$items->product->no_shipping) { $cart->shipping_required = true; } if ($items->product->requiresBilling) { $cart->billing_required = true; } $cart->item_count += $items->quantity; } $cart->lastcat = expSession::get('last_ecomm_category'); $cart->total = $cart->getCartTotal(); //eDebug($cart,true); return $cart; } } }
/** exdoc * Calls the necessary methods to show a specific module * * @param string $module The classname of the module to display * @param string $view The name of the view to display the module with * @param string $title The title of the module (support is view-dependent) * @param string $source The source of the module. * @param bool $pickable Whether or not the module is pickable in the Source Picker. * @param null $section * @param bool $hide_menu * @param array $params * @return * @node Subsystems:Theme */ public static function showModule($module, $view = "Default", $title = "", $source = null, $pickable = false, $section = null, $hide_menu = false, $params = array()) { if (!AUTHORIZED_SECTION && $module != 'navigationmodule' && $module != 'loginController') { return; } global $db, $sectionObj, $module_scope; // Ensure that we have a section //FJD - changed to $sectionObj if ($sectionObj == null) { $section_id = expSession::get('last_section'); if ($section_id == null) { $section_id = SITE_DEFAULT_SECTION; } $sectionObj = $db->selectObject('section', 'id=' . $section_id); //$section->id = $section_id; } if ($module == "loginController" && defined('PREVIEW_READONLY') && PREVIEW_READONLY == 1) { return; } // if (expSession::is_set("themeopt_override")) { // $config = expSession::get("themeopt_override"); // if (in_array($module,$config['ignore_mods'])) return; // } $loc = expCore::makeLocation($module, $source . ""); if (empty($module_scope[$source][$module]->scope)) { $module_scope[$source][$module]->scope = 'global'; } // make sure we've added this module to the sectionref table if ($db->selectObject("sectionref", "module='{$module}' AND source='" . $loc->src . "'") == null) { $secref = null; $secref->module = $module; $secref->source = $loc->src; $secref->internal = ""; $secref->refcount = 1000; if ($sectionObj != null) { $secref->section = $sectionObj->id; } $secref->is_original = 1; $db->insertObject($secref, 'sectionref'); } $iscontroller = expModules::controllerExists($module); if (defined('SELECTOR') && call_user_func(array($module, "hasSources"))) { containermodule::wrapOutput($module, $view, $loc, $title); } else { if (is_callable(array($module, "show")) || $iscontroller) { // FIXME: we are checking here for a new MVC style controller or an old school module. We only need to perform // this check until we get the old modules all gone...until then we have the check and a lot of code duplication // in the if blocks below...oh well, that's life. if (!$iscontroller) { if (!$hide_menu && $loc->mod != "containermodule" && (call_user_func(array($module, "hasSources")) || $db->tableExists($loc->mod . "_config"))) { $container->permissions = array('administrate' => expPermissions::check('administrate', $loc) ? 1 : 0, 'configure' => expPermissions::check('configure', $loc) ? 1 : 0); if ($container->permissions['administrate'] || $container->permissions['configure']) { $container->randomizer = mt_rand(1, ceil(microtime(1))); $container->view = $view; $container->info['class'] = $loc->mod; $container->info['module'] = call_user_func(array($module, "name")); $container->info['source'] = $loc->src; $container->info['hasConfig'] = $db->tableExists($loc->mod . "_config"); $template = new template('containermodule', '_hardcoded_module_menu', $loc); $template->assign('container', $container); $template->output(); } } } else { // if we hit here we're dealing with a controller...not a module if (!$hide_menu) { $controller = expModules::getController($module); $container->permissions = array('administrate' => expPermissions::check('administrate', $loc) ? 1 : 0, 'configure' => expPermissions::check('configure', $loc) ? 1 : 0); if ($container->permissions['administrate'] || $container->permissions['configure']) { $container->randomizer = mt_rand(1, ceil(microtime(1))); $container->view = $view; $container->action = $params['action']; $container->info['class'] = $loc->mod; $container->info['module'] = $controller->displayname(); $container->info['source'] = $loc->src; $container->info['hasConfig'] = true; $template = new template('containermodule', '_hardcoded_module_menu', $loc); $template->assign('container', $container); $template->output(); } } } if ($iscontroller) { $params['src'] = $loc->src; $params['controller'] = $module; $params['view'] = $view; $params['moduletitle'] = $title; if (empty($params['action'])) { $params['action'] = $view; } renderAction($params); } else { call_user_func(array($module, "show"), $view, $loc, $title); } } else { echo sprintf(gt('The module "%s" was not found in the system.'), $module); } } }
} // PERM CHECK $source_select = array(); $module = "containermodule"; $view = "_sourcePicker"; $clickable_mods = null; // Show all $dest = null; if (expSession::is_set("source_select") && defined('SOURCE_SELECTOR')) { $source_select = expSession::get("source_select"); $view = $source_select["view"]; $module = $source_select["module"]; $clickable_mods = $source_select["showmodules"]; $dest = $source_select['dest']; } expSession::clearAllUsersSessionCache('containermodule'); $orphans = array(); foreach ($db->selectObjects("sectionref", "module='" . preg_replace('/[^A-Za-z0-9_]/', '', $_GET['module']) . "' AND refcount=0") as $orphan) { $obj = null; $loc = expCore::makeLocation($orphan->module, $orphan->source, $orphan->internal); if (class_exists($orphan->module)) { $modclass = $orphan->module; $mod = new $modclass(); if (class_exists($modclass)) { ob_start(); if (expModules::controllerExists($modclass)) { renderAction(array('controller' => $modclass, 'action' => 'showall', 'src' => $orphan->source)); } else { $mod->show("Default", $loc); } $obj->output = ob_get_contents();
function update($values, $object) { if ($object == null) { $object = new texteditorcontrol(); } if ($values['identifier'] == "") { $post = $_POST; $post['_formError'] = gt('Identifier is required.'); expSession::set("last_POST", $post); return null; } $object->identifier = $values['identifier']; $object->caption = $values['caption']; $object->default = $values['default']; $object->rows = intval($values['rows']); $object->cols = intval($values['cols']); $object->maxchars = intval($values['maxchars']); $object->required = isset($values['required']); return $object; }
if (empty($from)) { $from = trim(SMTP_FROMADDRESS); } if (empty($from_name)) { $from_name = trim(ORGANIZATION_NAME); } $headers = array("MIME-Version" => "1.0", "Content-type" => "text/html; charset=" . LANG_CHARSET); if (count($emaillist)) { //This is an easy way to remove duplicates $emaillist = array_flip(array_flip($emaillist)); $emaillist = array_map('trim', $emaillist); $mail = new expMail(); $mail->quickSend(array('headers' => $headers, 'html_message' => $emailHtml, "text_message" => $emailText, 'to' => $emaillist, 'from' => array(trim($from) => $from_name), 'subject' => $f->subject)); } } // clear the users post data from the session. expSession::un_set('formmodule_data_' . $f->id); //If is a new post show response, otherwise redirect to the flow. if (!isset($_POST['data_id'])) { $template = new template("formbuilder", "_view_response"); $template->assign("backlink", expHistory::getLastNotEditable()); $template->assign("response_html", $f->response); $template->output(); } else { flash('message', gt('Record was updated!')); // expHistory::back(); expHistory::returnTo('editable'); } } else { echo SITE_403_HTML; }
/** * @param $file * @return mixed */ public static function uploadSuccessful($file) { global $db; if (is_object($file)) { return $db->insertObject($file, 'file'); } else { $post = $_POST; $post['_formError'] = $file; flash('error', $file); expSession::set('last_POST', $post); header('Location: ' . $_SERVER['HTTP_REFERER']); exit; } }
# # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## if (!defined('EXPONENT')) { exit(''); } global $router; $container = $db->selectObject('container', 'id=' . intval($_REQUEST['id'])); //eDebug($container); $module_loc = unserialize($container->internal); $clipboard_object->module = $module_loc->mod; $clipboard_object->source = $module_loc->src; $clipboard_object->internal = $module_loc->int; $clipboard_object->title = $container->title; $clipboard_object->view = $container->view; $clipboard_object->copied_from = $db->selectValue('section', 'name', 'id=' . expSession::get('last_section')); $clipboard_object->section_id = expSession::get('last_section'); $clipboard_object->operation = $_REQUEST['op']; $clipboard_object->description = $db->selectValue('sectionref', 'description', 'module="' . $clipboard_object->module . '" AND source="' . $clipboard_object->source . '"'); $clipboard_object->refcount = $db->selectValue('sectionref', 'refcount', 'module="' . $clipboard_object->module . '" AND source="' . $clipboard_object->source . '"'); //eDebug($clipboard_object); $db->insertObject($clipboard_object, 'clipboard'); flash('message', gt('Module copied to clipboard')); expHistory::back();
$section->sef_name = $router->encode($section->name); } if (!section::isValidName($section->sef_name)) { expValidator::failAndReturnToForm('You have invalid characters in the SEF Name field.'); } if (section::isDuplicateName($section)) { expValidator::failAndReturnToForm(gt('The name specified in the SEF Name field is a duplicate of an existing page.')); } if (isset($section->id)) { if ($section->parent != $old_parent) { // Old_parent id was different than the new parent id. Need to decrement the ranks // of the old children (after ours), and then add $section = section::changeParent($section, $old_parent, $section->parent); } // Existing section. Update the database record. // The 'id=x' where clause is implicit with an updateObject $db->updateObject($section, 'section'); } else { // Since this is new, we need to increment ranks, in case the user // added it in the middle of the level. $db->increment('section', 'rank', 1, 'rank >= ' . $section->rank . ' AND parent=' . $section->parent); // New section. Insert a new database record. $section->id = $db->insertObject($section, 'section'); } expSession::clearAllUsersSessionCache('navigationmodule'); navigationmodule::checkForSectionalAdmins($section->id); // Go back to where we came from. Probably the navigation manager. expHistory::back(); } else { echo SITE_403_HTML; }
<?php ################################################## # # Copyright (c) 2004-2011 OIC Group, Inc. # Written and Designed by James Hunt # # This file is part of Exponent # # Exponent is free software; you can redistribute # it and/or modify it under the terms of the GNU # General Public License as published by the Free # Software Foundation; either version 2 of the # License, or (at your option) any later version. # # GPL: http://www.gnu.org/licenses/gpl.txt # ################################################## /** @define "BASE" "." */ // Initialize the Exponent Framework require_once 'exponent.php'; //Fire off the login form via an exponent action. expSession::set('redirecturl', expHistory::getLastNotEditable()); redirect_to(array("controller" => "login", "action" => "showlogin"));
static function wrapOutput($modclass, $view, $loc = null, $title = '') { global $db; if (defined('SOURCE_SELECTOR') && strtolower($modclass) != 'containermodule') { $container = null; $mod = new $modclass(); ob_start(); if (expModules::controllerExists($modclass)) { $action = $db->selectValue('container', 'action', "internal='" . serialize($loc) . "'"); renderAction(array('controller' => $modclass, 'action' => $action, 'view' => $view)); } else { $mod->show($view, $loc, $title); } $container->output = ob_get_contents(); ob_end_clean(); $source_select = expSession::get('source_select'); $c_view = $source_select['view']; $c_module = $source_select['module']; $clickable_mods = $source_select['showmodules']; if (!is_array($clickable_mods)) { $clickable_mods = null; } $dest = $source_select['dest']; $template = new template($c_module, $c_view, $loc); if ($dest) { $template->assign('dest', $dest); } $container->info = array('module' => $mod->name(), 'source' => $loc->src, 'hasContent' => $mod->hasContent(), 'hasSources' => $mod->hasSources(), 'hasViews' => $mod->hasViews(), 'class' => $modclass, 'clickable' => $clickable_mods == null || in_array($modclass, $clickable_mods)); $template->assign('container', $container); $template->output(); } else { call_user_func(array($modclass, 'show'), $view, $loc, $title); } }
function showallSubcategories() { global $db; expHistory::set('viewable', $this->params); $parent = isset($_REQUEST['cat']) ? $_REQUEST['cat'] : expSession::get('last_ecomm_category'); $category = new storeCategory($parent); $categories = $category->getEcomSubcategories(); $ancestors = $category->pathToNode(); assign_to_template(array('categories' => $categories, 'ancestors' => $ancestors, 'category' => $category)); }
public function customerSignup() { expSession::set('customer-signup', true); redirect_to(array('controller' => 'cart', 'action' => 'checkout')); }
function afterValidationOnCreate() { global $user, $db; //check if user is logged in. If so, then we won't have the password and capture fields //eDebug($_POST,true); if (!$user->isLoggedIn()) { //user is not logged in, so we assume they are creating their first address //we'll check to see if they have elected to 'remember me' and if so, check the username and passwords. //if not, then we just check the captha and create an account manually $password = $_POST['password']; if (isset($_POST['remember_me']) && $_POST['remember_me'] == true) { $user->username = $_POST['email']; $validateUser = $user->setPassword($password, $_POST['password2']); if (!is_bool($validateUser)) { expValidator::failAndReturnToForm($validateUser, $_POST); } } else { $user->username = $_POST['email'] . time(); //make a unique username $password = md5(time() . rand(50, 00)); //generate random password $user->setPassword($password, $password); } //expValidator::check_antispam($_POST, "Your anti-spam verification failed. Please try again."); //if we've come this far, we're good to create the new user account $user->email = $_POST['email']; $user->firstname = $_POST['firstname']; $user->lastname = $_POST['lastname']; //eDebug($_POST); //eDebug($user); $checkUser = $db->selectObject('user', 'username="******"'); if (isset($checkUser->id)) { expValidator::failAndReturnToForm(gt("The email address you entered already exists as a user. If you have lost your password, you may reset it here:") . " <a href='/users/reset_password'>Reset Password</a>.", $_POST); } $user->is_system_user = false; $user->save(true); $user->login($user->username, $password); $this->user_id = $user->id; $this->is_default = true; //eDebug($user,true); //$user-> = $_POST['first_name']; //eDebug($this,true); //set this back since we now have a logged in user and we don't want things going goofy if they logout and log back in and such expSession::un_set("ALLOW_ANONYMOUS_CHECKOUT"); } }