function IdentityForm_AddRequirements(&$IdentityForm)
{
$SafeUser = $IdentityForm->User;
$SafeUser->FormatPropertiesForDatabaseInput();
Validate($IdentityForm->Context->GetDefinition('FirstNameLower'), 1, $SafeUser->FirstName, 50, '', $IdentityForm->Context);
Validate($IdentityForm->Context->GetDefinition('LastNameLower'), 1, $SafeUser->LastName, 50, '', $IdentityForm->Context);
}
function GlobalsForm(&$Context)
{
$this->Name = 'GlobalsForm';
$this->ValidActions = array('Globals', 'ProcessGlobals');
$this->Constructor($Context);
if (!$this->Context->Session->User->Permission('PERMISSION_CHANGE_APPLICATION_SETTINGS')) {
$this->IsPostBack = 0;
} elseif ($this->IsPostBack) {
$this->Context->PageTitle = $this->Context->GetDefinition('ApplicationSettings');
$SettingsFile = $this->Context->Configuration['APPLICATION_PATH'] . 'conf/settings.php';
$this->ConfigurationManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'ConfigurationManager');
if ($this->PostBackAction == 'ProcessGlobals' && $this->IsValidFormPostBack()) {
$this->ConfigurationManager->GetSettingsFromForm($SettingsFile);
// Checkboxes aren't posted back if unchecked, so make sure that they are saved properly
$this->ConfigurationManager->DefineSetting('ENABLE_WHISPERS', ForceIncomingBool('ENABLE_WHISPERS', 0), 0);
$this->ConfigurationManager->DefineSetting('ALLOW_NAME_CHANGE', ForceIncomingBool('ALLOW_NAME_CHANGE', 0), 0);
$this->ConfigurationManager->DefineSetting('PUBLIC_BROWSING', ForceIncomingBool('PUBLIC_BROWSING', 0), 0);
$this->ConfigurationManager->DefineSetting('USE_CATEGORIES', ForceIncomingBool('USE_CATEGORIES', 0), 0);
$this->ConfigurationManager->DefineSetting('LOG_ALL_IPS', ForceIncomingBool('LOG_ALL_IPS', 0), 0);
//Validate cookie domain.
//The pattern is loose; eg, It won't stop "domain.tld" or ".co.uk" to be saved
//(the "domain.tld" can be set by the browser, the 2nd won't).
Validate($this->Context->GetDefinition('CookieDomain'), 0, ForceIncomingString('COOKIE_DOMAIN', ''), 255, '^[\\.-_~a-zA-Z0-9]*\\.?[-_~a-zA-Z0-9]+\\.[-_~a-zA-Z0-9]+$', $this->Context);
// And save everything
if ($this->ConfigurationManager->SaveSettingsToFile($SettingsFile)) {
header('Location: ' . GetUrl($this->Context->Configuration, 'settings.php', '', '', '', '', 'PostBackAction=Globals&Success=1'));
} else {
$this->PostBackAction = 'Globals';
}
}
}
$this->CallDelegate('Constructor');
}
function LoadData()
{
$this->Reporter = ForceIncomingString("ReporterName", "");
$this->ReporterEmail = ForceIncomingString("ReporterEmail", "");
$this->BugUrl = ForceIncomingString("BugUrl", "");
$this->BugHappenedWhen = ForceIncomingString("BugHappenedWhen", "");
$this->BugDescription = ForceIncomingString("BugDescription", "");
if ($this->IsPostBack) {
if ($this->PostBackAction == "ReportBug") {
// Validate the inputs
Validate($this->Context->GetDefinition("YourNameLower"), 1, $this->Reporter, 100, "", $this->Context);
Validate($this->Context->GetDefinition("YourEmailLower"), 1, $this->ReporterEmail, 200, "(.+)@(.+)\\.(.+)", $this->Context);
Validate($this->Context->GetDefinition("BugUrlLower"), 1, $this->BugUrl, 255, "", $this->Context);
Validate($this->Context->GetDefinition("BugHappenedWhenLower"), 1, $this->BugHappenedWhen, 5000, "", $this->Context);
Validate($this->Context->GetDefinition("BugDescriptionLower"), 1, $this->BugDescription, 5000, "", $this->Context);
$this->PostBackValidated = $this->Context->WarningCollector->Iif();
}
if ($this->PostBackValidated) {
$e = $this->Context->ObjectFactory->NewContextObject($this->Context, "Email");
$e->HtmlOn = 0;
$e->WarningCollector =& $this->Context->WarningCollector;
$e->ErrorManager =& $this->Context->ErrorManager;
$e->AddFrom(agSUPPORT_EMAIL, agSUPPORT_NAME);
$e->AddRecipient(agSUPPORT_EMAIL, agSUPPORT_NAME);
$e->Subject = agAPPLICATION_TITLE . " " . $this->Context->GetDefinition("BugReport");
$e->BodyText = $this->Context->GetDefinition("BugReportSubmitted") . "\r\n" . $this->Context->GetDefinition("UserAgent") . ": " . ForceString(@$_SERVER["HTTP_USER_AGENT"], "") . "\r\n" . $this->Context->GetDefinition("ReporterName") . ": " . $this->Reporter . "\r\n" . $this->Context->GetDefinition("ReporterEmail") . ": " . $this->ReporterEmail . "\r\n" . $this->Context->GetDefinition("BugUrl") . ": " . $this->BugUrl . "\r\n" . $this->Context->GetDefinition("BugHappenedWhen") . ": " . $this->BugHappenedWhen . "\r\n" . $this->Context->GetDefinition("BugDescription") . ": " . $this->BugDescription . "\r\n" . $this->Context->GetDefinition("NoteOnBugsForAdmins");
$e->Send();
}
}
}
function validateData($post, $formdef)
{
// Para cada elemento de data
foreach ($post as $key => $element) {
$post[$key] = Validate($element, $key, getElementDef($formdef, $key));
//Validar
}
$validation['result'] = true;
foreach ($post as $validated) {
if ($validated['result'] === 'notDefined' || $validated['result'] === true) {
$validation['result'] = $validation['result'] && true;
} else {
$validation['result'] = $validation['result'] && false;
$validation['info'] = $post;
}
}
return $validation;
}
function ValidateData($data, $formdef)
{
foreach ($data as $key => $element) {
$data[$key] = Validate($key, $element, getElementDef($formdef, $key));
}
// echo "<pre>";
// print_r($data);
// echo "</pre>";
$validation['result'] = true;
foreach ($data as $validated) {
if ($validated['result'] === 'notDefined' || $validated['result'] === true) {
$validation['result'] = $validation['result'] && true;
} else {
$validation['result'] = $validation['result'] && false;
$validation['info'] = $data;
}
}
return $validation;
}
function ValidateComment(&$Comment, $DiscussionIDRequired = '1')
{
$DiscussionIDRequired = ForceBool($DiscussionIDRequired, 0);
if ($DiscussionIDRequired) {
$Comment->DiscussionID = ForceInt($Comment->DiscussionID, 0);
if ($Comment->DiscussionID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrDiscussionID'));
}
}
// First update the values so they are safe for db input
$Body = FormatStringForDatabaseInput($Comment->Body);
// Instantiate a new validator for each field
Validate($this->Context->GetDefinition('CommentsLower'), 1, $Body, $this->Context->Configuration['MAX_COMMENT_LENGTH'], '', $this->Context);
return $this->Context->WarningCollector->Iif();
}
<link rel="icon" type="image/png" href="images/squirrel.png">
<title>Verify email address</title>
<META http-equiv="refresh" content="10;URL=login.php">
</head>
<body>
<link rel="stylesheet" type="text/css" href="style.css">
<br><br>
<?php
/* ----- setup variables ----- */
$k = GetVariable("k");
/* database connection */
$link = mysql_connect($GLOBALS['db_hostname'], $GLOBALS['cfg']['mysqluser'], $GLOBALS['cfg']['mysqlpassword']) or die("Could not connect: " . mysql_error());
mysql_select_db($GLOBALS['cfg']['mysqldatabase']) or die("Could not select database<br>");
/* validate the key and redirect as necessary */
if (Validate($k)) {
DisplaySuccess();
} else {
DisplayFail();
}
/* -------------------------------------------- */
/* ------- DisplaySuccess --------------------- */
/* -------------------------------------------- */
function DisplaySuccess()
{
?>
<div align="center">
<br><br>
<b>Thank you for activating your NiDB account</b><br>
You may <a href="login.php">login</a>, or wait to be redirected to the login page in 10s
</div>
function SaveDiscussion($Discussion)
{
if (!$this->Context->Session->User->CanPostDiscussion) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionStartDiscussions"));
} else {
// If not editing, and the posted discussion count is less than the
// user's current discussion count, silently skip the posting and
// redirect as if everything is normal.
if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) {
// Silently fail to post the data
// Need to get the user's last posted discussionID and direct them to it
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("Discussion", "d");
$s->AddSelect("DiscussionID", "d");
$s->AddWhere("AuthUserID", $this->Context->Session->UserID, "=");
$s->AddOrderBy("DateCreated", "d", "desc");
$s->AddLimit(0, 1);
$LastDiscussionData = $this->Context->Database->Select($this->Context, $s, $this->Name, "SaveDiscussion", "An error occurred while retrieving your last discussion.");
while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) {
$Discussion->DiscussionID = ForceInt($Row["DiscussionID"], 0);
}
// Make sure we got it
if ($Discussion->DiscussionID == 0) {
$this->Context->ErrorManager->AddError($this->Context, $this->Name, "SaveDiscussion", "Your last discussion could not be found.");
}
} else {
$NewDiscussion = 0;
$OldDiscussion = false;
if ($Discussion->DiscussionID == 0) {
$NewDiscussion = 1;
} else {
$OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID);
}
// Validate the Discussion topic
$Name = FormatStringForDatabaseInput($Discussion->Name);
Validate($this->Context->GetDefinition("DiscussionTopicLower"), 1, $Name, 100, "", $this->Context);
if ($Discussion->CategoryID <= 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrSelectCategory"));
}
// Validate first comment
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
if ($OldDiscussion) {
$Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID;
} else {
$Discussion->Comment->CommentID = 0;
}
$CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "CommentManager");
$CommentManager->ValidateComment($Discussion->Comment, 0);
// Validate the whisperusername
$CommentManager->ValidateWhisperUsername($Discussion);
// If updating, validate that this is admin or the author
if (!$NewDiscussion) {
if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->AdminCategories) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionEditComments"));
}
}
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Discussion->Name = $Name;
}
if ($this->Context->WarningCollector->Iif()) {
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
// Update the user info & check for spam
if ($NewDiscussion) {
$UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "UserManager");
$UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID);
}
// Proceed with the save if there are no warnings
if ($this->Context->WarningCollector->Count() == 0) {
$s->SetMainTable("Discussion");
$s->AddFieldNameValue("Name", $Discussion->Name);
$s->AddFieldNameValue("CategoryID", $Discussion->CategoryID);
if ($NewDiscussion) {
$s->AddFieldNameValue("AuthUserID", $this->Context->Session->UserID);
$s->AddFieldNameValue("DateCreated", MysqlDateTime());
$s->AddFieldNameValue("DateLastactive", MysqlDateTime());
$s->AddFieldNameValue("CountComments", 0);
$s->AddFieldNameValue("WhisperUserID", $Discussion->WhisperUserID);
$Discussion->DiscussionID = $this->Context->Database->Insert($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while creating a new discussion.");
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
} else {
$s->AddWhere("DiscussionID", $Discussion->DiscussionID, "=");
$this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating the discussion.");
}
}
// Now save the associated Comment
if ($Discussion->Comment->DiscussionID > 0) {
$CommentManager->SaveComment($Discussion->Comment, 1);
// Now update the topic table so that we know what the first comment in the discussion was
if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) {
$s->Clear();
$s->SetMainTable("Discussion", "d");
$s->AddFieldNameValue("FirstCommentID", $Discussion->Comment->CommentID);
$s->AddWhere("DiscussionID", $Discussion->Comment->DiscussionID, "=");
$this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating discussion properties.");
}
}
}
}
}
return $this->Context->WarningCollector->Iif($Discussion, false);
}
$row = mysql_fetch_array($res);
$f_payment_date_d = $row["paid_d"];
$f_payment_date_m = $row["paid_m"];
$f_payment_date_y = $row["paid_y"];
if ($f_payment_date_m == 0) $f_payment_date_m = 12;
$f_org_paid = $row["org_paid"];
$f_org_comments = $row["org_comments"];
$year2digit = substr($glob_year,2);
if ( $_POST['form'] )
{
GetFormData();
Validate();
// апдейтим запись в БД
$tresult = mysql_query("UPDATE
`wt_{$glob_year}`
SET
`org_paid` = '$f_org_paid',
`org_paid_date` = '$f_payment_date_y-$f_payment_date_m-$f_payment_date_d',
`org_comments` = '$f_org_comments'
WHERE
`wt_{$glob_year}_id` = ".$_GET["id"]
) or die("<b>Ашыпко:</b> MySQL error: ".mysql_error());
// внесем человека в новый список рассылки
$email = $row["email"];
$letter = ($row["eng"] ? "e" : "r");
function ValidateCategory(&$Category)
{
// First update the values so they are safe for db input
$ValidatedCategory = $Category;
$ValidatedCategory->FormatPropertiesForDatabaseInput();
// Instantiate a new validator for each field
Validate($this->Context->GetDefinition("CategoryNameLower"), 1, $ValidatedCategory->Name, 100, "", $this->Context);
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Category = $ValidatedCategory;
}
return $this->Context->WarningCollector->Iif();
}
function ValidateStyle(&$Style)
{
$ValidatedStyle = $Style;
$ValidatedStyle->FormatPropertiesForDatabaseInput();
Validate($this->Context->GetDefinition("StyleNameLower"), 1, $ValidatedStyle->Name, 50, "", $this->Context);
Validate($this->Context->GetDefinition("StyleUrlLower"), 1, $ValidatedStyle->Url, 255, "", $this->Context);
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Style = $ValidatedStyle;
}
return $this->Context->WarningCollector->Iif();
}
function SaveDiscussion($Discussion)
{
if (!$this->Context->Session->User->Permission('PERMISSION_START_DISCUSSION')) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionStartDiscussions'));
} else {
// If not editing, and the posted discussion count is less than the
// user's current discussion count, silently skip the posting and
// redirect as if everything is normal.
if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) {
// Silently fail to post the data
// Need to get the user's last posted discussionID and direct them to it
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('Discussion', 'd');
$s->AddSelect('DiscussionID', 'd');
$s->AddWhere('c', 'AuthUserID', '', $this->Context->Session->UserID, '=');
$s->AddOrderBy('DateCreated', 'd', 'desc');
$s->AddLimit(0, 1);
$LastDiscussionData = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while retrieving your last discussion.');
while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) {
$Discussion->DiscussionID = ForceInt($Row['DiscussionID'], 0);
}
// Make sure we got it
if ($Discussion->DiscussionID == 0) {
$this->Context->ErrorManager->AddError($this->Context, $this->Name, 'SaveDiscussion', 'Your last discussion could not be found.');
}
} else {
$NewDiscussion = 0;
$OldDiscussion = false;
if ($Discussion->DiscussionID == 0) {
$NewDiscussion = 1;
} else {
$OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID);
}
// Validate the Discussion topic
$Name = FormatStringForDatabaseInput($Discussion->Name);
Validate($this->Context->GetDefinition('DiscussionTopicLower'), 1, $Name, 100, '', $this->Context);
//Validate the category ID and role
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('Category', 'c');
$s->AddSelect('CategoryID', 'c');
$s->AddJoin('CategoryRoleBlock', 'crb', 'CategoryID', 'c', 'CategoryID', 'left join', ' and crb.' . $this->Context->DatabaseColumns['CategoryRoleBlock']['RoleID'] . ' = ' . $this->Context->Session->User->RoleID);
$s->AddWhere('crb', 'Blocked', '', '0', '=', 'and', '', 1, 1);
$s->AddWhere('crb', 'Blocked', '', '0', '=', 'or', '', 0, 0);
$s->AddWhere('crb', 'Blocked', '', 'null', 'is', 'or', '', 0, 0);
$s->AddWhere('c', 'CategoryID', '', $Discussion->CategoryID, '=', 'and');
$s->EndWhereGroup();
$CategoryAllowed = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while validating category permissions.');
if ($this->Context->Database->RowCount($CategoryAllowed) < 1) {
$Discussion->CategoryID = 0;
}
if ($Discussion->CategoryID <= 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrSelectCategory'));
}
// Validate first comment
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
if ($OldDiscussion) {
$Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID;
} else {
$Discussion->Comment->CommentID = 0;
}
$CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'CommentManager');
$CommentManager->ValidateComment($Discussion->Comment, 0);
// Validate the whisperusername
$CommentManager->ValidateWhisperUsername($Discussion);
// If updating, validate that this is admin or the author
if (!$NewDiscussion) {
if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->Permission('PERMISSION_EDIT_DISCUSSIONS')) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionEditComments'));
}
}
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Discussion->Name = $Name;
}
if ($this->Context->WarningCollector->Iif()) {
$s->Clear();
// Update the user info & check for spam
if ($NewDiscussion) {
$UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager');
$UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID);
}
// Proceed with the save if there are no warnings
if ($this->Context->WarningCollector->Count() == 0) {
$this->DelegateParameters['SqlBuilder'] =& $s;
$this->CallDelegate('PreSaveDiscussion');
$s->SetMainTable('Discussion', 'd');
$s->AddFieldNameValue('Name', $Discussion->Name);
$s->AddFieldNameValue('CategoryID', $Discussion->CategoryID);
if ($NewDiscussion) {
$s->AddFieldNameValue('AuthUserID', $this->Context->Session->UserID);
$s->AddFieldNameValue('DateCreated', MysqlDateTime());
$s->AddFieldNameValue('DateLastActive', MysqlDateTime());
$s->AddFieldNameValue('CountComments', 0);
$s->AddFieldNameValue('WhisperUserID', $Discussion->WhisperUserID);
if ($Discussion->WhisperUserID != '0') {
$s->AddFieldNameValue('DateLastWhisper', MysqlDateTime());
}
$Discussion->DiscussionID = $this->Context->Database->Insert($s, $this->Name, 'NewDiscussion', 'An error occurred while creating a new discussion.');
$Discussion->Comment->DiscussionID = $Discussion->DiscussionID;
} else {
$s->AddWhere('d', 'DiscussionID', '', $Discussion->DiscussionID, '=');
$this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating the discussion.');
}
}
// Now save the associated Comment
if ($Discussion->Comment->DiscussionID > 0) {
$CommentManager->SaveComment($Discussion->Comment, 1);
// Now update the topic table so that we know what the first comment in the discussion was
if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) {
$s->Clear();
$s->SetMainTable('Discussion', 'd');
$s->AddFieldNameValue('FirstCommentID', $Discussion->Comment->CommentID);
$s->AddWhere('d', 'DiscussionID', '', $Discussion->Comment->DiscussionID, '=');
$this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating discussion properties.');
}
}
}
}
}
return $this->Context->WarningCollector->Iif($Discussion, false);
}
function SaveFamilyData($family)
{
global $familyXmlFile, $dataDir;
VerifyPassword();
Validate($family);
$bakFile = $dataDir . "/xml/bak/Brotherus-" . date("Y-m-d", filemtime($familyXmlFile)) . ".xml";
if (!copy($familyXmlFile, $bakFile)) {
die("failed to make backup");
}
$family->save($familyXmlFile);
trace("Family xml saved to file");
}
function ValidateEmail($mail, $email)
{
global $msg;
if (!$mail->ValidateAddress($email)) {
$msg = 'You must specify a valid email address.';
return false;
}
return true;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = trim($_POST['name']);
$phone = trim($_POST['phone']);
$email = trim($_POST['email']);
$message = trim($_POST['message']);
$data = array();
if (Validate($name, $phone, $email, $message)) {
require_once 'inc/phpmailer.php';
$mail = new PHPMailer();
if (ValidateEmail($mail, $email)) {
$email_body = '';
$email_body = $email_body . 'Name: ' . $name . '<br>';
$email_body = $email_body . 'Phone: ' . $phone . '<br>';
$email_body = $email_body . 'Email: ' . $email . '<br>';
$email_body = $email_body . 'Message: ' . $message . '<br>';
$mail->isSMTP();
$mail->Host = 'smtp.sendgrid.net';
$mail->SMTPAuth = true;
$mail->Username = SD_USERNAME;
$mail->Password = SD_PASSWORD;
$mail->SMTPSecure = 'tls';
$mail->Port = 587;
/**
* Apply validation to update.
*/
protected function updateValidate()
{
Validate()->actor($this)->obj($this->update->obj())->data($this->update->data())->rules($this->update->rules())->run();
}
session_destroy();
$s->expire();
} elseif ($act == "timeout") {
$USERID = $s->data['UserID'];
$msg = "Sesión cerrada por tiempo inactividad";
conectado(0, $USERID, $s->data['UserNom']);
logger($USERID, $msg);
session_unset();
session_destroy();
$s->expire();
}
if (isset($_POST['method'])) {
/*
Form was submitted, let's validate and test authentication.
*/
if (Validate()) {
/*/echo "validando<br>";*/
if (Auth()) {
/*/echo "autorizando<br>";*/
/*
Use the session to "remember" that the user is logged in already.*/
$s->data['logged_in'] = true;
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
for ($x = 1; $x <= 255; $x++) {
$tmp = "192.168.1." . $x;
function ValidateRole(&$Role)
{
$ValidatedRole = $Role;
$ValidatedRole->FormatPropertiesForDatabaseInput();
Validate($this->Context->GetDefinition('RoleNameLower'), 1, $ValidatedRole->RoleName, 100, '', $this->Context);
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$Role = $ValidatedRole;
}
return $this->Context->WarningCollector->Iif();
}
/**
* captcha_page_start()
* check/validate captcha confirmation code [user input] for each page
*
* @return
*/
function captcha_page_start()
{
global $lang_continue, $lang_error, $lang_plugin_captcha_conf, $CONFIG, $CAPTCHA_DISABLE, $CAPTCHA_TIMEOUT;
/* Setting Options */
/**
* Enable/Disable array
*
* Set which group should NOT see Captcha on each page
* ''=> Captcha Enable for all users
* COppermine Standard Group Name:
* Administrators,Registered,Guests,Banned
* You can add your custome group name too
* Seprated by ','
*/
$CAPTCHA_DISABLE = array('login' => 'Administrators,Registered,Guests', 'register' => 'Administrators,Registered', 'comment' => 'Administrators,Registered', 'report' => 'Administrators', 'ecard' => 'Administrators');
$CAPTCHA_TIMEOUT = 300;
// How many sec should passed before we remove the code from database
require 'plugins/captcha/include/init.inc.php';
require 'plugins/captcha/include/captcha.class.php';
switch ($_SERVER['PHP_SELF']) {
case 'login.php':
$valid_groups = explode(',', $CAPTCHA_DISABLE['login']);
if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['login'] == '') {
if (isset($_POST['submitted']) and !Validate($_POST['confirmCode'])) {
load_template();
pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=login.php\">");
msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, 'login.php');
pagefooter();
exit;
}
}
break;
case 'register.php':
$valid_groups = explode(',', $CAPTCHA_DISABLE['register']);
if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['register'] == '') {
if (isset($_POST['submit']) and !Validate($_POST['confirmCode'])) {
load_template();
pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=register.php\">");
msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, 'register.php');
pagefooter();
exit;
}
}
break;
case 'db_input.php':
$valid_groups = explode(',', $CAPTCHA_DISABLE['comment']);
if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['comment'] == '') {
if (isset($_POST['msg_body']) and !Validate($_POST['confirmCode'])) {
load_template();
pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=displayimage.php?pos=" . -$_POST['pid'] . "\">");
msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, "displayimage.php?pos=" . -$_POST['pid']);
pagefooter();
exit;
}
}
break;
case 'report_file.php':
$valid_groups = explode(',', $CAPTCHA_DISABLE['report']);
if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['report'] == '') {
if (count($_POST) > 0 and !Validate($_POST['confirmCode'])) {
load_template();
pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=report_file.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}\">");
msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, "report_file.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}");
pagefooter();
exit;
}
}
break;
case 'ecard.php':
$valid_groups = explode(',', $CAPTCHA_DISABLE['ecard']);
if (!in_array(USER_GROUP, $valid_groups) or $CAPTCHA_DISABLE['ecard'] == '') {
if (count($_POST) > 0 and !Validate($_POST['confirmCode'])) {
load_template();
pageheader($lang_error, "<META http-equiv=\"refresh\" content=\"3;url=ecard.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}\">");
msg_box($lang_error, "{$lang_plugin_captcha_error}", $lang_continue, "ecard.php?album={$_GET['album']}&pid={$_GET['pid']}&pos={$_GET['pos']}");
pagefooter();
exit;
}
}
break;
default:
}
// switch
}
/**
* Apply validation to create.
*/
protected function createValidate()
{
Validate()->actor($this)->data($this->create->data())->rules($this->create->rules())->run();
}
function ValidateUser(&$User)
{
// First update the values so they are safe for db input
$SafeUser = clone $User;
$SafeUser->FormatPropertiesForDatabaseInput();
// Instantiate a new validator for each field
if ($this->Context->Configuration['ALLOW_NAME_CHANGE'] == '1') {
Validate($this->Context->GetDefinition('UsernameLower'), 1, $SafeUser->Name, 20, '', $this->Context);
// Ensure the username isn't taken already
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddSelect('UserID', 'u');
$s->AddWhere('u', 'Name', '', $SafeUser->Name, '=');
if ($User->UserID > 0) {
$s->AddWhere('u', 'UserID', '', $User->UserID, '<>');
}
$MatchCount = 0;
$result = $this->Context->Database->Select($s, $this->Name, 'ValidateUser', 'A fatal error occurred while validating your input.');
$MatchCount = $this->Context->Database->RowCount($result);
if ($MatchCount > 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrUsernameTaken'));
}
}
if ($this->Context->Configuration['ALLOW_EMAIL_CHANGE'] == '1') {
Validate($this->Context->GetDefinition('EmailLower'), 1, $SafeUser->Email, 200, '^([A-Z0-9+_-][A-Z0-9+_.-]{0,63})@(([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})|([A-Z0-9][A-Z0-9.-]{0,244}\\.[A-Z]{2,10}))$', $this->Context);
}
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$User = $SafeUser;
}
return $this->Context->WarningCollector->Iif();
}
function ValidateUser(&$User)
{
// First update the values so they are safe for db input
$SafeUser = $User;
$SafeUser->FormatPropertiesForDatabaseInput();
// Instantiate a new validator for each field
Validate($this->Context->GetDefinition("FirstNameLower"), 1, $SafeUser->FirstName, 20, "", $this->Context);
Validate($this->Context->GetDefinition("LastNameLower"), 1, $SafeUser->LastName, 20, "", $this->Context);
if (agALLOW_NAME_CHANGE == "1") {
Validate($this->Context->GetDefinition("UsernameLower"), 1, $SafeUser->Name, 20, "", $this->Context);
}
Validate($this->Context->GetDefinition("EmailLower"), 1, $SafeUser->Email, 200, "(.+)@(.+)\\.(.+)", $this->Context);
// Ensure the username isn't taken already
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("User", "u");
$s->AddSelect("UserID", "u");
$s->AddWhere("Name", $SafeUser->Name, "=");
if ($User->UserID > 0) {
$s->AddWhere("UserID", $User->UserID, "<>");
}
$MatchCount = 0;
$result = $this->Context->Database->Select($this->Context, $s, $this->Name, "ValidateUser", "A fatal error occurred while validating your input.");
$MatchCount = $this->Context->Database->RowCount($result);
if ($MatchCount > 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrUsernameTaken"));
}
// If validation was successful, then reset the properties to db safe values for saving
if ($this->Context->WarningCollector->Count() == 0) {
$User = $SafeUser;
}
return $this->Context->WarningCollector->Iif();
}