/**
* Loops through the blocks and displays them nicely using the theme template
*
* @version 1.0
* @since 1.0
* @author Daniel Noel-Davies
*
* @param array $blocks Collection of blocks
*
*/
private function displayPortlets($blocks)
{
$objTPL = Core_Classes_coreObj::getTPL();
$objTPL->set_filenames(array('block_notices' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl'));
$rowCount = 12;
foreach ($blocks as $title => $block) {
$block['COL'] = (int) doArgs('COL', 12, $block);
$objTPL->assign_block_vars('block', array('TITLE' => $title, 'CONTENT' => dump($rowCount, 'RowCount') . dump($block, 'block'), 'ICON' => 'icon-' . doArgs('ICON', null, $block)));
// If there are no blocks in the row, Start new row
if ($rowCount === 12) {
$objTPL->assign_block_vars('block.start_row', array());
// If there is no space for the current block, end the current div above everything, and start a new one
} else {
if ($rowCount - $block['COL'] < 0) {
$objTPL->assign_block_vars('block.start_row', array());
$objTPL->assign_block_vars('block.pre_end_row', array());
}
}
// If, after everything, we are at 0, end the current block, and reset the row count
$rowCount -= $block['COL'];
if ($rowCount <= 0) {
$objTPL->assign_block_vars('block.end_row', array());
$rowCount = 12;
}
$objTPL->assign_block_vars('block.' . doArgs('COL', '12', $block) / 4 . 'col', array());
$objTPL->assign_vars(array('BLOCKS' => $objTPL->get_html('block_notices')));
}
}
function menu_affiliates($args)
{
if (defined('NO_DB')) {
return;
}
global $objTPL, $objSQL;
$settings = array('limit' => doArgs('limit', 6, $args), 'perRow' => doArgs('limit', 2, $args));
//grab the table
$table = $objSQL->getTable('SELECT * FROM `$Paffiliates` WHERE active = 1 AND showOnMenu = 1 ORDER BY rand() LIMIT %d;', array($settings['limit']));
if ($table === NULL) {
return 'Error: Could not query Affiliates.';
}
if (is_empty($table)) {
return 'Error: No Affiliates in the database active.';
}
$return = NULL;
$counter = 1;
foreach ($table as $a) {
$title = secureMe($a['title']) . '
In: ' . $a['in'] . ' | Out: ' . $a['out'];
$return .= '<a href="/' . root() . 'affiliates.php?out&id=' . $a['id'] . '" title="' . $title . '" target="_blank" rel="nofollow"><img src="' . $a['img'] . '" alt="' . $title . '" /></a>';
if ($counter % $settings['perRow'] == 0) {
$return .= '<br />';
}
$counter++;
}
return '<center>' . $return . '</center>';
}
function menu_forum_users($args)
{
global $objCore;
$limit = doArgs('limit', 5, $args);
$objCore->objTPL->set_filenames(array($args['uniqueId'] => 'modules/forum/template/block_forum.tpl'));
$users = $objCore->objSQL->getTable('SELECT u.id, COUNT(DISTINCT p.id) AS count
FROM `$Pusers` u, `$Pforum_posts` p, `$Pforum_threads` t, `$Pforum_cats` c
WHERE p.author = u.id AND p.thread_id = t.id AND t.cat_id = c.id AND c.postcounts = 1
GROUP BY u.id
ORDER BY count DESC
LIMIT %d', array($limit));
if (!$users) {
$objCore->objTPL->assign_block_vars('error', array('MESSAGE' => langVar('L_ERROR')));
return $objCore->objTPL->get_html($args['uniqueId']);
}
$opened = round((time() - $objCore->config('statistics', 'site_opened')) / 86400);
$j = 0;
foreach ($users as $user) {
$objCore->objTPL->assign_block_vars('userRow', array('ID' => $objCore->objUser->getUserInfo($user['id'], 'id'), 'USERNAME' => $objCore->objUser->profile($user['id']), 'COUNT' => $user['count'], 'PER_DAY' => langVar('L_PER_DAY', round(sprintf('%.2f', $user['count'] / $opened), 0)), 'CLASS' => $j % 2 == 0 ? 'row_color2' : 'row_color1'));
$j++;
}
//reset the block var so the data dosent creep into the other templates
$return = $objCore->objTPL->get_html($args['uniqueId']);
$objCore->objTPL->reset_block_vars('userRow');
return $return;
}
/**
* Sets up a new MySQL Class
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param array $config
*
* @return bool
*/
public function __construct($config = array())
{
if (is_empty($config)) {
return false;
}
$this->db = array('host' => doArgs('host', '', $config), 'username' => doArgs('username', '', $config), 'password' => doArgs('password', '', $config), 'database' => doArgs('database', '', $config), 'prefix' => doArgs('prefix', '', $config));
return true;
}
/**
* Add a new user to the system
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function add()
{
$objSQL = Core_Classes_coreObj::getDBO();
$objTPL = Core_Classes_coreObj::getTPL();
$objTime = Core_Classes_coreObj::getTime();
Core_Classes_coreObj::getPage()->addBreadcrumbs(array(array('url' => doArgs('REQUEST_URI', '', $_SERVER), 'name' => 'Add User')));
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/users/add.tpl'));
$objTPL->parse('panel', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Add User', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'faicon-user')));
}
/**
* Generates a form for the site configuration
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function siteConfig()
{
Core_Classes_coreObj::getPage()->addBreadcrumbs(array(array('url' => doArgs('REQUEST_URI', '', $_SERVER), 'name' => 'Site Config')));
$objForm = Core_Classes_coreObj::getForm();
$objTPL = Core_Classes_coreObj::getTPL();
$yn = array(1 => langVar('L_YES'), 0 => langVar('L_NO'));
$fields = array(langVar('L_SITE_CONFIG') => '_header_', langVar('L_SITE_TITLE') => $objForm->inputbox('title', 'text', $this->config('site', 'title')), langVar('L_SITE_SLOGAN') => $objForm->inputbox('slogan', 'text', $this->config('site', 'slogan')), langVar('L_ADMIN_EMAIL') => $objForm->inputbox('admin_email', 'text', $this->config('site', 'admin_email')), langVar('L_GANALYTICS') => $objForm->inputbox('google_analytics', 'input', $this->config('site', 'google_analytics')), langVar('L_CUSTOMIZE') => '_header_', langVar('L_THEME_OVERRIDE') => $objForm->radio('theme_override', $yn, $this->config('site', 'theme_override')), langVar('L_SITE_TZ') => $timezone, langVar('L_DST') => $objForm->radio('dst', $yn, $this->config('time', 'dst')), langVar('L_DEF_DATE_FORMAT') => $objForm->inputbox('default_format', 'input', $this->config('time', 'default_format')));
$form = $objForm->outputForm(array('FORM_START' => $objForm->start('panel', array('method' => 'POST', 'action' => $saveUrl, 'class' => 'form-horizontal')), 'FORM_END' => $objForm->finish(), 'FORM_TITLE' => $mod_name, 'FORM_SUBMIT' => $objForm->button('submit', 'Submit', array('class' => 'btn-primary')), 'FORM_RESET' => $objForm->button('reset', 'Reset'), 'HIDDEN' => $objForm->inputbox('sessid', 'hidden', $sessid) . $objForm->inputbox('id', 'hidden', $uid)), array('field' => $fields, 'desc' => array(langVar('L_INDEX_MODULE') => langVar('L_DESC_IMODULE'), langVar('L_SITE_TZ') => langVar('L_DESC_SITE_TZ'), langVar('L_DEF_DATE_FORMAT') => langVar('L_DESC_DEF_DATE'), langVar('L_DEF_THEME') => langVar('L_DESC_DEF_THEME'), langVar('L_THEME_OVERRIDE') => langVar('L_DESC_THEME_OVERRIDE'), langVar('L_ALLOW_REGISTER') => langVar('L_DESC_ALLOW_REGISTER'), langVar('L_EMAIL_ACTIVATE') => langVar('L_DESC_EMAIL_ACTIVATE'), langVar('L_MAX_LOGIN_TRIES') => langVar('L_DESC_MAX_LOGIN'), langVar('L_REMME') => langVar('L_DESC_REMME'), langVar('L_GANALYTICS') => langVar('L_DESC_GANALYTICS')), 'errors' => $_SESSION['site']['panel']['error']), array('header' => '<h4>%s</h4>', 'dedicatedHeader' => true, 'parseDesc' => true));
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Site Configuration', 'CONTENT' => $form, 'ICON' => 'fa-icon-user')));
}
public function login_process()
{
$objUser = Core_Classes_coreObj::getUser();
$objLogin = Core_Classes_coreObj::getLogin();
$objPage = Core_Classes_coreObj::getPage();
if ($objLogin->process() !== true) {
$this->login_form();
return;
}
$objPage->redirect(doArgs('referer', '/' . root(), $_SESSION['login']), 0);
}
function __construct($name = '', $args = array())
{
$args = array('useCache' => doArgs('useCache', false, $args), 'cacheDir' => doArgs('cacheDir', '', $args), 'root' => doArgs('root', '.', $args));
if (!$this->set_rootdir($args['root'])) {
trigger_error('Error: Unable to find template root directory', E_USER_ERROR);
}
$this->use_cache = $args['useCache'];
if ($this->use_cache) {
if (is_dir($args['cacheDir']) && is_writeable($args['cacheDir'])) {
$this->cache_directory = $args['cacheDir'];
} else {
$this->cache_directory = $args['root'] . '/cache/template/';
}
}
}
/**
* Sets up a new SQL Class
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param array $config
*
* @return bool
*/
public function __construct($name = null, $options = array())
{
$this->driver = @end(explode('_', $this->getClassName()));
$this->dbSettings = array('driver' => doArgs('driver', '', $options), 'host' => doArgs('host', '', $options), 'port' => doArgs('port', '', $options), 'username' => doArgs('username', '', $options), 'password' => doArgs('password', '', $options), 'database' => doArgs('database', '', $options), 'prefix' => doArgs('prefix', '', $options), 'persistent' => doArgs('persistent', false, $options), 'debug' => doArgs('debug', false, $options), 'logging' => doArgs('logging', false, $options));
if ($this->dbSettings['driver'] == 'pdo' && !class_exists('PDO', false)) {
trigger_error('Error: You have selected to use PDO, the interface for this Driver dosen\'t exist.', E_USER_ERROR);
}
if ($this->dbSettings['driver'] == 'mysqli' && (!class_exists('Core_Drivers_mysqli', false) || !class_exists('mysqli', false))) {
trigger_error('Error: You have selected to use MySQLi, the interface for this Driver dosen\'t exist.', E_USER_ERROR);
}
if ($this->dbSettings['driver'] == 'mysql' && (!class_exists('Core_Drivers_mysql', false) || !function_exists('mysql_connect'))) {
trigger_error('Error: You have selected to use MySQL, the interface for this Driver dosen\'t exist.', E_USER_ERROR);
}
return false;
}
function __construct($args = array())
{
$args = array('useCache' => doArgs('useCache', false, $args), 'cacheDir' => doArgs('cacheDir', '', $args), 'root' => doArgs('root', '.', $args));
if (!$this->set_rootdir($args['root'])) {
msgDie('FAIL', 'Unable to find template root directory: ' . $args['root'] . ' @ Line ' . __LINE__);
}
$this->use_cache = $args['useCache'];
if ($this->use_cache) {
if (is_dir($args['cacheDir']) && is_writeable($args['cacheDir'])) {
$this->cache_directory = $args['cacheDir'];
} else {
$this->cache_directory = $args['root'] . '/cache/template/';
}
}
}
public function __construct($instance, $total_per_page, $total_items = 0)
{
$this->instance = $instance;
$this->total_per_page = $total_per_page;
$this->total_items = $total_items;
//calculate some more basic vars
$this->total_pages = ceil($total_items / $total_per_page);
$this->current_page = doArgs($instance, 1, $_GET, 'is_number');
//check that the current page is not over the max pages
if ($this->current_page > $this->total_pages) {
$this->current_page = $this->total_pages;
}
//check that the current page is not below 0
if ($this->current_page < 1) {
$this->current_page = 1;
}
}
function _geshiHighlight($content, $language = '')
{
$langauge = is_empty($language) ? 'text' : strtolower($language);
$langInfo = grabLangInfo($language);
$ext = doArgs('ext', null, $langInfo);
$language = doArgs('lang', null, $langInfo);
$geshiExt = doArgs('geshi', null, $langInfo);
if (is_empty($content)) {
return false;
}
$content = trim($content);
$content = htmlspecialchars_decode($content, ENT_NOQUOTES);
$geshi = Core_Classes_coreObj::getLib('GeSHi', array($content, $geshiExt));
$geshi->set_header_type(GESHI_HEADER_PRE);
$geshi->enable_line_numbers(GESHI_FANCY_LINE_NUMBERS, 5);
$content = $geshi->parse_code();
return "\n<div class=\"markdown_code\">\n<div class=\"markdown_code_body\">" . $content . "</div>\n</div>\n";
}
/**
* Outputs a table with currently detected themes in
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function themes()
{
$objForm = Core_Classes_coreObj::getForm();
$objTPL = Core_Classes_coreObj::getTPL();
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'table' => cmsROOT . 'modules/core/views/admin/themes/manageTable.tpl'));
$dir = cmsROOT . 'themes';
$tpls = getFiles($dir);
//echo dump($tpls);
foreach ($tpls as $tpl) {
if ($tpl['type'] !== 'dir') {
continue;
}
$tplName = secureMe($tpl['name'], 'alphanum');
$details = $this->getDetails($tplName);
//echo dump($details, $tplName);
$objTPL->assign_block_vars('theme', array('NAME' => doArgs('name', 'N/A', $details), 'VERSION' => doArgs('version', '0.0', $details), 'ENABLED' => 'true', 'COUNT' => '9001', 'MODE' => doArgs('mode', 'N/A', $details), 'AUTHOR' => doArgs('author', 'N/A', $details)));
}
$objTPL->parse('table', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Theme Management', 'CONTENT' => $objTPL->get_html('table', false), 'ICON' => 'fa-icon-user')));
}
/**
* Grabs all avalible comments for the requested module and id
*
* @version 1.0
* @since 1.0.0
* @author Richard Clifford, Dan Aldridge
*
* @param string $tplVar
*/
function getComments($tplVar)
{
$objTPL = coreObj::getTPL();
$objUser = coreObj::getUser();
$objSQL = coreObj::getDBO();
//set the template for the comments
$objTPL->set_filenames(array('comments' => 'modules/core/template/comments/viewComments.tpl'));
if (User::$IS_ONLINE) {
$dontShow = false;
switch ($_GET['mode']) {
case 'postComment':
if (HTTP_POST) {
if (doArgs('comment_' . $this->getVar('module_id'), false, $_SESSION[$this->module]) != $_POST['sessid']) {
trigger_error('Error: Cant remember where you were posting to.');
} else {
$comment = $this->insertComment($this->getVar('module'), $this->getVar('module_id'), $objUser->grab('id'), $_POST['comment']);
if (!$comment) {
trigger_error('Error: Your comment wasnt posted, please try again.');
}
unset($_SESSION[$module]);
}
$dontShow = true;
}
break;
case 'ajPostComment':
if (HTTP_AJAX && HTTP_POST) {
if (doArgs('comment_' . $this->getVar('module_id'), false, $_SESSION[$this->getVar('module')]) != $_POST['sessid']) {
die('1 <script>console.log(' . json_encode(array('comment_' . $this->getVar('module_id'), $_SESSION[$this->getVar('module')], $_POST['sessid'], $_POST)) . ');</script>');
} else {
$comment = $this->insertComment($this->getVar('module'), $this->getVar('module_id'), $objUser->grab('id'), $_POST['comment']);
if (!$comment) {
die('0');
}
echo $this->getLastComment($comment);
}
exit;
}
break;
case 'deleteComment':
$id = doArgs('id', 0, $_GET, 'is_number');
$query = $objSQL->queryBuilder()->select('*')->from('#__comments')->where('id', '=', $id)->build();
$comment = $objSQL->query($query);
if (!$comment) {
msg('FAIL', 'Error: Comment not found.', '_ERROR');
break;
}
//check if user has perms
if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($objUser->grab('id') == $comments['author'] || $objUser->grab('id') == $this->getVar('author_id'))) {
//do teh the delete
$log = 'Comments System: ' . $objUser->profile($objUser->grab('id'), RAW) . ' deleted comment from <a href="' . $this->aURL[1] . '">this</a>.';
$deleteQuery = $objSQL->queryBuilder()->deleteFrom('#__comments')->where('id', '=', $id)->build();
$delete = $objSQL->query($deleteQuery);
if (!$delete) {
trigger_error('Error: The comment was not deleted.');
} else {
msg('INFO', 'The comment was successfully deleted.');
}
}
break;
case 'ajDelComment':
if (HTTP_AJAX && HTTP_POST) {
$id = doArgs('id', 0, $_GET, 'is_number');
$commentQuery = $objSQL->queryBuilder()->select('*')->from('#__comments')->where('id', '=', $id)->build();
$comment = $objSQL->fetchLine($commentQuery);
if (!$comment) {
die('-1');
}
//check if user has perms
if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($objUser->grab('id') == $comments['author'] || $objUser->grab('id') == $this->getVar('author_id'))) {
//do teh the delete
$log = 'Comments System: ' . $this->objUser->profile($this->objUser->grab('id'), RAW) . ' deleted comment from <a href="' . $this->aURL[1] . '">this</a>.';
$deleteQuery = $objSQL->queryBuilder()->deleteFrom('#__comments')->where('id', '=', $id)->build();
$delete = $objSQL->query($deleteQuery);
die(!$delete ? '0' : '1');
}
} else {
die('-1');
}
die('0');
break;
}
//make sure the submit form only shows when we want it to
if (!$dontShow) {
$this->makeSubmitForm();
}
}
//get a comments count for this module and id
$commentsCount = $this->getCount();
// TODO: fix the pagination
echo dump($this->getCount(), 'GetCount');
$comPagniation = coreObj::getPagination('commentsPage', $this->perPage, $commentsCount);
//check to see if we have a positive number
if ($commentsCount) {
//now lets actually grab the comments
$commentDataQuery = $objSQL->queryBuilder()->select('*')->from('#__comments')->where(sprintf('module = "%s" AND module_id = %d ', $this->getVar('module'), $this->getVar('module_id')))->limit($comPagination->getSqlLimit())->build();
$commentsData = $objSQL->fetchAll($commentDataQuery);
if (!$commentsData) {
//something went wrong
trigger_error('Error loading comments.');
} else {
$objTPL->assign_var('COM_PAGINATION', $comPagination->getPagination());
$i = 0;
//assign the comments to the template
foreach ($commentsData as $comments) {
$objTPL->assign_block_vars('comment', array('ID' => $comments['id'], 'cID' => 'comment-' . $comments['id'], 'ROW' => $i % 2 ? 'row_color2' : 'row_color1', 'ALT_ROW' => $i % 2 ? 'row_color1' : 'row_color2', 'AUTHOR' => $this->objUser->profile($comments['author']), 'POSTED' => $this->objTime->mk_time($comments['timestamp']), 'POST' => contentParse($comments['comment'])));
if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($objUser->grab('id') == $comments['author'] || $objUser->grab('id') == $this->getVar('author_id'))) {
$this->objTPL->assign_block_vars('comment.functions', array('URL' => $this->aURL[0] . '?mode=deleteComment&id=' . $comments['id']));
}
$i++;
}
}
} else {
//we have no comments so output a msg box saying so
msg('INFO', 'No Comments.', '_ERROR');
}
//and then output the comments to the parent template
$this->objTPL->assign_var_from_handle($tplVar, 'comments');
}
/**
* Returns permission state for given user and group
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param int $uid UserID
* @param int $group GUEST, USER, MOD, or ADMIN
*
* @return bool True/False on successful check, -1 on unknown group
*/
public function checkPermissions($uid, $group = 0)
{
$group = (int) $group;
//make sure we have a group to check against
if (is_empty($group) || $group == 0 || $group == GUEST) {
return true;
}
//check to see whether we have a user id to check against..
if (is_empty($uid)) {
return false;
}
//grab the user level if possible
$userlevel = GUEST;
if (self::$IS_ONLINE) {
$userlevel = $this->getUserInfo($uid, 'userlevel');
}
//see which group we are checking for
switch ($group) {
case GUEST:
if (!self::$IS_ONLINE) {
return true;
}
break;
case USER:
if (self::$IS_ONLINE) {
return true;
}
break;
case MOD:
if ($userlevel == MOD) {
return true;
}
break;
case ADMIN:
if ($userlevel == ADMIN) {
if (LOCALHOST) {
return true;
}
if (doArgs('adminAuth', false, $_SESSION['acp'])) {
return true;
}
}
break;
//no idea what they tried to check for, so we'll return something unexpected too
//no idea what they tried to check for, so we'll return something unexpected too
default:
return -1;
break;
}
//if we are an admin then give them mod powers regardless
if (($group == MOD || $group == USER) && $userlevel == ADMIN) {
return true;
}
//apparently the checks didnt return true, so we'll go for false
return false;
}
* this reverses that, so anything passed to the page via _GET is
* usable as normal
*/
$url = explode('?', $_SERVER['REQUEST_URI']);
if (isset($url[1])) {
//backup the _GET array parse_str overwrites the $_GET array
$GET = $_GET;
//parse the _GET vars from the url
parse_str($url[1], $_GET);
//and merge away :D
$_GET = array_merge($GET, $_GET);
}
$mode = doArgs('__mode', null, $_GET);
$module = doArgs('__module', null, $_GET);
$action = doArgs('__action', null, $_GET);
$extra = doArgs('__extra', null, $_GET);
if (!preg_match('#install($|/)#i', $action)) {
if (!empty($module) && $objCore->loadModule($module, true)) {
$objModule = new $module($objCore);
$objModule->doAction($action);
} else {
$objCore->throwHTTP(404);
}
} else {
$objCore->autoLoadModule('core', $objModule);
$objModule->installModule($module);
}
$tplMode = $objPage->getVar('tplMode');
$objPage->showHeader(!$tplMode && !isset($_GET['ajax']) ? false : true);
if ($__eval = $objTPL->output('body')) {
msgDie('FAIL', 'No output received from module.');
public function __construct($args = array())
{
$this->cacheToggle = doArgs('useCache', false, $args);
$this->cacheDir = doArgs('cacheDir', '', $args);
$this->fileTpl = cmsROOT . 'cache/cache_%s.php';
}
/**
* Logs the user out
*
* @version 1.0
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @param string $check The user code to verify
*/
public function logout($check)
{
$objSQL = Core_Classes_coreObj::getDBO();
$objUser = Core_Classes_coreObj::getUser();
$objTime = Core_Classes_coreObj::getTime();
$objPage = Core_Classes_coreObj::getPage();
if (!is_empty($check) && $check == $objUser->grab('usercode')) {
$objUser->update($objUser->grab('id'), array('autologin' => '0'));
$objSQL->deleteRow('online', array('userkey = "%s"', $_SESSION['user']['userkey']));
unset($_SESSION['user']);
if (isset($_COOKIE['login'])) {
setCookie('login', '', $objTime->mod_time(time(), 0, 0, 24 * 365 * 10 * 1000 * 1000, 'MINUS'));
unset($_COOKIE['login']);
}
session_destroy();
if (isset($_COOKIE[session_name()])) {
setCookie(session_name(), '', time() - 42000);
}
$objPage->redirect(doArgs('HTTP_REFERER', '/' . root(), $_SERVER), 0);
} else {
$objPage->redirect('/' . root(), 0);
msgDie('FAIL', 'You\'ve Unsuccessfully attempted to logout.<br />Please use the correct procedures.');
}
}
/**
* The constructor of the cache class
*
* @version 1.0.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param string $name
* @param array $args
*/
public function __construct($name = '', $args = array())
{
$this->setVars(array('cacheToggle' => doArgs('useCache', false, $args), 'cacheDir' => doArgs('cacheDir', '', $args), 'fileTpl' => cmsROOT . 'cache/cache_%s.php'));
}
public function outputForm($vars, $elements, $options = array())
{
//echo dump($elements);
//make sure we have something to use before continuing
if (is_empty($elements)) {
$this->setError('Nothing to output');
return false;
}
if (!isset($elements['field']) || is_empty($elements['field'])) {
$this->setError('Fields are blank or undetectable, make sure they are set using \'field\' key.');
return false;
}
//init the template, give it a rand id to stop it clashing with anything else
$randID = inBetween('name="', '"', $vars['FORM_START']);
$this->objTPL->set_filenames(array('form_body_' . $randID => 'modules/core/template/outputForm.tpl'));
if (!doArgs('border', true, $options)) {
$vars['EXTRA'] = ' class="noBorder"';
}
if (doArgs('id', false, $options)) {
$vars['SECTION_ID'] = doArgs('id', null, $options);
}
$dediHeader = doArgs('dedicatedHeader', false, $options);
$this->objTPL->assign_vars($vars);
$this->objTPL->reset_block_vars('form_error');
if (isset($elements['errors']) && !is_empty($elements['errors'])) {
$this->objTPL->assign_block_vars('form_error', array('ERROR_MSG' => implode('<br />', $elements['errors'])));
}
$count = 0;
$this->objTPL->reset_block_vars('field');
//loop thru each element
foreach ($elements['field'] as $label => $field) {
if (is_empty($field)) {
continue;
}
$formVars = array();
//grab the description before we play with the $label
$desc = $elements['desc'][$label];
//upper care the words
$label = ucwords($label);
//if its a header, set it as one with a hr under
if ($field == '_header_') {
$label = sprintf(doArgs('header', '<h3>%s</h3><hr />', $options), $label);
}
$header = $field == '_header_' ? true : false;
$this->objTPL->assign_block_vars('_form_row', array());
if ($dediHeader && $header) {
$this->objTPL->assign_block_vars('_form_row._header', array('TITLE' => $label));
} else {
//assign some vars to the template
$this->objTPL->assign_block_vars('_form_row._field', array('F_ELEMENT' => $header ? null : $field, 'F_INFO' => doArgs('parseDesc', false, $options) ? contentParse($desc) : $desc, 'CLASS' => $header ? ' title' : ($count++ % 2 ? ' row_color2' : ' row_color1'), 'L_LABEL' => $label, 'L_LABELFOR' => inBetween('name="', '"', $field)));
//if this isnt a 'header' then output the label
if (!$header) {
$this->objTPL->assign_block_vars('_form_row._field._label', array());
}
//if we have a description, lets output it with the label
if (!is_empty($desc)) {
$this->objTPL->assign_block_vars('_form_row._field._desc', array());
}
}
}
//return the html all nicely parsed etc
return $this->objTPL->get_html('form_body_' . $randID);
}
/**
* Returns the html for the pagination
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param array $options
*
* @return int
*/
public function getPagination($options = array())
{
$options = array('url' => doArgs('url', '', $options), 'controls' => doArgs('controls', false, $options), 'type' => doArgs('type', 'pagination-mini', $options), 'showOne' => doArgs('showOne', false, $options));
$objTPL = Core_Classes_coreObj::getTPL();
$objUser = Core_Classes_coreObj::getUser();
// if we have 1 or less pages, then unless we specifically want to see it, hide the pagination
if ($this->getTotalPages() <= 1) {
if ($options['showOne'] === false) {
return '';
}
}
// generate the pagination handle - each one has to be diff, to support > 1 on a page
$handle = 'pagination_' . randCode(6);
$objTPL->set_filenames(array($handle => cmsROOT . 'modules/core/views/markup.tpl'));
// figure out which one we want to use
$switch = IS_ONLINE ? $objUser->get('paginationStyle') : '1';
if (!method_exists($this, 'paginationStyle' . $switch)) {
$switch = '1';
}
$pages = $this->{'paginationStyle' . $switch}($options['controls']);
$pages = isset($pages) ? $pages : array();
// setup the output
$objTPL->assign_block_vars('pagination', array('TYPE' => $options['type']));
foreach ($pages as $page) {
$objTPL->assign_block_vars('pagination.page', array('NUM' => doArgs('label', doArgs('count', '0', $page), $page), 'STATE' => doArgs('state', '', $page)));
if (doArgs('url', true, $page)) {
$objTPL->assign_block_vars('pagination.page.url', array('URL' => doArgs('url', true, $page) ? $this->url . $this->instance . '=' . doArgs('count', '0', $page) : ''));
} else {
$objTPL->assign_block_vars('pagination.page.span', array());
}
}
// and output
$objTPL->parse($handle, false);
return $objTPL->get_html($handle);
}
/**
* Redirect using PHP Header function or JS redirect
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param string $location
* @param int $time
* @param int $mode Definitions - 1=>GET['redirect'], 2=>HTTP_REFFERER, => 0=>$location
*/
public function redirect($location = null, $time = 0, $mode = 0)
{
switch ($mode) {
case 1:
$url = doArgs('redirect', $location, $_GET);
break;
case 2:
$url = $this->config('global', 'referer');
break;
case 0:
default:
$url = $location;
break;
}
// check to see weather headers have already been sent, this prevents us from using the header() function
if (!headers_sent() && $time === 0) {
header('Location: ' . $url);
return;
} else {
// headers have already been sent, so use a JS and even META equivalent
$output = null;
$output .= '<script type="text/javascript">';
if ($time != 0) {
$output .= 'function redirect(){';
}
$output .= ' window.location.href="' . $url . '";';
if ($time != 0) {
$output .= '} setTimeout(\'redirect()\', ' . $time * 1000 . ');';
}
$output .= '</script>';
$output .= '<noscript>';
$output .= ' <meta http-equiv="refresh" content="' . $time . ';url=' . $url . '" />';
$output .= '</noscript>';
echo $output;
}
}
hmsgDie('FAIL', 'Error: Cannot verify information.');
}
//security check 1
if (doArgs('id', false, $_POST) != $_SESSION['site']['acp_edit']['id']) {
hmsgDie('FAIL', 'Error: I cannot remember what you were saving...hmmmm');
}
//security check 2
if (doArgs('sessid', false, $_POST) != $_SESSION['site']['acp_edit']['sessid']) {
hmsgDie('FAIL', 'Error: I have conflicting information here, cannot continue.');
}
//run through each of the defined settings and make sure they have a value and its not the same as the stored one
$update = array();
$failed = array();
$settings = array('captcha_enable', 'captcha_priv', 'captcha_pub');
foreach ($settings as $setting) {
if (doArgs($setting, false, $_POST) != $objCore->config('site', $setting, true)) {
$update[$setting] = $_POST[$setting];
}
}
//if we have stuff to update
if (count($update)) {
foreach ($update as $setting => $value) {
$update = $objSQL->updateRow('config', array('value' => $value), array('var = "%s"', $setting));
if (!$update) {
$failed[$setting] = $objSQL->error();
}
}
}
//if we have a setting that failed, let the user know
if (!is_empty($failed)) {
$msg = null;
/**
* Outputs a block with content in for the ACP
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public static function setupBlock($handle, $options = array())
{
$options = array('cols' => doArgs('cols', 3, $options), 'vars' => isset($options['vars']) && is_array($options['vars']) ? $options['vars'] : array(), 'custom' => isset($options['custom']) && is_array($options['custom']) ? $options['custom'] : array(), 'custom_html' => isset($options['custom_html']) && is_array($options['custom_html']) ? $options['custom_html'] : array());
if (is_empty($options['vars'])) {
trigger_error('No vars passed to setupBlock()');
return;
}
if (!in_array($options['cols'], array(1, 2, 3))) {
trigger_error('Columns option needs to be 1 2 or 3');
return;
}
$objTPL = Core_Classes_coreObj::getTPL();
$objTPL->set_filenames(array($handle => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl'));
$objTPL->assign_block_vars('block', $options['vars']);
$objTPL->assign_block_vars('block.start_row', array());
$objTPL->assign_block_vars('block.' . $options['cols'] . 'col', array());
if (!is_empty($options['custom'])) {
$objTPL->assign_block_vars('block.custom', $options['custom']);
}
if (!is_empty($options['custom_html'])) {
$objTPL->assign_block_vars('block.custom_html', $options['custom_html']);
}
$objTPL->assign_block_vars('block.end_row', array());
$objTPL->parse($handle, false);
}
/**
* Performs action based on $action
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param string $action
*/
public function doAjax($action)
{
if (is_empty($action)) {
$this->throwHTTP(500);
return false;
}
switch ($action) {
case 'sortForum':
parse_str($_POST['order'], $order);
if (!is_array($order) || !count($order)) {
$this->throwHTTP(401);
}
parse_str($_POST['state'], $state);
if (!is_array($state) || !count($state)) {
$this->throwHTTP(401);
}
if (!is_array($order['sortable_forums']) || !count($order['sortable_forums'])) {
$this->throwHTTP(401);
}
foreach ($order['sortable_forums'] as $k) {
$go[$k] = $state[$k] == 1 ? 1 : 0;
}
echo print_r($go, true);
$db = serialize($go);
$_SESSION['user']['forum_cat_order'] = $db;
$update['forum_cat_order'] = $db;
$this->objUser->updateUserSettings($this->objUser->grab('id'), $update);
break;
//edit in place stuff
//edit in place stuff
case 'eip':
$id = doArgs('id', 0, $_GET, 'is_number');
$uid = $this->objUser->grab('id');
if ($id == 0 || !User::$IS_ONLINE) {
die('Error: There was a problem with the form you submitted. Please try again.');
}
//grab the post were reffering to
$post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id));
if (!$post) {
die('Error: There was a problem obtaining the post data. Error 0x01;');
}
//grab the required thread so we got something to work with..
$thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id']));
if (!$thread) {
die('Error: There was a problem obtaining the post data. Error 0x02;');
}
//now grab the cat id..
$cat = $this->getForumInfo($thread['cat_id']);
if (!$cat) {
die('Error: There was a problem obtaining the post data. Error 0x03;');
}
$catAuth = $this->auth[$cat['id']];
if ($post['author'] != $uid && !$catAuth['auth_edit'] && !$catAuth['auth_mod'] && !IS_MOD) {
die('Error: This is not your post;');
}
//load or save?
$action = doArgs('action', false, $_GET);
if ($action == 'load') {
echo html_entity_decode($post['post']);
} else {
if ($action == 'save') {
//what we have dosent match whats its supposed to be
if (doArgs('editorId', false, $_POST) != 'post_id_' . $id) {
die('Error: There was a problem with the form you submitted.');
}
unset($update);
$update['post'] = secureMe($_POST['value']);
$update['edited'] = $post['edited'] + 1;
$update['edited_uid'] = $uid;
$post_update = $this->objSQL->updateRow('forum_posts', $update, array('id ="%d"', $id));
if ($post_update) {
contentParse($_POST['value'], true);
exit;
} else {
die('Error: This is not your post, or there was a problem with saving the post. Error 0x02;');
}
}
}
break;
case 'quote':
$id = doArgs('id', 0, $_GET, 'is_number');
$uid = $this->objUser->grab('id');
if ($id == 0 || !User::$IS_ONLINE) {
die('Error: There was a problem with the form you submitted. Please try again.');
}
//grab the post were reffering to
$post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id));
if (!$post) {
die('Error: There was a problem obtaining the post data. Error 0x01;');
}
//grab the required thread so we got something to work with..
$thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id']));
if (!$thread) {
die('Error: There was a problem obtaining the post data. Error 0x02;');
}
//now grab the cat id..
$cat = $this->getForumInfo($thread['cat_id']);
if (!$cat) {
die('Error: There was a problem obtaining the post data. Error 0x03;');
}
$catAuth = $this->auth[$cat['id']];
if (!$catAuth['auth_read'] && !$catAuth['auth_mod'] && !IS_MOD) {
die('Error: This is not your post;');
}
$quote = "\n[quote=%s]\n%s\n[/quote]\n";
echo sprintf($quote, $this->objUser->getUserInfo($post['author'], 'username'), $post['post']);
break;
}
//everything that happens here dosent need to be output back to the parent template
exit;
}
hmsgDie('FAIL', 'Error: Cannot verify information.');
}
//security check 1
if (doArgs('id', false, $_POST) != $_SESSION['site']['acp_edit']['id']) {
hmsgDie('FAIL', 'Error: I cannot remember what you were saving...hmmmm');
}
//security check 2
if (doArgs('sessid', false, $_POST) != $_SESSION['site']['acp_edit']['sessid']) {
hmsgDie('FAIL', 'Error: I have conflicting information here, cannot continue.');
}
//run through each of the defined settings and make sure they have a value and its not the same as the stored one
$update = array();
$failed = array();
$settings = array('site_closed', 'closed_msg');
foreach ($settings as $setting) {
$postSetting = doArgs($setting, null, $_POST);
if ($postSetting === null) {
continue;
}
if (md5($postSetting) != md5($objCore->config('site', $setting, 'true'))) {
$update[$setting] = $_POST[$setting];
}
}
//if we have stuff to update
if (count($update)) {
foreach ($update as $setting => $value) {
$update = $objSQL->updateRow('config', array('value' => $value), array('var = "%s"', $setting));
if (!$update) {
$failed[$setting] = $objSQL->error();
}
}
function bbcode_quote($bbcode, $action, $name, $default, $params, $content)
{
global $objUser;
if ($action == BBCODE_CHECK) {
return true;
}
if (doArgs('name', false, $params)) {
$title = $objUser->profile($params['name'], RETURN_USER) . ' wrote';
if (doArgs('date', false, $params)) {
$title .= ' on ' . secureMe(trim($params['date']));
}
$title .= ':';
if (doArgs('url', false, $params)) {
$url = trim($params['url']);
if ($bbcode->IsValidURL($url)) {
$title = '<a href="' . secureMe($params['url']) . '">' . $title . '</a>';
}
}
} else {
if (!is_string($default)) {
$title = 'Quote:';
} else {
$title = $objUser->profile($default, RETURN_USER) . ' wrote';
}
}
return "\n<div class=\"bbcode_quote\">\n<div class=\"bbcode_quote_head\">" . $title . "</div>\n<div class=\"bbcode_quote_body\">" . $content . "</div>\n</div>\n";
}
<?php
/*======================================================================*\
|| Cybershade CMS - Your CMS, Your Way ||
\*======================================================================*/
if (!defined('INDEX_CHECK')) {
die('Error: Cannot access directly.');
}
if (!defined('PANEL_CHECK')) {
die('Error: Cannot include panel from current location.');
}
$objPage->setTitle(langVar('B_ACP') . ' > ' . langVar('L_OVERVIEW'));
$objPage->addPagecrumb(array(array('url' => $url, 'name' => langVar('L_OVERVIEW'))));
$objTPL->set_filenames(array('body' => 'modules/core/template/panels/panel.admin_overview.tpl'));
$mode = doArgs('mode', false, $_GET);
$objTPL->assign_vars(array('ADMIN_MODE' => langVar('L_NOTIFICATIONS')));
$objTPL->parse('body', false);
/**
* Gathers developer output for debug
*
* @version 1.1
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @return array
*/
public function getDumpOutput()
{
$count = 0;
$content = '';
//$this->dumpOutput ? implode('<br>', $this->dumpOutput) : null ;
if (empty($this->dumpOutput)) {
return array('count' => $count, 'content' => $content);
}
foreach ($this->dumpOutput as $log) {
$type = $log['type'] ?: 'info';
$title = htmlentities($log['title']) ?: 'Debug';
$file = doArgs('file', 'Unknown', $log);
$file = str_replace(array('\\', $_SERVER['DOCUMENT_ROOT']), array('/', ''), $file);
$content .= sprintf('<table class="table">
<tr>
<tr class="%s">
<td colspan="3" style="height:5px; padding:0;"></td>
</tr>
<tr>
<td style="width: 10%%;">File Number</td>
<td style="width: 5%%;">Title</td>
<td style="width: 85%%;">Content</td>
</tr>
</tr>
<tr>
<td>
%s<br />
on line: %s
</td>
<td>%s</td>
<td>%s</td>
</tr>
</table>', $type, $file, doArgs('line', 0, $log), $title, dump($log['content'], $title));
}
return array('count' => $count, 'content' => $content);
}
/**
* Retrieve the details from the details file of a module
*
* @version 1.1
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @param string $moduleName
*
* @return array
*/
public static function getModuleDetails($moduleName)
{
// Check module exists
if (self::moduleExists($moduleName) === false) {
return false;
}
$detailsFile = sprintf('%1$smodules/%2$s/details.php', cmsROOT, $moduleName);
$detailsClassName = sprintf('Details_%s', $moduleName);
// Make sure the details file exists
if (file_exists($detailsFile) === false) {
trigger_error('Error getting Module Details :: Details file doesn\'t exist');
return false;
}
require_once $detailsFile;
$details = reflectMethod($detailsClassName, 'details');
return array('version' => doArgs('version', 'N/A', $details), 'hash' => doArgs('hash', 'N/A', $details), 'name' => doArgs('name', 'N/A', $details), 'author' => doArgs('author', 'N/A', $details));
}
