public function register()
{
if (is_post()) {
$this->loadHelper('Validator');
if (captcha()) {
$data = ['email' => validate('email', 'email'), 'username' => validate('required', 'username'), 'password' => password_hash(validate('required', 'register_token'), PASSWORD_BCRYPT), 'token' => str_rand(40)];
if (validator($data)) {
if ($this->user->checkExistUser($data['email'])) {
$data2 = ['firstname' => validate('required', 'firstname'), 'lastname' => validate('required', 'lastname'), 'nickname' => validate('required', 'nickname'), 'major' => validate('required', 'major')];
if (validator($data2)) {
$this->user->createUser($data, $data2);
$validate = $this->user->validate($data['email'], $_POST['register_token']);
if (!empty($validate)) {
$_SESSION['auth'] = $validate;
$_SESSION['user'] = $this->user->getDetail($validate['id']);
cache_forgot('user.members.' . user('major'));
cache_forgot('user.get.members.' . user('major'));
}
}
}
}
}
}
return redirect('');
}
public static function install_check()
{
//Check the cache folder
if (!Backend::checkConfigFile()) {
if (function_exists('posix_getgrgid') && function_exists('posix_getegid')) {
if ($group = posix_getgrgid(posix_getegid())) {
$group = $group['name'];
}
}
$values = array('file' => Backend::getConfigFileLocation(), 'group' => isset($group) ? $group : false);
Backend::addContent(Render::file('config_value.fix_config.tpl.php', $values));
return false;
}
if (self::get('settings.ConfigValueSet')) {
return true;
}
if (is_post()) {
$result = true;
foreach ($_POST as $name => $value) {
$name = str_replace('_', '.', $name);
if (in_array($name, array('application.Title', 'application.Moto', 'application.HelpBoxContent', 'application.Description', 'author.Name', 'author.Email', 'author.Website'))) {
if (!self::set($name, $value)) {
Backend::addError('Could not set ' . $name);
$result = false;
}
} else {
var_dump('Rejected:', $name);
}
}
self::set('settings.ConfigValueSet', $result);
Controller::redirect();
}
Backend::addContent(Render::file('config_value.values.tpl.php'));
return false;
}
/**
* Show a simple confirmation form
*/
public static function confirm($label)
{
if (is_post()) {
if (isset($_POST['confirm_yes'])) {
return true;
} else {
if (isset($_POST['confirm_no'])) {
return false;
}
}
}
?>
<?php
print_header();
?>
<div id="confirm_form">
<?php
\Meta\Core\Form::open();
?>
<h2><?php
echo $label;
?>
</h2>
<input type="submit" name="confirm_yes" value="Sim" />
<input type="submit" name="confirm_no" value="Nao" />
<?php
\Meta\Core\Form::close();
?>
</div>
<?php
print_footer();
?>
<?php
exit;
}
public function action_create()
{
if (is_post()) {
$parameters = get_previous_parameters();
$object = new CommentObj();
$object = $object->fromRequest();
$object['foreign_id'] = empty($object['foreign_id']) ? reset($parameters) : $object['foreign_id'];
$object['foreign_table'] = empty($object['foreign_table']) ? table_name(get_previous_area()) : $object['foreign_table'];
//If we don't have a logged in user, create a dummy account
if (!BackendUser::check()) {
$query = new SelectQuery('BackendUser');
$query->filter('`email` = :email');
if ($old_user = Controller::getVar('user')) {
$existing_user = $query->fetchAssoc(array(':email' => $old_user['email']));
}
switch (true) {
case $existing_user && $existing_user['confirmed'] && $existing_user['active']:
//Attribute quote to user? Seems risque, actually, if I know a user's email address, I can just attribute to him. Auth first
Backend::addError('Comment not added. Please login first');
return false;
break;
case $existing_user && !$existing_user['confirmed'] && $existing_user['active']:
//Unregistered user commented before
$object['user_id'] = $existing_user['id'];
break;
default:
case !$existing_user:
$user_data = array('name' => $old_user['name'], 'surname' => '', 'email' => $old_user['email'], 'website' => $old_user['website'], 'username' => $old_user['email'], 'password' => get_random(), 'confirmed' => 0, 'active' => 1);
$user = self::getObject('BackendUser');
if ($user->create($user_data)) {
$object['user_id'] = $user->array['id'];
$url = SITE_LINK . '/?q=backend_user/confirm/' . $user->array['salt'];
$app_name = ConfigValue::get('Title');
$message = <<<END
Hi {$user->array['name']}!
Thank you for your comment on {$app_name}. An account has automatically been created for you. To activate it, please click on the following link:
{$url}
Please note that you don't need to do this for your comments to show, but this account will be deleted if it isn't confirmed in a weeks time.
Regards
END;
send_email($user->array['email'], 'Thank you for your comment.', $message);
} else {
Backend::addError('Could not create user to add Comment');
return false;
}
break;
}
}
$object = array_filter($object, create_function('$var', 'return !is_null($var);'));
Controller::setVar('obj', $object);
}
return parent::action_create();
}
public function stage4()
{
if (is_post()) {
if (Installer::stage4()) {
return redirect('complete');
}
}
render('stage4');
}
function entry_password_edit()
{
$model = model::load('user');
$_POST['user_id'] = $this->user_id;
if (is_post() && $model->edit_password($_POST) === false) {
$this->assign['message'] = $model->message;
}
$this->display('password_edit');
}
function entry_comment()
{
$feed_mod = model::load('feed');
$feed_mod->init('comments');
if (is_post()) {
$feed_mod->edit($_POST);
}
$this->assign['comment'] = $feed_mod->get($_GET);
$this->display('comment_edit');
}
function fromRequest()
{
$data = parent::fromRequest();
if (is_post() && array_key_exists('mime_type', $data)) {
if (!empty($data['meta_info']['mime']) && $data['mime_type'] != $data['meta_info']['mime']) {
$data['mime_type'] = $data['meta_info']['mime'];
}
}
return $data;
}
public static function checkConfiguration()
{
// configuration installer manager
$cfgFile = abspath('app/config.php');
if (file_exists($cfgFile)) {
return;
}
?>
<h2>Please configure the database</h2>
<form method="POST">
<label>Database host</label> <input type="text" name="DB_HOST" value="localhost">
<br/>
<label>Database user</label> <input type="text" name="DB_USER" value="root">
<br/>
<label>Database password</label> <input type="text" name="DB_PASS" value="">
<br/>
<label>Database name</label> <input type="text" name="DB_NAME" value="reservic">
<br/><br/>
<input type="submit" value="Install configuration file">
</form>
<?php
// write config file
if (is_post()) {
// check database connectivity
try {
$dbh = new \PDO('mysql:host=' . $_POST['DB_HOST'] . ';dbname=' . $_POST['DB_NAME'], $_POST['DB_USER'], $_POST['DB_PASS']);
} catch (\Exception $e) {
?>
<h2>Database connection error: <?php
echo $e->getMessage();
?>
</h2><?php
exit;
}
// create config file content
$content = "<?php\n";
foreach ($_POST as $key => $val) {
$content .= "define('{$key}', '{$val}');\n";
}
// try write config file
if (!file_put_contents($cfgFile, $content)) {
?>
<h2>The file <?php
echo $cfgFile;
?>
is not writable!
Please set write permission for the app/ folder</h2>
<?php
exit;
}
Flash::success(t('Database configuration saved.'));
redirect(page_home());
}
exit;
}
function entry_admin_edit()
{
$model = model::load('user');
if (is_post() && !$model->edit($_POST)) {
$this->assign['message'] = $model->message;
}
if ($_GET['user_id']) {
$this->assign['admin'] = $model->get($_GET);
}
$this->display('admin_edit');
}
public function post_create($id = false)
{
$result = parent::post_create();
if ($result instanceof ContentObj) {
/* TODO This can easily "overwrite" existing urls */
if (is_post() && Component::isActive('BackendQuery')) {
BackendQuery::add($result->array['name'], 'content/display/' . $result->array['id']);
}
}
return $result;
}
public function add_message()
{
$this->moduleTag = 'message';
if (is_post()) {
$data = $this->check_message();
$info = $this->model->add_message_info($data);
if (!$info) {
response_code('-1');
}
response_code('1');
}
}
public function p($action = null, $id = null)
{
switch ($action) {
case 'news':
if (is_post()) {
$gbn = new \app\models\GbNews();
$data = array('title' => $_POST['title'], 'content' => $_POST['content']);
if ($_POST['active'] === 'on') {
$data['active'] = 1;
} else {
$data['active'] = 0;
}
if (!empty($_POST['action'])) {
$data['id'] = $_POST['id'];
$gbn->update($data);
cache_forgot('home.gbnews');
cache_forgot('p.gbn.' . $data['id']);
} else {
$gbn->create($data);
cache_forgot('home.gbnews');
}
return redirect('admin/p/news');
} else {
$gbn = new \app\models\GbNews();
$gbn = $gbn->all();
$data = empty($gbn) ? array() : $gbn;
return $this->view('admin/gbnews', compact('data'));
}
break;
case 'write':
if (!empty($id)) {
$id = intval($id);
$news = new \app\models\GbNews();
$news = $news->getNews($id);
if (empty($news)) {
return $this->view('errors/404');
}
return $this->view('admin/gbnews_write', compact('news'));
}
return $this->view('admin/gbnews_write');
break;
case 'destroy':
echo $_POST['id'];
if (is_post()) {
$news = new \app\models\GbNews();
$news->remove($_POST['id']);
}
break;
default:
return redirect('admin');
break;
}
}
/**
*/
function edit()
{
$a = $this->_get_info();
if (!$a) {
return _404();
}
$a['back_link'] = url('/@object');
$form_id = 'content_form';
jquery('
var form_id = "' . $form_id . '";
var bak_action = $("form#" + form_id).attr("action");
var preview_url = "' . url_user('/dynamic/preview/static_pages/' . $a['id']) . '";
$("[type=submit].preview", "form#" + form_id).on("click", function() {
$(this).closest("form").attr("target", "_blank").attr("action", preview_url)
})
$("[type=submit]:not(.preview)", "form#" + form_id).on("click", function() {
$(this).closest("form").attr("target", "").attr("action", bak_action)
})
');
// Prevent execution of template tags when editing page content
$exec_fix = ['{' => '{', '}' => '}'];
$keys_to_fix = ['text'];
foreach ((array) $keys_to_fix as $k) {
if (false !== strpos($a[$k], '{') && false !== strpos($a[$k], '}')) {
$a[$k] = str_replace(array_keys($exec_fix), array_values($exec_fix), $a[$k]);
}
}
$a = (array) $_POST + (array) $a;
if (is_post()) {
foreach ((array) $keys_to_fix as $k) {
if (false !== strpos($_POST[$k], '{') && false !== strpos($_POST[$k], '}')) {
$_POST[$k] = str_replace(array_values($exec_fix), array_keys($exec_fix), $_POST[$k]);
}
}
}
$_this = $this;
return form($a, ['hide_empty' => true, 'id' => $form_id])->validate(['__before__' => 'trim', 'name' => ['required', function (&$in) use($_this) {
$in = $_this->_fix_page_name($in);
return (bool) strlen($in);
}, function ($name, $tmp, $d, &$error) use($_this, $a) {
$id = db()->from($_this::table)->where('locale', $a['locale'])->where('name', $name)->get_one('id');
if ($id && $id != $a['id']) {
$error = t('Page with this name and locale already exists');
}
return $error ? false : true;
}], 'text' => 'required'])->update_if_ok(self::table, ['name', 'text', 'page_title', 'page_heading', 'meta_keywords', 'meta_desc', 'active'], 'id=' . $a['id'])->on_before_update(function () use($a, $_this) {
module_safe('manage_revisions')->add(['object_name' => $_this::table, 'object_id' => $a['id'], 'old' => $a, 'new' => $_POST, 'action' => 'update']);
})->on_after_update(function () {
common()->admin_wall_add(['static page updated: ' . $a['name'], $a['id']]);
cache_del('static_pages_names');
})->container($this->_get_lang_links($a['locale'], $a['name'], 'edit'))->text('name')->textarea('text', ['id' => 'text', 'cols' => 200, 'rows' => 10, 'ckeditor' => ['config' => _class('admin_methods')->_get_cke_config()]])->text('page_title')->text('page_heading')->text('meta_keywords')->text('meta_desc')->active_box()->save_and_back()->preview();
}
function entry_register()
{
$model = model::load('user');
if (is_post()) {
if ($model->register($_POST)) {
header('Location: /');
} else {
$this->assign['message'] = $model->message;
$this->display('message');
exit;
}
}
$this->display('register');
}
/**
*/
function change_debug()
{
if (!DEBUG_MODE) {
return;
}
if (is_post()) {
$_SESSION['debug_console_light'] = intval((bool) $_POST['debug_console_light']);
$_SESSION['locale_vars_edit'] = intval((bool) $_POST['locale_edit']);
# $_SESSION['stpls_inline_edit'] = intval((bool)$_POST['stpl_edit']);
return js_redirect($_SERVER['HTTP_REFERER'], 0);
}
$a = $_POST + $_SESSION;
return form($a)->active_box('debug_console_light', ['selected' => $_SESSION['debug_console_light']])->active_box('locale_edit', ['selected' => $_SESSION['locale_vars_edit']])->save();
}
function entry_add_node()
{
$node_mod = model::load('node');
if (is_post()) {
$node_id = $node_mod->add_node($_POST, $this->user_id);
if ($node_id) {
header('Location: /index.php?view=feed&node_id=' . $node_id);
} else {
$this->assign['message'] = $node_mod->message;
$this->display('message');
}
} else {
$this->display('edit_node');
}
}
public function add()
{
if (is_post()) {
$_data = array();
foreach ($_POST as $key => $value) {
$value['time'] = date('D, d M Y');
$_data[] = implode(':|', $value);
}
if ($this->update($this->current_name, $_data)) {
return redirect('ledger/summary');
}
} else {
return $this->view('ledger/add');
}
}
public function upme_reset_module_settings()
{
global $upme_admin;
if (is_post() && is_in_post('current_tab')) {
if (isset($upme_admin->default_module_settings[post_value('current_tab')])) {
$current_options = get_option('upme_options');
foreach ($upme_admin->default_module_settings[post_value('current_tab')] as $key => $value) {
$current_options[$key] = $value;
}
update_option('upme_options', $current_options);
echo json_encode(array('status' => 'success'));
exit;
}
}
}
/**
* edit_user
*
* @param mixed $id the unique identifier
*
* @access public
* @return string
*/
function edit_user($id)
{
i_am_logged();
$user = fetch_or_404('User', $id);
if (is_post()) {
$user->fromArray($_POST);
if ($user->isValid()) {
$user->save();
return redirect('/user/page/' . $user->id);
} else {
$errors = array();
$errors['user'] = get_errors($user);
}
}
return render('user_edit.tpl', compact('user', 'errors'));
}
function entry_sys_config_edit()
{
$model = model::load('sys_config');
if (is_post()) {
if ($_POST['sys_config_id'] && !$model->insert($_POST)) {
$this->assign['message'] = $model->message;
}
if ($_GET['sys_config_id'] && !$model->update($_POST)) {
$this->assign['message'] = $model->message;
}
}
if ($_GET['sys_config_id']) {
$this->assign['sys_config'] = $model->get($_GET);
}
$this->display('sys_config_edit');
}
/**
* Controller的init方法会被自动首先调用
*/
public function init()
{
// 如果是ajax请求,关闭html输出
// if ($this->getRequest()->isXmlHttpRequest()) {
/**
* 是否返回Response对象, 如果启用, 则Response对象在分发完成以后不会自动输出给请求端, 而是交给程序员自己控制输出.
* @see http://www.laruence.com/manual/yaf.class.dispatcher.returnResponse.html
*/
Yaf_Dispatcher::getInstance()->returnResponse(TRUE);
/**
* 关闭自动Render. 默认是开启的, 在动作执行完成以后, Yaf会自动render以动作名命名的视图模板文件.
* @see http://www.laruence.com/manual/yaf.class.dispatcher.disableView.html
*/
Yaf_Dispatcher::getInstance()->disableView();
$this->IS_POST = is_post();
$this->testmodel = new TestModel();
}
public function add()
{
if (is_post()) {
// $file = "tmp/domain_name";
// $domain_name = $_POST['domain_name'];
// $name = $_POST['name'];
// $git = $_POST['git'];
// // add record to db
// $sql = "insert into vhost values(null, '$name', '$git', '$domain_name', '/var/www/$name', '/etc/apache2/sites-available/$name')";
// db_exec($sql);
// $content = $_POST['vhost_conf'];
// write_file($file, $content);
// system("./conf_bin " . "tmp/domain_name ". $domain_name.".conf");
} else {
$this->view("vhost_add.php");
}
}
public function pictures($action = null)
{
$_path = APP_PATH . 'contents/major/' . user('major') . '/';
if (role_check()) {
switch ($action) {
case 'remove-all':
if (chdir($_path)) {
$files = glob('*.*');
foreach ($files as $key => $value) {
unlink($value);
unlink('thumbs/' . preg_replace('/\\.[A-z]+/', '', $value) . '.jpg');
echo "Delete {$value} success. <br/>";
}
}
break;
case 'remove':
if (is_post()) {
if (chdir($_path)) {
if (unlink($_POST['pic']) && unlink('thumbs/' . $_POST['name'] . '.jpg')) {
echo '1';
}
}
}
break;
default:
if (!file_exists($_path)) {
mkdir($_path, 0777, true);
mkdir($_path . 'thumbs', 0777, true);
}
if (chdir($_path)) {
$files = @glob('*.*', GLOB_BRACE);
$data = array();
foreach ($files as $key => $file) {
$data[$key] = array('name' => $file, 'size' => filesize($file));
}
unset($files);
$json = json_encode($data);
if (chdir(APP_PATH)) {
return $this->view('major/pictures', compact('json'));
}
}
break;
}
}
}
public function run()
{
if (is_post()) {
$pattern = '/(\\/auth\\/signin\\/|\\/auth\\/register\\/)/';
if (!preg_match($pattern, $_SERVER['REQUEST_URI'])) {
if (empty($_POST['csrf_token']) || empty($_COOKIE['csrf_token'])) {
header("HTTP/1.0 401 Authorization Required");
exit;
} else {
if ($_POST['csrf_token'] !== $_COOKIE['csrf_token']) {
header("HTTP/1.0 401 Authorization Required");
exit;
}
}
unset($_POST['csrf_token']);
}
}
}
public function edit_coupon()
{
$this->moduleTag = 'coupon';
$quan_id = input_int($this->input->get('quan_id'), 1, FALSE, 0);
if ($quan_id) {
$info = $this->model->get_coupon_info_by_id($quan_id);
}
if (is_post()) {
$data = $this->check_coupon();
$data['quan_id'] = input_int($this->input->post('quan_id'), 1, FALSE, 0);
$rs = $this->model->edit_coupon($data);
if (!$rs) {
response_code('-1');
}
response_code('1');
}
$this->viewData = array('info' => $info);
}
/**
* 我的铺子
*/
public function inninfo()
{
$inn_info = $this->model->get_inn_info_by_inn_id($this->token['inn_id']);
if ($inn_info) {
if (is_post()) {
$check_info = $this->check_inn_info_value();
$changedkeys = array_diff_assoc($check_info, $inn_info);
if ($changedkeys) {
$changedkeys['inn_id'] = $this->token['inn_id'];
$changedkeys['update_by'] = $this->token['user_id'];
$this->model->update_inn_info($changedkeys);
}
response_msg('1');
}
} else {
response_msg('2007');
}
response_data($inn_info);
}
/**
*/
function edit()
{
$a = $this->_get_info();
if (!$a) {
return _404();
}
$a['redirect_link'] = url('/@object/@action/@id');
$a['back_link'] = url('/@object');
// Prevent execution of template tags when editing page content
$exec_fix = ['{' => '{', '}' => '}'];
$keys_to_fix = ['head_text', 'full_text'];
foreach ((array) $keys_to_fix as $k) {
if (false !== strpos($a[$k], '{') && false !== strpos($a[$k], '}')) {
$a[$k] = str_replace(array_keys($exec_fix), array_values($exec_fix), $a[$k]);
}
}
$a = (array) $_POST + (array) $a;
if (is_post()) {
foreach ((array) $keys_to_fix as $k) {
if (false !== strpos($_POST[$k], '{') && false !== strpos($_POST[$k], '}')) {
$_POST[$k] = str_replace(array_values($exec_fix), array_keys($exec_fix), $_POST[$k]);
}
}
}
$_this = $this;
return form($a)->validate(['__before__' => 'trim', 'title' => 'required', 'head_text' => 'required', 'full_text' => 'required', 'url' => 'required', 'locale' => 'required'])->on_post(function () {
if (strlen($_POST['url'])) {
$_POST['url'] = preg_replace('~[\\s/]+~', '-', trim($_POST['url']));
}
if (strlen($_POST['title']) && !strlen($_POST['url'])) {
$_POST['url'] = common()->_propose_url_from_name($_POST['title']);
} else {
if (!strlen($_POST['head_text']) && strlen($_POST['full_text'])) {
$_POST['head_text'] = _truncate($_POST['full_text'], 200, false, false);
}
}
})->update_if_ok(self::table, ['title', 'head_text', 'full_text', 'meta_keywords', 'meta_desc', 'url', 'active', 'locale'])->on_before_update(function () use($a, $_this) {
module_safe('manage_revisions')->add(['object_name' => $_this::table, 'object_id' => $a['id'], 'old' => $a, 'new' => $_POST, 'action' => 'update']);
})->on_after_update(function () {
common()->admin_wall_add(['news updated: ' . $a['id'], $a['id']]);
})->text('title')->textarea('head_text', ['cols' => 200, 'rows' => 5, 'ckeditor' => ['config' => _class('admin_methods')->_get_cke_config()]])->textarea('full_text', ['cols' => 200, 'rows' => 20, 'ckeditor' => ['config' => _class('admin_methods')->_get_cke_config()]])->text('url')->text('meta_keywords')->text('meta_desc')->locale_box('locale')->active_box()->save_and_back();
}
/**
* faq_edit
*
* @param string $id unique identifier for te FAQ
*
* @access public
* @return string
*/
function faq_edit($id)
{
$data = array();
$faq = Faq::fetch($id);
if (!$faq) {
throw new NotFoundException();
}
if (is_post()) {
$faq->fromArray($_POST);
if ($faq->isValid()) {
$faq->save();
return redirect('/faq/list');
} else {
$data['errors'] = array();
$data['errors']['faq'] = format_error($faq);
}
}
$data['faq'] = $faq;
return render('faq_form.tpl', $data);
}
/**
* page_edit
*
* @param string $slug the unique url slug for the page
*
* @access public
* @return string
*/
function page_edit($slug)
{
$data = array();
$page = Pages::fetchBySlug($slug);
if (!$page) {
throw new NotFoundException();
}
if (is_post()) {
$page->fromArray($_POST);
if ($page->isValid()) {
$page->save();
return redirect('/page/list');
} else {
$data['errors'] = array();
$data['errors']['page'] = format_error($page);
}
}
$data['page'] = $page;
return render('page_form.tpl', $data);
}
