protected function __trigger()
 {
     $result = new XMLElement(self::ROOTELEMENT);
     $success = false;
     self::__init();
     $db = ASDCLoader::instance();
     $Members = $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     if ($Members->isLoggedIn() !== true) {
         $result->appendChild(new XMLElement('error', 'Must be logged in.'));
         $result->setAttribute('status', 'error');
         return $result;
     }
     $Members->initialiseMemberObject();
     // Make sure we dont accidently use an expired code
     extension_Members::purgeCodes();
     $em = new EntryManager($this->_Parent);
     $entry = end($em->fetch((int) $Members->Member->get('id')));
     $email = $entry->getData(self::findFieldID('email-address', 'members'));
     $name = $entry->getData(self::findFieldID('name', 'members'));
     $success = $Members->emailNewMember(array('entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
     if ($success == true && isset($_REQUEST['redirect'])) {
         redirect($_REQUEST['redirect']);
     }
     $result->setAttribute('result', $success === true ? 'success' : 'error');
     return $result;
 }
예제 #2
0
 public function action()
 {
     if (!isset($_POST['items']) || !is_array($_POST['items']) || !empty($_POST['items'])) {
         return;
     }
     $checked = @array_keys($_POST['items']);
     if (is_array($checked) && !empty($checked)) {
         if ($_POST['with-selected'] == 'delete-members') {
             foreach ($checked as $role_id) {
                 $this->__deleteMembers($role_id);
             }
         } elseif ($_POST['with-selected'] == 'delete') {
             foreach ($checked as $role_id) {
                 $this->__deleteMembers($role_id);
                 ASDCLoader::instance()->query("DELETE FROM `tbl_members_roles` WHERE `id` = {$role_id}");
                 ASDCLoader::instance()->query("DELETE FROM `tbl_members_roles_forbidden_pages` WHERE `role_id` = {$role_id}");
                 ASDCLoader::instance()->query("DELETE FROM `tbl_members_roles_event_permissions` WHERE `role_id` = {$role_id}");
             }
         } elseif (preg_match('/move::(\\d+)/i', $_POST['with-selected'], $match)) {
             $target_role = $match[1];
             if (!($replacement = $this->_driver->fetchRole($target_role))) {
                 die("no such target role");
             }
             foreach ($checked as $role_id) {
                 if ($role_id == $target_role) {
                     continue;
                 }
                 ASDCLoader::instance()->query(sprintf("UPDATE `tbl_entries_data_%d` SET `role_id` = %d WHERE `role_id` = %d", $this->_driver->roleField(), $target_role, $role_id));
             }
         }
     }
 }
 public function grab(&$param_pool)
 {
     self::__init();
     $result = new XMLElement($this->dsParamROOTELEMENT);
     $rows = Symphony::Database()->fetch("SELECT *\n\t\t\t\tFROM `tbl_sessions` \n\t\t\t\tWHERE `session_data` != 'sym-|a:0:{}sym-members|a:0:{}' \n\t\t\t\tAND `session_data` REGEXP 'sym-members'\n\t\t\t\tAND `session_expires` > (UNIX_TIMESTAMP() - " . self::AGE . ") \n\t\t\t\tORDER BY `session_expires` DESC");
     $added = array();
     if (count($rows) > 0) {
         foreach ($rows as $r) {
             $raw = $r['session_data'];
             $data = self::session_real_decode($raw);
             if (!isset($data['sym-members'])) {
                 continue;
             }
             $record = ASDCLoader::instance()->query(sprintf("SELECT\n\t\t\t\t\t\t\t\temail.value AS `email`,\n\t\t\t\t\t\t\t\tMD5(email.value) AS `hash`,\n\t\t\t\t\t\t\t\tcreated_by.username AS `username`\n\t\t\t\t\t\t\n\t\t\t\t\t\t\tFROM `tbl_entries_data_%d` AS `created_by`\n\t\t\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `email` ON created_by.member_id = email.entry_id\n\t\t\t\t\t\t\tWHERE `created_by`.username = '******'\n\t\t\t\t\t\t\tLIMIT 1", self::findFieldID('created-by', 'comments'), self::findFieldID('email-address', 'members'), ASDCLoader::instance()->escape($data['sym-members']['username'])));
             if ($record->length() == 0) {
                 continue;
             }
             $member = $record->current();
             // This is so we dont end up with accidental duplicates. No way to select
             // distinct via the SQL since we grab raw session data
             if (in_array($member->username, $added)) {
                 continue;
             }
             $added[] = $member->username;
             $result->appendChild(new XMLElement('member', General::sanitize($member->username), array('email-hash' => $member->hash)));
         }
     } else {
         $result->setValue('No Records Found.');
         //This should never happen!
     }
     return $result;
 }
 protected function __trigger()
 {
     self::__init();
     $db = ASDCLoader::instance();
     $success = false;
     $Members = $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     if ($Members->isLoggedIn() !== true) {
         redirect(URL . '/forbidden/');
     }
     $Members->initialiseMemberObject();
     // Make sure we dont accidently use an expired token
     extension_Members::purgeCodes();
     $activation_row = $db->query(sprintf("SELECT * FROM `tbl_members_codes` WHERE `token` = '%s' AND `member_id` = %d LIMIT 1", $db->escape($_POST['fields']['code']), (int) $Members->Member->get('id')))->current();
     // No code, you are a spy!
     if ($activation_row === false) {
         redirect(URL . '/members/activate/failed/');
     }
     // Got this far, all is well.
     $db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `role_id` = %d WHERE `entry_id` = %d LIMIT 1", $Members->roleField(), 3, (int) $Members->Member->get('id')));
     extension_Members::purgeTokens((int) $Members->Member->get('id'));
     $em = new EntryManager($this->_Parent);
     $entry = end($em->fetch((int) $Members->Member->get('id')));
     $email = $entry->getData(self::findFieldID('email-address', 'members'));
     $name = $entry->getData(self::findFieldID('name', 'members'));
     $Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
     redirect(URL . '/members/activate/success/');
 }
예제 #5
0
 public function grab(&$param_pool)
 {
     $result = new XMLElement($this->dsParamROOTELEMENT);
     self::__init();
     $db = ASDCLoader::instance();
     $sql = "SELECT SQL_CALC_FOUND_ROWS \n\t\t\t\t\t\tpinned.entry_id AS `id`, \n\t\t\t\t\t\tpinned.value AS `pinned`, \n\t\t\t\t\t\tclosed.value AS `closed`, \n\t\t\t\t\t\tcreation_date.local AS `creation-date`,\n\t\t\t\t\t\tlast_active.local AS `last-active`,\t\t\t\t\t\t\t\n\t\t\t\t\t\tcreated_by.member_id AS `created-by-member-id`,\n\t\t\t\t\t\tcreated_by.username AS `created-by-username`,\n\t\t\t\t\t\tlast_post.member_id AS `last-post-member-id`,\n\t\t\t\t\t\tlast_post.username AS `last-post-username`,\t\t\t\t\t\t\t\n\t\t\t\t\t\ttopic.value AS `topic`,\n\t\t\t\t\t\tCOUNT(comments.relation_id) AS `comments`\n\t\t\t\t\t\n\t\t\t\t\tFROM `tbl_entries_data_%d` AS `pinned`\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `closed` ON pinned.entry_id = closed.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `creation_date` ON pinned.entry_id = creation_date.entry_id\t\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `last_active` ON pinned.entry_id = last_active.entry_id\t\t\t\t\t\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `created_by` ON pinned.entry_id = created_by.entry_id\t\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `last_post` ON pinned.entry_id = last_post.entry_id\t\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `topic` ON pinned.entry_id = topic.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `comments` ON pinned.entry_id = comments.relation_id\n\t\t\t\t\tWHERE 1 %s\n\t\t\t\t\tGROUP BY pinned.entry_id\n\t\t\t\t\tORDER BY pinned.value ASC, last_active.local DESC\n\t\t\t\t\tLIMIT %d, %d";
     try {
         $rows = $db->query(sprintf($sql, self::findFieldID('pinned', 'discussions'), self::findFieldID('closed', 'discussions'), self::findFieldID('creation-date', 'discussions'), self::findFieldID('last-active', 'discussions'), self::findFieldID('created-by', 'discussions'), self::findFieldID('last-post', 'discussions'), self::findFieldID('topic', 'discussions'), self::findFieldID('parent-id', 'comments'), isset($this->dsParamFILTERS['id']) && (int) $this->dsParamFILTERS['id'] > 0 ? " AND pinned.entry_id  = " . (int) $this->dsParamFILTERS['id'] : NULL, max(0, ($this->dsParamSTARTPAGE - 1) * $this->dsParamLIMIT), $this->dsParamLIMIT));
     } catch (Exception $e) {
         $result->appendChild(new XMLElement('error', General::sanitize(vsprintf('%d: %s on query %s', $db->lastError()))));
         return $result;
     }
     if ($rows->length() == 0 && strlen(trim($dsParamFILTERS['id'])) > 0) {
         $this->__redirectToErrorPage();
     } elseif ($rows->length() == 0) {
         return $this->emptyXMLSet();
     }
     $total = $db->query('SELECT FOUND_ROWS() AS `total`;')->current()->total;
     $result->prependChild(General::buildPaginationElement($total, ceil($total * (1 / $this->dsParamLIMIT)), $this->dsParamLIMIT, $this->dsParamSTARTPAGE));
     /*
     	stdClass Object
     	(
     	    [id] => 666
     	    [pinned] => yes
     	    [closed] => no
     	    [creation-date] => 1233599808
     	    [last-active] => 1237161637
     	    [created-by-member-id] => 2126
     	    [created-by-username] => Lewis
     	    [last-post-member-id] => 2126
     	    [last-post-username] => Lewis
     	    [topic] => Symphony 2 Documentation
     	    [comments] => 18
     	)
     
        <entry id="595" comments="7">
     		            <created-by id="2150">newnomad</created-by>
     		            <closed>No</closed>
     		            <last-active time="18:30" weekday="1">2009-02-09</last-active>
     		            <last-post id="2150">newnomad</last-post>
     		            <pinned>No</pinned>
     		            <topic handle="viewing-feeds">viewing feeds</topic>
     		            <creation-date time="19:31" weekday="3">2009-01-07</creation-date>
         </entry>
     */
     $param_pool['ds-' . $this->dsParamROOTELEMENT] = DatabaseUtilities::resultColumn($rows, 'id');
     foreach ($rows as $r) {
         $entry = new XMLElement('entry', NULL, array('id' => $r->id, 'comments' => $r->comments));
         $entry->appendChild(new XMLElement('created-by', General::sanitize($r->{'created-by-username'}), array('id' => $r->{'created-by-member-id'})));
         $entry->appendChild(new XMLElement('last-post', General::sanitize($r->{'last-post-username'}), array('id' => $r->{'last-post-member-id'})));
         $entry->appendChild(new XMLElement('closed', ucfirst($r->closed)));
         $entry->appendChild(new XMLElement('pinned', ucfirst($r->pinned)));
         $entry->appendChild(new XMLElement('topic', General::sanitize($r->topic)));
         $entry->appendChild(General::createXMLDateObject($r->{'creation-date'}, 'creation-date'));
         $entry->appendChild(General::createXMLDateObject($r->{'last-active'}, 'last-active'));
         $result->appendChild($entry);
     }
     return $result;
 }
 public function grab(&$param_pool)
 {
     self::__init();
     /*
     		
     		var $dsParamINCLUDEDELEMENTS = array(
     				'system:pagination',
     				'comment',
     				'date',
     				'created-by'
     		);
     		
         <pagination total-entries="28" total-pages="2" entries-per-page="20" current-page="2" />
         <section id="39" handle="comments">Comments</section>
     */
     $result = new XMLElement($this->dsParamROOTELEMENT);
     try {
         $comments = ASDCLoader::instance()->query(sprintf("SELECT SQL_CALC_FOUND_ROWS\n\t\t\t\t\t\t\tcomment.entry_id AS `id`,\n\t\t\t\t\t\t\tcomment.value_formatted AS `comment`, \n\t\t\t\t\t\t\tcreated_by.member_id, \n\t\t\t\t\t\t\tcreated_by.username, \n\t\t\t\t\t\t\tdate.local AS `date`,\n\t\t\t\t\t\t\temail.value AS `email`\n\n\t\t\t\t\t\tFROM `tbl_entries_data_%d` AS `comment`\n\t\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `created_by` ON comment.entry_id = created_by.entry_id\n\t\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `date` ON comment.entry_id = date.entry_id\n\t\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `email` ON created_by.member_id = email.entry_id\n\t\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `discussion` ON comment.entry_id = discussion.entry_id\n\t\t\t\t\t\tWHERE discussion.relation_id = %d\n\t\t\t\t\t\tORDER BY date.local ASC\n\t\t\t\t\t\tLIMIT %d, %d", self::findFieldID('comment', 'comments'), self::findFieldID('created-by', 'comments'), self::findFieldID('date', 'comments'), self::findFieldID('email-address', 'members'), self::findFieldID('parent-id', 'comments'), (int) $this->dsParamFILTERS['discussion_id'], max(0, ($this->dsParamSTARTPAGE - 1) * $this->dsParamLIMIT), (int) $this->dsParamLIMIT));
     } catch (Exception $e) {
         $result->appendChild(new XMLElement('error', General::sanitize(vsprintf('%d: %s on query %s', ASDCLoader::instance()->lastError()))));
         return $result;
     }
     if ($comments->length() == 0) {
         $this->__redirectToErrorPage();
     }
     $total = ASDCLoader::instance()->query('SELECT FOUND_ROWS() AS `total`;')->current()->total;
     $result->prependChild(General::buildPaginationElement($total, ceil($total * (1 / $this->dsParamLIMIT)), $this->dsParamLIMIT, $this->dsParamSTARTPAGE));
     foreach ($comments as $c) {
         /*
         	stdClass Object
         	(
         	    [id] => 20589
         	    [comment] => <p>blah blah</p>
         
         	    [member_id] => 2103
         	    [username] => Alistair
         	    [date] => 1241576727
         	    [email] => alistair@21degrees.com.au
         	)
         	
         	<entry id="20515">
                 <date time="01:32" weekday="3">2009-05-06</date>
                 <comment word-count="6"><p>This site looks awesome guys! Congrats!</p></comment>
                 <created-by id="2694">davethegr8</created-by>
             </entry>
         */
         $entry = new XMLElement('entry', NULL, array('id' => $c->id));
         $entry->appendChild(new XMLElement('created-by', General::sanitize($c->username), array('email-address-hash' => md5($c->email), 'email-address' => General::sanitize($c->email), 'id' => $c->member_id)));
         $entry->appendChild(General::createXMLDateObject($c->date, 'date'));
         $c->comment = str_replace(array('<script', '</script'), array('&lt;script', '&lt;/script'), $c->comment);
         $entry->appendChild(new XMLElement('comment', trim($c->comment)));
         $result->appendChild($entry);
     }
     return $result;
 }
예제 #7
0
 protected function __trigger()
 {
     $role_field_handle = ASDCLoader::instance()->query(sprintf("SELECT `element_name` FROM `tbl_fields` WHERE `type` = 'memberrole' AND `parent_section` = %d LIMIT 1", extension_Members::memberSectionID()))->current()->element_name;
     $role_id = Symphony::Configuration()->get('new_member_default_role', 'members');
     if (Symphony::Configuration()->get('require_activation', 'members') == 'yes') {
         $role_id = extension_Members::INACTIVE_ROLE_ID;
     }
     $_POST['fields'][$role_field_handle] = $role_id;
     include TOOLKIT . '/events/event.section.php';
     return $result;
 }
 private function __search($query)
 {
     $result = new XMLElement($this->dsParamROOTELEMENT);
     if (strlen(trim($query)) == 0) {
         return $this->emptyXMLSet($result);
     }
     $db = ASDCLoader::instance();
     $result->appendChild(new XMLElement('query-string', General::sanitize($query), array('encoded' => urlencode($query))));
     $sql = "SELECT SQL_CALC_FOUND_ROWS \n\t\t\t\t\t\tMATCH(comment.value) AGAINST ('%6\$s') AS `score`,\n\t\t\t\t\t\tcomment.entry_id AS `id`,\n\t\t\t\t\t\tdate.local AS `date`,\n\t\t\t\t\t\tcomment.value_formatted AS `description`,\n\t\t\t\t\t\tmember.member_id AS `member-id`, \n\t\t\t\t\t\tmember.username AS `username`,\n\t\t\t\t\t\ttopic.value AS `topic`,\n\t\t\t\t\t\tparent.relation_id AS `discussion-id`\n\t\t\t\t\t\t\n\t\t\t\t\tFROM `tbl_entries_data_%1\$d` AS `date`\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%2\$d` AS `comment` ON date.entry_id = comment.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%3\$d` AS `member` ON date.entry_id = member.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%4\$d` AS `parent` ON date.entry_id = parent.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%5\$d` AS `topic` ON parent.relation_id = topic.entry_id\n\n\t\t\t\t\tWHERE MATCH(comment.value) AGAINST ('%6\$s')\n\t\t\t\t\tORDER BY `score` DESC\n\t\t\t\t\tLIMIT %7\$d, %8\$d";
     //MATCH(comment.value) AGAINST ('%s') AS `score`,
     //OR MATCH(comment.value) AGAINST ('%1\$s')
     //WITH QUERY EXPANSION
     //member.username = '******' OR comment.value LIKE '%%%6\$s%%' OR topic.value LIKE '%%%6\$s%%'
     try {
         $rows = $db->query(sprintf($sql, self::findFieldID('date', 'comments'), self::findFieldID('comment', 'comments'), self::findFieldID('created-by', 'comments'), self::findFieldID('parent-id', 'comments'), self::findFieldID('topic', 'discussions'), $db->escape($query), max(0, ($this->dsParamSTARTPAGE - 1) * $this->dsParamLIMIT), $this->dsParamLIMIT));
     } catch (Exception $e) {
         $result->appendChild(new XMLElement('error', General::sanitize(vsprintf('%d: %s on query %s', $db->lastError()))));
         return $result;
     }
     if ($rows->length() == 0) {
         return $this->emptyXMLSet($result);
     }
     $total = $db->query('SELECT FOUND_ROWS() AS `total`;')->current()->total;
     $result->prependChild(General::buildPaginationElement($total, ceil($total * (1 / $this->dsParamLIMIT)), $this->dsParamLIMIT, $this->dsParamSTARTPAGE));
     /*
     
     		        <entry id="19753">
     		            <name>Section Schema</name>
     		            <member id="2101">Allen</member>
     		            <description><p>Sect ... ollow).</p></description>
     		        </entry>
     */
     foreach ($rows as $r) {
         $entry = new XMLElement('entry', NULL, array('discussion-id' => $r->{'discussion-id'}, 'id' => $r->id, 'score' => number_format($r->score, 3)));
         // Topic
         $entry->appendChild(new XMLElement('topic', General::sanitize($r->topic)));
         // Date
         $entry->appendChild(General::createXMLDateObject($r->date, 'date'));
         // Member
         $entry->appendChild(new XMLElement('member', General::sanitize($r->{'username'}), array('id' => $r->{'member-id'})));
         // Comment
         $entry->appendChild(new XMLElement('comment', trim($r->description)));
         $result->appendChild($entry);
     }
     return $result;
 }
예제 #9
0
 public static function associateParent($parent, $initialise_em = true, $initialise_sm = true)
 {
     $ASDC_locations = array(EXTENSIONS . '/asdc/lib/class.asdc.php', WORKSPACE . "/api/class.asdc.php");
     // Plug in in the ASDC class
     foreach ($ASDC_locations as $location) {
         if (file_exists($location)) {
             require_once $location;
             break;
         }
     }
     self::$ASDC = ASDCLoader::instance();
     // Standard symphony init
     if ($initialise_sm) {
         self::$sm = new SectionManager($parent);
     }
     if ($initialise_em) {
         self::$em = new EntryManager($parent);
     }
 }
 protected function __trigger()
 {
     self::__init();
     $db = ASDCLoader::instance();
     $success = false;
     $Members = $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     if ($Members->isLoggedIn() !== true) {
         redirect(URL . '/forbidden/');
     }
     $Members->initialiseMemberObject();
     // Make sure we dont accidently use an expired token
     extension_Members::purgeCodes();
     $em = new EntryManager($this->_Parent);
     $entry = end($em->fetch((int) $Members->Member->get('id')));
     $email = $entry->getData(self::findFieldID('email-address', 'members'));
     $name = $entry->getData(self::findFieldID('name', 'members'));
     $Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
     redirect(URL . '/members/activate/sent/');
 }
예제 #11
0
 public function grab(&$param_pool)
 {
     $result = new XMLElement($this->dsParamROOTELEMENT);
     $current_page_id = (int) $this->_env['param']['current-page-id'];
     $db = ASDCLoader::instance();
     try {
         $results = $db->query("SELECT * FROM `tbl_pages` WHERE `id` = '{$current_page_id}' LIMIT 1");
     } catch (Exception $e) {
         $result->appendChild(new XMLElement('error', General::sanitize(vsprintf('%d: %s on query "%s"', $db->lastError()))));
         return $result;
     }
     while ($results->length() > 0) {
         $current = $results->current();
         $result->prependChild(new XMLElement('page', $current->title, array('path' => trim("{$current->path}/{$current->handle}", '/'))));
         if (is_null($current->parent)) {
             break;
         }
         $results = $db->query(sprintf("SELECT * FROM `tbl_pages` WHERE `id` = '%d' LIMIT 1", (int) $current->parent));
     }
     return $result;
 }
예제 #12
0
 public function grab(&$param_pool)
 {
     $result = new XMLElement($this->dsParamROOTELEMENT);
     self::__init();
     $db = ASDCLoader::instance();
     $sql = "SELECT \n\t\t\t\t\t\te.id,\n\t\t\t\t\t\te.creation_date_gmt AS `date`,\n\t\t\t\t\t\tname.value AS `name`,\n\t\t\t\t\t\trole.name AS `role`,\n\t\t\t\t\t\twebsite.value AS `website`,\n\t\t\t\t\t\tcity.value AS `city`,\n\t\t\t\t\t\ttimezone_offset.value AS `timezone-offset`,\t\t\t\t\t\t\n\t\t\t\t\t\tusername.username AS `username`,\n\t\t\t\t\t\temail.value AS `email`,\n\t\t\t\t\t\tMD5(email.value) AS `hash`\n\t\t\t\t\t\t\n\t\t\t\t\tFROM `tbl_entries_data_%d` AS `name`\n\t\t\t\t\tLEFT JOIN `tbl_entries` AS `e` ON name.entry_id = e.id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `r` ON e.id = r.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_members_roles` AS `role` ON r.role_id = role.id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `username` ON e.id = username.entry_id\t\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `email` ON e.id = email.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `city` ON e.id = city.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `website` ON e.id = website.entry_id\n\t\t\t\t\tLEFT JOIN `tbl_entries_data_%d` AS `timezone_offset` ON e.id = timezone_offset.entry_id\n\t\t\t\t\t\n\t\t\t\t\tWHERE username.username = '******'\n\t\t\t\t\tLIMIT 0, 1";
     try {
         $member = $db->query(sprintf($sql, self::findFieldID('name', 'members'), self::findFieldID('role', 'members'), self::findFieldID('username-and-password', 'members'), self::findFieldID('email-address', 'members'), self::findFieldID('city', 'members'), self::findFieldID('website', 'members'), self::findFieldID('timezone-offset', 'members'), $db->escape($this->dsParamFILTERS['username'])))->current();
     } catch (Exception $e) {
         $result->appendChild(new XMLElement('error', $e->getMessage()));
         return $result;
     }
     if (!$member instanceof StdClass || is_null($member)) {
         $this->__redirectToErrorPage();
     }
     /*
     
     			  	<entry id="2101">
     		            <creation-date time="19:31" weekday="3">2009-01-07</creation-date>			
     		            <name handle="allen-chang">Allen Chang</name>
     		            <role id="2">Administrator</role>
     		            <username-and-password username="******" password="******" />
     		        </entry>
     */
     $entry = new XMLElement('entry', NULL, array('id' => $member->id, 'email-hash' => $member->hash));
     $entry->appendChild(new XMLElement('name', General::sanitize($member->name)));
     if (isset($member->website) && strlen(trim($member->website)) > 0) {
         $entry->appendChild(new XMLElement('website', General::sanitize($member->website)));
     }
     if (isset($member->city) && strlen(trim($member->city)) > 0) {
         $entry->appendChild(new XMLElement('city', General::sanitize($member->city)));
     }
     $offset = !is_null($member->{'timezone-offset'}) ? min(max($member->{'timezone-offset'}, -12), 12) : 0;
     $entry->appendChild(new XMLElement('timezone-offset', $offset));
     $entry->appendChild(new XMLElement('role', General::sanitize($member->role)));
     $entry->appendChild(new XMLElement('username', General::sanitize($member->username)));
     $entry->appendChild(General::createXMLDateObject(strtotime($member->date . '+00:00'), 'date-joined'));
     $result->appendChild($entry);
     return $result;
 }
 protected function __trigger()
 {
     $result = new XMLElement(self::ROOTELEMENT);
     self::__init();
     $db = ASDCLoader::instance();
     $success = false;
     $Members = Frontend::instance()->ExtensionManager->create('members');
     $Members->initialiseCookie();
     if ($Members->isLoggedIn() !== true) {
         $result->appendChild(new XMLElement('error', 'Must be logged in.'));
         $result->setAttribute('status', 'error');
         return $result;
     }
     $Members->initialiseMemberObject();
     // Make sure we dont accidently use an expired code
     extension_Members::purgeCodes();
     $activation_row = $db->query(sprintf("SELECT * FROM `tbl_members_codes` WHERE `code` = '%s' AND `member_id` = %d LIMIT 1", $db->escape($_POST['fields']['code']), (int) $Members->Member->get('id')))->current();
     // No code, you are a spy!
     if ($activation_row === false) {
         $success = false;
         $result->appendChild(new XMLElement('error', 'Activation failed. Code was invalid.'));
     } else {
         // Got this far, all is well.
         $db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `role_id` = %d WHERE `entry_id` = %d LIMIT 1", $Members->roleField(), Symphony::Configuration()->get('new_member_default_role', 'members'), (int) $Members->Member->get('id')));
         extension_Members::purgeCodes((int) $Members->Member->get('id'));
         $em = new EntryManager($this->_Parent);
         $entry = end($em->fetch((int) $Members->Member->get('id')));
         $email = $entry->getData(self::findFieldID('email-address', 'members'));
         $name = $entry->getData(self::findFieldID('name', 'members'));
         $Members->emailNewMember(array('section' => $Members->memberSectionHandle(), 'entry' => $entry, 'fields' => array('username-and-password' => $entry->getData(self::findFieldID('username-and-password', 'members')), 'name' => $name['value'], 'email-address' => $email['value'])));
         $success = true;
     }
     if ($success == true && isset($_REQUEST['redirect'])) {
         redirect($_REQUEST['redirect']);
     }
     $result->setAttribute('status', $success === true ? 'success' : 'error');
     return $result;
 }
 private function __triggerCode()
 {
     $result = new XMLElement(self::ROOTELEMENT, NULL, array('step' => '2'));
     $success = false;
     $Members = $this->_Parent->ExtensionManager->create('members');
     $code = $_POST['fields']['code'];
     self::__init();
     $db = ASDCLoader::instance();
     // Make sure we dont accidently use an expired code
     extension_Members::purgeCodes();
     $code_row = $db->query(sprintf("SELECT * FROM `tbl_members_codes` WHERE `code` = '%s' LIMIT 1", $db->escape($code)))->current();
     // No code, you are a spy!
     if ($code_row !== false) {
         extension_Members::purgeCodes($code_row->member_id);
         $success = $Members->sendNewPasswordEmail($code_row->member_id);
     }
     $result->setAttribute('status', $success === true ? 'success' : 'error');
     if ($success == false) {
         $result->appendChild(new XMLElement('error', 'Sending email containing new password failed.'));
     } elseif ($success == true && isset($_REQUEST['redirect'])) {
         redirect($_REQUEST['redirect']);
     }
     return $result;
 }
예제 #15
0
 public function action()
 {
     ##Do not proceed if the config file is read only
     if (!is_writable(CONFIG)) {
         redirect($this->_Parent->getCurrentPageURL());
     }
     if (isset($_POST['action']['save'])) {
         $settings = array_map('addslashes', $_POST['fields']);
         if (!isset($settings['require_activation'])) {
             $settings['require_activation'] = 'no';
         }
         foreach ($settings as $key => $value) {
             Symphony::Configuration()->set($key, $value, 'members');
         }
         $this->_Parent->saveConfig();
         redirect($this->_Parent->getCurrentPageURL());
     } elseif (isset($_POST['action']['smart-setup'])) {
         $db = ASDCLoader::instance();
         try {
             // Create thew new Section
             $db->query("INSERT INTO `tbl_sections` VALUES(\n\t\t\t\t\t\tNULL, 'Members', 'members', 999, NULL, 'asc', 'no', 'Content'\n\t\t\t\t\t)");
             $section_id = $db->lastInsertID();
             // Member Field
             $db->query(sprintf("INSERT INTO `tbl_fields` \n\t\t\t\t\t\tVALUES(\n\t\t\t\t\t\t\tNULL, 'Username and Password', 'username-and-password', 'member', %d, 'yes', 0, 'main', 'yes'\n\t\t\t\t\t\t)", $section_id));
             $member_field_id = $db->lastInsertID();
             $db->query(sprintf("INSERT INTO `tbl_fields_member` VALUES(NULL, %d)", $member_field_id));
             // Member Field data table
             $db->query(sprintf("CREATE TABLE `tbl_entries_data_%d` (\n\t\t\t\t\t\t  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t  `entry_id` int(11) unsigned NOT NULL,\n\t\t\t\t\t\t  `username` varchar(50) DEFAULT NULL,\n\t\t\t\t\t\t  `password` varchar(32) DEFAULT NULL,\n\t\t\t\t\t\t  PRIMARY KEY (`id`),\n\t\t\t\t\t\t  KEY `entry_id` (`entry_id`),\n\t\t\t\t\t\t  KEY `username` (`username`)\n\t\t\t\t\t\t)", $member_field_id));
             // Role Field
             $db->query(sprintf("INSERT INTO `tbl_fields` \n\t\t\t\t\t\tVALUES(NULL, 'Role', 'role', 'memberrole', %d, 'no', 2, 'sidebar', 'yes')", $section_id));
             $role_field_id = $db->lastInsertID();
             $db->query(sprintf("INSERT INTO `tbl_fields_memberrole` VALUES(NULL, %d)", $role_field_id));
             // Role Field data table
             $db->query(sprintf("CREATE TABLE `tbl_entries_data_%d` (\n\t\t\t\t\t\t  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t  `entry_id` int(11) unsigned NOT NULL,\n\t\t\t\t\t\t  `role_id` int(11) unsigned NOT NULL,\n\t\t\t\t\t\t  PRIMARY KEY (`id`),\n\t\t\t\t\t\t  KEY `entry_id` (`entry_id`,`role_id`)\n\t\t\t\t\t\t)", $role_field_id));
             // Timezone Offset Field
             $db->query(sprintf("INSERT INTO `tbl_fields` \n\t\t\t\t\t\tVALUES(NULL, 'Timezone Offset', 'timezone-offset', 'input', %d, 'no', 3, 'sidebar', 'yes')", $section_id));
             $timezone_field_id = $db->lastInsertID();
             $db->query(sprintf("INSERT INTO `tbl_fields_input` VALUES(NULL, %d, NULL)", $timezone_field_id));
             // Timezone Offset Field data table
             $db->query(sprintf("CREATE TABLE `tbl_entries_data_%d` (\n\t\t\t\t\t\t  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t  `entry_id` int(11) unsigned NOT NULL,\n\t\t\t\t\t\t  `handle` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t  `value` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t  PRIMARY KEY (`id`),\n\t\t\t\t\t\t  KEY `entry_id` (`entry_id`),\n\t\t\t\t\t\t  KEY `handle` (`handle`),\n\t\t\t\t\t\t  KEY `value` (`value`)\n\t\t\t\t\t\t)", $timezone_field_id));
             // Email Field
             $db->query(sprintf("INSERT INTO `tbl_fields` \n\t\t\t\t\t\tVALUES(NULL, 'Email Address', 'email-address', 'input', %d, 'yes', 1, 'main', 'yes')", $section_id));
             $email_field_id = $db->lastInsertID();
             $db->query(sprintf("INSERT INTO `tbl_fields_input` VALUES(\n\t\t\t\t\t\tNULL, %d, '%s'\n\t\t\t\t\t)", $email_field_id, $db->escape('/^\\w(?:\\.?[\\w%+-]+)*@\\w(?:[\\w-]*\\.)+?[a-z]{2,}$/i')));
             // Email Field data table
             $db->query(sprintf("CREATE TABLE `tbl_entries_data_%d` (\n\t\t\t\t\t\t  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t  `entry_id` int(11) unsigned NOT NULL,\n\t\t\t\t\t\t  `handle` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t  `value` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t  PRIMARY KEY (`id`),\n\t\t\t\t\t\t  KEY `entry_id` (`entry_id`),\n\t\t\t\t\t\t  KEY `handle` (`handle`),\n\t\t\t\t\t\t  KEY `value` (`value`)\n\t\t\t\t\t\t)", $email_field_id));
         } catch (Exception $e) {
             print_r($db->lastError());
             die;
         }
         /*
         ###### MEMBERS ######
         'members' => array(
         	'cookie-prefix' => 'sym-members',
         	'member_section' => '11',
         	'email_address_field_id' => '41',
         	'timezone_offset_field_id' => '40',
         ),
         ########
         */
         Symphony::Configuration()->set('member_section', $section_id, 'members');
         Symphony::Configuration()->set('email_address_field_id', $email_field_id, 'members');
         Symphony::Configuration()->set('timezone_offset_field_id', $timezone_field_id, 'members');
         Administration::instance()->saveConfig();
         redirect(Administration::instance()->getCurrentPageURL());
     }
     /* 
     				
     	INSERT INTO `tbl_fields` VALUES(NULL, 'Username and Password', 'username-and-password', 'member', 7, 'yes', 0, 'main', 'yes');	
     				INSERT INTO `tbl_fields_member` VALUES(NULL, 25);	
     				CREATE TABLE `tbl_entries_data_25` (
     				  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
     				  `entry_id` int(11) unsigned NOT NULL,
     				  `username` varchar(50) DEFAULT NULL,
     				  `password` varchar(32) DEFAULT NULL,
     				  PRIMARY KEY (`id`),
     				  KEY `entry_id` (`entry_id`),
     				  KEY `username` (`username`)
     				);
     	INSERT INTO `tbl_fields` VALUES(NULL, 'Role', 'role', 'memberrole', 7, 'no', 2, 'sidebar', 'yes');
     				INSERT INTO `tbl_fields_memberrole` VALUES(NULL, 26);
     				CREATE TABLE `tbl_entries_data_26` (
     				  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
     				  `entry_id` int(11) unsigned NOT NULL,
     				  `role_id` int(11) unsigned NOT NULL,
     				  PRIMARY KEY (`id`),
     				  KEY `entry_id` (`entry_id`,`role_id`)
     				);
     	INSERT INTO `tbl_fields` VALUES(NULL, 'Timezone Offset', 'timezone-offset', 'input', 7, 'no', 3, 'sidebar', 'yes');
     				INSERT INTO `tbl_fields_input` VALUES(NULL, 27, NULL);
     				CREATE TABLE `tbl_entries_data_27` (
     				  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
     				  `entry_id` int(11) unsigned NOT NULL,
     				  `handle` varchar(255) DEFAULT NULL,
     				  `value` varchar(255) DEFAULT NULL,
     				  PRIMARY KEY (`id`),
     				  KEY `entry_id` (`entry_id`),
     				  KEY `handle` (`handle`),
     				  KEY `value` (`value`)
     				);
     	INSERT INTO `tbl_fields` VALUES(NULL, 'Email Address', 'email-address', 'input', 7, 'yes', 1, 'main', 'yes');
     				INSERT INTO `tbl_fields_input` VALUES(NULL, 28, '/^\\w(?:\\.?[\\w%+-]+)*@\\w(?:[\\w-]*\\.)+?[a-z]{2,}$/i');
     				CREATE TABLE `tbl_entries_data_28` (
     				  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
     				  `entry_id` int(11) unsigned NOT NULL,
     				  `handle` varchar(255) DEFAULT NULL,
     				  `value` varchar(255) DEFAULT NULL,
     				  PRIMARY KEY (`id`),
     				  KEY `entry_id` (`entry_id`),
     				  KEY `handle` (`handle`),
     				  KEY `value` (`value`)
     				);
     */
 }
예제 #16
0
 public function view()
 {
     Administration::instance()->Page->addStylesheetToHead(URL . '/extensions/members/assets/styles.css', 'screen', 9125341);
     $formHasErrors = is_array($this->_errors) && !empty($this->_errors);
     if ($formHasErrors) {
         $this->pageAlert('An error occurred while processing this form. <a href="#error">See below for details.</a>', AdministrationPage::PAGE_ALERT_ERROR);
     }
     $this->setPageType('form');
     $this->appendSubheading('Untitled');
     $fields = array();
     if (isset($_POST['fields'])) {
         $fields = $_POST['fields'];
     }
     $fieldset = new XMLElement('fieldset');
     $fieldset->setAttribute('class', 'primary');
     $label = Widget::Label('Subject');
     $label->appendChild(Widget::Input('fields[subject]', General::sanitize($fields['subject'])));
     if (isset($this->_errors['subject'])) {
         $fieldset->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['subject']));
     } else {
         $fieldset->appendChild($label);
     }
     $label = Widget::Label('Body');
     $label->appendChild(Widget::Textarea('fields[body]', 15, 75, General::sanitize($fields['body'])));
     if (isset($this->_errors['body'])) {
         $fieldset->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['body']));
     } else {
         $fieldset->appendChild($label);
     }
     $fieldset->appendChild(new XMLElement('p', 'Dynamic fields and parameters can be included in the subject or body of the email using the <code>{$param}</code> syntax. Please see the <a href="http://github.com/symphony/members/blob/master/README.markdown">readme</a> for a complete list of available parameters.', array('class' => 'help')));
     $this->Form->appendChild($fieldset);
     $sidebar = new XMLElement('fieldset');
     $sidebar->setAttribute('class', 'secondary');
     $label = Widget::Label('Type');
     $options = array(array(NULL, false, NULL), array('reset-password', $fields['type'] == 'reset-password', 'Reset Password'), array('new-password', $fields['type'] == 'new-password', 'New Password'), array('activate-account', $fields['type'] == 'activate-account', 'Activate Account'), array('welcome', $fields['type'] == 'welcome', 'Welcome Email'));
     $label->appendChild(Widget::Select('fields[type]', $options));
     if (isset($this->_errors['type'])) {
         $sidebar->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['type']));
     } else {
         $sidebar->appendChild($label);
     }
     $label = Widget::Label('Roles');
     $label->appendChild(Widget::Input('fields[roles]', $fields['roles']));
     if (isset($this->_errors['roles'])) {
         $sidebar->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['roles']));
     } else {
         $sidebar->appendChild($label);
     }
     $roles = DatabaseUtilities::resultColumn(ASDCLoader::instance()->query("SELECT `name` FROM `tbl_members_roles` ORDER BY `name` ASC"), 'name');
     if (is_array($roles) && !empty($roles)) {
         $taglist = new XMLElement('ul');
         $taglist->setAttribute('class', 'tags');
         foreach ($roles as $tag) {
             $taglist->appendChild(new XMLElement('li', $tag));
         }
         $sidebar->appendChild($taglist);
     }
     $this->Form->appendChild($sidebar);
     $div = new XMLElement('div');
     $div->setAttribute('class', 'actions');
     $div->appendChild(Widget::Input('action[save]', 'Create', 'submit', array('accesskey' => 's')));
     $this->Form->appendChild($div);
 }
 public function fetchEmailTemplates()
 {
     return ASDCLoader::instance()->query('SELECT * FROM `tbl_members_email_templates` ORDER BY `id` ASC', 'EmailTemplateResultIterator');
 }
 public function view()
 {
     if (!($email_template_id = $this->_context[0])) {
         redirect(extension_members::baseURL());
     }
     if (!($existing = EmailTemplate::loadFromID($email_template_id))) {
         throw new SymphonyErrorPage(__('The email template you requested to edit does not exist.'), __('Email Template not found'), 'error');
     }
     if (isset($this->_context[1])) {
         switch ($this->_context[1]) {
             case 'saved':
                 $this->pageAlert(__('Email Template updated at %1$s. <a href="%2$s">Create another?</a> <a href="%3$s">View all Email Template</a>', array(DateTimeObj::getTimeAgo(__SYM_TIME_FORMAT__), extension_members::baseURL() . 'email_templates_new/', extension_members::baseURL() . 'email_templates/')), Alert::SUCCESS);
                 break;
             case 'created':
                 $this->pageAlert(__('Email Template created at %1$s. <a href="%2$s">Create another?</a> <a href="%3$s">View all Email Template</a>', array(DateTimeObj::getTimeAgo(__SYM_TIME_FORMAT__), extension_members::baseURL() . 'email_templates_new/', extension_members::baseURL() . 'email_templates/')), Alert::SUCCESS);
                 break;
         }
     }
     Administration::instance()->Page->addStylesheetToHead(URL . '/extensions/members/assets/styles.css', 'screen', 9125341);
     $formHasErrors = is_array($this->_errors) && !empty($this->_errors);
     if ($formHasErrors) {
         $this->pageAlert(__('An error occurred while processing this form. <a href="#error">See below for details.</a>'), AdministrationPage::PAGE_ALERT_ERROR);
     }
     $this->setPageType('form');
     $this->setTitle('Symphony &ndash; Member Roles &ndash; ' . $existing->subject);
     $this->appendSubheading($existing->subject);
     $fields = array();
     if (isset($_POST['fields'])) {
         $fields = $_POST['fields'];
     } else {
         $fields['subject'] = $existing->subject;
         $fields['body'] = $existing->body;
         $fields['type'] = $existing->type;
         $fields['roles'] = NULL;
         foreach ($existing->roles() as $role_id => $r) {
             $fields['roles'] .= $r->name() . ", ";
         }
         $fields['roles'] = trim($fields['roles'], ', ');
     }
     $fieldset = new XMLElement('fieldset');
     $fieldset->setAttribute('class', 'primary');
     $label = Widget::Label('Subject');
     $label->appendChild(Widget::Input('fields[subject]', General::sanitize($fields['subject'])));
     if (isset($this->_errors['subject'])) {
         $fieldset->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['subject']));
     } else {
         $fieldset->appendChild($label);
     }
     $label = Widget::Label('Body');
     $label->appendChild(Widget::Textarea('fields[body]', 15, 75, General::sanitize($fields['body'])));
     if (isset($this->_errors['body'])) {
         $fieldset->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['body']));
     } else {
         $fieldset->appendChild($label);
     }
     $fieldset->appendChild(new XMLElement('p', 'Dynamic fields and parameters can be included in the subject or body of the email using the <code>{$param}</code> syntax. Please see the <a href="http://github.com/symphony/members/blob/master/README.markdown">readme</a> for a complete list of available parameters.', array('class' => 'help')));
     $this->Form->appendChild($fieldset);
     $sidebar = new XMLElement('fieldset');
     $sidebar->setAttribute('class', 'secondary');
     $label = Widget::Label('Type');
     $options = array(array(NULL, false, NULL), array('reset-password', $fields['type'] == 'reset-password', 'Reset Password'), array('new-password', $fields['type'] == 'new-password', 'New Password'), array('activate-account', $fields['type'] == 'activate-account', 'Activate Account'), array('welcome', $fields['type'] == 'welcome', 'Welcome Email'));
     $label->appendChild(Widget::Select('fields[type]', $options));
     if (isset($this->_errors['type'])) {
         $sidebar->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['type']));
     } else {
         $sidebar->appendChild($label);
     }
     $label = Widget::Label('Roles');
     $label->appendChild(Widget::Input('fields[roles]', $fields['roles']));
     if (isset($this->_errors['roles'])) {
         $sidebar->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['roles']));
     } else {
         $sidebar->appendChild($label);
     }
     $roles = DatabaseUtilities::resultColumn(ASDCLoader::instance()->query("SELECT `name` FROM `tbl_members_roles` ORDER BY `name` ASC"), 'name');
     if (is_array($roles) && !empty($roles)) {
         $taglist = new XMLElement('ul');
         $taglist->setAttribute('class', 'tags');
         foreach ($roles as $tag) {
             $taglist->appendChild(new XMLElement('li', $tag));
         }
         $sidebar->appendChild($taglist);
     }
     $this->Form->appendChild($sidebar);
     $div = new XMLElement('div');
     $div->setAttribute('class', 'actions');
     $div->appendChild(Widget::Input('action[save]', 'Save Changes', 'submit', array('accesskey' => 's')));
     $button = new XMLElement('button', __('Delete'));
     $button->setAttributeArray(array('name' => 'action[delete]', 'class' => 'confirm delete', 'title' => __('Delete this email template')));
     $div->appendChild($button);
     $this->Form->appendChild($div);
 }
 protected function __trigger()
 {
     $success = true;
     $Members = $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     // Make sure the user is logged in
     if ($Members->isLoggedIn() !== true) {
         $result->appendChild(new XMLElement('error', 'Must be logged in.'));
         $result->setAttribute('status', 'error');
         return $result;
     }
     $Members->initialiseMemberObject();
     $current_credentials = $Members->Member->getData($Members->usernameAndPasswordField());
     $result = new XMLElement(self::ROOTELEMENT);
     // This event will listen for either a New Password + Old Password
     // or New Password + Valid Code. Codes are issued via the Forgot Password feature
     $fields = $_POST['fields'];
     $old_password = $new_password = $code = NULL;
     if (!isset($fields['new-password']) || strlen(trim($fields['new-password'])) == 0) {
         $success = false;
         $result->appendChild(new XMLElement('new-password', NULL, array('type' => 'missing')));
     } else {
         $new_password = trim($fields['new-password']);
     }
     if (!isset($fields['old-password']) || strlen(trim($fields['old-password'])) == 0) {
         $success = false;
         $result->appendChild(new XMLElement('old-password', NULL, array('type' => 'missing')));
     } elseif (md5(trim($fields['old-password'])) != $current_credentials['password']) {
         $success = false;
         $result->appendChild(new XMLElement('old-password', NULL, array('type' => 'invalid', 'message' => 'Password is incorrect.')));
     } else {
         $old_password = trim($fields['old-password']);
     }
     if ($success === true) {
         self::__init();
         $db = ASDCLoader::instance();
         // Attempt to update the password
         $db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `password` = '%s' WHERE `entry_id` = %d LIMIT 1", $Members->usernameAndPasswordField(), md5($new_password), (int) $Members->Member->get('id')));
         // Update the cookie by simulating login
         if ($Members->login($current_credentials['username'], $new_password) !== true) {
             $success = false;
             $result->appendChild(new XMLElement('error', 'Problem updating cookie.'));
         }
     }
     if ($success == true && isset($_REQUEST['redirect'])) {
         redirect($_REQUEST['redirect']);
     }
     $result->setAttribute('result', $success === true ? 'success' : 'error');
     return $result;
 }
예제 #20
0
 public function view()
 {
     Administration::instance()->Page->addStylesheetToHead(URL . '/extensions/members/assets/styles.css', 'screen', 9125341);
     Administration::instance()->Page->addStylesheetToHead(URL . '/extensions/members/assets/jquery-ui.css', 'screen', 9125342);
     Administration::instance()->Page->addScriptToHead(URL . '/extensions/members/assets/jquery-ui.js', 9126342);
     Administration::instance()->Page->addScriptToHead(URL . '/extensions/members/assets/members.js', 9126343);
     $formHasErrors = is_array($this->_errors) && !empty($this->_errors);
     if ($formHasErrors) {
         $this->pageAlert(__('An error occurred while processing this form. <a href="#error">See below for details.</a>'), AdministrationPage::PAGE_ALERT_ERROR);
     }
     $this->setPageType('form');
     $this->appendSubheading(__('Untitled'));
     $fields = array();
     if (isset($_POST['fields'])) {
         $fields = $_POST['fields'];
     }
     $fieldset = new XMLElement('fieldset');
     $fieldset->setAttribute('class', 'settings type-file');
     $fieldset->appendChild(new XMLElement('legend', __('Essentials')));
     $label = Widget::Label(__('Name'));
     $label->appendChild(Widget::Input('fields[name]', General::sanitize($fields['name'])));
     if (isset($this->_errors['name'])) {
         $fieldset->appendChild(Widget::wrapFormElementWithError($label, $this->_errors['name']));
     } else {
         $fieldset->appendChild($label);
     }
     $this->Form->appendChild($fieldset);
     $EventManager = new EventManager($this->_Parent);
     $events = $EventManager->listAll();
     if (is_array($events) && !empty($events)) {
         foreach ($events as $handle => $e) {
             $show_in_role_permissions = method_exists("event{$handle}", 'showInRolePermissions') && call_user_func(array("event{$handle}", 'showInRolePermissions')) === true ? true : false;
             if (!$e['can_parse'] && !$show_in_role_permissions) {
                 unset($events[$handle]);
             }
         }
     }
     $fieldset = new XMLElement('fieldset');
     $fieldset->setAttribute('class', 'settings type-file');
     $fieldset->appendChild(new XMLElement('legend', __('Event Level Permissions')));
     $aTableHead = array(array(__('Event'), 'col'), array(__('Create'), 'col'), array(__('Edit'), 'col'));
     $aTableBody = array();
     /*
     <tr class="global">
     	<td>Set Global Permissions</td>
     	<td class="add">
     		<input type="checkbox" name="add-global" value="no"/>
     	</td>
     	<td class="edit">
     		<p class="global-slider"></p>
     		<span>n/a</span>
     	</td>
     	<!--<td class="delete">
     		<p class="global-slider"></p>
     		<span>n/a</span>
     	</td>-->
     </tr>
     */
     ## Setup each cell
     $td1 = Widget::TableData(__('Global Permissions'));
     $td2 = Widget::TableData(Widget::Input('global-add', '1', 'checkbox'), 'add');
     $td3 = Widget::TableData(NULL, 'edit');
     $td3->appendChild(new XMLElement('p', NULL, array('class' => 'global-slider')));
     $td3->appendChild(new XMLElement('span', 'n/a'));
     $td4 = Widget::TableData(NULL, 'delete');
     $td4->appendChild(new XMLElement('p', NULL, array('class' => 'global-slider')));
     $td4->appendChild(new XMLElement('span', 'n/a'));
     ## Add a row to the body array, assigning each cell to the row
     $aTableBody[] = Widget::TableRow(array($td1, $td2, $td3), 'global');
     //, $td4
     if (is_array($events) && !empty($events)) {
         foreach ($events as $event_handle => $event) {
             $permissions = $fields['permissions'][$event_handle];
             ## Setup each cell
             $td1 = Widget::TableData($event['name']);
             $td2 = Widget::TableData(Widget::Input("fields[permissions][{$event_handle}][create]", '1', 'checkbox', $permissions['create'] == 1 ? array('checked' => 'checked') : NULL), 'add');
             $td3 = Widget::TableData(NULL, 'edit');
             $td3->appendChild(new XMLElement('p', NULL, array('class' => 'slider')));
             $span = new XMLElement('span');
             $span->setSelfClosingTag(false);
             $td3->appendChild($span);
             $td3->appendChild(Widget::Input('fields[permissions][' . $event_handle . '][edit]', isset($permissions['edit']) ? $permissions['edit'] : '0', 'hidden'));
             $td4 = Widget::TableData(NULL, 'delete');
             $td4->appendChild(new XMLElement('p', NULL, array('class' => 'slider')));
             $span = new XMLElement('span');
             $span->setSelfClosingTag(false);
             $td4->appendChild($span);
             $td4->appendChild(Widget::Input('fields[permissions][' . $event_handle . '][delete]', isset($permissions['delete']) ? $permissions['delete'] : '0', 'hidden'));
             /*
             <tr>
             	<td>{EVENT-NAME}</td>
             	<td class="add">
             		<input type="checkbox" name="{ANY NAME}" value="{EXISTING STATE:No}"/>
             	</td>
             	<td class="edit">
             		<p class="slider"></p>
             		<span></span>
             		<input type="hidden" name="{ANY NAME}" value="{EXISTING-VALUE:1}"/>
             	</td>
             	<!--<td class="delete">
             		<p class="slider"></p>
             		<span></span>
             		<input type="hidden" name="{ANY NAME}" value="{EXISTING-VALUE:1}"/>
             	</td>-->
             </tr>
             */
             ## Add a row to the body array, assigning each cell to the row
             $aTableBody[] = Widget::TableRow(array($td1, $td2, $td3));
             //, $td4));
         }
     }
     $table = Widget::Table(Widget::TableHead($aTableHead), NULL, Widget::TableBody($aTableBody), 'role-permissions');
     $fieldset->appendChild($table);
     $this->Form->appendChild($fieldset);
     ####
     # Delegate: MemberRolePermissionFieldsetsEdit
     # Description: Add custom fieldsets to the role page
     Administration::instance()->ExtensionManager->notifyMembers('MemberRolePermissionFieldsetsEdit', '/extension/members/roles_edit/', array('form' => &$this->Form, 'permissions' => $fields['permissions']));
     #####
     $fieldset = new XMLElement('fieldset');
     $fieldset->setAttribute('class', 'settings type-file');
     $fieldset->appendChild(new XMLElement('legend', __('Page Level Permissions')));
     $pages = ASDCLoader::instance()->query(sprintf("SELECT * FROM `tbl_pages` %s ORDER BY `title` ASC", $this->_context[0] == 'edit' ? "WHERE `id` != '{$page_id}' " : NULL));
     $label = Widget::Label(__('Deny Access'));
     $options = array();
     if ($pages->length() > 0) {
         foreach ($pages as $page) {
             $options[] = array($page->id, @in_array($page->id, $fields['page_access']), '/' . Administration::instance()->resolvePagePath($page->id));
         }
     }
     $label->appendChild(Widget::Select('fields[page_access][]', $options, array('multiple' => 'multiple')));
     $fieldset->appendChild($label);
     $this->Form->appendChild($fieldset);
     $div = new XMLElement('div');
     $div->setAttribute('class', 'actions');
     $div->appendChild(Widget::Input('action[save]', __('Create'), 'submit', array('accesskey' => 's')));
     $this->Form->appendChild($div);
 }
예제 #21
0
 public function Database($enableProfiling = false)
 {
     return ASDCLoader::instance($enableProfiling);
 }
예제 #22
0
 public function buildXML()
 {
     if (!empty($this->_member_id)) {
         $result = new XMLElement('member-login-info');
         $result->setAttribute('logged-in', 'true');
         if (!$this->Member) {
             $this->initialiseMemberObject();
         }
         $result->setAttributeArray(array('id' => $this->Member->get('id')));
         $entryManager = new EntryManager($this->_Parent);
         foreach ($this->Member->getData() as $field_id => $values) {
             if (!isset($fieldPool[$field_id]) || !is_object($fieldPool[$field_id])) {
                 $fieldPool[$field_id] =& $entryManager->fieldManager->fetch($field_id);
             }
             $fieldPool[$field_id]->appendFormattedElement($result, $values, false, NULL, $this->Member->get('id'));
         }
         $role_data = $this->Member->getData($this->roleField());
         $role = $this->fetchRole($role_data['role_id'], true);
         $permission = new XMLElement('permissions');
         $forbidden_pages = $role->forbiddenPages();
         if (is_array($forbidden_pages) && !empty($forbidden_pages)) {
             $rows = ASDCLoader::instance()->query(sprintf("SELECT * FROM `tbl_pages` WHERE `id` IN (%s)", @implode(',', $forbidden_pages)));
             $pages = new XMLElement('forbidden-pages');
             foreach ($rows as $r) {
                 $attr = array('id' => $r->id, 'handle' => General::sanitize($r->handle));
                 if (!is_null($r->path)) {
                     $attr['parent-path'] = General::sanitize($r->path);
                 }
                 $pages->appendChild(new XMLElement('page', General::sanitize($r->title), $attr));
             }
             $permission->appendChild($pages);
         }
         $event_permissions = $role->eventPermissions();
         if (is_array($event_permissions) && !empty($event_permissions)) {
             foreach ($event_permissions as $event_handle => $e) {
                 $obj = new XMLElement($event_handle);
                 foreach ($e as $action => $level) {
                     $obj->appendChild(new XMLElement($action, (string) $level));
                 }
                 $permission->appendChild($obj);
             }
         }
         $result->appendChild($permission);
     } else {
         $result = new XMLElement('member-login-info');
         $result->setAttribute('logged-in', 'false');
         if (self::$_failed_login_attempt === true) {
             $result->setAttribute('failed-login-attempt', 'true');
         }
     }
     return $result;
 }
예제 #23
0
 public function flush()
 {
     $queries = ASDCLoader::instance()->query("DELETE FROM `db_sync` WHERE 1");
 }
    public function grab(&$param_pool)
    {
        $Members = Frontend::instance()->ExtensionManager->create('members');
        $Members->initialiseCookie();
        if ($Members->isLoggedIn() !== true) {
            // Oi! you can't be here
            redirect(URL . '/forbidden/');
            exit;
        }
        $result = new XMLElement($this->dsParamROOTELEMENT);
        self::__init();
        $db = ASDCLoader::instance();
        $sql = 'SELECT SQL_CALC_FOUND_ROWS 
						pinned.entry_id AS `id`, 
						pinned.value AS `pinned`, 
						closed.value AS `closed`, 
						creation_date.local AS `creation-date`,
						last_active.local AS `last-active`,							
						created_by.member_id AS `created-by-member-id`,
						created_by.username AS `created-by-username`,
						last_post.member_id AS `last-post-member-id`,
						last_post.username AS `last-post-username`,							
						topic.value AS `topic`
					
					FROM `tbl_entries_data_%d` AS `pinned`
					LEFT JOIN `tbl_entries_data_%d` AS `closed` ON pinned.entry_id = closed.entry_id
					LEFT JOIN `tbl_entries_data_%d` AS `creation_date` ON pinned.entry_id = creation_date.entry_id	
					LEFT JOIN `tbl_entries_data_%d` AS `last_active` ON pinned.entry_id = last_active.entry_id					
					LEFT JOIN `tbl_entries_data_%d` AS `created_by` ON pinned.entry_id = created_by.entry_id	
					LEFT JOIN `tbl_entries_data_%d` AS `last_post` ON pinned.entry_id = last_post.entry_id	
					LEFT JOIN `tbl_entries_data_%d` AS `topic` ON pinned.entry_id = topic.entry_id
					LEFT JOIN `tbl_entries_data_%d` AS `comments` ON pinned.entry_id = comments.relation_id
					LEFT JOIN `tbl_entries_data_%d` AS `discussion_comments_member` ON comments.entry_id = discussion_comments_member.entry_id	
					WHERE 1 %s
					AND (created_by.member_id = %11$d || discussion_comments_member.member_id = %11$d)
					GROUP BY pinned.entry_id
					ORDER BY pinned.value ASC, last_active.local DESC
					LIMIT %12$d, %13$d';
        try {
            $rows = $db->query(sprintf($sql, self::findFieldID('pinned', 'discussions'), self::findFieldID('closed', 'discussions'), self::findFieldID('creation-date', 'discussions'), self::findFieldID('last-active', 'discussions'), self::findFieldID('created-by', 'discussions'), self::findFieldID('last-post', 'discussions'), self::findFieldID('topic', 'discussions'), self::findFieldID('parent-id', 'comments'), self::findFieldID('created-by', 'comments'), isset($this->dsParamFILTERS['id']) && (int) $this->dsParamFILTERS['id'] > 0 ? " AND pinned.entry_id  = " . (int) $this->dsParamFILTERS['id'] : NULL, (int) $Members->Member->get('id'), max(0, ($this->dsParamSTARTPAGE - 1) * $this->dsParamLIMIT), $this->dsParamLIMIT));
        } catch (Exception $e) {
            $result->appendChild(new XMLElement('error', General::sanitize(vsprintf('%d: %s on query %s', $db->lastError()))));
            return $result;
        }
        if ($rows->length() == 0) {
            return $this->emptyXMLSet();
        }
        $total = $db->query('SELECT FOUND_ROWS() AS `total`;')->current()->total;
        $result->prependChild(General::buildPaginationElement($total, ceil($total * (1 / $this->dsParamLIMIT)), $this->dsParamLIMIT, $this->dsParamSTARTPAGE));
        /*
        	stdClass Object
        	(
        	    [id] => 666
        	    [pinned] => yes
        	    [closed] => no
        	    [creation-date] => 1233599808
        	    [last-active] => 1237161637
        	    [created-by-member-id] => 2126
        	    [created-by-username] => Lewis
        	    [last-post-member-id] => 2126
        	    [last-post-username] => Lewis
        	    [topic] => Symphony 2 Documentation
        	    [comments] => 18
        	)
        
           <entry id="595" comments="7">
        		            <created-by id="2150">newnomad</created-by>
        		            <closed>No</closed>
        		            <last-active time="18:30" weekday="1">2009-02-09</last-active>
        		            <last-post id="2150">newnomad</last-post>
        		            <pinned>No</pinned>
        		            <topic handle="viewing-feeds">viewing feeds</topic>
        		            <creation-date time="19:31" weekday="3">2009-01-07</creation-date>
            </entry>
        */
        $param_pool['ds-' . $this->dsParamROOTELEMENT] = DatabaseUtilities::resultColumn($rows, 'id');
        foreach ($rows as $r) {
            // Need to do a seperate query to find the comment counts.
            try {
                $comments = $db->query(sprintf("SELECT COUNT(*) AS `count` FROM `tbl_entries_data_%d` WHERE `relation_id` = %d ", self::findFieldID('parent-id', 'comments'), $r->id))->current()->count;
            } catch (Exception $e) {
                $result->appendChild(new XMLElement('error', General::sanitize(vsprintf('%d: %s on query %s', $db->lastError()))));
                return $result;
            }
            $entry = new XMLElement('entry', NULL, array('id' => $r->id, 'comments' => $comments));
            $entry->appendChild(new XMLElement('created-by', General::sanitize($r->{'created-by-username'}), array('id' => $r->{'created-by-member-id'})));
            $entry->appendChild(new XMLElement('last-post', General::sanitize($r->{'last-post-username'}), array('id' => $r->{'last-post-member-id'})));
            $entry->appendChild(new XMLElement('closed', ucfirst($r->closed)));
            $entry->appendChild(new XMLElement('pinned', ucfirst($r->pinned)));
            $entry->appendChild(new XMLElement('topic', General::sanitize($r->topic)));
            $entry->appendChild(General::createXMLDateObject($r->{'creation-date'}, 'creation-date'));
            $entry->appendChild(General::createXMLDateObject($r->{'last-active'}, 'last-active'));
            $result->appendChild($entry);
        }
        return $result;
    }
    protected function __trigger()
    {
        $success = true;
        $result = new XMLElement('forgot-password');
        $Members = $this->_Parent->ExtensionManager->create('members');
        $username = $email = $code = NULL;
        if (isset($_POST['fields']['code']) && strlen(trim($_POST['fields']['code'])) > 0) {
            $code = $_POST['fields']['code'];
            $new_password = General::generatePassword();
            self::__init();
            $db = ASDCLoader::instance();
            // Make sure we dont accidently use an expired token
            extension_Members::purgeTokens();
            $token_row = $db->query(sprintf("SELECT * FROM `tbl_members_login_tokens` WHERE `token` = '%s' LIMIT 1", $db->escape($code)))->current();
            // No code, you are a spy!
            if ($token_row === false) {
                redirect(URL . '/members/reset-pass/failed/');
            }
            // Attempt to update the password
            $db->query(sprintf("UPDATE `tbl_entries_data_%d` SET `password` = '%s' WHERE `entry_id` = %d LIMIT 1", $Members->usernameAndPasswordField(), md5($new_password), $token_row->member_id));
            extension_Members::purgeTokens($token_row->member_id);
            // SEND THE EMAIL!!
            $entry = $Members->initialiseMemberObject($token_row->member_id);
            $email_address = $entry->getData(self::findFieldID('email-address', 'members'));
            $name = $entry->getData(self::findFieldID('name', 'members'));
            $subject = 'Your new password';
            $body = 'Dear {$name},

Just now, you have asked the Symphony brain trust to bestow you with a new password.

Well, here it is: {$new-password}

There\'s a good chance that you won\'t like this new password and want to change it - don\'t worry, we\'re not offended.

You can do that once you\'ve logged in by going here: {$root}/members/change-pass/

If you have any trouble, please email us at support@symphony-cms.com and we\'ll do our best to help.

Regards,

Symphony Team';
            $body = str_replace(array('{$name}', '{$root}', '{$new-password}'), array($name['value'], URL, $new_password), $body);
            $sender_email = 'noreply@' . parse_url(URL, PHP_URL_HOST);
            $sender_name = Symphony::Configuration()->get('sitename', 'general');
            General::sendEmail($email_address['value'], $sender_email, $sender_name, $subject, $body);
            redirect(URL . '/members/reset-pass/success/');
        }
        // Username take precedence
        if (isset($_POST['fields']['member-username']) && strlen(trim($_POST['fields']['member-username'])) > 0) {
            $username = $_POST['fields']['member-username'];
        }
        if (isset($_POST['fields']['member-email-address']) && strlen(trim($_POST['fields']['member-email-address'])) > 0) {
            $email = $_POST['fields']['member-email-address'];
        }
        if (is_null($username) && is_null($email)) {
            $success = false;
            $result->appendChild(new XMLElement('member-username', NULL, array('type' => 'missing')));
            $result->appendChild(new XMLElement('member-email-address', NULL, array('type' => 'missing')));
        } else {
            $members = array();
            if (!is_null($email)) {
                $members = $Members->findMemberIDFromEmail($email);
            }
            if (!is_null($username)) {
                $members[] = $Members->findMemberIDFromUsername($username);
            }
            // remove duplicates
            $members = array_unique($members);
            try {
                if (is_array($members) && !empty($members)) {
                    foreach ($members as $member_id) {
                        $Members->sendForgotPasswordEmail($member_id);
                    }
                    redirect(URL . '/members/reset-pass/code/');
                }
            } catch (Exception $e) {
                // Shouldn't get here, but will catch an invalid member ID if it does
            }
            $success = false;
        }
        $result->setAttribute('status', $success === true ? 'success' : 'error');
        return $result;
    }