static function run() { if (isset($_GET['site_url']) && isset($_GET['sitemap_url']) && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) { $sitemapObject = new Crawler($_GET['site_url']); $sitemapPath = ABSPATH . 'sitemap.xml'; $sitemapFile = $sitemapObject->createSitemap($sitemapPath); // session_write_close(); // ob_end_flush(); exit; } }
public function edit_smiley() { $id = (int) $_REQUEST['id']; if (isset($_POST['smiley_code']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $arr = array(); if (isset($_FILES['smiley_image'])) { $image = $_FILES['smiley_image']; if (!\CODOF\File\Upload::valid($image) or !\CODOF\File\Upload::not_empty($image) or !\CODOF\File\Upload::type($image, array('jpg', 'jpeg', 'png', 'gif', 'pjpeg', 'bmp'))) { $this->smarty->assign('err', 1); $this->smarty->assign('msg', "Error While saving the image."); } else { $file_info = \CODOF\File\Upload::save($image, NULL, DATA_PATH . 'assets/img/smileys', 0777); $arr["image_name"] = $file_info["name"]; } } $arr['symbol'] = $this->clean_lines($_POST['smiley_code']); $arr['weight'] = $_POST['weight']; DB::table(PREFIX . "codo_smileys")->where("id", $id)->update($arr); $this->smarty->assign('msg', "Smiley saved successfully."); } $smiley = DB::table(PREFIX . "codo_smileys")->where("id", $id)->first(); $smiley['image_name'] = A_DURI . 'assets/img/smileys/' . $smiley['image_name']; $this->smarty->assign('smiley', $smiley); }
<?php $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); if (isset($_POST['captcha_public_key']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { if (!isset($_POST['captcha'])) { $_POST['captcha'] = 'no'; } foreach ($_POST as $key => $value) { if ($key == 'captcha') { $value = "on" == $value ? "enabled" : "disabled"; } $query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key"; $ps = $db->prepare($query); $ps->execute(array(':key' => $key, ':value' => htmlentities($value, ENT_QUOTES, 'UTF-8'))); } } CODOF\Util::get_config($db); $content = $smarty->fetch('spam/recaptcha.tpl');
$info['admin'] = false; if (is_file($dir->getPathname() . "/admin/" . $dir->getFilename() . ".admin.php")) { $info['admin'] = true; } require $info_file_path; $plugins[] = $info; //var_dump($info); } } return $plugins; } } $plg = new Backend_plugins(); //$plg->get_plugins_fs(); //$plg->get_plugins_db(); if (isset($_POST['action']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { if ($_POST['action'] == 'install') { $plg->install_plugin($_POST['plugin']); //$plg->enable_plugin($_POST['plugin']); } else { if ($_POST['action'] == 'upgrade') { $plg->upgrade_plugin($_POST['plugin']); } else { if ($_POST['action'] == 'enable') { $plg->enable_plugin($_POST['plugin']); } else { if ($_POST['action'] == 'disable') { $plg->disable_plugin($_POST['plugin']); } else { } }
<?php $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); $qry = "SELECT rid,rname FROM codo_roles"; $res = $db->query($qry); if ($res) { $roles = $res->fetchAll(); } if (isset($_POST['subject']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $subject = html_entity_decode($_POST['subject'], ENT_NOQUOTES, "UTF-8"); $body = html_entity_decode($_POST['body'], ENT_NOQUOTES, "UTF-8"); $condition = ""; /* if (strpos($body, '[username]') !== FALSE || strpos($body, '[userid]')) { */ $users = \DB::table(PREFIX . 'codo_users')->select('id', 'name', 'mail'); if (isset($_POST['roles'])) { $users = $users->join(PREFIX . 'codo_user_roles', 'uid', '=', 'id')->whereIn('rid', $_POST['roles']); } $users = $users->get(); foreach ($users as $user) { $_body = str_replace('[username]', $user['name'], $body); $__body = str_replace('[userid]', $user['id'], $_body); $mails[] = array("to_address" => $user['mail'], "mail_subject" => $subject, "body" => $__body); } \DB::table(PREFIX . 'codo_mail_queue')->insert($mails); /* } else { if (isset($_POST['roles'])) {
<?php /* * @CODOLICENSE */ $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); if (isset($_GET['import']) && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) { $_DB = array('driver' => 'mysql', 'host' => $_GET['db_host'], 'database' => $_GET['db_name'], 'username' => $_GET['db_user'], 'password' => $_GET['db_pass'], 'charset' => 'utf8', 'collation' => 'utf8_unicode_ci', 'prefix' => $_GET['tbl_prefix']); $work = new \CODOF\Importer\ImportWorker($_DB, $_GET['import_from']); $work->max_rows = (int) $_GET['max_rows']; $work->import_admin_mail = $_GET['admin_mail']; $work->connect_db(); $is_admin = $work->isset_admin_account(); if ($work->connected && $is_admin) { $total = 0; $time = microtime(true); $work->empty_tables('categories'); $work->import_cats(); echo "Categories imported in : "; $diff = microtime(true) - $time; echo $diff; $total += $diff; $time = microtime(true); $work->empty_tables('users'); $work->import_users(); echo "<br/>users imported in : "; $diff = microtime(true) - $time; echo $diff; $total += $diff; $time = microtime(true);
<?php /* * @CODOLICENSE */ $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); $query = "SELECT * FROM " . PREFIX . "codo_config"; if (isset($_POST['sso_secret']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $cfgs = array(); foreach ($_POST as $key => $value) { $query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key"; $ps = $db->prepare($query); $ps->execute(array(':key' => $key, ':value' => $value)); //echo $query."<br>\n"; } } CODOF\Util::get_config($db); $content = $smarty->fetch('sso.tpl');
$i = 0; if (isset($_POST['roles'])) { foreach ($_POST['roles'] as $role) { $roles[$i]['pid'] = $id; $roles[$i]['rid'] = $role; $i++; } } //var_dump($roles); if (count($roles) > 0) { DB::table(PREFIX . "codo_page_roles")->insert($roles); } header("Location: index.php?page=pages/pages&action=editpage&id={$id}"); exit; } } elseif ($_GET['action'] == 'delete' && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) { $id = $_GET['id']; DB::table(PREFIX . "codo_page_roles")->where('pid', '=', $id)->delete(); DB::table(PREFIX . "codo_pages")->where('id', '=', $id)->delete(); header("Location: index.php?page=pages/pages"); } else { if ($_GET['action'] == 'editpage') { $id = (int) $_GET['id']; $current_page = DB::table(PREFIX . "codo_pages")->where('id', $id)->first(); //var_dump($current_block); $smarty->assign('current_page', $current_page); $smarty->assign('mode', 'edit'); $smarty->assign('pid', $id); $roles = $B->get_roles($id); $nroles = array(); foreach ($roles as $role) {
<?php /* * @CODOLICENSE */ $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); define('HOUR', 3600); define('DAY', HOUR * 24); define('MONTH', DAY * 30); $smarty->assign('msg', ''); $query = "SELECT * FROM " . PREFIX . "codo_config"; if (isset($_GET['t'])) { $smarty->assign('msg', 'The user has been banned successfully'); } if (isset($_POST['ban_uid']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $uid = $_POST['ban_uid']; $type = $_POST['ban_type']; $user = CODOF\User\User::get(); $by = $user->username; $on = time(); $reason = $_POST['ban_reason']; $mul = array("hour" => HOUR, "day" => DAY, "month" => MONTH, "forever" => 0); $seconds = floor((int) $_POST['ban_expires'] * $mul[$_POST['ban_expires_type']]); if ($seconds == 0) { $till = 0; } else { $till = time() + (int) $seconds; } $values = array("uid" => $uid, "ban_type" => $type, "ban_by" => $by, "ban_on" => $on, "ban_reason" => $reason, "ban_expires" => $till); $ban = new CODOF\User\Ban($db);
{ DB::table(PREFIX . 'codo_roles')->where('rid', '=', $id)->delete(); DB::table(PREFIX . 'codo_user_roles')->where('rid', '=', $id)->delete(); DB::table(PREFIX . 'codo_permissions')->where('rid', '=', $id)->delete(); DB::table(PREFIX . 'codo_block_roles')->where('rid', '=', $id)->delete(); } } //NEW if (isset($_POST['role_name']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $manager = new CODOF\Permission\Manager(); $rid = $manager->addRole($_POST['role_name']); $fromRid = $_POST['copy_from_role_id']; $manager->copyRole($fromRid, $rid); $smarty->assign('msg', "Role added successfully."); } $smarty->assign('msgType', 'info'); //Delete if (isset($_POST['del_role_id']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $rid = (int) $_POST['del_role_id']; $systemRoles = array(ROLE_ADMIN, ROLE_BANNED, ROLE_GUEST, ROLE_MODERATOR, ROLE_UNVERIFIED, ROLE_USER); if (!in_array($rid, $systemRoles)) { role::delete_role($_POST['del_role_id']); $smarty->assign('msg', "Role deleted successfully."); } else { $smarty->assign('msg', "System defined roles cannot be deleted."); $smarty->assign('msgType', 'danger'); } } $roles = DB::table(PREFIX . 'codo_roles')->get(); $smarty->assign('roles', $roles); $content = $smarty->fetch('permission/roles.tpl');
$reg->username = $_POST['a_username']; $reg->name = $_POST['a_username']; $reg->mail = $_POST['a_email']; $reg->password = $_POST['a_password']; $reg->user_status = 1; $errors = $reg->register_user(); $msg = implode('<br>', $errors); } //$msg = $errors[0]; $err = 1; $smarty->assign("msg", $msg); } } } //DELETE if (isset($_POST['delete_type']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $msg = ""; $user = CODOF\User\User::get((int) $_POST['delete_id']); if ($user == false) { $_POST['delete_type'] = 'error'; $msg .= "User does not exist.<br>"; } else { if ($user->hasRoleId(ROLE_ADMIN) || $user->mail == 'anonymous@localhost') { $_POST['delete_type'] = 'error'; $msg .= "User with admin role/anonynous user cannot be deleted."; } } $smarty->assign('msg', $msg); if ($_POST['delete_type'] == 'ban_and_keep') { $user->banAccount(); } else {
static function run() { if (isset($_GET['upgrade']) && CODOF\Access\CSRF::valid($_GET['CSRF_token'])) { require ABSPATH . 'admin/modules/system/Curl.php'; if (isset($_GET['checklatest'])) { upgrader::check_latest(); } else { if (isset($_GET['download'])) { upgrader::download(); } else { if (isset($_GET['file_upgrade'])) { upgrader::file_upgrade(); } else { if (isset($_GET['direct_upgrade'])) { echo 'started DU'; upgrader::direct_upgrade(); } else { if (isset($_GET['ftp_step'])) { upgrader::ftp_step(); } } } } } session_write_close(); ob_end_flush(); exit; } }
<?php $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); $query = "SELECT * FROM " . PREFIX . "codo_config"; if (isset($_POST['max_rep_per_day']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { if (!isset($_POST['enable_reputation'])) { $_POST['enable_reputation'] = 'off'; } foreach ($_POST as $key => $value) { if ($key == 'enable_reputation') { $value = "on" == $value ? "yes" : "no"; } $query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key"; $ps = $db->prepare($query); $ps->execute(array(':key' => $key, ':value' => htmlentities($value, ENT_QUOTES, 'UTF-8'))); } } CODOF\Util::get_config($db); $content = $smarty->fetch('reputation/settings.tpl');
<?php /* * @CODOLICENSE */ $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); $query = "SELECT * FROM " . PREFIX . "codo_config"; if (isset($_POST['site_title']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $cfgs = array(); foreach ($_POST as $key => $value) { if ($key == 'reg_req_admin') { $value = "on" == $value ? "yes" : "no"; } $query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key"; $ps = $db->prepare($query); $ps->execute(array(':key' => $key, ':value' => htmlentities($value, ENT_QUOTES, 'UTF-8'))); //echo $query."<br>\n"; } } CODOF\Util::get_config($db); $content = $smarty->fetch('config.tpl');
<?php /* * @CODOLICENSE */ $smarty = \CODOF\Smarty\Single::get_instance(); $db = \DB::getPDO(); if (isset($_POST['await_approval_subject']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $cfgs = array(); foreach ($_POST as $key => $value) { $query = "UPDATE " . PREFIX . "codo_config SET option_value=:value WHERE option_name=:key"; $ps = $db->prepare($query); $ps->execute(array(':key' => $key, ':value' => $value)); //echo $query."<br>\n"; } } CODOF\Util::get_config($db); $content = $smarty->fetch('mail/templates.tpl');
} function linearize($arr, &$buff, &$i, $p_id) { foreach ($arr as $ray) { $buff[$i] = array('cat_id' => $ray->id, 'cat_pid' => $p_id, 'cat_order' => $i); $i++; if (isset($ray->children)) { linearize($ray->children, $buff, $i, $ray->id); } } } $smarty = \CODOF\Smarty\Single::get_instance(); $smarty->assign('msg', ''); $smarty->assign('err', 0); if (isset($_POST['mode'])) { if ($_POST['mode'] == 'new' && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { $qry = 'INSERT INTO ' . PREFIX . 'codo_categories' . '(cat_pid,cat_name,cat_alias,cat_description,cat_img,no_topics,no_posts,cat_order)' . 'VALUES(:cat_pid,:cat_name,:cat_alias,:cat_description,:cat_img,:no_topics,:no_posts,:cat_order)'; $stmt = $db->prepare($qry); $arr[":cat_pid"] = 0; $arr[":cat_name"] = $_POST['cat_name']; $arr[":cat_alias"] = CODOF\Filter::URL_safe($_POST['cat_name']); // $arr[":cat_img"] = 1; //$_POST['cat_img']; // $arr[":cat_description"] = $_POST['cat_description']; $arr[":no_topics"] = 0; $arr[":no_posts"] = 0; $arr[":cat_order"] = 0; //$stmt->execute($arr); $image = $_FILES['cat_img']; if (!\CODOF\File\Upload::valid($image) or !\CODOF\File\Upload::not_empty($image) or !\CODOF\File\Upload::type($image, array('jpg', 'jpeg', 'png', 'gif', 'pjpeg', 'bmp', 'svg'))) {