function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'listUrl') { $menu = Request('menu'); $page = Request('page'); $page = $this->IM->getPages($menu, $page); $oKey = Request('oKey'); $oKeyword = Request('oKeyword'); $oCategory = Request('oCategory'); $oSort = Request('oSort'); $keyword = Request('keyword'); $category = Request('category'); $sort = Request('sort'); $key = Request('key'); $keyword = Request('keyword'); $p = Request('p') ? Request('p') : 1; $queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&keyword=' . $keyword . '&category=' . $category . '&sort=' . $sort . '&p=' . $p; if ($oKeyword != $keyword || $oCategory != $category || $oSort != $sort) { $p = 1; } $default = array(); if (strlen($keyword) == 0) { $default['keyword'] = ''; } if ($sort == 'update') { $default['sort'] = ''; } if (isset($page->context->config->category) == true && $page->context->config->category == $category) { $default['category'] = ''; } $url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString); $results->success = true; $results->url = $url; } if ($action == 'postWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->did = Request('did'); $values->menu = Request('menu'); $values->page = Request('page'); $values->category = Request('category'); $values->homepage = Request('homepage'); $values->license = Request('license') ? Request('license') : ($values->errors['license'] = $this->getLanguage('postWrite/help/license/error')); $values->price = Request('price') ? preg_match('/[1-9]+[0-9]*/', Request('price')) == true ? Request('price') : ($values->errors['price'] = $this->getLanguage('postWrite/help/price/error')) : 0; $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); $values->dataroom = $this->getDataroom($values->did); if ($values->dataroom->use_category == 'USED') { if ($values->category == null || preg_match('/^[1-9]+[0-9]*$/', $values->category) == false) { $values->errors['category'] = $this->getLanguage('postWrite/help/category/error'); } } else { $values->category = 0; } if (isset($_FILES['logo']['tmp_name']) == true && $_FILES['logo']['tmp_name']) { $checkImage = getimagesize($_FILES['logo']['tmp_name']); if (in_array($checkImage[2], array(1, 2, 3)) == false) { $values->errors['logo'] = $this->getLanguage('postWrite/help/logo/error'); } } if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['category'] = $values->category; $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['homepage'] = $values->homepage; $insert['license'] = $values->license; $insert['price'] = $values->price; if ($values->idx == null) { $post = null; if ($this->checkPermission('write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } else { $oCategory = null; $reg_date = time(); $insert['reg_date'] = $reg_date; $insert['last_update'] = 0; $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->post, $insert)->execute(); } $this->IM->setArticle('dataroom', $values->did, 'post', $values->idx, 0); $this->IM->getModule('member')->sendPoint(null, $values->dataroom->post_point, 'dataroom', 'post', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->dataroom->post_exp, 'dataroom', 'post', array('idx' => $values->idx)); } else { $post = $this->getPost($values->idx); $oCategory = $post->category; $reg_date = $post->reg_date; if ($this->checkPermission('modify') == false && $post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); $this->IM->setArticle('dataroom', $values->did, 'post', $values->idx, $post->last_update); if ($post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($post->midx, 'dataroom', 'post_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null, 0, 'dataroom', 'post_modify', array('idx' => $values->idx)); } } if ($results->success == true) { if (isset($_FILES['logo']['tmp_name']) == true && $_FILES['logo']['tmp_name']) { $fileName = $_FILES['logo']['name']; $tempFileName = $this->IM->getModule('attachment')->getTempPath(true) . '/' . md5_file($_FILES['logo']['tmp_name']); if ($this->IM->getModule('attachment')->createThumbnail($_FILES['logo']['tmp_name'], $tempFileName, 500, 0, true) == true) { if ($post == null || $post->logo == 0) { $logoIdx = $this->IM->getModule('attachment')->fileSave($fileName, $tempFileName, 'dataroom', 'logo'); } else { $logoIdx = $this->IM->getModule('attachment')->fileReplace($post->logo, $fileName, $tempFileName); } $this->db()->update($this->table->post, array('logo' => $logoIdx))->where('idx', $values->idx)->execute(); $this->IM->getModule('attachment')->filePublish($logoIdx); } } for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'POST', 'parent' => $values->idx))->execute(); } $this->IM->getModule('attachment')->filePublish($values->attachments[$i]); } if ($oCategory != 0 && $oCategory != $values->category) { $lastPost = $this->db()->select($this->table->post)->where('category', $oCategory)->orderBy('last_update', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->last_update : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $oCategory)->execute(); } if ($values->category != 0 && $oCategory != $values->category) { $lastPost = $this->db()->select($this->table->post)->where('category', $values->category)->orderBy('last_update', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->last_update : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $values->category)->execute(); } $postnum = $this->db()->select($this->table->post)->where('did', $values->did)->count(); $this->db()->update($this->table->dataroom, array('postnum' => $postnum))->where('did', $values->did)->execute(); $page = $this->IM->getPages($values->menu, $values->page); if ($page->context->config == null) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, $post == null ? 'version' : 'view', $values->idx); } elseif ($page->context->config->category == $values->category) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, $post == null ? 'version' : 'view', $values->idx); } else { $redirectPage = $this->getPostPage($values->idx); $results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, $post == null ? 'version' : 'view', $values->idx); } } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'postDelete') { $values->idx = Request('idx'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('post', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'versionWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->parent = Request('parent'); $values->did = Request('did'); $values->menu = Request('menu'); $values->page = Request('page'); $values->version = preg_match('/^[0-9]+\\.[0-9]+(\\.[0-9]+)?$/', Request('version')) == true ? Request('version') : ($values->errors['version'] = $this->getLanguage('versionWrite/help/history/error')); $values->history = Request('history') ? Request('history') : ($values->errors['history'] = $this->getLanguage('versionWrite/help/history/error')); $values->dataroom = $this->getDataroom($values->did); $values->post = $this->getPost($values->parent); if (version_compare($values->post->last_version, $values->version, '>=') == true) { $values->errors['version'] = $this->getLanguage('versionWrite/help/version/lowVersion'); } if (isset($_FILES['file']['tmp_name']) == true && $_FILES['file']['tmp_name']) { if ($this->IM->getModule('attachment')->getFileMime($_FILES['file']['tmp_name']) != 'application/zip') { $errors['file'] = $this->getLanguage('versionWrite/help/file/notzip'); } } if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['parent'] = $values->parent; $insert['version'] = $values->version; $insert['history'] = $values->history; if ($values->idx == null) { if ($this->checkPermission('write') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } else { $reg_date = time(); $insert['reg_date'] = $reg_date; $values->idx = $this->db()->insert($this->table->post_version, $insert)->execute(); $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->parent); } // Action Register } else { $oCategory = $post->category; $reg_date = $post->reg_date; if ($this->checkPermission('post_modify') == false && ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($post->midx == 0) { if ($mHash->password_validate($values->password, $post->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); } $insert['reg_date'] = $post['reg_date']; } if ($results->success == true) { if (isset($_FILES['file']['tmp_name']) == true && $_FILES['file']['tmp_name']) { $fileName = $_FILES['file']['name']; $fileIdx = $this->IM->getModule('attachment')->fileSave($fileName, $_FILES['file']['tmp_name'], 'dataroom', 'file'); $this->db()->update($this->table->post_version, array('file' => $fileIdx))->where('idx', $values->idx)->execute(); } $lastVersion = $this->db()->select($this->table->post_version)->where('parent', $values->parent)->orderBy('reg_date', 'desc')->getOne(); $this->db()->update($this->table->post, array('last_version' => $lastVersion->version, 'last_update' => $lastVersion->reg_date))->where('idx', $values->parent)->execute(); if ($values->post->category != 0) { $this->db()->update($this->table->category, array('last_post' => $lastVersion->reg_date))->where('idx', $values->post->category)->execute(); } $lastPost = $this->db()->select($this->table->post)->where('did', $values->did)->orderBy('last_update', 'desc')->getOne(); $this->db()->update($this->table->dataroom, array('last_post' => $lastPost->last_update))->where('did', $values->did)->execute(); $this->IM->setArticle('dataroom', $values->did, 'post', $values->post->idx, time()); $page = $this->IM->getPages($values->menu, $values->page); $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->parent); } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'getQna') { $values->get = Request('get'); if ($values->get == 'page') { $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->qnalimit = $values->dataroom->qnalimit; $values->page = Request('page'); $values->qnas = $this->getQnaPage($values->parent, $values->page, $values->qnalimit); if ($values->page > 1 && count($values->qnas) == 0) { while ($values->page > 1) { $values->page = $values->page - 1; $values->qnas = $this->getMentPage($values->parent, $values->page, $values->qnalimit); if (count($values->qnas) > 0) { break; } } } if (count($values->qnas) > 0) { $results->page = $values->page; } } elseif ($values->get == 'idx') { $values->idx = Request('idx'); $qna = $this->db()->select($this->table->question)->where('idx', $values->idx)->getOne(); $values->dataroom = $this->getDataroom($qna->did); $values->qnalimit = $values->dataroom->qnalimit; $values->parent = $qna->parent; if ($qna != null) { $values->post = $this->getPost($values->parent); $prevCount = $this->db()->select($this->table->question)->where('parent', $qna->parent)->where('idx', $qna->idx, '>')->count(); $values->page = floor($prevCount / $values->qnalimit) + 1; $values->qnas = $this->getQnaPage($values->parent, $values->page, $values->qnalimit); $results->page = $values->page; } else { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('qnaList/empty') . '</div>'; } } if (count($values->qnas) == 0) { $results->page = null; $results->qnaHtml = '<div class="empty">' . $this->getLanguage('qnaList/empty') . '</div>'; } else { $results->qnaHtml = ''; for ($i = 0, $loop = count($values->qnas); $i < $loop; $i++) { $results->qnaHtml .= $this->getQnaItem($values->qnas[$i]); } } $results->success = true; $results->parent = $values->parent; if ($results->page != null) { $results->qnaCount = number_format($values->post->qna); } $results->pagination = $this->getQnaPagination($results->parent, $results->page); } if ($action == 'getQnaView') { $values->idx = Request('idx'); $results->success = true; $results->idx = $values->idx; $results->qnaHtml = $this->getQnaView($values->idx); } if ($action == 'getQnaWrite') { $values->parent = Request('parent') ? Request('parent') : null; $values->post = $this->getPost($values->parent); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('qna_write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/mypost'); } else { $results->success = true; $results->parent = $values->parent; $results->qnaHtml = $this->getQnaWrite($values->parent); } } if ($action == 'qnaWrite') { $values->errors = array(); $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->did = $values->dataroom->did; $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['parent'] = $values->parent; $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('qna_write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/mypost'); } else { $insert['reg_date'] = time(); $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->question, $insert)->execute(); } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'QUESTION', 'parent' => $values->idx))->execute(); } } $qnanum = $this->db()->select($this->table->question)->where('parent', $values->parent)->count(); $this->db()->update($this->table->post, array('qna' => $qnanum))->where('idx', $values->parent)->execute(); $this->IM->getModule('push')->sendPush($values->post->midx, 'dataroom', 'question', $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged(), 'idx' => $values->idx)); $results->idx = $values->idx; } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'qnaAnswer') { $values->errors = array(); $values->parent = Request('parent'); $values->question = $this->db()->select($this->table->question)->where('idx', $values->parent)->getOne(); $values->post = $this->getPost($values->question->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->did = $values->dataroom->did; $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['did'] = $values->did; $insert['parent'] = $values->parent; $insert['content'] = $values->content; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('qna_answer') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($values->question->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/myquestion'); } else { $insert['reg_date'] = time(); $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->answer, $insert)->execute(); } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->did, 'type' => 'ANSWER', 'parent' => $values->idx))->execute(); } } $this->db()->update($this->table->question, array('has_answer' => 'TRUE'))->where('idx', $values->parent)->execute(); $this->IM->getModule('push')->sendPush($values->question->midx, 'dataroom', 'answer', $values->question->idx, array('from' => $this->IM->getModule('member')->getLogged(), 'idx' => $values->idx)); $results->idx = $values->idx; $results->parent = $values->parent; } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'getMent') { $values->get = Request('get'); if ($values->get == 'page') { $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->mentlimit = $values->dataroom->mentlimit; $values->page = Request('page'); $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if ($values->page > 1 && count($values->ments) == 0) { while ($values->page > 1) { $values->page = $values->page - 1; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if (count($values->ments) > 0) { break; } } } if (count($values->ments) == 0) { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } else { $results->page = $values->page; } } elseif ($values->get == 'idx') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); $values->parent = $ment->parent; if ($ment != null) { $values->page = $this->getMentPosition($values->idx); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->mentlimit = $values->dataroom->mentlimit; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); $results->page = $values->page; } else { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } } $results->success = true; $results->parent = $values->parent; $results->mentCount = number_format($values->post->ment); $results->idxs = array(); $results->ments = array(); if (empty($values->mentHtml) == false) { $results->mentHtml = $values->mentHtml; } if ($results->page !== null) { for ($i = 0, $loop = count($values->ments); $i < $loop; $i++) { $results->ments[$i] = array('idx' => $values->ments[$i]->idx, 'modify_date' => $values->ments[$i]->modify_date, 'html' => $this->getMentItem($values->ments[$i])); $results->idxs[$i] = $values->ments[$i]->idx; } } $results->pagination = $this->getMentPagination($results->parent, $results->page); } if ($action == 'getMentDepth') { $idx = Request('idx'); $parent = $this->getMent($idx); if ($parent == null || $parent->is_delete == 'TRUE') { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($parent->depth >= 10) { $results->success = false; $results->message = $this->getLanguage('mentWrite/overdepth'); } else { $results->success = true; $results->depth = $parent->depth; $results->parent = $parent->parent; $results->source = $idx; } } if ($action == 'mentWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->source = Request('source'); $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->dataroom = $this->getDataroom($values->post->did); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } if ($values->source) { $sourceData = $this->getMent($values->source); if ($sourceData == null) { $results->success = false; $results->message = $this->getLanguage('mentWrite/deleteSource'); } } $values->content = $this->encodeContent($values->content, $values->attachments); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('ment_write') == false) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif (empty($values->errors) == true) { $mHash = new Hash(); $insert = array(); $insert['did'] = $values->post->did; $insert['parent'] = $values->parent; $insert['midx'] = $this->IM->getModule('member')->getLogged(); $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); if ($values->idx == null) { $insert['reg_date'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->ment, $insert)->execute(); if ($values->source) { $sourceData = $this->getMent($values->source); $head = $sourceData->head; $depth = $sourceData->depth + 1; $source = $sourceData->idx; if ($depth > 1) { $depthData = $this->db()->select($this->table->ment_depth)->where('head', $sourceData->head)->where('arrange', $sourceData->arrange, '>')->where('depth', $sourceData->depth, '<=')->orderBy('arrange', 'asc')->getOne(); if ($depthData == null) { $arrange = $values->idx; } else { $arrange = $depthData->arrange; $this->db()->update($this->table->ment_depth, array('arrange' => $this->db()->inc()))->where('head', $sourceData->head)->where('arrange', $arrange, '>=')->execute(); } } else { $arrange = $values->idx; } } else { $head = $values->idx; $arrange = $values->idx; $depth = 0; $source = 0; } $this->db()->insert($this->table->ment_depth, array('idx' => $values->idx, 'parent' => $values->parent, 'head' => $head, 'arrange' => $arrange, 'depth' => $depth, 'source' => $source))->execute(); if ($values->post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($values->post->midx, 'dataroom', 'ment', $values->post->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->sendPoint(null, $values->dataroom->ment_point, 'dataroom', 'ment', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->dataroom->ment_exp, 'dataroom', 'ment', array('idx' => $values->idx)); if ($source != 0 && $sourceData->midx != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($sourceData->midx, 'dataroom', 'replyment', $values->post->idx, array('idx' => $values->idx, 'from' => $this->IM->getModule('member')->getLogged())); } $results->success = true; } else { $ment = $this->getMent($values->idx); $values->dataroom = $this->getDataroom($ment->did); if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($ment->midx == 0) { if ($mHash->password_validate($values->password, $ment->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $insert['modify_date'] = time(); $this->db()->update($this->table->ment, $insert)->where('idx', $ment->idx)->execute(); if ($ment->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($ment->midx, 'dataroom', 'ment_modify', $values->idx, array('from' => $this->IM->getModule('member')->getLogged())); } $this->IM->getModule('member')->addActivity(null, $values->dataroom->ment_exp, 'dataroom', 'ment_modify', array('idx' => $values->idx)); } $results->success = true; } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'did' => $values->post->did, 'type' => 'MENT', 'parent' => $values->idx))->execute(); } } $mentnum = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->count(); $this->db()->update($this->table->post, array('ment' => $mentnum))->where('idx', $values->parent)->execute(); $this->IM->setArticle('dataroom', $values->dataroom->did, 'ment', $values->idx, time()); $results->message = $this->getLanguage('mentWrite/success'); $results->idx = $values->idx; $results->parent = $values->parent; $results->page = $this->getMentPosition($values->idx); } } elseif (count($values->errors) > 0) { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'mentModify') { $values->idx = Request('idx'); $values->password = Request('password'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_modify') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $ment->content = $this->getArticleContent($ment->content); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $ment->attachment = Encoder(json_encode($attachments)); $results->data = $ment; } } if ($action == 'mentDelete') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('ment', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'downloadConfirm') { $values->idx = Request('idx'); $values->version = Request('version'); $values->confirm = Request('confirm'); $values->post = $this->getPost($values->idx); $results->success = true; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } elseif ($this->checkPermission('download') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($values->version == 'latest') { $values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->orderBy('reg_date', 'desc')->getOne(); } else { $values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->where('version', $values->version)->getOne(); } if ($values->post_version == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version)); } else { $values->purchase = $this->db()->select($this->table->purchase)->where('parent', $values->idx)->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($values->purchase == null) { if ($values->confirm == 'TRUE') { $price = $values->post->price; if ($price == 0 || $this->IM->getModule('member')->sendPoint(null, $price * -1, 'dataroom', 'purchase', array('idx' => $values->idx)) == true) { $this->db()->insert($this->table->purchase, array('parent' => $values->idx, 'midx' => $this->IM->getModule('member')->getLogged(), 'price' => $price, 'reg_date' => time()))->execute(); if ($price > 0) { $this->IM->getModule('member')->sendPoint($values->post->midx, round($price * 0.7), 'dataroom', 'sale', array('idx' => $values->idx), true); } $results->success = true; $results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version)); $this->IM->getModule('member')->addActivity(null, 0, 'dataroom', 'purchase', array('idx' => $values->idx)); } else { $results->success = false; $results->message = $this->getLanguage('error/notEnoughPoint'); } } else { $results->success = true; $results->modalHtml = $this->getDownload($values->idx, $values->post_version->version); } } else { $results->success = true; $results->downloadUrl = $this->IM->getProcessUrl('dataroom', 'download', array('idx' => $values->idx, 'version' => $values->post_version->version)); } } } } if ($action == 'download') { $values->idx = Request('idx'); $values->version = Request('version'); $values->post = $this->getPost($values->idx); if ($this->checkPermission('download') == false && $values->post->midx != $this->IM->getModule('member')->getLogged()) { header("HTTP/1.1 403 Forbidden"); exit; } $values->post_version = $this->db()->select($this->table->post_version)->where('parent', $values->idx)->where('version', $values->version)->getOne(); if ($values->post_version == null) { header("HTTP/1.1 404 Not Found"); } elseif ($values->post->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('attachment')->fileDownload($values->post_version->file, false); } else { $values->purchase = $this->db()->select($this->table->purchase)->where('parent', $values->idx)->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($values->purchase == null) { header("HTTP/1.1 403 Forbidden"); } else { $this->db()->update($this->table->post, array('download' => $this->db()->inc()))->where('idx', $values->idx)->execute(); $this->IM->getModule('attachment')->fileDownload($values->post_version->file); } } exit; } if ($action == 'vote') { $values->type = in_array(Request('type'), array('post', 'ment')) == true ? Request('type') : 'post'; $values->idx = Request('idx'); $values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good'; if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $article = $this->db()->select($this->table->{$values->type})->where('idx', $values->idx)->getOne(); if ($article == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($article->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('vote/mypost'); } else { $check = $this->db()->select($this->table->history)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($check == null) { $this->db()->update($this->table->{$values->type}, array($values->vote => $this->db()->inc()))->where('idx', $values->idx)->execute(); $this->db()->insert($this->table->history, array('parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute(); $results->success = true; $results->message = $this->getLanguage('vote/' . $values->vote); $results->liveUpdate = 'liveUpdateDataroom' . ucfirst($values->type) . ucfirst($values->vote) . $values->idx; $results->liveValue = number_format($values->vote + 1); } else { $results->success = false; $results->message = $this->getLanguage('vote/duplicated'); $results->result = $check->result; } } } } if ($action == 'delete') { $values->idx = Request('idx'); $values->type = Request('type'); if ($values->type == 'post') { $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->update($this->table->post, array('is_delete' => 'TRUE', 'FALSE'))->where('idx', $values->idx)->execute(); } $results->success = true; } elseif ($values->type == 'ment') { $ment = $this->getMent($values->idx); $post = $this->getPost($ment->parent); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($this->checkMentTree($values->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute(); if ($ment->source != 0) { $source = $this->getMent($ment->source); while ($source->is_delete == 'TRUE') { if ($this->checkMentTree($source->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute(); if ($source->source != 0) { $source = $this->getMent($source->source); } else { break; } } else { break; } } } $results->position = null; } else { $results->position = $values->idx; $this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute(); } $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); if (count($lastMent) == 0) { $this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute(); $results->parent = $ment->parent; } else { if ($results->position == null) { $position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get(); $lastPosition = array_pop($position); $results->position = $lastPosition->idx; } $this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute(); } $this->IM->deleteArticle('dataroom', 'ment', $values->idx); $results->message = $this->getLanguage('mentDelete/success'); } } elseif ($values->type == 'answer') { $answer = $this->db()->select($this->table->answer)->where('idx', $values->idx)->getOne(); if ($answer == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('answer_delete') == true || $answer->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->delete($this->table->answer)->where('idx', $values->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $answer->idx)->where('type', 'ANSWER')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $this->db()->update($this->table->question, array('has_answer' => 'FALSE'))->where('idx', $answer->parent)->execute(); $results->parent = $answer->parent; $results->message = $this->getLanguage('answerDelete/success'); } } $results->type = $values->type; } $this->IM->fireEvent('afterDoProcess', 'dataroom', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'check') { $name = Request('name'); $value = Request('value'); if ($name == 'email') { if (CheckEmail($value) == true) { if ($this->db()->select($this->table->member)->where('email', $value)->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/email/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/email/error'); } } if ($name == 'name') { if (strlen($value) > 0) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('signup/help/name/error'); } } if ($name == 'nickname') { if (CheckNickname($value) == true) { if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/error'); } } if ($name == 'old_password') { if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $mHash = new Hash(); if ($mHash->password_validate($value, $this->getMember()->password) == true) { $results->success = true; $results->message = $this->getLanguage('password/help/old_password/success'); } else { $results->success = false; $results->message = $this->getLanguage('password/help/old_password/error'); } } } } if ($action == 'forceLogin') { $code = Decoder(Request('code')); if ($code === false) { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } else { $data = json_decode($code); if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) { $this->login($data->idx); $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } } } if ($action == 'login') { $mHash = new Hash(); $email = Request('email'); $password = Request('password'); $results->errors = array(); $loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0); if ($loginFail['time'] > time()) { $results->success = false; $results->message = $this->getLanguage('login/error/login'); } else { $check = $this->db()->select($this->table->member)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors['email'] = $this->getLanguage('login/error/email'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } elseif ($mHash->password_validate($password, $check->password) == false) { $results->success = false; $results->errors['password'] = $this->getLanguage('login/error/password'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } else { if ($check->status == 'ACTIVE') { $this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute(); $this->login($check->idx); $results->success = true; } elseif ($check->status == 'VERIFYING') { $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx); $page = $this->getMemberPage('signup'); $results->success = false; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify'); } else { $results->success = false; $results->message = $this->getLanguage('error/' . $check->status); } } } $_SESSION['loginFail'] = $loginFail; } if ($action == 'logout') { unset($_SESSION['MEMBER_LOGGED']); $results->success = true; } if ($action == 'cert') { $results->success = true; } if ($action == 'signup') { $errors = array(); $email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error')); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } $name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->db()->select($this->table->member)->where('email', $email)->has() == true) { $errors['email'] = $this->getLanguage('signup/help/email/duplicated'); } if ($this->db()->select($this->table->member)->where('nickname', $nickname)->has() == true) { $errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated'); } if (empty($errors) == true) { $mHash = new Hash(); $insert = array(); $insert['gidx'] = Request('registerGIDX', 'session'); $insert['email'] = $email; $insert['password'] = $mHash->password_hash($password); $insert['name'] = $name; $insert['nickname'] = $nickname; $insert['status'] = 'VERIFYING'; $idx = $this->db()->insert($this->table->member, $insert)->execute(); if ($idx !== false) { $results->success = true; $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx); $this->sendVerifyEmail($idx); unset($_SESSION['registerGIDX']); } else { $results->success = false; } } else { $results->success = false; $results->errors = $errors; } } if ($action == 'verifyEmail') { $registerIDX = Request('registerIDX'); if ($registerIDX == null) { $results->success = false; } else { $email = Request('email'); $email_verify_code = Request('email_verify_code'); $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound')); } elseif ($check->code == $email_verify_code) { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute(); $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->success = true; } else { $results->success = false; $results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error')); } } } if ($action == 'sendVerifyEmail') { $registerIDX = Request('registerIDX'); $email = Request('email'); if ($this->isLogged() == true) { if (CheckEmail($email) == false) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error')); } elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated')); } else { $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute(); $status = $this->sendVerifyEmail($this->getLogged(), $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } elseif ($registerIDX != null) { $member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne(); if ($member == null || $member->status != 'VERIFYING') { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/target'); } else { if (CheckEmail($email) == false) { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/email'); } else { $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check->status == 'VERIFIED') { $signupPage = $this->getMemberPage('signup'); $results->success = true; $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete'); } elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute(); $status = $this->sendVerifyEmail($registerIDX, $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoEdit') { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getPhotoEdit($templet); $results->photo = $this->getMember()->photo; } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoUpload') { $photo = Request('photo'); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) { $bytes = base64_decode($match[2]); file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes); $this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg'); $results->success = true; $results->message = $this->getLanguage('photoEdit/success'); } else { $results->success = false; $results->message = $this->getLanguage('photoEdit/error'); } } } if ($action == 'modifyEmail') { $confirm = Request('confirm'); if ($confirm == 'TRUE') { $email = Request('email'); $code = Request('code'); $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->code != $code) { $results->success = false; $results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error')); } else { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute(); $this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modifyEmail/success'); } } else { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getModifyEmail($templet); } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } } if ($action == 'modify') { $step = Request('step'); if ($step == 'verify') { $member = $this->getMember(); $password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($password, $member->password) == true) { $results->success = true; $results->password = Encoder($password); } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('verify/help/password/error')); } } if ($step == 'modify') { $errors = array(); $values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['name'] = $values->name; $insert['nickname'] = $values->nickname; $this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modify/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'password') { $errors = array(); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } else { $mHash = new Hash(); if (strlen($this->getMember()->password) == 65) { $old_password = Request('old_password'); if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) { $errors['old_password'] = $this->getLanguage('password/help/old_password/error'); } } if (count($errors) == 0) { $password = $mHash->password_hash($password); $this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('password/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'facebook') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = '985851538105124'; $CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = '418845248317025'; $CLIENT_SECRET = '5850c198f8f4b0b254a53ae7f9049600'; } else { $CLIENT_ID = '985851538105124'; $CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998'; } $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name')); if ($data === false || empty($data->email) == true) { $this->IM->printError('API ERROR'); } $accessToken = $facebook->getAccessToken(); $refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken(); $this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken); } if ($action == 'google') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = '367657130146-m9ojilvf3kbsv6j24uieartls0ols8t8.apps.googleusercontent.com'; $CLIENT_SECRET = 'GVgWL29VdBiSQIuRTlL5RZDc'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = '476101389490-mug55vcsit7af2sd095m3c8fhd3agssu.apps.googleusercontent.com'; $CLIENT_SECRET = 'CJKMFEkaWkiasXWIj42WY4HU'; } else { $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; } $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $google->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('API ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $data->photo = str_replace('sz=50', 'sz=250', $data->image->url); $accessToken = $google->getAccessToken(); $refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken(); $this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken); } if ($action == 'youtube') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->isLogged() == false) { die($this->getError('NOT_LOGGED')); } $CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com'; $CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv'; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; $youtube = new OAuthClient(); $youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($youtube->authenticate($_GET['code']) == true) { $redirectUrl = $youtube->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($youtube->getAccessToken() == null) { $authUrl = $youtube->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $youtube->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('API ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $accessToken = $youtube->getAccessToken(); $refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken(); $check = $this->db()->select($this->table->social)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne(); if ($check == null) { $this->db()->insert($this->table->social, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute(); } else { $this->db()->update($this->table->social, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute(); } unset($_SESSION['OAUTH_ACCESS_TOKEN']); unset($_SESSION['OAUTH_REFRESH_TOKEN']); $redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/'; unset($_SESSION['SOCIAL_REDIRECT_URL']); header('location:' . $redirectUrl); } if ($action == 'github') { if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->IM->domain == 'www.arzz.com') { $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; } elseif ($this->IM->domain == 'www.minitalk.kr') { $CLIENT_ID = 'a5b5c360b237ed9de0c7'; $CLIENT_SECRET = '0f5e658a0d05f83ee918da13cfe070ff5bc42e60'; } else { $CLIENT_ID = 'b3f954eccc5378afbacf'; $CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218'; } $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $github->get('https://api.github.com/user'); if ($data === false || empty($data->email) == true) { $this->IM->printError('API ERROR'); } $accessToken = $github->getAccessToken(); $refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken(); $this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken); } $this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'listUrl') { $menu = Request('menu'); $page = Request('page'); $page = $this->IM->getPages($menu, $page); $oKey = Request('oKey'); $oKeyword = Request('oKeyword'); $oCategory = Request('oCategory'); $oSort = Request('oSort'); $oDirection = Request('oDirection'); $key = Request('key'); $keyword = Request('keyword'); $category = Request('category'); $sort = Request('sort'); $direction = Request('direction'); $key = Request('key'); $keyword = Request('keyword'); $p = Request('p') ? Request('p') : 1; $queryString = 'menu=' . $page->menu . '&page=' . $page->page . '&key=' . $key . '&keyword=' . $keyword . '&category=' . $category . '&sort=' . $sort . '&direction=' . $direction . '&p=' . $p; if ($oKey != $key || $oKeyword != $keyword || $oCategory != $category || $oSort != $sort || $oDirection != $direction) { $p = 1; } $default = array(); if (strlen($keyword) == 0) { $default['key'] = ''; $default['keyword'] = ''; } if ($sort == 'idx' && $direction == 'desc') { $default['sort'] = $default['direction'] = ''; } if (isset($page->context->config->category) == true && $page->context->config->category == $category) { $default['category'] = ''; } $url = $this->IM->getUrl($page->menu, $page->page, 'list', $p) . $this->IM->getQueryString($default, $queryString); $results->success = true; $results->url = $url; } if ($action == 'postWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->bid = Request('bid'); $values->menu = Request('menu'); $values->page = Request('page'); $values->category = Request('category'); $values->title = Request('title') ? Request('title') : ($values->errors['title'] = $this->getLanguage('postWrite/help/title/error')); $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); $values->is_notice = Request('is_notice') && $this->checkPermission('notice') == true ? 'TRUE' : 'FALSE'; $values->is_html_title = Request('is_html_title') && $this->checkPermission('html_title') == true ? 'TRUE' : 'FALSE'; $values->is_secret = Request('is_secret') ? 'TRUE' : 'FALSE'; $values->is_hidename = Request('is_hidename') && $this->getModule('member')->isLogged() == true ? 'TRUE' : 'FALSE'; if ($this->IM->getModule('member')->isLogged() == false) { $values->name = Request('name') ? Request('name') : ($values->errors['name'] = $this->getLanguage('postWrite/help/name/error')); $values->password = Request('password') ? Request('password') : ($values->errors['password'] = $this->getLanguage('postWrite/help/password/error')); $values->email = Request('email'); $values->midx = 0; } else { $values->name = $this->IM->getModule('member')->getMember()->nickname; $values->password = ''; $values->email = $this->IM->getModule('member')->getMember()->email; $values->midx = $this->IM->getModule('member')->getLogged(); } $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $values->content = $this->encodeContent($values->content, $values->attachments); $values->board = $this->getBoard($values->bid); if ($values->board->use_category != 'NONE') { if ($values->board->use_category == 'FORCE' && ($values->category == null || preg_match('/^[1-9]+[0-9]*$/', $values->category) == false)) { $values->errors['category'] = $this->getLanguage('postWrite/help/category/error'); } } else { $values->category = 0; } if (empty($values->errors) == true) { $results->success = true; $mHash = new Hash(); $insert = array(); $insert['bid'] = $values->bid; $insert['category'] = $values->category; $insert['title'] = $values->title; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['is_notice'] = $values->is_notice; $insert['is_html_title'] = $values->is_html_title; $insert['is_secret'] = $values->is_secret; $insert['is_hidename'] = $values->is_hidename; if ($values->idx == null) { $post = null; $insert['midx'] = $values->midx; $insert['password'] = $values->password; $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['reg_date'] = $insert['last_ment'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->post, $insert)->execute(); if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->sendPoint(null, $values->board->post_point, 'board', 'post', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->board->post_exp, 'board', 'post', array('idx' => $values->idx)); } } else { $post = $this->getPost($values->idx); if ($this->checkPermission('post_modify') == false) { if ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($post->midx == 0) { if ($mHash->password_validate($values->password, $post->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } } if ($results->success == true) { if ($post->midx == 0 && $this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $this->db()->update($this->table->post, $insert)->where('idx', $post->idx)->execute(); if ($post->midx != 0 && $post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($post->midx, 'board', 'post_modify', $post->idx, array('from' => $values->name)); } if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->addActivity(null, 0, 'board', 'post_modify', array('idx' => $values->idx)); } } } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'bid' => $values->bid, 'type' => 'POST', 'parent' => $values->idx))->execute(); } } if ($post != null && $post->category != $values->category) { $lastPost = $this->db()->select($this->table->post)->where('category', $post->category)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $post->category)->execute(); } if ($values->category != 0 && ($post == null || $post->category != $values->category)) { $lastPost = $this->db()->select($this->table->post)->where('category', $values->category)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $values->category)->execute(); } $lastPost = $this->db()->select($this->table->post)->where('bid', $values->bid)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->board, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('bid', $values->bid)->execute(); $this->IM->setArticle('board', $values->bid, 'post', $values->idx, time()); $page = $this->IM->getPages($values->menu, $values->page); if ($page->context->config == null) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->idx); } elseif ($page->context->config->category == $values->category) { $results->redirect = $this->IM->getUrl($values->menu, $values->page, 'view', $values->idx); } else { $redirectPage = $this->getPostPage($values->idx); $results->redirect = $this->IM->getUrl($redirectPage->menu, $redirectPage->page, 'view', $values->idx); } } } else { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'postModify') { $values->idx = Request('idx'); $values->password = Request('password'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_modify') == true || $post->midx != 0 && $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->permission = true; } elseif ($post->midx == 0) { if ($values->password === null) { $results->success = true; $results->permission = false; $results->modalHtml = $this->getModify('post', $values->idx); } else { $mHash = new Hash(); if ($mHash->password_validate($values->password, $post->password) == true) { $results->success = true; $results->permission = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'postDelete') { $values->idx = Request('idx'); $post = $this->getPost($values->idx); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx == 0 || $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('post', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'mentModify') { $values->idx = Request('idx'); $values->password = Request('password'); $ment = $this->getMent($values->idx); $results->permission = false; if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_modify') == true || $ment->midx != 0 && $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->permission = true; } elseif ($ment->midx == 0) { if ($values->password === null) { $results->success = true; $results->permission = false; $results->modalHtml = $this->getModify('ment', $values->idx); } else { $mHash = new Hash(); if ($mHash->password_validate($values->password, $ment->password) == true) { $results->success = true; $results->permission = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->permission == true) { $ment->content = $this->getArticleContent($ment->content); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $ment->attachment = Encoder(json_encode($attachments)); $results->data = $ment; } } if ($action == 'getMent') { $values->get = Request('get'); if ($values->get == 'page') { $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->board = $this->getBoard($values->post->bid); $values->mentlimit = $values->board->mentlimit; $values->page = Request('page'); $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if ($values->page > 1 && count($values->ments) == 0) { while ($values->page > 1) { $values->page = $values->page - 1; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); if (count($values->ments) > 0) { break; } } } if (count($values->ments) == 0) { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } else { $results->page = $values->page; } } elseif ($values->get == 'idx') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); $values->parent = $ment->parent; if ($ment != null) { $values->page = $this->getMentPosition($values->idx); $values->post = $this->getPost($values->parent); $values->board = $this->getBoard($values->post->bid); $values->mentlimit = $values->board->mentlimit; $values->ments = $this->getMentPage($values->parent, $values->page, $values->mentlimit); $results->page = $values->page; } else { $results->page = null; $results->mentHtml = '<div class="empty">' . $this->getLanguage('mentList/empty') . '</div>'; } } $results->success = true; $results->parent = $values->parent; $results->mentCount = number_format($values->post->ment); $results->idxs = array(); $results->ments = array(); if (empty($values->mentHtml) == false) { $results->mentHtml = $values->mentHtml; } if ($results->page !== null) { for ($i = 0, $loop = count($values->ments); $i < $loop; $i++) { $results->ments[$i] = array('idx' => $values->ments[$i]->idx, 'modify_date' => $values->ments[$i]->modify_date, 'html' => $this->getMentItem($values->ments[$i])); $results->idxs[$i] = $values->ments[$i]->idx; } } $results->pagination = $this->getMentPagination($results->parent, $results->page); } if ($action == 'getMentDepth') { $idx = Request('idx'); $parent = $this->getMent($idx); if ($parent == null || $parent->is_delete == 'TRUE') { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($parent->depth >= 10) { $results->success = false; $results->message = $this->getLanguage('mentWrite/overdepth'); } else { $results->success = true; $results->depth = $parent->depth; $results->parent = $parent->parent; $results->source = $idx; } } if ($action == 'mentWrite') { $values->errors = array(); $values->idx = Request('idx'); $values->source = Request('source'); $values->parent = Request('parent'); $values->post = $this->getPost($values->parent); $values->board = $this->getBoard($values->post->bid); $values->is_secret = Request('is_secret') ? 'TRUE' : 'FALSE'; $values->is_hidename = Request('is_hidename') && $this->IM->getModule('member')->isLogged() == true ? 'TRUE' : 'FALSE'; $values->content = Request('content') ? Request('content') : ($values->errors['content'] = $this->getLanguage('postWrite/help/content/error')); if ($this->IM->getModule('member')->isLogged() == false) { $values->name = Request('name') ? Request('name') : ($values->errors['name'] = $this->getLanguage('postWrite/help/name/error')); $values->password = Request('password') ? Request('password') : ($values->errors['password'] = $this->getLanguage('postWrite/help/password/error')); $values->email = Request('email'); $values->midx = 0; } else { $values->name = $this->IM->getModule('member')->getMember()->nickname; $values->password = ''; $values->email = $this->IM->getModule('member')->getMember()->email; $values->midx = $this->IM->getModule('member')->getLogged(); } $values->attachments = is_array(Request('attachments')) == true ? Request('attachments') : array(); for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { $values->attachments[$i] = Decoder($values->attachments[$i]); } $results->success = true; if ($values->source) { $sourceData = $this->getMent($values->source); if ($sourceData == null) { $results->success = false; $results->message = $this->getLanguage('mentWrite/deleteSource'); } } $values->content = $this->encodeContent($values->content, $values->attachments); if ($results->success == true && empty($values->errors) == true) { $mHash = new Hash(); $insert = array(); $insert['bid'] = $values->post->bid; $insert['parent'] = $values->parent; $insert['content'] = $values->content; $insert['search'] = GetString($values->content, 'index'); $insert['is_secret'] = $values->is_secret; $insert['is_hidename'] = $values->is_hidename; if ($values->idx == null) { $insert['midx'] = $values->midx; $insert['password'] = $values->password; $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['reg_date'] = time(); $insert['ip'] = $_SERVER['REMOTE_ADDR']; $values->idx = $this->db()->insert($this->table->ment, $insert)->execute(); if ($values->source) { $sourceData = $this->getMent($values->source); $head = $sourceData->head; $depth = $sourceData->depth + 1; $source = $sourceData->idx; if ($depth > 1) { $depthData = $this->db()->select($this->table->ment_depth)->where('head', $sourceData->head)->where('arrange', $sourceData->arrange, '>')->where('depth', $sourceData->depth, '<=')->orderBy('arrange', 'asc')->getOne(); if ($depthData == null) { $arrange = $values->idx; } else { $arrange = $depthData->arrange; $this->db()->update($this->table->ment_depth, array('arrange' => $this->db()->inc()))->where('head', $sourceData->head)->where('arrange', $arrange, '>=')->execute(); } } else { $arrange = $values->idx; } } else { $head = $values->idx; $arrange = $values->idx; $depth = 0; $source = 0; } $this->db()->insert($this->table->ment_depth, array('idx' => $values->idx, 'parent' => $values->parent, 'head' => $head, 'arrange' => $arrange, 'depth' => $depth, 'source' => $source))->execute(); if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->sendPoint(null, $values->board->ment_point, 'board', 'ment', array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->board->ment_exp, 'board', 'ment', array('idx' => $values->idx)); } if ($values->post->midx != 0 && $values->post->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($values->post->midx, 'board', 'ment', $values->post->idx, array('idx' => $values->idx, 'from' => $values->name)); } if ($source != 0 && $sourceData->midx != 0 && $sourceData->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($sourceData->midx, 'board', 'replyment', $values->post->idx, array('idx' => $values->idx, 'from' => $values->name)); } } else { $ment = $this->getMent($values->idx); if ($this->checkPermission('ment_modify') == false && ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged())) { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } elseif ($ment->midx == 0) { if ($mHash->password_validate($values->password, $ment->password) == false) { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); $results->message = $this->getLanguage('error/incorrectPassword'); } } if ($results->success == true) { if ($this->IM->getModule('member')->isLogged() == false) { $insert['name'] = $values->name; $insert['password'] = $values->password ? $mHash->password_hash($values->password) : ''; $insert['email'] = $values->email; $insert['ip'] = $_SERVER['REMOTE_ADDR']; } $insert['modify_date'] = time(); $this->db()->update($this->table->ment, $insert)->where('idx', $ment->idx)->execute(); if ($ment->midx != 0 && $ment->midx != $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('push')->sendPush($ment->midx, 'board', 'ment_modify', $values->idx, array('from' => $values->name)); } if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->addActivity(null, 0, 'board', 'ment_modify', array('idx' => $values->idx)); } } } if ($results->success == true) { for ($i = 0, $loop = count($values->attachments); $i < $loop; $i++) { if ($this->db()->select($this->table->attachment)->where('idx', $values->attachments[$i])->count() == 0) { $this->db()->insert($this->table->attachment, array('idx' => $values->attachments[$i], 'bid' => $values->post->bid, 'type' => 'MENT', 'parent' => $values->idx))->execute(); } $this->IM->getModule('attachment')->filePublish($values->attachments[$i]); } $lastMent = $this->db()->select($this->table->ment)->where('parent', $values->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); $mentnum = count($lastMent); $lastMentTime = $mentnum > 0 ? $lastMent[0]->reg_date : $values->post->reg_date; $this->db()->update($this->table->post, array('ment' => $mentnum, 'last_ment' => $lastMentTime))->where('idx', $values->parent)->execute(); if ($values->post->is_secret != 'TRUE') { $this->IM->setArticle('board', $values->post->bid, 'ment', $values->idx, time()); $this->IM->setArticle('board', $values->post->bid, 'post', $values->post->idx, time()); } $results->message = $this->getLanguage('mentWrite/success'); $results->idx = $values->idx; $results->parent = $values->parent; $results->page = $this->getMentPosition($values->idx); } } elseif (count($values->errors) > 0) { $results->success = false; $results->message = $this->getLanguage('error/required'); $results->errors = $values->errors; } } if ($action == 'mentDelete') { $values->idx = Request('idx'); $ment = $this->getMent($values->idx); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx == 0 || $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; $results->modalHtml = $this->getDelete('ment', $values->idx); } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } } if ($action == 'vote') { $values->type = in_array(Request('type'), array('post', 'ment')) == true ? Request('type') : 'post'; $values->idx = Request('idx'); $values->vote = in_array(Request('vote'), array('good', 'bad')) == true ? Request('vote') : 'good'; $values->article = $this->getArticle($values->type, $values->idx); $values->board = $this->getBoard($values->article->bid); if ($this->IM->getModule('member')->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $article = $this->db()->select($this->table->{$values->type})->where('idx', $values->idx)->getOne(); if ($article == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($article->midx == $this->IM->getModule('member')->getLogged()) { $results->success = false; $results->message = $this->getLanguage('vote/mypost'); } else { $check = $this->db()->select($this->table->history)->where('type', $values->type)->where('parent', $values->idx)->where('action', 'VOTE')->where('midx', $this->IM->getModule('member')->getLogged())->getOne(); if ($check == null) { $this->db()->update($this->table->{$values->type}, array($values->vote => $this->db()->inc()))->where('idx', $values->idx)->execute(); $this->db()->insert($this->table->history, array('type' => strtoupper($values->type), 'parent' => $values->idx, 'action' => 'VOTE', 'midx' => $this->IM->getModule('member')->getLogged(), 'result' => strtoupper($values->vote), 'reg_date' => time()))->execute(); $results->success = true; $results->message = $this->getLanguage('vote/' . $values->vote); $results->liveUpdate = 'liveUpdateBoard' . ucfirst($values->type) . ucfirst($values->vote) . $values->idx; $results->liveValue = number_format($values->vote + 1); if ($this->IM->getModule('member')->isLogged() == true) { $this->IM->getModule('member')->sendPoint(null, $values->board->vote_point, 'board', $values->type . '_' . $values->vote, array('idx' => $values->idx)); $this->IM->getModule('member')->addActivity(null, $values->board->vote_exp, 'board', $values->type . '_' . $values->vote, array('idx' => $values->idx)); } if ($article->midx != 0) { $this->IM->getModule('push')->sendPush($article->midx, 'board', $values->type . '_' . $values->vote, $article->idx, array('from' => $this->IM->getModule('member')->getLogged())); } } else { $results->success = false; $results->message = $this->getLanguage('vote/duplicated'); $results->result = $check->result; } } } } if ($action == 'delete') { $values->idx = Request('idx'); $values->type = Request('type'); if ($values->type == 'post') { $post = $this->getPost($values->idx); $values->board = $this->getBoard($post->bid); if ($post == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('post_delete') == true || $post->midx != 0 && $post->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } elseif ($post->midx == 0) { $values->password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($values->password, $post->password) == true) { $results->success = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { $this->db()->delete($this->table->post)->where('idx', $post->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $post->idx)->where('type', 'POST')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $ments = $this->db()->select($this->table->ment)->where('parent', $post->idx)->get(); for ($i = 0, $loop = count($ments); $i < $loop; $i++) { $this->db()->delete($this->table->ment)->where('idx', $ments[$i]->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $ments[$i]->idx)->execute(); $attachments = $this->db()->select($this->table->attachment)->where('parent', $ments[$i]->idx)->where('type', 'MENT')->get(); for ($j = 0, $loopj = count($attachments); $j < $loopj; $j++) { $attachments[$j] = $attachments[$j]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); } if ($post->category != 0) { $lastPost = $this->db()->select($this->table->post)->where('category', $post->category)->orderBy('reg_date', 'desc')->get(); $postnum = count($lastPost); $lastPostTime = $postnum > 0 ? $lastPost[0]->reg_date : 0; $this->db()->update($this->table->category, array('postnum' => $postnum, 'last_post' => $lastPostTime))->where('idx', $post->category)->execute(); } if ($post->midx != 0) { $this->IM->getModule('member')->sendPoint($post->midx, $values->board->post_point * -1, 'board', 'post_delete', array('title' => $post->title), true); if ($post->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('member')->addActivity($post->midx, 0, 'board', 'post_delete', array('title' => $post->title)); } else { $this->IM->getModule('push')->sendPush($post->midx, 'board', 'post_delete', $values->idx, array('title' => $post->title)); } } $this->IM->deleteArticle('board', 'post', $values->idx); } } elseif ($values->type == 'ment') { $ment = $this->getMent($values->idx); $post = $this->getPost($ment->parent); $values->board = $this->getBoard($post->bid); if ($ment == null) { $results->success = false; $results->message = $this->getLanguage('error/notFound'); } elseif ($this->checkPermission('ment_delete') == true || $ment->midx != 0 && $ment->midx == $this->IM->getModule('member')->getLogged()) { $results->success = true; } elseif ($ment->midx == 0) { $values->password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($values->password, $ment->password) == true) { $results->success = true; } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('error/incorrectPassword')); } } else { $results->success = false; $results->message = $this->getLanguage('error/forbidden'); } if ($results->success == true) { if ($this->checkMentTree($values->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $values->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $values->idx)->execute(); if ($ment->source != 0) { $source = $this->getMent($ment->source); while ($source->is_delete == 'TRUE') { if ($this->checkMentTree($source->idx) == false) { $this->db()->delete($this->table->ment)->where('idx', $source->idx)->execute(); $this->db()->delete($this->table->ment_depth)->where('idx', $source->idx)->execute(); if ($source->source != 0) { $source = $this->getMent($source->source); } else { break; } } else { break; } } } $results->position = null; } else { $results->position = $values->idx; $this->db()->update($this->table->ment, array('is_delete' => 'TRUE', 'modify_date' => time(), 'content' => '', 'search' => ''))->where('idx', $ment->idx)->execute(); } $attachments = $this->db()->select($this->table->attachment)->where('parent', $ment->idx)->where('type', 'MENT')->get(); for ($i = 0, $loop = count($attachments); $i < $loop; $i++) { $attachments[$i] = $attachments[$i]->idx; } $this->IM->getModule('attachment')->fileDelete($attachments); $lastMent = $this->db()->select($this->table->ment)->where('parent', $ment->parent)->where('is_delete', 'FALSE')->orderBy('reg_date', 'desc')->get(); if (count($lastMent) == 0) { $this->db()->update($this->table->post, array('ment' => 0, 'last_ment' => $post->reg_date))->where('idx', $ment->parent)->execute(); $results->parent = $ment->parent; } else { if ($results->position == null) { $position = $this->db()->select($this->table->ment_depth)->where('parent', $ment->parent)->where('head', $ment->head, '<=')->where('arrange', $ment->arrange, '<')->orderBy('head', 'asc')->orderBy('arrange', 'asc')->get(); $lastPosition = array_pop($position); $results->position = $lastPosition->idx; } $this->db()->update($this->table->post, array('ment' => count($lastMent), 'last_ment' => $lastMent[0]->reg_date))->where('idx', $ment->parent)->execute(); } if ($ment->midx != 0) { $this->IM->getModule('member')->sendPoint($ment->midx, $values->board->ment_point * -1, 'board', 'ment_delete', array('title' => $post->title), true); if ($ment->midx == $this->IM->getModule('member')->getLogged()) { $this->IM->getModule('member')->addActivity($ment->midx, 0, 'board', 'ment_delete', array('title' => $post->title)); } else { $this->IM->getModule('push')->sendPush($ment->midx, 'board', 'ment_delete', $values->idx, array('title' => $post->title)); } } $this->IM->deleteArticle('board', 'ment', $values->idx); $results->message = $this->getLanguage('mentDelete/success'); } } $results->type = $values->type; } $this->IM->fireEvent('afterDoProcess', 'board', $action, $values, $results); return $results; }
function doProcess($action) { $results = new stdClass(); $values = new stdClass(); if ($action == 'check') { $name = Request('name'); $value = Request('value'); if ($name == 'email') { $siteType = $this->IM->getSites($this->IM->domain)->member; if (CheckEmail($value) == true) { if ($this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/email/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/email/error'); } } if ($name == 'name') { if (strlen($value) > 0) { $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('signup/help/name/error'); } } if ($name == 'nickname') { $siteType = $this->IM->getSites($this->IM->domain)->member; if (CheckNickname($value) == true) { if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/duplicated'); } else { $results->success = true; } } else { $results->success = false; $results->message = $this->getLanguage('signup/help/nickname/error'); } } if ($name == 'old_password') { if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { $mHash = new Hash(); if ($mHash->password_validate($value, $this->getMember()->password) == true) { $results->success = true; $results->message = $this->getLanguage('password/help/old_password/success'); } else { $results->success = false; $results->message = $this->getLanguage('password/help/old_password/error'); } } } } if ($action == 'forceLogin') { $code = Decoder(Request('code')); if ($code === false) { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } else { $data = json_decode($code); if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) { $this->login($data->idx); $results->success = true; } else { $results->success = false; $results->message = $this->getLanguage('error/invalidCode'); } } } if ($action == 'login') { $mHash = new Hash(); $email = Request('email'); $password = Request('password'); $results->errors = array(); $loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0); if ($loginFail['time'] > time()) { $results->success = false; $results->message = $this->getLanguage('login/error/login'); } else { $siteType = $this->IM->getSites($this->IM->domain)->member; if ($siteType == 'MERGE') { $check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', '*')->getOne(); } else { $check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', $this->IM->domain)->getOne(); } // not found member, search ADMINISTRATOR if ($check == null) { $check = $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->getOne(); } if ($check == null) { $results->success = false; $results->errors['email'] = $this->getLanguage('login/error/email'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } elseif ($mHash->password_validate($password, $check->password) == false) { $results->success = false; $results->errors['password'] = $this->getLanguage('login/error/password'); $loginFail['count']++; if ($loginFail['count'] == 5) { $loginFail['count'] = 0; $loginFail['time'] = time() + 60 * 60 * 5; } $values->email = $email; $values->password = $password; } else { if ($check->status == 'ACTIVE') { $this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute(); $this->login($check->idx); $results->success = true; } elseif ($check->status == 'VERIFYING') { $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx); $page = $this->getMemberPage('signup'); $results->success = false; $results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify'); } else { $results->success = false; $results->message = $this->getLanguage('error/' . $check->status); } } } $_SESSION['loginFail'] = $loginFail; } if ($action == 'logout') { unset($_SESSION['MEMBER_LOGGED']); $results->success = true; } if ($action == 'cert') { $results->success = true; } if ($action == 'signup') { $siteType = $this->IM->getSites($this->IM->domain)->member; $errors = array(); $email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error')); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } $name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->db()->select($this->table->member)->where('email', $email)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->has() == true) { $errors['email'] = $this->getLanguage('signup/help/email/duplicated'); } if ($this->db()->select($this->table->member)->where('nickname', $nickname)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $nickname)->where('type', 'ADMINISTRATOR')->has() == true) { $errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated'); } if (empty($errors) == true) { $mHash = new Hash(); $insert = array(); $insert['email'] = $email; $insert['domain'] = $siteType == 'MERGE' ? '*' : $this->IM->domain; $insert['password'] = $mHash->password_hash($password); $insert['name'] = $name; $insert['nickname'] = $nickname; $insert['status'] = 'VERIFYING'; $insert['reg_date'] = time(); $idx = $this->db()->insert($this->table->member, $insert)->execute(); if ($idx !== false) { $results->success = true; $_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx); $this->sendVerifyEmail($idx); unset($_SESSION['registerGIDX']); } else { $results->success = false; } } else { $results->success = false; $results->errors = $errors; } } if ($action == 'verifyEmail') { $registerIDX = Request('registerIDX'); if ($registerIDX == null) { $results->success = false; } else { $email = Request('email'); $email_verify_code = Request('email_verify_code'); $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check == null) { $results->success = false; $results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound')); } elseif ($check->code == $email_verify_code) { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute(); $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->success = true; } else { $results->success = false; $results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error')); } } } if ($action == 'sendVerifyEmail') { $registerIDX = Request('registerIDX'); $email = Request('email'); if ($this->isLogged() == true) { if (CheckEmail($email) == false) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error')); } elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) { $results->success = false; $results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated')); } else { $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute(); $status = $this->sendVerifyEmail($this->getLogged(), $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } elseif ($registerIDX != null) { $member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne(); if ($member == null || $member->status != 'VERIFYING') { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/target'); } else { if (CheckEmail($email) == false) { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/email'); } else { $check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne(); if ($check->status == 'VERIFIED') { $signupPage = $this->getMemberPage('signup'); $results->success = true; $this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute(); $results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete'); } elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) { $this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute(); $status = $this->sendVerifyEmail($registerIDX, $email); $results->success = true; $results->message = $this->getLanguage('verifyEmail/sending'); } else { $results->success = false; $results->message = $this->getLanguage('verifyEmail/error/sending'); } } } } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoEdit') { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getPhotoEdit($templet); $results->photo = $this->getMember()->photo; } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } if ($action == 'photoUpload') { $photo = Request('photo'); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } else { if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) { $bytes = base64_decode($match[2]); file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes); $this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg'); $results->success = true; $results->message = $this->getLanguage('photoEdit/success'); } else { $results->success = false; $results->message = $this->getLanguage('photoEdit/error'); } } } if ($action == 'modifyEmail') { $confirm = Request('confirm'); if ($confirm == 'TRUE') { $email = Request('email'); $code = Request('code'); $check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne(); if ($check == null || $check->code != $code) { $results->success = false; $results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error')); } else { $this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute(); $this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modifyEmail/success'); } } else { $templet = Request('templet'); if ($this->isLogged() == true) { $results->success = true; $results->modalHtml = $this->getModifyEmail($templet); } else { $results->success = false; $results->message = $this->getLanguage('error/notLogged'); } } } if ($action == 'modify') { $step = Request('step'); if ($step == 'verify') { $member = $this->getMember(); $password = Request('password'); $mHash = new Hash(); if ($mHash->password_validate($password, $member->password) == true) { $results->success = true; $results->password = Encoder($password); } else { $results->success = false; $results->errors = array('password' => $this->getLanguage('verify/help/password/error')); } } if ($step == 'modify') { $errors = array(); $values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error')); $values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error')); if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } elseif (count($errors) == 0) { $insert = array(); $insert['name'] = $values->name; $insert['nickname'] = $values->nickname; $this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('modify/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'password') { $errors = array(); $password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error')); if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) { $errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error'); } if ($this->isLogged() == false) { $results->success = false; $results->message = $this->getLangauge('error/notLogged'); } else { $mHash = new Hash(); if (strlen($this->getMember()->password) == 65) { $old_password = Request('old_password'); if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) { $errors['old_password'] = $this->getLanguage('password/help/old_password/error'); } } if (count($errors) == 0) { $password = $mHash->password_hash($password); $this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute(); $results->success = true; $results->message = $this->getLanguage('password/success'); } else { $results->success = false; $results->errors = $errors; } } } if ($action == 'facebook') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://graph.facebook.com/oauth/authorize'; $TOKEN_URL = 'https://graph.facebook.com/oauth/access_token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $facebook = new OAuthClient(); $facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($facebook->authenticate($_GET['code']) == true) { $redirectUrl = $facebook->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($facebook->getAccessToken() == null) { $authUrl = $facebook->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name')); if ($data === false || empty($data->email) == true) { $this->IM->printError('OAUTH_API_ERROR'); } $accessToken = $facebook->getAccessToken(); $refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken(); $this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken); } if ($action == 'google') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $google = new OAuthClient(); $google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($google->authenticate($_GET['code']) == true) { $redirectUrl = $google->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($google->getAccessToken() == null) { $authUrl = $google->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $google->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('OAUTH_API_ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $data->photo = str_replace('sz=50', 'sz=250', $data->image->url); $accessToken = $google->getAccessToken(); $refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken(); $this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken); } if ($action == 'youtube') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://accounts.google.com/o/oauth2/auth'; $TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } if ($this->isLogged() == false) { die($this->getError('NOT_LOGGED')); } $youtube = new OAuthClient(); $youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($youtube->authenticate($_GET['code']) == true) { $redirectUrl = $youtube->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($youtube->getAccessToken() == null) { $authUrl = $youtube->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $youtube->get('https://www.googleapis.com/plus/v1/people/me'); if ($data === false || empty($data->emails) == true) { $this->IM->printError('OAUTH_API_ERROR'); } for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) { if ($data->emails[$i]->type == 'account') { $data->email = $data->emails[$i]->value; break; } } $accessToken = $youtube->getAccessToken(); $refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken(); $check = $this->db()->select($this->table->social_token)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne(); if ($check == null) { $this->db()->insert($this->table->social_token, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute(); } else { $this->db()->update($this->table->social_token, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute(); } unset($_SESSION['OAUTH_ACCESS_TOKEN']); unset($_SESSION['OAUTH_REFRESH_TOKEN']); $redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/'; unset($_SESSION['SOCIAL_REDIRECT_URL']); header('location:' . $redirectUrl); } if ($action == 'github') { $OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne(); if ($OAUTH == null) { $this->IM->printError('OAUTH_DOMAIN_ERROR'); } $CLIENT_ID = $OAUTH->client_id; $CLIENT_SECRET = $OAUTH->client_secret; $AUTH_URL = 'https://github.com/login/oauth/authorize'; $TOKEN_URL = 'https://github.com/login/oauth/access_token'; if (Request('SOCIAL_REDIRECT_URL', 'session') == null) { $_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER']; } $github = new OAuthClient(); $github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL); if (isset($_GET['code']) == true) { if ($github->authenticate($_GET['code']) == true) { $redirectUrl = $github->getRedirectUrl(); header('location:' . $redirectUrl); } exit; } elseif ($github->getAccessToken() == null) { $authUrl = $github->getAuthenticationUrl(); header('location:' . $authUrl); exit; } $data = $github->get('https://api.github.com/user'); if ($data === false || empty($data->email) == true) { $this->IM->printError('OAUTH_API_ERROR'); } $accessToken = $github->getAccessToken(); $refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken(); $this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken); } $this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results); return $results; }
<?php if ($target == 'member') { $Module = $IM->getModule('member'); if ($action == 'login') { if ($results->success == false && isset($values->email) == true && isset($values->password) == true) { $check = $Module->db()->select($Module->getTable('member'))->where('email', $values->email)->getOne(); if ($check != null && $check->status == 'ACTIVE') { $mHash = new Hash(); if ($mHash->password_validate(md5(strtolower($values->password)), $check->password) == true || $mHash->password_validate(md5($values->password), $check->password) == true) { $Module->db()->update($Module->getTable('member'), array('password' => $mHash->password_hash($values->password)))->where('idx', $check->idx)->execute(); exit(json_encode($Module->doProcess('login'), JSON_UNESCAPED_UNICODE | JSON_NUMERIC_CHECK)); } } } } }