public function action_index()
{
// load language
\Lang::load('account');
if (\Input::method() == 'POST') {
// store data for model
$data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email')));
// validate form.
$validate = \Validation::forge();
$validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email'));
if (!\Extension\NoCsrf::check(null, null, null, null, false)) {
// validate token failed
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
} elseif (!$validate->run()) {
// validate failed
$output['form_status'] = 'error';
$output['form_status_message'] = $validate->show_errors();
} else {
// check registered emails with not confirm
$query = \Model_Accounts::query()->select('account_id', 'account_username', 'account_email')->where('account_email', $data['account_email'])->where('account_last_login', null)->where('account_status', '0')->where('account_confirm_code', '!=', 'NULL');
if ($query->count() <= 0) {
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('account_didnot_found_entered_email');
} else {
$row = $query->get_one();
// generate confirm code
$data['account_confirm_code'] = \Str::random('alnum', 6);
$data['account_username'] = $row->account_username;
$options['not_notify_admin'] = true;
// send email to let user confirm registration
$result = \Model_Accounts::forge()->sendRegisterEmail($data, $options);
if ($result === true) {
$account = \Model_Accounts::find($row->account_id);
$account->account_confirm_code = $data['account_confirm_code'];
$account->save();
$output['form_status'] = 'success';
$output['form_status_message'] = \Lang::get('account_registration_completed_need_confirm');
} else {
$output['form_status'] = 'error';
$output['form_status_message'] = $result;
}
}
}
// re-populate form
$output['account_email'] = trim(\Input::post('account_email'));
}
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_resend_confirm_registration_email'));
// <head> output ----------------------------------------------------------------------------------------------
return $this->generatePage('front/templates/account/resendactivate_v', $output, false);
}
public function action_index()
{
// load language
\Lang::load('account');
// form submitted
if (\Input::method() == 'POST') {
$data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email')));
// validate form.
$validate = \Validation::forge();
$validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email'));
if (!\Extension\NoCsrf::check()) {
// validate token failed
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
} elseif (!$validate->run()) {
// validate failed
$output['form_status'] = 'error';
$output['form_status_message'] = $validate->show_errors();
} else {
// validate pass
include APPPATH . 'vendor' . DS . 'securimage' . DS . 'securimage.php';
$securimage = new \Securimage();
if ($securimage->check(\Input::post('captcha')) == false) {
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('account_wrong_captcha_code');
} else {
$continue_form = true;
}
if (isset($continue_form) && $continue_form === true) {
// try to send reset password email
$result = \Model_Accounts::sendResetPasswordEmail($data);
if ($result === true) {
$output['hide_form'] = true;
$output['form_status'] = 'success';
$output['form_status_message'] = \Lang::get('account_please_check_your_email_to_confirm_reset_password');
} else {
if (is_string($result)) {
$output['form_status'] = 'error';
$output['form_status_message'] = $result;
}
}
}
}
// re-populate form
$output['account_email'] = trim(\Input::post('account_email'));
}
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_forgot_username_or_password'));
// <head> output ----------------------------------------------------------------------------------------------
return $this->generatePage('front/templates/account/forgotpw_v', $output, false);
}
/**
* Converts your text to a URL-friendly title so it can be used in the URL.
* Only works with UTF8 input and and only outputs 7 bit ASCII characters.
*
* @param string the text
* @param string the separator (either - or _)
* @return string the new title
*/
public static function friendly_title($str, $sep = '-', $lowercase = false)
{
// Allow underscore, otherwise default to dash
$sep = $sep === '_' ? '_' : '-';
// Remove tags
$str = \Security::strip_tags($str);
// Decode all entities to their simpler forms
$str = html_entity_decode($str, ENT_QUOTES, 'UTF-8');
// Remove all quotes.
$str = preg_replace("#[\"\\']#", '', $str);
// Only allow 7bit characters
$str = static::ascii($str);
// Strip unwanted characters
$str = preg_replace("#[^a-z0-9]#i", $sep, $str);
$str = preg_replace("#[/_|+ -]+#", $sep, $str);
$str = trim($str, $sep);
if ($lowercase === true) {
$str = \Str::lower($str);
}
return $str;
}
/**
* Converts your text to a URL-friendly title so it can be used in the URL.
* Only works with UTF8 input and and only outputs 7 bit ASCII characters.
*
* @param string the text
* @param string the separator (either - or _)
* @return string the new title
*/
public static function friendly_title($str, $sep = '-', $lowercase = false)
{
// Allow underscore, otherwise default to dash
$sep = $sep != '_' ? '-' : $sep;
// Decode all entities to their simpler forms
$str = html_entity_decode($str, ENT_QUOTES, 'UTF-8');
$trans = array('\\s+' => $sep, $sep . '+' => $sep, $sep . '$' => '', '^' . $sep => '', '\\.+$' => '');
foreach ($trans as $key => $val) {
$str = preg_replace("#" . $key . "#i", $val, $str);
}
// Only allow 7bit characters
$str = static::ascii($str);
$str = \Security::strip_tags($str);
if ($lowercase === true) {
$str = function_exists('mb_convert_case') ? mb_convert_case($str, MB_CASE_LOWER, 'UTF-8') : strtolower($str);
}
return $str;
}
public function action_viewlogins($account_id = '')
{
// set redirect url
$redirect = $this->getAndSetSubmitRedirection();
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_viewlogin_log_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
// viewing guest logins?
if ($account_id == '0') {
\Response::redirect($redirect);
}
// load language
\Lang::load('account');
\Lang::load('accountlogins');
// read flash message for display errors.
$form_status = \Session::get_flash('form_status');
if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
$output['form_status'] = $form_status['form_status'];
$output['form_status_message'] = $form_status['form_status_message'];
}
unset($form_status);
// get accounts data for this account.
$account = \Model_Accounts::find($account_id);
if ($account == null) {
// not found account.
\Response::redirect($redirect);
}
$output['account'] = $account;
$output['account_id'] = $account_id;
unset($account);
// set sort variable for sortable in views.
$next_sort = \Security::strip_tags(trim(\Input::get('sort')));
if ($next_sort == null || $next_sort == 'DESC') {
$next_sort = 'ASC';
} else {
$next_sort = 'DESC';
}
$output['next_sort'] = $next_sort;
unset($next_sort);
// list logins -----------------------------------------------------------------------------------------------------
$option['limit'] = \Model_Config::getval('content_admin_items_perpage');
$option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0;
if (\Security::strip_tags(trim(\Input::get('orders'))) != null) {
$option['orders'] = \Security::strip_tags(trim(\Input::get('orders')));
}
if (\Security::strip_tags(trim(\Input::get('sort'))) != null) {
$option['sort'] = \Security::strip_tags(trim(\Input::get('sort')));
}
$list_logins = \Model_AccountLogins::listLogins(array('account_id' => $account_id), $option);
// pagination config
$config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false);
$config['total_items'] = $list_logins['total'];
$config['per_page'] = $option['limit'];
$config['uri_segment'] = 'page';
$config['num_links'] = 3;
$config['show_first'] = true;
$config['show_last'] = true;
$config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
$config['first-inactive-link'] = '<a href="#">{page}</a>';
$config['first-marker'] = '«';
$config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
$config['last-inactive-link'] = '<a href="#">{page}</a>';
$config['last-marker'] = '»';
$config['previous-marker'] = '‹';
$config['next-marker'] = '›';
$pagination = \Pagination::forge('viewlogins_pagination', $config);
$output['list_logins'] = $list_logins;
$output['pagination'] = $pagination;
unset($config, $list_logins, $option, $pagination);
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_view_login_history'));
// <head> output ----------------------------------------------------------------------------------------------
// breadcrumb -------------------------------------------------------------------------------------------------
$page_breadcrumb = [];
$page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
$page_breadcrumb[1] = ['name' => \Lang::get('account_accounts'), 'url' => \Uri::create('admin/account')];
$page_breadcrumb[2] = ['name' => \Lang::get('account_view_login_history'), 'url' => \Uri::main()];
$output['page_breadcrumb'] = $page_breadcrumb;
unset($page_breadcrumb);
// breadcrumb -------------------------------------------------------------------------------------------------
return $this->generatePage('admin/templates/account/viewlogins_v', $output, false);
}
/**
* Check if cat. CANNOT be deleted
*
* @param int $id cat. id
* @return array $relatedcat names of related cat.s if the cat. CANNOT be deleted,
* boolean FALSE if the cat. CAN be deleted
*
* @access protected
* @author Nguyen Van Hiep
*/
protected function unable_del($id)
{
$relatedcats = array();
$relatedarts = array();
$cats = Model_Categories::get_child_cats($id);
$cat_arts = Model_ArtCat::get_related_articles($id);
foreach ($cats as $item) {
$text = Security::clean($item->name, array('htmlentities', 'xss_clean'));
$relatedcats[] = Html::anchor('/admin/categories/edit/' . $item->id, $text);
}
if (count($relatedcats) > 0) {
array_unshift($relatedcats, '- ' . __('cat.categories') . ':');
}
foreach ($cat_arts as $art) {
$text = Security::strip_tags($art->ac2a->title);
$relatedarts[] = Html::anchor('/admin/article/edit/' . $art->art_id, $text);
}
if (count($relatedarts) > 0) {
array_unshift($relatedarts, '- ' . __('art.arts') . ':');
}
$ret = array_merge($relatedcats, $relatedarts);
if (count($ret) > 0) {
return $ret;
} else {
return false;
}
}
/**
* Converts your text to a URL-friendly title so it can be used in the URL.
* Only works with UTF8 input and and only outputs 7 bit ASCII characters.
*
* @param string the text
* @param string the separator (either - or _)
* @return string the new title
*/
public static function friendly_title($str, $sep = '-', $lowercase = false)
{
// Allow underscore, otherwise default to dash
$sep = $sep != '_' ? '-' : $sep;
// Decode all entities to their simpler forms
$str = html_entity_decode($str, ENT_QUOTES, 'UTF-8');
$trans = array(
'\s+' => $sep, // one or more spaces => seperator
$sep.'+' => $sep, // multiple seperators => 1 seperator
$sep.'$' => '', // ending seperator => (nothing)
'^'.$sep => '', // starting seperator => (nothing)
'\.+$' => '', // ending dot => (nothing)
'\?' => '' // question mark
);
foreach ($trans as $key => $val)
{
$str = preg_replace("#".$key."#i", $val, $str);
}
// Only allow 7bit characters
$str = static::ascii($str);
$str = \Security::strip_tags($str);
if ($lowercase === true)
{
$str = \Str::lower($str);
}
return $str;
}
public function action_index()
{
// load language
\Lang::load('account');
// is user logged in?
if (\Model_Accounts::isMemberLogin() == false) {
\Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main()));
}
// load config from db.
$cfg_values = array('allow_avatar', 'avatar_size', 'avatar_allowed_types');
$config = \Model_Config::getvalues($cfg_values);
$output['config'] = $config;
// set config data to display in view file.
$output['allow_avatar'] = $config['allow_avatar']['value'];
$output['avatar_size'] = $config['avatar_size']['value'];
$output['avatar_allowed_types'] = $config['avatar_allowed_types']['value'];
unset($cfg_values);
// read flash message for display errors. this is REQUIRED if you coding the check login with simultaneous login detection on.
$form_status = \Session::get_flash('form_status');
if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
$output['form_status'] = $form_status['form_status'];
$output['form_status_message'] = $form_status['form_status_message'];
}
unset($form_status);
// get account id
$cookie_account = \Model_Accounts::forge()->getAccountCookie();
// get account data
$query = \Model_Accounts::query()->where('account_id', $cookie_account['account_id'])->where('account_username', $cookie_account['account_username'])->where('account_email', $cookie_account['account_email']);
if ($query->count() > 0) {
// found
$row = $query->get_one();
$output['row'] = $row;
// loop set data for display in form.
foreach ($row as $key => $field) {
$output[$key] = $field;
}
// get account_fields data of current user and send to views form
// to access data from view, use $account_field['field_name']. for example: the field_name is phone, just use $account_field['phone'];
$account_fields = \Model_AccountFields::getData($cookie_account['account_id']);
if ($account_fields->count() > 0) {
foreach ($account_fields as $af) {
$output['account_field'][$af->field_name] = \Extension\Str::isJsonFormat($af->field_value) ? json_decode($af->field_value, true) : $af->field_value;
}
}
unset($account_fields, $af);
// get timezone list to display.
\Config::load('timezone', 'timezone');
$output['timezone_list'] = \Config::get('timezone.timezone', array());
unset($query);
} else {
// not found account.
unset($cookie_account, $query);
\Model_Accounts::logout();
\Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main()));
}
// if form submitted
if (\Input::method() == 'POST') {
// store data for save to db.
$data['account_id'] = $cookie_account['account_id'];
$data['account_username'] = $cookie_account['account_username'];
//trim(\Input::post('account_username'));//no, do not edit username.
$data['account_old_email'] = $cookie_account['account_email'];
$data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email')));
$data['account_password'] = trim(\Input::post('account_password'));
$data['account_new_password'] = trim(\Input::post('account_new_password'));
$data['account_display_name'] = \Security::htmlentities(\Input::post('account_display_name'));
$data['account_firstname'] = \Security::htmlentities(trim(\Input::post('account_firstname', null)));
if ($data['account_firstname'] == null) {
$data['account_firstname'] = null;
}
$data['account_middlename'] = \Security::htmlentities(trim(\Input::post('account_middlename', null)));
if ($data['account_middlename'] == null) {
$data['account_middlename'] = null;
}
$data['account_lastname'] = \Security::htmlentities(trim(\Input::post('account_lastname', null)));
if ($data['account_lastname'] == null) {
$data['account_lastname'] = null;
}
$data['account_birthdate'] = \Security::strip_tags(trim(\Input::post('account_birthdate', null)));
if ($data['account_birthdate'] == null) {
$data['account_birthdate'] = null;
}
$data['account_signature'] = \Security::htmlentities(trim(\Input::post('account_signature', null)));
if ($data['account_signature'] == null) {
$data['account_signature'] = null;
}
$data['account_timezone'] = \Security::strip_tags(trim(\Input::post('account_timezone')));
$data['account_language'] = \Security::strip_tags(trim(\Input::post('account_language', null)));
if ($data['account_language'] == null) {
$data['account_language'] = null;
}
// store data for account_fields
$data_field = array();
if (is_array(\Input::post('account_field'))) {
foreach (\Input::post('account_field') as $field_name => $field_value) {
if (is_string($field_name)) {
if (is_array($field_value)) {
$field_value = json_encode($field_value);
}
$data_field[$field_name] = $field_value;
}
}
}
unset($field_name, $field_value);
// validate form.
$validate = \Validation::forge();
$validate->add_callable(new \Extension\FsValidate());
//$validate->add('account_username', \Lang::get('account_username'), array(), array('required', 'noSpaceBetweenText'));//no, do not edit username.
$validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email'));
$validate->add('account_display_name', \Lang::get('account_display_name'), array(), array('required'));
$validate->add('account_birthdate', \Lang::get('account_birthdate'))->add_rule('valid_date', 'Y-m-d');
$validate->add('account_timezone', \Lang::get('account_timezone'), array(), array('required'));
if (!\Extension\NoCsrf::check()) {
// validate token failed
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
} elseif (!$validate->run()) {
// validate failed
$output['form_status'] = 'error';
$output['form_status_message'] = $validate->show_errors();
} else {
// save
$result = \Model_accounts::memberEditProfile($data, $data_field);
if ($result === true) {
if (\Session::get_flash('form_status', null, false) == null) {
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('account_saved')));
}
\Response::redirect(\Uri::main());
} else {
$output['form_status'] = 'error';
$output['form_status_message'] = $result;
}
}
// re-populate form
//$output['account_username'] = trim(\Input::post('account_username'));//no, do not edit username.
$output['account_email'] = trim(\Input::post('account_email'));
$output['account_display_name'] = trim(\Input::post('account_display_name'));
$output['account_firstname'] = trim(\Input::post('account_firstname'));
$output['account_middlename'] = trim(\Input::post('account_middlename'));
$output['account_lastname'] = trim(\Input::post('account_lastname'));
$output['account_birthdate'] = trim(\Input::post('account_birthdate'));
$output['account_signature'] = trim(\Input::post('account_signature'));
$output['account_timezone'] = trim(\Input::post('account_timezone'));
$output['account_language'] = trim(\Input::post('account_language'));
// re-populate form for account fields
if (is_array(\Input::post('account_field'))) {
foreach (\Input::post('account_field') as $field_name => $field_value) {
if (is_string($field_name)) {
$output['account_field'][$field_name] = $field_value;
}
}
}
unset($field_name, $field_value);
}
// clear variables
unset($cookie_account, $data, $result);
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_edit'));
// <head> output ----------------------------------------------------------------------------------------------
return $this->generatePage('front/templates/account/edit_v', $output, false);
}
public static function get_timeline_content($timeline_id, $type, $body = null, $foreign_table_obj = null, array $optional_info = null, $is_detail = false, $is_strip_tags = false)
{
switch ($type) {
case \Config::get('timeline.types.normal'):
// 通常 timeline 投稿(つぶやき)
// 通常 timeline 投稿(つぶやき)
case \Config::get('timeline.types.album_image_timeline'):
case \Config::get('timeline.types.member_name'):
$return_body = self::get_normal_timeline_body($body, $type, $timeline_id, isset($optional_info['count']) ? $optional_info['count'] : 0, $is_detail);
return $is_strip_tags ? \Security::strip_tags($return_body) : $return_body;
case \Config::get('timeline.types.member_register'):
// SNS への参加
return FBD_SITE_NAME . ' に参加しました。';
case \Config::get('timeline.types.profile_image'):
// profile 写真投稿
// profile 写真投稿
case \Config::get('timeline.types.album_image_profile'):
// profile 写真投稿(album_image)
return term('profile', 'site.picture') . 'を設定しました。';
case \Config::get('timeline.types.note'):
// note 投稿
return term('note') . 'を投稿しました。';
case \Config::get('timeline.types.thread'):
// thread 投稿
return term('thread') . 'を投稿しました。';
case \Config::get('timeline.types.album'):
// album 作成
return term('album') . 'を作成しました。';
case \Config::get('timeline.types.album_image'):
// album_image 投稿
$return_body = $foreign_table_obj ? render('timeline::_parts/body_for_add_album_image', array('album_id' => $foreign_table_obj->id, 'name' => $foreign_table_obj->name, 'count' => isset($optional_info['count']) ? $optional_info['count'] : 0)) : null;
return $is_strip_tags ? \Security::strip_tags($return_body) : $return_body;
//case \Config::get('timeline.types.member_name'):// ニックネーム変更
// break;
}
return null;
}
public function action_index()
{
// clear redirect referrer
\Session::delete('submitted_redirect');
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('siteman_perm', 'siteman_viewsites_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect(\Uri::create('admin'));
}
// read flash message for display errors.
$form_status = \Session::get_flash('form_status');
if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
$output['form_status'] = $form_status['form_status'];
$output['form_status_message'] = $form_status['form_status_message'];
}
unset($form_status);
// set sort variable for sortable in views.
$next_sort = \Security::strip_tags(trim(\Input::get('sort')));
if ($next_sort == null || $next_sort == 'ASC') {
$next_sort = 'DESC';
} else {
$next_sort = 'ASC';
}
$output['next_sort'] = $next_sort;
unset($next_sort);
// filters
$output['filter_site_id'] = trim(\Input::get('filter_site_id'));
$output['filter_site_name'] = trim(\Input::get('filter_site_name'));
$output['filter_site_domain'] = trim(\Input::get('filter_site_domain'));
$output['filter_site_status'] = trim(\Input::get('filter_site_status'));
// list sites ------------------------------------------------------------------------------------------------------
$option['list_for'] = 'admin';
$option['limit'] = \Model_Config::getval('content_admin_items_perpage');
$option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0;
if ($output['filter_site_id'] != null) {
$option['filter_site_id'] = $output['filter_site_id'];
}
if ($output['filter_site_name'] != null) {
$option['filter_site_name'] = $output['filter_site_name'];
}
if ($output['filter_site_domain'] != null) {
$option['filter_site_domain'] = $output['filter_site_domain'];
}
if ($output['filter_site_status'] != null) {
$option['filter_site_status'] = $output['filter_site_status'];
}
if (\Security::strip_tags(trim(\Input::get('orders'))) != null) {
$option['orders'] = \Security::strip_tags(trim(\Input::get('orders')));
}
if (\Security::strip_tags(trim(\Input::get('sort'))) != null) {
$option['sort'] = \Security::strip_tags(trim(\Input::get('sort')));
}
$list_sites = \Model_Sites::listSites($option);
// pagination config
$config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false);
$config['total_items'] = $list_sites['total'];
$config['per_page'] = $option['limit'];
$config['uri_segment'] = 'page';
$config['num_links'] = 3;
$config['show_first'] = true;
$config['show_last'] = true;
$config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
$config['first-inactive-link'] = '<a href="#">{page}</a>';
$config['first-marker'] = '«';
$config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
$config['last-inactive-link'] = '<a href="#">{page}</a>';
$config['last-marker'] = '»';
$config['previous-marker'] = '‹';
$config['next-marker'] = '›';
$pagination = \Pagination::forge('default', $config);
$output['list_sites'] = $list_sites;
$output['pagination'] = $pagination;
unset($config, $list_accounts, $option, $pagination);
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('siteman_multisite_manager'));
// <head> output ----------------------------------------------------------------------------------------------
// breadcrumb -------------------------------------------------------------------------------------------------
$page_breadcrumb = [];
$page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
$page_breadcrumb[1] = ['name' => \Lang::get('siteman_multisite_manager'), 'url' => \Uri::create('admin/siteman')];
$output['page_breadcrumb'] = $page_breadcrumb;
unset($page_breadcrumb);
// breadcrumb -------------------------------------------------------------------------------------------------
return $this->generatePage('admin/templates/siteman/index_v', $output, false);
}
public function action_save($account_id = '')
{
// set redirect url
$redirect = $this->getAndSetSubmitRedirection();
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_user_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
// if account id not set
if (!is_numeric($account_id)) {
$cookie_account = \Model_Accounts::forge()->getAccountCookie('admin');
$account_id = 0;
if (isset($cookie_account['account_id'])) {
$account_id = $cookie_account['account_id'];
}
unset($cookie_account);
}
$output['account_id'] = $account_id;
// check target account
$account_check_result = $this->checkAccountData($account_id);
$output['account_check_result'] = is_object($account_check_result) || is_array($account_check_result) ? true : $account_check_result;
unset($account_check_result);
if ($output['account_check_result'] === true) {
// if form submitted
if (\Input::method() == 'POST') {
if (\Extension\NoCsrf::check()) {
$data['permission_core'] = (int) trim(\Input::post('permission_core'));
if ($data['permission_core'] != '1') {
$data['permission_core'] = '0';
}
$data['module_system_name'] = \Security::strip_tags(trim(\Input::post('module_system_name')));
if ($data['module_system_name'] == null || $data['permission_core'] == '1') {
$data['module_system_name'] = null;
}
$data['account_id'] = \Input::post('account_id');
$data['permission_page'] = \Input::post('permission_page');
$data['permission_action'] = \Input::post('permission_action');
\Model_AccountPermission::savePermissions($account_id, $data);
// set success message
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved')));
} else {
// nocsrf error, set error msg.
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('fslang_invalid_csrf_token')));
}
// endif nocsrf check
}
// endif form submitted
} else {
// failed to check account. set error msg.
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => $output['account_check_result']));
}
// endif check account result.
// go back
\Response::redirect($redirect);
}
public function action_save()
{
// set redirect url
$redirect = $this->getAndSetSubmitRedirection();
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_level_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
// if form submitted
if (\Input::method() == 'POST') {
if (\Extension\NoCsrf::check()) {
$data['permission_core'] = (int) trim(\Input::post('permission_core'));
if ($data['permission_core'] != '1') {
$data['permission_core'] = '0';
}
$data['module_system_name'] = \Security::strip_tags(trim(\Input::post('module_system_name')));
if ($data['module_system_name'] == null || $data['permission_core'] == '1') {
$data['module_system_name'] = null;
}
$data['level_group_id'] = \Input::post('level_group_id');
$data['permission_page'] = \Input::post('permission_page');
$data['permission_action'] = \Input::post('permission_action');
\Model_AccountLevelPermission::savePermissions($data);
// set success message
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved')));
} else {
// nocsrf error, set error msg.
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('fslang_invalid_csrf_token')));
}
}
// go back
\Response::redirect($redirect);
}
public function action_index()
{
// is user logged in?
if (\Model_Accounts::isMemberLogin() == false) {
\Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main()));
}
// load language
\Lang::load('account');
\Lang::load('accountlogins');
// get account id
$cookie_account = \Model_Accounts::forge()->getAccountCookie();
// get account data
$row = \Model_Accounts::find($cookie_account['account_id']);
if ($row == null) {
// not found user data.
unset($row);
\Response::redirect(\Uri::main());
}
$output['account'] = $row;
// set sort variable for sortable in views.
$next_sort = \Security::strip_tags(trim(\Input::get('sort')));
if ($next_sort == null || $next_sort == 'DESC') {
$next_sort = 'ASC';
} else {
$next_sort = 'DESC';
}
$output['next_sort'] = $next_sort;
unset($next_sort);
// list logins -----------------------------------------------------------------------------------------------------
$option['limit'] = \Model_Config::getval('content_items_perpage');
$option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0;
if (\Security::strip_tags(trim(\Input::get('orders'))) != null) {
$option['orders'] = \Security::strip_tags(trim(\Input::get('orders')));
}
if (\Security::strip_tags(trim(\Input::get('sort'))) != null) {
$option['sort'] = \Security::strip_tags(trim(\Input::get('sort')));
}
$data['account_id'] = $cookie_account['account_id'];
$data['site_id'] = \Model_Sites::getSiteId();
$list_logins = \Model_AccountLogins::listLogins($data, $option);
// pagination config
$config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false);
$config['total_items'] = $list_logins['total'];
$config['per_page'] = $option['limit'];
$config['uri_segment'] = 'page';
$config['num_links'] = 3;
$config['show_first'] = true;
$config['show_last'] = true;
$config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
$config['first-inactive-link'] = '<a href="#">{page}</a>';
$config['first-marker'] = '«';
$config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
$config['last-inactive-link'] = '<a href="#">{page}</a>';
$config['last-marker'] = '»';
$config['previous-marker'] = '‹';
$config['next-marker'] = '›';
$pagination = \Pagination::forge('viewlogins_pagination', $config);
$output['list_logins'] = $list_logins;
$output['pagination'] = $pagination;
unset($config, $data, $list_logins, $option, $pagination);
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_login_history'));
// <head> output ----------------------------------------------------------------------------------------------
return $this->generatePage('front/templates/account/viewlogins_v', $output, false);
}
<div style="text-align: center">
<?php
foreach ($arts as $art) {
?>
<div class="portfolio sanpham-cat-3col custom-backround" style="display: inline-block;
background-image: url('<?php
echo URI::base() . 'assets/img/art/' . $art['thumb'];
?>
')">
<a href="<?php
echo URI::base() . 'assets/img/art/' . $art['thumb'];
?>
" class="b-link-stripe b-animate-go swipebox"
style="width: 100%; height: 100%; position: absolute; left: 0;"
title="<?php
echo !empty($art['desc']) ? Security::strip_tags(htmlspecialchars_decode($art['desc'])) : '...';
?>
">
</a>
</div>
<?php
}
?>
<div class="clear"></div>
</div>
</div>
?>
<div class="you-box-col col-md-6 col-sm-6 col-6-mobile portfolio-item wow animated zoomIn custom-backround" style="padding:0px; height: 400px;
background-image: url('<?php
echo URI::base() . 'assets/img/cat/' . $left_cat['bg'];
?>
')">
<div class="portfolio-link" data-toggle="modal" style="width: 100%; height: 100%;">
<div class="portfolio-hover">
<div class="portfolio-hover-content">
<div class="row inner_boxx you-title">
<div class="col-lg-12 text-center">
<?php
echo htmlspecialchars_decode($left_cat['name']);
?>
<h3 class="section-subheading you-text ve-chung-toi"><?php
echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($left_cat['desc'])), 90);
?>
</h3>
<a href="<?php
echo Uri::base() . 'you/' . $left_cat['slug'] . '.html';
?>
" class="portfolio-link cat-modal btn btn-warning you-button-view-profile" data-toggle="modal" >
<?php
echo __('common.view_our_profile');
?>
</a>
</div>
</div>
</div>
public function action_index()
{
// load language
\Lang::load('account');
// load config from db.
$cfg_values = array('member_allow_register', 'member_verification');
$config = \Model_Config::getvalues($cfg_values);
$output['config'] = $config;
unset($cfg_values);
// pre-set form values
$output['account_username'] = null;
$output['account_email'] = null;
$output['account_password'] = null;
$output['account_confirm_password'] = null;
$output['captcha'] = null;
if (\Input::method() == 'POST' && $config['member_allow_register']['value'] == '1') {
// store data to array for send to model with add/register method.
$data['account_username'] = trim(\Input::post('account_username'));
$data['account_display_name'] = \Security::htmlentities($data['account_username']);
$data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email')));
$data['account_password'] = trim(\Input::post('account_password'));
// validate form.
$validate = \Validation::forge();
$validate->add_callable(new \Extension\FsValidate());
$validate->add('account_username', \Lang::get('account_username'), array(), array('required', 'noSpaceBetweenText'));
$validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email'));
$validate->add('account_password', \Lang::get('account_password'), array(), array('required'));
$validate->add('account_confirm_password', \Lang::get('account_confirm_password'), array(), array('required'))->add_rule('match_field', 'account_password');
if (!\Extension\NoCsrf::check()) {
// validate token failed
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
} elseif (!$validate->run()) {
// validate failed
$output['form_status'] = 'error';
$output['form_status_message'] = $validate->show_errors();
} else {
// validate pass
include APPPATH . 'vendor' . DS . 'securimage' . DS . 'securimage.php';
$securimage = new \Securimage();
if ($securimage->check(\Input::post('captcha')) == false) {
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('account_wrong_captcha_code');
} else {
$continue_register = true;
}
// if captcha pass
if (isset($continue_register) && $continue_register === true) {
// register action
$result = \Model_Accounts::registerAccount($data);
if ($result === true) {
$output['hide_register_form'] = true;
// if member verification is need, show those message. if no need, just show success message.
if ($config['member_verification']['value'] == '0') {
$output['form_status'] = 'success';
$output['form_status_message'] = \Lang::get('account_registration_complted');
} elseif ($config['member_verification']['value'] == '1') {
$output['form_status'] = 'success';
$output['form_status_message'] = \Lang::get('account_registration_completed_need_confirm');
} elseif ($config['member_verification']['value'] == '2') {
$output['form_status'] = 'success';
$output['form_status_message'] = \Lang::get('account_registration_completed_need_admin_verify');
}
} else {
$output['form_status'] = 'error';
$output['form_status_message'] = $result;
}
}
}
// re-populate form
$output['account_username'] = trim(\Input::post('account_username'));
$output['account_email'] = trim(\Input::post('account_email'));
//$output['account_password'] = trim(\Input::post('account_password'));
//$output['account_confirm_password'] = trim(\Input::post('account_confirm_password'));
//$output['captcha'] = \Input::post('captcha');
}
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_register'));
// <head> output ----------------------------------------------------------------------------------------------
return $this->generatePage('front/templates/account/register_v', $output, false);
}
/**
* Get list of categories
*
* params boolean $search For searching or not
* @return array list of categories
*
* @version 1.0
* @since 1.0
* @access public
* @author Nguyen Van hiep
* @author Dao Anh Minh
*/
public static function get_cat_list($search = false, $lang = '')
{
$parent_cats = DB::select('c.id', 'c.name')->from(array('cat', 'c'))->where('parent_id', 0)->order_by('c.order', 'asc')->execute()->as_array();
$ret = $search ? array('' => '---') : array();
foreach ($parent_cats as $cat) {
$ret[$cat['id']] = Security::strip_tags($cat['name']);
}
$cats = DB::select('c.id', 'c.name', 'c.parent_id', 'c.order', 'c.active', array('cp.name', 'parent'))->join(array('cat', 'cp'), 'INNER')->on('c.parent_id', '=', 'cp.id')->from(array('cat', 'c'))->where('c.active', true)->order_by('c.parent_id', 'asc')->order_by('c.order', 'asc');
if (!empty($lang)) {
$cats->where('c.lang', $lang);
}
foreach ($cats->execute()->as_array() as $cat) {
$ret[Security::strip_tags($cat['parent'])][$cat['id']] = Security::strip_tags($cat['name']);
}
return $ret;
}
/**
* Display detailed page of Article
*
* @param void
* @access public
* @author Nguyen Van Hiep
*
* @version 1.0
* @since 1.0
*/
public function action_view()
{
$art_check = Model_Article::get_art_from_slug(Uri::segment(2));
if (!$art_check) {
Response::redirect('common/error');
}
$uri = explode('-', Uri::string());
$id = array_pop($uri);
$art = Model_Article::find($id);
$cat = Model_Categories::get_cat_from_slug(Uri::segment(1));
$related_arts = Model_Article::articles_of_cat_limit($cat->id, $this->lang, $id);
if (!$art) {
Session::set_flash('error', __('message.art_not_exist'));
Response::redirect('common/404');
}
$art->views = $art->views + 1;
$art->save();
if ($cat->display_type == DS_SANPHAM) {
$this->template = \View::forge('customer/template_sanpham_detail');
$view = View::forge('customer/article/detail_sp_slide');
} elseif ($cat->display_type == DS_MONAN) {
$this->template = \View::forge('customer/template_monan');
$view = View::forge('customer/article/detail_monan_slide');
} elseif ($cat->display_type == QUY_TRINH_SX) {
$view = View::forge('customer/article/detail_quytrinhsx');
} else {
$view = View::forge('customer/article/detail');
}
$view->art = $art;
$view->related_arts = $related_arts;
$view->cat = $cat;
if (!empty($cat->parent_id)) {
$view->p_cat = Model_Categories::find($cat->parent_id);
}
// data to display menu
$this->template->cats = Model_Categories::get_cats_home($this->lang);
$this->template->pepper_arts = Model_Article::pepper_artilces($this->lang);
$this->template->title = Security::strip_tags($art->title);
$this->template->content = $view;
}
/**
* Display sub-categories of a category - Img of Five continents
*
* params object $cat Category
* return void
*
* @version 1.0
* @since 1.0
* @access protected
* @author Nguyen Van Hiep
*/
protected function five_cont_img($cat)
{
$view = View::forge('customer/cat/am_thuc_5_chau');
$view->cat = $cat;
$view->childs = Model_Categories::childs($cat->id, $this->lang);
$this->template->title = Security::strip_tags($cat->name);
$this->template->content = $view;
}
<td>
<?php
echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($val->title)), 15);
?>
</td>
<td title="<?php
echo $val->thumb;
?>
">
<?php
echo !empty($val->thumb) ? Html::img(Uri::base() . 'assets/img/art/' . $val->thumb, array("title" => $val->thumb, "alt" => $val->thumb, 'class' => "", 'height' => 70, 'width' => 120, 'style' => 'object-fit: cover')) : '';
?>
</td>
<td>
<?php
echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($val->desc)), 15);
?>
</td>
<td>
<?php
echo __('lang.' . $val->lang);
?>
</td>
<td>
<?php
echo $val->views;
?>
</td>
<td>
<?php
echo Html::anchor("admin/article/edit/{$val->id}/{$selected_cat_view}/{$selected_lang_view}", '<i class="glyphicon glyphicon-pencil"></i>', array('class' => 'btn btn-default btn-xs'));
?>
<div>
<div class="img-top portfolio sanpham-related custom-backround" style="display: inline-block;
background-image: url('<?php
echo URI::base() . 'assets/img/art/' . $art['thumb'];
?>
')">
<a href="<?php
echo URI::base() . $cat->slug . '/' . $art['slug'] . ".html";
?>
" class="b-link-stripe" target="_blank">
<div class="sanpham-hover-content">
<div class="box-middle" style="height: 50%; width: 100%; position: absolute; bottom: 0;">
<p class='section-subheading you-text inner_boxx' style="padding:0 15px; margin-bottom: 0px;"><?php
echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($art['desc'])), 20);
?>
</p>
</div>
</div>
</a>
</div>
</div>
<?php
}
?>
</section>
</div> <!--end man hinh nho-->
/**
* list websites from db
*
* @param array $option available options: [list_for], [filter_], [orders], [sort], [offset], [limit], [list_for], [unlimit]
* @return array
*/
public static function listSites($option = array())
{
$query = static::query();
// where conditions
if (!isset($option['list_for']) || isset($option['list_for']) && $option['list_for'] == 'front') {
$query->where('site_status', 1);
}
// filters --------------------------------------------------------------------------------------------------------------------------------------------
if (isset($option['filter_site_id'])) {
$query->where('site_id', 'LIKE', '%' . $option['filter_site_id'] . '%');
}
if (isset($option['filter_site_name'])) {
$query->where('site_name', 'LIKE', '%' . \Security::htmlentities($option['filter_site_name']) . '%');
}
if (isset($option['filter_site_domain'])) {
$query->where('site_domain', 'LIKE', '%' . mb_strtolower(\Security::strip_tags($option['filter_site_domain'])) . '%');
}
if (isset($option['filter_site_status'])) {
$query->where('site_status', $option['filter_site_status']);
}
// end filters --------------------------------------------------------------------------------------------------------------------------------------
$output['total'] = $query->count();
// sort and order
$allowed_orders = array('site_id', 'site_name', 'site_domain', 'site_status', 'site_create', 'site_update');
if (!isset($option['orders']) || isset($option['orders']) && !in_array($option['orders'], $allowed_orders)) {
$option['orders'] = 'site_id';
}
unset($allowed_orders);
if (!isset($option['sort'])) {
$option['sort'] = 'ASC';
}
// offset and limit
if (!isset($option['offset'])) {
$option['offset'] = 0;
}
if (!isset($option['limit'])) {
if (isset($option['list_for']) && $option['list_for'] == 'admin') {
$option['limit'] = \Model_Config::getval('content_admin_items_perpage');
} else {
$option['limit'] = \Model_Config::getval('content_items_perpage');
}
}
// get the results from sort, order, offset, limit.
$query->order_by($option['orders'], $option['sort']);
if (!isset($option['unlimit']) || isset($option['unlimit']) && $option['unlimit'] == false) {
$query->offset($option['offset'])->limit($option['limit']);
}
$output['items'] = $query->get();
unset($query);
return $output;
}
/**
* Converts your text to a URL-friendly title so it can be used in the URL.
* Only works with UTF8 input and and only outputs 7 bit ASCII characters.
*
* @param string $str the text
* @param string $sep the separator
* @param bool $lowercase whether to convert to lowercase
* @param bool $allow_non_ascii whether to allow non ascii
* @return string the new title
*/
public static function friendly_title($str, $sep = '-', $lowercase = false, $allow_non_ascii = false)
{
// Remove tags
$str = \Security::strip_tags($str);
// Decode all entities to their simpler forms
$str = html_entity_decode($str, ENT_QUOTES, 'UTF-8');
// Replace apostrophes.
$str = preg_replace("#[\\’]#", '-', $str);
// Remove all quotes.
$str = preg_replace("#[\"\\']#", '', $str);
// Only allow 7bit characters
$str = static::ascii($str, $allow_non_ascii);
if ($allow_non_ascii) {
// Strip regular special chars.
$str = preg_replace("#[\\.;:'\"\\]\\}\\[\\{\\+\\)\\(\\*&\\^\$\\#@\\!±`%~']#iu", '', $str);
} else {
// Strip unwanted characters
$str = preg_replace("#[^a-z0-9]#i", $sep, $str);
}
$str = preg_replace("#[/_|+ -]+#u", $sep, $str);
$str = trim($str, $sep);
if ($lowercase === true) {
$str = strtolower($str);
}
return $str;
}
} else {
?>
<td></td>
<?php
}
?>
<td>
<?php
echo Security::strip_tags(htmlspecialchars_decode($val->name));
?>
</td>
<td><?php
echo (int) $val->parent_id > 0 ? Security::strip_tags(htmlspecialchars_decode($all_cats[$val->parent_id]->name)) : '';
?>
</td>
<td><?php
echo $val->parent_id != 0 ? __('lang.' . $val->lang) : '';
?>
</td>
<td>
<?php
if ($val->id > 3) {
?>
<?php
echo Html::anchor("admin/categories/edit/{$val->id}/{$select_lang}", '<i class="glyphicon glyphicon-pencil"></i>', array('class' => 'btn btn-default btn-xs'));
?>
