public function action_index() { // load language \Lang::load('account'); if (\Input::method() == 'POST') { // store data for model $data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email'))); // validate form. $validate = \Validation::forge(); $validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email')); if (!\Extension\NoCsrf::check(null, null, null, null, false)) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { // check registered emails with not confirm $query = \Model_Accounts::query()->select('account_id', 'account_username', 'account_email')->where('account_email', $data['account_email'])->where('account_last_login', null)->where('account_status', '0')->where('account_confirm_code', '!=', 'NULL'); if ($query->count() <= 0) { $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('account_didnot_found_entered_email'); } else { $row = $query->get_one(); // generate confirm code $data['account_confirm_code'] = \Str::random('alnum', 6); $data['account_username'] = $row->account_username; $options['not_notify_admin'] = true; // send email to let user confirm registration $result = \Model_Accounts::forge()->sendRegisterEmail($data, $options); if ($result === true) { $account = \Model_Accounts::find($row->account_id); $account->account_confirm_code = $data['account_confirm_code']; $account->save(); $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_registration_completed_need_confirm'); } else { $output['form_status'] = 'error'; $output['form_status_message'] = $result; } } } // re-populate form $output['account_email'] = trim(\Input::post('account_email')); } // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_resend_confirm_registration_email')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/resendactivate_v', $output, false); }
public function action_index() { // load language \Lang::load('account'); // form submitted if (\Input::method() == 'POST') { $data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email'))); // validate form. $validate = \Validation::forge(); $validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email')); if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { // validate pass include APPPATH . 'vendor' . DS . 'securimage' . DS . 'securimage.php'; $securimage = new \Securimage(); if ($securimage->check(\Input::post('captcha')) == false) { $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('account_wrong_captcha_code'); } else { $continue_form = true; } if (isset($continue_form) && $continue_form === true) { // try to send reset password email $result = \Model_Accounts::sendResetPasswordEmail($data); if ($result === true) { $output['hide_form'] = true; $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_please_check_your_email_to_confirm_reset_password'); } else { if (is_string($result)) { $output['form_status'] = 'error'; $output['form_status_message'] = $result; } } } } // re-populate form $output['account_email'] = trim(\Input::post('account_email')); } // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_forgot_username_or_password')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/forgotpw_v', $output, false); }
/** * Converts your text to a URL-friendly title so it can be used in the URL. * Only works with UTF8 input and and only outputs 7 bit ASCII characters. * * @param string the text * @param string the separator (either - or _) * @return string the new title */ public static function friendly_title($str, $sep = '-', $lowercase = false) { // Allow underscore, otherwise default to dash $sep = $sep === '_' ? '_' : '-'; // Remove tags $str = \Security::strip_tags($str); // Decode all entities to their simpler forms $str = html_entity_decode($str, ENT_QUOTES, 'UTF-8'); // Remove all quotes. $str = preg_replace("#[\"\\']#", '', $str); // Only allow 7bit characters $str = static::ascii($str); // Strip unwanted characters $str = preg_replace("#[^a-z0-9]#i", $sep, $str); $str = preg_replace("#[/_|+ -]+#", $sep, $str); $str = trim($str, $sep); if ($lowercase === true) { $str = \Str::lower($str); } return $str; }
/** * Converts your text to a URL-friendly title so it can be used in the URL. * Only works with UTF8 input and and only outputs 7 bit ASCII characters. * * @param string the text * @param string the separator (either - or _) * @return string the new title */ public static function friendly_title($str, $sep = '-', $lowercase = false) { // Allow underscore, otherwise default to dash $sep = $sep != '_' ? '-' : $sep; // Decode all entities to their simpler forms $str = html_entity_decode($str, ENT_QUOTES, 'UTF-8'); $trans = array('\\s+' => $sep, $sep . '+' => $sep, $sep . '$' => '', '^' . $sep => '', '\\.+$' => ''); foreach ($trans as $key => $val) { $str = preg_replace("#" . $key . "#i", $val, $str); } // Only allow 7bit characters $str = static::ascii($str); $str = \Security::strip_tags($str); if ($lowercase === true) { $str = function_exists('mb_convert_case') ? mb_convert_case($str, MB_CASE_LOWER, 'UTF-8') : strtolower($str); } return $str; }
public function action_viewlogins($account_id = '') { // set redirect url $redirect = $this->getAndSetSubmitRedirection(); // check permission if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_viewlogin_log_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); \Response::redirect($redirect); } // viewing guest logins? if ($account_id == '0') { \Response::redirect($redirect); } // load language \Lang::load('account'); \Lang::load('accountlogins'); // read flash message for display errors. $form_status = \Session::get_flash('form_status'); if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) { $output['form_status'] = $form_status['form_status']; $output['form_status_message'] = $form_status['form_status_message']; } unset($form_status); // get accounts data for this account. $account = \Model_Accounts::find($account_id); if ($account == null) { // not found account. \Response::redirect($redirect); } $output['account'] = $account; $output['account_id'] = $account_id; unset($account); // set sort variable for sortable in views. $next_sort = \Security::strip_tags(trim(\Input::get('sort'))); if ($next_sort == null || $next_sort == 'DESC') { $next_sort = 'ASC'; } else { $next_sort = 'DESC'; } $output['next_sort'] = $next_sort; unset($next_sort); // list logins ----------------------------------------------------------------------------------------------------- $option['limit'] = \Model_Config::getval('content_admin_items_perpage'); $option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0; if (\Security::strip_tags(trim(\Input::get('orders'))) != null) { $option['orders'] = \Security::strip_tags(trim(\Input::get('orders'))); } if (\Security::strip_tags(trim(\Input::get('sort'))) != null) { $option['sort'] = \Security::strip_tags(trim(\Input::get('sort'))); } $list_logins = \Model_AccountLogins::listLogins(array('account_id' => $account_id), $option); // pagination config $config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false); $config['total_items'] = $list_logins['total']; $config['per_page'] = $option['limit']; $config['uri_segment'] = 'page'; $config['num_links'] = 3; $config['show_first'] = true; $config['show_last'] = true; $config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>"; $config['first-inactive-link'] = '<a href="#">{page}</a>'; $config['first-marker'] = '«'; $config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>"; $config['last-inactive-link'] = '<a href="#">{page}</a>'; $config['last-marker'] = '»'; $config['previous-marker'] = '‹'; $config['next-marker'] = '›'; $pagination = \Pagination::forge('viewlogins_pagination', $config); $output['list_logins'] = $list_logins; $output['pagination'] = $pagination; unset($config, $list_logins, $option, $pagination); // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_view_login_history')); // <head> output ---------------------------------------------------------------------------------------------- // breadcrumb ------------------------------------------------------------------------------------------------- $page_breadcrumb = []; $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')]; $page_breadcrumb[1] = ['name' => \Lang::get('account_accounts'), 'url' => \Uri::create('admin/account')]; $page_breadcrumb[2] = ['name' => \Lang::get('account_view_login_history'), 'url' => \Uri::main()]; $output['page_breadcrumb'] = $page_breadcrumb; unset($page_breadcrumb); // breadcrumb ------------------------------------------------------------------------------------------------- return $this->generatePage('admin/templates/account/viewlogins_v', $output, false); }
/** * Check if cat. CANNOT be deleted * * @param int $id cat. id * @return array $relatedcat names of related cat.s if the cat. CANNOT be deleted, * boolean FALSE if the cat. CAN be deleted * * @access protected * @author Nguyen Van Hiep */ protected function unable_del($id) { $relatedcats = array(); $relatedarts = array(); $cats = Model_Categories::get_child_cats($id); $cat_arts = Model_ArtCat::get_related_articles($id); foreach ($cats as $item) { $text = Security::clean($item->name, array('htmlentities', 'xss_clean')); $relatedcats[] = Html::anchor('/admin/categories/edit/' . $item->id, $text); } if (count($relatedcats) > 0) { array_unshift($relatedcats, '- ' . __('cat.categories') . ':'); } foreach ($cat_arts as $art) { $text = Security::strip_tags($art->ac2a->title); $relatedarts[] = Html::anchor('/admin/article/edit/' . $art->art_id, $text); } if (count($relatedarts) > 0) { array_unshift($relatedarts, '- ' . __('art.arts') . ':'); } $ret = array_merge($relatedcats, $relatedarts); if (count($ret) > 0) { return $ret; } else { return false; } }
/** * Converts your text to a URL-friendly title so it can be used in the URL. * Only works with UTF8 input and and only outputs 7 bit ASCII characters. * * @param string the text * @param string the separator (either - or _) * @return string the new title */ public static function friendly_title($str, $sep = '-', $lowercase = false) { // Allow underscore, otherwise default to dash $sep = $sep != '_' ? '-' : $sep; // Decode all entities to their simpler forms $str = html_entity_decode($str, ENT_QUOTES, 'UTF-8'); $trans = array( '\s+' => $sep, // one or more spaces => seperator $sep.'+' => $sep, // multiple seperators => 1 seperator $sep.'$' => '', // ending seperator => (nothing) '^'.$sep => '', // starting seperator => (nothing) '\.+$' => '', // ending dot => (nothing) '\?' => '' // question mark ); foreach ($trans as $key => $val) { $str = preg_replace("#".$key."#i", $val, $str); } // Only allow 7bit characters $str = static::ascii($str); $str = \Security::strip_tags($str); if ($lowercase === true) { $str = \Str::lower($str); } return $str; }
public function action_index() { // load language \Lang::load('account'); // is user logged in? if (\Model_Accounts::isMemberLogin() == false) { \Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main())); } // load config from db. $cfg_values = array('allow_avatar', 'avatar_size', 'avatar_allowed_types'); $config = \Model_Config::getvalues($cfg_values); $output['config'] = $config; // set config data to display in view file. $output['allow_avatar'] = $config['allow_avatar']['value']; $output['avatar_size'] = $config['avatar_size']['value']; $output['avatar_allowed_types'] = $config['avatar_allowed_types']['value']; unset($cfg_values); // read flash message for display errors. this is REQUIRED if you coding the check login with simultaneous login detection on. $form_status = \Session::get_flash('form_status'); if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) { $output['form_status'] = $form_status['form_status']; $output['form_status_message'] = $form_status['form_status_message']; } unset($form_status); // get account id $cookie_account = \Model_Accounts::forge()->getAccountCookie(); // get account data $query = \Model_Accounts::query()->where('account_id', $cookie_account['account_id'])->where('account_username', $cookie_account['account_username'])->where('account_email', $cookie_account['account_email']); if ($query->count() > 0) { // found $row = $query->get_one(); $output['row'] = $row; // loop set data for display in form. foreach ($row as $key => $field) { $output[$key] = $field; } // get account_fields data of current user and send to views form // to access data from view, use $account_field['field_name']. for example: the field_name is phone, just use $account_field['phone']; $account_fields = \Model_AccountFields::getData($cookie_account['account_id']); if ($account_fields->count() > 0) { foreach ($account_fields as $af) { $output['account_field'][$af->field_name] = \Extension\Str::isJsonFormat($af->field_value) ? json_decode($af->field_value, true) : $af->field_value; } } unset($account_fields, $af); // get timezone list to display. \Config::load('timezone', 'timezone'); $output['timezone_list'] = \Config::get('timezone.timezone', array()); unset($query); } else { // not found account. unset($cookie_account, $query); \Model_Accounts::logout(); \Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main())); } // if form submitted if (\Input::method() == 'POST') { // store data for save to db. $data['account_id'] = $cookie_account['account_id']; $data['account_username'] = $cookie_account['account_username']; //trim(\Input::post('account_username'));//no, do not edit username. $data['account_old_email'] = $cookie_account['account_email']; $data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email'))); $data['account_password'] = trim(\Input::post('account_password')); $data['account_new_password'] = trim(\Input::post('account_new_password')); $data['account_display_name'] = \Security::htmlentities(\Input::post('account_display_name')); $data['account_firstname'] = \Security::htmlentities(trim(\Input::post('account_firstname', null))); if ($data['account_firstname'] == null) { $data['account_firstname'] = null; } $data['account_middlename'] = \Security::htmlentities(trim(\Input::post('account_middlename', null))); if ($data['account_middlename'] == null) { $data['account_middlename'] = null; } $data['account_lastname'] = \Security::htmlentities(trim(\Input::post('account_lastname', null))); if ($data['account_lastname'] == null) { $data['account_lastname'] = null; } $data['account_birthdate'] = \Security::strip_tags(trim(\Input::post('account_birthdate', null))); if ($data['account_birthdate'] == null) { $data['account_birthdate'] = null; } $data['account_signature'] = \Security::htmlentities(trim(\Input::post('account_signature', null))); if ($data['account_signature'] == null) { $data['account_signature'] = null; } $data['account_timezone'] = \Security::strip_tags(trim(\Input::post('account_timezone'))); $data['account_language'] = \Security::strip_tags(trim(\Input::post('account_language', null))); if ($data['account_language'] == null) { $data['account_language'] = null; } // store data for account_fields $data_field = array(); if (is_array(\Input::post('account_field'))) { foreach (\Input::post('account_field') as $field_name => $field_value) { if (is_string($field_name)) { if (is_array($field_value)) { $field_value = json_encode($field_value); } $data_field[$field_name] = $field_value; } } } unset($field_name, $field_value); // validate form. $validate = \Validation::forge(); $validate->add_callable(new \Extension\FsValidate()); //$validate->add('account_username', \Lang::get('account_username'), array(), array('required', 'noSpaceBetweenText'));//no, do not edit username. $validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email')); $validate->add('account_display_name', \Lang::get('account_display_name'), array(), array('required')); $validate->add('account_birthdate', \Lang::get('account_birthdate'))->add_rule('valid_date', 'Y-m-d'); $validate->add('account_timezone', \Lang::get('account_timezone'), array(), array('required')); if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { // save $result = \Model_accounts::memberEditProfile($data, $data_field); if ($result === true) { if (\Session::get_flash('form_status', null, false) == null) { \Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('account_saved'))); } \Response::redirect(\Uri::main()); } else { $output['form_status'] = 'error'; $output['form_status_message'] = $result; } } // re-populate form //$output['account_username'] = trim(\Input::post('account_username'));//no, do not edit username. $output['account_email'] = trim(\Input::post('account_email')); $output['account_display_name'] = trim(\Input::post('account_display_name')); $output['account_firstname'] = trim(\Input::post('account_firstname')); $output['account_middlename'] = trim(\Input::post('account_middlename')); $output['account_lastname'] = trim(\Input::post('account_lastname')); $output['account_birthdate'] = trim(\Input::post('account_birthdate')); $output['account_signature'] = trim(\Input::post('account_signature')); $output['account_timezone'] = trim(\Input::post('account_timezone')); $output['account_language'] = trim(\Input::post('account_language')); // re-populate form for account fields if (is_array(\Input::post('account_field'))) { foreach (\Input::post('account_field') as $field_name => $field_value) { if (is_string($field_name)) { $output['account_field'][$field_name] = $field_value; } } } unset($field_name, $field_value); } // clear variables unset($cookie_account, $data, $result); // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_edit')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/edit_v', $output, false); }
public static function get_timeline_content($timeline_id, $type, $body = null, $foreign_table_obj = null, array $optional_info = null, $is_detail = false, $is_strip_tags = false) { switch ($type) { case \Config::get('timeline.types.normal'): // 通常 timeline 投稿(つぶやき) // 通常 timeline 投稿(つぶやき) case \Config::get('timeline.types.album_image_timeline'): case \Config::get('timeline.types.member_name'): $return_body = self::get_normal_timeline_body($body, $type, $timeline_id, isset($optional_info['count']) ? $optional_info['count'] : 0, $is_detail); return $is_strip_tags ? \Security::strip_tags($return_body) : $return_body; case \Config::get('timeline.types.member_register'): // SNS への参加 return FBD_SITE_NAME . ' に参加しました。'; case \Config::get('timeline.types.profile_image'): // profile 写真投稿 // profile 写真投稿 case \Config::get('timeline.types.album_image_profile'): // profile 写真投稿(album_image) return term('profile', 'site.picture') . 'を設定しました。'; case \Config::get('timeline.types.note'): // note 投稿 return term('note') . 'を投稿しました。'; case \Config::get('timeline.types.thread'): // thread 投稿 return term('thread') . 'を投稿しました。'; case \Config::get('timeline.types.album'): // album 作成 return term('album') . 'を作成しました。'; case \Config::get('timeline.types.album_image'): // album_image 投稿 $return_body = $foreign_table_obj ? render('timeline::_parts/body_for_add_album_image', array('album_id' => $foreign_table_obj->id, 'name' => $foreign_table_obj->name, 'count' => isset($optional_info['count']) ? $optional_info['count'] : 0)) : null; return $is_strip_tags ? \Security::strip_tags($return_body) : $return_body; //case \Config::get('timeline.types.member_name'):// ニックネーム変更 // break; } return null; }
public function action_index() { // clear redirect referrer \Session::delete('submitted_redirect'); // check permission if (\Model_AccountLevelPermission::checkAdminPermission('siteman_perm', 'siteman_viewsites_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); \Response::redirect(\Uri::create('admin')); } // read flash message for display errors. $form_status = \Session::get_flash('form_status'); if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) { $output['form_status'] = $form_status['form_status']; $output['form_status_message'] = $form_status['form_status_message']; } unset($form_status); // set sort variable for sortable in views. $next_sort = \Security::strip_tags(trim(\Input::get('sort'))); if ($next_sort == null || $next_sort == 'ASC') { $next_sort = 'DESC'; } else { $next_sort = 'ASC'; } $output['next_sort'] = $next_sort; unset($next_sort); // filters $output['filter_site_id'] = trim(\Input::get('filter_site_id')); $output['filter_site_name'] = trim(\Input::get('filter_site_name')); $output['filter_site_domain'] = trim(\Input::get('filter_site_domain')); $output['filter_site_status'] = trim(\Input::get('filter_site_status')); // list sites ------------------------------------------------------------------------------------------------------ $option['list_for'] = 'admin'; $option['limit'] = \Model_Config::getval('content_admin_items_perpage'); $option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0; if ($output['filter_site_id'] != null) { $option['filter_site_id'] = $output['filter_site_id']; } if ($output['filter_site_name'] != null) { $option['filter_site_name'] = $output['filter_site_name']; } if ($output['filter_site_domain'] != null) { $option['filter_site_domain'] = $output['filter_site_domain']; } if ($output['filter_site_status'] != null) { $option['filter_site_status'] = $output['filter_site_status']; } if (\Security::strip_tags(trim(\Input::get('orders'))) != null) { $option['orders'] = \Security::strip_tags(trim(\Input::get('orders'))); } if (\Security::strip_tags(trim(\Input::get('sort'))) != null) { $option['sort'] = \Security::strip_tags(trim(\Input::get('sort'))); } $list_sites = \Model_Sites::listSites($option); // pagination config $config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false); $config['total_items'] = $list_sites['total']; $config['per_page'] = $option['limit']; $config['uri_segment'] = 'page'; $config['num_links'] = 3; $config['show_first'] = true; $config['show_last'] = true; $config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>"; $config['first-inactive-link'] = '<a href="#">{page}</a>'; $config['first-marker'] = '«'; $config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>"; $config['last-inactive-link'] = '<a href="#">{page}</a>'; $config['last-marker'] = '»'; $config['previous-marker'] = '‹'; $config['next-marker'] = '›'; $pagination = \Pagination::forge('default', $config); $output['list_sites'] = $list_sites; $output['pagination'] = $pagination; unset($config, $list_accounts, $option, $pagination); // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('siteman_multisite_manager')); // <head> output ---------------------------------------------------------------------------------------------- // breadcrumb ------------------------------------------------------------------------------------------------- $page_breadcrumb = []; $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')]; $page_breadcrumb[1] = ['name' => \Lang::get('siteman_multisite_manager'), 'url' => \Uri::create('admin/siteman')]; $output['page_breadcrumb'] = $page_breadcrumb; unset($page_breadcrumb); // breadcrumb ------------------------------------------------------------------------------------------------- return $this->generatePage('admin/templates/siteman/index_v', $output, false); }
public function action_save($account_id = '') { // set redirect url $redirect = $this->getAndSetSubmitRedirection(); // check permission if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_user_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); \Response::redirect($redirect); } // if account id not set if (!is_numeric($account_id)) { $cookie_account = \Model_Accounts::forge()->getAccountCookie('admin'); $account_id = 0; if (isset($cookie_account['account_id'])) { $account_id = $cookie_account['account_id']; } unset($cookie_account); } $output['account_id'] = $account_id; // check target account $account_check_result = $this->checkAccountData($account_id); $output['account_check_result'] = is_object($account_check_result) || is_array($account_check_result) ? true : $account_check_result; unset($account_check_result); if ($output['account_check_result'] === true) { // if form submitted if (\Input::method() == 'POST') { if (\Extension\NoCsrf::check()) { $data['permission_core'] = (int) trim(\Input::post('permission_core')); if ($data['permission_core'] != '1') { $data['permission_core'] = '0'; } $data['module_system_name'] = \Security::strip_tags(trim(\Input::post('module_system_name'))); if ($data['module_system_name'] == null || $data['permission_core'] == '1') { $data['module_system_name'] = null; } $data['account_id'] = \Input::post('account_id'); $data['permission_page'] = \Input::post('permission_page'); $data['permission_action'] = \Input::post('permission_action'); \Model_AccountPermission::savePermissions($account_id, $data); // set success message \Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved'))); } else { // nocsrf error, set error msg. \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('fslang_invalid_csrf_token'))); } // endif nocsrf check } // endif form submitted } else { // failed to check account. set error msg. \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => $output['account_check_result'])); } // endif check account result. // go back \Response::redirect($redirect); }
public function action_save() { // set redirect url $redirect = $this->getAndSetSubmitRedirection(); // check permission if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_level_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); \Response::redirect($redirect); } // if form submitted if (\Input::method() == 'POST') { if (\Extension\NoCsrf::check()) { $data['permission_core'] = (int) trim(\Input::post('permission_core')); if ($data['permission_core'] != '1') { $data['permission_core'] = '0'; } $data['module_system_name'] = \Security::strip_tags(trim(\Input::post('module_system_name'))); if ($data['module_system_name'] == null || $data['permission_core'] == '1') { $data['module_system_name'] = null; } $data['level_group_id'] = \Input::post('level_group_id'); $data['permission_page'] = \Input::post('permission_page'); $data['permission_action'] = \Input::post('permission_action'); \Model_AccountLevelPermission::savePermissions($data); // set success message \Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved'))); } else { // nocsrf error, set error msg. \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('fslang_invalid_csrf_token'))); } } // go back \Response::redirect($redirect); }
public function action_index() { // is user logged in? if (\Model_Accounts::isMemberLogin() == false) { \Response::redirect(\Uri::create('account/login') . '?rdr=' . urlencode(\Uri::main())); } // load language \Lang::load('account'); \Lang::load('accountlogins'); // get account id $cookie_account = \Model_Accounts::forge()->getAccountCookie(); // get account data $row = \Model_Accounts::find($cookie_account['account_id']); if ($row == null) { // not found user data. unset($row); \Response::redirect(\Uri::main()); } $output['account'] = $row; // set sort variable for sortable in views. $next_sort = \Security::strip_tags(trim(\Input::get('sort'))); if ($next_sort == null || $next_sort == 'DESC') { $next_sort = 'ASC'; } else { $next_sort = 'DESC'; } $output['next_sort'] = $next_sort; unset($next_sort); // list logins ----------------------------------------------------------------------------------------------------- $option['limit'] = \Model_Config::getval('content_items_perpage'); $option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0; if (\Security::strip_tags(trim(\Input::get('orders'))) != null) { $option['orders'] = \Security::strip_tags(trim(\Input::get('orders'))); } if (\Security::strip_tags(trim(\Input::get('sort'))) != null) { $option['sort'] = \Security::strip_tags(trim(\Input::get('sort'))); } $data['account_id'] = $cookie_account['account_id']; $data['site_id'] = \Model_Sites::getSiteId(); $list_logins = \Model_AccountLogins::listLogins($data, $option); // pagination config $config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false); $config['total_items'] = $list_logins['total']; $config['per_page'] = $option['limit']; $config['uri_segment'] = 'page'; $config['num_links'] = 3; $config['show_first'] = true; $config['show_last'] = true; $config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>"; $config['first-inactive-link'] = '<a href="#">{page}</a>'; $config['first-marker'] = '«'; $config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>"; $config['last-inactive-link'] = '<a href="#">{page}</a>'; $config['last-marker'] = '»'; $config['previous-marker'] = '‹'; $config['next-marker'] = '›'; $pagination = \Pagination::forge('viewlogins_pagination', $config); $output['list_logins'] = $list_logins; $output['pagination'] = $pagination; unset($config, $data, $list_logins, $option, $pagination); // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_login_history')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/viewlogins_v', $output, false); }
<div style="text-align: center"> <?php foreach ($arts as $art) { ?> <div class="portfolio sanpham-cat-3col custom-backround" style="display: inline-block; background-image: url('<?php echo URI::base() . 'assets/img/art/' . $art['thumb']; ?> ')"> <a href="<?php echo URI::base() . 'assets/img/art/' . $art['thumb']; ?> " class="b-link-stripe b-animate-go swipebox" style="width: 100%; height: 100%; position: absolute; left: 0;" title="<?php echo !empty($art['desc']) ? Security::strip_tags(htmlspecialchars_decode($art['desc'])) : '...'; ?> "> </a> </div> <?php } ?> <div class="clear"></div> </div> </div>
?> <div class="you-box-col col-md-6 col-sm-6 col-6-mobile portfolio-item wow animated zoomIn custom-backround" style="padding:0px; height: 400px; background-image: url('<?php echo URI::base() . 'assets/img/cat/' . $left_cat['bg']; ?> ')"> <div class="portfolio-link" data-toggle="modal" style="width: 100%; height: 100%;"> <div class="portfolio-hover"> <div class="portfolio-hover-content"> <div class="row inner_boxx you-title"> <div class="col-lg-12 text-center"> <?php echo htmlspecialchars_decode($left_cat['name']); ?> <h3 class="section-subheading you-text ve-chung-toi"><?php echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($left_cat['desc'])), 90); ?> </h3> <a href="<?php echo Uri::base() . 'you/' . $left_cat['slug'] . '.html'; ?> " class="portfolio-link cat-modal btn btn-warning you-button-view-profile" data-toggle="modal" > <?php echo __('common.view_our_profile'); ?> </a> </div> </div> </div>
public function action_index() { // load language \Lang::load('account'); // load config from db. $cfg_values = array('member_allow_register', 'member_verification'); $config = \Model_Config::getvalues($cfg_values); $output['config'] = $config; unset($cfg_values); // pre-set form values $output['account_username'] = null; $output['account_email'] = null; $output['account_password'] = null; $output['account_confirm_password'] = null; $output['captcha'] = null; if (\Input::method() == 'POST' && $config['member_allow_register']['value'] == '1') { // store data to array for send to model with add/register method. $data['account_username'] = trim(\Input::post('account_username')); $data['account_display_name'] = \Security::htmlentities($data['account_username']); $data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email'))); $data['account_password'] = trim(\Input::post('account_password')); // validate form. $validate = \Validation::forge(); $validate->add_callable(new \Extension\FsValidate()); $validate->add('account_username', \Lang::get('account_username'), array(), array('required', 'noSpaceBetweenText')); $validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email')); $validate->add('account_password', \Lang::get('account_password'), array(), array('required')); $validate->add('account_confirm_password', \Lang::get('account_confirm_password'), array(), array('required'))->add_rule('match_field', 'account_password'); if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); } else { // validate pass include APPPATH . 'vendor' . DS . 'securimage' . DS . 'securimage.php'; $securimage = new \Securimage(); if ($securimage->check(\Input::post('captcha')) == false) { $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('account_wrong_captcha_code'); } else { $continue_register = true; } // if captcha pass if (isset($continue_register) && $continue_register === true) { // register action $result = \Model_Accounts::registerAccount($data); if ($result === true) { $output['hide_register_form'] = true; // if member verification is need, show those message. if no need, just show success message. if ($config['member_verification']['value'] == '0') { $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_registration_complted'); } elseif ($config['member_verification']['value'] == '1') { $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_registration_completed_need_confirm'); } elseif ($config['member_verification']['value'] == '2') { $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_registration_completed_need_admin_verify'); } } else { $output['form_status'] = 'error'; $output['form_status_message'] = $result; } } } // re-populate form $output['account_username'] = trim(\Input::post('account_username')); $output['account_email'] = trim(\Input::post('account_email')); //$output['account_password'] = trim(\Input::post('account_password')); //$output['account_confirm_password'] = trim(\Input::post('account_confirm_password')); //$output['captcha'] = \Input::post('captcha'); } // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_register')); // <head> output ---------------------------------------------------------------------------------------------- return $this->generatePage('front/templates/account/register_v', $output, false); }
/** * Get list of categories * * params boolean $search For searching or not * @return array list of categories * * @version 1.0 * @since 1.0 * @access public * @author Nguyen Van hiep * @author Dao Anh Minh */ public static function get_cat_list($search = false, $lang = '') { $parent_cats = DB::select('c.id', 'c.name')->from(array('cat', 'c'))->where('parent_id', 0)->order_by('c.order', 'asc')->execute()->as_array(); $ret = $search ? array('' => '---') : array(); foreach ($parent_cats as $cat) { $ret[$cat['id']] = Security::strip_tags($cat['name']); } $cats = DB::select('c.id', 'c.name', 'c.parent_id', 'c.order', 'c.active', array('cp.name', 'parent'))->join(array('cat', 'cp'), 'INNER')->on('c.parent_id', '=', 'cp.id')->from(array('cat', 'c'))->where('c.active', true)->order_by('c.parent_id', 'asc')->order_by('c.order', 'asc'); if (!empty($lang)) { $cats->where('c.lang', $lang); } foreach ($cats->execute()->as_array() as $cat) { $ret[Security::strip_tags($cat['parent'])][$cat['id']] = Security::strip_tags($cat['name']); } return $ret; }
/** * Display detailed page of Article * * @param void * @access public * @author Nguyen Van Hiep * * @version 1.0 * @since 1.0 */ public function action_view() { $art_check = Model_Article::get_art_from_slug(Uri::segment(2)); if (!$art_check) { Response::redirect('common/error'); } $uri = explode('-', Uri::string()); $id = array_pop($uri); $art = Model_Article::find($id); $cat = Model_Categories::get_cat_from_slug(Uri::segment(1)); $related_arts = Model_Article::articles_of_cat_limit($cat->id, $this->lang, $id); if (!$art) { Session::set_flash('error', __('message.art_not_exist')); Response::redirect('common/404'); } $art->views = $art->views + 1; $art->save(); if ($cat->display_type == DS_SANPHAM) { $this->template = \View::forge('customer/template_sanpham_detail'); $view = View::forge('customer/article/detail_sp_slide'); } elseif ($cat->display_type == DS_MONAN) { $this->template = \View::forge('customer/template_monan'); $view = View::forge('customer/article/detail_monan_slide'); } elseif ($cat->display_type == QUY_TRINH_SX) { $view = View::forge('customer/article/detail_quytrinhsx'); } else { $view = View::forge('customer/article/detail'); } $view->art = $art; $view->related_arts = $related_arts; $view->cat = $cat; if (!empty($cat->parent_id)) { $view->p_cat = Model_Categories::find($cat->parent_id); } // data to display menu $this->template->cats = Model_Categories::get_cats_home($this->lang); $this->template->pepper_arts = Model_Article::pepper_artilces($this->lang); $this->template->title = Security::strip_tags($art->title); $this->template->content = $view; }
/** * Display sub-categories of a category - Img of Five continents * * params object $cat Category * return void * * @version 1.0 * @since 1.0 * @access protected * @author Nguyen Van Hiep */ protected function five_cont_img($cat) { $view = View::forge('customer/cat/am_thuc_5_chau'); $view->cat = $cat; $view->childs = Model_Categories::childs($cat->id, $this->lang); $this->template->title = Security::strip_tags($cat->name); $this->template->content = $view; }
<td> <?php echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($val->title)), 15); ?> </td> <td title="<?php echo $val->thumb; ?> "> <?php echo !empty($val->thumb) ? Html::img(Uri::base() . 'assets/img/art/' . $val->thumb, array("title" => $val->thumb, "alt" => $val->thumb, 'class' => "", 'height' => 70, 'width' => 120, 'style' => 'object-fit: cover')) : ''; ?> </td> <td> <?php echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($val->desc)), 15); ?> </td> <td> <?php echo __('lang.' . $val->lang); ?> </td> <td> <?php echo $val->views; ?> </td> <td> <?php echo Html::anchor("admin/article/edit/{$val->id}/{$selected_cat_view}/{$selected_lang_view}", '<i class="glyphicon glyphicon-pencil"></i>', array('class' => 'btn btn-default btn-xs'));
?> <div> <div class="img-top portfolio sanpham-related custom-backround" style="display: inline-block; background-image: url('<?php echo URI::base() . 'assets/img/art/' . $art['thumb']; ?> ')"> <a href="<?php echo URI::base() . $cat->slug . '/' . $art['slug'] . ".html"; ?> " class="b-link-stripe" target="_blank"> <div class="sanpham-hover-content"> <div class="box-middle" style="height: 50%; width: 100%; position: absolute; bottom: 0;"> <p class='section-subheading you-text inner_boxx' style="padding:0 15px; margin-bottom: 0px;"><?php echo Input::cut_strings(Security::strip_tags(htmlspecialchars_decode($art['desc'])), 20); ?> </p> </div> </div> </a> </div> </div> <?php } ?> </section> </div> <!--end man hinh nho-->
/** * list websites from db * * @param array $option available options: [list_for], [filter_], [orders], [sort], [offset], [limit], [list_for], [unlimit] * @return array */ public static function listSites($option = array()) { $query = static::query(); // where conditions if (!isset($option['list_for']) || isset($option['list_for']) && $option['list_for'] == 'front') { $query->where('site_status', 1); } // filters -------------------------------------------------------------------------------------------------------------------------------------------- if (isset($option['filter_site_id'])) { $query->where('site_id', 'LIKE', '%' . $option['filter_site_id'] . '%'); } if (isset($option['filter_site_name'])) { $query->where('site_name', 'LIKE', '%' . \Security::htmlentities($option['filter_site_name']) . '%'); } if (isset($option['filter_site_domain'])) { $query->where('site_domain', 'LIKE', '%' . mb_strtolower(\Security::strip_tags($option['filter_site_domain'])) . '%'); } if (isset($option['filter_site_status'])) { $query->where('site_status', $option['filter_site_status']); } // end filters -------------------------------------------------------------------------------------------------------------------------------------- $output['total'] = $query->count(); // sort and order $allowed_orders = array('site_id', 'site_name', 'site_domain', 'site_status', 'site_create', 'site_update'); if (!isset($option['orders']) || isset($option['orders']) && !in_array($option['orders'], $allowed_orders)) { $option['orders'] = 'site_id'; } unset($allowed_orders); if (!isset($option['sort'])) { $option['sort'] = 'ASC'; } // offset and limit if (!isset($option['offset'])) { $option['offset'] = 0; } if (!isset($option['limit'])) { if (isset($option['list_for']) && $option['list_for'] == 'admin') { $option['limit'] = \Model_Config::getval('content_admin_items_perpage'); } else { $option['limit'] = \Model_Config::getval('content_items_perpage'); } } // get the results from sort, order, offset, limit. $query->order_by($option['orders'], $option['sort']); if (!isset($option['unlimit']) || isset($option['unlimit']) && $option['unlimit'] == false) { $query->offset($option['offset'])->limit($option['limit']); } $output['items'] = $query->get(); unset($query); return $output; }
/** * Converts your text to a URL-friendly title so it can be used in the URL. * Only works with UTF8 input and and only outputs 7 bit ASCII characters. * * @param string $str the text * @param string $sep the separator * @param bool $lowercase whether to convert to lowercase * @param bool $allow_non_ascii whether to allow non ascii * @return string the new title */ public static function friendly_title($str, $sep = '-', $lowercase = false, $allow_non_ascii = false) { // Remove tags $str = \Security::strip_tags($str); // Decode all entities to their simpler forms $str = html_entity_decode($str, ENT_QUOTES, 'UTF-8'); // Replace apostrophes. $str = preg_replace("#[\\’]#", '-', $str); // Remove all quotes. $str = preg_replace("#[\"\\']#", '', $str); // Only allow 7bit characters $str = static::ascii($str, $allow_non_ascii); if ($allow_non_ascii) { // Strip regular special chars. $str = preg_replace("#[\\.;:'\"\\]\\}\\[\\{\\+\\)\\(\\*&\\^\$\\#@\\!±`%~']#iu", '', $str); } else { // Strip unwanted characters $str = preg_replace("#[^a-z0-9]#i", $sep, $str); } $str = preg_replace("#[/_|+ -]+#u", $sep, $str); $str = trim($str, $sep); if ($lowercase === true) { $str = strtolower($str); } return $str; }
} else { ?> <td></td> <?php } ?> <td> <?php echo Security::strip_tags(htmlspecialchars_decode($val->name)); ?> </td> <td><?php echo (int) $val->parent_id > 0 ? Security::strip_tags(htmlspecialchars_decode($all_cats[$val->parent_id]->name)) : ''; ?> </td> <td><?php echo $val->parent_id != 0 ? __('lang.' . $val->lang) : ''; ?> </td> <td> <?php if ($val->id > 3) { ?> <?php echo Html::anchor("admin/categories/edit/{$val->id}/{$select_lang}", '<i class="glyphicon glyphicon-pencil"></i>', array('class' => 'btn btn-default btn-xs')); ?>