function prefs_smarty_validate() { global $_RUN; if (SmartyValidate::is_init() && SmartyValidate::is_valid($_POST)) { SmartyValidate::clear(); // And set the preferences $ok = ""; $errors['PARAMS'] = "Incorrect parameters specified..\n"; $data['name'] = $_POST['name']; $data['email'] = $_POST['email']; $data['theme_id'] = $_POST['theme']; $data['gender'] = $_POST['gender']; $data['city'] = $_POST['city']; $data['country'] = $_POST['country']; $data['tag'] = $_POST['tag']; $data['dob'] = $_POST['dob_Year'] . "-" . $_POST['dob_Month'] . "-" . $_POST['dob_Day']; if (isset($inform)) { $data['inform'] = $_POST['inform']; } if (isset($login_pass)) { $data['login_pass'] = $_POST['login_pass']; } $user_id = decrypt_get_vars($_POST['uid']); $data['user_id'] = $user_id; comm_send_to_server("SETPREFS", $data, $ok, $errors); $result = sql_query("SELECT * FROM perihelion.u_users WHERE id=" . $user_id); $tmp = sql_fetchrow($result); session_reinit($tmp); $template = new Smarty(); $template->display($_RUN['theme_path'] . "/preferences-success.tpl"); return true; } return false; }
function contact_form() { global $smarty, $lang, $fp_config; if (empty($_POST)) { $smarty->assign('success', system_geterr('contact')); $smarty->assign_by_ref('panelstrings', $lang['contact']); // new form, we (re)set the session data SmartyValidate::connect($smarty, true); // register our validators SmartyValidate::register_validator('name', 'name', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('email', 'email', 'isEmail', true, false, 'trim'); SmartyValidate::register_validator('www', 'url', 'isURL', true, false, 'trim'); SmartyValidate::register_validator('content', 'content', 'notEmpty', false, false); } else { utils_nocache_headers(); // validate after a POST SmartyValidate::connect($smarty); if (!empty($_POST['url']) && strpos($_POST['url'], 'http://') === false) { $_POST['url'] = 'http://' . $_POST['url']; } // custom hook here!! // we'll use comment actions, anyway if (SmartyValidate::is_valid($_POST) && ($arr = contact_form_validate())) { $msg = "Name: \n{$arr['name']} \n\n"; if (isset($arr['email'])) { $msg .= "Email: {$arr['email']}\n\n"; } if (isset($arr['url'])) { $msg .= "WWW: {$arr['url']}\n\n"; } $msg .= "Content:\n{$arr['content']}\n"; $success = @utils_mail(isset($arr['email']) ? $arr['email'] : $fp_config['general']['email'], "Contact sent through {$fp_config['general']['title']} ", $msg); system_seterr('contact', $success ? 1 : -1); utils_redirect(basename(__FILE__)); } else { $smarty->assign('values', $_POST); } } }
SmartyValidate::register_validator('maxRuntime', 'maxRuntime', 'isInt', false, false, 'trim', 'mailings'); $vMsg = array(); $vMsg['maxRuntime'] = Pommo::_T('Enter a number.'); $vMsg['list_fromname'] = Pommo::_T('Cannot be empty.'); $vMsg['list_fromemail'] = $vMsg['list_frombounce'] = Pommo::_T('Invalid email address'); $smarty->assign('vMsg', $vMsg); // populate _POST with info from database (fills in form values...) $dbVals = PommoAPI::configGet(array('list_fromname', 'list_fromemail', 'list_frombounce', 'list_charset', 'public_history', 'maxRuntime')); $dbVals['demo_mode'] = !empty($pommo->_config['demo_mode']) && $pommo->_config['demo_mode'] == "on" ? 'on' : 'off'; $smarty->assign($dbVals); } else { // ___ USER HAS SENT FORM ___ /********************************** JSON OUTPUT INITIALIZATION *********************************/ Pommo::requireOnce($pommo->_baseDir . 'inc/classes/json.php'); $json = new PommoJSON(); if (SmartyValidate::is_valid($_POST, 'mailings')) { // __ FORM IS VALID PommoAPI::configUpdate($_POST); $pommo->reloadConfig(); $json->success(Pommo::_T('Configuration Updated.')); } else { // __ FORM NOT VALID $json->add('fieldErrors', $smarty->getInvalidFields('mailings')); $json->fail(Pommo::_T('Please review and correct errors with your submission.')); } } $smarty->assign($_POST); $smarty->display('admin/setup/config/mailings.tpl'); Pommo::kill();
$data['VALID'] = 1; if ($data['RECPR_REQUIRED']) { $data['RECPR_VALID'] = 1; $data['RECPR_LAST_CHECKED'] = gmdate('Y-m-d H:i:s'); } $data['LAST_CHECKED'] = gmdate('Y-m-d H:i:s'); //$data['DATE_ADDED'] = gmdate ('Y-m-d H:i:s'); unset($data['EXPIRY_DATE']); $data['DATE_MODIFIED'] = gmdate('Y-m-d H:i:s'); if (strlen(trim($data['URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['URL'])) { $data['URL'] = "http://" . $data['URL']; } if (strlen(trim($data['RECPR_URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['RECPR_URL'])) { $data['RECPR_URL'] = "http://" . $data['RECPR_URL']; } if (SmartyValidate::is_valid($data, "add_reciprocal") && !empty($id)) { if ($db->Replace($tables['link']['name'], $data, 'ID', true) > 0) { $tpl->assign('posted', true); } else { $tpl->assign('sql_error', $db->ErrorMsg()); } } } else { $tpl->assign('sql_error', $db->ErrorMsg()); } } $path = get_path($_SESSION['cid']); $path[] = array('ID' => '0', 'TITLE' => _L('Add Reciprocal Link for ' . $data['TITLE']), 'TITLE_URL' => '', 'DESCRIPTION' => _L('Rate A Link')); $tpl->assign('path', $path); $tpl->assign($data); //Clean whitespace
case 'N': default: if (empty($_REQUEST['submit'])) { SmartyValidate::connect($tpl); SmartyValidate::register_form('conf_user_permissions', true); SmartyValidate::register_criteria('isValueUnique', 'validate_unique', 'conf_user_permissions'); SmartyValidate::register_criteria('isNotEqual', 'validate_not_equal', 'conf_user_permissions'); SmartyValidate::register_criteria('isNotSubCat', 'validate_not_sub_category', 'conf_user_permissions'); SmartyValidate::register_validator('v_CATEGORY_ID', 'CATEGORY_ID:0', 'isNotEqual', true, false, null, 'conf_user_permissions'); SmartyValidate::register_validator('v_CATEGORY_ID_U', "CATEGORY_ID:user_permission:0:USER_ID", 'isValueUnique', false, false, null, 'conf_user_permissions'); SmartyValidate::register_validator('v_CATEGORY_ID_S', "CATEGORY_ID", 'isNotSubCat', false, false, null, 'conf_user_permissions'); } else { SmartyValidate::connect($tpl); $data = get_table_data('user_permission'); $data['USER_ID'] = $u; if (SmartyValidate::is_valid($data, 'conf_user_permissions')) { // Check if category is parent to existing categories. $child_categories = find_child_categories(); if ($child_categories > 0) { $tpl->assign('CHILD_CATEGORIES', $child_categories); $tpl->assign('WARN', true); $category = $db->GetOne("SELECT `TITLE` FROM `{$tables['category']['name']}` WHERE `ID` = " . $db->qstr($data['CATEGORY_ID'])); $tpl->assign('CATEGORY', $category); } else { $id = $db->GenID($tables['user_permission']['name'] . '_SEQ'); $data['ID'] = $id; if (db_replace('user_permission', $data, 'ID') > 0) { $tpl->assign('posted', 'Permission granted.'); } else { $tpl->assign('sql_error', $db->ErrorMsg()); }
function index() { session_start(); global $db, $prefix; include "header.php"; $tpl = new Template(); smartyValidate::connect($tpl, empty($_POST)); SmartyValidate::register_form('fare_search'); //set $origin = intval($_REQUEST["origin"]); $destination = intval($_REQUEST["destination"]); if ($_POST["departure"]) { $departure = tounixdate($_POST["departure"]); } else { $departure = $_GET["departure"]; } $faretype = intval($_REQUEST["faretype"]); $class = intval($_REQUEST["class"]); $airline = intval($_REQUEST["airline"]); $tpl->assign("origin", $origin); $tpl->assign("destination", $destination); $tpl->assign("class", $class); $tpl->assign("faretype", $faretype); //fare type $qtype = $db->query("SELECT * FROM travel_faretype"); while (list($type_id, $type_name) = $db->fetch_row($qtype)) { $type_opt[$type_id] = $type_name; } //Origin $qorigin = $db->query("SELECT origin_id,origin_name FROM travel_origin ORDER BY origin_name ASC "); $origin_opt = array(); while (list($origin_id, $origin_name) = $db->fetch_row($qorigin)) { $origin_opt[$origin_id] = $origin_name; } //Destination $qdestination = $db->query("SELECT destination_id,destination_name FROM travel_destination JOIN\r\n\t{$prefix}_fares ON destination_id=fare_destination\r\n\tORDER BY destination_name ASC"); $destination_opt = array(); while (list($destination_id, $destination_name) = $db->fetch_array($qdestination)) { $destination_opt[$destination_id] = $destination_name; } // Airlines $qairline = $db->query("SELECT airline_id,airline_name FROM travel_airline"); $airline_opt = array(); while (list($airline_id, $airline_name) = $db->fetch_array($qairline)) { $airline_opt[$airline_id] = $airline_name; } // Class $qclass = $db->query("SELECT class_id,class_name FROM travel_class"); $class_opt = array(); while (list($class_id, $class_name) = $db->fetch_array($qclass)) { $class_opt[$class_id] = $class_name; } if (!isset($_GET[page]) && empty($_POST)) { $tpl->assign("origin_opt", $origin_opt); $tpl->assign("destination_opt", $destination_opt); $tpl->assign("airline_opt", $airline_opt); $tpl->assign("class_opt", $class_opt); $tpl->assign("type_opt", $type_opt); $tpl->assign("lang", $lang); $tpl->display("search/search.tpl"); } else { if (SmartyValidate::is_valid($_POST)) { // no errors, done with SmartyValidate $tpl->assign($_POST); $tpl->assign("origin_opt", $origin_opt); $tpl->assign("destination_opt", $destination_opt); $tpl->assign("airline_opt", $airline_opt); $tpl->assign("class_opt", $class_opt); $tpl->assign("type_opt", $type_opt); $tpl->assign("lang", $lang); $tpl->display("search/search.tpl"); SmartyValidate::disconnect(); $origin = intval($_REQUEST["origin"]); $destination = intval($_REQUEST["destination"]); if ($_POST["departure"]) { $departure = tounixdate($_POST["departure"]); } else { $departure = $_GET["departure"]; } $faretype = intval($_REQUEST["faretype"]); $class = intval($_REQUEST["class"]); $airline = intval($_REQUEST["airline"]); //goto("index.php?m=search&op=search&origin=$origin&destination=$destination&departure=$departure&faretype=$faretype&class=$class&airline=$airline","Processing"); $faretype = intval($_REQUEST["faretype"]); $class = intval($_REQUEST["class"]); $airline = intval($_REQUEST["airline"]); $query = "SELECT * FROM " . $prefix . "_fares," . $prefix . "_fares_origin\r\n\t\t\tWHERE fare_id= fares_fare AND fares_origin ={$origin} \tAND fare_destination='{$destination}'"; if (!empty($faretype)) { $query .= " AND fare_type={$faretype}"; } if (!empty($class)) { $query .= " AND fare_class={$class}"; } if (!empty($airline)) { $query .= " AND fare_airline={$airline}"; } if (!empty($departure)) { $query .= " AND {$departure} BETWEEN fare_dept_start AND fare_dept_end"; } $qsearch = $db->query($query); $num_record = $db->row_count($qsearch); if ($num_record < 1) { $tpl->assign("norecord", "norecord"); $tpl->assign("lang", $lang); $tpl->display("search/search_result.tpl"); include "footer.php"; exit; } if (isset($_GET['page'])) { $page = intval($_GET['page']); } else { $page = 1; } $currentpage = $page; $perpage = 10; $start = ($page - 1) * $perpage; $pages = ceil($num_record / $perpage); $starting_no = $start + 1; if ($num_record - $start < $perpage) { $end_count = $num_record; } elseif ($num_record - $start >= $perpage) { $end_count = $start + $perpage; } if ($pages > 1) { $page_link = makepagelink("index.php?m=search&origin={$origin}&destination={$destination}&departure={$departure}&class={$class}&faretype={$faretype}&airline={$airline}", $page, $pages); } else { $page_link = ""; } $result = $db->query("{$query} AND fare_active=1 ORDER BY fare_adultfare ASC limit {$start},{$perpage}"); while ($row = $db->fetch_array($result)) { $indexx = $row[fare_id]; $info[$indexx] = $row; $info[$indexx]["airline"] = getrow("airline_name", "travel_airline", "airline_id", "{$row['fare_airline']}"); } $originName = getrow("origin_name", "" . $prefix . "_origin", "origin_id", "{$origin}"); $destinationName = getrow("destination_name", "" . $prefix . "_destination", "destination_id", "{$destination}"); $tpl->assign("lang", $lang); $tpl->assign("fareinfo", $info); $tpl->assign("found", $num_record); $tpl->assign("destinationName", $destinationName); $tpl->assign("originName", $originName); $tpl->assign("page_link", $page_link); $tpl->assign("end_count", $end_count); $tpl->assign("starting_no", $starting_no); $tpl->assign("currentpage", "{$currentpage}/{$pages}"); $tpl->display("search/search_result.tpl"); } else { $tpl->assign("origin_opt", $origin_opt); $tpl->assign("destination_opt", $destination_opt); $tpl->assign("airline_opt", $airline_opt); $tpl->assign("class_opt", $class_opt); $tpl->assign("type_opt", $type_opt); $tpl->assign("lang", $lang); $tpl->assign($_POST); $tpl->display("search/search.tpl"); } } include "footer.php"; }
$p['subscribe_web'] = $messages['subscribe']['web']; $p['subscribe_email'] = $messages['subscribe']['email']; $p['unsubscribe_sub'] = $messages['unsubscribe']['sub']; $p['unsubscribe_msg'] = $messages['unsubscribe']['msg']; $p['unsubscribe_web'] = $messages['unsubscribe']['web']; $p['unsubscribe_email'] = $messages['unsubscribe']['email']; $p['confirm_sub'] = $messages['confirm']['sub']; $p['confirm_msg'] = $messages['confirm']['msg']; $p['activate_sub'] = $messages['activate']['sub']; $p['activate_msg'] = $messages['activate']['msg']; $p['update_sub'] = $messages['update']['sub']; $p['update_msg'] = $messages['update']['msg']; $smarty->assign($p); } else { // ___ USER HAS SENT FORM ___ if (SmartyValidate::is_valid($_POST, 'messages')) { // __ FORM IS VALID $messages = array(); $messages['subscribe'] = array(); $messages['subscribe']['sub'] = $_POST['subscribe_sub']; $messages['subscribe']['msg'] = $_POST['subscribe_msg']; $messages['subscribe']['web'] = $_POST['subscribe_web']; $messages['subscribe']['email'] = isset($_POST['subscribe_email']) ? true : false; $messages['unsubscribe'] = array(); $messages['unsubscribe']['sub'] = $_POST['unsubscribe_sub']; $messages['unsubscribe']['msg'] = $_POST['unsubscribe_msg']; $messages['unsubscribe']['web'] = $_POST['unsubscribe_web']; $messages['unsubscribe']['email'] = isset($_POST['unsubscribe_email']) ? true : false; $messages['confirm'] = array(); $messages['confirm']['sub'] = $_POST['confirm_sub']; $messages['confirm']['msg'] = $_POST['confirm_msg'];
SmartyValidate::register_validator('v_TITLE', 'TITLE', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('v_URL', 'URL', 'isURL', false, false, 'trim'); SmartyValidate::register_validator('v_EMAIL', 'EMAIL', 'isEmail', false, false, 'trim'); SmartyValidate::register_validator('v_check_email', 'EMAIL', 'checkEmail', false, false, null); SmartyValidate::register_validator('v_CATEGORY_ID', 'CATEGORY_ID:0', 'isNotEqual', true, false, 'trim'); } else { SmartyValidate::connect($tpl); $data = get_table_data('email'); $data['DATE_SENT'] = gmdate('Y-m-d H:i:s'); if (strlen(trim($data['URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['URL'])) { $data['URL'] = "http://" . $data['URL']; } $full_data = $data; $full_data['CATEGORY_ID'] = $_REQUEST['CATEGORY_ID']; $full_data['DESCRIPTION'] = $_REQUEST['DESCRIPTION']; if (SmartyValidate::is_valid($full_data)) { // Generate Link ID first $link_id = $db->GenID($tables['link']['name'] . '_SEQ'); $email_data = $full_data; $email_data['ADD_RECIPROCAL_URL'] = "http://" . $_SERVER['HTTP_HOST'] . DIRECTORY_ROOT . "/add_reciprocal.php?id=" . $link_id; $tmpl = $db->GetRow("SELECT `SUBJECT`, `BODY` FROM `{$tables['email_tpl']['name']}` WHERE `ID` = " . $db->qstr($_REQUEST['EMAIL_TPL_ID'])); $mail = get_emailer(); $mail->Body = replace_email_vars($tmpl['BODY'], $email_data); $mail->Subject = replace_email_vars($tmpl['SUBJECT'], $email_data); $mail->AddAddress($email_data['EMAIL'], $email_data['NAME']); if (!DEMO) { $sent = $mail->Send(); } else { $sent = true; } if ($sent) {
$vMsg = array(); $vMsg['site_url'] = $vMsg['site_success'] = $vMsg['site_confirm'] = Pommo::_T('Must be a valid URL'); $vMsg['list_name'] = $vMsg['site_name'] = Pommo::_T('Cannot be empty.'); $smarty->assign('vMsg', $vMsg); // populate _POST with info from database (fills in form values...) $dbVals = PommoAPI::configGet(array('site_success', 'site_confirm', 'list_exchanger', 'list_confirm')); $dbVals['site_url'] = $pommo->_config['site_url']; $dbVals['site_name'] = $pommo->_config['site_name']; $dbVals['list_name'] = $pommo->_config['list_name']; $smarty->assign($dbVals); } else { // ___ USER HAS SENT FORM ___ /********************************** JSON OUTPUT INITIALIZATION *********************************/ Pommo::requireOnce($pommo->_baseDir . 'inc/classes/json.php'); $json = new PommoJSON(); if (SmartyValidate::is_valid($_POST, 'general')) { // __ FORM IS VALID PommoAPI::configUpdate($_POST); $pommo->reloadConfig(); $json->success(Pommo::_T('Configuration Updated.')); } else { // __ FORM NOT VALID $json->add('fieldErrors', $smarty->getInvalidFields('general')); $json->fail(Pommo::_T('Please review and correct errors with your submission.')); } } $smarty->assign($_POST); $smarty->display('admin/setup/config/general.tpl'); Pommo::kill();
} else { if (ENABLE_PAGERANK == 0) { $_REQUEST['SHOW_PAGERANK'] = 0; } if ($_REQUEST['SHOW_PAGERANK'] == 0 && $_REQUEST['DEFAULT_SORT'] == 'P') { $_REQUEST['DEFAULT_SORT'] = 'H'; } foreach ($conf as $i => $row) { if ($conf[$i]['CONFIG_GROUP'] != $_REQUEST['c']) { unset($conf[$i]); } else { $conf[$i]['VALUE'] = $_REQUEST[$row['ID']]; } } SmartyValidate::connect($tpl); if (SmartyValidate::is_valid($_REQUEST, 'conf_settings')) { $posted = true; if (!DEMO) { $errors = 0; $cust_msg = ''; foreach ($conf as $row) { $posted = $db->AutoExecute($tables['config']['name'], $row, 'UPDATE', '`ID` = ' . $db->qstr($row['ID'])); if (!$posted) { break; } } $tpl->assign('posted', $posted); } } } foreach ($conf as $i => $val) {
default: if ($id) { $where = "WHERE `ID` != " . $db->qstr($id); } if (empty($_POST['submit'])) { SmartyValidate::disconnect(); SmartyValidate::connect($tpl, true); SmartyValidate::register_criteria('isEmailAndAddLinkValid', 'validate_email_and_add_link'); SmartyValidate::register_validator('v_VALIDATE_EMAIL_TYPE', 'TPL_TYPE', 'isEmailAndAddLinkValid', false, false, 'trim'); SmartyValidate::register_validator('v_TITLE', 'TITLE', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('v_SUBJECT', 'SUBJECT', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('v_BODY', 'BODY', 'notEmpty', false, false, 'trim'); } else { SmartyValidate::connect($tpl); $data = get_table_data('email_tpl'); if (SmartyValidate::is_valid($data)) { if (empty($id)) { $id = $db->GenID($tables['email_tpl']['name'] . '_SEQ'); } $data['ID'] = $id; if ($db->Replace($tables['email_tpl']['name'], $data, 'ID', true) > 0) { $tpl->assign('posted', true); if (isset($_SESSION['return'])) { @header('Location: ' . $_SESSION['return']); @exit; } } else { $tpl->assign('sql_error', $db->ErrorMsg()); } } }
if (strlen(trim($data['RECPR_URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['RECPR_URL'])) { $data['RECPR_URL'] = "http://" . $data['RECPR_URL']; } /*if (VISUAL_CONFIRM == 1 && !empty ($_POST['CAPTCHA'])) $data = array_merge ($data, array ('CAPTCHA' => $_POST['CAPTCHA']));*/ if (VISUAL_CONFIRM > 0) { $rc_resp = validateReCaptcha(); if ($rc_resp === true) { $tpl->assign('reCaptchaError', 1); } else { $tpl->assign('reCaptchaError', $rc_resp); } } else { $rc_resp = true; } if (SmartyValidate::is_valid($data, 'submit_link') && $rc_resp === true) { if (ENABLE_PAGERANK) { require_once 'include/pagerank.php'; $data['PAGERANK'] = get_page_rank($data['URL']); if (!empty($data['RECPR_URL'])) { $data['RECPR_PAGERANK'] = get_page_rank($data['RECPR_URL']); } } $id = $db->GenID($tables['link']['name'] . '_SEQ'); $data['ID'] = !empty($id) ? intval($id) : ''; $data['LINK_TYPE'] = $link_type_int[$link_type]; switch ($link_type) { case 'free': $data['NOFOLLOW'] = 1; break; case 'featured':
$_SESSION['return'] = $_SERVER['HTTP_REFERER']; } $cid = $_REQUEST['c']; $tpl->assign('cid', $cid); $tpl->assign('path', get_path($cid)); if (empty($_POST['submit'])) { SmartyValidate::disconnect(); SmartyValidate::connect($tpl, true); SmartyValidate::register_validator('v_URL', 'rss_url', 'isURL', false, false, 'trim'); } else { SmartyValidate::connect($tpl); if (strlen(trim($_REQUEST['rss_url'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $_REQUEST['rss_url'])) { $_REQUEST['rss_url'] = "http://" . $_REQUEST['rss_url']; } $tpl->assign('rss_url', $_REQUEST['rss_url']); if (SmartyValidate::is_valid($_REQUEST)) { $rss = new rssParser(); $rss_result = $rss->parse($_REQUEST['rss_url']); if ($rss_result !== true) { $tpl->assign('error', $rss_result); } $tpl->assign('link_count', count($rss->items)); $links = array(); if (count($rss->items) > 0) { foreach ($rss->items as $item) { $links[] = add_link($cid, $item['link'], $item['title'], $item['description'], $_POST['status']); } $tpl->assign('list', $links); $tpl->assign('columns', array('TITLE' => _L('Title'), 'URL' => _L('URL'), 'ERROR' => _L('Result'))); } }
SmartyValidate::register_criteria('isNotEqualVariable', 'validate_not_equal_var', 'dir_categs_edit'); SmartyValidate::register_criteria('isSymbolicUnique', 'validate_symbolic_unique', 'dir_categs_edit'); SmartyValidate::register_criteria('isParentValid', 'validate_symbolic_parent', 'dir_categs_edit'); SmartyValidate::register_validator('v_SYMBOLIC_ID', 'SYMBOLIC_ID:0', 'isNotEqual', true, false, null, 'dir_categs_edit'); SmartyValidate::register_validator('v_SYMBOLIC_ID_E', 'SYMBOLIC_ID:PARENT_ID', 'isNotEqualVariable', true, false, null, 'dir_categs_edit'); SmartyValidate::register_validator('v_SYMBOLIC_ID_U', 'SYMBOLIC_ID', 'isSymbolicUnique', false, false, null, 'dir_categs_edit'); SmartyValidate::register_validator('v_SYMBOLIC_ID_P', 'SYMBOLIC_ID', 'isParentValid', false, false, null, 'dir_categs_edit'); } } else { SmartyValidate::connect($tpl); $data = get_table_data('category'); $data['SYMBOLIC'] = isset($_REQUEST['s']) && $_REQUEST['s'] == 1 ? 1 : 0; if (strlen(trim($data['TITLE_URL'])) == 0) { $data['TITLE_URL'] = preg_replace('`[^\\w_-]`', '_', $data['TITLE']); } if (SmartyValidate::is_valid($data, 'dir_categs_edit')) { if ($action == 'N') { $data['DATE_ADDED'] = gmdate('Y-m-d H:i:s'); } if (empty($id)) { $id = $db->GenID($tables['category']['name'] . '_SEQ'); } $data['ID'] = $id; if ($db->Replace($tables['category']['name'], $data, 'ID', true) > 0) { // Refresh editor permissions if (!$_SESSION['is_admin']) { $user_permission = ""; $user_grant_permission = ""; $user_permission_array = array(); $user_grant_permission_array = array(); get_editor_permission($_SESSION['user_id']);
$vMsg['admin_username'] = Pommo::_T('Cannot be empty.'); $vMsg['admin_email'] = Pommo::_T('Invalid email address'); $vMsg['admin_password2'] = Pommo::_T('Passwords must match.'); $smarty->assign('vMsg', $vMsg); // populate _POST with info from database (fills in form values...) $dbVals = PommoAPI::configGet(array('admin_username')); $dbVals['admin_email'] = $pommo->_config['admin_email']; $smarty->assign($dbVals); } else { // ___ USER HAS SENT FORM ___ /********************************** JSON OUTPUT INITIALIZATION *********************************/ Pommo::requireOnce($pommo->_baseDir . 'inc/classes/json.php'); $json = new PommoJSON(); if (SmartyValidate::is_valid($_POST, 'users')) { // __ FORM IS VALID // convert password to MD5 if given... if (!empty($_POST['admin_password'])) { $_POST['admin_password'] = md5($_POST['admin_password']); } PommoAPI::configUpdate($_POST); unset($_POST['admin_password'], $_POST['admin_password2']); $pommo->reloadConfig(); $json->success(Pommo::_T('Configuration Updated.')); } else { // __ FORM NOT VALID $json->add('fieldErrors', $smarty->getInvalidFields('users')); $json->fail(Pommo::_T('Please review and correct errors with your submission.')); } }
SmartyValidate::register_validator('v_NAME', 'NAME:4:25', 'isLength', false, false, 'trim', 'conf_users_edit'); SmartyValidate::register_validator('v_PASSWORD', 'PASSWORD:4:25', 'isLength', true, false, 'trim', 'conf_users_edit'); SmartyValidate::register_validator('v_PASSWORDC', 'PASSWORD:PASSWORDC', 'isEqual', true, false, 'trim', 'conf_users_edit'); SmartyValidate::register_validator('v_EMAIL', 'EMAIL', 'isEmail', false, false, 'trim', 'conf_users_edit'); SmartyValidate::register_validator('v_EMAIL_U', 'EMAIL:user:'******'isValueUnique', false, false, 'trim', 'conf_users_edit'); } else { SmartyValidate::connect($tpl); $data = get_table_data('user'); if (!isset($data['SUBMIT_NOTIF'])) { $data['SUBMIT_NOTIF'] = 0; } if (!isset($data['PAYMENT_NOTIF'])) { $data['PAYMENT_NOTIF'] = 0; } $data['PASSWORDC'] = $_REQUEST['PASSWORDC']; if (SmartyValidate::is_valid($data, 'conf_users_edit')) { unset($data['PASSWORDC']); if (empty($id)) { $id = $db->GenID($tables['user']['name'] . '_SEQ'); } $data['ID'] = $id; if ($action == 'E') { if (empty($data['PASSWORD'])) { $data['PASSWORD'] = $db->GetOne("SELECT `PASSWORD` FROM `{$tables['user']['name']}` WHERE `ID` = " . $db->qstr($id)); } else { $data['PASSWORD'] = encrypt_password($data['PASSWORD']); } } else { $data['PASSWORD'] = encrypt_password($data['PASSWORD']); } if ($db->Replace($tables['user']['name'], $data, 'ID', true) > 0) {
// Date in the past @header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT'); // Always modified @header('Cache-Control: no-store, no-cache, must-revalidate'); // HTTP 1.1 @header('Cache-Control: post-check=0, pre-check=0', false); @header('Pragma: no-cache'); // HTTP 1.0 if (empty($_POST['user'])) { SmartyValidate::connect($tpl); SmartyValidate::register_form('login', true); SmartyValidate::register_validator('v_user', 'user', 'notEmpty', false, false, 'trim', 'login'); SmartyValidate::register_validator('v_pass', 'pass', 'notEmpty', false, false, 'trim', 'login'); } else { SmartyValidate::connect($tpl); if (SmartyValidate::is_valid($_POST, 'login')) { if (login($_POST['user'], $_POST['pass'])) { SmartyValidate::disconnect(); if (!preg_match('`(admin|install)/(.*)\\.php(|\\?.*)$`', $_SESSION['return'])) { unset($_SESSION['return']); } if ($_SESSION['return']) { @header("Location: " . $_SESSION['return']); unset($_SESSION['return']); } else { @header("Location: index.php"); } exit; } else { $tpl->assign('failed', true); }
*********************************/ Pommo::requireOnce($pommo->_baseDir . 'inc/classes/template.php'); $smarty = new PommoTemplate(); $smarty->prepareForForm(); $current = PommoMailing::isCurrent(); if (!SmartyValidate::is_registered_form() || empty($_POST)) { // ___ USER HAS NOT SENT FORM ___ SmartyValidate::connect($smarty, true); SmartyValidate::register_validator('email', 'email', 'isEmail', false, false, 'trim'); $vMsg = array(); $vMsg['email'] = Pommo::_T('Invalid email address'); $smarty->assign('vMsg', $vMsg); } else { // ___ USER HAS SENT FORM ___ SmartyValidate::connect($smarty); if (SmartyValidate::is_valid($_POST) && !$current) { // __ FORM IS VALID Pommo::requireOnce($pommo->_baseDir . 'inc/classes/mailctl.php'); Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/subscribers.php'); Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/validate.php'); // get a copy of the message state // composition is valid (via preview.php) $state = $pommo->_session['state']['mailing']; // create temp subscriber $subscriber = array('email' => $_POST['email'], 'registered' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'status' => 0, 'data' => $_POST['d']); PommoValidate::subscriberData($subscriber['data'], array('active' => FALSE, 'ignore' => TRUE, 'log' => false)); $key = PommoSubscriber::add($subscriber); if (!$key) { $logger->addErr('Unable to Add Subscriber'); } else { // temp subscriber created
SmartyValidate::register_validator('v_PASSWORD', 'PASSWORD:4:25', 'isLength', true, false, 'trim', 'conf_profile'); SmartyValidate::register_validator('v_PASSWORDC', 'PASSWORD:PASSWORDC', 'isEqual', true, false, 'trim', 'conf_profile'); SmartyValidate::register_validator('v_EMAIL', 'EMAIL', 'isEmail', false, false, 'trim', 'conf_profile'); } else { SmartyValidate::connect($tpl); $data = get_table_data('user'); $error = 0; if (!isset($data['SUBMIT_NOTIF'])) { $data['SUBMIT_NOTIF'] = 0; } if (!isset($data['PAYMENT_NOTIF'])) { $data['PAYMENT_NOTIF'] = 0; } $data['ID'] = $_SESSION['user_id']; $data['PASSWORDC'] = $_REQUEST['PASSWORDC']; if (SmartyValidate::is_valid($data, 'conf_profile')) { unset($data['PASSWORDC']); if (empty($data['PASSWORD'])) { $data['PASSWORD'] = $db->GetOne("SELECT `PASSWORD` FROM `{$tables['user']['name']}` WHERE `ID` = " . $db->qstr($data['ID'])); } else { $data['PASSWORD'] = encrypt_password($data['PASSWORD']); } $mode = "UPDATE"; $where = " `ID` = " . $db->qstr($data['ID']); if (!DEMO && $db->AutoExecute($tables['user']['name'], $data, $mode, $where) > 0) { $tpl->assign('posted', true); } } } $tpl->assign($data); $content = $tpl->fetch('conf_profile.tpl');
$success = false; $page = 'index'; // Start Twitter Perch $tp = new twitterPerch(); // Initialise Form Validators if (empty($_POST)) { SmartyValidate::connect($smarty, true); SmartyValidate::register_validator('keyword', 'keyword', 'notEmpty'); SmartyValidate::register_validator('username', 'username', 'isWord', false, true); SmartyValidate::register_validator('password', 'password:6', 'isLength', false, true); SmartyValidate::register_validator('accValid', 'username:password', 'isValid'); } else { SmartyValidate::connect($smarty); SmartyValidate::register_object('tp', $tp); SmartyValidate::register_criteria('isValid', 'tp->isValidTwitterCredentials'); if ($valid = SmartyValidate::is_valid($_POST)) { SmartyValidate::disconnect(); // Clean Values $formVars = array('keyword' => cleanValue($_POST['keyword']), 'username' => cleanValue($_POST['username']), 'password' => cleanValue($_POST['password'])); // Add To List $success = $tp->add($formVars); } } // Assign Variables $smarty->assign('text', $lang[$page]); $smarty->assign('success', $success); $smarty->assign($_POST); // Trim the Whitespace $smarty->load_filter('output', 'trimwhitespace'); // Display in Template $smarty->display($page . '.tpl');
$data['NOFOLLOW'] = $_POST['NOFOLLOW'] == '1' ? '1' : '0'; $data['RECPR_REQUIRED'] = $_POST['RECPR_REQUIRED'] == '1' ? '1' : '0'; if (strlen(trim($data['URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['URL'])) { $data['URL'] = "http://" . $data['URL']; } if (strlen(trim($data['RECPR_URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['RECPR_URL'])) { $data['RECPR_URL'] = "http://" . $data['RECPR_URL']; } if (trim($data['EXPIRY_DATE']) == '') { $data['EXPIRY_DATE'] = ''; } else { if (strtotime($data['EXPIRY_DATE']) != -1) { $data['EXPIRY_DATE'] = date('Y-m-d H:i:s', strtotime($data['EXPIRY_DATE'])); } } if (SmartyValidate::is_valid($data, 'dir_links_edit')) { if (empty($id)) { $id = $db->GenID($tables['link']['name'] . '_SEQ'); } if ($data['FEATURED'] == '1') { $AllowedFeat = check_allowed_feat($data['CATEGORY_ID']); $tpl->assign('AllowedFeat', $AllowedFeat); } if (ENABLE_PAGERANK) { require_once 'include/pagerank.php'; $data['PAGERANK'] = get_page_rank($data['URL']); if (!empty($data['RECPR_URL'])) { $data['RECPR_PAGERANK'] = get_page_rank($data['RECPR_URL']); } } $data['ID'] = $id;
SmartyValidate::register_validator('list_name', 'list_name', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('site_name', 'site_name', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('site_url', 'site_url', 'isURL'); SmartyValidate::register_validator('admin_password', 'admin_password', 'notEmpty', false, false, 'trim'); SmartyValidate::register_validator('admin_password2', 'admin_password:admin_password2', 'isEqual'); SmartyValidate::register_validator('admin_email', 'admin_email', 'isEmail'); $formError = array(); $formError['list_name'] = $formError['site_name'] = $formError['admin_password'] = Pommo::_T('Cannot be empty.'); $formError['admin_password2'] = Pommo::_T('Passwords must match.'); $formError['site_url'] = Pommo::_T('Must be a valid URL'); $formError['admin_email'] = Pommo::_T('Must be a valid email'); $smarty->assign('formError', $formError); } else { // ___ USER HAS SENT FORM ___ SmartyValidate::connect($smarty); if (SmartyValidate::is_valid($_POST)) { // __ FORM IS VALID if (isset($_POST['installerooni'])) { // drop existing poMMo tables foreach (array_keys($dbo->table) as $key) { $table = $dbo->table[$key]; $sql = 'DROP TABLE IF EXISTS ' . $table; $dbo->query($sql); } if (isset($_REQUEST['debugInstall'])) { $dbo->debug(TRUE); } $install = PommoInstall::parseSQL(); if ($install) { // installation of DB went OK, set configuration values to user supplied ones $pass = $_POST['admin_password'];
$price[$link_type_int['normal_plus']] = PAY_NORMAL_PLUS; } if (PAY_RECPR > 0) { $price[$link_type_int['reciprocal']] = PAY_RECPR; } if ($action == 'pay') { if (empty($_REQUEST['submit'])) { if (!empty($_SERVER['HTTP_REFERER'])) { $_SESSION['return'] = $_SERVER['HTTP_REFERER']; } SmartyValidate::connect($tpl); SmartyValidate::register_form('pay_link', true); SmartyValidate::register_validator('v_quantity', 'quantity', 'isInt', false, false, 'trim', 'pay_link'); } else { SmartyValidate::connect($tpl); if (SmartyValidate::is_valid($_REQUEST, 'pay_link')) { $pay_data = array(); $pay_id = $db->GenID($tables['payment']['name'] . '_SEQ'); $pay_data['ID'] = $pay_id; $pay_data['LINK_ID'] = $data['ID']; $pay_data['IPADDRESS'] = get_client_ip(); $pay_data['QUANTITY'] = $_REQUEST['quantity']; $pay_data['AMOUNT'] = $price[$data['LINK_TYPE']]; $pay_data['TOTAL'] = (int) $pay_data['QUANTITY'] * (double) $pay_data['AMOUNT']; $pay_data['UM'] = PAY_UM; $pay_data['PAY_DATE'] = gmdate('Y-m-d H:i:s'); $pay_data['CONFIRMED'] = -1; if (db_replace('payment', $pay_data, 'ID') > 0) { $action = 'paypal'; $tpl->assign('PAYMENT', $pay_data); } else {
if (!SmartyValidate::is_registered_form('exchanger') || empty($_POST)) { // ___ USER HAS NOT SENT FORM ___ SmartyValidate::register_form('exchanger', true); SmartyValidate::register_validator('email', 'email', 'isEmail', false, false, false, 'exchanger'); $vMsg = array(); $vMsg['email'] = Pommo::_T('Invalid email address'); $smarty->assign('vMsg', $vMsg); $dbvals = array('exchanger' => $exchanger, 'email' => Pommo::$_config['admin_email']); $smarty->assign($dbvals); } else { // ___ USER HAS SENT FORM ___ /********************************** JSON OUTPUT INITIALIZATION *********************************/ require_once Pommo::$_baseDir . 'classes/Pommo_Json.php'; $json = new Pommo_Json(); if (SmartyValidate::is_valid($_POST, 'exchanger')) { // __ FORM IS VALID require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php'; $msg = Pommo_Helper_Messages::testExchanger($_POST['email'], $exchanger) ? Pommo::_T('Mail Sent.') : Pommo::_T('Error Sending Mail'); $json->success($msg); } else { // __ FORM NOT VALID $json->addMsg(Pommo::_T('Please review and correct errors with your submission.')); $json->add('fieldErrors', $smarty->getInvalidFields('exchanger')); $json->fail(); } } $smarty->assign($_POST); $smarty->display('admin/setup/config/ajax.testexchanger.tpl'); Pommo::kill();
} $_SESSION['values']['admin_user'] = !empty($admin_update['LOGIN']) ? $admin_update['LOGIN'] : ''; $_SESSION['values']['admin_name'] = !empty($admin_update['NAME']) ? $admin_update['NAME'] : ''; $_SESSION['values']['admin_email'] = !empty($admin_update['EMAIL']) ? $admin_update['EMAIL'] : ''; } SmartyValidate::connect($tpl, true); SmartyValidate::register_form('install', true); SmartyValidate::register_validator('v_admin_user', 'admin_user:!^\\w{4,25}$!', 'isRegExp', false, false, 'trim', 'install'); SmartyValidate::register_validator('v_admin_name', 'admin_name', 'notEmpty', false, false, 'trim', 'install'); SmartyValidate::register_validator('v_admin_password', 'admin_password:6:25', 'isLength', false, false, 'trim', 'install'); SmartyValidate::register_validator('v_admin_passwordc', 'admin_password:admin_passwordc', 'isEqual', true, false, 'trim', 'install'); SmartyValidate::register_validator('v_admin_email', 'admin_email', 'isEmail', false, false, 'trim', 'install'); } else { if ($_POST['submit'] == 'next') { SmartyValidate::connect($tpl); if (SmartyValidate::is_valid($_POST, 'install')) { $admin_details = array(); $admin_details['admin_user'] = $_POST['admin_user']; $admin_details['admin_name'] = $_POST['admin_name']; $admin_details['admin_password'] = $_POST['admin_password']; $admin_details['admin_email'] = $_POST['admin_email']; if (create_admin($admin_details)) { SmartyValidate::disconnect(); $step++; @header('Location: index.php?step=' . $step); @exit; } } elseif ($_POST['submit'] == 'back') { SmartyValidate::disconnect(); $step--; @header('Location: index.php?step=' . $step);