function prefs_smarty_validate()
{
global $_RUN;
if (SmartyValidate::is_init() && SmartyValidate::is_valid($_POST)) {
SmartyValidate::clear();
// And set the preferences
$ok = "";
$errors['PARAMS'] = "Incorrect parameters specified..\n";
$data['name'] = $_POST['name'];
$data['email'] = $_POST['email'];
$data['theme_id'] = $_POST['theme'];
$data['gender'] = $_POST['gender'];
$data['city'] = $_POST['city'];
$data['country'] = $_POST['country'];
$data['tag'] = $_POST['tag'];
$data['dob'] = $_POST['dob_Year'] . "-" . $_POST['dob_Month'] . "-" . $_POST['dob_Day'];
if (isset($inform)) {
$data['inform'] = $_POST['inform'];
}
if (isset($login_pass)) {
$data['login_pass'] = $_POST['login_pass'];
}
$user_id = decrypt_get_vars($_POST['uid']);
$data['user_id'] = $user_id;
comm_send_to_server("SETPREFS", $data, $ok, $errors);
$result = sql_query("SELECT * FROM perihelion.u_users WHERE id=" . $user_id);
$tmp = sql_fetchrow($result);
session_reinit($tmp);
$template = new Smarty();
$template->display($_RUN['theme_path'] . "/preferences-success.tpl");
return true;
}
return false;
}
function contact_form()
{
global $smarty, $lang, $fp_config;
if (empty($_POST)) {
$smarty->assign('success', system_geterr('contact'));
$smarty->assign_by_ref('panelstrings', $lang['contact']);
// new form, we (re)set the session data
SmartyValidate::connect($smarty, true);
// register our validators
SmartyValidate::register_validator('name', 'name', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('email', 'email', 'isEmail', true, false, 'trim');
SmartyValidate::register_validator('www', 'url', 'isURL', true, false, 'trim');
SmartyValidate::register_validator('content', 'content', 'notEmpty', false, false);
} else {
utils_nocache_headers();
// validate after a POST
SmartyValidate::connect($smarty);
if (!empty($_POST['url']) && strpos($_POST['url'], 'http://') === false) {
$_POST['url'] = 'http://' . $_POST['url'];
}
// custom hook here!!
// we'll use comment actions, anyway
if (SmartyValidate::is_valid($_POST) && ($arr = contact_form_validate())) {
$msg = "Name: \n{$arr['name']} \n\n";
if (isset($arr['email'])) {
$msg .= "Email: {$arr['email']}\n\n";
}
if (isset($arr['url'])) {
$msg .= "WWW: {$arr['url']}\n\n";
}
$msg .= "Content:\n{$arr['content']}\n";
$success = @utils_mail(isset($arr['email']) ? $arr['email'] : $fp_config['general']['email'], "Contact sent through {$fp_config['general']['title']} ", $msg);
system_seterr('contact', $success ? 1 : -1);
utils_redirect(basename(__FILE__));
} else {
$smarty->assign('values', $_POST);
}
}
}
SmartyValidate::register_validator('maxRuntime', 'maxRuntime', 'isInt', false, false, 'trim', 'mailings');
$vMsg = array();
$vMsg['maxRuntime'] = Pommo::_T('Enter a number.');
$vMsg['list_fromname'] = Pommo::_T('Cannot be empty.');
$vMsg['list_fromemail'] = $vMsg['list_frombounce'] = Pommo::_T('Invalid email address');
$smarty->assign('vMsg', $vMsg);
// populate _POST with info from database (fills in form values...)
$dbVals = PommoAPI::configGet(array('list_fromname', 'list_fromemail', 'list_frombounce', 'list_charset', 'public_history', 'maxRuntime'));
$dbVals['demo_mode'] = !empty($pommo->_config['demo_mode']) && $pommo->_config['demo_mode'] == "on" ? 'on' : 'off';
$smarty->assign($dbVals);
} else {
// ___ USER HAS SENT FORM ___
/**********************************
JSON OUTPUT INITIALIZATION
*********************************/
Pommo::requireOnce($pommo->_baseDir . 'inc/classes/json.php');
$json = new PommoJSON();
if (SmartyValidate::is_valid($_POST, 'mailings')) {
// __ FORM IS VALID
PommoAPI::configUpdate($_POST);
$pommo->reloadConfig();
$json->success(Pommo::_T('Configuration Updated.'));
} else {
// __ FORM NOT VALID
$json->add('fieldErrors', $smarty->getInvalidFields('mailings'));
$json->fail(Pommo::_T('Please review and correct errors with your submission.'));
}
}
$smarty->assign($_POST);
$smarty->display('admin/setup/config/mailings.tpl');
Pommo::kill();
$data['VALID'] = 1;
if ($data['RECPR_REQUIRED']) {
$data['RECPR_VALID'] = 1;
$data['RECPR_LAST_CHECKED'] = gmdate('Y-m-d H:i:s');
}
$data['LAST_CHECKED'] = gmdate('Y-m-d H:i:s');
//$data['DATE_ADDED'] = gmdate ('Y-m-d H:i:s');
unset($data['EXPIRY_DATE']);
$data['DATE_MODIFIED'] = gmdate('Y-m-d H:i:s');
if (strlen(trim($data['URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['URL'])) {
$data['URL'] = "http://" . $data['URL'];
}
if (strlen(trim($data['RECPR_URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['RECPR_URL'])) {
$data['RECPR_URL'] = "http://" . $data['RECPR_URL'];
}
if (SmartyValidate::is_valid($data, "add_reciprocal") && !empty($id)) {
if ($db->Replace($tables['link']['name'], $data, 'ID', true) > 0) {
$tpl->assign('posted', true);
} else {
$tpl->assign('sql_error', $db->ErrorMsg());
}
}
} else {
$tpl->assign('sql_error', $db->ErrorMsg());
}
}
$path = get_path($_SESSION['cid']);
$path[] = array('ID' => '0', 'TITLE' => _L('Add Reciprocal Link for ' . $data['TITLE']), 'TITLE_URL' => '', 'DESCRIPTION' => _L('Rate A Link'));
$tpl->assign('path', $path);
$tpl->assign($data);
//Clean whitespace
case 'N':
default:
if (empty($_REQUEST['submit'])) {
SmartyValidate::connect($tpl);
SmartyValidate::register_form('conf_user_permissions', true);
SmartyValidate::register_criteria('isValueUnique', 'validate_unique', 'conf_user_permissions');
SmartyValidate::register_criteria('isNotEqual', 'validate_not_equal', 'conf_user_permissions');
SmartyValidate::register_criteria('isNotSubCat', 'validate_not_sub_category', 'conf_user_permissions');
SmartyValidate::register_validator('v_CATEGORY_ID', 'CATEGORY_ID:0', 'isNotEqual', true, false, null, 'conf_user_permissions');
SmartyValidate::register_validator('v_CATEGORY_ID_U', "CATEGORY_ID:user_permission:0:USER_ID", 'isValueUnique', false, false, null, 'conf_user_permissions');
SmartyValidate::register_validator('v_CATEGORY_ID_S', "CATEGORY_ID", 'isNotSubCat', false, false, null, 'conf_user_permissions');
} else {
SmartyValidate::connect($tpl);
$data = get_table_data('user_permission');
$data['USER_ID'] = $u;
if (SmartyValidate::is_valid($data, 'conf_user_permissions')) {
// Check if category is parent to existing categories.
$child_categories = find_child_categories();
if ($child_categories > 0) {
$tpl->assign('CHILD_CATEGORIES', $child_categories);
$tpl->assign('WARN', true);
$category = $db->GetOne("SELECT `TITLE` FROM `{$tables['category']['name']}` WHERE `ID` = " . $db->qstr($data['CATEGORY_ID']));
$tpl->assign('CATEGORY', $category);
} else {
$id = $db->GenID($tables['user_permission']['name'] . '_SEQ');
$data['ID'] = $id;
if (db_replace('user_permission', $data, 'ID') > 0) {
$tpl->assign('posted', 'Permission granted.');
} else {
$tpl->assign('sql_error', $db->ErrorMsg());
}
function index()
{
session_start();
global $db, $prefix;
include "header.php";
$tpl = new Template();
smartyValidate::connect($tpl, empty($_POST));
SmartyValidate::register_form('fare_search');
//set
$origin = intval($_REQUEST["origin"]);
$destination = intval($_REQUEST["destination"]);
if ($_POST["departure"]) {
$departure = tounixdate($_POST["departure"]);
} else {
$departure = $_GET["departure"];
}
$faretype = intval($_REQUEST["faretype"]);
$class = intval($_REQUEST["class"]);
$airline = intval($_REQUEST["airline"]);
$tpl->assign("origin", $origin);
$tpl->assign("destination", $destination);
$tpl->assign("class", $class);
$tpl->assign("faretype", $faretype);
//fare type
$qtype = $db->query("SELECT * FROM travel_faretype");
while (list($type_id, $type_name) = $db->fetch_row($qtype)) {
$type_opt[$type_id] = $type_name;
}
//Origin
$qorigin = $db->query("SELECT origin_id,origin_name FROM travel_origin ORDER BY origin_name ASC ");
$origin_opt = array();
while (list($origin_id, $origin_name) = $db->fetch_row($qorigin)) {
$origin_opt[$origin_id] = $origin_name;
}
//Destination
$qdestination = $db->query("SELECT destination_id,destination_name FROM travel_destination JOIN\r\n\t{$prefix}_fares ON destination_id=fare_destination\r\n\tORDER BY destination_name ASC");
$destination_opt = array();
while (list($destination_id, $destination_name) = $db->fetch_array($qdestination)) {
$destination_opt[$destination_id] = $destination_name;
}
// Airlines
$qairline = $db->query("SELECT airline_id,airline_name FROM travel_airline");
$airline_opt = array();
while (list($airline_id, $airline_name) = $db->fetch_array($qairline)) {
$airline_opt[$airline_id] = $airline_name;
}
// Class
$qclass = $db->query("SELECT class_id,class_name FROM travel_class");
$class_opt = array();
while (list($class_id, $class_name) = $db->fetch_array($qclass)) {
$class_opt[$class_id] = $class_name;
}
if (!isset($_GET[page]) && empty($_POST)) {
$tpl->assign("origin_opt", $origin_opt);
$tpl->assign("destination_opt", $destination_opt);
$tpl->assign("airline_opt", $airline_opt);
$tpl->assign("class_opt", $class_opt);
$tpl->assign("type_opt", $type_opt);
$tpl->assign("lang", $lang);
$tpl->display("search/search.tpl");
} else {
if (SmartyValidate::is_valid($_POST)) {
// no errors, done with SmartyValidate
$tpl->assign($_POST);
$tpl->assign("origin_opt", $origin_opt);
$tpl->assign("destination_opt", $destination_opt);
$tpl->assign("airline_opt", $airline_opt);
$tpl->assign("class_opt", $class_opt);
$tpl->assign("type_opt", $type_opt);
$tpl->assign("lang", $lang);
$tpl->display("search/search.tpl");
SmartyValidate::disconnect();
$origin = intval($_REQUEST["origin"]);
$destination = intval($_REQUEST["destination"]);
if ($_POST["departure"]) {
$departure = tounixdate($_POST["departure"]);
} else {
$departure = $_GET["departure"];
}
$faretype = intval($_REQUEST["faretype"]);
$class = intval($_REQUEST["class"]);
$airline = intval($_REQUEST["airline"]);
//goto("index.php?m=search&op=search&origin=$origin&destination=$destination&departure=$departure&faretype=$faretype&class=$class&airline=$airline","Processing");
$faretype = intval($_REQUEST["faretype"]);
$class = intval($_REQUEST["class"]);
$airline = intval($_REQUEST["airline"]);
$query = "SELECT * FROM " . $prefix . "_fares," . $prefix . "_fares_origin\r\n\t\t\tWHERE fare_id= fares_fare AND fares_origin ={$origin} \tAND fare_destination='{$destination}'";
if (!empty($faretype)) {
$query .= " AND fare_type={$faretype}";
}
if (!empty($class)) {
$query .= " AND fare_class={$class}";
}
if (!empty($airline)) {
$query .= " AND fare_airline={$airline}";
}
if (!empty($departure)) {
$query .= " AND {$departure} BETWEEN fare_dept_start AND fare_dept_end";
}
$qsearch = $db->query($query);
$num_record = $db->row_count($qsearch);
if ($num_record < 1) {
$tpl->assign("norecord", "norecord");
$tpl->assign("lang", $lang);
$tpl->display("search/search_result.tpl");
include "footer.php";
exit;
}
if (isset($_GET['page'])) {
$page = intval($_GET['page']);
} else {
$page = 1;
}
$currentpage = $page;
$perpage = 10;
$start = ($page - 1) * $perpage;
$pages = ceil($num_record / $perpage);
$starting_no = $start + 1;
if ($num_record - $start < $perpage) {
$end_count = $num_record;
} elseif ($num_record - $start >= $perpage) {
$end_count = $start + $perpage;
}
if ($pages > 1) {
$page_link = makepagelink("index.php?m=search&origin={$origin}&destination={$destination}&departure={$departure}&class={$class}&faretype={$faretype}&airline={$airline}", $page, $pages);
} else {
$page_link = "";
}
$result = $db->query("{$query} AND fare_active=1 ORDER BY fare_adultfare ASC limit {$start},{$perpage}");
while ($row = $db->fetch_array($result)) {
$indexx = $row[fare_id];
$info[$indexx] = $row;
$info[$indexx]["airline"] = getrow("airline_name", "travel_airline", "airline_id", "{$row['fare_airline']}");
}
$originName = getrow("origin_name", "" . $prefix . "_origin", "origin_id", "{$origin}");
$destinationName = getrow("destination_name", "" . $prefix . "_destination", "destination_id", "{$destination}");
$tpl->assign("lang", $lang);
$tpl->assign("fareinfo", $info);
$tpl->assign("found", $num_record);
$tpl->assign("destinationName", $destinationName);
$tpl->assign("originName", $originName);
$tpl->assign("page_link", $page_link);
$tpl->assign("end_count", $end_count);
$tpl->assign("starting_no", $starting_no);
$tpl->assign("currentpage", "{$currentpage}/{$pages}");
$tpl->display("search/search_result.tpl");
} else {
$tpl->assign("origin_opt", $origin_opt);
$tpl->assign("destination_opt", $destination_opt);
$tpl->assign("airline_opt", $airline_opt);
$tpl->assign("class_opt", $class_opt);
$tpl->assign("type_opt", $type_opt);
$tpl->assign("lang", $lang);
$tpl->assign($_POST);
$tpl->display("search/search.tpl");
}
}
include "footer.php";
}
$p['subscribe_web'] = $messages['subscribe']['web'];
$p['subscribe_email'] = $messages['subscribe']['email'];
$p['unsubscribe_sub'] = $messages['unsubscribe']['sub'];
$p['unsubscribe_msg'] = $messages['unsubscribe']['msg'];
$p['unsubscribe_web'] = $messages['unsubscribe']['web'];
$p['unsubscribe_email'] = $messages['unsubscribe']['email'];
$p['confirm_sub'] = $messages['confirm']['sub'];
$p['confirm_msg'] = $messages['confirm']['msg'];
$p['activate_sub'] = $messages['activate']['sub'];
$p['activate_msg'] = $messages['activate']['msg'];
$p['update_sub'] = $messages['update']['sub'];
$p['update_msg'] = $messages['update']['msg'];
$smarty->assign($p);
} else {
// ___ USER HAS SENT FORM ___
if (SmartyValidate::is_valid($_POST, 'messages')) {
// __ FORM IS VALID
$messages = array();
$messages['subscribe'] = array();
$messages['subscribe']['sub'] = $_POST['subscribe_sub'];
$messages['subscribe']['msg'] = $_POST['subscribe_msg'];
$messages['subscribe']['web'] = $_POST['subscribe_web'];
$messages['subscribe']['email'] = isset($_POST['subscribe_email']) ? true : false;
$messages['unsubscribe'] = array();
$messages['unsubscribe']['sub'] = $_POST['unsubscribe_sub'];
$messages['unsubscribe']['msg'] = $_POST['unsubscribe_msg'];
$messages['unsubscribe']['web'] = $_POST['unsubscribe_web'];
$messages['unsubscribe']['email'] = isset($_POST['unsubscribe_email']) ? true : false;
$messages['confirm'] = array();
$messages['confirm']['sub'] = $_POST['confirm_sub'];
$messages['confirm']['msg'] = $_POST['confirm_msg'];
SmartyValidate::register_validator('v_TITLE', 'TITLE', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('v_URL', 'URL', 'isURL', false, false, 'trim');
SmartyValidate::register_validator('v_EMAIL', 'EMAIL', 'isEmail', false, false, 'trim');
SmartyValidate::register_validator('v_check_email', 'EMAIL', 'checkEmail', false, false, null);
SmartyValidate::register_validator('v_CATEGORY_ID', 'CATEGORY_ID:0', 'isNotEqual', true, false, 'trim');
} else {
SmartyValidate::connect($tpl);
$data = get_table_data('email');
$data['DATE_SENT'] = gmdate('Y-m-d H:i:s');
if (strlen(trim($data['URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['URL'])) {
$data['URL'] = "http://" . $data['URL'];
}
$full_data = $data;
$full_data['CATEGORY_ID'] = $_REQUEST['CATEGORY_ID'];
$full_data['DESCRIPTION'] = $_REQUEST['DESCRIPTION'];
if (SmartyValidate::is_valid($full_data)) {
// Generate Link ID first
$link_id = $db->GenID($tables['link']['name'] . '_SEQ');
$email_data = $full_data;
$email_data['ADD_RECIPROCAL_URL'] = "http://" . $_SERVER['HTTP_HOST'] . DIRECTORY_ROOT . "/add_reciprocal.php?id=" . $link_id;
$tmpl = $db->GetRow("SELECT `SUBJECT`, `BODY` FROM `{$tables['email_tpl']['name']}` WHERE `ID` = " . $db->qstr($_REQUEST['EMAIL_TPL_ID']));
$mail = get_emailer();
$mail->Body = replace_email_vars($tmpl['BODY'], $email_data);
$mail->Subject = replace_email_vars($tmpl['SUBJECT'], $email_data);
$mail->AddAddress($email_data['EMAIL'], $email_data['NAME']);
if (!DEMO) {
$sent = $mail->Send();
} else {
$sent = true;
}
if ($sent) {
$vMsg = array();
$vMsg['site_url'] = $vMsg['site_success'] = $vMsg['site_confirm'] = Pommo::_T('Must be a valid URL');
$vMsg['list_name'] = $vMsg['site_name'] = Pommo::_T('Cannot be empty.');
$smarty->assign('vMsg', $vMsg);
// populate _POST with info from database (fills in form values...)
$dbVals = PommoAPI::configGet(array('site_success', 'site_confirm', 'list_exchanger', 'list_confirm'));
$dbVals['site_url'] = $pommo->_config['site_url'];
$dbVals['site_name'] = $pommo->_config['site_name'];
$dbVals['list_name'] = $pommo->_config['list_name'];
$smarty->assign($dbVals);
} else {
// ___ USER HAS SENT FORM ___
/**********************************
JSON OUTPUT INITIALIZATION
*********************************/
Pommo::requireOnce($pommo->_baseDir . 'inc/classes/json.php');
$json = new PommoJSON();
if (SmartyValidate::is_valid($_POST, 'general')) {
// __ FORM IS VALID
PommoAPI::configUpdate($_POST);
$pommo->reloadConfig();
$json->success(Pommo::_T('Configuration Updated.'));
} else {
// __ FORM NOT VALID
$json->add('fieldErrors', $smarty->getInvalidFields('general'));
$json->fail(Pommo::_T('Please review and correct errors with your submission.'));
}
}
$smarty->assign($_POST);
$smarty->display('admin/setup/config/general.tpl');
Pommo::kill();
} else {
if (ENABLE_PAGERANK == 0) {
$_REQUEST['SHOW_PAGERANK'] = 0;
}
if ($_REQUEST['SHOW_PAGERANK'] == 0 && $_REQUEST['DEFAULT_SORT'] == 'P') {
$_REQUEST['DEFAULT_SORT'] = 'H';
}
foreach ($conf as $i => $row) {
if ($conf[$i]['CONFIG_GROUP'] != $_REQUEST['c']) {
unset($conf[$i]);
} else {
$conf[$i]['VALUE'] = $_REQUEST[$row['ID']];
}
}
SmartyValidate::connect($tpl);
if (SmartyValidate::is_valid($_REQUEST, 'conf_settings')) {
$posted = true;
if (!DEMO) {
$errors = 0;
$cust_msg = '';
foreach ($conf as $row) {
$posted = $db->AutoExecute($tables['config']['name'], $row, 'UPDATE', '`ID` = ' . $db->qstr($row['ID']));
if (!$posted) {
break;
}
}
$tpl->assign('posted', $posted);
}
}
}
foreach ($conf as $i => $val) {
default:
if ($id) {
$where = "WHERE `ID` != " . $db->qstr($id);
}
if (empty($_POST['submit'])) {
SmartyValidate::disconnect();
SmartyValidate::connect($tpl, true);
SmartyValidate::register_criteria('isEmailAndAddLinkValid', 'validate_email_and_add_link');
SmartyValidate::register_validator('v_VALIDATE_EMAIL_TYPE', 'TPL_TYPE', 'isEmailAndAddLinkValid', false, false, 'trim');
SmartyValidate::register_validator('v_TITLE', 'TITLE', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('v_SUBJECT', 'SUBJECT', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('v_BODY', 'BODY', 'notEmpty', false, false, 'trim');
} else {
SmartyValidate::connect($tpl);
$data = get_table_data('email_tpl');
if (SmartyValidate::is_valid($data)) {
if (empty($id)) {
$id = $db->GenID($tables['email_tpl']['name'] . '_SEQ');
}
$data['ID'] = $id;
if ($db->Replace($tables['email_tpl']['name'], $data, 'ID', true) > 0) {
$tpl->assign('posted', true);
if (isset($_SESSION['return'])) {
@header('Location: ' . $_SESSION['return']);
@exit;
}
} else {
$tpl->assign('sql_error', $db->ErrorMsg());
}
}
}
if (strlen(trim($data['RECPR_URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['RECPR_URL'])) {
$data['RECPR_URL'] = "http://" . $data['RECPR_URL'];
}
/*if (VISUAL_CONFIRM == 1 && !empty ($_POST['CAPTCHA']))
$data = array_merge ($data, array ('CAPTCHA' => $_POST['CAPTCHA']));*/
if (VISUAL_CONFIRM > 0) {
$rc_resp = validateReCaptcha();
if ($rc_resp === true) {
$tpl->assign('reCaptchaError', 1);
} else {
$tpl->assign('reCaptchaError', $rc_resp);
}
} else {
$rc_resp = true;
}
if (SmartyValidate::is_valid($data, 'submit_link') && $rc_resp === true) {
if (ENABLE_PAGERANK) {
require_once 'include/pagerank.php';
$data['PAGERANK'] = get_page_rank($data['URL']);
if (!empty($data['RECPR_URL'])) {
$data['RECPR_PAGERANK'] = get_page_rank($data['RECPR_URL']);
}
}
$id = $db->GenID($tables['link']['name'] . '_SEQ');
$data['ID'] = !empty($id) ? intval($id) : '';
$data['LINK_TYPE'] = $link_type_int[$link_type];
switch ($link_type) {
case 'free':
$data['NOFOLLOW'] = 1;
break;
case 'featured':
$_SESSION['return'] = $_SERVER['HTTP_REFERER'];
}
$cid = $_REQUEST['c'];
$tpl->assign('cid', $cid);
$tpl->assign('path', get_path($cid));
if (empty($_POST['submit'])) {
SmartyValidate::disconnect();
SmartyValidate::connect($tpl, true);
SmartyValidate::register_validator('v_URL', 'rss_url', 'isURL', false, false, 'trim');
} else {
SmartyValidate::connect($tpl);
if (strlen(trim($_REQUEST['rss_url'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $_REQUEST['rss_url'])) {
$_REQUEST['rss_url'] = "http://" . $_REQUEST['rss_url'];
}
$tpl->assign('rss_url', $_REQUEST['rss_url']);
if (SmartyValidate::is_valid($_REQUEST)) {
$rss = new rssParser();
$rss_result = $rss->parse($_REQUEST['rss_url']);
if ($rss_result !== true) {
$tpl->assign('error', $rss_result);
}
$tpl->assign('link_count', count($rss->items));
$links = array();
if (count($rss->items) > 0) {
foreach ($rss->items as $item) {
$links[] = add_link($cid, $item['link'], $item['title'], $item['description'], $_POST['status']);
}
$tpl->assign('list', $links);
$tpl->assign('columns', array('TITLE' => _L('Title'), 'URL' => _L('URL'), 'ERROR' => _L('Result')));
}
}
SmartyValidate::register_criteria('isNotEqualVariable', 'validate_not_equal_var', 'dir_categs_edit');
SmartyValidate::register_criteria('isSymbolicUnique', 'validate_symbolic_unique', 'dir_categs_edit');
SmartyValidate::register_criteria('isParentValid', 'validate_symbolic_parent', 'dir_categs_edit');
SmartyValidate::register_validator('v_SYMBOLIC_ID', 'SYMBOLIC_ID:0', 'isNotEqual', true, false, null, 'dir_categs_edit');
SmartyValidate::register_validator('v_SYMBOLIC_ID_E', 'SYMBOLIC_ID:PARENT_ID', 'isNotEqualVariable', true, false, null, 'dir_categs_edit');
SmartyValidate::register_validator('v_SYMBOLIC_ID_U', 'SYMBOLIC_ID', 'isSymbolicUnique', false, false, null, 'dir_categs_edit');
SmartyValidate::register_validator('v_SYMBOLIC_ID_P', 'SYMBOLIC_ID', 'isParentValid', false, false, null, 'dir_categs_edit');
}
} else {
SmartyValidate::connect($tpl);
$data = get_table_data('category');
$data['SYMBOLIC'] = isset($_REQUEST['s']) && $_REQUEST['s'] == 1 ? 1 : 0;
if (strlen(trim($data['TITLE_URL'])) == 0) {
$data['TITLE_URL'] = preg_replace('`[^\\w_-]`', '_', $data['TITLE']);
}
if (SmartyValidate::is_valid($data, 'dir_categs_edit')) {
if ($action == 'N') {
$data['DATE_ADDED'] = gmdate('Y-m-d H:i:s');
}
if (empty($id)) {
$id = $db->GenID($tables['category']['name'] . '_SEQ');
}
$data['ID'] = $id;
if ($db->Replace($tables['category']['name'], $data, 'ID', true) > 0) {
// Refresh editor permissions
if (!$_SESSION['is_admin']) {
$user_permission = "";
$user_grant_permission = "";
$user_permission_array = array();
$user_grant_permission_array = array();
get_editor_permission($_SESSION['user_id']);
$vMsg['admin_username'] = Pommo::_T('Cannot be empty.');
$vMsg['admin_email'] = Pommo::_T('Invalid email address');
$vMsg['admin_password2'] = Pommo::_T('Passwords must match.');
$smarty->assign('vMsg', $vMsg);
// populate _POST with info from database (fills in form values...)
$dbVals = PommoAPI::configGet(array('admin_username'));
$dbVals['admin_email'] = $pommo->_config['admin_email'];
$smarty->assign($dbVals);
} else {
// ___ USER HAS SENT FORM ___
/**********************************
JSON OUTPUT INITIALIZATION
*********************************/
Pommo::requireOnce($pommo->_baseDir . 'inc/classes/json.php');
$json = new PommoJSON();
if (SmartyValidate::is_valid($_POST, 'users')) {
// __ FORM IS VALID
// convert password to MD5 if given...
if (!empty($_POST['admin_password'])) {
$_POST['admin_password'] = md5($_POST['admin_password']);
}
PommoAPI::configUpdate($_POST);
unset($_POST['admin_password'], $_POST['admin_password2']);
$pommo->reloadConfig();
$json->success(Pommo::_T('Configuration Updated.'));
} else {
// __ FORM NOT VALID
$json->add('fieldErrors', $smarty->getInvalidFields('users'));
$json->fail(Pommo::_T('Please review and correct errors with your submission.'));
}
}
SmartyValidate::register_validator('v_NAME', 'NAME:4:25', 'isLength', false, false, 'trim', 'conf_users_edit');
SmartyValidate::register_validator('v_PASSWORD', 'PASSWORD:4:25', 'isLength', true, false, 'trim', 'conf_users_edit');
SmartyValidate::register_validator('v_PASSWORDC', 'PASSWORD:PASSWORDC', 'isEqual', true, false, 'trim', 'conf_users_edit');
SmartyValidate::register_validator('v_EMAIL', 'EMAIL', 'isEmail', false, false, 'trim', 'conf_users_edit');
SmartyValidate::register_validator('v_EMAIL_U', 'EMAIL:user:'******'isValueUnique', false, false, 'trim', 'conf_users_edit');
} else {
SmartyValidate::connect($tpl);
$data = get_table_data('user');
if (!isset($data['SUBMIT_NOTIF'])) {
$data['SUBMIT_NOTIF'] = 0;
}
if (!isset($data['PAYMENT_NOTIF'])) {
$data['PAYMENT_NOTIF'] = 0;
}
$data['PASSWORDC'] = $_REQUEST['PASSWORDC'];
if (SmartyValidate::is_valid($data, 'conf_users_edit')) {
unset($data['PASSWORDC']);
if (empty($id)) {
$id = $db->GenID($tables['user']['name'] . '_SEQ');
}
$data['ID'] = $id;
if ($action == 'E') {
if (empty($data['PASSWORD'])) {
$data['PASSWORD'] = $db->GetOne("SELECT `PASSWORD` FROM `{$tables['user']['name']}` WHERE `ID` = " . $db->qstr($id));
} else {
$data['PASSWORD'] = encrypt_password($data['PASSWORD']);
}
} else {
$data['PASSWORD'] = encrypt_password($data['PASSWORD']);
}
if ($db->Replace($tables['user']['name'], $data, 'ID', true) > 0) {
// Date in the past
@header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT');
// Always modified
@header('Cache-Control: no-store, no-cache, must-revalidate');
// HTTP 1.1
@header('Cache-Control: post-check=0, pre-check=0', false);
@header('Pragma: no-cache');
// HTTP 1.0
if (empty($_POST['user'])) {
SmartyValidate::connect($tpl);
SmartyValidate::register_form('login', true);
SmartyValidate::register_validator('v_user', 'user', 'notEmpty', false, false, 'trim', 'login');
SmartyValidate::register_validator('v_pass', 'pass', 'notEmpty', false, false, 'trim', 'login');
} else {
SmartyValidate::connect($tpl);
if (SmartyValidate::is_valid($_POST, 'login')) {
if (login($_POST['user'], $_POST['pass'])) {
SmartyValidate::disconnect();
if (!preg_match('`(admin|install)/(.*)\\.php(|\\?.*)$`', $_SESSION['return'])) {
unset($_SESSION['return']);
}
if ($_SESSION['return']) {
@header("Location: " . $_SESSION['return']);
unset($_SESSION['return']);
} else {
@header("Location: index.php");
}
exit;
} else {
$tpl->assign('failed', true);
}
*********************************/
Pommo::requireOnce($pommo->_baseDir . 'inc/classes/template.php');
$smarty = new PommoTemplate();
$smarty->prepareForForm();
$current = PommoMailing::isCurrent();
if (!SmartyValidate::is_registered_form() || empty($_POST)) {
// ___ USER HAS NOT SENT FORM ___
SmartyValidate::connect($smarty, true);
SmartyValidate::register_validator('email', 'email', 'isEmail', false, false, 'trim');
$vMsg = array();
$vMsg['email'] = Pommo::_T('Invalid email address');
$smarty->assign('vMsg', $vMsg);
} else {
// ___ USER HAS SENT FORM ___
SmartyValidate::connect($smarty);
if (SmartyValidate::is_valid($_POST) && !$current) {
// __ FORM IS VALID
Pommo::requireOnce($pommo->_baseDir . 'inc/classes/mailctl.php');
Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/subscribers.php');
Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/validate.php');
// get a copy of the message state
// composition is valid (via preview.php)
$state = $pommo->_session['state']['mailing'];
// create temp subscriber
$subscriber = array('email' => $_POST['email'], 'registered' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'status' => 0, 'data' => $_POST['d']);
PommoValidate::subscriberData($subscriber['data'], array('active' => FALSE, 'ignore' => TRUE, 'log' => false));
$key = PommoSubscriber::add($subscriber);
if (!$key) {
$logger->addErr('Unable to Add Subscriber');
} else {
// temp subscriber created
SmartyValidate::register_validator('v_PASSWORD', 'PASSWORD:4:25', 'isLength', true, false, 'trim', 'conf_profile');
SmartyValidate::register_validator('v_PASSWORDC', 'PASSWORD:PASSWORDC', 'isEqual', true, false, 'trim', 'conf_profile');
SmartyValidate::register_validator('v_EMAIL', 'EMAIL', 'isEmail', false, false, 'trim', 'conf_profile');
} else {
SmartyValidate::connect($tpl);
$data = get_table_data('user');
$error = 0;
if (!isset($data['SUBMIT_NOTIF'])) {
$data['SUBMIT_NOTIF'] = 0;
}
if (!isset($data['PAYMENT_NOTIF'])) {
$data['PAYMENT_NOTIF'] = 0;
}
$data['ID'] = $_SESSION['user_id'];
$data['PASSWORDC'] = $_REQUEST['PASSWORDC'];
if (SmartyValidate::is_valid($data, 'conf_profile')) {
unset($data['PASSWORDC']);
if (empty($data['PASSWORD'])) {
$data['PASSWORD'] = $db->GetOne("SELECT `PASSWORD` FROM `{$tables['user']['name']}` WHERE `ID` = " . $db->qstr($data['ID']));
} else {
$data['PASSWORD'] = encrypt_password($data['PASSWORD']);
}
$mode = "UPDATE";
$where = " `ID` = " . $db->qstr($data['ID']);
if (!DEMO && $db->AutoExecute($tables['user']['name'], $data, $mode, $where) > 0) {
$tpl->assign('posted', true);
}
}
}
$tpl->assign($data);
$content = $tpl->fetch('conf_profile.tpl');
$success = false;
$page = 'index';
// Start Twitter Perch
$tp = new twitterPerch();
// Initialise Form Validators
if (empty($_POST)) {
SmartyValidate::connect($smarty, true);
SmartyValidate::register_validator('keyword', 'keyword', 'notEmpty');
SmartyValidate::register_validator('username', 'username', 'isWord', false, true);
SmartyValidate::register_validator('password', 'password:6', 'isLength', false, true);
SmartyValidate::register_validator('accValid', 'username:password', 'isValid');
} else {
SmartyValidate::connect($smarty);
SmartyValidate::register_object('tp', $tp);
SmartyValidate::register_criteria('isValid', 'tp->isValidTwitterCredentials');
if ($valid = SmartyValidate::is_valid($_POST)) {
SmartyValidate::disconnect();
// Clean Values
$formVars = array('keyword' => cleanValue($_POST['keyword']), 'username' => cleanValue($_POST['username']), 'password' => cleanValue($_POST['password']));
// Add To List
$success = $tp->add($formVars);
}
}
// Assign Variables
$smarty->assign('text', $lang[$page]);
$smarty->assign('success', $success);
$smarty->assign($_POST);
// Trim the Whitespace
$smarty->load_filter('output', 'trimwhitespace');
// Display in Template
$smarty->display($page . '.tpl');
$data['NOFOLLOW'] = $_POST['NOFOLLOW'] == '1' ? '1' : '0';
$data['RECPR_REQUIRED'] = $_POST['RECPR_REQUIRED'] == '1' ? '1' : '0';
if (strlen(trim($data['URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['URL'])) {
$data['URL'] = "http://" . $data['URL'];
}
if (strlen(trim($data['RECPR_URL'])) > 0 && !preg_match('#^http[s]?:\\/\\/#i', $data['RECPR_URL'])) {
$data['RECPR_URL'] = "http://" . $data['RECPR_URL'];
}
if (trim($data['EXPIRY_DATE']) == '') {
$data['EXPIRY_DATE'] = '';
} else {
if (strtotime($data['EXPIRY_DATE']) != -1) {
$data['EXPIRY_DATE'] = date('Y-m-d H:i:s', strtotime($data['EXPIRY_DATE']));
}
}
if (SmartyValidate::is_valid($data, 'dir_links_edit')) {
if (empty($id)) {
$id = $db->GenID($tables['link']['name'] . '_SEQ');
}
if ($data['FEATURED'] == '1') {
$AllowedFeat = check_allowed_feat($data['CATEGORY_ID']);
$tpl->assign('AllowedFeat', $AllowedFeat);
}
if (ENABLE_PAGERANK) {
require_once 'include/pagerank.php';
$data['PAGERANK'] = get_page_rank($data['URL']);
if (!empty($data['RECPR_URL'])) {
$data['RECPR_PAGERANK'] = get_page_rank($data['RECPR_URL']);
}
}
$data['ID'] = $id;
SmartyValidate::register_validator('list_name', 'list_name', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('site_name', 'site_name', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('site_url', 'site_url', 'isURL');
SmartyValidate::register_validator('admin_password', 'admin_password', 'notEmpty', false, false, 'trim');
SmartyValidate::register_validator('admin_password2', 'admin_password:admin_password2', 'isEqual');
SmartyValidate::register_validator('admin_email', 'admin_email', 'isEmail');
$formError = array();
$formError['list_name'] = $formError['site_name'] = $formError['admin_password'] = Pommo::_T('Cannot be empty.');
$formError['admin_password2'] = Pommo::_T('Passwords must match.');
$formError['site_url'] = Pommo::_T('Must be a valid URL');
$formError['admin_email'] = Pommo::_T('Must be a valid email');
$smarty->assign('formError', $formError);
} else {
// ___ USER HAS SENT FORM ___
SmartyValidate::connect($smarty);
if (SmartyValidate::is_valid($_POST)) {
// __ FORM IS VALID
if (isset($_POST['installerooni'])) {
// drop existing poMMo tables
foreach (array_keys($dbo->table) as $key) {
$table = $dbo->table[$key];
$sql = 'DROP TABLE IF EXISTS ' . $table;
$dbo->query($sql);
}
if (isset($_REQUEST['debugInstall'])) {
$dbo->debug(TRUE);
}
$install = PommoInstall::parseSQL();
if ($install) {
// installation of DB went OK, set configuration values to user supplied ones
$pass = $_POST['admin_password'];
$price[$link_type_int['normal_plus']] = PAY_NORMAL_PLUS;
}
if (PAY_RECPR > 0) {
$price[$link_type_int['reciprocal']] = PAY_RECPR;
}
if ($action == 'pay') {
if (empty($_REQUEST['submit'])) {
if (!empty($_SERVER['HTTP_REFERER'])) {
$_SESSION['return'] = $_SERVER['HTTP_REFERER'];
}
SmartyValidate::connect($tpl);
SmartyValidate::register_form('pay_link', true);
SmartyValidate::register_validator('v_quantity', 'quantity', 'isInt', false, false, 'trim', 'pay_link');
} else {
SmartyValidate::connect($tpl);
if (SmartyValidate::is_valid($_REQUEST, 'pay_link')) {
$pay_data = array();
$pay_id = $db->GenID($tables['payment']['name'] . '_SEQ');
$pay_data['ID'] = $pay_id;
$pay_data['LINK_ID'] = $data['ID'];
$pay_data['IPADDRESS'] = get_client_ip();
$pay_data['QUANTITY'] = $_REQUEST['quantity'];
$pay_data['AMOUNT'] = $price[$data['LINK_TYPE']];
$pay_data['TOTAL'] = (int) $pay_data['QUANTITY'] * (double) $pay_data['AMOUNT'];
$pay_data['UM'] = PAY_UM;
$pay_data['PAY_DATE'] = gmdate('Y-m-d H:i:s');
$pay_data['CONFIRMED'] = -1;
if (db_replace('payment', $pay_data, 'ID') > 0) {
$action = 'paypal';
$tpl->assign('PAYMENT', $pay_data);
} else {
if (!SmartyValidate::is_registered_form('exchanger') || empty($_POST)) {
// ___ USER HAS NOT SENT FORM ___
SmartyValidate::register_form('exchanger', true);
SmartyValidate::register_validator('email', 'email', 'isEmail', false, false, false, 'exchanger');
$vMsg = array();
$vMsg['email'] = Pommo::_T('Invalid email address');
$smarty->assign('vMsg', $vMsg);
$dbvals = array('exchanger' => $exchanger, 'email' => Pommo::$_config['admin_email']);
$smarty->assign($dbvals);
} else {
// ___ USER HAS SENT FORM ___
/**********************************
JSON OUTPUT INITIALIZATION
*********************************/
require_once Pommo::$_baseDir . 'classes/Pommo_Json.php';
$json = new Pommo_Json();
if (SmartyValidate::is_valid($_POST, 'exchanger')) {
// __ FORM IS VALID
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
$msg = Pommo_Helper_Messages::testExchanger($_POST['email'], $exchanger) ? Pommo::_T('Mail Sent.') : Pommo::_T('Error Sending Mail');
$json->success($msg);
} else {
// __ FORM NOT VALID
$json->addMsg(Pommo::_T('Please review and correct errors with your submission.'));
$json->add('fieldErrors', $smarty->getInvalidFields('exchanger'));
$json->fail();
}
}
$smarty->assign($_POST);
$smarty->display('admin/setup/config/ajax.testexchanger.tpl');
Pommo::kill();
}
$_SESSION['values']['admin_user'] = !empty($admin_update['LOGIN']) ? $admin_update['LOGIN'] : '';
$_SESSION['values']['admin_name'] = !empty($admin_update['NAME']) ? $admin_update['NAME'] : '';
$_SESSION['values']['admin_email'] = !empty($admin_update['EMAIL']) ? $admin_update['EMAIL'] : '';
}
SmartyValidate::connect($tpl, true);
SmartyValidate::register_form('install', true);
SmartyValidate::register_validator('v_admin_user', 'admin_user:!^\\w{4,25}$!', 'isRegExp', false, false, 'trim', 'install');
SmartyValidate::register_validator('v_admin_name', 'admin_name', 'notEmpty', false, false, 'trim', 'install');
SmartyValidate::register_validator('v_admin_password', 'admin_password:6:25', 'isLength', false, false, 'trim', 'install');
SmartyValidate::register_validator('v_admin_passwordc', 'admin_password:admin_passwordc', 'isEqual', true, false, 'trim', 'install');
SmartyValidate::register_validator('v_admin_email', 'admin_email', 'isEmail', false, false, 'trim', 'install');
} else {
if ($_POST['submit'] == 'next') {
SmartyValidate::connect($tpl);
if (SmartyValidate::is_valid($_POST, 'install')) {
$admin_details = array();
$admin_details['admin_user'] = $_POST['admin_user'];
$admin_details['admin_name'] = $_POST['admin_name'];
$admin_details['admin_password'] = $_POST['admin_password'];
$admin_details['admin_email'] = $_POST['admin_email'];
if (create_admin($admin_details)) {
SmartyValidate::disconnect();
$step++;
@header('Location: index.php?step=' . $step);
@exit;
}
} elseif ($_POST['submit'] == 'back') {
SmartyValidate::disconnect();
$step--;
@header('Location: index.php?step=' . $step);
