/**
* Output a dump of a variable
* This takes the place of icms_debug_vardump()
*
* @param string $var
*/
public static function vardump($var)
{
if (class_exists('icms_core_Textsanitizer')) {
self::message(icms_core_DataFilter::checkVar(var_export($var, true), 'text', 'output'));
} else {
$var = var_export($var, true);
$var = preg_replace("/(\r\n)|(\r)|(\n)/", "<br />", $var);
self::message($var);
}
}
/**
* Build a link to the page represented by the symlink, if available
* @return string
*/
public function getViewItemLink()
{
$url = substr($this->getVar('page_url', 'e'), 0, 7) == 'http://' ? $this->getVar('page_url', 'e') : ICMS_URL . '/' . $this->getVar('page_url', 'e');
$url = icms_core_DataFilter::checkVar($url, 'url', 'host');
if (!$url) {
$ret = '';
} else {
$ret = '<a href="' . $url . '" alt="' . _PREVIEW . '" title="' . _PREVIEW . '" rel="external"><img src="' . ICMS_IMAGES_SET_URL . '/actions/viewmag.png" /></a>';
}
return $ret;
}
/**
* Overridding IcmsPersistable::toArray() method to add a few info
*
* @global array $icmsConfigUser user configuration
* @return array of tribetopic info
*/
public function toArray()
{
global $icmsConfigUser;
$ret = parent::toArray();
$ret['post_time'] = formatTimestamp($this->getVar('post_time', 'e'), 'm');
$ret['poster_uname'] = icms_member_user_Handler::getUserLink($this->getVar('poster_uid'));
$ret['userCanEditAndDelete'] = $this->userCanEditAndDelete();
$thisUser = icms::handler('icms_member')->getUser($this->getVar('poster_uid'));
if (is_object($thisUser)) {
// get poster avatar
$avatar = $thisUser->gravatar();
if ($icmsConfigUser['avatar_allow_gravatar'] || strpos($avatar, 'http://www.gravatar.com/avatar/') === false) {
$ret['poster_avatar'] = '<img src="' . $thisUser->gravatar() . '" />';
}
// get poster signature
if (trim($thisUser->getVar('user_sig')) && $this->getVar('attachsig')) {
$ret['poster_signature'] = icms_core_DataFilter::checkVar($thisUser->getVar('user_sig', 'N'), 'html', 'output');
}
}
// rewrite edit and delete item links to work with tribes.php
$ret['editItemLink'] = str_replace($this->handler->_itemname . '.php?op=mod', 'tribes.php?tribes_id=' . $this->getVar('tribes_id') . '&topic_id=' . $this->getVar('topic_id') . '&op=edittribepost', $this->getEditItemLink(false, true, true));
$ret['deleteItemLink'] = str_replace($this->handler->_itemname . '.php?op=del', 'tribes.php?tribes_id=' . $this->getVar('tribes_id') . '&topic_id=' . $this->getVar('topic_id') . '&op=deltribepost', $this->getDeleteItemLink(false, true, true));
return $ret;
}
$icmsTpl->assign('profile_tribe_topic', $tribetopicObj->toArray());
$icmsTpl->assign('profile_tribe_posts', $profile_tribepost_handler->getPosts($clean_start, icms::$module->config['tribepostsperpage'], false, $clean_topic_id));
// make page navigation
$pagenav = new icms_view_PageNav($total_posts_count, icms::$module->config['tribepostsperpage'], $clean_start, 'start', 'tribes_id=' . $clean_tribes_id . '&topic_id=' . $clean_topic_id);
$icmsTpl->assign('profile_tribe_posts_pagenav', $pagenav->renderNav());
// make form
if (!$tribetopicObj->getVar('closed')) {
edittribepost($clean_topic_id, 0, $tribesObj, true);
}
icms_makeSmarty(array('lang_closed' => _MD_PROFILE_TRIBETOPIC_CLOSED));
}
} else {
$icmsTpl->assign('lang_joinfirst', _MD_PROFILE_TRIBES_JOINFIRST);
}
} elseif (isset($_POST['search_title'])) {
$clean_tribes_title = trim(icms_core_DataFilter::checkVar($_POST['search_title'], 'str'));
$tribes = array();
$tribes['search'] = $profile_tribes_handler->searchTribes($clean_tribes_title);
$icmsTpl->assign('profile_tribes', $tribes);
$icmsTpl->assign('lang_tribes_search_title', sprintf(_MD_PROFILE_TRIBES_SEARCH_TITLE, $clean_tribes_title));
if (count($tribes['search']) == 0) {
$icmsTpl->assign('lang_search_noresults', sprintf(_MD_PROFILE_TRIBES_SEARCH_NORESULTS, $clean_tribes_title));
}
$icmsTpl->assign('profile_tribes_search', true);
} elseif ($clean_uid > 0 || $real_uid > 0) {
$uid = $clean_uid > 0 ? $clean_uid : $real_uid;
$tribes = array();
$tribes['own'] = $profile_tribes_handler->getTribes(false, false, $uid);
$tribes['member'] = $profile_tribes_handler->getMembershipTribes($uid);
if (count($tribes['own']) + count($tribes['member']) == 0) {
$icmsTpl->assign('lang_nocontent', _MD_PROFILE_TRIBES_NOCONTENT);
$form->addElement($group_hidden);
}
}
$inactive_hidden = new icms_form_elements_Hidden("mail_inactive", @$_POST['mail_inactive']);
$lastlog_min_hidden = new icms_form_elements_Hidden("mail_lastlog_min", icms_core_DataFilter::checkVar($_POST['mail_lastlog_min'], 'text'));
$lastlog_max_hidden = new icms_form_elements_Hidden("mail_lastlog_max", icms_core_DataFilter::checkVar($_POST['mail_lastlog_max'], 'text'));
$regd_min_hidden = new icms_form_elements_Hidden("mail_regd_min", icms_core_DataFilter::checkVar($_POST['mail_regd_min'], 'text'));
$regd_max_hidden = new icms_form_elements_Hidden("mail_regd_max", icms_core_DataFilter::checkVar($_POST['mail_regd_max'], 'text'));
$idle_more_hidden = new icms_form_elements_Hidden("mail_idle_more", icms_core_DataFilter::checkVar($_POST['mail_idle_more'], 'text'));
$idle_less_hidden = new icms_form_elements_Hidden("mail_idle_less", icms_core_DataFilter::checkVar($_POST['mail_idle_less'], 'text'));
$fname_hidden = new icms_form_elements_Hidden("mail_fromname", icms_core_DataFilter::checkVar($_POST['mail_fromname'], 'text'));
$femail_hidden = new icms_form_elements_Hidden("mail_fromemail", icms_core_DataFilter::checkVar($_POST['mail_fromemail'], 'text'));
$subject_hidden = new icms_form_elements_Hidden("mail_subject", icms_core_DataFilter::checkVar($_POST['mail_subject'], 'text'));
$body_hidden = new icms_form_elements_Hidden("mail_body", icms_core_DataFilter::checkVar($_POST['mail_body'], 'text'));
$start_hidden = new icms_form_elements_Hidden("mail_start", (int) $_POST['mail_start'] + $limit);
$mail_mailok_hidden = new icms_form_elements_Hidden("mail_mailok", icms_core_DataFilter::checkVar(@$_POST['mail_mailok']));
$op_hidden = new icms_form_elements_Hidden("op", "send");
$submit_button = new icms_form_elements_Button("", "mail_submit", _AM_SENDNEXT, "submit");
$sent_label = new icms_form_elements_Label(_AM_SENT, sprintf(_AM_SENTNUM, (int) $_POST['mail_start'] + 1, (int) $_POST['mail_start'] + $limit, $count_criteria + $added_count - $limit));
$form->addElement($sent_label);
$form->addElement($inactive_hidden);
$form->addElement($lastlog_min_hidden);
$form->addElement($lastlog_max_hidden);
$form->addElement($regd_min_hidden);
$form->addElement($regd_max_hidden);
$form->addElement($idle_more_hidden);
$form->addElement($idle_less_hidden);
$form->addElement($fname_hidden);
$form->addElement($femail_hidden);
$form->addElement($subject_hidden);
$form->addElement($body_hidden);
/**
* clean values of all variables of the object for storage.
* also add slashes whereever needed
*
* We had to put this method in the icms_ipf_Object because the XOBJ_DTYPE_ARRAY does not work properly
* at least on PHP 5.1. So we have created a new type XOBJ_DTYPE_SIMPLE_ARRAY to handle 1 level array
* as a string separated by |
*
* @return bool true if successful
* @access public
*/
public function cleanVars()
{
$existing_errors = $this->getErrors();
$this->_errors = array();
foreach ($this->vars as $k => $v) {
$cleanv = $v['value'];
if (!$v['changed'] || $this->_isNewConfig) {
} else {
$cleanv = is_string($cleanv) ? trim($cleanv) : $cleanv;
switch ($v['data_type']) {
case XOBJ_DTYPE_TXTBOX:
if ($v['required'] && $cleanv != '0' && $cleanv == '') {
$this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k));
continue;
}
if (isset($v['maxlength']) && strlen($cleanv) > (int) $v['maxlength']) {
$this->setErrors(sprintf(_XOBJ_ERR_SHORTERTHAN, $k, (int) $v['maxlength']));
continue;
}
if (!$v['not_gpc']) {
$cleanv = icms_core_DataFilter::stripSlashesGPC(icms_core_DataFilter::censorString($cleanv));
} else {
$cleanv = icms_core_DataFilter::censorString($cleanv);
}
break;
case XOBJ_DTYPE_TXTAREA:
if ($v['required'] && $cleanv != '0' && $cleanv == '') {
$this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k));
continue;
}
if (!$v['not_gpc']) {
$cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv);
$cleanv = icms_core_DataFilter::checkVar($cleanv, 'html', 'input');
} else {
//$cleanv = icms_core_DataFilter::censorString($cleanv);
$cleanv = icms_core_DataFilter::checkVar($cleanv, 'html', 'input');
}
break;
case XOBJ_DTYPE_SOURCE:
if (!$v['not_gpc']) {
$cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv);
} else {
$cleanv = $cleanv;
}
break;
case XOBJ_DTYPE_INT:
case XOBJ_DTYPE_TIME_ONLY:
$cleanv = (int) $cleanv;
break;
case XOBJ_DTYPE_CURRENCY:
$cleanv = icms_currency($cleanv);
break;
case XOBJ_DTYPE_FLOAT:
$cleanv = icms_float($cleanv);
break;
case XOBJ_DTYPE_EMAIL:
if ($v['required'] && $cleanv == '') {
$this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k));
continue;
}
if ($cleanv != '' && !icms_core_DataFilter::checkVar($cleanv, 'email')) {
$this->setErrors(_CORE_DB_INVALIDEMAIL);
continue;
}
if (!$v['not_gpc']) {
$cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv);
}
break;
case XOBJ_DTYPE_URL:
if ($v['required'] && $cleanv == '') {
$this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k));
continue;
}
if ($cleanv != '' && !preg_match("/^http[s]*:\\/\\//i", $cleanv)) {
$cleanv = 'http://' . $cleanv;
}
if (!$v['not_gpc']) {
$cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv);
}
break;
case XOBJ_DTYPE_SIMPLE_ARRAY:
$cleanv = implode('|', $cleanv);
break;
case XOBJ_DTYPE_ARRAY:
$cleanv = is_array($cleanv) ? serialize($cleanv) : $cleanv;
break;
case XOBJ_DTYPE_STIME:
case XOBJ_DTYPE_MTIME:
case XOBJ_DTYPE_LTIME:
$cleanv = !is_string($cleanv) ? (int) $cleanv : strtotime($cleanv);
if (!($cleanv > 0)) {
$cleanv = strtotime($cleanv);
}
break;
default:
break;
}
}
$this->cleanVars[$k] =& $cleanv;
unset($cleanv);
}
if (count($this->_errors) > 0) {
$this->_errors = array_merge($existing_errors, $this->_errors);
return false;
}
$this->_errors = array_merge($existing_errors, $this->_errors);
$this->unsetDirty();
return true;
}
/**
* Validates username, email address and password entries during registration
* Username is validated for uniqueness and length
* password is validated for length and strictness
* email is validated as a proper email address pattern
*
* @param string $uname User display name entered by the user
* @param string $login_name Username entered by the user
* @param string $email Email address entered by the user
* @param string $pass Password entered by the user
* @param string $vpass Password verification entered by the user
* @param int $uid user id (only applicable if the user already exists)
* @global array $icmsConfigUser user configuration
* @return string of errors encountered while validating the user information, will be blank if successful
*/
public function userCheck($login_name, $uname, $email, $pass, $vpass, $uid = 0)
{
global $icmsConfigUser;
// initializations
$member_handler = icms::handler('icms_member');
$thisUser = $uid > 0 ? $thisUser = $member_handler->getUser($uid) : FALSE;
$icmsStopSpammers = new icms_core_StopSpammer();
$stop = '';
switch ($icmsConfigUser['uname_test_level']) {
case 0:
// strict
$restriction = '/[^a-zA-Z0-9\\_\\-]/';
break;
case 1:
// medium
$restriction = '/[^a-zA-Z0-9\\_\\-\\<\\>\\,\\.\\$\\%\\#\\@\\!\\\'\\"]/';
break;
case 2:
// loose
$restriction = '/[\\000-\\040]/';
break;
}
// check email
if (is_object($thisUser) && $thisUser->getVar('email', 'e') != $email && $email !== FALSE || !is_object($thisUser)) {
if (!icms_core_DataFilter::checkVar($email, 'email', 0, 1)) {
$stop .= _US_INVALIDMAIL . '<br />';
}
$count = $this->getCount(icms_buildCriteria(array('email' => addslashes($email))));
if ($count > 0) {
$stop .= _US_EMAILTAKEN . '<br />';
}
}
// check login_name
$login_name = icms_core_DataFilter::icms_trim($login_name);
if (is_object($thisUser) && $thisUser->getVar('login_name', 'e') != $login_name && $login_name !== FALSE || !is_object($thisUser)) {
if (empty($login_name) || preg_match($restriction, $login_name)) {
$stop .= _US_INVALIDNICKNAME . '<br />';
}
if (strlen($login_name) > $icmsConfigUser['maxuname']) {
$stop .= sprintf(_US_NICKNAMETOOLONG, $icmsConfigUser['maxuname']) . '<br />';
}
if (strlen($login_name) < $icmsConfigUser['minuname']) {
$stop .= sprintf(_US_NICKNAMETOOSHORT, $icmsConfigUser['minuname']) . '<br />';
}
foreach ($icmsConfigUser['bad_unames'] as $bu) {
if (!empty($bu) && preg_match('/' . $bu . '/i', $login_name)) {
$stop .= _US_NAMERESERVED . '<br />';
break;
}
}
if (strrpos($login_name, ' ') > 0) {
$stop .= _US_NICKNAMENOSPACES . '<br />';
}
$count = $this->getCount(icms_buildCriteria(array('login_name' => addslashes($login_name))));
if ($count > 0) {
$stop .= _US_LOGINNAMETAKEN . '<br />';
}
}
// check uname
if (is_object($thisUser) && $thisUser->getVar('uname', 'e') != $uname && $uname !== FALSE || !is_object($thisUser)) {
$count = $this->getCount(icms_buildCriteria(array('uname' => addslashes($uname))));
if ($count > 0) {
$stop .= _US_NICKNAMETAKEN . '<br />';
}
}
// check password
if ($pass !== FALSE) {
if (!isset($pass) || $pass == '' || !isset($vpass) || $vpass == '') {
$stop .= _US_ENTERPWD . '<br />';
}
if (isset($pass) && $pass != $vpass) {
$stop .= _US_PASSNOTSAME . '<br />';
} elseif ($pass != '' && strlen($pass) < $icmsConfigUser['minpass']) {
$stop .= sprintf(_US_PWDTOOSHORT, $icmsConfigUser['minpass']) . '<br />';
}
if (isset($pass) && isset($login_name) && ($pass == $login_name || $pass == icms_core_DataFilter::utf8_strrev($login_name, TRUE) || strripos($pass, $login_name) === TRUE)) {
$stop .= _US_BADPWD . '<br />';
}
}
// check other things
if ($icmsStopSpammers->badIP($_SERVER['REMOTE_ADDR'])) {
$stop .= _US_INVALIDIP . '<br />';
}
return $stop;
}
/**
* Set a config value
*
* @param mixed &$value Value
* @param bool $force_slash
*/
public function setConfValueForInput($value, $force_slash = false)
{
if ($this->getVar('conf_formtype') == 'textarea' && $this->getVar('conf_valuetype') !== 'array') {
$value = icms_core_DataFilter::checkVar($value, 'html', 'input');
} elseif ($this->getVar('conf_formtype') == 'textsarea' && $this->getVar('conf_valuetype') !== 'array') {
$value = icms_core_DataFilter::checkVar($value, 'text', 'input');
} elseif ($this->getVar('conf_formtype') == 'password') {
$value = filter_var($value, FILTER_SANITIZE_URL);
} else {
$value = StopXSS($value);
}
switch ($this->getVar('conf_valuetype')) {
case 'array':
if (!is_array($value)) {
$value = explode('|', trim($value));
}
$this->setVar('conf_value', serialize($value), $force_slash);
break;
case 'text':
$this->setVar('conf_value', trim($value), $force_slash);
break;
default:
$this->setVar('conf_value', $value, $force_slash);
break;
}
}
/**
* returns a specific variable for the object in a proper format
*
* We had to put this method in the icms_ipf_Object because the XOBJ_DTYPE_ARRAY does not work properly
* at least on PHP 5.1. So we have created a new type XOBJ_DTYPE_SIMPLE_ARRAY to handle 1 level array
* as a string separated by |
*
* @access public
* @param string $key key of the object's variable to be returned
* @param string $format format to use for the output
* @return mixed formatted value of the variable
*/
public function getVar($key, $format = 's')
{
global $myts;
$ret = $this->vars[$key]['value'];
switch ($this->vars[$key]['data_type']) {
case XOBJ_DTYPE_TXTBOX:
switch (strtolower($format)) {
case 's':
case 'show':
// ML Hack by marcan
$ret = icms_core_DataFilter::htmlSpecialChars($ret);
if (method_exists($myts, 'formatForML')) {
return $ts->formatForML($ret);
} else {
return $ret;
}
break 1;
// End of ML Hack by marcan
// End of ML Hack by marcan
case 'clean':
$ret = icms_html2text($ret);
$ret = icms_purifyText($ret);
return $ret;
break 1;
// End of ML Hack by marcan
// End of ML Hack by marcan
case 'e':
case 'edit':
return icms_core_DataFilter::htmlSpecialChars($ret);
break 1;
case 'p':
case 'preview':
case 'f':
case 'formpreview':
return icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($ret));
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_LTIME:
switch (strtolower($format)) {
case 's':
case 'show':
case 'p':
case 'preview':
case 'f':
case 'formpreview':
$ret = formatTimestamp($ret, _DATESTRING);
return $ret;
break 1;
case 'n':
case 'none':
case 'e':
case 'edit':
break 1;
default:
break 1;
}
break;
case XOBJ_DTYPE_STIME:
switch (strtolower($format)) {
case 's':
case 'show':
case 'p':
case 'preview':
case 'f':
case 'formpreview':
$ret = formatTimestamp($ret, _SHORTDATESTRING);
return $ret;
break 1;
case 'n':
case 'none':
case 'e':
case 'edit':
break 1;
default:
break 1;
}
break;
case XOBJ_DTYPE_TIME_ONLY:
switch (strtolower($format)) {
case 's':
case 'show':
case 'p':
case 'preview':
case 'f':
case 'formpreview':
$ret = formatTimestamp($ret, 'G:i');
return $ret;
break 1;
case 'n':
case 'none':
case 'e':
case 'edit':
break 1;
default:
break 1;
}
break;
case XOBJ_DTYPE_CURRENCY:
$decimal_section_original = strstr($ret, '.');
$decimal_section = $decimal_section_original;
if ($decimal_section) {
if (strlen($decimal_section) == 1) {
$decimal_section = '.00';
} elseif (strlen($decimal_section) == 2) {
$decimal_section = $decimal_section . '0';
}
$ret = str_replace($decimal_section_original, $decimal_section, $ret);
} else {
$ret = $ret . '.00';
}
break;
case XOBJ_DTYPE_TXTAREA:
switch (strtolower($format)) {
case 's':
case 'show':
$ts = icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if (defined('XOOPS_EDITOR_IS_HTML')) {
$br = false;
}
if ($html) {
return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
$ts = icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if ($html) {
return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_SIMPLE_ARRAY:
$ret =& explode('|', $ret);
break;
case XOBJ_DTYPE_ARRAY:
$ret =& unserialize($ret);
break;
case XOBJ_DTYPE_SOURCE:
switch (strtolower($format)) {
case 's':
case 'show':
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
return icms_core_DataFilter::stripSlashesGPC($ret);
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
default:
if ($this->vars[$key]['options'] != '' && $ret != '') {
switch (strtolower($format)) {
case 's':
case 'show':
$selected = explode('|', $ret);
$options = explode('|', $this->vars[$key]['options']);
$i = 1;
$ret = array();
foreach ($options as $op) {
if (in_array($i, $selected)) {
$ret[] = $op;
}
$i++;
}
return implode(', ', $ret);
case 'e':
case 'edit':
$ret = explode('|', $ret);
break 1;
default:
break 1;
}
}
break;
}
return $ret;
}
/**
* Deletes a client
* @param int $cid client id
*/
function BannerClientDelete($cid) {
global $icmsConfig, $icmsModule;
icms_cp_header();
$result = icms::$xoopsDB->query("SELECT cid, name FROM " . icms::$xoopsDB->prefix("bannerclient") . " WHERE cid='". (int) $cid . "'");
list($cid, $name) = icms::$xoopsDB->fetchRow($result);
$name = icms_core_DataFilter::htmlSpecialChars($name);
echo "<table width='100%' border='0' cellspacing='1' class='outer'><tr><td class=\"odd\">";
echo "<h4>" . _AM_DELEADC . "</h4>" . sprintf(_AM_SUREDELCLI, $name) . "<br /><br />";
$result2 = icms::$xoopsDB->query("SELECT imageurl, clickurl, htmlbanner, htmlcode FROM " . icms::$xoopsDB->prefix("banner") . " WHERE cid='". (int) $cid . "'");
$numrows = icms::$xoopsDB->getRowsNum($result2);
if ($numrows == 0) {
echo "" . _AM_NOBNRRUN . "<br /><br />";
} else {
echo "<font color='#ff0000'><strong>" . _AM_WARNING . "</strong></font><br />" . _AM_ACTBNRRUN . "<br /><br />";
}
while (list($imageurl, $clickurl, $htmlbanner, $htmlcode) = icms::$xoopsDB->fetchRow($result2)) {
$imageurl = htmlspecialchars($imageurl, ENT_QUOTES);
$clickurl = htmlspecialchars($clickurl, ENT_QUOTES);
$bannerobject = "";
if ($htmlbanner) {
$bannerobject = icms_core_DataFilter::checkVar($htmlcode, 'html', 'output');
} else {
$bannerobject = '<div><a href="' . $clickurl . '" rel="external">';
if (strtolower(substr($imageurl, strrpos($imageurl, ".")))==".swf") {
$bannerobject = $bannerobject;
echo '<object type="application/x-shockwave-flash" data="' . $imageurl . '" width="468" height="60">';
echo '<param name="movie" value="' . $imageurl . '" />';
echo '<param name="quality" value="high" />';
echo '</object>';
} else {
$bannerobject = $bannerobject . '<img src="' . $imageurl . '" alt="" />';
}
$bannerobject = $bannerobject . '</a></div>';
}
echo $bannerobject . "<a href='" . $clickurl . "'>" . $clickurl . "</a><br /><br />";
}
icms_core_Message::confirm(array('fct' => 'banners', 'op' => 'BannerClientDelete2', 'cid' => $cid), 'admin.php', _AM_SUREDELBNR);
echo "</td></tr></table>";
icms_cp_footer();
}
if (!icms::$user || !$icmsConfigUser['allow_chgmail']) {
redirect_header(ICMS_URL . '/modules/' . basename(dirname(__FILE__)), 3, _NOPERM);
}
$profile_template = 'profile_changemail.html';
include 'header.php';
if (!isset($_POST['submit']) && !isset($_REQUEST['oldmail'])) {
//show change password form
$form = new icms_form_Theme(_MD_PROFILE_CHANGEMAIL, 'form', $_SERVER['REQUEST_URI'], 'post', true);
$form->addElement(new icms_form_elements_Text(_MD_PROFILE_NEWMAIL, 'newmail', 15, 50), true);
$form->addElement(new icms_form_elements_Button('', 'submit', _SUBMIT, 'submit'));
$form->assign($icmsTpl);
} else {
//compute unique key
$key = md5(substr(icms::$user->getVar('pass'), 0, 5));
if (!isset($_REQUEST['oldmail'])) {
if (!icms_core_DataFilter::checkVar($_POST['newmail'], 'email', 0, 1)) {
redirect_header(ICMS_URL . '/modules/' . basename(dirname(__FILE__)) . 'changemail.php', 2, _MD_PROFILE_INVALIDMAIL);
}
//send email to new email address with key
$icmsMailer = new icms_messaging_Handler();
$icmsMailer->useMail();
$icmsMailer->setTemplateDir(ICMS_ROOT_PATH . '/modules/' . basename(dirname(__FILE__)) . '/language/' . $icmsConfig['language'] . '/mail_template');
$icmsMailer->setTemplate('changemail.tpl');
$icmsMailer->assign('SITENAME', $icmsConfig['sitename']);
$icmsMailer->assign('X_UNAME', icms::$user->getVar('uname'));
$icmsMailer->assign('ADMINMAIL', $icmsConfig['adminmail']);
$icmsMailer->assign('SITEURL', ICMS_URL);
$icmsMailer->assign('IP', $_SERVER['REMOTE_ADDR']);
$icmsMailer->assign('NEWEMAIL_LINK', ICMS_URL . '/modules/' . basename(dirname(__FILE__)) . '/changemail.php?code=' . $key . '&oldmail=' . icms::$user->getVar('email'));
$icmsMailer->assign('NEWEMAIL', $_POST['newmail']);
$icmsMailer->setToEmails($_POST['newmail']);
/**
* returns a specific variable for the object in a proper format
*
* @access public
* @param string $key key of the object's variable to be returned
* @param string $format format to use for the output
* @return mixed formatted value of the variable
*/
public function getVar($key, $format = 's')
{
$ret = $this->vars[$key]['value'];
switch ($this->vars[$key]['data_type']) {
case XOBJ_DTYPE_TXTBOX:
switch (strtolower($format)) {
case 's':
case 'show':
case 'e':
case 'edit':
return icms_core_DataFilter::htmlSpecialchars($ret);
break 1;
case 'p':
case 'preview':
case 'f':
case 'formpreview':
return icms_core_DataFilter::htmlSpecialchars(icms_core_DataFilter::stripSlashesGPC($ret));
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_TXTAREA:
switch (strtolower($format)) {
case 's':
case 'show':
$ts =& icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if ($html) {
return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
$ts =& icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if ($html) {
return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_ARRAY:
$ret =& unserialize($ret);
break;
case XOBJ_DTYPE_SOURCE:
switch (strtolower($format)) {
case 's':
case 'show':
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
return icms_core_DataFilter::stripSlashesGPC($ret);
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
default:
if ($this->vars[$key]['options'] != '' && $ret != '') {
switch (strtolower($format)) {
case 's':
case 'show':
$selected = explode('|', $ret);
$options = explode('|', $this->vars[$key]['options']);
$i = 1;
$ret = array();
foreach ($options as $op) {
if (in_array($i, $selected)) {
$ret[] = $op;
}
$i++;
}
return implode(', ', $ret);
case 'e':
case 'edit':
$ret = explode('|', $ret);
break 1;
default:
break 1;
}
}
break;
}
return $ret;
}
echo "<img src='uploads/" . $poster->getVar("user_avatar") . "' alt='' /><br />\n";
}
if ($poster->getVar("user_from") != "") {
echo _PM_FROMC . "" . $poster->getVar("user_from") . "<br /><br />\n";
}
if ($poster->isOnline()) {
echo "<span style='color:#ee0000;font-weight:bold;'>" . _PM_ONLINE . "</span><br /><br />\n";
}
} else {
echo $icmsConfig['anonymous'];
// we need to do this for deleted users
}
echo "</td><td><img src='images/subject/" . $pm_arr[0]->getVar("msg_image", "E") . "' alt='' /> \r\n\t\t\t" . _PM_SENTC . "" . formatTimestamp($pm_arr[0]->getVar("msg_time"));
echo "<hr /><b>" . $pm_arr[0]->getVar("subject") . "</b><br /><br />\n";
$var = $pm_arr[0]->getVar('msg_text', 'N');
echo icms_core_DataFilter::checkVar($var, 'html', 'output') . "<br /><br /></td></tr>\r\n\t\t\t<tr class='foot'><td width='20%' colspan='2' align='" . _GLOBAL_LEFT . "'>";
// we dont want to reply to a deleted user!
if ($poster != false) {
echo "<a href='#' onclick='javascript:openWithSelfMain(\"" . ICMS_URL . "/pmlite.php?reply=1&msg_id=" . $pm_arr[0]->getVar("msg_id") . "\",\"pmlite\",800,680);'>\r\n\t\t\t\t<img src='" . ICMS_URL . "/images/icons/" . $GLOBALS["icmsConfig"]["language"] . "/reply.gif' alt='" . _PM_REPLY . "' /></a>\n";
}
echo "<input type='hidden' name='delete' value='1' />";
echo icms::$security->getTokenHTML();
echo "<input type='hidden' name='msg_id' value='" . $pm_arr[0]->getVar("msg_id") . "' />";
echo "<a href='#" . $pm_arr[0]->getVar("msg_id") . "' onclick='javascript:document.delete" . $pm_arr[0]->getVar("msg_id") . ".submit();'>\r\n\t\t\t<img src='" . ICMS_URL . "/images/icons/" . $GLOBALS["icmsConfig"]["language"] . "/delete.gif' alt='" . _PM_DELETE . "' /></a>";
echo "</td></tr><tr><td colspan='2' align='" . _GLOBAL_RIGHT . "'>";
$previous = $start - 1;
$next = $start + 1;
if ($previous >= 0) {
echo "<a href='readpmsg.php?start=" . (int) $previous . "&total_messages=" . (int) $total_messages . "'>" . _PM_PREVIOUS . "</a> | ";
} else {
echo _PM_PREVIOUS . " | ";
$thisUser = icms::handler('icms_member')->getUser($uid);
if (!is_object($thisUser) || !$thisUser->isActive()) {
redirect_header('index.php', 3, _US_SELECTNG);
}
$xoopsOption['template_main'] = 'system_userinfo.html';
include ICMS_ROOT_PATH . '/header.php';
$icmsTpl->assign('user_ownpage', FALSE);
}
if (is_object(icms::$user) && $isAdmin) {
icms_makeSmarty(array('lang_editprofile' => _US_EDITPROFILE, 'lang_deleteaccount' => _US_DELACCOUNT, 'user_uid' => (int) $thisUser->getVar('uid')));
}
$userrank = $thisUser->rank();
$date = $thisUser->getVar('last_login');
icms_makeSmarty(array('user_avatarurl' => $icmsConfigUser['avatar_allow_gravatar'] == TRUE ? $thisUser->gravatar('G', $icmsConfigUser['avatar_width']) : ICMS_UPLOAD_URL . '/' . $thisUser->getVar('user_avatar'), 'user_websiteurl' => $thisUser->getVar('url', 'E') == '' ? '' : '<a href="' . $thisUser->getVar('url', 'E') . '" rel="external">' . $thisUser->getVar('url') . '</a>', 'lang_website' => _US_WEBSITE, 'user_realname' => $thisUser->getVar('name'), 'lang_realname' => _US_REALNAME, 'lang_avatar' => _US_AVATAR, 'lang_allaboutuser' => sprintf(_US_ALLABOUT, $thisUser->getVar('uname')), 'user_alwopenid' => $icmsConfigAuth['auth_openid'], 'lang_openid', $icmsConfigAuth['auth_openid'] == TRUE ? _US_OPENID_FORM_CAPTION : '', 'lang_email' => _US_EMAIL, 'lang_privmsg' => _US_PM, 'lang_icq' => _US_ICQ, 'user_icq' => $thisUser->getVar('user_icq'), 'lang_aim' => _US_AIM, 'user_aim' => $thisUser->getVar('user_aim'), 'lang_yim' => _US_YIM, 'user_yim' => $thisUser->getVar('user_yim'), 'lang_msnm' => _US_MSNM, 'user_msnm' => $thisUser->getVar('user_msnm'), 'lang_location' => _US_LOCATION, 'user_location' => $thisUser->getVar('user_from'), 'lang_occupation' => _US_OCCUPATION, 'user_occupation' => $thisUser->getVar('user_occ'), 'lang_interest' => _US_INTEREST, 'user_interest' => $thisUser->getVar('user_intrest'), 'lang_extrainfo' => _US_EXTRAINFO, 'user_extrainfo' => icms_core_DataFilter::checkVar($thisUser->getVar('bio', 'N'), 'text', 'output'), 'lang_statistics' => _US_STATISTICS, 'lang_membersince' => _US_MEMBERSINCE, 'user_joindate' => formatTimestamp($thisUser->getVar('user_regdate'), 's'), 'lang_rank' => _US_RANK, 'lang_posts' => _US_POSTS, 'lang_basicInfo' => _US_BASICINFO, 'lang_more' => _US_MOREABOUT, 'lang_myinfo' => _US_MYINFO, 'user_posts' => icms_conv_nr2local($thisUser->getVar('posts')), 'lang_lastlogin' => _US_LASTLOGIN, 'lang_notregistered' => _US_NOTREGISTERED, 'user_pmlink' => is_object(icms::$user) ? "<a href=\"javascript:openWithSelfMain('" . ICMS_URL . "/pmlite.php?send2=1&to_userid=" . (int) $thisUser->getVar('uid') . "', 'pmlite', 800,680);\"><img src=\"" . ICMS_URL . "/images/icons/" . $icmsConfig['language'] . "/pm.gif\" alt=\"" . sprintf(_SENDPMTO, $thisUser->getVar('uname')) . "\" /></a>" : '', 'user_rankimage' => $userrank['image'] ? '<img src="' . $userrank['image'] . '" alt="' . $userrank['title'] . '" />' : '', 'user_ranktitle' => $userrank['title'], 'user_lastlogin' => !empty($date) ? formatTimestamp($thisUser->getVar('last_login'), 'm') : '', 'icms_pagetitle' => sprintf(_US_ALLABOUT, $thisUser->getVar('uname')), 'user_email' => $thisUser->getVar('user_viewemail') == TRUE || is_object(icms::$user) && (icms::$user->isAdmin() || icms::$user->getVar('uid') == $thisUser->getVar('uid')) ? $thisUser->getVar('email', 'E') : ' ', 'user_openid' => $icmsConfigAuth['auth_openid'] == TRUE && ($thisUser->getVar('user_viewoid') == TRUE || is_object(icms::$user) && (icms::$user->isAdmin() || icms::$user->getVar('uid') == $thisUser->getVar('uid'))) ? $thisUser->getVar('openid', 'E') : ' '));
if ($icmsConfigUser['allwshow_sig'] == TRUE && strlen(trim($thisUser->getVar('user_sig', 'N'))) > 0) {
icms_makeSmarty(array('user_showsignature' => TRUE, 'lang_signature' => _US_SIGNATURE, 'user_signature' => icms_core_DataFilter::checkVar($thisUser->getVar('user_sig', 'N'), 'html', 'output')));
}
$module_handler = icms::handler('icms_module');
$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('hassearch', 1));
$criteria->add(new icms_db_criteria_Item('isactive', 1));
$mids = array_keys($module_handler->getList($criteria));
foreach ($mids as $mid) {
if ($gperm_handler->checkRight('module_read', $mid, $groups)) {
$module = $module_handler->get($mid);
$results = $module->search('', '', 5, 0, (int) $thisUser->getVar('uid'));
$count = count($results);
if (is_array($results) && $count > 0) {
for ($i = 0; $i < $count; $i++) {
if (isset($results[$i]['image']) && $results[$i]['image'] != '') {
$results[$i]['image'] = 'modules/' . $module->getVar('dirname') . '/' . $results[$i]['image'];
} else {
/**
* Get {@link icms_form_Theme} for registering new users
*
* @param object $user {@link icms_member_user_Object} to register
* @param int $step Which step we are at
* @param ProfileRegstep $next_step
*
* @return object
*/
function &getRegisterForm(&$user, $profile, $next_step = 0, $step)
{
$action = $_SERVER['REQUEST_URI'];
global $icmsConfigUser;
$reg_form = new icms_form_Theme($step->getVar('step_name'), "regform", $action, "post");
if ($step->getVar('step_intro') != "") {
$reg_form->addElement(new icms_form_elements_Label('', $step->getVar('step_intro')));
}
if ($next_step == 0) {
icms_loadLanguageFile('core', 'user');
$uname_size = $icmsConfigUser['maxuname'] < 75 ? $icmsConfigUser['maxuname'] : 75;
$elements[0][] = array('element' => new icms_form_elements_Text(_US_LOGIN_NAME, "login_name", $uname_size, 75, $user->getVar('login_name', 'e')), 'required' => true);
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Text(_US_NICKNAME, "uname", $uname_size, 75, $user->getVar('uname', 'e')), 'required' => true);
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Password(_MD_PROFILE_PASSWORD, "pass", 10, 32, "", false, $icmsConfigUser['pass_level'] ? 'password_adv' : ''), 'required' => true);
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Password(_MD_PROFILE_VERIFYPASS, "vpass", 10, 32, ""), 'required' => true);
$weights[0][] = 0;
}
// Dynamic fields
$profile_handler = icms_getmodulehandler('profile', basename(dirname(dirname(__FILE__))), 'profile');
// Get fields
$fields = $profile_handler->loadFields();
foreach (array_keys($fields) as $i) {
// Set field persistance - load profile with session vars
$fieldname = $fields[$i]->getVar('field_name');
if (!empty($_SESSION['profile'][$fieldname]) && ($value = $_SESSION['profile'][$fieldname])) {
$profile->setVar($fieldname, $value);
}
if ($fields[$i]->getVar('step_id') == $step->getVar('step_id')) {
$fieldinfo['element'] = $fields[$i]->getEditElement($user, $profile);
$fieldinfo['required'] = $fields[$i]->getVar('field_required');
$key = $fields[$i]->getVar('catid');
$elements[$key][] = $fieldinfo;
$weights[$key][] = $fields[$i]->getVar('field_weight');
}
}
ksort($elements);
// Get categories
$cat_handler = icms_getmodulehandler('category', basename(dirname(dirname(__FILE__))), 'profile');
$categories = $cat_handler->getObjects(null, true, false);
foreach (array_keys($elements) as $k) {
array_multisort($weights[$k], SORT_ASC, array_keys($elements[$k]), SORT_ASC, $elements[$k]);
$title = isset($categories[$k]) ? $categories[$k]['cat_title'] : _MD_PROFILE_DEFAULT;
$desc = isset($categories[$k]) ? $categories[$k]['cat_description'] : "";
$reg_form->addElement(new icms_form_elements_Label($title, $desc), false);
foreach (array_keys($elements[$k]) as $i) {
$reg_form->addElement($elements[$k][$i]['element'], $elements[$k][$i]['required']);
}
}
//end of Dynamic User fields
if ($next_step == 0 && $icmsConfigUser['reg_dispdsclmr'] != 0 && $icmsConfigUser['reg_disclaimer'] != '') {
$disc_tray = new icms_form_elements_Tray(_MD_PROFILE_DISCLAIMER, '<br />');
$disc_text = new icms_form_elements_Label("", "<div id=\"disclaimer\">" . icms_core_DataFilter::checkVar($icmsConfigUser['reg_disclaimer'], 'html', 'output') . "</div>");
$disc_tray->addElement($disc_text);
$session_agreement = empty($_SESSION['profile']['agree_disc']) ? '' : $_SESSION['profile']['agree_disc'];
$agree_chk = new icms_form_elements_Checkbox('', 'agree_disc', $session_agreement);
$agree_chk->addOption(1, _MD_PROFILE_IAGREE);
$disc_tray->addElement($agree_chk);
$reg_form->addElement($disc_tray);
}
if ($next_step == 0 && $icmsConfigUser['use_captcha'] == 1) {
$reg_form->addElement(new icms_form_elements_Captcha(_SECURITYIMAGE_GETCODE, "scode"));
}
$reg_form->addElement(new icms_form_elements_Hidden("op", "step"));
$reg_form->addElement(new icms_form_elements_Hidden("step", $next_step));
$reg_form->addElement(new icms_form_elements_Button("", "submit", _MD_PROFILE_SUBMIT, "submit"));
return $reg_form;
}
/**
* Function to display the banners stats for
* each client
**/
function bannerstats()
{
global $icmsConfig, $icmsConfigMetaFooter, $icmsConfigPlugins;
if ($_SESSION['banner_login'] == '' || $_SESSION['banner_pass'] == '') {
redirect_header('banners.php', 2);
}
$result = icms::$xoopsDB->query(sprintf("SELECT cid, name, passwd FROM %s WHERE login=%s", icms::$xoopsDB->prefix('bannerclient'), icms::$xoopsDB->quoteString($_SESSION['banner_login'])));
list($cid, $name, $passwd) = icms::$xoopsDB->fetchRow($result);
if ($_SESSION['banner_pass'] == $passwd) {
include 'header.php';
echo "<div id='bannerstats'>" . "<h4 class='content_title'>" . sprintf(_BANNERS_TITLE, $name) . "</h4><hr />" . "<table summary=''>" . "<caption>" . sprintf(_BANNERS_TITLE, $name) . "</caption>" . "<thead><tr>" . "<td>ID</td>" . "<td>" . _BANNERS_IMP_MADE . "</td>" . "<td>" . _BANNERS_IMP_TOTAL . "</td>" . "<td>" . _BANNERS_IMP_LEFT . "</td>" . "<td>" . _BANNERS_CLICKS . "</td>" . "<td>" . _BANNERS_PER_CLICKS . "</td>" . "<td>" . _BANNERS_FUNCTIONS . "</td></tr></thead>" . "<tfoot><tr><td colspan='7'></td></tr></tfoot>";
$result = icms::$xoopsDB->query("select bid, imptotal, impmade, clicks, date from \r\n\t\t\t\t\t\t\t\t\t\t" . icms::$xoopsDB->prefix('banner') . " where cid='" . (int) $cid . "'");
$i = 0;
while (list($bid, $imptotal, $impmade, $clicks, $date) = icms::$xoopsDB->fetchRow($result)) {
if ($impmade == 0) {
$percent = 0;
} else {
$percent = substr(100 * $clicks / $impmade, 0, 5);
}
if ($imptotal == 0) {
$left = _BANNERS_UNLIMITED;
} else {
$left = $imptotal - $impmade;
}
$class = $i % 2 == 0 ? 'even' : 'odd';
echo "<tbody><tr class='{$class}'>" . "<td>{$bid}</td>" . "<td>{$impmade}</td>" . "<td>{$imptotal}</td>" . "<td>{$left}</td>" . "<td>{$clicks}</td>" . "<td>{$percent}%</td>" . "<td><a href='banners.php?op=EmailStats&cid={$cid}&bid={$bid}' title='" . _BANNERS_STATS . "'>" . _BANNERS_STATS . "</a></td></tr></tbody>";
$i++;
}
echo "</table><br /><br /><h4 class='content_title'>" . _BANNERS_FOW_IN . htmlspecialchars($icmsConfig['sitename']) . "</h4><hr />";
$result = icms::$xoopsDB->query("select bid, imageurl, clickurl, htmlbanner, htmlcode from \r\n\t\t\t\t\t\t\t\t\t\t" . icms::$xoopsDB->prefix('banner') . " where cid='" . (int) $cid . "'");
while (list($bid, $imageurl, $clickurl, $htmlbanner, $htmlcode) = icms::$xoopsDB->fetchRow($result)) {
$numrows = icms::$xoopsDB->getRowsNum($result);
if ($numrows > 1) {
echo "<br />";
}
if (!empty($htmlbanner) && !empty($htmlcode)) {
echo icms_core_DataFilter::checkVar($htmlcode, 'text', 'output');
} else {
if (strtolower(substr($imageurl, strrpos($imageurl, "."))) == ".swf") {
echo '<object type="application/x-shockwave-flash" data="' . $imageurl . '" width="468" height="60">' . '<param name=movie value="' . $imageurl . '" />' . '<param name="quality" value="high" />' . '</object>';
} else {
echo '<img src="' . $imageurl . '" alt="" />';
}
}
echo "<br /><strong>" . _BANNERS_ID . $bid . "</strong><br />" . sprintf(_BANNERS_SEND_STATS, 'banners.php?op=EmailStats&cid=' . $cid . '&bid=' . $bid) . "<br />";
if (!$htmlbanner) {
$clickurl = htmlspecialchars($clickurl, ENT_QUOTES);
echo sprintf(_BANNERS_POINTS, $clickurl) . "<br /><form action='banners.php' method='post'>" . _BANNERS_URL . "<input type='text' name='url' size='50' maxlength='200' value='{$clickurl}' />" . "<input type='hidden' name='bid' value='{$bid}' />" . "<input type='hidden' name='cid' value='{$cid}' />" . "<input type='submit' name='op' value='" . _BANNERS_CHANGE . "' />" . icms::$security->getTokenHTML("BANNER_EDIT") . "</form>";
}
}
/* Finished Banners */
echo "<br />";
if ($result = icms::$xoopsDB->query("select bid, impressions, clicks, datestart, dateend from\r\n\t\t\t" . icms::$xoopsDB->prefix('bannerfinish') . " where cid='" . (int) $cid . "'")) {
echo "<h4 class='content_title'>" . sprintf(_BANNERS_FINISHED, $name) . "</h4><hr /><table summary=''><caption>" . sprintf(_BANNERS_FINISHED, $name) . "</caption><thead><tr><td>ID</td><td>" . _BANNERS_IMP_MADE . "</td><td>" . _BANNERS_CLICKS . "</td><td>" . _BANNERS_PER_CLICKS . "</td><td>" . _BANNERS_STARTED . "</td><td>" . _BANNERS_ENDED . "</td></tr></thead>" . "<tfoot><tr><td colspan='6'></td></tr></tfoot>";
$i = 0;
while (list($bid, $impressions, $clicks, $datestart, $dateend) = icms::$xoopsDB->fetchRow($result)) {
$percent = substr(100 * $clicks / $impressions, 0, 5);
$class = $i % 2 == 0 ? 'even' : 'odd';
echo "<tbody><tr class='{$class}'>" . "<td>{$bid}</td>" . "<td>{$impressions}</td>" . "<td>{$clicks}</td>" . "<td>{$percent}%</td>" . "<td>" . formatTimestamp($datestart) . "</td>" . "<td>" . formatTimestamp($dateend) . "</td></tr></tbody>";
}
echo "</table></div>";
}
include 'footer.php';
} else {
redirect_header('banners.php', 2);
}
}
foreach ($mids as $mid) {
if (icms::handler('icms_member_groupperm')->checkRight('module_read', $mid, $groups)) {
$module = $module_handler->get($mid);
$results = $module->search('', '', 5, 0, $thisUser->getVar('uid'));
$count = count($results);
if (is_array($results) && $count > 0) {
for ($i = 0; $i < $count; $i++) {
if (isset($results[$i]['image']) && $results[$i]['image'] != '') {
$results[$i]['image'] = 'modules/' . $module->getVar('dirname') . '/' . $results[$i]['image'];
} else {
$results[$i]['image'] = 'images/icons/posticon2.gif';
}
if (!preg_match("/^http[s]*:\\/\\//i", $results[$i]['link'])) {
$results[$i]['link'] = ICMS_URL . "/modules/" . $module->getVar('dirname') . "/" . $results[$i]['link'];
}
$results[$i]['title'] = icms_core_DataFilter::checkVar($results[$i]['title'], 'text', 'output');
$results[$i]['time'] = $results[$i]['time'] ? formatTimestamp($results[$i]['time'], 'm') : '';
}
if ($count == 5) {
$showall_link = '<a href="' . ICMS_URL . '/search.php?action=showallbyuser&mid=' . $mid . '&uid=' . $thisUser->getVar('uid') . '">' . _US_SHOWALL . '</a>';
} else {
$showall_link = '';
}
$icmsTpl->append('modules', array('name' => $module->getVar('name'), 'results' => $results, 'showall_link' => $showall_link));
}
unset($module);
}
}
}
// getting social content
// pictures
case "preview":
$doimage = 1;
$com_title = icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($_POST['com_title']));
if ($dohtml != 0) {
if (is_object(icms::$user)) {
if (!icms::$user->isAdmin($com_modid)) {
$sysperm_handler = icms::handler('icms_member_groupperm');
if (!$sysperm_handler->checkRight('system_admin', XOOPS_SYSTEM_COMMENT, icms::$user->getGroups())) {
$dohtml = 0;
}
}
} else {
$dohtml = 0;
}
}
$p_comment =& icms_core_DataFilter::checkVar($_POST['com_text'], 'html', 'input');
$noname = isset($noname) ? (int) $noname : 0;
$com_text = icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($_POST['com_text']));
if ($icmsModule->getVar('dirname') != 'system') {
include ICMS_ROOT_PATH . '/header.php';
themecenterposts($com_title, $p_comment);
include ICMS_INCLUDE_PATH . '/comment_form.php';
include ICMS_ROOT_PATH . '/footer.php';
} else {
icms_cp_header();
themecenterposts($com_title, $p_comment);
include ICMS_INCLUDE_PATH . '/comment_form.php';
icms_cp_footer();
}
break;
case "post":
/**
* Render the whole About page of a module
*
*/
public function render()
{
global $icmsModule, $icmsConfig;
icms_cp_header();
$module_handler = icms::handler('icms_module');
$versioninfo =& $module_handler->get($icmsModule->getVar('mid'));
$icmsModule->displayAdminMenu(-1, $this->_aboutTitle . " " . $versioninfo->getInfo('name'));
$this->_tpl = new icms_view_Tpl();
$this->_tpl->assign('module_url', ICMS_URL . "/modules/" . $icmsModule->getVar('dirname') . "/");
$this->_tpl->assign('module_image', $versioninfo->getInfo('image'));
$this->_tpl->assign('module_name', $versioninfo->getInfo('name'));
$this->_tpl->assign('module_version', $versioninfo->getInfo('version'));
$this->_tpl->assign('module_status_version', $versioninfo->getInfo('status_version'));
// Left headings...
if ($versioninfo->getInfo('author_realname') != '') {
$author_name = $versioninfo->getInfo('author') . " (" . $versioninfo->getInfo('author_realname') . ")";
} else {
$author_name = $versioninfo->getInfo('author');
}
$this->_tpl->assign('module_author_name', $author_name);
$this->_tpl->assign('module_license', $versioninfo->getInfo('license'));
$this->_tpl->assign('module_credits', $versioninfo->getInfo('credits'));
// Developers Information
$this->_tpl->assign('module_developer_lead', $versioninfo->getInfo('developer_lead'));
$this->_tpl->assign('module_developer_contributor', $versioninfo->getInfo('developer_contributor'));
$this->_tpl->assign('module_developer_website_url', $versioninfo->getInfo('developer_website_url'));
$this->_tpl->assign('module_developer_website_name', $versioninfo->getInfo('developer_website_name'));
$this->_tpl->assign('module_developer_email', $versioninfo->getInfo('developer_email'));
$people = $versioninfo->getInfo('people');
if ($people) {
$this->_tpl->assign('module_people_developers', isset($people['developers']) ? array_map(array($this, 'sanitize'), $people['developers']) : false);
$this->_tpl->assign('module_people_testers', isset($people['testers']) ? array_map(array($this, 'sanitize'), $people['testers']) : false);
$this->_tpl->assign('module_people_translators', isset($people['translators']) ? array_map(array($this, 'sanitize'), $people['translators']) : false);
$this->_tpl->assign('module_people_documenters', isset($people['documenters']) ? array_map(array($this, 'sanitize'), $people['documenters']) : false);
$this->_tpl->assign('module_people_other', isset($people['other']) ? array_map(array($this, 'sanitize'), $people['other']) : false);
}
//$this->_tpl->assign('module_developers', $versioninfo->getInfo('developer_email'));
// Module Development information
$this->_tpl->assign('module_date', $versioninfo->getInfo('date'));
$this->_tpl->assign('module_status', $versioninfo->getInfo('status'));
$this->_tpl->assign('module_demo_site_url', $versioninfo->getInfo('demo_site_url'));
$this->_tpl->assign('module_demo_site_name', $versioninfo->getInfo('demo_site_name'));
$this->_tpl->assign('module_support_site_url', $versioninfo->getInfo('support_site_url'));
$this->_tpl->assign('module_support_site_name', $versioninfo->getInfo('support_site_name'));
$this->_tpl->assign('module_submit_bug', $versioninfo->getInfo('submit_bug'));
$this->_tpl->assign('module_submit_feature', $versioninfo->getInfo('submit_feature'));
// Manual
$manual = $versioninfo->getInfo('manual');
if ($manual) {
$this->_tpl->assign('module_manual', isset($manual['wiki']) ? array_map(array($this, 'sanitize'), $manual['wiki']) : false);
}
// Warning
$this->_tpl->assign('module_warning', icms_core_DataFilter::checkVar($versioninfo->getInfo('warning'), 'html', 'input'));
// Author's note
$this->_tpl->assign('module_author_word', $versioninfo->getInfo('author_word'));
// For changelog thanks to 3Dev
//global $icmsModule;
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/changelog.txt';
if (is_file($filename)) {
$filesize = filesize($filename);
$handle = fopen($filename, 'r');
$this->_tpl->assign('module_version_history', icms_core_DataFilter::checkVar(fread($handle, $filesize), 'text', 'output'));
fclose($handle);
}
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/docs/changelog.txt';
if (is_file($filename)) {
$filesize = filesize($filename);
$handle = fopen($filename, 'r');
$this->_tpl->assign('module_version_history', icms_core_DataFilter::checkVar(fread($handle, $filesize), 'text', 'output'));
fclose($handle);
}
// For license thanks to 3Dev
if (file_exists(ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/docs/license.txt')) {
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/docs/license.txt';
} elseif (file_exists(ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/docs/' . $icmsConfig['language'] . '_license.txt')) {
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/docs/' . $icmsConfig['language'] . '_license.txt';
} elseif (file_exists(ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/license.txt')) {
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/license.txt';
} elseif (file_exists(ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/license/' . $icmsConfig['language'] . '_license.txt')) {
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/license/' . $icmsConfig['language'] . '_license.txt';
} elseif (file_exists(ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/license.txt')) {
$filename = ICMS_ROOT_PATH . '/modules/' . $icmsModule->getVar('dirname') . '/license.txt';
}
if (is_file($filename)) {
$filesize = filesize($filename);
$handle = fopen($filename, 'r');
$this->_tpl->assign('module_license_txt', icms_core_DataFilter::checkVar(fread($handle, $filesize), 'text', 'output'));
fclose($handle);
}
$this->_tpl->display(ICMS_ROOT_PATH . '/modules/system/templates/admin/system_adm_moduleabout.html');
icms_cp_footer();
}
echo "<img src='uploads/".$poster->getVar("user_avatar")."' alt='' /><br />\n";
}
if ($poster->getVar("user_from") != "") {
echo _PM_FROMC."".$poster->getVar("user_from")."<br /><br />\n";
}
if ($poster->isOnline()) {
echo "<span style='color:#ee0000;font-weight:bold;'>"._PM_ONLINE."</span><br /><br />\n";
}
} else {
echo $icmsConfig['anonymous']; // we need to do this for deleted users
}
echo "</td><td><img src='images/subject/".$pm_arr[0]->getVar("msg_image", "E")."' alt='' />
"._PM_SENTC."".formatTimestamp($pm_arr[0]->getVar("msg_time"));
echo "<hr /><b>".$pm_arr[0]->getVar("subject")."</b><br /><br />\n";
$var = $pm_arr[0]->getVar('msg_text', 'N');
echo icms_core_DataFilter::checkVar($var, 'html', 'output') . "<br /><br /></td></tr>
<tr class='foot'><td width='20%' colspan='2' align='"._GLOBAL_LEFT."'>";
// we dont want to reply to a deleted user!
if ($poster != false) {
echo "<a href='#' onclick='javascript:openWithSelfMain(\"".ICMS_URL."/pmlite.php?reply=1&msg_id="
. $pm_arr[0]->getVar("msg_id")."\",\"pmlite\",800,680);'>
<img src='".ICMS_URL."/images/icons/".$GLOBALS["icmsConfig"]["language"]."/reply.gif' alt='"._PM_REPLY."' /></a>\n";
}
echo "<input type='hidden' name='delete' value='1' />";
echo icms::$security->getTokenHTML();
echo "<input type='hidden' name='msg_id' value='".$pm_arr[0]->getVar("msg_id")."' />";
echo "<a href='#".$pm_arr[0]->getVar("msg_id")."' onclick='javascript:document.delete"
.$pm_arr[0]->getVar("msg_id").".submit();'>
<img src='".ICMS_URL."/images/icons/".$GLOBALS["icmsConfig"]["language"]."/delete.gif' alt='"._PM_DELETE."' /></a>";
echo "</td></tr><tr><td colspan='2' align='"._GLOBAL_RIGHT."'>";
$previous = $start - 1;
include_once ICMS_ROOT_PATH . '/include/notification_constants.php';
$notify_method_select = new icms_form_elements_Select(_NOT_NOTIFYMETHOD, 'notify_method', icms::$user->getVar('notify_method'));
$notify_method_select->addOptionArray(array(XOOPS_NOTIFICATION_METHOD_DISABLE => _NOT_METHOD_DISABLE, XOOPS_NOTIFICATION_METHOD_PM => _NOT_METHOD_PM, XOOPS_NOTIFICATION_METHOD_EMAIL => _NOT_METHOD_EMAIL));
$notify_mode_select = new icms_form_elements_Select(_NOT_NOTIFYMODE, 'notify_mode', icms::$user->getVar('notify_mode'));
$notify_mode_select->addOptionArray(array(XOOPS_NOTIFICATION_MODE_SENDALWAYS => _NOT_MODE_SENDALWAYS, XOOPS_NOTIFICATION_MODE_SENDONCETHENDELETE => _NOT_MODE_SENDONCE, XOOPS_NOTIFICATION_MODE_SENDONCETHENWAIT => _NOT_MODE_SENDONCEPERLOGIN));
$bio_tarea = new icms_form_elements_Textarea(_US_EXTRAINFO, 'bio', icms::$user->getVar('bio', 'E'));
$cookie_radio_value = empty($_COOKIE[$icmsConfig['usercookie']]) ? 0 : 1;
$cookie_radio = new icms_form_elements_Radioyn(_US_USECOOKIE, 'usecookie', $cookie_radio_value, _YES, _NO);
$pwd_text = new icms_form_elements_Password('', 'password', 10, 255, "", FALSE, $icmsConfigUser['pass_level'] ? 'password_adv' : '');
$pwd_text2 = new icms_form_elements_Password('', 'vpass', 10, 255);
$pwd_tray = new icms_form_elements_Tray(_US_PASSWORD . '<br />' . _US_TYPEPASSTWICE);
$pwd_tray->addElement($pwd_text);
$pwd_tray->addElement($pwd_text2);
$pwd_text_old = new icms_form_elements_Password(_US_OLD_PASSWORD, 'old_password', 10, 255);
$mailok_radio = new icms_form_elements_Radioyn(_US_MAILOK, 'user_mailok', (int) icms::$user->getVar('user_mailok'));
$salt_hidden = new icms_form_elements_Hidden('salt', icms_core_DataFilter::checkVar(icms::$user->getVar('salt'), 'str'));
$uid_hidden = new icms_form_elements_Hidden('uid', (int) icms::$user->getVar('uid'));
$op_hidden = new icms_form_elements_Hidden('op', 'saveuser');
$submit_button = new icms_form_elements_Button('', 'submit', _US_SAVECHANGES, 'submit');
$form->addElement($timezone_select);
$form->addElement($icq_text);
$form->addElement($aim_text);
$form->addElement($yim_text);
$form->addElement($msnm_text);
$form->addElement($location_text);
$form->addElement($occupation_text);
$form->addElement($interest_text);
$form->addElement($sig_tray);
if (count($icmsConfig['theme_set_allowed']) > 1) {
$form->addElement($selected_theme);
}
public function getContent($format = 'S', $c_type = 'T')
{
switch ($format) {
case 'S':
if ($c_type == 'H') {
$content = $this->getVar('content', 'n');
$content = str_replace('{X_SITEURL}', ICMS_URL . '/', $content);
$content = str_replace(XOOPS_DB_SALT, '', $content);
return $content;
} elseif ($c_type == 'P') {
ob_start();
echo eval(icms_core_DataFilter::undoHtmlSpecialChars($this->getVar('content', 'e')));
$content = ob_get_contents();
ob_end_clean();
$content = str_replace('{X_SITEURL}', ICMS_URL . '/', $content);
$content = str_replace(XOOPS_DB_SALT, '', $content);
return $content;
} elseif ($c_type == 'S') {
$myts =& icms_core_Textsanitizer::getInstance();
$content = str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
return $myts->displayTarea($content, 1, 1);
} else {
$content = str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
return icms_core_DataFilter::checkVar($content, 'text', 'output');
}
break;
case 'E':
return $this->getVar('content', 'e');
break;
default:
return $this->getVar('content', 'n');
break;
}
}
/**
* Read a session from the database
* @param string &sess_id ID of the session
* @return array Session data
*/
private function readSession($sess_id)
{
$sql = sprintf('SELECT sess_data, sess_ip FROM %s WHERE sess_id = %s', icms::$xoopsDB->prefix('session'), icms::$xoopsDB->quoteString($sess_id));
if (false != ($result = icms::$xoopsDB->query($sql))) {
if (list($sess_data, $sess_ip) = icms::$xoopsDB->fetchRow($result)) {
if ($this->ipv6securityLevel > 1 && icms_core_DataFilter::checkVar($sess_ip, 'ip', 'ipv6')) {
/**
* also cover IPv6 localhost string
*/
if ($_SERVER['REMOTE_ADDR'] == "::1") {
$pos = 3;
} else {
$pos = strpos($sess_ip, ":", $this->ipv6securityLevel - 1);
}
if (strncmp($sess_ip, $_SERVER['REMOTE_ADDR'], $pos)) {
$sess_data = '';
}
} elseif ($this->securityLevel > 1 && icms_core_DataFilter::checkVar($sess_ip, 'ip', 'ipv4')) {
$pos = strpos($sess_ip, ".", $this->securityLevel - 1);
if (strncmp($sess_ip, $_SERVER['REMOTE_ADDR'], $pos)) {
$sess_data = '';
}
}
return $sess_data;
}
}
return '';
}
/**
* Retrieve a list of objects as arrays - DON'T USE WITH JOINT KEYS
*
* @param object $criteria {@link icms_db_criteria_Element} conditions to be met
* @param int $limit Max number of objects to fetch
* @param int $start Which record to start at
*
* @return array
*/
public function getList($criteria = null, $limit = 0, $start = 0, $debug = false)
{
$ret = array();
if ($criteria == null) {
$criteria = new icms_db_criteria_Compo();
}
if ($criteria->getSort() == '') {
$criteria->setSort($this->getIdentifierName());
}
$sql = 'SELECT ' . (is_array($this->keyName) ? implode(', ', $this->keyName) : $this->keyName);
if (!empty($this->identifierName)) {
$sql .= ', ' . $this->getIdentifierName();
}
$sql .= ' FROM ' . $this->table . " AS " . $this->_itemname;
if (isset($criteria) && is_subclass_of($criteria, 'icms_db_criteria_Element')) {
$sql .= ' ' . $criteria->renderWhere();
if ($criteria->getSort() != '') {
$sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
}
$limit = $criteria->getLimit();
$start = $criteria->getStart();
}
if ($debug) {
icms_core_Debug::message($sql);
}
$result = $this->db->query($sql, $limit, $start);
if (!$result) {
return $ret;
}
while ($myrow = $this->db->fetchArray($result)) {
//identifiers should be textboxes, so sanitize them like that
$ret[$myrow[$this->keyName]] = empty($this->identifierName) ? 1 : icms_core_DataFilter::checkVar($myrow[$this->identifierName], 'text', 'output');
}
return $ret;
}
/**
* Updates the member profile, saving the changes to the database
*
* @param $uid
* @param $uname
* @param $login_name
* @param $name
* @param $url
* @param $email
* @param $user_icq
* @param $user_aim
* @param $user_yim
* @param $user_msnm
* @param $user_from
* @param $user_occ
* @param $user_intrest
* @param $user_viewemail
* @param $user_avatar
* @param $user_sig
* @param $attachsig
* @param $theme
* @param $pass
* @param $pass2
* @param $rank
* @param $bio
* @param $uorder
* @param $umode
* @param $notify_method
* @param $notify_mode
* @param $timezone_offset
* @param $user_mailok
* @param $language
* @param $openid
* @param $user_viewoid
* @param $pass_expired
* @param $groups
*/
function updateUser($uid, $uname, $login_name, $name, $url, $email, $user_icq, $user_aim, $user_yim,
$user_msnm, $user_from, $user_occ, $user_intrest, $user_viewemail, $user_avatar,
$user_sig, $attachsig, $theme, $pass, $pass2, $rank, $bio, $uorder, $umode, $notify_method,
$notify_mode, $timezone_offset, $user_mailok, $language, $openid, $user_viewoid,
$pass_expired, $groups = array()
) {
global $icmsConfig, $icmsModule, $icmsConfigUser;
$member_handler = icms::handler('icms_member');
$edituser =& $member_handler->getUser($uid);
if ($edituser->getVar('uname') != $uname && $member_handler->getUserCount(new icms_db_criteria_Item('uname', $uname)) > 0 || $edituser->getVar('login_name') != $login_name && $member_handler->getUserCount(new icms_db_criteria_Item('login_name', $login_name)) > 0) {
icms_cp_header();
echo '<div class="CPbigTitle" style="background-image: url(' . ICMS_MODULES_URL . '/system/admin/users/images/users_big.png)">' . _MD_AM_USER . '</div><br />';
echo _AM_UNAME . ' ' . $uname . ' ' . _AM_ALREADY_EXISTS;
icms_cp_footer();
} else {
$edituser->setVar('name', $name);
$edituser->setVar('uname', $uname);
$edituser->setVar('login_name', $login_name);
$edituser->setVar('email', $email);
$edituser->setVar('openid', $openid);
$user_viewoid = (isset($user_viewoid) && $user_viewoid == 1) ? 1 : 0;
$edituser->setVar('user_viewoid', $user_viewoid);
$url = isset($url) ? formatURL($url) : '';
$edituser->setVar('url', $url);
$edituser->setVar('user_icq', $user_icq);
$edituser->setVar('user_from', $user_from);
if ($icmsConfigUser['allow_htsig'] == 0) {
$signature = strip_tags(icms_core_DataFilter::codeDecode($user_sig, 1));
$edituser->setVar('user_sig', icms_core_DataFilter::icms_substr($signature, 0, (int) $icmsConfigUser['sig_max_length']));
} else {
$signature = icms_core_DataFilter::checkVar($user_sig, 'html', 'input');
$edituser->setVar('user_sig', $signature);
}
$user_viewemail = (isset($user_viewemail) && $user_viewemail == 1) ? 1 : 0;
$edituser->setVar('user_viewemail', $user_viewemail);
$edituser->setVar('user_aim', $user_aim);
$edituser->setVar('user_yim', $user_yim);
$edituser->setVar('user_msnm', $user_msnm);
$attachsig = (isset($attachsig) && $attachsig == 1) ? 1 : 0;
$edituser->setVar('attachsig', $attachsig);
$edituser->setVar('timezone_offset', $timezone_offset);
$edituser->setVar('uorder', $uorder);
$edituser->setVar('umode', $umode);
$edituser->setVar('notify_method', $notify_method);
$edituser->setVar('notify_mode', $notify_mode);
$edituser->setVar('bio', $bio);
$edituser->setVar('rank', $rank);
$edituser->setVar('user_occ', $user_occ);
$edituser->setVar('user_intrest', $user_intrest);
$edituser->setVar('user_mailok', $user_mailok);
$edituser->setVar('language', $language);
if ($pass2 != '') {
if ($pass != $pass2) {
icms_cp_header();
echo "<strong>" . _AM_STNPDNM . "</strong>";
icms_cp_footer();
exit();
}
$icmspass = new icms_core_Password();
$edituser->setVar('pass_expired', $pass_expired);
$pass = $icmspass->encryptPass($pass);
$edituser->setVar('pass', $pass);
}
if (!$member_handler->insertUser($edituser)) {
icms_cp_header();
echo $edituser->getHtmlErrors();
icms_cp_footer();
} else {
if ($groups != array()) {
$oldgroups = $edituser->getGroups();
//If the edited user is the current user and the current user WAS in the webmaster's group and is NOT in the new groups array
if ($edituser->getVar('uid') == icms::$user->getVar('uid') && (in_array(XOOPS_GROUP_ADMIN, $oldgroups)) && !(in_array(XOOPS_GROUP_ADMIN, $groups))) {
//Add the webmaster's group to the groups array to prevent accidentally removing oneself from the webmaster's group
$groups[] = XOOPS_GROUP_ADMIN;
}
$member_handler = icms::handler('icms_member');
foreach ($oldgroups as $groupid) {
$member_handler->removeUsersFromGroup($groupid, array($edituser->getVar('uid')));
}
foreach (
$groups as $groupid) {$member_handler->addUserToGroup($groupid, $edituser->getVar('uid'));
}
}
redirect_header('admin.php?fct=users', 1, _AM_DBUPDATED);
}
}
exit();
}
<?php
/**
* Privacy policy display page
*
* This page displays the privacy policy of the site
*
* @copyright The ImpressCMS Project http://www.impresscms.org/
* @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU General Public License (GPL)
* @package core
* @since 1.0
* @author m0nty_
* @version $Id: privpolicy.php 11072 2011-03-14 15:52:14Z m0nty_ $
*/
$xoopsOption['pagetype'] = 'privpolicy';
include 'mainfile.php';
if ($icmsConfigUser['priv_dpolicy'] == false) {
redirect_header('index.php', 2, _US_NOPERMISS);
}
$xoopsOption['template_main'] = 'system_privpolicy.html';
include ICMS_ROOT_PATH.'/header.php';
$xoopsTpl->assign('priv_poltype', 'page');
$priv = str_replace('{X_SITEURL}', ICMS_URL.'/', $icmsConfigUser['priv_policy']);
$priv = str_replace('{X_SITENAME}', $icmsConfig['sitename'], $priv);
$priv = icms_core_DataFilter::checkVar($priv, 'html', 'output');
$xoopsTpl->assign('priv_policy', $priv);
$xoopsTpl->assign('lang_privacy_policy', _PRV_PRIVACY_POLICY);
include ICMS_ROOT_PATH.'/footer.php';
if ($icmsConfigUser['allow_chgmail'] == 1) {
$edituser->setVar('email', $email, TRUE);
}
if ($icmsConfigUser['allow_chguname'] == 1) {
$edituser->setVar('uname', $uname, TRUE);
}
$edituser->setVar('url', formatURL($url));
$edituser->setVar('user_icq', $user_icq);
$edituser->setVar('user_from', $user_from);
$edituser->setVar('openid', isset($openid) ? trim($openid) : '');
if ($icmsConfigUser['allwshow_sig'] == 1) {
if ($icmsConfigUser['allow_htsig'] == 0) {
$signature = strip_tags(icms_core_DataFilter::checkVar($user_sig, 'text', 'input'));
$edituser->setVar('user_sig', icms_core_DataFilter::icms_substr($signature, 0, (int) $icmsConfigUser['sig_max_length']));
} else {
$signature = icms_core_DataFilter::checkVar($user_sig, 'html', 'input');
$edituser->setVar('user_sig', $signature);
}
}
$user_viewemail = !empty($user_viewemail) ? 1 : 0;
$edituser->setVar('user_viewemail', $user_viewemail);
$user_viewoid = !empty($user_viewoid) ? 1 : 0;
$edituser->setVar('user_viewoid', $user_viewoid);
$edituser->setVar('user_aim', $user_aim);
$edituser->setVar('user_yim', $user_yim);
$edituser->setVar('user_msnm', $user_msnm);
if ($password != '') {
$icmspass = new icms_core_Password();
$pass = $icmspass->encryptPass($password);
$edituser->setVar('pass', $pass, TRUE);
}
/**
* Checks if email is of correct formatting
*
* @param string $email The email address
* @param string $antispam Generate an email address that is protected from spammers
* @return string $email The generated email address
* @todo Move to a static class method - text validation/formatting
* new filter can use icms_core_DataFilter::checkVar($email, 'email', $antispam, $blacklist)
*/
function checkEmail($email, $antispam = 0, $blacklist = 0)
{
icms_core_Debug::setDeprecated('icms_core_DataFilter->checkVar - type = email, $options1 = true/false ($antispam),
$options2 = true/false ($blacklist)', sprintf(_CORE_REMOVE_IN_VERSION, '1.4'));
return icms_core_DataFilter::checkVar($email, 'email', $antispam, $blacklist);
}
? $thisUser->getVar('email', 'E')
: ' ',
'user_openid' => ($icmsConfigAuth['auth_openid'] == TRUE
&& ($thisUser->getVar('user_viewoid') == TRUE
|| (is_object(icms::$user)
&& (icms::$user->isAdmin()
|| (icms::$user->getVar('uid') == $thisUser->getVar('uid'))))))
? $thisUser->getVar('openid', 'E')
: ' '
));
if ($icmsConfigUser['allwshow_sig'] == TRUE && strlen(trim($thisUser->getVar('user_sig', 'N'))) > 0) {
icms_makeSmarty(array(
'user_showsignature' => TRUE,
'lang_signature' => _US_SIGNATURE,
'user_signature' => icms_core_DataFilter::checkVar($thisUser->getVar('user_sig', 'N'), 'html', 'output')
));
}
$module_handler = icms::handler('icms_module');
$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('hassearch', 1));
$criteria->add(new icms_db_criteria_Item('isactive', 1));
$mids = array_keys($module_handler->getList($criteria));
foreach ($mids as $mid) {
if ($gperm_handler->checkRight('module_read', $mid, $groups)) {
$module = $module_handler->get($mid);
$results = $module->search('', '', 5, 0, (int) $thisUser->getVar('uid'));
$count = count($results);
if (is_array($results) && $count > 0) {
for ($i = 0; $i < $count; $i++) {
