} if (count($error) > 0) { icms_core_Message::error($error); echo "<p><a href='admin.php?fct=modulesadmin'>" . _MD_AM_BTOMADMIN . "</a></p>"; icms_cp_footer(); exit; } echo "<h4 style='text-align:" . _GLOBAL_LEFT . ";'>" . _MD_AM_PCMFM . "</h4>" . "<form action='admin.php' method='post'>" . "<input type='hidden' name='fct' value='modulesadmin' />" . "<input type='hidden' name='op' value='submit' />" . "<table width='100%' border='0' cellspacing='1' class='outer'>" . "<tr align='center'><th>" . _MD_AM_MODULE . "</th><th>" . _MD_AM_ACTION . "</th><th>" . _MD_AM_ORDER . "</th></tr>"; $mcount = 0; foreach ($module as $mid) { if ($mcount % 2 != 0) { $class = 'odd'; } else { $class = 'even'; } echo '<tr class="' . $class . '"><td align="center">' . icms_core_DataFilter::stripSlashesGPC($oldname[$mid]); $newname[$mid] = trim(icms_core_DataFilter::stripslashesGPC($newname[$mid])); if ($newname[$mid] != $oldname[$mid]) { echo ' »» <span style="color:#ff0000;font-weight:bold;">' . $newname[$mid] . '</span>'; } echo '</td><td align="center">'; if (isset($newstatus[$mid]) && $newstatus[$mid] == 1) { if ($oldstatus[$mid] == 0) { echo "<span style='color:#ff0000;font-weight:bold;'>" . _MD_AM_ACTIVATE . "</span>"; } else { echo _MD_AM_NOCHANGE; } } else { $newstatus[$mid] = 0; if ($oldstatus[$mid] == 1) { echo "<span style='color:#ff0000;font-weight:bold;'>" . _MD_AM_DEACTIVATE . "</span>";
} } $added_count = count($added); icms_cp_header(); echo '<div class="CPbigTitle" style="background-image: url('. ICMS_MODULES_URL . '/system/admin/mailusers/images/mailusers_big.png)">' . _MD_AM_MLUS . '</div><br />'; if ($added_count > 0) { $xoopsMailer = new icms_messaging_Handler(); for ($i = 0; $i < $added_count; $i++) { $xoopsMailer->setToUsers($added[$i]); } $xoopsMailer->setFromName(icms_core_DataFilter::stripSlashesGPC($_POST['mail_fromname'])); $xoopsMailer->setFromEmail(icms_core_DataFilter::stripSlashesGPC($_POST['mail_fromemail'])); $xoopsMailer->setSubject(icms_core_DataFilter::stripSlashesGPC($_POST['mail_subject'])); $xoopsMailer->setBody(icms_core_DataFilter::stripSlashesGPC($_POST['mail_body'])); if (in_array("mail", $_POST['mail_send_to'])) { $xoopsMailer->useMail(); } if (in_array("pm", $_POST['mail_send_to']) && empty($_POST['mail_inactive'])) { $xoopsMailer->usePM(); } $xoopsMailer->send(TRUE); echo $xoopsMailer->getSuccess(); echo $xoopsMailer->getErrors(); if ($count_criteria > $limit) { $form = new icms_form_Theme(_AM_SENDMTOUSERS, "mailusers", "admin.php?fct=mailusers", 'post', TRUE); if (!empty($_POST['mail_to_group'])) { foreach ($_POST['mail_to_group'] as $mailgroup) {
$cform->addElement(new icms_form_elements_Hidden('com_pid', (int) $com_pid)); $cform->addElement(new icms_form_elements_Hidden('com_rootid', (int) $com_rootid)); $cform->addElement(new icms_form_elements_Hidden('com_id', $com_id)); $cform->addElement(new icms_form_elements_Hidden('com_itemid', $com_itemid)); $cform->addElement(new icms_form_elements_Hidden('com_order', $com_order)); $cform->addElement(new icms_form_elements_Hidden('com_mode', $com_mode)); // add module specific extra params if ('system' != $icmsModule->getVar('dirname')) { $comment_config = $icmsModule->getInfo('comments'); if (isset($comment_config['extraParams']) && is_array($comment_config['extraParams'])) { foreach ($comment_config['extraParams'] as $extra_param) { // This routine is included from forms accessed via both GET and POST if (isset($_POST[$extra_param])) { $hidden_value = icms_core_DataFilter::stripSlashesGPC($_POST[$extra_param]); } elseif (isset($_GET[$extra_param])) { $hidden_value = icms_core_DataFilter::stripSlashesGPC($_GET[$extra_param]); } else { $hidden_value = ''; } $cform->addElement(new icms_form_elements_Hidden($extra_param, $hidden_value)); } } } // Captcha Hack if ($icmsConfig['use_captchaf'] == TRUE) { $cform->addElement(new icms_form_elements_Captcha()); } // Captcha Hack $button_tray->addElement(new icms_form_elements_Button('', 'com_dopreview', _PREVIEW, 'submit')); $button_tray->addElement(new icms_form_elements_Button('', 'com_dopost', _CM_POSTCOMMENT, 'submit')); $cform->addElement($button_tray);
/** * clean values of all variables of the object for storage. * also add slashes whereever needed * * We had to put this method in the icms_ipf_Object because the XOBJ_DTYPE_ARRAY does not work properly * at least on PHP 5.1. So we have created a new type XOBJ_DTYPE_SIMPLE_ARRAY to handle 1 level array * as a string separated by | * * @return bool true if successful * @access public */ public function cleanVars() { $existing_errors = $this->getErrors(); $this->_errors = array(); foreach ($this->vars as $k => $v) { $cleanv = $v['value']; if (!$v['changed'] || $this->_isNewConfig) { } else { $cleanv = is_string($cleanv) ? trim($cleanv) : $cleanv; switch ($v['data_type']) { case XOBJ_DTYPE_TXTBOX: if ($v['required'] && $cleanv != '0' && $cleanv == '') { $this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k)); continue; } if (isset($v['maxlength']) && strlen($cleanv) > (int) $v['maxlength']) { $this->setErrors(sprintf(_XOBJ_ERR_SHORTERTHAN, $k, (int) $v['maxlength'])); continue; } if (!$v['not_gpc']) { $cleanv = icms_core_DataFilter::stripSlashesGPC(icms_core_DataFilter::censorString($cleanv)); } else { $cleanv = icms_core_DataFilter::censorString($cleanv); } break; case XOBJ_DTYPE_TXTAREA: if ($v['required'] && $cleanv != '0' && $cleanv == '') { $this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k)); continue; } if (!$v['not_gpc']) { $cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv); $cleanv = icms_core_DataFilter::checkVar($cleanv, 'html', 'input'); } else { //$cleanv = icms_core_DataFilter::censorString($cleanv); $cleanv = icms_core_DataFilter::checkVar($cleanv, 'html', 'input'); } break; case XOBJ_DTYPE_SOURCE: if (!$v['not_gpc']) { $cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv); } else { $cleanv = $cleanv; } break; case XOBJ_DTYPE_INT: case XOBJ_DTYPE_TIME_ONLY: $cleanv = (int) $cleanv; break; case XOBJ_DTYPE_CURRENCY: $cleanv = icms_currency($cleanv); break; case XOBJ_DTYPE_FLOAT: $cleanv = icms_float($cleanv); break; case XOBJ_DTYPE_EMAIL: if ($v['required'] && $cleanv == '') { $this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k)); continue; } if ($cleanv != '' && !icms_core_DataFilter::checkVar($cleanv, 'email')) { $this->setErrors(_CORE_DB_INVALIDEMAIL); continue; } if (!$v['not_gpc']) { $cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv); } break; case XOBJ_DTYPE_URL: if ($v['required'] && $cleanv == '') { $this->setErrors(sprintf(_XOBJ_ERR_REQUIRED, $k)); continue; } if ($cleanv != '' && !preg_match("/^http[s]*:\\/\\//i", $cleanv)) { $cleanv = 'http://' . $cleanv; } if (!$v['not_gpc']) { $cleanv = icms_core_DataFilter::stripSlashesGPC($cleanv); } break; case XOBJ_DTYPE_SIMPLE_ARRAY: $cleanv = implode('|', $cleanv); break; case XOBJ_DTYPE_ARRAY: $cleanv = is_array($cleanv) ? serialize($cleanv) : $cleanv; break; case XOBJ_DTYPE_STIME: case XOBJ_DTYPE_MTIME: case XOBJ_DTYPE_LTIME: $cleanv = !is_string($cleanv) ? (int) $cleanv : strtotime($cleanv); if (!($cleanv > 0)) { $cleanv = strtotime($cleanv); } break; default: break; } } $this->cleanVars[$k] =& $cleanv; unset($cleanv); } if (count($this->_errors) > 0) { $this->_errors = array_merge($existing_errors, $this->_errors); return false; } $this->_errors = array_merge($existing_errors, $this->_errors); $this->unsetDirty(); return true; }
* @license LICENSE.txt * @package Member * @subpackage Users * @author marcan <*****@*****.**> * @author Sina Asghari (aka stranger) <*****@*****.**> * @version $Id: invite.php 21047 2011-03-14 15:52:14Z m0nty_ $ */ $xoopsOption['pagetype'] = 'user'; include 'mainfile.php'; // If not a user and invite needs one, redirect if ($icmsConfigUser['activation_type'] == 3 && $icmsConfigUser['allow_register'] == 0 && !is_object(icms::$user)) { redirect_header('index.php', 6, _US_INVITEBYMEMBER); exit; } $op = !isset($_POST['op']) ? 'invite' : $_POST['op']; $email = isset($_POST['email']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['email'])) : ''; switch ($op) { case 'finish': include 'header.php'; $stop = ''; if (!icms::$security->check()) { $stop .= implode('<br />', icms::$security->getErrors()) . "<br />"; } $icmsCaptcha = icms_form_elements_captcha_Object::instance(); if (!$icmsCaptcha->verify()) { $stop .= $icmsCaptcha->getMessage() . '<br />'; } if (!checkEmail($email)) { $stop .= _US_INVALIDMAIL . '<br />'; } if (empty($stop)) {
$salt = icms_core_Password::createSalt(); $pass = $icmspass->encryptPass($pass, $salt, $icmsConfigUser['enc_type']); $edituser->setVar('pass', $pass); $edituser->setVar('pass_expired', 0); $edituser->setVar('enc_type', $icmsConfigUser['enc_type']); $edituser->setVar('salt', $salt); } $edituser->setVar('level', (int) $_POST['level']); } } else { if ($icmsConfigUser['allow_chguname'] == 1) { $edituser->setVar('uname', $uname); } } if ($icmsConfigAuth['auth_openid'] == 1) { $edituser->setVar('openid', icms_core_DataFilter::stripSlashesGPC(trim($_POST['openid']))); $edituser->setVar('user_viewoid', isset($_POST['user_viewoid']) ? (int) $_POST['user_viewoid'] : 0); } // ALTERED BY FREEFORM SOLUTIONS TO SUPPORT USERS CHANGING THEIR OWN PASSWORDS FROM A SINGLE PROFILE PAGE // A REPEAT OF THE CODE BLOCK JUST ABOVE, TO HANDLE THE CASE WHERE THE USER IS UPDATING THEIR OWN PASSWORD if ($pass != '' and $edituser->getVar('uid') == icms::$user->getVar('uid')) { $icmspass = new icms_core_Password(); $salt = icms_core_Password::createSalt(); $pass = $icmspass->encryptPass($pass, $salt, $icmsConfigUser['enc_type']); $edituser->setVar('pass', $pass); $edituser->setVar('pass_expired', 0); $edituser->setVar('enc_type', $icmsConfigUser['enc_type']); $edituser->setVar('salt', $salt); } // Dynamic fields $profile_handler = icms_getmodulehandler('profile', basename(dirname(__FILE__)), 'profile');
} } else { $err = implode('<br />', $uploader->getErrors(FALSE)); echo $err; } echo '</code><br /><a href="admin.php?fct=tplsets">' . _MD_AM_BTOTADMIN . '</a>'; icms_cp_footer(); break; case 'previewtpl': if (!icms::$security->check()) { redirect_header('admin.php?fct=tplsets', 3, implode('<br />', icms::$security->getErrors())); } $html = icms_core_DataFilter::stripSlashesGPC($html); $tpltpl_handler =& icms::handler('icms_view_template_file'); $tplfile =& $tpltpl_handler->get($id, TRUE); $xoopsTpl = new icms_view_Tpl(); if (is_object($tplfile)) { $dummylayout = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . '<html><head><meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" /><meta http-equiv="content-language" content="' . _LANGCODE . '" /><title>' . $icmsConfig['sitename'] . '</title>' . '<link rel="stylesheet" type="text/css" media="screen" href="' . ICMS_URL . '/icms' . (( defined('_ADM_USE_RTL') && _ADM_USE_RTL ) ? '_rtl' :'') . '.css" /><link rel="stylesheet" type="text/css" media="screen" href="' . xoops_getcss($icmsConfig['theme_set']) . '" />';
/** * Generates a list of keywords from the provided text * @param steing $text Text to parse * @param int $minChar Minimum word length for the keywords * @return array An array of keywords */ public function findMetaKeywords($text, $minChar) { $keywords = array(); $text = $this->purifyText($text); $text = $this->html2text($text); $text = preg_replace("/([^\r\n])\r\n([^\r\n])/", "\\1 \\2", $text); $text = preg_replace("/[\r\n]*\r\n[\r\n]*/", "\r\n\r\n", $text); $text = preg_replace("/[ ]* [ ]*/", ' ', $text); $text = icms_core_DataFilter::stripSlashesGPC($text); $originalKeywords = preg_split('/[^a-zA-Z\'"-]+/', $text, -1, PREG_SPLIT_NO_EMPTY); foreach ($originalKeywords as $originalKeyword) { $secondRoundKeywords = explode("'", $originalKeyword); foreach ($secondRoundKeywords as $secondRoundKeyword) { if (strlen($secondRoundKeyword) >= $minChar) { if (!in_array($secondRoundKeyword, $keywords)) { $keywords[] = trim($secondRoundKeyword); } } } } return $keywords; }
$password = $oldpass = ''; if (!empty($_POST['password'])) { $password = icms_core_DataFilter::stripSlashesGPC(trim($_POST['password'])); $oldpass = !empty($_POST['old_password']) ? icms_core_DataFilter::stripSlashesGPC(trim($_POST['old_password'])) : ''; } if ($password !== '' && $_POST['change_pass'] == 1) { $member_handler = icms::handler('icms_member'); if (!$member_handler->loginUser(addslashes($uname), addslashes($oldpass))) { $errors[] = _US_BADPWD; } if (strlen($password) < $icmsConfigUser['minpass']) { $errors[] = sprintf(_US_PWDTOOSHORT, $icmsConfigUser['minpass']); } $vpass = ''; if (!empty($_POST['vpass'])) { $vpass = icms_core_DataFilter::stripSlashesGPC(trim($_POST['vpass'])); } if ($password != $vpass) { $errors[] = _US_PASSNOTSAME; } if ($password == $username || $password == icms_core_DataFilter::utf8_strrev($username, TRUE) || strripos($password, $username) === TRUE) { $errors[] = _US_BADPWD; } } if (count($errors) > 0) { /** Include the header that starts page rendering */ include ICMS_ROOT_PATH . '/header.php'; echo '<div>'; foreach ($errors as $er) { echo '<span style="color: #ff0000; font-weight: bold;">' . $er . '</span><br />'; }
echo '<form action="' . ICMS_URL . '/misc.php" method="post" onsubmit="return checkForm();"><table width="100%" class="outer" cellspacing="1"><tr><th colspan="2">' . _MSC_RECOMMENDSITE . '</th></tr>'; echo "<tr><td class='head'>\r\n\t\t\t\t\t\t\t\t<input type='hidden' name='op' value='sendsite' />\r\n\t\t\t\t\t\t\t\t<input type='hidden' name='action' value='showpopups' />\r\n\t\t\t\t\t\t\t\t<input type='hidden' name='type' value='friend' />\n"; echo _MSC_YOURNAMEC . "</td>\r\n\t\t\t\t\t\t<td class='even'><input type='text' name='yname' value='{$yname}' id='yname' /></td></tr>\r\n\t\t\t\t\t\t<tr><td class='head'>" . _MSC_YOUREMAILC . "</td><td class='odd'>\r\n\t\t\t\t\t\t<input type='text' name='ymail' value='" . $ymail . "' id='ymail' /></td></tr>\r\n\t\t\t\t\t\t<tr><td class='head'>" . _MSC_FRIENDNAMEC . "</td>\r\n\t\t\t\t\t\t<td class='even'><input type='text' name='fname' value='{$fname}' id='fname' /></td></tr>\r\n\t\t\t\t\t\t<tr><td class='head'>" . _MSC_FRIENDEMAILC . "</td>\r\n\t\t\t\t\t\t<td class='odd'><input type='text' name='fmail' value='{$fmail}' id='fmail' /></td></tr>\r\n\t\t\t\t\t\t<tr><td class='head'> </td><td class='even'>\r\n\t\t\t\t\t\t<input type='submit' value='" . _SEND . "' /> \r\n\t\t\t\t\t\t<input value='" . _CLOSE . "' type='button' onclick='javascript:window.close();' />" . icms::$security->getTokenHTML() . "</td></tr>\r\n\t\t\t\t\t\t</table></form>\n"; $closebutton = 0; } elseif ($_POST['op'] == 'sendsite') { if (icms::$user) { $ymail = icms::$user->getVar('email'); } else { $ymail = isset($_POST['ymail']) ? icms_core_DataFilter::stripSlashesGPC(trim($_POST['ymail'])) : ''; } if (!isset($_POST['yname']) || trim($_POST['yname']) == '' || $ymail == '' || !isset($_POST['fname']) || trim($_POST['fname']) == '' || !isset($_POST['fmail']) || trim($_POST['fmail']) == '') { redirect_header(ICMS_URL . '/misc.php?action=showpopups&type=friend&op=sendform', 2, _MSC_NEEDINFO); } $yname = icms_core_DataFilter::stripSlashesGPC(trim($_POST['yname'])); $fname = icms_core_DataFilter::stripSlashesGPC(trim($_POST['fname'])); $fmail = icms_core_DataFilter::stripSlashesGPC(trim($_POST['fmail'])); if (!checkEmail($fmail) || !checkEmail($ymail) || preg_match('/[\\0-\\31]/', $yname)) { $errormessage = _MSC_INVALIDEMAIL1 . '<br />' . _MSC_INVALIDEMAIL2 . ''; redirect_header(ICMS_URL . '/misc.php?action=showpopups&type=friend&op=sendform', 2, $errormessage); } $xoopsMailer = new icms_messaging_Handler(); $xoopsMailer->setTemplate('tellfriend.tpl'); $xoopsMailer->assign('SITENAME', $icmsConfig['sitename']); $xoopsMailer->assign('ADMINMAIL', $icmsConfig['adminmail']); $xoopsMailer->assign('SITEURL', ICMS_URL . '/'); $xoopsMailer->assign('YOUR_NAME', $yname); $xoopsMailer->assign('FRIEND_NAME', $fname); $xoopsMailer->setToEmails($fmail); $xoopsMailer->setFromEmail($ymail); $xoopsMailer->setFromName($yname); $xoopsMailer->setSubject(sprintf(_MSC_INTSITE, $icmsConfig['sitename']));
} if (is_object(icms::$user)) { redirect_header('index.php', 6, _US_ALREADY_LOGED_IN); } $op = !isset($_POST['op']) ? 'register' : filter_input(INPUT_POST, 'op'); $login_name = isset($_POST['login_name']) ? icms_core_DataFilter::stripSlashesGPC($_POST['login_name']) : ''; $uname = isset($_POST['uname']) ? icms_core_DataFilter::stripSlashesGPC($_POST['uname']) : ''; $email = isset($_POST['email']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['email'])) : ''; $url = isset($_POST['url']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['url'])) : ''; $pass = isset($_POST['pass']) ? icms_core_DataFilter::stripSlashesGPC($_POST['pass']) : ''; $vpass = isset($_POST['vpass']) ? icms_core_DataFilter::stripSlashesGPC($_POST['vpass']) : ''; $timezone_offset = isset($_POST['timezone_offset']) ? (float)($_POST['timezone_offset']) : $icmsConfig['default_TZ']; $user_viewemail = (isset($_POST['user_viewemail']) && (int) $_POST['user_viewemail']) ? 1 : 0; $user_mailok = (isset($_POST['user_mailok']) && (int) $_POST['user_mailok']) ? 1 : 0; $agree_disc = (isset($_POST['agree_disc']) && (int) $_POST['agree_disc']) ? 1 : 0; $actkey = isset($_POST['actkey']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['actkey'])) : ''; $thisuser = icms::handler('icms_member_user'); switch ($op) { case 'newuser': include 'header.php'; $xoTheme->addScript('', array('type' => ''), ' $(".password").passStrength({ shortPass: "******", badPass: "******", goodPass: "******", strongPass: "******", baseStyle: "top_testresult", messageloc: 0 }); });
if (is_object(icms::$user)) { redirect_header('index.php', 6, _US_ALREADY_LOGED_IN); } $op = !isset($_POST['op']) ? 'register' : filter_input(INPUT_POST, 'op'); $login_name = isset($_POST['login_name']) ? icms_core_DataFilter::stripSlashesGPC($_POST['login_name']) : ''; $uname = isset($_POST['uname']) ? icms_core_DataFilter::stripSlashesGPC($_POST['uname']) : ''; $email = isset($_POST['email']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['email'])) : ''; $url = isset($_POST['url']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['url'])) : ''; $pass = isset($_POST['pass']) ? icms_core_DataFilter::stripSlashesGPC($_POST['pass']) : ''; $vpass = isset($_POST['vpass']) ? icms_core_DataFilter::stripSlashesGPC($_POST['vpass']) : ''; $timezone_offset = isset($_POST['timezone_offset']) ? (double) $_POST['timezone_offset'] : $icmsConfig['default_TZ']; $user_viewemail = isset($_POST['user_viewemail']) && (int) $_POST['user_viewemail'] ? 1 : 0; $user_mailok = isset($_POST['user_mailok']) && (int) $_POST['user_mailok'] ? 1 : 0; $agree_disc = isset($_POST['agree_disc']) && (int) $_POST['agree_disc'] ? 1 : 0; $actkey = isset($_POST['actkey']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['actkey'])) : ''; $salt = isset($_POST['salt']) ? trim(icms_core_DataFilter::stripSlashesGPC($_POST['salt'])) : ''; $enc_type = $icmsConfigUser['enc_type']; $thisuser = icms::handler('icms_member_user'); switch ($op) { case 'newuser': include 'header.php'; $xoTheme->addScript('', array('type' => ''), ' $(".password").passStrength({ shortPass: "******", badPass: "******", goodPass: "******", strongPass: "******", baseStyle: "top_testresult", messageloc: 0 }); });
/** * Note: magic_quotes_gpc and magic_quotes_runtime are deprecated as of PHP 5.3.0 * * @deprecated Use stripSlashesGPC, instead. * @todo Remove this in version 1.4 - there are no other occurrences in the core * Enter description here ... * @param unknown_type $text */ function oopsStripSlashesRT($text) { icms_core_Debug::setDeprecated('icms_core_DataFilter::stripSlashesGPC', sprintf(_CORE_REMOVE_IN_VERSION, '1.4')); return icms_core_DataFilter::stripSlashesGPC($text); }
/** * Logic for changing the weight (order) and name of modules * * @param int $mid Unique ID for the module to change * @param int $weight Integer value of the weight to be applied to the module * @param str $name Name to be applied to the module */ function xoops_module_change($mid, $weight, $name) { $module_handler = icms::handler('icms_module'); $module =& $module_handler->get($mid); $module->setVar('weight', $weight); $module->setVar('name', $name); if (!$module_handler->insert($module)) { $ret = "<p>" . sprintf(_MD_AM_FAILORDER, "<strong>" . icms_core_DataFilter::stripSlashesGPC($name) . "</strong>") . " " . _MD_AM_ERRORSC . "<br />"; $ret .= $module->getHtmlErrors() . "</p>"; return $ret; } return "<p>" . sprintf(_MD_AM_OKORDER, "<strong>" . icms_core_DataFilter::stripSlashesGPC($name) . "</strong>") . "</p>"; }
echo "</select> "; echo icms::$security->getTokenHTML() . "<input type='submit' value='" . _SUBMIT . "' />"; // Add selected users } else { echo "<input type='button' value='" . _MA_USER_ADD_SELECTED . "' onclick='addusers();' />"; } echo "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n"; echo "</td></tr></table></form>\n"; } $hiddenform = "<form name='findnext' action='findusers.php' method='post'>"; foreach ($_POST as $k => $v) { if ($k == 'XOOPS_TOKEN_REQUEST') { // regenerate token value $hiddenform .= icms::$security->getTokenHTML() . "\n"; } else { $hiddenform .= "<input type='hidden' name='" . htmlSpecialChars($k, ENT_QUOTES) . "' value='" . htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($v), ENT_QUOTES) . "' />\n"; } } if (!isset($_POST['limit'])) { $hiddenform .= "<input type='hidden' name='limit' value='" . $limit . "' />\n"; } if (!isset($_POST['start'])) { $hiddenform .= "<input type='hidden' name='start' value='" . $start . "' />\n"; } $hiddenform .= "<input type='hidden' name='token' value='" . htmlspecialchars($token, ENT_QUOTES) . "' />\n"; if (!isset($total) || ($totalpages = ceil($total / $limit)) > 1) { $prev = $start - $limit; if ($start - $limit >= 0) { $hiddenform .= "<a href='#0' onclick='javascript:document.findnext.start.value=" . $prev . ";document.findnext.submit();'>" . _MA_USER_PREVIOUS . "</a> \n"; } $counter = 1;
} } } if (!empty($password)) { $password = icms_core_DataFilter::stripSlashesGPC(trim($password)); $oldpass = !empty($old_password) ? icms_core_DataFilter::stripSlashesGPC(trim($old_password)) : ''; $member_handler = icms::handler('icms_member'); $username = $member_handler->getUser($uid)->getVar('login_name'); if (!$member_handler->loginUser(addslashes($username), $oldpass)) { $errors[] = _US_SORRYINCORRECTPASS; } if (strlen($password) < $icmsConfigUser['minpass']) { $errors[] = sprintf(_US_PWDTOOSHORT, $icmsConfigUser['minpass']); } if (!empty($vpass)) { $vpass = icms_core_DataFilter::stripSlashesGPC(trim($vpass)); } if ($password != $vpass) { $errors[] = _US_PASSNOTSAME; } if ($password == $username || $password == icms_core_DataFilter::utf8_strrev($username, TRUE) || strripos($password, $username) === TRUE) { $errors[] = _US_BADPWD; } } if (count($errors) > 0) { /** Include the header that starts page rendering */ include ICMS_ROOT_PATH . '/header.php'; icms_core_Message::error($errors); echo "<a href='edituser.php' title='" . _US_EDITPROFILE . "'>" . _US_EDITPROFILE . "</a>"; include ICMS_ROOT_PATH . '/footer.php'; } else {
unset($_SESSION['openid_response']); unset($_SESSION['openid_sreg']); unset($_SESSION['frompage']); redirect_header($redirect_url, 3, sprintf(_US_OPENID_NEW_USER_CREATED, $newUser->getVar('uname'))); break; case OPENID_STEP_USER_FOUND: /** Including the login authentication page */ include_once 'include/checklogin.php'; exit; break; case OPENID_STEP_LINK: // Linking an existing user with this openid /** Including header.php to start page rendering */ include_once ICMS_ROOT_PATH . '/header.php'; $uname4sql = addslashes(icms_core_DataFilter::stripSlashesGPC($_POST['uname'])); $pass4sql = addslashes(icms_core_DataFilter::stripSlashesGPC($_POST['pass'])); $thisUser = $member_handler->loginUser($uname4sql, $pass4sql); if (!$thisUser) { redirect_header($redirect_url, 3, _US_OPENID_LINKED_AUTH_FAILED); } if ($thisUser->getVar('level') == 0) { redirect_header($redirect_url, 3, _US_OPENID_LINKED_AUTH_NOT_ACTIVATED); } // This means the authentication succeeded. $displayId = $xoopsAuth->response->getDisplayIdentifier(); $thisUser->setVar('last_login', time()); $thisUser->setVar('openid', $xoopsAuth->openid); if (!$member_handler->insertUser($thisUser)) { redirect_header($redirect_url, 3, _US_OPENID_LINKED_AUTH_CANNOT_SAVE); } $_SESSION['xoopsUserId'] = $thisUser->getVar('uid');
$sql = sprintf("DELETE FROM %s WHERE cid = '%u'", $db->prefix('bannerclient'), $cid); $db->query($sql); redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 1, _AM_DBUPDATED); break; case 'BannerClientEdit': if ($cid > 0) {BannerClientEdit($cid);} break; case 'BannerClientChange': if ($cid <= 0 | !icms::$security->check()) { redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 3, implode('<br />', icms::$security->getErrors())); } $db =& icms_db_Factory::instance(); $sql = sprintf("UPDATE %s SET name = %s, contact = %s, email = %s, login = %s, passwd = %s, extrainfo = %s WHERE cid = '%d'", $db->prefix("bannerclient"), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($name)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($contact)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($email)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($login)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($passwd)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($extrainfo)), $cid ); $db->query($sql); redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 1, _AM_DBUPDATED); break; }
icms_loadLanguageFile('core', 'user'); $uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']); $pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']); /** * Commented out for OpenID , we need to change it to make a better validation if OpenID is used */ /*if ($uname == '' || $pass == '') { redirect_header(ICMS_URL.'/user.php', 1, _US_INCORRECTLOGIN); exit(); }*/ $member_handler = icms::handler('icms_member'); icms_loadLanguageFile('core', 'auth'); $icmsAuth =& icms_auth_Factory::getAuthConnection(icms_core_DataFilter::addSlashes($uname)); // uname&email hack GIJ $uname4sql = addslashes(icms_core_DataFilter::stripSlashesGPC($uname)); $pass4sql = addslashes(icms_core_DataFilter::stripSlashesGPC($pass)); /*if (strstr( $uname , '@' )) { // check by email if uname includes '@' $criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('email', $uname4sql )); $criteria->add(new icms_db_criteria_Item('pass', $pass4sql)); $user_handler = icms::handler('icms_member_user'); $users =& $user_handler->getObjects($criteria, false); if (empty( $users ) || count( $users ) != 1 ) $user = false ; else $user = $users[0] ; unset( $users ) ; } */ if (empty($user) || !is_object($user)) { $user =& $icmsAuth->authenticate($uname4sql, $pass4sql); } // end of uname&email hack GIJ if (false != $user) {
/** * returns a specific variable for the object in a proper format * * We had to put this method in the icms_ipf_Object because the XOBJ_DTYPE_ARRAY does not work properly * at least on PHP 5.1. So we have created a new type XOBJ_DTYPE_SIMPLE_ARRAY to handle 1 level array * as a string separated by | * * @access public * @param string $key key of the object's variable to be returned * @param string $format format to use for the output * @return mixed formatted value of the variable */ public function getVar($key, $format = 's') { global $myts; $ret = $this->vars[$key]['value']; switch ($this->vars[$key]['data_type']) { case XOBJ_DTYPE_TXTBOX: switch (strtolower($format)) { case 's': case 'show': // ML Hack by marcan $ret = icms_core_DataFilter::htmlSpecialChars($ret); if (method_exists($myts, 'formatForML')) { return $ts->formatForML($ret); } else { return $ret; } break 1; // End of ML Hack by marcan // End of ML Hack by marcan case 'clean': $ret = icms_html2text($ret); $ret = icms_purifyText($ret); return $ret; break 1; // End of ML Hack by marcan // End of ML Hack by marcan case 'e': case 'edit': return icms_core_DataFilter::htmlSpecialChars($ret); break 1; case 'p': case 'preview': case 'f': case 'formpreview': return icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($ret)); break 1; case 'n': case 'none': default: break 1; } break; case XOBJ_DTYPE_LTIME: switch (strtolower($format)) { case 's': case 'show': case 'p': case 'preview': case 'f': case 'formpreview': $ret = formatTimestamp($ret, _DATESTRING); return $ret; break 1; case 'n': case 'none': case 'e': case 'edit': break 1; default: break 1; } break; case XOBJ_DTYPE_STIME: switch (strtolower($format)) { case 's': case 'show': case 'p': case 'preview': case 'f': case 'formpreview': $ret = formatTimestamp($ret, _SHORTDATESTRING); return $ret; break 1; case 'n': case 'none': case 'e': case 'edit': break 1; default: break 1; } break; case XOBJ_DTYPE_TIME_ONLY: switch (strtolower($format)) { case 's': case 'show': case 'p': case 'preview': case 'f': case 'formpreview': $ret = formatTimestamp($ret, 'G:i'); return $ret; break 1; case 'n': case 'none': case 'e': case 'edit': break 1; default: break 1; } break; case XOBJ_DTYPE_CURRENCY: $decimal_section_original = strstr($ret, '.'); $decimal_section = $decimal_section_original; if ($decimal_section) { if (strlen($decimal_section) == 1) { $decimal_section = '.00'; } elseif (strlen($decimal_section) == 2) { $decimal_section = $decimal_section . '0'; } $ret = str_replace($decimal_section_original, $decimal_section, $ret); } else { $ret = $ret . '.00'; } break; case XOBJ_DTYPE_TXTAREA: switch (strtolower($format)) { case 's': case 'show': $ts = icms_core_Textsanitizer::getInstance(); $html = !empty($this->vars['dohtml']['value']) ? 1 : 0; $xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0; $smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0; $image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0; $br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0; if (defined('XOOPS_EDITOR_IS_HTML')) { $br = false; } if ($html) { return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br); } else { return icms_core_DataFilter::checkVar($ret, 'text', 'output'); } break 1; case 'e': case 'edit': return htmlspecialchars($ret, ENT_QUOTES); break 1; case 'p': case 'preview': $ts = icms_core_Textsanitizer::getInstance(); $html = !empty($this->vars['dohtml']['value']) ? 1 : 0; $xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0; $smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0; $image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0; $br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0; if ($html) { return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br); } else { return icms_core_DataFilter::checkVar($ret, 'text', 'output'); } break 1; case 'f': case 'formpreview': return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES); break 1; case 'n': case 'none': default: break 1; } break; case XOBJ_DTYPE_SIMPLE_ARRAY: $ret =& explode('|', $ret); break; case XOBJ_DTYPE_ARRAY: $ret =& unserialize($ret); break; case XOBJ_DTYPE_SOURCE: switch (strtolower($format)) { case 's': case 'show': break 1; case 'e': case 'edit': return htmlspecialchars($ret, ENT_QUOTES); break 1; case 'p': case 'preview': return icms_core_DataFilter::stripSlashesGPC($ret); break 1; case 'f': case 'formpreview': return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES); break 1; case 'n': case 'none': default: break 1; } break; default: if ($this->vars[$key]['options'] != '' && $ret != '') { switch (strtolower($format)) { case 's': case 'show': $selected = explode('|', $ret); $options = explode('|', $this->vars[$key]['options']); $i = 1; $ret = array(); foreach ($options as $op) { if (in_array($i, $selected)) { $ret[] = $op; } $i++; } return implode(', ', $ret); case 'e': case 'edit': $ret = explode('|', $ret); break 1; default: break 1; } } break; } return $ret; }
//show change password form $form = new icms_form_Theme(_MD_PROFILE_CHANGEPASSWORD, 'form', $_SERVER['REQUEST_URI'], 'post', true); $form->addElement(new icms_form_elements_Password(_MD_PROFILE_OLDPASSWORD, 'oldpass', 10, 50), true); $pwd_tray = new icms_form_elements_Tray(_MD_PROFILE_NEWPASSWORD . '<br />' . _MD_PROFILE_VERIFYPASS); $pwd_tray->addElement(new icms_form_elements_Password('', 'password', 10, 255, '', false, $icmsConfigUser['pass_level'] ? 'password_adv' : '')); $pwd_tray->addElement(new icms_form_elements_Password('', 'vpass', 10, 255)); $form->addElement($pwd_tray); $form->addElement(new icms_form_elements_Button('', 'submit', _SUBMIT, 'submit')); $form->assign($icmsTpl); } else { $stop = ''; $member_handler = icms::handler('icms_member'); $username = icms::$user->getVar('uname'); $password = !empty($_POST['password']) ? icms_core_DataFilter::stripSlashesGPC(trim($_POST['password'])) : ''; $oldpass = !empty($_POST['oldpass']) ? icms_core_DataFilter::stripSlashesGPC(trim($_POST['oldpass'])) : ''; $vpass = !empty($_POST['vpass']) ? icms_core_DataFilter::stripSlashesGPC(trim($_POST['vpass'])) : ''; if (empty($password) || empty($oldpass) || empty($vpass)) { $stop .= _MD_PROFILE_PROVIDEPWDS; } else { icms_loadLanguageFile('core', 'user'); if (!$member_handler->loginUser(addslashes(icms::$user->getVar('login_name')), addslashes($oldpass))) { $stop .= _US_BADPWD . "<br />"; } if (strlen($password) < $icmsConfigUser['minpass']) { $stop .= sprintf(_US_PWDTOOSHORT, $icmsConfigUser['minpass']) . "<br />"; } if ($password != $vpass) { $stop .= _US_PASSNOTSAME . "<br />"; } if ($password == $username || $password == icms_core_DataFilter::utf8_strrev($username, true) || strripos($password, $username) === true) { $stop .= _US_BADPWD;
$com_title = icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($_POST['com_title'])); if ($dohtml != 0) { if (is_object(icms::$user)) { if (!icms::$user->isAdmin($com_modid)) { $sysperm_handler = icms::handler('icms_member_groupperm'); if (!$sysperm_handler->checkRight('system_admin', XOOPS_SYSTEM_COMMENT, icms::$user->getGroups())) { $dohtml = 0; } } } else { $dohtml = 0; } } $p_comment =& icms_core_DataFilter::checkVar($_POST['com_text'], 'html', 'input'); $noname = isset($noname) ? (int) $noname : 0; $com_text = icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($_POST['com_text'])); if ($icmsModule->getVar('dirname') != 'system') { include ICMS_ROOT_PATH . '/header.php'; themecenterposts($com_title, $p_comment); include ICMS_INCLUDE_PATH . '/comment_form.php'; include ICMS_ROOT_PATH . '/footer.php'; } else { icms_cp_header(); themecenterposts($com_title, $p_comment); include ICMS_INCLUDE_PATH . '/comment_form.php'; icms_cp_footer(); } break; case "post": if ($icmsConfig['use_captchaf'] == TRUE) { $icmsCaptcha = icms_form_elements_captcha_Object::instance();
$xoopsMailer->setToEmails($toUser->getVar('email')); if (icms::$user->getVar('user_viewemail')) { $xoopsMailer->setFromEmail(icms::$user->getVar('email')); $xoopsMailer->setFromName(icms::$user->getVar('uname')); } else { $xoopsMailer->setFromEmail($icmsConfig['adminmail']); $xoopsMailer->setFromName($icmsConfig['sitename']); } $xoopsMailer->setTemplate('new_pm.tpl'); $xoopsMailer->assign('X_SITENAME', $icmsConfig['sitename']); $xoopsMailer->assign('X_SITEURL', ICMS_URL . "/"); $xoopsMailer->assign('X_ADMINMAIL', $icmsConfig['adminmail']); $xoopsMailer->assign('X_UNAME', $toUser->getVar('uname')); $xoopsMailer->assign('X_FROMUNAME', icms::$user->getVar('uname')); $xoopsMailer->assign('X_SUBJECT', icms_core_DataFilter::stripSlashesGPC($_POST['subject'])); $xoopsMailer->assign('X_MESSAGE', icms_core_DataFilter::stripSlashesGPC($_POST['message'])); $xoopsMailer->assign('X_ITEM_URL', ICMS_URL . "/viewpmsg.php"); $xoopsMailer->setSubject(sprintf(_PM_MESSAGEPOSTED_EMAILSUBJ, $icmsConfig['sitename'])); $xoopsMailer->send(); } echo "<br /><br /><div style='text-align:center;'><h4>" . _PM_MESSAGEPOSTED . "</h4><br />\r\n\t\t\t\t\t<a href=\"javascript:window.opener.location='" . ICMS_URL . "/viewpmsg.php';window.close();\">" . _PM_CLICKHERE . "</a><br /><br />\r\n\t\t\t\t\t<a href=\"javascript:window.close();\">" . _PM_ORCLOSEWINDOW . "</a></div>"; } } } elseif ($reply == 1 || $send == 1 || $send2 == 1) { if ($reply == 1) { $pm_handler = icms::handler('icms_data_privmessage'); $pm =& $pm_handler->get($msg_id); if ($pm->getVar("to_userid") == (int) icms::$user->getVar('uid')) { $pm_uname = icms_member_user_Object::getUnameFromId($pm->getVar("from_userid")); $message = "[quote]\n"; $message .= sprintf(_PM_USERWROTE, $pm_uname);
case 'BannerClientDelete': if ($cid > 0) { BannerClientDelete($cid); } break; case 'BannerClientDelete2': $db =& icms_db_Factory::instance(); if ($cid <= 0 | !icms::$security->check()) { redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 3, implode('<br />', icms::$security->getErrors())); } $sql = sprintf("DELETE FROM %s WHERE cid = '%u'", $db->prefix('banner'), $cid); $db->query($sql); $sql = sprintf("DELETE FROM %s WHERE cid = '%u'", $db->prefix('bannerclient'), $cid); $db->query($sql); redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 1, _AM_DBUPDATED); break; case 'BannerClientEdit': if ($cid > 0) { BannerClientEdit($cid); } break; case 'BannerClientChange': if ($cid <= 0 | !icms::$security->check()) { redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 3, implode('<br />', icms::$security->getErrors())); } $db =& icms_db_Factory::instance(); $sql = sprintf("UPDATE %s SET name = %s, contact = %s, email = %s, login = %s, passwd = %s, extrainfo = %s WHERE cid = '%d'", $db->prefix("bannerclient"), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($name)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($contact)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($email)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($login)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($passwd)), $db->quoteString(icms_core_DataFilter::stripSlashesGPC($extrainfo)), $cid); $db->query($sql); redirect_header('admin.php?fct=banners&op=BannersAdmin#top', 1, _AM_DBUPDATED); break; }
$uid = (int) $_POST['uid']; $user = $member_handler->getUser($uid); } else { $user = $member_handler->createUser(); $user->setVar('user_regdate', time()); $user->setVar('user_avatar', 'blank.gif'); $user->setVar('uorder', $icmsConfig['com_order']); $user->setVar('umode', $icmsConfig['com_mode']); } $errors = array(); $stop = ''; $login_name = isset($_POST['login_name']) ? trim($_POST['login_name']) : ''; $uname = isset($_POST['uname']) ? trim($_POST['uname']) : ''; $email = isset($_POST['email']) ? trim($_POST['email']) : ''; $pass = isset($_POST['password']) ? icms_core_DataFilter::stripSlashesGPC($_POST['password']) : ''; $vpass = isset($_POST['vpass']) ? icms_core_DataFilter::stripSlashesGPC($_POST['vpass']) : ''; icms_loadLanguageFile('core', 'user'); $stop .= icms::handler('icms_member_user')->userCheck($login_name, $uname, $email, !$user->isNew() && $pass == '' ? false : $pass, $vpass, $user->isNew() ? 0 : $user->getVar('uid')); if ($user->getVar('uid') != icms::$user->getVar('uid')) { if ($pass != '') { $icmspass = new icms_core_Password(); $salt = icms_core_Password::createSalt(); $pass = $icmspass->encryptPass($pass, $salt, $icmsConfigUser['enc_type']); $user->setVar('pass', $pass); $user->setVar('pass_expired', 0); $user->setVar('enc_type', $icmsConfigUser['enc_type']); $user->setVar('salt', $salt); } $user->setVar('level', (int) $_POST['level']); } $user->setVar('uname', $uname);
defined('ICMS_ROOT_PATH') || exit; icms_loadLanguageFile('core', 'user'); $uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']); $pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']); /** * Commented out for OpenID , we need to change it to make a better validation if OpenID is used */ /*if ($uname == '' || $pass == '') { redirect_header(ICMS_URL.'/user.php', 1, _US_INCORRECTLOGIN); exit(); }*/ $member_handler = icms::handler('icms_member'); icms_loadLanguageFile('core', 'auth'); $icmsAuth =& icms_auth_Factory::getAuthConnection(icms_core_DataFilter::addSlashes($uname)); $uname4sql = addslashes(icms_core_DataFilter::stripSlashesGPC($uname)); $pass4sql = icms_core_DataFilter::stripSlashesGPC($pass); if (empty($user) || !is_object($user)) { $user =& $icmsAuth->authenticate($uname4sql, $pass4sql); } if (FALSE != $user) { if (0 == $user->getVar('level')) { redirect_header(ICMS_URL . '/', 5, _US_NOACTTPADM); exit; } if ($icmsConfigPersona['multi_login']) { if (is_object($user)) { $online_handler = icms::handler('icms_core_Online'); $online_handler->gc(300); $onlines =& $online_handler->getAll(); foreach ($onlines as $online) { if ($online['online_uid'] == $user->getVar('uid')) {
/** * sends a welcome message to the user which account has just been activated * * return TRUE if success, FALSE if not */ public function sendWelcomeMessage() { global $icmsConfig, $icmsConfigUser; if (!$icmsConfigUser['welcome_msg']) { return true; } $xoopsMailer = new icms_messaging_Handler(); $xoopsMailer->useMail(); $xoopsMailer->setBody($icmsConfigUser['welcome_msg_content']); $xoopsMailer->assign('UNAME', $this->getVar('uname')); $user_email = $this->getVar('email'); $xoopsMailer->assign('X_UEMAIL', $user_email); $xoopsMailer->setToEmails($user_email); $xoopsMailer->setFromEmail($icmsConfig['adminmail']); $xoopsMailer->setFromName($icmsConfig['sitename']); $xoopsMailer->setSubject(sprintf(_US_YOURREGISTRATION, icms_core_DataFilter::stripSlashesGPC($icmsConfig['sitename']))); if (!$xoopsMailer->send(true)) { $this->setErrors(_US_WELCOMEMSGFAILED); return false; } else { return true; } }
icms_cp_footer(); } break; case "SmilesEdit": $id = isset($_GET['id']) ? (int) $_GET['id'] : 0; if ($id > 0) { SmilesEdit($id); } break; case "SmilesSave": $id = isset($_POST['id']) ? (int) $_POST['id'] : 0; if ($id <= 0 | !icms::$security->check()) { redirect_header('admin.php?fct=smilies', 3, implode('<br />', icms::$security->getErrors())); } $smile_code = icms_core_DataFilter::stripSlashesGPC($_POST['smile_code']); $smile_desc = icms_core_DataFilter::stripSlashesGPC($_POST['smile_desc']); $smile_display = (int) $_POST['smile_display'] > 0 ? 1 : 0; $db =& icms_db_Factory::instance(); if ($_FILES['smile_url']['name'] != "") { $uploader = new icms_file_MediaUploadHandler(ICMS_UPLOAD_PATH, array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png'), 100000, 120, 120); $uploader->setPrefix('smil'); if ($uploader->fetchMedia($_POST['xoops_upload_file'][0])) { if (!$uploader->upload()) { $err = $uploader->getErrors(); } else { $smile_url = $uploader->getSavedFileName(); if (!$db->query(sprintf("UPDATE %s SET code = %s, smile_url = %s, emotion = %s, display = %d WHERE id = '%d'", $db->prefix('smiles'), $db->quoteString($smile_code), $db->quoteString($smile_url), $db->quoteString($smile_desc), $smile_display, $id))) { $err = 'Failed storing smiley data into the database'; } else { $oldsmile_path = str_replace("\\", "/", realpath(ICMS_UPLOAD_PATH . '/' . trim($_POST['old_smile']))); if (0 === strpos($oldsmile_path, ICMS_UPLOAD_PATH) && is_file($oldsmile_path)) {