/**
* fill item with the given xml node
* @param SimpleXMLElement node representing an item
*/
public function setFromXML(SimpleXMLElement $item)
{
$dt = new jDateTime();
$resultat = explode(" ", (string) $item->author);
foreach ($resultat as $mot) {
if (jFilter::isEmail($mot)) {
$this->authorEmail = $mot;
} else {
$this->authorName .= ' ' . $mot;
}
}
$categorie = $item->category;
foreach ($categorie as $cat) {
$this->categories[] = (string) $cat;
}
$this->content = (string) $item->description;
$this->id = (string) $item->guid;
$this->link = (string) $item->link;
if ((string) $item->pubDate != '') {
$dt->setFromString((string) $item->pubDate, jDateTime::RFC2822_FORMAT);
$this->published = $dt->toString(jDateTime::DB_DTFORMAT);
}
$this->title = (string) $item->title;
$this->idIsPermalink = isset($item->guid['isPermaLink']) && $item->guid['isPermaLink'] == 'true' ? true : false;
$this->sourceTitle = (string) $item->source;
$this->sourceUrl = isset($item->source['url']) ? (string) $item->source['url'] : '';
$this->comments = (string) $item->comments;
if (isset($item->enclosure['url'])) {
$this->enclosure = array();
$attrs = array('url', 'length', 'type');
foreach ($attrs as $a) {
$this->enclosure[$a] = isset($item->enclosure[$a]) ? (string) $item->enclosure[$a] : '';
}
}
}
/**
*
*/
function save()
{
$rep = $this->getResponse('json');
//parametres
$password = $this->param('password');
$lastname = $this->param('lastname');
$firstname = $this->param('firstname');
$email = $this->param('email');
//alert
$success = false;
$msg = "Profile non modifié";
//verification
//update
if (!empty($firstname) && !empty($lastname) && jFilter::isEmail($email)) {
// instanciation de la factory
$user = jAuth::getUser(jAuth::getUserSession()->id);
// infos user
$user->lastname = $lastname;
$user->firstname = $firstname;
$user->email = $email;
// on le sauvegarde dans la base
try {
jAuth::updateUser($user);
if (!empty($password) && $user->password != $password) {
jAuth::changePassword($user->login, $password);
}
$success = true;
} catch (Exception $e) {
$success = false;
$msg = "Profile non modifié";
}
if ($success) {
$msg = "profile modifié ";
}
}
$rep->data = array('success' => $success, 'msg' => $msg);
return $rep;
}
public function check($value)
{
return jFilter::isEmail($value);
}
/**
*
*/
function save()
{
$rep = $this->getResponse('json');
//parametres
$id = $this->intParam('id', null, true);
$active = $this->param('active', 'NO', true);
$login = $this->param('login');
$password = $this->param('password');
$lastname = $this->param('lastname');
$firstname = $this->param('firstname');
$email = $this->param('email');
$phone = $this->param('phone');
//verification
if ($id) {
//update
if (!empty($firstname) && !empty($lastname) && !empty($active) && jFilter::isEmail($email)) {
// instanciation de la factory
$user = jAuth::getUser($login);
// infos user
$user->phone = $phone;
$user->lastname = $lastname;
$user->firstname = $firstname;
$user->email = $email;
$user->active = $active;
// on le sauvegarde dans la base
try {
jAuth::updateUser($user);
if (!empty($password) && $user->password != $password) {
jAuth::changePassword($user->login, $password);
}
$this->success = true;
$this->msg = "utilisateur modifié ";
} catch (Exception $e) {
$this->success = false;
$this->msg = "utilisateur non modifié";
}
}
} else {
//insert
if (!empty($login) && !empty($password) && !empty($firstname) && !empty($lastname) && !empty($active) && jFilter::isEmail($email)) {
// instanciation
$user = jAuth::createUserObject($login, $password);
// infos user
$user->phone = $phone;
$user->lastname = $lastname;
$user->firstname = $firstname;
$user->email = $email;
$user->active = $active;
// on le sauvegarde dans la base
try {
$this->success = jAuth::saveNewUser($user);
$this->msg = "utilisateur ajouté ";
} catch (Exception $e) {
$this->success = false;
$this->msg = "utilisateur non ajouté";
}
}
}
$rep->data = array('success' => $this->success, 'msg' => $this->msg);
return $rep;
}
/**
* check the validity of an IP address
* @param string $ip IP of the member
* @return boolean
*/
public static function checkIp($ip)
{
$validIp = false;
$newIp = '';
//0) checking the content : list or range but not list AND range :
if (strpos($ip, ',') > 0 and strpos($ip, '-') > 0) {
jMessage::add(jLocale::get('havefnubb~ban.list.ip.or.range'));
return false;
} elseif (strpos($ip, ',') > 0) {
$list = preg_split('/,/', $ip);
foreach ($list as $item) {
$validIp = jFilter::isIPv4($item);
if ($validIp === false) {
jMessage::add(jLocale::get('havefnubb~ban.invalid.list.of.ip'));
return false;
}
}
} elseif (strpos($ip, '-') > 0) {
// ip is xxx.yyy.zzz-aaa
$list = preg_split('/-/', $ip);
// find xxx.yyy.
$pos = strrpos($list[0], '.');
// start is xxx.yyy.zzz
$start = $list[0];
// end is xxx.yyy.aaa
$end = substr($list[0], 0, $pos) . '.' . $list[1];
// validate each of them
$validIp1 = jFilter::isIPv4($start);
$validIp2 = jFilter::isIPv4($end);
if ($validIp1 === false or $validIp2 === false) {
jMessage::add(jLocale::get('havefnubb~ban.invalid.range.of.ip', array($start, $end)));
return false;
} else {
return true;
}
} else {
$validIp = jFilter::isIPv4($ip);
if ($validIp === false) {
jMessage::add(jLocale::get('havefnubb~ban.invalid.ip'));
return false;
}
}
return $validIp;
}
public function testCleanHtml()
{
$html = '<div>lorem</div>';
$result = '<div>lorem</div>';
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div>lorem<em>aaa</em></div>';
$result = "<div>lorem<em>aaa</em>\n</div>";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div>lorem <script> foo </script></div>';
$result = '<div>lorem </div>';
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div>lorem <SCRIPT> foo </SCRIPT></div>';
$result = '<div>lorem </div>';
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
//$html='<div>lorem <![CDATA[<SCRIPT> foo </SCRIPT>]]></div>';
//$result='<div>lorem <![CDATA[<SCRIPT> foo </SCRIPT>]]></div>';
//$this->assertEqualOrDiff($result, jFilter::satanizeHtml($html));
$html = '<div onclick="xss()">lorem</div>';
$result = '<div>lorem</div>';
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div onclick="xss()">lorem <strong onMouseOver="toto()">ah ah </strong></div>';
$result = "<div>lorem <strong>ah ah </strong>\n</div>";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div onclick="xss()">lorem <a href="javascript:pirate()">ah ah </a></div>';
$result = "<div>lorem <a>ah ah </a>\n</div>";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div>lorem <a href="foo/bar">a</a> <a href="http://foo/bar">a</a> <a href="hTTps://foo/bar">a</a>
<a href="ftp://foo/bar">a</a> <a href="mailto:foo@bar.baz">a</a> <a href="foo/bar:/bla">a</a>
<a href="foo:bar/bla">a</a> <a href="data:bar/bla">a</a></div>';
$result = '<div>lorem <a href="foo/bar">a</a> <a href="http://foo/bar">a</a> <a href="hTTps://foo/bar">a</a>
<a href="ftp://foo/bar">a</a> <a href="mailto:foo@bar.baz">a</a> <a href="foo/bar:/bla">a</a>
<a>a</a> <a>a</a>
</div>';
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
// invalid html
$html = '<div>lorem<em>aaa</er></div>';
$result = "<div>lorem<em>aaa</em>\n</div>";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div lorem<em>aaa</er></div>';
$result = "<div lorem>aaa</div>";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
$html = '<div>lorem <br/> ipsum</div>';
$result = '<div>lorem <br> ipsum</div>';
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html));
// XHTML
$html = '<div>lorem <br/> ipsum</div>';
$result = "\n <div>lorem <br/> ipsum</div>\n ";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html, true));
$html = '<div lorem<em>aaa</er></div>';
$result = "\n <div lorem=\"\">aaa</div>\n ";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html, true));
$html = '<div>lorem<em>aaa</er></div>';
$result = "\n <div>lorem<em>aaa</em></div>\n ";
$this->assertEqualOrDiff($result, jFilter::cleanHtml($html, true));
}
function newsletter()
{
$rep = $this->getResponse('html');
$token = uniqid('', true);
$email = $this->param("email");
$success = false;
$msg = "Echec de l'operation : lien expiré ";
$userFactory = jDao::get("user~user");
$exst = $userFactory->getByLogin($email);
$rep->bodyTpl = "changepassmessage";
if (!empty($email) && jFilter::isEmail($email) && $exst->id) {
$userFactory = jDao::get("user~user");
$user = $userFactory->getByLogin($email);
// $user->status=1;
$user->keyactivate = $token;
try {
$userFactory->update($user);
$success = true;
} catch (Exception $e) {
$success = false;
$msg = "Opération échouée : " . "lien périmée";
}
if ($success) {
$msg = "Opération effectuée avec succès : " . "votre mot de passe a ete réinitialisé" . " veuillez consulter votre mail pour l'activer";
//mail
$mail = new jMailer();
$tpl = $mail->Tpl('user~changepassmail', true);
$tpl->assign('user', $user);
$mail->Send();
}
}
$rep->body->assign('MESSAGE', $msg);
return $rep;
}
function saveban()
{
$username = $this->param('ban_username');
$ip = $this->param('ban_ip');
$mail = $this->param('ban_email');
$expire = $this->param('ban_expire');
$message = $this->param('ban_message');
if ($username == '' and $ip == '' and $mail == '' and $expire['day'] == '' and $expire['month'] == '' and $expire['year'] == '' and $message == '') {
jMessage::add(jLocale::get('hfnuadmin~ban.you.have.to.fill.one.field.at.least'), 'error');
$rep = $this->getResponse('redirect');
$rep->action = 'hfnuadmin~ban:index';
return $rep;
}
$submit = $this->param('validate');
if ($submit == jLocale::get('hfnuadmin~ban.saveBt')) {
if ($ip != '' and jClasses::getService('havefnubb~bans')->checkIp($ip) === false) {
$rep = $this->getResponse('redirect');
$rep->action = 'hfnuadmin~ban:index';
return $rep;
}
if ($mail != '') {
$validMail = false;
// ban one given domain
if (preg_match('/^[a-z0-9]+\\.[a-z]{2,4}$/', $mail)) {
$validMail = true;
} else {
// ban one member email
$validMail = jFilter::isEmail($mail);
}
if ($validMail === false) {
jMessage::add(jLocale::get('hfnuadmin~ban.mail.invalid') . ' ' . $mail, 'warning');
$rep = $this->getResponse('redirect');
$rep->action = 'hfnuadmin~ban:index';
return $rep;
}
}
if (!empty($expire)) {
$expire['hour'] = 0;
$expire['minute'] = 0;
$expire['second'] = 0;
$expire['day'] = (int) $expire['day'];
$expire['month'] = (int) $expire['month'];
$expire['year'] = (int) $expire['year'];
$now = 0;
// we made a permanent ban !
if ($expire['day'] == 0 and $expire['month'] == 0 and $expire['year'] == 0) {
$expiry = 0;
} else {
$now = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
$expiry = mktime($expire['hour'], $expire['minute'], $expire['second'], $expire['month'], $expire['day'], $expire['year']);
}
if ($expiry <= $now and $expiry > 0) {
jMessage::add(jLocale::get('hfnuadmin~ban.expiry.invalid'), 'warning');
$rep = $this->getResponse('redirect');
$rep->action = 'hfnuadmin~ban:index';
return $rep;
}
}
$rep = $this->getResponse('redirect');
$rep->action = 'hfnuadmin~ban:index';
$dao = jDao::get('havefnubb~bans');
$form = jForms::fill('hfnuadmin~bans');
if (!$form) {
jMessage::add(jLocale::get('hfnuadmin~ban.invalid.datas'), 'error');
return $rep;
}
if (!$form->check()) {
jMessage::add(jLocale::get('hfnuadmin~ban.invalid.datas'), 'error');
return $rep;
}
$form->setData('ban_expire', $expiry);
$form->saveToDao('havefnubb~bans');
jMessage::add(jLocale::get('hfnuadmin~ban.added'), 'ok');
return $rep;
}
}
