<?php // +---------------------------------------------------------------------- // | Demila [ Beautiful Digital Content Trading System ] // +---------------------------------------------------------------------- // | Copyright (c) 2015 http://demila.org All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Email author@demila.org // +---------------------------------------------------------------------- _setView(__FILE__); $commentID = get_id(2); $commentsClass = new comments(); $comment = $commentsClass->get($commentID); if (!is_array($comment)) { addErrorMessage($langArray['wrong_comment'], '', 'error'); } else { abr('show_form', 'yes'); abr('comment', $comment); }
$total_money = floatval($item['prepaid_price']) + floatval($item['your_profit']); $ordersClass->buy($total_money); refresh('/' . $languageURL . 'download/', $langArray['complete_buy_theme'], 'complete'); } } } elseif ($_POST['licence'] == 'extended') { if (isset($_POST['pay_method']) && $_POST['pay_method'] == 'paymethod') { $orderID = $ordersClass->add($item['extended_price'], 'true'); if (isset($_SESSION['tmp']['deposit_id'])) { unset($_SESSION['tmp']['deposit_id']); } $_SESSION['tmp']['order_id'] = $orderID; refresh('/' . $languageURL . 'items/payment/'); } else { if ($_SESSION['user']['total'] < $item['extended_price']) { addErrorMessage($langArray['error_not_enought_money'], '', 'error'); } else { $ordersClass->buy($item['extended_price'], true); refresh('/' . $languageURL . 'download/', $langArray['complete_buy_theme'], 'complete'); } } } } #标签标记作品 require_once ROOT_PATH . '/apps/items/controllers/bookmark.php'; #是否免费文件 if ($item['free_file'] == 'true') { abr('freeFileMessage', langMessageReplace($langArray['free_file_info'], array('URL' => '/' . $languageURL . 'users/downloads/' . $item['id']))); } #加载其它作品 $otherItems = $itemsClass->getAll(0, 6, " `status` = 'active' AND `id` <> '" . intval($itemID) . "' AND `user_id` = '" . intval($item['user_id']) . "' ", "RAND()");
#加载类别 $categoriesClass = new ccategories(); $categories = $categoriesClass->getAll(0, 0, " `visible` = 'true'"); abr('categories', $categories); #发送联系支持请求 if (isset($_POST['action'])) { //验证码验证 if (isset($_POST['verify'])) { if (empty($_POST['verify'])) { addErrorMessage($langArray['error_verify_invalid_empty'], '', 'error'); } require_once ROOT_PATH . '/classes/Verify.class.php'; $verify = new Verify(); $yz_verify = $verify->check($_POST['verify'], 1); if (!$yz_verify) { addErrorMessage($langArray['error_invalid_verify'], '', 'error'); } else { $contactsClass = new contacts(); $s = $contactsClass->add(); if ($s === true) { refresh('/' . $languageURL . 'support/', $langArray['complete_send_email'], 'complete'); } else { addErrorMessage($langArray['error_all_fields_required'], '', 'error'); } } } else { addErrorMessage($langArray['error_verify_invalid_empty'], '', 'error'); } } #面包屑 abr('breadcrumb', '<a href="/' . $languageURL . '" title="">' . $langArray['home'] . '</a> \\ <a href="/' . $languageURL . 'contacts/" title="">' . $langArray['contacts'] . '</a>');
<?php // +---------------------------------------------------------------------- // | Demila [ Beautiful Digital Content Trading System ] // +---------------------------------------------------------------------- // | Copyright (c) 2015 http://demila.org All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Email author@demila.org // +---------------------------------------------------------------------- require_once ROOT_PATH . '/apps/collections/models/collections.class.php'; $collectionsClass = new collections(); if (check_login_bool() && isset($_POST['add_collection'])) { $s = $collectionsClass->bookmark($itemID); if ($s === true) { refresh('/' . $languageURL . 'items/' . $itemID, $langArray['complete_bookmark_item'], 'complete'); } else { addErrorMessage($s, '还没有创建书签集', 'error'); } } if (check_login_bool()) { $collections = $collectionsClass->getAll(0, 0, " `user_id` = '" . intval($_SESSION['user']['user_id']) . "' "); abr('bookCollections', $collections); }
} if ($dnid = $_POST['default']) { c2r_user_number_default($uid, $dnid); } } else { if (isset($_POST['validate_unid']) && ($vunid = $_POST['validate_unid'])) { c2r_user_number_activate($vunid, $_POST['code']); } if (isset($_POST['number']) && ($number = $_POST['number'])) { if (!eregi("^\\+[0-9]+\$", $number)) { addErrorMessage(t('This phone number has a wrong format. Please use the + sign, followed by country code, area code and your individual number.')); } else { $sql = "select number from users u, user_number un where u.is_active=True and un.user_id=u.id and number='{$number}'"; $result = query($sql); if (pg_fetch_row($result)) { addErrorMessage('This number is already used!'); } else { c2r_user_number_add($user->id, $number); addInfoMessage(t('Please validate ') . $number . t('. Enter the Code you get via SMS.')); } } } if (isset($_GET['number_delete']) && ($del_unid = $_GET['number_delete'])) { addInfoMessage(t('Phone number deleted')); c2r_user_number_delete($del_unid); } if (isset($_POST['default']) && ($dnid = $_POST['default'])) { c2r_user_number_default($user->id, $dnid); } if (isset($_POST['dlid']) && ($dlid = $_POST['dlid']) && isset($_POST['language']) && ($lng = $_POST['language'])) { c2r_user_update_default_location($user->id, $dlid);
$has_errors = true; } } } if (!$has_errors) { c2r_userinfo_insert($_POST['name'], $_POST['email'], $_POST['cid'], $_POST['dlid'], $_POST['gid'], $_POST['is_active'], $_POST['number']); unset($_POST); } else { if ($duplicate_email) { $e_msg = 'Duplicate Email: ' . $_POST['email']; addErrorMessage($e_msg); c2r_log_error('Add User', $e_msg); } if ($duplicate_number) { $e_msg = 'Duplicate Numbers: ' . $_POST['number']; addErrorMessage($e_msg); c2r_log_error('Add User', $e_msg); } } } $users = c2r_users_get($user->group_id < 3 ? $user->company_id : 0); foreach ($users as $uid => $u) { $ui = c2r_get_user_info_object($uid); $users[$uid]->ui = $ui; } $locations = c2r_locations_get(0, $user->group_id < 3 ? $user->company_id : 0); $companies = c2r_companies_get(); $smarty->assign('companies', $companies); $smarty->assign('locations', $locations); $smarty->assign('has_errors', $has_errors); $smarty->assign('users', $users);
_setView(__FILE__); _setTitle($langArray['make_payment_setTitle']); $deposit_id = 0; if (isset($_SESSION['tmp']['deposit_id'])) { $deposit_id = (int) $_SESSION['tmp']['deposit_id']; } require_once ROOT_PATH . '/apps/users/models/deposit.class.php'; $cms = new deposit(); $deposit_info = $cms->get($deposit_id); //充值信息 if ($deposit_info) { $payments = glob(dirname(dirname(dirname(__FILE__))) . '/payments/controllers/*.php'); $payments_data = array(); //充值方式 if ($payments) { $order_obj = array(); $key = 'chinabank'; require_once ROOT_PATH . '/apps/payments/models/' . $key . '.class.php'; $order_obj[$key] = new $key(); $payments_data[$key] = array('title' => '网银在线', 'description' => '网银在线订单支付', 'form' => $order_obj[$key]->generateDepositForm($deposit_info), 'logo' => ''); if ($payments_data) { abr('payments_data', $payments_data); } else { addErrorMessage($langArray['no_payment_methods'], '', 'error'); } } else { addErrorMessage($langArray['no_payment_methods'], '', 'error'); } } else { addErrorMessage($langArray['deposit_is_expired'], '', 'error'); }
<?php // +---------------------------------------------------------------------- // | Demila [ Beautiful Digital Content Trading System ] // +---------------------------------------------------------------------- // | Copyright (c) 2015 http://demila.org All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Email author@demila.org // +---------------------------------------------------------------------- _setView(__FILE__); if (!isset($_GET['email'])) { refresh('/'); } require_once ROOT_PATH . "/apps/bulletin/models/bulletin.class.php"; $bulletinClass = new bulletin(); $bulletinClass->deleteEmail($_GET['email']); addErrorMessage($_GET['email'] . $langArray['complete_unsubscribe'], '', 'complete');
<?php // +---------------------------------------------------------------------- // | Demila [ Beautiful Digital Content Trading System ] // +---------------------------------------------------------------------- // | Copyright (c) 2015 http://demila.org All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Email author@demila.org // +---------------------------------------------------------------------- _setView(__FILE__); _setTitle($langArray['view']); if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { refresh('?m=' . $_GET['m'] . '&c=list', 'INVALID ID', 'error'); } if (!isset($_GET['p'])) { $_GET['p'] = ''; } $cms = new contacts(); $data = $cms->get($_GET['id']); if (isset($_POST['send'])) { $s = $cms->sendAnswer(); if ($s === true) { refresh('?m=' . $_GET['m'] . '&c=list', $langArray['complete_answer_issue'], 'complete'); } else { addErrorMessage($langArray['error_answer_issue'], '', 'error'); } } $_POST = $data; require_once ROOT_PATH . '/apps/lists/leftlist_admin.php';
$quizClass = new quiz(); $answersClass = new answers(); $questions = $quizClass->getAll(0, 0, '', 'RAND()'); abr('questions', $questions); $answers = $answersClass->getAll(0, 0, '', true); abr('answers', $answers); if ($_SESSION['user']['quiz'] != 'false') { refresh('/' . $languageURL . 'author_dashboard/'); } #检查测验 if (isset($_POST['submit'])) { $rightAnswers = 0; if (isset($_POST['answers']) && is_array($_POST['answers'])) { foreach ($_POST['answers'] as $question => $answer) { if (isset($answers[$question][$answer]) && $answers[$question][$answer]['right'] == 'true') { $rightAnswers++; } } } if ($rightAnswers > 0 && count($questions) == $rightAnswers) { $_SESSION['user']['quiz'] = 'true'; require_once ROOT_PATH . '/apps/users/models/users.class.php'; $usersClass = new users(); $usersClass->updateQuiz($_SESSION['user']['user_id'], 'true'); refresh('/' . $languageURL . 'users/dashboard/', $langArray['complete_score_quiz'], 'complete'); } else { addErrorMessage(langMessageReplace($langArray['error_quiz'], array('RIGHT' => $rightAnswers, 'TOTAL' => count($questions))), '', 'error'); } } #面包屑 abr('breadcrumb', '<a href="/' . $languageURL . '" title="">' . $langArray['home'] . '</a> \\ <a href="/' . $languageURL . 'quiz/" title="">' . $langArray['quiz'] . '</a>');
/** * do several things??? with groups and memberships * * TODO: rename, maybe to groupMembership? * * @return string; html form */ function subscribeGroup() { global $user; include_once CHURCHDB . '/churchdb_db.php'; $sql_gruppenteilnahme = "SELECT g.bezeichnung, gpg.*\n FROM {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp, {cdb_gruppe} g\n WHERE gpg.gemeindeperson_id=gp.id AND gp.person_id=:person_id AND gpg.gruppe_id=g.id AND g.id=:g_id"; $sGroup = getVar("subscribegroup"); // if ($sGroup = getVar("subscribegroup")) { // should also work if ($sGroup > 0) { $res = db_query("SELECT * FROM {cdb_gruppe}\n WHERE id=:id AND offen_yn=1", array(":id" => $sGroup))->fetch(); if (!$res) { addErrorMessage(t("error.requesting.group.membership")); } else { include_once CHURCHDB . '/churchdb_ajax.php'; $grp = db_query($sql_gruppenteilnahme, array(":person_id" => $user->id, ":g_id" => $sGroup))->fetch(); if (!$grp) { churchdb_addPersonGroupRelation($user->id, $res->id, -2, null, null, null, t("request.by.form")); } else { _churchdb_editPersonGroupRelation($user->id, $res->id, -2, null, "null", t("request.quit.membership.by.form")); } addInfoMessage(t("membership.requested.by.form.leader.will.be.informed", "<i>{$res->bezeichnung}</i>")); } } $uGroup = getVar("unsubscribegroup"); // if ($uGroup = getVar("unsubscribegroup")) { // should also work if ($uGroup > 0) { $res = db_query($sql_gruppenteilnahme, array(":person_id" => $user->id, ":g_id" => $uGroup))->fetch(); if (!$res) { addErrorMessage(t("error.quitting.membership")); } else { include_once CHURCHDB . '/churchdb_ajax.php'; _churchdb_editPersonGroupRelation($user->id, $res->gruppe_id, -1, null, "null", t("request.quit.membership.by.form")); addInfoMessage(t("membership.marked.for.deleting", "<i>{$res->bezeichnung}</i>")); } } // get groups the user is member of or requested membership $res = db_query("SELECT gpg.gruppe_id, status_no\n FROM {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp\n WHERE gpg.gemeindeperson_id=gp.id AND gp.person_id={$user->id}"); $mygroups = array(); foreach ($res as $p) { $mygroups[$p->gruppe_id] = $p; } // get all open groups $res = db_query("SELECT * FROM {cdb_gruppe} p\n WHERE offen_yn=1 AND ((abschlussdatum IS NULL) OR (DATE_ADD( abschlussdatum, INTERVAL 1 DAY ) > NOW( )))"); $txt = ""; $txt_subscribe = ""; $txt_unsubscribe = ""; foreach ($res as $g) { // groups user is not member of if (!isset($mygroups[$g->id]) || $mygroups[$g->id]->status_no == -1) { if ($g->max_teilnehmer == null || churchdb_countMembersInGroup($g->id) < $g->max_teilnehmer) { $txt_subscribe .= "<option value='{$g->id}'>{$g->bezeichnung}"; if ($g->max_teilnehmer) { $txt_subscribe .= " (max. {$g->max_teilnehmer})"; } } } else { if ($mygroups[$g->id]->status_no <= 0) { $txt_unsubscribe .= "<option value='{$g->id}'>{$g->bezeichnung}"; if ($mygroups[$g->id]->status_no == -2) { $txt_unsubscribe .= " [beantragt]"; } } } } if ($txt_subscribe || $txt_unsubscribe) { $txt = '<form method="GET" action="?q=home">'; if ($txt_subscribe) { $txt .= '<p>' . t("apply.for.group.membership") . ':<p><select name="subscribegroup"><option>' . $txt_subscribe . '</select>'; } if ($txt_unsubscribe) { $txt .= '<p>' . t("quit.group.membership") . ':<p><select name="unsubscribegroup"><option>' . $txt_unsubscribe . '</select>'; } $txt .= '<P><button class="btn" type="submit" name="btn">' . t("send") . '</button>'; $txt .= '</form>'; } return $txt; }
if (check_login_bool() && isset($_POST['add'])) { $s = $commentsClass->add(); if ($s === true) { refresh('/' . $languageURL . 'items/comments/' . $itemID, $langArray['complete_add_comment'], 'complete'); } else { addErrorMessage($langArray['error_item_comment'], '', 'error'); } } elseif (isset($_POST['add_reply'])) { if (!isset($_POST['comment_id'])) { $_POST['comment_id'] = 0; } $s = $commentsClass->add($_POST['comment_id']); if ($s === true) { refresh('/' . $languageURL . 'items/comments/' . $itemID, $langArray['complete_add_reply'], 'complete'); } else { addErrorMessage($langArray['error_item_comment'], '', 'error'); } } $comments = $commentsClass->getAll(START, LIMIT, " `item_id` = '" . intval($itemID) . "' AND `reply_to` = '0' ", true, '`datetime` ASC'); if (is_array($comments)) { $users = $usersClass->getAll(0, 0, $commentsClass->usersQuery); abr('users', $users); $ordersClass = new orders(); $buyFromUsers = $ordersClass->isItemBuyed($itemID, $commentsClass->usersQuery); abr('buyFromUsers', $buyFromUsers); } abr('comments', $comments); abr('paging', paging('/' . $languageURL . 'items/comments/' . $itemID . '/?p=', '', PAGE, LIMIT, $commentsClass->foundRows)); #标签标记作品 require_once ROOT_PATH . '/apps/items/controllers/bookmark.php'; #是否免费文件
if (!$has_error) { if ($_GET['route']) { $r = c2r_routes_get($_GET['route_id']); $res = c2r_request_ride_route($_GET['user_number_id'], $_GET['location_id'], $r->key, $_GET['reverse'], $time_earliest, $time_latest, $sdate); } else { $sp = c2r_pickuppoints_get($_GET['start_point']); $ep = c2r_pickuppoints_get($_GET['end_point']); $res = c2r_request_ride($_GET['user_number_id'], $_GET['location_id'], $sp->key, $ep->key, $time_earliest, $time_latest, $sdate); } if ($res) { addInfoMessage($res); header("Location: " . OCP_BASE_URL . "matchingoffers.php"); /* Redirect browser */ exit; } else { addErrorMessage(t('An error occurred')); } } } smarty_display('request'); exit; $title = 'Request'; $page_id = 'index'; include 'design/header.php'; ?> <script type="text/javascript" charset="utf-8"> function change_select (val) { if (val) { $('#point_select').hide(); $('#route_select').show();
/** * view log * * TODO: maybe the html should be in a sort of template? */ function churchcore__logviewer() { if (!user_access("view logfile", "churchcore")) { addErrorMessage(t("no.permission.for", "LogViewer")); return " "; } $txt = '<div class="row-fluid">'; $txt .= '<div class="span3 bs-docs-sidebar">'; $txt .= '<ul id="navlist" class="nav nav-list bs-docs-sidenav affix-top">'; $txt .= '<li><a href="#log1">' . t("important.logs") . '</a>'; $txt .= '<li><a href="#log2">' . t("last.accesses") . '</a>'; $txt .= '<li><a href="#log3">' . t("top.accesses") . '</a>'; $txt .= '</div>'; $txt .= '<div class="span9">'; $limit = 200; if (getVar("showmore")) { $limit = 1000; } $filter = "txt LIKE 'Sende Mail%' OR txt LIKE 'Gruppe:%' OR level<3"; $val = ""; $params = array(); if ($f = getVar("filter")) { $filter = "txt LIKE :filter"; $params[":filter"] = '%' . $f . '%'; $val = $f; } $txt .= '<anchor id="log1"/><h2>' . t("logviewer") . '</h2>'; $res = db_query("SELECT p.id p_id, p.vorname, p.name, log.datum, log.level, log.domain_type, log.domain_id, log.txt\n FROM {cdb_person} p RIGHT JOIN\n (SELECT person_id, datum, level, domain_type, domain_id, txt\n FROM {cdb_log} l\n WHERE {$filter}\n \t\t\t\t ORDER BY l.id DESC\n \t\t\t\t LIMIT 0,{$limit}) AS log ON (log.person_id=p.id)", $params); $txt .= '<form class="form-inline" action="">'; $txt .= '<input type="hidden" name="q" value="churchcore/logviewer"/>'; $txt .= '<input name="filter" class="input-medium" type="text" value="' . $val . '"></input> <input type="submit" class="btn" value="' . t("filter") . '"/></form>'; $txt .= '<table class="table table-condensed table-bordered">'; $txt .= "<tr><th>" . t("date") . "<th>#<th>Object<th>" . t("name") . "<th>Log"; $counter = 0; foreach ($res as $arr) { $txt .= "<tr><td><nobr>{$arr->datum} </nobr><td>{$arr->level}<td>{$arr->domain_type}" . ($arr->domain_id != -1 ? "[{$arr->domain_id}]" : ""); $txt .= "<td>"; if (isset($arr->p_id)) { $txt .= "<nobr>{$arr->vorname} {$arr->name} [{$arr->p_id}]</nobr>"; } $txt .= "<td><small style=\"color:grey\">{$arr->txt}</small>"; $counter++; } $txt .= '</table>'; if (!getVar("showmore") && $counter >= $limit) { $txt .= '<a href="?q=churchcore/logviewer&showmore=true" class="btn">' . t("show.more.rows") . '</a> '; } $txt .= '<anchor id="log2"><h2>' . t("last.accesses") . '</h2>'; $txt .= "<table class=\"table table-condensed table-bordered\"><tr><th>" . t("name") . "<th>" . t("count.accesses") . "<th>" . t("last.accesses"); $res = db_query("SELECT p.id pid, vorname, name, COUNT( l.id ) count, MAX( lastlogin ) maxdatum\n FROM {cdb_log} l, {cdb_person} p\n WHERE l.person_id=p.id\n GROUP BY pid, vorname, name\n ORDER BY max( lastlogin ) DESC "); foreach ($res as $arr) { $txt .= "<tr><td>{$arr->vorname} {$arr->name} [{$arr->pid}]<td>" . $arr->count . "<td>" . $arr->maxdatum . "<br/>"; } $txt .= "</table><br/><br/>"; $txt .= '<anchor id="log3"><h2>' . t("top.accesses") . '</h2>'; $txt .= "<table class=\"table table-condensed table-bordered\"><tr><th>" . t("name") . "<th>" . t("count.accesses") . "<th>" . t("last.accesses"); $res = db_query("SELECT p.id pid, vorname, name, COUNT( l.id ) count, MAX( lastlogin ) maxdatum\n FROM {cdb_log} l, {cdb_person} p\n WHERE l.person_id=p.id\n GROUP BY pid, vorname, name\n ORDER BY count(l.id) DESC "); foreach ($res as $arr) { $txt .= "<tr><td>{$arr->vorname} {$arr->name} [{$arr->pid}]<td>" . $arr->count . "<td>" . $arr->maxdatum . "<br/>"; } $txt .= "</table><br/><br/>"; $txt .= "</div></div>"; $txt .= ' <script> !function ($) { $(function(){ // carousel demo $("#navlist").affix({offset: {top: 15}}); }) }(window.jQuery) </script>'; return $txt; }
/** * TODO: put this into churchtools_main, no need for two functions * * Main entry point for churchtools. * This will be called from /index.php * Function loads i18n, configuration, check data security. * If everything is ok, it calls churchtools_processRequest() */ function churchtools_app() { global $q, $q_orig, $currentModule, $add_header, $config, $mapping, $content, $base_url, $files_dir, $user, $embedded, $i18n; include_once CHURCHCORE . "/churchcore_db.php"; $files_dir = DEFAULT_SITE; // which module is requested? $q = $q_orig = getVar("q", userLoggedIn() ? "home" : getConf("site_startpage", "home")); // $currentModule is needed for class autoloading and maybe other include paths list($currentModule) = explode('/', getVar("q")); // get first part of $q or churchcore $embedded = getVar("embedded", false); $base_url = getBaseUrl(); $config = loadConfig(); if ($config) { if (db_connect()) { // DBConfig overwrites the config files loadDBConfig(); if (empty($config['site_name'])) { $config['site_name'] = 'ChurchTools'; } //dont allow site_name to be empty date_default_timezone_set(getConf("timezone", "Europe/Berlin")); if (isset($_COOKIE["language"])) { $config["language"] = $_COOKIE["language"]; } // Load i18n churchcore-bundle if (!isset($config["language"])) { if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $config["language"] = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); } else { $config["language"] = DEFAULT_LANGUAGE; } } $i18n = new TextBundle(CHURCHCORE . "/resources/messages"); $i18n->load("churchcore", $config["language"] != null ? $config["language"] : null); // Session Init if (!file_exists($files_dir . "/tmp")) { @mkdir($files_dir . "/tmp", 0775, true); } if (!file_exists($files_dir . "/tmp")) { // Admin should act accordingly, default suggestion is 0755. addErrorMessage(t("permission.denied.write.dir", $files_dir)); } else { session_save_path($files_dir . "/tmp"); } session_name("ChurchTools_" . $config["db_name"]); session_start(); register_shutdown_function('handleShutdown'); // Check for offline mode. If it's activated display message and return false; if (getConf("site_offline") == 1) { if (!isset($_SESSION["user"]) || !in_array($_SESSION["user"]->id, getConf("admin_ids"))) { echo t("site.is.down"); return false; } } $embedded = getVar("embedded", false); $mapping = loadMapping(); $success = true; // Check for DB-Updates and loginstr only if this is not an ajax call. if (strrpos($q, "ajax") === false) { $success = checkForDBUpdates(); } // Log if debug ist activated if (isset($config["debug"])) { logParams(); } if ($success) { // Is there a loginstr which does not fit to the current logged in user? if (getVar("loginstr") && getVar("id") && userLoggedIn() && $_SESSION["user"]->id != getVar("id")) { logout_current_user(); session_start(); } else { loadUserObjectInSession(); } } if ($success) { if (isset($_SESSION['user'])) { $user = $_SESSION['user']; } // Accept data security? if (userLoggedIn() && !isset($_SESSION["simulate"]) && $q != "logout" && isset($config["accept_datasecurity"]) && $config["accept_datasecurity"] == 1 && !isset($user->acceptedsecurity)) { $content .= pleaseAcceptDatasecurity(); } else { $content .= churchtools_processRequest($q); } } } } // TODO: i changed header/footer to a sort of template // probably some more logic could be removed from them by setting some more variables here // put header/footer into new file layout.php and add a variable $content $lang = getConf("language"); $simulate = getVar("simulate", false, $_SESSION); $sitename = getConf("site_name"); if (getConf("test")) { $sitename .= " TEST "; } $logo = ($logo = getConf("site_logo")) ? "{$files_dir}/files/logo/{$logo}" : ''; include INCLUDES . "/header.php"; echo $content; include INCLUDES . "/footer.php"; }
// +---------------------------------------------------------------------- // | Demila [ Beautiful Digital Content Trading System ] // +---------------------------------------------------------------------- // | Copyright (c) 2015 http://demila.org All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Email author@demila.org // +---------------------------------------------------------------------- _setView(__FILE__); _setTitle($langArray['edit']); if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { refresh('?m=' . $_GET['m'] . '&c=withdraws', 'INVALID ID', 'error'); } $cms = new deposit(); $data = $cms->getWithdraw($_GET['id']); abr('data', $data); $usersClass = new users(); $user = $usersClass->get($data['user_id']); abr('user', $user); if (isset($_POST['edit'])) { $status = $cms->payoutWithdraw(); if ($status !== true) { addErrorMessage($status, '', 'error'); } else { refresh("?m=" . $_GET['m'] . "&c=withdraws", $langArray['complete_withdraw']); } } else { $_POST = $data; } require_once ROOT_PATH . '/apps/lists/leftlist_admin.php';
} /* PW Lost */ if ($key = $_GET['pwlost']) { check_lost_password($key); // if script continues, then key was invalid addErrorMessage(t('This key is invalid, please use the password lost function again')); } /* Login */ if (isset($_POST['email'])) { $email = strtolower($_POST['email']); $password = $_POST['password']; if (!loginUser($email, $password)) { addErrorMessage(t('Wrong email address or password')); } } /* Password lost */ if (isset($_POST['lost_email'])) { $email = strtolower($_POST['lost_email']); $keeponpage = true; $res = c2r_lost_password($email); if ($res == 1) { addInfoMessage(t('We sent you a login link via email. Please check your email account.')); } else { addErrorMessage(t('Unknown email address. You can register a new account with this email address.')); } } if (!$keeponpage && $user) { header('Location: ' . OCP_BASE_URL); exit; } smarty_display(t('login'));
$s = $usersClass->login(); if ($s === true) { if (isset($_SESSION['temp']['golink'])) { $web = $_SESSION['temp']['golink']; unset($_SESSION['temp']['golink']); refresh($web); } refresh('/' . $languageURL); } else { // error_invalid_username_or_password //账号未激活 if ($s == 'error_invalid_activation_no') { //通过用户名密码获取用户信息 $username = $_POST['username']; $password = $_POST['password']; $user_info = $usersClass->getuserinfoByNamePwd($username, $password); $usersClass->res_send($user_info['user_id']); $res_data['show_status'] = 1; $res_mail = 'http://' . $usersClass->gotomail($user_info['email']); $_SESSION["THE_USER_RES_SEND_MAIL_4_M_MAIL"] = $res_mail; $_SESSION["THE_USER_RES_SEND_MAIL_4_M"] = $user_info['user_id']; } else { $res_data['user_info'] = array(); $res_data['show_status'] = 0; } abr('res_data', $res_data); addErrorMessage($langArray[$s], '', 'error'); } } #面包屑 abr('breadcrumb', '<a href="/' . $languageURL . '" title="">' . $langArray['home'] . '</a> \\ <a href="/' . $languageURL . 'users/login/" title="">' . $langArray['login'] . '</a>');
function parseInputs() { global $inputs, $results; //create the results array, with true as the default $results[0] = "true"; //catch the posted inputs and store them in the inputs array foreach ($_POST as $field => $value) { $inputs[$field] = $value; } //perform misc functions to make sure the inputs won't do anything //malicious (such as trimming, stripping html tags, and preventing //sql injections) foreach ($inputs as $field => $value) { $inputs[$field] = trim($value); $inputs[$field] = htmlspecialchars($value); $inputs[$field] = strip_tags($value); $inputs[$field] = nl2br($value); $inputs[$field] = mysql_real_escape_string($value); } //make sure any inputs that are marked as required aren't empty, and //that all fields conform to the proper data type, if one is indicated foreach ($inputs as $field => $value) { //reset these flags for each input $isRequired = false; $foundError = false; //make sure required fields aren't empty if (strrpos($field, '$R', 0) != false) { //this field is required $isRequired = true; if ($value == "") { //this field is required, but it's empty. log an error addErrorMessage("\"" . restoreFieldName($field) . "\" is a required field, you must enter a value"); //set this so we don't check this field for data type $foundError = true; } } //we only care about the data type if the field has a value, and //we haven't already found a problem with this input if (($value != "") && (!$foundError)) { //make sure the value is of the proper data type $dollar_position = strrpos($field, '$', 0); if ($dollar_position != false) { //there is a $ in the name of this field (position of it stored in $dollar_position) if ((substr($field, ($dollar_position + 1), 2) == "is") || (substr($field, ($dollar_position + 2), 2) == "is")) { //this field name has "is" either right after the $, or 1 char after the $ (allowing for the R) //this means that this field must conform to a specific data type $dataType = substr($field, (strpos($field, '$', 0) + 1), strlen($field)); $dataType = substr($dataType, (strpos($dataType, "is", 0) + 2), strlen($dataType)); $dataType = strToLower($dataType); if (!isCorrectDataType($value, $dataType)) { //the value does not conform to the data type. log an error addErrorMessage("\"" . restoreFieldName($field) . "\" must be of the " . $dataType . " data type"); //and now empty this value in the array, so that if this gets sent back and //preloaded into the form, the faulty value won't go with it $inputs[$field] = ""; } } } } } //lastly, remove the $ and everything after it from the keys of the inputs array foreach ($inputs as $key => $value) { $oldKey = null; $newKey = null; //store the place of the dollar sign in the key (if any) $dollar_position = strpos($key, "$", 0); if ($dollar_position != false) { //there is a $ in the name of this field //store the current key $oldKey = $key; //the new key is the old key from the start up to the position of the dollar sign $newKey = substr($oldKey, 0, $dollar_position); //create a new entry in the array with the new key and the same value as the old one $inputs[$newKey] = $value; //and remove the old (with the $) entry in the array unset($GLOBALS["inputs"][$oldKey]); } } }
#END; /* * CACHE */ $cache = new cache(); $cache->cacheDir = CACHE; global $cache; /* * SESSION */ $session = new session(); /* * 读取$_SESSION中的flash信息 */ if ($message = getRefreshMessage()) { addErrorMessage($message['title'], $message['text'], $message['type']); } /* * 设置默认分页变量 * LIMIT = 10 */ if (!defined('LIMIT')) { define('LIMIT', 20, true); } if (isset($_GET['p']) && is_numeric($_GET['p']) && $_GET['p'] > 1) { define('PAGE', intval($_GET['p'])); define('START', (PAGE - 1) * LIMIT); } else { define('PAGE', 1); define('START', 0); }
/** * db backup into file $files_dir . "/db_backup" * @return boolean */ function dump_database() { global $files_dir; $dir = $files_dir . "/db_backup"; if (!file_exists($dir)) { mkdir($dir, 0700, true); } if (!is_writable($dir)) { addErrorMessage(t('permission.denied.write.dir', "<i>{$dir}</i>")); } else { if (!file_exists($dir . "/.htaccess")) { $handle = fopen($dir . "/.htaccess", 'w+'); fwrite($handle, "Deny from all"); fclose($handle); } $tables = array(); $res = db_query('SHOW TABLES'); foreach ($res as $row) { $table = ""; foreach ($row as $key => $val) { $table = $val; break; } if (isCTDBTable($table)) { $tables[] = $table; } } $return = ""; $dt = new DateTime(); $filename = $dir . '/db-backup-' . $dt->format('YmdHi') . '-' . md5(implode(',', $tables)) . '.sql'; $handle = fopen($filename, 'w+'); foreach ($tables as $table) { $return .= 'DROP TABLE IF EXISTS ' . $table . ';'; $row2 = db_query('SHOW CREATE TABLE ' . $table)->fetch(); $row2 = (array) $row2; $return .= "\n" . $row2["Create Table"] . ";\n\n"; $result = db_query('SELECT * FROM ' . $table); foreach ($result as $content) { $return .= 'INSERT INTO ' . $table . ' VALUES('; $arr = array(); foreach ($content as $key => $val) { if (!isset($val)) { $val = "NULL"; } else { $val = '"' . addslashes($val) . '"'; } $arr[] = $val; } $return .= implode(",", $arr) . ");\n"; } $return .= "\n\n\n"; fwrite($handle, $return); $return = ""; } // save file fclose($handle); $zip = new ZipArchive(); if ($zip->open($dir . '/db-backup-' . $dt->format('YmdHi') . '.zip', ZIPARCHIVE::OVERWRITE) !== true) { return false; } $zip->addFile($filename); $zip->close(); unlink($filename); // delete files older then 30 days if ($handle = opendir($dir)) { $now = new DateTime(); while (false !== ($file = readdir($handle))) { if (preg_match('/\\.sql|zip$/i', $file)) { $date = DateTime::createFromFormat('YmdHi', substr($file, 10, strpos($file, ".") - 10)); if ($date != null) { $interval = $date->diff($now); if ($interval->format('%a') > 30) { unlink($dir . "/" . $file); } } } } } } }
$data["thumbnail"] = empty($data["thumbnail"]) ? "" : DATA_SERVER . '/uploads/items/' . $data['item_id'] . '/' . $data["thumbnail"]; $data["first_preview"] = empty($data["first_preview"]) ? "" : DATA_SERVER . '/uploads/items/' . $data['item_id'] . '/' . $data["first_preview"]; $data["main_file"] = empty($data["main_file"]) ? "" : DATA_SERVER . '/uploads/items/' . $data['item_id'] . '/' . $data["main_file"]; abr('data', $data); $item = $cms->get($data['item_id']); if (!is_array($item)) { refresh('?m=' . $_GET['m'] . '&c=queue_update', 'WRONG ID', 'error'); } $item['user'] = $usersClass->get($item['user_id']); $item["thumbnail"] = DATA_SERVER . '/uploads/items/' . $data['item_id'] . '/' . $item["thumbnail"]; $item["theme_preview"] = DATA_SERVER . '/uploads/items/' . $data['item_id'] . '/' . $item["theme_preview"]; $item["main_file"] = DATA_SERVER . '/uploads/items/' . $data['item_id'] . '/' . $item["main_file"]; abr('item', $item); if (isset($_POST['submit'])) { if ($_POST['action'] == 'approve') { $s = $cms->approveUpdate($_GET['id']); if ($s === true) { refresh("?m=" . $_GET['m'] . "&c=queue_update&p=" . $_GET['p'], $langArray['complete_approve_item_update']); } else { addErrorMessage($s, '', 'error'); } } elseif ($_POST['action'] == 'delete') { $s = $cms->unapproveDeleteUpdate($_GET['id']); if ($s === true) { refresh("?m=" . $_GET['m'] . "&c=queue_update&p=" . $_GET['p'], $langArray['complete_delete_item_update']); } else { addErrorMessage($s, '', 'error'); } } } require_once ROOT_PATH . '/apps/lists/leftlist_admin.php';
// +---------------------------------------------------------------------- // | Email author@demila.org // +---------------------------------------------------------------------- _setView(__FILE__); $orderID = 0; if (isset($_SESSION['tmp']['order_id'])) { $orderID = (int) $_SESSION['tmp']['order_id']; } require_once ROOT_PATH . '/apps/items/models/orders.class.php'; $cms = new orders(); $order_info = $cms->get($orderID); if ($order_info) { $payments = glob(dirname(dirname(dirname(__FILE__))) . '/payments/controllers/*.php'); $payments_data = array(); if ($payments) { $order_obj = array(); $key = 'chinabank'; require_once ROOT_PATH . '/apps/payments/models/' . $key . '.class.php'; $order_obj[$key] = new $key(); $payments_data[$key] = array('title' => '网银在线', 'description' => '网银在线订单支付', 'form' => $order_obj[$key]->generateForm($order_info), 'logo' => ''); if ($payments_data) { abr('payments_data', $payments_data); } else { addErrorMessage($langArray['no_payment_methods'], '', 'error'); } } else { addErrorMessage($langArray['no_payment_methods'], '', 'error'); } } else { addErrorMessage($langArray['order_is_expired'], '', 'error'); }
/** * * @param array $u userdata * @param bool $rember_me * @return NULL */ function login_user($u, $rember_me = false, $redirect = true) { global $q, $q_orig, $config; if (empty($u->id)) { addErrorMessage(t("login.error.no.id.specified")); return null; } $_SESSION["email"] = $u->email; if (!$u->cmsuserid) { $u->cmsuserid = "{$u->vorname} {$u->name} [" . $u->id . "]"; db_query("UPDATE {cdb_person}\n SET cmsuserid=:cmsuserid\n WHERE id=:id", array(':cmsuserid' => $u->cmsuserid, ':id' => $u->id)); } if ($u->loginstr) { db_query("UPDATE {cdb_person}\n SET loginstr=NULL\n WHERE id=:id", array(':id' => $u->id)); } $u->auth = getUserAuthorization($u->id); $_SESSION["user"] = $u; // TODO: make time configurable // login is valid for 6 days $cookieExpireTime = time() + 60 * 60 * 24 * 6; setcookie("RememberMe", $rember_me, $cookieExpireTime); $_SESSION["sessionid"] = random_string(); setcookie("CC_SessionId", $_SESSION["sessionid"], $cookieExpireTime); $dt = new DateTime(); db_query("UPDATE {cdb_person} SET lastlogin=NOW(), loginerrorcount=0 WHERE id=:id", array(':id' => $u->id)); // Get language form user setting, if not available set it from current cookie $lang = getUserSetting("churchcore", $u->id, "language"); if (!$lang) { _churchcore_savePidUserSetting("churchcore", $u->id, "language", getConf("language")); } else { setcookie("language", $lang, time() + 60 * 60 * 24 * 30); } // 30 days db_query("DELETE FROM {cc_session} WHERE datediff(NOW(), datum)>7"); db_query("INSERT INTO {cc_session} (person_id, session, hostname, datum)\n VALUES (:id, :session, :host, :date)", array(':id' => $u->id, ':session' => $_SESSION["sessionid"], ':host' => $_SERVER["HTTP_HOST"], ':date' => $dt->format('Y-m-d H:i:s'))); if ($u->email) { // look for family users with the same email $res = db_query("SELECT * FROM {cdb_person}\n WHERE email=:email AND archiv_yn=0", array(":email" => $u->email)); $family = array(); $count = 0; foreach ($res as $p) { if ($p->id != $u->id) { $family[$p->id] = $p; } $count++; if ($count > 15) { break; } //no family should have more then 15 users } if (count($family)) { $_SESSION["family"] = $family; } } ct_log("Login succeed: {$u->email} with " . getVar('HTTP_USER_AGENT', "Unkown Browser", $_SERVER), 2, -1, "login"); if ($redirect) { // on switching family login dont forward to login again if ($q != $q_orig) { header("Location: " . $_SERVER["REQUEST_URI"]); } else { if ($q == "login") { header("Location: ?q=home"); } } } }
function home__memberlist_printview() { global $base_url, $files_dir, $config; // $content='<html><head><meta http-equiv="Content-Type" content="application/pdf; charset=utf-8" />'; // drupal_add_css(BOOTSTRAP.'/css/bootstrap.min.css'); // drupal_add_css(CHURCHDB.'/cdb_printview.css'); // $content=$content.drupal_get_header(); if (!user_access("view memberliste", "churchdb")) { addErrorMessage(t("no.permission.for", t("list.of.members"))); return " "; } require_once ASSETS . '/fpdf17/fpdf.php'; $compact = true; if (isset($_GET["compact"])) { $compact = $_GET["compact"]; } // Instanciation of inherited class $pdf = new PDF('P', 'mm', 'A4'); $pdf->AliasNbPages(); $pdf->AddPage(); $pdf->SetFont('Arial', '', 9); $res = home_getMemberList(); $pdf->SetLineWidth(0.4); $pdf->SetDrawColor(200, 200, 200); $fields = _home__memberlist_getSettingFields()->fields; foreach ($res as $p) { $pdf->Line(8, $pdf->GetY() - 1, 204, $pdf->GetY() - 1); $pdf->Cell(10, 10, "", 0); if ($p->imageurl == null || !file_exists("{$files_dir}/fotos/{$p->imageurl}")) { $p->imageurl = "nobody.gif"; } $pdf->Image("{$files_dir}/fotos/{$p->imageurl}", $pdf->GetX() - 10, $pdf->GetY() + 1, 9); $pdf->Cell(2); $pdf->Cell(13, 9, $p->anrede, 0, 0, 'L'); $pdf->Cell(48, 9, utf8_decode("{$p->name}, {$p->vorname}"), 0, 0, 'L'); $pdf->Cell(45, 9, utf8_decode("{$p->strasse}"), 0, 0, 'L'); // TODO: second occurence of code part - whats this for? $birthday = ""; if ($p->geburtsdatum != null) { if ($p->year < 7000) { $birthday = "{$p->day}.{$p->month}."; } if ($p->year != 1004 && $fields["memberlist_birthday_full"]->getValue()) { if ($p->year < 7000) { $birthday = $birthday . $p->year; } else { $birthday = $birthday . $p->year - 7000; } } } $pdf->Cell(20, 9, $birthday, 0, 0, 'L'); if ($fields["memberlist_telefonprivat"]->getValue() && $p->telefonprivat != "") { $pdf->Cell(30, 9, $p->telefonprivat, 0, 0, 'L'); } else { if ($fields["memberlist_telefongeschaeftlich"]->getValue() && $p->telefongeschaeftlich != "") { $pdf->Cell(30, 9, $p->telefongeschaeftlich, 0, 0, 'L'); } else { if ($fields["memberlist_telefongeschaeftlich"]->getValue() && $p->fax != "") { $pdf->Cell(30, 9, $p->fax . " (Fax)", 0, 0, 'L'); } else { $pdf->Cell(30, 9, "", 0, 0, 'L'); } } } if ($fields["memberlist_telefonhandy"]->getValue() && $p->telefonhandy != "") { $pdf->Cell(30, 9, $p->telefonhandy, 0, 0, 'L'); } // Zeilenumbruch $pdf->Ln(5); $pdf->Cell(73); $pdf->Cell(48, 10, "{$p->plz} " . utf8_decode($p->ort), 0, 0, 'L'); $pdf->Cell(17); if ($fields["memberlist_email"]->getValue() && $p->email != "") { $pdf->SetFont('Arial', '', 8); $pdf->Cell(30, 9, $p->email); $pdf->SetFont('Arial', '', 9); } $pdf->Ln(12); } $pdf->Output(t("list.of.members") . '.pdf', 'I'); }
function login_user($ret, $rember_me = false) { global $q, $q_orig; if (!isset($ret->id)) { addErrorMessage("Keine Id vorhanden, Fehler beim Login!"); return null; } $_SESSION["email"] = $ret->email; if ($ret->cmsuserid == "") { $ret->cmsuserid = $ret->vorname . " " . $ret->name . " [" . $ret->id . "]"; db_query("update {cdb_person} set cmsuserid='" . $ret->cmsuserid . "' where id={$ret->id}"); } if ($ret->loginstr != null) { db_query("update {cdb_person} set loginstr=null where id={$ret->id}"); } $ret->auth = getUserAuthorization($ret->id); $_SESSION["user"] = $ret; // 6 Tage h�lt der Login $ablaufDesCookies = time() + 60 * 60 * 24 * 6; setcookie("RememberMe", $rember_me, $ablaufDesCookies); $_SESSION["sessionid"] = random_string(); setcookie("CC_SessionId", $_SESSION["sessionid"], $ablaufDesCookies); $dt = new DateTime(); db_query("update {cdb_person} set lastlogin=now(), loginerrorcount=0 where id=" . $ret->id); // db_query("delete from {cc_session} where person_id=".$ret->id." AND hostname='".$_SERVER["HTTP_HOST"]."'"); db_query("delete from {cc_session} where datediff(now(), datum)>7"); db_query("insert into {cc_session} (person_id, session, hostname, datum) \n values (" . $ret->id . ", '" . $_SESSION["sessionid"] . "', '" . $_SERVER["HTTP_HOST"] . "', '" . $dt->format('Y-m-d H:i:s') . "')"); if ($ret->email != '') { // Suche Leute aus der Familie, die die gleiche EMail-Adresse haben. $res = db_query("select * from {cdb_person} where email=:email and archiv_yn=0", array(":email" => $ret->email)); $family = null; $count = 0; foreach ($res as $p) { if ($p->id != $ret->id) { $family[$p->id] = $p; } $count++; if ($count > 15) { break; } } if ($family != null) { $_SESSION["family"] = $family; } } ct_log("Login succeed: " . $ret->email . " with " . (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "Unkown Browser!"), 2, -1, "login"); // Wenn es Ummelden war, dann nicht weiterleiten, denn sonst w�re das ja wieder Login. if ($q != $q_orig) { header("Location: ?q={$q_orig}"); } else { if ($q == "login") { header("Location: ?q=" . variable_get("site_startpage", "home")); } } }
$usersClass = new users(); $item['user'] = $usersClass->get($item['user_id']); abr('item', $item); #添加FAQ条目 if (check_login_bool() && $item['user_id'] == $_SESSION['user']['user_id'] && isset($_POST['add'])) { $faqClass = new faq(); $s = $faqClass->add($itemID); if ($s === true) { refresh('/' . $languageURL . 'items/faq/' . $itemID . '/', $langArray['complete_add_faq'], 'complete'); } else { $message = '<ul>'; foreach ($s as $e) { $message .= '<li>' . $e . '</li>'; } $message .= '</ul>'; addErrorMessage($message, '', 'error'); } } $faqClass = new faq(); if (check_login_bool() && $item['user_id'] == $_SESSION['user']['user_id'] && isset($_GET['del']) && is_numeric($_GET['del'])) { $faqClass->delete($_GET['del'], $itemID); refresh('/' . $languageURL . 'items/faq/' . $itemID . '/', $langArray['complete_delete_faq'], 'complete'); } #加载FAQ $faq = $faqClass->getAll($itemID); abr('faq', $faq); #标签标记作品 require_once ROOT_PATH . '/apps/items/controllers/bookmark.php'; #是否免费文件 if ($item['free_file'] == 'true') { abr('freeFileMessage', langMessageReplace($langArray['free_file_info'], array('URL' => '/' . $languageURL . 'users/downloads/' . $item['id'])));
/** * do several things??? with groups and memberships * * TODO: rename, maybe to groupMembership? * @return string; html form */ function subscribeGroup() { global $user; include_once CHURCHDB . '/churchdb_db.php'; $sql_gruppenteilnahme = "select g.bezeichnung, gpg.* from {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp, {cdb_gruppe} g \n where gpg.gemeindeperson_id=gp.id and gp.person_id=:person_id \n and gpg.gruppe_id=g.id and g.id=:g_id"; if (isset($_GET["subscribegroup"]) && $_GET["subscribegroup"] > 0) { $res = db_query("select * from {cdb_gruppe} where id=:id and offen_yn=1", array(":id" => $_GET["subscribegroup"]))->fetch(); if (!$res) { addErrorMessage(t("error.requesting.group.membership")); } else { include_once CHURCHDB . '/churchdb_ajax.php'; $grp = db_query($sql_gruppenteilnahme, array(":person_id" => $user->id, ":g_id" => $_GET["subscribegroup"]))->fetch(); if (!$grp) { churchdb_addPersonGroupRelation($user->id, $res->id, -2, null, null, null, t("request.by.form")); } else { _churchdb_editPersonGroupRelation($user->id, $res->id, -2, null, "null", t("request.quitting.by.form")); } addInfoMessage(t("membership.requested.by.form.leader.will.be.informed"), $res->bezeichnung); } } if (isset($_GET["unsubscribegroup"]) && $_GET["unsubscribegroup"] > 0) { $res = db_query($sql_gruppenteilnahme, array(":person_id" => $user->id, ":g_id" => $_GET["unsubscribegroup"]))->fetch(); if (!$res) { addErrorMessage(t("error.quitting.membership")); } else { include_once CHURCHDB . '/churchdb_ajax.php'; _churchdb_editPersonGroupRelation($user->id, $res->gruppe_id, -1, null, "null", t("request.quitting.by.form")); addInfoMessage(t("membership.marked.for.deleting", $res->bezeichnung)); } } // get groups the user is member of or requested membership $res = db_query("select gpg.gruppe_id, status_no from {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp\n where gpg.gemeindeperson_id=gp.id and gp.person_id={$user->id}"); $mygroups = array(); foreach ($res as $p) { $mygroups[$p->gruppe_id] = $p; } // get all open groups $res = db_query("select * from {cdb_gruppe} p where offen_yn=1 and \n ((abschlussdatum is null) or (DATE_ADD( abschlussdatum, INTERVAL 1 DAY ) > NOW( )))"); $txt = ""; $txt_subscribe = ""; $txt_unsubscribe = ""; foreach ($res as $g) { // groups i am not member of if (!isset($mygroups[$g->id]) || $mygroups[$g->id]->status_no == -1) { if ($g->max_teilnehmer == null || churchdb_countMembersInGroup($g->id) < $g->max_teilnehmer) { $txt_subscribe .= "<option value=\"" . $g->id . "\">" . $g->bezeichnung; if ($g->max_teilnehmer != null) { $txt_subscribe .= " (max. {$g->max_teilnehmer})"; } } } else { if ($mygroups[$g->id]->status_no <= 0) { $txt_unsubscribe .= '<option value="' . $g->id . '">' . $g->bezeichnung; if ($mygroups[$g->id]->status_no == -2) { $txt_unsubscribe .= " [beantragt]"; } } } } if ($txt_subscribe || $txt_unsubscribe) { $txt = '<form method="GET" action="?q=home">'; if ($txt_subscribe) { $txt .= '<p>' . t("apply.for.group.membership") . ':<p><select name="subscribegroup"><option>' . $txt_subscribe . '</select>'; } if ($txt_unsubscribe) { $txt .= '<p>' . t("quit.group.membership") . ':<p><select name="unsubscribegroup"><option>' . $txt_unsubscribe . '</select>'; } $txt .= '<P><button class="btn" type="submit" name="btn">' . t("send") . '</button>'; $txt .= '</form>'; } return $txt; }
/** * view log * * TODO: maybe the html should be in a sort of template? */ function churchcore__logviewer() { if (!user_access("view logfile", "churchcore")) { addErrorMessage(t("no.permission.for", "LogViewer")); return " "; } $txt = '<div class="row-fluid">'; $txt .= '<div class="span3 bs-docs-sidebar">'; $txt .= '<ul id="navlist" class="nav nav-list bs-docs-sidenav affix-top">'; $txt .= '<li><a href="#log1">' . t("important.logs") . '</a>'; $txt .= '<li><a href="#log2">' . t("last.accesses") . '</a>'; $txt .= '<li><a href="#log3">' . t("top.accesses") . '</a>'; $txt .= '</div>'; $txt .= '<div class="span9">'; $limit = 200; if (isset($_GET["showmore"])) { $limit = 1000; } $filter = "txt like 'Sende Mail%' or txt like 'Gruppe:%' or level<3"; $val = ""; if (isset($_GET["filter"]) && $_GET["filter"] != "") { $filter = "txt like '%" . $_GET["filter"] . "%'"; $val = $_GET["filter"]; } $txt .= '<anchor id="log1"/><h2>' . t("logviewer") . '</h2>'; $res = db_query("select p.id p_id, p.vorname, p.name, log.datum, log.level, log.domain_type, log.domain_id, log.txt from {cdb_person} p\n RIGHT JOIN \n (select person_id, datum, level, domain_type, domain_id, txt \n from {cdb_log} l where\n\t\t\t\t\t\t{$filter}\n\t\t\t\t\t\torder by l.id desc \n\t\t\t\t\t\tlimit 0,{$limit}) as log on (log.person_id=p.id)"); $txt .= '<form class="form-inline" action="">'; $txt .= '<input type="hidden" name="q" value="churchcore/logviewer"/>'; $txt .= '<input name="filter" class="input-medium" type="text" value="' . $val . '"></input> <input type="submit" class="btn" value="' . t("filter") . '"/></form>'; $txt .= '<table class="table table-condensed table-bordered">'; $txt .= "<tr><th>" . t("date") . "<th>#<th>Object<th>" . t("name") . "<th>Log"; $counter = 0; foreach ($res as $arr) { $txt .= "<tr><td><nobr>{$arr->datum} </nobr><td>{$arr->level}<td>{$arr->domain_type}" . ($arr->domain_id != -1 ? "[{$arr->domain_id}]" : ""); $txt .= "<td>"; if (isset($arr->p_id)) { $txt .= "<nobr>{$arr->vorname} {$arr->name} [{$arr->p_id}]</nobr>"; } $logtxtencoded = htmlspecialchars($arr->txt); $txt .= "<td><small style=\"color:grey\">{$logtxtencoded}</small>"; $counter++; } $txt .= '</table>'; if (!isset($_GET["showmore"]) && $counter >= $limit) { $txt .= '<a href="?q=churchcore/logviewer&showmore=true" class="btn">' . t("show.more.rows") . '</a> '; } $txt .= '<anchor id="log2"><h2>' . t("last.accesses") . '</h2>'; $txt .= "<table class=\"table table-condensed table-bordered\"><tr><th>" . t("name") . "<th>" . t("count.accesses") . "<th>" . t("last.accesses"); $res = db_query("SELECT p.id pid, vorname, name, count( l.id ) count, max( lastlogin ) maxdatum\n FROM {cdb_log} l, {cdb_person} p where l.person_id=p.id GROUP BY pid, vorname, name ORDER BY max( lastlogin ) DESC "); foreach ($res as $arr) { $txt .= "<tr><td>{$arr->vorname} {$arr->name} [{$arr->pid}]<td>" . $arr->count . "<td>" . $arr->maxdatum . "<br/>"; } $txt .= "</table><br/><br/>"; $txt .= '<anchor id="log3"><h2>' . t("top.accesses") . '</h2>'; $txt .= "<table class=\"table table-condensed table-bordered\"><tr><th>" . t("name") . "<th>" . t("count.accesses") . "<th>" . t("last.accesses"); $res = db_query("SELECT p.id pid, vorname, name, count( l.id ) count, max( lastlogin ) maxdatum\n FROM {cdb_log} l, {cdb_person} p where l.person_id=p.id GROUP BY pid, vorname, name ORDER BY count(l.id) DESC "); foreach ($res as $arr) { $txt .= "<tr><td>{$arr->vorname} {$arr->name} [{$arr->pid}]<td>" . $arr->count . "<td>" . $arr->maxdatum . "<br/>"; } $txt .= "</table><br/><br/>"; $txt .= "</div></div>"; $txt .= ' <script> !function ($) { $(function(){ // carousel demo $("#navlist").affix({offset: {top: 15}}); }) }(window.jQuery) </script>'; return $txt; }
/** * save admin settings and reload config * * TODO: feature: automatically downsize logo file * * @param CTForm $form */ function admin_saveSettings($form) { $modules = churchcore_getModulesSorted(false, true); $modules[] = "churchadmin"; foreach ($modules as $module) { foreach ($form->fields as $key => $value) { if (function_exists($module . "_validateAdminForm")) { $res = call_user_func($module . "_validateAdminForm", $key, $value->getValue()); if ($res !== true) { $form->fields[$key]->setError($res); addErrorMessage(t("error.occured") . ": " . $res); return; } } } } foreach ($form->fields as $key => $value) { db_query("INSERT INTO {cc_config} (name, value)\n VALUES (:name,:value)\n ON DUPLICATE KEY UPDATE value=:value", array(":name" => $key, ":value" => $value)); } // TODO: test if max_uploadfile_size_kb is bigger then allowed in php.ini loadDBConfig(); }