/**
* Constructor with common logic for pages that required login
*/
public function __construct()
{
parent::__construct();
// basic URL params
$this->mCtrler = $this->router->fetch_class();
$this->mAction = $this->router->fetch_method();
$this->mParam = $this->uri->segment(3);
// default values for page output
$this->mLayout = "default";
// locale handling
$this->setup_locale();
// get user data from session
if (ENABLED_MEMBERSHIP) {
$this->mUser = get_user();
$menu = empty($this->mUser) ? 'menu' : 'menu_member';
} else {
$menu = 'menu';
}
// setup menu
$this->config->load($menu);
$this->mMenu = $this->config->item('menu');
// setup breadcrumb
$this->mBreadcrumb = array();
$this->push_breadcrumb('Home', '', 'home');
// setup basic view data
$this->mViewData = array('locale' => $this->mLocale, 'ctrler' => $this->mCtrler, 'action' => $this->mAction, 'menu' => $this->mMenu);
if (ENABLED_MEMBERSHIP) {
$this->mViewData['user'] = $this->mUser;
}
}
/**
* Constructor with common logic for pages that required login
*/
public function __construct()
{
parent::__construct();
// redirect to Login page if user not logged in
$this->mUser = get_user();
if (empty($this->mUser)) {
redirect('login');
exit;
}
// basic URL params
$this->mCtrler = $this->router->fetch_class();
$this->mAction = $this->router->fetch_method();
$this->mParam = $this->uri->segment(3);
// Use default language if the Backend System only support single locale
$this->mLocale = $this->config->item('language');
// default values for page output
$this->mLayout = "default";
// switch theme by login user roles
$this->mTheme = verify_role('admin') ? THEME_ADMIN : THEME_STAFF;
// side menu items
$this->config->load('menu_' . $this->mUser['role']);
$this->mMenu = $this->config->item('menu');
// breadcrumb entries
$this->mBreadcrumb = array();
$this->push_breadcrumb('Home', '', 'home');
// setup basic view data
$this->mViewData = array('locale' => $this->mLocale, 'ctrler' => $this->mCtrler, 'action' => $this->mAction, 'user' => $this->mUser, 'menu' => $this->mMenu);
}
function authToken(\Slim\Route $route)
{
$app = \Slim\Slim::getInstance();
$token = $app->request->headers->get('X-Auth-Token');
if (isset($token) && !empty($token)) {
if (!function_exists('get_user')) {
$username = dbFetchCell('SELECT `U`.`username` FROM `api_tokens` AS AT JOIN `users` AS U ON `AT`.`user_id`=`U`.`user_id` WHERE `AT`.`token_hash`=?', array($token));
} else {
$username = get_user(dbFetchCell('SELECT `AT`.`user_id` FROM `api_tokens` AS AT WHERE `AT`.`token_hash`=?', array($token)));
}
if (!empty($username)) {
$authenticated = true;
} else {
$authenticated = false;
}
} else {
$authenticated = false;
}
if ($authenticated === false) {
$app->response->setStatus(401);
$output = array('status' => 'error', 'message' => 'API Token is missing or invalid; please supply a valid token');
echo _json_encode($output);
$app->stop();
}
}
/**
* Assumes the existence of a custom field with the label "Related Post"
* Usage: Creates a new template tag {related} that returns the output defined.
*/
function mcm_demo_related_posts($p, $custom)
{
// get the meta field value
$related_post = $p['_related-post'];
// get the post data.
$post = get_post($related_post);
// get the post title.
$post_title = apply_filters('the_title', $post->post_title);
// get the post title.
$post_content = apply_filters('the_content', $post->post_content);
if ($related_post) {
$p['related'] = "\n\t\t\t<div class='related-post related-post-{$related_post}'>\n\t\t\t\t<h2>{$post_title}</h2>\n\t\t\t\t<div class='post-content'>\n\t\t\t\t\t{$post_content}\n\t\t\t\t</div>\n\t\t\t</div>";
} else {
$p['related'] = '';
}
// get the meta field value
$related_user = $p['_related-user'];
// get the user object.
$user = get_user($related_user);
// get the user name (display name if set, otherwise login)
$user_name = $user->display_name == '' ? $user->user_login : $user->display_name;
if ($related_user) {
$p['user'] = "******";
} else {
$p['user'] == '';
}
return $p;
}
public function index()
{
$root = array();
$id = intval($GLOBALS['request']['id']);
$deal = get_deal($id);
//send_deal_contract_email($id,$deal,$deal['user_id']); //发送电子协议邮件
$root['deal'] = $deal;
//借款列表
$load_list = $GLOBALS['db']->getAll("SELECT deal_id,user_id,user_name,money,is_auto,create_time FROM " . DB_PREFIX . "deal_load WHERE deal_id = " . $id);
$u_info = get_user("*", $deal['user_id']);
//可用额度
$can_use_quota = get_can_use_quota($deal['user_id']);
$root['can_use_quota'] = $can_use_quota;
$credit_file = get_user_credit_file($deal['user_id']);
$deal['is_faved'] = 0;
/*
if($GLOBALS['user_info']){
$deal['is_faved'] = $GLOBALS['db']->getOne("SELECT count(*) FROM ".DB_PREFIX."deal_collect WHERE deal_id = ".$id." AND user_id=".intval($GLOBALS['user_info']['id']));
if($deal['deal_status'] >=4){
//还款列表
$loan_repay_list = get_deal_load_list($deal);
$root['loan_repay_list']= $loan_repay_list;
foreach($load_list as $k=>$v){
$load_list[$k]['remain_money'] = $v['money'] - $GLOBALS['db']->getOne("SELECT sum(self_money) FROM ".DB_PREFIX."deal_load_repay WHERE user_id=".$v['user_id']." AND deal_id=".$id);
if($load_list[$k]['remain_money'] <=0){
$load_list[$k]['remain_money'] = 0;
$load_list[$k]['status'] = 1;
}
}
}
}*/
$user_statics = sys_user_status($deal['user_id'], true);
$root['user_statics'] = $user_statics;
//借款笔数
$root['load_list'] = $load_list;
$root['credit_file'] = $credit_file;
$root['u_info'] = $u_info;
//工作认证是否过期
$root['expire'] = user_info_expire($u_info);
//留言
$message_list = $GLOBALS['db']->getAll("SELECT title,content,a.create_time,rel_id,a.user_id,a.is_effect,b.user_name FROM " . DB_PREFIX . "message as a left join " . DB_PREFIX . "user as b on a.user_id = b.id WHERE rel_id = " . $id);
$root['message'] = $message_list;
//seo
if ($deal['type_match_row']) {
$seo_title = $deal['seo_title'] != '' ? $deal['seo_title'] : $deal['type_match_row'] . " - " . $deal['name'];
} else {
$seo_title = $deal['seo_title'] != '' ? $deal['seo_title'] : $deal['name'];
}
$root['page_title'] = $seo_title;
$seo_keyword = $deal['seo_keyword'] != '' ? $deal['seo_keyword'] : $deal['type_match_row'] . "," . $deal['name'];
$root['page_keyword'] = $seo_keyword;
$seo_description = $deal['seo_description'] != '' ? $deal['seo_description'] : $deal['name'];
$root['seo_description'] = $seo_description;
output($root);
}
/**
* List friends' chats that user is member of.
*
* @param int $user_guid GUID of the user
* @return array
*/
function chat_friends($user_guid)
{
$user = get_user($user_guid);
if (!$user) {
forward('chat/all');
}
$params = array();
$params['filter_context'] = 'friends';
$params['title'] = elgg_echo('chat:title:friends');
$crumbs_title = $user->name;
elgg_push_breadcrumb($crumbs_title, "chat/owner/{$user->username}");
elgg_push_breadcrumb(elgg_echo('friends'));
elgg_register_title_button();
$options = array('type' => 'object', 'subtype' => 'chat', 'relationship' => 'member', 'relationship_guid' => $user_guid, 'inverse_relationship' => false, 'limit' => 10, 'pagination' => true, 'full_view' => false);
if ($friends = get_user_friends($user_guid, ELGG_ENTITIES_ANY_VALUE, 0)) {
foreach ($friends as $friend) {
$options['container_guids'][] = $friend->getGUID();
}
$params['content'] = elgg_list_entities_from_relationship($options);
}
if (empty($params['content'])) {
$params['content'] = elgg_echo('chat:none');
}
return $params;
}
/**
* Save the wire_tools preferences for the user
*
* @param string $hook the name of the hook
* @param stirng $type the type of the hook
* @param array $return_value the current return value
* @param array $params supplied values
*
* @return void
*/
public static function saveUserNotificationsSettings($hook, $type, $return_value, $params)
{
$NOTIFICATION_HANDLERS = _elgg_services()->notifications->getMethods();
if (empty($NOTIFICATION_HANDLERS) || !is_array($NOTIFICATION_HANDLERS)) {
return;
}
$user_guid = (int) get_input('guid');
if (empty($user_guid)) {
return;
}
$user = get_user($user_guid);
if (empty($user) || !$user->canEdit()) {
return;
}
$methods = [];
foreach ($NOTIFICATION_HANDLERS as $method) {
$setting = get_input("thewire_tools_{$method}");
if (!empty($setting)) {
$methods[] = $method;
}
}
if (!empty($methods)) {
elgg_set_plugin_user_setting('notification_settings', implode(',', $methods), $user->getGUID(), 'thewire_tools');
} else {
elgg_unset_plugin_user_setting('notification_settings', $user->getGUID(), 'thewire_tools');
}
// set flag for correct fallback behaviour
elgg_set_plugin_user_setting('notification_settings_saved', '1', $user->getGUID(), 'thewire_tools');
}
public function edit($id = null)
{
if (IS_POST) {
$data['id'] = I('id');
$data['album_name'] = I('album_name');
$data['album_weight'] = I('album_weight');
$data['game_id'] = I('game_id');
$data['album_tags'] = I('album_tags');
$data['album_intro'] = I('album_intro');
$data['picture_id'] = I('picture_id');
$data['album_tags'] = I('album_tags');
$VideoAlbum = D('VideoAlbum');
$id = $VideoAlbum->updateVideoAlbum($data);
if (false !== $id) {
$this->success('新增成功!', U('index'));
} else {
$error = $VideoAlbum->getError();
$this->error(empty($error) ? '未知错误!' : $error);
}
} else {
if (!$id) {
$this->error('参数错误');
}
$album = D('VideoAlbum')->find($id);
$this->assign('album', $album);
$user = get_user($album['uid']);
$this->assign('user', json_encode($user));
$games = $this->getGames();
$this->assign('games', $games);
$this->display();
}
}
/**
* prevent users from being invited to subgroups they can't join
*/
function group_invite($hook, $type, $return, $params)
{
$user_guid = get_input('user_guid');
$group_guid = get_input('group_guid');
$group = get_entity($group_guid);
$parent = get_parent_group($group);
// if $parent, then this is a subgroup they're being invited to
// make sure they're a member of the parent
if ($parent) {
if (!is_array($user_guid)) {
$user_guid = array($user_guid);
}
$invalid_users = array();
foreach ($user_guid as $guid) {
$user = get_user($guid);
if ($user && !$parent->isMember($user)) {
$invalid_users[] = $user;
}
}
if (count($invalid_users)) {
$error_suffix = "<ul>";
foreach ($invalid_users as $user) {
$error_suffix .= "<li>{$user->name}</li>";
}
$error_suffix .= "</ul>";
register_error(elgg_echo('au_subgroups:error:invite') . $error_suffix);
return false;
}
}
}
/**
* @title 申请兑换
*
* @param int $gift_id 物品编号
*
* @method get
*/
public function apply($gift_id = 0)
{
$user = get_user() or ajax_error('USER_NOT_LOGIN', '登录超时,请重新登录!');
$creditModel = D('Credit');
$creditModel->apply($user['uid'], $gift_id) or ajax_error($creditModel->getError());
ajax_success();
}
function page_message()
{
$message_id = $_GET['message'];
$message = db_easy("SELECT * FROM `intr_message` WHERE `id`={$message_id}");
$q_comm = db_query("SELECT * FROM `intr_comments` WHERE `message_id`={$message_id} ORDER BY `date` DESC");
$user = db_easy("SELECT * FROM `users` WHERE `id`=" . $message['user_id']);
$edit_del_comment_html = "";
if (check_group("writer") || $user['name'] == get_user()) {
$edit_del_message_html .= "<br/><a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'edit_message' => 'yes', 'message' => $message['id'])) . "' style='font-size:8pt;'>Редактировать</a>";
$edit_del_message_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'delete_message' => 'yes', 'message' => $message['id'])) . "' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>";
}
$comments_html = "";
while ($comment = db_fetch($q_comm)) {
$user = db_easy("SELECT * FROM `users` WHERE `id`={$comment['user_id']}");
$comments_html .= "<div style='margin:15px 0 0 0;padding:0 0 0 10px;border-left:2px solid #AAA;'>";
$comments_html .= "<span style='font-size:8pt;font-style:italic;'><b>" . $user['name_rus'] . ",</b> " . date("d.m.Y H:i", strtotime($comment['date'])) . "</span><br/>" . $comment['text'] . "</div>";
if (check_group("writer") || $user['name'] == get_user()) {
$comments_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'edit_comment' => 'yes', 'comment' => $comment['id'])) . "' style='font-size:8pt;'>Редактировать</a>";
$comments_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'delete_comment' => 'yes', 'comment' => $comment['id'])) . "' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>";
}
}
$html .= template_get('message/message', array("user" => $user['name_rus'], "date" => date("d.m.Y", strtotime($message['date'])), "title" => $message['title'], "edit_del_message" => $edit_del_message_html, "text" => $message['text'], "uri_back" => uri_make_v1(array("UriScript" => "intranet.php")), "uri_comment" => uri_make_v1(array("UriScript" => "intranet.php", "page" => "message", "message" => $message_id, "add_comment" => "yes")), "comments" => $comments_html));
//Подключаем подвал
$html .= template_get('footer');
return $html;
}
function get_contact_func($xmlrpc_params)
{
global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $parser, $displaygroupfields;
$lang->load("member");
$input = Tapatalk_Input::filterXmlInput(array('user_id' => Tapatalk_Input::STRING), $xmlrpc_params);
if (isset($input['user_id']) && !empty($input['user_id'])) {
$uid = $input['user_id'];
} else {
$uid = $mybb->user['uid'];
}
if ($mybb->user['uid'] != $uid) {
$member = get_user($uid);
} else {
$member = $mybb->user;
}
if (!$member['uid']) {
error($lang->error_nomember);
}
// Guests or those without permission can't email other users
if ($mybb->usergroup['cansendemail'] == 0 || !$mybb->user['uid']) {
error_no_permission();
}
if ($member['hideemail'] != 0) {
error($lang->error_hideemail);
}
$user_info = array('result' => new xmlrpcval(true, 'boolean'), 'user_id' => new xmlrpcval($member['uid']), 'display_name' => new xmlrpcval(basic_clean($member['username']), 'base64'), 'enc_email' => new xmlrpcval(base64_encode(encrypt($member['email'], loadAPIKey()))));
$xmlrpc_user_info = new xmlrpcval($user_info, 'struct');
return new xmlrpcresp($xmlrpc_user_info);
}
/**
* Listen to the delete of a membership request
*
* @param stirng $event the name of the event
* @param stirng $type the type of the event
* @param \ElggRelationship $relationship the relationship
*
* @return void
*/
public static function deleteRequest($event, $type, $relationship)
{
if (!$relationship instanceof \ElggRelationship) {
return;
}
if ($relationship->relationship !== 'membership_request') {
// not a membership request
return;
}
$action_pattern = '/action\\/groups\\/killrequest/i';
if (!preg_match($action_pattern, current_page_url())) {
// not in the action, so do nothing
return;
}
$group = get_entity($relationship->guid_two);
$user = get_user($relationship->guid_one);
if (empty($user) || !$group instanceof \ElggGroup) {
return;
}
if ($user->getGUID() === elgg_get_logged_in_user_guid()) {
// user kills own request
return;
}
$reason = get_input('reason');
if (empty($reason)) {
$body = elgg_echo('group_tools:notify:membership:declined:message', array($user->name, $group->name, $group->getURL()));
} else {
$body = elgg_echo('group_tools:notify:membership:declined:message:reason', array($user->name, $group->name, $reason, $group->getURL()));
}
$subject = elgg_echo('group_tools:notify:membership:declined:subject', array($group->name));
$params = array('object' => $group, 'action' => 'delete');
notify_user($user->getGUID(), $group->getGUID(), $subject, $body, $params);
}
public function index($manifest = '')
{
// 更新用户token(临时,新版本客户端主动触发registerPush接口)
$user = get_user();
if ($user && M('common_push_device')->where(['mobile' => $user['mobile']])->count() < 1) {
$xg = new \Common\Util\XgPush();
$xg->syncUserToken($user['mobile']);
}
// 顶部广告
$ads = M('app_advertisement')->where(['status' => ['egt', 1]])->order('sort asc,id desc')->field('id,pic,title,url')->select();
foreach ($ads as &$vo) {
$vo['url'] = $vo['url'] ?: '/public/page/type/app_ad/id/' . $vo['id'];
}
$this->assign('ad_list', $ads);
// 模块
$modules = M('app_module')->where(['status' => ['egt', 1]])->order('sort asc,id desc')->field('id,pic,name,url,background')->select();
foreach ($ads as &$vo) {
$vo['url'] = $vo['url'] ?: '/public/page/type/app_ad/id/' . $vo['id'];
}
$modules[0]['size'] = 'big';
$modules[1]['size'] = 'wide';
$modules[2]['size'] = 'wide';
$modules[3]['size'] = 'mid';
$modules[4]['size'] = 'mid';
$modules[5]['size'] = 'mid';
$modules[6]['size'] = 'wide';
$modules[7]['size'] = 'wide';
$this->assign('modules', $modules);
if ($manifest) {
$this->assign('tag', md5(serialize($ads + $modules)));
$this->display('manifest', 'utf-8', 'text/cache-manifest');
} else {
$this->display();
}
}
/**
* Checks whether or not there is an authenticated
* user in the session. If not, responds with error message.
*/
function checkUserAuthentication($app)
{
$user = get_user();
if (!$user) {
$app->renderErrJson($app, 401, 'User is not authenticated.');
}
}
function mia_results($results){
global $date_fields,$dont_pull;
$getfields = sql_query("SELECT ref,title FROM resource_type_field");
$fieldnames = array();
for($g=0; $g<count($getfields); $g++){
$fieldnames[$getfields[$g]['ref']]=$getfields[$g]['title'];
}
for($i = 0; $i < count($results); $i++) {
$ref = $results[$i]['ref'];
if(isset($results[$i]['ref'])){
$query=sql_query("SELECT * FROM resource_data WHERE resource = $ref AND value != '' AND value!='NULL' AND value != ','");
for($q=0; $q<count($query); $q++){
if($query[$q]['value'] != "," && $query[$q]['value'] !="" && array_key_exists($query[$q]['resource_type_field'],$fieldnames)){
if(substr($query[$q]['value'],0,1)==","){
$results[$i][$fieldnames[$query[$q]['resource_type_field']]]=substr($query[$q]['value'],1);
}else{
$results[$i][$fieldnames[$query[$q]['resource_type_field']]]=$query[$q]['value'];
}
}
}
$access = get_resource_access($results[$i]);
$filepath = get_resource_path($results[$i]['ref'], TRUE, '', FALSE, $results[$i]['file_extension'], -1, 1, FALSE, '', -1);
$original_link = get_resource_path($results[$i]['ref'], FALSE, '', FALSE, $results[$i]['file_extension'], -1, 1, FALSE, '', -1);
if(file_exists($filepath)) {
$results[$i]['original_link'] = $original_link;
} else {
$results[$i]['original_link'] = 'No original link available.';
}
// Get the size of the original file:
/* $original_size = get_original_imagesize($results[$i]['ref'], $filepath, $results[$i]['file_extension']);
$original_size = formatfilesize($original_size[0]);
$original_size = str_replace(' ', ' ', $original_size);
$results[$i]['original_size'] = $original_size;*/
foreach($results[$i] as $k => $v){
if($v == "" || $v ==","){
unset($results[$i][$k]);
}
if($k == "created_by"){
$user = get_user($v);
$results[$i][$k]=$user["fullname"];
}
if(in_array($k,$date_fields)){
$unix = strtotime($v);
$datetime = date('y-m-d',$unix);
$results[$i][$k] = $datetime;
}
if($k == "resource_type" && is_numeric($v)){
$results[$i][$k]=get_resource_type_name($v);
}
//need to convert type to string here
if(in_array($k,$dont_pull)){
unset($results[$i][$k]);
}
}
}
// var_dump($results);exit();
return $results;
}
}
public function assign($order_id, $uid)
{
$field = 'u.uid,u.mobile,u.uname,u.realname,u.status,s.status salesman_status';
$user = M()->table('zj_loan_salesman s')->where(['s.uid' => $uid])->join('zj_user u on u.uid=s.uid')->field($field)->find();
if (!$user) {
return $this->_error('找不到此业务员信息!');
}
if ($user['status'] != 1) {
return $this->_error('此账号已被禁用!');
}
$order = M('loan_order')->field('id,title')->find($order_id);
if (!$user) {
return $this->_error('找不到此订单信息!');
}
// 解除订单的指派人
$history = $this->where(['order_id' => $order_id])->find();
if ($history) {
if ($history['uid'] == $uid) {
return $this->_error('禁止重复指派!');
}
if ($history['is_lend'] > 0) {
return $this->_error('已放款,禁止指派!');
}
$this->where(['order_id' => $order_id])->delete();
}
$this->add(['created' => time(), 'order_id' => $order_id, 'uid' => $user['uid']]);
$message = '有新待审订单,请及时处理:' . $order['id'] . ',' . $order['title'];
sms($user['mobile'], $message, '指尖分期');
app_push($user['uid'], ['order_id' => $order_id, 'title' => '有新待审订单,请及时处理!', 'content' => $order['id'] . ',' . $order['title']], 'zjsd');
$login_user = get_user();
M('loan_order_remark')->add(['order_id' => $order_id, 'created' => time(), 'uid' => $login_user ? $login_user['uid'] : 0, 'uname' => $login_user ? $login_user['uname'] : '', 'content' => '指派业务员:' . $user['realname'] ?: $user['uname']]);
return true;
}
protected function _initRegion()
{
// 读取广西范围内的城市
$citys = M('common_region')->where('parent_id=1 and status=1')->order('sort')->getField('id,name,name_short');
$this->assign('_city', $citys);
$city_id = null;
// 优先从get参数获取
$custom_city_id = I('get.city_id', null);
if ($custom_city_id !== null) {
if ($custom_city_id == 0) {
$city_id = 0;
} elseif (isset($citys[$custom_city_id])) {
$city_id = $custom_city_id;
}
}
// get参数没有则从cookie获取
if ($city_id === null) {
$city_id = cookie('city_id');
}
// 还没有,则自动默认为用户校区所有城市
if ($city_id === null) {
$user = get_user();
if ($user) {
$city_id = M()->table('zj_user_info i')->join('zj_university_campus c on c.id=i.campus_id')->where('i.uid=' . $user['uid'])->getField('city_id');
}
}
// 验证之前的城市编号是否有效,无效都当做是全国
$city_id = isset($citys[$city_id]) ? $city_id : 0;
cookie('city_id', $city_id, 0);
$this->assign('cur_city', $city_id == 0 ? '全国' : $citys[$city_id]['name_short']);
$this->assign('city_id', $city_id);
}
function asb_statistics_build_template($args)
{
extract($args);
global ${$template_var}, $mybb, $cache, $templates, $lang;
// Load global and custom language phrases
if (!$lang->asb_addon) {
$lang->load('asb_addon');
}
// get forum statistics
$statistics = $cache->read("stats");
$statistics['numthreads'] = my_number_format($statistics['numthreads']);
$statistics['numposts'] = my_number_format($statistics['numposts']);
$statistics['numusers'] = my_number_format($statistics['numusers']);
$newestmember = "<strong>{$lang->asb_stats_no_one}</strong>";
if ($statistics['lastusername']) {
if ($settings['format_username']) {
$last_user = get_user($statistics['lastuid']);
$last_username = format_name($last_user['username'], $last_user['usergroup'], $last_user['displaygroup']);
} else {
$last_username = $statistics['lastusername'];
}
$newestmember = build_profile_link($last_username, $statistics['lastuid']);
}
eval("\$" . $template_var . " = \"" . $templates->get('asb_statistics') . "\";");
return true;
}
public function initializeModule($request_method, $request_data)
{
if (!PA::$login_uid) {
return 'skip';
}
if (empty($this->page_id)) {
return 'skip';
}
switch ($this->page_id) {
case PAGE_GROUPS_HOME:
if (PA::$page_uid && PA::$page_uid != PA::$login_uid) {
$this->uid = PA::$page_uid;
$page_user = get_user();
$this->title = ucfirst($page_user->first_name) . '\'s ';
$this->title .= __('Groups');
$this->user_name = $page_user->login_name;
} else {
$this->uid = PA::$login_uid;
}
$this->usergroups = Group::get_user_groups((int) $this->uid, FALSE, 12, 1, 'created', 'DESC', 'private', 'regular');
break;
case PAGE_USER_PUBLIC:
$this->uid = PA::$page_uid;
$this->title = abbreviate_text(ucfirst(PA::$page_user->first_name) . '\'s ', 18, 10);
$this->title .= __('Groups');
$this->user_name = PA::$page_user->login_name;
$this->usergroups = Group::get_user_groups((int) $this->uid, FALSE, 12, 1, 'created', 'DESC', 'public', 'regular', 'regular');
break;
case PAGE_USER_PRIVATE:
$this->title = __('My Groups');
$this->uid = PA::$login_uid;
$this->usergroups = Group::get_user_groups((int) $this->uid, FALSE, 12, 1, 'created', 'DESC', 'public', 'regular');
break;
}
}
function afficheListeUser($conn)
{
$req = get_user();
$result = odbc_exec($conn, $req);
echo '<table style="width:100%;"><TR><TD align="center"><b>Nom</b></TD><TD align="center"><b>Prénom</b></TD><TD align="center"><b>Etat</b></TD><TD align="center"></TD></TR>';
while (odbc_fetch_row($result)) {
$id = odbc_result($result, 1);
$nom = odbc_result($result, 2);
$prenom = odbc_result($result, 3);
$estouvert = odbc_result($result, 4);
if ($estouvert == 0) {
$estouvert = 'Fermé';
} else {
$estouvert = 'Ouvert';
}
echo '<tr><td align="center">' . $nom . '</td>
<td align="center">' . $prenom . '</td>
<td align="center">' . $estouvert . '</td>
<td align="center">
<form action="action.php" method="post">
<input type="hidden" name="etat" value="' . $estouvert . '">
<input type="hidden" name="id" value="' . $id . '">
<input type="image" src="img/change.png" height="15" width="15"></td>
</form></tr>';
}
echo '</table>';
}
function version($newVersion)
{
$token = get_token();
$user = get_user();
$repo = get_repo();
$oldVersion = Boris::VERSION;
$phar = "boris.phar";
printf("Building version v%s...\n", $newVersion);
printf(" Updating Boris::VERSION (%s) to %s...\n", $oldVersion, $newVersion);
`perl -pi -e 's/{$oldVersion}/{$newVersion}/' lib/Boris/Boris.php README.md`;
printf(" Committing changes...\n");
`git commit -am "Version bump to {$newVersion}"`;
printf(" Pushing changes upstream...\n");
`git push`;
printf(" Creating tag v%s...\n", $newVersion);
`git tag -a "v{$newVersion}" -m "Auto-generated tag"`;
printf(" Pushing tags upstream...\n");
`git push --tags`;
printf(" Creating release on github...\n");
$response = `curl \\\n -sL \\\n -XPOST \\\n -H "Authorization: token {$token}" \\\n --data-binary '{"tag_name":"v{$newVersion}"}' \\\n https://api.github.com/repos/{$user}/{$repo}/releases`;
$json = json_decode($response, true);
$id = $json['id'];
if (empty($id)) {
printf("Failed.\n");
printf("%s\n", $response);
exit(1);
}
printf(" Building phar...\n");
`box build`;
printf("Uploading phar to GitHub...\n");
`curl -XPOST \\\n -sL \\\n -H "Authorization: token {$token}" \\\n -H "Content-Type: application/octet-stream" \\\n --data-binary @{$phar} \\\n https://uploads.github.com/repos/{$user}/{$repo}/releases/{$id}/assets?name={$phar}`;
printf("Done.\n");
}
/**
* Call this function only after we have successfully logged in.
* Updates user status etc.
*/
function handle_post_login()
{
global $messages;
if (!isset($messages)) {
// we might be in auto-login, create a temporary message field anyway
$messages = array();
}
$user = get_user(user_id());
// display warning if account was disabled
if ($user['is_disabled']) {
$messages[] = t("Your account was disabled :ago due to inactivity; your account is now re-enabled, and account data will be updated again soon.", array(':ago' => recent_format($user['disabled_at'])));
$q = db()->prepare("UPDATE user_properties SET is_disabled=0,logins_after_disabled=logins_after_disabled+1 WHERE id=?");
$q->execute(array($user['id']));
}
// keep track of users that logged in after receiving a warning
if ($user['is_disable_warned']) {
$q = db()->prepare("UPDATE user_properties SET is_disable_warned=0,logins_after_disable_warned=logins_after_disable_warned+1 WHERE id=?");
$q->execute(array($user['id']));
}
// update locale
if ($user['locale']) {
I18n::setLocale($user['locale']);
}
// update login time
$query = db()->prepare("UPDATE user_properties SET last_login=NOW(),is_disabled=0 WHERE id=?");
$query->execute(array($user["id"]));
// if we don't have an IP set, update it now
if (!$user["user_ip"]) {
$q = db()->prepare("UPDATE user_properties SET user_ip=? WHERE id=?");
$q->execute(array(user_ip(), $user['id']));
}
}
public function vote()
{
$id = I('get.id');
$vote = $model = M('common_vote')->find($id) or $this->error('此投票不存在!');
$vote['status'] == 1 or $this->errror('投票已结束!');
if (IS_POST) {
$user = get_user() or $this->error('请先登录!');
$model = M("common_vote_log");
$model->where(['vote_id' => $vote['id'], 'uid' => $user['uid']])->count() && ajax_error('每人仅限投一票!');
$option_id = I('get.option_id');
$option_title = M('common_vote_option')->where(['id' => $option_id, 'status' => 1])->getField('title') or ajax_error('此投票项不存在!');
$model->add(['vote_id' => $vote['id'], 'option_id' => $option_id, 'option_title' => $option_title, 'uid' => $user['uid'], 'uname' => $user['uname'], 'created' => time()]);
M('common_vote_option')->where(['id' => $option_id])->setInc('votes');
ajax_success();
}
$option = M('common_vote_option')->where(['vote_id' => $vote['id'], 'status' => 1])->order('id')->select();
$total_votes = 0;
foreach ($option as $key => $vo) {
$total_votes += $vo['votes'];
}
foreach ($option as $key => $vo) {
$option[$key]['rate'] = $total_votes > 0 ? intval($vo['votes'] / $total_votes * 100) : 0;
}
$this->assign('vote', $vote);
$this->assign('_option', $option);
$this->display();
}
public function get_rows($start = 0)
{
// Initialize
global $template;
// Get rows to display
if ($this->userid > 0) {
$rows = DB::query("SELECT * FROM orders WHERE userid = %d ORDER BY date_added DESC LIMIT {$start},{$this->rows_per_page}", $this->userid);
} else {
$rows = DB::query("SELECT * FROM orders WHERE status = %s ORDER BY date_added DESC LIMIT {$start},{$this->rows_per_page}", $this->status);
}
// Go through rows
$results = array();
foreach ($rows as $row) {
$row['checkbox'] = "<center><input type=\"checkbox\" name=\"order_id[]\" value=\"{$row['id']}\"></center>";
$row['date_added'] = fdate($row['date_added'], true);
$row['product'] = DB::queryFirstField("SELECT display_name FROM products WHERE id = %d", $row['product_id']);
$row['amount'] = fmoney_coin($row['amount_btc']) . ' BTC (' . fmoney($row['amount']) . ')';
$row['status'] = ucwords($row['status']);
// Get manage URL
$url = $template->theme == 'public' ? SITE_URI . "/account/view_order?order_id={$row['id']}" : SITE_URI . "/admin/financial/orders_manage?order_id={$row['id']}";
$row['manage'] = "<center><a href=\"{$url}\" class=\"btn btn-primary btn-xs\">Manage</a></center>";
$username = get_user($row['userid']);
$row['username'] = "******"" . SITE_URI . "/admin/user/manage2?username={$username}\">{$username}</a>";
array_push($results, $row);
}
// Return
return $results;
}
/**
* Listen to the usersettings save hook for some notifications to the user
*
* @param string $hook usersettings:save
* @param string $type user
* @param bool $return_value not supplied for this hook
* @param null $params not supplied for this hook
*
* @return void
*/
function security_tools_usersettings_save_handler($hook, $type, $return_value, $params)
{
$user_guid = (int) get_input("guid");
if (empty($user_guid)) {
$user_guid = elgg_get_logged_in_user_guid();
}
if (empty($user_guid)) {
return $return_value;
}
$user = get_user($user_guid);
if (empty($user) || !$user->canEdit()) {
return $return_value;
}
// passwords are different
if (_elgg_set_user_password() === true) {
// do we need to notify the user about a password change
$setting = elgg_get_plugin_setting("mails_password_change", "security_tools");
if ($setting != "no") {
$site = elgg_get_site_entity();
$subject = elgg_echo("security_tools:notify_user:password:subject");
$message = elgg_echo("security_tools:notify_user:password:message", array($user->name, $site->name, $site->url));
notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
}
}
// email are also different
$setting = elgg_get_plugin_setting("mails_verify_email_change", "security_tools");
if ($setting != "no" && $user->getGUID() == elgg_get_logged_in_user_guid()) {
// verify new email address
security_tools_prepare_email_change();
} else {
// old way, or admin changes your email
_elgg_set_user_email();
}
}
public function __invoke($request, $response, $next)
{
$params = $request->getQueryParams();
if ($params['handler'] === "oauth" | ($params['handler'] === "api" && !isset($params['page'])) | ($params['handler'] === "api" && $params['page'] === "doc") | ($params['handler'] === "api" && $params['page'] === "doc/swagger") | ($params['handler'] === "api" && $params['page'] === "users/me/login_token")) {
$response = $next($request, $response);
return $response;
}
$factory = new AuthenticationServerFactory();
$server = $factory->getServer();
if (!$server->verifyResourceRequest(\OAuth2\Request::createFromGlobals())) {
$response = $response->withStatus(403);
$response = $response->withHeader('Content-type', 'application/json');
return $response->write(json_encode(array('status' => 403, 'error' => 'invalid_access_token', 'pretty_error' => 'You did not supply an OAuth access token or the token is invalid.'), JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
$token = $server->getAccessTokenData(\OAuth2\Request::createFromGlobals());
$user = get_user($token['user_id']);
if (!$user) {
$response = $response->withStatus(403);
$response = $response->withHeader('Content-type', 'application/json');
return $response->write(json_encode(array('status' => 403, 'error' => 'invalid_access_token', 'pretty_error' => 'You did not supply an OAuth access token or the token is invalid.'), JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
if (!login($user)) {
$response = $response->withStatus(403);
$response = $response->withHeader('Content-type', 'application/json');
return $response->write(json_encode(array('status' => 403, 'error' => 'could_not_login', 'pretty_error' => 'Could not login the user associated with this token. Probably the account is banned.'), JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
}
$response = $next($request, $response);
return $response;
}
/**
* logic for setting access for groups
* also adds group acls to personal access
*
* @param type $hook
* @param type $type
* @param type $returnvalue
* @param type $params
* @return string
*/
function au_landing_group_acls($hook, $type, $returnvalue, $params)
{
$user = get_user($params['user_id']);
// get groups and add their acls to the options
// only for personal content, eg. don't list all groups inside a group context
if ($user && $type == 'user') {
// scalability?
$groups = $user->getGroups(array('limit' => false));
if ($groups) {
foreach ($groups as $group) {
// only show top level groups if we're using subgroups
if (elgg_is_active_plugin('au_subgroups')) {
$parent = \AU\SubGroups\get_parent_group($group);
if ($parent) {
continue;
}
$returnvalue[$group->group_acl] = elgg_echo('groups:group') . ": " . $group->name;
$returnvalue = au_landing_subgroups_access($group, $user, 5, $returnvalue);
} else {
$returnvalue[$group->group_acl] = elgg_echo('groups:group') . ": " . $group->name;
}
}
}
}
return $returnvalue;
}
public function view($post_id)
{
$data['person_loggedin'] = get_user();
$data['login_url'] = base_url('auth?return=' . uri_string());
$data['post'] = $this->post_model->get_content($post_id);
if (!$data['post']) {
redirect('/');
}
$data['replies'] = $this->post_reply_model->get_nested_post_reply($post_id);
$data['latest_replies'] = $this->post_reply_model->get_latest_reply(0);
$data['related_tags'] = $this->tag_model->get_related_tag_by_topic($post_id);
$data['header'] = $this->load->view('header', $this->header, TRUE);
$data['footer'] = $this->load->view('footer', $this->footer, TRUE);
$this->post_model->incVisit($post_id);
$data['reply_view'] = array();
if ($data['replies']) {
foreach ($data['replies'][$post_id] as $reply) {
$rdata = array('replies' => $data['replies'], 'reply' => $reply, 'post' => $data['post'], 'person_loggedin' => $data['person_loggedin'], 'login_url' => $data['login_url'], 'topic_id' => $data['post']->POST_ID);
$data['reply_view'][] = $this->load->view('post/reply-element', $rdata, TRUE);
}
}
if (isset($_GET['report'])) {
$data['report'] = $_GET['report'];
}
$this->load->view('post/view', $data);
}
/**
* Check that a user exists
*
* @param array $user array('id' => .., 'username' => ..)
* @return array() of user
*/
private static function checkuser($user)
{
if (isset($user['id'])) {
$id = $user['id'];
} else {
if (isset($user['userid'])) {
$id = $user['userid'];
} else {
if (isset($user['username'])) {
$dbuser = get_record('usr', 'username', $user['username']);
if (empty($dbuser)) {
throw new WebserviceInvalidParameterException(get_string('invalidusername', 'auth.webservice', $user['username']));
}
$id = $dbuser->id;
} else {
throw new WebserviceInvalidParameterException(get_string('musthaveid', 'auth.webservice'));
}
}
}
// now get the user
if ($user = get_user($id)) {
return $user;
} else {
throw new WebserviceInvalidParameterException(get_string('invaliduserid', 'auth.webservice', $id));
}
}
