/**
* Called on the login user event
* Checks for spammers
*
* @param type $event
* @param type $type
* @param type $user
* @return boolean
*/
function login_event($event, $type, $user)
{
$check_login = elgg_get_plugin_setting('event_login', PLUGIN_ID);
$ip = get_ip();
$user->ip_address = $ip;
if ($check_login != 'no' || !$user->last_login) {
// do it by default
if (!check_spammer($user->email, $ip, true) && !$user->isAdmin()) {
register_error(elgg_echo('spam_login_filter:access_denied_mail_blacklist'));
notify_admin($user->email, $ip, "Existing member identified as spammer has tried to login, check this account");
return false;
}
}
// check user metadata for banned words/phrases
$banned = get_banned_strings();
$metadata = get_metadata_names();
if ($banned && $metadata) {
foreach ($metadata as $m) {
foreach ($banned as $str) {
if (strpos($user->{$m}, $str) !== false) {
return false;
}
}
}
}
}
function invite_me()
{
$result = array();
if ($_POST) {
if ($this->_validate()) {
$fn = explode(' ', trim($_POST['full_name']), 2);
unset($_POST['captcha']);
$_POST['first_name'] = trim($fn[0]);
if (!empty($fn[1])) {
$_POST['last_name'] = trim($fn[1]);
}
unset($_POST['full_name']);
$this->_model()->save($_POST);
$this->load->library('xmailer');
$this->xmailer->send('invite_me', $_POST, $_POST['email']);
notify_admin('admin/new_request_invitation', $_POST);
$result = 1;
} else {
$result['error'] = array('code' => -2, 'message' => $this->_data['errors']);
}
} else {
$result['error'] = array('code' => -1, 'message' => 'No form sent');
}
echo json_encode($result);
exit;
}
?>
</font>", pending confirmation by Nilesh Shukla.</p>
<p>Good Luck and enjoy the game.</p>
<p>Nilesh Shukla</p>
<!-- <p>You may make your payment thru Paypal if you preferred. <br/>There will be an additional $1 for each payment up to $20 to cover the charges by Paypal.</p> -->
<br/><br/>
</td>
</tr>
</table>
<p style="font-family: verdana, arial; font-size: 12px">
<a href="/" title="Online Superbowl Squares">Home</a>
</p>
<?php
$bodyMessage = "\nREMINDER\r\n";
$bodyMessage .= "Square(s) {$selectedSQUARES} is(are) temporary reserved in your name \"{$name}\", pending confirmation by Nilesh Shukla.\r\n";
$bodyMessage .= "Good Luck and enjoy the game.\r\n";
$bodyMessage .= "Nilesh Shukla\r\n";
$bodyMessage .= "{$superbowlURL}\r\n\n";
//$bodyMessage .= "You may make your payment thru Paypal if you like. \rThere will be an additional $1 for each payment up to $20 to cover the charges by Paypal.\r\n";
$bodyMessage .= "\r\n\nNOTES TO ADMIN:\r\n";
$bodyMessage .= $notes . "\r\n\n";
notify_admin($email, $bodyMessage, $headers);
?>
<?php
} else {
echo "<p align='center'><font color='#ff0000', size='3'><b>{$square}</b> is NOT available! Someone must have just selected that same square.<br/></font><br/>Please go <a href='javascript:onClick=history.go(-2);'>back</a> and select another square.</p>";
exit;
}
echo "<p>Must select ONLY one 'Confirm' or 'Release' !!!</p>";
echo "<p><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
exit;
}
}
}
//echo $query."</br>";
$result = mysql_query($query);
if (!$result) {
echo mysql_error();
} else {
$bodyMessage .= $NOTES . "\r\n\n";
$bodyMessage .= "Good Luck and enjoy the game.\r\n";
$bodyMessage .= "The Commissioner\r\n";
$bodyMessage .= "{$superbowlURL}\r\n";
notify_admin($USER_EMAIL_LIST, $bodyMessage, $headers);
echo "<p>Square(s) <b>" . $square_list . "</b> updated successful</p>";
echo "<p>Emailed to: " . $USER_EMAIL_LIST . "</p>";
echo "\r\n\t\t\t\t\t<p>\r\n\t\t\t\t\t <table width=\"50%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" style=\"font-family: verdana, arial; font-size: 12px\">\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td width=\"33%\"><a href=\"{$superbowlURL}\" title=\"Administrator\">Home</a></td>\r\n\t\t\t\t\t\t<td width=\"34%\" align=\"center\"><a href=\"./admin.php\" title=\"Administrator\">Admin</a></td>\r\n\t\t\t\t\t\t<td width=\"33%\" align=\"right\"><a href=\"adminlogout.php\" title=\"Admin logout\">Logout</a></td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t </table>\r\n\t\t\t\t\t</p>";
unset($confirmation, $SQUARE, $CONFIRM, $RELEASE, $NOTES, $ADM_EMAIL, $ADM_PASSWORD);
}
} else {
echo "<p>Must select at least one Square to Confirm or Release' !!!</p>";
echo "<p><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
exit;
}
}
?>
<p align="center" style="">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
<input type="hidden" name="cmd" value="_xclick">
/**
* checks email/ip for spammer status
*
* @param type $register_email
* @param type $register_ip
* @param type $checkemail
* @return boolean
*/
function check_spammer($register_email, $register_ip, $checkemail = true)
{
$spammer = false;
if ($checkemail) {
$email_whitelisted = is_email_whitelisted($register_email);
} else {
$email_whitelisted = true;
}
$ip_whitelisted = is_ip_whitelisted($register_ip);
if ($email_whitelisted && $ip_whitelisted) {
// short circuit
return true;
}
//Mail domain blacklist
if (elgg_get_plugin_setting('use_mail_domain_blacklist', PLUGIN_ID) == "yes" && !$email_whitelisted) {
$blacklistedMailDomains = preg_split('/\\s+/', strip_spaces(strip_tags(elgg_get_plugin_setting('blacklisted_mail_domains', PLUGIN_ID))), -1, PREG_SPLIT_NO_EMPTY);
$mailDomain = explode("@", $register_email);
foreach ($blacklistedMailDomains as $domain) {
if ($mailDomain[1] == $domain) {
register_error(elgg_echo('spam_login_filter:access_denied_domain_blacklist'));
notify_admin($register_email, $register_ip, "Internal domain blacklist");
$spammer = true;
break;
}
}
}
if (!$spammer) {
//Mail blacklist
if (elgg_get_plugin_setting('use_mail_blacklist', PLUGIN_ID) == "yes" && !$email_whitelisted) {
$blacklistedMails = preg_split('/\\s+/', strip_spaces(strip_tags(elgg_get_plugin_setting('blacklisted_mails', PLUGIN_ID))), -1, PREG_SPLIT_NO_EMPTY);
foreach ($blacklistedMails as $blacklistedMail) {
if ($blacklistedMail == $register_email) {
register_error(elgg_echo('spam_login_filter:access_denied_mail_blacklist'));
notify_admin($register_email, $register_ip, "Internal e-mail blacklist");
$spammer = true;
break;
}
}
}
}
if (!$spammer) {
//StopForumSpam
if (elgg_get_plugin_setting('use_stopforumspam', PLUGIN_ID) == "yes") {
//check the e-mail adress
$url = "http://www.stopforumspam.com/api?email=" . $register_email . "&f=json";
$return = call_url($url);
if ($return != false) {
$data = json_decode($return);
$email_frequency = $data->email->frequency;
if ($email_frequency != '0' && !$email_whitelisted) {
register_error(elgg_echo('spam_login_filter:access_denied_mail_blacklist'));
notify_admin($register_email, $register_ip, "Stopforumspam e-mail blacklist");
$spammer = true;
}
}
if (!$spammer && !$ip_whitelisted) {
//e-mail not found in the database, now check the ip
$url = "http://www.stopforumspam.com/api?ip=" . $register_ip . "&f=json";
$return = call_url($url);
if ($return != false) {
$data = json_decode($return);
$ip_frequency = $data->ip->frequency;
if ($ip_frequency != '0') {
register_error(elgg_echo('spam_login_filter:access_denied_ip_blacklist'));
notify_admin($register_email, $register_ip, "Stopforumspam IP blacklist");
$spammer = true;
}
}
}
}
}
return $spammer ? false : true;
}
<?php
echo $LINKS;
} else {
echo "<p>Emails send to:</p>";
$bodyMessage = "\r\nNOTIFICATION\r\n";
$bodyMessage .= "All squares have been selected and all numbers have been picked and assigned.\r\n";
$bodyMessage .= "You can view and print your own sheet at {$superbowlURL}.\r\n\n";
$bodyMessage .= "Good Luck and enjoy the game.\r\n";
$bodyMessage .= "The Commissioner\r\n";
$headers = "From: {$ADMIN_EMAIL}\r\n";
$query = "SELECT * FROM VNSB_squares ORDER BY EMAIL";
$result = mysql_query($query);
if (!$result) {
echo mysql_error();
exit;
}
while ($record = mysql_fetch_assoc($result)) {
if ($USER_EMAIL != $record["EMAIL"]) {
$USER_NAME = $record["NAME"];
$USER_EMAIL = $record["EMAIL"];
notify_admin($USER_EMAIL, $bodyMessage, $headers);
echo "<p><b>" . $USER_NAME . "</b>: " . $USER_EMAIL . "</p>";
}
}
echo $LINKS;
unset($sendemails);
$headers = "From: {$ADMIN_EMAIL}\r\n";
notify_admin($ADMIN_EMAIL, $bodyMessage, $headers);
}
require "footer.inc";
}
/**
* checks email/ip for spammer status
*
* @param type $register_email
* @param type $register_ip
* @param type $checkemail
* @return boolean
*/
function check_spammer($register_email, $register_ip, $checkemail = true)
{
if ($checkemail) {
$email_whitelisted = is_email_whitelisted($register_email);
if ($email_whitelisted) {
return true;
// not a spammer, no need for any further checks
}
}
$ip_whitelisted = is_ip_whitelisted($register_ip);
if ($ip_whitelisted) {
// not a spammer, no need for any further checks
return true;
}
// check ip cache
$blacklisted = elgg_get_annotations(array('guid' => elgg_get_site_entity()->guid, 'annotation_names' => array('spam_login_filter_ip'), 'annotation_values' => array($register_ip)));
if ($blacklisted) {
register_error(elgg_echo('spam_login_filter:access_denied_ip_blacklist'));
notify_admin($register_email, $register_ip, "Internal IP blacklist");
return false;
}
//Mail domain blacklist
if (elgg_get_plugin_setting('use_mail_domain_blacklist', PLUGIN_ID) == "yes") {
$blacklistedMailDomains = preg_split('/\\s+/', strip_spaces(strip_tags(elgg_get_plugin_setting('blacklisted_mail_domains', PLUGIN_ID))), -1, PREG_SPLIT_NO_EMPTY);
$mailDomain = explode("@", $register_email);
foreach ($blacklistedMailDomains as $domain) {
if ($mailDomain[1] == $domain) {
register_error(elgg_echo('spam_login_filter:access_denied_domain_blacklist'));
notify_admin($register_email, $register_ip, "Internal domain blacklist");
return false;
break;
}
}
}
//Mail blacklist
if (elgg_get_plugin_setting('use_mail_blacklist', PLUGIN_ID) == "yes") {
$blacklistedMails = preg_split('/\\s+/', strip_spaces(strip_tags(elgg_get_plugin_setting('blacklisted_mails', PLUGIN_ID))), -1, PREG_SPLIT_NO_EMPTY);
foreach ($blacklistedMails as $blacklistedMail) {
if ($blacklistedMail == $register_email) {
register_error(elgg_echo('spam_login_filter:access_denied_mail_blacklist'));
notify_admin($register_email, $register_ip, "Internal e-mail blacklist");
return false;
break;
}
}
}
//StopForumSpam
if (elgg_get_plugin_setting('use_stopforumspam', PLUGIN_ID) == "yes") {
//check the e-mail adress
$url = "http://www.stopforumspam.com/api?email=" . $register_email . "&f=json";
$return = call_url($url);
if ($return != false) {
$data = json_decode($return);
$email_frequency = $data->email->frequency;
if ($email_frequency != '0') {
register_error(elgg_echo('spam_login_filter:access_denied_mail_blacklist'));
notify_admin($register_email, $register_ip, "Stopforumspam e-mail blacklist");
return false;
}
}
//e-mail not found in the database, now check the ip
$url = "http://www.stopforumspam.com/api?ip=" . $register_ip . "&f=json";
$return = call_url($url);
if ($return != false) {
$data = json_decode($return);
$ip_frequency = $data->ip->frequency;
if ($ip_frequency != '0') {
register_error(elgg_echo('spam_login_filter:access_denied_ip_blacklist'));
notify_admin($register_email, $register_ip, "Stopforumspam IP blacklist");
// cache this ip
elgg_get_site_entity()->annotate('spam_login_filter_ip', $register_ip, ACCESS_PUBLIC);
return false;
}
}
}
// passed all the tests
return true;
}
function do_desc_add($object, $class, $param)
{
global $gbl, $sgbl, $login, $ghtml;
$quotaclass = exec_class_method($class, "getquotaclass", $class);
$numvar = "{$quotaclass}_num";
$qobject = $object->getClientParentO();
dprint($qobject->getClname());
if ($qobject->isQuotaVariable($numvar)) {
if (isQuotaGreaterThanOrEq($qobject->used->{$numvar}, $qobject->priv->{$numvar})) {
throw new lxException("Quota Exceeded for {$class}", 'nname', $numvar);
}
}
/*
$list = $qobject->getQuotaVariableList();
foreach((array) $list as $l => $v) {
if (csb($l, "{$class}_m_")) {
$license = strtil(strfrom($l, "_n_"), "_num");
$licvar = strtil(strfrom($l, "_m_"), "_n_");
if (isset($param[$licvar]) && $param[$licvar] === $license) {
if (isQuotaGreaterThanOrEq($qobject->used->$l, $qobject->priv->$l)) {
throw new lxException("Quota Exceeded for $class $licvar.$license", 'nname', $numvar);
}
}
}
}
*/
// Setting it here itself so that the add can override if necessary. This is done in tickets, where the parent is always the admin.
$param['parent_clname'] = $object->getClName();
// In the case of mailaccount, the real parent is mmail, while the object is added to client.
if (isset($param['real_clparent_f'])) {
$parent_class = exec_class_method($class, 'defaultParentClass', $object);
$param['parent_clname'] = createParentName($parent_class, $param['real_clparent_f']);
}
$param = exec_class_method($class, 'Add', $object, $class, $param);
// First loop to create a unique nname if applicable.... FOr the 'unique-nname-creation' to work in the second loop, the variables must be resolved before that... So this extra looping...
foreach ($param as $k => $v) {
if (csb($k, "__v_") || csb($k, "__m_")) {
continue;
}
$object->resolve_class_differences($class, $k, $dclass, $dk);
}
foreach ($param as $k => $v) {
if (csb($k, "__v_") || csb($k, "__m_")) {
continue;
}
$object->resolve_class_heirarchy($class, $k, $dclass, $dk);
$object->resolve_class_differences($class, $k, $ddclass, $ddk);
$nnamevar = get_real_class_variable($ddclass, "__rewrite_nname_const");
if ($nnamevar) {
$nnamelist = null;
foreach ($nnamevar as $n) {
$nnamelist[] = $param[$n];
}
$nparam[$dclass]['nname'] = implode($sgbl->__var_nname_impstr, $nnamelist);
}
$nparam[$dclass][$dk] = $v;
}
// First Pass
foreach ($nparam as $k => $v) {
if (csa($k, "_s_")) {
continue;
}
if ($k === 'priv') {
$olist[$k] = new priv(null, null, $nparam[$class]['nname']);
check_priv($object, $class, $olist[$k], $v);
continue;
}
if ($k === 'used') {
$olist[$k] = new Used(null, null, $nparam[$class]['nname']);
$olist[$k]->create($v);
continue;
}
if ($k === 'listpriv') {
//$olist[$k] = new listpriv($object->__masterserver, null, $class . "_s_vv_p_" . $nparam[$class]['nname']);
$olist[$k] = new listpriv($object->__masterserver, null, $class . "-" . $nparam[$class]['nname']);
check_listpriv($object, $class, $olist[$k], $v);
continue;
}
if (csa($k, "_b")) {
$olist[$k] = new $k($object->__masterserver, null, $nparam[$class]['nname']);
} else {
$olist[$k] = new $k($object->__masterserver, null, $v['nname']);
}
$olist[$k]->inheritSyncServer($object);
$olist[$k]->initThisDef();
$olist[$k]->create($v);
// The createsyncclass needs the syncserver variable to be set. Which may not be available. So we have to run this again.
if ($olist[$k]->hasDriverClass()) {
$olist[$k]->createSyncClass();
}
}
// The main object has to inherit the masterserver here itself, so that its children will inherit it later when they are added through addobject.
if (!cse($class, "_a") && exec_class_method($class, "isDatabase") && exists_in_db($object->__masterserver, $class, $olist[$class]->nname)) {
// If the parent is getting added too, then that means we are in the client add page, and thus the variable is vps_name, domain_name rather than nname.
if ($object->dbaction === 'add') {
$vname = "{$class}_name";
} else {
$vname = "nname";
}
throw new lxException("{$olist[$class]->nname}+already+exists+in+{$class}.", $vname, $class);
}
//Second Pass...
foreach ($nparam as $k => $v) {
if (!csa($k, "_s_") && !csa($k, "-")) {
continue;
}
$clist = explode("_s_", $k);
$k = $clist[1];
$cl = $clist[0];
$nolist[$k] = new $k($object->__masterserver, null, $v['nname']);
$nolist[$k]->inheritSyncServer($olist[$cl]);
$nolist[$k]->initThisDef();
$nolist[$k]->create($v);
// The createsyncclass needs the syncserver variable to be set. Which may not be available. So we have to run this again.
if ($nolist[$k]->hasDriverClass()) {
$nolist[$k]->createSyncClass();
}
$olist[$cl]->addObject($k, $nolist[$k]);
}
foreach ($olist as $k => $v) {
if (cse($k, "_b") || $k === 'used' || $k === 'priv' || $k === 'listpriv') {
$olist[$class]->{$k} = $v;
continue;
}
if ($k != $class) {
$olist[$class]->addObject($k, $v);
continue;
}
}
if (isset($param['__v_priv'])) {
$olist[$class]->priv = $param['__v_priv'];
}
if (isset($param['__v_listpriv'])) {
$olist[$class]->listpriv = $param['__v_listpriv'];
}
//$olist[$class]->parent_clname = $object->getClName();
$rparent = $object;
$olist[$class]->__parent_o = $rparent;
$olist[$class]->postAdd();
$rparent->addToList($class, $olist[$class]);
$olist[$class]->superPostAdd();
//dprintr($object);
notify_admin("add", $object, $olist[$class]);
do_actionlog($login, $olist[$class], "add", "");
//This shouldn't happen here. This should be done only after the synctosystem since, the sync can fail and the write may not happen at all.
//$olist[$class]->changeUsedFromParentAll();
dprint($olist[$class]->getParentO());
}
