/** * Uploads attachment file * * @access public * @return string javascript script segment */ function UploadFile() { $file_num = jaws()->request->fetch('attachment_number', 'post'); $file = Jaws_Utils::UploadFiles($_FILES, Jaws_Utils::upload_tmp_dir(), '', null); if (Jaws_Error::IsError($file)) { $response = array('type' => 'error', 'message' => $file->getMessage()); } else { $response = array('type' => 'notice', 'file_info' => array('title' => $file['attachment' . $file_num][0]['user_filename'], 'filename' => $file['attachment' . $file_num][0]['host_filename'], 'filesize_format' => Jaws_Utils::FormatSize($file['attachment' . $file_num][0]['host_filesize']), 'filesize' => $file['attachment' . $file_num][0]['host_filesize'], 'filetype' => $file['attachment' . $file_num][0]['host_filetype'])); } $response = Jaws_UTF8::json_encode($response); return "<script type='text/javascript'>parent.onUpload({$response});</script>"; }
/** * Uploads the avatar * * @access public * @return string XHTML content */ function UploadAvatar() { $this->gadget->CheckPermission('EditUserPersonal'); $res = Jaws_Utils::UploadFiles($_FILES, Jaws_Utils::upload_tmp_dir(), 'gif,jpg,jpeg,png'); if (Jaws_Error::IsError($res)) { $response = array('type' => 'error', 'message' => $res->getMessage()); } elseif (empty($res)) { $response = array('type' => 'error', 'message' => _t('GLOBAL_ERROR_UPLOAD_4')); } else { $response = array('type' => 'notice', 'message' => $res['upload_avatar'][0]['host_filename']); } $response = Jaws_UTF8::json_encode($response); return "<script type='text/javascript'>parent.onUpload({$response});</script>"; }
/** * Save contact in database * * @access public */ function Send() { $post = jaws()->request->fetch(array('name', 'email', 'company', 'url', 'tel', 'fax', 'mobile', 'address', 'recipient', 'subject', 'message'), 'post'); if ($GLOBALS['app']->Session->Logged()) { $post['name'] = $GLOBALS['app']->Session->GetAttribute('nickname'); $post['email'] = $GLOBALS['app']->Session->GetAttribute('email'); $post['url'] = $GLOBALS['app']->Session->GetAttribute('url'); } if (trim($post['name']) == '' || trim($post['subject']) == '' || trim($post['message']) == '') { $GLOBALS['app']->Session->PushResponse(_t('CONTACT_INCOMPLETE_FIELDS'), 'Contact.Response', RESPONSE_ERROR); $GLOBALS['app']->Session->PushSimpleResponse($post, 'Contact.Data'); Jaws_Header::Referrer(); } $mPolicy = Jaws_Gadget::getInstance('Policy')->action->load('Captcha'); $resCheck = $mPolicy->checkCaptcha(); if (Jaws_Error::IsError($resCheck)) { $GLOBALS['app']->Session->PushResponse($resCheck->getMessage(), 'Contact.Response', RESPONSE_ERROR); $GLOBALS['app']->Session->PushSimpleResponse($post, 'Contact.Data'); Jaws_Header::Referrer(); } if ($this->gadget->registry->fetch('use_antispam') == 'true') { if (!preg_match("/^[[:alnum:]-_.]+\\@[[:alnum:]-_.]+\\.[[:alnum:]-_]+\$/", $post['email'])) { $GLOBALS['app']->Session->PushResponse(_t('CONTACT_RESULT_BAD_EMAIL_ADDRESS'), 'Contact.Response', RESPONSE_ERROR); $GLOBALS['app']->Session->PushSimpleResponse($post, 'Contact.Data'); Jaws_Header::Referrer(); } } $attachment = null; if ($this->gadget->registry->fetch('enable_attachment') == 'true' && $this->gadget->GetPermission('AllowAttachment')) { $attach = Jaws_Utils::UploadFiles($_FILES, JAWS_DATA . 'contact', '', false); if (Jaws_Error::IsError($attach)) { $GLOBALS['app']->Session->PushResponse($attach->getMessage(), 'Contact.Response', RESPONSE_ERROR); $GLOBALS['app']->Session->PushSimpleResponse($post, 'Contact.Data'); Jaws_Header::Referrer(); } if (!empty($attach)) { $attachment = $attach['attachment'][0]['host_filename']; } } $model = $this->gadget->model->load('Contacts'); $result = $model->InsertContact($post['name'], $post['email'], $post['company'], $post['url'], $post['tel'], $post['fax'], $post['mobile'], $post['address'], $post['recipient'], $post['subject'], $attachment, $post['message']); if (Jaws_Error::IsError($result)) { $res_msg = _t('CONTACT_RESULT_ERROR_DB'); $res_type = RESPONSE_ERROR; } else { $to = ''; $cid = $result; $rid = (int) $post['recipient']; if (!empty($rid)) { $model = $this->gadget->model->load('Recipients'); $recipient = $model->GetRecipient((int) $post['recipient']); if (Jaws_Error::IsError($recipient) || !isset($recipient['id'])) { $res_msg = _t('CONTACT_ERROR_RECIPIENT_DOES_NOT_EXISTS'); $res_type = RESPONSE_ERROR; } elseif ($recipient['inform_type'] == 1) { //Send To Email $to = $recipient['email']; } } $this->SendEmailToRecipient($to, $cid); $res_msg = _t('CONTACT_RESULT_SENT'); $res_type = RESPONSE_NOTICE; } $GLOBALS['app']->Session->PushResponse($res_msg, 'Contact.Response', $res_type); Jaws_Header::Referrer(); }
/** * Adds a new emblem * * @access public * @see EmblemsModel->AddEmblem() */ function AddEmblem() { $post = jaws()->request->fetch(array('title', 'url', 'type', 'published'), 'post'); $post['url'] = Jaws_XSS::defilter($post['url']); $res = Jaws_Utils::UploadFiles($_FILES, JAWS_DATA . 'emblems/', 'jpg,gif,swf,png,jpeg,bmp,svg'); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushLastResponse($res->getMessage(), RESPONSE_ERROR); } elseif (empty($res)) { $GLOBALS['app']->Session->PushLastResponse(_t('EMBLEMS_ERROR_NO_IMAGE_UPLOADED'), RESPONSE_ERROR); } else { $post['image'] = $res['image'][0]['host_filename']; $post['published'] = (bool) $post['published']; $model = $this->gadget->model->loadAdmin('Emblems'); $res = $model->AddEmblem($post); if (Jaws_Error::IsError($res)) { Jaws_Utils::delete(JAWS_DATA . 'emblems/' . $post['image']); $GLOBALS['app']->Session->PushLastResponse(_t('EMBLEMS_ERROR_NOT_ADDED'), RESPONSE_ERROR); } else { $GLOBALS['app']->Session->PushLastResponse(_t('EMBLEMS_ADDED'), RESPONSE_NOTICE); } } Jaws_Header::Location(BASE_SCRIPT . '?gadget=Emblems'); }
/** * Save changes on an edited blog entry and shows the entries list on admin section * * @access public */ function SaveEditEntry() { $names = array('id', 'edit_timestamp:array', 'pubdate', 'categories:array', 'title', 'fasturl', 'meta_keywords', 'meta_desc', 'tags', 'deleteImage', 'allow_comments:array', 'published', 'trackback_to'); $post = jaws()->request->fetch($names, 'post'); $content = jaws()->request->fetch(array('summary_block', 'text_block'), 'post', 'strip_crlf'); $post['trackback_to'] = str_replace("\r\n", "\n", $post['trackback_to']); $pModel = $this->gadget->model->loadAdmin('Posts'); $tModel = $this->gadget->model->loadAdmin('Trackbacks'); $id = (int) $post['id']; $pubdate = null; if (isset($post['edit_timestamp']) && $post['edit_timestamp'][0] == 'yes') { $pubdate = $post['pubdate']; } $post['categories'] = !empty($post['categories']) ? $post['categories'] : array(); foreach ($post['categories'] as $cat) { if (!$this->gadget->GetPermission('CategoryManage', $cat)) { return Jaws_HTTPError::Get(403); } } // Upload blog image $image = false; if ($post['deleteImage'] == 'false') { $image = null; if (count($_FILES) > 0 && !empty($_FILES['image_file']['name'])) { $targetDir = JAWS_DATA . 'blog' . DIRECTORY_SEPARATOR . 'images' . DIRECTORY_SEPARATOR; $res = Jaws_Utils::UploadFiles($_FILES, $targetDir, 'jpg,gif,png,jpeg,bmp', false); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushLastResponse($res->getMessage(), RESPONSE_ERROR); } elseif (empty($res)) { $GLOBALS['app']->Session->PushLastResponse(_t('GLOBAL_ERROR_UPLOAD_4'), RESPONSE_ERROR); } else { $image = $res['image_file'][0]['host_filename']; // Delete old image $model = $this->gadget->model->load('Posts'); $blogEntry = $model->GetEntry($id); if (!empty($blogEntry['image'])) { Jaws_Utils::Delete($targetDir . $blogEntry['image']); } } } } else { // Delete old image $model = $this->gadget->model->load('Posts'); $blogEntry = $model->GetEntry($id); if (!empty($blogEntry['image'])) { $targetDir = JAWS_DATA . 'blog' . DIRECTORY_SEPARATOR . 'images' . DIRECTORY_SEPARATOR; Jaws_Utils::Delete($targetDir . $blogEntry['image']); } } $pModel->UpdateEntry($id, $post['categories'], $post['title'], $content['summary_block'], $content['text_block'], $image, $post['fasturl'], $post['meta_keywords'], $post['meta_desc'], $post['tags'], isset($post['allow_comments'][0]), $post['trackback_to'], $post['published'], $pubdate); if (!Jaws_Error::IsError($id)) { if ($this->gadget->registry->fetch('trackback') == 'true') { $to = explode("\n", $post['trackback_to']); $link = $this->gadget->urlMap('SingleView', array('id' => $id), true); $title = $post['title']; $text = $content['text_block']; if (Jaws_UTF8::strlen($text) > 250) { $text = Jaws_UTF8::substr($text, 0, 250) . '...'; } $tModel->SendTrackback($title, $text, $link, $to); } } Jaws_Header::Location(BASE_SCRIPT . '?gadget=Blog&action=EditEntry&id=' . $id); }
/** * Uploads a new file * * @access public */ function UploadFile() { $this->gadget->CheckPermission('UploadFiles'); $fModel = $this->gadget->model->load('Files'); $fModelAdmin = $this->gadget->model->loadAdmin('Files'); $post = jaws()->request->fetch(array('path', 'file_title', 'file_description', 'file_fast_url', 'oldname', 'extra_params'), 'post'); $uploaddir = $fModel->GetFileBrowserRootDir() . $post['path']; require_once PEAR_PATH . 'File/Util.php'; $uploaddir = File_Util::realpath($uploaddir) . DIRECTORY_SEPARATOR; if (!File_Util::pathInRoot($uploaddir, $fModel->GetFileBrowserRootDir())) { $GLOBALS['app']->Session->PushLastResponse(_t('GLOBAL_ERROR_UPLOAD'), RESPONSE_ERROR); } else { $res = Jaws_Utils::UploadFiles($_FILES, $uploaddir, ''); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushLastResponse($res->getMessage(), RESPONSE_ERROR); } elseif (empty($res)) { $GLOBALS['app']->Session->PushLastResponse(_t('GLOBAL_ERROR_UPLOAD_4'), RESPONSE_ERROR); } else { $post['oldname'] = preg_replace('/[^[:alnum:]_\\.\\-]*/', '', $post['oldname']); if (!empty($post['oldname']) && $res['uploadfile'][0]['host_filename'] != $post['oldname']) { $fModelAdmin->Delete($post['path'], $post['oldname']); } $fModelAdmin->UpdateDBFileInfo($post['path'], $res['uploadfile'][0]['host_filename'], empty($post['file_title']) ? $res['uploadfile'][0]['user_filename'] : $post['file_title'], $post['file_description'], $post['file_fast_url'], $post['oldname']); } } if (empty($post['extra_params'])) { Jaws_Header::Location(BASE_SCRIPT . '?gadget=FileBrowser&action=Files&path=' . $post['path']); } else { Jaws_Header::Location(BASE_SCRIPT . '?gadget=FileBrowser&action=BrowseFile&path=' . $post['path'] . html_entity_decode($post['extra_params'])); } }
/** * Uploads attachment file * * @access public * @return string javascript script segment */ function UploadFile() { $res = Jaws_Utils::UploadFiles($_FILES, Jaws_Utils::upload_tmp_dir()); if (Jaws_Error::IsError($res)) { $response = array('type' => 'error', 'message' => $res->getMessage()); } elseif (empty($res)) { $response = array('type' => 'error', 'message' => _t('GLOBAL_ERROR_UPLOAD_4')); } else { $response = array('type' => 'notice', 'filename' => $res['attachment'][0]['host_filename'], 'filesize' => Jaws_Utils::FormatSize($_FILES['attachment']['size'])); } $response = Jaws_UTF8::json_encode($response); return "<script type='text/javascript'>parent.onUpload({$response});</script>"; }
/** * Uploads file to system temp directory * * @access public * @return string JavaScript snippet */ function UploadFile() { $res = Jaws_Utils::UploadFiles($_FILES, Jaws_Utils::upload_tmp_dir(), '', null); if (Jaws_Error::IsError($res)) { $response = array('type' => 'error', 'message' => $res->getMessage()); } else { $response = array('type' => 'notice', 'user_filename' => $res['file'][0]['user_filename'], 'host_filename' => $res['file'][0]['host_filename'], 'filetype' => $res['file'][0]['host_filetype'], 'filesize' => $res['file'][0]['host_filesize']); } $response = Jaws_UTF8::json_encode($response); return "<script>parent.onUpload({$response});</script>"; }
/** * Add a new entry * * @access public * @param string $user User who is adding the photo * @param array $files info like original name, tmp name and size * @param string $title Title of the image * @param string $description Description of the image * @param bool $fromControlPanel Is it called from ControlPanel? * @param array $album Array containing the required info about the album * @return mixed Returns the ID of the new entry and Jaws_Error on error */ function NewEntry($user, $files, $title, $description, $fromControlPanel = true, $album) { // check if it's really a uploaded file. /*if (is_uploaded_file($files['tmp_name'])) { $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO'), RESPONSE_ERROR); return new Jaws_Error(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO')); }*/ if (!preg_match("/\\.png\$|\\.jpg\$|\\.jpeg\$|\\.gif\$/i", $files['name'])) { $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO_EXT'), RESPONSE_ERROR); return new Jaws_Error(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO_EXT')); } // Create directories $uploaddir = JAWS_DATA . 'phoo/' . date('Y_m_d') . '/'; if (!is_dir($uploaddir)) { if (!Jaws_Utils::is_writable(JAWS_DATA . 'phoo/')) { $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO'), RESPONSE_ERROR); return new Jaws_Error(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO')); } $new_dirs = array(); $new_dirs[] = $uploaddir; $new_dirs[] = $uploaddir . 'thumb'; $new_dirs[] = $uploaddir . 'medium'; foreach ($new_dirs as $new_dir) { if (!Jaws_Utils::mkdir($new_dir)) { $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO'), RESPONSE_ERROR); return new Jaws_Error(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO')); } } } $filename = $files['name']; if (file_exists($uploaddir . $files['name'])) { $filename = time() . '_' . $files['name']; } $res = Jaws_Utils::UploadFiles($files, $uploaddir, 'jpg,gif,png,jpeg', false, !$fromControlPanel); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushLastResponse($res->getMessage(), RESPONSE_ERROR); return new Jaws_Error($res->getMessage()); } elseif (empty($res)) { $GLOBALS['app']->Session->PushLastResponse(_t('GLOBAL_ERROR_UPLOAD_4'), RESPONSE_ERROR); return new Jaws_Error(_t('GLOBAL_ERROR_UPLOAD_4')); } $filename = $res[0][0]['host_filename']; $uploadfile = $uploaddir . $filename; // Resize Image include_once JAWS_PATH . 'include/Jaws/Image.php'; $objImage = Jaws_Image::factory(); if (Jaws_Error::IsError($objImage)) { return Jaws_Error::raiseError($objImage->getMessage()); } $thumbSize = explode('x', $this->gadget->registry->fetch('thumbsize')); $mediumSize = explode('x', $this->gadget->registry->fetch('mediumsize')); $objImage->load($uploadfile); $objImage->resize($thumbSize[0], $thumbSize[1]); $res = $objImage->save($this->GetThumbPath($uploadfile)); $objImage->free(); if (Jaws_Error::IsError($res)) { // Return an error if image can't be resized $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_ERROR_CANT_RESIZE_TO_THUMB'), RESPONSE_ERROR); return new Jaws_Error($res->getMessage()); } $objImage->load($uploadfile); $objImage->resize($mediumSize[0], $mediumSize[1]); $res = $objImage->save($this->GetMediumPath($uploadfile)); $objImage->free(); if (Jaws_Error::IsError($res)) { // Return an error if image can't be resized $GLOBALS['app']->Session->PushLastResponse($res->getMessage(), RESPONSE_ERROR); return new Jaws_Error(_t('PHOO_ERROR_CANT_RESIZE_TO_MEDIUM')); } $data = array(); $data['user_id'] = $user; $data['filename'] = date('Y_m_d') . '/' . $filename; $data['title'] = $title; $data['description'] = $description; if ($this->gadget->registry->fetch('allow_comments') === 'true' && $album['allow_comments']) { $data['allow_comments'] = true; } else { $data['allow_comments'] = false; } if ($this->gadget->registry->fetch('published') === 'true' && $this->gadget->GetPermission('ManageAlbums')) { $data['published'] = true; } else { $data['published'] = false; } $jDate = Jaws_Date::getInstance(); $createtime = Jaws_DB::getInstance()->date(); if (function_exists('exif_read_data') && preg_match("/\\.jpg\$|\\.jpeg\$/i", $files['name']) && ($exifData = @exif_read_data($uploadfile, 1, true)) && !empty($exifData['IFD0']['DateTime']) && $jDate->ValidDBDate($exifData['IFD0']['DateTime'])) { $aux = explode(' ', $exifData['IFD0']['DateTime']); $auxdate = str_replace(':', '-', $aux[0]); $auxtime = $aux[1]; $createtime = $auxdate . ' ' . $auxtime; } $data['createtime'] = $createtime; $table = Jaws_ORM::getInstance()->table('phoo_image'); $result = $table->insert($data)->exec(); if (Jaws_Error::IsError($result)) { $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO'), RESPONSE_ERROR); return new Jaws_Error(_t('PHOO_ERROR_CANT_UPLOAD_PHOTO')); } // Lets remove the original if keep_original = false if ($this->gadget->registry->fetch('keep_original') == 'false') { if (!empty($data['filename'])) { Jaws_Utils::delete(JAWS_DATA . 'phoo/' . $data['filename']); } } // shout SiteActivity event $saParams = array(); $saParams['action'] = 'Photo'; $this->gadget->event->shout('SiteActivity', $saParams); $GLOBALS['app']->Session->PushLastResponse(_t('PHOO_PHOTO_ADDED'), RESPONSE_NOTICE); return $result; }
/** * Insert and Update banners * * @access public */ function UploadBanner() { $this->gadget->CheckPermission('ManageBanners'); $post = jaws()->request->fetch(array('bid', 'title', 'url', 'gid', 'type', 'banner', 'views_limit', 'clicks_limit', 'start_time', 'stop_time', 'random', 'published'), 'post'); $post['template'] = jaws()->request->fetch('template', 'post', 'strip_crlf'); $model = $this->gadget->model->loadAdmin('Banners'); $res = Jaws_Utils::UploadFiles($_FILES, JAWS_DATA . $this->gadget->DataDirectory, 'jpg,gif,swf,png,jpeg,bmp,svg', false); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushLastResponse($res->getMessage(), RESPONSE_ERROR); } elseif (empty($res)) { $GLOBALS['app']->Session->PushLastResponse(_t('GLOBAL_ERROR_UPLOAD_4'), RESPONSE_ERROR); } else { $filename = $res['upload_banner'][0]['host_filename']; if ($post['bid'] != 0) { $model->UpdateBanner($post['bid'], $post['title'], $post['url'], $post['gid'], $filename, $post['template'], $post['views_limit'], $post['clicks_limit'], $post['start_time'], $post['stop_time'], $post['random'], $post['published']); } else { $model->InsertBanner($post['title'], $post['url'], $post['gid'], $filename, $post['template'], $post['views_limit'], $post['clicks_limit'], $post['start_time'], $post['stop_time'], $post['random'], $post['published']); } } Jaws_Header::Location(BASE_SCRIPT . '?gadget=Banner'); }
/** * Add/Edit a post * * @access public */ function UpdatePost() { if (!$GLOBALS['app']->Session->Logged()) { return Jaws_HTTPError::Get(403); } $post = jaws()->request->fetch(array('fid', 'tid', 'pid', 'subject', 'message', 'update_reason', 'notification'), 'post'); if (empty($post['fid']) || !$this->gadget->GetPermission('ForumPublic', $post['fid'])) { return Jaws_HTTPError::Get(403); } if (empty($post['message'])) { $GLOBALS['app']->Session->PushResponse(_t('GLOBAL_ERROR_INCOMPLETE_FIELDS'), 'UpdatePost', RESPONSE_ERROR, $post); // redirect to referrer page Jaws_Header::Referrer(); } // check captcha only in new post action if (empty($post['pid'])) { $htmlPolicy = Jaws_Gadget::getInstance('Policy')->action->load('Captcha'); $resCheck = $htmlPolicy->checkCaptcha(); if (Jaws_Error::IsError($resCheck)) { $GLOBALS['app']->Session->PushResponse($resCheck->getMessage(), 'UpdatePost', RESPONSE_ERROR, $post); Jaws_Header::Referrer(); } } $tModel = $this->gadget->model->load('Topics'); $topic = $tModel->GetTopic($post['tid'], $post['fid']); if (Jaws_Error::IsError($topic)) { // redirect to referrer page Jaws_Header::Referrer(); } // attachment $post['attachments'] = null; if ($this->gadget->registry->fetch('enable_attachment') == 'true' && $this->gadget->GetPermission('AddPostAttachment')) { $res = Jaws_Utils::UploadFiles($_FILES, JAWS_DATA . 'forums', '', null); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushResponse($res->getMessage(), 'UpdatePost', RESPONSE_ERROR, $post); // redirect to referrer page Jaws_Header::Referrer(); } if (!empty($res)) { $post['attachments'] = $res['attachment']; } } $send_notification = $this->gadget->GetPermission('ForumManage', $post['fid']) ? (bool) $post['notification'] : true; // edit min/max limit time $edit_min_limit_time = (int) $this->gadget->registry->fetch('edit_min_limit_time'); $edit_max_limit_time = (int) $this->gadget->registry->fetch('edit_max_limit_time'); // posts per page $posts_limit = $this->gadget->registry->fetch('posts_limit'); $posts_limit = empty($posts_limit) ? 10 : (int) $posts_limit; $pModel = $this->gadget->model->load('Posts'); if (empty($post['pid'])) { $result = $pModel->InsertPost($GLOBALS['app']->Session->GetAttribute('user'), $post['tid'], $post['fid'], $post['message'], $post['message'], $post['attachments']); $event_type = 'new'; $error_message = _t('FORUMS_POSTS_NEW_ERROR'); $last_post_page = floor($topic['replies'] / $posts_limit) + 1; } else { $oldPost = $pModel->GetPost($post['pid'], $post['tid'], $post['fid']); if (Jaws_Error::IsError($oldPost) || empty($oldPost)) { // redirect to referrer page Jaws_Header::Referrer(); } // check edit permissions $forumManage = $this->gadget->GetPermission('ForumManage', $topic['fid']); $update_uid = (int) $GLOBALS['app']->Session->GetAttribute('user'); if (!$this->gadget->GetPermission('EditPost') || $oldPost['uid'] != $update_uid && !$forumManage || $topic['locked'] && !$forumManage || time() - $oldPost['insert_time'] > $edit_max_limit_time && !$forumManage) { return Jaws_HTTPError::Get(403); } if (time() - $oldPost['insert_time'] <= $edit_min_limit_time) { $update_uid = 0; $send_notification = false; $post['update_reason'] = ''; } // Update Attachments $remainAttachments = jaws()->request->fetch('current_attachments:array'); $aModel = $this->gadget->model->load('Attachments'); $oldAttachments = $aModel->GetAttachments($oldPost['id']); if (count($remainAttachments) == 0) { $aModel->DeletePostAttachments($oldPost['id']); } else { foreach ($oldAttachments as $oldAttachment) { if (!in_array($oldAttachment['id'], $remainAttachments)) { $aModel->DeleteAttachment($oldAttachment['id']); } } } $result = $pModel->UpdatePost($post['pid'], $update_uid, $post['message'], $post['attachments'], $post['update_reason']); $event_type = 'edit'; // no notification for topic creator $topic['email'] = ''; $error_message = _t('FORUMS_POSTS_EDIT_ERROR'); $last_post_page = floor(($topic['replies'] - 1) / $posts_limit) + 1; } if (Jaws_Error::IsError($result)) { $GLOBALS['app']->Session->PushResponse($error_message, 'UpdatePost', RESPONSE_ERROR, $post); // redirect to referrer page Jaws_Header::Referrer(); } $post['pid'] = $result; $url_params = array('fid' => $post['fid'], 'tid' => $post['tid']); if ($last_post_page > 1) { $url_params['page'] = $last_post_page; } $post_link = $this->gadget->urlMap('Posts', $url_params, true); // send email notification if ($send_notification) { $result = $pModel->PostNotification($topic['email'], $event_type, $topic['forum_title'], $post_link, $topic['subject'], $this->gadget->ParseText($post['message'], 'Forums', 'index')); if (Jaws_Error::IsError($result)) { // do nothing } } // redirect to topic posts page Jaws_Header::Location($post_link); }
/** * Updates user personal * * @access public * @return void */ function UpdatePersonal() { if (!$GLOBALS['app']->Session->Logged()) { Jaws_Header::Location($this->gadget->urlMap('LoginBox', array('referrer' => bin2hex(Jaws_Utils::getRequestURL(true))))); } $this->gadget->CheckPermission('EditUserPersonal'); $post = jaws()->request->fetch(array('fname', 'lname', 'gender', 'ssn', 'dob', 'url', 'signature', 'about', 'avatar', 'delete_avatar', 'experiences', 'occupations', 'interests'), 'post'); if (!empty($post['dob'])) { $post['dob'] = Jaws_Date::getInstance()->ToBaseDate(explode('-', $post['dob']), 'Y-m-d'); } else { $post['dob'] = null; } // validate url if (!preg_match('|^\\S+://\\S+\\.\\S+.+$|i', $post['url'])) { $post['url'] = ''; } unset($post['avatar']); if (empty($post['delete_avatar'])) { $res = Jaws_Utils::UploadFiles($_FILES, Jaws_Utils::upload_tmp_dir(), 'gif,jpg,jpeg,png,svg'); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushResponse($res->GetMessage(), 'Users.Personal.Response', RESPONSE_ERROR, $post); Jaws_Header::Location($this->gadget->urlMap('Personal')); } elseif (!empty($res)) { $post['avatar'] = $res['avatar'][0]['host_filename']; } } else { $post['avatar'] = ''; } $model = $this->gadget->model->load('Personal'); $result = $model->UpdatePersonal($GLOBALS['app']->Session->GetAttribute('user'), $post); if (Jaws_Error::IsError($result)) { $GLOBALS['app']->Session->PushResponse($result->GetMessage(), 'Users.Personal.Response', RESPONSE_ERROR, $post); } else { $GLOBALS['app']->Session->PushResponse(_t('USERS_USERS_PERSONALINFO_UPDATED'), 'Users.Personal.Response'); } Jaws_Header::Location($this->gadget->urlMap('Personal')); }
/** * Uploads the personal image * * @access public * @return string XHTML content */ function UploadImage() { if (!$GLOBALS['app']->Session->Logged()) { return Jaws_HTTPError::Get(403); } $res = Jaws_Utils::UploadFiles($_FILES, Jaws_Utils::upload_tmp_dir(), 'gif,jpg,jpeg,png'); if (Jaws_Error::IsError($res)) { $response = array('type' => 'error', 'message' => $res->getMessage()); } else { $response = array('type' => 'notice', 'message' => $res['upload_image'][0]['host_filename']); } $response = Jaws_UTF8::json_encode($response); return "<script type='text/javascript'>parent.onUpload({$response});</script>"; }
/** * Add/Edit a topic * * @access public */ function UpdateTopic() { if (!$GLOBALS['app']->Session->Logged()) { return Jaws_HTTPError::Get(403); } $topic = jaws()->request->fetch(array('fid', 'tid', 'target', 'subject', 'message', 'update_reason', 'notification', 'status'), 'post'); if (empty($topic['fid']) || !$this->gadget->GetPermission('ForumPublic', $topic['fid'])) { return Jaws_HTTPError::Get(403); } if (empty($topic['subject']) || empty($topic['message'])) { $GLOBALS['app']->Session->PushResponse(_t('GLOBAL_ERROR_INCOMPLETE_FIELDS'), 'UpdateTopic', RESPONSE_ERROR, $topic); // redirect to referrer page Jaws_Header::Referrer(); } // check captcha only in new topic action if (empty($topic['tid'])) { $htmlPolicy = Jaws_Gadget::getInstance('Policy')->action->load('Captcha'); $resCheck = $htmlPolicy->checkCaptcha(); if (Jaws_Error::IsError($resCheck)) { $GLOBALS['app']->Session->PushResponse($resCheck->getMessage(), 'UpdateTopic', RESPONSE_ERROR, $topic); Jaws_Header::Referrer(); } } // attachment $topic['attachments'] = null; if ($this->gadget->registry->fetch('enable_attachment') == 'true' && $this->gadget->GetPermission('AddPostAttachment')) { $res = Jaws_Utils::UploadFiles($_FILES, JAWS_DATA . 'forums', '', null); if (Jaws_Error::IsError($res)) { $GLOBALS['app']->Session->PushResponse($res->getMessage(), 'UpdateTopic', RESPONSE_ERROR, $topic); // redirect to referrer page Jaws_Header::Referrer(); } if (!empty($res)) { $topic['attachments'] = $res['attachment']; } } $send_notification = $this->gadget->GetPermission('ForumManage', $topic['fid']) ? (bool) $topic['notification'] : true; // edit min/max limit time $edit_min_limit_time = (int) $this->gadget->registry->fetch('edit_min_limit_time'); $edit_max_limit_time = (int) $this->gadget->registry->fetch('edit_max_limit_time'); $topic['forum_title'] = ''; $tModel = $this->gadget->model->load('Topics'); if (empty($topic['tid'])) { $fModel = $this->gadget->model->load('Forums'); $result = $fModel->GetForum($topic['fid']); if (!Jaws_Error::IsError($result) && !empty($result)) { // check topic publish permission $status = $topic['status']; $published = false; if ($this->gadget->GetPermission('PublishTopic') && $status == 'published') { $published = true; } $topic['forum_title'] = $result['title']; $result = $tModel->InsertTopic($GLOBALS['app']->Session->GetAttribute('user'), $topic['fid'], $topic['subject'], $topic['message'], $topic['attachments'], $published); } $event_type = 'new'; $error_message = _t('FORUMS_TOPICS_NEW_ERROR'); } else { $oldTopic = $tModel->GetTopic($topic['tid'], $topic['fid']); if (Jaws_Error::IsError($oldTopic) || empty($oldTopic)) { // redirect to referrer page Jaws_Header::Referrer(); } // check permission for edit topic $forumManage = $this->gadget->GetPermission('ForumManage', $topic['fid']); $update_uid = (int) $GLOBALS['app']->Session->GetAttribute('user'); if (!$this->gadget->GetPermission('EditTopic') || $oldTopic['first_post_uid'] != $update_uid && !$forumManage || $oldTopic['locked'] && !$forumManage || time() - $oldTopic['first_post_time'] > $edit_max_limit_time && !$forumManage) { return Jaws_HTTPError::Get(403); } if (time() - $oldTopic['first_post_time'] <= $edit_min_limit_time) { $update_uid = 0; $send_notification = false; $topic['update_reason'] = ''; } // set target topic for move if (!$forumManage || empty($topic['target'])) { $topic['target'] = $topic['fid']; } // Update Attachments $remainAttachments = jaws()->request->fetch('current_attachments:array'); $aModel = $this->gadget->model->load('Attachments'); $oldAttachments = $aModel->GetAttachments($oldTopic['first_post_id']); if (count($remainAttachments) == 0) { $aModel->DeletePostAttachments($oldTopic['first_post_id']); } else { foreach ($oldAttachments as $oldAttachment) { if (!in_array($oldAttachment['id'], $remainAttachments)) { $aModel->DeleteAttachment($oldAttachment['id']); } } } $topic['forum_title'] = $oldTopic['forum_title']; $topic['published'] = $topic['status'] == 'published'; $result = $tModel->UpdateTopic($topic['target'], $topic['fid'], $topic['tid'], $oldTopic['first_post_id'], $update_uid, $topic['subject'], $topic['message'], $topic['attachments'], $topic['published'], $topic['update_reason']); // fill forum id with target forum id if ($topic['fid'] != $topic['target']) { $topic['fid'] = $topic['target']; $event_type = 'move'; } else { $event_type = 'edit'; } $error_message = _t('FORUMS_TOPICS_EDIT_ERROR'); } if (Jaws_Error::IsError($result)) { $GLOBALS['app']->Session->PushResponse($error_message, 'UpdateTopic', RESPONSE_ERROR, $topic); // redirect to referrer page Jaws_Header::Referrer(); } $topic['tid'] = $result; $topic_link = $this->gadget->urlMap('Posts', array('fid' => $topic['fid'], 'tid' => $topic['tid']), true); if ($send_notification) { $result = $tModel->TopicNotification($event_type, $topic['forum_title'], $topic_link, $topic['subject'], $this->gadget->ParseText($topic['message'], 'Forums', 'index')); if (Jaws_Error::IsError($result)) { // do nothing } } // redirect to topic posts page Jaws_Header::Location($topic_link); }