/**
* Check the StopForumSpam API for a specific field (username, email or IP)
*
* @param string $field field to check
* @param string $value value to validate
* @return true if spammer was found with passed info
*/
public function checkForField($field, $value)
{
$spam = false;
return $spam;
// MODIFIED BY FREEFORM SOLUTIONS for compatibility with offline installs. SUGGESTED BY SKENOW HERE: http://www.freeformsolutions.ca/en/forum/using-formulize-no-internet-access#comment-4554
$url = $this->api_url . $field . '=' . urlencode($value);
if (!ini_get('allow_url_fopen')) {
$output = '';
$ch = curl_init();
if (!curl_setopt($ch, CURLOPT_URL, "{$url}")) {
icms_core_Debug::message($this->api_url . $field . '=' . $value);
echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n";
}
curl_setopt($ch, CURLOPT_URL, "{$url}");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output .= curl_exec($ch);
curl_close($ch);
if (preg_match("#<appears>(.*)</appears>#i", $output, $out)) {
$spam = $out[1];
}
} else {
$file = fopen($url, "r");
if (!$file) {
icms_core_Debug::message($this->api_url . $field . '=' . $value);
echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n";
}
while (!feof($file)) {
$line = fgets($file, 1024);
if (preg_match("#<appears>(.*)</appears>#i", $line, $out)) {
$spam = $out[1];
break;
}
}
fclose($file);
}
return $spam == 'yes';
}
/**
* Check the StopForumSpam API for a specific field (username, email or IP)
*
* @param string $field field to check
* @param string $value value to validate
* @return true if spammer was found with passed info
*/
public function checkForField($field, $value)
{
$spam = false;
$url = $this->api_url . $field . '=' . urlencode($value);
if (!ini_get('allow_url_fopen')) {
$output = '';
$ch = curl_init();
if (!curl_setopt($ch, CURLOPT_URL, "{$url}")) {
icms_core_Debug::message($this->api_url . $field . '=' . $value);
echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n";
}
curl_setopt($ch, CURLOPT_URL, "{$url}");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output .= curl_exec($ch);
curl_close($ch);
if (preg_match("#<appears>(.*)</appears>#i", $output, $out)) {
$spam = $out[1];
}
} else {
$file = fopen($url, "r");
if (!$file) {
icms_core_Debug::message($this->api_url . $field . '=' . $value);
echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n";
}
while (!feof($file)) {
$line = fgets($file, 1024);
if (preg_match("#<appears>(.*)</appears>#i", $line, $out)) {
$spam = $out[1];
break;
}
}
fclose($file);
}
return $spam == 'yes';
}
/**
* insert a new object in the database
*
* @param object $obj reference to the object
* @param bool $force whether to force the query execution despite security settings
* @param bool $checkObject check if the object is dirty and clean the attributes
* @return bool FALSE if failed, TRUE if already present and unchanged or successful
*/
public function insert(&$obj, $force = false, $checkObject = true, $debug = false)
{
if ($checkObject != false) {
if (!is_object($obj)) {
return false;
}
/**
* @TODO: Change to if (!(class_exists($this->className) && $obj instanceof $this->className)) when going fully PHP5
*/
if (!is_a($obj, $this->className)) {
$obj->setErrors(get_class($obj) . ' Differs from ' . $this->className);
return false;
}
if (!$obj->isDirty()) {
$obj->setErrors("Not dirty");
//will usually not be outputted as errors are not displayed when the method returns true, but it can be helpful when troubleshooting code - Mith
return true;
}
}
if ($obj->seoEnabled) {
// Auto create meta tags if empty
$icms_metagen = new icms_ipf_Metagen($obj->title(), $obj->getVar('meta_keywords'), $obj->summary());
if (!$obj->getVar('meta_keywords') || !$obj->getVar('meta_description')) {
if (!$obj->meta_keywords()) {
$obj->setVar('meta_keywords', $icms_metagen->_keywords);
}
if (!$obj->meta_description()) {
$obj->setVar('meta_description', $icms_metagen->_meta_description);
}
}
// Auto create short_url if empty
if (!$obj->short_url()) {
$obj->setVar('short_url', $icms_metagen->generateSeoTitle($obj->title('n'), false));
}
}
$eventResult = $this->executeEvent('beforeSave', $obj);
if (!$eventResult) {
$obj->setErrors('An error occured during the BeforeSave event');
return false;
}
if ($obj->isNew()) {
$eventResult = $this->executeEvent('beforeInsert', $obj);
if (!$eventResult) {
$obj->setErrors('An error occured during the BeforeInsert event');
return false;
}
} else {
$eventResult = $this->executeEvent('beforeUpdate', $obj);
if (!$eventResult) {
$obj->setErrors('An error occured during the BeforeUpdate event');
return false;
}
}
if (!$obj->cleanVars()) {
$obj->setErrors('Variables were not cleaned properly.');
return false;
}
$fieldsToStoreInDB = array();
foreach ($obj->cleanVars as $k => $v) {
if ($obj->vars[$k]['data_type'] == XOBJ_DTYPE_INT) {
$cleanvars[$k] = (int) $v;
} elseif (is_array($v)) {
$cleanvars[$k] = $this->db->quoteString(implode(',', $v));
} else {
$cleanvars[$k] = $this->db->quoteString($v);
}
if ($obj->vars[$k]['persistent']) {
$fieldsToStoreInDB[$k] = $cleanvars[$k];
}
}
if ($obj->isNew()) {
if (!is_array($this->keyName)) {
if ($cleanvars[$this->keyName] < 1) {
$cleanvars[$this->keyName] = $this->db->genId($this->table . '_' . $this->keyName . '_seq');
}
}
$sql = 'INSERT INTO ' . $this->table . ' (' . implode(',', array_keys($fieldsToStoreInDB)) . ') VALUES (' . implode(',', array_values($fieldsToStoreInDB)) . ')';
} else {
$sql = 'UPDATE ' . $this->table . ' SET';
foreach ($fieldsToStoreInDB as $key => $value) {
if (!is_array($this->keyName) && $key == $this->keyName || is_array($this->keyName) && in_array($key, $this->keyName)) {
continue;
}
if (isset($notfirst)) {
$sql .= ',';
}
$sql .= ' ' . $key . ' = ' . $value;
$notfirst = true;
}
if (is_array($this->keyName)) {
$whereclause = '';
for ($i = 0; $i < count($this->keyName); $i++) {
if ($i > 0) {
$whereclause .= ' AND ';
}
$whereclause .= $this->keyName[$i] . ' = ' . $obj->getVar($this->keyName[$i]);
}
} else {
$whereclause = $this->keyName . ' = ' . $obj->getVar($this->keyName);
}
$sql .= ' WHERE ' . $whereclause;
}
if ($debug) {
icms_core_Debug::message($sql);
}
if (false != $force) {
$result = $this->db->queryF($sql);
} else {
$result = $this->db->query($sql);
}
if (!$result) {
$obj->setErrors($this->db->error());
return false;
}
if ($obj->isNew() && !is_array($this->keyName)) {
$obj->assignVar($this->keyName, $this->db->getInsertId());
}
$eventResult = $this->executeEvent('afterSave', $obj);
if (!$eventResult) {
$obj->setErrors('An error occured during the AfterSave event');
return false;
}
if ($obj->isNew()) {
$obj->unsetNew();
$eventResult = $this->executeEvent('afterInsert', $obj);
if (!$eventResult) {
$obj->setErrors('An error occured during the AfterInsert event');
return false;
}
} else {
$eventResult = $this->executeEvent('afterUpdate', $obj);
if (!$eventResult) {
$obj->setErrors('n error occured during the AfterUpdate event');
return false;
}
}
return true;
}
/**
* Output a line of debug
*
* @param string $msg text to be outputed as a debug line
* @param bool $exit if TRUE the script will end
* @deprecated use icms_core_Debug::message() instead
*/
function icms_debug($msg, $exit = false)
{
icms_core_Debug::setDeprecated('icms_core_Debug::message');
return icms_core_Debug::message($msg, $exit);
}
/**
* Removes data insterted since 2.0.18.1
*
*/
function apply_config()
{
$db = $GLOBALS['xoopsDB'];
// remove configuration items
$db->queryF("DELETE FROM `" . $db->prefix('config') . "` WHERE conf_name='cpanel'");
$db->queryF("DELETE FROM `" . $db->prefix('config') . "` WHERE conf_name='welcome_type'");
$db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_NO'");
$db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_MD_AM_WELCOMETYPE_EMAIL'");
$db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_MD_AM_WELCOMETYPE_PM'");
$db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_MD_AM_WELCOMETYPE_BOTH'");
$db->queryF("UPDATE `" . $db->prefix('config') . "` SET conf_value = 'iTheme' WHERE conf_name = 'theme_set'");
// remove cache_model table
$db->queryF("DROP TABLE " . $db->prefix("cache_model"));
$sql = "ALTER TABLE `" . $db->prefix('block_module_link') . "` DROP PRIMARY KEY";
if (!$result = $db->queryF($sql)) {
icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error());
return false;
}
$sql = "ALTER IGNORE TABLE `" . $db->prefix('block_module_link') . "` ADD KEY module_id (module_id)";
if (!$result = $db->queryF($sql)) {
icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error());
return false;
}
$sql = "ALTER IGNORE TABLE `" . $db->prefix('block_module_link') . "` ADD KEY block_id (block_id)";
if (!$result = $db->queryF($sql)) {
icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error());
return false;
}
$sql = "ALTER TABLE `" . $db->prefix('newblocks') . "` MODIFY content text NOT NULL";
if (!$result = $db->queryF($sql)) {
icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error());
return false;
}
return true;
}
/**
* Authenticate using the OpenID protocol
*
* @param bool $debug Turn debug on or not
* @return bool successful?
*/
public function authenticate($debug = FALSE)
{
// check to see if we already have an OpenID response in SESSION
if (isset($_SESSION['openid_response'])) {
if ($debug) {
icms_core_Debug::message(_CORE_OID_INSESSIONS);
}
$this->response = unserialize($_SESSION['openid_response']);
} else {
if ($debug) {
icms_core_Debug::message(_CORE_OID_FETCHING);
}
// Complete the authentication process using the server's response.
$consumer = getConsumer();
$return_to = getReturnTo();
//$this->response = $consumer->complete($_GET);
$this->response = $consumer->complete($return_to);
$_SESSION['openid_response'] = serialize($this->response);
}
if ($this->response->status == Auth_OpenID_CANCEL) {
if ($debug) {
icms_core_Debug::message(_CORE_OID_STATCANCEL);
}
// This means the authentication was cancelled.
$this->setErrors('100', _CORE_OID_VERIFCANCEL);
} elseif ($this->response->status == Auth_OpenID_FAILURE) {
if ($debug) {
icms_core_Debug::message(_CORE_OID_SERVERFAILED);
}
$this->setErrors('101', _CORE_OID_FAILED . $this->response->message);
if ($debug) {
icms_core_Debug::message(_CORE_OID_DUMPREQ);
icms_core_Debug::vardump($_REQUEST);
}
return FALSE;
} elseif ($this->response->status == Auth_OpenID_SUCCESS) {
// This means the authentication succeeded.
$this->displayid = $this->response->getDisplayIdentifier();
$this->openid = $this->response->identity_url;
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($this->response);
$sreg = $sreg_resp->contents();
$_SESSION['openid_sreg'] = $sreg;
if ($debug) {
icms_core_Debug::message(_CORE_OID_SERVERSUCCESS);
icms_core_Debug::message(_CORE_OID_DISPID . $this->displayid);
icms_core_Debug::message(_CORE_OID_OPENID . $this->openid);
icms_core_Debug::message(_CORE_OID_DUMPING);
icms_core_Debug::vardump($sreg);
}
$esc_identity = htmlspecialchars($this->openid, ENT_QUOTES);
$success = sprintf(_CORE_OID_SUCESSFULLYIDENTIFIED, $esc_identity, $this->displayid);
if ($this->response->endpoint->canonicalID) {
$success .= sprintf(_CORE_OID_CANONID, $this->response->endpoint->canonicalID);
}
/**
* Now, where are we in the process, just back from OpenID server or trying to register or
* trying to link to an existing account
*/
if (isset($_POST['openid_register'])) {
if ($debug) {
icms_core_Debug::message(_CORE_OID_STEPIS . 'OPENID_STEP_REGISTER');
}
$this->step = OPENID_STEP_REGISTER;
} elseif (isset($_POST['openid_link'])) {
if ($debug) {
icms_core_Debug::message(_CORE_OID_STEPIS . 'OPENID_STEP_LINK');
}
$this->step = OPENID_STEP_LINK;
} elseif (isset($_SESSION['openid_step'])) {
if ($debug) {
icms_core_Debug::message(_CORE_OID_STEPIS . $_SESSION['openid_step']);
}
$this->step = $_SESSION['openid_step'];
} else {
if ($debug) {
icms_core_Debug::message(_CORE_OID_CHECKINGID);
}
// Do we already have a user with this openid
$member_handler = icms::handler('icms_member');
$criteria = new icms_db_criteria_Compo();
$criteria->add(new icms_db_criteria_Item('openid', $this->openid));
$users =& $member_handler->getUsers($criteria);
if ($users && count($users) > 0) {
$this->step = OPENID_STEP_USER_FOUND;
if ($debug) {
icms_core_Debug::message(_CORE_OID_FOUNDSTEPIS . 'OPENID_STEP_USER_FOUND');
}
return $users[0];
} else {
/*
* This openid was not found in the users table. Let's ask the user if he wants
* to create a new user account on the site or else login with his already registered
* account
*/
if ($debug) {
icms_core_Debug::message(_CORE_OID_NOTFOUNDSTEPIS . 'OPENID_STEP_NO_USER_FOUND');
}
$this->step = OPENID_STEP_NO_USER_FOUND;
return FALSE;
}
}
}
}
private function sessionFingerprint($ip, $userAgent)
{
$securityLevel = (int) $this->securityLevel;
$ipv6securityLevel = (int) $this->ipv6securityLevel;
$fingerprint = $this->mainSaltKey;
if (isset($ip) && icms_core_DataFilter::checkVar($ip, 'ip', 'ipv4')) {
if ($securityLevel >= 1) {
$fingerprint .= $userAgent;
}
if ($securityLevel >= 2) {
$num_blocks = abs($securityLevel);
if ($num_blocks > 4) {
$num_blocks = 4;
}
$blocks = explode('.', $ip);
for ($i = 0; $i < $num_blocks; $i++) {
$fingerprint .= $blocks[$i] . '.';
}
}
} elseif (isset($ip) && icms_core_DataFilter::checkVar($ip, 'ip', 'ipv6')) {
if ($securityLevel >= 1) {
$fingerprint .= $userAgent;
}
if ($securityLevel >= 2) {
$num_blocks = abs($securityLevel);
if ($num_blocks > 4) {
$num_blocks = 4;
}
$blocks = explode(':', $ip);
for ($i = 0; $i < $num_blocks; $i++) {
$fingerprint .= $blocks[$i] . ':';
}
}
} else {
icms_core_Debug::message('ERROR (Session Fingerprint): Invalid IP format,
IP must be a valid IPv4 or IPv6 format', false);
$fingerprint = '';
return $fingerprint;
}
return hash('sha256', $fingerprint);
}
$newDbVersion = 19;
}
if ($dbVersion < $newDbVersion) {
$module_handler = icms::handler('icms_module');
$smartprofile_module = $module_handler->getByDirname('smartprofile');
$table = new icms_db_legacy_updater_Table('profile_category');
if ($smartprofile_module && $smartprofile_module->getVar('isactive') && !$table->exists()) {
icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_category") . "` TO `" . icms::$xoopsDB->prefix("profile_category") . "`");
icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_field") . "` TO `" . icms::$xoopsDB->prefix("profile_field") . "`");
icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_visibility") . "` TO `" . icms::$xoopsDB->prefix("profile_visibility") . "`");
icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_profile") . "` TO `" . icms::$xoopsDB->prefix("profile_profile") . "`");
icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_regstep") . "` TO `" . icms::$xoopsDB->prefix("profile_regstep") . "`");
$command = array("ALTER TABLE `" . icms::$xoopsDB->prefix("profile_profile") . "` ADD `newemail` varchar(255) NOT NULL default '' AFTER `profile_id`", "ALTER TABLE `" . icms::$xoopsDB->prefix("profile_field") . "` ADD `exportable` int unsigned NOT NULL default 0 AFTER `step_id`", "UPDATE `" . icms::$xoopsDB->prefix('modules') . "` SET dirname='profile' WHERE dirname='smartprofile'");
foreach ($command as $sql) {
if (!($result = icms::$xoopsDB->queryF($sql))) {
icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . icms::$xoopsDB->error());
return false;
}
}
}
$icmsDatabaseUpdater->updateModuleDBVersion($newDbVersion, 'system');
echo sprintf(_DATABASEUPDATER_UPDATE_OK, icms_conv_nr2local($newDbVersion)) . '<br />';
}
if (!$abortUpdate) {
$newDbVersion = 20;
}
if ($dbVersion < $newDbVersion) {
// Adding configurations of search preferences
$icmsDatabaseUpdater->insertConfig(ICMS_CONF_SEARCH, 'enable_deep_search', '_MD_AM_DODEEPSEARCH', '1', '_MD_AM_DODEEPSEARCHDSC', 'yesno', 'int', 2);
$icmsDatabaseUpdater->insertConfig(ICMS_CONF_SEARCH, 'num_shallow_search', '_MD_AM_NUMINITSRCHRSLTS', '5', '_MD_AM_NUMINITSRCHRSLTSDSC', 'textbox', 'int', 4);
$icmsDatabaseUpdater->updateModuleDBVersion($newDbVersion, 'system');
