Exemplo n.º 1
0
function upcoming_eot()
{
    global $dbtable_prefix;
    $config['days_before'] = 4;
    $query_strlen = 20000;
    $now = gmdate('Ymd');
    $query = "SELECT b.`email`,c.`_user` as `user` FROM `{$dbtable_prefix}payments` a,`" . USER_ACCOUNTS_TABLE . "` b,`{$dbtable_prefix}user_profiles` c WHERE a.`fk_user_id`=b.`" . USER_ACCOUNT_ID . "` AND a.`fk_user_id`=c.`fk_user_id` AND a.`paid_until`='{$now}'-INTERVAL " . $config['days_before'] . " DAY AND a.`is_active`=1 AND a.`is_recurring`=0";
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    $alerts = array();
    while ($rsrow = mysql_fetch_assoc($res)) {
        $alerts[$rsrow['email']] = $rsrow;
    }
    if (!empty($alerts)) {
        $skin = get_default_skin_dir();
        $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . $skin . '/emails/', 'remove_nonjs');
        $tpl->set_file('temp', 'subscr_expire_alert.html');
        $tpl->set_var('tplvars', $tplvars);
        $subject = sprintf($GLOBALS['_lang'][218], _SITENAME_);
        $subject = sanitize_and_format($subject, TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD]);
        $insert = "INSERT INTO `{$dbtable_prefix}queue_email` (`to`,`subject`,`message_body`) VALUES ";
        $iquery = $insert;
        foreach ($alerts as $email => $v) {
            $tpl->set_var('output', $v);
            $message_body = $tpl->process('', 'temp', TPL_LOOP | TPL_OPTLOOP | TPL_OPTIONAL | TPL_FINISH);
            $message_body = sanitize_and_format($message_body, TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTAREA]);
            if (strlen($iquery) > $query_strlen) {
                $iquery = substr($iquery, 0, -1);
                if (!($res = @mysql_query($iquery))) {
                    trigger_error(mysql_error(), E_USER_ERROR);
                }
                $iquery = $insert;
            }
            $iquery .= "('{$email}','{$subject}','{$message_body}'),";
        }
        if ($iquery != $insert) {
            $iquery = substr($iquery, 0, -1);
            if (!($res = @mysql_query($iquery))) {
                trigger_error(mysql_error(), E_USER_ERROR);
            }
        }
    }
    return true;
}
Exemplo n.º 2
0
        }
        if ($rsrow['refunded'] != 0) {
            $rsrow['refunded'] = '(<span class="alert">-$' . $rsrow['refunded'] . '</span>)';
        } else {
            unset($rsrow['refunded']);
        }
        if (!empty($rsrow['is_suspect'])) {
            $rsrow['suspect_reason'] = sanitize_and_format($rsrow['suspect_reason'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
        } else {
            unset($rsrow['is_suspect']);
        }
        $loop[] = $rsrow;
    }
    $output['total'] = number_format($output['total'], 2);
}
//$loop=sanitize_and_format($loop,TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
$output['return2me'] = 'user_payment_history.php';
if (!empty($_SERVER['QUERY_STRING'])) {
    $output['return2me'] .= '?' . $_SERVER['QUERY_STRING'];
}
$output['return2me'] = rawurlencode($output['return2me']);
$tpl->set_file('content', 'user_payment_history.html');
$tpl->set_var('output', $output);
$tpl->set_loop('loop', $loop);
$message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array()));
if (!empty($message)) {
    $tpl->set_var('message', $message['text']);
    $tpl->set_var('message_class', $message['type'] == MESSAGE_ERROR ? 'message_error_small' : ($message['type'] == MESSAGE_INFO ? 'message_info_small' : 'message_info_small'));
}
echo $tpl->process('', 'content', TPL_FINISH | TPL_OPTIONAL | TPL_LOOP | TPL_OPTLOOP);
unset($_SESSION['topass']);
Exemplo n.º 3
0
<?php

include 'tplutil.inc';
include 'phemplate.class.php';
$tpl = new phemplate('slides/pragmatic/');
$tpl->set_var('TITLE', 'My Title');
$tpl->set_var('USER', get_user());
$tpl->set_loop('OPTIONS', get_users(true));
$tpl->set_file('main', 'phemplate.tpl');
echo $tpl->process('out', 'main', 1);
Exemplo n.º 4
0
    }
    $output['ips'] = join(', ', $output['ips']);
}
$output['pic_width'] = get_site_option('pic_width', 'core_photo');
if (empty($output['search_md5'])) {
    unset($output['search_md5']);
}
if (isset($_GET['o'])) {
    $output['o'] = $_GET['o'];
}
if (isset($_GET['r'])) {
    $output['r'] = $_GET['r'];
}
$output['return2me'] = 'profile.php';
if (!empty($_SERVER['QUERY_STRING'])) {
    $output['return2me'] .= '?' . $_SERVER['QUERY_STRING'];
}
$output['return2me'] = rawurlencode($output['return2me']);
if (isset($_GET['return'])) {
    $output['return2'] = sanitize_and_format($_GET['return'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
}
$tpl->set_file('content', 'profile.html');
$tpl->set_loop('categs', $categs);
$tpl->set_var('output', $output);
$tpl->set_var('account', $account);
$tpl->process('content', 'content', TPL_MULTILOOP | TPL_OPTIONAL);
$tpl->drop_loop('categs');
$tplvars['title'] = sprintf('%1$s Member Profile', $output['_user']);
$tplvars['css'] = 'profile.css';
$tplvars['page'] = 'profile';
include 'frame.php';
Exemplo n.º 5
0
 $j = 0;
 foreach ($_pcats as $pcat_id => $pcat) {
     if ((int) $pcat['access_level'] & (int) $_SESSION[_LICENSE_KEY_]['user']['membership']) {
         $temp = $user_cache->get_categ($output['uid'], $pcat_id);
         if (!empty($temp)) {
             $categs[$j]['content'] = $temp;
             // if you prefer a custom layout use {profile.categ_1},{profile.categ_2},etc in <skin>/profile.html,
             // uncomment the line below, remove $tpl->set_loop,
             //				$output['categ_'.$pcat_id]=$temp;
             ++$j;
         }
     } else {
         // not allowed to view this member info
         // maybe we should say something here like "upgrade your membership to view this info"...
         $tpl->set_var('temp', $pcat);
         $temp = $tpl->process('', 'no_access');
         $categs[$j]['content'] = $temp;
         ++$j;
     }
 }
 $categs[count($categs) - 1]['class'] = 'last';
 // get some friends
 $loop_friends = get_network_members($output['uid'], NET_FRIENDS, 4);
 if (!empty($loop_friends)) {
     $loop_friends = $user_cache->get_cache_tpl($loop_friends, 'result_user');
 }
 unset($user_cache);
 // comments
 $loop_comments = create_comments_loop('user', $output['uid'], $output);
 $output['pic_width'] = get_site_option('pic_width', 'core_photo');
 $tplvars['title'] = sprintf($GLOBALS['_lang'][152], $output['user']);
Exemplo n.º 6
0
}
$output['num_photos'] = mysql_result($res, 0, 0);
$query = "SELECT count(*) FROM `{$dbtable_prefix}user_blogs`";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$output['num_blogs'] = mysql_result($res, 0, 0);
$query = "SELECT count(*) FROM `{$dbtable_prefix}blog_posts`";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$output['num_blog_posts'] = mysql_result($res, 0, 0);
$query = "SELECT count(*) as `stat_total`,`level_code` FROM `{$dbtable_prefix}site_log` WHERE `level_code`<>'all' AND `level_code`<>'auth' GROUP BY `level_code` ORDER BY `stat_total` DESC LIMIT 3";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$output['popular_actions'] = '';
$i = 1;
while ($rsrow = mysql_fetch_assoc($res)) {
    $output['popular_actions'] .= $i . ': ' . $rsrow['level_code'] . ' (' . $rsrow['stat_total'] . '), ';
    ++$i;
}
if (!empty($output['popular_actions'])) {
    $output['popular_actions'] = substr($output['popular_actions'], 0, -2);
}
$tpl->set_file('content', 'stats.html');
$tpl->set_var('output', $output);
$tpl->process('content', 'content', TPL_OPTIONAL);
$tplvars['title'] = 'Your admin control panel';
$tplvars['page'] = 'stats';
include 'frame.php';
Exemplo n.º 7
0
/******************************************************************************
Etano
===============================================================================
File:                       index.php
$Revision$
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
//define('CACHE_LIMITER','private');
require 'includes/common.inc.php';
require _BASEPATH_ . '/includes/user_functions.inc.php';
check_login_member('all');
$tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs');
$tpl->set_file('content', 'index.html');
sort($basic_search_fields, SORT_NUMERIC);
$search_loop = create_search_form($basic_search_fields);
$tplvars['title'] = $tplvars['sitename'];
$tpl->set_loop('search', $search_loop);
$tpl->set_var('tplvars', $tplvars);
$tpl->process('content', 'content', TPL_OPTIONAL | TPL_LOOP);
if (!empty($GLOBALS['page_last_modified_time'])) {
    //	header('Expires: '. gmdate('D,d M Y H:i:s',time()+1209600).' GMT',true);	// +14 days
    //	header('Expires: -1',true);
    header('Cache-Control: private, max-age=0', true);
    header('Last-Modified: ' . date('D,d M Y H:i:s', $GLOBALS['page_last_modified_time']) . ' GMT', true);
}
echo $tpl->process('content', 'content', TPL_FINISH | TPL_INCLUDE);
Exemplo n.º 8
0
$output['notify'] = 'http://www.datemill.com/remote/install_notify.php?lk=' . md5(_LICENSE_KEY_) . '&v=' . _INTERNAL_VERSION_ . '&bu=' . rawurlencode(base64_encode(_BASEURL_));
if (!empty($_SESSION['install']['phpbin'])) {
    $output['phpbin'] = $_SESSION['install']['phpbin'];
} else {
    $output['nophpbin'] = true;
    $output['phpbin'] = '/path/to/php';
}
$output['basepath'] = _BASEPATH_;
$output['baseurl'] = _BASEURL_;
$tplvars = array();
$tplvars['page_title'] = 'Etano Install Process';
$tplvars['css'] = 'finish.css';
$tplvars['page'] = 'finish';
$tpl->set_var('output', $output);
$tpl->set_var('tplvars', $tplvars);
$tpl->process('content', 'content', TPL_OPTIONAL);
$tpl->set_file('frame', 'frame.html');
$message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array()));
if (!empty($message)) {
    $message['type'] = !isset($message['type']) || $message['type'] == MESSAGE_ERROR ? 'message_error' : 'message_info';
    if (is_array($message['text'])) {
        $message['text'] = join('<br>', $message['text']);
    }
    $tpl->set_var('message', $message);
}
$tpl->set_var('tplvars', $tplvars);
$fileop = new fileop();
$fileop->delete(_BASEPATH_ . '/install');
echo $tpl->process('frame', 'frame', TPL_FINISH | TPL_OPTIONAL | TPL_INCLUDE);
if (isset($_SESSION['topass'])) {
    unset($_SESSION['topass']);
Exemplo n.º 9
0
if (empty($temp) && function_exists('popen')) {
    $fp = @popen('which php', 'r');
    if ($fp) {
        $temp = fgets($fp);
        if (!empty($temp) && $temp[0] == '/') {
            $_SESSION['install']['phpbin'] = trim($temp);
            $_SESSION['install']['exec'] = 'popen';
        }
        @pclose($fp);
        $fp = @popen('which mysql', 'r');
        $temp = fgets($fp);
        if (!empty($temp) && $temp[0] == '/') {
            $_SESSION['install']['mysqlbin'] = trim($temp);
            $_SESSION['install']['exec'] = 'popen';
        }
        @pclose($fp);
    }
}
if (!$error) {
    $output['continue'] = true;
}
$output['rand'] = mt_rand(1, 10000);
$tplvars = array();
$tplvars['page_title'] = 'Etano Install Process';
$tplvars['css'] = 'index.css';
$tplvars['page'] = 'index';
$tpl->set_var('output', $output);
$tpl->set_var('tplvars', $tplvars);
$tpl->set_loop('rw_files', $rw_files);
$tpl->process('content', 'content', TPL_OPTIONAL | TPL_LOOP);
include 'frame.php';
Exemplo n.º 10
0
function gen_user_cache()
{
    global $dbtable_prefix, $_pfields, $_pcats;
    $dirname = dirname(__FILE__);
    $temp = array();
    if ($dirname[0] == '/') {
        // unixes here
        $temp = explode('/', $dirname);
    } else {
        // windows here
        $temp = explode('\\', $dirname);
    }
    $interval = (int) $temp[count($temp) - 1];
    // that's how often we're executed ;)
    $tpl = new phemplate(_BASEPATH_ . '/skins_site/', 'remove_nonjs');
    $query = "SELECT a.`config_value` FROM `{$dbtable_prefix}site_options3` a,`{$dbtable_prefix}modules` b WHERE a.`config_option`='skin_dir' AND a.`fk_module_code`=b.`module_code` AND b.`module_type`=" . MODULE_SKIN;
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    $skins = array();
    for ($i = 0; $i < mysql_num_rows($res); ++$i) {
        $skins[] = mysql_result($res, $i, 0);
    }
    require _BASEPATH_ . '/includes/classes/Cache/Lite.php';
    $cache = new Cache_Lite($GLOBALS['_cache_config']);
    $now = gmdate('YmdHis');
    $select = '`fk_user_id`,`status`,`del`,UNIX_TIMESTAMP(`last_changed`) as `last_changed`,UNIX_TIMESTAMP(`date_added`) as `date_added`,`_user`,`_photo`,`rad_longitude`,`rad_latitude`';
    $used_fields = array();
    foreach ($_pfields as $field_id => $field) {
        if ($field->config['visible']) {
            $select .= ',' . $field->query_select();
            $used_fields[] = $field_id;
        }
    }
    // create the cache in every skin
    for ($s = 0; isset($skins[$s]); ++$s) {
        $GLOBALS['_lang'] = array();
        $GLOBALS['_pfields'] = array();
        $GLOBALS['_pcats'] = array();
        include _BASEPATH_ . '/skins_site/' . $skins[$s] . '/lang/global.inc.php';
        include _BASEPATH_ . '/includes/fields.inc.php';
        $query = "SELECT {$select} FROM `{$dbtable_prefix}user_profiles` WHERE `status`=" . STAT_APPROVED . " AND `last_changed`>=DATE_SUB('{$now}',INTERVAL " . ($interval + 2) . " MINUTE)";
        //print $query;
        if (!($res = @mysql_query($query))) {
            trigger_error(mysql_error(), E_USER_ERROR);
        }
        while ($profile = mysql_fetch_assoc($res)) {
            for ($i = 0; isset($used_fields[$i]); ++$i) {
                $field =& $_pfields[$used_fields[$i]];
                $field->set_value($profile, false);
                $profile[$field->config['dbfield']] = $field->display();
                // the label should be set after the call to display(). See field_birthdate::display() for explanation.
                $profile[$field->config['dbfield'] . '_label'] = $field->config['label'];
                /*
                				} elseif ($field['field_type']==FIELD_INT || $field['field_type']==FIELD_FLOAT) {
                		//			$profile[$field['dbfield']]=$profile[$field['dbfield']];
                */
            }
            if (empty($profile['_photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $profile['_photo']) || !is_file(_PHOTOPATH_ . '/t2/' . $profile['_photo']) || !is_file(_PHOTOPATH_ . '/' . $profile['_photo'])) {
                $profile['_photo'] = 'no_photo.gif';
            } else {
                $profile['has_photo'] = true;
            }
            $tpl->set_var('profile', $profile);
            // generate the user details for result lists
            $tpl->set_file('temp', $skins[$s] . '/static/result_user.html');
            $towrite = $tpl->process('', 'temp', TPL_OPTIONAL);
            $cache->save($towrite, 'skin' . $skins[$s] . $profile['fk_user_id'] . 'result_user');
            // generate the categories to be used on profile.php page
            $categs = array();
            $tpl->set_file('temp', $skins[$s] . '/static/profile_categ.html');
            foreach ($_pcats as $pcat_id => $pcat) {
                $fields = array();
                $j = 0;
                for ($k = 0; isset($pcat['fields'][$k]); ++$k) {
                    if (in_array($pcat['fields'][$k], $used_fields) && !empty($profile[$_pfields[$pcat['fields'][$k]]->config['dbfield']])) {
                        $fields[$j]['label'] = $profile[$_pfields[$pcat['fields'][$k]]->config['dbfield'] . '_label'];
                        $fields[$j]['field'] = $profile[$_pfields[$pcat['fields'][$k]]->config['dbfield']];
                        $fields[$j]['dbfield'] = $_pfields[$pcat['fields'][$k]]->config['dbfield'];
                        ++$j;
                    }
                }
                $categs['pcat_name'] = $pcat['pcat_name'];
                $categs['pcat_id'] = $pcat_id;
                $tpl->set_loop('fields', $fields);
                $tpl->set_var('categs', $categs);
                $towrite = $tpl->process('', 'temp', TPL_LOOP);
                $cache->save($towrite, 'skin' . $skins[$s] . $profile['fk_user_id'] . 'pcat' . $pcat_id);
                $tpl->drop_loop('fields');
                $tpl->drop_var('categs');
            }
            $tpl->drop_var('profile');
        }
    }
    return true;
}
Exemplo n.º 11
0
function regenerate_skin_cache($skin_module_code = '', $last_id = 0)
{
    $timeout = 120;
    require _BASEPATH_ . '/includes/classes/Cache/Lite.php';
    $cache = new Cache_Lite($GLOBALS['_cache_config']);
    global $dbtable_prefix, $_pfields, $_pcats, $__field2format;
    $tpl = new phemplate(_BASEPATH_ . '/skins_site/', 'remove_nonjs');
    if (empty($skin_module_code)) {
        $query = "SELECT b.`config_value` as `skin_dir` FROM `{$dbtable_prefix}modules` a,`{$dbtable_prefix}site_options3` b WHERE a.`module_type`=" . MODULE_SKIN . " AND a.`module_code`=b.`fk_module_code` AND b.`config_option`='skin_dir'";
    } else {
        $query = "SELECT `config_value` as `skin_dir` FROM `{$dbtable_prefix}site_options3` WHERE `config_option`='skin_dir' AND `fk_module_code`='{$skin_module_code}'";
    }
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    for ($i = 0; $i < mysql_num_rows($res); ++$i) {
        $skins[] = mysql_result($res, $i, 0);
    }
    $now = gmdate('YmdHis');
    $select = '`fk_user_id`,`status`,`del`,UNIX_TIMESTAMP(`last_changed`) as `last_changed`,UNIX_TIMESTAMP(`date_added`) as `date_added`,`_user`,`_photo`,`rad_longitude`,`rad_latitude`';
    $used_fields = array();
    foreach ($_pfields as $field_id => $field) {
        if ($field->config['visible']) {
            $select .= ',' . $field->query_select();
            $used_fields[] = $field_id;
        }
    }
    // create the cache in every skin
    for ($s = 0; isset($skins[$s]); ++$s) {
        $GLOBALS['_lang'] = array();
        $GLOBALS['_pfields'] = array();
        $GLOBALS['_pcats'] = array();
        include _BASEPATH_ . '/skins_site/' . $skins[$s] . '/lang/global.inc.php';
        include _BASEPATH_ . '/includes/fields.inc.php';
        $query = "SELECT {$select} FROM `{$dbtable_prefix}user_profiles` WHERE `status`=" . STAT_APPROVED;
        if (!empty($last_id)) {
            $query .= " AND `fk_user_id`>{$last_id}";
        }
        $query .= " ORDER BY `fk_user_id`";
        if (!($res = @mysql_query($query))) {
            trigger_error(mysql_error(), E_USER_ERROR);
        }
        $start_time = (int) time();
        while ($profile = mysql_fetch_assoc($res)) {
            for ($i = 0; isset($used_fields[$i]); ++$i) {
                $field =& $_pfields[$used_fields[$i]];
                $field->set_value($profile, false);
                $profile[$field->config['dbfield']] = $field->display();
                // the label should be set after the call to display(). See field_birthdate::display() for explanation.
                $profile[$field->config['dbfield'] . '_label'] = $field->config['label'];
            }
            if (empty($profile['_photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $profile['_photo']) || !is_file(_PHOTOPATH_ . '/t2/' . $profile['_photo']) || !is_file(_PHOTOPATH_ . '/' . $profile['_photo'])) {
                $profile['_photo'] = 'no_photo.gif';
            } else {
                $profile['has_photo'] = true;
            }
            $tpl->set_var('profile', $profile);
            // generate the user details for result lists
            $tpl->set_file('temp', $skins[$s] . '/static/result_user.html');
            $towrite = $tpl->process('', 'temp', TPL_OPTIONAL);
            $cache->save($towrite, 'skin' . $skins[$s] . $profile['fk_user_id'] . 'result_user');
            // generate the categories to be used on profile.php page
            $categs = array();
            $tpl->set_file('temp', $skins[$s] . '/static/profile_categ.html');
            foreach ($_pcats as $pcat_id => $pcat) {
                $fields = array();
                $j = 0;
                for ($k = 0; isset($pcat['fields'][$k]); ++$k) {
                    if (in_array($pcat['fields'][$k], $used_fields) && !empty($profile[$_pfields[$pcat['fields'][$k]]->config['dbfield']])) {
                        $fields[$j]['label'] = $profile[$_pfields[$pcat['fields'][$k]]->config['dbfield'] . '_label'];
                        $fields[$j]['field'] = $profile[$_pfields[$pcat['fields'][$k]]->config['dbfield']];
                        $fields[$j]['dbfield'] = $_pfields[$pcat['fields'][$k]]->config['dbfield'];
                        ++$j;
                    }
                }
                $categs['pcat_name'] = $pcat['pcat_name'];
                $categs['pcat_id'] = $pcat_id;
                $tpl->set_loop('fields', $fields);
                $tpl->set_var('categs', $categs);
                $towrite = $tpl->process('', 'temp', TPL_LOOP);
                $cache->save($towrite, 'skin' . $skins[$s] . $profile['fk_user_id'] . 'pcat' . $pcat_id);
                $tpl->drop_loop('fields');
                $tpl->drop_var('categs');
            }
            $tpl->drop_var('profile');
            if ((int) time() - $start_time > $timeout) {
                echo 'To prevent timeouts this script interrupts every few minutes. Press the continue button to resume.<br />';
                echo 'Last user ID processed: ', $profile['fk_user_id'], '<br />';
                echo '<form action="regenerate_skin.php" method="get">';
                echo '<input type="hidden" name="last_id" value="', $profile['fk_user_id'], '" />';
                if (!empty($skin_module_code)) {
                    echo '<input type="hidden" name="s" value="', $skin_module_code, '" />';
                }
                echo '<input type="submit" value="Continue" />';
                echo '</form>';
                die;
            }
        }
    }
}
Exemplo n.º 12
0
                case 'gif':
                case 'jpg':
                case 'png':
                    $files[$j]['file'] = '<a href="javascript:;">' . $entry . '<img src="' . _BASEURL_ . '/' . $path . '/' . $entry . '" /></a>';
                    $files[$j]['class'] = 'file_img';
                    ++$j;
                    break;
                default:
                    $files[$j]['file'] = '<a href="file_edit.php?m=1&f=' . urlencode($path . '/' . $entry) . '">' . $entry . '</a>';
                    $files[$j]['class'] = 'file';
                    ++$j;
            }
        }
    }
}
$d->close();
for ($j = 0; isset($files[$j]); ++$j) {
    $folders[$i + $j] = $files[$j];
}
$html_path = '<a href="javascript:;" onclick="req_content(\'\')">Home</a>';
$temp = '';
for ($i = 0; !empty($path_parts[$i]); ++$i) {
    $temp .= '/' . $path_parts[$i];
    $html_path .= ' / <a href="javascript:;" onclick="req_content(\'' . $temp . '\')">' . $path_parts[$i] . '</a>';
}
$tpl = new phemplate(_BASEPATH_ . '/admin/skin/', 'remove_nonjs');
$tpl->set_file('content', 'file_browser_content.html');
$tpl->set_loop('server_content', $folders);
$tpl->set_var('path', $html_path);
echo $tpl->process('', 'content', TPL_LOOP);
Exemplo n.º 13
0
function send_template_email($to, $subject, $template, $skin, $output = array(), $message_body = '')
{
    $myreturn = true;
    if (empty($message_body)) {
        if (isset($GLOBALS['tpl'])) {
            global $tpl;
            $old_root = $tpl->get_root();
            $tpl->set_root(_BASEPATH_ . '/skins_site/' . $skin . '/');
        } else {
            $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . $skin . '/', 'remove_nonjs');
        }
        $tpl->set_file('temp', 'emails/' . $template);
        if (!empty($output)) {
            $tpl->set_var('output', $output);
        }
        global $tplvars;
        $tpl->set_var('tplvars', $tplvars);
        $message_body = $tpl->process('temp', 'temp', TPL_LOOP | TPL_OPTLOOP | TPL_OPTIONAL | TPL_FINISH);
        $tpl->drop_var('temp');
        $tpl->drop_var('output');
    }
    $config = get_site_option(array('mail_from', 'mail_crlf'), 'core');
    require_once _BASEPATH_ . '/includes/classes/phpmailer.class.php';
    $mail = new PHPMailer();
    $mail->IsHTML(true);
    $mail->From = $config['mail_from'];
    $mail->Sender = $config['mail_from'];
    $mail->FromName = _SITENAME_;
    if ($config['mail_crlf']) {
        $mail->LE = "\r\n";
    } else {
        $mail->LE = "\n";
    }
    $mail->IsMail();
    $mail->AddAddress($to);
    $mail->Subject = $subject;
    $mail->Body = $message_body;
    if (!$mail->Send()) {
        $myreturn = false;
        $GLOBALS['topass']['message']['type'] = MESSAGE_ERROR;
        $GLOBALS['topass']['message']['text'] = $mail->ErrorInfo;
        require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
        new log_error(array('module_name' => 'send_template_email', 'text' => 'sending mail to ' . $to . ' failed:' . $message_body));
    }
    if (isset($old_root)) {
        $tpl->set_root($old_root);
    }
    return $myreturn;
}
Exemplo n.º 14
0
 function process(&$input, $type)
 {
     global $dbtable_prefix, $tpl;
     if (!isset($tpl)) {
         $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs');
     }
     //		require_once _BASEPATH_.'/includes/classes/log_error.class.php';
     //		new log_error(array('module_name'=>get_class($this),'text'=>$type.': new notif from paypal: $_POST:'.var_export($_POST,true).' $_GET:'.var_export($_GET,true).' $input:'.var_export($input,true)));
     if (strcasecmp($input['business'], $this->config['paypal_email']) == 0 || strcasecmp($input['receiver_email'], $this->config['paypal_email']) == 0) {
         // some transformations
         parse_str($input['custom'], $temp);
         if (!empty($temp['uid'])) {
             $input['user_id'] = $temp['uid'];
         }
         $input['dm_item_type'] = $temp['dit'];
         $input['business'] = strtolower($input['business']);
         $input['receiver_email'] = strtolower($input['receiver_email']);
         $input['first_name'] = ucwords(strtolower($input['first_name']));
         $input['last_name'] = ucwords(strtolower($input['last_name']));
         $query = "SELECT get_lock('" . $input['txn_id'] . "',10)";
         if (!($res = @mysql_query($query))) {
             trigger_error(mysql_error(), E_USER_ERROR);
         }
         if (mysql_result($res, 0, 0) == 1) {
             $query = "SELECT `payment_id`,`is_subscr`,`name`,`is_suspect` FROM `{$dbtable_prefix}payments` WHERE `gw_txn`='" . $input['txn_id'] . "' AND `date`>=now()-INTERVAL 1 DAY";
             if (!($res = @mysql_query($query))) {
                 trigger_error(mysql_error(), E_USER_ERROR);
             }
             if (mysql_num_rows($res)) {
                 // the other process already did the job. Let's release the lock
                 if ($type == 'pdt') {
                     $output = mysql_fetch_assoc($res);
                     // tell member that he will receive everything by email
                     if ($output['is_subscr']) {
                         if ($output['is_suspect']) {
                             $tpl->set_file('gateway_text', 'thankyou_subscr_nok.html');
                         } else {
                             $tpl->set_file('gateway_text', 'thankyou_subscr_ok.html');
                         }
                     } else {
                         $tpl->set_file('gateway_text', 'thankyou_prod_nok.html');
                     }
                     $tpl->set_var('output', $output);
                     $tpl->process('gateway_text', 'gateway_text', TPL_OPTIONAL);
                 }
                 $query = "SELECT release_lock('" . $input['txn_id'] . "')";
                 if (!($res = @mysql_query($query))) {
                     trigger_error(mysql_error(), E_USER_ERROR);
                 }
             } else {
                 // we arrived before the other process, let's do the dirty work...
                 if ($input['dm_item_type'] == 'subscr') {
                     $query = "SELECT `" . USER_ACCOUNT_ID . "` as `user_id`,`" . USER_ACCOUNT_USER . "` as `user` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "`=" . $input['user_id'];
                     if (!($res = @mysql_query($query))) {
                         trigger_error(mysql_error(), E_USER_ERROR);
                     }
                     if (mysql_num_rows($res)) {
                         $real_user = mysql_fetch_assoc($res);
                         if (strcasecmp($input['txn_type'], 'web_accept') == 0 || strcasecmp($input['txn_type'], 'send_money') == 0 || strcasecmp($input['txn_type'], 'subscr_payment') == 0) {
                             if (strcasecmp($input['payment_status'], 'Completed') == 0) {
                                 $query = "SELECT `subscr_id`,`price`,`m_value_to`,`duration` FROM `{$dbtable_prefix}subscriptions` WHERE `subscr_id`=" . $input['item_number'] . " AND `is_visible`=1";
                                 if (!($res = @mysql_query($query))) {
                                     trigger_error(mysql_error(), E_USER_ERROR);
                                 }
                                 if (mysql_num_rows($res)) {
                                     $real_subscr = mysql_fetch_assoc($res);
                                     if (number_format($real_subscr['price'], 2) == number_format($input['mc_gross'], 2)) {
                                         if ($input['test_ipn'] != 1 || $this->config['demo_mode'] == 1 && $input['test_ipn'] == 1) {
                                             require_once _BASEPATH_ . '/includes/iso31661a2.inc.php';
                                             if (isset($GLOBALS['iso31661a2'][$input['residence_country']])) {
                                                 $input['country'] = $GLOBALS['iso31661a2'][$input['residence_country']];
                                                 $input['email'] = $input['payer_email'];
                                                 $this->check_fraud($input);
                                             } else {
                                                 $this->is_fraud = true;
                                                 $this->fraud_reason = 'Invalid country code received from paypal. Please contact administrator.';
                                                 require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                                                 new log_error(array('module_name' => get_class($this), 'text' => 'country code received from paypal not found in iso31661a2.inc.php file' . array2qs($_POST)));
                                             }
                                             if (!empty($real_subscr['duration'])) {
                                                 // if the old subscription is not over yet, we need to extend the new one with some days
                                                 $query = "SELECT a.`payment_id`,UNIX_TIMESTAMP(a.`paid_until`) as `paid_until`,b.`price`,b.`duration` FROM `{$dbtable_prefix}payments` a LEFT JOIN `{$dbtable_prefix}subscriptions` b ON a.`fk_subscr_id`=b.`subscr_id` WHERE a.`fk_user_id`=" . $real_user['user_id'] . " AND a.`refunded`=0 AND a.`is_active`=1 AND a.`is_subscr`=1 AND a.`m_value_to`>2 ORDER BY a.`paid_until` DESC LIMIT 1";
                                                 if (!($res = @mysql_query($query))) {
                                                     trigger_error(mysql_error(), E_USER_ERROR);
                                                 }
                                                 if (mysql_num_rows($res)) {
                                                     $rsrow = mysql_fetch_assoc($res);
                                                     $time = mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y'));
                                                     if ((int) $rsrow['paid_until'] > (int) $time) {
                                                         $remaining_days = ((int) $rsrow['paid_until'] - (int) $time) / 86400;
                                                         //86400 seconds in a day
                                                         if ($remaining_days > 0) {
                                                             $remaining_value = (int) $rsrow['price'] / (int) $rsrow['duration'] * $remaining_days;
                                                             $day_value_new = (int) $real_subscr['price'] / (int) $real_subscr['duration'];
                                                             $days_append = round($remaining_value / $day_value_new);
                                                             $real_subscr['duration'] = (int) $real_subscr['duration'];
                                                             $real_subscr['duration'] += $days_append;
                                                         }
                                                     }
                                                 }
                                             }
                                             $now = gmdate('Ymd');
                                             // all old active subscriptions end now!
                                             $query = "UPDATE `{$dbtable_prefix}payments` SET `paid_until`='{$now}',`is_active`=0 WHERE `fk_user_id`=" . $real_user['user_id'] . " AND `is_active`=1 AND `is_subscr`=1";
                                             if (!($res = @mysql_query($query))) {
                                                 trigger_error(mysql_error(), E_USER_ERROR);
                                             }
                                             // insert the new subscription
                                             $query = "INSERT INTO `{$dbtable_prefix}payments` SET `is_active`=1,`fk_user_id`=" . $real_user['user_id'] . ",`_user`='" . $real_user['user'] . "',`gateway`='" . $this->module_code . "',`is_subscr`=1,`fk_subscr_id`=" . $real_subscr['subscr_id'] . ",`gw_txn`='" . $input['txn_id'] . "',`name`='" . $input['first_name'] . ' ' . $input['last_name'] . "',`country`='" . $input['country'] . "',`email`='" . $input['payer_email'] . "',`m_value_to`=" . $real_subscr['m_value_to'] . ",`amount_paid`='" . $input['mc_gross'] . "',`is_suspect`=" . (int) $this->is_fraud . ",`suspect_reason`='" . $this->fraud_reason . "',`paid_from`='{$now}',`date`=now()";
                                             if (!empty($real_subscr['duration'])) {
                                                 $query .= ",`paid_until`='{$now}'+INTERVAL " . $real_subscr['duration'] . ' DAY';
                                             }
                                             if (!($res = @mysql_query($query))) {
                                                 trigger_error(mysql_error(), E_USER_ERROR);
                                             }
                                             if (!$this->is_fraud) {
                                                 $query = "UPDATE `" . USER_ACCOUNTS_TABLE . "` SET `membership`=" . $real_subscr['m_value_to'] . " WHERE `" . USER_ACCOUNT_ID . "`=" . $real_user['user_id'];
                                                 if (!($res = @mysql_query($query))) {
                                                     trigger_error(mysql_error(), E_USER_ERROR);
                                                 }
                                                 $myreturn = true;
                                                 add_member_score($real_user['user_id'], 'payment');
                                                 if ($type == 'pdt') {
                                                     $tpl->set_file('gateway_text', 'thankyou_subscr_ok.html');
                                                 }
                                             } else {
                                                 if ($type == 'pdt') {
                                                     $output['name'] = $input['card_holder_name'];
                                                     $tpl->set_file('gateway_text', 'thankyou_subscr_nok.html');
                                                     $tpl->set_var('output', $output);
                                                     $tpl->process('gateway_text', 'gateway_text', TPL_OPTIONAL);
                                                 }
                                                 // DEPT_ADMIN from includes/admin_functions.inc.php is hardcoded below as 4
                                                 $query = "SELECT `email` FROM `{$dbtable_prefix}admin_accounts` WHERE `dept_id`=4 ORDER BY `admin_id` DESC LIMIT 1";
                                                 if (!($res = @mysql_query($query))) {
                                                     trigger_error(mysql_error(), E_USER_ERROR);
                                                 }
                                                 if (mysql_num_rows($res)) {
                                                     send_template_email(mysql_result($res, 0, 0), 'Possible fraud detected on ' . _SITENAME_ . ', please investigate', '', '', array(), $this->module_code . ' TXN: ' . $input['txn_id'] . ': ' . $this->fraud_reason);
                                                 }
                                             }
                                         } else {
                                             // a demo transaction when we're not in demo mode
                                             if ($type == 'pdt') {
                                                 $tpl->set_var('gateway_text', $GLOBALS['_lang'][187]);
                                             }
                                             require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                                             new log_error(array('module_name' => get_class($this), 'text' => 'Demo transaction when demo is not enabled: ' . array2qs($_POST)));
                                         }
                                     } else {
                                         // paid price doesn't match the subscription price
                                         if ($type == 'pdt') {
                                             $tpl->set_var('gateway_text', $GLOBALS['_lang'][188]);
                                         }
                                         require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                                         new log_error(array('module_name' => get_class($this), 'text' => 'Invalid amount paid: ' . array2qs($_POST)));
                                     }
                                 } else {
                                     // if the subscr_id was not found
                                     if ($type == 'pdt') {
                                         $tpl->set_var('gateway_text', $GLOBALS['_lang'][189]);
                                     }
                                     require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                                     new log_error(array('module_name' => get_class($this), 'text' => 'Invalid subscr_id received after payment: ' . array2qs($_POST)));
                                 }
                             } else {
                                 if ($type == 'pdt') {
                                     $tpl->set_var('gateway_text', $GLOBALS['_lang'][190]);
                                 }
                                 require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                                 new log_error(array('module_name' => get_class($this), 'text' => 'Payment status not Completed: ' . $input['payment_status'] . "\n" . array2qs($_POST)));
                             }
                         } elseif (strcasecmp($input['txn_type'], 'subscr_eot') == 0) {
                             $query = "SELECT `payment_id` FROM `{$dbtable_prefix}payments` WHERE `fk_user_id`=" . $real_user['user_id'] . " AND `fk_subscr_id`=" . $input['item_number'] . " AND `is_active`=1 ORDER BY `payment_id` DESC LIMIT 1";
                             if (!($res = @mysql_query($query))) {
                                 trigger_error(mysql_error(), E_USER_ERROR);
                             }
                             if (mysql_num_rows($res)) {
                                 $payment_id = mysql_result($res, 0, 0);
                                 $now = gmdate('Ymd');
                                 $query = "UPDATE `{$dbtable_prefix}payments` SET `paid_until`='{$now}' WHERE `payment_id`={$payment_id}";
                                 if (!($res = @mysql_query($query))) {
                                     trigger_error(mysql_error(), E_USER_ERROR);
                                 }
                             } else {
                                 // invalid eot.
                                 require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                                 new log_error(array('module_name' => get_class($this), 'text' => 'Received End of Term notification for a subscription but subscription doesn\'t exist or not active. Maybe this member has 2 running subscriptions? ' . array2qs($_POST)));
                             }
                         } else {
                             // unhandled txn_type
                             if ($type == 'pdt') {
                                 $tpl->set_var('gateway_text', $GLOBALS['_lang'][191]);
                             }
                             require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                             new log_error(array('module_name' => get_class($this), 'text' => 'Unhandled txn_type (probably not an error): ' . $input['txn_type'] . "\n" . array2qs($_POST)));
                         }
                     } else {
                         // if the user_id was not found
                         if ($type == 'pdt') {
                             $tpl->set_var('gateway_text', $GLOBALS['_lang'][192]);
                         }
                         require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                         new log_error(array('module_name' => get_class($this), 'text' => 'Invalid user_id received after payment: ' . array2qs($_POST)));
                     }
                 } elseif ($input['dm_item_type'] == 'prod') {
                     // no product support for now in Etano
                     require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                     new log_error(array('module_name' => get_class($this), 'text' => 'Received dm_item_type=prod but we are not selling products: ' . array2qs($_POST)));
                 } else {
                     // dm_item_type is neither 'prod' nor 'subscr'
                     if ($type == 'pdt') {
                         $tpl->set_var('gateway_text', $GLOBALS['_lang'][193]);
                     }
                     require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
                     new log_error(array('module_name' => get_class($this), 'text' => 'Invalid dm_item_type: ' . array2qs($_POST)));
                 }
                 // job done, release the lock
                 $query = "SELECT release_lock('" . $input['txn_id'] . "')";
                 if (!($res = @mysql_query($query))) {
                     trigger_error(mysql_error(), E_USER_ERROR);
                 }
             }
         } else {
             // we could not obtain the lock.
             // The other process is taking too long but at least this should mean that it is handling this
         }
     } else {
         require_once _BASEPATH_ . '/includes/classes/log_error.class.php';
         new log_error(array('module_name' => get_class($this), 'text' => 'Payment was not made into our account: ' . array2qs($_POST)));
     }
 }
Exemplo n.º 15
0
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN | DEPT_MODERATOR);
$output['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
$output['return'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
$tpl = new phemplate('skin/', 'remove_nonjs');
if (isset($_GET['top'])) {
    $content_file = 'user_login_top.html';
    $tpl->set_var('user', $_SESSION[_LICENSE_KEY_]['user']);
} else {
    $content_file = 'user_login.html';
    if (strpos($output['return'], '?') === false) {
        $qs_sep = '?';
    } else {
        $qs_sep = '&';
    }
    $output['return'] .= $qs_sep . 'clean_user_session=1';
    $output['return'] = rawurlencode($output['return']);
    $query = "SELECT a.`" . USER_ACCOUNT_ID . "` as `user_id`,b.`_user` as `user`,a.`status`,a.`membership`,UNIX_TIMESTAMP(a.`last_activity`) as `last_activity`,a.`email`,b.`status` as `pstat` FROM `" . USER_ACCOUNTS_TABLE . "` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`" . USER_ACCOUNT_ID . "`=b.`fk_user_id` WHERE a.`" . USER_ACCOUNT_ID . "`=" . $output['uid'];
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    if (mysql_num_rows($res)) {
        $user = mysql_fetch_assoc($res);
        $user['prefs'] = get_user_settings($user['user_id'], 'def_user_prefs', array('date_format', 'datetime_format', 'time_offset', 'rate_my_photos', 'profile_comments'));
        $_SESSION[_LICENSE_KEY_]['user'] = $user;
    }
}
$tpl->set_file('content', $content_file);
$tpl->set_var('output', $output);
echo $tpl->process('', 'content');
Exemplo n.º 16
0
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$main = sanitize_and_format_gpc($_GET, 'main', TYPE_INT, 0, 0);
$photo_id = sanitize_and_format_gpc($_GET, 'photo_id', TYPE_INT, 0, 0);
$user_id = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
$photo = array();
$query = '';
if (!empty($photo_id)) {
    $query = "SELECT `photo_id`,`photo`,`fk_user_id`,`_user` as `user` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id`={$photo_id}";
} elseif (!empty($main) && !empty($user_id)) {
    $query = "SELECT `photo_id`,`photo`,`fk_user_id`,`_user` as `user` FROM `{$dbtable_prefix}user_photos` WHERE `fk_user_id`={$user_id} AND `is_main`=1";
}
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
    $photo = mysql_fetch_assoc($res);
}
$tpl->set_file('content', 'popup_photo_view.html');
$tpl->set_var('photo', $photo);
$tpl->set_var('tplvars', $tplvars);
echo $tpl->process('', 'content', TPL_FINISH);
Exemplo n.º 17
0
<?php

/******************************************************************************
Etano
===============================================================================
File:                       admin/index.php
$Revision$
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
require_once '../includes/common.inc.php';
if (!isset($_SESSION[_LICENSE_KEY_]['admin']['admin_id'])) {
    if (!empty($_SESSION['topass'])) {
        $topass = $_SESSION['topass'];
        $_SESSION['topass'] = array();
    }
    $message = isset($topass['message']) ? $topass['message'] : '';
    $tpl = new phemplate('skin/', 'remove_nonjs');
    $tpl->set_file('frame', 'index.html');
    $tpl->set_var('title', 'Admin panel login');
    $tpl->set_var('baseurl', _BASEURL_);
    $tpl->set_var('message', $message);
    $tpl->set_var('tplvars', $tplvars);
    echo $tpl->process('', 'frame', TPL_FINISH);
} else {
    redirect2page('admin/cpanel.php');
}
Exemplo n.º 18
0
             $topass['message']['text'][] = 'FTP Host is wrong.';
         }
     } else {
         $error = true;
         $topass['message']['type'] = MESSAGE_ERROR;
         $topass['message']['text'][] = 'Server configuration does not allow ftp connections.';
     }
 }
 if (!$error) {
     $input['fileop_mode'] = $_SESSION['install']['write'];
     $input['license_key'] = strtoupper(gen_pass(22));
     $input['license_key_md5'] = md5($input['license_key']);
     $tpl = new phemplate('../skin/', 'remove_nonjs');
     $tpl->set_file('content', 'defines.inc.php');
     $tpl->set_var('input', $input);
     $towrite = $tpl->process('content', 'content', TPL_FINISH);
     define('_BASEPATH_', $input['basepath']);
     define('_FILEOP_MODE_', $input['fileop_mode']);
     define('_FTPHOST_', $input['ftphost']);
     define('_FTPPATH_', $input['ftppath']);
     define('_FTPUSER_', $input['ftpuser']);
     define('_FTPPASS_', $input['ftppass']);
     require_once '../../includes/classes/fileop.class.php';
     $fileop = new fileop();
     $fileop->delete($input['basepath'] . '/includes/defines.inc.php');
     $fileop->file_put_contents($input['basepath'] . '/includes/defines.inc.php', $towrite);
     $_SESSION['install']['input'] = $input;
 } else {
     $nextpage = 'install/step2.php';
     // 		you must re-read all textareas from $_POST like this:
     //		$input['x']=addslashes_mq($_POST['x']);
Exemplo n.º 19
0
File:                       admin/error_log_view.php
$Revision$
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
if (!empty($_GET['log_id'])) {
    $log_id = (int) $_GET['log_id'];
    $query = "SELECT `error` FROM `{$dbtable_prefix}error_log` WHERE `log_id`={$log_id}";
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    if (mysql_num_rows($res)) {
        $output = mysql_fetch_assoc($res);
    }
}
if (empty($output['return'])) {
    $output['return2'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
    $output['return'] = rawurlencode($output['return2']);
}
$tpl->set_file('content', 'error_log_view.html');
$tpl->set_var('output', $output);
$tpl->set_var('tplvars', $tplvars);
print $tpl->process('content', 'content', TPL_FINISH);
Exemplo n.º 20
0
        $error = true;
        $topass['message']['type'] = MESSAGE_ERROR;
        $topass['message']['text'] = 'Please enter the subject.';
    }
    if (empty($input['reject_reason'])) {
        $error = true;
        $topass['message']['type'] = MESSAGE_ERROR;
        $topass['message']['text'] = 'Please enter the reason.';
    }
}
if (!$error) {
    $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . $def_skin . '/', 'remove_nonjs');
    $tpl->set_file('temp', 'emails/general.html');
    $tpl->set_var('output.content', $input['reject_reason']);
    $tpl->set_var('tplvars', $tplvars);
    $input['reject_reason'] = $tpl->process('temp', 'temp', TPL_FINISH | TPL_OPTIONAL | TPL_INCLUDE);
    $tpl->drop_var('temp');
    $tpl->drop_var('output.content');
    $reject_reason_email = $input['reject_reason'];
    // for email
    $input['reject_reason'] = sanitize_and_format($input['reject_reason'], TYPE_STRING, $__field2format[FIELD_TEXTAREA]);
    switch ($input['t']) {
        case AMTPL_REJECT_MEMBER:
            $query = "UPDATE `{$dbtable_prefix}user_profiles` SET `status`=" . STAT_EDIT . ",`last_changed`='" . gmdate('YmdHis') . "',`reject_reason`='" . $input['reject_reason'] . "' WHERE `fk_user_id`=" . $input['id'];
            if (!($res = @mysql_query($query))) {
                trigger_error(mysql_error(), E_USER_ERROR);
            }
            if (!empty($input['send_email'])) {
                $query = "SELECT `email` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "`=" . $input['id'];
                if (!($res = @mysql_query($query))) {
                    trigger_error(mysql_error(), E_USER_ERROR);
Exemplo n.º 21
0
            $topass['message']['text'] = 'Error reading the package';
        }
    } else {
        $error = true;
        $topass['message']['type'] = MESSAGE_ERROR;
        $topass['message']['text'] = 'File is not a valid Etano package';
    }
}
if (isset($p) && $p->error && !empty($p->manual_actions)) {
    $tpl->set_file('content', 'package_install.html');
    $tpl->set_loop('manual_actions', $p->manual_actions);
    $output['f'] = $file;
    $output['finish'] = $install_index;
    $output['show_finish'] = $show_finish;
    $tpl->set_var('output', $output);
    $tpl->process('content', 'content', TPL_LOOP | TPL_OPTIONAL);
    $tplvars['title'] = 'Package Manager';
    $tplvars['page'] = 'package_install';
    $tplvars['css'] = 'package_install.css';
    include 'frame.php';
} elseif ($ui_request) {
    $tpl->set_file('content', 'package_ui.html');
    $tpl->set_var('output', $p->ui);
    $tpl->process('content', 'content');
    $tplvars['title'] = 'Package Manager';
    $tplvars['page'] = 'package_install';
    $tplvars['css'] = 'package_install.css';
    include 'frame.php';
} else {
    if (!$error) {
        $topass['message']['type'] = MESSAGE_INFO;
Exemplo n.º 22
0
    $memberships[] = $rsrow['m_value'];
    $cols[]['content'] = $rsrow['m_name'];
}
$rows[0]['cols'] = $cols;
$query = "SELECT `level_diz`,`level` FROM `{$dbtable_prefix}access_levels` WHERE `level_code`<>'login'";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$j = 1;
while ($rsrow = mysql_fetch_assoc($res)) {
    $cols = array();
    $rows[$j]['level_diz'] = $rsrow['level_diz'];
    for ($i = 0; isset($memberships[$i]); ++$i) {
        if ((int) $rsrow['level'] & (int) $memberships[$i]) {
            $cols[]['content'] = '<img src="' . $tplvars['tplrelpath'] . '/images/check.gif" />';
        } else {
            $cols[]['content'] = '&nbsp;';
        }
    }
    $rows[$j]['cols'] = $cols;
    ++$j;
}
$tpl->set_file('content', 'plan-comparision-chart.html');
$tpl->set_loop('rows', $rows);
$tpl->process('content', 'content', TPL_MULTILOOP);
$tplvars['title'] = $GLOBALS['_lang'][245];
$tplvars['page_title'] = $GLOBALS['_lang'][245];
$tplvars['page'] = 'plan';
$tplvars['css'] = 'plan-comparision-chart.css';
$no_timeout = true;
include 'frame.php';
Exemplo n.º 23
0
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    while ($rsrow = mysql_fetch_assoc($res)) {
        $rsrow['currency'] = isset($accepted_currencies[$rsrow['currency']]) ? $accepted_currencies[$rsrow['currency']] : '';
        $rsrow['subscr_name'] = sanitize_and_format($rsrow['subscr_name'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
        if (!empty($rsrow['is_recurent'])) {
            $rsrow['is_recurent'] = '<img src="skin/images/refresh.gif" title="Recuring" />';
        } else {
            unset($rsrow['is_recurent']);
        }
        if (!empty($rsrow['is_visible'])) {
            $rsrow['is_visible'] = '<img src="skin/images/check.gif" />';
        } else {
            unset($rsrow['is_visible']);
        }
        if (empty($rsrow['duration'])) {
            $rsrow['duration'] = 'Lifetime';
        } else {
            $rsrow['duration'] .= ' days';
        }
        $subscriptions[] = $rsrow;
    }
}
$tpl->set_file('content', 'subscriptions.html');
$tpl->set_loop('subscriptions', $subscriptions);
$tpl->process('content', 'content', TPL_LOOP | TPL_NOLOOP);
$tpl->drop_loop('subscriptions');
$tplvars['title'] = 'Site Subscriptions';
$tplvars['page'] = 'subscriptions';
include 'frame.php';
Exemplo n.º 24
0
$networks = array();
$i = 0;
while ($rsrow = mysql_fetch_assoc($res)) {
    $rsrow['network'] = sanitize_and_format($rsrow['network'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
    $net_members = get_network_members($_SESSION[_LICENSE_KEY_]['user']['user_id'], $rsrow['net_id'], 4);
    if (!empty($net_members)) {
        $rsrow['members'] = $user_cache->get_cache_tpl($net_members, 'result_user');
    }
    if (!empty($rsrow['members'])) {
        $rsrow['see_all'] = true;
        $networks[] = $rsrow;
    }
}
$output = array();
$output['user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
$tpl->set_file('content', 'my_networks.html');
$tpl->set_var('output', $output);
$tpl->set_loop('networks', $networks);
$tpl->process('content', 'content', TPL_MULTILOOP | TPL_OPTLOOP | TPL_NOLOOP);
$tpl->drop_loop('networks');
unset($networks);
$tplvars['title'] = $GLOBALS['_lang'][240];
$tplvars['page_title'] = $GLOBALS['_lang'][240];
$tplvars['page'] = 'my_networks';
$tplvars['css'] = 'my_networks.css';
if (is_file('my_networks_left.php')) {
    include 'my_networks_left.php';
}
unset($page_last_modified_time);
// we want everything fresh on this page.
include 'frame.php';
Exemplo n.º 25
0
Etano
===============================================================================
File:                       admin/site_skins_addedit.php
$Revision$
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/tables/site_skins.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$site_skins = $site_skins_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
    $site_skins = $_SESSION['topass']['input'];
} elseif (!empty($_GET['module_code'])) {
    $module_code = sanitize_and_format($_GET['module_code'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
    $site_skins = get_site_option(array(), $module_code);
    $site_skins = sanitize_and_format($site_skins, TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
    $site_skins['fk_module_code'] = $module_code;
}
$site_skins['fk_locale_id'] = dbtable2options("`{$dbtable_prefix}locales`", '`locale_id`', '`locale_name`', '`locale_name`', $site_skins['fk_locale_id']);
$tpl->set_file('content', 'site_skins_addedit.html');
$tpl->set_var('site_skins', $site_skins);
$tpl->process('content', 'content');
$tplvars['title'] = 'Site Skins';
$tplvars['page'] = 'site_skins_addedit';
include 'frame.php';
Exemplo n.º 26
0
function search_alerts()
{
    global $dbtable_prefix, $tplvars;
    $skin = get_default_skin_dir();
    require_once _BASEPATH_ . '/includes/search_functions.inc.php';
    require_once _BASEPATH_ . '/includes/access_levels.inc.php';
    //	require_once _BASEPATH_.'/includes/user_functions.inc.php';
    $tplvars['tplrelpath'] = _BASEPATH_ . '/skins_site/' . $skin;
    $config['limit_results'] = 5;
    $query_strlen = 20000;
    $query = "SELECT a.`search_id`,a.`fk_user_id`,a.`title`,a.`search`,a.`search_qs`,a.`alert_last_id`,UNIX_TIMESTAMP(a.`alert_last_sent`) as `alert_last_sent`,b.`membership`,c.`_user` as `user`,b.`email` FROM `{$dbtable_prefix}user_searches` a,`" . USER_ACCOUNTS_TABLE . "` b,`{$dbtable_prefix}user_profiles` c WHERE a.`fk_user_id`=b.`" . USER_ACCOUNT_ID . "` AND a.`fk_user_id`=c.`fk_user_id` AND a.`alert`=1";
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    if (mysql_num_rows($res)) {
        $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . $skin . '/emails/', 'remove_nonjs');
        $tpl->set_file('temp', 'search_alert.html');
        $tpl->set_var('tplvars', $tplvars);
        $subject = sprintf($GLOBALS['_lang'][217], _SITENAME_);
        $subject = sanitize_and_format($subject, TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD]);
        require_once _BASEPATH_ . '/includes/classes/user_cache.class.php';
        $user_cache = new user_cache($skin);
        $insert = "INSERT INTO `{$dbtable_prefix}queue_email` (`to`,`subject`,`message_body`) VALUES ";
        $iquery = $insert;
        $alert_intervals = array();
        $now = time();
        while ($rsrow = mysql_fetch_assoc($res)) {
            if (!isset($alert_intervals[$rsrow['fk_user_id']])) {
                $alert_intervals[$rsrow['fk_user_id']] = get_user_settings($rsrow['fk_user_id'], 'def_user_prefs', 'send_alert_interval') * 86400;
            }
            if ((int) $now - (int) $rsrow['alert_last_sent'] >= (int) $alert_intervals[$rsrow['fk_user_id']]) {
                $output = array();
                $rsrow['search'] = unserialize($rsrow['search']);
                $rsrow['search']['min_user_id'] = $rsrow['alert_last_id'];
                $user_ids = search_results($rsrow['search'], $rsrow['membership']);
                if (!empty($user_ids)) {
                    $GLOBALS['_list_of_online_members'] = get_online_ids();
                    $last_user_id = 0;
                    for ($i = 0; isset($user_ids[$i]); ++$i) {
                        if ($user_ids[$i] > $last_user_id) {
                            $last_user_id = $user_ids[$i];
                        }
                    }
                    $user_ids = array_slice($user_ids, 0, $config['limit_results']);
                    // last activity only for not online members
                    $temp = array();
                    $inject_by_uid = array();
                    for ($i = 0; isset($user_ids[$i]); ++$i) {
                        if (!isset($GLOBALS['_list_of_online_members'][$user_ids[$i]])) {
                            $temp[] = $user_ids[$i];
                        } else {
                            $inject_by_uid[$user_ids[$i]] = array('last_online' => $GLOBALS['_lang'][153]);
                        }
                    }
                    if (!empty($temp)) {
                        $time = mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y'));
                        $query = "SELECT `" . USER_ACCOUNT_ID . "` as `uid`,UNIX_TIMESTAMP(`last_activity`) as `last_activity` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "` IN ('" . join("','", $temp) . "')";
                        if (!($res2 = @mysql_query($query))) {
                            trigger_error(mysql_error(), E_USER_ERROR);
                        }
                        while ($rsrow2 = mysql_fetch_assoc($res2)) {
                            $rsrow2['last_activity'] = $time - $rsrow2['last_activity'];
                            if ($rsrow2['last_activity'] < 86400) {
                                $inject_by_uid[$rsrow2['uid']] = array('last_online' => $GLOBALS['_lang'][154]);
                            } elseif ($rsrow2['last_activity'] < 172800) {
                                $inject_by_uid[$rsrow2['uid']] = array('last_online' => $GLOBALS['_lang'][155]);
                            } elseif ($rsrow2['last_activity'] < 604800) {
                                $inject_by_uid[$rsrow2['uid']] = array('last_online' => $GLOBALS['_lang'][156]);
                            } elseif ($rsrow2['last_activity'] < 2419200) {
                                $inject_by_uid[$rsrow2['uid']] = array('last_online' => $GLOBALS['_lang'][157]);
                            } else {
                                $inject_by_uid[$rsrow2['uid']] = array('last_online' => $GLOBALS['_lang'][158]);
                            }
                        }
                    }
                    $cell_css_classes = array();
                    for ($i = 0; isset($user_ids[$i]); ++$i) {
                        if (isset($GLOBALS['_list_of_online_members'][$user_ids[$i]])) {
                            $cell_css_classes[$i] = 'is_online';
                        }
                    }
                    $output['results'] = smart_table($user_cache->get_cache_array($user_ids, 'result_user', $inject_by_uid), 5, 'list_view', $cell_css_classes);
                    $output['title'] = sanitize_and_format($rsrow['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
                    $output['search_qs'] = $rsrow['search_qs'];
                    $output['user'] = $rsrow['user'];
                    $tpl->set_var('output', $output);
                    $message_body = $tpl->process('', 'temp', TPL_LOOP | TPL_OPTLOOP | TPL_OPTIONAL | TPL_FINISH);
                    $message_body = sanitize_and_format($message_body, TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTAREA]);
                    if (strlen($iquery) > $query_strlen) {
                        $iquery = substr($iquery, 0, -1);
                        if (!($res2 = @mysql_query($iquery))) {
                            trigger_error(mysql_error(), E_USER_ERROR);
                        }
                        $iquery = $insert;
                    }
                    $iquery .= "('" . $rsrow['email'] . "','{$subject}','{$message_body}'),";
                    $query = "UPDATE `{$dbtable_prefix}user_searches` SET `alert_last_id`={$last_user_id},`alert_last_sent`=now() WHERE `search_id`=" . $rsrow['search_id'];
                    @mysql_query($query);
                }
            }
        }
        if ($iquery != $insert) {
            $iquery = substr($iquery, 0, -1);
            if (!($res2 = @mysql_query($iquery))) {
                trigger_error(mysql_error(), E_USER_ERROR);
            }
        }
    }
    return true;
}