Exemplo n.º 1
0
 /**
  * set contact information.
  *
  * @access public
  * @return void
  */
 public function setContact()
 {
     if (!empty($_POST)) {
         if (!empty($_POST['email'])) {
             if (!validater::checkEmail($this->post->email)) {
                 $this->send(array('result' => 'fail', 'message' => $this->lang->company->error->email));
             }
         }
         $contact = array('contact' => helper::jsonEncode($_POST));
         $result = $this->loadModel('setting')->setItems('system.common.company', $contact);
         if ($result) {
             $this->send(array('result' => 'success', 'message' => $this->lang->setSuccess));
         }
         $this->send(array('result' => 'fail', 'message' => $this->lang->fail));
     }
     $this->view->title = $this->lang->company->setContact;
     $this->view->contact = json_decode($this->config->company->contact);
     $this->display();
 }
Exemplo n.º 2
0
 /**
  * Detect email config auto.
  * 
  * @access public
  * @return void
  */
 public function detect()
 {
     if ($_POST) {
         $error = '';
         if ($this->post->fromAddress == false) {
             $error = sprintf($this->lang->error->notempty, $this->lang->mail->fromAddress);
         }
         if (!validater::checkEmail($this->post->fromAddress)) {
             $error .= '\\n' . sprintf($this->lang->error->email, $this->lang->mail->fromAddress);
         }
         if ($error) {
             die(js::alert($error));
         }
         $mailConfig = $this->mail->autoDetect($this->post->fromAddress);
         $mailConfig->fromAddress = $this->post->fromAddress;
         $this->session->set('mailConfig', $mailConfig);
         die(js::locate(inlink('edit'), 'parent'));
     }
     $this->view->title = $this->lang->mail->common . $this->lang->colon . $this->lang->mail->detect;
     $this->view->position[] = html::a(inlink('index'), $this->lang->mail->common);
     $this->view->position[] = $this->lang->mail->detect;
     $this->view->fromAddress = $this->session->mailConfig ? $this->session->mailConfig->fromAddress : '';
     $this->display();
 }
Exemplo n.º 3
0
 /**
  * Detect email config auto.
  * 
  * @access public
  * @return void
  */
 public function detect()
 {
     if ($_POST) {
         if ($this->post->fromAddress == false) {
             $error = sprintf($this->lang->error->notempty, $this->lang->mail->fromAddress);
             $message = array('fromAddress' => $error);
             $this->send(array('result' => 'fail', 'message' => $message));
         }
         if (!validater::checkEmail($this->post->fromAddress)) {
             $error = sprintf($this->lang->error->email, $this->lang->mail->fromAddress);
             $message = array('fromAddress' => $error);
             $this->send(array('result' => 'fail', 'message' => $message));
         }
         $mailConfig = $this->mail->autoDetect($this->post->fromAddress);
         $mailConfig->fromAddress = $this->post->fromAddress;
         $this->session->set('mailConfig', $mailConfig);
         $this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => inlink('edit')));
     }
     $this->view->title = $this->lang->mail->common . $this->lang->colon . $this->lang->mail->detect;
     $this->view->position[] = html::a(inlink('index'), $this->lang->mail->common);
     $this->view->position[] = $this->lang->mail->detect;
     $this->view->fromAddress = $this->session->mailConfig ? $this->session->mailConfig->fromAddress : '';
     $this->display();
 }
Exemplo n.º 4
0
 /**
  * Save settings. 
  * 
  * @access public
  * @return void
  */
 public function saveSetting()
 {
     $errors = '';
     if (!$this->post->payment) {
         $errors['payment'] = array($this->lang->order->paymentRequired);
     }
     if (!$this->post->confirmLimit) {
         $errors['confirmLimit'] = array($this->lang->order->confirmLimitRequired);
     }
     if (in_array('alipay', $this->post->payment) and strlen($this->post->pid) != 16) {
         $errors['pid'] = array($this->lang->order->placeholder->pid);
     }
     if (in_array('alipay', $this->post->payment) and strlen($this->post->key) != 32) {
         $errors['key'] = array($this->lang->order->placeholder->key);
     }
     if (in_array('alipay', $this->post->payment) and !validater::checkEmail($this->post->email)) {
         $errors['email'] = array(sprintf($this->lang->error->email, $this->lang->order->alipayEmail));
     }
     if (!empty($errors)) {
         return array('result' => 'fail', 'message' => $errors);
     }
     $shopSetting = array();
     $shopSetting['payment'] = join(',', $this->post->payment);
     $shopSetting['confirmLimit'] = $this->post->confirmLimit;
     $this->loadModel('setting')->setItems('system.common.shop', $shopSetting);
     $alipaySetting = array();
     $alipaySetting['pid'] = $this->post->pid;
     $alipaySetting['key'] = $this->post->key;
     $alipaySetting['email'] = $this->post->email;
     $result = $this->loadModel('setting')->setItems('system.common.alipay', $alipaySetting);
     return array('result' => 'success', 'message' => $this->lang->saveSuccess);
 }
Exemplo n.º 5
0
 /**
  * Reply a message.
  *
  * @param  int    $messageID
  * @access public
  * @return void
  */
 public function reply($messageID)
 {
     $account = $this->app->user->account;
     $admin = $this->app->user->admin;
     $message = $this->getByID($messageID);
     $reply = fixer::input('post')->add('objectType', $message->type == 'reply' ? $message->objectType : $message->type)->add('objectID', $message->id)->add('to', $message->account)->add('type', 'reply')->add('date', helper::now())->add('status', '0')->add('public', 1)->setIF($account != 'guest', 'account', $account)->setIF($admin == 'super', 'status', '1')->add('ip', $this->server->REMOTE_ADDR)->get();
     $this->dao->insert(TABLE_MESSAGE)->data($reply, $skip = 'captcha')->autoCheck()->check('captcha', 'captcha')->check('type', 'in', $this->config->message->types)->batchCheck($this->config->message->require->reply, 'notempty')->exec();
     $replyID = $this->dao->lastInsertId();
     if (!dao::isError()) {
         if ($admin == 'super') {
             $this->dao->update(TABLE_MESSAGE)->set('status')->eq(1)->where('status')->eq(0)->andWhere('id')->eq($messageID)->exec();
             if (dao::isError()) {
                 return false;
             }
         }
         /* if message type is comment , check is user want to receive email reminder  */
         if (validater::checkEmail($message->email) && ($message->type != 'comment' || $message->receiveEmail)) {
             $mail = new stdclass();
             $mail->to = $message->email;
             $mail->subject = sprintf($this->lang->message->replySubject, $this->config->site->name);
             $mail->body = $reply->content;
             $this->loadModel('mail')->send($mail->to, $mail->subject, $mail->body);
         }
         return $replyID;
     }
     return false;
 }
Exemplo n.º 6
0
 /**
  * Batch edit user.
  * 
  * @access public
  * @return void
  */
 public function batchEdit()
 {
     if (empty($_POST['verifyPassword']) or md5($this->post->verifyPassword) != $this->app->user->password) {
         die(js::alert($this->lang->user->error->verifyPassword));
     }
     $oldUsers = $this->dao->select('id, account')->from(TABLE_USER)->where('id')->in(array_keys($this->post->account))->fetchPairs('id', 'account');
     $accountGroup = $this->dao->select('id, account')->from(TABLE_USER)->where('account')->in($this->post->account)->fetchGroup('account', 'id');
     $accounts = array();
     foreach ($this->post->account as $id => $account) {
         $users[$id]['account'] = $account;
         $users[$id]['realname'] = $this->post->realname[$id];
         $users[$id]['commiter'] = $this->post->commiter[$id];
         $users[$id]['email'] = $this->post->email[$id];
         $users[$id]['join'] = $this->post->join[$id];
         $users[$id]['dept'] = $this->post->dept[$id] == 'ditto' ? isset($prev['dept']) ? $prev['dept'] : 0 : $this->post->dept[$id];
         $users[$id]['role'] = $this->post->role[$id] == 'ditto' ? isset($prev['role']) ? $prev['role'] : 0 : $this->post->role[$id];
         if (isset($accountGroup[$account]) and count($accountGroup[$account]) > 1) {
             die(js::error(sprintf($this->lang->user->error->accountDupl, $id)));
         }
         if (in_array($account, $accounts)) {
             die(js::error(sprintf($this->lang->user->error->accountDupl, $id)));
         }
         if (!validater::checkAccount($users[$id]['account'])) {
             die(js::error(sprintf($this->lang->user->error->account, $id)));
         }
         if ($users[$id]['realname'] == '') {
             die(js::error(sprintf($this->lang->user->error->realname, $id)));
         }
         if ($users[$id]['email'] and !validater::checkEmail($users[$id]['email'])) {
             die(js::error(sprintf($this->lang->user->error->mail, $id)));
         }
         if (empty($users[$id]['role'])) {
             die(js::error(sprintf($this->lang->user->error->role, $id)));
         }
         $accounts[$id] = $account;
         $prev['dept'] = $users[$id]['dept'];
         $prev['role'] = $users[$id]['role'];
     }
     foreach ($users as $id => $user) {
         $this->dao->update(TABLE_USER)->data($user)->where('id')->eq((int) $id)->exec();
         if ($user['account'] != $oldUsers[$id]) {
             $oldAccount = $oldUsers[$id];
             $this->dao->update(TABLE_USERGROUP)->set('account')->eq($user['account'])->where('account')->eq($oldAccount)->exec();
             if (strpos($this->app->company->admins, ',' . $oldAccount . ',') !== false) {
                 $admins = str_replace(',' . $oldAccount . ',', ',' . $user['account'] . ',', $this->app->company->admins);
                 $this->dao->update(TABLE_COMPANY)->set('admins')->eq($admins)->where('id')->eq($this->app->company->id)->exec();
             }
             if (!dao::isError() and $this->app->user->account == $oldAccount) {
                 $this->app->user->account = $users['account'];
             }
         }
     }
 }
Exemplo n.º 7
0
 /**
  * Identify a user.
  * 
  * @param   string $account     the account
  * @param   string $password    the password    the plain password or the md5 hash
  * @access  public
  * @return  object              if is valid user, return the user object.
  */
 public function identify($account, $password)
 {
     if (!$account or !$password) {
         return false;
     }
     /* First get the user from database by account or email. */
     $user = $this->dao->setAutolang(false)->select('*')->from(TABLE_USER)->beginIF(validater::checkEmail($account))->where('email')->eq($account)->fi()->beginIF(!validater::checkEmail($account))->where('account')->eq($account)->fi()->fetch();
     /* Then check the password hash. */
     if (!$user) {
         return false;
     }
     /* Can not login before ten minutes when user is locked. */
     if ($user->locked != '0000-00-00 00:00:00') {
         $dateDiff = (strtotime($user->locked) - time()) / 60;
         /* Check the type of lock and show it. */
         if ($dateDiff > 0 && $dateDiff <= 3) {
             $this->lang->user->loginFailed = sprintf($this->lang->user->locked, '3' . $this->lang->date->minute);
             return false;
         } elseif ($dateDiff > 3) {
             $dateDiff = ceil($dateDiff / 60 / 24);
             $this->lang->user->loginFailed = $dateDiff <= 30 ? sprintf($this->lang->user->locked, $dateDiff . $this->lang->date->day) : $this->lang->user->lockedForEver;
             return false;
         } else {
             $user->fails = 0;
             $user->locked = '0000-00-00 00:00:00';
         }
     }
     /* The password can be the plain or the password after md5. */
     if (!$this->compareHashPassword($password, $user) and $user->password != $this->createPassword($password, $user->account)) {
         /* Save login log if user is admin. */
         if ($user->admin == 'super' or $user->admin == 'common') {
             $this->saveLog($user->account, 'fail');
         }
         $user->fails++;
         if ($user->fails > 2 * 4) {
             $user->locked = date('Y-m-d H:i:s', time() + 3 * 60);
         }
         $this->dao->setAutolang(false)->update(TABLE_USER)->data($user)->where('id')->eq($user->id)->exec();
         return false;
     }
     /* Update user data. */
     $user->ip = $this->server->remote_addr;
     $user->last = helper::now();
     $user->fails = 0;
     $user->visits++;
     /* Save login log if user is admin. */
     if ($user->admin == 'super' or $user->admin == 'common') {
         $this->saveLog($user->account, 'success');
     }
     $this->dao->setAutolang(false)->update(TABLE_USER)->data($user)->where('account')->eq($account)->exec();
     $user->realname = $this->computeRealname($user);
     $user->shortLast = substr($user->last, 5, -3);
     $user->shortJoin = substr($user->join, 5, -3);
     unset($_SESSION['random']);
     if (commonModel::isAvailable('score')) {
         $viewType = $this->app->getViewType();
         if ($user) {
             $this->app->user->account = $account;
             if ($user->maxLogin > 0) {
                 $this->app->loadConfig('score');
                 $login = $this->config->score->counts->login;
                 $this->dao->update(TABLE_USER)->set('maxLogin = maxLogin - ' . $login)->where('account')->eq($account)->exec();
                 $this->loadModel('score')->earn('login', '', '', 'LOGIN');
             }
         }
     }
     return $user;
 }
Exemplo n.º 8
0
 /**
  * Add a blacklist item. 
  * 
  * @access public
  * @return void
  */
 public function addBlacklist()
 {
     $typeList = $this->lang->guarder->blacklistModes;
     if ($_POST) {
         $item = $this->post->identity;
         $type = 'keywords';
         if (validater::checkIP($item)) {
             $type = 'ip';
         }
         if (validater::checkEmail($item)) {
             $type = 'email';
         }
         if (validater::checkAccount($item)) {
             $user = $this->loadModel('user')->getByAccount($item);
             if (!empty($user)) {
                 $type = 'account';
             }
         }
         $result = $this->guarder->punish($type, $item, $this->post->reason, $this->post->expired);
         if ($result) {
             $this->send(array('result' => 'success', 'message' => $this->lang->setSuccess, 'locate' => inlink('blacklist', "mode={$type}")));
         }
         $this->send(array('result' => 'fail', 'message' => dao::geterror()));
     }
     $this->view->title = $this->lang->guarder->addBlacklist;
     $this->display();
 }
Exemplo n.º 9
0
 /**
  * Identify a user.
  * 
  * @param   string $account     the account
  * @param   string $password    the password    the plain password or the md5 hash
  * @access  public
  * @return  object              if is valid user, return the user object.
  */
 public function identify($account, $password)
 {
     if (!$account or !$password) {
         return false;
     }
     /* First get the user from database by account or email. */
     $user = $this->dao->select('*')->from(TABLE_USER)->where('deleted')->eq('0')->beginIF(validater::checkEmail($account))->andWhere('email')->eq($account)->fi()->beginIF(!validater::checkEmail($account))->andWhere('account')->eq($account)->fi()->fetch();
     /* Then check the password hash. */
     if (!$user) {
         return false;
     }
     /* Can not login before ten minutes when user is locked. */
     if ($user->locked != '0000-00-00 00:00:00') {
         $dateDiff = (strtotime($user->locked) - time()) / 60;
         /* Check the type of lock and show it. */
         if ($dateDiff > 0 && $dateDiff <= 10) {
             $this->lang->user->loginFailed = sprintf($this->lang->user->locked, '10' . $this->lang->date->minute);
             return false;
         } elseif ($dateDiff > 10) {
             $dateDiff = ceil($dateDiff / 60 / 24);
             $this->lang->user->loginFailed = $dateDiff <= 30 ? sprintf($this->lang->user->locked, $dateDiff . $this->lang->date->day) : $this->lang->user->lockedForEver;
             return false;
         } else {
             $user->fails = 0;
             $user->locked = '0000-00-00 00:00:00';
         }
     }
     /* The password can be the plain or the password after md5. */
     if (!$this->compareHashPassword($password, $user)) {
         $user->fails++;
         if ($user->fails > 2) {
             $user->locked = date('Y-m-d H:i:s', time() + 10 * 60);
         }
         $this->dao->update(TABLE_USER)->data($user)->where('id')->eq($user->id)->exec();
         return false;
     }
     /* Update user data. */
     $user->ip = $this->server->remote_addr;
     $user->last = helper::now();
     $user->ping = helper::now();
     $user->fails = 0;
     $user->visits++;
     /* Update password when create password by oldCreatePassword function. */
     $this->dao->update(TABLE_USER)->data($user)->where('account')->eq($account)->exec();
     $user->realname = empty($user->realname) ? $account : $user->realname;
     $user->shortLast = substr($user->last, 5, -3);
     $user->shortJoin = substr($user->join, 5, -3);
     unset($_SESSION['random']);
     /* Save sign in info. */
     $this->loadModel('attend', 'oa')->signIn($user->account);
     /* Return him.*/
     return $user;
 }
Exemplo n.º 10
0
 /**
  * Send mail code. 
  * 
  * @access public
  * @return void
  */
 public function sendMailCode($account = '')
 {
     $account = ($account and $account != 'qq') ? $account : $this->app->user->account;
     $user = $this->loadModel('user')->getByAccount($account);
     $email = $this->post->email ? $this->post->email : $user->email;
     $lastSendVar = "lastSendTo{$account}";
     $lastSendTime = $this->session->{$lastSendVar};
     if (time() - $lastSendTime < 180) {
         $this->send(array('result' => 'fail', 'message' => $this->lang->mail->trySendlater));
     }
     if (!$this->config->mail->turnon) {
         $this->send(array('result' => 'fail', 'message' => $this->lang->mail->noConfigure));
     }
     if (empty($email)) {
         $this->send(array('result' => 'fail', 'message' => $this->lang->mail->noEmail));
     }
     if (!validater::checkEmail($email)) {
         $this->send(array('result' => 'fail', 'message' => $this->lang->mail->error));
     }
     if (!$lastSendTime or time() - $lastSendTime > 1800 or !$this->session->verifyCode) {
         $this->session->set('verifyCode', mt_rand());
     }
     $content = sprintf($this->lang->mail->sendContent, $account, $this->config->site->name, $this->server->http_host, $this->session->verifyCode, $this->config->site->name);
     $this->loadModel('mail')->send($email, $this->lang->mail->captcha, $content, true);
     if (!$this->mail->isError()) {
         $this->session->set('lastSendTo' . $account, time());
         $this->send(array('result' => 'success', 'message' => sprintf($this->lang->mail->sendSuccess, $email)));
     }
     $error = str_replace('\\n', "<br />", join('', $this->mail->getError()));
     $this->send(array('result' => 'fail', 'message' => $error));
 }