<?php
/**
* @package Plupload
* @category modules
* @author Moxiecode Systems AB
* @author Nazar Mokrynskyi <*****@*****.**> (integration with CleverStyle CMS)
* @copyright Moxiecode Systems AB
* @license GNU GPL v2, see license.txt
*/
namespace cs\modules\Plupload;
use cs\Config, cs\DB, cs\Storage, cs\Trigger;
Trigger::instance()->register('admin/System/components/modules/uninstall/process', function ($data) {
if ($data['name'] != 'Plupload') {
return;
}
$module_data = Config::instance()->module('Plupload');
$storage = Storage::instance()->{$module_data->storage('files')};
$cdb = DB::instance()->{$module_data->db('files')};
unset($module_data);
if (!$storage || !$cdb) {
return;
}
$files = $cdb->q("SELECT `source`\n\t\t\tFROM `[prefix]plupload_files`");
while ($f = $cdb->fs($files)) {
$storage->unlink($f);
}
if ($storage->is_dir('Plupload')) {
$storage->rmdir('Plupload');
}
if (!isset($_GET['response_type'])) {
header('Location: ' . http_build_url(urldecode($redirect_uri), ['error' => 'invalid_request', 'error_description' => 'response_type parameter required', 'state' => isset($_GET['state']) ? $_GET['state'] : false]), true, 302);
$Page->Content = '';
$Index->stop = true;
return;
}
if (!in_array($_GET['response_type'], ['code', 'token', 'guest_token'])) {
header('Location: ' . http_build_url(urldecode($redirect_uri), ['error' => 'unsupported_response_type', 'error_description' => 'Specified response type is not supported, only "token" or "code" types available', 'state' => isset($_GET['state']) ? $_GET['state'] : false]), true, 302);
$Page->Content = '';
$Index->stop = true;
return;
}
$User = User::instance();
if (!$User->user()) {
if ($_GET['response_type'] != 'guest_token') {
if (Trigger::instance()->run('OAuth2/custom_sign_in_page')) {
$Page->Content = '';
$Page->warning($L->you_are_not_logged_in);
}
$Index->stop = true;
return;
} elseif (!$Config->module('OAuth2')->guest_tokens) {
header('Location: ' . http_build_url(urldecode($redirect_uri), ['error' => 'access_denied', 'error_description' => 'Guest tokens disabled', 'state' => isset($_GET['state']) ? $_GET['state'] : false]), true, 302);
$Page->Content = '';
$Index->stop = true;
return;
}
}
/**
* Authorization processing
*/
/**
* @package CleverStyle CMS
* @subpackage System module
* @category modules
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2013-2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs;
use h;
/**
* Multilingual functionality: redirects and necessary meta-tags
*/
Trigger::instance()->register('System/User/construct/after', function () {
$Config = Config::instance();
if (!$Config->core['multilingual']) {
return;
}
$relative_address = $Config->server['relative_address'];
$Cache = Cache::instance();
if (!FIXED_LANGUAGE && $_SERVER['REQUEST_METHOD'] == 'GET' && $Cache->cache_state() && Core::instance()->cache_engine != 'BlackHole') {
$clang = Language::instance()->clang;
if (!HOME) {
header("Location: /{$clang}/{$relative_address}", true, 301);
} else {
header("Location: /{$clang}", true, 301);
}
}
$base_url = substr($Config->base_url(), 0, -3);
/**
* Delete group
*
* @param int $group
*
* @return bool
*/
function del($group)
{
$group = (int) $group;
Trigger::instance()->run('System/User/Group/del/before', ['id' => $group]);
if ($group != 1 && $group != 2 && $group != 3) {
$return = $this->db_prime()->q(["DELETE FROM `[prefix]groups` WHERE `id` = {$group}", "DELETE FROM `[prefix]users_groups` WHERE `group` = {$group}"]);
$this->del_permissions_all($group);
$Cache = $this->cache;
unset(Cache::instance()->{'users/groups'}, $Cache->{$group}, $Cache->all);
Trigger::instance()->run('System/User/Group/del/after', ['id' => $group]);
return (bool) $return;
} else {
return false;
}
}
<?php
/**
* @package Common
* @category modules
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs;
use h, cs\modules\Info\Info, cs\modules\Help\Help;
Trigger::instance()->register('System/Index/construct', function () {
if (!API && !ADMIN && Config::instance()->module('Common')->active()) {
$L = Language::instance();
$Page = Page::instance();
$Page->Description = 'opir.org - ми контролюємо вибори';
$Page->og('image', 'https://opir.org/components/modules/Common/includes/img/share.png');
$Page->og('image:secure_url', 'https://opir.org/components/modules/Common/includes/img/share.png');
$Page->link(['rel' => 'image_src', 'href' => 'https://opir.org/components/modules/Common/includes/img/share.png']);
$Page->Header = h::{'div.cs-elections-logo'}(h::{'a[href=/] img'}(['src' => "components/modules/Common/includes/img/logo-{$L->clang}.png"])) . h::{'nav.cs-elections-switch-language'}(h::span("{$L->clang} " . h::icon('caret-down'), ['class' => $L->clang]) . h::{'div a[href=/$i[lang]][in=$i[language]]'}(['class' => '$i[lang]', 'insert' => [['lang' => 'uk', 'language' => 'Українська'], ['lang' => 'ru', 'language' => 'Русский'], ['lang' => 'en', 'language' => 'English']]])) . h::{'button.cs-elections-info'}() . h::{'button.cs-elections-help-initiative'}($L->help_initiative);
$Page->content(h::{'section.cs-elections-info-modal[style=display:none] article[style=width:800px;]'}(Info::get()) . h::{'section.cs-elections-help-initiative-modal[style=display:none] article[style=width:800px;]'}(Help::get()));
}
});
<?php
/**
* @package OAuth2 customization
* @category plugins
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs;
use h;
Trigger::instance()->register('OAuth2/custom_sign_in_page', function () {
if (!in_array('OAuth2_customization', Config::instance()->components['plugins'])) {
return true;
}
define('MOBILE_AUTH', true);
$L = Language::instance();
$Page = Page::instance();
$Page->Title = [$Page->Title[0], $L->sign_in];
$Page->content(h::{'section.cs-oauth2-customization'}(h::{'h2.uk-text-center.uk-margin-top'}($L->sign_in) . h::a(h::icon('facebook') . $L->sign_in_with('Facebook'), ['href' => 'HybridAuth/Facebook']) . h::a(h::icon('vk') . $L->sign_in_with('VK'), ['href' => 'HybridAuth/Vkontakte'])));
return false;
})->register('System/Config/routing_replace', function () {
if (!in_array('OAuth2_customization', Config::instance()->components['plugins'])) {
return;
}
spl_autoload_register(function ($class) {
if (ltrim($class, '\\') == 'cs\\modules\\OAuth2\\OAuth2') {
include __DIR__ . '/OAuth2.php';
}
}, true, true);
/**
* Page generation
*/
function __finish()
{
static $executed = false;
if ($executed) {
return;
}
$executed = true;
/**
* Cleaning of output
*/
if (OUT_CLEAN) {
ob_end_clean();
}
/**
* Detection of compression
*/
$ob = false;
$Config = Config::instance(true);
if (API || $Config && !zlib_compression() && $Config->core['gzip_compression']) {
ob_start('ob_gzhandler');
$ob = true;
}
/**
* For AJAX and API requests only content without page template
*/
if (!$this->interface) {
/**
* Processing of replacing in content
*/
echo $this->process_replacing($this->Content ?: (API ? 'null' : ''));
} else {
Trigger::instance()->run('System/Page/pre_display');
class_exists('\\cs\\Error', false) && Error::instance(true)->display();
/**
* Processing of template, substituting of content, preparing for the output
*/
$this->prepare();
/**
* Processing of replacing in content
*/
$this->Html = $this->process_replacing($this->Html);
/**
* Getting of debug information
*/
if (DEBUG && (User::instance(true)->admin() || $Config->can_be_admin && $Config->core['ip_admin_list_only'])) {
$this->get_debug_info();
}
Trigger::instance()->run('System/Page/display');
echo str_replace(['<!--debug_info-->', '<!--generate time-->', '<!--peak memory usage-->'], [$this->debug_info ? h::level(h::{'div#cs-debug.uk-modal div.uk-modal-dialog-large'}(h::level($this->debug_info), ['title' => Language::instance()->debug, 'style' => 'margin-left: -45%; width: 90%;']), $this->level['debug_info']) : '', format_time(round(microtime(true) - MICROTIME, 5)), format_filesize(memory_get_usage(), 5) . h::{'sup[level=0]'}(format_filesize(memory_get_peak_usage(), 5))], rtrim($this->Html));
}
if ($ob) {
ob_end_flush();
}
}
/**
* Returns array of user id, that are associated as contacts
*
* @param bool|int $user If not specified - current user assumed
*
* @return int[] Array of user id
*/
function get_contacts($user = false)
{
$user = (int) ($user ?: $this->id);
if (!$user || $user == self::GUEST_ID) {
return [];
}
$contacts = [];
Trigger::instance()->run('System/User/get_contacts', ['id' => $user, 'contacts' => &$contacts]);
return array_unique($contacts);
}
unset($item, $value);
if ($part == 'routing' || $part == 'replace') {
$temp['in'] = explode("\n", $temp['in']);
$temp['out'] = explode("\n", $temp['out']);
foreach ($temp['in'] as $i => $value) {
if (empty($value)) {
unset($temp['in'][$i], $temp['out'][$i]);
}
}
unset($i, $value);
}
unset($temp);
}
}
unset($part);
}
$Cache = Cache::instance();
if ($_POST['edit_settings'] == 'apply' && $Cache->cache_state()) {
if ($Index->apply() && !$Config->core['cache_compress_js_css']) {
clean_pcache();
Trigger::instance()->run('admin/System/general/optimization/clean_pcache');
}
} elseif ($_POST['edit_settings'] == 'save') {
$save = $Index->save();
if ($save && !$Config->core['cache_compress_js_css']) {
clean_pcache();
Trigger::instance()->run('admin/System/general/optimization/clean_pcache');
}
} elseif ($_POST['edit_settings'] == 'cancel' && $Cache->cache_state()) {
$Index->cancel();
}
$db->{$db_id}()->q("INSERT INTO `[prefix]users_social_integration`\n\t\t\t\t\t(\n\t\t\t\t\t\t`id`,\n\t\t\t\t\t\t`provider`,\n\t\t\t\t\t\t`identifier`,\n\t\t\t\t\t\t`profile`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'%s',\n\t\t\t\t\t\t'%s',\n\t\t\t\t\t\t'%s',\n\t\t\t\t\t\t'%s'\n\t\t\t\t\t)", $result['id'], $rc[0], $HybridAuth_data['identifier'], $HybridAuth_data['profile']);
$profile_info = $HybridAuth_data['profile_info'];
$contacts = $HybridAuth_data['contacts'];
$email = strtolower($_POST['email']);
try {
$HybridAuth = get_hybridauth_instance($rc[0]);
$adapter = $HybridAuth->getAdapter($rc[0]);
$body = $L->reg_success_mail_body(isset($profile_info['username']) ? $profile_info['username'] : strstr($email, '@', true), get_core_ml_text('name'), $Config->base_url() . '/profile/settings', $User->get('login', $result['id']), $result['password']);
/**
* Send notification email
*/
if ($Mail->send_to($email, $L->reg_success_mail(get_core_ml_text('name')), $body)) {
Trigger::instance()->run('HybridAuth/add_session/before', ['adapter' => $adapter, 'provider' => $rc[0]]);
$User->add_session($result['id']);
add_session_after();
Trigger::instance()->run('HybridAuth/add_session/after', ['adapter' => $adapter, 'provider' => $rc[0]]);
if ($User->id != User::GUEST_ID) {
$existing_data = $User->get(array_keys($profile_info), $User->id);
foreach ($profile_info as $item => $value) {
if (!$existing_data[$item] || $existing_data[$item] != $value) {
$User->set($item, $value, $User->id);
}
}
unset($existing_data, $item, $value);
update_user_contacts($contacts, $rc[0]);
}
header('Location: ' . (_getcookie('HybridAuth_referer') ?: $Config->base_url()));
_setcookie('HybridAuth_referer', '');
code_header(301);
} else {
$User->registration_cancel();
/**
* Executes plugins processing, blocks and module page generation
*/
function __finish()
{
static $finished = false;
if ($finished) {
return;
}
$finished = true;
$Config = Config::instance();
$Page = Page::instance();
/**
* If site is closed, user is not admin, and it is not request for sign in
*/
if (!$Config->core['site_mode'] && !(User::instance()->admin() || API && $Config->route === ['user', 'sign_in'])) {
code_header(503);
return;
}
if (defined('ERROR_CODE')) {
$Page->error();
}
Trigger::instance()->run('System/Index/preload');
if (!IN_ADMIN && !$this->api && file_exists(MODULES . '/' . MODULE . '/index.html')) {
ob_start();
_include(MODULES . '/' . MODULE . '/index.html', false, false);
$Page->content(ob_get_clean());
if ($this->title_auto) {
$Page->title(Language::instance()->{HOME ? 'home' : MODULE});
}
} elseif (!defined('ERROR_CODE') && !$this->stop) {
$this->init_auto && $this->init();
}
if ($this->generate_auto) {
$this->generate();
}
if ($this->stop) {
if (_getcookie('sign_out') && !(API && MODULE == 'System' && $Config->route == ['user', 'sign_out'])) {
_setcookie('sign_out', '');
}
return;
}
if (defined('ERROR_CODE')) {
$Page->error();
} elseif (_getcookie('sign_out') && !(API && MODULE == 'System' && $Config->route == ['user', 'sign_out'])) {
_setcookie('sign_out', '');
}
Trigger::instance()->run('System/Index/postload');
}
<?php
/**
* @package Static Pages
* @category modules
* @author Nazar Mokrynskyi <*****@*****.**>
* @copyright Copyright (c) 2011-2014, Nazar Mokrynskyi
* @license MIT License, see license.txt
*/
namespace cs\modules\Static_pages;
use cs\Config, cs\Trigger;
Trigger::instance()->register('System/Config/routing_replace', function ($data) {
if (!Config::instance()->module('Static_pages')->active() && substr($data['rc'], 0, 5) != 'admin') {
return;
}
$rc = explode('/', $data['rc']);
switch ($rc[0]) {
case 'admin':
case 'api':
return;
case 'Static_pages':
$rc = ['index'];
}
$Static_pages = Static_pages::instance();
$structure = $Static_pages->get_structure();
$categories = array_slice($rc, 0, -1);
if (!empty($categories)) {
foreach ($categories as $category) {
if (isset($structure['categories'][$category])) {
$structure = $structure['categories'][$category];
/**
* Change language
*
* @param string $language
*
* @return bool
*/
function change($language)
{
static $changed_once = false;
if ($this->fixed_language && $changed_once) {
return false;
}
$changed_once = true;
if ($language == $this->clanguage) {
return true;
}
$Config = Config::instance(true);
if (empty($language)) {
if ($Config && $Config->core['multilingual']) {
$language = $this->scan_aliases($Config->core['active_languages']) ?: $language;
}
}
if (!$Config || $language == $Config->core['language'] || $Config->core['multilingual'] && in_array($language, $Config->core['active_languages'])) {
$this->clanguage = $language;
$return = false;
$Cache = Cache::instance();
/**
* If translations in cache
*/
if ($translate = $Cache->{"languages/{$this->clanguage}"}) {
$this->set($translate);
$return = true;
/**
* Otherwise check for system translations
*/
} elseif (file_exists(LANGUAGES . "/{$this->clanguage}.json")) {
/**
* Set system translations
*/
$this->set(file_get_json_nocomments(LANGUAGES . "/{$this->clanguage}.json"));
$translate =& $this->translate;
$translate['clanguage'] = $this->clanguage;
if (!isset($translate['clang'])) {
$translate['clang'] = mb_strtolower(mb_substr($this->clanguage, 0, 2));
}
if (!isset($translate['clanguage_en'])) {
$translate['clanguage_en'] = $this->clanguage;
}
if (!isset($translate['locale'])) {
$translate['locale'] = $this->clang . '_' . strtoupper($this->clang);
}
/**
* Set modules' translations
*/
foreach (get_files_list(MODULES, false, 'd') as $module) {
if (file_exists(MODULES . "/{$module}/languages/{$this->clanguage}.json")) {
$this->set(file_get_json_nocomments(MODULES . "/{$module}/languages/{$this->clanguage}.json") ?: []);
}
}
unset($module);
/**
* Set plugins' translations
*/
foreach (get_files_list(PLUGINS, false, 'd') as $plugin) {
if (file_exists(PLUGINS . "/{$plugin}/languages/{$this->clanguage}.json")) {
$this->set(file_get_json_nocomments(PLUGINS . "/{$plugin}/languages/{$this->clanguage}.json") ?: []);
}
}
unset($plugin);
Trigger::instance()->run('System/general/languages/load', ['clanguage' => $this->clanguage, 'clang' => $this->clang, 'cregion' => $this->cregion, 'clanguage_en' => $this->clanguage_en]);
$Cache->{"languages/{$this->clanguage}"} = $translate;
$return = true;
}
_include(LANGUAGES . "/{$this->clanguage}.php", false, false);
header("Content-Language: {$translate['content_language']}");
return $return;
}
return false;
}
* System/upload_files/add_tag
* [
* 'url' => url //Required
* 'tag' => tag //Required
* ]
*
* System/upload_files/del_tag
* [
* 'url' => url //Optional
* 'tag' => tag //Optional ("%" symbol may be used at the end of string to delete all files, that starts from specified string)
* ]
*/
namespace cs\modules\Plupload;
use cs\Config, cs\DB, cs\Page, cs\Storage, cs\Trigger;
Trigger::instance()->register('System/Page/pre_display', function () {
$Config = Config::instance();
$Page = Page::instance();
$Page->js('cs.plupload = ' . _json_encode(['max_file_size' => $Config->module('Plupload')->max_file_size]) . ';', 'code');
})->register('System/Index/mainmenu', function ($data) {
if ($data['path'] == 'Plupload') {
$data['hide'] = true;
return false;
}
return true;
})->register('System/upload_files/add_tag', function ($data) {
if (!isset($data['url'], $data['tag'])) {
return false;
}
$module_data = Config::instance()->module('Plupload');
$storage = Storage::instance()->{$module_data->storage('files')};
unset($db_json, $dbs, $database);
$a->content(h::{'table.cs-table'}(h::{'thead tr th'}([h::info('appointment_of_db'), h::info('system_db')]) . h::{'tbody tr| td'}($db_list)));
unset($db_list);
}
if ($rc[2] == 'install') {
goto back_to_module_installation_1;
}
}
break;
case 'storage':
$show_modules = false;
if (count($Config->storage) > 1) {
$Page->warning($L->changing_settings_warning);
$Page->title($L->storage_settings_for_module($rc[3]));
$a->content(h::{'p.lead.cs-center'}($L->storage_settings_for_module($rc[3])));
if (!Trigger::instance()->run('admin/System/components/modules/storage/prepare', ['name' => $rc[3]])) {
break;
}
$a->buttons = true;
$a->apply_button = false;
$a->cancel_button_back = true;
module_storage_settings:
if (file_exists(MODULES . "/{$rc['3']}/meta/storage.json")) {
$storages = [0 => $L->core_storage];
foreach ($Config->storage as $i => &$storage_data) {
if ($i) {
$storages[$i] = "{$storage_data['host']} ({$storage_data['connection']})";
}
}
unset($i, $storage_data);
$storage_list = [];
}, array_keys($providers)));
});
Trigger::instance()->register('System/User/registration/confirmation/after', function () {
if ($referer = _getcookie('HybridAuth_referer')) {
header("Refresh: 5; url={$referer}");
_setcookie('HybridAuth_referer', '');
}
});
Trigger::instance()->register('System/User/del/after', function ($data) {
/**
* @var \cs\DB\_Abstract $cdb
*/
$cdb = DB::instance()->{Config::instance()->module('HybridAuth')->db('integration')}();
$cdb->q(["DELETE FROM `[prefix]users_social_integration`\n\t\t\t\tWHERE `id` = '%s'", "DELETE FROM `[prefix]users_social_integration_contacts`\n\t\t\t\tWHERE `id` = '%s'"], $data['id']);
});
Trigger::instance()->register('System/User/get_contacts', function ($data) {
$data['contacts'] = array_unique(array_merge($data['contacts'], get_user_contacts($data['id'])));
});
/**
* Returns array of user id, that are contacts of specified user
*
* @param int $user
*
* @return int[]
*/
function get_user_contacts($user)
{
$Cache = Cache::instance();
$Config = Config::instance();
$user = (int) $user;
if (!$user || $user == User::GUEST_ID || !$Config->module('HybridAuth')->enable_contacts_detection) {
/**
* Delete violation
*
* @param int|int[] $id
*
* @return bool
*/
function del($id)
{
if (is_array($id)) {
foreach ($id as &$i) {
$i = (int) $this->del($i);
}
return (bool) array_product($id);
}
$data = $this->read_simple($id);
if (!$data) {
return false;
}
if (!$this->delete_simple($id)) {
return false;
}
Precincts::instance()->update_violations($data['precinct']);
unset($data['id'], $this->cache->{"all_for_precincts/{$data['precinct']}"}, $this->precincts_cache->{$data['precinct']}, $this->precincts_cache->all);
foreach ($data['images'] as $image) {
Trigger::instance()->run('System/upload_files/del_tag', ['tag' => "Precincts/violations/{$data['id']}", 'url' => $image]);
}
return true;
}
if (!(isset($user_data['login']) && $user_data['login'] && $user_data['login'] != $User->get('login') && (!filter_var($user_data['login'], FILTER_VALIDATE_EMAIL) && $User->get_id(hash('sha224', $user_data['login'])) === false || $user_data['login'] == $User->get('email')))) {
if ($user_data['login'] != $User->get('login')) {
$Page->warning($L->login_occupied_or_is_not_valid);
}
unset($user_data['login']);
}
$Index->save($User->set($user_data));
unset($user_data);
}
$Page->title($L->my_profile);
$Page->title($L->settings);
$Index->action = path($L->profile) . '/' . path($L->settings);
switch (isset($Config->route[2]) ? $Config->route[2] : '') {
default:
$Index->content(h::p(h::{'a.cs-button'}($L->general, ['href' => "{$Index->action}/" . path($L->general)]) . h::{'a.cs-button'}($L->change_password, ['href' => "{$Index->action}/" . path($L->change_password)])));
Trigger::instance()->run('System/profile/settings');
break;
case 'general':
$user_data = $User->get($columns);
unset($columns);
$timezones = get_timezones_list();
$row = function ($col1, $col2) {
return h::th($col1) . h::td($col2);
};
$Index->form = true;
$Index->form_atributes['class'] = 'cs-center';
$Index->apply_button = false;
$Index->cancel_button_back = true;
$Page->title($L->general);
$Index->content(h::{'p.lead.cs-center'}($L->general_settings) . h::{'table.cs-table-borderless.cs-left-even.cs-right-odd tr'}($row($L->login, h::input(['name' => 'user[login]', 'value' => $user_data['login']])), $row($L->username, h::input(['name' => 'user[username]', 'value' => $user_data['username']])), $row($L->language, h::select(['in' => array_merge([$L->system_default], $Config->core['active_languages']), 'value' => array_merge([''], $Config->core['active_languages'])], ['name' => 'user[language]', 'selected' => $user_data['language'], 'size' => 5])), $row($L->timezone, h::select(['in' => array_merge(["{$L->system_default} ({$Config->core['timezone']})"], array_keys($timezones)), 'value' => array_merge([''], array_values($timezones))], ['name' => 'user[timezone]', 'selected' => $user_data['timezone'], 'size' => 5])), $row($L->avatar, h::input(['name' => 'user[avatar]', 'value' => $user_data['avatar']]))));
break;