public function __construct()
{
parent::__construct();
$iGroupId = $this->httpRequest->get('group_id', 'int');
$oPayModel = new PaymentModel();
$oMembership = $oPayModel->getMemberships($iGroupId);
if (!$this->str->equals($this->httpRequest->post('name'), $oMembership->name)) {
$oPayModel->updateMembershipGroup('name', $this->httpRequest->post('name'), $iGroupId);
}
if (!$this->str->equals($this->httpRequest->post('description'), $oMembership->description)) {
$oPayModel->updateMembershipGroup('description', $this->httpRequest->post('description'), $iGroupId);
}
$aPerms = serialize($this->httpRequest->post('perms'));
$oPayModel->updateMembershipGroup('permissions', $aPerms, $iGroupId);
if (!$this->str->equals($this->httpRequest->post('price'), $oMembership->price)) {
$oPayModel->updateMembershipGroup('price', $this->httpRequest->post('price'), $iGroupId);
}
if (!$this->str->equals($this->httpRequest->post('expiration_days'), $oMembership->expirationDays)) {
$oPayModel->updateMembershipGroup('expirationDays', $this->httpRequest->post('expiration_days'), $iGroupId);
}
if (!$this->str->equals($this->httpRequest->post('enable'), $oMembership->enable)) {
$oPayModel->updateMembershipGroup('enable', $this->httpRequest->post('enable'), $iGroupId);
}
unset($oPayModel);
/* Clean UserCoreModel Cache */
(new Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear();
Header::redirect(Uri::get('payment', 'admin', 'membershiplist'), t('The Membership has been saved successfully!'));
}
public function __construct()
{
parent::__construct();
$oCommentModel = new CommentModel();
$sComment = $this->httpRequest->post('comment');
$sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
$iTimeDelay = (int) DbConfig::getSetting('timeDelaySendComment');
$sTable = $this->httpRequest->get('table');
$iRecipientId = $this->httpRequest->get('recipient', 'int');
$iSenderId = (int) $this->session->get('member_id');
if (!$oCommentModel->idExists($iRecipientId, $sTable)) {
\PFBC\Form::setError('form_comment', t('The comment recipient does not exists.'));
} elseif (!$oCommentModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime, $sTable)) {
\PFBC\Form::setError('form_comment', Form::waitWriteMsg($iTimeDelay));
} elseif ($oCommentModel->isDuplicateContent($iSenderId, $sComment, $sTable)) {
\PFBC\Form::setError('form_comment', Form::duplicateContentMsg());
} else {
if (!$oCommentModel->add($sComment, $iRecipientId, $iSenderId, 1, $sCurrentTime, $sTable)) {
\PFBC\Form::setError('form_comment', t('Oops! Error when adding comment.'));
} else {
/* Clean All Data of CommentModel Cache */
(new Framework\Cache\Cache())->start(CommentCoreModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('comment', 'comment', 'read', $sTable . ',' . $iRecipientId), t('The comment has been sent successfully!'));
}
}
unset($oCommentModel);
}
public function __construct()
{
parent::__construct();
$iCategoryId = $this->httpRequest->get('category_id', 'int');
(new ForumModel())->updateCategory($iCategoryId, $this->httpRequest->post('title'));
Header::redirect(Uri::get('forum', 'forum', 'index'), t('The Category has been updated successfully!'));
}
public function __construct()
{
parent::__construct();
$iForumId = $this->httpRequest->get('forum_id', 'int');
(new ForumModel())->updateForum($iForumId, $this->httpRequest->post('category_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
HeaderUrl::redirect(Uri::get('forum', 'forum', 'index'), t('Your message has been updated successfully!'));
}
public function __construct()
{
parent::__construct();
$aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'sex' => $this->httpRequest->post('sex'), 'time_zone' => $this->httpRequest->post('time_zone'), 'ip' => Ip::get()];
(new AdminModel())->add($aData);
Header::redirect(Uri::get(PH7_ADMIN_MOD, 'admin', 'browse'), t('The administrator has been successfully added.'));
}
public function __construct()
{
parent::__construct();
$oAffModel = new AffiliateModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sPassword = $this->httpRequest->post('password');
/** Check if the connection is not locked **/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isAffiliateLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxAffiliateLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginAffiliateAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Affiliates')) {
\PFBC\Form::setError('form_login_aff', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
// Check Login
$sLogin = $oAffModel->login($sEmail, $sPassword, 'Affiliates');
if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
if ($sLogin === 'email_does_not_exist') {
$this->session->set('captcha_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_login_aff', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
$oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username', 'Affiliates');
} elseif ($sLogin === 'password_does_not_exist') {
$oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password', 'Affiliates');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt('Affiliates');
}
$this->session->set('captcha_enabled', 1);
// Enable Captcha
$sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
$sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
$sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'affiliate'));
\PFBC\Form::setError('form_login_aff', $sWrongPwdTxt);
}
} else {
$oSecurityModel->clearLoginAttempts('Affiliates');
$this->session->remove('captcha_enabled');
$iId = $oAffModel->getId($sEmail, null, 'Affiliates');
$oAffData = $oAffModel->readProfile($iId, 'Affiliates');
if (true !== ($mStatus = (new AffiliateCore())->checkAccountStatus($oAffData))) {
\PFBC\Form::setError('form_login_aff', $mStatus);
} else {
// Is disconnected if the user is logged on as "user" or "administrator".
if (UserCore::auth() || AdminCore::auth()) {
$this->session->destroy();
}
// Regenerate the session ID to prevent the session fixation
$this->session->regenerateId();
$aSessionData = ['affiliate_id' => $oAffData->profileId, 'affiliate_email' => $oAffData->email, 'affiliate_username' => $oAffData->username, 'affiliate_first_name' => $oAffData->firstName, 'affiliate_sex' => $oAffData->sex, 'affiliate_ip' => Ip::get(), 'affiliate_http_user_agent' => $this->browser->getUserAgent(), 'affiliate_token' => Various::genRnd($oAffData->email)];
$this->session->set($aSessionData);
$oSecurityModel->addLoginLog($oAffData->email, $oAffData->username, '*****', 'Logged in!', 'Affiliates');
$oAffModel->setLastActivity($oAffData->profileId, 'Affiliates');
Header::redirect(Uri::get('affiliate', 'account', 'index'), t('You are successfully logged!'));
}
}
}
public function __construct()
{
parent::__construct();
// PH7\UserCoreModel::login() method of the UserCoreModel Class works only for "user" and "affiliate" module.
$oPasswordModel = $this->registry->module == PH7_ADMIN_MOD ? new AdminModel() : new UserCoreModel();
$sEmail = $this->registry->module == PH7_ADMIN_MOD ? $this->session->get('admin_email') : ($this->registry->module == 'user' ? $this->session->get('member_email') : $this->session->get('affiliate_email'));
$sTable = $this->registry->module == PH7_ADMIN_MOD ? 'Admins' : ($this->registry->module == 'user' ? 'Members' : 'Affiliates');
$sMod = $this->registry->module == PH7_ADMIN_MOD ? PH7_ADMIN_MOD : ($this->registry->module == 'user' ? 'user' : 'affiliate');
$sAction = $this->registry->module == 'affiliate' ? 'home' : 'main';
// Login
if ($this->registry->module == PH7_ADMIN_MOD) {
$mLogin = $oPasswordModel->adminLogin($sEmail, $this->session->get('admin_username'), $this->httpRequest->post('old_password'));
} else {
$mLogin = $oPasswordModel->login($sEmail, $this->httpRequest->post('old_password'), $sTable);
}
// Check
if ($this->httpRequest->post('new_password') !== $this->httpRequest->post('new_password2')) {
\PFBC\Form::setError('form_change_password', t('The passwords do not match.'));
} elseif ($this->httpRequest->post('old_password') === $this->httpRequest->post('new_password')) {
\PFBC\Form::setError('form_change_password', t('The old and new passwords are identical. So why do you change your password?'));
} elseif ($mLogin !== true) {
\PFBC\Form::setError('form_change_password', t('The old password is not correct.'));
} else {
// Update
$oPasswordModel->changePassword($sEmail, $this->httpRequest->post('new_password'), Various::genRnd(), Various::genRnd(), $sTable);
\PFBC\Form::setSuccess('form_change_password', t('Your password has been correctly updated.'));
}
}
public function __construct($sTable)
{
parent::__construct();
$oUserModel = new UserCoreModel();
$sMail = $this->httpRequest->post('mail');
if (!($iProfileId = $oUserModel->getId($sMail, null, $sTable))) {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
\PFBC\Form::setError('form_forgot_password', t('Oops, this "%0%" is not associated with any %site_name% account. Please, make sure that you entered the e-mail address used in creating your account.', escape(substr($sMail, 0, PH7_MAX_EMAIL_LENGTH))));
} else {
$oUserModel->setNewHashValidation($iProfileId, Various::genRnd(), $sTable);
(new UserCore())->clearReadProfileCache($iProfileId, $sTable);
// Clean the profile data (for the new hash)
$oData = $oUserModel->readProfile($iProfileId, $sTable);
/** We place the text outside of Uri::get() otherwise special characters will be deleted and the parameters passed in the url will be unusable thereafter. **/
$sResetUrl = Uri::get('lost-password', 'main', 'reset', $this->httpRequest->get('mod')) . PH7_SH . $oData->email . PH7_SH . $oData->hashValidation;
$this->view->content = t('Hello %0%!<br />Somebody (from the IP address %1%) has requested a new password for their account.', $oData->username, Ip::get()) . '<br />' . t('If you requested for this, click on the link below, otherwise ignore this email and your password will remain unchanged.') . '<br /><a href="' . $sResetUrl . '">' . $sResetUrl . '</a>';
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/lost-password/confirm-lost-password.tpl', $oData->email);
$aInfo = ['to' => $oData->email, 'subject' => t('Request for new password - %site_name%')];
unset($oData);
if (!(new Mail())->send($aInfo, $sMessageHtml)) {
\PFBC\Form::setError('form_forgot_password', Form::errorSendingEmail());
} else {
\PFBC\Form::setSuccess('form_forgot_password', t('Successfully requested a new password, email sent!'));
}
}
unset($oUserModel);
}
/**
* @param string $sConfigVar Specify the variable in the INI file where module options. Default module.setting
* @param string $sIniFile The path of INI config file.
* @return void
*/
public function __construct($sConfigVar, $sIniFile)
{
parent::__construct();
$aOldData = parse_ini_file($sIniFile, true);
$sData = file_get_contents($sIniFile);
foreach ($this->httpRequest->post('config') as $sKey => $sVal) {
$sData = str_replace($sKey . ' = ' . $aOldData[$sConfigVar][$sKey], $sKey . ' = ' . $sVal, $sData);
/**
* ----- Replacement with quotes -----
* For non-alphanumeric characters and especially for special characters.
* For example, it is very important to put quotes between the dollar sign "$", otherwise you'll get errors in the parsing of INI files.
*/
$sData = str_replace($sKey . ' = "' . $aOldData[$sConfigVar][$sKey] . '"', $sKey . ' = "' . $sVal . '"', $sData);
}
// Check and correct the file permission if necessary.
$this->file->chmod($sIniFile, 0644);
$sRedirectUrl = $this->httpRequest->previousPage();
if ($this->file->save($sIniFile, $sData)) {
HeaderUrl::redirect($sRedirectUrl, 'The file content was saved successfully!');
} else {
HeaderUrl::redirect($sRedirectUrl, t('The file content could not be saved!'), 'error');
}
// Check and correct the file permission if necessary.
$this->file->chmod($sIniFile, 0644);
}
public function __construct()
{
parent::__construct();
$sTable = $this->registry->module == 'user' ? 'Members' : 'Affiliates';
$sSessPrefix = $this->registry->module == 'user' ? 'member' : 'affiliate';
if ((new UserCoreModel())->login($this->session->get($sSessPrefix . '_email'), $this->httpRequest->post('password'), $sTable) === 'password_does_not_exist') {
\PFBC\Form::setError('form_delete_account', t('Oops! This password you entered is incorrect.'));
} else {
$sUsername = $this->session->get($sSessPrefix . '_username');
$sMembershipType = $this->registry->module == 'affiliate' ? t('Affiliate') : t('Member');
$this->view->membership = t('Type of Membership: %0%.', $sMembershipType);
$this->view->message = nl2br($this->httpRequest->post('message'));
$this->view->why_delete = t('Due to the deletion of the account: %0%', $this->httpRequest->post('why_delete'));
$this->view->footer_title = t('Information of the user who has deleted their account');
$this->view->email = t('Email: %0%', $this->session->get($sSessPrefix . '_email'));
$this->view->username = t('Username: %0%', $sUsername);
$this->view->first_name = t('First Name: %0%', $this->session->get($sSessPrefix . '_first_name'));
$this->view->sex = t('Sex: %0%', $this->session->get($sSessPrefix . '_sex'));
$this->view->ip = t('User IP: %0%', $this->session->get($sSessPrefix . '_ip'));
$this->view->browser_info = t('Browser info: %0%', $this->session->get($sSessPrefix . '_http_user_agent'));
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/core/delete_account.tpl', DbConfig::getSetting('adminEmail'));
$sMembershipName = $this->registry->module == 'user' ? t('Member') : t('Affiliate');
$aInfo = ['subject' => t('Unregister %0% - User: %1%', $sMembershipName, $sUsername)];
(new Mail())->send($aInfo, $sMessageHtml);
$oUserModel = $this->registry->module == 'user' ? new UserCore() : new AffiliateCore();
$oUserModel->delete($this->session->get($sSessPrefix . '_id'), $sUsername);
unset($oUserModel);
$this->session->destroy();
Header::redirect(Uri::get('user', 'main', 'soon'), t('You delete account is successfully!'));
}
}
public function __construct()
{
parent::__construct();
$oUser = new UserCore();
$oUserModel = new UserCoreModel();
$oExistsModel = new ExistsCoreModel();
$oValidate = new Validate();
$aUserData = json_decode($this->file->getFile('http://api.randomuser.me/?results=' . $this->httpRequest->post('num')), true);
foreach ($aUserData['results'] as $aUser) {
$aUser = $aUser['user'];
$sEmail = trim($aUser['email']);
$sUsername = trim($aUser['username']);
if ($oValidate->email($sEmail) && !$oExistsModel->email($sEmail) && $oValidate->username($sUsername)) {
$aData['username'] = $sUsername;
$aData['email'] = $sEmail;
$aData['first_name'] = $aUser['name']['first'];
$aData['last_name'] = $aUser['name']['last'];
$aData['password'] = $aUser['password'];
$aData['sex'] = $aUser['gender'];
$aData['match_sex'] = array($oUser->getMatchSex($aData['sex']));
$aData['country'] = 'US';
$aData['city'] = $aUser['location']['city'];
$aData['state'] = $aUser['location']['state'];
$aData['zip_code'] = $aUser['location']['zip'];
$aData['birth_date'] = $this->dateTime->get($aUser['dob'])->date('Y-m-d');
$aData['avatar'] = $aUser['picture']['large'];
$aData['ip'] = Ip::get();
$aData['profile_id'] = $oUserModel->add(escape($aData, true));
$this->_addAvatar($aData, $oUser);
}
}
unset($oUser, $oUserModel, $oExistsModel, $oValidate, $aUser, $aData, $aUserData);
\PFBC\Form::setSuccess('form_add_fake_profiles', t('Users has been successfully added.'));
}
public function __construct()
{
parent::__construct();
// Thumbnail
$oImg = new Image($_FILES['thumb']['tmp_name']);
if (!$oImg->validate()) {
\PFBC\Form::setError('form_game', Form::wrongImgFileTypeMsg());
return;
// Stop execution of the method.
}
$sThumbFile = Various::genRnd($oImg->getFileName(), 30) . $oImg->getExt();
$sThumbDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/img/thumb/';
$oImg->square(60);
$oImg->save($sThumbDir . $sThumbFile);
unset($oImg);
// Game
$sGameFile = Various::genRnd($_FILES['file']['name'], 30) . PH7_DOT . $this->file->getFileExt($_FILES['file']['name']);
$sGameDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/file/';
// If the folders is not created (games not installed), yet we will create.
$this->file->createDir(array($sThumbDir, $sGameDir));
if (!@move_uploaded_file($_FILES['file']['tmp_name'], $sGameDir . $sGameFile)) {
\PFBC\Form::setError('form_game', t('Impossible to upload the game. If you are the administrator, please check if the folder of games data has the write permission (CHMOD 755).'));
} else {
$aData = ['category_id' => $this->httpRequest->post('category_id', 'int'), 'name' => $this->httpRequest->post('name'), 'title' => $this->httpRequest->post('title'), 'description' => $this->httpRequest->post('description'), 'keywords' => $this->httpRequest->post('keywords'), 'thumb' => $sThumbFile, 'file' => $sGameFile];
(new GameModel())->add($aData);
/* Clean GameModel Cache */
(new Framework\Cache\Cache())->start(GameModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('game', 'main', 'game', $aData['title'] . ',' . Db::getInstance()->lastInsertId()), t('The game was added successfully!'));
}
}
public function __construct()
{
parent::__construct();
$oBlog = new Blog();
$oBlogModel = new BlogModel();
if (!$oBlog->checkPostId($this->httpRequest->post('post_id'))) {
\PFBC\Form::setError('form_blog', t('The ID of the article is invalid or incorrect.'));
} else {
$aData = ['post_id' => $this->httpRequest->post('post_id'), 'lang_id' => $this->httpRequest->post('lang_id'), 'title' => $this->httpRequest->post('title'), 'content' => $this->httpRequest->post('content', Http::ONLY_XSS_CLEAN), 'slogan' => $this->httpRequest->post('$slogan'), 'tags' => $this->httpRequest->post('tags'), 'page_title' => $this->httpRequest->post('page_title'), 'meta_description' => $this->httpRequest->post('meta_description'), 'meta_keywords' => $this->httpRequest->post('meta_keywords'), 'meta_robots' => $this->httpRequest->post('meta_robots'), 'meta_author' => $this->httpRequest->post('meta_author'), 'meta_copyright' => $this->httpRequest->post('meta_copyright'), 'enable_comment' => $this->httpRequest->post('enable_comment'), 'created_date' => $this->dateTime->get()->dateTime('Y-m-d H:i:s')];
if (!$oBlogModel->addPost($aData)) {
$this->sMsg = t('An error occurred while adding the article.');
} else {
/*** Set the categorie(s) ***/
/**
* WARNING: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant, otherwise the Http::post() method
* removes the special tags and damages the SQL queries for entry into the database.
*/
$iBlogId = Db::getInstance()->lastInsertId();
foreach ($this->httpRequest->post('category_id', Http::ONLY_XSS_CLEAN) as $iCategoryId) {
$oBlogModel->addCategory($iCategoryId, $iBlogId);
}
/*** Set the thumbnail if there's one ***/
$oPost = $oBlogModel->readPost($aData['post_id']);
$oBlog->setThumb($oPost, $this->file);
/* Clean BlogModel Cache */
(new Framework\Cache\Cache())->start(BlogModel::CACHE_GROUP, null, null)->clear();
$this->sMsg = t('Post created successfully!');
}
Header::redirect(Uri::get('blog', 'main', 'read', $this->httpRequest->post('post_id')), $this->sMsg);
}
}
public function __construct()
{
parent::__construct();
/**
* This can cause minor errors (eg if a user sent a file that is not a video).
* So we hide the errors if we are not in development mode.
*/
if (!isDebug()) {
error_reporting(0);
}
// Resizing and saving the video album thumbnail
$oPicture = new Image($_FILES['album']['tmp_name']);
if (!$oPicture->validate()) {
\PFBC\Form::setError('form_video_album', Form::wrongImgFileTypeMsg());
} else {
$iApproved = DbConfig::getSetting('videoManualApproval') == 0 ? '1' : '0';
$sFileName = Various::genRnd($oPicture->getFileName(), 1) . '-thumb.' . $oPicture->getExt();
(new VideoModel())->addAlbum($this->session->get('member_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $sFileName, $this->dateTime->get()->dateTime('Y-m-d H:i:s'), $iApproved);
$iLastAlbumId = (int) Db::getInstance()->lastInsertId();
$oPicture->square(200);
/* Set watermark text on thumbnail */
$sWatermarkText = DbConfig::getSetting('watermarkTextImage');
$iSizeWatermarkText = DbConfig::getSetting('sizeWatermarkTextImage');
$oPicture->watermarkText($sWatermarkText, $iSizeWatermarkText);
$sPath = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'video/file/' . $this->session->get('member_username') . PH7_DS . $iLastAlbumId . PH7_DS;
$this->file->createDir($sPath);
$oPicture->save($sPath . $sFileName);
/* Clean VideoModel Cache */
(new Framework\Cache\Cache())->start(VideoModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('video', 'main', 'addvideo', $iLastAlbumId));
}
}
private function removeThumb($iId)
{
if (!(new Framework\Security\CSRF\Token())->checkUrl()) {
exit(Form::errorTokenMsg());
}
(new Blog())->deleteThumb($iId, 'blog', $this->file);
HeaderUrl::redirect(Uri::get('blog', 'admin', 'edit', $iId), t('The thumbnail has been deleted successfully!'));
}
public function __construct()
{
parent::__construct();
$bStatus = $this->file->save(PH7_PATH_PROTECTED . $this->httpRequest->get('file'), $this->httpRequest->post('content', Http::NO_CLEAN));
$sMsg = $bStatus ? t('The file content was saved successfully!') : t('The file content could not be saved!');
$sMsgType = $bStatus ? 'success' : 'error';
Header::redirect($this->httpRequest->previousPage(), $sMsg, $sMsgType);
}
public function __construct()
{
parent::__construct();
(new AdsCoreModel())->add($_POST['title'], $_POST['code'], 'AdsAffiliates');
/* Clean Model\Design for STATIC data */
(new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear();
Header::redirect(Uri::get('affiliate', 'admin', 'ads'), t('The Advertisements was added successfully!'));
}
public function __construct()
{
parent::__construct();
$sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d');
$aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'middle_name' => $this->httpRequest->post('middle_name'), 'sex' => $this->httpRequest->post('sex'), 'birth_date' => $sBirthDate, 'country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'phone' => $this->httpRequest->post('phone'), 'description' => $this->httpRequest->post('description'), 'website' => $this->httpRequest->post('website'), 'bank_account' => $this->httpRequest->post('bank_account'), 'ip' => Ip::get()];
(new AffiliateModel())->add($aData);
Header::redirect(Uri::get('affiliate', 'admin', 'browse'), t('The affiliate has been successfully added.'));
}
public function __construct()
{
parent::__construct();
$iForumId = $this->httpRequest->get('forum_id', 'int');
$iTopicId = $this->httpRequest->get('topic_id', 'int');
(new ForumModel())->updateTopic($this->session->get('member_id'), $iTopicId, $this->httpRequest->post('title'), $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
Header::redirect(Uri::get('forum', 'forum', 'post', $this->httpRequest->get('forum_name') . ',' . $iForumId . ',' . $this->httpRequest->post('title') . ',' . $iTopicId), t('Your message has been updated successfully!'));
}
public function __construct()
{
parent::__construct();
$sIp = Ip::get();
$oAdminModel = new AdminModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sUsername = $this->httpRequest->post('username');
$sPassword = $this->httpRequest->post('password');
/*** Security IP Login ***/
$sIpLogin = DbConfig::getSetting('ipLogin');
/*** Check if the connection is not locked ***/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isAdminLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxAdminLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginAdminAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Admins')) {
\PFBC\Form::setError('form_admin_login', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
/*** Check Login ***/
$bIsLogged = $oAdminModel->adminLogin($sEmail, $sUsername, $sPassword);
$bIsIpBanned = !empty($sIpLogin) && $sIpLogin !== $sIp;
if (!$bIsLogged || $bIsIpBanned) {
sleep(2);
// Security against brute-force attack to avoid drowning the server and the database
if (!$bIsLogged) {
$oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Incorrect Email, Username or Password', 'Admins');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt('Admins');
}
$this->session->set('captcha_admin_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_admin_login', t('"Email", "Username" or "Password" is Incorrect'));
} elseif ($bIsIpBanned) {
$this->session->set('captcha_admin_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_admin_login', t('Incorrect Login!'));
$oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Bad Ip adress', 'Admins');
}
} else {
$oSecurityModel->clearLoginAttempts('Admins');
$this->session->remove('captcha_admin_enabled');
// Is disconnected if the user is logged on as "user" or "affiliate".
if (UserCore::auth() || AffiliateCore::auth()) {
$this->session->destroy();
}
$iId = $oAdminModel->getId($sEmail, null, 'Admins');
$oAdminData = $oAdminModel->readProfile($iId, 'Admins');
// Regenerate the session ID to prevent the session fixation
$this->session->regenerateId();
$aSessionData = array('admin_id' => $oAdminData->profileId, 'admin_email' => $oAdminData->email, 'admin_username' => $oAdminData->username, 'admin_first_name' => $oAdminData->firstName, 'admin_ip' => $sIp, 'admin_http_user_agent' => $this->browser->getUserAgent(), 'admin_token' => Various::genRnd($oAdminData->email));
$this->session->set($aSessionData);
$oSecurityModel->addLoginLog($sEmail, $sUsername, '*****', 'Logged in!', 'Admins');
$oAdminModel->setLastActivity($oAdminData->profileId, 'Admins');
HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'index'), t('You signup is successfully!'));
}
}
public function __construct()
{
parent::__construct();
$aData = ['id' => $this->httpRequest->get('id', 'int'), 'category_id' => $this->httpRequest->post('category_id', 'int'), 'name' => $this->httpRequest->post('name'), 'title' => $this->httpRequest->post('title'), 'description' => $this->httpRequest->post('description'), 'keywords' => $this->httpRequest->post('keywords')];
(new GameModel())->update($aData);
/* Clean GameModel Cache */
(new Framework\Cache\Cache())->start(GameModel::CACHE_GROUP, null, null)->clear();
Header::redirect(Uri::get('game', 'main', 'index'), t('The game has been updated successfully!'));
}
public function __construct()
{
parent::__construct();
$iAlbumId = (int) $this->httpRequest->get('album_id');
(new PictureModel())->updateAlbum($this->session->get('member_id'), $iAlbumId, $this->httpRequest->post('name'), $this->httpRequest->post('description'), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
/* Clean PictureModel Cache */
(new Framework\Cache\Cache())->start(PictureModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('picture', 'main', 'albums', $this->session->get('member_username'), $iAlbumId), t('Your album has been updated successfully!'));
}
public function __construct()
{
parent::__construct();
$sTable = AdsCore::getTable();
(new AdsCoreModel())->update($this->httpRequest->post('id_ads'), $this->httpRequest->post('title'), $this->httpRequest->post('code', Http::NO_CLEAN), $sTable);
/* Clean Model\Design for STATIC data */
(new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear();
\PFBC\Form::setSuccess('form_update_ads', t('The Advertisements was saved successfully!'));
}
public function __construct()
{
parent::__construct();
$aData = ['name' => $this->httpRequest->post('name'), 'description' => $this->httpRequest->post('description'), 'permissions' => serialize($this->httpRequest->post('perms')), 'price' => $this->httpRequest->post('price'), 'expirationDays' => $this->httpRequest->post('expiration_days'), 'enable' => $this->httpRequest->post('enable')];
(new PaymentModel())->addMembership($aData);
/* Clean UserCoreModel Cache */
(new Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear();
Header::redirect(Uri::get('payment', 'admin', 'membershiplist'), t('The Membership has been added!'));
}
public function __construct()
{
parent::__construct();
$oUserModel = new UserCoreModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sPassword = $this->httpRequest->post('password');
/** Check if the connection is not locked **/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isUserLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxUserLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginUserAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view)) {
\PFBC\Form::setError('form_login_user', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
// Check Login
$sLogin = $oUserModel->login($sEmail, $sPassword);
if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
if ($sLogin === 'email_does_not_exist') {
$this->session->set('captcha_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_login_user', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
$oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username');
} elseif ($sLogin === 'password_does_not_exist') {
$oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt();
}
$this->session->set('captcha_enabled', 1);
// Enable Captcha
$sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
$sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
$sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'user'));
\PFBC\Form::setError('form_login_user', $sWrongPwdTxt);
}
} else {
$oSecurityModel->clearLoginAttempts();
$this->session->remove('captcha_enabled');
$iId = $oUserModel->getId($sEmail);
$oUserData = $oUserModel->readProfile($iId);
if ($this->httpRequest->postExists('remember')) {
// We hash again the password
(new Framework\Cookie\Cookie())->set(array('member_remember' => Security::hashCookie($oUserData->password), 'member_id' => $oUserData->profileId));
}
$oUser = new UserCore();
if (true !== ($mStatus = $oUser->checkAccountStatus($oUserData))) {
\PFBC\Form::setError('form_login_user', $mStatus);
} else {
$oUser->setAuth($oUserData, $oUserModel, $this->session);
Header::redirect(Uri::get('user', 'account', 'index'), t('You are successfully logged!'));
}
}
}
/**
* If a user is logged, get the relative 'user_sex' and 'match_sex' for better and more intuitive search.
*
* @param object \PH7\UserCoreModel $oUserModel
* @param object \PH7\Framework\Session\Session $oSession
* @return array The 'user_sex' and 'match_sex'
*/
protected static function getGenderVals(UserCoreModel $oUserModel, Session $oSession)
{
$sUserSex = 'male';
$aMatchSex = ['male', 'female', 'couple'];
if (UserCore::auth()) {
$sUserSex = $oUserModel->getSex($oSession->get('member_id'));
$aMatchSex = Form::getVal($oUserModel->getMatchSex($oSession->get('member_id')));
}
return ['user_sex' => $sUserSex, 'match_sex' => $aMatchSex];
}
public function __construct()
{
parent::__construct();
if (!$this->str->equals($this->httpRequest->post('code', Http::NO_CLEAN), (new Design())->analyticsApi(false, false))) {
(new Framework\Mvc\Model\Analytics())->updateApi($this->httpRequest->post('code', Http::NO_CLEAN));
/* Clean Model\Design for STATIC / analyticsApi data */
(new Framework\Cache\Cache())->start(Design::CACHE_STATIC_GROUP, 'analyticsApi', null)->clear();
}
\PFBC\Form::setSuccess('form_analytics', t('The code Analytics Api was saved successfully!'));
}
public function __construct()
{
parent::__construct();
if (!$this->str->equals($this->httpRequest->post('code', Http::NO_CLEAN), (new Design())->customCode('js'))) {
(new AdminModel())->updateCustomCode($this->httpRequest->post('code', Http::NO_CLEAN), 'js');
/* Clean Model\Design for STATIC / customCodejs data */
(new Framework\Cache\Cache())->start(Design::CACHE_STATIC_GROUP, 'customCodejs', null)->clear();
}
\PFBC\Form::setSuccess('form_script', t('Your JS code was saved successfully!'));
}
public function __construct()
{
parent::__construct();
$sTable = AdsCore::getTable();
(new AdsCoreModel())->add($this->httpRequest->post('title'), $this->httpRequest->post('code', Http::NO_CLEAN), $sTable);
/* Clean AdminCoreModel Ads and Model\Design for STATIC data */
(new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear()->start(AdsCoreModel::CACHE_GROUP, 'totalAds', null)->clear()->start(AdsCoreModel::CACHE_GROUP, 'totalAdsAffiliates', null)->clear();
$sSlug = AdsCore::getTable() == 'AdsAffiliates' ? 'affiliate' : '';
HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'setting', 'ads', $sSlug), t('The Advertisement was added successfully!'));
}
public function __construct()
{
parent::__construct();
$sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d');
$aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'middle_name' => $this->httpRequest->post('middle_name'), 'sex' => $this->httpRequest->post('sex'), 'match_sex' => $this->httpRequest->post('match_sex'), 'birth_date' => $sBirthDate, 'country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'description' => $this->httpRequest->post('description'), 'website' => $this->httpRequest->post('website'), 'social_network_site' => $this->httpRequest->post('social_network_site'), 'ip' => Ip::get()];
$iProfileId = (new UserCoreModel())->add($aData);
if (!empty($_FILES['avatar']['tmp_name'])) {
(new UserCore())->setAvatar($iProfileId, $aData['username'], $_FILES['avatar']['tmp_name'], 1);
}
Header::redirect(Uri::get(PH7_ADMIN_MOD, 'user', 'browse'), t('The user has been successfully added.'));
}