Пример #1
0
 /**
  * Saves the user edit tab postdata into the tab's permanent storage
  * @param  moscomprofilerTab   $tab       the tab database entry
  * @param  moscomprofilerUser  $user      the user being displayed
  * @param  int                 $ui        1 for front-end, 2 for back-end
  * @param  array               $postdata  _POST data for saving edited tab content as generated with getEditTab
  * @return mixed                          either string HTML for tab content, or false if ErrorMSG generated
  */
 function saveEditTab($tab, &$user, $ui, $postdata)
 {
     global $my, $_CB_framework, $_POST, $mainframe;
     // $mainframe needed by the require
     if (intval($_CB_framework->myId()) < 1) {
         cbNotAuth();
         return;
     }
     if (!$this->_CheckYancInstalled()) {
         return;
     }
     require_once $_CB_framework->getCfg('absolute_path') . _NEWSLETTERFILE;
     $newslettersSubscriptions = new YancSubscription();
     $lists = cbGetParam($_POST, 'newsLitems', array(0));
     $html = cbGetParam($_POST, 'newsLhtml', 0);
     $subscribemessage = !($ui == 2 && $user->approved && $user->confirmed);
     $result = $newslettersSubscriptions->saveMassSubscribe($user, $lists, $html, $subscribemessage);
     if ($result) {
         $this->_setErrorMSG($result);
     }
 }
 /**
  * Displays specific plans
  *
  * @param  int[]|null   $plans
  * @param  int[]|null   $plansToPreselect
  * @param  UserTable    $user
  * @param  string       $introText
  * @return null|string
  */
 public static function displaySpecificPlans($plans, $plansToPreselect, $user, $introText)
 {
     global $_CB_framework, $_PLUGINS, $ueConfig;
     $return = '';
     $subscriptionsGUI = new cbpaidControllerUI();
     if (is_array($plans) && count($plans) == 0) {
         $return .= '<div class="message">' . _UE_NOT_AUTHORIZED . ($user === null ? ' ' . _UE_DO_LOGIN : '') . '</div>';
     } else {
         $subscriptionsGUI->setShowOnlyPlans($plans);
         $subscriptionsGUI->setSelectedPlans($plansToPreselect);
         if ($user === null) {
             // Show registration form:
             if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1')) {
                 cbNotAuth();
                 return null;
             }
             if ($_CB_framework->myId()) {
                 $return .= '<div class="error">' . _UE_ALREADY_LOGGED_IN . '</div>';
                 return self::displayWithTemplate($return);
             }
             $fieldsQuery = null;
             $_PLUGINS->loadPluginGroup('user');
             $_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin');
             $regErrorMSG = null;
             $results = $_PLUGINS->trigger('onBeforeRegisterForm', array('com_comprofiler', isset($ueConfig['emailpass']) ? $ueConfig['emailpass'] : '******', &$regErrorMSG, $fieldsQuery));
             if ($_PLUGINS->is_errors()) {
                 $return .= "<script type=\"text/javascript\">alert('" . addslashes($_PLUGINS->getErrorMSG(" ; ")) . "'); </script>\n";
                 $return .= $_PLUGINS->getErrorMSG("<br />");
                 return self::displayWithTemplate($return);
             }
             if (implode('', $results) != "") {
                 $allResults = implode("</div><div>", $results);
                 $return .= "<div>" . $allResults . "</div>";
                 return self::displayWithTemplate($return);
             }
             $loginOrRegister = CBPTXT::Th(cbpaidApp::settingsParams()->get('plansLoginOrRegisterText', "If you already have an account, please login first. Otherwise you need to register using this form."));
             $userComplete = new UserTable();
             $option = 'com_comprofiler';
             $emailpass = isset($ueConfig['emailpass']) ? $ueConfig['emailpass'] : '******';
             $regErrorMSG = $loginOrRegister . ' ' . $introText;
             ob_start();
             $null = null;
             HTML_comprofiler::registerForm($option, $emailpass, $userComplete, $null, $regErrorMSG, true);
             $return .= ob_get_contents();
             ob_end_clean();
         } else {
             // User logged in: Show upgrade form:
             $itsmyself = true;
             $params = cbpaidApp::settingsParams();
             $subTxt = CBPTXT::T($params->get('subscriptions_name', 'subscriptions'));
             $title = ucfirst($subTxt);
             if ($title) {
                 $return .= '<div class="contentheading" id="cbregProfileTitle">' . $title . "</div>\n";
             }
             if ($introText) {
                 $return .= '<div class="contentpane">' . $introText . '</div>';
             }
             $return .= $subscriptionsGUI->getShowSubscriptionUpgrades($user, $itsmyself);
         }
         $subscriptionsGUI->setShowOnlyPlans(null);
     }
     return self::displayWithTemplate($return);
 }
Пример #3
0
function processConnectionActions($connectionids) {
	global $_CB_framework, $ueConfig, $_POST;

	// simple spoof check security
	cbSpoofCheck( 'manageConnections' );

	if(!$ueConfig['allowConnections']) {
		echo _UE_FUNCTIONALITY_DISABLED;
		return;
	}
	if ( ! ( $_CB_framework->myId() > 0 ) ) {
		cbNotAuth();
		return;
	}
	$cbCon	=	new cbConnection( $_CB_framework->myId() );

	if (is_array($connectionids)) {
		foreach($connectionids AS $cid) {
			$action		=	cbGetParam( $_POST, $cid . 'action' );
			if ( $action== 'd' ) {
				$cbCon->denyConnection( $_CB_framework->myId(), $cid );
			} elseif ( $action == 'a' ) {
				$cbCon->acceptConnection( $_CB_framework->myId(), $cid );
			}
		}
	}
	$error				=	$cbCon->getErrorMSG();
	if ( $error ) {
		cbRedirect( cbSef( 'index.php?option=com_comprofiler&amp;task=manageConnections' . getCBprofileItemid(), false ), $error, 'error' );
	} else {
		cbRedirect( cbSef( 'index.php?option=com_comprofiler&amp;task=manageConnections' . getCBprofileItemid(), false ),
							( is_array($connectionids) ) ? _UE_CONNECTIONACTIONSSUCCESSFULL : null );
	}
	return;
}
Пример #4
0
/**
 * @param string $option
 */
function saveRegistrationNOCHECKSLOL($option)
{
    global $_CB_framework, $_CB_database, $ueConfig, $_POST, $_PLUGINS;
    // Check rights to access:
    if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1') || $_CB_framework->myId()) {
        cbNotAuth();
        return;
    }
    if (!isset($ueConfig['emailpass'])) {
        $ueConfig['emailpass'] = '******';
    }
    $userComplete = new moscomprofilerUser($_CB_database);
    // Pre-registration trigger:
    $_PLUGINS->loadPluginGroup('user');
    $_PLUGINS->trigger('onStartSaveUserRegistration', array());
    if ($_PLUGINS->is_errors()) {
        echo "<script type=\"text/javascript\">alert('" . addslashes($_PLUGINS->getErrorMSG()) . "'); </script>\n";
        $oldUserComplete = new moscomprofilerUser($_CB_database);
        $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG("<br />"));
        return;
    }
    // Check if this user already registered with exactly this username and password:
    $username = cbGetParam($_POST, 'username', '');
    $usernameExists = $userComplete->loadByUsername($username);
    if ($usernameExists) {
        $password = cbGetParam($_POST, 'password', '', _CB_ALLOWRAW);
        if ($userComplete->verifyPassword($password)) {
            $pwd_md5 = $userComplete->password;
            $userComplete->password = $password;
            $messagesToUser = activateUser($userComplete, 1, 'SameUserRegistrationAgain');
            $userComplete->password = $pwd_md5;
            echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n";
            return;
        } else {
            $msg = sprintf(_UE_USERNAME_ALREADY_EXISTS, $username);
            echo "<script type=\"text/javascript\">alert('" . addslashes($msg) . "'); </script>\n";
            $oldUserComplete = new moscomprofilerUser($_CB_database);
            $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
            HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, htmlspecialchars($msg));
            return;
        }
    }
    // Store and check terms and conditions accepted (not a field yet !!!!):
    if (isset($_POST['acceptedterms'])) {
        $userComplete->acceptedterms = (int) cbGetParam($_POST, 'acceptedterms', 0) == 1 ? 1 : 0;
    } else {
        $userComplete->acceptedterms = null;
    }
    if ($ueConfig['reg_enable_toc']) {
        if ($userComplete->acceptedterms != 1) {
            echo "<script type=\"text/javascript\">alert('" . addslashes(cbUnHtmlspecialchars(_UE_TOC_REQUIRED)) . "'); </script>\n";
            $oldUserComplete = new moscomprofilerUser($_CB_database);
            $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
            HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, _UE_TOC_REQUIRED . '<br />');
            return;
        }
    }
    // Set id to 0 for autoincrement and store IP address used for registration:
    $userComplete->id = 0;
    $userComplete->registeripaddr = cbGetIPlist();
    // Store new user state:
    $saveResult = $userComplete->saveSafely($_POST, $_CB_framework->getUi(), 'register');
    if ($saveResult === false) {
        echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n";
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
        return;
    }
    if ($saveResult['ok'] === true) {
        $messagesToUser = activateUser($userComplete, 1, "UserRegistration");
    }
    foreach ($saveResult['tabs'] as $res) {
        if ($res) {
            $messagesToUser[] = $res;
        }
    }
    if ($saveResult['ok'] === false) {
        echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n";
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
        return;
    }
    $_PLUGINS->trigger('onAfterUserRegistrationMailsSent', array(&$userComplete, &$userComplete, &$messagesToUser, $ueConfig['reg_confirmation'], $ueConfig['reg_admin_approval'], true));
    foreach ($saveResult['after'] as $res) {
        if ($res) {
            echo "\n<div>" . $res . "</div>\n";
        }
    }
    if ($_PLUGINS->is_errors()) {
        echo $_PLUGINS->getErrorMSG();
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG());
        return;
    }
    echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n";
}
	/**
	 * WARNING: UNCHECKED ACCESS! On purpose unchecked access for M2M operations
	 * Generates the HTML to display for a specific component-like page for the tab. WARNING: unchecked access !
	 * @param  TabTable|null  $tab       the tab database entry
	 * @param  UserTable      $user      the user being displayed
	 * @param  int            $ui        1 for front-end, 2 for back-end
	 * @param  array          $postdata  _POST data for saving edited tab content as generated with getEditTab
	 * @return mixed                     either string HTML for tab content, or false if ErrorMSG generated
	 */
	public function getTabComponent( /** @noinspection PhpUnusedParameterInspection */ $tab, $user, $ui, $postdata ) {
		global $_CB_database, $_CB_framework, $_POST;

		$return								=	'';
		$paid								=	false;

		$oldignoreuserabort = ignore_user_abort(true);

		$allowHumanHtmlOutput				=	true;			// this will be reverted in case of M2M server-to-server notifications

		$act								=	$this->base->_getReqParam( 'act' );
		$actPosted							=	isset($_POST[$this->base->_getPagingParamName('act')]);

		if ( $act === null ) {
			$act							=	$this->base->input( 'act', null, GetterInterface::COMMAND );
			$actPosted						=	$this->base->input( 'post/act', null, GetterInterface::COMMAND ) !== null;
		}

		$post_user_id						=	(int) cbGetParam( $_GET, 'user', 0 );

		if ( $actPosted && ( $post_user_id > 0 ) ) {
			$access							=	false;
			$myId							=	$_CB_framework->myId();
			if ( is_object( $user ) ) {
				if ( $myId == 0 ) {
					if ( in_array( $act, array( 'saveeditinvoiceaddress', 'saveeditbasketintegration', 'showbskt' ) ) ) {
						$access				=	true;
					} else {
						$paidsubsManager	=&	cbpaidSubscriptionsMgr::getInstance();
						if ( ! $paidsubsManager->checkExpireMe( __FUNCTION__, $user->id, false ) ) {
							// expired subscriptions: we will allow limited access to:
							if ( in_array( $act, array( 'upgrade', 'pay', 'reactivate', 'resubscribe', 'display_subscriptions' ) ) ) {
								$access		=	true;
							}
						}
					}
				} else {
					if ( ( $ui == 1 && ( $user->id == $myId ) )
						||	 ( cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionmanage' ) ) ) {
						$access				=	true;
					}
				}
			} else {
				$return						=	CBPTXT::T("User does not exist") . '.';
			}
			if ( ! $access ) {
				$return						.=	'<br />' . CBPTXT::T("Not authorized action") . '.';
				return $return;
			}

			cbSpoofCheck( 'plugin' );		// anti-spoofing check


			// renew or upgrade subscription payment form:
			$params							=	$this->params;
			$now							=	$_CB_framework->now();
			$subscriptionsGUI				=	new cbpaidControllerUI();
			$subscriptionIds				=	$subscriptionsGUI->getEditPostedBoxes( 'id' );

			if ( $subscriptionIds == array( 0 ) ) {
				$subscriptionIds			=	array();
			}
			if ( $post_user_id && ( $user->id == $post_user_id ) ) {
				outputCbTemplate();
				$this->base->outputRegTemplate();
				outputCbJs();
				switch ( $act ) {
					case 'upgrade':		// upgrade an existing subscription
						// display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present:
						$chosenPlans		=	$subscriptionsGUI->getAndCheckChosenUpgradePlans( $postdata, $user, $now );
						if ( ( ! is_array( $chosenPlans ) ) || ( count( $chosenPlans ) == 0 ) ) {
							$subTxt			=	CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
							$return			.=	( is_string( $chosenPlans ) ? $chosenPlans . '<br />' : '' )
								.	sprintf( CBPTXT::Th("Please press back button and select the %s plan to which you would like to upgrade."), $subTxt );
							break;
						}
						$introText			=	CBPTXT::Th( $params->get( 'intro_text_upgrade', null ) );
						//TBD: check if already exists (reload protection):
						$paymentBasket		=	cbpaidControllerOrder::createSubscriptionsAndPayment( $user, $chosenPlans, $postdata, $subscriptionIds, null, 'R', CBPTXT::T("Upgrade"), 'U' );
						if ( is_object( $paymentBasket ) ) {
							$return			=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
						} else {
							$return			=	$paymentBasket;		// show messages as nothing to pay.
						}
						break;
					case 'pay':			// pay for an unpaid subscription
						// display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present:
						$plan				=	$this->base->_getReqParam( 'plan' );
						if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
							$subTxt			=	CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
							$return			.=	sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
							break;
						}
						$plansMgr			=&	cbpaidPlansMgr::getInstance();
						$chosenPlans		=	array();
						$chosenPlans[(int) $plan]		=	$plansMgr->loadPlan( (int) $plan );
						$introText			=	CBPTXT::Th( $params->get( 'intro_text', null ) );
						$paymentStatus		=	null;
						$return				=	cbpaidControllerOrder::showPaymentForm( $user, $chosenPlans, $introText, $subscriptionIds, $paymentStatus );
						break;
					case 'renew':		// renew a still valid subscription
					case 'reactivate':	// reactivate an expired subscription
					case 'resubscribe':	// resubscribe a cancelled subscription
						// display basket and payment buttons or redirect for payment depending if multiple payment choices or intro text present:
						$plan				=	$this->base->_getReqParam( 'plan' );
						if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
							$subTxt			=	CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
							$return			.=	sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
							break;
						}
						$plansMgr			=&	cbpaidPlansMgr::getInstance();
						$chosenPlans		=	array();
						$chosenPlans[(int) $plan]		=	$plansMgr->loadPlan( (int) $plan );

						$paidSomethingMgr	=&	cbpaidSomethingMgr::getInstance();
						$subscription		=	$paidSomethingMgr->loadSomething( $subscriptionIds[$plan][0], $subscriptionIds[$plan][1] );
						global $_PLUGINS;
						$_PLUGINS->loadPluginGroup( 'user', 'cbsubs.' );
						$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin');
						$_PLUGINS->trigger( 'onCPayAfterPlanRenewalSelected', array( &$chosenPlans[(int) $plan], &$subscription, $act ) );
						if ( $_PLUGINS->is_errors() ) {
							$return			.=	$_PLUGINS->getErrorMSG();
							break;
						}

						$introText			=	CBPTXT::Th( $params->get( 'intro_text_renew', null ) );
						//TBD: check if already exists (reload protection):
						$paymentBasket		=	cbpaidControllerOrder::createSubscriptionsAndPayment( $user, $chosenPlans, $postdata, $subscriptionIds, null, null, CBPTXT::T("Renew"), 'R' );
						if ( is_object( $paymentBasket ) ) {
							$return			=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
						} else {
							$return			=	$paymentBasket;		// show messages as nothing to pay.
						}
						break;
					case 'unsubscribe':	// request to unsubscribe an active subscription
						// display unsubscribe confirmation form:
						$plan				=	$this->base->_getReqParam( 'plan' );
						if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
							$subTxt			=	CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
							$return			.=	sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
							break;
						}
						$introText			=	CBPTXT::Th( $params->get( 'unsubscribe_intro_text' , null ) );
						$return				=	$subscriptionsGUI->showUnsubscribeForm( $user, $introText, (int) $plan, (int) $subscriptionIds[$plan][1] );

						break;
					case 'confirm_unsubscribe':	// confirm previous request to unsubscribe an active subscription
						// unsubscribe confirmed:
						$plan				=	$this->base->_getReqParam( 'plan' );
						if ( ( ! $plan ) || ( ! isset( $subscriptionIds[$plan] ) ) || ( ! $subscriptionIds[$plan] ) ) {
							$subTxt			=	CBPTXT::T( $params->get( 'subscription_name', 'subscription' ) );
							$return			.=	sprintf( CBPTXT::Th("Please press back button and select a %s plan."), $subTxt );
							break;
						}
						if ( ( $plan ) && ( count( $subscriptionIds ) == 1 ) ) {
							$unsubscribeConfText =	CBPTXT::Th( $params->get( 'unsubscribe_confirmation_text', null ) );
							$return			=	cbpaidControllerOrder::doUnsubscribeConfirm( $user, $unsubscribeConfText, (int) $plan, (int) $subscriptionIds[$plan][1] );
						}
						break;
					case 'display_subscriptions':
						// unsubscribe cancelled: display subscriptions:
						$return				=	$this->base->displayUserTab( $user );
						break;
					case 'showinvoice':
						// shows a particular user invoice:
						if ( $params->get( 'show_invoices', 1 ) ) {
							$invoiceNo		=	$this->base->_getReqParam( 'invoice' );
							$return			=	$this->showInvoice( $invoiceNo, $user );
						}
						break;
					case 'saveeditinvoiceaddress':
					case 'editinvoiceaddress':		// this is the case of reload of invoicing address
						$invoicingAddressQuery		=	$params->get( 'invoicing_address_query' );
						if ( $invoicingAddressQuery > 0 ) {
							$basketId				=	$this->base->_getReqParam( 'basket', 0 );
							$hashToCheck			=	$this->base->_getReqParam( 'bck' );
							$paymentBasket			=	new cbpaidPaymentBasket( $_CB_database );
							if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
								if ( ( $act == 'saveeditinvoiceaddress' ) && $this->base->input( 'actbutton', null, GetterInterface::COMMAND ) ) {				// IE7-8 will return text instead of value and IE6 will return button all the time http://www.dev-archive.net/articles/forms/multiple-submit-buttons.html
									$return			=	$paymentBasket->saveInvoicingAddressForm( $user );
									if ( $return === null ) {
										$paymentBasket->storeInvoicingDefaultAddress();
										$introText	=	CBPTXT::Th( $params->get( 'intro_text', null ) );
										$return		.=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
									}
								} else {
									// invoice has reloaded itself (e.g. for country change):
									$return			=	$paymentBasket->renderInvoicingAddressForm( $user );
								}
							} else {
								$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
							}
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						}

						break;
					case 'saverecordpayment':
					case 'editrecordpayment':		// this is the case of reload of the form
						$basketId				=	$this->base->_getReqParam( 'basket', 0 );
						$hashToCheck			=	$this->base->_getReqParam( 'bck' );
						$paymentBasket			=	new cbpaidPaymentBasket( $_CB_database );
						if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status != 'Completed' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
							if ( $paymentBasket->authoriseAction( 'cbsubs.recordpayments' ) ) {
								if ( ( $act == 'saverecordpayment' ) && $this->base->input( 'actbutton', null, GetterInterface::COMMAND ) ) {				// IE7-8 will return text instead of value and IE6 will return button all the time http://www.dev-archive.net/articles/forms/multiple-submit-buttons.html
									$return			=	cbpaidRecordBasketPayment::saveRecordPayment( $paymentBasket->id );
									if ( $return === null ) {
										$return		.=	CBPTXT::T("Payment recorded.")
											.	' <a href="' . $_CB_framework->userProfileUrl( $paymentBasket->user_id, true ) . '">'
											.	CBPTXT::Th("View user profile")
											.	'</a>';
									}
								} else {
									// invoice has reloaded itself (e.g. for country change):
									$return			=	cbpaidRecordBasketPayment::displayRecordPaymentForm( $paymentBasket->id );
								}
							} else {
								$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
							}
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
						}

						break;

					default:
						cbNotAuth();
						return '';
						break;
				}
			}

		} elseif ( $this->base->_getReqParam( 'account' ) && ( ( (int) cbGetParam( $_GET, 'user', 0 ) ) > 0 ) ) {

			$account					=	$this->base->_getReqParam( 'account' );
			$post_user_id				=	(int) cbGetParam( $_GET, 'user', 0 );
			$user						=	CBuser::getUserDataInstance( (int) $post_user_id );
			if ( $user->id ) {
				if ( isset( $_SESSION['cbsubs']['expireduser'] ) && ( $_SESSION['cbsubs']['expireduser'] == $user->id ) ) {
					// expired subscriptions of membership: show possibilities:
					$subscriptionsGUI		=	new cbpaidControllerUI();

					outputCbTemplate();
					$this->base->outputRegTemplate();
					outputCbJs();

					switch ( $account ) {
						case 'expired':
							$paidsubsManager		=&	cbpaidSubscriptionsMgr::getInstance();
							if ( ! $paidsubsManager->checkExpireMe( __FUNCTION__, $user->id, false ) ) {
								// no valid membership:
								$return				=	$subscriptionsGUI->getShowSubscriptionUpgrades( $user, true );
							}

							break;
						default:
							break;
					}
				} else {
					$return					=	CBPTXT::Th("Browser cookies must be enabled.");
				}
			}

		} elseif ( in_array( $act, array( 'setbsktpmtmeth', 'setbsktcurrency' ) ) ) {

			cbSpoofCheck( 'plugin' );		// anti-spoofing check
			$params							=	$this->params;
			outputCbTemplate();
			$this->base->outputRegTemplate();
			outputCbJs();

			$basketId				=	$this->base->_getReqParam( 'bskt', 0 );
			$hashToCheck			=	$this->base->_getReqParam( 'bck' );

			$paymentBasket			=	new cbpaidPaymentBasket( $_CB_database );
			if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {

				switch ( $act ) {
					case 'setbsktpmtmeth':
						if ( $params->get( 'payment_method_selection_type' ) == 'radios' ) {
							$chosenPaymentMethod	=	cbGetParam( $_POST, 'payment_method' );
							$introText				=	CBPTXT::Th( $params->get( 'intro_text', null ) );
							$return					=	$paymentBasket->saveBasketPaymentMethodForm( $user, $introText, $chosenPaymentMethod );
							if ( $return === null ) {
								$return				.=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
							}
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						}
						break;

					case 'setbsktcurrency':
						if ( $params->get( 'allow_select_currency', '0' ) ) {
							$newCurrency			=	cbGetParam( $_POST, 'currency' );
							if ( $newCurrency ) {
								if ( in_array( $newCurrency, cbpaidControllerPaychoices::getInstance()->getAllCurrencies() ) ) {
									$paymentBasket->changeCurrency( $newCurrency );
								} else {
									$this->base->_setErrorMSG( CBPTXT::T("This currency is not allowed") );
								}
								$introText			=	CBPTXT::Th( $params->get( 'intro_text', null ) );
								$return				.=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
							} else {
								$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
							}
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Changes of currency of orders are not authorized") );
						}
						break;

					default:
						cbNotAuth();
						return '';
						break;
				}

			} else {
				$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
			}

		} elseif ( $act == 'cbsubsclass' ) {

			$pluginName						=	$this->base->_getReqParam( 'class' );
			if ( preg_match( '/^[a-z]+$/', $pluginName ) ) {
				$element					=	'cbsubs.' . $pluginName;
				global $_PLUGINS;
				$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin', $element );
				$loadedPlugins				=&	$_PLUGINS->getLoadedPluginGroup( 'user/plug_cbpaidsubscriptions/plugin' );
				$params						=	$this->params;
				foreach ($loadedPlugins as $p ) {
					if ( $p->element == $element ) {
						$pluginId			=	$p->id;
						$args				=	array( &$user, &$params, &$postdata );
						/** @noinspection PhpUndefinedCallbackInspection */
						$return				=	$_PLUGINS->call( $pluginId, 'executeTask', 'getcbsubs' . $pluginName . 'Tab', $args, null );
						break;
					}
				}
			}

		} elseif ( $act && ( ! in_array( $act, array( 'showbskt', 'setbsktpmtmeth' ) ) ) && ( ( (int) cbGetParam( $_GET, 'user', 0 ) ) > 0 ) ) {

			if ( ! is_object( $user ) ) {
				return CBPTXT::T("User does not exist.");
			}

			$params								=	$this->params;

			$post_user_id						=	(int) cbGetParam( $_GET, 'user', 0 );
			if ( $post_user_id && ( ( $user->id == $post_user_id ) || ( cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionmanage' ) ) ) ) {

				outputCbTemplate();
				$this->base->outputRegTemplate();
				outputCbJs();

				switch ( $act ) {
					case 'showinvoice':
						if ( $params->get( 'show_invoices', 1 ) ) {
							$invoiceNo			=	$this->base->_getReqParam( 'invoice', 0 );
							// This also checks for cbpaidApp::authoriseAction on cbsubs.sales or cbsubs.financial access permissions:
							$return				=	$this->showInvoice( $invoiceNo, $user );
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						}
						break;
					case 'showinvoiceslist':
						$showInvoices			=	$params->get( 'show_invoices', 1 );
						$invoicesShowPeriod		=	$params->get( 'invoices_show_period', '0000-06-00 00:00:00' );
						$itsmyself				=	( $_CB_framework->myId() == $user->id );
						if ( $showInvoices && ( $itsmyself || ( cbpaidApp::authoriseAction( 'cbsubs.sales' ) || cbpaidApp::authoriseAction( 'cbsubs.financial' ) ) ) ) {
							$subscriptionsGUI	=	new cbpaidControllerUI();
							$invoices			=	$this->_getInvoices( $user, $invoicesShowPeriod, false );

							if ( $invoicesShowPeriod && ( $invoicesShowPeriod != '0000-00-00 00:00:00' ) ) {
								$cbpaidTimes	=&	cbpaidTimes::getInstance();
								$periodText		=	$cbpaidTimes->renderPeriod( $invoicesShowPeriod, 1, false );
							} else {
								$periodText		=	'';
							}
							$return				.=	$subscriptionsGUI->showInvoicesList( $invoices, $user, $itsmyself, $periodText );
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						}
						break;
					case 'editinvoiceaddress':			// this is the case of the initial edit address link
						if ( $params->get( 'invoicing_address_query' ) > 0 ) {
							$basketId			=	$this->base->_getReqParam( 'basket', 0 );
							$hashToCheck		=	$this->base->_getReqParam( 'bck' );
							$paymentBasket		=	new cbpaidPaymentBasket( $_CB_database );
							if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
								$return			=	$paymentBasket->renderInvoicingAddressForm( $user );
							} else {
								$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
							}
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						}
						break;
					case 'showrecordpayment':
						$paymentBasketId		=	$this->base->_getReqParam( 'recordpayment', 0 );
						if ( $paymentBasketId ) {
							$paymentBasket		=	new cbpaidPaymentBasket();
							if ( $paymentBasket->load( (int) $paymentBasketId ) && $paymentBasket->authoriseAction( 'cbsubs.recordpayments' ) ) {
								// Auto-loads class: and authorization is checked inside:
								$return				=	cbpaidRecordBasketPayment::displayRecordPaymentForm( $paymentBasketId );
							} else {
								$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
							}
						} else {
							$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						}
						break;
					default:
						$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
						break;
				}
			}

		} elseif ( $act == 'showbskt' && ( ( ( (int) cbGetParam( $_GET, 'user', 0 ) ) > 0 ) ) || ( $this->base->_getReqParam( 'bskt', 0 ) && $this->base->_getReqParam( 'bck' ) ) ) {

			$basketId			=	$this->base->_getReqParam( 'bskt', 0 );
			$hashToCheck		=	$this->base->_getReqParam( 'bck' );

			// Basket integrations saving/editing url:
			if ( in_array($act, array( 'saveeditbasketintegration', 'editbasketintegration' ) ) ) {		// edit is the case of edit or reload of integration form
				$integration			=	$this->base->_getReqParam( 'integration' );
				$paymentBasket			=	new cbpaidPaymentBasket( $_CB_database );
				if ( preg_match( '/^[a-z]+$/', $integration ) && $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) && ( $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) ) ) {
					global $_PLUGINS;
					$element			=	'cbsubs.' . $integration;
					$_PLUGINS->loadPluginGroup('user/plug_cbpaidsubscriptions/plugin', $element );
					$results		=	$_PLUGINS->trigger( 'onCPayEditBasketIntegration', array( $integration, $act, &$paymentBasket ) );
					$return			=	null;
					foreach ( $results as $r ) {
						if ( $r ) {
							$return	.=	$r;
						}
					}
					if ( $act == 'editbasketintegration' ) {
						if ( $return !== null ) {
							return $return;
						}
					}
				} else {
					$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
				}
			}


			$post_user_id							=	(int) cbGetParam( $_GET, 'user', 0 );
			if ( $post_user_id && ! ( ( is_object( $user ) && ( $user->id == $post_user_id ) ) ) ) {
				return CBPTXT::T("User does not exist.");
			}

			outputCbTemplate();
			$this->base->outputRegTemplate();
			outputCbJs();
			$params				=	$this->params;

			$paymentBasket		=	new cbpaidPaymentBasket( $_CB_database );
			if ( $basketId && $paymentBasket->load( (int) $basketId ) && ( $paymentBasket->payment_status == 'NotInitiated' ) ) {
				if ( ! $post_user_id ) {
					$cbUser		=&	CBuser::getInstance( (int) $paymentBasket->user_id );
					$user		=&	$cbUser->getUserData();
					if ( ( ! is_object( $user ) ) || ! $user->id ) {
						return CBPTXT::T("User does not exist.");
					}
				}
				if ( ( $hashToCheck && $hashToCheck == $paymentBasket->checkHashUser( $hashToCheck ) )
					|| ( ( ! $hashToCheck ) && $paymentBasket->user_id && ( $paymentBasket->user_id == $_CB_framework->myId() ) ) )
				{
					$introText	=	CBPTXT::Th( $params->get( 'intro_text', null ) );
					$return		.=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
				} else {
					$this->base->_setErrorMSG( CBPTXT::T("Not authorized action") );
				}
			} else {
				$this->base->_setErrorMSG( CBPTXT::T("No unpaid payment basket found.") );
			}

			//	} elseif ( isset($_REQUEST['result']) && isset( $_REQUEST['user'] ) && ( $_REQUEST['user'] > 0 ) ) {
		} elseif ( isset($_REQUEST['result']) && ( $this->base->_getReqParam('method') || $this->base->_getReqParam('gacctno') ) ) {

			// don't check license here so initiated payments can complete !

			$params				=	$this->params;

			$method				=	$this->base->_getReqParam('method');

			if ( ( $method == 'freetrial' ) || ( $method == 'cancelpay' ) ) {
				cbpaidApp::import( 'processors.freetrial.freetrial' );
				cbpaidApp::import( 'processors.cancelpay.cancelpay' );
				$className		=	'cbpaidGatewayAccount' . $method;
				$payAccount		=	new $className( $_CB_database );
			} else {
				$gateAccount	=	$this->base->_getReqParam('gacctno');

				$payAccount		=	cbpaidControllerPaychoices::getInstance()->getPayAccount( $gateAccount );
				if ( ! $payAccount ) {
					return '';
				}
			}
			$payClass			=	$payAccount->getPayMean();
			$paymentBasket		=	new cbpaidPaymentBasket($_CB_database);

			if ( $payClass && ( ( $this->base->_getReqParam('method') == $payClass->getPayName() ) || ( $this->base->_getReqParam('method') == null ) ) && $payClass->hashPdtBackCheck( $this->base->_getReqParam('pdtback') ) ) {
				// output for resultNotification: $return and $allowHumanHtmlOutput
				$return			=	$payClass->resultNotification( $paymentBasket, $postdata, $allowHumanHtmlOutput );
			}

			if ( ! $paymentBasket->id ) {
				$this->base->_setErrorMSG(CBPTXT::T("No suitable basket found."));
			} else {
				$user			=&	CBuser::getUserDataInstance( (int) $paymentBasket->user_id );

				if ( $paymentBasket->payment_status == 'RegistrationCancelled' ) {
					// registration cancelled: delete payment basket and delete user after checking that he is not yet active:
					if ( $paymentBasket->load( (int) $paymentBasket->id ) ) {
						if ( $payClass->hashPdtBackCheck( $this->base->_getReqParam('pdtback') ) && ( ( $paymentBasket->payment_status == 'NotInitiated' ) || ( ( $paymentBasket->payment_status === 'Pending' ) && ( $paymentBasket->payment_method === 'offline' ) ) ) ) {

							$notification						=	new cbpaidPaymentNotification();
							$notification->initNotification( $payClass, 0, 'P', $paymentBasket->payment_status, $paymentBasket->payment_type, null, $_CB_framework->now(), $paymentBasket->charset );

							$payClass->updatePaymentStatus( $paymentBasket, 'web_accept', 'RegistrationCancelled', $notification, 0, 0, 0, true );

							// This is a notification or a return to site after payment, we want to log any error happening in third-party stuff in case:
							cbpaidErrorHandler::keepTurnedOn();
						}
					}
				}
				if ( $allowHumanHtmlOutput ) {
					// If frontend, we display result, otherwise, If Server-to-server notification: do not display any additional text here !
					switch ( $paymentBasket->payment_status ) {
						case 'Completed':
							// PayPal recommends including the following information with the confirmation:
							// - Item name
							// - Amount paid
							// - Payer email
							// - Shipping address
							$newMsg = sprintf( CBPTXT::Th("Thank you for your payment of %s for the %s %s."), $paymentBasket->renderPrice(),
								$paymentBasket->item_name,
								htmlspecialchars( $payClass->getTxtUsingAccount( $paymentBasket ) ) )		// ' using your paypal account ' . $paymentBasket->payer_email
								. ' ' . $payClass->getTxtNextStep( $paymentBasket );
							// . "Your transaction has been completed, and a receipt for your purchase has been emailed to you by PayPal. "
							// . "You may log into your account at www.paypal.com to view details of this transaction.</p>\n";
							if ( $params->get( 'show_invoices' ) ) {
								$itsmyself			=	( $_CB_framework->myId() == $user->id );
								$subscriptionsGUI	=	new cbpaidControllerUI();
								$newMsg				.=	'<p id="cbregviewinvoicelink">'
									.	$subscriptionsGUI->getInvoiceShowAhtml( $paymentBasket, $user, $itsmyself, CBPTXT::Th("View printable invoice") )
									.	'</p>'
								;
							}
							$paid = true;
							break;
						case 'Pending':
							$newMsg = sprintf( CBPTXT::Th("Thank you for initiating the payment of %s for the %s %s."), $paymentBasket->renderPrice(),
								$paymentBasket->item_name,
								htmlspecialchars( $payClass->getTxtUsingAccount( $paymentBasket ) ) )		// ' using your paypal account ' . $paymentBasket->payer_email
								. ' ' . $payClass->getTxtNextStep( $paymentBasket );
							// . "Your payment is currently being processed. "
							// . "A receipt for your purchase will be emailed to you by PayPal once processing is complete. "
							// . "You may log into your account at www.paypal.com to view status details of this transaction.</p>\n";
							break;
						case 'RegistrationCancelled':
							$newMsg		=	$payClass->getTxtNextStep( $paymentBasket );
							break;
						case 'FreeTrial':
							$newMsg = CBPTXT::Th("Thank you for subscribing to") . ' ' . $paymentBasket->item_name . '.'
								. ' ' . $payClass->getTxtNextStep( $paymentBasket );
							break;
						case null:
							$newMsg	= CBPTXT::T("Payment basket does not exist.");
							break;
						case 'NotInitiated':
							$newMsg	=	'';
							break;
						case 'RedisplayOriginalBasket':
							if ( $paymentBasket->load( (int) $paymentBasket->id ) && ( $paymentBasket->payment_status == 'NotInitiated' ) ) {
								$introText		=	CBPTXT::Th( $params->get( 'intro_text', null ) );
								$return			.=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, $introText );
							}
							$newMsg				=	'';
							break;
						case 'Processed':
						case 'Denied':
						case 'Reversed':
						case 'Refunded':
						case 'Partially-Refunded':
						default:
							$newMsg = $payClass->getTxtNextStep( $paymentBasket );
							// "<p>Your transaction is not cleared and has currently following status: <strong>" . $paymentBasket->payment_status . ".</strong></p>"
							// . "<p>You may log into your account at www.paypal.com to view status details of this transaction.</p>";
							break;
					}

					if ( in_array( $paymentBasket->payment_status, array( 'Completed', 'Pending' ) ) ) {
						$subscriptions = $paymentBasket->getSubscriptions();
						$texts		=	array();			// avoid repeating several times identical texts:
						if ( is_array( $subscriptions ) ) {
							foreach ( $subscriptions as $sub ) {
								/** @var $sub cbpaidSomething */
								$thankYouParam		=	( $paymentBasket->payment_status == 'Completed') ? 'thankyoutextcompleted' : 'thankyoutextpending';
								$thankYouText		=	$sub->getPersonalized( $thankYouParam, true );
								if ( $thankYouText && ! in_array( $thankYouText, $texts ) ) {
									$texts[]		=	$thankYouText;
									if ( strpos( $thankYouText, '<' ) === false ) {
										$msgTag		=	'p';
									} else {
										$msgTag		=	'div';
									}
									$newMsg			.=	'<' . $msgTag . ' class="cbregThanks" id="cbregThanks' . $sub->plan_id . '">' . $thankYouText . '</' . $msgTag . ">\n";
								}
							}
						}
					}
					if ( $newMsg ) {
						$return .= '<div>' . $newMsg . '</div>';
					}

					if ( $paid && ( $_CB_framework->myId() < 1 ) && ( cbGetParam( $_REQUEST, 'user', 0 ) == $paymentBasket->user_id ) ) {
						$_CB_database->setQuery( "SELECT * FROM #__comprofiler c, #__users u WHERE c.id=u.id AND c.id=".(int) $paymentBasket->user_id );
						if ( $_CB_database->loadObject( $user ) && ( $user->lastvisitDate == '0000-00-00 00:00:00' ) ) {
							$return = '<p>' . implode( '', getActivationMessage( $user, 'UserRegistration' ) ) . '</p>' . $return;
						}
					}
				}
			}

		} else {
			cbNotAuth();
			return ' ' . CBPTXT::T("No result.");
		}

		if ( $allowHumanHtmlOutput ) {
			$allErrorMsgs	=	$this->base->getErrorMSG( '</div><div class="error">' );
			if ( $allErrorMsgs ) {
				$errorMsg	=	'<div class="error">' . $allErrorMsgs . '</div>';
			} else {
				$errorMsg	=	null;
			}

			/** @var string $return */
			if ( ( $return == '' ) && ( $errorMsg ) ) {
				$this->base->outputRegTemplate();
				$return		=	$errorMsg . '<br /><br />' . $return;
				$return		.=	cbpaidControllerOrder::showBasketForPayment( $user, $paymentBasket, '' );
			} else {
				$return		=	$errorMsg . $return;
			}
		}

		if ( ! is_null( $oldignoreuserabort ) ) {
			ignore_user_abort($oldignoreuserabort);
		}

		return $return;
	}
	/**
	 * Saves the user edit tab postdata into the tab's permanent storage
	 *
	 * @param  TabTable   $tab       the tab database entry
	 * @param  UserTable  $user      the user being displayed
	 * @param  int        $ui        1 for front-end, 2 for back-end
	 * @param  array      $postdata  _POST data for saving edited tab content as generated with getEditTab
	 * @return string|boolean        Either string HTML for tab content, or false if ErrorMSG generated
	 */
	public function saveEditTab( $tab, &$user, $ui, $postdata ) {
		global $_CB_framework, $_PLUGINS;
		// var_export( $_POST ); exit;
		if ( $ui != 2 ) {
			return null;
		}
		if(intval( $_CB_framework->myId() ) < 1) {
			cbNotAuth();
			return null;
		}
		cbpaidErrorHandler::on();

		if ( cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionview' ) && cbpaidApp::authoriseAction( 'cbsubs.usersubscriptionmanage' ) ) {


			$now				=	$_CB_framework->now();
	/*
			$params = cbGetParam( $_REQUEST, 'subscriptionparams', '' );
			$cb_subs_params = Registry::getRawParamsUnescaped( $params, false );
			$user->cb_subs_params = $cb_subs_params;
	*/
			$subscriptionsGUI	=	new cbpaidControllerUI();
			if ( ( $ui == 2 ) && ( $user->id == 0 ) ) {
				$chosenPlans	=	$subscriptionsGUI->getAndCheckChosenRegistrationPlans( $postdata, $user );
			} else {
				$chosenPlans	=	$subscriptionsGUI->getAndCheckChosenUpgradePlans( $postdata, $user, $now );
			}
			if ( ! is_array( $chosenPlans ) ) {
				$_PLUGINS->_setErrorMSG( $chosenPlans );
				$_PLUGINS->raiseError( 1 );
				return false;
			}
			// Renew / Pay / Reactivate buttons -> checkboxes: subscriptionpay or subscriptionrenew or subscriptionunsubscribe: value is subscription_id.
			$unsubscribe		=	$subscriptionsGUI->getEditPostedBoxes( 'unsubscribe' );
			$renew				=	$subscriptionsGUI->getEditPostedBoxes( 'renew' );
			$reactivate			=	$subscriptionsGUI->getEditPostedBoxes( 'reactivate' );
			$resubscribe		=	$subscriptionsGUI->getEditPostedBoxes( 'resubscribe' );
			$pay				=	$subscriptionsGUI->getEditPostedBoxes( 'pay' );
			$delete				=	$subscriptionsGUI->getEditPostedBoxes( 'delete' );
			// Plan upgrade possibilities: values: subscription_id or null, act='upgrade', $plan= plan number or 0
	
			$act				=	$this->_getReqParam( 'act' );
			$subscriptionIds	=	$subscriptionsGUI->getEditPostedBoxes( 'id' );
	
			$paidSomethinMgr	=&	cbpaidSomethingMgr::getInstance();
	
			foreach ( $unsubscribe as $ps ) {
				// only unsubscribe (and maybe upgrade, means resubscribe):
				$subscription	=	$paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
				if ( $subscription ) {
					// $subscription->deactivate( $user, 'C' );		// cancelled
					$resultErrMessage	=	cbpaidControllerOrder::doUnsubscribeConfirm( $user, null, $subscription->plan_id, $subscription->id );
					if ( $resultErrMessage === false ) {
						$_PLUGINS->_setErrorMSG( $this->getErrorMSG() );
						$_PLUGINS->raiseError(1);
						return false;
					}
				}
			}
	
			foreach ( $renew as $ps ) {
				// only renew:
				$subscription	=	$paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
				if ( $subscription ) {
					$subscription->activate( $user, $now, true, 'R' );
				}
			}
			foreach ( $reactivate as $ps ) {
				// only renew:
				$subscription	=	$paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
				if ( $subscription ) {
					$subscription->activate( $user, $now, true, 'R' );
				}
			}
			foreach ( $resubscribe as $ps ) {
				// only renew:
				$subscription	=	$paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
				if ( $subscription ) {
					$subscription->activate( $user, $now, true, 'R' );
				}
			}
	
			foreach ( $pay as $ps ) {
				// only renew:
				$subscription	=	$paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
				if ( $subscription ) {
					$subscription->activate( $user, $now, true, 'N' );
				}
			}
	
			foreach ( $delete as $ps ) {
				// only renew:
				$subscription	=	$paidSomethinMgr->loadSomething( $ps[0], $ps[1] );
				if ( $subscription ) {
					$newPlanId		= null;
					$unifiedStatus	= 'Denied';
					if ( $subscription->canDelete() ) {
						$subscription->revert( $user, $newPlanId, $unifiedStatus );
						$subscription->historySetMessage( 'Subscription deleted from administration backend' );
						if ( ! $subscription->delete( ) ) {
							$_PLUGINS->_setErrorMSG( $subscription->getError() );
							$_PLUGINS->raiseError( 1 );
							return false;
						}
					} else {
						$_PLUGINS->_setErrorMSG( $subscription->getError() );
						$_PLUGINS->raiseError( 1 );
						return false;
					}
				}
			}
	
			if ( $chosenPlans && ( count( $chosenPlans ) > 0 ) ) {
				if ( $act == 'upgrade' ) {
					if ( $user->id ) {
						// upgrade existing ones:
						cbpaidControllerOrder::createSubscriptionsAndPayment( $user, $chosenPlans, $postdata, $subscriptionIds, null, 'I', null, 'U', 'free' );
					} else {
						// when creating a user in backend, there is no user->id yet, so we need to defer the call (just below):
						global $_CBSUBS_temp_backend_create;
						$_CBSUBS_temp_backend_create	=	array( array( 'cbpaidControllerOrder', 'createSubscriptionsAndPayment' ), array( &$user, $chosenPlans, $postdata, $subscriptionIds, null, 'I', null, 'U', 'free' ));
					}
				}
			}

		}

		cbpaidErrorHandler::off();
		return null;
	}
function viewReports($option, $uid, $act)
{
    global $_CB_framework, $_CB_database, $ueConfig, $_REQUEST;
    $isModerator = isModerator($_CB_framework->myId());
    if ($isModerator == 0) {
        cbNotAuth();
        return;
    }
    $Itemid = $_CB_framework->itemid();
    $ue_base_url = "index.php?option=com_comprofiler&amp;task=viewReports" . ($Itemid ? "&amp;Itemid=" . (int) $Itemid : "");
    // Base URL string
    $query = "SELECT count(*) FROM #__comprofiler_userreports  WHERE " . ($act == 1 ? '' : "reportedstatus=0 AND ") . "reporteduser="******"SELECT u2.name as reportedbyname, u2.username as reportedbyusername, u.name as reportedname, u.username as reportedusername, ur.* FROM #__users u, #__comprofiler_userreports ur, #__users u2 WHERE u.id=ur.reporteduser AND u2.id=ur.reportedbyuser AND " . ($act == 1 ? '' : "ur.reportedstatus=0 AND ") . "ur.reporteduser="******" ORDER BY ur.reporteduser,ur.reportedondate";
    $_CB_database->setQuery($query, $limitstart, $limit);
    $row = $_CB_database->loadObjectList();
    outputCbTemplate(1);
    ?>
<!-- TAB -->
<div class="componentheading"><?php 
    echo _UE_MODERATE_TITLE;
    ?>
</div><br /><br />
<?php 
    if ($total < 1) {
        echo _UE_NOREPORTSTOPROCESS;
        return;
    }
    ?>
 
                    
<div class='contentheading'><?php 
    echo _UE_USERREPORT;
    ?>
</div><br />
<?php 
    if ($total > $limit) {
        ?>
<div style="width:100%;text-align:center;"><?php 
        echo writePagesLinks($limitstart, $limit, $total, $ue_base_url);
        ?>
</div><hr />
<?php 
    }
    ?>
	<table width='98%' border='0' cellpadding='4' cellspacing='1'>
		<thead><tr align='left' class="sectiontableheader">
			<th><?php 
    echo _UE_REPORTEDUSER;
    ?>
</th>
			<th><?php 
    echo _UE_REPORT;
    ?>
</th>
			<th><?php 
    echo _UE_REPORTEDONDATE;
    ?>
</th>
			<th><?php 
    echo _UE_REPORTEDBY;
    ?>
</th>	
			<th><?php 
    echo _UE_REPORTSTATUS;
    ?>
</th>	
		</tr></thead>
<?php 
    for ($i = 0; $i < count($row); $i++) {
        $class = "sectiontableentry" . (1 + $i % 2);
        echo "<tr align='left' valign='middle' class='" . $class . "'>";
        echo "<td><a href='" . cbSef("index.php?option=com_comprofiler&amp;task=userProfile&amp;user="******"&amp;Itemid=" . (int) $Itemid : "")) . "'>" . getNameFormat($row[$i]->reportedname, $row[$i]->reportedusername, $ueConfig['name_format']) . "</a></td>";
        echo "<td>" . $row[$i]->reportexplaination . "</td>";
        echo "<td>" . dateConverter($row[$i]->reportedondate, 'Y-m-d', $ueConfig['date_format']) . "</td>";
        echo "<td><a href='" . cbSef("index.php?option=com_comprofiler&amp;task=userProfile&amp;user="******"&amp;Itemid=" . (int) $Itemid : "")) . "'>" . getNameFormat($row[$i]->reportedbyname, $row[$i]->reportedbyusername, $ueConfig['name_format']) . "</a></td>";
        echo "<td>" . ($row[$i]->reportedstatus ? '<span style="color:green;">' . _UE_REPORTSTATUS_PROCESSED . '</span>' : '<span style="color:red;font-weight:bold;">' . _UE_REPORTSTATUS_OPEN . '</span>') . "</td>";
        echo "</tr>\n";
    }
    echo "</table>\n";
    if ($total > $limit) {
        ?>
<hr /><div style="width:100%;text-align:center;"><?php 
        echo writePagesLinks($limitstart, $limit, $total, $ue_base_url);
        ?>
</div>
<?php 
    }
    echo "<br /><div style='width:100%;text-align:center;'>\n";
    echo "<form action='" . cbSef('index.php?option=com_comprofiler&amp;task=moderateReports' . ($Itemid ? "&amp;Itemid=" . (int) $Itemid : "")) . "' method='post' name='adminForm'>\n";
    echo '<input class="button" type="submit" value="' . _UE_USERREPORT_MODERATE . "\" />\n";
    echo "</form>\n</div>\n";
}
function viewReports($option, $uid, $act)
{
    global $_CB_framework, $_CB_database, $_PLUGINS, $_REQUEST;
    $_PLUGINS->loadPluginGroup('user');
    $results = $_PLUGINS->trigger('onBeforeViewReportsFormDisplay', array($uid, $act));
    if ($_PLUGINS->is_errors()) {
        echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
        exit;
    }
    $isModerator = Application::MyUser()->isGlobalModerator();
    if (!$isModerator) {
        cbNotAuth();
        return;
    }
    $query = 'SELECT COUNT(*)' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_userreports') . "\n WHERE " . $_CB_database->NameQuote('reporteduser') . " = " . (int) $uid . ($act == 1 ? "\n AND " . $_CB_database->NameQuote('reportedstatus') . " = 0" : null);
    $_CB_database->setQuery($query);
    $total = $_CB_database->loadResult();
    $limitstart = (int) getPagesLimitStart($_REQUEST);
    $limit = 20;
    if ($limit > $total) {
        $limitstart = 0;
    }
    $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_userreports') . "\n WHERE " . $_CB_database->NameQuote('reporteduser') . " = " . (int) $uid . ($act == 1 ? "\n AND " . $_CB_database->NameQuote('reportedstatus') . " = 0" : null) . "\n ORDER BY " . $_CB_database->NameQuote('reporteduser') . ", " . $_CB_database->NameQuote('reportedondate');
    $_CB_database->setQuery($query, $limitstart, $limit);
    $rows = $_CB_database->loadObjectList();
    outputCbTemplate(1);
    $return = '<div class="cbViewReports cb_template cb_template_' . selectTemplate('dir') . '">';
    if (is_array($results)) {
        $return .= implode('', $results);
    }
    $return .= '<div class="page-header"><h3>' . CBTxt::Th('UE_USERREPORT', 'User Report') . '</h3></div>';
    if ($total < 1) {
        $return .= CBTxt::Th('UE_NOREPORTSTOPROCESS', 'No User Reports to Process');
    } else {
        $return .= '<form action="' . $_CB_framework->viewUrl('moderatereports') . '" method="post" id="adminForm" name="adminForm" class="cb_form form-auto">' . '<table class="table table-hover table-responsive">' . '<thead>' . '<tr>' . '<th style="width: 20%;" class="text-left">' . CBTxt::Th('UE_REPORTEDUSER', 'Reported User') . '</th>' . '<th style="width: 20%;" class="text-left">' . CBTxt::Th('UE_REPORT', 'Report') . '</th>' . '<th style="width: 20%;" class="text-left xs-hidden">' . CBTxt::Th('UE_REPORTEDONDATE', 'Report Date') . '</th>' . '<th style="width: 20%;" class="text-left xs-hidden">' . CBTxt::Th('UE_REPORTEDBY', 'Reported By') . '</th>' . '<th style="width: 20%;" class="text-left">' . CBTxt::Th('UE_REPORTSTATUS', 'Report status') . '</th>' . '</tr>' . '</thead>' . '<tbody>';
        for ($i = 0; $i < count($rows); $i++) {
            $row = $rows[$i];
            $return .= '<tr>' . '<td style="width: 20%;" class="text-left">' . CBuser::getInstance((int) $row->reporteduser, false)->getField('formatname', null, 'html', 'none', 'list', 0, true) . '</td>' . '<td style="width: 20%;" class="text-left">' . $row->reportexplaination . '</td>' . '<td style="width: 20%;" class="text-left xs-hidden">' . cbFormatDate($row->reportedondate) . '</td>' . '<td style="width: 20%;" class="text-left xs-hidden">' . CBuser::getInstance((int) $row->reportedbyuser, false)->getField('formatname', null, 'html', 'none', 'list', 0, true) . '</td>' . '<td style="width: 20%;" class="text-left ' . ($row->reportedstatus ? 'text-success' : 'text-danger') . '">' . ($row->reportedstatus ? CBTxt::Th('UE_REPORTSTATUS_PROCESSED', 'Processed') : CBTxt::Th('UE_REPORTSTATUS_OPEN', 'Open')) . '</td>' . '</tr>';
        }
        $return .= '</tbody>' . '</table>' . '<div class="form-group cb_form_line clearfix">' . '<input type="submit" class="btn btn-primary cbViewReportsMod" value="' . htmlspecialchars(CBTxt::Th('UE_USERREPORT_MODERATE', 'Moderate User Reports')) . '" />' . '</div>' . '</form>';
        if ($total > $limit) {
            $return .= '<div class="form-group cb_form_line text-center clearfix">' . writePagesLinks($limitstart, $limit, $total, $_CB_framework->viewUrl('viewreports')) . '</div>';
        }
    }
    $return .= '</div>';
    echo $return;
}
Пример #9
0
function acceptConnection($userid, $connectionid, $act = 'connections')
{
    global $_CB_framework, $ueConfig, $_PLUGINS;
    if (!$ueConfig['allowConnections']) {
        $msg = CBTxt::Th('UE_FUNCTIONALITY_DISABLED', 'This functionality is currently disabled.');
    } elseif (!($_CB_framework->myId() > 0)) {
        cbNotAuth(true);
        return;
    } else {
        $msg = null;
    }
    $_PLUGINS->loadPluginGroup('user');
    $_PLUGINS->trigger('onBeforeAcceptConnectionRequest', array($userid, $connectionid, &$msg, $act));
    if ($msg) {
        $_CB_framework->enqueueMessage($msg, 'error');
        return;
    }
    $cbCon = new cbConnection($userid);
    if ($cbCon->isConnectionPending($userid, $connectionid) === false) {
        $_CB_framework->enqueueMessage(CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'), 'error');
        return;
    } else {
        if (!$cbCon->acceptConnection($userid, $connectionid)) {
            $msg = $cbCon->getErrorMSG();
        } else {
            $msg = $cbCon->getUserMSG();
        }
    }
    if ($act == 'connections') {
        cbRedirectToProfile($userid, $msg, null, 'getConnectionTab');
    } elseif ($act == 'manage') {
        cbRedirectToProfile($connectionid, $msg, 'manageconnections', 'cbtabconnections');
    } else {
        cbRedirectToProfile($connectionid, $msg);
    }
}