/** * Draws the user profile tab "Subscriptions" (if enabled, user is the profile owner, and something to display. * * @param string $htmlSubscriptionsAndUpgrades * @param string $htmlInvoicesLink * @param string $tabTitleText * @param string $htmlTabDescription * @return string */ public function drawTab($htmlSubscriptionsAndUpgrades, $htmlInvoicesLink, $tabTitleText, $htmlTabDescription) { global $ueConfig; $this->htmlSubscriptionsAndUpgrades = $htmlSubscriptionsAndUpgrades; $this->htmlInvoicesLink = $htmlInvoicesLink; $this->htmlTabDescription = $htmlTabDescription; $user = $this->_model; $title = cbReplaceVars(CBPTXT::Th(cbUnHtmlspecialchars($tabTitleText)), $user); if ($title) { $name = getNameFormat($user->name, $user->username, $ueConfig['name_format']); $title = sprintf($title, $name); } $this->htmlTabTitle = $title; return $this->display(); }
/** * Returns the tab description with all replacements of variables and of language strings made. * * @param moscomprofilerTabs $tab * @param moscomprofilerUser $user * @param string $htmlId div id tag for the description html div * @return string */ function _writeTabDescription($tab, $user, $htmlId = null) { if ($tab->description != null) { $return = "\t\t<div class=\"tab_Description\"" . ($htmlId ? " id=\"" . $htmlId . "\"" : "") . ">" . cbReplaceVars(cbUnHtmlspecialchars($tab->description), $user) . "</div>\n"; } else { $return = null; } return $return; }
/** * creates a basket with items in database and completes this object with subscriptions * * @param UserTable $user * @param cbpaidUsersubscriptionRecord[] $subscriptions * @param string $prefixText Text to prefix before the item descriptions //TBD this should be on a per-item basis * @param string $reason payment reason: 'N'=new subscription (default), 'R'=renewal, 'U'=update * @param int $now unix time of now (single now time for consistency in db) * @param boolean $tryAutorecurring try to build the payment basket as autorecurring * @return boolean TRUE: could build basket, FALSE: could not. */ protected function _tryCreateAndFillCreteSubscriptionsItems( &$user, &$subscriptions, $prefixText, $reason, $now, $tryAutorecurring ) { global $_CB_framework; $params =& cbpaidApp::settingsParams(); $plansTitle = $params->get( 'regTitle' ); $prefixText = /* $sitename . ': ' . */ ($prefixText ? $prefixText.' ' : '') . $plansTitle . ': '; // preliminary round: Check currencies and owner $main_currency_code = trim( $params->get( 'currency_code' ) ); //TBD later: let users choose payment currency...depending of payment gateway and CC contracts $currency_code = ''; $owner = null; foreach ( $subscriptions as $k => $sub ) { $item_currency = $subscriptions[$k]->getPlanAttribute( 'currency' ); $item_owner = $subscriptions[$k]->getPlanAttribute( 'owner' ); if ( $item_currency ) { if ( $currency_code ) { if ( $item_currency != $currency_code ) { // another item to pay already has a different currency ==> use main site currency $currency_code = $main_currency_code; } } else { // item has a currency and no other item has set a currency $currency_code = $item_currency; } } if ( $item_owner ) { if ( ( $owner === null ) || ( $owner == $item_owner ) ) { $owner = $item_owner; } else { trigger_error( sprintf( 'Mixed items owners in basket: found id %d and %d: setting owner to be System.', $owner, $item_owner ), E_USER_WARNING ); $owner = 0; } } } if ( $currency_code == '' ) { $currency_code = $main_currency_code; } $totalPrice = 0.0; $itnames = array(); $itnums = array(); $this->_paymentItems = array(); $this->_paymentTotalizers = array(); $paymentItemsOrdering = 1; // prepare PaymentItems: foreach ( $subscriptions as $k => $sub ) { $artNumber = $sub->getArtNoSubId() . '-' . $user->id . '-' . $sub->plan_id; $quantity = 1; $item = $subscriptions[$k]->createPaymentItem( $quantity, $currency_code, $artNumber, $prefixText, $reason, $now, $tryAutorecurring ); if ( $item !== false ) { $item->setOrdering( $paymentItemsOrdering++ ); if ( $sub->parent_subscription ) { $item->_parentSub = array( $sub->parent_plan, $sub->parent_subscription ); } $item->callIntegrations( 'addSomethingToBasket', $sub, $this ); $this->_paymentItems[$k] = $item; // compact summary texts for basket: $totalPrice += $item->getPrice( false ); $itnames[$k] = $sub->getPersonalized( 'name', false ); $itnums[$k] = $item->artnum; } } if ( ( ! $tryAutorecurring ) && ( $totalPrice == 0 ) ) { // nothing to pay this time, so don't bother creating a 0.- invoice: return false; } // build item description line, default: [ITEM_ALIAS] and [PREFIX_TEXT] [PLANS_TITLE]: [ITEM_NAME][VALIDITY_IF_NOT_AUTORECURRING] for [USERNAME] $prefixText = ''; if ( $reason == 'R' ) { $prefixText = CBPTXT::T("Renew"); } elseif ( $reason == 'U' ) { $prefixText = CBPTXT::T("Upgrade"); } $extraStrings = array( 'ITEMS_ALIASES' => implode( ', ', $itnames ), 'SITENAME' => $_CB_framework->getCfg( 'sitename' ), 'SITEURL' => $_CB_framework->getCfg( 'live_site' ), 'PLANS_TITLE' => strip_tags( $params->get( 'regTitle' ) ), 'EMAILADDRESS' => $user->email, 'PREFIX_TEXT' => $prefixText ); $item_name = trim( cbReplaceVars( CBPTXT::T( $params->get( 'basket_item_name', '[ITEMS_ALIASES] for [USERNAME]' ) ), $user, false, false, $extraStrings, false ) ); // create paymentBasket: $item_number = implode( ',', $itnums ); $this->createPaymentBasket( $user, $totalPrice, $currency_code, 1, $item_number, $item_name, false, $now, $owner, $reason ); return $this->_storeBasketItemsTotalizers( $tryAutorecurring, $now, $user, $reason ); }
/** * Formatter: * Returns a field in specified format * * @param FieldTable $field * @param UserTable $user * @param string $output 'html', 'xml', 'json', 'php', 'csvheader', 'csv', 'rss', 'fieldslist', 'htmledit' * @param string $formatting 'tr', 'td', 'div', 'span', 'none', 'table'?? * @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'search' for searches * @param int $list_compare_types IF reason == 'search' : 0 : simple 'is' search, 1 : advanced search with modes, 2 : simple 'any' search * @return mixed */ public function getAjaxDisplay( &$field, &$user, $output, $formatting, $reason, $list_compare_types ) { global $_CB_framework, $_PLUGINS, $ueConfig; if ( $formatting && ( $formatting != 'none' ) && $this->canAjax( $field, $user, $output, $reason ) ) { $field->set( '_noAjax', true ); $hasEdit = $_PLUGINS->callField( $field->get( 'type' ), 'getFieldRow', array( &$field, &$user, 'htmledit', 'none', 'edit', $list_compare_types ), $field ); if ( trim( $hasEdit ) ) { $placeholder = cbReplaceVars( CBTxt::T( $field->params->get( 'ajax_placeholder' ) ), $user ); $formatted = $_PLUGINS->callField( $field->get( 'type' ), 'getFieldRow', array( &$field, &$user, $output, 'none', $reason, $list_compare_types ), $field ); if ( ( ( ! $formatted ) || ( $formatted == $ueConfig['emptyFieldsText'] ) ) && $placeholder ) { $formatted = $placeholder; } $format = ( $field->params->get( 'fieldVerifyInput', 0 ) ? 'div' : 'none' ); if ( $format != 'none' ) { $edit = $_PLUGINS->callField( $field->get( 'type' ), 'getFieldRow', array( &$field, &$user, 'htmledit', $format, 'edit', $list_compare_types ), $field ); } else { $edit = $hasEdit; } if ( trim( $edit ) ) { static $JS_loaded = 0; if ( ! $JS_loaded++ ) { cbValidator::loadValidation(); $_CB_framework->document->addHeadStyleSheet( '/components/com_comprofiler/plugin/user/plug_cbcorefieldsajax/cbcorefieldsajax.css' ); $_CB_framework->addJQueryPlugin( 'cbajaxfield', '/components/com_comprofiler/plugin/user/plug_cbcorefieldsajax/cbcorefieldsajax.js' ); $_CB_framework->outputCbJQuery( "$( '.cbAjaxContainer' ).cbajaxfield();", array( 'cbajaxfield', 'form' ) ); } $formUrl = $_CB_framework->viewUrl( 'fieldclass', true, array( 'field' => $field->get( 'name' ), 'function' => 'savevalue', 'user' => (int) $user->get( 'id' ), 'reason' => $reason ), 'raw' ); $formId = ( htmlspecialchars( $field->get( 'name' ) ) . '_' . (int) $user->get( 'id' ) ) . '_ajax'; $return = '<div id="' . $formId . '_container" class="cbAjaxContainer">' . '<form action="' . $formUrl .'" name="' . $formId . '" id="' . $formId . '" enctype="multipart/form-data" method="post" class="cbAjaxForm cbValidation cb_form form-auto hidden">' . '<div class="cbAjaxInput form-group cb_form_line clearfix">' . '<div class="cb_field">' . $edit . '</div>' . '</div>' . '<div class="cbAjaxButtons form-group cb_form_line clearfix">' . '<input type="submit" class="cbAjaxSubmit btn btn-primary" value="' . htmlspecialchars( CBTxt::T( 'Update' ) ) . '" />' . ' <input type="button" class="cbAjaxCancel btn btn-default" value="' . htmlspecialchars( CBTxt::T( 'Cancel' ) ) . '" />' . '</div>' . cbGetSpoofInputTag( 'fieldclass' ) . cbGetRegAntiSpamInputTag() . '</form>' . '<div class="cbAjaxValue fa-before fa-pencil">' . $formatted . '</div>' . '</div>'; if ( $field->get( 'type' ) == 'editorta' ) { $js = "$( '#" . addslashes( $formId ) . "_container' ).on( 'cbajaxfield.serialize', function() {" . $_CB_framework->saveCmsEditorJS( $field->get( 'name' ), 0, false ) . "});"; $_CB_framework->outputCbJQuery( $js ); } return $this->renderFieldHtml( $field, $user, $return, $output, $formatting, $reason, array() ); } } $field->set( '_noAjax', false ); } return null; }
/** * Generates the HTML to display the user profile tab * * @param TabTable $tab the tab database entry * @param UserTable $user the user being displayed * @param int $ui 1 for front-end, 2 for back-end * @return mixed Either string HTML for tab content, or false if ErrorMSG generated */ public function getDisplayTab($tab, $user, $ui) { global $ueConfig; $params = $this->params; $title = cbReplaceVars($params->get('title', '_UE_PROFILE_TITLE_TEXT'), $user); $name = getNameFormat($user->name, $user->username, $ueConfig['name_format']); $return = (sprintf($title, $name) ? '<div class="page-header cbProfileTitle"><h3>' . sprintf($title, $name) . '</h3></div>' : null) . $this->_writeTabDescription($tab, $user); return $return; }
/** * Registers a new user * * @param UserTable $user * @param Hybrid_User_Profile $profile * @return bool */ private function register( $user, $profile ) { global $_CB_framework, $_PLUGINS, $ueConfig; if ( ! $profile->identifier ) { cbRedirect( $this->_returnUrl, CBTxt::T( 'PROVIDER_PROFILE_MISSING', '[provider] profile could not be found.', array( '[provider]' => $this->_providerName ) ), 'error' ); return false; } $mode = $this->params->get( $this->_provider . '_mode', 1, GetterInterface::INT ); $approve = $this->params->get( $this->_provider . '_approve', 0, GetterInterface::INT ); $confirm = $this->params->get( $this->_provider . '_confirm', 0, GetterInterface::INT ); $usergroup = $this->params->get( $this->_provider . '_usergroup', null, GetterInterface::STRING ); $approval = ( $approve == 2 ? $ueConfig['reg_admin_approval'] : $approve ); $confirmation = ( $confirm == 2 ? $ueConfig['reg_confirmation'] : $confirm ); $usernameFormat = $this->params->get( $this->_provider . '_username', null, GetterInterface::STRING ); $username = null; $dummyUser = new UserTable(); if ( $usernameFormat ) { $extras = array( 'provider' => $this->_provider, 'provider_id' => $this->_providerId, 'provider_name' => $this->_providerName ); foreach ( (array) $profile as $k => $v ) { if ( ( ! is_array( $v ) ) && ( ! is_object( $v ) ) ) { $k = 'profile_' . $k; $extras[$k] = $v; } } $username = preg_replace( '/[<>\\\\"%();&\']+/', '', trim( cbReplaceVars( $usernameFormat, $user, true, false, $extras, false ) ) ); } else { if ( isset( $profile->username ) ) { $username = preg_replace( '/[<>\\\\"%();&\']+/', '', trim( $profile->username ) ); } if ( ( ! $username ) || ( $username && $dummyUser->loadByUsername( $username ) ) ) { $username = preg_replace( '/[<>\\\\"%();&\']+/', '', trim( $profile->displayName ) ); } } if ( ( ! $username ) || ( $username && $dummyUser->loadByUsername( $username ) ) ) { $username = (string) $profile->identifier; } if ( $mode == 2 ) { $user->set( 'email', $profile->email ); } else { if ( $dummyUser->loadByUsername( $username ) ) { cbRedirect( $this->_returnUrl, CBTxt::T( 'UE_USERNAME_NOT_AVAILABLE', "The username '[username]' is already in use.", array( '[username]' => htmlspecialchars( $username ) ) ), 'error' ); return false; } if ( ! $this->email( $user, $profile ) ) { return false; } if ( $dummyUser->loadByEmail( $user->get( 'email' ) ) ) { cbRedirect( $this->_returnUrl, CBTxt::T( 'UE_EMAIL_NOT_AVAILABLE', "The email '[email]' is already in use.", array( '[email]' => htmlspecialchars( $user->get( 'email' ) ) ) ), 'error' ); return false; } $this->avatar( $user, $profile, $mode ); if ( ! $usergroup ) { $gids = array( (int) $_CB_framework->getCfg( 'new_usertype' ) ); } else { $gids = cbToArrayOfInt( explode( '|*|', $usergroup ) ); } $user->set( 'gids', $gids ); $user->set( 'sendEmail', 0 ); $user->set( 'registerDate', $_CB_framework->getUTCDate() ); $user->set( 'password', $user->hashAndSaltPassword( $user->getRandomPassword() ) ); $user->set( 'registeripaddr', cbGetIPlist() ); if ( $approval == 0 ) { $user->set( 'approved', 1 ); } else { $user->set( 'approved', 0 ); } if ( $confirmation == 0 ) { $user->set( 'confirmed', 1 ); } else { $user->set( 'confirmed', 0 ); } if ( ( $user->get( 'confirmed' ) == 1 ) && ( $user->get( 'approved' ) == 1 ) ) { $user->set( 'block', 0 ); } else { $user->set( 'block', 1 ); } } if ( $profile->firstName || $profile->lastName ) { $user->set( 'name', trim( $profile->firstName . ' ' . $profile->lastName ) ); } elseif ( $profile->displayName ) { $user->set( 'name', trim( $profile->displayName ) ); } else { $user->set( 'name', $username ); } switch ( $ueConfig['name_style'] ) { case 2: $lastName = strrpos( $user->get( 'name' ), ' ' ); if ( $lastName !== false ) { $user->set( 'firstname', substr( $user->get( 'name' ), 0, $lastName ) ); $user->set( 'lastname', substr( $user->get( 'name' ), ( $lastName + 1 ) ) ); } else { $user->set( 'firstname', '' ); $user->set( 'lastname', $user->get( 'name' ) ); } break; case 3: $middleName = strpos( $user->get( 'name' ), ' ' ); $lastName = strrpos( $user->get( 'name' ), ' ' ); if ( $lastName !== false ) { $user->set( 'firstname', substr( $user->get( 'name' ), 0, $middleName ) ); $user->set( 'lastname', substr( $user->get( 'name' ), ( $lastName + 1 ) ) ); if ( $middleName !== $lastName ) { $user->set( 'middlename', substr( $user->get( 'name' ), ( $middleName + 1 ), ( $lastName - $middleName - 1 ) ) ); } else { $user->set( 'middlename', '' ); } } else { $user->set( 'firstname', '' ); $user->set( 'lastname', $user->get( 'name' ) ); } break; } $user->set( 'username', $username ); $user->set( $this->_providerField, $profile->identifier ); $this->fields( $user, $profile, $mode ); if ( $mode == 2 ) { foreach ( $user as $k => $v ) { $_POST[$k] = $v; } $emailPass = ( isset( $ueConfig['emailpass'] ) ? $ueConfig['emailpass'] : '******' ); $regErrorMSG = null; if ( ( ( $_CB_framework->getCfg( 'allowUserRegistration' ) == '0' ) && ( ( ! isset( $ueConfig['reg_admin_allowcbregistration'] ) ) || $ueConfig['reg_admin_allowcbregistration'] != '1' ) ) ) { $msg = CBTxt::T( 'UE_NOT_AUTHORIZED', 'You are not authorized to view this page!' ); } else { $msg = null; } $_PLUGINS->loadPluginGroup( 'user' ); $_PLUGINS->trigger( 'onBeforeRegisterFormRequest', array( &$msg, $emailPass, &$regErrorMSG ) ); if ( $msg ) { $_CB_framework->enqueueMessage( $msg, 'error' ); return false; } $fieldsQuery = null; $results = $_PLUGINS->trigger( 'onBeforeRegisterForm', array( 'com_comprofiler', $emailPass, &$regErrorMSG, $fieldsQuery ) ); if ( $_PLUGINS->is_errors() ) { $_CB_framework->enqueueMessage( $_PLUGINS->getErrorMSG( '<br />' ), 'error' ); return false; } if ( implode( '', $results ) != '' ) { $return = '<div class="cb_template cb_template_' . selectTemplate( 'dir' ) . '">' . '<div>' . implode( '</div><div>', $results ) . '</div>' . '</div>'; echo $return; return false; } $_CB_framework->enqueueMessage( CBTxt::T( 'PROVIDER_SIGN_UP_INCOMPLETE', 'Your [provider] sign up is incomplete. Please complete the following.', array( '[provider]' => $this->_providerName ) ) ); HTML_comprofiler::registerForm( 'com_comprofiler', $emailPass, $user, $_POST, $regErrorMSG ); return false; } else { $_PLUGINS->trigger( 'onBeforeUserRegistration', array( &$user, &$user ) ); if ( $user->store() ) { if ( $user->get( 'confirmed' ) == 0 ) { $user->store(); } $messagesToUser = activateUser( $user, 1, 'UserRegistration' ); $_PLUGINS->trigger( 'onAfterUserRegistration', array( &$user, &$user, true ) ); if ( $user->get( 'block' ) == 1 ) { $return = '<div class="cb_template cb_template_' . selectTemplate( 'dir' ) . '">' . '<div>' . implode( '</div><div>', $messagesToUser ) . '</div>' . '</div>'; echo $return; } else { return true; } } cbRedirect( $this->_returnUrl, CBTxt::T( 'SIGN_UP_WITH_PROVIDER_FAILED', 'Sign up with [provider] failed. Error: [error]', array( '[provider]' => $this->_providerName, '[error]' => $user->getError() ) ), 'error' ); return false; } }
function drawUsersList( $uid, $listid, $searchFormValuesRAW ) { global $_CB_database, $_CB_framework, $ueConfig, $Itemid, $_PLUGINS; $search = null; $searchGET = cbGetParam( $searchFormValuesRAW, 'search' ); $limitstart = (int) cbGetParam( $searchFormValuesRAW, 'limitstart', 0 ); $searchmode = (int) cbGetParam( $searchFormValuesRAW, 'searchmode', 0 ); $randomParam = (int) cbGetParam( $searchFormValuesRAW, 'rand', 0 ); // old search on formated name: /* if ( $searchPOST || count( $_POST ) ) { // simple spoof check security cbSpoofCheck( 'usersList' ); if ( cbGetParam( $searchFormValuesRAW, "action" ) == "search" ) { $search = $searchPOST; } } else if ( isset( $searchFormValuesRAW['limitstart'] ) ) { $search = stripslashes( $searchGET ); } */ // get my user and gets the list of user lists he is allowed to see (ACL): $myCbUser =& CBuser::getInstance( $uid ); if ( $myCbUser === null ) { $myCbUser =& CBuser::getInstance( null ); } $myUser =& $myCbUser->getUserData(); /* $myUser = new moscomprofilerUser( $_CB_database ); if ( $uid ) { $myUser->load( (int) $uid ); } */ $useraccessgroupSQL = " AND useraccessgroupid IN (".implode(',',getChildGIDS(userGID($uid))).")"; $_CB_database->setQuery( "SELECT listid, title FROM #__comprofiler_lists WHERE published=1" . $useraccessgroupSQL . " ORDER BY ordering" ); $plists = $_CB_database->loadObjectList(); $lists = array(); $publishedlists = array(); for ( $i=0, $n=count( $plists ); $i < $n; $i++ ) { $plist =& $plists[$i]; $listTitleNoHtml = strip_tags( cbReplaceVars( getLangDefinition( $plist->title ), $myUser, false, false ) ); $publishedlists[] = moscomprofilerHTML::makeOption( $plist->listid, $listTitleNoHtml ); } // select either list selected or default list to which he has access (ACL): if ( $listid == 0 ) { $_CB_database->setQuery( "SELECT listid FROM #__comprofiler_lists " . "\n WHERE `default`=1 AND published=1" . $useraccessgroupSQL ); $listid = (int) $_CB_database->loadresult(); if ( $listid == 0 && ( count( $plists ) > 0 ) ) { $listid = (int) $plists[0]->listid; } } if ( ! ( $listid > 0 ) ) { echo _UE_NOLISTFOUND; return; } // generates the drop-down list of lists: if ( count( $plists ) > 1 ) { $lists['plists'] = moscomprofilerHTML::selectList( $publishedlists, 'listid', 'class="inputbox" size="1" onchange="this.form.submit();"', 'value', 'text', $listid, 1 ); } // loads the list record: $row = new moscomprofilerLists( $_CB_database ); if ( ( ! $row->load( (int) $listid ) ) || ( $row->published != 1 ) ) { echo _UE_LIST_DOES_NOT_EXIST; return; } if ( ! allowAccess( $row->useraccessgroupid,'RECURSE', userGID($uid) ) ) { echo _UE_NOT_AUTHORIZED; return; } $params = new cbParamsBase( $row->params ); $hotlink_protection = $params->get( 'hotlink_protection', 0 ); if ( $hotlink_protection == 1 ) { if ( ( $searchGET !== null ) || $limitstart ) { cbSpoofCheck( 'usersList', 'GET' ); } } $limit = (int) $params->get( 'list_limit' ); if ( $limit == 0 ) { $limit = (int) $ueConfig['num_per_page']; } $showPaging = $params->get( 'list_paging', 1 ); if ( $showPaging != 1 ) { $limitstart = 0; } $isModerator = isModerator( $_CB_framework->myId() ); $_PLUGINS->loadPluginGroup( 'user' ); // $plugSearchFieldsArray = $_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) ); $_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) ); // handles the users allowed to be listed in the list by ACL: $allusergids = array(); $usergids = explode( ',', $row->usergroupids ); /* This was a bug tending to list admins when "public backend" was checked, and all frontend users when "public backend was checked. Now just ignore them: foreach( $usergids AS $usergid ) { $allusergids[] = $usergid; if ($usergid==29 || $usergid==30) { $groupchildren = array(); $groupchildren = $_CB_framework->acl->get_group_children( $usergid, 'ARO','RECURSE' ); $allusergids = array_merge($allusergids,$groupchildren); } } */ $allusergids = array_diff( $usergids, array( 29, 30 ) ); $usergids = implode( ",", $allusergids ); // build SQL Select query: $random = 0; if( $row->sortfields != '' ) { $matches = null; if ( preg_match( '/^RAND\(\)\s(ASC|DESC)$/', $row->sortfields, $matches ) ) { // random sorting needs to have same seed on pages > 1 to not have probability to show same users: if ( $limitstart ) { $random = (int) $randomParam; } if ( ! $random ) { $random = rand( 0, 32767 ); } $row->sortfields = 'RAND(' . (int) $random . ') ' . $matches[1]; } $orderby = "\n ORDER BY " . $row->sortfields; } $filterby = ''; if ( $row->filterfields != '' ) { $filterRules = utf8RawUrlDecode( substr( $row->filterfields, 1 ) ); if ( $_CB_framework->myId() ) { $user = new moscomprofilerUser( $_CB_database ); if ( $user->load( (int) $_CB_framework->myId() ) ) { $filterRules = cbReplaceVars( $filterRules, $user, array( $_CB_database, 'getEscaped' ), false, array() ); } } $filterby = " AND ". $filterRules; } // Prepare part after SELECT .... " and before "FROM" : $tableReferences = array( '#__comprofiler' => 'ue', '#__users' => 'u' ); // Fetch all fields: $tabs = $myCbUser->_getCbTabs(); // new cbTabs( 0, 1 ); //TBD: later: this private method should not be called here, but the whole users-list should go into there and be called here. $allFields = $tabs->_getTabFieldsDb( null, $myUser, 'list' ); // $_CB_database->setQuery( "SELECT * FROM #__comprofiler_fields WHERE published = 1" ); // $allFields = $_CB_database->loadObjectList( 'fieldid', 'moscomprofilerFields', array( &$_CB_database ) ); //Make columns array. This array will later be constructed from the tabs table: $columns = array(); for ( $i = 1; $i < 50; ++$i ) { $enabledVar = "col".$i."enabled"; if ( ! isset( $row->$enabledVar ) ) { break; } $titleVar = "col".$i."title"; $fieldsVar = "col".$i."fields"; $captionsVar = "col".$i."captions"; if ( $row->$enabledVar == 1 ) { $col = new stdClass(); $col->fields = ( $row->$fieldsVar ? explode( '|*|', $row->$fieldsVar ) : array() ); $col->title = $row->$titleVar; $col->titleRendered = $myCbUser->replaceUserVars( $col->title ); $col->captions = $row->$captionsVar; // $col->sort = 1; //All columns can be sorted $columns[$i] = $col; } } // build fields and tables accesses, also check for searchable fields: $searchableFields = array(); $fieldsSQL = cbUsersList::getFieldsSQL( $columns, $allFields, $tableReferences, $searchableFields, $params ); $_PLUGINS->trigger( 'onAfterUsersListFieldsSql', array( &$columns, &$allFields, &$tableReferences ) ); $tablesSQL = array(); $joinsSQL = array(); $tablesWhereSQL = array( 'block' => 'u.block = 0', 'approved' => 'ue.approved = 1', 'confirmed' => 'ue.confirmed = 1' ); if ( checkJversion() == 2 ) { $joinsSQL[] = 'JOIN #__user_usergroup_map g ON g.`user_id` = u.`id`'; } if ( ! $isModerator ) { $tablesWhereSQL['banned'] = 'ue.banned = 0'; } if ( $usergids ) { if ( checkJversion() == 2 ) { $tablesWhereSQL['gid'] = 'g.group_id IN (' . $usergids . ')'; } else { $tablesWhereSQL['gid'] = 'u.gid IN (' . $usergids . ')'; } } foreach ( $tableReferences as $table => $name ) { $tablesSQL[] = $table . ' ' . $name; if ( $name != 'u' ) { $tablesWhereSQL[] = "u.`id` = " . $name . ".`id`"; } } // handles search criterias: $list_compare_types = $params->get( 'list_compare_types', 0 ); $searchVals = new stdClass(); $searchesFromFields = $tabs->applySearchableContents( $searchableFields, $searchVals, $searchFormValuesRAW, $list_compare_types ); $whereFields = $searchesFromFields->reduceSqlFormula( $tableReferences, $joinsSQL, TRUE ); if ( $whereFields ) { $tablesWhereSQL[] = '(' . $whereFields . ')'; /* if ( $search === null ) { $search = ''; } */ } $_PLUGINS->trigger( 'onBeforeUsersListBuildQuery', array( &$tablesSQL, &$joinsSQL, &$tablesWhereSQL ) ); $queryFrom = "FROM " . implode( ', ', $tablesSQL ) . ( count( $joinsSQL ) ? "\n " . implode( "\n ", $joinsSQL ) : '' ) . "\n WHERE " . implode( "\n AND ", $tablesWhereSQL ); // handles old formatted names search: /* if ( $search != '' ) { $searchSQL = cbEscapeSQLsearch( strtolower( $_CB_database->getEscaped( $search ) ) ); $queryFrom .= " AND ("; $searchFields = array(); if ( $ueConfig['name_format']!='3' ) { $searchFields[] = "u.name LIKE '%%s%'"; } if ( $ueConfig['name_format']!='1' ) { $searchFields[] = "u.username LIKE '%%s%'"; } if ( is_array( $plugSearchFieldsArray ) ) { foreach ( $plugSearchFieldsArray as $v ) { if ( is_array( $v ) ) { $searchFields = array_merge( $searchFields, $v ); } } } $queryFrom .= str_replace( '%s', $searchSQL, implode( " OR ", $searchFields ) ); $queryFrom .= ")"; } */ $queryFrom .= " " . $filterby; $_PLUGINS->trigger( 'onBeforeUsersListQuery', array( &$queryFrom, 1, $listid ) ); // $uid = 1 $errorMsg = null; // counts number of users and loads the listed fields of the users if not in search-form-only mode: if ( $searchmode == 0 ) { if ( checkJversion() == 2 ) { $_CB_database->setQuery( "SELECT COUNT(DISTINCT u.id) " . $queryFrom ); } else { $_CB_database->setQuery( "SELECT COUNT(*) " . $queryFrom ); } $total = $_CB_database->loadResult(); if ( ( $limit > $total ) || ( $limitstart >= $total ) ) { $limitstart = 0; } // $query = "SELECT u.id, ue.banned, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby if ( checkJversion() == 2 ) { $query = "SELECT DISTINCT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby; } else { $query = "SELECT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby; } $_CB_database->setQuery( $query, (int) $limitstart, (int) $limit ); $users = $_CB_database->loadObjectList( null, 'moscomprofilerUser', array( &$_CB_database ) ); if ( ! $_CB_database->getErrorNum() ) { // creates the CBUsers in cache corresponding to the $users: foreach ( array_keys( $users ) as $k) { CBuser::setUserGetCBUserInstance( $users[$k] ); } } else { $users = array(); $errorMsg = _UE_ERROR_IN_QUERY_TURN_SITE_DEBUG_ON_TO_VIEW; } if ( count( get_object_vars( $searchVals ) ) > 0 ) { $search = ''; } else { $search = null; } } else { $total = null; $users = array(); if ( $search === null ) { $search = ''; } } // Compute itemId of users in users-list: if ( $Itemid ) { $option_itemid = (int) $Itemid; } else { $option_itemid = getCBprofileItemid( 0 ); } HTML_comprofiler::usersList( $row, $users, $columns, $allFields, $lists, $listid, $search, $searchmode, $option_itemid, $limitstart, $limit, $total, $myUser, $searchableFields, $searchVals, $tabs, $list_compare_types, $showPaging, $hotlink_protection, $errorMsg, $random ); }
/** * Returns the tab description with all replacements of variables and of language strings made. * * @param cbTabHandler $tab * @param moscomprofilerUser $user * @param string $htmlId div id tag for the description html div * @return string */ function _writeTabDescription( $tab, $user, $htmlId = null ) { if ( $tab->description != null ) { $return = "\t\t<div class=\"tab_Description\"" . ( $htmlId ? " id=\"" . $htmlId . "\"" : "" ) . ">" . cbReplaceVars( cbUnHtmlspecialchars( $tab->description ), $user ) //TBD later: remove cbUnHtmlSpecialchars, as from CB 1.2 on the row is stored fine. ."</div>\n"; } else { $return = null; } return $return; }
static function usersList(&$row, &$users, &$columns, &$allFields, &$lists, $listid, $search, $searchmode, $option_itemid, $limitstart, $limit, $total, &$myUser, &$searchableFields, &$searchVals, &$tabs, $list_compare_types, $showPaging, $hotlink_protection, $errorMsg, $random) { global $_CB_framework, $ueConfig, $_PLUGINS, $_POST, $_GET, $_REQUEST; $results = $_PLUGINS->trigger('onBeforeDisplayUsersList', array(&$row, &$users, &$columns, &$allFields, &$lists, $listid, &$search, &$option_itemid, 1)); // $uid = 1 $cbTemplate = HTML_comprofiler::_cbTemplateLoad(); // regroup parts of the different plugins: $pluginAdditions = array('search', 'header', 'footer'); $pluginAdditions['search'] = array(); $pluginAdditions['header'] = array(); $pluginAdditions['footer'] = array(); if (is_array($results) && count($results) > 0) { foreach ($results as $res) { if (is_array($res)) { foreach ($res as $k => $v) { $pluginAdditions[$k][] = $v; } } } } $listTitleHtml = cbReplaceVars(getLangDefinition($row->title), $myUser); $listTitleNoHtml = strip_tags(cbReplaceVars(getLangDefinition($row->title), $myUser, false, false)); $listDescription = cbReplaceVars(getLangDefinition($row->description), $myUser); $_CB_framework->setPageTitle($listTitleNoHtml); $_CB_framework->appendPathWay($listTitleHtml); $cbSpoofField = cbSpoofField(); $cbSpoofString = cbSpoofString(null, 'usersList'); if ($hotlink_protection == 1) { $spoofAmp = "&" . $cbSpoofField . '=' . urlencode($cbSpoofString); } else { $spoofAmp = null; } // Base URL string: $ue_base_url = 'index.php?option=com_comprofiler&task=usersList&listid=' . (int) $listid . '&Itemid=' . (int) $option_itemid; $ue_base_url_non_sef = $_CB_framework->getCfg('live_site') . '/' . $ue_base_url; // $adminimagesdir = "components/com_comprofiler/images/"; $searchTabContent = $tabs->getSearchablesContents($searchableFields, $myUser, $searchVals, $list_compare_types); // table content: $tableContent =& HTML_comprofiler::_getListTableContent($users, $columns, $allFields); outputCbTemplate(1); //no need for now: initToolTip(1); // paginator addition: $pagingSearch = ''; foreach (get_object_vars($searchVals) as $k => $v) { if (is_array($v)) { $pArr = '&' . urlencode($k); foreach ($v as $kk => $vv) { $pagingSearch .= $pArr . '[' . urlencode($kk) . ']=' . urlencode($vv); } } else { $pagingSearch .= '&' . urlencode($k) . '=' . urlencode($v); } } if ($random) { $pagingSearch .= '&rand=' . (int) $random; } // Add Javascript to click tr: $jsClickTr = " {" . "\n\t\tvar cbUserURLs = new Array("; if (is_array($users) && $ueConfig['allow_profilelink'] == 1) { foreach ($users as $user) { $jsClickTr .= "'" . cbSef('index.php?option=com_comprofiler&task=userProfile&user='******',"; } } $jsClickTr .= "'');" . "\n\t\t\$('#cbUserTable > tbody > tr').click( function(e) {" . "\n\t\t\tif ( ! ( \$(e.target).is('a') || ( \$(e.target).is('img') && \$(e.target).parent().is('a') ) || \$(e.target).hasClass('cbClicksInside') || ( \$(e.target).parents('.cbClicksInside').length > 0 ) || ( \$(this).attr('id') == '' ) ) ) {" . ($ueConfig['allow_profilelink'] == 1 ? "\n\t\t\t\twindow.location = cbUserURLs[this.id.substr(3)];" : '') . "\n\t\t\t\treturn false;" . "\n\t\t\t}" . "\n\t\t} );" . "\n\t}"; $_CB_framework->outputCbJQuery($jsClickTr); /* // Add Javascript to pagination of list $jsPagination = " $('#cbUserList a.pagenav').click( function() {" // Get the href of the pagination link: . "\n var href = $(this).attr('href');" // Get the page limitstart value: . "\n var matches = /limitstart=(\\d*)/.exec(href);" . "\n if ( matches && matches.length == 2 ) {" // Set limitstart input: . "\n $('input#cbListlimitstart').val( matches[1] );" // Submit the form, so the values are taken: . "\n $('form#adminForm').submit();" // And avoid the <a> link being followed: . "\n return false;" . "\n }" // Link doesn't match, simply follow link: . "\n return true;" . "\n } );" ; $_CB_framework->outputCbJQuery( $jsPagination ); */ if (count($searchableFields) > 0) { cbUsersList::outputAdvancedSearchJs($search); } // list title: ?> <div class="cbUsersList"><div id="cbUsersListInner"> <?php if ($errorMsg) { echo '<div class="error">' . $errorMsg . '</div>'; } ?> <form class="cb_form" name="adminForm" id="adminForm" method="get" action="<?php echo $ue_base_url_non_sef . "&action=search"; // on purpose without SEF, as joomla 1.0/mambo 4.5.5 core sef doesn't work with this. ?> " > <input type="hidden" name="option" value="com_comprofiler" /> <input type="hidden" name="task" value="usersList" /> <input type="hidden" name="Itemid" value="<?php echo $option_itemid; ?> " /> <input type="hidden" name="limitstart" id="cbListlimitstart" value="0" /> <input type="hidden" name="search" value="" /> <?php /* old method, replaced by hidden search field above: <div class="cbUserListSearchBox"> <div> <input type="text" name="search" class="inputbox" size="15" maxlength="100" value="<?php echo htmlspecialchars( $search ); ?>" /> <input type="image" src="<?php echo $adminimagesdir; ?>search.gif" alt="<?php echo _UE_SEARCH; ?>" align="top" style="border: 0px;" /> </div> </div> <div class="cbClr"></div> */ echo cbGetSpoofInputTag(null, $cbSpoofString); // Render search-area header: if (count($pluginAdditions['search'])) { $searchTabContent .= '<div class="cbClr"></div><div id="cbUserListSearchPlugins"><div>' . implode('</div><div>', $pluginAdditions['search']) . '</div></div>'; } $totalIsAllUsers = !($search !== null || $row->filterfields != ''); $searchResultDisplaying = $search !== null; $searchCriteriaTitleHtml = cbReplaceVars(_UE_SEARCH_CRITERIA, $myUser); if ($searchmode == 0) { $searchResultsTitleHtml = cbReplaceVars(_UE_SEARCH_RESULTS, $myUser); } else { $searchResultsTitleHtml = null; } echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $myUser, 'List', 'drawListHead', array(&$lists, $listid, $total, $totalIsAllUsers, $searchTabContent, $searchResultDisplaying, $ue_base_url_non_sef, $listTitleHtml, $listDescription, $searchCriteriaTitleHtml, $searchResultsTitleHtml)); ?> </form> <?php if ($searchmode == 0) { if (count($pluginAdditions['header'])) { echo '<div id="cbUserListHeader"><div>' . implode('</div><div>', $pluginAdditions['header']) . '</div></div>'; } if ($showPaging && ($limitstart != 0 || $limit <= $total)) { // top page links: ?> <div class="cbUserListPagination cbUserListPaginationTop" style="width:100%;text-align:center;"><?php echo writePagesLinks($limitstart, $limit, $total, $ue_base_url . $pagingSearch . $spoofAmp, $search); ?> </div> <?php } // Render the list itself: echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $myUser, 'List', 'drawListBody', array(&$users, &$columns, &$tableContent, $listid, $ueConfig['allow_profilelink'])); if ($showPaging && ($limitstart != 0 || $limit <= $total)) { // bottom page links: ?> <div class="cbUserListPagination cbUserListPaginationBottom" style="width:100%;text-align:center;"><?php echo writePagesLinks($limitstart, $limit, $total, $ue_base_url . $pagingSearch . $spoofAmp, $search); ?> </div> <?php } if (count($pluginAdditions['footer'])) { echo '<div id="cbUserListFooter"><div>' . implode('</div><div>', $pluginAdditions['footer']) . '</div></div>'; } } // end of if ( $searchmode == 0 ) ?> </div><div class="cbClr"> </div></div><div class="cbClr"> </div> <?php }
/** * Generates the HTML to display the user profile tab * @param moscomprofilerTab $tab the tab database entry * @param moscomprofilerUser $user the user being displayed * @param int $ui 1 for front-end, 2 for back-end * @return mixed either string HTML for tab content, or false if ErrorMSG generated */ function getDisplayTab($tab, $user, $ui) { global $ueConfig; // Display user's name + "Profile Page" $params = $this->params; $title = cbReplaceVars($params->get('title', '_UE_PROFILE_TITLE_TEXT'), $user); $name = getNameFormat($user->name, $user->username, $ueConfig['name_format']); $return = '<div class="contentheading" id="cbProfileTitle">' . sprintf($title, $name) . "</div>\n"; $return .= $this->_writeTabDescription($tab, $user); return $return; }
/** * Returns the tab description with all replacements of variables and of language strings made. * * @param TabTable $tab * @param UserTable $user * @param string $htmlId div id tag for the description html div * @return string */ protected function _writeTabDescription($tab, $user, $htmlId = null) { if ($tab->description == null) { return null; } $return = '<div class="tab_description form-group cb_form_line clearfix cbtwolinesfield"' . ($htmlId ? ' id="' . $htmlId . '"' : '') . '>' . '<div class="cb_field col-sm-12">' . '<div>' . cbReplaceVars(cbUnHtmlspecialchars($tab->description), $user) . '</div>' . '</div>' . '</div>'; return $return; }
/** * Draws the invoice * * @param UserTable $user * @param array $extraStrings * @param boolean $displayButtons Displays the PRINT and CLOSE buttons * @return string HTML */ public function drawInvoice( $user, $extraStrings, $displayButtons = true ) { /** @var $invoice cbpaidPaymentBasket */ $invoice = $this->_model; $this->user = $user; $this->extraStrings = $extraStrings; $this->displayButtons = $displayButtons; $params = cbpaidApp::settingsParams(); $invoiceHeader = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoice_header', '' ) ) ), $user, true, false, $extraStrings, false ); $invoiceHeaderAltText = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoice_header_alt_text' ) ) ), $user, false, false, $extraStrings, false ); $this->invoiceHeaderAlign = trim( $params->get( 'invoice_header_align', '' ) ); $invoiceFooter = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoice_footer', '' ) ) ), $user, true, false, $extraStrings, false ); $invoiceFooterAltText = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoice_footer_alt_text' ) ) ), $user, false, false, $extraStrings, false ); $this->invoiceFooterAlign = trim( $params->get( 'invoice_footer_align', '' ) ); $this->invoicerAddress = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoicer_address', '' ) ) ), $user, true, false, $extraStrings, false ); $this->invoiceConditions = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoice_conditions', '' ) ) ), $user, true, false, $extraStrings, false ); if ( $invoiceHeader ) { if ( preg_match( "/(\\.jpg|\\.png|\\.gif)$/i", $invoiceHeader ) ) { $this->header = '<img src="' . htmlspecialchars( $invoiceHeader ) . '" alt="' . htmlspecialchars( CBPTXT::T( $invoiceHeaderAltText ) ) . "\" />\n"; } else { $this->header = $invoiceHeader; } } else { $this->header = null; } if ( $invoiceFooter ) { if ( preg_match( "/(\\.jpg|\\.png|\\.gif)$/i", $invoiceFooter ) ) { $this->footer = '<img src="' . htmlspecialchars( $invoiceFooter ) . '" alt="' . htmlspecialchars( CBPTXT::T( $invoiceFooterAltText ) ) . "\" />\n"; } else { $this->footer = $invoiceFooter; } } else { $this->footer = null; } $this->invoiceDate = cbFormatDate( $invoice->time_initiated, 1, false ); $this->invoiceNumberTitle = CBPTXT::Th( $invoice->getInvoiceTitleFormat() ); $this->invoiceNumber = $invoice->invoice; $this->invoiceNumberHtml = '<span class="cbregInvTitle">' . str_replace( ' ', ' ', str_replace( '[INVOICENUMBER]', '<span class="cbregInvField">' . $invoice->invoice . '</span>', $this->invoiceNumberTitle ) ) . '</span>'; $this->paymentType = CBPTXT::T( $invoice->payment_type ); /* $this->address = $invoice->payer_business_name . "\n" . $invoice->first_name . ' ' . $invoice->last_name . "\n" . $invoice->address_street . "\n" . $invoice->address_city . ( $invoice->address_state ? ', ' . $invoice->address_state : '' ) . "\n" . $invoice->address_zip . "\n" . $invoice->address_country ; */ $this->address = cbReplaceVars( CBPTXT::T( trim( $params->get( 'invoice_address_format' ) ) ), $user, false, false, $extraStrings, false ); if ( $this->address == strip_tags( $this->address ) ) { $this->address = nl2br( $this->address ); } $this->basketHtml = $invoice->displayBasket( "Invoice details", '', 'invoice' ); // it's translated, this is for translations grabber: CBPTxt::Th("Invoice details"); return $this->display(); }
/** * @param ListTable $row * @param UserTable[] $users * @param array $columns * @param FieldTable[] $fields * @param array $input * @param string|null $search * @param int $searchmode * @param cbPageNav $pageNav * @param UserTable $myUser * @param FieldTable[] $searchableFields * @param stdClass $searchValues * @param cbTabs $tabs * @param string|null $errorMsg * @param bool $listAll * @param int $random */ static function usersList(&$row, &$users, &$columns, &$fields, &$input, $search, $searchmode, $pageNav, &$myUser, &$searchableFields, &$searchValues, &$tabs, $errorMsg, $listAll = true, $random = 0) { global $_CB_framework, $_PLUGINS, $_POST, $_GET, $_REQUEST; $params = new Registry($row->params); // The Itemid for this userlist; kept for trigger B/C: $Itemid = getCBprofileItemid(null, 'userslist', '&listid=' . (int) $row->listid); $results = $_PLUGINS->trigger('onBeforeDisplayUsersList', array(&$row, &$users, &$columns, &$fields, &$input, $row->listid, &$search, &$Itemid, 1)); // $uid = 1 // Plugin content divided by location: $pluginAdditions = array('search', 'header', 'footer'); $pluginAdditions['search'] = array(); $pluginAdditions['header'] = array(); $pluginAdditions['footer'] = array(); if (is_array($results) && count($results) > 0) { foreach ($results as $res) { if (is_array($res)) { foreach ($res as $k => $v) { $pluginAdditions[$k][] = $v; } } } } outputCbTemplate(1); outputCbJs(); cbValidator::loadValidation(); $cbTemplate = HTML_comprofiler::_cbTemplateLoad(); if ($errorMsg) { $_CB_framework->enqueueMessage($errorMsg, 'error'); } // Page title and pathway: $listTitleHtml = cbReplaceVars($row->title, $myUser); $listTitleNoHtml = strip_tags(cbReplaceVars($row->title, $myUser, false, false)); $listDescription = cbReplaceVars($row->description, $myUser); $_CB_framework->setPageTitle($listTitleNoHtml); $_CB_framework->appendPathWay($listTitleHtml); // Add row click JS: if ($params->get('allow_profilelink', 1)) { $allowProfileLink = true; } else { $allowProfileLink = false; } $js = "var cbUserURLs = [];"; if (is_array($users) && $allowProfileLink) { // Ensures the jQuery array index matches the same as HTML ID index (e.g. cbU0, cbU1): $index = 0; foreach ($users as $user) { $js .= "cbUserURLs[{$index}] = '" . addslashes($_CB_framework->userProfileUrl((int) $user->id, false)) . "';"; $index++; } } $js .= "\$( '.cbUserListRow' ).click( function( e ) {" . "if ( ! ( \$( e.target ).is( 'a' ) || ( \$( e.target ).is( 'img' ) && \$( e.target ).parent().is( 'a' ) ) || \$( e.target ).hasClass( 'cbClicksInside' ) || ( \$( e.target ).parents( '.cbClicksInside' ).length > 0 ) || ( \$( this ).attr( 'id' ) == '' ) ) ) {" . "var index = \$( this ).prop( 'id' ).substr( 3 );"; if ($allowProfileLink) { $js .= "window.location = cbUserURLs[index];"; } $js .= "return false;" . "}" . "});"; $_CB_framework->outputCbJQuery($js); // Search JS: $isSearching = $search !== null; if ($isSearching && $params->get('list_search_collapse', 0) && !in_array($searchmode, array(1, 2))) { $isCollapsed = true; } else { $isCollapsed = false; } if (count($searchableFields) > 0) { cbUsersList::outputAdvancedSearchJs($isCollapsed ? null : $search); } // Base form URL: $baseUrl = $_CB_framework->rawViewUrl('userslist', true, array('listid' => (int) $row->listid, 'searchmode' => 0), 'html', 0, '&listid=' . (int) $row->listid); // Searching attributes: $showAll = $search === null; $criteriaTitle = cbReplaceVars(CBTxt::Th('UE_SEARCH_CRITERIA', 'Search criteria'), $myUser); if ($searchmode == 0 || $searchmode == 1 && count(get_object_vars($searchValues)) || $searchmode == 2) { $resultsTitle = cbReplaceVars(CBTxt::Th('UE_SEARCH_RESULTS', 'Search results'), $myUser); } else { $resultsTitle = null; } // Search content: $searchTabContent = $tabs->getSearchableContents($searchableFields, $myUser, $searchValues, $params->get('list_compare_types', 0)); if (count($pluginAdditions['search'])) { $searchTabContent .= '<div class="cbUserListSearchPlugins">' . '<div>' . implode('</div><div>', $pluginAdditions['search']) . '</div>' . '</div>'; } // User row content: $tableContent =& HTML_comprofiler::_getListTableContent($users, $columns, $fields); if ($params->get('list_grid_layout', 0)) { $layout = 'grid'; } else { $layout = 'list'; } $gridHeight = (int) $params->get('list_grid_height', 200); $gridWidth = (int) $params->get('list_grid_width', 200); if ($params->get('list_show_selector', 1)) { $listSelector = true; } else { $listSelector = false; } $pageClass = $_CB_framework->getMenuPageClass(); $return = '<div class="cbUsersList cb_template cb_template_' . selectTemplate('dir') . ($pageClass ? ' ' . htmlspecialchars($pageClass) : null) . '">' . '<form action="' . $_CB_framework->rawViewUrl('userslist', true, array('listid' => (int) $row->listid), 'html', 0, '&listid=' . (int) $row->listid) . '" method="get" id="adminForm" name="adminForm" class="cb_form form-auto cbValidation">' . '<input type="hidden" name="option" value="com_comprofiler" />' . '<input type="hidden" name="view" value="userslist" />' . (!$listSelector ? '<input type="hidden" name="listid" value="' . (int) $row->listid . '" />' : null) . '<input type="hidden" name="Itemid" value="' . (int) $Itemid . '" />' . '<input type="hidden" name="limitstart" value="0" />' . '<input type="hidden" name="searchmode" value="' . (int) $searchmode . '" />' . '<input type="hidden" name="search" value="" />' . ($random ? '<input type="hidden" name="rand" value="' . (int) $random . '" />' : null) . cbGetSpoofInputTag('userslist') . $_PLUGINS->callTemplate($cbTemplate, 'List', 'drawListHead', array(&$input, $row->listid, $pageNav->total, $showAll, $searchTabContent, $isSearching, $baseUrl, $listTitleHtml, $listDescription, $criteriaTitle, $resultsTitle, $listAll, $listSelector, $isCollapsed, $searchmode), 'html'); if ($searchmode == 0 || $searchmode == 1 && count(get_object_vars($searchValues)) || $searchmode == 2) { $canPage = $params->get('list_paging', 1) && ($pageNav->limitstart != 0 || $pageNav->limit <= $pageNav->total); if (count($pluginAdditions['header'])) { $return .= '<div class="cbUserListHeader">' . '<div>' . implode('</div><div>', $pluginAdditions['header']) . '</div>' . '</div>'; } $return .= $_PLUGINS->callTemplate($cbTemplate, 'List', 'drawListBody', array(&$users, &$columns, &$tableContent, $row->listid, $allowProfileLink, $layout, $gridHeight, $gridWidth, $searchmode), 'html'); if ($canPage) { $return .= '<div class="cbUserListPagination cbUserListPaginationBottom text-center">' . $pageNav->getListLinks() . '</div>'; } if (count($pluginAdditions['footer'])) { $return .= '<div class="cbUserListFooter">' . '<div>' . implode('</div><div>', $pluginAdditions['footer']) . '</div>' . '</div>'; } } $return .= '</form>' . '</div>' . cbPoweredBy(); echo $return; $_CB_framework->setMenuMeta(); }
/** * @param string $value * @param string $reason * @param null|FieldTable $field * @param null|UserTable $user * @param boolean $htmlspecialchars * @param array $extra * @return string */ protected function formatFieldValueLayout($value, $reason = 'profile', $field = null, $user = null, $htmlspecialchars = true, $extra = array()) { if (in_array($reason, array('profile', 'list', 'edit', 'register')) && $value !== null && $value !== '' && $field !== null && !$field->get('_hideLayout', 0)) { switch ($reason) { case 'register': $layout = CBTxt::T($field->params->get('fieldLayoutRegister', null)); break; case 'edit': $layout = CBTxt::T($field->params->get('fieldLayoutEdit', null)); break; case 'list': $layout = CBTxt::T($field->params->get('fieldLayoutList', null)); break; case 'profile': default: $layout = CBTxt::T($field->params->get('fieldLayout', null)); break; } // Remove userdata and userfield usage of self from layout to avoid infinite loop: $layout = trim(preg_replace('/\\[cb:(userdata +field|userfield +field)="' . preg_quote($field->get('name')) . '"[^]]+\\]/i', '', $layout)); if ($layout) { $value = str_replace('[value]', $value, $layout); if ($field->params->get('fieldLayoutContentPlugins', 0)) { $value = Application::Cms()->prepareHtmlContentPlugins($value); } if ($user !== null) { $value = cbReplaceVars($value, $user, $htmlspecialchars, true, $extra); } } } return $value; }
function _replaceVariables($msg, $row, $mode = 0, $extraStrings = null) { global $_CB_framework, $ueConfig; if ($extraStrings === null) { $extraStrings = array(); } if ($ueConfig['reg_confirmation'] == 1) { if ($row->confirmed) { $confirmLink = "\n" . _UE_USER_EMAIL_CONFIRMED . ".\n"; } else { if ($row->cbactivation) { $confirmCode = $row->cbactivation; } else { $confirmCode = ''; } // no sef here ! space added after link for dumb emailers (Ms Entourage) $confirmLink = " \n" . $_CB_framework->getCfg('live_site') . "/index.php?option=com_comprofiler&task=confirm&confirmcode=" . $confirmCode . getCBprofileItemid(false, 'confirm') . " \n"; // not implemented in viewUrl yet: $confirmLink = " \n". $_CB_framework->viewUrl( 'confirm', array( 'confirmcode' => $confirmCode ) ) ." \n"; } } else { $confirmLink = ' '; } $msg = str_replace(array('\\n'), array("\n"), $msg); // was eval ("\$msg = \"$msg\";"); // compensate for wrong language definitions (using '\n' instaed of "\n") $msg = cbstr_ireplace("[EMAILADDRESS]", $row->email, $msg); $msg = cbstr_ireplace("[SITEURL]", $_CB_framework->getCfg('live_site'), $msg); $msg = cbstr_ireplace("[DETAILS]", $this->_getUserDetails($row, isset($ueConfig['emailpass']) ? $ueConfig['emailpass'] : 0), $msg); $msg = cbstr_ireplace("[CONFIRM]", $confirmLink, $msg); $msg = cbReplaceVars($msg, $row, $mode, true, $extraStrings); // this is for plaintext emails, no htmlspecialchars needed here. return $msg; }
/** * @param string $message * @param UserTable $row * @param int $mode * @param array $extras * @return string */ public function _replaceVariables($message, $row, $mode = 0, $extras = array()) { global $_CB_framework, $ueConfig; // Always build the confirm link for substitution: $confirmLink = $_CB_framework->rawViewUrl('confirm', false, array('confirmcode' => $row->cbactivation)); // Lets build the confirm output only if confirmation is enabled: if ($ueConfig['reg_confirmation'] == 1) { if ($row->confirmed) { $confirm = "\n" . CBTxt::T('UE_USER_EMAIL_CONFIRMED', 'Email address is already confirmed') . "\n"; } else { $confirm = "\n" . $confirmLink . "\n"; } } else { $confirm = null; } // Lets fix linebreaks encase the message was sent as a plain string: $message = str_replace(array('\\r\\n', '\\n'), array("\r\n", "\n"), $message); // Prepare default substitution extras (note how we push some normal substitutions as extras so non-existing users can still substitute information): $extraStrings = array('emailaddress' => $row->email, 'email' => $row->email, 'formatname' => getNameFormat($row->name, $row->username, $ueConfig['name_format']), 'name' => $row->name, 'username' => $row->username, 'details' => $this->_getUserDetails($row, isset($ueConfig['emailpass']) ? $ueConfig['emailpass'] : 0), 'confirm' => $confirm, 'confirmlink' => $confirmLink, 'sitename' => $_CB_framework->getCfg('sitename'), 'siteurl' => $_CB_framework->getCfg('live_site')); // Combine default substitutions with extras supplied: if ($extras && is_array($extras)) { $extraStrings = array_merge($extraStrings, $extras); } if ($row instanceof UserTable && $row->id) { return CBuser::getInstance($row->id)->replaceUserVars($message, true, true, $extraStrings, false); } return cbReplaceVars($message, $row, $mode, true, $extraStrings, false); }
/** * Outputs legacy user mass mailer and user reconfirm email display * * @param string $option * @param string $task * @param int[] $cid * @return bool * @deprecated 2.0 */ public function showUsers($option, $task, $cid) { global $_CB_framework, $_CB_database, $ueConfig, $_PLUGINS; cbimport('language.all'); cbimport('cb.tabs'); cbimport('cb.params'); cbimport('cb.pagination'); cbimport('cb.lists'); // We just need the user rows as we've already filtered down the IDs in user management: $query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . " AS c" . "\n INNER JOIN " . $_CB_database->NameQuote('#__users') . " AS u" . ' ON u.' . $_CB_database->NameQuote('id') . ' = c.' . $_CB_database->NameQuote('id') . "\n WHERE u." . $_CB_database->NameQuote('id') . " IN ( " . implode(', ', cbArrayToInts($cid)) . " )"; $_CB_database->setQuery($query); $rows = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\UserTable', array($_CB_database)); $total = count($rows); if ($task == 'resendconfirmationemails') { if (!$rows) { cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => $task)), 'error'); } $count = 0; /** @var UserTable[] $rows */ foreach ($rows as $row) { if ($row->confirmed == 0) { if ($row->cbactivation == '') { // Generate a new confirmation code if the user doesn't have one (requires email confirmation to be enabled): $row->store(); } $cbNotification = new cbNotification(); $cbNotification->sendFromSystem($row->id, CBTxt::T($ueConfig['reg_pend_appr_sub']), CBTxt::T($ueConfig['reg_pend_appr_msg']), true, isset($ueConfig['reg_email_html']) ? (int) $ueConfig['reg_email_html'] : 0); ++$count; } } cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SENT_CONFIRMATION_EMAILS_TO_NUM_USERS_USERS', 'Sent confirmation emails to [NUM_USERS] users', array('[NUM_USERS]' => $count))); } else { $emailSubject = stripslashes(cbGetParam($_POST, 'emailsubject', '')); $emailBody = stripslashes(rawurldecode(cbGetParam($_POST, 'emailbody', '', _CB_ALLOWRAW | _CB_NOTRIM))); $emailAttach = stripslashes(cbGetParam($_POST, 'emailattach', '')); $emailsPerBatch = stripslashes(cbGetParam($_POST, 'emailsperbatch', 50)); $emailsBatch = stripslashes(cbGetParam($_POST, 'emailsbatch', 0)); $emailFromName = stripslashes(cbGetParam($_POST, 'emailfromname', '')); $emailFromAddr = stripslashes(cbGetParam($_POST, 'emailfromaddr', '')); $emailReplyName = stripslashes(cbGetParam($_POST, 'emailreplyname', '')); $emailReplyAddr = stripslashes(cbGetParam($_POST, 'emailreplyaddr', '')); $emailPause = stripslashes(cbGetParam($_POST, 'emailpause', 30)); $simulationMode = stripslashes(cbGetParam($_POST, 'simulationmode', '')); // B/C trigger variables: if (count($cid) > 0 && count($cid) < $total) { $total = count($cid); } $pageNav = new cbPageNav($total, 0, 10); $search = ''; $lists = array(); $inputTextExtras = null; $select_tag_attribs = null; if ($task == 'emailusers') { if (!$rows) { cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => $task)), 'error'); } $pluginRows = $_PLUGINS->trigger('onBeforeBackendUsersEmailForm', array(&$rows, &$pageNav, &$search, &$lists, &$cid, &$emailSubject, &$emailBody, &$inputTextExtras, &$select_tag_attribs, $simulationMode, $option, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr)); $usersView = _CBloadView('users'); /** @var CBView_users $usersView */ $usersView->emailUsers($rows, $emailSubject, $emailBody, $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsPerBatch, $emailsBatch, $emailPause, $simulationMode, $pluginRows); } elseif ($task == 'startemailusers') { $pluginRows = $_PLUGINS->trigger('onBeforeBackendUsersEmailStart', array(&$rows, $total, $search, $lists, $cid, &$emailSubject, &$emailBody, &$inputTextExtras, $simulationMode, $option, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr)); $usersView = _CBloadView('users'); /** @var CBView_users $usersView */ $usersView->startEmailUsers($rows, $emailSubject, $emailBody, $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsPerBatch, $emailsBatch, $emailPause, $simulationMode, $pluginRows); } elseif ($task == 'ajaxemailusers') { cbSpoofCheck('cbadmingui'); cbRegAntiSpamCheck(); $cbNotification = new cbNotification(); $mode = 1; // html $errors = 0; $success = array(); $failed = array(); $users = array_slice($rows, $emailsBatch, $emailsPerBatch); if ($simulationMode) { $success = array('<div class="alert alert-info">' . CBTxt::T('Emails do not send in simulation mode') . '</div>'); } else { foreach ($users as $user) { $extraStrings = array(); $_PLUGINS->trigger('onBeforeBackendUserEmail', array(&$user, &$emailSubject, &$emailBody, $mode, &$extraStrings, $simulationMode, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr)); $attachments = cbReplaceVars($emailAttach, $user, $mode, true, $extraStrings); if ($attachments) { $attachments = preg_split(' *, *', $attachments); } else { $attachments = null; } if (!$cbNotification->sendFromSystem($user, $emailSubject, $this->makeLinksAbsolute($emailBody), true, $mode, null, null, $attachments, $extraStrings, false, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr)) { $failed[] = '<div class="alert alert-danger">' . '<strong>' . htmlspecialchars($user->name . ' <' . $user->email . '>') . '</strong>: ' . CBTxt::Th('ERROR_SENDING_EMAIL_ERRORMSG', 'Error sending email: [ERROR_MSG]', array('[ERROR_MSG]' => $cbNotification->errorMSG)) . '</div>'; ++$errors; } else { $success[] = htmlspecialchars($user->name . ' <' . $user->email . '>'); } } } $usernames = implode(', ', $success) . implode('', $failed); if ($total < $emailsPerBatch) { $limit = $total; } else { $limit = $emailsPerBatch; } ob_start(); $usersView = _CBloadView('users'); /** @var CBView_users $usersView */ $usersView->ajaxResults($usernames, $emailSubject, $this->makeLinksAbsolute($emailBody), $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsBatch, $limit, $total, $errors); $html = ob_get_contents(); ob_end_clean(); $reply = array('result' => 1, 'htmlcontent' => $html); if (!($total - ((int) $emailsBatch + (int) $emailsPerBatch) > 0)) { $reply['result'] = 2; } echo json_encode($reply); } } }