/**
* Verifies a recaptcha
*
* @param $priv_key private recaptcha key
* @return true on success
*/
public function verify()
{
$error = ErrorHandler::getInstance();
$conf = RecaptchaConfig::getInstance();
if (empty($_POST['recaptcha_challenge_field']) || empty($_POST['recaptcha_response_field'])) {
$error->add('No captcha answer given.');
return false;
}
if (!$conf->getPublicKey() || !$conf->getPrivateKey()) {
die('ERROR - Get Recaptcha API key at http://recaptcha.net/api/getkey');
}
$params = array('privatekey' => $conf->getPrivateKey(), 'remoteip' => client_ip(), 'challenge' => $_POST['recaptcha_challenge_field'], 'response' => $_POST['recaptcha_response_field']);
$http = new HttpClient($this->api_url_verify);
$res = $http->post($params);
$answers = explode("\n", $res);
if (trim($answers[0]) == 'true') {
return true;
}
switch ($answers[1]) {
case 'incorrect-captcha-sol':
$e = 'Incorrect captcha solution';
break;
default:
$e = 'untranslated error: ' . $answers[1];
}
$error->add($e);
return false;
}
/**
* Looks up user supplied email address / alias and sends a mail
*
* @param $email email address or username
*/
function sendMail($in)
{
$in = trim($in);
if (is_email($in)) {
$user_id = UserFinder::byEmail($in);
} else {
$user_id = UserFinder::byUsername($in);
}
$error = ErrorHandler::getInstance();
if (!$user_id) {
$error->add('Invalid email address or username');
return false;
}
$email = UserSetting::getEmail($user_id);
if (!$email) {
throw new \Exception('entered email not found');
}
$code = Token::generate($user_id, 'activation_code');
$pattern = array('/@USERNAME@/', '/@IP@/', '/@URL@/', '/@EXPIRETIME@/');
$user = User::get($user_id);
$page = XmlDocumentHandler::getInstance();
$url = $page->getUrl() . 'u/reset_pwd/' . $code;
$replacement = array($user->getName(), client_ip(), $url, shortTimePeriod($this->expire_time_email));
$msg = preg_replace($pattern, $replacement, $this->password_msg);
//d($msg);
$mail = SendMail::getInstance();
$mail->addRecipient($email);
$mail->setSubject('Forgot password');
$mail->send($msg);
return true;
}
/**
* Checks if client IP address is in the whitelist
* Useful to create simple IP access rules
*
* @param $whitelist array of IPv4 addresses
* @return true if client IP address is in the $allowed list
*/
function allowed_ip($whitelist)
{
if (php_sapi_name() == 'cli') {
return true;
}
$ip = IPv4_to_GeoIP(client_ip());
return match_ip($ip, $whitelist);
}
private function addCommand()
{
$query = $this->db_connection->prepare('INSERT INTO command_redirects(author_ip, command, url) VALUES(?, ?, ?)');
$query->bind_param('sss', client_ip(), $this->route_matches[2], $this->route_matches[3]);
if ($query->execute()) {
return true;
} else {
return false;
}
}
private function create_paste()
{
$query = $this->db_connection->prepare('INSERT INTO pastebin_pastes(ip, text) VALUES(?, ?)');
$query->bind_param('ss', client_ip(), $this->paste_text);
if ($query->execute()) {
$this->paste_id = $query->insert_id;
return true;
} else {
return false;
}
}
/**
* 如果没有配置日志路径则不写日志,
* 使用php内置的error_log记录错误日志
*
* @param string $message
* @return bool
*/
function log_message($message, $dir = NULL)
{
if (is_null($dir)) {
$dir = \Core\Application::config()->log_dir;
}
$client_ip = client_ip();
if (!is_dir($dir)) {
@mkdir($dir, 0755, TRUE);
}
$file = $dir . '/' . date('Y-m-d') . '.log';
return error_log(date('H:i:s ') . $client_ip . " {$message}\n", 3, $file);
}
protected function zlogCreate($index, $name, $extra = '')
{
$data = array(
'type' => $this->zlogType,
'uid' => user()->get('id'),
'uip' => ip2long(client_ip()),
'index' => $index,
'name' => $name,
'extra' => $extra,
'time' => time()
);
return dbc(DBCMax)->insert('zlog')->data($data)->done();
}
/**
* Helper function to create new comments
*/
public static function create($type, $owner, $msg, $private = false)
{
$session = SessionHandler::getInstance();
$c = new Comment();
$c->type = $type;
$c->owner = $owner;
$c->msg = $msg;
$c->private = $private;
$c->creator = $session->id;
$c->creator_ip = client_ip();
$c->time_created = sql_datetime(time());
return $c->store();
}
public function render()
{
if (count($this->route_matches) > 1) {
$query = $this->route_matches[1];
} else {
$query = client_ip();
}
$whois_client = new DaGdWhois($query);
$response = $whois_client->performQuery();
if (preg_match('/(?:Org\\-?Name|contact:Name): ?(.+)/', $response, $org_matches)) {
return trim($org_matches[1]);
}
return 'ISP could not be found.';
}
function logout()
{
$userid = isset($_SESSION['userid']) ? $_SESSION['userid'] : 0;
$ip = client_ip();
update_user_status($_SESSION['userid'], 0, $ip, $_SERVER['HTTP_USER_AGENT']);
update_confid($userid, md5(mt_rand()));
$dir = $_SERVER['DOCUMENT_ROOT'] . "/Contacts/views/user/temp/" . md5($userid);
if (file_exists($dir)) {
removeDir($dir);
}
unset($_SESSION['userid']);
unset($_SESSION['timeout']);
unset($_SESSION['username']);
unset($_SESSION['isLoggedIn']);
unset($_SESSION['becomeLogin']);
}
/**
* 初始化数据
* @param string $order_id $this->mchid.date('YmdHis').rand(1000, 9999);
* @return \WX\Redcash\Common
*/
public function init_params($order_id, $send_name, $nick_name, $open_id, $total_amount, $min_value, $max_value, $total_num, $wishing, $action_name, $remark)
{
$this->params['nonce_str'] = $this->create_noncestr();
$this->params['mch_billno'] = $order_id;
$this->params['mch_id'] = $this->mchid;
$this->params['wxappid'] = $this->appid;
$this->params['nick_name'] = $nick_name;
$this->params['send_name'] = $send_name;
$this->params['re_openid'] = $open_id;
$this->params['total_amount'] = $total_amount;
$this->params['min_value'] = $min_value;
$this->params['max_value'] = $max_value;
$this->params['total_num'] = $total_num;
$this->params['wishing'] = $wishing;
$this->params['client_ip'] = client_ip();
$this->params['act_name'] = $action_name;
$this->params['remark'] = $remark;
return $this;
}
/**
* Sends a account activation mail to specified user
*
* @param $_id user id
*/
function xxx_sendActivationMail($_id)
{
if (!is_numeric($_id)) {
return false;
}
$email = loadUserdataEmail($_id);
if (!$email) {
return false;
}
$code = generateActivationCode(ACTIVATE_EMAIL, 1000000, 9999999);
createActivation(ACTIVATE_EMAIL, $code, $_id);
$subj = 'Account activation';
$pattern = array('/__USERNAME__/', '/__IP__/', '/__CODE__/', '/__URL__/', '/__EXPIRETIME__/');
$replacement = array(Users::getName($_id), client_ip(), $code, xhtmlGetUrl("activate.php?id=" . $_id . "&code=" . $code), shortTimePeriod($this->expire_time_email));
$msg = preg_replace($pattern, $replacement, $this->mail_activate_msg);
if (!$this->SmtpSend($email, $subj, $msg)) {
return false;
}
$this->activation_sent = true;
return true;
}
function handleSubmit($p)
{
$session = SessionHandler::getInstance();
$error = ErrorHandler::getInstance();
if (empty($p['comment'])) {
return false;
}
if (!$session->id) {
$error->add('Unauthorized submit');
return false;
}
$c = new Comment();
$c->type = $p['type'];
$c->msg = $p['comment'];
$c->private = 0;
$c->time_created = sql_datetime(time());
$c->owner = $p['owner'];
$c->creator = $session->id;
$c->creator_ip = client_ip();
$c->store();
redir($_SERVER['REQUEST_URI']);
}
function wordpress_oauth_firewall_init()
{
$options = get_option('wo_options');
if (!_vl()) {
return;
}
if (isset($options['firewall_block_all_incomming']) && $options['firewall_block_all_incomming']) {
$remote_addr = client_ip();
$whitelist = str_replace(' ', '', $options['firewall_ip_whitelist']);
// remove all whitespace
$whitelist_array = explode(',', $whitelist);
if (in_array($remote_addr, $whitelist_array)) {
return;
}
header('Content-Type: application/json');
$response = array('error' => 'Unauthorized');
print json_encode($response);
exit;
}
}
private function _init_env()
{
error_reporting(E_ERROR);
@set_time_limit(300);
if (PHP_VERSION < '5.3.0') {
set_magic_quotes_runtime(0);
}
define('IN_JISHIGOU', true);
define('ROOT_PATH', substr(dirname(__FILE__), 0, -8) . '/');
define('PLUGIN_DIR', ROOT_PATH . 'plugin');
define('RELATIVE_ROOT_PATH', './');
define('MAGIC_QUOTES_GPC', get_magic_quotes_gpc());
define('TIMESTAMP', time());
if (!defined('JISHIGOU_GLOBAL_FUNCTION') && !@(include ROOT_PATH . 'include/func/global.func.php')) {
exit('global.func.php is not exists');
}
if (function_exists('ini_set')) {
ini_set('memory_limit', '256M');
ini_set('max_execution_time', 300);
ini_set('arg_seperator.output', '&');
ini_set('magic_quotes_runtime', 0);
ini_set('session.save_path', ROOT_PATH . 'data/temp/session/');
}
$superglobal = array('GLOBALS' => 1, '_GET' => 1, '_POST' => 1, '_COOKIE' => 1, '_SERVER' => 1, '_FILES' => 1);
foreach ($GLOBALS as $k => $v) {
if (!isset($superglobal[$k])) {
$GLOBALS[$k] = null;
unset($GLOBALS[$k]);
}
}
global $_J;
$_J = array('timestamp' => TIMESTAMP, 'time_start' => microtime(true), 'client_ip' => client_ip(), 'client_ip_port' => client_ip_port(), 'uid' => 0, 'username' => '', 'nickname' => '', 'role_id' => 0, 'charset' => '', 'site_name' => '', 'site_url' => '', 'wap_url' => '', 'mobile_url' => '', 'mod' => '', 'code' => '');
$this->var =& $_J;
}
/**
* @param $key array from a $_FILES entry
* @param $blind dont verify if is_uploaded_file(), useful when importing files from other means than HTTP uploads
* @return file id
*/
public static function import($type, &$key, $category = 0, $blind = false)
{
// ignore empty file uploads
if (!$key['name']) {
return false;
}
if (!$blind && !is_uploaded_file($key['tmp_name'])) {
throw new \Exception('Upload failed for file ' . $key['name']);
//$error->add('Upload failed for file '.$key['name'] );
//return;
}
$session = SessionHandler::getInstance();
$file = new File();
$file->type = $type;
$file->uploader = $session->id;
$file->uploader_ip = client_ip();
$file->size = $key['size'];
$file->name = $key['name'];
$file->mimetype = $key['type'];
$file->category = $category;
$file->time_uploaded = sql_datetime(time());
$file->id = $file->store();
if (!$file->id) {
return false;
}
$dst_file = self::getUploadPath($file->id);
if ($blind) {
// UGLY HACK using "@": currently gives a E_WARNING: "Operation not permitted" error,
// even though the rename suceeds???
if (!@rename($key['tmp_name'], $dst_file)) {
throw new \Exception('rename failed');
}
} elseif (!move_uploaded_file($key['tmp_name'], $dst_file)) {
throw new \Exception('Failed to move file from ' . $key['tmp_name'] . ' to ' . $dst_file);
}
chmod($dst_file, 0777);
$key['name'] = $dst_file;
$key['file_id'] = $file->id;
return $file->id;
}
private function Log($file)
{
if (is_string($file))
{
return array(
'error' => true,
'msg' => $file
);
}
$data = $file;
$data['intro'] = '';
$data['url'] = ini('settings.site_url').str_replace('./', '/', $data['path']);
$data['extra'] = '';
$data['uid'] = user()->get('id');
$data['ip'] = ip2long(client_ip());
$data['update'] = time();
dbc()->SetTable(table('uploads'));
$exist = dbc(DBCMax)->select('uploads')->where('path="'.$data['path'].'"')->limit(1)->done();
if ($exist)
{
dbc()->Update($data, 'id='.$exist['id']);
$data['id'] = $exist['id'];
}
else
{
$data['id'] = dbc()->Insert($data);
}
return $data;
}
/*Force display errors/warnings*/
error_reporting(E_ALL);
ini_set('display_errors', 1);
session_name("CntId");
session_start();
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/models/model.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/models/debug.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/views/alerts.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/models/user/sel_user.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/models/user/upt_user.php';
$debug = isset($_SESSION['debug']) && $_SESSION['debug'] == "on" ? 1 : 0;
if ($debug) {
dump($_SESSION, "SESSION");
dump($_POST, "POST");
}
$ip = client_ip();
$confid = isset($_POST['cnf']) ? trim($_POST['cnf']) : 0;
$userid = isset($_SESSION['userid']) ? $_SESSION['userid'] : 0;
$timeout = isset($_SESSION['timeout']) ? $_SESSION['timeout'] : 0;
$username = isset($_SESSION['username']) ? $_SESSION['username'] : 0;
$isLoggedIn = isset($_SESSION['isLoggedIn']) ? $_SESSION['isLoggedIn'] : 0;
if ($isLoggedIn && $userid && ($Records = user_is_online($userid, $username, $confid, $ip, $_SERVER['HTTP_USER_AGENT'], $timeout))) {
update_user_status($userid, $isLoggedIn, $ip, $_SERVER['HTTP_USER_AGENT']);
$action = isset($_POST['act']) ? $_POST['act'] : 0;
switch ($action) {
case 'get_persons':
$items = isset($_POST['itm']) ? $_POST['itm'] : 0;
$page = isset($_POST['pg']) ? $_POST['pg'] : 0;
include_once $_SERVER['DOCUMENT_ROOT'] . '/Contacts/views/content/persons.php';
break;
case 'get_person':
private function getdata($payment, $parameter) {
$parameter['name'] = trim($parameter['name']);
$data = array(
'version' => $payment['config']['version'],
'oid_partner' => $payment['config']['oid_partner'],
'user_id' => $parameter['userid'],
'timestamp' => local_date('YmdHis', time()),
'sign_type' => $payment['config']['sign_type'],
'busi_partner' => $payment['config']['busi_partner'],
'no_order' => $parameter['sign'],
'dt_order' => local_date('YmdHis', time()),
'name_goods' => (true === ENC_IS_GBK ? array_iconv('gbk', 'utf-8', $parameter['name']) : $parameter['name']),
'money_order' => $parameter['price'],
'notify_url' => $parameter['notify_url'],
'acct_name' => '',
'id_no' => '',
'valid_order' => $payment['config']['valid_order'],
'userreq_ip' => client_ip(),
'url_return' => $parameter['notify_url'],
);
if($payment['config']['app_request']) {
$data['app_request'] = $payment['config']['app_request'];
}
return $data;
}
public function config_site()
{
global $LANG;
if (empty($_SESSION['step4'])) {
if (!empty($_SESSION['step3']) && is_file(PH7_ROOT_PUBLIC . '_constants.php')) {
session_regenerate_id(true);
if (empty($_SESSION['val'])) {
$_SESSION['val']['site_name'] = 'My Own Social/Dating Site!';
$_SESSION['val']['admin_login_email'] = '';
$_SESSION['val']['admin_email'] = '';
$_SESSION['val']['admin_feedback_email'] = '';
$_SESSION['val']['admin_return_email'] = '';
$_SESSION['val']['admin_username'] = '******';
$_SESSION['val']['admin_first_name'] = '';
$_SESSION['val']['admin_last_name'] = '';
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['config_site_submit'])) {
if (filled_out($_POST)) {
foreach ($_POST as $sKey => $sVal) {
$_SESSION['val'][$sKey] = trim($sVal);
}
if (validate_email($_SESSION['val']['admin_login_email']) && validate_email($_SESSION['val']['admin_email']) && validate_email($_SESSION['val']['admin_feedback_email']) && validate_email($_SESSION['val']['admin_return_email'])) {
if (validate_username($_SESSION['val']['admin_username']) == 0) {
if (validate_password($_SESSION['val']['admin_password']) == 0) {
if (validate_identical($_SESSION['val']['admin_password'], $_SESSION['val']['admin_passwords'])) {
if (!find($_SESSION['val']['admin_password'], $_SESSION['val']['admin_username']) && !find($_SESSION['val']['admin_password'], $_SESSION['val']['admin_first_name']) && !find($_SESSION['val']['admin_password'], $_SESSION['val']['admin_last_name'])) {
if (validate_name($_SESSION['val']['admin_first_name'])) {
if (validate_name($_SESSION['val']['admin_last_name'])) {
@(require_once PH7_ROOT_PUBLIC . '_constants.php');
@(require_once PH7_PATH_APP . 'configs/constants.php');
require PH7_PATH_FRAMEWORK . 'Loader/Autoloader.php';
// To load "Security" class.
Framework\Loader\Autoloader::getInstance()->init();
try {
require_once PH7_ROOT_INSTALL . 'inc/_db_connect.inc.php';
// SQL EXECUTE
$oSqlQuery = $DB->prepare('INSERT INTO ' . $_SESSION['db']['prefix'] . 'Admins
(profileId , username, password, email, firstName, lastName, joinDate, lastActivity, ip)
VALUES (1, :username, :password, :email, :firstName, :lastName, :joinDate, :lastActivity, :ip)');
$sCurrentDate = date('Y-m-d H:i:s');
$oSqlQuery->execute(array('username' => $_SESSION['val']['admin_username'], 'password' => Framework\Security\Security::hashPwd($_SESSION['val']['admin_password']), 'email' => $_SESSION['val']['admin_login_email'], 'firstName' => $_SESSION['val']['admin_first_name'], 'lastName' => $_SESSION['val']['admin_last_name'], 'joinDate' => $sCurrentDate, 'lastActivity' => $sCurrentDate, 'ip' => client_ip()));
$oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :siteName WHERE name = \'siteName\'');
$oSqlQuery->execute(array('siteName' => $_SESSION['val']['site_name']));
$oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :adminEmail WHERE name = \'adminEmail\'');
$oSqlQuery->execute(array('adminEmail' => $_SESSION['val']['admin_email']));
$oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :feedbackEmail WHERE name = \'feedbackEmail\'');
$oSqlQuery->execute(array('feedbackEmail' => $_SESSION['val']['admin_feedback_email']));
$oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :returnEmail WHERE name = \'returnEmail\'');
$oSqlQuery->execute(array('returnEmail' => $_SESSION['val']['admin_return_email']));
// We finalise by putting the correct permission to the config files
$this->_chmodConfigFiles();
$_SESSION['step4'] = 1;
redirect(PH7_URL_SLUG_INSTALL . 'service');
} catch (\PDOException $oE) {
$aErrors[] = $LANG['database_error'] . escape($oE->getMessage());
}
} else {
$aErrors[] = $LANG['bad_last_name'];
}
} else {
$aErrors[] = $LANG['bad_first_name'];
}
} else {
$aErrors[] = $LANG['insecure_password'];
}
} else {
$aErrors[] = $LANG['passwords_different'];
}
} elseif (validate_password($_SESSION['val']['admin_password']) == 1) {
$aErrors[] = $LANG['password_too_short'];
} elseif (validate_password($_SESSION['val']['admin_password']) == 2) {
$aErrors[] = $LANG['password_too_long'];
} elseif (validate_password($_SESSION['val']['admin_password']) == 3) {
$aErrors[] = $LANG['password_no_number'];
} elseif (validate_password($_SESSION['val']['admin_password']) == 4) {
$aErrors[] = $LANG['password_no_upper'];
}
} elseif (validate_username($_SESSION['val']['admin_username']) == 1) {
$aErrors[] = $LANG['username_too_short'];
} elseif (validate_username($_SESSION['val']['admin_username']) == 2) {
$aErrors[] = $LANG['username_too_long'];
} elseif (validate_username($_SESSION['val']['admin_username']) == 3) {
$aErrors[] = $LANG['bad_username'];
}
} else {
$aErrors[] = $LANG['bad_email'];
}
} else {
$aErrors[] = $LANG['all_fields_mandatory'];
}
}
} else {
redirect(PH7_URL_SLUG_INSTALL . 'config_system');
}
} else {
redirect(PH7_URL_SLUG_INSTALL . 'service');
}
$this->oView->assign('sept_number', 4);
$this->oView->assign('errors', @$aErrors);
unset($aErrors);
$this->oView->display('config_site.tpl');
}
}
$db = get_db();
$db->query("select id from eb_collection where resource_type='news' and resource_id={$news->id} and user_id={$user->id}");
if ($db->record_count > 0) {
die('您已收藏过改文章,请不要重复收藏!');
}
$collect = new table_class('eb_collection');
$collect->created_at = now();
$collect->resource_type = 'news';
$collect->resource_id = $news->id;
$collect->user_id = $user->id;
$collect->save();
echo "恭喜您,文章收藏成功!";
} elseif ($type == 'comment') {
$user = User::current_user();
if (!$user) {
echo '请先登录';
die;
}
$news_id = intval($_POST['news_id']);
$comment = new table_class('eb_comment');
$comment->resource_id = $news_id;
$comment->resource_type = 'news';
$comment->nick_name = $user->name;
$comment->user_id = $user->id;
$comment->ip = client_ip();
$comment->created_at = now();
$comment->comment = htmlspecialchars(urldecode($_POST['comment']));
$comment->save();
}
}
/**
* Starts session & loads previous session data if found
* must be called at beginning of each page request
*/
function start()
{
if (!$this->name) {
throw new \Exception('session name not set');
}
$sess_storage = new SessionStorageHandler();
$error = ErrorHandler::getInstance();
session_name($this->name);
ini_set('session.cookie_lifetime', $this->timeout);
// in seconds
ini_set('session.gc_maxlifetime', $this->timeout);
// in seconds
if (!session_id()) {
if (!session_start()) {
throw new \Exception('failed to start session');
}
}
if (empty($_SESSION['id'])) {
return;
}
$page = XmlDocumentHandler::getInstance();
setcookie($this->name, session_id(), time() + $this->timeout, $page->getRelativeUrl());
$this->id =& $_SESSION['id'];
$this->username =& $_SESSION['username'];
$this->usermode =& $_SESSION['usermode'];
$this->isWebmaster =& $_SESSION['isWebmaster'];
$this->isAdmin =& $_SESSION['isAdmin'];
$this->isSuperAdmin =& $_SESSION['isSuperAdmin'];
$this->referer =& $_SESSION['referer'];
$this->ip =& $_SESSION['ip'];
$this->type =& $_SESSION['type'];
$this->last_active =& $_SESSION['last_active'];
if ($this->type == SESSION_FACEBOOK) {
$this->facebook_id = $this->username;
}
if ($this->id && $this->ip && $this->ip != client_ip()) {
// Logged in: Check if client ip has changed since last request, if so - log user out to avoid session hijacking
$msg = 'ERROR: Client IP changed for ' . $this->username . ', Old: ' . $this->ip . ', current: ' . client_ip();
$error->add($msg);
dp($msg);
$this->end();
// $session->errorPage();
} else {
if ($this->id && $this->getLastActive() < time() - $this->timeout) {
// Check user activity - log out inactive user
$msg = 'Session timed out for ' . $this->username . ' after ' . (time() - $this->getLastActive()) . 's (timeout is ' . $this->timeout . 's)';
$error->add($msg);
dp($msg);
$this->end();
//$session->showErrorPage();
} else {
if ($this->id) {
$this->setLastActive();
} else {
if (!$this->id && $this->facebook_app_id) {
// Handle facebook login
$this->handleFacebookLogin();
}
}
}
}
}
public function render()
{
return client_ip();
}
/**
* Function used to add comment
* This is more advance function ,
* in this function functions can be applied on comments
*/
function add_comment($comment, $obj_id, $reply_to = NULL, $type = 'v', $obj_owner = NULL, $obj_link = NULL, $force_name_email = false)
{
global $userquery, $eh, $db, $Cbucket;
//Checking maximum comments characters allowed
if (defined("MAX_COMMENT_CHR")) {
if (strlen($comment) > MAX_COMMENT_CHR) {
e(sprintf("'%d' characters allowed for comment", MAX_COMMENT_CHR));
}
}
if (!verify_captcha()) {
e(lang('usr_ccode_err'));
}
if (empty($comment)) {
e(lang("pelase_enter_something_for_comment"));
}
$params = array('comment' => $comment, 'obj_id' => $obj_id, 'reply_to' => $reply_to, 'type' => $type);
$this->validate_comment_functions($params);
/*
if($type=='video' || $type=='v')
{
if(!$this->video_exists($obj_id))
e(lang("class_vdo_del_err"));
//Checking owner of video
if(!USER_COMMENT_OWN)
{
if(userid()==$this->get_vid_owner($obj_id));
e(lang("usr_cmt_err2"));
}
}
*/
if (!userid() && $Cbucket->configs['anonym_comments'] != 'yes') {
e(lang("you_not_logged_in"));
}
if (!userid() && $Cbucket->configs['anonym_comments'] == 'yes' || $force_name_email) {
//Checking for input name and email
if (empty($_POST['name'])) {
e(lang("please_enter_your_name"));
}
if (empty($_POST['email'])) {
e(lang("please_enter_your_email"));
}
$name = mysql_clean($_POST['name']);
$email = mysql_clean($_POST['email']);
}
if (empty($eh->error_list)) {
$attributes = get_message_attributes($comment);
if (is_array($attributes)) {
$attributes = json_encode($attributes);
}
$fields = array('type' => $type, 'comment' => $comment, 'comment_attributes' => $attributes, 'type_id' => $obj_id, 'userid' => userid(), 'date_added' => now(), 'parent_id' => $reply_to, 'anonym_name' => $name, 'anonym_email' => $email, 'comment_ip' => mysql_clean(client_ip()), 'type_owner_id' => $obj_owner);
$cid = db_insert(tbl('comments'), $fields);
$db->update(tbl("users"), array("total_comments"), array("|f|total_comments+1"), " userid='" . userid() . "'");
e(lang("grp_comment_msg"), "m");
//$cid = $db->insert_id();
$own_details = $userquery->get_user_field_only($obj_owner, 'email');
$username = username();
$username = $username ? $username : post('name');
$useremail = $email;
//Adding Comment Log
$log_array = array('success' => 'yes', 'action_obj_id' => $cid, 'action_done_id' => $obj_id, 'details' => "made a comment", 'username' => $username, 'useremail' => $useremail);
insert_log($type . '_comment', $log_array);
//sending email
if (SEND_COMMENT_NOTIFICATION == 'yes' && $own_details) {
global $cbemail;
$tpl = $cbemail->get_template('user_comment_email');
$more_var = array('{username}' => $username, '{obj_link}' => $obj_link . '#comment_' . $cid, '{comment}' => $comment, '{obj}' => get_obj_type($type));
if (!is_array($var)) {
$var = array();
}
$var = array_merge($more_var, $var);
$subj = $cbemail->replace($tpl['email_template_subject'], $var);
$msg = nl2br($cbemail->replace($tpl['email_template'], $var));
//Now Finally Sending Email
cbmail(array('to' => $own_details, 'from' => WEBSITE_EMAIL, 'subject' => $subj, 'content' => $msg));
}
add_users_mentioned($comment, NULL, $cid);
return $cid;
}
return false;
}
public function InizTicket($pid, $uid)
{
$product = logic('product')->BuysCheck($pid);
if (isset($product['false']))
{
return $product['false'];
}
$phone = $this->phone($uid, false);
if (!$phone)
{
return '您的手机号码还未验证,不能参与活动!';
}
$ordCount = logic('order')->Count('productid='.$pid.' AND userid='.$uid);
if ((int)$ordCount == 0)
{
$order = logic('order')->GetFree($uid, $pid);
$order['productnum'] = 1;
$order['productprice'] = 0;
$order['extmsg'] = '抽奖用户IP地址:'.client_ip();
$order['pay'] = ORD_PAID_Yes;
$order['process'] = 'TRADE_FINISHED';
$order['status'] = ORD_STA_Normal;
logic('order')->Update($order['orderid'], $order);
}
$prizes = $this->GetList($pid, $uid);
if (!$prizes)
{
$this->CreateTicket($pid, $uid);
$this->__finder($pid, $uid);
}
return true;
}
private function store_shorturl()
{
if (!$this->store_url) {
return true;
}
$query = $this->db_connection->prepare('INSERT INTO shorturls(shorturl, longurl, owner_ip, custom_shorturl) ' . 'VALUES(?, ?, ?, ?);');
$query->bind_param('sssi', $this->short_url, $this->long_url, client_ip(), $this->custom_url);
if ($query->execute()) {
return true;
} else {
error500('Something has gone wrong! :( ... Try again? Please?');
return false;
}
}
