function _send_email($id)
{
if (!empty($id) and !has_errors() and isset($_POST['send_email']) and (!empty($_POST['password']) or !empty($_POST['new_password']))) {
$password = !empty($_POST['password']) ? $this->input->post('password') : $this->input->post('new_password');
// send email to user
$this->load->library('email');
$config['wordwrap'] = TRUE;
$this->email->initialize($config);
$this->email->from($this->config->item('from_email', 'fuel'), $this->config->item('site_name', 'fuel'));
$this->email->to($this->input->post('email'));
$this->email->subject(lang('new_user_email_subject'));
$msg = lang('new_user_email', $this->input->post('user_name'), $password);
$this->email->message($msg);
if ($this->email->send()) {
$this->session->set_flashdata('success', lang('new_user_created_notification', $this->input->post('email')));
redirect(fuel_uri($this->module_uri . '/edit/' . $id));
} else {
add_error(lang('error_sending_email'));
}
}
}
function upload()
{
$this->load->helper('file');
$this->load->helper('security');
$this->load->library('form_builder');
$this->js_controller_params['method'] = 'upload';
if (!empty($_POST)) {
if (!empty($_FILES['file']['name'])) {
$error = FALSE;
$file_info = $_FILES['file'];
// read in the file so we can filter it
$file = read_file($file_info['tmp_name']);
// sanitize the file before saving
$id = $this->input->post('id', TRUE);
$field = $this->js_controller_params['import_view_key'];
$where['page_id'] = $id;
$where['name'] = $field;
$page_var = $this->pagevariables_model->find_one_array($where);
if (empty($page_var)) {
add_error(lang('error_upload'));
} else {
$file = $this->_sanitize($file);
$save['id'] = $page_var['id'];
$save['name'] = $this->js_controller_params['import_view_key'];
$save['page_id'] = $id;
$save['value'] = $file;
if (!$this->pagevariables_model->save($save)) {
add_error(lang('error_upload'));
}
}
if (!has_errors()) {
// change list view page state to show the selected group id
$this->session->set_flashdata('success', lang('pages_success_upload'));
redirect(fuel_url('pages/edit/' . $id));
}
} else {
if (!empty($_FILES['file']['error'])) {
add_error(lang('error_upload'));
}
}
}
$fields = array();
$pages = $this->model->options_list('id', 'location', array('published' => 'yes'), 'location');
$fields['id'] = array('label' => lang('form_label_name'), 'type' => 'select', 'options' => $pages, 'class' => 'add_edit pages');
$fields['file'] = array('type' => 'file', 'accept' => '');
$this->form_builder->hidden = array();
$this->form_builder->set_fields($fields);
$this->form_builder->set_field_values($_POST);
$this->form_builder->submit_value = '';
$this->form_builder->use_form_tag = FALSE;
$vars['instructions'] = lang('pages_upload_instructions');
$vars['form'] = $this->form_builder->render();
$this->_render('upload', $vars);
}
<link rel="stylesheet" type="text/css" href="css/main.css">
</head>
<body>
<header>
<div class="wrapper">
<a href="#" class="user">Вход не выполнен</a>
</div>
</header>
<div class="wrapper form-container">
<div class="form">
<div class="row header">
<h1>Регистрация</h1>
</div>
<?php
if (has_errors($errors)) {
?>
<div class="error-msg">
При заполнении формы возникли ошибки, пожалуйста проверьте правильность заполнения полей и нажмите "Зарегистрироваться"!
</div>
<?php
}
?>
<form action="register.php" method="POST">
<div class="row <?php
echo is_error($errors, 'nickname') ? 'error' : '';
?>
">
<label for="nickname">Имя пользователя<span class="required">*</span>:</label>
<input type="text" name="nickname" id="nickname"
value="<?php
function _process_comment($post)
{
if (!is_true_val($this->fuel_blog->settings('allow_comments'))) {
return;
}
$notified = FALSE;
// check captcha
if (!$this->_is_valid_captcha()) {
add_error(lang('blog_error_captcha_mismatch'));
}
// check that the site is submitted via the websit
if (!$this->_is_site_submitted()) {
add_error(lang('blog_error_comment_site_submit'));
}
// check consecutive posts
if (!$this->_is_not_consecutive_post()) {
add_error(lang('blog_error_consecutive_comments'));
}
$this->load->module_model(FUEL_FOLDER, 'users_model');
$user = $this->users_model->find_one(array('email' => $this->input->post('author_email', TRUE)));
// create comment
$this->load->module_model(BLOG_FOLDER, 'blog_comments_model');
$comment = $this->blog_comments_model->create();
$comment->post_id = $post->id;
$comment->author_id = !empty($user->id) ? $user->id : NULL;
$comment->author_name = $this->input->post('author_name', TRUE);
$comment->author_email = $this->input->post('author_email', TRUE);
$comment->author_website = $this->input->post('author_website', TRUE);
$comment->author_ip = $_SERVER['REMOTE_ADDR'];
$comment->content = trim($this->input->post('new_comment', TRUE));
$comment->date_added = NULL;
// will automatically be added
//http://googleblog.blogspot.com/2005/01/preventing-comment-spam.html
//http://en.wikipedia.org/wiki/Spam_in_blogs
// check double posts by IP address
if ($comment->is_duplicate()) {
add_error(lang('blog_error_comment_already_submitted'));
}
// if no errors from above then proceed to submit
if (!has_errors()) {
// submit to akisment for validity
$comment = $this->_process_akismet($comment);
// process links and add no follow attribute
$comment = $this->_filter_comment($comment);
// set published status
if (is_true_val($comment->is_spam) or $this->fuel_blog->settings('monitor_comments')) {
$comment->published = 'no';
}
// save comment if saveable and redirect
if (!is_true_val($comment->is_spam) or is_true_val($comment->is_spam) and $this->fuel_blog->settings('save_spam')) {
if ($comment->save()) {
$notified = $this->_notify($comment, $post);
$this->load->library('session');
$vars['post'] = $post;
$vars['comment'] = $comment;
$this->session->set_flashdata('thanks', TRUE);
$this->session->set_userdata('last_comment_ip', $_SERVER['REMOTE_ADDR']);
$this->session->set_userdata('last_comment_time', time());
redirect($post->url);
} else {
add_errors($comment->errors());
}
} else {
add_error(lang('blog_comment_is_spam'));
}
}
return $notified;
}
public function upload()
{
$this->load->helper('file');
$this->load->helper('security');
$this->load->library('form_builder');
$this->load->library('upload');
$this->js_controller_params['method'] = 'upload';
if (!empty($_POST) and !empty($_FILES)) {
$params['upload_path'] = sys_get_temp_dir();
$params['allowed_types'] = 'php|html|txt';
// to ensure we check the proper mime types
$this->upload->initialize($params);
// Hackery to ensure that a proper php mimetype is set.
// Would set in mimes.php config but that may be updated with the next version of CI which does not include the text/plain
$this->upload->mimes['php'] = array('application/x-httpd-php', 'application/php', 'application/x-php', 'text/php', 'text/html', 'text/x-php', 'application/x-httpd-php-source', 'text/plain');
if ($this->upload->do_upload('file')) {
$upload_data = $this->upload->data();
$error = FALSE;
// read in the file so we can filter it
$file = read_file($upload_data['full_path']);
// sanitize the file before saving
$id = $this->input->post('id', TRUE);
$pagevars = $this->fuel->pages->import($id);
if (!empty($pagevars)) {
$layout = $this->fuel->layouts->get($pagevars['layout']);
unset($pagevars['layout']);
foreach ($pagevars as $key => $val) {
$where['page_id'] = $id;
$where['name'] = $key;
$page_var = $this->fuel_pagevariables_model->find_one_array($where);
$save['id'] = empty($page_var['id']) ? NULL : $page_var['id'];
$save['name'] = $key;
$save['page_id'] = $id;
$save['value'] = $val;
if (!$this->fuel_pagevariables_model->save($save)) {
add_error(lang('error_upload'));
}
}
// resave to prevent import popup on next page
$page = $this->fuel_pages_model->find_by_key($id, 'array');
$page['last_modified'] = date('Y-m-d H:i:s', time() + 1);
// to prevent window from popping up after upload
$this->model->save($page);
if (!has_errors()) {
// change list view page state to show the selected group id
$this->fuel->admin->set_notification(lang('pages_success_upload'), Fuel_admin::NOTIFICATION_SUCCESS);
redirect(fuel_url('pages/edit/' . $id));
}
} else {
add_error(lang('error_upload'));
}
} else {
$error_msg = $this->upload->display_errors('', '');
add_error($error_msg);
}
}
$fields = array();
$pages = $this->model->options_list('id', 'location', array('published' => 'yes'), 'location');
$fields['id'] = array('label' => lang('form_label_name'), 'type' => 'select', 'options' => $pages, 'class' => 'add_edit pages');
$fields['file'] = array('type' => 'file', 'accept' => '');
$this->form_builder->hidden = array();
$this->form_builder->set_fields($fields);
$this->form_builder->set_field_values($_POST);
$this->form_builder->submit_value = '';
$this->form_builder->use_form_tag = FALSE;
$vars['instructions'] = lang('pages_upload_instructions');
$vars['form'] = $this->form_builder->render();
$vars['back_action'] = ($this->fuel->admin->last_page() and $this->fuel->admin->is_inline()) ? $this->fuel->admin->last_page() : fuel_uri($this->module_uri);
//$vars['back_action'] = fuel_uri($this->module_uri);
$crumbs = array($this->module_uri => $this->module_name, '' => lang('action_upload'));
$this->fuel->admin->set_titlebar($crumbs);
$this->fuel->admin->render('upload', $vars, '', FUEL_FOLDER);
}
function add_product($dbh, &$product, &$errors)
{
$product = array();
$errors = empty_errors();
// считываем строки из запроса
read_string($_POST, 'title', $product, $errors, 2, 60, false);
read_integer($_POST, 'category_id', $product, $errors, 1, null, true);
read_decimal($_POST, 'price', $product, $errors, '0.0', null, true);
read_integer($_POST, 'stock', $product, $errors, 1, null, true);
read_string($_POST, 'description', $product, $errors, 1, 10000, false, null, false);
read_img($_FILES, 'img', $product, $errors, 0, 204800, true);
if (has_errors($errors)) {
return false;
}
// форма передана правильно, сохраняем пользователя в базу данных
$db_product = db_product_insert($dbh, $product);
return true;
}
function register_user($dbh, &$user, &$errors)
{
$user = array();
$errors = empty_errors();
// считываем строки из запроса
read_string($_POST, 'nickname', $user, $errors, 2, 64, true);
read_email($_POST, 'email', $user, $errors, 2, 64, true);
read_string($_POST, 'password', $user, $errors, 6, 24, true);
read_string($_POST, 'password_confirmation', $user, $errors, 6, 24, true);
read_string($_POST, 'fullname', $user, $errors, 1, 80, true);
read_list($_POST, 'gender', $user, $errors, array('M', 'F'), false);
read_bool($_POST, 'newsletter', $user, $errors, '1', false, false);
// пароль и подтверждение пароля должны совпадать
if (!is_error($errors, 'password') && !is_error($errors, 'password_confirmation') && $user['password'] != $user['password_confirmation']) {
$errors['fields'][] = 'password';
add_error($errors, 'password_confirmation', 'dont-match');
}
if (has_errors($errors)) {
return false;
}
// защищаем пароль пользователя
$user['password'] = crypt($user['password']);
unset($user['password_confirmation']);
// форма передана правильно, сохраняем пользователя в базу данных
$db_user = db_user_insert($dbh, $user);
// автоматически логиним пользователя после регистрации, запоминая его в сессии
store_current_user_id($db_user['id']);
return true;
}
/**
* Displays the fields to edit a record (form view)
*
* @access public
* @param int The ID value of the record to edit
* @param string The name of a field, or fields spearated by colon to display in the form (optional)
* @param string Determines whether to redirect the page after save or not
* @return void
*/
function edit($id = NULL, $field = NULL, $redirect = TRUE)
{
// check that the action even exists and if not, show a 404
if (!$this->fuel->auth->module_has_action('save') and $this->displayonly === FALSE) {
show_404();
}
// check permissions
if (!$this->fuel->auth->has_permission($this->module_obj->permission, 'edit') and !$this->fuel->auth->has_permission($this->module_obj->permission, 'create')) {
show_error(lang('error_no_permissions'));
}
$inline = $this->fuel->admin->is_inline();
if ($this->input->post($this->model->key_field())) {
if ($this->_process_edit($id) and !has_errors()) {
if ($inline === TRUE) {
$url = fuel_uri($this->module_uri . '/inline_edit/' . $id . '/' . $field, TRUE);
} else {
$url = fuel_uri($this->module_uri . '/edit/' . $id . '/' . $field, TRUE);
}
if ($redirect) {
if (!$this->fuel->admin->has_notification(Fuel_admin::NOTIFICATION_SUCCESS)) {
$this->fuel->admin->set_notification(lang('data_saved'), Fuel_admin::NOTIFICATION_SUCCESS);
}
redirect($url);
}
}
}
//$vars = $this->_form($id);
$data = $this->_saved_data($id);
$action = !empty($data[$this->model->key_field()]) ? 'edit' : 'create';
// check model first for preview path method
if (method_exists($this->model, 'preview_path')) {
$this->preview_path = $this->model->preview_path($data, $this->preview_path);
} else {
// otherwise, substitute data values into preview path
$this->preview_path = $this->module_obj->url($data);
}
$shell_vars = $this->_shell_vars($id, $action, $data);
$form_vars = $this->_form_vars($id, $data, $field, $inline);
$vars = array_merge($shell_vars, $form_vars);
$vars['data'] = $data;
$vars['action'] = $action;
$vars['related_items'] = $this->model->related_items($data);
// active or publish fields
if (isset($data['published'])) {
$vars['publish'] = (!empty($data['published']) and is_true_val($data['published'])) ? 'unpublish' : 'publish';
}
if (isset($data['active'])) {
$vars['activate'] = (!empty($data['active']) and is_true_val($data['active'])) ? 'deactivate' : 'activate';
}
if (!empty($field)) {
$this->fuel->admin->set_display_mode(Fuel_admin::DISPLAY_COMPACT_NO_ACTION);
} else {
if ($inline === TRUE) {
$this->fuel->admin->set_display_mode(Fuel_admin::DISPLAY_COMPACT);
}
}
$crumbs = array($this->module_uri => $this->module_name);
if (!empty($data[$this->display_field])) {
$crumbs[''] = character_limiter(strip_tags($data[$this->display_field]), 50);
}
$this->fuel->admin->set_titlebar($crumbs);
$vars['actions'] = $this->load->module_view(FUEL_FOLDER, '_blocks/module_create_edit_actions', $vars, TRUE);
$this->fuel->admin->render($this->views['create_edit'], $vars, '', FUEL_FOLDER);
// do this after rendering so it doesn't render current page'
if (!empty($data[$this->display_field]) and $inline !== TRUE) {
$this->fuel->admin->add_recent_page($this->uri->uri_string(), $this->module_name . ': ' . $data[$this->display_field], $this->module);
}
}
/**
* Protected method that will send out a passowrd change email to a user
*
* @access protected
* @param int The user ID
* @return void
*/
protected function _send_email($id)
{
$CI =& get_instance();
if (!empty($id) and !has_errors() and isset($_POST['send_email']) and (!empty($_POST['password']) or !empty($_POST['new_password']))) {
$password = !empty($_POST['password']) ? $CI->input->post('password') : $CI->input->post('new_password');
$msg = lang('new_user_email', site_url('fuel/login'), $CI->input->post('user_name'), $password);
$params['to'] = $CI->input->post('email');
$params['subject'] = lang('new_user_email_subject');
$params['message'] = $msg;
$params['use_dev_mode'] = FALSE;
if (!$CI->fuel->notification->send($params)) {
$CI->fuel->logs->write($CI->fuel->notification->last_error(), 'debug');
add_error(lang('error_sending_email', $CI->input->post('email')));
}
}
}
function read_user_info(&$user, &$errors)
{
$user = array();
$errors = array('fields' => array(), 'messages' => array());
// читаем и проверяем имя пользователя
if (!isset($_REQUEST['username'])) {
$errors['fields'][] = 'username';
$errors['messages']['username'] = '******';
} else {
$user['username'] = $value = $_REQUEST['username'];
if (strlen($value) < 2) {
$errors['fields'][] = 'username';
$errors['messages']['username'] = '******';
} else {
if (strlen($value) > 64) {
$errors['fields'][] = 'username';
$errors['messages']['username'] = '******';
}
}
}
// читаем и проверяем пароль
if (!isset($_REQUEST['password'])) {
$errors['fields'][] = 'password';
$errors['messages']['password'] = '******';
} else {
$user['password'] = $value = $_REQUEST['password'];
if (strlen($value) < 6) {
$errors['fields'][] = 'password';
$errors['messages']['password'] = '******';
} else {
if (strlen($value) > 24) {
$errors['fields'][] = 'password';
$errors['messages']['password'] = '******';
}
}
}
// читаем и проверяем подтверждение пароля
if (!isset($_REQUEST['password_confirmation'])) {
$errors['fields'][] = 'password_confirmation';
$errors['messages']['password_confirmation'] = '@password_confirmation-required';
} else {
$user['password_confirmation'] = $value = $_REQUEST['password_confirmation'];
if (strlen($value) < 6) {
$errors['fields'][] = 'password_confirmation';
$errors['messages']['password_confirmation'] = '@password_confirmation-too-short';
} else {
if (strlen($value) > 24) {
$errors['fields'][] = 'password_confirmation';
$errors['messages']['password_confirmation'] = '@password_confirmation-too-long';
}
}
}
// пароль и подтверждение пароля должны совпадать
if (!is_error($errors, 'password') && !is_error($errors, 'password_confirmation') && $user['password'] != $user['password_confirmation']) {
$errors['fields'][] = 'password';
$errors['fields'][] = 'password_confirmation';
$errors['messages']['password_confirmation'] = '@password_confirmation-dont-match';
}
// читаем и проверяем полное имя пользователя
if (!isset($_REQUEST['fullname'])) {
$errors['fields'][] = 'fullname';
$errors['messages']['fullname'] = '@fullname-required';
} else {
$user['fullname'] = $value = $_REQUEST['fullname'];
if (strlen($value) < 1) {
$errors['fields'][] = 'fullname';
$errors['messages']['fullname'] = '@fullname-too-short';
} else {
if (strlen($value) > 80) {
$errors['fields'][] = 'fullname';
$errors['messages']['fullname'] = '@fullname-too-long';
}
}
}
// читаем и проверяем пол пользователя, его указание необязательно,
// мы сохраним его только если было передано правильное значение
if (isset($_REQUEST['gender']) && ($_REQUEST['gender'] == 'M' || $_REQUEST['gender'] == 'F')) {
$user['gender'] = $_REQUEST['gender'];
} else {
$user['gender'] = null;
}
// читаем и проверяем флажок, хочет ли пользователь получать рассылку,
// если передано значение '1', то да, в противном случае, считаем, что не хочет
if (isset($_REQUEST['newsletter']) && $_REQUEST['newsletter'] == '1') {
$user['newsletter'] = true;
} else {
$user['newsletter'] = false;
}
return !has_errors($errors);
}
/**
* Protected method that will send out a passowrd change email to a user
*
* @access protected
* @param int The user ID
* @return void
*/
protected function _send_email($id)
{
$CI =& get_instance();
if (!empty($id) and !has_errors() and isset($_POST['send_email']) and (!empty($_POST['password']) or !empty($_POST['new_password']))) {
$password = !empty($_POST['password']) ? $CI->input->post('password') : $CI->input->post('new_password');
// send email to user
$CI->load->library('email');
$config['wordwrap'] = TRUE;
$CI->email->initialize($config);
$CI->email->from($CI->config->item('from_email', 'fuel'), $CI->config->item('site_name', 'fuel'));
$CI->email->to($CI->input->post('email'));
$CI->email->subject(lang('new_user_email_subject'));
$msg = lang('new_user_email', site_url('fuel/login'), $CI->input->post('user_name'), $password);
$CI->email->message($msg);
if (!$CI->email->send()) {
add_error(lang('error_sending_email', $this->input->post('email')));
}
}
}
<a href="./genres.php">DVD Categories</a> |
<a href="./view_dvd.php">Find a DVD</a> |
<a href="./login.php">Login</a>
<?php
}
?>
</div>
</div>
<!-- ##### Main Copy ##### -->
<div id="main-copy">
<div class="rowOfBoxes">
<div class="twoThirds noBorderOnLeft">
<?php
if (has_errors()) {
// print them out
echo "<div class='highlight'><ul>\n";
foreach ($_SESSION['errors'] as $message) {
echo "<li class='error'>{$message}</li>\n";
}
echo "</ul></div><br />\n";
unset($_SESSION['errors']);
}
if (has_messages()) {
echo "<div class='highlight' <ul>\n";
foreach ($_SESSION['messages'] as $message) {
echo "<li class='message'>{$message}</li>\n";
}
echo "</ul></div><br />\n";
unset($_SESSION['messages']);
/**
* Protected method that checks to see if the save request is an invite request
*
* @access protected
* @return boolean
*/
protected function _is_invite()
{
return (!has_errors() and isset($_POST['is_invite']) and $_POST['is_invite'] == 1 and isset($_POST['email'])) ? TRUE : FALSE;
}
