public function init()
{
$this->module_name = "pin";
$this->module_position = 0;
module_config::register_css('pin', 'pin.css');
module_config::register_js('pin', 'pin.js');
$this->version = 2.11;
//2.11 css tweak
if (isset($_REQUEST['pin_process']) && module_security::is_logged_in() && module_pin::can_i('edit', 'Header Pin')) {
switch ($_REQUEST['pin_process']) {
case 'pin_save':
switch ($_REQUEST['pin_action']) {
case 'modify':
if ($_REQUEST['pin_id'] && $_REQUEST['current_title']) {
$this->update_pin($_REQUEST['pin_id'], false, $_REQUEST['current_title']);
set_message('Pin modified successfully');
redirect_browser($_REQUEST['current_url']);
}
break;
case 'delete':
if ($_REQUEST['pin_id']) {
$this->delete_pin($_REQUEST['pin_id']);
set_message('Pin deleted successfully');
redirect_browser($_REQUEST['current_url']);
}
break;
case 'add':
if ($_REQUEST['current_url'] && $_REQUEST['current_title']) {
$pin_id = $this->add_pin($_REQUEST['current_url'], $_REQUEST['current_title']);
if ($pin_id) {
set_message('Pin added successfully');
} else {
set_message('Pin already exists');
}
redirect_browser($_REQUEST['current_url']);
}
break;
}
break;
}
}
}
$template->assign_values($data);
echo $template->render('pretty_html');
exit;
}
}
} else {
// show normal unsubscribe form. asking for their email address.
if (isset($_REQUEST['email']) && trim($_REQUEST['email'])) {
$email = htmlspecialchars(strtolower(trim($_REQUEST['email'])));
if (!module_newsletter::unsubscribe_member_via_email($email)) {
echo 'Unsubscribe failed... Please enter a valid email address.';
exit;
}
// is the newsletter module giving us a subscription redirection?
if (module_config::c('newsletter_unsubscribe_redirect', '')) {
redirect_browser(module_config::c('newsletter_unsubscribe_redirect', ''));
}
// or display a message.
$template = module_template::get_template_by_key('newsletter_unsubscribe_done');
$data['email'] = $email;
$template->page_title = htmlspecialchars(_l('Unsubscribe'));
$template->assign_values($data);
echo $template->render('pretty_html');
exit;
}
$template = module_template::get_template_by_key('newsletter_unsubscribe');
$data['email'] = '';
// to be sure to be sure
$template->page_title = htmlspecialchars(_l('Unsubscribe'));
$template->assign_values($data);
echo $template->render('pretty_html');
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_change_request::can_i('delete', 'Change Requests')) {
die('no perms');
}
$change_request_id = (int) $_REQUEST['change_request_id'];
$change_request = module_change_request::get_change_request($change_request_id);
if (!$change_request['website_id']) {
die('no linked website');
}
$website_data = module_website::get_website($change_request['website_id']);
if (module_form::confirm_delete('change_request_id', "Really delete Change Request?", module_website::link_open($change_request['website_id']))) {
module_change_request::delete_change_request($_REQUEST['change_request_id']);
set_message("Change request deleted successfully");
redirect_browser(module_website::link_open($change_request['website_id']));
}
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('view', 'Settings') || !module_template::can_i('edit', 'Templates')) {
redirect_browser(_BASE_HREF);
}
$template_id = $_REQUEST['template_id'];
$template = array();
if ((int) $template_id && $template_id != 'new') {
$template = module_template::get_template($template_id);
}
if (!$template) {
$template_id = 'new';
$template = array('template_id' => 'new', 'template_key' => '', 'description' => '', 'content' => '', 'name' => '', 'default_text' => '', 'wysiwyg' => 1);
module_security::sanatise_data('template', $template);
}
?>
<form action="<?php
echo module_template::link_open(false);
?>
" method="post" id="template_form">
public function save_report($report_id, $data)
{
if ((int) $report_id > 0) {
$original_report_data = $this->get_report($report_id);
if (!$original_report_data || $original_report_data['report_id'] != $report_id) {
$original_report_data = array();
$report_id = false;
}
} else {
$original_report_data = array();
$report_id = false;
}
// check create permissions.
if (!$report_id && !self::can_i('create', 'reports')) {
// user not allowed to create reports.
set_error('Unable to create new reports');
redirect_browser(self::link_open(false));
}
$report_id = update_insert("report_id", $report_id, "report", $data);
module_extra::save_extras('report', 'report_id', $report_id);
return $report_id;
}
$schedule->save($type);
}
}
// Redirect back to the page again, but without the query string, so reloads are cleaner
if ($db->query_col('SELECT COUNT(*) FROM program WHERE chanid = ? and starttime = FROM_UNIXTIME(?) LIMIT 1', $program->chanid, $program->starttime) == 0) {
redirect_browser(root . 'tv/detail?recordid=' . $schedule->recordid);
}
redirect_browser(root_url . 'tv/detail/' . $program->chanid . '/' . $program->starttime);
} elseif ($_REQUEST['forget_old']) {
$program->rec_forget_old();
// Redirect back to the page again, but without the query string, so reloads are cleaner
redirect_browser(root_url . 'tv/detail/' . $program->chanid . '/' . $program->starttime);
} elseif (isset($_GET['never_record']) || isset($_POST['never_record'])) {
$program->rec_never_record();
// Redirect back to the page again, but without the query string, so reloads are cleaner
redirect_browser(root_url . 'tv/detail/' . $program->chanid . '/' . $program->starttime);
} else {
// auto-metadata-lookup
if (!isset($schedule->autometadata)) {
$schedule->autometadata = setting('AutoMetadataLookup');
}
// auto-commercial-flag
if (!isset($schedule->autocommflag)) {
$schedule->autocommflag = setting('AutoCommercialFlag');
}
// auto-user-jobs
if (!isset($schedule->autouserjob1)) {
$schedule->autouserjob1 = setting('AutoRunUserJob1');
}
if (!isset($schedule->autouserjob2)) {
$schedule->autouserjob2 = setting('AutoRunUserJob2');
// Update the play count
$db->query('UPDATE music_songs
SET numplays = numplays + 1, lastplay = NOW()
WHERE song_id = ?', $_GET['i']);
// Set the XML transfer command
$xml_command = 'Content/GetMusic';
// Set the XML transfer file id
$xml_id = $_GET['i'];
}
// Unknown request or empty file?
if (empty($fname)) {
exit;
}
// HTTP stream?
if (preg_match('#^\\w+://#', $fname)) {
redirect_browser($fname);
}
// Mime type
switch (substr($fname, -3)) {
case 'jpg':
$mime = 'image/jpeg';
break;
case 'gif':
$mime = 'image/gif';
break;
case 'png':
$mime = 'image/png';
break;
case 'mp3':
$mime = 'audio/mpeg';
break;
public static function handle_link_transactions()
{
$link_invoice_payment_ids = isset($_REQUEST['link_invoice_payment_ids']) && is_array($_REQUEST['link_invoice_payment_ids']) ? $_REQUEST['link_invoice_payment_ids'] : array();
$link_finance_ids = isset($_REQUEST['link_finance_ids']) && is_array($_REQUEST['link_finance_ids']) ? $_REQUEST['link_finance_ids'] : array();
if (count($link_invoice_payment_ids) || count($link_finance_ids)) {
// success we can link!
if (!count($link_finance_ids)) {
set_error('Please select at least one transaction that is not an invoice payment.');
redirect_browser(self::link_open(false));
}
$parent_finance_id = (int) key($link_finance_ids);
if ($parent_finance_id > 0) {
// we have a parent! woo!
unset($link_finance_ids[$parent_finance_id]);
foreach ($link_finance_ids as $link_finance_id => $tf) {
$link_finance_id = (int) $link_finance_id;
if (strlen($tf) && $link_finance_id > 0) {
// create this link.
$sql = "UPDATE `" . _DB_PREFIX . "finance` SET parent_finance_id = {$parent_finance_id} WHERE finance_id = {$link_finance_id} LIMIT 1";
query($sql);
}
}
foreach ($link_invoice_payment_ids as $link_invoice_payment_id => $tf) {
$link_invoice_payment_id = (int) $link_invoice_payment_id;
if (strlen($tf) && $link_invoice_payment_id > 0) {
// create this link.
$sql = "UPDATE `" . _DB_PREFIX . "invoice_payment` SET parent_finance_id = {$parent_finance_id} WHERE invoice_payment_id = {$link_invoice_payment_id} LIMIT 1";
query($sql);
}
}
}
}
set_message('Linking success');
redirect_browser(self::link_open(false));
}
function save_data_record()
{
$data = $_POST;
$data_record_id = isset($data['data_record_id']) ? $data['data_record_id'] : false;
$data_type_id = (int) $data['data_type_id'];
if (!$data_type_id) {
set_error(_l('Sorry no data type set'));
return false;
}
$data_type = $this->get_data_type($data_type_id);
if ((!$data_record_id || $data_record_id == 'new') && !$this->can_i('create', $data_type['data_type_name'])) {
set_error('No permissions to create data');
return false;
} else {
if ((int) $data_record_id > 0 && !$this->can_i('edit', $data_type['data_type_name'])) {
set_error('No permissions to edit data');
return false;
} else {
if ((int) $data_record_id > 0 && !$this->can_i('delete', $data_type['data_type_name']) && isset($_POST['butt_del'])) {
set_error('No permissions to delete data');
return false;
} else {
if ((int) $data_record_id > 0 && $this->can_i('delete', $data_type['data_type_name']) && isset($_POST['butt_del'])) {
if (module_form::confirm_delete('data_record_id', "Really delete this entire data record?", $this->link('', array("data_record_id" => $data_record_id)))) {
$this->delete_data_record($data_record_id);
set_error(_l("Data deleted successfully"));
redirect_browser($this->link());
}
}
}
}
}
if (!isset($data['save_data_group']) || !is_array($data['save_data_group'])) {
// no information to save?? error
set_error(_l('Sorry no group found to save'));
return false;
}
if ((!isset($data['data_field']) || !is_array($data['data_field']) || !count($data['data_field'])) && !isset($_FILES['data_field']['tmp_name'])) {
set_error(_l('Sorry, no data found to save'));
return false;
}
if (isset($_REQUEST['form_id']) && $_REQUEST['form_id']) {
$form_id = $_REQUEST['form_id'];
} else {
$form_id = 'default';
}
$_SESSION['_form_highlight'][$form_id] = array();
//unset($data['data_type_id']);
// first we check for required fields missing in the data field array.
// return false on error, and set the error fields in session so they can be highligted on re-render
$data_field_groups = $this->get_data_field_groups($data_type_id);
$allowed_to_save = array();
// an array of fields we are allowed to save in this save call.
$missing_required_fields = array();
$missing_required_fields_names = array();
$all_data_fields = array();
// for history cache.
foreach ($data_field_groups as $data_field_group) {
// check if the user is posting data for this field.
$data_field_group_id = $data_field_group['data_field_group_id'];
if (isset($data['save_data_group'][$data_field_group_id]) && $data['save_data_group'][$data_field_group_id]) {
$data_fields = $this->get_data_fields($data_field_group_id);
$all_data_fields[$data_field_group_id] = $data_fields;
// loop over all fields, and ensure the ones that are required are present.
foreach ($data_fields as $data_field) {
$data_field_id = $data_field['data_field_id'];
if ($data_field['required']) {
// depending on the type of field, there are different ways to
// check if the required field has been inserted.
switch ($data_field['field_type']) {
case 'radio':
case 'checkbox_list':
if (isset($data['data_field'][$data_field_id]) && strtolower($data['data_field'][$data_field_id]) == 'other' && (!isset($data['other_data_field'][$data_field_id]) || !$data['other_data_field'][$data_field_id])) {
$missing_required_fields[$data_field_id] = 'other';
$missing_required_fields_names[$data_field_id] = $data_field['title'];
} else {
if (!isset($data['data_field'][$data_field_id]) || !$data['data_field'][$data_field_id]) {
$missing_required_fields[$data_field_id] = true;
}
}
break;
case 'file':
if (!is_uploaded_file($_FILES['data_field']['tmp_name'][$data_field_id])) {
$missing_required_fields[$data_field_id] = true;
$missing_required_fields_names[$data_field_id] = $data_field['title'];
}
break;
case 'created_date_time':
case 'created_date':
case 'created_time':
case 'updated_date_time':
case 'updated_date':
case 'updated_time':
case 'created_by':
case 'updated_by':
break;
default:
// normal text field etc..
if (!isset($data['data_field'][$data_field_id]) || !$data['data_field'][$data_field_id]) {
$missing_required_fields[$data_field_id] = true;
$missing_required_fields_names[$data_field_id] = $data_field['title'];
}
break;
}
}
$allowed_to_save[$data_field_id] = true;
}
}
}
// we only want notes as required if the notes field is passed.
/*if(isset($data['notes']) && !trim($data['notes'])){
$missing_required_fields['notes']=true;
$missing_required_fields_names[$data_field_id] = $data_field['name'];
}*/
if ($missing_required_fields) {
set_error(_l('Required fields missing: %s', implode(', ', $missing_required_fields_names)));
$_SESSION['_form_highlight'][$form_id] = $missing_required_fields;
return false;
}
if (!count($allowed_to_save)) {
set_message(_l('Sorry, not fields found to save'));
return false;
}
// check for 'other' option on radio boxes.
// update the main data record to contain the latest information
if ($data_record_id && $data_record_id != 'new') {
// updating a previous one
$previous_data_record = $this->get_data_record($data_record_id);
$previous_data_items = $this->get_data_items($data_record_id);
if (!$previous_data_record['status'] && !$data['status']) {
$data['status'] = 'new';
}
} else {
if (!isset($data['status']) || !$data['status']) {
$data['status'] = 'new';
}
$previous_data_record = false;
}
$data_record_id = update_insert('data_record_id', $data_record_id, 'data_record', $data);
if (!$data_record_id) {
set_message(_l('Unable to save data record sorry'));
return false;
}
// create a new revision to store this latest information, and link all the data field information to.
$data['field_cache'] = serialize($all_data_fields);
$data['field_group_cache'] = serialize($data_field_groups);
$data['data_record_id'] = $data_record_id;
$data_record_revision_id = update_insert('data_record_revision_id', 'new', 'data_record_revision', $data);
if (!$data_record_revision_id) {
set_message(_l('Unable to save data record revision sorry'));
return false;
}
update_insert('data_record_id', $data_record_id, 'data_record', array('last_revision_id' => $data_record_revision_id));
// save all the fields against this revision
foreach ($allowed_to_save as $data_field_id => $tf) {
$data_field = $this->get_data_field($data_field_id);
// incase admin updates during a save? probably will never fire.
if ($data_field['data_field_id'] != $data_field_id) {
continue;
//skip to next field to save.
}
$data_field_data = false;
switch ($data_field['field_type']) {
case 'radio':
case 'checkbox_list':
$data_field_data = isset($data['data_field'][$data_field_id]) ? $data['data_field'][$data_field_id] : false;
if (isset($data['other_data_field'][$data_field_id]) && $data['other_data_field'][$data_field_id]) {
$data_field_data = $data['other_data_field'][$data_field_id];
}
break;
case 'file':
// check the file has been uploaded.
if (is_uploaded_file($_FILES['data_field']['tmp_name'][$data_field_id])) {
$user_file = preg_replace('/[^\\w\\.]+/', '', trim(basename($_FILES['data_field']['name'][$data_field_id])));
if (strlen($user_file)) {
// move it into the upload folder and set a field data below.
// not too worried about people uploading bad files here eg php scripts, cos it's all an internal project.
$file_name = "{$data_field_id}-{$data_record_id}-{$data_record_revision_id}-custom";
if (move_uploaded_file($_FILES['data_field']['tmp_name'][$data_field_id], 'includes/plugin_data/upload/' . $file_name)) {
// upload success.
$data_field_data = serialize(array('file' => $file_name, 'name' => $user_file));
}
}
}
break;
default:
$data_field_data = isset($data['data_field'][$data_field_id]) ? $data['data_field'][$data_field_id] : false;
}
// if the value has been posted, or we have a manual value set above (eg: a file)
if ($data_field_data !== false) {
if (is_array($data_field_data)) {
$data_field_data = serialize($data_field_data);
}
$store_data = array('data_field_id' => $data_field_id, 'data_record_id' => $data_record_id, 'data_record_revision_id' => $data_record_revision_id, 'data_text' => $data_field_data, 'data_number' => 0, 'data_varchar' => '', 'data_field_settings' => serialize($data_field));
// print_r($store_data);
// todo - check if there are any changes between this data VALUE and the previous revision value.
// if there are no differences, then we dont bother saving it.
$save_value = true;
if ($previous_data_record && isset($previous_data_items[$data_field_id])) {
// check if any field attributes have changed.
$save_value = false;
$previous_data_item = $previous_data_items[$data_field_id];
//print_r($previous_data_item);exit;
foreach (array('data_text', 'data_number', 'data_varchar', 'data_field_settings') as $check_changes) {
if (trim($store_data[$check_changes]) != trim($previous_data_item[$check_changes])) {
//echo $store_data[$check_changes] . '<br> doesnt match <br>' ."\n" . $previous_data_item[$check_changes] . '<br><hr>';
//exit;
$save_value = true;
break;
}
}
}
if ($save_value) {
$data_store_id = update_insert('data_store_id', 'new', 'data_store', $store_data);
}
}
}
return $data_record_id;
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes') {
// confirm deletion of these tickets:
$product_ids = isset($_REQUEST['bulk_operation']) && is_array($_REQUEST['bulk_operation']) ? $_REQUEST['bulk_operation'] : array();
foreach ($product_ids as $product_id => $k) {
if ($k != 'yes') {
unset($product_ids[$product_id]);
} else {
$product_ids[$product_id] = self::link_open($product_id, true);
}
}
if (count($product_ids) > 0) {
if (module_form::confirm_delete('product_id', "Really delete products: " . implode(', ', $product_ids), self::link_open(false))) {
foreach ($product_ids as $product_id => $product_number) {
self::delete_product($product_id);
}
set_message(_l("%s products deleted successfully", count($product_ids)));
redirect_browser(self::link_open(false));
}
}
}
}
public function external_hook($hook)
{
switch ($hook) {
case 'event_ipn':
$body = @file_get_contents('php://input');
$event_json = json_decode($body);
ob_start();
echo "UCM coinbase DEBUG:<br><br>JSON: <br>\n";
print_r($event_json);
echo "<br><br>\n";
$success = false;
$bits = explode(':', isset($event_json->order->custom) ? $event_json->order->custom : '');
if (count($bits) == 4) {
// we have our custom bits, invoice_id, invoice_payment_id and hash
// check they are right
$invoice_id = (int) $bits[0];
$invoice_payment_id = (int) $bits[1];
$invoice_payment_subscription_id = (int) $bits[2];
$hash = $bits[3];
$correct_hash = self::get_payment_key($invoice_id, $invoice_payment_id, $invoice_payment_subscription_id, true);
if ($invoice_id && $invoice_payment_id && $hash == $correct_hash) {
// This will send receipts on succesful invoices
// todo - coinbase doesnt sent this callback correctly just yet
if ($event_json && isset($event_json->recurring_payment) && $invoice_payment_subscription_id) {
// status changes on a recurring payment.
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if (!$invoice_payment_subscription['date_start'] || $invoice_payment_subscription['date_start'] == '0000-00-00') {
// no start date yet, set the start date now.
if ($event_json->recurring_payment->status == 'active') {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d')));
}
}
if ($event_json->recurring_payment->status == 'paused' || $event_json->recurring_payment->status == 'canceled') {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_FAILED));
}
}
if ($event_json && isset($event_json->order->status) && $event_json->order->status == 'completed' && isset($event_json->order->total_native) && isset($event_json->order->custom)) {
// crab out the custom bits so we know what to deal with.
$invoice_payment_data = module_invoice::get_invoice_payment($invoice_payment_id);
$currency = module_config::get_currency($invoice_payment_data['currency_id']);
if ($invoice_payment_subscription_id) {
// this API result is for a subscription payment.
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if ($invoice_payment_subscription && $invoice_payment_subscription['invoice_payment_subscription_id'] == $invoice_payment_subscription_id && $currency['code'] == $event_json->order->total_native->currency_iso) {
if (!$invoice_payment_subscription['date_start'] || $invoice_payment_subscription['date_start'] == '0000-00-00') {
// no start date yet, set the start date now (this should really happen in the above callback, but coinbase isn't working right now)
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d')));
}
// we have a subscription payment. woo!
// this gets a bit tricky, we have to work out if the invoice has been generated for this subscription yet.
// if this invoice hasn't been generated yet then we have to generate it.
// pass this back to the invoice class so we can reuse this feature in the future.
$data = module_invoice::create_new_invoice_for_subscription_payment($invoice_id, $invoice_payment_id, $invoice_payment_subscription_id);
if ($data && $data['invoice_id'] && $data['invoice_payment_id']) {
$next_time = time();
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['days']) . ' days', $next_time);
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['months']) . ' months', $next_time);
$next_time = strtotime('+' . abs((int) $invoice_payment_subscription['years']) . ' years', $next_time);
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('date_last_pay' => date('Y-m-d'), 'date_next' => date('Y-m-d', $next_time)));
update_insert("invoice_payment_id", $data['invoice_payment_id'], "invoice_payment", array('date_paid' => date('Y-m-d'), 'amount' => $event_json->order->total_native->cents / 100, 'method' => self::get_payment_method_name() . ' (Subscription)', 'invoice_payment_subscription_id' => $invoice_payment_subscription_id));
self::add_payment_data($data['invoice_payment_id'], 'log', "Invoice Payment Subscription Received!");
self::add_payment_data($data['invoice_payment_id'], 'log', "API IP is " . $_SERVER['REMOTE_ADDR']);
self::add_payment_data($data['invoice_payment_id'], 'log', "Received BTC: " . $event_json->order->total_btc->cents / 10000000);
self::add_payment_data($data['invoice_payment_id'], 'log', "Received " . $event_json->order->total_native->currency_iso . ': ' . $event_json->order->total_native->cents / 100);
self::add_payment_data($data['invoice_payment_id'], 'log', "Destination Address: " . $event_json->order->receive_address);
self::add_payment_data($data['invoice_payment_id'], 'log', "Currency code matches, marking invoice as paid.");
self::add_payment_data($data['invoice_payment_id'], 'log', "Raw Event Data: \n" . json_encode($event_json));
module_invoice::save_invoice($data['invoice_id'], array());
echo "Successful Subscription Payment!";
} else {
send_error("Coinbase Subscription Error (failed to generate new invoice!) " . var_export($data, true));
}
} else {
send_error('Currency code missmatch on coinbase subscription payment');
}
} else {
// this is a normal once off payment.
self::add_payment_data($invoice_payment_id, 'log', "API IP is " . $_SERVER['REMOTE_ADDR']);
self::add_payment_data($invoice_payment_id, 'log', "Received BTC: " . $event_json->order->total_btc->cents / 10000000);
self::add_payment_data($invoice_payment_id, 'log', "Received " . $event_json->order->total_native->currency_iso . ': ' . $event_json->order->total_native->cents / 100);
self::add_payment_data($invoice_payment_id, 'log', "Destination Address: " . $event_json->order->receive_address);
if ($currency['code'] == $event_json->order->total_native->currency_iso) {
self::add_payment_data($invoice_payment_id, 'log', "Currency code matches, marking invoice as paid.");
update_insert("invoice_payment_id", $invoice_payment_id, "invoice_payment", array('date_paid' => date('Y-m-d'), 'amount' => $event_json->order->total_native->cents / 100));
module_invoice::save_invoice($invoice_id, array());
echo "Successful Payment!";
$success = true;
} else {
self::add_payment_data($invoice_payment_id, 'log', "Currency code missmatch, please check settings!");
}
self::add_payment_data($invoice_payment_id, 'log', "Raw Event Data: \n" . json_encode($event_json));
}
}
}
}
$debug = ob_get_clean();
if (module_config::c('coinbase_payment_debug', 0)) {
send_error("Coinbase Debug: {$debug}");
}
exit;
break;
case 'pay_subscription':
$invoice_id = isset($_REQUEST['invoice_id']) ? $_REQUEST['invoice_id'] : false;
$invoice_payment_id = isset($_REQUEST['invoice_payment_id']) ? $_REQUEST['invoice_payment_id'] : false;
$invoice_payment_subscription_id = isset($_REQUEST['invoice_payment_subscription_id']) ? $_REQUEST['invoice_payment_subscription_id'] : false;
$coinbase_plan_id = isset($_REQUEST['coinbase_plan_id']) ? $_REQUEST['coinbase_plan_id'] : false;
$user_id = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : false;
if ($invoice_id && $invoice_payment_id && $coinbase_plan_id && $invoice_payment_subscription_id && $user_id && isset($_POST['coinbaseToken'])) {
$user_data = module_user::get_user($user_id);
$email = isset($_REQUEST['coinbaseEmail']) && strlen($_REQUEST['coinbaseEmail']) ? $_REQUEST['coinbaseEmail'] : $user_data['email'];
if (!$email || !strpos($email, '@')) {
die('Please ensure your user account has a valid email address before paying with coinbase');
}
$invoice_payment = get_single('invoice_payment', 'invoice_payment_id', $invoice_payment_id);
$invoice_payment_subscription = get_single('invoice_payment_subscription', 'invoice_payment_subscription_id', $invoice_payment_subscription_id);
if (!$invoice_payment || !$invoice_payment_subscription || $invoice_payment['invoice_id'] != $invoice_id || $invoice_payment['invoice_payment_subscription_id'] != $invoice_payment_subscription_id) {
die('Invalid invoice payment subscription id');
}
$invoice_payment_data = module_invoice::get_invoice_payment($invoice_payment_id);
$invoice_data = module_invoice::get_invoice($invoice_id);
if ($invoice_payment_data && $invoice_data && $invoice_id == $invoice_data['invoice_id'] && $invoice_payment_data['invoice_id'] == $invoice_data['invoice_id']) {
$currency = module_config::get_currency($invoice_payment_data['currency_id']);
$currency_code = $currency['code'];
$description = isset($_REQUEST['description']) ? $_REQUEST['description'] : 'N/A';
$template = new module_template();
ob_start();
require_once 'includes/plugin_paymethod_coinbase/coinbase-php/lib/coinbase.php';
$coinbase = array("secret_key" => module_config::c('payment_method_coinbase_api_key'), "publishable_key" => module_config::c('payment_method_coinbase_secret_key'));
coinbase::setApiKey($coinbase['secret_key']);
try {
// todo- search for existing customer based on email address???
// todo: check if adding new plan to existing customer work??
$coinbase_customer = coinbase_Customer::create(array("card" => $_POST['coinbaseToken'], "email" => $email, 'metadata' => array('user_id' => $user_id)));
if ($coinbase_customer && $coinbase_customer->id) {
//} && $coinbase_customer->subscriptions){
$coinbase_subscription = $coinbase_customer->subscriptions->create(array('plan' => $coinbase_plan_id));
if ($coinbase_subscription && $coinbase_subscription->id) {
update_insert('invoice_payment_subscription_id', $invoice_payment_subscription_id, 'invoice_payment_subscription', array('status' => _INVOICE_SUBSCRIPTION_ACTIVE, 'date_start' => date('Y-m-d'), 'coinbase_customer' => $coinbase_customer->id, 'coinbase_subscription' => $coinbase_subscription->id));
module_paymethod_coinbase::add_payment_data($invoice_payment_id, 'log', "Started coinbase Subscription: " . var_export(array('customer.id' => $coinbase_customer->id, 'plan.id' => $coinbase_plan_id, 'subscription.id' => $coinbase_subscription->id), true));
// success!
// redirect to receipt page.
redirect_browser(module_invoice::link_public_payment_complete($invoice_id));
} else {
echo 'Failed to create subscription with coinbase';
}
}
$error = "Something went wrong during coinbase payment. Please confirm invoice payment went through: " . htmlspecialchars($description);
send_error($error);
echo $error;
} catch (coinbase_CardError $e) {
// The card has been declined
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Payment failed. <br><br>\n\n" . htmlspecialchars($description) . ". <br><br>\n\n";
$error .= $err['message'];
echo $error;
$error .= "\n\n\n" . var_export($err, true);
send_error($error);
} catch (Exception $e) {
$body = $e->getJsonBody();
$err = $body['error'];
$error = "Sorry: Payment failed. <br><br>\n\n" . htmlspecialchars($description) . ". <br><br>\n\n";
$error .= $err['message'];
echo $error;
$error .= "\n\n\n" . var_export($err, true);
send_error($error);
}
$template->content = ob_get_clean();
echo $template->render('pretty_html');
exit;
}
}
echo 'Error paying via coinbase';
exit;
}
}
private function _handle_save_template()
{
// handle post back for save template template.
$template_id = (int) $_REQUEST['template_id'];
// delete.
if (isset($_REQUEST['butt_del']) && self::can_i('delete', 'Templates')) {
$template_data = self::get_template($template_id);
if (module_form::confirm_delete('template_id', _l("Really delete template: %s", $template_data['template_key']), self::link_open($template_id))) {
$this->delete($template_id);
// todo: delete company template as well if exists.
set_message("Template deleted successfully");
redirect_browser(self::link_open(false));
}
}
$data = $_POST;
$already_saved = false;
if ((int) $template_id > 0 && class_exists('module_company', false)) {
module_company::template_handle_save($template_id, $data);
// we have to redirect to a company specific version of this template
// each company template must have a matching parent template id/key. cannot change keys in company unique config.
}
// write header/footer html based on uploaded images.
// pass uploaded images to the file manager plugin.
$template_id = update_insert('template_id', $template_id, 'template', $data);
// redirect upon save.
set_message('Template saved successfully!');
if (isset($_REQUEST['return']) && $_REQUEST['return']) {
redirect_browser($_REQUEST['return']);
}
redirect_browser($this->link_open($template_id));
exit;
}
public function process()
{
$errors = array();
if ("save_from_popup" == $_REQUEST['_process']) {
// dont use the normal hook to save, its gay way of saving.
// look at post data.
if (isset($_POST['address']) && is_array($_POST['address'])) {
foreach ($_POST['address'] as $address_hash => $address_data) {
if (isset($address_data['address_id']) && (int) $address_data['address_id']) {
$this->save_address($address_data['address_id'], $address_data);
}
}
}
}
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
public function process()
{
if ("save_facebook" == $_REQUEST['_process']) {
$social_facebook_id = isset($_REQUEST['social_facebook_id']) ? (int) $_REQUEST['social_facebook_id'] : 0;
$facebook = new ucm_facebook_account($social_facebook_id);
if (isset($_POST['butt_del']) && module_social::can_i('delete', 'Facebook', 'Social', 'social')) {
if (module_form::confirm_delete('social_facebook_id', "Really delete this Facebook account from the system? All messages will be lost.", self::link_open($_REQUEST['social_facebook_id']))) {
$facebook->delete();
set_message("Facebook account deleted successfully");
redirect_browser(self::link_open(false));
}
}
$facebook->save_data($_POST);
$social_facebook_id = $facebook->get('social_facebook_id');
if (isset($_POST['butt_save_connect'])) {
$redirect = $this->link_open($social_facebook_id, false, false, 'facebook_account_connect');
} else {
set_message('Facebook account saved successfully');
$redirect = $this->link_open($social_facebook_id);
}
redirect_browser($redirect);
exit;
} else {
if ("send_facebook_message" == $_REQUEST['_process']) {
if (module_form::check_secure_key()) {
$social_facebook_id = isset($_REQUEST['social_facebook_id']) ? (int) $_REQUEST['social_facebook_id'] : 0;
$facebook = new ucm_facebook_account($social_facebook_id);
if ($social_facebook_id && $facebook->get('social_facebook_id') == $social_facebook_id) {
// queue the message into the facebook_message table
// if there's a scheduled date in the past we send it in the past, no date we send straight away, date in the future we leave it in the db table for the cron job to pick up.
//print_r($_POST);exit;
$send_time = false;
// default: now
if (isset($_POST['schedule_date']) && isset($_POST['schedule_time']) && !empty($_POST['schedule_date']) && !empty($_POST['schedule_time'])) {
$date = $_POST['schedule_date'];
$time_hack = $_POST['schedule_time'];
$time_hack = str_ireplace('am', '', $time_hack);
$time_hack = str_ireplace('pm', '', $time_hack);
$bits = explode(':', $time_hack);
if (strpos($_POST['schedule_time'], 'pm')) {
$bits[0] += 12;
}
// add the time if it exists
$date .= ' ' . implode(':', $bits) . ':00';
$send_time = strtotime(input_date($date, true));
} else {
if (isset($_POST['schedule_date']) && !empty($_POST['schedule_date'])) {
$send_time = strtotime(input_date($_POST['schedule_date'], true));
}
}
//echo print_date($send_time,true);
//echo '<br>';
//echo date('c',$send_time);
//exit;
/* @var $available_pages ucm_facebook_page[] */
$available_pages = $facebook->get('pages');
$send_pages = isset($_POST['compose_page_id']) && is_array($_POST['compose_page_id']) ? $_POST['compose_page_id'] : array();
$page_count = 0;
if ($send_pages) {
foreach ($send_pages as $facebook_page_id => $tf) {
if (!$tf) {
continue;
}
// see if this is an available page.
if (isset($available_pages[$facebook_page_id])) {
// push to db! then send.
$facebook_message = new ucm_facebook_message($facebook, $available_pages[$facebook_page_id], false);
$facebook_message->create_new();
$facebook_message->update('social_facebook_page_id', $available_pages[$facebook_page_id]->get('social_facebook_page_id'));
$facebook_message->update('social_facebook_id', $facebook->get('social_facebook_id'));
$facebook_message->update('summary', isset($_POST['message']) ? $_POST['message'] : '');
$facebook_message->update('type', 'pending');
$facebook_message->update('link', isset($_POST['link']) ? $_POST['link'] : '');
$facebook_message->update('data', json_encode($_POST));
$facebook_message->update('user_id', module_security::get_loggedin_id());
// do we send this one now? or schedule it later.
$facebook_message->update('status', _SOCIAL_MESSAGE_STATUS_PENDINGSEND);
if ($send_time) {
// schedule for sending at a different time (now or in the past)
$facebook_message->update('last_active', $send_time);
} else {
// send it now.
$facebook_message->update('last_active', 0);
}
if (isset($_FILES['picture']['tmp_name']) && is_uploaded_file($_FILES['picture']['tmp_name'])) {
$facebook_message->add_attachment($_FILES['picture']['tmp_name']);
}
$facebook_message->send_queued(isset($_POST['debug']));
$page_count++;
} else {
// log error?
}
}
}
set_message(_l('Message delivered successfully to %s Facebook pages', $page_count));
$redirect = $this->link_open_message_view($social_facebook_id);
redirect_browser($redirect);
}
}
} else {
if ("ajax_facebook_url_info" == $_REQUEST['_process']) {
header('Content-type: text/javascript');
$url = isset($_REQUEST['url']) ? $_REQUEST['url'] : false;
if (strlen($url) > 4 && preg_match('#https?://#', $url)) {
// pass this into graph api debugger to get some information back about the URL
$facebook = new ucm_facebook();
$data = $facebook->get_url_info($url);
// return the data formatted in json ready to be added into the relevant input boxes.
$data['link_picture'] = isset($data['image'][0]['url']) ? $data['image'][0]['url'] : '';
$data['link_name'] = isset($data['title']) ? $data['title'] : '';
$data['link_caption'] = isset($data['caption']) ? $data['caption'] : '';
$data['link_description'] = isset($data['description']) ? $data['description'] : '';
echo json_encode($data);
}
exit;
} else {
if ("ajax_social_facebook" == $_REQUEST['_process']) {
// ajax functions from wdsocial. copied from the datafeed.php sample files.
header('Content-type: text/javascript');
if (module_form::check_secure_key()) {
// todo: check user has access to this message.
$social_facebook_id = isset($_REQUEST['social_facebook_id']) ? (int) $_REQUEST['social_facebook_id'] : 0;
//$facebook = new ucm_facebook_account($social_facebook_id);
//if($social_facebook_id && $facebook->get('social_facebook_id') == $social_facebook_id){
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : false;
$message_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
$facebook_message = new ucm_facebook_message();
$facebook_message->load($message_id);
//if($facebook_message->get('social_facebook_id') == $social_facebook_id){
switch ($action) {
case "send-message-reply":
if (module_social::can_i('create', 'Facebook Comments', 'Social', 'social')) {
$return = array();
$message = isset($_POST['message']) && $_POST['message'] ? $_POST['message'] : '';
$facebook_id = isset($_POST['facebook_id']) && $_POST['facebook_id'] ? $_POST['facebook_id'] : false;
$debug = isset($_POST['debug']) && $_POST['debug'] ? $_POST['debug'] : false;
if ($message) {
if ($debug) {
ob_start();
}
$facebook_message->send_reply($facebook_id, $message, $debug);
if ($debug) {
$return['message'] = ob_get_clean();
} else {
// todo - option to ask the user if they want to archive a message during the send.
set_message(_l('Message sent and conversation archived.'));
if ($social_facebook_id) {
$return['redirect'] = module_social_facebook::link_open_message_view($social_facebook_id);
} else {
// return to the 'combined' view:
}
}
}
echo json_encode($return);
}
break;
case "set-answered":
if (module_social::can_i('edit', 'Facebook Comments', 'Social', 'social')) {
$facebook_message->update('status', _SOCIAL_MESSAGE_STATUS_ANSWERED);
?>
$('.facebook_message_row[data-id=<?php
echo $message_id;
?>
]').hide();
<?php
}
break;
case "set-unanswered":
if (module_social::can_i('edit', 'Facebook Comments', 'Social', 'social')) {
$facebook_message->update('status', _SOCIAL_MESSAGE_STATUS_UNANSWERED);
?>
$('.facebook_message_row[data-id=<?php
echo $message_id;
?>
]').hide();
<?php
}
break;
}
//echo 'The status is '.$facebook_message->get('status');
//}
}
// }
exit;
}
}
}
}
}
public static function template_handle_save($template_id, $data)
{
// check if we're savniga company id and that this user has access to this company, and permissions to edit templates.
$company_id = isset($_REQUEST['company_id']) ? (int) $_REQUEST['company_id'] : false;
if ($company_id) {
$company = self::get_company($company_id);
if ($company) {
$existing_template = module_template::get_template($template_id);
if ($existing_template && $existing_template['template_id'] == $template_id) {
// we're saving a template for this particular company.
// if it's an empty template content then we remove this company template so it reverts to the system default.
if (isset($data['content']) && !strlen(trim($data['content']))) {
delete_from_db('company_template', array('company_id', 'template_id'), array($company_id, $template_id));
set_message('Company template successfully reset to default');
redirect_browser(module_template::link_open($template_id));
} else {
$sql = 'REPLACE INTO `' . _DB_PREFIX . "company_template` SET company_id = " . (int) $company_id . ", `template_id` = " . (int) $template_id . ", `description` = '" . mysql_real_escape_string(isset($data['description']) ? $data['description'] : '') . "', `content` = '" . mysql_real_escape_string(isset($data['content']) ? $data['content'] : '') . "', `wysiwyg` = '" . mysql_real_escape_string(isset($data['wysiwyg']) ? $data['wysiwyg'] : '') . "'";
query($sql);
set_message('Unique company template successfully updated');
redirect_browser(module_template::link_open($template_id) . '&company_id=' . $company_id);
}
}
}
}
}
public static function check_for_upgrades($requested_plugin = '', $get_file_contents = 0)
{
// compile a list of current plugins
// along with the users installation code
// send it to our server and get a response with a list of available updates for this user.
$current_plugins = array();
$current_files = array();
global $plugins;
if (_DEBUG_MODE) {
module_debug::log(array('title' => 'Checking for upgrades:', 'data' => 'start'));
}
foreach ($plugins as $plugin_name => $p) {
if ($requested_plugin && $requested_plugin != $plugin_name) {
continue;
}
if (!$p->is_plugin_enabled()) {
$p->init();
}
$current_plugins[$plugin_name] = $p->get_plugin_version();
// find all the files related to this plugin.
if (function_exists('getFilesFromDir') && module_config::c('upgrade_post_file_list', 1)) {
$directory = 'includes/plugin_' . $plugin_name . '/';
$files = getFilesFromDir($directory);
$files = array_flip($files);
foreach ($files as $file => $tf) {
// ignore certain files.
if (strpos($file, 'plugin_file/upload') !== false || strpos($file, 'plugin_data/upload') !== false || strpos($file, '/cache/') !== false || strpos($file, '/html2ps/') !== false || strpos($file, 'backup/backups/backup_') !== false || strpos($file, '/attachments/') !== false || strpos($file, '/temp/') !== false || strpos($file, '/tmp/') !== false) {
unset($files[$file]);
} else {
$d = preg_replace('#Envato:[^\\r\\n]*#', '', preg_replace('#Package Date:[^\\r\\n]*#', '', preg_replace('#IP Address:[^\\r\\n]*#', '', preg_replace('#Licence:[^\\r\\n]*#', '', file_get_contents($file)))));
$files[$file] = md5(base64_encode($d));
}
}
$current_files[$plugin_name] = $files;
}
if (_DEBUG_MODE) {
module_debug::log(array('title' => 'Checking for upgrades:', 'data' => $plugin_name . ' done'));
}
}
//print_r($current_files);exit;
$available_updates = array();
$post_fields = array('application' => _APPLICATION_ID, 'installation_code' => module_config::c('_installation_code'), 'current_version' => module_config::c('_admin_system_version', 2.1), 'current_plugins' => json_encode($current_plugins), 'current_files' => json_encode($current_files), 'client_ip' => $_SERVER['REMOTE_ADDR'], 'installation_location' => full_link('/'), 'requested_plugin' => $requested_plugin, 'get_file_contents' => $get_file_contents);
$url = module_config::c('ucm_upgrade_url', 'http://api.ultimateclientmanager.com/upgrade.php');
if ($url == 'http://ultimateclientmanager.com/api/upgrade.php') {
$url = 'http://api.ultimateclientmanager.com/upgrade.php';
// hack to use new update subdomain
}
if ($url != 'http://ultimateclientmanager.com/api/upgrade.php' && $url != 'http://api.ultimateclientmanager.com/upgrade.php') {
set_error('Incorrect API url');
redirect_browser(_BASE_HREF);
}
if (_DEBUG_MODE) {
module_debug::log(array('title' => 'Checking for upgrades:', 'data' => 'Posting to API'));
}
if (!function_exists('curl_init')) {
$postdata = http_build_query($post_fields);
$opts = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata));
$context = stream_context_create($opts);
$result = file_get_contents($url, false, $context);
} else {
//$url = 'http://localhost/ucm/web/api/upgrade.php';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
// fixes netregistr, may break others?
$result = curl_exec($ch);
}
$data = json_decode($result, true);
if (_DEBUG_MODE) {
module_debug::log(array('title' => 'Checking for upgrades:', 'data' => 'Received response from API'));
}
if ($data && isset($data['available_updates']) && is_array($data['available_updates'])) {
$available_updates = $data['available_updates'];
}
if ($data && isset($data['licence_codes']) && is_array($data['licence_codes'])) {
// find out what the licence codes are (url / name) so we can dispaly this under each code nicely.
foreach ($data['licence_codes'] as $code => $foo) {
if (strlen($code) > 10 && strlen($foo) > 10) {
module_config::save_config('_licence_code_' . $code, $foo);
// this might not be working
}
}
}
if (!$data) {
echo $result;
}
//echo '<pre>';print_r($current_plugins);print_r($result);echo '</pre>';
return $available_updates;
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes' && self::can_i('delete', 'Files')) {
// confirm deletion of these files:
$file_ids = isset($_REQUEST['bulk_operation']) && is_array($_REQUEST['bulk_operation']) ? $_REQUEST['bulk_operation'] : array();
foreach ($file_ids as $file_id => $k) {
if ($k != 'yes') {
unset($file_ids[$file_id]);
} else {
$ucm_file = new ucm_file($file_id);
if (!$ucm_file->can_i_access()) {
unset($file_ids[$file_id]);
} else {
$file_data = $ucm_file->get_data();
$file_ids[$file_id] = $file_data['file_name'];
}
}
}
if (count($file_ids) > 0) {
if (module_form::confirm_delete('file_id', _l("Really delete files: %s", implode(', ', $file_ids)), self::link_open(false))) {
foreach ($file_ids as $file_id => $file_number) {
$ucm_file = new ucm_file($file_id);
$ucm_file->delete();
}
set_message(_l("%s files deleted successfully", count($file_ids)));
redirect_browser(self::link_open(false));
}
}
}
}
}
}
}
}
} else {
if ($die) {
die("Unzipping Failed: Unable to open zip file: {$file} \n");
} else {
return false;
}
}
return true;
}
if (unzip_mpdf('mpdf.zip', false, true)) {
set_message('Success. mPDF installed. You can now print PDFs');
redirect_browser(str_replace('auto_pdf_install', '', $_SERVER['REQUEST_URI']));
} else {
echo " Installation of mPDF failed. Sorry, please try the manual method below.";
}
}
}
}
}
?>
<h3>Please install the mPDF library:</h3>
Automatic Install (recommended):
<ul>
<li><a href="<?php
echo htmlspecialchars($_SERVER["REQUEST_URI"]) . (strpos($_SERVER["REQUEST_URI"], '?') ? '&' : '?') . 'auto_pdf_install';
?>
">Click here to attempt an automatic installation</a> (recommended)</li>
}
// work out if this user is an "administrator" or a "customer"
// a user will have "edit" capabilities for tickets if they are an administrator
// a user will only have "view" Capabilities for tickets if they are a "customer"
// this will decide what options they have on the page (ie: assigning tickets to people)
if ($ticket_id > 0 && $ticket && $ticket['ticket_id'] == $ticket_id) {
if (class_exists('module_security', false)) {
/*module_security::check_page(array(
'module' => $module->module_name,
'feature' => 'edit',
));*/
// we want to do our own special type of form modification here
// so we don't pass it off to "check_page" which will hide all input boxes.
if (!module_ticket::can_i('edit', 'Tickets') && !module_ticket::can_i('create', 'Tickets')) {
set_error('Access to editing or creating tickets is denied.');
redirect_browser(module_ticket::link_open(false));
}
}
} else {
$ticket_id = false;
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'create'));
}
}
if (module_ticket::can_edit_tickets()) {
module_ticket::mark_as_read($ticket_id, true);
}
//$module->pre_menu(); // so the links are re-build and the correct "unread" count is at the top.
if (!module_security::can_access_data('ticket', $ticket)) {
echo 'Ticket access denied';
exit;
}
if (!function_exists('imap_open')) {
$setup_errors = true;
set_error('Sorry IMAP is not enabled on your hosting account. Please contact your host to have this enabled.');
}
if (!function_exists('curl_init')) {
$setup_errors = true;
set_error('Sorry CURL is not enabled on your hosting account. Please contact your host to have this enabled.');
} else {
// do a test connection
$ch = curl_init('http://ultimateclientmanager.com/api/?curl_check');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
$result = curl_exec($ch);
if (trim($result) != 'success') {
$setup_errors = true;
set_error('There was a problem with CURL. Please check CURL is enabled and your server has a connection to the internet.');
}
}
if ($setup_errors) {
print_heading('Setup Error');
print_header_message();
?>
<p>If you require support, or assistance installing this item, please send in a support ticket here: <a href="http://ultimateclientmanager.com/support-ticket.html" target="_blank">http://ultimateclientmanager.com/support-ticket.html</a> </p>
<a href="?p=setup" class="uibutton">Try Again</a>
<a href="?m=setup&step=1" class="uibutton">Ignore Errors</a>
<?php
} else {
redirect_browser('?m=setup&step=1');
}
$_SESSION['language'] = $_POST['language'];
// Unset the date/time formats in session so translation can fill in the
// language specific defaults
unset($_SESSION['date_statusbar']);
unset($_SESSION['date_scheduled']);
unset($_SESSION['date_scheduled_popup']);
unset($_SESSION['date_recorded']);
unset($_SESSION['date_search']);
unset($_SESSION['date_listing_key']);
unset($_SESSION['date_listing_jump']);
unset($_SESSION['date_channel_jump']);
unset($_SESSION['date_job_status']);
unset($_SESSION['time_format']);
Translate::find()->load_translation();
}
redirect_browser(module . '/' . $Path[1] . '/' . $Path[2]);
}
/**
* Displays a <select> of the available templates
/**/
function template_select($name = 'tmpl', $selected = null)
{
echo '<select name="' . $name . '">';
foreach (array('default', 'lite', 'kgtv') as $tmpl) {
// Print the option
echo '<option value="' . html_entities($tmpl) . '"';
if ($selected == $tmpl) {
echo ' SELECTED';
}
echo '>' . html_entities(str_replace('_', ' ', $tmpl)) . '</option>';
}
set_error('Sorry no newsletter send id specified');
redirect_browser(module_newsletter::link_open($newsletter_id));
}
$send = module_newsletter::get_send($send_id);
if (isset($statistics) && $statistics) {
if ($send['status'] != _NEWSLETTER_STATUS_SENT) {
// hasnt sent yet, redirect to the pending watch page.
redirect_browser(module_newsletter::link_queue_watch($newsletter_id, $send_id));
}
$module->page_title = _l('Statistics');
print_heading(_l('Newsletter Statistics: %s', $newsletter['subject']));
} else {
$statistics = false;
if ($send['status'] == _NEWSLETTER_STATUS_SENT && !$retry_failures) {
// all sent, redirect to the statistics page.
redirect_browser(module_newsletter::link_statistics($newsletter_id, $send_id));
}
$module->page_title = _l('Sending');
print_heading(_l('Sending Newsletter: %s', $newsletter['subject']));
}
if ($retry_failures && $send['total_fail_count'] <= 0) {
$retry_failures = false;
}
$start_time = $send['start_time'];
?>
<form action="" method="post">
<input type="hidden" name="newsletter_id" value="<?php
echo (int) $newsletter_id;
?>
">
function request_token($tmhOAuth)
{
$code = $tmhOAuth->apponly_request(array('without_bearer' => true, 'method' => 'POST', 'url' => $tmhOAuth->url('oauth/request_token', ''), 'params' => array('oauth_callback' => php_self(false))));
if ($code != 200) {
error("There was an error communicating with Twitter. {$tmhOAuth->response['response']}");
return;
}
// store the params into the session so they are there when we come back after the redirect
$_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
// check the callback has been confirmed
if ($_SESSION['oauth']['oauth_callback_confirmed'] !== 'true') {
error('The callback was not confirmed by Twitter so we cannot continue.');
} else {
$url = $tmhOAuth->url('oauth/authorize', '') . "?oauth_token={$_SESSION['oauth']['oauth_token']}";
redirect_browser($url);
/*?>
<p>To complete the OAuth flow please visit URL: <a href="<?php echo $url ?>"><?php echo $url ?></a></p>
<?php*/
}
}
public function process()
{
if ('save_extra_default' == $_REQUEST['_process']) {
if (!module_config::can_i('edit', 'Settings')) {
die('No perms to save extra field settings.');
}
if (isset($_REQUEST['butt_del'])) {
if (module_form::confirm_delete('extra_default_id', _l("Really delete this extra field and ALL extra data linked to this field?"), $_SERVER['REQUEST_URI'])) {
$extra_default = module_extra::get_extra_default($_REQUEST['extra_default_id']);
if ($extra_default && $extra_default['extra_default_id'] == $_REQUEST['extra_default_id'] && $extra_default['owner_table'] && $extra_default['extra_key']) {
$extra_values = get_multiple('extra', array('owner_table' => $extra_default['owner_table'], 'extra_key' => $extra_default['extra_key']), 'extra_id', 'exact', 'owner_id');
if ($extra_values) {
foreach ($extra_values as $extra_value) {
if ($extra_value['owner_table'] == $extra_default['owner_table'] && $extra_value['extra_key'] == $extra_default['extra_key']) {
delete_from_db('extra', 'extra_id', $extra_value['extra_id']);
}
}
}
}
delete_from_db('extra_default', 'extra_default_id', $_REQUEST['extra_default_id']);
set_message('Extra field deleted successfully.');
redirect_browser(str_replace('extra_default_id', 'extra_default_id_deleted', $_SERVER['REQUEST_URI']));
}
}
if ((int) $_REQUEST['extra_default_id'] > 0) {
$extra_default = module_extra::get_extra_default($_REQUEST['extra_default_id']);
if ($extra_default && $extra_default['extra_default_id'] == $_REQUEST['extra_default_id'] && $extra_default['owner_table'] && $extra_default['extra_key']) {
if (isset($_POST['extra_key']) && !empty($_POST['extra_key']) && $_POST['extra_key'] != $extra_default['extra_key']) {
// they have renamed the key, rename all the existing ones in the system.
$extra_values = get_multiple('extra', array('owner_table' => $extra_default['owner_table'], 'extra_key' => $extra_default['extra_key']), 'extra_id', 'exact', 'owner_id');
if ($extra_values) {
foreach ($extra_values as $extra_value) {
if ($extra_value['owner_table'] == $extra_default['owner_table'] && $extra_value['extra_key'] == $extra_default['extra_key']) {
update_insert('extra_id', $extra_value['extra_id'], 'extra', array('extra_key' => $_POST['extra_key']));
}
}
}
}
}
}
$data = $_POST;
if (isset($data['options']) && is_array($data['options'])) {
$data['options'] = json_encode($data['options']);
}
update_insert('extra_default_id', $_REQUEST['extra_default_id'], 'extra_default', $data);
set_message('Extra field saved successfully');
redirect_browser($_SERVER['REQUEST_URI']);
}
}
* @package MythWeb
* @subpackage TV
*
* http://www.gossamer-threads.com/lists/mythtv/dev/102890?search_string=keyword%20search;#102890
*
/**/
// Path-based
if ($Path[3]) {
$_GET['recordid'] = $Path[3];
}
// Load an existing schedule?
if ($_GET['recordid']) {
$schedule =& Schedule::find($_GET['recordid']);
// Not a custom search schedule
if (empty($schedule->search) || $schedule->search == searchtype_manual) {
redirect_browser(root_url . 'tv/schedules');
}
} else {
$schedule = new Schedule(NULL);
}
// The user tried to update the recording settings - update the database and the variable in memory
if (isset($_POST['save'])) {
// Which type of recording is this? Make sure an illegal one isn't specified
$schedule->search_type = '';
switch ($_POST['searchtype']) {
case searchtype_power:
$schedule->search_type = 'Power';
break;
case searchtype_title:
$schedule->search_type = 'Title';
break;
MythBackend::find()->listenForEvent('SCHEDULE_CHANGE');
}
// Exit early if we're in AJAX mode.
if (isset($_REQUEST['ajax'])) {
header('Content-Type: application/json');
echo json_encode(array('id' => $_REQUEST['id'], 'file' => $_REQUEST['file']));
exit;
}
// No need to scan the rest of the items, so leave early
break;
}
// Redirect back to the page again, but without the query string, so reloads are cleaner
// Return to the row just prior to the one deleted
// (with some fuzz to account for normal screen height
// -- remember that rows are numbered starting at zero)
redirect_browser(root_url . 'tv/recorded?refresh' . ($prev_row > 0 ? "#{$prev_row}" : ''));
// redirect_browser calls exit() on its own
}
// Queries for a specific program title
isset($_REQUEST['title']) or $_REQUEST['title'] = isset($_REQUEST['refresh']) ? '' : $_SESSION['recorded_title'];
isset($_REQUEST['recgroup']) or $_REQUEST['recgroup'] = isset($_REQUEST['refresh']) ? '' : $_SESSION['recorded_recgroup'];
// Parse the program list
$warning = NULL;
$recordings = MythBackend::find()->queryProgramRows('QUERY_RECORDINGS Unsorted');
while (true) {
$Total_Used = 0;
$Total_Time = 0;
$Total_Programs = 0;
$Programs = array();
$Groups = array();
$Program_Titles = array();
function process()
{
if ('save_note' == $_REQUEST['_process']) {
$note_id = $_REQUEST['note_id'];
$options = unserialize(base64_decode($_REQUEST['options']));
if (!$options) {
return;
}
if (!$note_id || $note_id == 'new') {
$note_data = array('note_id' => $note_id, 'owner_id' => $options['owner_id'], 'owner_table' => $options['owner_table'], 'note_time' => strtotime(input_date(urldecode($_REQUEST['note_time']), true)), 'note' => urldecode($_REQUEST['note']), 'rel_data' => isset($_REQUEST['rel_data']) ? $_REQUEST['rel_data'] : '', 'reminder' => isset($_REQUEST['reminder']) ? $_REQUEST['reminder'] : 0, 'user_id' => isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : 0);
} else {
// some fields we dont want to overwrite on existing notes:
$note_data = array('note_id' => $note_id, 'note_time' => strtotime(input_date(urldecode($_REQUEST['note_time']), true)), 'note' => urldecode($_REQUEST['note']), 'reminder' => isset($_REQUEST['reminder']) ? $_REQUEST['reminder'] : 0, 'user_id' => isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : 0);
}
if (isset($_REQUEST['public_chk']) && $_REQUEST['public_chk']) {
$note_data['public'] = isset($_REQUEST['public']) ? $_REQUEST['public'] : 0;
}
// TODO - sanatise this note data with security module.
// make sure we're saving a note we have access too.
//module_security::sanatise_data('note',$note_data);
// sanatise broke our update code.
$note_id = update_insert('note_id', $note_id, 'note', $note_data);
if (isset($_REQUEST['from_normal'])) {
set_message('Note saved successfully');
redirect_browser($this->link_open($note_id, false, $options));
}
echo $this->print_note($note_id, false, isset($options['display_summary']) && $options['display_summary'], false, false, $options);
exit;
}
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes' && module_form::check_secure_key() && module_invoice::can_i('delete', 'Invoices')) {
// confirm deletion of these tickets:
$invoice_ids = isset($_REQUEST['invoice_bulk_operation']) && is_array($_REQUEST['invoice_bulk_operation']) ? $_REQUEST['invoice_bulk_operation'] : array();
foreach ($invoice_ids as $invoice_id => $k) {
if ($k != 'yes') {
unset($invoice_ids[$invoice_id]);
} else {
$invoice_ids[$invoice_id] = module_invoice::link_open($invoice_id, true);
}
}
if (count($invoice_ids) > 0) {
if (module_form::confirm_delete('invoice_id', _l("Really delete invoices: %s", implode(', ', $invoice_ids)), self::link_open(false))) {
foreach ($invoice_ids as $invoice_id => $invoice_number) {
self::delete_invoice($invoice_id);
}
set_message(_l("%s invoices deleted successfully", count($invoice_ids)));
redirect_browser(self::link_open(false));
}
}
}
}
$newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false;
if (!$newsletter_id) {
set_error('Sorry no newsletter id specified');
redirect_browser(module_newsletter::link_list(0));
}
$newsletter = module_newsletter::get_newsletter($newsletter_id);
// great a new blank send table ready to go (only if user clicks confirm)
$send_id = isset($_REQUEST['send_id']) ? (int) $_REQUEST['send_id'] : false;
if (!$send_id) {
set_error('Sorry no newsletter send id specified');
redirect_browser(module_newsletter::link_open($newsletter_id));
}
$send = module_newsletter::get_send($send_id);
if ($send['status'] != _NEWSLETTER_STATUS_SENT) {
// hasnt sent yet, redirect to the pending watch page.
redirect_browser(module_newsletter::link_queue_watch($newsletter_id, $send_id));
}
$start_time = $send['start_time'];
if (isset($_REQUEST['show'])) {
// render the newsletter and display it on screen with nothing else.
$content = module_newsletter::render($newsletter_id, $send_id, false, 'preview');
// do the link click overview here:
ob_end_clean();
// grab all the links for this send
$send_links = get_multiple('newsletter_link', array('send_id' => $send_id));
$links_to_process = array();
$old_links_by_url = array();
foreach ($send_links as $send_link) {
// we have to do this because the link processing part puts a unique member id into these unsubscribe/view online links.
$parsed_url = preg_replace('#\\&nm=\\d+#', '&nm=', $send_link['link_url']);
$parsed_url = preg_replace('#\\&hash=\\w+#', '&nm=', $parsed_url);
}
$user_id = (int) $_REQUEST['user_id'];
$user = module_user::get_user($user_id);
if (!$user) {
$user_id = 'new';
}
if (!$user && $user_id > 0) {
// bad url. hack attempt?
// direct back to customer page
if (isset($_REQUEST['customer_id']) && (int) $_REQUEST['customer_id']) {
redirect_browser(module_customer::link_open($_REQUEST['customer_id']));
}
}
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry, only the Administrator can access this page.');
redirect_browser(_UCM_HOST . _BASE_HREF);
}
// permission check.
if (!$user_id) {
// check if can create.
module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Create'));
// are we creating a new user?
$user['roles'] = array(array('security_role_id' => module_config::c('user_default_role', 0)));
} else {
// check if can view/edit.
module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Edit'));
}
// work out the user type and invluce that particular file
/*$user_type_id = (int)$user['user_type_id'];
if(!$user_type_id){
if(in_array('config',$load_modules)){
