/** * User::activateUser() * * @return */ public function activateUser() { Filter::checkPost('email', Core::$word->UR_EMAIL_R); if (!$this->emailExists($_POST['email'])) { Filter::$msgs['email'] = Core::$word->UR_EMAIL_R3; } Filter::checkPost('token', Core::$word->UA_TOKEN_R1); if (!$this->validateToken($_POST['token'])) { Filter::$msgs['token'] = Core::$word->UA_TOKEN_R; } if (empty(Filter::$msgs)) { $email = sanitize($_POST['email']); $token = sanitize($_POST['token']); $data = array('token' => 0, 'active' => Registry::get("Core")->auto_verify ? "y" : "n"); self::$db->update(self::uTable, $data, "email = '" . $email . "' AND token = '" . $token . "'"); $message = Registry::get("Core")->auto_verify == 1 ? Core::$word->UA_TOKEN_OK1 : Core::$word->UA_TOKEN_OK2; if (Registry::get("Core")->auto_verify == 1) { $json['type'] = 'success'; $json['title'] = Core::$word->UA_TOKEN_OK1; $json['message'] = $message; print json_encode($json); } else { $json['type'] = 'error'; $json['title'] = Core::$word->ERROR; $json['message'] = Core::$word->UA_TOKEN_R_ERR; print json_encode($json); } } else { $json['type'] = 'error'; $json['title'] = Core::$word->SYSTEM_ERR; $json['message'] = Filter::msgSingleStatus(); print json_encode($json); } }
/** * Core::processConfig() * * @return */ public function processConfig() { Filter::checkPost('site_name', Core::$word->CG_SITENAME); Filter::checkPost('site_url', Core::$word->CG_WEBURL); Filter::checkPost('site_email', Core::$word->CG_WEBEMAIL); Filter::checkPost('thumb_w', Core::$word->CG_IMG_W); Filter::checkPost('thumb_h', Core::$word->CG_IMG_H); Filter::checkPost('currency', Core::$word->CG_CURRENCY); switch ($_POST['mailer']) { case "SMTP": Filter::checkPost('smtp_host', Core::$word->CG_SMTP_HOST); Filter::checkPost('smtp_user', Core::$word->CG_SMTP_USER); Filter::checkPost('smtp_pass', Core::$word->CG_SMTP_PASS); Filter::checkPost('smtp_port', Core::$word->CG_SMTP_PORT); break; case "SMAIL": Filter::checkPost('sendmail', Core::$word->CG_SMAILPATH); break; } if (!empty($_FILES['logo']['name'])) { $file_info = getimagesize($_FILES['logo']['tmp_name']); if (empty($file_info)) { Filter::checkPost('logo', Core::$word->CG_LOGO_R); } } if (empty(Filter::$msgs)) { $data = array('site_name' => sanitize($_POST['site_name']), 'site_url' => sanitize($_POST['site_url']), 'site_dir' => sanitize($_POST['site_dir']), 'site_email' => sanitize($_POST['site_email']), 'reg_allowed' => intval($_POST['reg_allowed']), 'user_limit' => intval($_POST['user_limit']), 'reg_verify' => intval($_POST['reg_verify']), 'notify_admin' => intval($_POST['notify_admin']), 'auto_verify' => intval($_POST['auto_verify']), 'perpage' => intval($_POST['perpage']), 'thumb_w' => intval($_POST['thumb_w']), 'thumb_h' => intval($_POST['thumb_h']), 'short_date' => sanitize($_POST['short_date']), 'long_date' => sanitize($_POST['long_date']), 'currency' => sanitize($_POST['currency']), 'cur_symbol' => sanitize($_POST['cur_symbol']), 'dsep' => sanitize($_POST['dsep']), 'tsep' => sanitize($_POST['tsep']), 'enable_tax' => intval($_POST['enable_tax']), 'inv_info' => $_POST['inv_info'], 'inv_note' => $_POST['inv_note'], 'mailer' => sanitize($_POST['mailer']), 'sendmail' => sanitize($_POST['sendmail']), 'smtp_host' => sanitize($_POST['smtp_host']), 'smtp_user' => sanitize($_POST['smtp_user']), 'smtp_pass' => sanitize($_POST['smtp_pass']), 'smtp_port' => intval($_POST['smtp_port']), 'is_ssl' => intval($_POST['is_ssl'])); if (isset($_POST['dellogo']) and $_POST['dellogo'] == 1) { $data['logo'] = "NULL"; } elseif (!empty($_FILES['logo']['name'])) { if ($this->logo) { @unlink(UPLOADS . $this->logo); } move_uploaded_file($_FILES['logo']['tmp_name'], UPLOADS . $_FILES['logo']['name']); $data['logo'] = sanitize($_FILES['logo']['name']); } else { $data['logo'] = $this->logo; } Registry::get("Database")->update(self::sTable, $data); if (Registry::get("Database")->affected()) { $json['type'] = 'success'; $json['title'] = Core::$word->SUCCESS; $json['message'] = Core::$word->CG_UPDATED; print json_encode($json); } else { $json['type'] = 'warning'; $json['title'] = Core::$word->ALERT; $json['message'] = Core::$word->SYSTEM_PROCCESS; print json_encode($json); } } else { $json['type'] = 'error'; $json['title'] = Core::$word->SYSTEM_ERR; $json['message'] = Filter::msgSingleStatus(); print json_encode($json); } }
/** * Content::processNewsletter() * * @return */ public function processNewsletter() { Filter::checkPost('subject', Core::$word->NL_SUBJECT); Filter::checkPost('body', Core::$word->NL_BODY); Filter::checkPost('recipient', Core::$word->NL_RCPT); if (empty(Filter::$msgs)) { $to = sanitize($_POST['recipient']); $subject = sanitize($_POST['subject']); $body = cleanOut($_POST['body']); $numSent = 0; $failedRecipients = array(); switch ($to) { case "all": require_once BASEPATH . "lib/class_mailer.php"; $mailer = Mailer::sendMail(); $mailer->registerPlugin(new Swift_Plugins_AntiFloodPlugin(100, 30)); $sql = "SELECT email, CONCAT(fname,' ',lname) as name FROM " . Users::uTable . " WHERE id != 1"; $userrow = Registry::get("Database")->fetch_all($sql); $replacements = array(); if ($userrow) { if (empty($_FILES['attachment']['name'])) { $attachement = ''; } else { move_uploaded_file($_FILES['attachment']['tmp_name'], UPLOADS . 'attachments/' . $_FILES['attachment']['name']); $attachement = '<a href="' . SITEURL . '/uploads/attachments/' . $_FILES['attachment']['name'] . '">' . Core::$word->NL_ATTACH . '</a>'; } foreach ($userrow as $cols) { $replacements[$cols->email] = array('[NAME]' => $cols->name, '[ATTACHMENT]', '[SITE_NAME]' => Registry::get("Core")->site_name, '[URL]' => Registry::get("Core")->site_url); } $decorator = new Swift_Plugins_DecoratorPlugin($replacements); $mailer->registerPlugin($decorator); $message = Swift_Message::newInstance()->setSubject($subject)->setFrom(array(Registry::get("Core")->site_email => Registry::get("Core")->site_name))->setBody($body, 'text/html'); foreach ($userrow as $row) { $message->setTo(array($row->email => $row->name)); $numSent++; $mailer->send($message, $failedRecipients); } unset($row); } break; case "newsletter": require_once BASEPATH . "lib/class_mailer.php"; $mailer = Mailer::sendMail(); $mailer->registerPlugin(new Swift_Plugins_AntiFloodPlugin(100, 30)); $sql = "SELECT email, CONCAT(fname,' ',lname) as name FROM " . Users::uTable . " WHERE newsletter = '1' AND id != 1"; $userrow = Registry::get("Database")->fetch_all($sql); $replacements = array(); if ($userrow) { if (empty($_FILES['attachment']['name'])) { $attachement = ''; } else { move_uploaded_file($_FILES['attachment']['tmp_name'], UPLOADS . 'attachments/' . $_FILES['attachment']['name']); $attachement = '<a href="' . SITEURL . '/uploads/attachments/' . $_FILES['attachment']['name'] . '">' . Core::$word->NL_ATTACH . '</a>'; } foreach ($userrow as $cols) { $replacements[$cols->email] = array('[NAME]' => $cols->name, '[ATTACHMENT]', '[SITE_NAME]' => Registry::get("Core")->site_name, '[URL]' => Registry::get("Core")->site_url); } $decorator = new Swift_Plugins_DecoratorPlugin($replacements); $mailer->registerPlugin($decorator); $message = Swift_Message::newInstance()->setSubject($subject)->setFrom(array(Registry::get("Core")->site_email => Registry::get("Core")->site_name))->setBody($body, 'text/html'); if (!empty($_FILES['attachment']['name'])) { move_uploaded_file($_FILES['attachment']['tmp_name'], UPLOADS . 'attachments/' . $_FILES['attachment']['name']); $attachement = $_FILES['attachment']['name']; } foreach ($userrow as $row) { $message->setTo(array($row->email => $row->name)); $numSent++; $mailer->send($message, $failedRecipients); } unset($row); } break; case "free": require_once BASEPATH . "lib/class_mailer.php"; $mailer = Mailer::sendMail(); $mailer->registerPlugin(new Swift_Plugins_AntiFloodPlugin(100)); $sql = "SELECT email,CONCAT(fname,' ',lname) as name FROM " . Users::uTable . " WHERE membership_id = 0 AND id != 1"; $userrow = Registry::get("Database")->fetch_all($sql); $replacements = array(); if ($userrow) { if (empty($_FILES['attachment']['name'])) { $attachement = ''; } else { move_uploaded_file($_FILES['attachment']['tmp_name'], UPLOADS . 'attachments/' . $_FILES['attachment']['name']); $attachement = '<a href="' . SITEURL . '/uploads/attachments/' . $_FILES['attachment']['name'] . '">' . Core::$word->NL_ATTACH . '</a>'; } foreach ($userrow as $cols) { $replacements[$cols->email] = array('[NAME]' => $cols->name, '[ATTACHMENT]', '[SITE_NAME]' => Registry::get("Core")->site_name, '[URL]' => Registry::get("Core")->site_url); } $decorator = new Swift_Plugins_DecoratorPlugin($replacements); $mailer->registerPlugin($decorator); $message = Swift_Message::newInstance()->setSubject($subject)->setFrom(array(Registry::get("Core")->site_email => Registry::get("Core")->site_name))->setBody($body, 'text/html'); foreach ($userrow as $row) { $message->setTo(array($row->email => $row->name)); $numSent++; $mailer->send($message, $failedRecipients); } unset($row); } break; case "paid": require_once BASEPATH . "lib/class_mailer.php"; $mailer = Mailer::sendMail(); $mailer->registerPlugin(new Swift_Plugins_AntiFloodPlugin(100)); $sql = "SELECT email, CONCAT(fname,' ',lname) as name FROM " . Users::uTable . " WHERE membership_id <> 0 AND id != 1"; $userrow = Registry::get("Database")->fetch_all($sql); $replacements = array(); if ($userrow) { if (empty($_FILES['attachment']['name'])) { $attachement = ''; } else { move_uploaded_file($_FILES['attachment']['tmp_name'], UPLOADS . 'attachments/' . $_FILES['attachment']['name']); $attachement = '<a href="' . SITEURL . '/uploads/attachments/' . $_FILES['attachment']['name'] . '">' . Core::$word->NL_ATTACH . '</a>'; } foreach ($userrow as $cols) { $replacements[$cols->email] = array('[NAME]' => $cols->name, '[ATTACHMENT]', '[SITE_NAME]' => Registry::get("Core")->site_name, '[URL]' => Registry::get("Core")->site_url); } $decorator = new Swift_Plugins_DecoratorPlugin($replacements); $mailer->registerPlugin($decorator); $message = Swift_Message::newInstance()->setSubject($subject)->setFrom(array(Registry::get("Core")->site_email => Registry::get("Core")->site_name))->setBody($body, 'text/html'); foreach ($userrow as $row) { $message->setTo(array($row->email => $row->name)); $numSent++; $mailer->send($message, $failedRecipients); } } break; default: require_once BASEPATH . "lib/class_mailer.php"; $mailer = Mailer::sendMail(); $row = Registry::get("Database")->first("SELECT email, CONCAT(fname,' ',lname) as name FROM " . Users::uTable . " WHERE email LIKE '%" . sanitize($to) . "%'"); if ($row) { if (empty($_FILES['attachment']['name'])) { $attachement = ''; } else { move_uploaded_file($_FILES['attachment']['tmp_name'], UPLOADS . 'attachments/' . $_FILES['attachment']['name']); $attachement = '<a href="' . SITEURL . '/uploads/attachments/' . $_FILES['attachment']['name'] . '">' . Core::$word->NL_ATTACH . '</a>'; } $newbody = str_replace(array('[NAME]', '[ATTACHMENT]', '[SITE_NAME]', '[URL]'), array($row->name, $attachement, Registry::get("Core")->site_name, Registry::get("Core")->site_url), $body); $message = Swift_Message::newInstance()->setSubject($subject)->setTo(array($to => $row->name))->setFrom(array(Registry::get("Core")->site_email => Registry::get("Core")->site_name))->setBody($newbody, 'text/html'); $numSent++; $mailer->send($message, $failedRecipients); } break; } if ($numSent) { $json['type'] = 'success'; $json['title'] = Core::$word->SUCCESS; $json['message'] = Core::$word->NL_SENT; } else { $json['type'] = 'error'; $json['title'] = Core::$word->ERROR; $res = ''; $res .= '<ul>'; foreach ($failedRecipients as $failed) { $res .= '<li>' . $failed . '</li>'; } $res .= '</ul>'; $json['message'] = Core::$word->NL_ALERT . $res; unset($failed); } print json_encode($json); } else { $json['type'] = 'error'; $json['title'] = Core::$word->SYSTEM_ERR; $json['message'] = Filter::msgSingleStatus(); print json_encode($json); } }
/** * Send Mail * */ define("_VALID_PHP", true); require_once "../init.php"; $post = !empty($_POST) ? true : false; if ($post) { Filter::checkPost("name", Core::$word->CF_NAME); Filter::checkPost("email", Core::$word->CF_EMAIL); if (!preg_match("/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})\$/", $_POST['email'])) { Filter::$msgs['email'] = Core::$word->CF_EMAIL_ERR; } Filter::checkPost("message", Core::$word->CF_MSG); Filter::checkPost("captcha", Core::$word->CF_TOTAL); if ($_SESSION['captchacode'] != $_POST['captcha']) { Filter::$msgs['captcha'] = Core::$word->CF_TOTAL_ERR; } if (empty(Filter::$msgs)) { $sender_email = sanitize($_POST['email']); $name = sanitize($_POST['name']); $message = strip_tags($_POST['message']); $mailsubject = sanitize($_POST['subject']); $ip = sanitize($_SERVER['REMOTE_ADDR']); require_once BASEPATH . "lib/class_mailer.php"; $mailer = Mailer::sendMail(); $row = Registry::get("Core")->getRowById(Content::eTable, 10); $body = str_replace(array('[MESSAGE]', '[SENDER]', '[NAME]', '[MAILSUBJECT]', '[IP]', '[SITE_NAME]', '[URL]'), array($message, $sender_email, $name, $mailsubject, $ip, $core->site_name, SITEURL), $row->body); $msg = Swift_Message::newInstance()->setSubject($row->subject)->setTo(array($core->site_email => $core->site_name))->setFrom(array($sender_email => $name))->setBody(cleanOut($body), 'text/html'); if ($mailer->send($msg)) {
/** * Membership::processBuilder() * * @return */ public static function processBuilder() { Filter::checkPost('pagename', Core::$word->HP_PNAME); Filter::checkPost('membership_id', Core::$word->MEMBERSHIP); if (empty(Filter::$msgs)) { $pagename = sanitize($_POST['pagename']); $pagename = preg_replace("/&([a-zA-Z])(uml|acute|grave|circ|tilde|ring),/", "", $pagename); $pagename = preg_replace("/[^a-zA-Z0-9_.-]/", "", $pagename); $pagename = str_replace(array('---', '--'), '-', $pagename); $pagename = str_replace(array('..', '.'), '', $pagename); $header = intval($_POST['header']); $mids = $_POST['membership_id']; $total = count($mids); $i = 1; if (is_array($mids)) { $midata = ''; foreach ($mids as $mid) { if ($i == $total) { $midata .= $mid; } else { $midata .= $mid . ","; } $i++; } } $mem_id = $midata; $data = "<?php \n" . "\t/** \n" . "\t* " . $pagename . "\n" . "\t*" . " \n" . "\t* @package Membership Manager Pro\n" . "\t* @author wojoscripts.com\n" . "\t* @copyright 2015\n" . "\t* @version Id: " . $pagename . ".php, v3.0 " . date('Y-m-d H:i:s') . " gewa Exp \$\n" . "\t*/\n" . " \n" . "\t define(\"_VALID_PHP\", true); \n" . "\t require_once(\"init.php\");\n" . " \n" . "?>"; if ($header == 1) { $data .= "" . " \n" . " \n" . " <?php include(\"header.php\");?> \n" . " \n" . " \n"; } $data .= "" . "\t <?php if(Registry::get(\"Users\")->checkMembership('{$mem_id}')): ?>\n" . " \n" . "\t <h1>User has valid membership, you can display your protected content here</h1>.\n" . " \n" . "\t <?php else: ?>\n" . " \n" . "\t <h1>User membership is't not valid. Show your custom error message here</h1>\n" . " \n" . "\t <?php endif; ?>\n" . ""; if ($header == 1) { $data .= "" . " \n" . " \n" . " <?php include(\"footer.php\");?> \n" . " \n" . " \n"; } $pagefile = UPLOADS . $pagename . '.php'; if (is_writable(UPLOADS)) { $handle = fopen($pagefile, 'w'); fwrite($handle, $data); fclose($handle); $json['type'] = 'success'; $json['title'] = Core::$word->SUCCESS; $json['message'] = str_replace("[NAME]", $pagename, Core::$word->HP_PBUILD_OK); print json_encode($json); } else { $json['type'] = 'error'; $json['title'] = Core::$word->ERROR; $json['message'] = str_replace("[NAME]", $pagename, Core::$word->HP_PBUILD_ER); print json_encode($json); } } else { $json['type'] = 'error'; $json['title'] = Core::$word->SYSTEM_ERR; $json['message'] = Filter::msgSingleStatus(); print json_encode($json); } }