/** * Creates a new source file entry. * * @param integer $sourceID * @param string $location * @param string $type * @param integer $fileDate * @return SourceFile */ public static function create($sourceID, $location, $type, $profileName = '', $fileDate = TIME_NOW) { $fileVersion = $packageName = ''; // get filename $filename = basename($location); // set file version based upon type if ($type != 'wcfsetup') { require_once PB_DIR . 'lib/system/package/PackageReader.class.php'; $pr = new PackageReader($sourceID, $location, true); $data = $pr->getPackageData(); $fileVersion = $data['version']; $packageName = $data['name']; $type = 'package'; } $sql = "INSERT INTO\tpb" . PB_N . "_source_file\n\t\t\t\t\t(sourceID, hash, filename, fileType, fileVersion, fileDate, packageName, profileName)\n\t\t\tVALUES\t\t(" . $sourceID . ",\n\t\t\t\t\t'" . escapeString(StringUtil::getRandomID()) . "',\n\t\t\t\t\t'" . escapeString($filename) . "',\n\t\t\t\t\t'" . $type . "',\n\t\t\t\t\t'" . escapeString($fileVersion) . "',\n\t\t\t\t\t" . $fileDate . ",\n\t\t\t\t\t'" . escapeString($packageName) . "',\n\t\t\t\t\t'" . escapeString($profileName) . "')"; WCF::getDB()->sendQuery($sql); $fileID = WCF::getDB()->getInsertID('pb' . PB_N . '_source_file', 'fileID'); $sourceFile = new SourceFile($fileID); // move file if (!copy($location, PB_DIR . 'packages/' . $sourceFile->fileID . '-' . $sourceFile->hash)) { $sql = "DELETE FROM\tpb" . PB_N . "_source_file\n\t\t\t\tWHERE\t\tfileID = " . $sourceFile->fileID; WCF::getDB()->sendQuery($sql); throw new SystemException("Could not move source file, resource missing or insufficient permissions."); } @unlink($location); return $sourceFile; }
/** * Creates a new account * * @param string $accountname * @param string $password * @param string $email * @return void */ public function create($accountname, $password, $email) { $salt = StringUtil::getRandomID(); $password = sha1($salt . sha1($salt . $password)); $sql = "INSERT INTO authserv_users (accountname, password, email, salt, time) VALUES ('" . escapeString($accountname) . "', '" . $password . "', '" . escapeString($email) . "', '" . $salt . "', " . time() . ")"; Services::getDB()->sendQuery($sql); }
/** * Updates the wcf on an other server */ protected static function updateWCF($worldID) { $randomID = StringUtil::getRandomID(); $server = self::$servers[$worldID]; // export data as cvs $sql = "SELECT HIGH_PRIORITY *\r\n\t\t\t\tINTO OUTFILE '/home/lostwdbl/game/outfile/" . $randomID . "_wcf1_user.cvs'\r\n\t \t\t\tFIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'\r\n\t \t\tLINES TERMINATED BY '\n'\r\n\t\t\t\tFROM wcf1_user"; WCF::getDB()->sendQuery($sql); $sql = "SELECT HIGH_PRIORITY *\r\n\t\t\t\tINTO OUTFILE '/home/lostwdbl/game/outfile/" . $randomID . "_wcf1_user_option_value.cvs'\r\n\t \t\t\tFIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'\r\n\t \t\tLINES TERMINATED BY '\n'\r\n\t\t\t\tFROM wcf1_user_option_value"; WCF::getDB()->sendQuery($sql); $sql = "SELECT HIGH_PRIORITY *\r\n\t\t\t\tINTO OUTFILE '/home/lostwdbl/game/outfile/" . $randomID . "_wcf1_user_to_groups.cvs'\r\n\t \t\t\tFIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'\r\n\t \t\tLINES TERMINATED BY '\n'\r\n\t\t\t\tFROM wcf1_user_to_groups"; WCF::getDB()->sendQuery($sql); // connect to the other db $tmpConnection = mysql_connect($server['mysqlHost'], $server['mysqlUser'], $server['mysqlPassword'], true); $sql = "SET charset latin1"; mysql_query($sql, $tmpConnection); mysql_select_db($server['mysqlUser'], $tmpConnection); // load data into the db $sql = "LOAD DATA LOCAL INFILE '/home/lostwdbl/game/outfile/" . $randomID . "_wcf1_user.cvs'\r\n\t\t\t\tREPLACE INTO TABLE wcf1_user\r\n\t\t\t\tFIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'\r\n\t \t\tLINES TERMINATED BY '\n'"; mysql_query($sql, $tmpConnection); $sql = "LOAD DATA LOCAL INFILE '/home/lostwdbl/game/outfile/" . $randomID . "_wcf1_user_option_value.cvs'\r\n\t\t\t\tREPLACE INTO TABLE wcf1_user_option_value\r\n\t\t\t\tFIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'\r\n\t \t\tLINES TERMINATED BY '\n'"; mysql_query($sql, $tmpConnection); $sql = "LOAD DATA LOCAL INFILE '/home/lostwdbl/game/outfile/" . $randomID . "_wcf1_user_to_groups.cvs'\r\n\t\t\t\tREPLACE INTO TABLE wcf1_user_to_groups\r\n\t\t\t\tFIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'\r\n\t \t\tLINES TERMINATED BY '\n'"; mysql_query($sql, $tmpConnection); //if(WCF::getUser()->userID == 143) echo $sql.';'; // clean up /*unlink('/home/lostwdbl/game/outfile/'.$randomID.'_wcf1_user.cvs'); unlink('/home/lostwdbl/game/outfile/'.$randomID.'_wcf1_user_option_value.cvs'); unlink('/home/lostwdbl/game/outfile/'.$randomID.'_wcf1_user_to_groups.cvs');*/ }
/** * @see Form::save() */ public function save() { parent::save(); //save activation token into database $token = StringUtil::getRandomID(); $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->subscriberTable . "\n \t\t(email)\n \t\t\tVALUES\n \t\t('" . escapeString($this->email) . "')"; WCF::getDB()->sendQuery($sql); $subscriberID = WCF::getDB()->getInsertID(); //clears cache WCF::getCache()->clear(WCF_DIR . 'cache/', 'cache.newsletter-subscriber-' . PACKAGE_ID . '.php', true); $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->activationTable . ' (subscriberID, token) VALUES (' . intval($subscriberID) . ", '" . escapeString($token) . "')"; WCF::getDB()->sendQuery($sql); $url = PAGE_URL . '/index.php?action=NewsletterGuestActivate&id=' . $subscriberID . '&t=' . $token; $subject = WCF::getLanguage()->get('wcf.acp.newsletter.optin.subject'); $content = WCF::getLanguage()->getDynamicVariable('wcf.acp.newsletter.optin.text', array('username' => WCF::getLanguage()->get('wcf.acp.newsletter.optin.hello'), 'url' => $url)); WCF::getTPL()->assign(array('subject' => $subject, 'content' => $content)); $output = WCF::getTPL()->fetch('validationEmail'); $mail = new Mail($this->email, $subject, $output, MESSAGE_NEWSLETTERSYSTEM_GENERAL_FROM); $mail->setContentType('text/html'); $mail->send(); $this->saved(); WCF::getTPL()->assign(array('message' => WCF::getLanguage()->get('wcf.acp.newsletter.optin.activationPending'), 'url' => PAGE_URL . '/index.php?page=Index' . SID_ARG_2ND)); WCF::getTPL()->display('redirect'); exit; }
/** * Generates a new temporary filename in TMP_DIR. * * @param string $prefix * @param string $extension * @param string $dir * @return string temporary filename */ public static function getTemporaryFilename($prefix = 'tmpFile_', $extension = '', $dir = TMP_DIR) { $dir = self::addTrailingSlash($dir); do { $tmpFile = $dir . $prefix . StringUtil::getRandomID() . $extension; } while (file_exists($tmpFile)); return $tmpFile; }
/** * */ protected function createGroup($groupOptions = array()) { require_once WCF_DIR . 'lib/util/StringUtil.class.php'; require_once WCF_DIR . 'lib/data/user/group/GroupEditor.class.php'; $group = GroupEditor::create($groupName = StringUtil::getRandomID(), $groupOptions); // WCF does not clear instance caches... so rebuild $classFile = WCF_DIR . 'lib/system/cache/CacheBuilderGroups.class.php'; WCF::getCache()->rebuild(array('cache' => 'groups', 'file' => WCF_DIR . 'cache/cache.groups.php', 'className' => StringUtil::getClassName($classFile), 'classFile' => $classFile)); return $group; }
/** * Creates a new naval formation. * * @param int leader fleet * @return NavalFormation */ public static function create($leaderFleetID, $userID) { // create $formationName = WCF::getLanguage()->get('wot.fleet.navalFormation.name') . ' ' . substr(base_convert(StringUtil::getRandomID(), 16, 10), 0, 5); $sql = "INSERT INTO ugml_naval_formation\n\t\t\t\t(formationName, leaderFleetID,\n\t\t\t\t endPlanetID, impactTime)\n\t\t\t\tVALUES\n\t\t\t\t('" . $formationName . "', " . $leaderFleetID . ",\n\t\t\t\t (SELECT targetPlanetID\n\t\t\t\t FROM ugml_fleet\n\t\t\t\t WHERE fleetID = " . $leaderFleetID . "), (SELECT impactTime\n\t\t\t\t\t\t\t\t\t\t\t\t\t FROM ugml_fleet\n\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE fleetID = " . $leaderFleetID . "))"; WCF::getDB()->sendQuery($sql); $formationID = WCF::getDB()->getInsertID(); $navalFormation = new NavalFormation($formationID); $navalFormation->getEditor()->addUser($userID, null, false); $navalFormation->getEditor()->addFleet($leaderFleetID); return $navalFormation; }
/** * Stores a given quote. * * @param integer $objectID * @param string $objectType * @param string $text * @param string $author * @param string $url * @param integer $parentID * @param string $quoteID * @return string quote id */ public static function storeQuote($objectID, $objectType, $text, $author = '', $url = '', $parentID = 0, $quoteID = '') { self::loadStorage(); if ($quoteID == '') { $quoteID = StringUtil::getRandomID(); } self::$quoteStorage[$quoteID] = array('quoteID' => $quoteID, 'objectID' => $objectID, 'objectType' => $objectType, 'author' => $author, 'url' => $url, 'text' => StringUtil::unifyNewlines($text), 'parentID' => $parentID); if (!isset(self::$quoteCounts[$objectType . '-' . $objectID])) { self::$quoteCounts[$objectType . '-' . $objectID] = 0; } self::$quoteCounts[$objectType . '-' . $objectID]++; return $quoteID; }
/** * @see SessionFactory::create() */ public function create() { // get spider information $spider = $this->isSpider(UserUtil::getUserAgent()); if ($spider) { if (($session = $this->getExistingSpiderSession($spider['spiderID'])) !== null) { if (!$session->isCorrupt()) { return $session; } } } // create new session hash $sessionID = StringUtil::getRandomID(); // check cookies for userID & password require_once WCF_DIR . 'lib/system/auth/UserAuth.class.php'; $user = UserAuth::getInstance()->loginAutomatically(true, $this->userClassName); if ($user === null) { // no valid user found // create guest user $user = new $this->guestClassName(); } // update user session $user->update(); if ($user->userID != 0) { // user is no guest // delete all other sessions of this user Session::deleteSessions($user->userID, true, false); } $requestMethod = !empty($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : ''; // insert session into database $sql = "INSERT INTO \twcf" . WCF_N . "_session\n\t\t\t\t\t(sessionID, packageID, userID, ipAddress, userAgent,\n\t\t\t\t\tlastActivityTime, requestURI, requestMethod,\n\t\t\t\t\tusername" . ($spider ? ", spiderID" : "") . ")\n\t\t\tVALUES\t\t('" . $sessionID . "',\n\t\t\t\t\t" . PACKAGE_ID . ",\n\t\t\t\t\t" . $user->userID . ",\n\t\t\t\t\t'" . escapeString(UserUtil::getIpAddress()) . "',\n\t\t\t\t\t'" . escapeString(UserUtil::getUserAgent()) . "',\n\t\t\t\t\t" . TIME_NOW . ",\n\t\t\t\t\t'" . escapeString(UserUtil::getRequestURI()) . "',\n\t\t\t\t\t'" . escapeString($requestMethod) . "',\n\t\t\t\t\t'" . ($spider ? escapeString($spider['spiderName']) : escapeString($user->username)) . "'\n\t\t\t\t\t" . ($spider ? ", " . $spider['spiderID'] : "") . ")"; WCF::getDB()->sendQuery($sql); // save user data $serializedUserData = ''; if (ENABLE_SESSION_DATA_CACHE && get_class(WCF::getCache()->getCacheSource()) == 'MemcacheCacheSource') { require_once WCF_DIR . 'lib/system/cache/source/MemcacheAdapter.class.php'; MemcacheAdapter::getInstance()->getMemcache()->set('session_userdata_-' . $sessionID, $user); } else { $serializedUserData = serialize($user); try { $sql = "INSERT INTO \twcf" . WCF_N . "_session_data\n\t\t\t\t\t\t\t(sessionID, userData)\n\t\t\t\t\tVALUES \t\t('" . $sessionID . "',\n\t\t\t\t\t\t\t'" . escapeString($serializedUserData) . "')"; WCF::getDB()->sendQuery($sql); } catch (DatabaseException $e) { // horizon update workaround $sql = "UPDATE \twcf" . WCF_N . "_session\n\t\t\t\t\tSET\tuserData = '" . escapeString($serializedUserData) . "'\n\t\t\t\t\tWHERE\tsessionID = '" . $sessionID . "'"; WCF::getDB()->sendQuery($sql); } } // return new session object return new $this->sessionClassName(null, array('sessionID' => $sessionID, 'packageID' => PACKAGE_ID, 'userID' => $user->userID, 'ipAddress' => UserUtil::getIpAddress(), 'userAgent' => UserUtil::getUserAgent(), 'lastActivityTime' => TIME_NOW, 'requestURI' => UserUtil::getRequestURI(), 'requestMethod' => $requestMethod, 'userData' => $serializedUserData, 'sessionVariables' => '', 'username' => $spider ? $spider['spiderName'] : $user->username, 'spiderID' => $spider ? $spider['spiderID'] : 0, 'isNew' => true)); }
/** * Sends the mail to given user. * * @param User $user */ protected function sendMail(User $user) { // generate new password $password = substr(StringUtil::getRandomID(), 0, 10); // save $editor = $user->getEditor(); $editor->update('', '', $password); // send mail if (!isset($this->languages[$user->languageID])) { $this->languages[$user->languageID] = new Language($user->languageID); } $mail = new Mail(array($user->username => $user->email), $this->languages[$user->languageID]->get('wcf.acp.user.newPassword.mail.subject', array('PAGE_TITLE' => $this->languages[$user->languageID]->get(PAGE_TITLE))), $this->languages[$user->languageID]->get('wcf.acp.user.newPassword.mail', array('PAGE_TITLE' => $this->languages[$user->languageID]->get(PAGE_TITLE), '$username' => $user->username, '$password' => $password, 'PAGE_URL' => PAGE_URL, 'MAIL_ADMIN_ADDRESS' => MAIL_ADMIN_ADDRESS))); $mail->send(); }
/** * @see TemplatePluginCompiler::executeStart() */ public function executeStart($tagArgs, TemplateScriptingCompiler $compiler) { $compiler->pushTag('implode'); if (!isset($tagArgs['from'])) { throw new SystemException($compiler->formatSyntaxError("missing 'from' argument in implode tag", $compiler->getCurrentIdentifier(), $compiler->getCurrentLineNo()), 12001); } if (!isset($tagArgs['item'])) { throw new SystemException($compiler->formatSyntaxError("missing 'item' argument in implode tag", $compiler->getCurrentIdentifier(), $compiler->getCurrentLineNo()), 12001); } $hash = StringUtil::getRandomID(); $glue = isset($tagArgs['glue']) ? $tagArgs['glue'] : "', '"; $this->tagStack[] = array('hash' => $hash, 'glue' => $glue); $phpCode = "<?php\n"; $phpCode .= "\$_length" . $hash . " = count(" . $tagArgs['from'] . ");\n"; $phpCode .= "\$_i" . $hash . " = 0;\n"; $phpCode .= "foreach (" . $tagArgs['from'] . " as " . (isset($tagArgs['key']) ? (StringUtil::substring($tagArgs['key'], 0, 1) != '$' ? "\$this->v[" . $tagArgs['key'] . "]" : $tagArgs['key']) . " => " : '') . (StringUtil::substring($tagArgs['item'], 0, 1) != '$' ? "\$this->v[" . $tagArgs['item'] . "]" : $tagArgs['item']) . ") { ?>"; return $phpCode; }
/** * Builds a WCFSetup. * * @param array $packages * @param string $outputDirectory */ public function createWcfSetup(array $packages, $outputDirectory = '') { // ensure output directory is set and exists if (empty($outputDirectory)) { $outputDirectory = $this->source->buildDirectory; } else { if (!is_dir($outputDirectory)) { FileUtil::makePath($outputDirectory); } } $outputDirectory = FileUtil::addTrailingSlash($outputDirectory); // create temporarily directory $hash = StringUtil::getRandomID(); $buildDirectory = $outputDirectory . $hash . '/'; // populate install directory $this->cloneDirectory($buildDirectory, 'install/files'); $this->cloneDirectory($buildDirectory, 'install/lang'); $this->cloneDirectory($buildDirectory, 'install/packages'); // populate setup directory $this->cloneDirectory($buildDirectory, 'setup/db'); $this->cloneDirectory($buildDirectory, 'setup/lang'); $this->cloneDirectory($buildDirectory, 'setup/license'); $this->cloneDirectory($buildDirectory, 'setup/template'); // copy packages foreach ($packages as $package) { if (!file_exists($package)) { throw new SystemException("Required package '" . $package . "' not found."); } copy($package, $buildDirectory . 'install/packages/' . basename($package)); } // create wcf setup $wcfSetup = new TarWriter($outputDirectory . 'WCFSetup.tar.gz', true); $wcfSetup->add(array($buildDirectory . 'install', $buildDirectory . 'setup'), '', $buildDirectory); $wcfSetup->create(); // remove temoprarily directory $this->deleteDirectory($buildDirectory); @rmdir($buildDirectory); // set path $path = $outputDirectory . 'WCFSetup.tar.gz'; require_once PB_DIR . 'lib/data/source/file/SourceFileEditor.class.php'; $sourceFile = SourceFileEditor::create($this->source->sourceID, $path, 'wcfsetup', $this->profileName); $this->path = $sourceFile->getPath(); }
/** * @see Form::save() */ public function save() { parent::save(); // generate a new lost password key $lostPasswordKey = StringUtil::getRandomID(); // save key and request time in database $sql = "UPDATE \twcf" . WCF_N . "_user\n\t\t\tSET\tlostPasswordKey = '" . $lostPasswordKey . "',\n\t\t\t\tlastLostPasswordRequest = " . TIME_NOW . "\n\t\t\tWHERE \tuserID = " . $this->user->userID; WCF::getDB()->registerShutdownUpdate($sql); // send mail $subjectData = array('PAGE_TITLE' => WCF::getLanguage()->get(PAGE_TITLE)); $messageData = array('PAGE_TITLE' => WCF::getLanguage()->get(PAGE_TITLE), '$username' => $this->user->username, '$userID' => $this->user->userID, '$key' => $lostPasswordKey, 'PAGE_URL' => PAGE_URL, 'MAIL_ADMIN_ADDRESS' => MAIL_ADMIN_ADDRESS); require_once WCF_DIR . 'lib/data/mail/Mail.class.php'; $mail = new Mail(array($this->user->username => $this->user->email), WCF::getLanguage()->get('wcf.user.lostPassword.mail.subject', $subjectData), WCF::getLanguage()->get('wcf.user.lostPassword.mail', $messageData)); $mail->send(); $this->saved(); // forward to index page WCF::getTPL()->assign(array('url' => 'index.php' . SID_ARG_1ST, 'message' => WCF::getLanguage()->get('wcf.user.lostPassword.mail.sent'))); WCF::getTPL()->display('redirect'); exit; }
/** * Creates a boundary for mutlipart/mixed Mail */ protected function setBoundary() { $this->boundary = "==Multipart_Boundary_x" . StringUtil::getRandomID() . "x"; }
/** * @see Form::save() */ public function save() { parent::save(); $content = ''; if (count($this->uploadFile)) { $content = file_get_contents($this->uploadFile['tmp_name']); } elseif ($this->downloadFile) { $content = file_get_contents($this->downloadFile); } if (empty($content)) { return; } //add cache resource and get subscribers $cacheName = 'newsletter-subscriber-' . PACKAGE_ID; WCF::getCache()->addResource($cacheName, WCF_DIR . 'cache/cache.' . $cacheName . '.php', WCF_DIR . 'lib/system/cache/CacheBuilderNewsletterSubscriber.class.php'); $subscribersList = WCF::getCache()->get($cacheName, 'subscribers'); //contains all new emails $emails = explode($this->delimeter, $content); $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->databaseTable . ' (userID, username, email) VALUES '; $insertValues = ''; $processImport = false; foreach ($emails as $email) { //no duplicate entries $checkSql = 'SELECT COUNT(subscriberID) AS count FROM wcf' . WCF_N . '_' . $this->databaseTable . "\n\t\t \t\t\tWHERE email = '" . escapeString($email) . "'"; $row = WCF::getDB()->getFirstRow($checkSql); if ($row['count']) { continue; } if (!empty($insertValues)) { $insertValues .= ', '; } $data = '('; $sqlInner = 'SELECT userID, COUNT(userID) AS count FROM wcf' . WCF_N . "_user\n\t\t \t\tWHERE email = '" . escapeString($email) . "'\n\t\t \t\tGROUP BY userID"; $row = WCF::getDB()->getFirstRow($sqlInner); if ($row['count']) { $user = new User($row['userID']); $data .= $row['userID'] . ", '" . escapeString($user->username) . "', '"; } else { $data .= "0, '', '"; } $data .= escapeString($email) . "')"; $insertValues .= $data; $processImport = true; } $sql .= $insertValues; //only do this if there is an email to work with if ($processImport) { WCF::getDB()->sendQuery($sql); } //get all subscribers $sql = 'SELECT subscriberID, userID FROM wcf' . WCF_N . '_' . $this->databaseTable; $result = WCF::getDB()->sendQuery($sql); //prepare for new unsubscription tokens $sqlUnsubscribe = 'INSERT INTO wcf' . WCF_N . '_' . $this->unsubscriptionTable . ' (subscriberID, token) VALUES '; $unsubscribeInsertValues = ''; //prepare for activation $sqlActivation = 'INSERT INTO wcf' . WCF_N . '_' . $this->activationTable . ' (userID, datetime, activated) VALUES '; $activateInsertValues = ''; //prepare for guest activation $sqlGuestActivation = 'INSERT INTO wcf' . WCF_N . '_' . $this->guestActivationTable . ' (subscriberID, datetime, activated) VALUES '; $guestActivateInsertValues = ''; //getting the new subscribers $newSubscribers = array(); while ($row = WCF::getDB()->fetchArray($result)) { if (array_key_exists($row['subscriberID'], $subscribersList)) { continue; } $newSubscribers[$row['subscriberID']] = $row['userID']; } //add unsubscribe tokens for each new subscriber //and prove validation foreach ($newSubscribers as $subscriberID => $userID) { if (!empty($unsubscribeInsertValues)) { $unsubscribeInsertValues .= ', '; } $data = '(' . $subscriberID . ", '" . escapeString(StringUtil::getRandomID()) . "')"; $unsubscribeInsertValues .= $data; if ($userID) { if (!empty($activateInsertValues)) { $activateInsertValues .= ', '; } $data = '(' . $userID . ', ' . TIME_NOW . ', 1)'; $activateInsertValues .= $data; } else { if (!empty($guestActivateInsertValues)) { $guestActivateInsertValues .= ', '; } $data = '(' . $subscriberID . ', ' . TIME_NOW . ', 1)'; $guestActivateInsertValues .= $data; } } if (!empty($unsubscribeInsertValues)) { $sqlUnsubscribe .= $unsubscribeInsertValues; WCF::getDB()->sendQuery($sqlUnsubscribe); } if (!empty($activateInsertValues)) { $sqlActivation .= $activateInsertValues; WCF::getDB()->sendQuery($sqlActivation); } if (!empty($guestActivateInsertValues)) { $sqlGuestActivation .= $guestActivateInsertValues; WCF::getDB()->sendQuery($sqlGuestActivation); } WCF::getCache()->clear(WCF_DIR . 'cache/', 'cache.newsletter-subscriber-' . PACKAGE_ID . '.php'); WCF::getTPL()->assign('success', true); $this->saved(); }
/** * Gets the value of the id hash. */ protected function getIDHash() { if (isset($_REQUEST['idHash'])) { $this->idHash = StringUtil::trim($_REQUEST['idHash']); } if (empty($this->idHash)) { $this->idHash = StringUtil::getRandomID(); } }
/** * Generates a random field name. * * @param string $fieldName * @return string */ public static function getRandomFieldName($fieldName) { $hash = StringUtil::getHash($fieldName . StringUtil::getRandomID()); return substr($hash, 0, mt_rand(8, 16)); }
/** * @see Action::execute() */ public function execute() { parent::execute(); //validates the given token to avoid misusing $sql = 'SELECT COUNT(token) AS count FROM wcf' . WCF_N . '_' . $this->activationTable . ' WHERE userID = ' . $this->userID; $row = WCF::getDB()->getFirstRow($sql); if ($row['count'] != 1) { $message = WCF::getLanguage()->get('wcf.acp.newsletter.optin.invalidToken'); throw new NamedUserException($message); } //get ip address and convert it into a long $ipAddress = ip2long(StringUtil::trim($_SERVER['REMOTE_ADDR'])); //prevents database error if (!$ipAddress) { $ipAddress = ip2long('127.0.0.1'); } //validates the user as a subscriber $sql = 'UPDATE wcf' . WCF_N . '_' . $this->activationTable . "\n \t\tSET token = '', datetime = " . TIME_NOW . ', ip = ' . $ipAddress . ', activated = 1 WHERE userID = ' . $this->userID; WCF::getDB()->sendQuery($sql); $user = new User($this->userID); //checks if the subscriber already exists $sqlCheck = 'SELECT COUNT(subscriberID) AS count FROM wcf' . WCF_N . '_' . $this->subscriberTable . ' WHERE userID = ' . $this->userID; $row = WCF::getDB()->getFirstRow($sqlCheck); if (!intval($row['count'])) { //create a new subscriber $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->subscriberTable . ' (userID, username, email) VALUES (' . $this->userID . ", '" . escapeString($user->username) . "', '" . escapeString($user->email) . "')"; WCF::getDB()->sendQuery($sql); $subscriberID = WCF::getDB()->getInsertID(); //inserts an unsubscribe token for the subscriber $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->unsubscriptionTable . ' (subscriberID, token) VALUES (' . intval($subscriberID) . ", '" . escapeString(StringUtil::getRandomID()) . "')"; WCF::getDB()->sendQuery($sql); } //clears cache WCF::getCache()->clear(WCF_DIR . 'cache/', 'cache.newsletter-subscriber-' . PACKAGE_ID . '.php', true); $this->executed(); WCF::getTPL()->assign(array('message' => WCF::getLanguage()->get('wcf.acp.newsletter.optin.activationSuccess'), 'url' => PAGE_URL . '/index.php?page=Index' . SID_ARG_2ND)); WCF::getTPL()->display('redirect'); exit; }
/** * Compiles an include tag. * * @param string $includeTag * @return string phpCode */ protected function compileIncludeTag($includeTag) { $args = $this->parseTagArgs($includeTag, 'include'); $append = false; // check arguments if (!isset($args['file'])) { throw new SystemException($this->formatSyntaxError("missing 'file' attribute in include tag", $this->currentIdentifier, $this->currentLineNo), 12001); } // get filename $file = $args['file']; unset($args['file']); // special parameters $assignVar = false; if (isset($args['assign'])) { $assignVar = $args['assign']; unset($args['assign']); } if (isset($args['append'])) { $assignVar = $args['append']; $append = true; unset($args['append']); } $sandbox = true; if (isset($args['sandbox'])) { $sandbox = $args['sandbox']; unset($args['sandbox']); } $once = false; if (isset($args['once'])) { $once = $args['once']; unset($args['once']); } // make argument string $argString = $this->makeArgString($args); // build phpCode $phpCode = "<?php\n"; if ($once) { $phpCode .= "if (!isset(\$this->v['tpl']['includedTemplates'][" . $file . "])) {\n"; } $hash = StringUtil::getRandomID(); $phpCode .= "\$outerTemplateName" . $hash . " = \$this->v['tpl']['template'];\n"; if ($assignVar !== false) { $phpCode .= "ob_start();\n"; } $phpCode .= '$this->includeTemplate(' . $file . ', array(' . $argString . '), (' . $sandbox . ' ? 1 : 0));' . "\n"; if ($assignVar !== false) { $phpCode .= '$this->' . ($append ? 'append' : 'assign') . '(' . $assignVar . ', ob_get_contents()); ob_end_clean();' . "\n"; } $phpCode .= "\$this->v['tpl']['template'] = \$outerTemplateName" . $hash . ";\n"; $phpCode .= "\$this->v['tpl']['includedTemplates'][" . $file . "] = 1;\n"; if ($once) { $phpCode .= "}\n"; } $phpCode .= '?>'; return $phpCode; }
/** * Sends a validation email. * * @param object $eventObj */ protected function sendValidationEmail($eventObj) { //save activation token into database $token = StringUtil::getRandomID(); $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->activationTable . ' (userID, token) VALUES (' . intval($eventObj->user->userID) . ", '" . escapeString($token) . "')"; WCF::getDB()->sendQuery($sql); $url = PAGE_URL . '/index.php?action=NewsletterActivate&id=' . $eventObj->user->userID . '&t=' . $token; $subject = WCF::getLanguage()->get('wcf.acp.newsletter.optin.subject'); $content = WCF::getLanguage()->getDynamicVariable('wcf.acp.newsletter.optin.text', array('username' => $eventObj->user->username, 'url' => $url)); WCF::getTPL()->assign(array('subject' => $subject, 'content' => $content)); $output = WCF::getTPL()->fetch('validationEmail'); $mail = new Mail($eventObj->user->email, $subject, $output, MESSAGE_NEWSLETTERSYSTEM_GENERAL_FROM); $mail->setContentType('text/html'); $mail->send(); }
/** * @see TemplatePluginCompiler::executeEnd() */ public function executeEnd(TemplateScriptingCompiler $compiler) { $compiler->popTag('lang'); $hash = StringUtil::getRandomID(); return "<?php \$_lang" . $hash . " = ob_get_contents(); ob_end_clean(); echo WCF::getLanguage()->getDynamicVariable(\$_lang" . $hash . ", \$this->tagStack[count(\$this->tagStack) - 1][1]); array_pop(\$this->tagStack); ?>"; }
/** * Registers the channel with chanserv * * @param string $channel * @param string $accountname * @return void */ public function register($channel, $accountname) { $authServ = Services::getModuleManager()->lookupModule('AuthServ'); $userID = call_user_func(array($authServ, 'getUserID'), $accountname); $sql = "INSERT INTO chanserv_channels (channel, modes, time, registrar, unregistercode) VALUES ('" . escapeString($channel) . "', '+tnr', " . time() . ", " . $userID . ", '" . StringUtil::getRandomID() . "')"; Services::getDB()->sendQuery($sql); $sql = "INSERT INTO chanserv_channels_to_users (channel, userID, accessLevel) VALUES ('" . escapeString($channel) . "', " . $userID . ", 500)"; Services::getDB()->sendQuery($sql); $values = ''; $sql = "SELECT\r\n\t\t\t\t*\r\n\t\t\tFROM\r\n\t\t\t\tchanserv_default_accessLevel"; $result = Services::getDB()->sendQuery($sql); while ($row = Services::getDB()->fetchArray($result)) { if ($values != '') { $values .= ','; } $values .= "('" . escapeString($channel) . "', '" . $row['function'] . "', " . $row['accessLevel'] . ")"; } $sql = "INSERT INTO chanserv_channel_accessLevel (channel, function, accessLevel) VALUES " . $values; Services::getDB()->sendQuery($sql); // join the channel $this->join($channel); // set modes $this->setStandardModes($channel, '+tnr'); }
/** * @see TemplatePluginCompiler::executeEnd() */ public function executeEnd(TemplateScriptingCompiler $compiler) { $compiler->popTag('staticlang'); $hash = StringUtil::getRandomID(); return "<?php \$_lang" . $hash . " = ob_get_contents(); ob_end_clean(); echo WCF::getLanguage()->get(\$_lang" . $hash . "); ?>"; }
/** * @see TemplatePluginCompiler::executeEnd() */ public function executeEnd(TemplateScriptingCompiler $compiler) { $compiler->popTag('icon'); $hash = StringUtil::getRandomID(); return "<?php \$_icon" . $hash . " = ob_get_contents(); ob_end_clean(); echo StyleManager::getStyle()->getIconPath(\$_icon" . $hash . "); ?>"; }
/** * Returns a random directory * * @param string $directory Directory to include * @return Random directory */ public static function getRandomDirectory($directory) { $directory = PB_DIR . $directory . '/' . StringUtil::getRandomID() . '/'; $directory = FileUtil::unifyDirSeperator($directory); return $directory; }
/** * Updates the static data of this user. * * @param string $username * @param string $email * @param string $password * @param array $additionalFields */ protected function updateUser($username = '', $email = '', $password = '', $additionalFields = array()) { // create new salt if (!empty($password)) { $salt = StringUtil::getRandomID(); $password = StringUtil::getDoubleSaltedHash($password, $salt); } $updateSQL = ''; if (!empty($username)) { $updateSQL = "username = '******'"; $this->username = $username; } if (!empty($email)) { if (!empty($updateSQL)) { $updateSQL .= ','; } $updateSQL .= "email = '" . escapeString($email) . "'"; $this->email = $email; } if (!empty($password)) { if (!empty($updateSQL)) { $updateSQL .= ','; } $updateSQL .= "password = '******', salt = '" . $salt . "'"; $this->password = $password; $this->salt = $salt; } foreach ($additionalFields as $key => $value) { if (!empty($updateSQL)) { $updateSQL .= ','; } $updateSQL .= $key . '=' . (is_int($value) ? $value : "'" . escapeString($value) . "'"); } if (!empty($updateSQL)) { // save user $sql = "UPDATE\twcf" . WCF_N . "_user\n\t\t\t\tSET\t" . $updateSQL . "\n\t\t\t\tWHERE \tuserID = " . $this->userID; WCF::getDB()->sendQuery($sql); } $this->resetSession(); }
/** * @see TemplatePluginCompiler::executeEnd() */ public function executeEnd(TemplateScriptingCompiler $compiler) { $compiler->popTag('icons'); $hash = StringUtil::getRandomID(); return '<?php $_icons'.$hash.' = ob_get_contents(); ob_end_clean(); echo IconsUtil::getIconPath($_icons'.$hash.'); ?>'; }
/** * @see Action::execute() */ public function execute() { parent::execute(); $response = array(); // validate profile name $sql = "SELECT\tCOUNT(*) AS count\r\n\t\t\tFROM\tpb" . PB_N . "_build_profile\r\n\t\t\tWHERE\tprofileName = '" . escapeString($this->profileName) . "'"; $row = WCF::getDB()->getFirstRow($sql); if ($row['count'] == 0) { // create new profile $sql = "INSERT INTO\tpb" . PB_N . "_build_profile\r\n\t\t\t\t\t\t(packages, packageHash, packageName, profileHash, profileName, resource)\r\n\t\t\t\tVALUES\t\t('" . escapeString(serialize($this->packages)) . "',\r\n\t\t\t\t\t\t'" . escapeString($this->packageHash) . "',\r\n\t\t\t\t\t\t'" . escapeString($this->packageName) . "',\r\n\t\t\t\t\t\t'" . escapeString(StringUtil::getRandomID()) . "',\r\n\t\t\t\t\t\t'" . escapeString($this->profileName) . "',\r\n\t\t\t\t\t\t'" . escapeString($this->resource) . "')"; WCF::getDB()->sendQuery($sql); // clear cache WCF::getCache()->clear(PB_DIR . 'cache/', 'cache.build-profiles.php'); // call executed event $this->executed(); // send notification $this->sendResponse('pb.build.profile.success'); } else { // profile is not unique $this->sendResponse('pb.build.profile.error.notUnique', true); } }
/** * Sends the newsletters. */ protected function sendNewsletters() { $templateName = 'newsletterMail'; //Sends mail to all subscribers. foreach ($this->outstandingNewsletters as $id => $newsletter) { $text = $newsletter['text']; //workaround to make sure that the template is found $templatePaths = array(WCF_DIR . 'templates/', WCF_DIR . 'acp/templates/'); WCF::getTPL()->setTemplatePaths($templatePaths); $newsletterObj = new ViewableNewsletter($id); $emailText = $newsletterObj->getFormattedMessage(); WCF::getTPL()->assign(array('subject' => $newsletter['subject'], 'text' => $emailText)); $content = WCF::getTPL()->fetch($templateName); $i = 0; usleep(1); //sending one mail per subscriber //is longer, but safer foreach ($this->subscribersList as $subscriber) { //sleep 2 seconds after 10 sent mails if (fmod($i, 10) == 0) { usleep(2000000); } $unsubscribeToken = ''; if (!isset($this->unsubscribeTokens[$subscriber['subscriberID']])) { $unsubscribeToken = StringUtil::getRandomID(); $sql = 'INSERT INTO wcf' . WCF_N . '_' . $this->unsubscriptionTable . ' (subscriberID, token) VALUES (' . intval($subscriber['subscriberID']) . ", '" . escapeString($unsubscribeToken) . "')"; WCF::getDB()->sendQuery($sql); } else { $unsubscribeToken = $this->unsubscribeTokens[$subscriber['subscriberID']]['token']; } $recipient = null; if ($subscriber['userID']) { $recipient = new User($subscriber['userID']); // check for non receiving groups if (!NewsletterUtil::canReceiveNewsletters($recipient)) { continue; } } // {$username} stands for the username of the specific subscriber if (is_null($recipient) || $recipient->getUserOption('acceptNewsletterAsEmail')) { $tmpContent = str_replace('{$username}', $subscriber['username'], $content); $tmpContent = str_replace('subscriberID', $subscriber['subscriberID'], $tmpContent); $tmpContent = str_replace('token', $unsubscribeToken, $tmpContent); $email = $subscriber['email']; $mail = new Mail($email, $newsletter['subject'], $tmpContent, MESSAGE_NEWSLETTERSYSTEM_GENERAL_FROM); //$mail->addBCC(MAIL_ADMIN_ADDRESS); would result in x mails $mail->setContentType('text/html'); $mail->send(); } if (!is_null($recipient) && $recipient->getUserOption('acceptNewsletterAsPM')) { $recipientArray = array(); $recipientArray[] = array('userID' => $subscriber['userID'], 'username' => $subscriber['username']); $admin = new User(MESSAGE_NEWSLETTERSYSTEM_GENERAL_ADMIN); $options = array('enableSmilies' => $newsletter['enableSmilies'], 'enableHtml' => $newsletter['enableHtml'], 'enableBBCodes' => $newsletter['enableBBCodes']); $tmpText = str_replace('{$username}', $subscriber['username'], $text); $pm = PMEditor::create(false, $recipientArray, array(), $newsletter['subject'], $tmpText, $admin->userID, $admin->username, $options); } $i++; } } WCF::getCache()->clearResource('newsletter-subscriber-' . PACKAGE_ID); }
/** * Imports a style. * * @param string $filename * @param integer $packageID * @param StyleEditor $style * @return StyleEditor */ public static function import($filename, $packageID = PACKAGE_ID, $style = null) { // open file require_once WCF_DIR . 'lib/system/io/Tar.class.php'; $tar = new Tar($filename); // get style data $data = self::readStyleData($tar); // fix safe_mode problem $iconsLocation = FileUtil::addTrailingSlash($data['variables']['global.icons.location']); $imagesLocation = $data['variables']['global.images.location']; if (FileUtil::getSafeMode() && !empty($data['images']) && !file_exists(WCF_DIR . $imagesLocation)) { $oldImagesLocation = $imagesLocation; $imagesLocation = 'images/' . str_replace('/', '-', preg_replace('!^images/!', '', $imagesLocation)); foreach ($data['variables'] as $name => $value) { $data['variables'][$name] = str_replace($oldImagesLocation, $imagesLocation, $value); } $data['variables']['global.images.location'] = 'images/'; if (strpos($data['variables']['page.logo.image'], '../') !== false) { $data['variables']['page.logo.image'] = 'images/' . basename($data['variables']['page.logo.image']); } } // create template pack $templatePackID = 0; if (!empty($data['templates'])) { // create template pack $originalTemplatePackName = $templatePackName = $data['name']; $templatePackFolderName = preg_replace('/[^a-z0-9_-]/i', '', $templatePackName); if (empty($templatePackFolderName)) { $templatePackFolderName = 'generic' . StringUtil::substring(StringUtil::getRandomID(), 0, 8); } $originalTemplatePackFolderName = $templatePackFolderName; // get unique template pack name $i = 1; do { $sql = "SELECT\tCOUNT(*) AS count\n\t\t\t\t\tFROM\twcf" . WCF_N . "_template_pack\n\t\t\t\t\tWHERE\ttemplatePackName = '" . escapeString($templatePackName) . "'"; $row = WCF::getDB()->getFirstRow($sql); if (!$row['count']) { break; } $templatePackName = $originalTemplatePackName . '_' . $i; $i++; } while (true); // get unique folder name $i = 1; do { $sql = "SELECT\tCOUNT(*) AS count\n\t\t\t\t\tFROM\twcf" . WCF_N . "_template_pack\n\t\t\t\t\tWHERE\ttemplatePackFolderName = '" . escapeString(FileUtil::addTrailingSlash($templatePackFolderName)) . "'\n\t\t\t\t\t\tAND parentTemplatePackID = 0"; $row = WCF::getDB()->getFirstRow($sql); if (!$row['count']) { break; } $templatePackFolderName = $originalTemplatePackFolderName . '_' . $i; $i++; } while (true); $sql = "INSERT INTO\twcf" . WCF_N . "_template_pack\n\t\t\t\t\t\t(templatePackName, templatePackFolderName)\n\t\t\t\tVALUES\t\t('" . escapeString($templatePackName) . "', '" . FileUtil::addTrailingSlash(escapeString($templatePackFolderName)) . "')"; WCF::getDB()->sendQuery($sql); $templatePackID = WCF::getDB()->getInsertID("wcf" . WCF_N . "_template_pack", 'templatePackID'); } // save style if ($style !== null) { $style->update($data['name'], $data['variables'], $templatePackID, $data['description'], $data['version'], $data['date'], ($data['image'] ? 'images/' : '') . $data['image'], $data['copyright'], $data['license'], $data['authorName'], $data['authorURL']); } else { $style = self::create($data['name'], $data['variables'], $templatePackID, $data['description'], $data['version'], $data['date'], ($data['image'] ? 'images/' : '') . $data['image'], $data['copyright'], $data['license'], $data['authorName'], $data['authorURL'], 0, $packageID); } // import preview image if (!empty($data['image'])) { $i = $tar->getIndexByFilename($data['image']); if ($i !== false) { $tar->extract($i, WCF_DIR . 'images/' . $data['image']); @chmod(WCF_DIR . 'images/' . $data['image'], 0777); } } // import images if (!empty($data['images'])) { // create images folder if necessary if (!file_exists(WCF_DIR . $imagesLocation) && !FileUtil::getSafeMode()) { @mkdir(WCF_DIR . $data['variables']['global.images.location'], 0777); @chmod(WCF_DIR . $data['variables']['global.images.location'], 0777); } $i = $tar->getIndexByFilename($data['images']); if ($i !== false) { // extract images tar $destination = FileUtil::getTemporaryFilename('images_'); $tar->extract($i, $destination); // open images tar $imagesTar = new Tar($destination); $contentList = $imagesTar->getContentList(); foreach ($contentList as $key => $val) { if ($val['type'] == 'file') { $imagesTar->extract($key, WCF_DIR . $imagesLocation . basename($val['filename'])); @chmod(WCF_DIR . $imagesLocation . basename($val['filename']), 0666); } } // delete tmp file $imagesTar->close(); @unlink($destination); } } // import icons if (!empty($data['icons']) && $iconsLocation != 'icon/') { $i = $tar->getIndexByFilename($data['icons']); if ($i !== false) { // extract icons tar $destination = FileUtil::getTemporaryFilename('icons_'); $tar->extract($i, $destination); // open icons tar and group icons by package $iconsTar = new Tar($destination); $contentList = $iconsTar->getContentList(); $packageToIcons = array(); foreach ($contentList as $key => $val) { if ($val['type'] == 'file') { $folders = explode('/', $val['filename']); $packageName = array_shift($folders); if (!isset($packageToIcons[$packageName])) { $packageToIcons[$packageName] = array(); } $packageToIcons[$packageName][] = array('index' => $val['index'], 'filename' => implode('/', $folders)); } } // copy icons foreach ($packageToIcons as $package => $icons) { // try to find package $sql = "SELECT\t*\n\t\t\t\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\t\t\t\tWHERE\tpackage = '" . escapeString($package) . "'\n\t\t\t\t\t\t\tAND standalone = 1"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { // get icon path $iconDir = FileUtil::getRealPath(WCF_DIR . $row['packageDir']) . $iconsLocation; // create icon path if (!file_exists($iconDir)) { @mkdir($iconDir, 0777); @chmod($iconDir, 0777); } // copy icons foreach ($icons as $icon) { $iconsTar->extract($icon['index'], $iconDir . $icon['filename']); } } } // delete tmp file $iconsTar->close(); @unlink($destination); } } // import templates if (!empty($data['templates'])) { $i = $tar->getIndexByFilename($data['templates']); if ($i !== false) { // extract templates tar $destination = FileUtil::getTemporaryFilename('templates_'); $tar->extract($i, $destination); // open templates tar and group templates by package $templatesTar = new Tar($destination); $contentList = $templatesTar->getContentList(); $packageToTemplates = array(); foreach ($contentList as $key => $val) { if ($val['type'] == 'file') { $folders = explode('/', $val['filename']); $packageName = array_shift($folders); if (!isset($packageToTemplates[$packageName])) { $packageToTemplates[$packageName] = array(); } $packageToTemplates[$packageName][] = array('index' => $val['index'], 'filename' => implode('/', $folders)); } } // copy templates foreach ($packageToTemplates as $package => $templates) { // try to find package $sql = "SELECT\t*\n\t\t\t\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\t\t\t\tWHERE\tpackage = '" . escapeString($package) . "'\n\t\t\t\t\t\t\tAND standalone = 1"; $result = WCF::getDB()->sendQuery($sql); while ($row = WCF::getDB()->fetchArray($result)) { // get icon path $templatesDir = FileUtil::addTrailingSlash(FileUtil::getRealPath(WCF_DIR . $row['packageDir']) . 'templates/' . $templatePackFolderName); // create template path if (!file_exists($templatesDir)) { @mkdir($templatesDir, 0777); @chmod($templatesDir, 0777); } // copy templates foreach ($templates as $template) { $templatesTar->extract($template['index'], $templatesDir . $template['filename']); $sql = "INSERT INTO\twcf" . WCF_N . "_template\n\t\t\t\t\t\t\t\t\t\t(packageID, templateName, templatePackID)\n\t\t\t\t\t\t\t\tVALUES\t\t(" . $row['packageID'] . ", '" . escapeString(str_replace('.tpl', '', $template['filename'])) . "', " . $templatePackID . ")"; WCF::getDB()->sendQuery($sql); } } } // delete tmp file $templatesTar->close(); @unlink($destination); } } $tar->close(); return $style; }