$action = 'createform'; } elseif (User::findByIdentifier($emailaddress)) { WT_FlashMessages::addMessage(WT_I18N::translate('Duplicate email address. A user with that email already exists.')); $action = 'createform'; } elseif ($pass1 != $pass2) { WT_FlashMessages::addMessage(WT_I18N::translate('Passwords do not match.')); $action = 'createform'; } else { $user = User::create($username, $realname, $emailaddress, $pass1); $user->setSetting('reg_timestamp', date('U'))->setSetting('sessiontime', '0')->setSetting('theme', $user_theme)->setSetting('language', $user_language)->setSetting('contactmethod', $new_contact_method)->setSetting('comment', $new_comment)->setSetting('auto_accept', $new_auto_accept)->setSetting('canadmin', $canadmin)->setSetting('visibleonline', $visibleonline)->setSetting('editaccount', $editaccount)->setSetting('verified', $verified)->setSetting('verified_by_admin', $verified_by_admin); foreach (WT_Tree::getAll() as $tree) { $tree->userPreference($user->getUserId(), 'gedcomid', WT_Filter::post('gedcomid' . $tree->tree_id, WT_REGEX_XREF)); $tree->userPreference($user->getUserId(), 'rootid', WT_Filter::post('rootid' . $tree->tree_id, WT_REGEX_XREF)); $tree->userPreference($user->getUserId(), 'canedit', WT_Filter::post('canedit' . $tree->tree_id, implode('|', array_keys($ALL_EDIT_OPTIONS)))); if (WT_Filter::post('gedcomid' . $tree->tree_id, WT_REGEX_XREF)) { $tree->userPreference($user->getUserId(), 'RELATIONSHIP_PATH_LENGTH', WT_Filter::postInteger('RELATIONSHIP_PATH_LENGTH' . $tree->tree_id, 0, 10, 0)); } else { // Do not allow a path length to be set if the individual ID is not $tree->userPreference($user->getUserId(), 'RELATIONSHIP_PATH_LENGTH', null); } } Log::addAuthenticationLog("User ->{$username}<- created"); header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH . WT_SCRIPT_NAME); WT_Session::writeClose(); exit; } } $controller->pageHeader(); switch ($action) { case 'createform': $controller->addExternalJavascript(WT_STATIC_URL . 'js/autocomplete.js')->addInlineJavascript('autocomplete();');
public function configureBlock($block_id) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { set_block_setting($block_id, 'days', WT_Filter::postInteger('days', 1, 30, 7)); set_block_setting($block_id, 'filter', WT_Filter::postBool('filter')); set_block_setting($block_id, 'onlyBDM', WT_Filter::postBool('onlyBDM')); set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|table', 'table')); set_block_setting($block_id, 'sortStyle', WT_Filter::post('sortStyle', 'alpha|anniv', 'alpha')); set_block_setting($block_id, 'block', WT_Filter::postBool('block')); exit; } require_once WT_ROOT . 'includes/functions/functions_edit.php'; $days = get_block_setting($block_id, 'days', 7); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Number of days to show'); echo '</td><td class="optionbox">'; echo '<input type="text" name="days" size="2" value="', $days, '">'; echo ' <em>', WT_I18N::plural('maximum %d day', 'maximum %d days', 30, 30), '</em>'; echo '</td></tr>'; $filter = get_block_setting($block_id, 'filter', true); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Show only events of living individuals?'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('filter', $filter); echo '</td></tr>'; $onlyBDM = get_block_setting($block_id, 'onlyBDM', false); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Show only births, deaths, and marriages?'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('onlyBDM', $onlyBDM); echo '</td></tr>'; $infoStyle = get_block_setting($block_id, 'infoStyle', 'table'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Presentation style'); echo '</td><td class="optionbox">'; echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('list'), 'table' => WT_I18N::translate('table')), null, $infoStyle, ''); echo '</td></tr>'; $sortStyle = get_block_setting($block_id, 'sortStyle', 'alpha'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Sort order'); echo '</td><td class="optionbox">'; echo select_edit_control('sortStyle', array('alpha' => WT_I18N::translate('sort by name'), 'anniv' => WT_I18N::translate('sort by date')), null, $sortStyle, ''); echo '</td></tr>'; $block = get_block_setting($block_id, 'block', true); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Add a scrollbar when block contents grow'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('block', $block); echo '</td></tr>'; }
public function configureBlock($block_id) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { set_block_setting($block_id, 'days', WT_Filter::postInteger('days', 1, self::MAX_DAYS, self::DEFAULT_DAYS)); set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|table', 'table')); set_block_setting($block_id, 'sortStyle', WT_Filter::post('sortStyle', 'name|date_asc|date_desc', 'date_desc')); set_block_setting($block_id, 'hide_empty', WT_Filter::postBool('hide_empty')); set_block_setting($block_id, 'block', WT_Filter::postBool('block')); exit; } require_once WT_ROOT . 'includes/functions/functions_edit.php'; $days = get_block_setting($block_id, 'days', self::DEFAULT_DAYS); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Number of days to show'); echo '</td><td class="optionbox">'; echo '<input type="text" name="days" size="2" value="', $days, '">'; echo ' <em>', WT_I18N::plural('maximum %d day', 'maximum %d days', self::MAX_DAYS, self::MAX_DAYS), '</em>'; echo '</td></tr>'; $infoStyle = get_block_setting($block_id, 'infoStyle', 'table'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Presentation style'); echo '</td><td class="optionbox">'; echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('list'), 'table' => WT_I18N::translate('table')), null, $infoStyle, ''); echo '</td></tr>'; $sortStyle = get_block_setting($block_id, 'sortStyle', 'date'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Sort order'); echo '</td><td class="optionbox">'; echo select_edit_control('sortStyle', array('name' => WT_I18N::translate('sort by name'), 'date_asc' => WT_I18N::translate('sort by date, oldest first'), 'date_desc' => WT_I18N::translate('sort by date, newest first')), null, $sortStyle, ''); echo '</td></tr>'; $block = get_block_setting($block_id, 'block', true); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Add a scrollbar when block contents grow'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('block', $block); echo '</td></tr>'; $hide_empty = get_block_setting($block_id, 'hide_empty', true); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Should this block be hidden when it is empty?'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('hide_empty', $hide_empty); echo '</td></tr>'; echo '<tr><td colspan="2" class="optionbox wrap">'; echo '<span class="error">', WT_I18N::translate('If you hide an empty block, you will not be able to change its configuration until it becomes visible by no longer being empty.'), '</span>'; echo '</td></tr>'; }
$controller = new WT_Controller_Page(); $REQUIRE_ADMIN_AUTH_REGISTRATION = WT_Site::preference('REQUIRE_ADMIN_AUTH_REGISTRATION'); $action = WT_Filter::post('action'); $user_realname = WT_Filter::post('user_realname'); $user_name = WT_Filter::post('user_name', WT_REGEX_USERNAME); $user_email = WT_Filter::postEmail('user_email'); $user_password01 = WT_Filter::post('user_password01', WT_REGEX_PASSWORD); $user_password02 = WT_Filter::post('user_password02', WT_REGEX_PASSWORD); $user_comments = WT_Filter::post('user_comments'); $user_password = WT_Filter::post('user_password'); $user_hashcode = WT_Filter::post('user_hashcode'); $url = WT_Filter::post('url'); // Not actually a URL - just a path $username = WT_Filter::post('username'); $password = WT_Filter::post('password'); $timediff = WT_Filter::postInteger('timediff', -43200, 50400, 0); // Same range as date('Z') // These parameters may come from the URL which is emailed to users. if (!$action) { $action = WT_Filter::get('action'); } if (!$user_name) { $user_name = WT_Filter::get('user_name', WT_REGEX_USERNAME); } if (!$user_hashcode) { $user_hashcode = WT_Filter::get('user_hashcode'); } if (!$url) { $url = WT_Filter::get('url'); } // Not actually a URL - just a path
public function configureBlock($block_id) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { set_block_setting($block_id, 'days', WT_Filter::postInteger('num', 1, 180, 7)); set_block_setting($block_id, 'sendmail', WT_Filter::postBool('sendmail')); set_block_setting($block_id, 'block', WT_Filter::postBool('block')); exit; } require_once WT_ROOT . 'includes/functions/functions_edit.php'; $sendmail = get_block_setting($block_id, 'sendmail', true); $days = get_block_setting($block_id, 'days', 7); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Send out reminder emails?'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('sendmail', $sendmail); echo '<br>'; echo WT_I18N::translate('Reminder email frequency (days)') . " <input type='text' name='days' value='" . $days . "' size='2'>"; echo '</td></tr>'; $block = get_block_setting($block_id, 'block', true); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Add a scrollbar when block contents grow'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('block', $block); echo '</td></tr>'; }
public function configureBlock($block_id) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { set_block_setting($block_id, 'num', WT_Filter::postInteger('num', 1, 10000, 10)); set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|array|table|tagcloud', 'table')); set_block_setting($block_id, 'block', WT_Filter::postBool('block')); exit; } require_once WT_ROOT . 'includes/functions/functions_edit.php'; $num = get_block_setting($block_id, 'num', 10); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Number of items to show'); echo '</td><td class="optionbox">'; echo '<input type="text" name="num" size="2" value="', $num, '">'; echo '</td></tr>'; $infoStyle = get_block_setting($block_id, 'infoStyle', 'table'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Presentation style'); echo '</td><td class="optionbox">'; echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('bullet list'), 'array' => WT_I18N::translate('compact list'), 'table' => WT_I18N::translate('table'), 'tagcloud' => WT_I18N::translate('tag cloud')), null, $infoStyle, ''); echo '</td></tr>'; $block = get_block_setting($block_id, 'block', false); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Add a scrollbar when block contents grow'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('block', $block); echo '</td></tr>'; }
private function edit() { require_once WT_ROOT . 'includes/functions/functions_edit.php'; if (WT_USER_CAN_EDIT) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { $block_id = WT_Filter::postInteger('block_id'); if ($block_id) { WT_DB::prepare("UPDATE `##block` SET gedcom_id=?, xref=? WHERE block_id=?")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::post('xref', WT_REGEX_XREF), $block_id)); } else { WT_DB::prepare("INSERT INTO `##block` (gedcom_id, xref, module_name, block_order) VALUES (?, ?, ?, ?)")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::post('xref', WT_REGEX_XREF), $this->getName(), 0)); $block_id = WT_DB::getInstance()->lastInsertId(); } set_block_setting($block_id, 'title', WT_Filter::post('title')); set_block_setting($block_id, 'story_body', WT_Filter::post('story_body')); $languages = array(); foreach (WT_I18N::installed_languages() as $code => $name) { if (WT_Filter::postBool('lang_' . $code)) { $languages[] = $code; } } set_block_setting($block_id, 'languages', implode(',', $languages)); $this->config(); } else { $block_id = WT_Filter::getInteger('block_id'); $controller = new WT_Controller_Page(); if ($block_id) { $controller->setPageTitle(WT_I18N::translate('Edit story')); $title = get_block_setting($block_id, 'title'); $story_body = get_block_setting($block_id, 'story_body'); $gedcom_id = WT_DB::prepare("SELECT gedcom_id FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); $xref = WT_DB::prepare("SELECT xref FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); } else { $controller->setPageTitle(WT_I18N::translate('Add a story')); $title = ''; $story_body = ''; $gedcom_id = WT_GED_ID; $xref = WT_Filter::get('xref', WT_REGEX_XREF); } $controller->pageHeader()->addExternalJavascript(WT_STATIC_URL . 'js/autocomplete.js')->addInlineJavascript('autocomplete();'); if (array_key_exists('ckeditor', WT_Module::getActiveModules())) { ckeditor_WT_Module::enableEditor($controller); } echo '<form name="story" method="post" action="module.php?mod=', $this->getName(), '&mod_action=admin_edit">'; echo WT_Filter::getCsrf(); echo '<input type="hidden" name="save" value="1">'; echo '<input type="hidden" name="block_id" value="', $block_id, '">'; echo '<input type="hidden" name="gedcom_id" value="', WT_GED_ID, '">'; echo '<table id="story_module">'; echo '<tr><th>'; echo WT_I18N::translate('Story title'); echo '</th></tr><tr><td><textarea name="title" rows="1" cols="90" tabindex="2">', WT_Filter::escapeHtml($title), '</textarea></td></tr>'; echo '<tr><th>'; echo WT_I18N::translate('Story'); echo '</th></tr><tr><td>'; echo '<textarea name="story_body" class="html-edit" rows="10" cols="90" tabindex="2">', WT_Filter::escapeHtml($story_body), '</textarea>'; echo '</td></tr>'; echo '</table><table id="story_module2">'; echo '<tr>'; echo '<th>', WT_I18N::translate('Individual'), '</th>'; echo '<th>', WT_I18N::translate('Show this block for which languages?'), '</th>'; echo '</tr>'; echo '<tr>'; echo '<td class="optionbox">'; echo '<input data-autocomplete-type="INDI" type="text" name="xref" id="pid" size="4" value="' . $xref . '">'; echo print_findindi_link('pid'); if ($xref) { $person = WT_Individual::getInstance($xref); if ($person) { echo ' ', $person->format_list('span'); } } echo '</td>'; $languages = get_block_setting($block_id, 'languages'); echo '<td class="optionbox">'; echo edit_language_checkboxes('lang_', $languages); echo '</td></tr></table>'; echo '<p><input type="submit" value="', WT_I18N::translate('save'), '" tabindex="5">'; echo '</p>'; echo '</form>'; exit; } } else { header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH); exit; } }
} break; case 'replace_upload': $gedcom_id = WT_Filter::postInteger('gedcom_id'); // Make sure the gedcom still exists if (WT_Filter::checkCsrf() && get_gedcom_from_id($gedcom_id)) { foreach ($_FILES as $FILE) { if ($FILE['error'] == 0 && is_readable($FILE['tmp_name'])) { import_gedcom_file($gedcom_id, $FILE['tmp_name'], $FILE['name']); } } } header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH . WT_SCRIPT_NAME . '?keep_media' . $gedcom_id . '=' . WT_Filter::postBool('keep_media' . $gedcom_id)); exit; case 'replace_import': $gedcom_id = WT_Filter::postInteger('gedcom_id'); // Make sure the gedcom still exists if (WT_Filter::checkCsrf() && get_gedcom_from_id($gedcom_id)) { $ged_name = basename(WT_Filter::post('ged_name')); import_gedcom_file($gedcom_id, WT_DATA_DIR . $ged_name, $ged_name); } header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH . WT_SCRIPT_NAME . '?keep_media' . $gedcom_id . '=' . WT_Filter::postBool('keep_media' . $gedcom_id)); exit; } $controller->pageHeader(); // Process GET actions switch (WT_Filter::get('action')) { case 'uploadform': case 'importform': $gedcom_id = WT_Filter::getInteger('gedcom_id'); $gedcom_name = get_gedcom_from_id($gedcom_id);
} // Delete the record itself $record->deleteRecord(); } else { header('HTTP/1.0 406 Not Acceptable'); } break; case 'delete-user': $user = User::find(WT_Filter::postInteger('user_id')); if ($user && Auth::isAdmin() && Auth::user() !== $user) { Log::addAuthenticationLog('Deleted user: '******'masquerade': $user = User::find(WT_Filter::postInteger('user_id')); if ($user && Auth::isAdmin() && Auth::user() !== $user) { Log::addAuthenticationLog('Masquerade as user: '******'HTTP/1.0 406 Not Acceptable'); } break; case 'unlink-media': // Remove links from an individual and their spouse-family records to a media object. // Used by the "unlink" option on the album (lightbox) tab. require WT_ROOT . 'includes/functions/functions_edit.php'; $source = WT_Individual::getInstance(WT_Filter::post('source', WT_REGEX_XREF)); $target = WT_Filter::post('target', WT_REGEX_XREF); if ($source && $source->canShow() && $source->canEdit() && $target) { // Consider the individual and their spouse-family records
public function configureBlock($block_id) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { set_block_setting($block_id, 'days', WT_Filter::postInteger('days', 1, 30, 7)); set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|table', 'table')); set_block_setting($block_id, 'calendar', WT_Filter::post('calendar', 'jewish|gregorian', 'jewish')); set_block_setting($block_id, 'block', WT_Filter::postBool('block')); exit; } require_once WT_ROOT . 'includes/functions/functions_edit.php'; $days = get_block_setting($block_id, 'days', 7); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Number of days to show'); echo '</td><td class="optionbox">'; echo '<input type="text" name="days" size="2" value="' . $days . '">'; echo ' <em>', WT_I18N::plural('maximum %d day', 'maximum %d days', 30, 30), '</em>'; echo '</td></tr>'; $infoStyle = get_block_setting($block_id, 'infoStyle', 'table'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Presentation style'); echo '</td><td class="optionbox">'; echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('list'), 'table' => WT_I18N::translate('table')), null, $infoStyle, ''); echo '</td></tr>'; $calendar = get_block_setting($block_id, 'calendar'); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Calendar'); echo '</td><td class="optionbox">'; echo select_edit_control('calendar', array('jewish' => WT_Date_Jewish::calendarName(), 'gregorian' => WT_Date_Gregorian::calendarName()), null, $calendar, ''); echo '</td></tr>'; $block = get_block_setting($block_id, 'block', true); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Add a scrollbar when block contents grow'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('block', $block); echo '</td></tr>'; }
private function connect() { global $WT_SESSION; $url = WT_Filter::post('url', NULL, WT_Filter::get('url', NULL, '')); // If we’ve clicked login from the login page, we don’t want to go back there. if (strpos($url, 'login.php') === 0 || strpos($url, 'mod=facebook') !== false && strpos($url, 'mod_action=connect') !== false) { $url = ''; } // Redirect to the homepage/$url if the user is already logged-in. if ($WT_SESSION->wt_user) { header('Location: ' . WT_SCRIPT_PATH . $url); exit; } $app_id = $this->getSetting('app_id'); $app_secret = $this->getSetting('app_secret'); $connect_url = $this->getConnectURL($url); if (!$app_id || !$app_secret) { $this->error_page(WT_I18N::translate('Facebook logins have not been setup by the administrator.')); return; } $code = @$_REQUEST["code"]; if (!empty($_REQUEST['error'])) { Log::addErrorLog('Facebook Error: ' . WT_Filter::get('error') . '. Reason: ' . WT_Filter::get('error_reason')); if ($_REQUEST['error_reason'] == 'user_denied') { $this->error_page(WT_I18N::translate('You must allow access to your Facebook account in order to login with Facebook.')); } else { $this->error_page(WT_I18N::translate('An error occurred trying to log you in with Facebook.')); } } else { if (empty($code) && empty($WT_SESSION->facebook_access_token)) { if (!WT_Filter::checkCsrf()) { echo WT_I18N::translate('This form has expired. Try again.'); return; } $WT_SESSION->timediff = WT_Filter::postInteger('timediff', -43200, 50400, 0); // Same range as date('Z') // FB Login flow has not begun so redirect to login dialog. $WT_SESSION->facebook_state = md5(uniqid(rand(), TRUE)); // CSRF protection $dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . urlencode($connect_url) . "&state=" . $WT_SESSION->facebook_state . "&scope=" . self::scope; Zend_Session::writeClose(); echo "<script> window.location.href='" . $dialog_url . "'</script>"; } else { if (!empty($WT_SESSION->facebook_access_token)) { // User has already authorized the app and we have a token so get their info. $graph_url = "https://graph.facebook.com/" . self::api_dir . "me?access_token=" . $WT_SESSION->facebook_access_token; $response = $this->fetch_url($graph_url); if ($response === FALSE) { Log::addErrorLog("Facebook: Access token is no longer valid"); // Clear the state and try again with a new token. try { unset($WT_SESSION->facebook_access_token); unset($WT_SESSION->facebook_state); Zend_Session::writeClose(); } catch (Exception $e) { } header("Location: " . $this->getConnectURL($url)); exit; } $user = json_decode($response); $this->login_or_register($user, $url); } else { if (!empty($WT_SESSION->facebook_state) && $WT_SESSION->facebook_state === $_REQUEST['state']) { // User has already been redirected to login dialog. // Exchange the code for an access token. $token_url = "https://graph.facebook.com/" . self::api_dir . "oauth/access_token?" . "client_id=" . $app_id . "&redirect_uri=" . urlencode($connect_url) . "&client_secret=" . $app_secret . "&code=" . $code; $response = $this->fetch_url($token_url); if ($response === FALSE) { Log::addErrorLog("Facebook: Couldn't exchange the code for an access token"); $this->error_page(WT_I18N::translate("Your Facebook code is invalid. This can happen if you hit back in your browser after login or if Facebook logins have been setup incorrectly by the administrator.")); } $params = null; parse_str($response, $params); if (empty($params['access_token'])) { Log::addErrorLog("Facebook: The access token was empty"); $this->error_page(WT_I18N::translate("Your Facebook code is invalid. This can happen if you hit back in your browser after login or if Facebook logins have been setup incorrectly by the administrator.")); } $WT_SESSION->facebook_access_token = $params['access_token']; $graph_url = "https://graph.facebook.com/" . self::api_dir . "me?access_token=" . $WT_SESSION->facebook_access_token; $meResponse = $this->fetch_url($graph_url); if ($meResponse === FALSE) { $this->error_page(WT_I18N::translate("Could not fetch your information from Facebook. Please try again.")); } $user = json_decode($meResponse); $this->login_or_register($user, $url); } else { $this->error_page(WT_I18N::translate("The state does not match. You may been tricked to load this page.")); } } } } }
private function edit() { require_once WT_ROOT . 'includes/functions/functions_edit.php'; if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { $block_id = WT_Filter::postInteger('block_id'); if ($block_id) { WT_DB::prepare("UPDATE `##block` SET gedcom_id=NULLIF(?, '0'), block_order=? WHERE block_id=?")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::postInteger('block_order'), $block_id)); } else { WT_DB::prepare("INSERT INTO `##block` (gedcom_id, module_name, block_order) VALUES (NULLIF(?, '0'), ?, ?)")->execute(array(WT_Filter::postInteger('gedcom_id'), $this->getName(), WT_Filter::postInteger('block_order'))); $block_id = WT_DB::getInstance()->lastInsertId(); } set_block_setting($block_id, 'header', WT_Filter::post('header')); set_block_setting($block_id, 'faqbody', WT_Filter::post('faqbody')); $languages = array(); foreach (WT_I18N::installed_languages() as $code => $name) { if (WT_Filter::postBool('lang_' . $code)) { $languages[] = $code; } } set_block_setting($block_id, 'languages', implode(',', $languages)); $this->config(); } else { $block_id = WT_Filter::getInteger('block_id'); $controller = new WT_Controller_Page(); if ($block_id) { $controller->setPageTitle(WT_I18N::translate('Edit FAQ item')); $header = get_block_setting($block_id, 'header'); $faqbody = get_block_setting($block_id, 'faqbody'); $block_order = WT_DB::prepare("SELECT block_order FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); $gedcom_id = WT_DB::prepare("SELECT gedcom_id FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); } else { $controller->setPageTitle(WT_I18N::translate('Add an FAQ item')); $header = ''; $faqbody = ''; $block_order = WT_DB::prepare("SELECT IFNULL(MAX(block_order)+1, 0) FROM `##block` WHERE module_name=?")->execute(array($this->getName()))->fetchOne(); $gedcom_id = WT_GED_ID; } $controller->pageHeader(); if (array_key_exists('ckeditor', WT_Module::getActiveModules())) { ckeditor_WT_Module::enableEditor($controller); } // "Help for this page" link echo '<div id="page_help">', help_link('add_faq_item', $this->getName()), '</div>'; echo '<form name="faq" method="post" action="module.php?mod=', $this->getName(), '&mod_action=admin_edit">'; echo WT_Filter::getCsrf(); echo '<input type="hidden" name="save" value="1">'; echo '<input type="hidden" name="block_id" value="', $block_id, '">'; echo '<table id="faq_module">'; echo '<tr><th>'; echo WT_I18N::translate('Question'); echo '</th></tr><tr><td><input type="text" name="header" size="90" tabindex="1" value="' . WT_Filter::escapeHtml($header) . '"></td></tr>'; echo '<tr><th>'; echo WT_I18N::translate('Answer'); echo '</th></tr><tr><td>'; echo '<textarea name="faqbody" class="html-edit" rows="10" cols="90" tabindex="2">', WT_Filter::escapeHtml($faqbody), '</textarea>'; echo '</td></tr>'; echo '</table><table id="faq_module2">'; echo '<tr>'; echo '<th>', WT_I18N::translate('Show this block for which languages?'), '</th>'; echo '<th>', WT_I18N::translate('FAQ position'), help_link('add_faq_order', $this->getName()), '</th>'; echo '<th>', WT_I18N::translate('FAQ visibility'), help_link('add_faq_visibility', $this->getName()), '</th>'; echo '</tr><tr>'; echo '<td>'; $languages = get_block_setting($block_id, 'languages'); echo edit_language_checkboxes('lang_', $languages); echo '</td><td>'; echo '<input type="text" name="block_order" size="3" tabindex="3" value="', $block_order, '"></td>'; echo '</td><td>'; echo select_edit_control('gedcom_id', WT_Tree::getIdList(), WT_I18N::translate('All'), $gedcom_id, 'tabindex="4"'); echo '</td></tr>'; echo '</table>'; echo '<p><input type="submit" value="', WT_I18N::translate('save'), '" tabindex="5">'; echo '</form>'; exit; } }
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA use WT\Auth; define('WT_SCRIPT_NAME', 'editnews.php'); require './includes/session.php'; $controller = new WT_Controller_Simple(); $controller->setPageTitle(WT_I18N::translate('Add/edit a journal/news entry'))->restrictAccess(Auth::isMember())->pageHeader(); $action = WT_Filter::get('action', 'compose|save|delete', 'compose'); $news_id = WT_Filter::getInteger('news_id'); $user_id = WT_Filter::get('user_id', WT_REGEX_INTEGER, WT_Filter::post('user_id', WT_REGEX_INTEGER)); $gedcom_id = WT_Filter::get('gedcom_id', WT_REGEX_INTEGER, WT_Filter::post('gedcom_id', WT_REGEX_INTEGER)); $date = WT_Filter::postInteger('date', 0, PHP_INT_MAX, WT_TIMESTAMP); $title = WT_Filter::post('title'); $text = WT_Filter::post('text'); switch ($action) { case 'compose': if (array_key_exists('ckeditor', WT_Module::getActiveModules())) { ckeditor_WT_Module::enableEditor($controller); } echo '<h3>' . WT_I18N::translate('Add/edit a journal/news entry') . '</h3>'; echo '<form style="overflow: hidden;" name="messageform" method="post" action="editnews.php?action=save&news_id=' . $news_id . '">'; if ($news_id) { $news = getNewsItem($news_id); } else { $news = array(); $news['user_id'] = $user_id; $news['gedcom_id'] = $gedcom_id;
public function configureBlock($block_id) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { set_block_setting($block_id, 'num', WT_Filter::postInteger('num', 1, 10000, 10)); set_block_setting($block_id, 'count_placement', WT_Filter::post('count_placement', 'before|after', 'before')); set_block_setting($block_id, 'block', WT_Filter::postBool('block')); exit; } require_once WT_ROOT . 'includes/functions/functions_edit.php'; $num = get_block_setting($block_id, 'num', 10); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Number of items to show'); echo '</td><td class="optionbox">'; echo '<input type="text" name="num" size="2" value="', $num, '">'; echo '</td></tr>'; $count_placement = get_block_setting($block_id, 'count_placement', 'left'); echo "<tr><td class=\"descriptionbox wrap width33\">"; echo WT_I18N::translate('Place counts before or after name?'); echo "</td><td class=\"optionbox\">"; echo select_edit_control('count_placement', array('before' => WT_I18N::translate('before'), 'after' => WT_I18N::translate('after')), null, $count_placement, ''); echo '</td></tr>'; $block = get_block_setting($block_id, 'block', false); echo '<tr><td class="descriptionbox wrap width33">'; echo WT_I18N::translate('Add a scrollbar when block contents grow'); echo '</td><td class="optionbox">'; echo edit_field_yes_no('block', $block); echo '</td></tr>'; }