public static function display() { if (isset($_POST['submit_bank_account'])) { if (\PFBC\Form::isValid($_POST['submit_bank_account'])) { new BankFormProcess(); } Framework\Url\Header::redirect(); } $oHR = new Http(); $iProfileId = AdminCore::auth() && !Affiliate::auth() && $oHR->getExists('profile_id') ? $oHR->get('profile_id', 'int') : (new Session())->get('affiliate_id'); $oAff = (new AffiliateModel())->readProfile($iProfileId, 'Affiliates'); $oForm = new \PFBC\Form('form_bank_account', 500); $oForm->configure(array('action' => '')); $oForm->addElement(new \PFBC\Element\Hidden('submit_bank_account', 'form_bank_account')); $oForm->addElement(new \PFBC\Element\Token('bank_account')); if (AdminCore::auth() && !Affiliate::auth() && $oHR->getExists('profile_id')) { $oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="center"><a class="s_button" href="' . Uri::get('affiliate', 'admin', 'browse') . '">' . t('Return to back affiliates browse') . '</a></p>')); } unset($oHR); $oForm->addElement(new \PFBC\Element\HTMLExternal('<h2 class="underline">' . t('Bank Information:') . '</h2>')); $sHtmlPayPalIcon = '<a href="http://paypal.com" target="_blank"><img src="' . PH7_URL_STATIC . PH7_IMG . 'icon/paypal_small.gif" alt="PayPal" title="PayPal"></a><br />'; $oForm->addElement(new \PFBC\Element\Email($sHtmlPayPalIcon . t('Your Bank Account:'), 'bank_account', array('id' => 'email_paypal', 'onblur' => 'CValid(this.value,this.id)', 'description' => t('Your Bank Account (PayPal Email Address).'), 'title' => t('Your Bank Account.'), 'value' => $oAff->bankAccount, 'validation' => new \PFBC\Validation\BankAccount(), 'required' => 1))); $oForm->addElement(new \PFBC\Element\HtmlExternal('<span class="input_error email_paypal"></span>')); $oForm->addElement(new \PFBC\Element\Button()); $oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script>')); $oForm->render(); }
public function __construct() { parent::__construct(); $iGroupId = $this->httpRequest->get('group_id', 'int'); $oPayModel = new PaymentModel(); $oMembership = $oPayModel->getMemberships($iGroupId); if (!$this->str->equals($this->httpRequest->post('name'), $oMembership->name)) { $oPayModel->updateMembershipGroup('name', $this->httpRequest->post('name'), $iGroupId); } if (!$this->str->equals($this->httpRequest->post('description'), $oMembership->description)) { $oPayModel->updateMembershipGroup('description', $this->httpRequest->post('description'), $iGroupId); } $aPerms = serialize($this->httpRequest->post('perms')); $oPayModel->updateMembershipGroup('permissions', $aPerms, $iGroupId); if (!$this->str->equals($this->httpRequest->post('price'), $oMembership->price)) { $oPayModel->updateMembershipGroup('price', $this->httpRequest->post('price'), $iGroupId); } if (!$this->str->equals($this->httpRequest->post('expiration_days'), $oMembership->expirationDays)) { $oPayModel->updateMembershipGroup('expirationDays', $this->httpRequest->post('expiration_days'), $iGroupId); } if (!$this->str->equals($this->httpRequest->post('enable'), $oMembership->enable)) { $oPayModel->updateMembershipGroup('enable', $this->httpRequest->post('enable'), $iGroupId); } unset($oPayModel); /* Clean UserCoreModel Cache */ (new Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear(); Header::redirect(Uri::get('payment', 'admin', 'membershiplist'), t('The Membership has been saved successfully!')); }
public function __construct() { parent::__construct(); $oCommentModel = new CommentModel(); $sComment = $this->httpRequest->post('comment'); $sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s'); $iTimeDelay = (int) DbConfig::getSetting('timeDelaySendComment'); $sTable = $this->httpRequest->get('table'); $iRecipientId = $this->httpRequest->get('recipient', 'int'); $iSenderId = (int) $this->session->get('member_id'); if (!$oCommentModel->idExists($iRecipientId, $sTable)) { \PFBC\Form::setError('form_comment', t('The comment recipient does not exists.')); } elseif (!$oCommentModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime, $sTable)) { \PFBC\Form::setError('form_comment', Form::waitWriteMsg($iTimeDelay)); } elseif ($oCommentModel->isDuplicateContent($iSenderId, $sComment, $sTable)) { \PFBC\Form::setError('form_comment', Form::duplicateContentMsg()); } else { if (!$oCommentModel->add($sComment, $iRecipientId, $iSenderId, 1, $sCurrentTime, $sTable)) { \PFBC\Form::setError('form_comment', t('Oops! Error when adding comment.')); } else { /* Clean All Data of CommentModel Cache */ (new Framework\Cache\Cache())->start(CommentCoreModel::CACHE_GROUP, null, null)->clear(); HeaderUrl::redirect(Uri::get('comment', 'comment', 'read', $sTable . ',' . $iRecipientId), t('The comment has been sent successfully!')); } } unset($oCommentModel); }
public static function display() { $sActUrl = Uri::get('newsletter', 'home', 'subscription'); if (isset($_POST['submit_subscription'])) { if (\PFBC\Form::isValid($_POST['submit_subscription'])) { new SubscriptionFormProcess(); } Framework\Url\HeaderUrl::redirect($sActUrl); } $oForm = new \PFBC\Form('form_subscription', 350); $oForm->configure(array('action' => $sActUrl)); $oForm->addElement(new \PFBC\Element\Hidden('submit_subscription', 'form_subscription')); $oForm->addElement(new \PFBC\Element\Token('subscription')); $oForm->addElement(new \PFBC\Element\Textbox(t('Your full name:'), 'name', array('id' => 'str_name', 'onblur' => 'CValid(this.value, this.id,4,80)', 'validation' => new \PFBC\Validation\Str(4, 80), 'required' => 1))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_name"></span>')); $oForm->addElement(new \PFBC\Element\Email(t('Your email:'), 'email', array('id' => 'email', 'onblur' => 'CValid(this.value, this.id)', 'required' => 1))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error email"></span>')); $oForm->addElement(new \PFBC\Element\CCaptcha(t('Captcha:'), 'captcha', array('id' => 'ccaptcha', 'onkeyup' => 'CValid(this.value, this.id)', 'description' => t('Enter the code above:')))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error ccaptcha"></span>')); $oForm->addElement(new \PFBC\Element\Hidden('direction', '')); $oForm->addElement(new \PFBC\Element\Button(t('Subscribe'), 'submit', array('onclick' => '$("#form_subscription [name=direction]").val("subscrire");'))); $oForm->addElement(new \PFBC\Element\Button(t('Unsubscribe'), 'submit', array('onclick' => '$("#form_subscription [name=direction]").val("unsubscribe");'))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script>')); $oForm->render(); }
public function __construct() { parent::__construct(); $oAffModel = new AffiliateModel(); $oSecurityModel = new SecurityModel(); $sEmail = $this->httpRequest->post('mail'); $sPassword = $this->httpRequest->post('password'); /** Check if the connection is not locked **/ $bIsLoginAttempt = (bool) DbConfig::getSetting('isAffiliateLoginAttempt'); $iMaxAttempts = (int) DbConfig::getSetting('maxAffiliateLoginAttempts'); $iTimeDelay = (int) DbConfig::getSetting('loginAffiliateAttemptTime'); if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Affiliates')) { \PFBC\Form::setError('form_login_aff', Form::loginAttemptsExceededMsg($iTimeDelay)); return; // Stop execution of the method. } // Check Login $sLogin = $oAffModel->login($sEmail, $sPassword, 'Affiliates'); if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') { sleep(1); // Security against brute-force attack to avoid drowning the server and the database if ($sLogin === 'email_does_not_exist') { $this->session->set('captcha_enabled', 1); // Enable Captcha \PFBC\Form::setError('form_login_aff', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH)))); $oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username', 'Affiliates'); } elseif ($sLogin === 'password_does_not_exist') { $oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password', 'Affiliates'); if ($bIsLoginAttempt) { $oSecurityModel->addLoginAttempt('Affiliates'); } $this->session->set('captcha_enabled', 1); // Enable Captcha $sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />'; $sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />'; $sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'affiliate')); \PFBC\Form::setError('form_login_aff', $sWrongPwdTxt); } } else { $oSecurityModel->clearLoginAttempts('Affiliates'); $this->session->remove('captcha_enabled'); $iId = $oAffModel->getId($sEmail, null, 'Affiliates'); $oAffData = $oAffModel->readProfile($iId, 'Affiliates'); if (true !== ($mStatus = (new AffiliateCore())->checkAccountStatus($oAffData))) { \PFBC\Form::setError('form_login_aff', $mStatus); } else { // Is disconnected if the user is logged on as "user" or "administrator". if (UserCore::auth() || AdminCore::auth()) { $this->session->destroy(); } // Regenerate the session ID to prevent the session fixation $this->session->regenerateId(); $aSessionData = ['affiliate_id' => $oAffData->profileId, 'affiliate_email' => $oAffData->email, 'affiliate_username' => $oAffData->username, 'affiliate_first_name' => $oAffData->firstName, 'affiliate_sex' => $oAffData->sex, 'affiliate_ip' => Ip::get(), 'affiliate_http_user_agent' => $this->browser->getUserAgent(), 'affiliate_token' => Various::genRnd($oAffData->email)]; $this->session->set($aSessionData); $oSecurityModel->addLoginLog($oAffData->email, $oAffData->username, '*****', 'Logged in!', 'Affiliates'); $oAffModel->setLastActivity($oAffData->profileId, 'Affiliates'); Header::redirect(Uri::get('affiliate', 'account', 'index'), t('You are successfully logged!')); } } }
public function __construct() { parent::__construct(); $sTable = $this->registry->module == 'user' ? 'Members' : 'Affiliates'; $sSessPrefix = $this->registry->module == 'user' ? 'member' : 'affiliate'; if ((new UserCoreModel())->login($this->session->get($sSessPrefix . '_email'), $this->httpRequest->post('password'), $sTable) === 'password_does_not_exist') { \PFBC\Form::setError('form_delete_account', t('Oops! This password you entered is incorrect.')); } else { $sUsername = $this->session->get($sSessPrefix . '_username'); $sMembershipType = $this->registry->module == 'affiliate' ? t('Affiliate') : t('Member'); $this->view->membership = t('Type of Membership: %0%.', $sMembershipType); $this->view->message = nl2br($this->httpRequest->post('message')); $this->view->why_delete = t('Due to the deletion of the account: %0%', $this->httpRequest->post('why_delete')); $this->view->footer_title = t('Information of the user who has deleted their account'); $this->view->email = t('Email: %0%', $this->session->get($sSessPrefix . '_email')); $this->view->username = t('Username: %0%', $sUsername); $this->view->first_name = t('First Name: %0%', $this->session->get($sSessPrefix . '_first_name')); $this->view->sex = t('Sex: %0%', $this->session->get($sSessPrefix . '_sex')); $this->view->ip = t('User IP: %0%', $this->session->get($sSessPrefix . '_ip')); $this->view->browser_info = t('Browser info: %0%', $this->session->get($sSessPrefix . '_http_user_agent')); $sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/core/delete_account.tpl', DbConfig::getSetting('adminEmail')); $sMembershipName = $this->registry->module == 'user' ? t('Member') : t('Affiliate'); $aInfo = ['subject' => t('Unregister %0% - User: %1%', $sMembershipName, $sUsername)]; (new Mail())->send($aInfo, $sMessageHtml); $oUserModel = $this->registry->module == 'user' ? new UserCore() : new AffiliateCore(); $oUserModel->delete($this->session->get($sSessPrefix . '_id'), $sUsername); unset($oUserModel); $this->session->destroy(); Header::redirect(Uri::get('user', 'main', 'soon'), t('You delete account is successfully!')); } }
public function __construct() { parent::__construct(); // Thumbnail $oImg = new Image($_FILES['thumb']['tmp_name']); if (!$oImg->validate()) { \PFBC\Form::setError('form_game', Form::wrongImgFileTypeMsg()); return; // Stop execution of the method. } $sThumbFile = Various::genRnd($oImg->getFileName(), 30) . $oImg->getExt(); $sThumbDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/img/thumb/'; $oImg->square(60); $oImg->save($sThumbDir . $sThumbFile); unset($oImg); // Game $sGameFile = Various::genRnd($_FILES['file']['name'], 30) . PH7_DOT . $this->file->getFileExt($_FILES['file']['name']); $sGameDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/file/'; // If the folders is not created (games not installed), yet we will create. $this->file->createDir(array($sThumbDir, $sGameDir)); if (!@move_uploaded_file($_FILES['file']['tmp_name'], $sGameDir . $sGameFile)) { \PFBC\Form::setError('form_game', t('Impossible to upload the game. If you are the administrator, please check if the folder of games data has the write permission (CHMOD 755).')); } else { $aData = ['category_id' => $this->httpRequest->post('category_id', 'int'), 'name' => $this->httpRequest->post('name'), 'title' => $this->httpRequest->post('title'), 'description' => $this->httpRequest->post('description'), 'keywords' => $this->httpRequest->post('keywords'), 'thumb' => $sThumbFile, 'file' => $sGameFile]; (new GameModel())->add($aData); /* Clean GameModel Cache */ (new Framework\Cache\Cache())->start(GameModel::CACHE_GROUP, null, null)->clear(); HeaderUrl::redirect(Uri::get('game', 'main', 'game', $aData['title'] . ',' . Db::getInstance()->lastInsertId()), t('The game was added successfully!')); } }
public function deleteMembership() { $this->oPayModel->deleteMembership($this->httpRequest->post('id')); /* Clean UserCoreModel Cache */ (new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear(); Header::redirect(Uri::get('payment', 'admin', 'membershiplist'), t('The Membership has been removed!')); }
/** * Parser for the System variables. * * @param string $sVar * @return The new parsed text */ public function parse($sVar) { /*** Not to parse a text ***/ if (preg_match('/#!.+!#/', $sVar)) { $sVar = str_replace(array('#!', '!#'), '', $sVar); return $sVar; } /***** Site Variables *****/ $oRegistry = Registry::getInstance(); $sVar = str_replace('%site_name%', $oRegistry->site_name, $sVar); $sVar = str_replace('%url_relative%', PH7_RELATIVE, $sVar); $sVar = str_replace(array('%site_url%', '%url_root%'), $oRegistry->site_url, $sVar); $sVar = str_replace('%url_static%', PH7_URL_STATIC, $sVar); $sVar = str_replace('%page_ext%', PH7_PAGE_EXT, $sVar); unset($oRegistry); /***** Affiliate Variables *****/ $oSession = new Session(); $sAffUsername = $oSession->exists('affiliate_username') ? $oSession->get('affiliate_username') : 'aid'; $sVar = str_replace('%affiliate_url%', Uri::get('affiliate', 'router', 'refer', $sAffUsername), $sVar); unset($oSession); /***** Global Variables *****/ $sVar = str_replace('%ip%', Ip::get(), $sVar); /***** Kernel Variables *****/ $sVar = str_replace('%software_name%', Kernel::SOFTWARE_NAME, $sVar); $sVar = str_replace('%software_company%', Kernel::SOFTWARE_COMPANY, $sVar); $sVar = str_replace('%software_author%', 'Pierre-Henry Soria', $sVar); $sVar = str_replace('%software_version_name%', Kernel::SOFTWARE_VERSION_NAME, $sVar); $sVar = str_replace('%software_version%', Kernel::SOFTWARE_VERSION, $sVar); $sVar = str_replace('%software_build%', Kernel::SOFTWARE_BUILD, $sVar); $sVar = str_replace('%software_email%', Kernel::SOFTWARE_EMAIL, $sVar); $sVar = str_replace('%software_website%', Kernel::SOFTWARE_WEBSITE, $sVar); // Output return $sVar; }
public function __construct($sTable) { parent::__construct(); $oUserModel = new UserCoreModel(); $sMail = $this->httpRequest->post('mail'); if (!($iProfileId = $oUserModel->getId($sMail, null, $sTable))) { sleep(1); // Security against brute-force attack to avoid drowning the server and the database \PFBC\Form::setError('form_forgot_password', t('Oops, this "%0%" is not associated with any %site_name% account. Please, make sure that you entered the e-mail address used in creating your account.', escape(substr($sMail, 0, PH7_MAX_EMAIL_LENGTH)))); } else { $oUserModel->setNewHashValidation($iProfileId, Various::genRnd(), $sTable); (new UserCore())->clearReadProfileCache($iProfileId, $sTable); // Clean the profile data (for the new hash) $oData = $oUserModel->readProfile($iProfileId, $sTable); /** We place the text outside of Uri::get() otherwise special characters will be deleted and the parameters passed in the url will be unusable thereafter. **/ $sResetUrl = Uri::get('lost-password', 'main', 'reset', $this->httpRequest->get('mod')) . PH7_SH . $oData->email . PH7_SH . $oData->hashValidation; $this->view->content = t('Hello %0%!<br />Somebody (from the IP address %1%) has requested a new password for their account.', $oData->username, Ip::get()) . '<br />' . t('If you requested for this, click on the link below, otherwise ignore this email and your password will remain unchanged.') . '<br /><a href="' . $sResetUrl . '">' . $sResetUrl . '</a>'; $sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/lost-password/confirm-lost-password.tpl', $oData->email); $aInfo = ['to' => $oData->email, 'subject' => t('Request for new password - %site_name%')]; unset($oData); if (!(new Mail())->send($aInfo, $sMessageHtml)) { \PFBC\Form::setError('form_forgot_password', Form::errorSendingEmail()); } else { \PFBC\Form::setSuccess('form_forgot_password', t('Successfully requested a new password, email sent!')); } } unset($oUserModel); }
public static function display() { if (isset($_POST['submit_picture'])) { if (\PFBC\Form::isValid($_POST['submit_picture'])) { new PictureFormProcess(); } Framework\Url\HeaderUrl::redirect(); } $oHttpRequest = new Http(); $iAlbumIdVal = $oHttpRequest->getExists('album_id') ? $oHttpRequest->get('album_id') : null; // Album ID Value unset($oHttpRequest); $oAlbumId = (new PictureModel())->getAlbumsName((new Session())->get('member_id')); $aAlbumName = array(); foreach ($oAlbumId as $iId) { $aAlbumName[$iId->albumId] = $iId->name; } $oForm = new \PFBC\Form('form_picture', 500); $oForm->configure(array('action' => '')); $oForm->addElement(new \PFBC\Element\Hidden('submit_picture', 'form_picture')); $oForm->addElement(new \PFBC\Element\Token('picture')); $oForm->addElement(new \PFBC\Element\Select(t('Choose your album - OR - <a href="%0%">Add a new Album</a>', Uri::get('picture', 'main', 'addalbum')), 'album_id', $aAlbumName, array('value' => $iAlbumIdVal, 'required' => 1))); unset($aAlbumName); $oForm->addElement(new \PFBC\Element\Hidden('album_title', @$iId->name)); // Bad title! Thank you for finding a solution and send it by email $oForm->addElement(new \PFBC\Element\Textbox(t('Name of your photo(s):'), 'title', array('validation' => new \PFBC\Validation\Str(2, 40)))); $oForm->addElement(new \PFBC\Element\File(t('Your picture(s)'), 'photos[]', array('description' => '<span class="bold">' . t('Tip:') . '</span> ' . t('You can select multiple photos at once by clicking multiple files while holding down the "CTRL" key.'), 'multiple' => 'multiple', 'accept' => 'image/*', 'required' => 1))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="pfbc-label"><em><span class="bold">' . t('Note:') . '</span> ' . t('Please be patient while downloading pictures, this may take time (especially if you download a lot of photos at once).') . '</em></p>')); $oForm->addElement(new \PFBC\Element\Textarea(t('Description of your photo:'), 'description', array('validation' => new \PFBC\Validation\Str(2, 200)))); $oForm->addElement(new \PFBC\Element\Button()); $oForm->render(); }
public static function display() { if (isset($_POST['submit_edit_membership'])) { if (\PFBC\Form::isValid($_POST['submit_edit_membership'])) { new EditMembershipFormProcess(); } Framework\Url\HeaderUrl::redirect(); } $oMembership = (new PaymentModel())->getMemberships((new Http())->get('group_id', 'int')); $oForm = new \PFBC\Form('form_edit_membership', 600); $oForm->configure(array('action' => '')); $oForm->addElement(new \PFBC\Element\Hidden('submit_edit_membership', 'form_edit_membership')); $oForm->addElement(new \PFBC\Element\Token('membership')); $oForm->addElement(new \PFBC\Element\Textbox(t('Name:'), 'name', array('value' => $oMembership->name, 'required' => 1, 'validation' => new \PFBC\Validation\Str(2, 64)))); $oForm->addElement(new \PFBC\Element\Textarea(t('Description:'), 'description', array('value' => $oMembership->description, 'required' => 1, 'validation' => new \PFBC\Validation\Str(5, 255)))); $aDefPerms = (include dirname(__DIR__) . '/config/perms.inc.php'); $aDbPerms = unserialize($oMembership->permissions); $aPerms = array_merge($aDefPerms, $aDbPerms); // Update new permissions from perms.inc.php file foreach ($aPerms as $sKey => $sVal) { $sLabel = (new Str())->upperFirstWords(str_replace('_', ' ', $sKey)); $oForm->addElement(new \PFBC\Element\Select($sLabel, 'perms[' . $sKey . ']', array(1 => t('Yes'), 0 => t('No')), array('value' => $sVal))); } unset($aPerms); $oForm->addElement(new \PFBC\Element\Number(t('Price:'), 'price', array('description' => t('Currency: %0%. 0 = Free. To change the currency, please <a href="%1%">go to settings</a>.', Config::getInstance()->values['module.setting']['currency'], Uri::get('payment', 'admin', 'config')), 'value' => $oMembership->price, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Number(t('Expiration Days:'), 'expiration_days', array('description' => t('0 = Unlimited'), 'value' => $oMembership->expirationDays, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Radio(t('Active:'), 'enable', array(1 => t('Enabled'), 0 => t('Disabled')), array('value' => $oMembership->enable, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Button(t('Update'))); $oForm->render(); }
public function __construct() { parent::__construct(); $iForumId = $this->httpRequest->get('forum_id', 'int'); (new ForumModel())->updateForum($iForumId, $this->httpRequest->post('category_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $this->dateTime->get()->dateTime('Y-m-d H:i:s')); HeaderUrl::redirect(Uri::get('forum', 'forum', 'index'), t('Your message has been updated successfully!')); }
/** * @param integer $iWidth Width of the form in pixel. Default: 500 * @param boolean $bSetDevVals Set default values in the form fields, or not... Default: TRUE * @return void HTML output. */ public static function advanced($iWidth = 500, $bSetDevVals = true) { if ($bSetDevVals) { static::setAttrVals($bSetDevVals); } // Generate the Advanced Search form $oForm = new \PFBC\Form('form_search', $iWidth); $oForm->configure(array('action' => Uri::get('user', 'browse', 'index') . PH7_SH, 'method' => 'get')); $oForm->addElement(new \PFBC\Element\Hidden('submit_search', 'form_search')); $oForm->addElement(new \PFBC\Element\Select(t('I am a:'), 'match_sex', array('male' => t('Male'), 'female' => t('Woman'), 'couple' => t('Couple')), self::$aSexOption)); $oForm->addElement(new \PFBC\Element\Checkbox(t('Looking for:'), 'sex', array('female' => t('Woman'), 'male' => t('Male'), 'couple' => t('Couple')), self::$aMatchSexOption)); $oForm->addElement(new \PFBC\Element\Age(self::$aAgeOption)); $oForm->addElement(new \PFBC\Element\Country(t('Country:'), 'country', self::$aCountryOption)); $oForm->addElement(new \PFBC\Element\Textbox(t('City:'), 'city', self::$aCityOption)); $oForm->addElement(new \PFBC\Element\Textbox(t('State or Province:'), 'state', self::$aStateOption)); $oForm->addElement(new \PFBC\Element\Textbox(t('ZIP/Postal Code:'), 'zip_code', array('id' => 'str_zip_code'))); $oForm->addElement(new \PFBC\Element\Email(t('Email Address:'), 'mail')); $oForm->addElement(new \PFBC\Element\Checkbox('', 'avatar', array('1' => '<span class="bold">' . t('Only with Avatar') . '</span>'))); $oForm->addElement(new \PFBC\Element\Checkbox('', 'online', array('1' => '<span class="bold green2">' . t('Only Online') . '</span>'))); $oForm->addElement(new \PFBC\Element\Select(t('Browse By:'), 'order', array(SearchCoreModel::LATEST => t('Latest Members'), SearchCoreModel::LAST_ACTIVITY => t('Last Activity'), SearchCoreModel::VIEWS => t('Most Popular'), SearchCoreModel::RATING => t('Top Rated'), SearchCoreModel::USERNAME => t('Username'), SearchCoreModel::FIRST_NAME => t('First Name'), SearchCoreModel::LAST_NAME => t('Last Name'), SearchCoreModel::EMAIL => t('Email')))); $oForm->addElement(new \PFBC\Element\Select(t('Direction:'), 'sort', array(SearchCoreModel::DESC => t('Descending'), SearchCoreModel::ASC => t('Ascending')))); $oForm->addElement(new \PFBC\Element\Button(t('Search'), 'submit', array('icon' => 'search'))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'geo/autocompleteCity.js"></script>')); $oForm->render(); }
public static function display() { if (isset($_POST['submit_membership'])) { if (\PFBC\Form::isValid($_POST['submit_membership'])) { new MembershipFormProcess(); } Framework\Url\Header::redirect(); } $oForm = new \PFBC\Form('form_membership', 600); $oForm->configure(array('action' => '')); $oForm->addElement(new \PFBC\Element\Hidden('submit_membership', 'form_membership')); $oForm->addElement(new \PFBC\Element\Token('membership')); $oForm->addElement(new \PFBC\Element\Textbox(t('Name:'), 'name', array('required' => 1, 'validation' => new \PFBC\Validation\Str(2, 64)))); $oForm->addElement(new \PFBC\Element\Textarea(t('Description:'), 'description', array('required' => 1, 'validation' => new \PFBC\Validation\Str(5, 255)))); $aPerms = (include dirname(__DIR__) . PH7_DS . PH7_CONFIG . 'perms.inc.php'); foreach ($aPerms as $sKey => $sVal) { $sLabel = (new Str())->upperFirstWords(str_replace('_', ' ', $sKey)); $oForm->addElement(new \PFBC\Element\Select($sLabel, 'perms[' . $sKey . ']', array(1 => t('Yes'), 0 => t('No')), array('value' => $sVal))); } unset($aPerms); $oForm->addElement(new \PFBC\Element\Number(t('Price:'), 'price', array('description' => t('Currency: %0%. 0 = Free. To change the currency, please <a href="%1%">go to settings</a>.', Config::getInstance()->values['module.setting']['currency'], Uri::get('payment', 'admin', 'config')), 'step' => '0.01', 'required' => 1))); $oForm->addElement(new \PFBC\Element\Number(t('Expiration Days:'), 'expiration_days', array('description' => t('0 = Unlimited'), 'required' => 1))); $oForm->addElement(new \PFBC\Element\Radio(t('Active:'), 'enable', array(1 => t('Enabled'), 0 => t('Disabled')), array('value' => 1, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Button(t('Add'))); $oForm->render(); }
public function __construct() { parent::__construct(); /** * This can cause minor errors (eg if a user sent a file that is not a video). * So we hide the errors if we are not in development mode. */ if (!isDebug()) { error_reporting(0); } // Resizing and saving the video album thumbnail $oPicture = new Image($_FILES['album']['tmp_name']); if (!$oPicture->validate()) { \PFBC\Form::setError('form_video_album', Form::wrongImgFileTypeMsg()); } else { $iApproved = DbConfig::getSetting('videoManualApproval') == 0 ? '1' : '0'; $sFileName = Various::genRnd($oPicture->getFileName(), 1) . '-thumb.' . $oPicture->getExt(); (new VideoModel())->addAlbum($this->session->get('member_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $sFileName, $this->dateTime->get()->dateTime('Y-m-d H:i:s'), $iApproved); $iLastAlbumId = (int) Db::getInstance()->lastInsertId(); $oPicture->square(200); /* Set watermark text on thumbnail */ $sWatermarkText = DbConfig::getSetting('watermarkTextImage'); $iSizeWatermarkText = DbConfig::getSetting('sizeWatermarkTextImage'); $oPicture->watermarkText($sWatermarkText, $iSizeWatermarkText); $sPath = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'video/file/' . $this->session->get('member_username') . PH7_DS . $iLastAlbumId . PH7_DS; $this->file->createDir($sPath); $oPicture->save($sPath . $sFileName); /* Clean VideoModel Cache */ (new Framework\Cache\Cache())->start(VideoModel::CACHE_GROUP, null, null)->clear(); HeaderUrl::redirect(Uri::get('video', 'main', 'addvideo', $iLastAlbumId)); } }
public function __construct() { parent::__construct(); $aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'sex' => $this->httpRequest->post('sex'), 'time_zone' => $this->httpRequest->post('time_zone'), 'ip' => Ip::get()]; (new AdminModel())->add($aData); Header::redirect(Uri::get(PH7_ADMIN_MOD, 'admin', 'browse'), t('The administrator has been successfully added.')); }
public static function display() { if (isset($_POST['submit_admin_edit_account'])) { if (\PFBC\Form::isValid($_POST['submit_admin_edit_account'])) { new EditFormProcess(); } Framework\Url\Header::redirect(); } $oHR = new Http(); // Prohibit other administrators to edit the Root Administrator (ID 1) $iProfileId = $oHR->getExists('profile_id') && $oHR->get('profile_id', 'int') !== 1 ? $oHR->get('profile_id', 'int') : (new Session())->get('admin_id'); $oAdmin = (new AdminModel())->readProfile($iProfileId, 'Admins'); $oForm = new \PFBC\Form('form_admin_edit_account', 500); $oForm->configure(array('action' => '')); $oForm->addElement(new \PFBC\Element\Hidden('submit_admin_edit_account', 'form_admin_edit_account')); $oForm->addElement(new \PFBC\Element\Token('edit_account')); if ($oHR->getExists('profile_id') && $oHR->get('profile_id', 'int') !== 1) { $oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="center"><a class="s_button" href="' . Uri::get(PH7_ADMIN_MOD, 'admin', 'browse') . '">' . t('Return to back admins browse') . '</a></p>')); } unset($oHR); $oForm->addElement(new \PFBC\Element\Textbox(t('Username:'******'username', array('value' => $oAdmin->username, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Email(t('Login Email:'), 'mail', array('value' => $oAdmin->email, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Textbox(t('First Name:'), 'first_name', array('value' => $oAdmin->firstName, 'required' => 1, 'validation' => new \PFBC\Validation\Str(2, 20)))); $oForm->addElement(new \PFBC\Element\Textbox(t('Last Name:'), 'last_name', array('value' => $oAdmin->lastName, 'required' => 1, 'validation' => new \PFBC\Validation\Str(2, 20)))); $oForm->addElement(new \PFBC\Element\Radio(t('Sex:'), 'sex', array('male' => t('Male'), 'female' => t('Female')), array('value' => $oAdmin->sex, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Timezone('Time Zone:', 'time_zone', array('value' => $oAdmin->timeZone, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Button()); $oForm->render(); }
public function __construct() { parent::__construct(); $oBlog = new Blog(); $oBlogModel = new BlogModel(); if (!$oBlog->checkPostId($this->httpRequest->post('post_id'))) { \PFBC\Form::setError('form_blog', t('The ID of the article is invalid or incorrect.')); } else { $aData = ['post_id' => $this->httpRequest->post('post_id'), 'lang_id' => $this->httpRequest->post('lang_id'), 'title' => $this->httpRequest->post('title'), 'content' => $this->httpRequest->post('content', Http::ONLY_XSS_CLEAN), 'slogan' => $this->httpRequest->post('$slogan'), 'tags' => $this->httpRequest->post('tags'), 'page_title' => $this->httpRequest->post('page_title'), 'meta_description' => $this->httpRequest->post('meta_description'), 'meta_keywords' => $this->httpRequest->post('meta_keywords'), 'meta_robots' => $this->httpRequest->post('meta_robots'), 'meta_author' => $this->httpRequest->post('meta_author'), 'meta_copyright' => $this->httpRequest->post('meta_copyright'), 'enable_comment' => $this->httpRequest->post('enable_comment'), 'created_date' => $this->dateTime->get()->dateTime('Y-m-d H:i:s')]; if (!$oBlogModel->addPost($aData)) { $this->sMsg = t('An error occurred while adding the article.'); } else { /*** Set the categorie(s) ***/ /** * WARNING: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant, otherwise the Http::post() method * removes the special tags and damages the SQL queries for entry into the database. */ $iBlogId = Db::getInstance()->lastInsertId(); foreach ($this->httpRequest->post('category_id', Http::ONLY_XSS_CLEAN) as $iCategoryId) { $oBlogModel->addCategory($iCategoryId, $iBlogId); } /*** Set the thumbnail if there's one ***/ $oPost = $oBlogModel->readPost($aData['post_id']); $oBlog->setThumb($oPost, $this->file); /* Clean BlogModel Cache */ (new Framework\Cache\Cache())->start(BlogModel::CACHE_GROUP, null, null)->clear(); $this->sMsg = t('Post created successfully!'); } Header::redirect(Uri::get('blog', 'main', 'read', $this->httpRequest->post('post_id')), $this->sMsg); } }
public function __construct() { parent::__construct(); $iCategoryId = $this->httpRequest->get('category_id', 'int'); (new ForumModel())->updateCategory($iCategoryId, $this->httpRequest->post('title')); Header::redirect(Uri::get('forum', 'forum', 'index'), t('The Category has been updated successfully!')); }
public static function display() { if (isset($_POST['submit_edit_note'])) { if (\PFBC\Form::isValid($_POST['submit_edit_note'])) { new EditNoteFormProcess(); } Framework\Url\Header::redirect(); } // Generate edit form post of the note $oNoteModel = new NoteModel(); $iNoteId = (new Http())->get('id', 'int'); $iProfileId = (new Session())->get('member_id'); $sPostId = $oNoteModel->getPostId($iNoteId); $oPost = $oNoteModel->readPost($sPostId, $iProfileId); if (!empty($oPost) && (new Str())->equals($iNoteId, $oPost->noteId)) { $oCategoriesData = $oNoteModel->getCategory(null, 0, 300); $aCategoriesName = array(); foreach ($oCategoriesData as $oId) { $aCategoriesName[$oId->categoryId] = $oId->name; } $aSelectedCategories = array(); $oCategoryId = $oNoteModel->getCategory($iNoteId, 0, 300); unset($oNoteModel); foreach ($oCategoryId as $iId) { $aSelectedCategories[] = $iId->categoryId; } $oForm = new \PFBC\Form('form_note', 650); $oForm->configure(array('action' => '')); $oForm->addElement(new \PFBC\Element\Hidden('submit_edit_note', 'form_note')); $oForm->addElement(new \PFBC\Element\Token('edit_note')); $oForm->addElement(new \PFBC\Element\Textbox(t('Title of article:'), 'title', array('value' => $oPost->title, 'validation' => new \PFBC\Validation\Str(2, 100), 'required' => 1))); $oForm->addElement(new \PFBC\Element\Textbox(t('Article ID:'), 'post_id', array('value' => $oPost->postId, 'description' => Uri::get('note', 'main', 'read', (new Session())->get('member_username')) . '/<strong><span class="your-address">' . $oPost->postId . '</span><span class="post_id"></span></strong>', 'title' => t('Article ID will be the name of the url.'), 'data-profile_id' => $iProfileId, 'id' => 'post_id', 'validation' => new \PFBC\Validation\Str(2, 60), 'required' => 1))); $oForm->addElement(new \PFBC\Element\HTMLExternal('<div class="label_flow">')); $oForm->addElement(new \PFBC\Element\Checkbox(t('Categories:'), 'category_id', $aCategoriesName, array('description' => t('Select a category that best fits your article. You can select up to three different categories'), 'value' => $aSelectedCategories, 'required' => 1))); $oForm->addElement(new \PFBC\Element\HTMLExternal('</div>')); $oForm->addElement(new \PFBC\Element\CKEditor(t('Contents:'), 'content', array('value' => $oPost->content, 'description' => t('Content of the article'), 'validation' => new \PFBC\Validation\Str(30), 'required' => 1))); $oForm->addElement(new \PFBC\Element\Textbox(t('The language of your post:'), 'lang_id', array('value' => $oPost->langId, 'description' => t('EX: "en", "fr", "es", "js"'), 'validation' => new \PFBC\Validation\Str(2, 2), 'required' => 1))); $oForm->addElement(new \PFBC\Element\Textbox(t('Slogan:'), 'slogan', array('value' => $oPost->slogan, 'validation' => new \PFBC\Validation\Str(2, 200)))); $oForm->addElement(new \PFBC\Element\File(t('Thumbnail:'), 'thumb', array('accept' => 'image/*'))); if (!empty($oPost->thumb)) { $oForm->addElement(new \PFBC\Element\HTMLExternal('<p><br /><img src="' . PH7_URL_DATA_SYS_MOD . 'note/' . PH7_IMG . $oPost->username . PH7_SH . $oPost->thumb . '" alt="' . t('Thumbnail') . '" title="' . t('The current thumbnail of your post.') . '" class="avatar" /></p>')); } if (!empty($oPost->thumb)) { $oForm->addElement(new \PFBC\Element\HTMLExternal('<a href="' . Uri::get('note', 'main', 'removethumb', $oPost->noteId . (new Token())->url(), false) . '">' . t('Remove this thumbnail?') . '</a>')); } $oForm->addElement(new \PFBC\Element\Textbox(t('Tags:'), 'tags', array('value' => $oPost->tags, 'description' => t('Separate keywords by commas and without spaces between the commas.'), 'validation' => new \PFBC\Validation\Str(2, 200)))); $oForm->addElement(new \PFBC\Element\Textbox(t('Title (meta tag):'), 'page_title', array('value' => $oPost->pageTitle, 'validation' => new \PFBC\Validation\Str(2, 100), 'required' => 1))); $oForm->addElement(new \PFBC\Element\Textbox(t('Description (meta tag):'), 'meta_description', array('validation' => new \PFBC\Validation\Str(2, 200), 'value' => $oPost->metaDescription))); $oForm->addElement(new \PFBC\Element\Textbox(t('Keywords (meta tag):'), 'meta_keywords', array('description' => t('Separate keywords by commas and without spaces between the commas.'), 'validation' => new \PFBC\Validation\Str(2, 200), 'value' => $oPost->metaKeywords))); $oForm->addElement(new \PFBC\Element\Textbox(t('Robots (meta tag):'), 'meta_robots', array('validation' => new \PFBC\Validation\Str(2, 50), 'value' => $oPost->metaRobots))); $oForm->addElement(new \PFBC\Element\Textbox(t('Author (meta tag):'), 'meta_author', array('validation' => new \PFBC\Validation\Str(2, 50), 'value' => $oPost->metaAuthor))); $oForm->addElement(new \PFBC\Element\Textbox(t('Copyright (meta tag):'), 'meta_copyright', array('validation' => new \PFBC\Validation\Str(2, 50), 'value' => $oPost->metaCopyright))); $oForm->addElement(new \PFBC\Element\Radio(t('Enable Comment:'), 'enable_comment', array('1' => t('Enable'), '0' => t('Disable')), array('value' => $oPost->enableComment, 'required' => 1))); $oForm->addElement(new \PFBC\Element\Button()); $oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_TPL_SYS_MOD . 'note/' . PH7_TPL . PH7_TPL_MOD_NAME . PH7_SH . PH7_JS . 'common.js"></script>')); $oForm->render(); } else { echo '<p class="center bold">' . t('Post Not Found!') . '</p>'; } }
/** * Send an email. * * @param array $aInfo * @param boolean $bIsUniversalLogin Default: FALSE * @return object this */ public function sendMail(array $aInfo, $bIsUniversalLogin = false) { switch ($this->iActiveType) { case 1: $sEmailMsg = t('Please %0% now to meet new people!', '<a href="' . Uri::get('user', 'main', 'login') . '"><b>' . t('log in') . '</b></a>'); break; case 2: /** We place the text outside of Uri::get() otherwise special characters will be deleted and the parameters passed in the url will be unusable thereafter. **/ $sActivateLink = Uri::get('user', 'account', 'activate') . PH7_SH . $aInfo['email'] . PH7_SH . $aInfo['hash_validation']; $sEmailMsg = t('Activation link: %0%.', '<a href="' . $sActivateLink . '">' . $sActivateLink . '</a>'); break; case 3: $sEmailMsg = t('Caution! Your account is not activated yet. You will receive an email of any decision.'); break; default: $sEmailMsg = ''; } $sPwdMsg = $bIsUniversalLogin ? t('Password: %0% (please change it next time you login).', $aInfo['password']) : t('Password: ****** (This field is hidden to protect against theft of your account. If you have forgotten your password, please request a new one <a href="%0%">here</a>).', Uri::get('user', 'main', 'forgot')); $this->view->content = t('Welcome to %site_name%, %0%!', $aInfo['first_name']) . '<br />' . t('Hi %0%! We are proud to welcome you as a member of %site_name%!', $aInfo['first_name']) . '<br />' . $sEmailMsg . '<br />' . '<br /><span style="text-decoration:underline">' . t('Please save the following information for future refenrence:') . '</span><br /><em>' . t('Email: %0%.', $aInfo['email']) . '<br />' . t('Username: %0%.', $aInfo['username']) . '<br />' . $sPwdMsg . '</em>'; $this->view->footer = t('You are receiving this mail because we received an application for registration with the email "%0%" has been provided in the form of %site_name% (%site_url%).', $aInfo['email']) . '<br />' . t('If you think someone has used your email address without your knowledge to create an account on %site_name%, please contact us using our contact form available on our website.'); $sTplName = defined('PH7_TPL_NAME') ? PH7_TPL_NAME : PH7_DEFAULT_THEME; $sMsgHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . $sTplName . '/mail/sys/mod/user/account_registration.tpl', $aInfo['email']); $aMailInfo = ['to' => $aInfo['email'], 'subject' => t('Hello %0%, Welcome to %site_name%!', $aInfo['first_name'])]; (new Framework\Mail\Mail())->send($aMailInfo, $sMsgHtml); return $this; }
/** * @param object $oMembership The Object Membership Model. * @return void */ public function button2CheckOut($oMembership) { $o2CO = new TwoCO($this->config->values['module.setting']['sandbox.enabled']); $o2CO->param('sid', $this->config->values['module.setting']['2co.vendor_id'])->param('id_type', 1)->param('cart_order_id', $oMembership->groupId)->param('merchant_order_id', $oMembership->groupId)->param('c_prod', $oMembership->groupId)->param('c_price', $oMembership->price)->param('total', $oMembership->price)->param('c_name', $this->registry->site_name . ' ' . $oMembership->name)->param('tco_currency', $this->config->values['module.setting']['currency'])->param('c_tangible', 'N')->param('x_receipt_link_url', Uri::get('payment', 'main', 'process', '2co')); echo '<form action="', $o2CO->getUrl(), '" method="post">', $o2CO->generate(), '<button type="submit" name="submit">', static::buyTxt($oMembership->name, '2CO'), '</button> </form>'; unset($o2CO); }
public function __construct() { parent::__construct(); $sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d'); $aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'middle_name' => $this->httpRequest->post('middle_name'), 'sex' => $this->httpRequest->post('sex'), 'birth_date' => $sBirthDate, 'country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'phone' => $this->httpRequest->post('phone'), 'description' => $this->httpRequest->post('description'), 'website' => $this->httpRequest->post('website'), 'bank_account' => $this->httpRequest->post('bank_account'), 'ip' => Ip::get()]; (new AffiliateModel())->add($aData); Header::redirect(Uri::get('affiliate', 'admin', 'browse'), t('The affiliate has been successfully added.')); }
public function __construct() { parent::__construct(); (new AdsCoreModel())->add($_POST['title'], $_POST['code'], 'AdsAffiliates'); /* Clean Model\Design for STATIC data */ (new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear(); Header::redirect(Uri::get('affiliate', 'admin', 'ads'), t('The Advertisements was added successfully!')); }
public function yesDelete() { if (!$this->session->exists('yes_delete')) { Header::redirect(Uri::get('affiliate', 'account', 'delete')); } else { $this->output(); } }
private function removeThumb($iId) { if (!(new Framework\Security\CSRF\Token())->checkUrl()) { exit(Form::errorTokenMsg()); } (new Blog())->deleteThumb($iId, 'blog', $this->file); HeaderUrl::redirect(Uri::get('blog', 'admin', 'edit', $iId), t('The thumbnail has been deleted successfully!')); }
public function __construct() { parent::__construct(); if (!AdminCore::auth()) { // For security reasons, we do not redirectionnons the user to hide the url of the administrative part. Header::redirect(Uri::get('user', 'main', 'login'), $this->adminSignInMsg(), 'error'); } }
public function __construct() { parent::__construct(); $iForumId = $this->httpRequest->get('forum_id', 'int'); $iTopicId = $this->httpRequest->get('topic_id', 'int'); (new ForumModel())->updateTopic($this->session->get('member_id'), $iTopicId, $this->httpRequest->post('title'), $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN), $this->dateTime->get()->dateTime('Y-m-d H:i:s')); Header::redirect(Uri::get('forum', 'forum', 'post', $this->httpRequest->get('forum_name') . ',' . $iForumId . ',' . $this->httpRequest->post('title') . ',' . $iTopicId), t('Your message has been updated successfully!')); }
public function __construct() { parent::__construct(); $sIp = Ip::get(); $oAdminModel = new AdminModel(); $oSecurityModel = new SecurityModel(); $sEmail = $this->httpRequest->post('mail'); $sUsername = $this->httpRequest->post('username'); $sPassword = $this->httpRequest->post('password'); /*** Security IP Login ***/ $sIpLogin = DbConfig::getSetting('ipLogin'); /*** Check if the connection is not locked ***/ $bIsLoginAttempt = (bool) DbConfig::getSetting('isAdminLoginAttempt'); $iMaxAttempts = (int) DbConfig::getSetting('maxAdminLoginAttempts'); $iTimeDelay = (int) DbConfig::getSetting('loginAdminAttemptTime'); if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Admins')) { \PFBC\Form::setError('form_admin_login', Form::loginAttemptsExceededMsg($iTimeDelay)); return; // Stop execution of the method. } /*** Check Login ***/ $bIsLogged = $oAdminModel->adminLogin($sEmail, $sUsername, $sPassword); $bIsIpBanned = !empty($sIpLogin) && $sIpLogin !== $sIp; if (!$bIsLogged || $bIsIpBanned) { sleep(2); // Security against brute-force attack to avoid drowning the server and the database if (!$bIsLogged) { $oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Incorrect Email, Username or Password', 'Admins'); if ($bIsLoginAttempt) { $oSecurityModel->addLoginAttempt('Admins'); } $this->session->set('captcha_admin_enabled', 1); // Enable Captcha \PFBC\Form::setError('form_admin_login', t('"Email", "Username" or "Password" is Incorrect')); } elseif ($bIsIpBanned) { $this->session->set('captcha_admin_enabled', 1); // Enable Captcha \PFBC\Form::setError('form_admin_login', t('Incorrect Login!')); $oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Bad Ip adress', 'Admins'); } } else { $oSecurityModel->clearLoginAttempts('Admins'); $this->session->remove('captcha_admin_enabled'); // Is disconnected if the user is logged on as "user" or "affiliate". if (UserCore::auth() || AffiliateCore::auth()) { $this->session->destroy(); } $iId = $oAdminModel->getId($sEmail, null, 'Admins'); $oAdminData = $oAdminModel->readProfile($iId, 'Admins'); // Regenerate the session ID to prevent the session fixation $this->session->regenerateId(); $aSessionData = array('admin_id' => $oAdminData->profileId, 'admin_email' => $oAdminData->email, 'admin_username' => $oAdminData->username, 'admin_first_name' => $oAdminData->firstName, 'admin_ip' => $sIp, 'admin_http_user_agent' => $this->browser->getUserAgent(), 'admin_token' => Various::genRnd($oAdminData->email)); $this->session->set($aSessionData); $oSecurityModel->addLoginLog($sEmail, $sUsername, '*****', 'Logged in!', 'Admins'); $oAdminModel->setLastActivity($oAdminData->profileId, 'Admins'); HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'index'), t('You signup is successfully!')); } }