function checkPostValueForSystem($aItem, $mValue) { switch ($aItem['Name']) { case 'Captcha': return $this->checkCaptcha($mValue) ? true : _t('_Captcha check failed'); break; case 'Status': if (!in_array($mValue, $aItem['Values'])) { return 'Status hack attempt!'; } break; case 'TermsOfUse': $i = getParam(base64_decode('c3lzX2FudGlzcGFtX3NtYXJ0X2NoZWNr')) && bx_get('do_submit'); bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join') || $i || $oBxDolStopForumSpam->isSpammer(array('email' => $_POST['Email'][0], 'ip' => getVisitorIP(false)), 'join')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } else { return $mValue ? true : _t('_You must agree with terms of use'); } break; case 'ProfilePhoto': if ($aItem['Mandatory'] && is_null($mValue)) { return _t('_Please specify image file'); } if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { return true; } $sFileName = $GLOBALS['dir']['tmp'] . $mValue; if ($mValue && !file_exists($sFileName)) { // hack attempt return 'No way! File not exists: ' . $sFileName; } $aSize = @getimagesize($sFileName); if ($mValue && !$aSize) { @unlink($sFileName); return _t('_Please specify image file'); } if ($mValue && $aSize[2] != IMAGETYPE_GIF && $aSize[2] != IMAGETYPE_JPEG && $aSize[2] != IMAGETYPE_PNG) { unlink($sFileName); return _t('_Please specify image of JPEG, GIF or PNG format'); } return true; break; } return true; }
/** * Create new profile; * * @param : $aProfileInfo (array) - remote profile's information; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { $sCountry = ''; $sCity = ''; // join by invite only if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { return _t('_registration by invitation only'); } // convert fields $aProfileFields = $this->_convertRemoteFields($aProfileInfo, $sAlternativeName); if (empty($aProfileFields['Email'])) { return _t('_Incorrect Email'); } // antispam check bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join oauth') || $oBxDolStopForumSpam->isSpammer(array('email' => $aProfileFields['Email'], 'ip' => getVisitorIP(false)), 'join oauth')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } // add some system values $sNewPassword = genRndPwd(); $sPasswordSalt = genRndSalt(); $aProfileFields['Password'] = encryptUserPwd($sNewPassword, $sPasswordSalt); $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; // set default privacy bx_import('BxDolPrivacyQuery'); $oPrivacy = new BxDolPrivacyQuery(); $aProfileFields['allow_view_to'] = $oPrivacy->getDefaultValueModule('profile', 'view_block'); // check if user with the same email already exists $iExistingProfileId = $this->_oDb->isEmailExisting($aProfileFields['Email']); // check redirect page if ('join' == $this->_oConfig->sRedirectPage && !$iExistingProfileId) { return array('remote_profile_info' => $aProfileInfo, 'profile_fields' => $aProfileFields, 'join_page_redirect' => true); } // create new profile if ($iExistingProfileId) { $iProfileId = $iExistingProfileId; } else { $iProfileId = $this->_oDb->createProfile($aProfileFields); } $oProfileFields = new BxDolProfilesController(); // remember remote profile id for created member $this->_oDb->saveRemoteId($iProfileId, $aProfileInfo['id']); // check profile status; if (!$iExistingProfileId) { if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); // send email notification if (!empty($aProfileInfo['email'])) { $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate($this->_oConfig->sEmailTemplatePasswordGenerated, $iProfileId); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => getNickName($aNewProfileInfo['ID']), 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } // update location if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iProfileId)); } // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); } // store IP bx_member_ip_store($iProfileId); // auto-friend members if they are already friends on remote site if ($isAutoFriends && method_exists($this, '_makeFriends')) { $this->_makeFriends($iProfileId); } // set logged if ($isSetLoggedIn) { $aProfile = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfile['Password'], '', false); } return array('remote_profile_info' => $aProfileInfo, 'profile_id' => $iProfileId, 'existing_profile' => $iExistingProfileId ? true : false); }
/** * Create new profile; * * @param : $aProfileInfo (array) - some profile's information; * @see : $this -> aFacebookProfileFields; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { //print_r($aProfileInfo); exit; $sCountry = ''; $sCity = ''; //-- join by invite only --// if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { return _t('_registration by invitation only'); } //-- // process the date of birth; if (isset($aProfileInfo['birthday'])) { $aProfileInfo['birthday'] = isset($aProfileInfo['birthday']) ? date('Y-m-d', strtotime($aProfileInfo['birthday'])) : ''; } // generate new password for profile; //$sNewPassword = genRndPwd(); //$sPasswordSalt = genRndSalt(); //$aProfileInfo['password'] = encryptUserPwd($sNewPassword,$sPasswordSalt); $aProfileInfo['password'] = md5(""); //-- define user's country and city --// $aLocation = array(); if (isset($aProfileInfo['location']['name'])) { $aLocation = $aProfileInfo['location']['name']; } else { if (isset($aProfileInfo['hometown']['name'])) { $aLocation = $aProfileInfo['hometown']['name']; } } $sCity = ""; $sCountry = ""; if ($aLocation) { $aCountryInfo = explode(',', $aLocation); $sCountry = $this->_oDb->getCountryCode(trim($aCountryInfo[1])); $sCity = trim($aCountryInfo[0]); //set default country name, especially for American brothers if ($sCity && !$sCountry) { $sCountry = $this->_oConfig->sDefaultCountryCode; } } //-- //try define the user's email $sEmail = !empty($aProfileInfo['email']) ? $aProfileInfo['email'] : $aProfileInfo['proxied_email']; //print_r($sEmail);exit; //check email if ($this->_oDb->isEmailExisting($sEmail)) { return _t('_bx_facebook_error_email'); } //ini_set("display_errors", "1"); //print_r($aProfileInfo); exit; //-- fill array with all needed values --// $aProfileFields = array('FacebookProfile' => $aProfileInfo['id'], 'NickName' => $aProfileInfo['nick_name'] . $sAlternativeName, 'Email' => $sEmail, 'Sex' => isset($aProfileInfo['gender']) ? $aProfileInfo['gender'] : '', 'DateOfBirth' => isset($aProfileInfo['birthday']) ? $aProfileInfo['birthday'] : '', 'Password' => isset($aProfileInfo['password']) ? $aProfileInfo['password'] : '', 'FirstName' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'LastName' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'DescriptionMe' => isset($aProfileInfo['bio']) ? $aProfileInfo['bio'] : '', 'Interests' => isset($aProfileInfo['interests']) ? $aProfileInfo['interests'] : '', 'Religion' => isset($aProfileInfo['religion']) ? $aProfileInfo['religion'] : '', 'Country' => $sCountry, 'City' => $sCity); //-- $aEdirectoryProfileFields = array('facebook_uid' => $aProfileInfo['id'], 'nickname' => $aProfileInfo['nick_name'] . $sAlternativeName, 'personal_message' => isset($aProfileInfo['bio']) ? $aProfileInfo['bio'] : '', 'facebook_image' => isset($aProfileInfo['picture']) ? $aProfileInfo['picture'] : '', 'facebook_image_width' => '100', 'facebook_image_height' => '100', 'location' => $sCity); $thisusername = $aProfileInfo['first_name'] . $aProfileInfo['last_name']; //$thisusername = utf8_encode ( $thisusername ); $aAccountFields = array('facebook_username' => "facebook::" . $thisusername . "_" . $aProfileInfo['id'], 'username' => "facebook::" . $thisusername . "_" . $aProfileInfo['id'], 'has_profile' => 'y', 'active' => 'y', 'foreignaccount' => 'y', 'foreignaccount_done' => 'y', 'password' => isset($aProfileInfo['password']) ? $aProfileInfo['password'] : '', 'updated' => date('Y-m-d H:i:s'), 'entered' => date('Y-m-d H:i:s'), 'agree_tou' => '1'); $aAccountProfileContactFields = array('username' => "facebook::" . $thisusername . "_" . $aProfileInfo['id'], 'has_profile' => 'y', 'nickname' => $aProfileInfo['first_name'] . " " . $aProfileInfo['last_name'], 'first_name' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'last_name' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'facebook_image_width' => '100', 'facebook_image_height' => '100'); $aContactFields = array('email' => $sEmail, 'first_name' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'last_name' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'country' => $sCountry, 'city' => $sCity); bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join facebook') || $oBxDolStopForumSpam->isSpammer(array('email' => $aProfileFields['Email'], 'ip' => getVisitorIP(false)), 'join facebook')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } //-- add some system values --// $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; //-- //check redirect page if ('join' == $this->_oConfig->sRedirectPage) { return array('profile_info_fb' => $aProfileInfo, 'profile_fields' => $aProfileFields, 'join_page_redirect' => true); } // create new profile; $iProfileId = $this->_oDb->createProfile($aProfileFields); $this->_oDb->EdirctorycreateProfile($aAccountFields, $aEdirectoryProfileFields, $aContactFields, $aAccountProfileContactFields); $oProfileFields = new BxDolProfilesController(); //remember FB uid for created member $this->_oDb->saveFbUid($iProfileId, $aProfileInfo['id']); // check profile status; if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); if (!empty($aProfileInfo['email'])) { //-- send email notification --// $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate('t_fb_connect_password_generated'); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => getNickName($aNewProfileInfo['ID']), 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } //-- bx_member_ip_store($iProfileId); if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iProfileId)); } // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); // auto-friend members if they are already friends on Facebook if ($isAutoFriends) { $this->_makeFriends($iProfileId); } // set logged if ($isSetLoggedIn) { $aProfile = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfile['Password'], '', false); } return array('profile_info_fb' => $aProfileInfo, 'profile_id' => $iProfileId); }
function check_login($ID, $passwd, $iRole = BX_DOL_ROLE_MEMBER, $error_handle = true) { $ID = (int) $ID; if (!$ID) { if ($error_handle) { login_form(_t("_PROFILE_ERR"), $member); } return false; } switch ($iRole) { case BX_DOL_ROLE_MEMBER: $member = 0; break; case BX_DOL_ROLE_ADMIN: $member = 1; break; } $aProfile = getProfileInfo($ID); // If no such members if (!$aProfile) { if ($error_handle) { login_form(_t("_PROFILE_ERR"), $member); } return false; } // If password is incorrect if (strcmp($aProfile['Password'], $passwd) != 0) { if ($error_handle) { login_form(_t("_INVALID_PASSWD"), $member); } return false; } if (!((int) $aProfile['Role'] & $iRole)) { if ($error_handle) { login_form(_t("_INVALID_ROLE"), $member); } return false; } if ((int) $aProfile['Role'] & BX_DOL_ROLE_ADMIN || (int) $aProfile['Role'] & BX_DOL_ROLE_MODERATOR) { if ('on' != getParam('ext_nav_menu_enabled')) { update_date_lastnav($ID); } return true; } // if IP is banned if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked() || 'on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'login')) { if ($error_handle) { $GLOBALS['_page']['name_index'] = 55; $GLOBALS['_page']['css_name'] = ''; $GLOBALS['_ni'] = $GLOBALS['_page']['name_index']; $GLOBALS['_page_cont'][$GLOBALS['_ni']]['page_main_code'] = MsgBox(_t('_Sorry, your IP been banned')); PageCode(); } return false; } // if profile is banned if (isLoggedBanned($aProfile['ID'])) { if ($error_handle) { $GLOBALS['_page']['name_index'] = 55; $GLOBALS['_page']['css_name'] = ''; $GLOBALS['_ni'] = $GLOBALS['_page']['name_index']; $GLOBALS['_page_cont'][$GLOBALS['_ni']]['page_main_code'] = MsgBox(_t('_member_banned')); PageCode(); } return false; } if ('on' != getParam('ext_nav_menu_enabled')) { update_date_lastnav($ID); } return true; }
function checkPostValueForSystem($aItem, $mValue) { switch ($aItem['Name']) { case 'Captcha': return $this->checkCaptcha($mValue) ? true : _t('_Captcha check failed'); break; case 'Status': if (!in_array($mValue, $aItem['Values'])) { return 'Status hack attempt!'; } break; case 'TermsOfUse': if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked() || 'on' == getParam('sys_dnsbl_enable') && bx_is_ip_dns_blacklisted('', 'join')) { return _t('_Sorry, your IP been banned'); } else { return $mValue ? true : _t('_You must agree with terms of use'); } break; case 'thumb': if ($aItem['Mandatory'] && is_null($mValue)) { return _t('_Please specify image file'); } if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { return true; } $sFileName = $GLOBALS['dir']['tmp'] . $mValue; if ($mValue && !file_exists($sFileName)) { // hack attempt return 'No way! File not exists: ' . $sFileName; } $aSize = @getimagesize($sFileName); if ($mValue && !$aSize) { @unlink($sFileName); return _t('_Please specify image file'); } if ($mValue && $aSize[2] != IMAGETYPE_GIF && $aSize[2] != IMAGETYPE_JPEG && $aSize[2] != IMAGETYPE_PNG) { unlink($sFileName); return _t('_Please specify image of JPEG, GIF or PNG format'); } return true; break; } return true; }
$oSysTemplate->addCssSystem(array('default.css', 'common.css', 'common_phone.css', 'common_tablet.css', 'general.css', 'general_phone.css', 'anchor.css', 'forms_adv.css', 'join.css', 'login_form.css', 'top_menu.css', 'icons.css', 'loading.css')); //--- Add default JS ---// $oSysTemplate->addJsSystem(array('jquery.js', 'jquery-migrate.min.js', 'jquery.jfeed.js', 'jquery.embedly.min.js', 'jquery.ui.core.min.js', 'jquery.ui.widget.min.js', 'jquery.ui.position.min.js', 'jquery.ui.tabs.min.js', 'functions.js', 'jquery.dolRSSFeed.js', 'jquery.float_info.js', 'jquery.webForms.js', 'jquery.form.min.js', 'jquery.dolEmbedly.js', 'jquery.dolPopup.js', 'jquery.dolRetina.js', 'common_anim.js', 'join.js', 'login.js', 'BxDolVoting.js', 'user_status.js', 'jquery.cookie.min.js')); //--- Add default language keys in JS output ---// $oSysTemplate->addJsTranslation(array('_Counter', '_PROFILE_ERR', '_sys_txt_btn_loading', '_Errors in join form')); $oSysTemplate->addJsOption(array('sys_embedly_key')); //--- Add default images in JS output ---// //$oSysTemplate->addJsImage(array()); /** * Backward compatibility. * * @deprecated */ $tmpl = $oSysTemplate->getCode(); require_once BX_DIRECTORY_PATH_ROOT . "templates/tmpl_" . $tmpl . "/scripts/BxTemplConfig.php"; $oTemplConfig = new BxTemplConfig($site); //--- Initialize template's engine ---// //--- Add forms' CSS/JS for its correct work in Login/Join popup ---// if (!isLogged()) { bx_import('BxTemplFormView'); $oForm = new BxTemplFormView(array()); $oForm->addCssJs(true, true); } if (defined('BX_PROFILER') && BX_PROFILER) { require_once BX_DIRECTORY_PATH_MODULES . 'boonex/profiler/classes/BxProfiler.php'; } // if IP is banned - total block if ((int) getParam('ipBlacklistMode') == 1 && bx_is_ip_blocked()) { echo _t('_Sorry, your IP been banned'); exit; }