/** * Parse query results * * Loop through the query results and assign them to the * result array. $cb is the reference function which is to be * called to generate a proper URI. * @param object $rs * @param reference $cb */ private function parseResults($rs, $cb) { while (!$rs->EOF) { $this->results[] = array("uri" => $this->{$cb}($rs->fields['id']), "title" => contrexx_stripslashes($rs->fields['title']), "id" => contrexx_stripslashes($rs->fields['id'])); $rs->MoveNext(); } }
/** * Constructor * * Gets the options */ function __construct() { if (!isset($_POST['import_options_csv_separator'])) { return false; } $this->separator = contrexx_stripslashes($_POST['import_options_csv_separator']); if ($this->separator == '\\t') { $this->separator = "\t"; } if (strlen($_POST['import_options']) == 1) { $this->enclosure = $_POST['import_options_csv_enclosure']; } }
function showImport($step, $objTpl) { global $_ARRAYLANG, $_CORELANG, $_LANGID, $objDatabase; $objTpl->addBlockfile($this->moduleLangVar . '_INTERFACES_CONTENT', 'interfaces_content', 'module_' . $this->moduleNameLC . '_interfaces_import.html'); $objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_FROM_DATABASE' => $_ARRAYLANG['TXT_MEDIADIR_FROM_DATABASE'], 'TXT_' . $this->moduleLangVar . '_FROM_FILE' => $_ARRAYLANG['TXT_MEDIADIR_FROM_FILE'])); switch ($step) { case 'assignCols': $objTpl->hideBlock($this->moduleNameLC . 'InterfacesImportSqlSetTable'); $tableName = contrexx_stripslashes($_POST['interfacesImportSqlTable']); $formId = intval($_POST['interfacesImportSqlForm']); $formId = 15; $categoryId = intval($_POST['interfacesImportSqlCategory']); $categoryId = 162; $objResult = $objDatabase->Execute('SHOW FIELDS FROM ' . $tableName); while (!$objResult->EOF) { $avaiableCols .= '<option value="' . $objResult->fields['Field'] . '">' . $objResult->fields['Field'] . '</option>'; $objResult->MoveNext(); } $objInputfield = new MediaDirectoryInputfield($formId, false, null, $this->moduleName); foreach ($objInputfield->arrInputfields as $key => $inputfield) { if ($key != 1 && $key != 2) { $givenCols .= '<option value="' . $inputfield['id'] . '">' . $inputfield['name'][0] . '</option>'; } } $objTpl->setVariable(array($this->moduleLangVar . '_INTERFACES_IMPORT_SQL_TABLE_COLS' => $avaiableCols, $this->moduleLangVar . '_INTERFACES_IMPORT_SQL_GIVEN_COLS' => $givenCols, $this->moduleLangVar . '_INTERFACES_IMPORT_SQL_TABLE_NANE' => $tableName, $this->moduleLangVar . '_INTERFACES_IMPORT_SQL_FORM_ID' => $formId, $this->moduleLangVar . '_INTERFACES_IMPORT_SQL_CATEGORY_ID' => $categoryId)); $objTpl->parse($this->moduleNameLC . 'InterfacesImportSqlAssignCols'); break; default: $objTpl->hideBlock($this->moduleNameLC . 'InterfacesImportSqlAssignCols'); $objResult = $objDatabase->Execute('SHOW TABLE STATUS LIKE "%"'); while (!$objResult->EOF) { $dbName = $objResult->fields['Name']; $avaiableTables .= '<option value="' . $dbName . '">' . $dbName . '</option>'; $objResult->MoveNext(); } $objTpl->setVariable(array($this->moduleLangVar . '_INTERFACES_IMPORT_SQL_TABLES' => $avaiableTables)); $objTpl->parse($this->moduleNameLC . 'InterfacesImportSqlSetTable'); break; } $objTpl->parse('interfaces_content'); }
/** * Reads $_GET['cmd'] and selects (depending on the value) an action */ function getPage() { if (isset($_GET['act'])) { if ($_GET['act'] == "shadowbox") { $this->shadowbox(); } } if (!isset($_GET['cmd'])) { $_GET['cmd'] = ''; } else { $this->curCmd = $_GET['cmd']; } if (isset($_GET['cid'])) { $this->showCategory($_GET['cid']); } elseif (isset($_GET['id'])) { $this->showDetails($_GET['id']); } elseif ($this->curCmd == 'search') { $this->showSearch(isset($_POST['term']) ? contrexx_stripslashes($_POST['term']) : ''); } else { $this->showCategoryOverview(); } return $this->_objTpl->get(); }
/** * @override */ public function handleRequest() { // Get parameters $chunk = $_POST['partitionIndex']; $chunks = $_POST['partitionCount']; $fileName = contrexx_stripslashes($_FILES['file']['name']); $fileCount = $_GET['files']; // check if the file has a valid file extension if (\FWValidator::is_file_ending_harmless($fileName)) { try { $this->addChunk($fileName, $chunk, $chunks); } catch (UploaderException $e) { die('Error:' . $e->getMessage()); } if ($chunk == $chunks - 1) { //upload of current file finished $this->handleCallback($fileCount); } } else { $this->addHarmfulFileToResponse($fileName); } die(0); }
private function processCreateDirectory($objCategory) { if (empty($_POST['downloads_category_name'])) { return; } else { $name = contrexx_stripslashes($_POST['downloads_category_name']); } \Cx\Core\Csrf\Controller\Csrf::check_code(); // check for sufficient permissiosn if ($objCategory->getAddSubcategoriesAccessId() && !\Permission::checkAccess($objCategory->getAddSubcategoriesAccessId(), 'dynamic', true) && $objCategory->getOwnerId() != $this->userId) { return; } // parse name and description attributres $arrLanguageIds = array_keys(\FWLanguage::getLanguageArray()); foreach ($arrLanguageIds as $langId) { $arrNames[$langId] = $name; $arrDescriptions[$langId] = ''; } $objSubcategory = new Category(); $objSubcategory->setParentId($objCategory->getId()); $objSubcategory->setActiveStatus(true); $objSubcategory->setVisibility($objCategory->getVisibility()); $objSubcategory->setNames($arrNames); $objSubcategory->setDescriptions($arrDescriptions); $objSubcategory->setPermissions(array('read' => array('protected' => (bool) $objCategory->getAddSubcategoriesAccessId(), 'groups' => array()), 'add_subcategories' => array('protected' => (bool) $objCategory->getAddSubcategoriesAccessId(), 'groups' => array()), 'manage_subcategories' => array('protected' => (bool) $objCategory->getAddSubcategoriesAccessId(), 'groups' => array()), 'add_files' => array('protected' => (bool) $objCategory->getAddSubcategoriesAccessId(), 'groups' => array()), 'manage_files' => array('protected' => (bool) $objCategory->getAddSubcategoriesAccessId(), 'groups' => array()))); // // foreach ($this->arrPermissionTypes as $protectionType) { // $arrCategoryPermissions[$protectionType]['protected'] = isset($_POST['downloads_category_'.$protectionType]) && $_POST['downloads_category_'.$protectionType]; // $arrCategoryPermissions[$protectionType]['groups'] = !empty($_POST['downloads_category_'.$protectionType.'_associated_groups']) ? array_map('intval', $_POST['downloads_category_'.$protectionType.'_associated_groups']) : array(); // } // // $objCategory->setPermissionsRecursive(!empty($_POST['downloads_category_apply_recursive'])); // $objCategory->setPermissions($arrCategoryPermissions); if (!$objSubcategory->store()) { $this->arrStatusMsg['error'] = array_merge($this->arrStatusMsg['error'], $objSubcategory->getErrorMsg()); } }
function _smtpModify() { global $objTemplate, $_ARRAYLANG; $error = false; $id = !empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; if (isset($_POST['settings_smtp_save'])) { $arrSmtp = array('name' => !empty($_POST['settings_smtp_account']) ? contrexx_stripslashes(trim($_POST['settings_smtp_account'])) : '', 'hostname' => !empty($_POST['settings_smtp_hostname']) ? contrexx_stripslashes(trim($_POST['settings_smtp_hostname'])) : '', 'port' => !empty($_POST['settings_smtp_port']) ? intval($_POST['settings_smtp_port']) : 25, 'username' => !empty($_POST['settings_smtp_username']) ? contrexx_stripslashes(trim($_POST['settings_smtp_username'])) : '', 'password' => !empty($_POST['settings_smtp_password']) ? contrexx_stripslashes($_POST['settings_smtp_password']) : ''); if (!$arrSmtp['port']) { $arrSmtp['port'] = 25; } if (empty($arrSmtp['name'])) { $error = true; $this->strErrMessage[] = $_ARRAYLANG['TXT_SETTINGS_EMPTY_ACCOUNT_NAME_TXT']; } elseif (!\SmtpSettings::_isUniqueSmtpAccountName($arrSmtp['name'], $id)) { $error = true; $this->strErrMessage[] = sprintf($_ARRAYLANG['TXT_SETTINGS_NOT_UNIQUE_SMTP_ACCOUNT_NAME'], htmlentities($arrSmtp['name'])); } if (empty($arrSmtp['hostname'])) { $error = true; $this->strErrMessage[] = $_ARRAYLANG['TXT_SETTINGS_EMPTY_SMTP_HOST_TXT']; } if (!$error) { if ($id) { if (\SmtpSettings::_updateSmtpAccount($id, $arrSmtp)) { $this->strOkMessage .= sprintf($_ARRAYLANG['TXT_SETTINGS_SMTP_ACCOUNT_UPDATE_SUCCEED'], $arrSmtp['name']) . '<br />'; return $this->_smtpOverview(); } else { $this->strErrMessage[] = sprintf($_ARRAYLANG['TXT_SETTINGS_SMTP_ACCOUNT_UPDATE_FAILED'], $arrSmtp['name']); } } else { if (\SmtpSettings::_addSmtpAccount($arrSmtp)) { $this->strOkMessage .= sprintf($_ARRAYLANG['TXT_SETTINGS_SMTP_ACCOUNT_ADD_SUCCEED'], $arrSmtp['name']) . '<br />'; return $this->_smtpOverview(); } else { $this->strErrMessage[] = $_ARRAYLANG['TXT_SETTINGS_SMTP_ACCOUNT_ADD_FAILED']; } } } } else { $arrSmtp = \SmtpSettings::getSmtpAccount($id, false); if ($arrSmtp === false) { $id = 0; $arrSmtp = array('name' => '', 'hostname' => '', 'port' => 25, 'username' => '', 'password' => 0); } } $objTemplate->addBlockfile('ADMIN_CONTENT', 'settings_smtp_modify', 'settings_smtp_modify.html'); $this->strPageTitle = $id ? $_ARRAYLANG['TXT_SETTINGS_MODIFY_SMTP_ACCOUNT'] : $_ARRAYLANG['TXT_SETTINGS_ADD_NEW_SMTP_ACCOUNT']; $objTemplate->setVariable(array('TXT_SETTINGS_ACCOUNT' => $_ARRAYLANG['TXT_SETTINGS_ACCOUNT'], 'TXT_SETTINGS_NAME_OF_ACCOUNT' => $_ARRAYLANG['TXT_SETTINGS_NAME_OF_ACCOUNT'], 'TXT_SETTINGS_SMTP_SERVER' => $_ARRAYLANG['TXT_SETTINGS_SMTP_SERVER'], 'TXT_SETTINGS_HOST' => $_ARRAYLANG['TXT_SETTINGS_HOST'], 'TXT_SETTINGS_PORT' => $_ARRAYLANG['TXT_SETTINGS_PORT'], 'TXT_SETTINGS_AUTHENTICATION' => $_ARRAYLANG['TXT_SETTINGS_AUTHENTICATION'], 'TXT_SETTINGS_USERNAME' => $_ARRAYLANG['TXT_SETTINGS_USERNAME'], 'TXT_SETTINGS_PASSWORD' => $_ARRAYLANG['TXT_SETTINGS_PASSWORD'], 'TXT_SETTINGS_SMTP_AUTHENTICATION_TXT' => $_ARRAYLANG['TXT_SETTINGS_SMTP_AUTHENTICATION_TXT'], 'TXT_SETTINGS_BACK' => $_ARRAYLANG['TXT_SETTINGS_BACK'], 'TXT_SETTINGS_SAVE' => $_ARRAYLANG['TXT_SETTINGS_SAVE'])); $objTemplate->setVariable(array('SETTINGS_SMTP_TITLE' => $id ? $_ARRAYLANG['TXT_SETTINGS_MODIFY_SMTP_ACCOUNT'] : $_ARRAYLANG['TXT_SETTINGS_ADD_NEW_SMTP_ACCOUNT'], 'SETTINGS_SMTP_ID' => $id, 'SETTINGS_SMTP_ACCOUNT' => htmlentities($arrSmtp['name'], ENT_QUOTES, CONTREXX_CHARSET), 'SETTINGS_SMTP_HOST' => htmlentities($arrSmtp['hostname'], ENT_QUOTES, CONTREXX_CHARSET), 'SETTINGS_SMTP_PORT' => $arrSmtp['port'], 'SETTINGS_SMTP_USERNAME' => htmlentities($arrSmtp['username'], ENT_QUOTES, CONTREXX_CHARSET), 'SETTINGS_SMTP_PASSWORD' => str_pad('', $arrSmtp['password'], ' '))); $objTemplate->parse('settings_smtp_modify'); return true; }
/** * checks input */ function checkInput() { global $_ARRAYLANG; $objValidator = new \FWValidator(); $captchaCheck = true; $_POST['forename'] = strip_tags(contrexx_stripslashes($_POST['forename'])); $_POST['name'] = strip_tags(contrexx_stripslashes($_POST['name'])); $_POST['comment'] = htmlentities(strip_tags(contrexx_stripslashes($_POST['comment'])), ENT_QUOTES, CONTREXX_CHARSET); $_POST['location'] = strip_tags(contrexx_stripslashes($_POST['location'])); $_POST['email'] = strip_tags(contrexx_stripslashes($_POST['email'])); $_POST['url'] = strip_tags(contrexx_stripslashes($_POST['url'])); if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { $captchaCheck = false; } if (empty($_POST['name']) || empty($_POST['forename'])) { $this->makeError($_ARRAYLANG['TXT_NAME']); } if (empty($_POST['comment'])) { $this->makeError($_ARRAYLANG['TXT_COMMENT']); } if (empty($_POST['malefemale'])) { $this->makeError($_ARRAYLANG['TXT_SEX']); } if (empty($_POST['location'])) { $this->makeError($_ARRAYLANG['TXT_LOCATION']); } if (!$objValidator->isEmail($_POST['email'])) { $this->makeError($_ARRAYLANG['TXT_EMAIL']); } if (empty($this->error) && $captchaCheck) { return true; } else { return false; } }
function _modifyTicker() { global $_ARRAYLANG, $objDatabase; $id = !empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0; $defaultCharset = CONTREXX_CHARSET; if ($arrTicker = $this->_getTicker($id)) { $this->pageTitle = $_ARRAYLANG['TXT_NEWS_MODIFY_TICKER']; $name = $arrTicker['name']; $charset = $arrTicker['charset']; $urlencode = $arrTicker['urlencode']; $prefix = $arrTicker['prefix']; } else { $id = 0; $this->pageTitle = $_ARRAYLANG['TXT_NEWS_CREATE_TICKER']; $name = ''; $charset = $defaultCharset; $content = ''; $urlencode = 0; $prefix = ''; } if (isset($_POST['news_save_ticker'])) { $newName = isset($_POST['news_ticker_filename']) ? contrexx_stripslashes(trim($_POST['news_ticker_filename'])) : ''; $charset = isset($_POST['news_ticker_charset']) ? addslashes($_POST['news_ticker_charset']) : ''; $content = isset($_POST['news_ticker_content']) ? contrexx_stripslashes($_POST['news_ticker_content']) : ''; $urlencode = isset($_POST['news_ticker_urlencode']) ? intval($_POST['news_ticker_urlencode']) : 0; $prefix = isset($_POST['news_ticker_prefix']) ? contrexx_stripslashes($_POST['news_ticker_prefix']) : ''; if (!empty($newName)) { if ($name != $newName && file_exists(\Env::get('cx')->getWebsiteFeedPath() . '/' . $newName)) { $this->strErrMessage = sprintf($_ARRAYLANG['TXT_NEWS_FILE_DOES_ALREADY_EXIST'], htmlentities($newName, ENT_QUOTES, CONTREXX_CHARSET), \Env::get('cx')->getWebsiteFeedPath()) . '<br />'; $this->strErrMessage .= $_ARRAYLANG['TXT_NEWS_SELECT_OTHER_FILENAME']; } elseif ($name != $newName && !@touch(\Env::get('cx')->getWebsiteFeedPath() . '/' . $newName)) { $this->strErrMessage = sprintf($_ARRAYLANG['TXT_NEWS_COULD_NOT_ATTACH_FILE'], htmlentities($newName, ENT_QUOTES, CONTREXX_CHARSET), \Env::get('cx')->getWebsiteFeedPath() . '/') . '<br />'; $this->strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWS_SET_CHMOD'], \Env::get('cx')->getWebsiteFeedPath() . '/'); } else { if ($objDatabase->Execute(($id > 0 ? "UPDATE" : "INSERT INTO") . " `" . DBPREFIX . "module_news_ticker` SET `name` = '" . addslashes($newName) . "', `charset` = '" . addslashes($charset) . "', `urlencode` = " . $urlencode . ", `prefix` = '" . addslashes($prefix) . "'" . ($id > 0 ? " WHERE `id` = " . $id : ''))) { $objFile = new \File(); $objFile->setChmod(\Env::get('cx')->getWebsiteFeedPath(), ASCMS_FEED_WEB_PATH, $newName); $fpTicker = @fopen(\Env::get('cx')->getWebsiteFeedPath() . '/' . $newName, 'wb'); if ($fpTicker) { if ($defaultCharset != $charset) { $content = iconv($defaultCharset, $charset, $content); $prefix = iconv($defaultCharset, $charset, $prefix); } $content2w = $prefix . ($urlencode ? rawurlencode($content) : $content); if (@fwrite($fpTicker, $content2w) !== false) { $this->strOkMessage = $_ARRAYLANG['TXT_NEWS_NEWSTICKER_SUCCESSFULLY_UPDATED']; if ($name != $newName && file_exists(\Env::get('cx')->getWebsiteFeedPath() . '/' . $name)) { @unlink(\Env::get('cx')->getWebsiteFeedPath() . '/' . $name); } return $this->_tickerOverview(); } else { $this->strErrMessage = sprintf($_ARRAYLANG['TXT_NEWS_UNABLE_TO_UPDATE_FILE'], htmlentities($newName, ENT_QUOTES, CONTREXX_CHARSET), \Env::get('cx')->getWebsiteFeedPath() . '/') . '<br />'; $this->strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWS_SET_CHMOD'], \Env::get('cx')->getWebsiteFeedPath() . '/' . $newName); } } else { $this->strErrMessage = sprintf($_ARRAYLANG['TXT_NEWS_FILE_DOES_NOT_EXIST'], \Env::get('cx')->getWebsiteFeedPath() . '/' . $newName); } } else { $this->strErrMessage = $_ARRAYLANG['TXT_NEWS_UNABLE_TO_RENAME_NEWSTICKER']; @unlink(\Env::get('cx')->getWebsiteFeedPath() . '/' . $newName); } } } else { $this->strErrMessage = $_ARRAYLANG['TXT_NEWS_YOU_MUST_SET_FILENAME']; } $name = $newName; } elseif ($id > 0) { if (!file_exists(\Env::get('cx')->getWebsiteFeedPath() . '/' . $name) && !@touch(\Env::get('cx')->getWebsiteFeedPath() . '/' . $name)) { $this->strErrMessage = sprintf($_ARRAYLANG['TXT_NEWS_COULD_NOT_ATTACH_FILE'], htmlentities($name, ENT_QUOTES, CONTREXX_CHARSET), \Env::get('cx')->getWebsiteFeedPath() . '/') . '<br />'; $this->strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWS_SET_CHMOD'], \Env::get('cx')->getWebsiteFeedPath() . '/'); } else { $content = file_get_contents(\Env::get('cx')->getWebsiteFeedPath() . '/' . $name); if (!empty($prefix) && strpos($content, $prefix) === 0) { $content = substr($content, strlen($prefix)); } if ($urlencode) { $content = rawurldecode($content); } if ($charset != $defaultCharset) { $content = iconv($charset, $defaultCharset, $content); $prefix = iconv($charset, $defaultCharset, $prefix); } } } $this->_objTpl->addBlockfile('NEWS_TICKER_TEMPLATE', 'module_news_ticker_modify', 'module_news_ticker_modify.html'); $this->_objTpl->setVariable(array('TXT_NEWS_FILENAME' => $_ARRAYLANG['TXT_NEWS_FILENAME'], 'TXT_NEWS_MODIFY_FILENAME' => $_ARRAYLANG['TXT_NEWS_MODIFY_FILENAME'], 'TXT_NEWS_CONTENT' => $_ARRAYLANG['TXT_NEWS_CONTENT'], 'TXT_NEWS_CHARSET' => $_ARRAYLANG['TXT_NEWS_CHARSET'], 'TXT_NEWS_SAVE' => $_ARRAYLANG['TXT_NEWS_SAVE'], 'TXT_NEWS_CANCEL' => $_ARRAYLANG['TXT_NEWS_CANCEL'], 'TXT_NEWS_URL_ENCODING' => $_ARRAYLANG['TXT_NEWS_URL_ENCODING'], 'TXT_NEWS_URL_ENCODING_TXT' => $_ARRAYLANG['TXT_NEWS_URL_ENCODING_TXT'], 'TXT_NEWS_PREFIX' => $_ARRAYLANG['TXT_NEWS_PREFIX'], 'TXT_NEWS_TICKER_PREFIX_MSG' => $_ARRAYLANG['TXT_NEWS_TICKER_PREFIX_MSG'], 'TXT_NEWS_GENERAL' => $_ARRAYLANG['TXT_NEWS_GENERAL'], 'TXT_NEWS_ADVANCED' => $_ARRAYLANG['TXT_NEWS_ADVANCED'])); $this->_objTpl->setVariable(array('NEWS_MODIFY_TITLE_TXT' => $id > 0 ? $_ARRAYLANG['TXT_NEWS_MODIFY_TICKER'] : $_ARRAYLANG['TXT_NEWS_CREATE_TICKER'], 'NEWS_TICKER_ID' => $id, 'NEWS_TICKER_FILENAME' => htmlentities($name, ENT_QUOTES, CONTREXX_CHARSET), 'NEWS_TICKER_CHARSET_MENU' => $this->_getCharsetMenu($charset, 'name="news_ticker_charset"'), 'NEWS_TICKER_CONTENT' => htmlentities($content, ENT_QUOTES, CONTREXX_CHARSET), 'NEWS_TICKER_URLENCODE' => $urlencode ? 'checked="checked"' : '', 'NEWS_TICKER_POS' => $pos, 'NEWS_TICKER_PREFIX' => $prefix)); $this->_objTpl->parse('module_news_ticker_modify'); }
public function setProfile($arrProfile, $ignoreAccessPermissions = false) { $arrDate = array(); $arrDateFormat = array(); foreach ($arrProfile as $attributeId => $arrValue) { if (!is_array($arrValue)) { continue; } $objAttribute = $this->objAttribute->getById($attributeId); if (in_array($objAttribute->getType(), array('menu_option', 'group', 'frame', 'history'))) { continue; } if (isset($this->arrLoadedUsers[$this->id]['profile'][$attributeId])) { $arrStoredAttributeData = $this->arrLoadedUsers[$this->id]['profile'][$attributeId]; } else { $arrStoredAttributeData = array(); } $this->arrLoadedUsers[$this->id]['profile'][$attributeId] = array(); foreach ($arrValue as $historyId => $value) { if ($this->objAttribute->isHistoryChild($attributeId) && !$historyId) { continue; } if ($this->objAttribute->isHistoryChild($attributeId) && $historyId === 'new') { $historyId = 0; $arrValues = $value; } else { $arrValues = array($value); } foreach ($arrValues as $nr => $value) { $value = trim(contrexx_stripslashes($value)); if ($objAttribute->getType() === 'date') { if (is_array($value)) { $objDateTime = new DateTime("{$value['month']}/{$value['day']}/{$value['year']}"); $value = $objDateTime->format(ASCMS_DATE_FORMAT_DATE); } if (preg_match_all('#([djmnYy])+#', ASCMS_DATE_FORMAT_DATE, $arrDateFormat, PREG_PATTERN_ORDER) && preg_match_all('#([0-9]+)#', $value, $arrDate)) { foreach ($arrDateFormat[1] as $charNr => $char) { $arrDateCombined[$char] = $arrDate[1][$charNr]; } $value = mktime(1, 0, 0, isset($arrDateCombined['m']) ? $arrDateCombined['m'] : $arrDateCombined['n'], isset($arrDateCombined['d']) ? $arrDateCombined['d'] : $arrDateCombined['j'], isset($arrDateCombined['Y']) ? $arrDateCombined['Y'] : $arrDateCombined['y'] + ($arrDateCombined['y'] < 70 ? 2000 : 1900)); } elseif ($this->objAttribute->isCoreAttribute($attributeId)) { $value = ''; } else { continue; } } if ($objAttribute->getId() && ($ignoreAccessPermissions || !$objAttribute->isProtected() || (Permission::checkAccess($objAttribute->getAccessId(), 'dynamic', true) || $objAttribute->checkModifyPermission((in_array($attributeId, array('title', 'country')) ? $attributeId . '_' : '') . (isset($arrStoredAttributeData[$historyId]) ? $arrStoredAttributeData[$historyId] : null), (in_array($attributeId, array('title', 'country')) ? $attributeId . '_' : '') . $value)))) { if ($this->objAttribute->isHistoryChild($attributeId) && !$historyId) { $historyId = (isset($this->arrAttributeHistories[$this->id][$this->objAttribute->getHistoryAttributeId($attributeId)]) ? max($this->arrAttributeHistories[$this->id][$this->objAttribute->getHistoryAttributeId($attributeId)]) : 0) + 1; } $this->arrLoadedUsers[$this->id]['profile'][$attributeId][$historyId + $nr] = $value; if ($historyId + $nr && (!isset($this->arrUpdatedAttributeHistories[$this->id][$this->objAttribute->getHistoryAttributeId($attributeId)]) || !in_array($historyId + $nr, $this->arrUpdatedAttributeHistories[$this->id][$this->objAttribute->getHistoryAttributeId($attributeId)]))) { $this->arrUpdatedAttributeHistories[$this->id][$this->objAttribute->getHistoryAttributeId($attributeId)][] = $historyId + $nr; } } else { $this->arrLoadedUsers[$this->id]['profile'][$attributeId] = $arrStoredAttributeData; continue; } } } } // synchronize history-ID's $this->arrAttributeHistories[$this->id] = $this->arrUpdatedAttributeHistories[$this->id]; return true; }
/** * Show all threads of a forum * * @global ADONewConnection * @global array * @global Cache * @param integer $intForumId: The id of the forum which should be shown */ function showForum($intForumId) { global $objDatabase, $_ARRAYLANG, $_LANGID, $_CORELANG; if ($intForumId == 0) { //wrong id, redirect \Cx\Core\Csrf\Controller\Csrf::header('location: index.php?section=Forum'); die; } $objFWUser = \FWUser::getFWUserObject(); $this->_communityLogin(); $intCounter = 1; $intForumId = intval($intForumId); $intThreadId = !empty($_REQUEST['threadid']) ? intval($_REQUEST['threadid']) : 0; $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0; if ($objFWUser->objUser->login()) { $this->_objTpl->touchBlock('notificationRow'); } else { $this->_objTpl->hideBlock('notificationRow'); } $_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : ''; if ($_REQUEST['act'] == 'delete') { if ($this->_checkAuth($intForumId, 'delete')) { if ($this->_deleteThread($intThreadId, $intForumId)) { $this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']); } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']); } } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); return false; } } $arrThreads = $this->createThreadArray($intForumId, $pos); $subject = !empty($_REQUEST['thread_subject']) ? contrexx_stripslashes($_REQUEST['thread_subject']) : ''; $keywords = !empty($_REQUEST['thread_keywords']) ? contrexx_stripslashes($_REQUEST['thread_keywords']) : ''; $content = !empty($_REQUEST['thread_message']) ? contrexx_stripslashes($_REQUEST['thread_message']) : ''; if ($this->_arrSettings['wysiwyg_editor'] == 1) { //IF WYSIWIG enabled.. $strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('thread_message', $content, 'bbcode'); } else { //plain textarea $strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="thread_message">' . htmlentities($content, ENT_QUOTES, CONTREXX_CHARSET) . '</textarea>'; } //Initialize the Uploader $this->initForumUploader(); $this->_objTpl->setGlobalVariable(array('FORUM_NAME' => $this->_shortenString($this->_arrTranslations[$intForumId][$this->_intLangId]['name'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intForumId), 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intForumId, 'onchange="gotoForum(this);"', ''), 'FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deleteThread'), 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText'), 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_CREATE_THREAD' => $_ARRAYLANG['TXT_FORUM_CREATE_THREAD'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'TXT_FORUM_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_FORUM_ID' => $intForumId, 'FORUM_SUBJECT' => htmlentities($subject, ENT_QUOTES, CONTREXX_CHARSET), 'FORUM_KEYWORDS' => htmlentities($keywords, ENT_QUOTES, CONTREXX_CHARSET), 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'])); if ($objFWUser->objUser->login()) { $this->_objTpl->hideBlock('captcha'); } else { $this->_objTpl->touchBlock('captcha'); } $this->_setIcons($this->_getIcons()); $this->_objTpl->setVariable(array('TXT_THREADS_SUBJECTAUTHOR' => $_ARRAYLANG['TXT_FORUM_THREADS_SUBJECTAUTHOR'], 'TXT_THREADS_LASTTOPIC' => $_ARRAYLANG['TXT_FORUM_OVERVIEW_LASTPOST'], 'TXT_THREADS_REPLIES' => $_ARRAYLANG['TXT_FORUM_THREADS_REPLIES'], 'TXT_THREADS_HITS' => $_ARRAYLANG['TXT_FORUM_THREADS_HITS'], 'TXT_FORUM_ADD_THREAD' => $_ARRAYLANG['TXT_FORUM_ADD_THREAD'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_THREAD' => $_ARRAYLANG['TXT_FORUM_CREATE_THREAD'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'])); if (!$this->_checkAuth($intForumId, 'write')) { $this->_objTpl->hideBlock('addThread'); $this->_objTpl->hideBlock('addPostAnchor'); } else { $this->_objTpl->touchBlock('addPostAnchor'); } if (count($arrThreads) > 0) { if (!$this->_checkAuth($intForumId, 'read')) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); return false; } $intCounter = 0; foreach ($arrThreads as $threadId => $arrValues) { $strUserProfileLink = $arrValues['user_id'] > 0 ? '<a href="index.php?section=Access&cmd=user&id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName; $this->_objTpl->setVariable(array('FORUM_THREADS_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_THREADS_SYMBOL' => '<img title="comment.gif" alt="comment.gif" src="' . ASCMS_MODULE_WEB_PATH . '/Forum/View/Media/comment.gif" border="0" />', 'FORUM_THREADS_ICON' => $arrValues['thread_icon'], 'FORUM_THREADS_ID' => $arrValues['thread_id'], 'FORUM_THREADS_NAME' => $arrValues['subject'], 'FORUM_THREADS_AUTHOR' => $strUserProfileLink, 'FORUM_THREADS_LASTPOST_DATE' => $arrValues['lastpost_time'], 'FORUM_THREADS_LASTPOST_AUTHOR' => $arrValues['lastpost_author'], 'FORUM_THREADS_REPLIES' => $arrValues['replies'], 'FORUM_THREADS_HITS' => $arrValues['views'])); if ($this->_checkAuth($intForumId, 'delete')) { $this->_objTpl->setVariable('FORUM_THREAD_ID', $intThreadId); $this->_objTpl->touchBlock('deleteThread'); } else { $this->_objTpl->hideBlock('deleteThread'); } $this->_objTpl->parse('forumThreads'); } $this->_objTpl->setVariable(array('FORUM_THREADS_PAGING' => getPaging($this->_threadCount, $pos, '§ion=Forum&cmd=board&id=' . $intForumId, $_ARRAYLANG['TXT_FORUM_THREAD'], true, $this->_arrSettings['thread_paging']))); $this->_objTpl->hideBlock('forumNoThreads'); } else { //no threads in this board, show message $this->_objTpl->setVariable('TXT_FORUM_NO_THREADS', $_ARRAYLANG['TXT_FORUM_NO_THREADS']); $this->_objTpl->parse('forumNoThreads'); $this->_objTpl->hideBlock('forumThreads'); } if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_THREAD']) { //addthread code if (!$this->_checkAuth($intForumId, 'write')) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('addThread'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } $maxIdQuery = ' SELECT max( thread_id ) as max_thread_id FROM ' . DBPREFIX . 'module_forum_postings'; if (($objRSmaxId = $objDatabase->SelectLimit($maxIdQuery, 1)) !== false) { $intLastThreadId = $objRSmaxId->fields['max_thread_id'] + 1; } else { die($objDatabase->ErrorMsg()); } $userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0; $icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1; $insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings ( id, category_id, thread_id, prev_post_id, user_id, time_created, time_edited, is_locked, is_sticky, views, icon, subject, keywords, content, attachment ) VALUES ( NULL, ' . $intForumId . ', ' . $intLastThreadId . ', 0, ' . $userId . ', ' . time() . ', 0, 0, 0, 0, ' . $icon . ", '" . addslashes($subject) . "',\n '" . addslashes($keywords) . "' ,'" . contrexx_raw2db($content) . "' , '" . $fileInfo['name'] . "'\n )"; if ($objDatabase->Execute($insertQuery) !== false) { $lastInsertId = $objDatabase->Insert_ID(); $this->_updateNotification($intLastThreadId); $this->_sendNotifications($intLastThreadId, $subject, $content); $this->updateViewsNewItem($intForumId, $lastInsertId); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: ?section=Forum&cmd=board&id=' . $intForumId); die; } }
/** * Gets the language add variable page * * @global array * @global ADONewConnection * @return boolean True on success, false on failure */ function addUpdateVariable() { global $_ARRAYLANG, $objDatabase; $moduleId = intval($_POST['moduleId']); $regex = '#\\[[\'"](.*)[\'"]\\][[:space:]]*=[[:space:]]*["\'](.*)["\'];#'; //multiple variables if (!empty($_REQUEST['backend_lang_vars']) || !empty($_REQUEST['frontend_lang_vars'])) { $backendVars = array(); $frontendVars = array(); $bothVars = array(); //for identical backend and frontend variables $_REQUEST['backend_lang_vars'] = contrexx_stripslashes($_REQUEST['backend_lang_vars']); $_REQUEST['frontend_lang_vars'] = contrexx_stripslashes($_REQUEST['frontend_lang_vars']); $backendVarLines = explode("\n", $_REQUEST['backend_lang_vars']); $frontendVarLines = explode("\n", $_REQUEST['frontend_lang_vars']); $result = array(); foreach ($backendVarLines as $backendVar) { if (trim($backendVar) == '' || substr(trim($backendVar), 0, 11) != '$_ARRAYLANG') { continue; } preg_match($regex, $backendVar, $result); //ugly key => val regex if (!empty($result[1]) && !empty($result[2])) { $backendVars[$result[1]] = $result[2]; } else { $this->strErrMessage .= 'Invalid $_ARRAYLANG format (backend) - regex: ' . $regex . '<br />'; } } foreach ($frontendVarLines as $frontendVar) { if (trim($frontendVar) == '' || substr(trim($frontendVar), 0, 11) != '$_ARRAYLANG') { continue; } preg_match($regex, $frontendVar, $result); if (!empty($result[1]) && !empty($result[2])) { if (in_array($result[1], array_keys($backendVars))) { if (in_array($result[2], $backendVars)) { $bothVars[$result[1]] = $result[2]; unset($frontendVars[$result[1]]); unset($backendVars[$result[1]]); continue; } } $frontendVars[$result[1]] = $result[2]; } else { $this->strErrMessage .= 'Invalid $_ARRAYLANG format (frontend ) - regex: ' . $regex . '<br />'; } } //_writeVarsToDB($name, $content, $moduleId, $isBackend, $isFrontend, $langId = 1, $status = 1) foreach ($backendVars as $varName => $varValue) { $this->_writeVarsToDB($varName, $varValue, $moduleId, 1, 0); } foreach ($frontendVars as $varName => $varValue) { $this->_writeVarsToDB($varName, $varValue, $moduleId, 0, 1); } foreach ($bothVars as $varName => $varValue) { $this->_writeVarsToDB($varName, $varValue, $moduleId, 1, 1); } if (isset($_POST['writeFiles']) && !empty($_POST['writeFiles'])) { $this->createFiles(); } return true; } //single variable if (!empty($_POST['submit']) && !empty($_POST['name'])) { $name = contrexx_addslashes($_POST['name']); $adminzone = intval($_POST['backend']); $website = intval($_POST['frontend']); $moduleId = intval($_POST['moduleId']); // Add new variable if (empty($_POST['id'])) { $objResult = $objDatabase->Execute("SELECT name\n FROM " . DBPREFIX . "language_variable_names\n WHERE name = '" . $name . "'\n AND module_id =" . $moduleId); if ($objResult !== false) { if ($objResult->RecordCount() >= 1) { $this->strErrMessage = $_ARRAYLANG['TXT_LANGUAGE_VARIABLE_ALREADY_EXIST']; return false; } else { $objDatabase->Execute("INSERT INTO " . DBPREFIX . "language_variable_names\n SET name='" . $name . "',\n module_id='" . $moduleId . "',\n backend='" . $adminzone . "',\n frontend='" . $website . "'"); $varId = $objDatabase->Insert_ID(); foreach ($_POST['content'] as $langId => $content) { $status = intval($_POST['status'][$langId]); $objDatabase->Execute("INSERT INTO " . DBPREFIX . "language_variable_content\n SET varid=" . $varId . ",\n content='" . contrexx_addslashes($content) . "',\n status=" . $status . ",\n lang_id=" . intval($langId)); } $this->strOkMessage = $_ARRAYLANG['TXT_LANGUAGE_VARIABLE_ADDED_SUCCESSFUL']; if (isset($_POST['writeFiles']) && !empty($_POST['writeFiles'])) { $this->createFiles(); } return true; } } } else { // Update variable // Edit not add $id = intval($_POST['id']); $objDatabase->Execute("UPDATE " . DBPREFIX . "language_variable_names\n SET name='" . $name . "',\n module_id='" . $moduleId . "',\n backend='" . $adminzone . "',\n frontend='" . $website . "'\n WHERE id=" . $id); foreach ($_POST['content'] as $langId => $content) { $status = intval($_POST['status'][$langId]); $objDatabase->Execute("UPDATE " . DBPREFIX . "language_variable_content\n SET content='" . contrexx_addslashes($content) . "',\n status='" . $status . "'\n WHERE varid=" . $id . "\n AND lang_id=" . intval($langId)); } $this->strOkMessage = $_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL']; if (isset($_POST['writeFiles']) && !empty($_POST['writeFiles'])) { $this->createFiles(); } return true; } } return false; }
/** * Checks the login * * @return bool|mixed false or user id */ public function checkLogin() { $username = isset($_POST['USERNAME']) && $_POST['USERNAME'] != '' ? contrexx_stripslashes($_POST['USERNAME']) : null; $password = isset($_POST['PASSWORD']) && $_POST['PASSWORD'] != '' ? md5(contrexx_stripslashes($_POST['PASSWORD'])) : null; if (isset($username) && isset($password)) { return $this->objUser->checkLoginData($username, $password, \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()); } return false; }
private function signUp() { global $_ARRAYLANG, $_CORELANG; if (!empty($_GET['u']) && !empty($_GET['k'])) { $this->_objTpl->hideBlock('access_signup_store_success'); $this->_objTpl->hideBlock('access_signup_store_error'); if ($this->confirmSignUp(intval($_GET['u']), contrexx_stripslashes($_GET['k']))) { $this->_objTpl->setVariable('ACCESS_SIGNUP_MESSAGE', $_ARRAYLANG['TXT_ACCESS_ACCOUNT_SUCCESSFULLY_ACTIVATED']); $this->_objTpl->parse('access_signup_confirm_success'); $this->_objTpl->hideBlock('access_signup_confirm_error'); } else { $this->_objTpl->setVariable('ACCESS_SIGNUP_MESSAGE', implode('<br />', $this->arrStatusMsg['error'])); $this->_objTpl->parse('access_signup_confirm_error'); $this->_objTpl->hideBlock('access_signup_confirm_success'); } return; } else { $this->_objTpl->hideBlock('access_signup_confirm_success'); $this->_objTpl->hideBlock('access_signup_confirm_error'); } $arrSettings = \User_Setting::getSettings(); $objUser = null; if (!empty($_SESSION['user_id'])) { $objUser = \FWUser::getFWUserObject()->objUser->getUser($_SESSION['user_id']); if ($objUser) { $objUser->releaseRestoreKey(); $active = $arrSettings['sociallogin_active_automatically']['status']; $objUser->setActiveStatus($active); $this->_objTpl->hideBlock('access_logindata'); } } if (!$objUser) { $objUser = new \User(); } if (isset($_POST['access_signup'])) { $objUser->setUsername(isset($_POST['access_user_username']) ? trim(contrexx_stripslashes($_POST['access_user_username'])) : ''); $objUser->setEmail(isset($_POST['access_user_email']) ? trim(contrexx_stripslashes($_POST['access_user_email'])) : ''); $objUser->setFrontendLanguage(isset($_POST['access_user_frontend_language']) ? intval($_POST['access_user_frontend_language']) : 0); $assignedGroups = $objUser->getAssociatedGroupIds(); if (empty($assignedGroups)) { $objUser->setGroups(explode(',', $arrSettings['assigne_to_groups']['value'])); } $objUser->setSubscribedNewsletterListIDs(isset($_POST['access_user_newsletters']) && is_array($_POST['access_user_newsletters']) ? $_POST['access_user_newsletters'] : array()); if ((!isset($_POST['access_profile_attribute']) || !is_array($_POST['access_profile_attribute']) || ($arrProfile = $_POST['access_profile_attribute']) && (!isset($_FILES['access_profile_attribute_images']) || !is_array($_FILES['access_profile_attribute_images']) || ($uploadImageError = $this->addUploadedImagesToProfile($objUser, $arrProfile, $_FILES['access_profile_attribute_images'])) === true) && $objUser->setProfile($arrProfile)) && $objUser->setPassword(isset($_POST['access_user_password']) ? trim(contrexx_stripslashes($_POST['access_user_password'])) : '', isset($_POST['access_user_password_confirmed']) ? trim(contrexx_stripslashes($_POST['access_user_password_confirmed'])) : '') && ($arrSettings['user_account_verification']['value'] === 0 || $objUser->checkMandatoryCompliance()) && $this->checkCaptcha() && $this->checkToS() && $objUser->signUp()) { if ($this->handleSignUp($objUser)) { if (isset($_SESSION['user_id'])) { unset($_SESSION['user_id']); } $this->_objTpl->setVariable('ACCESS_SIGNUP_MESSAGE', implode('<br />', $this->arrStatusMsg['ok'])); $this->_objTpl->parse('access_signup_store_success'); $this->_objTpl->hideBlock('access_signup_store_error'); } else { $this->_objTpl->setVariable('ACCESS_SIGNUP_MESSAGE', implode('<br />', $this->arrStatusMsg['error'])); $this->_objTpl->parse('access_signup_store_error'); $this->_objTpl->hideBlock('access_signup_store_success'); } $this->_objTpl->hideBlock('access_signup_form'); return; } else { if (is_array($uploadImageError)) { $this->arrStatusMsg['error'] = array_merge($this->arrStatusMsg['error'], $uploadImageError); } $this->arrStatusMsg['error'] = array_merge($this->arrStatusMsg['error'], $objUser->getErrorMsg()); $this->_objTpl->hideBlock('access_signup_store_success'); $this->_objTpl->hideBlock('access_signup_store_error'); } } else { $this->_objTpl->hideBlock('access_signup_store_success'); $this->_objTpl->hideBlock('access_signup_store_error'); } $this->parseAccountAttributes($objUser, true); while (!$objUser->objAttribute->EOF) { $objAttribute = $objUser->objAttribute->getById($objUser->objAttribute->getId()); if (!$objAttribute->isProtected() || (\Permission::checkAccess($objAttribute->getAccessId(), 'dynamic', true) || $objAttribute->checkModifyPermission())) { $this->parseAttribute($objUser, $objAttribute->getId(), 0, true); } $objUser->objAttribute->next(); } $this->parseNewsletterLists($objUser); $this->attachJavaScriptFunction('accessSetWebsite'); $this->_objTpl->setVariable(array('ACCESS_SIGNUP_BUTTON' => '<input type="submit" name="access_signup" value="' . $_ARRAYLANG['TXT_ACCESS_CREATE_ACCOUNT'] . '" />', 'ACCESS_JAVASCRIPT_FUNCTIONS' => $this->getJavaScriptCode(), 'ACCESS_SIGNUP_MESSAGE' => implode("<br />\n", $this->arrStatusMsg['error']))); if (!$arrSettings['use_usernames']['status']) { if ($this->_objTpl->blockExists('access_user_username')) { $this->_objTpl->hideBlock('access_user_username'); } } // set captcha if ($this->_objTpl->blockExists('access_captcha')) { if ($arrSettings['user_captcha']['status']) { $this->_objTpl->setVariable(array('ACCESS_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'TXT_ACCESS_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'])); $this->_objTpl->parse('access_captcha'); } else { $this->_objTpl->hideBlock('access_captcha'); } } // set terms and conditions if ($this->_objTpl->blockExists('access_tos')) { if ($arrSettings['user_accept_tos_on_signup']['status']) { $uriTos = CONTREXX_SCRIPT_PATH . '?section=Agb'; $this->_objTpl->setVariable(array('TXT_ACCESS_TOS' => $_ARRAYLANG['TXT_ACCESS_TOS'], 'ACCESS_TOS' => '<input type="checkbox" name="access_user_tos" id="access_user_tos"' . (!empty($_POST['access_user_tos']) ? ' checked="checked"' : '') . ' /><label for="access_user_tos">' . sprintf($_ARRAYLANG['TXT_ACCESS_ACCEPT_TOS'], $uriTos) . '</label>')); $this->_objTpl->parse('access_tos'); } else { $this->_objTpl->hideBlock('access_tos'); } } $this->_objTpl->parse('access_signup_form'); }
function send() { global $objDatabase, $_ARRAYLANG, $_CONFIG; $this->_objTpl->setTemplate($this->pageContent); // Initialize variables $code = substr(md5(rand()), 1, 10); $url = \Cx\Core\Routing\Url::fromModuleAndCmd('Ecard', 'show', '', array('code' => $code))->toString(); // Initialize POST variables $id = intval($_POST['selectedEcard']); $message = contrexx_addslashes($_POST['ecardMessage']); $recipientSalutation = contrexx_stripslashes($_POST['ecardRecipientSalutation']); $senderName = contrexx_stripslashes($_POST['ecardSenderName']); $senderEmail = \FWValidator::isEmail($_POST['ecardSenderEmail']) ? $_POST['ecardSenderEmail'] : ''; $recipientName = contrexx_stripslashes($_POST['ecardRecipientName']); $recipientEmail = \FWValidator::isEmail($_POST['ecardRecipientEmail']) ? $_POST['ecardRecipientEmail'] : ''; if (empty($senderEmail) || empty($recipientEmail)) { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR'])); return false; } $query = "\n SELECT `setting_name`, `setting_value`\n FROM " . DBPREFIX . "module_ecard_settings"; $objResult = $objDatabase->Execute($query); while (!$objResult->EOF) { switch ($objResult->fields['setting_name']) { case 'validdays': $validdays = $objResult->fields['setting_value']; break; // Never used // case 'greetings': // $greetings = $objResult->fields['setting_value']; // break; // Never used // case 'greetings': // $greetings = $objResult->fields['setting_value']; // break; case 'subject': $subject = $objResult->fields['setting_value']; break; case 'emailText': $emailText = strip_tags($objResult->fields['setting_value']); break; } $objResult->MoveNext(); } $timeToLife = $validdays * 86400; // Replace placeholders with used in notification mail with user data $emailText = str_replace('[[ECARD_RECIPIENT_SALUTATION]]', $recipientSalutation, $emailText); $emailText = str_replace('[[ECARD_RECIPIENT_NAME]]', $recipientName, $emailText); $emailText = str_replace('[[ECARD_RECIPIENT_EMAIL]]', $recipientEmail, $emailText); $emailText = str_replace('[[ECARD_SENDER_NAME]]', $senderName, $emailText); $emailText = str_replace('[[ECARD_SENDER_EMAIL]]', $senderEmail, $emailText); $emailText = str_replace('[[ECARD_VALID_DAYS]]', $validdays, $emailText); $emailText = str_replace('[[ECARD_URL]]', $url, $emailText); $body = $emailText; // Insert ecard to DB $query = "\n INSERT INTO `" . DBPREFIX . "module_ecard_ecards` (\n code, date, TTL, salutation,\n senderName, senderEmail,\n recipientName, recipientEmail,\n message\n ) VALUES (\n '" . $code . "',\n '" . time() . "',\n '" . $timeToLife . "',\n '" . addslashes($recipientSalutation) . "',\n '" . addslashes($senderName) . "',\n '" . $senderEmail . "',\n '" . addslashes($recipientName) . "',\n '" . $recipientEmail . "',\n '" . $message . "');"; if ($objDatabase->Execute($query)) { $query = "\n SELECT setting_value\n FROM " . DBPREFIX . "module_ecard_settings\n WHERE setting_name='motive_{$id}'"; $objResult = $objDatabase->SelectLimit($query, 1); // Copy motive to new file with $code as filename $fileExtension = preg_replace('/^.+(\\.[^\\.]+)$/', '$1', $objResult->fields['setting_value']); $fileName = $objResult->fields['setting_value']; $objFile = new \File(); if ($objFile->copyFile(ASCMS_ECARD_OPTIMIZED_PATH . '/', $fileName, ASCMS_ECARD_SEND_ECARDS_PATH . '/', $code . $fileExtension)) { $objMail = new \phpmailer(); // Check e-mail settings if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once ASCMS_CORE_PATH . '/SmtpSettings.class.php')) { $objSmtpSettings = new \SmtpSettings(); if (($arrSmtp = $objSmtpSettings->getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) { $objMail->IsSMTP(); $objMail->Host = $arrSmtp['hostname']; $objMail->Port = $arrSmtp['port']; $objMail->SMTPAuth = true; $objMail->Username = $arrSmtp['username']; $objMail->Password = $arrSmtp['password']; } } // Send notification mail to ecard-recipient $objMail->CharSet = CONTREXX_CHARSET; $objMail->SetFrom($senderEmail, $senderName); $objMail->Subject = $subject; $objMail->IsHTML(false); $objMail->Body = $body; $objMail->AddAddress($recipientEmail); if ($objMail->Send()) { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_HAS_BEEN_SENT'])); } else { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_MAIL_SENDING_ERROR'])); } } } else { $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR'])); } }
/** * Create directory * * @global array $_ARRAYLANG * @param string $dir_name */ function _createDirectory($dir_name) { global $_ARRAYLANG; if (empty($dir_name)) { if (!isset($_GET['highlightFiles'])) { $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_EMPTY_DIR_NAME']; } return; } else { $dir_name = contrexx_stripslashes($dir_name); } if (!$this->uploadAccessGranted()) { $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_DIRCREATION_NOT_ALLOWED']; return; } $obj_file = new \File(); $dir_name = \Cx\Lib\FileSystem\FileSystem::replaceCharacters($dir_name); $creationStatus = $obj_file->mkDir($this->path, $this->webPath, $dir_name); if ($creationStatus != "error") { $this->highlightName[] = $dir_name; $this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_MSG_NEW_DIR']; } else { $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_MSG_ERROR_NEW_DIR']; } }
/** * Update and store all imagetypes found in the $_POST array * @return boolean True on success, * the empty string if none was changed, * or false on failure */ static function storeFromPost() { //echo("ImageType::storeFromPost(): Entered<br />"); if (!isset($_POST['imagetype_key'])) { return ''; } // Compare POST with current imagetypes. // Only store what was changed. $arrImagetypes = self::getArray(); $result = ''; // The keys don't really change, but we can recognize added // entries easily like this foreach ($_POST['imagetype_key'] as $key_old => $key_new) { // Strip crap characters from the key $key_new = preg_replace('/[^_a-z\\d]/i', '', $key_new); // No new Imagetype is to be added if the new key is empty if (empty($key_new)) { continue; } //echo("TEST: Old key $key_old, new: '$key_new'<br />"); $key_old = contrexx_stripslashes($key_old); $key_new = contrexx_stripslashes($key_new); $name = contrexx_stripslashes($_POST['imagetype_name'][$key_old]); $width = contrexx_stripslashes($_POST['imagetype_width'][$key_old]); $height = contrexx_stripslashes($_POST['imagetype_height'][$key_old]); $quality = contrexx_stripslashes($_POST['imagetype_quality'][$key_old]); $width_thumb = contrexx_stripslashes($_POST['imagetype_width_thumb'][$key_old]); $height_thumb = contrexx_stripslashes($_POST['imagetype_height_thumb'][$key_old]); $quality_thumb = contrexx_stripslashes($_POST['imagetype_quality_thumb'][$key_old]); if (empty($arrImagetypes[$key_old]) || $name != $arrImagetypes[$key_old]['name'] || $width != $arrImagetypes[$key_old]['width'] || $height != $arrImagetypes[$key_old]['height'] || $quality != $arrImagetypes[$key_old]['quality'] || $width_thumb != $arrImagetypes[$key_old]['width_thumb'] || $height_thumb != $arrImagetypes[$key_old]['height_thumb'] || $quality_thumb != $arrImagetypes[$key_old]['quality_thumb']) { //echo("Changed or new<br />"); if ($result === '') { $result = true; } if (!self::store($key_new, $name, $width, $height, $quality, $width_thumb, $height_thumb, $quality_thumb)) { $result = false; } } } return $result; }
/** * Process upload form * * @global array $_ARRAYLANG * @return boolean true if file uplod successfully and false if it failed */ private function processFormUpload() { global $_ARRAYLANG; $inputField = 'media_upload_file'; if (!isset($_FILES[$inputField]) || !is_array($_FILES[$inputField])) { return false; } $fileName = !empty($_FILES[$inputField]['name']) ? contrexx_stripslashes($_FILES[$inputField]['name']) : ''; $fileTmpName = !empty($_FILES[$inputField]['tmp_name']) ? $_FILES[$inputField]['tmp_name'] : ''; if (MediaLibrary::isIllegalFileName($fileName)) { $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_FILE_DONT_CREATE']; return false; } switch ($_FILES[$inputField]['error']) { case UPLOAD_ERR_INI_SIZE: $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_SIZE_EXCEEDS_LIMIT'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET), $this->getFormatedFileSize(\FWSystem::getMaxUploadFileSize())); break; case UPLOAD_ERR_FORM_SIZE: $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_TOO_LARGE'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)); break; case UPLOAD_ERR_PARTIAL: $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_CORRUPT'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)); break; case UPLOAD_ERR_NO_FILE: $this->_strErrorMessage = $_ARRAYLANG['TXT_MEDIA_NO_FILE']; continue; break; default: if (!empty($fileTmpName)) { $suffix = ''; $file = $this->path . $fileName; $arrFile = pathinfo($file); $i = 0; while (file_exists($file)) { $suffix = '-' . (time() + ++$i); $file = $this->path . $arrFile['filename'] . $suffix . '.' . $arrFile['extension']; } if (\FWValidator::is_file_ending_harmless($fileName)) { $fileExtension = $arrFile['extension']; if (@move_uploaded_file($fileTmpName, $file)) { $fileName = $arrFile['filename']; $obj_file = new \File(); $obj_file->setChmod($this->path, $this->webPath, $fileName); $this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_FILE_UPLOADED_SUCESSFULLY']; return true; } else { $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_UPLOAD_FAILED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)); } } else { $this->_strErrorMessage = sprintf($_ARRAYLANG['TXT_MEDIA_FILE_EXTENSION_NOT_ALLOWED'], htmlentities($fileName, ENT_QUOTES, CONTREXX_CHARSET)); } } break; } return false; }
private static function __formval($str) { return htmlspecialchars(contrexx_stripslashes($str), ENT_QUOTES, CONTREXX_CHARSET); }
/** * Calls the method resetPassword of the class FWUser * and displays the resetpw page of the login module * * @access private * @see FWUser::resetPassword() * @return string \Cx\Core\Html\Sigma::get() */ function _resetPassword() { global $_CORELANG; $objFWUser = \FWUser::getFWUserObject(); // if email is passed over $_GET, we have to replace whitespaces with +, because urldecode decodes + white a withescape. And in emails are never whitespaces, so this must be + $email = isset($_POST['email']) ? contrexx_stripslashes($_POST['email']) : (isset($_GET['email']) ? str_replace(' ', '+', contrexx_stripslashes($_GET['email'])) : ''); $restoreKey = isset($_POST['restore_key']) ? contrexx_stripslashes($_POST['restore_key']) : (isset($_GET['restoreKey']) ? contrexx_stripslashes($_GET['restoreKey']) : ''); $password = isset($_POST['password']) ? trim(contrexx_stripslashes($_POST['password'])) : ''; $confirmedPassword = isset($_POST['password2']) ? trim(contrexx_stripslashes($_POST['password2'])) : ''; $statusMessage = ''; if (isset($_POST['reset_password'])) { if ($objFWUser->resetPassword($email, $restoreKey, $password, $confirmedPassword, true)) { $statusMessage = $_CORELANG['TXT_PASSWORD_CHANGED_SUCCESSFULLY']; if ($this->_objTpl->blockExists('login_reset_password')) { $this->_objTpl->hideBlock('login_reset_password'); } // automaticly login the user after setting the password successfully. $userFilter = array('active' => 1, 'email' => $email); $objFWUser->loginUser($objFWUser->objUser->getUsers($userFilter, null, null, null, 1)); // get the url to the welcome page $homeUrl = \Cx\Core\Routing\Url::fromModuleAndCmd('Home', '', FRONTEND_LANG_ID); $statusMessage .= '<br />' . sprintf($_CORELANG['TXT_LOGIN_WELCOME_PAGE'], $homeUrl); } else { $statusMessage = $objFWUser->getErrorMsg(); $this->_objTpl->setVariable(array('TXT_EMAIL' => $_CORELANG['TXT_EMAIL'], 'TXT_PASSWORD' => $_CORELANG['TXT_PASSWORD'], 'TXT_VERIFY_PASSWORD' => $_CORELANG['TXT_VERIFY_PASSWORD'], 'TXT_PASSWORD_MINIMAL_CHARACTERS' => $_CORELANG['TXT_PASSWORD_MINIMAL_CHARACTERS'], 'TXT_SET_PASSWORD_TEXT' => $_CORELANG['TXT_SET_PASSWORD_TEXT'], 'TXT_SET_NEW_PASSWORD' => $_CORELANG['TXT_SET_NEW_PASSWORD'])); $this->_objTpl->parse('login_reset_password'); } } elseif (!$objFWUser->resetPassword($email, $restoreKey, $password, $confirmedPassword)) { $statusMessage = $objFWUser->getErrorMsg(); if ($this->_objTpl->blockExists('login_reset_password')) { $this->_objTpl->hideBlock('login_reset_password'); } } else { $this->_objTpl->setVariable(array('TXT_EMAIL' => $_CORELANG['TXT_EMAIL'], 'TXT_PASSWORD' => $_CORELANG['TXT_PASSWORD'], 'TXT_VERIFY_PASSWORD' => $_CORELANG['TXT_VERIFY_PASSWORD'], 'TXT_PASSWORD_MINIMAL_CHARACTERS' => $_CORELANG['TXT_PASSWORD_MINIMAL_CHARACTERS'], 'TXT_SET_PASSWORD_TEXT' => $_CORELANG['TXT_SET_PASSWORD_TEXT'], 'TXT_SET_NEW_PASSWORD' => $_CORELANG['TXT_SET_NEW_PASSWORD'])); $this->_objTpl->parse('login_reset_password'); } $this->_objTpl->setVariable(array('LOGIN_STATUS_MESSAGE' => $statusMessage, 'LOGIN_EMAIL' => contrexx_raw2xhtml($email), 'LOGIN_RESTORE_KEY' => contrexx_raw2xhtml($restoreKey))); return $this->_objTpl->get(); }
/** * Shows all files / pages in filebrowser */ function _setContent() { global $_FRONTEND_LANGID; $this->_objTpl->addBlockfile('FILEBROWSER_CONTENT', 'fileBrowser_content', 'module_fileBrowser_content.html'); $ckEditorFuncNum = isset($_GET['CKEditorFuncNum']) ? '&CKEditorFuncNum=' . contrexx_raw2xhtml($_GET['CKEditorFuncNum']) : ''; $ckEditor = isset($_GET['CKEditor']) ? '&CKEditor=' . contrexx_raw2xhtml($_GET['CKEditor']) : ''; $rowNr = 0; switch ($this->_mediaType) { case 'webpages': $jd = new \Cx\Core\Json\JsonData(); $data = $jd->data('node', 'getTree', array('get' => array('recursive' => 'true'))); $pageStack = array(); $ref = 0; $data['data']['tree'] = array_reverse($data['data']['tree']); foreach ($data['data']['tree'] as &$entry) { $entry['attr']['level'] = 0; array_push($pageStack, $entry); } while (count($pageStack)) { $entry = array_pop($pageStack); $page = $entry['data'][0]; $arrPage['level'] = $entry['attr']['level']; $arrPage['node_id'] = $entry['attr']['rel_id']; $children = $entry['children']; $children = array_reverse($children); foreach ($children as &$entry) { $entry['attr']['level'] = $arrPage['level'] + 1; array_push($pageStack, $entry); } $arrPage['catname'] = $page['title']; $arrPage['catid'] = $page['attr']['id']; $arrPage['lang'] = BACKEND_LANG_ID; $arrPage['protected'] = $page['attr']['protected']; $arrPage['type'] = \Cx\Core\ContentManager\Model\Entity\Page::TYPE_CONTENT; $arrPage['alias'] = $page['title']; $arrPage['frontend_access_id'] = $page['attr']['frontend_access_id']; $arrPage['backend_access_id'] = $page['attr']['backend_access_id']; // JsonNode does not provide those //$arrPage['level'] = ; //$arrPage['type'] = ; //$arrPage['parcat'] = ; //$arrPage['displaystatus'] = ; //$arrPage['moduleid'] = ; //$arrPage['startdate'] = ; //$arrPage['enddate'] = ; // But we can simulate level and type for our purposes: (level above) $jsondata = json_decode($page['attr']['data-href']); $path = $jsondata->path; if (trim($jsondata->module) != '') { $arrPage['type'] = \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION; $module = explode(' ', $jsondata->module, 2); $arrPage['modulename'] = $module[0]; if (count($module) > 1) { $arrPage['cmd'] = $module[1]; } } $url = "'" . '[[' . \Cx\Core\ContentManager\Model\Entity\Page::PLACEHOLDER_PREFIX; // TODO: This only works for regular application pages. Pages of type fallback that are linked to an application // will be parsed using their node-id ({NODE_<ID>}) if ($arrPage['type'] == \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION && $this->_mediaMode !== 'alias') { $url .= $arrPage['modulename']; if (!empty($arrPage['cmd'])) { $url .= '_' . $arrPage['cmd']; } $url = strtoupper($url); } else { $url .= $arrPage['node_id']; } // if language != current language or $alwaysReturnLanguage if ($this->_frontendLanguageId != $_FRONTEND_LANGID || isset($_GET['alwaysReturnLanguage']) && $_GET['alwaysReturnLanguage'] == 'true') { $url .= '_' . $this->_frontendLanguageId; } $url .= "]]'"; $this->_objTpl->setVariable(array('FILEBROWSER_ROW_CLASS' => $rowNr % 2 == 0 ? "row1" : "row2", 'FILEBROWSER_FILE_PATH_CLICK' => "javascript:{setUrl({$url},null,null,'" . \FWLanguage::getLanguageCodeById($this->_frontendLanguageId) . $path . "','page')}", 'FILEBROWSER_FILE_NAME' => $arrPage['catname'], 'FILEBROWSER_FILESIZE' => ' ', 'FILEBROWSER_FILE_ICON' => $this->_iconPath . 'htm.png', 'FILEBROWSER_FILE_DIMENSION' => ' ', 'FILEBROWSER_SPACING_STYLE' => 'style="margin-left: ' . $arrPage['level'] * 15 . 'px;"')); $this->_objTpl->parse('content_files'); $rowNr++; } break; case 'Media1': case 'Media2': case 'Media3': case 'Media4': \Permission::checkAccess(7, 'static'); //Access Media-Archive \Permission::checkAccess(38, 'static'); //Edit Media-Files \Permission::checkAccess(39, 'static'); //Upload Media-Files //Hier soll wirklich kein break stehen! Beabsichtig! //Upload Media-Files //Hier soll wirklich kein break stehen! Beabsichtig! default: if (count($this->_arrDirectories) > 0) { foreach ($this->_arrDirectories as $arrDirectory) { $this->_objTpl->setVariable(array('FILEBROWSER_ROW_CLASS' => $rowNr % 2 == 0 ? "row1" : "row2", 'FILEBROWSER_FILE_PATH_CLICK' => "index.php?cmd=FileBrowser&standalone=true&langId={$this->_frontendLanguageId}&type={$this->_mediaType}&path={$arrDirectory['path']}" . $ckEditor . $ckEditorFuncNum, 'FILEBROWSER_FILE_NAME' => $arrDirectory['name'], 'FILEBROWSER_FILESIZE' => ' ', 'FILEBROWSER_FILE_ICON' => $arrDirectory['icon'], 'FILEBROWSER_FILE_DIMENSION' => ' ')); $this->_objTpl->parse('content_files'); $rowNr++; } } if (count($this->_arrFiles) > 0) { $arrEscapedPaths = array(); foreach ($this->_arrFiles as $arrFile) { $arrEscapedPaths[] = contrexx_raw2encodedUrl($arrFile['path']); $this->_objTpl->setVariable(array('FILEBROWSER_ROW_CLASS' => $rowNr % 2 == 0 ? "row1" : "row2", 'FILEBROWSER_ROW_STYLE' => in_array($arrFile['name'], $this->highlightedFiles) ? ' style="background: ' . $this->highlightColor . ';"' : '', 'FILEBROWSER_FILE_PATH_DBLCLICK' => "setUrl('" . contrexx_raw2xhtml($arrFile['path']) . "'," . $arrFile['width'] . "," . $arrFile['height'] . ",'')", 'FILEBROWSER_FILE_PATH_CLICK' => "javascript:{showPreview(" . (count($arrEscapedPaths) - 1) . "," . $arrFile['width'] . "," . $arrFile['height'] . ")}", 'FILEBROWSER_FILE_NAME' => contrexx_stripslashes($arrFile['name']), 'FILEBROWSER_FILESIZE' => $arrFile['size'] . ' KB', 'FILEBROWSER_FILE_ICON' => $arrFile['icon'], 'FILEBROWSER_FILE_DIMENSION' => empty($arrFile['width']) && empty($arrFile['height']) ? '' : intval($arrFile['width']) . 'x' . intval($arrFile['height']))); $this->_objTpl->parse('content_files'); $rowNr++; } $this->_objTpl->setVariable('FILEBROWSER_FILES_JS', "'" . implode("','", $arrEscapedPaths) . "'"); } if (array_key_exists($this->_mediaType, $this->mediaTypePaths)) { $this->_objTpl->setVariable('FILEBROWSER_IMAGE_PATH', $this->mediaTypePaths[$this->_mediaType][1]); } else { $this->_objTpl->setVariable('FILEBROWSER_IMAGE_PATH', ASCMS_CONTENT_IMAGE_WEB_PATH); } break; } $this->_objTpl->parse('fileBrowser_content'); }
/** * Sets the template for the field selection * * Parses the given file and sets the template and values * for the field selection. * @param object $tpl The template object (by reference) */ function initFieldSelectTemplate(&$tpl, $given_fields) { global $_ARRAYLANG; $template = file_get_contents(ASCMS_LIBRARY_PATH . "/importexport/template/import.fieldselect.html"); $tpl->setTemplate($template, true, true); // Pass the options foreach ($_POST as $postkey => $postvar) { if (preg_match("%^import\\_options\\_%", $postkey)) { $optionvars[strtoupper($postkey)] = htmlentities(contrexx_stripslashes($postvar), ENT_QUOTES, CONTREXX_CHARSET); } } $tpl->setVariable($optionvars); $this->setType($_POST['importtype']); $file = $this->parseFile($_FILES['importfile']['tmp_name'], true); $tpl->setVariable(array("TXT_REMOVE_PAIR" => $_ARRAYLANG['TXT_REMOVE_PAIR'], "TXT_ADD_PAIR" => $_ARRAYLANG['TXT_ADD_PAIR'], "TXT_IMPORT" => $_ARRAYLANG['TXT_IMPORT'], "TXT_FIELDSELECT_SELECT_DESC" => $_ARRAYLANG['TXT_FIELDSELECT_SELECT_DESC'], "TXT_FIELDSELECT_SHOW_DESC" => $_ARRAYLANG['TXT_FIELDSELECT_SHOW_DESC'], "IMPORT_FILE" => $file, "IMPORT_TYPE" => $_POST['importtype'], "TXT_CANCEL" => $_ARRAYLANG['TXT_CANCEL'])); /* * Set the given fields */ foreach ($given_fields as $key => $field) { if ($field['active']) { $tpl->setVariable(array("IMPORT_FIELD_VALUE" => $key, "IMPORT_FIELD_NAME" => $field)); $tpl->parse("given_field_row"); } } // Set the file fields $fieldnames = $this->getDataFields(); foreach ($fieldnames as $key => $field) { $tpl->setVariable(array("IMPORT_FIELD_VALUE" => $key, "IMPORT_FIELD_NAME" => $field)); $tpl->parse("file_field_row"); } }
function importuser() { global $objDatabase, $_ARRAYLANG; $objTpl = new \Cx\Core\Html\Sigma(ASCMS_MODULE_PATH . '/Newsletter/View/Template/Backend'); \Cx\Core\Csrf\Controller\Csrf::add_placeholder($objTpl); $objTpl->setErrorHandling(PEAR_ERROR_DIE); \Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/importexport/import.class.php'); $objImport = new \Import(); $arrFields = array('email' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'sex' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'salutation' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'title' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'lastname' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'firstname' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'position' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'company' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'industry_sector' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'address' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'zip' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'city' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'country_id' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'phone_office' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'phone_private' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'phone_mobile' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'fax' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'birthday' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'uri' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'notes' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'language' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE']); if (isset($_POST['import_cancel'])) { // Abbrechen. Siehe Abbrechen $objImport->cancel(); \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=Newsletter&act=users&tpl=import"); exit; } elseif (isset($_POST['fieldsSelected'])) { // Speichern der Daten. Siehe Final weiter unten. $arrRecipients = $objImport->getFinalData($arrFields); if (empty($_POST['newsletter_recipient_associated_list'])) { self::$strErrMessage = $_ARRAYLANG['TXT_NEWSLETTER_SELECT_CATEGORY']; } else { $arrLists = array(); if (isset($_POST['newsletter_recipient_associated_list'])) { foreach (explode(',', $_POST['newsletter_recipient_associated_list']) as $listId) { array_push($arrLists, intval($listId)); } } $EmailCount = 0; $arrBadEmails = array(); $ExistEmails = 0; $NewEmails = 0; $recipientSendEmailId = isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0; foreach ($arrRecipients as $arrRecipient) { if (empty($arrRecipient['email'])) { continue; } if (!strpos($arrRecipient['email'], '@')) { continue; } $arrRecipient['email'] = trim($arrRecipient['email']); if (!\FWValidator::isEmail($arrRecipient['email'])) { array_push($arrBadEmails, $arrRecipient['email']); } else { $EmailCount++; $arrRecipientLists = $arrLists; // TODO: use FWUSER if (in_array($arrRecipient['salutation'], $this->_getRecipientTitles())) { $arrRecipientTitles = array_flip($this->_getRecipientTitles()); $recipientSalutationId = $arrRecipientTitles[$arrRecipient['salutation']]; } else { $recipientSalutationId = $this->_addRecipientTitle($arrRecipient['salutation']); } // try to parse the imported birthday in a usable format if (!empty($arrRecipient['birthday'])) { $arrDate = date_parse($arrRecipient['birthday']); $arrRecipient['birthday'] = $arrDate['day'] . '-' . $arrDate['month'] . '-' . $arrDate['year']; } $objRecipient = $objDatabase->SelectLimit("SELECT `id`,\n `language`,\n `status`,\n `notes`\n FROM `" . DBPREFIX . "module_newsletter_user`\n WHERE `email` = '" . addslashes($arrRecipient['email']) . "'", 1); if ($objRecipient->RecordCount() == 1) { $recipientId = $objRecipient->fields['id']; $recipientLanguage = $objRecipient->fields['language']; $recipientStatus = $objRecipient->fields['status']; $recipientNotes = !empty($objRecipient->fields['notes']) ? $objRecipient->fields['notes'] . ' ' . $arrRecipient['notes'] : $arrRecipient['notes']; $objList = $objDatabase->Execute("SELECT `category` FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"\n SELECT id\n FROM " . DBPREFIX . "module_newsletter_user\n WHERE email='" . contrexx_input2db($arrRecipient['email']) . "'", 1); $recipientId = $objRecipient->fields['id']; $this->insertTmpEmail($recipientSendEmailId, $arrRecipient['email'], self::USER_TYPE_NEWSLETTER); // setting TmpEntry=1 will set the newsletter status=1, this will force an imediate stop in the newsletter send procedere. if ($this->SendEmail($recipientId, $recipientSendEmailId, $arrRecipient['email'], 1, self::USER_TYPE_NEWSLETTER) == false) { self::$strErrMessage .= $_ARRAYLANG['TXT_SENDING_MESSAGE_ERROR']; } else { // TODO: Unused // $objUpdateCount = $objDatabase->execute(' UPDATE ' . DBPREFIX . 'module_newsletter SET recipient_count = recipient_count+1 WHERE id=' . intval($recipientSendEmailId)); } } } } } self::$strOkMessage = $_ARRAYLANG['TXT_DATA_IMPORT_SUCCESSFUL'] . "<br/>" . $_ARRAYLANG['TXT_CORRECT_EMAILS'] . ": " . $EmailCount . "<br/>" . $_ARRAYLANG['TXT_NOT_VALID_EMAILS'] . ": " . implode(', ', $arrBadEmails) . "<br/>" . $_ARRAYLANG['TXT_EXISTING_EMAILS'] . ": " . $ExistEmails . "<br/>" . $_ARRAYLANG['TXT_NEW_ADDED_EMAILS'] . ": " . $NewEmails; $objImport->initFileSelectTemplate($objTpl); $objTpl->setVariable(array("IMPORT_ACTION" => "index.php?cmd=Newsletter&act=users&tpl=import", 'TXT_FILETYPE' => $_ARRAYLANG['TXT_NEWSLETTER_FILE_TYPE'], 'TXT_HELP' => $_ARRAYLANG['TXT_NEWSLETTER_IMPORT_HELP'], 'IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'IMPORT_ADD_VALUE' => $this->_getEmailsDropDown(), 'IMPORT_ROWCLASS' => 'row1')); $objTpl->parse("additional"); $objTpl->setVariable(array('IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_LIST'], 'IMPORT_ADD_VALUE' => $this->_getAssociatedListSelection(), 'IMPORT_ROWCLASS' => 'row2')); $objTpl->parse("additional"); $this->_objTpl->setVariable('NEWSLETTER_USER_FILE', $objTpl->get()); } } elseif (empty($_POST['importfile']) || isset($_POST['imported']) && empty($_POST['newsletter_recipient_associated_list'])) { // Dateiauswahldialog. Siehe Fileselect $this->_pageTitle = $_ARRAYLANG['TXT_IMPORT']; $this->_objTpl->addBlockfile('NEWSLETTER_USER_FILE', 'module_newsletter_user_import', 'module_newsletter_user_import.html'); if (isset($_POST['imported']) && empty($_POST['newsletter_recipient_associated_list'])) { self::$strErrMessage = $_ARRAYLANG['TXT_NEWSLETTER_SELECT_CATEGORY']; } $objImport->initFileSelectTemplate($objTpl); $objTpl->setVariable(array("IMPORT_ACTION" => "index.php?cmd=Newsletter&act=users&tpl=import", 'TXT_FILETYPE' => $_ARRAYLANG['TXT_NEWSLETTER_FILE_TYPE'], 'TXT_HELP' => $_ARRAYLANG['TXT_NEWSLETTER_IMPORT_HELP'], 'IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'IMPORT_ADD_VALUE' => $this->_getEmailsDropDown(), 'IMPORT_ROWCLASS' => 'row1')); $objTpl->parse("additional"); $objTpl->setVariable(array('IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_LIST'], 'IMPORT_ADD_VALUE' => $this->_getAssociatedListSelection(), 'IMPORT_ROWCLASS' => 'row2')); $objTpl->parse("additional"); $this->_objTpl->setVariable(array('TXT_NEWSLETTER_IMPORT_FROM_FILE' => $_ARRAYLANG['TXT_NEWSLETTER_IMPORT_FROM_FILE'], 'TXT_IMPORT' => $_ARRAYLANG['TXT_IMPORT'], 'TXT_NEWSLETTER_LIST' => $_ARRAYLANG['TXT_NEWSLETTER_LIST'], 'TXT_ENTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_ENTER_EMAIL_ADDRESS'], 'NEWSLETTER_CATEGORY_MENU' => $this->_getAssociatedListSelection(), 'NEWSLETTER_IMPORT_FRAME' => $objTpl->get())); if (isset($_POST['newsletter_import_plain'])) { if (empty($_POST['newsletter_recipient_associated_list'])) { self::$strErrMessage = $_ARRAYLANG['TXT_NEWSLETTER_SELECT_CATEGORY']; } else { $arrLists = array(); if (isset($_POST['newsletter_recipient_associated_list'])) { foreach ($_POST['newsletter_recipient_associated_list'] as $listId) { array_push($arrLists, intval($listId)); } } $EmailList = str_replace(array(']', '[', "\t", "\n", "\r"), ' ', $_REQUEST["Emails"]); $EmailArray = preg_split('/[\\s"\';,:<>\\n]+/', contrexx_stripslashes($EmailList)); $EmailCount = 0; $arrBadEmails = array(); $ExistEmails = 0; $NewEmails = 0; foreach ($EmailArray as $email) { if (empty($email)) { continue; } if (!strpos($email, '@')) { continue; } if (!\FWValidator::isEmail($email)) { array_push($arrBadEmails, $email); } else { $EmailCount++; $objRecipient = $objDatabase->SelectLimit("SELECT `id` FROM `" . DBPREFIX . "module_newsletter_user` WHERE `email` = '" . addslashes($email) . "'", 1); if ($objRecipient->RecordCount() == 1) { foreach ($arrLists as $listId) { $this->_addRecipient2List($objRecipient->fields['id'], $listId); } $ExistEmails++; } else { $NewEmails++; if ($objDatabase->Execute("\n INSERT INTO `" . DBPREFIX . "module_newsletter_user` (\n `code`, `email`, `status`, `emaildate`\n ) VALUES (\n '" . $this->_emailCode() . "', '" . addslashes($email) . "', 1, " . time() . "\n )") !== false) { $this->_setRecipientLists($objDatabase->Insert_ID(), $arrLists); } else { array_push($arrBadEmails, $email); } } } } self::$strOkMessage = $_ARRAYLANG['TXT_DATA_IMPORT_SUCCESSFUL'] . "<br/>" . $_ARRAYLANG['TXT_CORRECT_EMAILS'] . ": " . $EmailCount . "<br/>" . $_ARRAYLANG['TXT_NOT_VALID_EMAILS'] . ": "" . implode(', ', $arrBadEmails) . ""<br/>" . $_ARRAYLANG['TXT_EXISTING_EMAILS'] . ": " . $ExistEmails . "<br/>" . $_ARRAYLANG['TXT_NEW_ADDED_EMAILS'] . ": " . $NewEmails; } } $this->_objTpl->parse('module_newsletter_user_import'); } else { // Felderzuweisungsdialog. Siehe Fieldselect $objImport->initFieldSelectTemplate($objTpl, $arrFields); $arrLists = array(); if (isset($_POST['newsletter_recipient_associated_list'])) { foreach ($_POST['newsletter_recipient_associated_list'] as $listId) { array_push($arrLists, intval($listId)); } } $objTpl->setVariable(array('IMPORT_HIDDEN_NAME' => 'newsletter_recipient_associated_list', 'IMPORT_HIDDEN_VALUE' => !empty($arrLists) ? implode(',', $arrLists) : '')); $objTpl->parse('hidden_fields'); $objTpl->setVariable(array('IMPORT_HIDDEN_NAME' => 'sendEmail', 'IMPORT_HIDDEN_VALUE' => isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0)); $objTpl->parse('hidden_fields'); $objTpl->setVariable(array('IMPORT_ACTION' => 'index.php?cmd=Newsletter&act=users&tpl=import')); $this->_objTpl->setVariable(array('TXT_REMOVE_PAIR' => $_ARRAYLANG['TXT_REMOVE_PAIR'], 'NEWSLETTER_USER_FILE' => $objTpl->get())); } }
private function download() { global $_ARRAYLANG, $_LANGID; $objFWUser = \FWUser::getFWUserObject(); $objDownload = new Download(); $objDownload->load(isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0); if ($objDownload->getId() && !\Permission::checkAccess(143, 'static', true) && (($objFWUser = \FWUser::getFWUserObject()) == false || !$objFWUser->objUser->login() || $objDownload->getOwnerId() != $objFWUser->objUser->getId())) { $this->arrStatusMsg['error'][] = $_ARRAYLANG['TXT_DOWNLOADS_MODIFY_DOWNLOAD_PROHIBITED']; return $this->downloads(); } $arrAssociatedGroupOptions = array(); $arrNotAssociatedGroupOptions = array(); $arrAssociatedGroups = array(); $arrAssociatedCategoryOptions = array(); $arrNotAssociatedCategoryOptions = array(); $arrAssociatedCategories = array(); $arrAssociatedDownloadOptions = array(); $arrNotAssociatedDownloadOptions = array(); if (isset($_POST['downloads_download_save'])) { $objDownload->setNames(isset($_POST['downloads_download_name']) ? array_map('trim', array_map('contrexx_stripslashes', $_POST['downloads_download_name'])) : array()); $objDownload->setDescriptions(isset($_POST['downloads_download_description']) ? array_map('trim', array_map('contrexx_stripslashes', $_POST['downloads_download_description'])) : array()); $this->arrConfig['use_attr_metakeys'] ? $objDownload->setMetakeys(isset($_POST['downloads_download_metakeys']) ? array_map('trim', array_map('contrexx_stripslashes', $_POST['downloads_download_metakeys'])) : array()) : null; $objDownload->setType(isset($_POST['downloads_download_type']) ? contrexx_stripslashes($_POST['downloads_download_type']) : ''); $objDownload->setSources(isset($_POST['downloads_download_' . $objDownload->getType() . '_source']) ? array_map('trim', array_map('contrexx_stripslashes', $_POST['downloads_download_' . $objDownload->getType() . '_source'])) : array()); $objDownload->setActiveStatus(!empty($_POST['downloads_download_is_active'])); $objDownload->setMimeType(isset($_POST['downloads_download_mime_type']) ? contrexx_stripslashes($_POST['downloads_download_mime_type']) : ''); $this->arrConfig['use_attr_size'] ? $objDownload->setSize(isset($_POST['downloads_download_size']) ? intval($_POST['downloads_download_size']) : '') : null; $this->arrConfig['use_attr_license'] ? $objDownload->setLicense(isset($_POST['downloads_download_license']) ? contrexx_stripslashes($_POST['downloads_download_license']) : '') : null; $this->arrConfig['use_attr_version'] ? $objDownload->setVersion(isset($_POST['downloads_download_version']) ? contrexx_stripslashes($_POST['downloads_download_version']) : '') : null; $this->arrConfig['use_attr_author'] ? $objDownload->setAuthor(isset($_POST['downloads_download_author']) ? contrexx_stripslashes($_POST['downloads_download_author']) : '') : null; $this->arrConfig['use_attr_website'] ? $objDownload->setWebsite(isset($_POST['downloads_download_website']) ? contrexx_stripslashes($_POST['downloads_download_website']) : '') : null; $objDownload->setImage(isset($_POST['downloads_download_image']) ? contrexx_stripslashes($_POST['downloads_download_image']) : ''); $objDownload->setValidityTimePeriod(!empty($_POST['downloads_download_validity']) ? intval($_POST['downloads_download_validity']) : 0); $objDownload->setVisibility(!empty($_POST['downloads_download_visibility'])); $objDownload->setProtection(!empty($_POST['downloads_download_access'])); $objDownload->setGroups($objDownload->getProtection() && !empty($_POST['downloads_download_access_associated_groups']) ? array_map('intval', $_POST['downloads_download_access_associated_groups']) : array()); $objDownload->setCategories(!empty($_POST['downloads_download_associated_categories']) ? array_map('intval', $_POST['downloads_download_associated_categories']) : array(0)); $objDownload->setDownloads(!empty($_POST['downloads_download_associated_downloads']) ? array_map('intval', $_POST['downloads_download_associated_downloads']) : array()); $objDownload->updateMTime(); if ($objDownload->store()) { if (!empty($this->parentCategoryId)) { header('location: ' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?cmd=Downloads&act=categories&parent_id=' . $this->parentCategoryId)); } else { return $this->downloads(); } } else { $this->arrStatusMsg['error'] = array_merge($this->arrStatusMsg['error'], $objDownload->getErrorMsg()); } } $this->_pageTitle = $objDownload->getId() ? $_ARRAYLANG['TXT_DOWNLOADS_EDIT_DOWNLOAD'] : $_ARRAYLANG['TXT_DOWNLOADS_ADD_DOWNLOAD']; $this->objTemplate->addBlockFile('DOWNLOADS_DOWNLOAD_TEMPLATE', 'module_downloads_downloads', 'module_downloads_download_modify.html'); $this->objTemplate->setVariable(array('TXT_DOWNLOADS_GENERAL' => $_ARRAYLANG['TXT_DOWNLOADS_GENERAL'], 'TXT_DOWNLOADS_PERMISSIONS' => $_ARRAYLANG['TXT_DOWNLOADS_PERMISSIONS'], 'TXT_DOWNLOADS_DOWNLOAD_VISIBILITY_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_DOWNLOAD_VISIBILITY_DESC'], 'TXT_DOWNLOADS_NAME' => $_ARRAYLANG['TXT_DOWNLOADS_NAME'], 'TXT_DOWNLOADS_DESCRIPTION' => $_ARRAYLANG['TXT_DOWNLOADS_DESCRIPTION'], 'TXT_DOWNLOADS_SOURCE' => $_ARRAYLANG['TXT_DOWNLOADS_SOURCE'], 'TXT_DOWNLOADS_LOCAL_FILE' => $_ARRAYLANG['TXT_DOWNLOADS_LOCAL_FILE'], 'TXT_DOWNLOADS_URL' => $_ARRAYLANG['TXT_DOWNLOADS_URL'], 'TXT_DOWNLOADS_BROWSE' => $_ARRAYLANG['TXT_DOWNLOADS_BROWSE'], 'TXT_DOWNLOADS_STATUS' => $_ARRAYLANG['TXT_DOWNLOADS_STATUS'], 'TXT_DOWNLOADS_VALIDITY_EXPIRATION' => $_ARRAYLANG['TXT_DOWNLOADS_VALIDITY_EXPIRATION'], 'TXT_DOWNLOADS_ACTIVE' => $_ARRAYLANG['TXT_DOWNLOADS_ACTIVE'], 'TXT_DOWNLOADS_TYPE' => $_ARRAYLANG['TXT_DOWNLOADS_TYPE'], 'TXT_DOWNLOADS_METAKEYS' => $_ARRAYLANG['TXT_DOWNLOADS_METAKEYS'], 'TXT_DOWNLOADS_SIZE' => $_ARRAYLANG['TXT_DOWNLOADS_SIZE'], 'TXT_DOWNLOADS_LICENSE' => $_ARRAYLANG['TXT_DOWNLOADS_LICENSE'], 'TXT_DOWNLOADS_VERSION' => $_ARRAYLANG['TXT_DOWNLOADS_VERSION'], 'TXT_DOWNLOADS_AUTHOR' => $_ARRAYLANG['TXT_DOWNLOADS_AUTHOR'], 'TXT_DOWNLOADS_WEBSITE' => $_ARRAYLANG['TXT_DOWNLOADS_WEBSITE'], 'TXT_DOWNLOADS_IMAGE' => $_ARRAYLANG['TXT_DOWNLOADS_IMAGE'], 'TXT_DOWNLOADS_CATEGORIES' => $_ARRAYLANG['TXT_DOWNLOADS_CATEGORIES'], 'TXT_DOWNLOADS_AVAILABLE_CATEGORIES' => $_ARRAYLANG['TXT_DOWNLOADS_AVAILABLE_CATEGORIES'], 'TXT_DOWNLOADS_ASSIGNED_CATEGORIES' => $_ARRAYLANG['TXT_DOWNLOADS_ASSIGNED_CATEGORIES'], 'TXT_DOWNLOADS_RELATED_DOWNLOADS' => $_ARRAYLANG['TXT_DOWNLOADS_RELATED_DOWNLOADS'], 'TXT_DOWNLOADS_AVAILABLE_DOWNLOADS' => $_ARRAYLANG['TXT_DOWNLOADS_AVAILABLE_DOWNLOADS'], 'TXT_DOWNLOADS_ASSIGNED_DOWNLOADS' => $_ARRAYLANG['TXT_DOWNLOADS_ASSIGNED_DOWNLOADS'], 'TXT_DOWNLOADS_DOWNLOAD_ALL_ACCESS_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_DOWNLOAD_ALL_ACCESS_DESC'], 'TXT_DOWNLOADS_DOWNLOAD_SELECTED_ACCESS_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_DOWNLOAD_SELECTED_ACCESS_DESC'], 'TXT_DOWNLOADS_AVAILABLE_USER_GROUPS' => $_ARRAYLANG['TXT_DOWNLOADS_AVAILABLE_USER_GROUPS'], 'TXT_DOWNLOADS_ASSIGNED_USER_GROUPS' => $_ARRAYLANG['TXT_DOWNLOADS_ASSIGNED_USER_GROUPS'], 'TXT_DOWNLOADS_CHECK_ALL' => $_ARRAYLANG['TXT_DOWNLOADS_CHECK_ALL'], 'TXT_DOWNLOADS_UNCHECK_ALL' => $_ARRAYLANG['TXT_DOWNLOADS_UNCHECK_ALL'], 'TXT_DOWNLOADS_CANCEL' => $_ARRAYLANG['TXT_DOWNLOADS_CANCEL'], 'TXT_DOWNLOADS_SAVE' => $_ARRAYLANG['TXT_DOWNLOADS_SAVE'])); // parse sorting & paging of the categories overview section $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_CATEGORY_SORT' => !empty($_GET['category_sort']) ? $_GET['category_sort'] : '', 'DOWNLOADS_DOWNLOAD_CATEGORY_SORT_BY' => !empty($_GET['category_by']) ? $_GET['category_by'] : '', 'DOWNLOADS_DOWNLOAD_DOWNLOAD_SORT' => !empty($_GET['download_sort']) ? $_GET['download_sort'] : '', 'DOWNLOADS_DOWNLOAD_DOWNLOAD_BY' => !empty($_GET['download_by']) ? $_GET['download_by'] : '', 'DOWNLOADS_DOWNLOAD_CATEGORY_OFFSET' => !empty($_GET['category_pos']) ? intval($_GET['category_pos']) : 0, 'DOWNLOADS_DOWNLOAD_DOWNLOAD_OFFSET' => !empty($_GET['download_pos']) ? intval($_GET['download_pos']) : 0)); // parse id $this->objTemplate->setVariable('DOWNLOADS_DOWNLOAD_ID', $objDownload->getId()); // parse name and description attributres $arrLanguages = \FWLanguage::getLanguageArray(); foreach ($arrLanguages as $langId => $arrLanguage) { if ($arrLanguage['frontend'] == 1) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_NAME' => htmlentities($objDownload->getName($langId), ENT_QUOTES, CONTREXX_CHARSET), 'DOWNLOADS_DOWNLOAD_LANG_ID' => $langId, 'DOWNLOADS_DOWNLOAD_LANG_NAME' => htmlentities($arrLanguage['name'], ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_name_list'); $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_DESCRIPTION' => htmlentities($objDownload->getDescription($langId), ENT_QUOTES, CONTREXX_CHARSET), 'DOWNLOADS_DOWNLOAD_LANG_ID' => $langId, 'DOWNLOADS_DOWNLOAD_LANG_DESCRIPTION' => htmlentities($arrLanguage['name'], ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_description_list'); if ($this->arrConfig['use_attr_metakeys']) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_METAKEYS' => htmlentities($objDownload->getMetakeys($langId), ENT_QUOTES, CONTREXX_CHARSET), 'DOWNLOADS_DOWNLOAD_LANG_ID' => $langId, 'DOWNLOADS_DOWNLOAD_LANG_METAKEYS' => htmlentities($arrLanguage['name'], ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_metakeys_list'); } $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_LANG_ID' => $langId, 'DOWNLOADS_DOWNLOAD_FILE_SOURCE' => $objDownload->getType() == 'file' ? htmlentities($objDownload->getSource($langId), ENT_QUOTES, CONTREXX_CHARSET) : '', 'TXT_DOWNLOADS_BROWSE' => $_ARRAYLANG['TXT_DOWNLOADS_BROWSE'], 'DOWNLOADS_DOWNLOAD_LANG_NAME' => htmlentities($arrLanguage['name'], ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_file_source_list'); $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_LANG_ID' => $langId, 'DOWNLOADS_DOWNLOAD_URL_SOURCE' => $objDownload->getType() == 'url' ? htmlentities($objDownload->getSource($langId), ENT_QUOTES, CONTREXX_CHARSET) : 'http://', 'TXT_DOWNLOADS_BROWSE' => $_ARRAYLANG['TXT_DOWNLOADS_BROWSE'], 'DOWNLOADS_DOWNLOAD_LANG_NAME' => htmlentities($arrLanguage['name'], ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_url_source_list'); } } $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_NAME' => htmlentities($objDownload->getName(), ENT_QUOTES, CONTREXX_CHARSET), 'TXT_DOWNLOADS_EXTENDED' => $_ARRAYLANG['TXT_DOWNLOADS_EXTENDED'])); $this->objTemplate->parse('downloads_download_name'); $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_DESCRIPTION' => htmlentities($objDownload->getDescription(), ENT_QUOTES, CONTREXX_CHARSET), 'TXT_DOWNLOADS_EXTENDED' => $_ARRAYLANG['TXT_DOWNLOADS_EXTENDED'])); $this->objTemplate->parse('downloads_download_description'); // parse metakeys if ($this->arrConfig['use_attr_metakeys']) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_METAKEYS' => htmlentities($objDownload->getMetakeys(), ENT_QUOTES, CONTREXX_CHARSET), 'TXT_DOWNLOADS_EXTENDED' => $_ARRAYLANG['TXT_DOWNLOADS_EXTENDED'])); $this->objTemplate->parse('downloads_download_metakeys'); $this->objTemplate->parse('downloads_download_attr_metakeys'); } else { $this->objTemplate->hideBlock('downloads_download_attr_metakeys'); } // parse type $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_TYPE_FILE_CHECKED' => $objDownload->getType() == 'file' ? 'checked="checked"' : '', 'DOWNLOADS_DOWNLOAD_TYPE_URL_CHECKED' => $objDownload->getType() == 'url' ? 'checked="checked"' : '', 'DOWNLOADS_DOWNLOAD_TYPE_FILE_CONFIG_DISPLAY' => $objDownload->getType() == 'file' ? 'block' : 'none', 'DOWNLOADS_DOWNLOAD_TYPE_URL_CONFIG_DISPLAY' => $objDownload->getType() == 'url' ? 'block' : 'none', 'DOWNLOADS_DOWNLOAD_FILE_SOURCE' => $objDownload->getType() == 'file' ? $objDownload->getSource() : '', 'DOWNLOADS_DOWNLOAD_URL_SOURCE' => $objDownload->getType() == 'url' ? $objDownload->getSource() : 'http://', 'TXT_DOWNLOADS_BROWSE' => $_ARRAYLANG['TXT_DOWNLOADS_BROWSE'], 'TXT_DOWNLOADS_EXTENDED' => $_ARRAYLANG['TXT_DOWNLOADS_EXTENDED'])); foreach (Download::$arrMimeTypes as $mimeType => $arrMimeType) { if (!count($arrMimeType['extensions'])) { continue; } $this->objTemplate->setVariable(array('DOWNLOADS_MIME_TYPE' => $mimeType, 'DOWNLOADS_FILE_EXTENSION_REGEXP' => implode('|', $arrMimeType['extensions']))); $this->objTemplate->parse('downloads_download_file_ext_regexp'); } // parse mime type $this->objTemplate->setVariable('DOWNLOADS_DOWNLOAD_MIME_TYPE_MENU', $this->getDownloadMimeTypeMenu($objDownload->getMimeType())); $attrRow = 0; // parse size if ($this->arrConfig['use_attr_size']) { $this->objTemplate->setVariable(array('TXT_DOWNLOADS_BYTES' => $_ARRAYLANG['TXT_DOWNLOADS_BYTES'], 'DOWNLOADS_DOWNLOAD_ATTRIBUTE_ROW' => $attrRow++ % 2 + 1, 'DOWNLOADS_DOWNLOAD_SIZE' => $objDownload->getSize())); $this->objTemplate->parse('downloads_download_attr_size'); } else { $this->objTemplate->hideBlock('downloads_download_attr_size'); } // parse license if ($this->arrConfig['use_attr_license']) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ATTRIBUTE_ROW' => $attrRow++ % 2 + 1, 'DOWNLOADs_DOWNLOAD_LICENSE' => htmlentities($objDownload->getLicense(), ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_attr_license'); } else { $this->objTemplate->hideBlock('downloads_download_attr_license'); } // parse version if ($this->arrConfig['use_attr_version']) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ATTRIBUTE_ROW' => $attrRow++ % 2 + 1, 'DOWNLOADS_DOWNLOAD_VERSION' => htmlentities($objDownload->getVersion(), ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_attr_version'); } else { $this->objTemplate->hideBlock('downloads_download_attr_version'); } // parse author if ($this->arrConfig['use_attr_author']) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ATTRIBUTE_ROW' => $attrRow++ % 2 + 1, 'DOWNLOADS_DOWNLOAD_AUTHOR' => htmlentities($objDownload->getAuthor(), ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_attr_author'); } else { $this->objTemplate->hideBlock('downloads_download_attr_author'); } // parse website if ($this->arrConfig['use_attr_website']) { $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ATTRIBUTE_ROW' => $attrRow++ % 2 + 1, 'DOWNLOADS_DOWNLOAD_WEBSITE' => htmlentities($objDownload->getWebsite(), ENT_QUOTES, CONTREXX_CHARSET))); $this->objTemplate->parse('downloads_download_attr_website'); } else { $this->objTemplate->hideBlock('downloads_download_attr_website'); } // parse validity expiration menu $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ATTRIBUTE_ROW' => $attrRow++ % 2 + 1, 'DOWNLOADS_DOWNLOAD_VALIDITY_EXPIRATION_MENU' => $this->getValidityMenu($objDownload->getValidityTimePeriod(), $objDownload->getExpirationDate()))); // parse active status $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_IS_ACTIVE_CHECKED' => $objDownload->getActiveStatus() ? 'checked="checked"' : '')); // parse image attribute $image = $objDownload->getImage(); if (!empty($image) && file_exists(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteDocumentRootPath() . '/' . $image)) { $thumb_name = \ImageManager::getThumbnailFilename($image); if (file_exists(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteDocumentRootPath() . '/' . $thumb_name)) { $imageSrc = $thumb_name; } else { $imageSrc = $image; } } else { $image = ''; $imageSrc = $this->defaultDownloadImage['src']; } $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_IMAGE' => $image, 'DOWNLOADS_DOWNLOAD_IMAGE_SRC' => $imageSrc, 'DOWNLOADS_DEFAULT_DOWNLOAD_IMAGE' => $this->defaultDownloadImage['src'], 'DOWNLOADS_DEFAULT_DOWNLOAD_IMAGE_WIDTH' => $this->defaultDownloadImage['width'] . 'px', 'DOWNLOADS_DEFAULT_DOWNLOAD_IMAGE_HEIGHT' => $this->defaultDownloadImage['height'] . 'px', 'DOWNLOADS_DOWNLOAD_IMAGE_REMOVE_DISPLAY' => empty($image) ? 'none' : '')); // parse associated categories $arrCategories = $this->getParsedCategoryListForDownloadAssociation(); $arrAssociatedCategories = $objDownload->getAssociatedCategoryIds(); $length = count($arrCategories); for ($i = 0; $i < $length; $i++) { if (\Permission::checkAccess(143, 'static', true) || !in_array($arrCategories[$i]['id'], $arrAssociatedCategories) && (!$arrCategories[$i]['add_files_access_id'] || \Permission::checkAccess($arrCategories[$i]['add_files_access_id'], 'dynamic', true)) || in_array($arrCategories[$i]['id'], $arrAssociatedCategories) && (!$arrCategories[$i]['manage_files_access_id'] || \Permission::checkAccess($arrCategories[$i]['manage_files_access_id'], 'dynamic', true)) || $objFWUser->objUser->login() && $arrCategories[$i]['owner_id'] == $objFWUser->objUser->getId()) { $disabled = false; } else { $disabled = true; } $option = '<option value="' . $arrCategories[$i]['id'] . '"' . ($disabled ? ' disabled="disabled"' : '') . '>' . htmlentities($arrCategories[$i]['name'], ENT_QUOTES, CONTREXX_CHARSET) . '</option>'; if (in_array($arrCategories[$i]['id'], $arrAssociatedCategories) || !$objDownload->getId() && $arrCategories[$i]['id'] == $this->parentCategoryId) { $arrAssociatedCategoryOptions[] = $option; } else { $arrNotAssociatedCategoryOptions[] = $option; } } $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ASSOCIATED_CATEGORIES' => implode("\n", $arrAssociatedCategoryOptions), 'DOWNLOADS_DOWNLOAD_NOT_ASSOCIATED_CATEGORIES' => implode("\n", $arrNotAssociatedCategoryOptions))); // parse related downloads $arrRelatedDownloads = $objDownload->getRelatedDownloadIds(); $objAvailableDownload = new Download(); $sortOrder = $this->downloadsSortingOptions[$this->arrConfig['downloads_sorting_order']]; $objAvailableDownload->loadDownloads(null, null, $sortOrder); while (!$objAvailableDownload->EOF) { if ($objAvailableDownload->getId() == $objDownload->getId()) { $objAvailableDownload->next(); continue; } $option = '<option value="' . $objAvailableDownload->getId() . '">' . htmlentities($objAvailableDownload->getName($_LANGID), ENT_QUOTES, CONTREXX_CHARSET) . ' (' . htmlentities($objAvailableDownload->getDescription($_LANGID), ENT_QUOTES, CONTREXX_CHARSET) . ')</option>'; if (in_array($objAvailableDownload->getId(), $arrRelatedDownloads)) { $arrAssociatedDownloadOptions[] = $option; } else { $arrNotAssociatedDownloadOptions[] = $option; } $objAvailableDownload->next(); } $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ASSOCIATED_DOWNLOADS' => implode("\n", $arrAssociatedDownloadOptions), 'DOWNLOADS_DOWNLOAD_NOT_ASSOCIATED_DOWNLOADS' => implode("\n", $arrNotAssociatedDownloadOptions))); // parse access permissions if ($objDownload->getAccessId()) { $objGroup = $objFWUser->objGroup->getGroups(array('dynamic' => $objDownload->getAccessId())); $arrAssociatedGroups = $objGroup->getLoadedGroupIds(); } elseif ($objDownload->getProtection()) { $arrAssociatedGroups = $objDownload->getAccessGroupIds(); } else { //$arrAssociatedCategories = $objDownload->getAssociatedCategoryIds(); if (count($arrAssociatedCategories)) { $objCategory = Category::getCategories(array('id' => $arrAssociatedCategories), null, null, array('id', 'read_access_id')); while (!$objCategory->EOF) { if ($objCategory->getReadAccessId()) { $objGroup = $objFWUser->objGroup->getGroups(array('dynamic' => $objCategory->getReadAccessId())); $arrAssociatedGroups = array_merge($arrAssociatedGroups, $objGroup->getLoadedGroupIds()); } $objCategory->next(); } } else { // TODO: WHY THAT? $objGroup = $objFWUser->objGroup->getGroups(); $arrAssociatedGroups = $objGroup->getLoadedGroupIds(); } } $objGroup = $objFWUser->objGroup->getGroups(); while (!$objGroup->EOF) { $option = '<option value="' . $objGroup->getId() . '">' . htmlentities($objGroup->getName(), ENT_QUOTES, CONTREXX_CHARSET) . ' [' . $objGroup->getType() . ']</option>'; if (in_array($objGroup->getId(), $arrAssociatedGroups)) { $arrAssociatedGroupOptions[] = $option; } else { $arrNotAssociatedGroupOptions[] = $option; } $objGroup->next(); } $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_ACCESS_ALL_CHECKED' => !$objDownload->getProtection() ? 'checked="checked"' : '', 'DOWNLOADS_DOWNLOAD_ACCESS_SELECTED_CHECKED' => $objDownload->getProtection() ? 'checked="checked"' : '', 'DOWNLOADS_DOWNLOAD_ACCESS_DISPLAY' => $objDownload->getProtection() ? '' : 'none', 'DOWNLOADS_DOWNLOAD_ACCESS_ASSOCIATED_GROUPS' => implode("\n", $arrAssociatedGroupOptions), 'DOWNLOADS_DOWNLOAD_ACCESS_NOT_ASSOCIATED_GROUPS' => implode("\n", $arrNotAssociatedGroupOptions), 'DOWNLOADS_DOWNLOAD_VISIBILITY_CHECKED' => $objDownload->getVisibility() ? 'checked="checked"' : '')); // parse cancel link $this->objTemplate->setVariable(array('DOWNLOADS_DOWNLOAD_CANCEL_LINK_SECITON' => $this->parentCategoryId ? 'categories' : 'downloads', 'DOWNLOADS_PARENT_CATEGORY_ID' => $this->parentCategoryId, 'DOWNLOADS_MEDIA_BROWSER_BUTTON' => self::getMediaBrowserButton('mediabrowser_button', 'filebrowser'))); return true; }
/** * Show the password reset mask. * * @access private * @global array $_ARRAYLANG * @global FWUser $objFWUser */ private function showPasswordReset() { global $_ARRAYLANG; \JS::activate('jquery'); $objFWUser = \FWUser::getFWUserObject(); $this->objTemplate->addBlockfile('CONTENT_FILE', 'CONTENT_BLOCK', '/core_modules/Login/View/Template/Backend/login_reset_password.html'); $this->objTemplate->setVariable(array('TITLE' => $_ARRAYLANG['TXT_LOGIN_SET_NEW_PASSWORD'], 'TXT_LOGIN_BACK_TO_LOGIN' => $_ARRAYLANG['TXT_LOGIN_BACK_TO_LOGIN'], 'TXT_LOGIN_GO_TO_BACKEND' => $_ARRAYLANG['TXT_LOGIN_GO_TO_BACKEND'], 'TXT_LOGIN_ENTER_A_NEW_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_ENTER_A_NEW_PASSWORD'], 'TXT_LOGIN_CONFIRM_NEW_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_CONFIRM_NEW_PASSWORD'], 'JAVASCRIPT' => \JS::getCode())); $this->objTemplate->hideBlock('error_message'); $this->objTemplate->hideBlock('success_message'); $this->objTemplate->hideBlock('back_to_login'); // TODO: Why oh why isn't function resetPassword() located in the AccessLibrary? $email = isset($_POST['email']) ? contrexx_stripslashes($_POST['email']) : (isset($_GET['email']) ? contrexx_stripslashes($_GET['email']) : ''); $restoreKey = isset($_POST['restore_key']) ? contrexx_stripslashes($_POST['restore_key']) : (isset($_GET['restoreKey']) ? contrexx_stripslashes($_GET['restoreKey']) : ''); $password = isset($_POST['PASSWORD']) ? trim(contrexx_stripslashes($_POST['PASSWORD'])) : ''; $confirmedPassword = isset($_POST['password2']) ? trim(contrexx_stripslashes($_POST['password2'])) : ''; $this->objTemplate->setVariable(array('LOGIN_EMAIL' => contrexx_raw2xhtml($email), 'LOGIN_RESTORE_KEY' => contrexx_raw2xhtml($restoreKey))); if (isset($_POST['reset_password'])) { if ($objFWUser->resetPassword($email, $restoreKey, $password, $confirmedPassword, true)) { $this->objTemplate->setVariable('LOGIN_SUCCESS_MESSAGE', $_ARRAYLANG['TXT_LOGIN_PASSWORD_CHANGED_SUCCESSFULLY']); $this->objTemplate->touchBlock('success_message'); $this->objTemplate->hideBlock('login_reset_password'); $this->objTemplate->touchBlock('back_to_login'); $userFilter = array('active' => 1, 'email' => $email); $objUser = $objFWUser->objUser->getUsers($userFilter, null, null, null, 1); $objFWUser->loginUser($objUser); } else { $this->objTemplate->setVariable('LOGIN_ERROR_MESSAGE', $objFWUser->getErrorMsg()); $this->objTemplate->touchBlock('error_message'); $this->objTemplate->setVariable(array('TXT_LOGIN_EMAIL' => $_ARRAYLANG['TXT_LOGIN_EMAIL'], 'TXT_LOGIN_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_PASSWORD'], 'TXT_LOGIN_VERIFY_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_VERIFY_PASSWORD'], 'TXT_LOGIN_PASSWORD_MINIMAL_CHARACTERS' => $_ARRAYLANG['TXT_LOGIN_PASSWORD_MINIMAL_CHARACTERS'], 'TXT_LOGIN_SET_PASSWORD_TEXT' => $_ARRAYLANG['TXT_LOGIN_SET_PASSWORD_TEXT'], 'TXT_LOGIN_SET_NEW_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_SET_NEW_PASSWORD'])); $this->objTemplate->parse('login_reset_password'); } } else { $this->objTemplate->setVariable(array('TXT_LOGIN_EMAIL' => $_ARRAYLANG['TXT_LOGIN_EMAIL'], 'TXT_LOGIN_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_PASSWORD'], 'TXT_LOGIN_VERIFY_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_VERIFY_PASSWORD'], 'TXT_LOGIN_PASSWORD_MINIMAL_CHARACTERS' => $_ARRAYLANG['TXT_LOGIN_PASSWORD_MINIMAL_CHARACTERS'], 'TXT_LOGIN_SET_PASSWORD_TEXT' => $_ARRAYLANG['TXT_LOGIN_SET_PASSWORD_TEXT'], 'TXT_LOGIN_SET_NEW_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_SET_NEW_PASSWORD'])); $this->objTemplate->parse('login_reset_password'); } }
/** * Memberlist * * @access private * @global ADONewConnection * @global array * @global array */ function _memberList() { global $objDatabase, $_ARRAYLANG, $_CONFIG; $this->setDirs(0, true); $this->_objTpl->setTemplate($this->pageContent, true, true); $dirid = intval($_GET['id']); $this->_objTpl->setGlobalVariable(array("TXT_OVERVIEW" => $_ARRAYLANG['TXT_OVERVIEW'])); $treeid = $dirid; $tree = array(); while ($treeid > 0) { $temp = array('id' => $treeid, 'name' => $this->directories[$treeid]['name']); $tree[] = $temp; $treeid = $this->directories[$treeid]['parentdir']; } $tree = array_reverse($tree); foreach ($tree as $branch) { $this->_objTpl->setVariable(array("MEMBERDIR_DIRID" => $branch['id'], "MEMBERDIR_DIRNAME" => $branch['name'])); $this->_objTpl->parse("tree-element"); } $this->_objTpl->parse("tree"); if ($this->directories[$dirid]['displaymode'] == 0 || $this->directories[$dirid]['displaymode'] == 1) { $lastlevel = 0; if ($this->directories[$dirid]['has_children']) { $this->_objTpl->setVariable(array("TXT_CATEGORY_TREE_DESC" => "<div style=\"margin-bottom: 5px;\">" . $_ARRAYLANG['TXT_SUBDIRECTORIES'] . "</div>", 'TXT_MEMBERDIR_EXPORT_CONTACT_AS_VCARD' => $_ARRAYLANG['TXT_MEMBERDIR_EXPORT_CONTACT_AS_VCARD'])); } foreach ($this->directories as $dirkey => $directory) { // check language if ($directory['lang'] != 0 && $directory['lang'] != $this->langId) { continue; } if ($directory['active'] && $directory['parentdir'] == $dirid && $dirkey != 0) { $this->_objTpl->setVariable(array("MEMBERDIR_DIR_ID" => $dirkey, "MEMBERDIR_DIR_NAME" => $directory['name'], "MEMBERDIR_IMAGE_SRC" => "pixel.gif")); $this->_objTpl->parse("category"); } } $this->_objTpl->parse("category_list"); $this->_objTpl->hideBlock("category_show"); } if ($this->directories[$dirid]['displaymode'] == 0 || $this->directories[$dirid]['displaymode'] == 2) { if (empty($_GET['sort'])) { $_GET['sort'] = ""; } if (empty($_GET['search'])) { $_GET['search'] = ""; } $keyword = isset($_GET['keyword']) ? contrexx_addslashes($_GET['keyword']) : ""; $sort = contrexx_addslashes($_GET['sort']); $this->_objTpl->setGlobalVariable(array("MEMBERDIR_DIRID" => $dirid, "MEMBERDIR_CHAR_LIST" => $this->_getCharList(CONTREXX_DIRECTORY_INDEX . "?section=MemberDir&cmd=" . htmlentities($_GET['cmd'], ENT_QUOTES, CONTREXX_CHARSET) . "&id=" . $dirid . "&sort={$sort}"), "MEMBERDIR_DESCRIPTION" => nl2br($this->directories[$dirid]['description']))); $sortField = $this->directories[$dirid]['sort']; if ($sort == "sc") { /* Special Chars */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `1` REGEXP '^[^a-zA-Z]' AND\n `dirid` = '{$dirid}'"; } elseif (preg_match("%^[a-z]\$%i", $sort)) { /* Sort by char */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `1` REGEXP '^" . $sort . "' AND\n `dirid` = '{$dirid}'"; } elseif ($_GET['search'] == "search") { /* Search */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE (\n `1` LIKE '%{$keyword}%' OR\n `2` LIKE '%{$keyword}%' OR\n `3` LIKE '%{$keyword}%' OR\n `4` LIKE '%{$keyword}%' OR\n `5` LIKE '%{$keyword}%' OR\n `6` LIKE '%{$keyword}%' OR\n `7` LIKE '%{$keyword}%' OR\n `8` LIKE '%{$keyword}%' OR\n `9` LIKE '%{$keyword}%' OR\n `10` LIKE '%{$keyword}%' OR\n `11` LIKE '%{$keyword}%' OR\n `12` LIKE '%{$keyword}%' OR\n `13` LIKE '%{$keyword}%' OR\n `14` LIKE '%{$keyword}%' OR\n `15` LIKE '%{$keyword}%' OR\n `16` LIKE '%{$keyword}%' OR\n `17` LIKE '%{$keyword}%' OR\n `18` LIKE '%{$keyword}%'\n ) "; if ($dirid != 0) { $query .= " AND `dirid` = '{$dirid}'"; } $objResult = $objDatabase->Execute($query); } elseif ($sort == "all") { /* All */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `dirid` = '{$dirid}'"; } else { if ($this->options['default_listing']) { $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `dirid` = '{$dirid}'"; } } if ($this->options['default_listing']) { $query .= " ORDER BY `" . $sortField . "` ASC"; $pos = isset($_GET['pos']) ? intval($_GET['pos']) : 0; $objResult = $objDatabase->Execute($query); } if ($objResult) { $count = $objResult->RecordCount(); $paging = getPaging($count, $pos, "&section=MemberDir&cmd=" . htmlentities($_GET['cmd'], ENT_QUOTES, CONTREXX_CHARSET) . "&id={$dirid}&sort={$sort}&search=" . htmlentities(contrexx_stripslashes($_GET['search']), ENT_QUOTES, CONTREXX_CHARSET) . "&keyword={$keyword}", "<b>" . $_ARRAYLANG['TXT_MEMBERDIR_ENTRIES'] . "</b>", true, $_CONFIG['corePagingLimit']); $this->_objTpl->setVariable("MEMBERDIR_PAGING", $paging); $objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos); if ($objResult) { $rowid = 1; while (!$objResult->EOF) { $fieldnames = $this->getFieldData($dirid); for ($i = 1; $i < 17; $i++) { $placeholder = $this->getPlaceholderName($fieldnames[$i]['name']); $replace[$placeholder] = $objResult->fields["{$i}"]; } if ($dirid == 0) { $replace["FIELD_CATEGORY"] = $_ARRAYLANG['TXT_DIRECTORY'] . ": <strong>" . $this->directories[$objResult->fields['dirid']]['name'] . "</strong><br />"; } if ($this->directories[$objResult->fields['dirid']] && $objResult->fields['pic1'] != "none") { $src = $objResult->fields['pic1']; $size = getimagesize(ASCMS_PATH . $src); $width = $this->options['max_width'] < $size[0] ? $this->options['max_width'] : $size[0]; $height = $this->options['max_height'] < $size[1] ? $this->options['max_height'] : $size[1]; $this->_objTpl->setVariable(array("FIELD_PIC1" => "<img src=\"{$src}\" alt=\"\" style=\"width: " . $width . "px; height: " . $height . "px;\" /><br />")); } if ($this->directories[$objResult->fields['dirid']] && $objResult->fields['pic2'] != "none") { $src = $objResult->fields['pic2']; $size = getimagesize(ASCMS_PATH . $src); $width = $this->options['max_width'] < $size[0] ? $this->options['max_width'] : $size[0]; $height = $this->options['max_height'] < $size[1] ? $this->options['max_height'] : $size[1]; $this->_objTpl->setVariable(array("FIELD_PIC2" => "<img src=\"{$src}\" alt=\"\" style=\"width: " . $width . "px; height: " . $height . "px;\" /><br />")); } $name = $key <= 12 ? strtoupper($field['name']) : $key; $this->_objTpl->setVariable(array("MEMBERDIR_FIELD_" . $name => $key > 12 ? nl2br($objResult->fields[$key]) : $this->checkStr($objResult->fields[$key]))); $this->_objTpl->setVariable($replace); $this->_objTpl->setVariable(array("MEMBERDIR_ROW" => $rowid, "MEMBERDIR_ID" => $objResult->fields['id'], "FIELD_DIRECTORY" => $this->directories[$dirid]['name'])); $this->_objTpl->parse("memberdir_row"); $rowid = $rowid == 2 ? 1 : 2; $objResult->MoveNext(); } } } $this->_objTpl->touchBlock("category_show"); $this->_objTpl->parse("category_show"); } }
/** * Return the recipients of a form * * @author Stefan Heinemann <*****@*****.**> * @param int $formID * @return array */ protected function getRecipients($formID, $allLanguages = true) { global $objDatabase; $formID = intval($formID); if ($formID == 0) { return array(); } if ($allLanguages == false) { $sqlWhere = ""; } $query = ' SELECT `r`.`id`, `r`.`email`, `r`.`sort`, `l`.`name`, `l`.`langID` FROM `' . DBPREFIX . 'module_contact_recipient` AS `r` LEFT JOIN `' . DBPREFIX . 'module_contact_recipient_lang` AS `l` ON `l`.`recipient_id` = `r`.`id` WHERE `r`.`id_form` = ' . $formID . ' ORDER BY `sort`, `r`.`id` '; $res = $objDatabase->execute($query); $lastID = 0; $recipients = array(); if ($res !== false) { foreach ($res as $recipient) { if ($lastID != $recipient['id']) { $recipients[$recipient['id']] = array('id' => $recipient['id'], 'email' => contrexx_stripslashes($recipient['email']), 'sort' => $recipient['sort'], 'editType' => 'edit'); $lastID = $recipient['id']; } $recipients[$lastID]['lang'][$recipient['langID']] = contrexx_stripslashes($recipient['name']); } } return $recipients; }
function _configModifyMails($copy = false) { global $_ARRAYLANG; if (empty($_REQUEST['type'])) { return $this->_configMails(); } $objFWUser = \FWUser::getFWUserObject(); $objUserMail = $objFWUser->getMail(); if ($copy) { $objUserMail->load(contrexx_addslashes($_REQUEST['type'])); $objUserMail->setLangId(!empty($_REQUEST['access_mail_lang']) ? intval($_REQUEST['access_mail_lang']) : 0); } elseif (!$objUserMail->load(contrexx_addslashes($_REQUEST['type']), !empty($_REQUEST['access_mail_lang']) ? intval($_REQUEST['access_mail_lang']) : null)) { return $this->_configMails(); } if (isset($_POST['access_save_mail']) || isset($_GET['access_change_format'])) { // only administrators are allowed to modify the config if (!\Permission::hasAllAccess()) { \Permission::noAccess(); } $objUserMail->setFormat(!empty($_POST['access_mail_format']) ? $_POST['access_mail_format'] : null); $objUserMail->setSubject(!empty($_POST['access_mail_subject']) ? contrexx_stripslashes($_POST['access_mail_subject']) : ''); $objUserMail->setSenderMail(!empty($_POST['access_mail_sender_address']) ? contrexx_stripslashes($_POST['access_mail_sender_address']) : ''); $objUserMail->setSenderName(!empty($_POST['access_mail_sender_name']) ? contrexx_stripslashes($_POST['access_mail_sender_name']) : ''); $objUserMail->setBodyText(!empty($_POST['access_mail_body_text']) ? contrexx_stripslashes($_POST['access_mail_body_text']) : ''); $objUserMail->setBodyHtml(!empty($_POST['access_mail_body_html']) ? contrexx_stripslashes($_POST['access_mail_body_html']) : ''); if (isset($_POST['access_save_mail'])) { if ($objUserMail->store()) { self::$arrStatusMsg['ok'][] = $_ARRAYLANG['TXT_ACCESS_MAIL_STORED_SUCCESSFULLY']; return $this->_configMails(); } else { self::$arrStatusMsg['error'] = array_merge(self::$arrStatusMsg['error'], $objUserMail->getErrorMsg()); } } } $this->_objTpl->addBlockfile('ACCESS_CONFIG_TEMPLATE', 'module_access_config_mail_modify', 'module_access_config_mail_modify.html'); $this->_objTpl->setVariable(array('TXT_ACCESS_MODIFY_EMAIL' => $_ARRAYLANG['TXT_ACCESS_MODIFY_EMAIL'], 'TXT_ACCESS_MAIL_SUBJECT' => $_ARRAYLANG['TXT_ACCESS_MAIL_SUBJECT'], 'TXT_ACCESS_SEND_AS' => $_ARRAYLANG['TXT_ACCESS_SEND_AS'], 'TXT_ACCESS_SENDER_ADDRESS' => $_ARRAYLANG['TXT_ACCESS_SENDER_ADDRESS'], 'TXT_ACCESS_SENDER_NAME' => $_ARRAYLANG['TXT_ACCESS_SENDER_NAME'], 'TXT_ACCESS_TEXT_BODY' => $_ARRAYLANG['TXT_ACCESS_TEXT_BODY'], 'TXT_ACCESS_CANCEL' => $_ARRAYLANG['TXT_ACCESS_CANCEL'], 'TXT_ACCESS_SAVE' => $_ARRAYLANG['TXT_ACCESS_SAVE'], 'TXT_ACCESS_TYPE' => $_ARRAYLANG['TXT_ACCESS_TYPE'], 'TXT_ACCESS_LANGUAGE' => $_ARRAYLANG['TXT_ACCESS_LANGUAGE'], 'TXT_ACCESS_PLACEHOLDER_DIRECTORY' => $_ARRAYLANG['TXT_ACCESS_PLACEHOLDER_DIRECTORY'])); if ($copy) { if (($language = $this->getMailLanguageMenu($objUserMail->getType(), $objUserMail->getLangId(), 'name="access_mail_lang" style="width:400px;"')) === false) { return $this->_configMails(); } } elseif (!$objUserMail->getLangId()) { $language = '-'; } else { $language = '<input type="hidden" name="access_mail_lang" value="' . $objUserMail->getLangId() . '" />' . \FWLanguage::getLanguageParameter($objUserMail->getLangId(), 'name'); } $this->_objTpl->setVariable(array('ACCESS_MAIL_ACTION' => $copy ? 'copyMail' : 'modifyMail', 'ACCESS_MAIL_TYPE' => $objUserMail->getType(), 'ACCESS_MAIL_TYPE_TXT' => $objUserMail->getTypeDescription(), 'ACCESS_MAIL_LANGUAGE' => $language, 'ACCESS_MAIL_SUBJECT' => htmlentities($objUserMail->getSubject(), ENT_QUOTES, CONTREXX_CHARSET), 'ACCESS_MAIL_FORMAT' => $this->getMailFormatMenu($objUserMail->getFormat(), 'name="access_mail_format" onchange="document.getElementById(\'access_mail_form\').action=\'index.php?cmd=Access&act=config&tpl=' . ($copy ? 'copyMail' : 'modifyMail') . '&type=' . $objUserMail->getType() . '&access_mail_lang=\'+(typeof(document.getElementsByName(\'access_mail_lang\')[0]) != \'undefined\' ? document.getElementsByName(\'access_mail_lang\')[0].value : 0)+\'&access_change_format=1\';document.getElementById(\'access_mail_form\').submit()" size="1" style="width:400px;"'), 'ACCESS_MAIL_SENDER_ADDRESS' => htmlentities($objUserMail->getSenderMail(), ENT_QUOTES, CONTREXX_CHARSET), 'ACCESS_MAIL_SENDER_NAME' => htmlentities($objUserMail->getSenderName(), ENT_QUOTES, CONTREXX_CHARSET), 'ACCESS_MAIL_BODY_TEXT' => htmlentities($objUserMail->getBodyText(), ENT_QUOTES, CONTREXX_CHARSET), 'ACCESS_MAIL_BODY_HTML' => $objUserMail->getFormat() != 'text' ? new \Cx\Core\Wysiwyg\Wysiwyg('access_mail_body_html', $objUserMail->getBodyHtml(), 'fullpage') : '<input type="hidden" name="access_mail_body_html" value="' . htmlentities($objUserMail->getBodyHtml(), ENT_QUOTES, CONTREXX_CHARSET) . '" />', 'ACCESS_MAIL_HTML_BODY_STAUTS' => $objUserMail->getFormat() != 'text' ? 'block' : 'none', 'ACCESS_MAIL_TEXT_BODY_STAUTS' => $objUserMail->getFormat() == 'text' ? 'block' : 'none', 'ACCESS_MAIL_HTML_BODY_CLASS' => $objUserMail->getFormat() != 'text' ? 'active' : '', 'ACCESS_MAIL_TEXT_BODY_CLASS' => $objUserMail->getFormat() == 'text' ? 'active' : '')); if ($objUserMail->getFormat() == 'text') { $this->_objTpl->setVariable('TXT_ACCESS_TEXT', $_ARRAYLANG['TXT_ACCESS_TEXT']); $this->_objTpl->touchBlock('access_mail_text_body'); $this->_objTpl->hideBlock('access_mail_html_body'); } elseif ($objUserMail->getFormat() == 'html') { $this->_objTpl->setVariable('TXT_ACCESS_HTML_UC', $_ARRAYLANG['TXT_ACCESS_HTML_UC']); $this->_objTpl->touchBlock('access_mail_html_body'); $this->_objTpl->hideBlock('access_mail_text_body'); } else { $this->_objTpl->setVariable(array('TXT_ACCESS_HTML_UC' => $_ARRAYLANG['TXT_ACCESS_HTML_UC'], 'TXT_ACCESS_TEXT' => $_ARRAYLANG['TXT_ACCESS_TEXT'])); $this->_objTpl->touchBlock('access_mail_html_body'); $this->_objTpl->touchBlock('access_mail_text_body'); } $nr = 0; foreach ($objUserMail->getPlaceholders() as $placeholder => $placeholderTxt) { $this->_objTpl->setVariable(array('ACCESS_CLASS_ROW_NR' => $nr++ % 2 ? 2 : 1, 'ACCESS_PLACEHOLDER_TXT' => $placeholderTxt, 'ACCESS_PLACEHOLDER' => $placeholder)); $this->_objTpl->parse('access_placeholder_list'); } $this->_objTpl->parse('module_access_config_mail_modify'); return true; }
/** * Unescapes data from any request and returns a raw string or an array * thereof. * * Apply to any string or array taken from a get or post request, or from a * cookie. * @param mixed $input The input string or array * @return mixed The raw string or array */ function contrexx_input2raw($input) { if (is_array($input)) { $arr = array(); foreach ($input as $i => $_input) { $arr[$i] = contrexx_input2raw($_input); } return $arr; } return contrexx_stripslashes($input); }
/** * Set a new Password for a specific user if the admin has enough permissions * * @param string $arguments['get']['userId'] || $arguments['post']['userId'] * @param string $arguments['get']['password'] || $arguments['post']['password'] * @param string $arguments['get']['repeatPassword'] || $arguments['post']['repeatPassword'] * @return boolean */ public function setPassword($arguments) { if (empty($arguments['get']['userId']) && empty($arguments['post']['userId']) || empty($arguments['get']['password']) && empty($arguments['post']['password']) || empty($arguments['get']['repeatPassword']) && empty($arguments['post']['repeatPassword'])) { return false; } $objFWUser = \FWUser::getFWUserObject(); $arrPermissionIds = $objFWUser->objGroup->getGroups()->getStaticPermissionIds(); if (!$objFWUser->objUser->login()) { return false; } if ($objFWUser->objUser->getAdminStatus() || in_array('18', $arrPermissionIds) && in_array('36', $arrPermissionIds)) { $password = contrexx_stripslashes(!empty($arguments['get']['password']) ? $arguments['get']['password'] : $arguments['post']['password']); $password2 = contrexx_stripslashes(!empty($arguments['get']['repeatPassword']) ? $arguments['get']['repeatPassword'] : $arguments['post']['repeatPassword']); $userId = !empty($arguments['get']['userId']) ? $arguments['get']['userId'] : $arguments['post']['userId']; $user = $objFWUser->objUser->getUser($userId); return $user->setPassword($password, $password2) && $user->store(); } return false; }