function onSubmit($vals) { // 1. prepare vals for insertion if ($vals['contact_url'] == 'http://') { $vals['contact_url'] = ''; } if ($vals['loc_map'] == 'http://') { $vals['loc_map'] = ''; } $vals['details'] = nl2br(wordwrap(htmlentities_compat($vals['details']), 70, "\n", true)); if (!$vals['public'] || empty($vals['public'])) { $vals['public'] = 'no'; } if (!$vals['media'] || empty($vals['media'])) { $vals['media'] = 'no'; } if (!empty($vals['loc_addr2'])) { $vals['loc_address'] .= "\n" . $vals['loc_addr2']; } $data = array('title' => $vals['title'], 'date' => $vals['date'], 'until_date' => $vals['end_date'], 'time' => $vals['time'], 'until_time' => $vals['end_time'], 'category' => $vals['category'], 'audience' => $vals['audience'], 'details' => $vals['details'], 'contact' => $vals['contact'], 'contact_email' => $vals['contact_email'], 'contact_phone' => $vals['contact_phone'], 'contact_url' => $vals['contact_url'], 'loc_name' => $vals['loc_name'], 'loc_address' => $vals['loc_address'], 'loc_city' => $vals['loc_city'], 'loc_province' => $vals['loc_province'], 'loc_country' => $vals['loc_country'], 'sponsor' => $vals['sponsor'], 'rsvp' => $vals['rsvp'], 'public' => $vals['public'], 'media' => $vals['media'], 'sitellite_status' => 'draft', 'sitellite_access' => 'public'); if (session_valid()) { $data['sitellite_owner'] = session_username(); $data['sitellite_team'] = session_team(); } // 2. submit event as 'draft' loader_import('cms.Versioning.Rex'); $rex = new Rex('siteevent_event'); $res = $rex->create($data, 'Event submission.'); $vals['id'] = $res; // 3. email notification @mail(appconf('submissions'), 'Event Submission Notice', template_simple('submission_email.spt', $vals)); // 4. thank you screen page_title(intl_get('Thank You!')); echo template_simple('submissions.spt'); }
function SiteblogCommentForm() { parent::MailForm(); global $cgi; $this->parseSettings('inc/app/siteblog/forms/comment/settings.php'); if (isset($cgi->_key) && !empty($cgi->_key)) { //edit a comment page_title('Editing Comment'); $comment = db_single('select * from siteblog_comment where id = ?', $cgi->_key); $this->widgets['name']->setValue($comment->author); $this->widgets['email']->setValue($comment->email); $this->widgets['url']->setValue($comment->url); $this->widgets['body']->setValue($comment->body); } elseif (!isset($cgi->post)) { header('Location: ' . site_prefix() . '/index'); exit; } else { if (session_valid()) { $this->widgets['name']->setValue(session_username()); $user = session_get_user(); $this->widgets['email']->setValue($user->email); $this->widgets['url']->setValue($user->website); } $this->widgets['post']->setValue($cgi->post); //page_title ('Post a Comment'); } if (!appconf('comments_security')) { unset($this->widgets['security_test']); } }
function digger_has_voted($id) { if (!session_valid()) { return false; } // can't vote on own stories if (db_shift('select count(*) from digger_linkstory where id = ? and user = ?', $id, session_username())) { return true; } // voted already if (db_shift('select count(*) from digger_vote where story = ? and user = ?', $id, session_username())) { return true; } return false; }
function NewsSubmissionsForm() { parent::MailForm(); $this->parseSettings('inc/app/news/forms/submissions/settings.php'); if (session_valid()) { $this->widgets['author']->setDefault(session_username()); } $list = array(); foreach (db_fetch_array('select * from sitellite_news_category') as $cat) { $list[$cat->name] = intl_get($cat->name); } $this->widgets['category']->setValues($list); page_title(intl_get('Submit A Story')); if (!appconf('comments_security')) { unset($this->widgets['security_test']); } }
function SitepollCommentAddForm() { parent::MailForm(); $this->parseSettings('inc/app/sitepoll/forms/comment/add/settings.php'); page_title(intl_get('Add Comment')); if (session_valid()) { $this->widgets['user_id']->setDefault(session_username()); } global $cgi; page_add_script(' function sitepoll_cancel (f) { window.location.href = "' . site_prefix() . '/index/sitepoll-results-action/poll.' . $cgi->poll . '"; return false; } '); $this->widgets['submit_button']->buttons[1]->extra = 'onclick="return sitepoll_cancel (this.form)"'; }
function NewsCommentAddForm() { parent::MailForm(); $this->parseSettings('inc/app/news/forms/comment/add/settings.php'); page_title(intl_get('Add Comment')); if (session_valid()) { $this->widgets['user_id']->setDefault(session_username()); } global $cgi; page_add_script(' function news_cancel (f) { window.location.href = "' . site_prefix() . '/index/news-app/story.' . $cgi->story_id . '"; return false; } '); $this->widgets['submit_button']->buttons[1]->extra = 'onclick="return news_cancel (this.form)"'; if (!appconf('comments_security')) { unset($this->widgets['security_test']); } }
function SitememberContactForm() { parent::MailForm(); $this->parseSettings('inc/app/sitemember/forms/contact/settings.php'); global $cgi; if (!isset($cgi->user)) { header('Location: ' . site_prefix() . '/index/sitemember-app'); exit; } $this->member = session_get_user($cgi->user); if (!is_object($this->member) || $this->member->public != 'yes') { header('Location: ' . site_prefix() . '/index/sitemember-app'); exit; } page_title(intl_get('Member Contact Form') . ': ' . $cgi->user); if (session_valid()) { $info = session_get_user(); $this->widgets['email']->setValue($info->email); } }
<?php global $cgi; if (!session_valid()) { page_title(intl_get('You must be logged in to post')); echo template_simple('post_not_registered.spt', $cgi); return; } if (empty($cgi->post) && empty($cgi->topic)) { header('Location: ' . site_prefix() . '/index/siteforum-app'); exit; } class SiteforumPostForm extends MailForm { function SiteforumPostForm() { parent::MailForm(); page_title(intl_get('Post a Message')); $this->parseSettings('inc/app/siteforum/forms/post/settings.php'); page_add_script(' function siteforum_preview (f) { t = f.target; a = f.action; f.target = "_blank"; f.action = "' . site_prefix() . '/index/siteforum-post-preview-action"; f.submit (); f.target = t; f.action = a; return false;
/** * Open cache tag handler. * * @access private * @param associative array $node * @return string * */ function _cache($node) { $user = ''; if ($node['attributes']['scope'] == 'session') { if (session_valid()) { $user = session_username(); $cacheable = true; } else { $cacheable = false; } } else { $cacheable = true; } $this->cache = false; if (!$cacheable) { return ''; } if (!isset($node['attributes']['scope'])) { $node['attributes']['scope'] = 'application'; } if (isset($node['attributes']['duration'])) { $duration = (int) $node['attributes']['duration']; } else { $duration = $this->cacheDuration; } if (!isset($node['attributes']['id'])) { $this->cacheCount++; $node['attributes']['id'] = $this->cacheCount; } loader_import('saf.Cache'); $this->_cache = new Cache($this->cacheLocation . $node['attributes']['scope']); if ($this->_cache->expired($this->file . ':' . $node['attributes']['id'] . ':' . $user, $duration)) { // re-cache $this->cache = $this->file . ':' . $node['attributes']['id'] . ':' . $user; $this->output2 = $this->output; $this->output = ''; return ''; } else { // show from cache $out = $this->_cache->show($this->file . ':' . $node['attributes']['id'] . ':' . $user); $this->ignoreUntilLevel($node['level']); } return $out; }
<?php loader_import('saf.Misc.RPC'); global $cgi; if (!$cgi->page) { echo rpc_response(false); exit; } if (!$cgi->rev) { echo rpc_response(false); exit; } $level = 0; if (session_valid()) { $level++; } if (session_admin()) { $level++; } $current = db_single('select * from sitewiki_page where id = ?', $cgi->page); if (!$current) { echo rpc_response(false); exit; } $revision = db_single('select * from sitewiki_page_sv where id = ? and sv_autoid = ?', $cgi->page, $cgi->rev); if (!$revision) { echo rpc_response(false); exit; } if ($current->view_level > $level && $current->owner != session_username()) { echo rpc_response(false);
// your app begins here global $cgi; if (!empty($cgi->username) && session_admin()) { header('Location: ' . site_prefix() . '/index/cms-app?forward=' . urlencode($_SERVER['HTTP_REFERER'])); exit; } elseif (!session_valid()) { $action = 'login'; } elseif (!empty($cgi->username) && $cgi->remember_me == 'yes') { $duration = appconf('remember_login'); if ($duration) { // convert duration to seconds $duration = $duration * 86400; // set "sitemember_remember" cookie global $cookie; $cookie->set('sitemember_remember', $duration, $duration, '/', site_domain(), site_secure()); // adjust cookie session_change_timeout($duration); // adjust expires value session_user_edit(session_username(), array('expires' => date('Y-m-d H:i:s', time() + $duration))); } $action = 'home'; } else { $action = 'home'; } if (session_valid() && !empty($parameters['goto'])) { header('Location: ' . $parameters['goto']); exit; } list($type, $call) = split(':', appconf($action), 2); $func = 'loader_' . $type; echo $func(trim($call), $parameters, $box['context']);
function onSubmit($vals) { loader_import('cms.Versioning.Rex'); $rex = new Rex('sitewiki_page'); unset($vals['editing']); unset($vals['instructions']); unset($vals['security_test']); unset($vals['submit_button']); $vals['id'] = $vals['page']; unset($vals['page']); if ($this->new_page) { $vals['created_on'] = date('Y-m-d H:i:s'); $vals['updated_on'] = date('Y-m-d H:i:s'); $vals['owner'] = session_username(); if (!$vals['owner']) { $vals['owner'] = 'anonymous'; } $vals2 = $vals; unset($vals2['files']); unset($vals2['file_1']); unset($vals2['file_2']); unset($vals2['file_3']); $res = $rex->create($vals2, 'Page created.'); } else { $vals['updated_on'] = date('Y-m-d H:i:s'); $vals2 = $vals; unset($vals2['files']); unset($vals2['file_1']); unset($vals2['file_2']); unset($vals2['file_3']); $method = $rex->determineAction($vals['id']); $res = $rex->{$method}($vals['id'], $vals2); } if (session_valid()) { // handle files $types = preg_split('/, ?/', appconf('allowed_file_types')); if (is_object($vals['file_1'])) { $info = pathinfo($vals['file_1']->name); if (in_array(strtolower($info['extension']), $types)) { db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_1']->name, session_username()); $file_id = db_lastid(); $vals['file_1']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id); } } if (is_object($vals['file_2'])) { $info = pathinfo($vals['file_2']->name); if (in_array(strtolower($info['extension']), $types)) { db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_2']->name, session_username()); $file_id = db_lastid(); $vals['file_2']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id); } } if (is_object($vals['file_3'])) { $info = pathinfo($vals['file_3']->name); if (in_array(strtolower($info['extension']), $types)) { db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_3']->name, session_username()); $file_id = db_lastid(); $vals['file_3']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id); } } } lock_remove('sitewiki_page', $vals['id']); header('Location: ' . site_prefix() . '/index/sitewiki-app/show.' . $vals['id']); exit; }
function removePersonal($word) { if (!session_valid()) { return false; } return db_execute('delete from xed_speling_personal where username = ? and word = ?', session_username(), $word); }
/** * Constructor method. Creates the source and store objects and sets the * default user to the current $session->username * * @param string * @param string * */ function Rev($source = 'Database', $store = 'Database') { global $loader; if (!$loader->import('cms.Versioning.Source.' . $source)) { $this->error = 'Failed to load source driver'; return; } $class = 'RevSource_' . $source; $this->source = new $class(); if (!$loader->import('cms.Versioning.Store.' . $store)) { $this->error = 'Failed to load store driver'; return; } $class = 'RevStore_' . $store; $this->store = new $class(); if (session_valid()) { $this->user = session_username(); } else { $this->user = '******'; } }
/** * Builds the item tree from the database table specified. * * @access public * @return boolean * */ function getTree() { if (!session_valid() && $this->cache > 0) { if (intl_lang() != intl_default_lang()) { $this->cacheLocation .= '_' . intl_lang(); } if (@file_exists($this->cacheLocation) && filemtime($this->cacheLocation) > time() - $this->cache) { $this->loadConfig($this->cacheLocation); return true; } } $table = $this->table; $idcol = $this->idcolumn; $showcol = $this->showcolumn; $refcol = $this->refcolumn; $listcol = $this->listcolumn; $hidevalue = $this->hideValue; if (!empty($listcol)) { // $list = "where $listcol != '$hidevalue' and $listcol is not null"; $listcolumn = ', ' . $listcol; } else { $list = ''; $listcolumn = ''; } if (!empty($this->sectioncolumn)) { $sectioncolumn = ', ' . $this->sectioncolumn; } else { $sectioncolumn = ''; } if (!empty($this->templatecolumn)) { $templatecolumn = ', ' . $this->templatecolumn; } else { $templatecolumn = ''; } if ($this->sitelliteAllowed) { global $session; if (!empty($list)) { $allowed = 'and ' . $session->allowedSql(); } else { $allowed = 'where ' . $session->allowedSql(); } } else { $allowed = ''; } if ($this->sortcolumn) { $sort = ', ' . $this->sortcolumn; if ($this->sortorder) { $sort .= ' ' . $this->sortorder; } } else { $sort = ''; } $tree = db_fetch("select {$idcol}, {$showcol}, {$refcol} {$listcolumn} {$sectioncolumn} {$templatecolumn} from {$table} {$list} {$allowed} group by {$refcol} {$sort}, {$showcol} asc"); if (!$tree) { $this->error = db_error(); return false; } elseif (is_object($tree)) { $tree = array($tree); } $this->initTree($tree); if (intl_lang() != intl_default_lang()) { loader_import('multilingual.Translation'); $tr = new Translation($table, intl_lang()); $titles = $tr->getTitles(); foreach ($titles as $key => $title) { $this->{'items_' . $key}->title = $title; } } if (!session_valid() && $this->cache > 0) { if (@is_writeable($this->cacheLocation) || !@file_exists($this->cacheLocation) && @is_writeable(dirname($this->cacheLocation))) { $fp = fopen($this->cacheLocation, 'w'); if ($fp) { fwrite($fp, $this->makeConfig($tree)); fclose($fp); } } } return true; }