private function getChangePassword($id, $key)
{
$text = Core_Text::__getInstance();
$text->setFile('main');
$text->setSection('lostpass');
// Check the key
$db = Core_Database::__getInstance();
$chk = $db->select('players', array('plid'), "plid = " . intval($id) . " AND seckey = '" . $db->escape($key) . "'");
if (count($chk) === 1) {
$password1 = Core_Tools::getInput('_POST', 'pass1', 'varchar');
$password2 = Core_Tools::getInput('_POST', 'pass2', 'varchar');
$page = new Core_Template();
$page->set('title', $text->get('changepass'));
$page->set('about', $text->get('aboutchange'));
$page->set('pass1', $text->get('pass1'));
$page->set('pass2', $text->get('pass2'));
$page->set('submit', $text->get('submitchange'));
if ($password1 && $password1 === $password2) {
$login = Core_Login::__getInstance();
$login->setPassword($chk[0]['plid'], $password1);
$page->set('success', $text->get('passchanged'));
} elseif ($password1 || $password2) {
$page->set('warning', $text->get('passmismatch'));
}
return $page->parse('lostPassword_res.tpl');
} else {
return '<p class="false">Security Key Not Found.</p>';
}
}
public function get($id, $section = null, $file = null, $alternative = null, $filter = true)
{
// Section & fill
if (empty($section)) {
$section = $this->inSection;
}
if (empty($file)) {
$file = $this->inFile;
}
// Check if the file is loaded already
if (empty($this->cache[$file])) {
$this->load_file($file);
}
// Check if the id exist
if (empty($this->cache[$file][$section][$id])) {
if ($this->backup && $this->backup->get($id, $section, $file, false)) {
return $this->backup->get($id, $section, $file, false);
} elseif ($alternative === null) {
return 'Text Not Found: ' . $id . ' (' . $file . ', ' . $section . ', ' . $this->root_dir . ')';
} else {
return Core_Tools::output_varchar($alternative);
}
} else {
return $output = preg_replace("/\\[l](.*?)\\[\\/l]/si", '<span style="text-decoration: line-through;">\\1</span>', $this->cache[$file][$section][$id]);
if ($filter) {
return $this->cache[$file][$section][$id];
} else {
return Core_Tools::output_varchar($this->cache[$file][$section][$id]);
}
}
}
private function processIMLogin($key, $msg)
{
$text = Core_Text::__getInstance();
$db = Core_Database::__getInstance();
$commands = explode(' ', $msg);
$command = array_shift($commands);
switch ($command) {
case 'login':
if (count($commands) == 1) {
$email = array_shift($commands);
// Search in the database for this user
$user = $db->select('players', array('plid', 'realname', 'email'), "email = '" . $db->escape($email) . "'");
if (count($user) == 1) {
// Invent a new key
$passkey = substr(md5(rand(0, 100000)), 0, 6);
$db->insert('im_users', array('im_user' => $key, 'im_player' => $user[0]['plid'], 'im_key' => $passkey));
// Send the secret key to this user
Core_Tools::sendMail($text->get('subject', 'bot', 'main'), Core_Tools::output_text(Core_Tools::putIntoText($text->getFile('mails/bot_activation'), array('name' => $user[0]['realname'], 'key' => $passkey))), $user[0]['email']);
echo 'We have found your account. We have sent an email containing a secret key.<br />Please show me the key here.';
} else {
echo 'This user (' . $username . ') is not found. Please try again, or register at http://www.1brood.be/';
}
} else {
echo '"Login" should be followed by your email and password.';
}
break;
default:
echo 'Please login in 1Brood by typing "Login your_email".<br />';
echo 'We will start sending out reminders as soon as you are logged in.';
break;
}
}
protected function getContent()
{
$page = new Core_Template();
$text = Core_Text::__getInstance();
$page->set('title', Core_Tools::putIntoText($text->get('title', 'error404', 'main'), array($this->sPage)));
$page->set('descr', $text->get('descr', 'error404', 'main'));
return $page->parse('error404.tpl');
}
/**
* @param $user_id
* @param $user_data
*/
protected static function loadUser($user_id, &$user_data)
{
if (isset($user_data['user'])) {
unset($user_data['user']);
}
$user_data['user'] = Core_Tools::toArray(Default_UsersModel::get(array('id' => $user_id)));
// Fix Language
if (!$user_data['user']['language_code']) {
foreach (cfg()->language_codes as $code => $name) {
Default_UsersModel::set(array('language_code' => $code), array('id' => $user_id));
$user_data['user']['language_code'] = $code;
break;
}
}
}
/**
* @param $captcha
* @return mixed
*/
public static function check($captcha)
{
$curl = curl_init();
$fields = array('secret' => self::SECRET, 'response' => $captcha, 'remoteip' => $_SERVER['REMOTE_ADDR']);
$fields_string = '';
foreach ($fields as $key => $value) {
$fields_string .= $key . '=' . $value . '&';
}
rtrim($fields_string, '&');
curl_setopt_array($curl, array(CURLOPT_RETURNTRANSFER => 1, CURLOPT_TIMEOUT => 600, CURLOPT_URL => 'https://www.google.com/recaptcha/api/siteverify', CURLOPT_POST => 1, CURLOPT_POSTFIELDS => $fields_string));
$resp = curl_exec($curl);
curl_close($curl);
$resp = Core_Tools::JsonDecode($resp);
return $resp['success'];
}
protected function getContent()
{
$action = Core_Tools::getInput('_POST', 'welcome_selection', 'varchar');
switch ($action) {
case 'honger':
header('Location: ' . $this->getUrl('page=register&nocompany=false'));
break;
case 'geld':
header('Location: ' . $this->getUrl('page=register&nocompany=true&action=shopowner'));
break;
}
$text = Core_Text::__getInstance();
$text->setFile('about');
$text->setSection('home');
$page = new Core_Template();
$page->set('action', $this->getUrl('page=welcome'));
return $page->parse('welcome.tpl');
}
public function __construct($level)
{
/* Store level */
$this->level = $level;
/* Check for login */
$uid = Core_Tools::getInput('_SESSION', 'plid', 'int', false);
$logout = Core_Tools::getInput('_GET', 'logout', 'bool', false);
/* Check for logout */
if ($logout) {
$this->logout();
} elseif ($uid) {
$this->uid = $uid;
} else {
// Check for different auth types
$authType = Core_Tools::getInput('_SESSION', 'loginAuthType', 'varchar');
$authUID = Core_Tools::getInput('_SESSION', 'loginAuthUID', 'int');
$authKey = Core_Tools::getInput('_SESSION', 'loginAuthSesKey', 'varchar');
if (!empty($authType) && $authUID > 0) {
// There is an auth, just make sure there is a user in the database.
$db = Core_Database::__getInstance();
$data = $db->select('players', array('plid, authSesKey'), "authType = '{$authType}' && authUID = '{$authUID}'");
if (count($data) == 1) {
$this->uid = $data[0]['plid'];
if ($data[0]['authSesKey'] != $authKey) {
// Update the session key!
$db->update('players', array('authSesKey' => $authKey), "plid = '" . $this->uid . "'");
}
} else {
// Only one ring to rule them all.
if (count($data) > 0) {
$db->remove('players', "authType = '{$authType}' && authUID = '{$authUID}'");
}
$this->uid = $db->insert('players', array('authType' => $authType, 'authUID' => $authUID, 'authSesKey' => $authKey, 'activated' => 1));
}
} else {
/* Check for cookies */
$uid = Core_Tools::getInput('_COOKIE', 'un' . $this->level, 'username', false);
$pas = Core_Tools::getInput('_COOKIE', 'ps' . $this->level, 'md5', false);
$sal = Core_Tools::getInput('_COOKIE', 'sl' . $this->level, 'md5', false);
/* Process login (to be written) */
$this->uid = false;
}
}
}
private function getEditProfile()
{
$myself = Profile_Member::getMyself();
if (!$myself) {
return $this->getRegistrationForm();
}
// Process incoming data
$firstname = Core_Tools::getInput('_POST', 'firstname', 'varchar');
$name = Core_Tools::getInput('_POST', 'name', 'varchar');
$nickname = Core_Tools::getInput('_POST', 'nickname', 'username');
$email = Core_Tools::getInput('_POST', 'email', 'email');
$page = new Core_Template();
if ($firstname && $name && $nickname && $email) {
// Update the database
$db = Core_Database::__getInstance();
$db->update('players', array('firstname' => $firstname, 'lastname' => $name, 'realname' => $nickname, 'email' => $email), "plid = {$myself->getId()}");
$myself->reloadData();
$page->set('done', true);
} elseif ($firstname || $name || $nickname || $email) {
$page->set('done', false);
}
$page->set('nickname', Core_Tools::output_form($myself->getUsername()));
$page->set('firstname', Core_Tools::output_form($myself->getFirstname()));
$page->set('name', Core_Tools::output_form($myself->getName()));
$page->set('email', Core_Tools::output_form($myself->getEmail()));
return $page->parse('account_edit.tpl');
}
public function getAdress()
{
$this->loadData();
return Core_Tools::output_varchar($this->data['c_name']) . '<br />' . Core_Tools::output_varchar($this->data['c_adres']) . '<br />' . Core_Tools::output_varchar($this->data['c_postcode']) . ' ' . Core_Tools::output_varchar($this->data['c_gemeente']);
}
public function getPoefboekLog($objCompany)
{
$me = Profile_Member::getMyself();
$status = $objCompany->getUserStatus($me);
$bShowLogs = Core_Tools::getInput('_GET', 'details', 'int') == 1;
if ($status != 'pending') {
$user = Profile_Member::getMember(Core_Tools::getInput('_GET', 'uid', 'int'));
if ($user->isFound()) {
$text = Core_Text::__getInstance();
$text->setFile('company');
$text->setSection('poeflog');
$page = new Core_Template();
$locname = Core_Tools::output_varchar($user->getUsername()) . ' @ ' . Core_Tools::output_varchar($objCompany->getName());
$page->set('poeflog', $text->get('poeflog') . ': ' . $locname);
$page->set('nologs', $text->get('nologs'));
$page->set('return', $text->get('return'));
$page->set('return_url', self::getUrl('page=company&id=' . $objCompany->getId()));
if (!$bShowLogs) {
$page->set('show_details_url', self::getUrl('page=company&id=' . $objCompany->getId() . '&action=poeflog&uid=' . $user->getId() . '&details=1'));
} else {
$page->set('hide_details_url', self::getUrl('page=company&id=' . $objCompany->getId() . '&action=poeflog&uid=' . $user->getId() . '&details=0'));
}
$page->set('datum', $text->get('datum'));
$page->set('amount', $text->get('amount'));
$page->set('balance', $text->get('balance'));
$page->set('actor', $text->get('actor'));
foreach ($objCompany->getPoefboekLog($user, $bShowLogs) as $v) {
$page->addListValue('logs', array('date' => date(DATETIME, $v['date']), 'amount' => Core_Tools::convert_price($v['amount']), 'newpoef' => Core_Tools::convert_price($v['newpoef']), 'actor_name' => $v['actor_name'], 'actor_url' => $v['actor_url'], 'comment' => Core_Tools::output_varchar($v['comment']), 'details' => $v['details']));
}
$page->set('showDetails', $bShowLogs);
return $page->parse('company_poeflog.tpl');
} else {
return '<p>User not found.</p>';
}
} else {
return '<p>No permission to watch logs.</p>';
}
}
public function getAdress()
{
$this->loadData();
return Core_Tools::output_varchar($this->data['s_name']) . '<br />' . (!empty($this->data['s_adres']) ? Core_Tools::output_varchar($this->data['s_adres']) . '<br />' : null) . (!empty($this->data['s_postcode']) ? Core_Tools::output_varchar($this->data['s_postcode']) . ' ' : null) . (!empty($this->data['s_gemeente']) ? Core_Tools::output_varchar($this->data['s_gemeente']) : null);
}
public function sendReminder($company)
{
$text = Core_Text::__getInstance();
$text->setFile('account');
$text->setSection('reminder');
$email = $this->getEmail();
// Get company owner
$owner = $company->getOwner();
// Check for negative poefboek
$poefboek = $company->getMemberPoefboek($this);
if ($poefboek > 0) {
$txt = Core_Tools::output_text($text->getFile('mails/reminder'));
} else {
$txt = Core_Tools::output_text(Core_Tools::putIntoText($text->getFile('mails/angry_reminder'), array('poefboek' => $poefboek, 'admin' => Core_Tools::output_varchar($owner->getFullname()))));
}
if ($owner) {
Core_Tools::sendMail($text->get('subject'), $txt, $email, $this->getFullname(), $owner->getFullname(), $owner->getEmail(), false);
}
// Notify members by message:
$db = Core_Database::__getInstance();
$accounts = $db->select('im_users', array('im_user'), "im_player = " . $this->getId() . " AND im_activated = 1");
$url = 'https://www.imified.com/api/bot/';
foreach ($accounts as $v) {
$data = array('botkey' => '53881418-A97D-9713-415C46EA2843C806', 'apimethod' => 'send', 'userkey' => $v['im_user'], 'msg' => 'Tijd voor broodjes! Ga snel naar http://www.1brood.be/ !');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERPWD, 'daedelson@gmail.com:aukv0006');
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 100);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$xml = curl_exec($ch);
if (!$xml) {
echo curl_error($ch);
}
curl_close($ch);
}
}
public function statsAction()
{
$return = array();
/* get disk space free (in bytes) */
$df = disk_free_space("/");
/* and get disk space total (in bytes) */
$dt = disk_total_space("/");
/* now we calculate the disk space used (in bytes) */
$du = $dt - $df;
/* percentage of disk used - this will be used to also set the width % of the progress bar */
$dp = sprintf('%.2f', $du / $dt * 100);
/* and we formate the size from bytes to MB, GB, etc. */
$df = Core_Tools::formatSize($df);
$du = Core_Tools::formatSize($du);
$dt = Core_Tools::formatSize($dt);
$return['disk'] = array('free' => $df, 'total' => $dt, 'usage' => $du, 'percente' => $dp);
$return['cpu'] = sys_getloadavg();
//uptime
exec("uptime", $system);
// get the uptime stats
$string = $system[0];
// this might not be necessary
@(list($dummy, $uptime, $dummy, $up_days, $dummy, $dummy, $dummy, $dummy, $users, $dummy, $dummy, $dummy, $dummy, $load0, $load1, $load2, ) = explode(" ", $string));
unset($dummy);
$return['uptime'] = array('uptime' => $uptime, 'up_days' => $up_days, 'users' => $users, 'load0' => $load0, 'load1' => $load1, 'load2' => $load2);
//memory
$free = shell_exec('free');
$free = (string) trim($free);
$free_arr = explode("\n", $free);
$mem = explode(" ", $free_arr[1]);
$mem = array_filter($mem);
$mem = array_merge($mem);
$total_available = $mem[1];
$memory_usage = $mem[2];
$return['memory'] = array('total' => $total_available / 1000000, 'used' => $memory_usage / 1000000, 'free' => ($total_available - $memory_usage) / 1000000);
// users
$users_rs = Default_UsersModel::getCount();
$return['users'] = $users_rs['cnt'];
// coments
$comments_rs = Default_CommentsModel::getCount();
$return['comments'] = $comments_rs['cnt'];
// feedback
$feedback_rs = Default_FeedbackModel::getCount(array('is_read' => 0));
$return['feedback'] = $feedback_rs['cnt'];
// reports
$reports_rs = Default_ReportsModel::getCount(array('is_read' => 0));
$return['reports'] = $reports_rs['cnt'];
// slips
$slips_rs = Default_BettingSlipsModel::getCount();
$return['slips'] = $slips_rs['cnt'];
// messages
$messages_rs = Default_MessagesModel::getCount();
$return['messages'] = $messages_rs['cnt'];
// online users
$online_rs = Default_UsersModel::getOnline(cfg()->activity_period);
$return['online'] = count($online_rs);
// regs nad logins
$regs_and_logins = Api_StatisticsHelper::getUsersData();
$return['regs'] = $regs_and_logins;
// votes
$votes_rs = Default_VotesModel::getCount();
$return['votes'] = $votes_rs['cnt'];
// ALL translates
$translates_rs = Default_TranslateModel::getCount(array('not_found_date' => '0000-00-00 00:00:00'));
$return['translates'] = $translates_rs['cnt'];
$this->addResponse($return);
}
protected function getBasket()
{
$myself = Profile_Member::getMyself();
if ($myself) {
$orders = $myself->getPendingOrders();
if (count($orders) > 0) {
// Process Input
$remId = Core_Tools::getInput('_GET', 'bRem', 'int');
if ($remId > 0) {
$myself->removeProductFromBasket($remId);
// Reload ;-)
$orders = $myself->getPendingOrders();
}
$text = Core_Text::__getInstance();
$page = new Core_Template();
$page->set('remove', addslashes($text->get('remove', 'basket', 'main')));
$page->set('title', $text->get('title', 'basket', 'main'));
foreach ($orders as $v) {
// Create combination string
$comb = $v[1]['op_amount'] . 'x ' . Core_Tools::output_varchar($v[0]['p_name']) . ", ";
$comb .= !empty($v[1]['op_message']) ? Core_Tools::output_varchar($v[1]['op_message']) . ", " : null;
$comb .= Core_Tools::output_varchar($v[2]->getName()) . ", ";
$comb .= Core_Tools::output_varchar($v[3]->getName());
$page->addListValue('products', array(Core_Tools::output_varchar($v[0]['p_name']), Core_Tools::output_varchar($v[1]['op_amount']), Core_Tools::output_varchar($v[1]['op_message']), Core_Tools::output_varchar($v[1]['op_price']), Core_Tools::output_varchar($v[2]->getName()), Core_Tools::output_varchar($v[3]->getName()), addslashes($comb), self::getUrl('page=register&bRem=' . $v[1]['op_id'])));
}
return $page->parse('blocks/basket.tpl');
} else {
return null;
}
} else {
return null;
}
}
public function getGoogleContent()
{
$db = Core_Database::__getInstance();
$shop = Core_Tools::getInput('_GET', 'sid', 'int', false);
if ($shop > 0) {
// Show all products of this shop
$shop = Profile_Shop::getShop($shop);
if ($shop) {
$shop_page = new Pages_Shop();
return $shop_page->getOverview($shop);
}
}
// Show a list of all shops.
$page = new Core_Template();
$data = $db->select('shops', array('*'), null, 's_name ASC');
foreach ($data as $v) {
$page->addListValue('shops', array('name' => Core_Tools::output_varchar($v['s_name']), 'url' => self::getUrl('page=order&sid=' . $v['s_id']), 'location' => Core_Tools::output_varchar($v['s_gemeente'])));
}
return $page->parse('google_shops.phpt');
}
private function processManagementInput($objShop)
{
$db = Core_Database::__getInstance();
$iCount = 0;
while ($iCount !== false && $iCount >= 0 && $iCount < 200) {
$iCount++;
$productName = Core_Tools::getInput('_POST', 'productName' . $iCount, 'varchar');
$productText = Core_Tools::getInput('_POST', 'productText' . $iCount, 'varchar');
$originalId = Core_Tools::getInput('_POST', 'productOrg' . $iCount, 'varchar');
$categoryId = Core_Tools::getInput('_POST', 'categoryId' . $iCount, 'varchar');
$okay = true;
$productPrice = "";
$i = 0;
while ($okay && $i < 10) {
$priceIn = Core_Tools::getInput('_POST', 'productPrice' . $iCount . '_' . $i, 'float');
if ($priceIn > 0) {
$productPrice .= $priceIn . ',';
} else {
$okay = false;
}
$i++;
}
$productPrice = substr($productPrice, 0, -1);
/* 2 requirements: name & price */
if ($productName) {
if ($originalId > 0) {
// update
$db->update('products', array('p_name' => $productName, 'p_info' => $productText, 'p_price' => $productPrice, 'c_id' => $categoryId), "p_id = '" . $originalId . "' AND s_id = '" . $objShop->getId() . "'");
} else {
// add
$db->insert('products', array('p_name' => $productName, 'p_info' => $productText, 'p_price' => $productPrice, 's_id' => $objShop->getId(), 'c_id' => $categoryId));
}
} elseif ($originalId > 0) {
$db->remove('products', "p_id = '" . $originalId . "' AND s_id = '" . $objShop->getId() . "'");
} else {
// Get out of here!
$iCount = false;
}
}
// Last: general info
$message = Core_Tools::getInput('_POST', 'shopMessage', 'varchar');
$db->update('shops', array('s_message' => $message), "s_id = '" . $objShop->getId() . "'");
$objShop->refreshData();
}
public static function output_varchar($text)
{
$input = Core_Tools::splitLongWords($text);
return htmlentities(stripslashes($text), ENT_QUOTES, 'UTF-8');
}
public function permissionsAction()
{
$id = $this->getRequest()->getParam('id');
if (!$id) {
$this->getResponse()->setStatus(0)->setBody(__('role does not exist'))->toJson();
}
$role_rs = Admin_RolesModel::get(array('id' => $id));
if (!$role_rs) {
$this->getResponse()->setStatus(0)->setBody(__('role does not exist'))->toJson();
}
$return = array();
$permissions_rs = Admin_PermissionsModel::getAll();
foreach ($permissions_rs as $permission_row) {
if (Core_Bit::check($role_rs->permissions, $permission_row->bit_flag) || $role_rs->is_owner) {
$return[$permission_row['name']] = true;
}
}
$this->getResponse()->setStatus(1)->setData(Core_Tools::JsonEncode($return))->toJson();
}
