/** * Make sure the data is safe to store * @param pParamHash be sure to pass by reference in case we need to make modifcations to the hash * This function is responsible for data integrity and validation before any operations are performed with the $pParamHash * NOTE: This is a PRIVATE METHOD!!!! do not call outside this class, under penalty of death! * * @param array pParams reference to hash of values that will be used to store the page, they will be modified where necessary * * @return bool TRUE on success, FALSE if verify failed. If FALSE, $this->mErrors will have reason why * * @access private **/ function verify(&$pParamHash) { global $gBitUser, $gBitSystem, $gLibertySystem; // make sure we're all loaded up of we have a mPostId if ($this->verifyId($this->mPostId) && empty($this->mInfo)) { $this->load(); } if (@$this->verifyId($this->mInfo['content_id'])) { $pParamHash['content_id'] = $this->mInfo['content_id']; } // It is possible a derived class set this to something different if (empty($pParamHash['content_type_guid']) && !empty($this->mContentTypeGuid)) { $pParamHash['content_type_guid'] = $this->mContentTypeGuid; } if (!empty($pParamHash['data'])) { $pParamHash['edit'] = $pParamHash['data']; } // for two text field auto split if (!empty($pParamHash['edit_body'])) { $linebreak = $gLibertySystem->mPlugins[$pParamHash['format_guid']]['linebreak']; // we need two line breaks to simulate a paragraph break $pParamHash['edit'] .= "...split..." . $linebreak . $linebreak . $pParamHash['edit_body']; } // truncate length if too long if (!empty($pParamHash['title'])) { $pParamHash['title'] = substr($pParamHash['title'], 0, 160); } if (!empty($pParamHash['publish_Month'])) { //$dateString = $pParamHash['publish_Year'].'-'.$pParamHash['publish_Month'].'-'.$pParamHash['publish_Day'].' '.$pParamHash['publish_Hour'].':'.$pParamHash['publish_Minute']; //old way //$timestamp = $gBitSystem->mServerTimestamp->getUTCFromDisplayDate( strtotime( $dateString ) ); //new way $this->mDate = new BitDate(0); $offset = $this->mDate->get_display_offset(); $dateString = $this->mDate->gmmktime($pParamHash['publish_Hour'], $pParamHash['publish_Minute'], isset($pParamHash['publish_Second']) ? $pParamHash['publish_Second'] : 0, $pParamHash['publish_Month'], $pParamHash['publish_Day'], $pParamHash['publish_Year']); $timestamp = $this->mDate->getUTCFromDisplayDate($dateString); if ($timestamp !== -1) { $pParamHash['publish_date'] = $timestamp; } } if (!empty($pParamHash['publish_date'])) { $pParamHash['post_store']['publish_date'] = $pParamHash['publish_date']; } else { $pParamHash['post_store']['publish_date'] = $gBitSystem->getUTCTime(); } if (!empty($pParamHash['expire_Month'])) { $dateString = $pParamHash['expire_Year'] . '-' . $pParamHash['expire_Month'] . '-' . $pParamHash['expire_Day'] . ' ' . $pParamHash['expire_Hour'] . ':' . $pParamHash['expire_Minute']; //old way //$timestamp = $gBitSystem->mServerTimestamp->getUTCFromDisplayDate( strtotime( $dateString ) ); //new way $this->mDate = new BitDate(0); $offset = $this->mDate->get_display_offset(); $dateString = $this->mDate->gmmktime($pParamHash['expire_Hour'], $pParamHash['expire_Minute'], isset($pParamHash['expire_Second']) ? $pParamHash['expire_Second'] : 0, $pParamHash['expire_Month'], $pParamHash['expire_Day'], $pParamHash['expire_Year']); $timestamp = $this->mDate->getUTCFromDisplayDate($dateString); if ($timestamp !== -1) { $pParamHash['expire_date'] = $timestamp; } } if (!empty($pParamHash['expire_date'])) { $pParamHash['post_store']['expire_date'] = $pParamHash['expire_date']; } else { $pParamHash['post_store']['expire_date'] = $gBitSystem->getUTCTime(); } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
function preview(&$pParamHash) { global $gBitSmarty, $gBitSystem; $this->verify($pParamHash); // This is stupid! verify does NOT work how it should. // verify should call the super class verify at all levels. LibertyMime::verify($pParamHash); LibertyContent::verify($pParamHash); $this->mInfo = array_merge($pParamHash['events_store'], $pParamHash['content_store'], empty($pParamHash['events_prefs_store']) ? array() : $pParamHash['events_prefs_store']); $this->mInfo['data'] = $pParamHash['edit']; $this->mInfo['parsed'] = $this->parseData($pParamHash['edit'], empty($pParamHash['format_guid']) ? $pParamHash['format_guid'] : $gBitSystem->getConfig('default_format')); $this->invokeServices('content_preview_function'); $gBitSmarty->assign('preview', true); }
function verify(&$pParamHash) { global $gBitUser; $pParamHash['blog_store']['max_posts'] = !empty($pParamHash['max_posts']) && is_numeric($pParamHash['max_posts']) ? $pParamHash['max_posts'] : NULL; $pParamHash['blog_store']['use_title'] = isset($pParamHash['use_title']) ? 'y' : 'n'; $pParamHash['blog_store']['allow_comments'] = isset($pParamHash['allow_comments']) ? 'y' : 'n'; $pParamHash['blog_store']['use_find'] = isset($pParamHash['use_find']) ? 'y' : 'n'; // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
function verifyComment(&$pParamHash) { global $gBitUser, $gBitSystem; /* should be unnecessary if( !empty( $_REQUEST['format_guid'] )) { $storeRow['format_guid'] = $_REQUEST['format_guid']; } */ $pParamHash['content_id'] = @BitBase::verifyId($this->mContentId) ? $this->mContentId : NULL; if (empty($pParamHash['root_id']) && !empty($pParamHash['comments_parent_id'])) { $pParamHash['root_id'] = $pParamHash['comments_parent_id']; } if (!$pParamHash['root_id']) { $this->mErrors['root_id'] = "Missing root id for comment"; } if (empty($pParamHash['parent_id'])) { $pParamHash['parent_id'] = @BitBase::verifyId($this->mInfo['parent_id']) ? $this->mInfo['parent_id'] : (!@BitBase::verifyId($pParamHash['post_comment_reply_id']) ? $pParamHash['comments_parent_id'] : $pParamHash['post_comment_reply_id']); } if (!$pParamHash['parent_id']) { $this->mErrors['parent_id'] = "Missing parent id for comment"; } if (empty($pParamHash['anon_name'])) { $pParamHash['anon_name'] = null; } if (!@$gBitUser->verifyCaptcha($pParamHash['captcha'])) { $this->mErrors['store'] = tra('Incorrect validation code'); } if (!empty($pParamHash['comment_title'])) { $pParamHash['title'] = $pParamHash['comment_title']; } if (!empty($pParamHash['comment_data'])) { $pParamHash['edit'] = $pParamHash['comment_data']; } if (empty($pParamHash['edit'])) { $this->mErrors['store'] = tra('Your comment was empty.'); } elseif (!$gBitUser->hasPermission('p_liberty_trusted_editor') && ($linkCount = preg_match_all('/http\\:\\/\\//', $pParamHash['edit'], $links)) > $gBitSystem->getConfig('liberty_unstrusted_max_http_in_content', 0)) { $this->mErrors['store'] = tra('Links are not allowed.'); } else { $dupeQuery = "SELECT `data` FROM `" . BIT_DB_PREFIX . "liberty_content` lc INNER JOIN `" . BIT_DB_PREFIX . "liberty_comments` lcom ON (lc.`content_id`=lcom.`content_id`) WHERE `user_id`=? AND `content_type_guid`='" . BITCOMMENT_CONTENT_TYPE_GUID . "' AND `ip`=? AND lcom.`root_id`=? ORDER BY `created` DESC"; if ($lastPostData = $this->mDb->getOne($dupeQuery, array($gBitUser->mUserId, $_SERVER['REMOTE_ADDR'], $pParamHash['root_id']))) { if (empty($this->mCommentId) && trim($lastPostData) == trim($pParamHash['edit'])) { $this->mErrors['store'] = tra('Duplicate comment.'); } } } // verify attachments are allowed on comments if ((isset($pParamHash['_files_override']) || !empty($_FILES)) && !$gBitSystem->isFeatureActive('comments_allow_attachments')) { $this->mErrors['comment_attachments'] = tra('Files can not be uploaded with comments.'); } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
/** * Store a new upload * * @param array $pStoreHash contains all data to store the gallery * @return bool TRUE on success, FALSE if store could not occur. If FALSE, $this->mErrors will have reason why * @access public **/ public function store(&$pStoreHash) { global $gLibertySystem; // make sure all the data is in order if (LibertyMime::verify($pStoreHash) && (!empty($pStoreHash['skip_content_store']) || LibertyContent::store($pStoreHash))) { $this->StartTrans(); // files have been uploaded if (!empty($pStoreHash['upload_store']['files']) && is_array($pStoreHash['upload_store']['files'])) { foreach ($pStoreHash['upload_store']['files'] as $key => $upload) { // if we don't have an upload, we'll simply update the file settings using the mime plugins if (empty($upload['tmp_name'])) { if (@BitBase::verifyId($upload['attachment_id'])) { // since the form might have all options unchecked, we need to call the update function regardless // currently i can't think of a better way to get the plugin guid back when $pStoreHash[plugin] is // empty. - xing - Friday Jul 11, 2008 20:21:18 CEST if (!empty($this->mStorage[$upload['attachment_id']])) { $attachment = $this->mStorage[$upload['attachment_id']]; $data = array(); if (!empty($pStoreHash['plugin'][$upload['attachment_id']][$attachment['attachment_plugin_guid']])) { $data = $pStoreHash['plugin'][$upload['attachment_id']][$attachment['attachment_plugin_guid']]; } if (!$this->updateAttachmentParams($upload['attachment_id'], $attachment['attachment_plugin_guid'], $data)) { $this->mErrors['attachment_update'] = "There was a problem updating the file settings."; } } } // skip rest of process continue; } $storeRow = $pStoreHash['upload_store']; unset($storeRow['files']); // copy by reference that filetype changes are made in lookupMimeHandler() $storeRow['upload'] =& $upload; if (isset($pStoreHash['thumbnail'])) { $storeRow['upload']['thumbnail'] = $pStoreHash['thumbnail']; } // when content is created the content_id is only available after LibertyContent::store() $storeRow['content_id'] = $pStoreHash['content_id']; // let the plugin do the rest $guid = $gLibertySystem->lookupMimeHandler($upload); $this->pluginStore($storeRow, $guid, @BitBase::verifyId($upload['attachment_id'])); // finally, we need to update the original hash with the new values $pStoreHash['upload_store']['files'][$key] = $storeRow; } } // some mime plugins might not have file uploads - these plugins will tell us what mime handlers they are using if (!empty($pStoreHash['mimeplugin']) && is_array($pStoreHash['mimeplugin'])) { foreach ($pStoreHash['mimeplugin'] as $guid => $storeRow) { // check to see if we have anything worth storing in the array $plugin_store = FALSE; foreach (array_values($storeRow) as $value) { if (!empty($value)) { $plugin_store = TRUE; } } if (!empty($plugin_store)) { // when content is created the content_id is only available after LibertyContent::store() $storeRow['content_id'] = $pStoreHash['content_id']; $this->pluginStore($storeRow, $guid, @BitBase::verifyId($upload['attachment_id'])); } } } // deal with the primary attachment after we've dealt with all the files $this->setPrimaryAttachment($pStoreHash['liberty_attachments']['primary'], $pStoreHash['content_id'], empty($pStoreHash['liberty_attachments']['auto_primary']) || $pStoreHash['liberty_attachments']['auto_primary'] ? TRUE : FALSE); // Roll back if something went wrong if (empty($this->mErrors)) { $this->CompleteTrans(); } else { $this->mDb->RollbackTrans(); } } return count($this->mErrors) == 0; }
/** * Make sure the data is safe to store * @param pParamHash be sure to pass by reference in case we need to make modifcations to the hash * @param array pParams reference to hash of values that will be used to store the page, they will be modified where necessary * @return bool TRUE on success, FALSE if verify failed. If FALSE, $this->mErrors will have reason why * @access private **/ public function verify(&$pParamHash) { global $gBitUser, $gBitSystem; // make sure we're all loaded up of we have a mArticleId if ($this->mArticleId && empty($this->mInfo)) { $this->load(); } if (@$this->verifyId($this->mInfo['content_id'])) { $pParamHash['content_id'] = $this->mInfo['content_id']; } // It is possible a derived class set this to something different if (empty($pParamHash['content_type_guid']) && !empty($this->mContentTypeGuid)) { $pParamHash['content_type_guid'] = $this->mContentTypeGuid; } if (@$this->verifyId($pParamHash['content_id'])) { $pParamHash['article_store']['content_id'] = $pParamHash['content_id']; } if (!empty($pParamHash['author_name'])) { $pParamHash['article_store']['author_name'] = $pParamHash['author_name']; } if (@$this->verifyId($pParamHash['topic_id'])) { $pParamHash['article_store']['topic_id'] = (int) $pParamHash['topic_id']; } if (@$this->verifyId($pParamHash['article_type_id'])) { $pParamHash['article_store']['article_type_id'] = (int) $pParamHash['article_type_id']; } if (!empty($pParamHash['format_guid'])) { $pParamHash['content_store']['format_guid'] = $pParamHash['format_guid']; } // we do the substr on load. otherwise we need to store the same data twice. if (!empty($pParamHash['edit'])) { $pParamHash['content_store']['data'] = $pParamHash['edit']; } if (!empty($pParamHash['rating'])) { $pParamHash['article_store']['rating'] = (int) $pParamHash['rating']; } // check for name issues, first truncate length if too long if (!empty($pParamHash['title'])) { if (!$this->isValid()) { if (empty($pParamHash['title'])) { $this->mErrors['title'] = 'You must specify a title.'; } else { $pParamHash['content_store']['title'] = substr($pParamHash['title'], 0, BIT_CONTENT_MAX_TITLE_LEN); } } else { $pParamHash['content_store']['title'] = isset($pParamHash['title']) ? substr($pParamHash['title'], 0, BIT_CONTENT_MAX_TITLE_LEN) : ''; } } elseif (empty($pParamHash['title'])) { // no name specified $this->mErrors['title'] = 'You must specify a title'; } if (!empty($pParamHash['publish_Month'])) { $dateString = $this->mDate->gmmktime($pParamHash['publish_Hour'], $pParamHash['publish_Minute'], isset($pParamHash['publish_Second']) ? $pParamHash['publish_Second'] : 0, $pParamHash['publish_Month'], $pParamHash['publish_Day'], $pParamHash['publish_Year']); $timestamp = $this->mDate->getUTCFromDisplayDate($dateString); if ($timestamp !== -1) { $pParamHash['publish_date'] = $timestamp; } } if (!empty($pParamHash['publish_date'])) { $pParamHash['article_store']['publish_date'] = $pParamHash['publish_date']; } if (!empty($pParamHash['expire_Month'])) { $dateString = $this->mDate->gmmktime($pParamHash['expire_Hour'], $pParamHash['expire_Minute'], isset($pParamHash['expire_Second']) ? $pParamHash['expire_Second'] : 0, $pParamHash['expire_Month'], $pParamHash['expire_Day'], $pParamHash['expire_Year']); $timestamp = $this->mDate->getUTCFromDisplayDate($dateString); if ($timestamp !== -1) { $pParamHash['expire_date'] = $timestamp; } } if (!empty($pParamHash['expire_date'])) { $pParamHash['article_store']['expire_date'] = $pParamHash['expire_date']; } if (@$this->verifyId($pParamHash['status_id'])) { if ($pParamHash['status_id'] > ARTICLE_STATUS_PENDING) { if ($gBitUser->hasPermission('p_articles_approve_submission')) { $pParamHash['article_store']['status_id'] = (int) $pParamHash['status_id']; } else { $pParamHash['article_store']['status_id'] = ARTICLE_STATUS_PENDING; } } else { $pParamHash['article_store']['status_id'] = (int) $pParamHash['status_id']; } } elseif (@$this->verifyId($this->mInfo['status_id'])) { $pParamHash['article_store']['status_id'] = $this->mInfo['status_id']; } else { if ($gBitUser->hasPermission('p_articles_approve_submission') || $gBitUser->hasPermission('p_articles_auto_approve')) { $pParamHash['article_store']['status_id'] = ARTICLE_STATUS_APPROVED; } else { $pParamHash['article_store']['status_id'] = ARTICLE_STATUS_PENDING; // Default status } } // content preferences $prefs = array(); if ($gBitUser->hasPermission('p_liberty_enter_html')) { $prefs[] = 'content_enter_html'; } foreach ($prefs as $pref) { if (!empty($pParamHash['preferences'][$pref])) { $pParamHash['preferences_store'][$pref] = $pParamHash['preferences'][$pref]; } else { $pParamHash['preferences_store'][$pref] = NULL; } } if (array_search($pParamHash['article_store']['status_id'], array(ARTICLE_STATUS_DENIED, ARTICLE_STATUS_DRAFT, ARTICLE_STATUS_PENDING))) { $this->mInfo["no_index"] = true; } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
/** * Make sure the data is safe to store * @param pParamHash be sure to pass by reference in case we need to make modifcations to the hash * This function is responsible for data integrity and validation before any operations are performed with the $pParamHash * NOTE: This is a PRIVATE METHOD!!!! do not call outside this class, under penalty of death! * * @param array pParams reference to hash of values that will be used to store the page, they will be modified where necessary * * @return bool TRUE on success, FALSE if verify failed. If FALSE, $this->mErrors will have reason why * * @access private **/ function verify(&$pParamHash) { global $gBitUser, $gBitSystem; // make sure we're all loaded up of we have a mGroupId if ($this->verifyId($this->mGroupId) && empty($this->mInfo)) { $this->load(); } if (@$this->verifyId($this->mInfo['content_id'])) { $pParamHash['content_id'] = $this->mInfo['content_id']; } if (@$this->verifyId($this->mInfo['group_id'])) { $pParamHash['group_id'] = $this->mInfo['group_id']; } if (@$this->verifyId($this->mInfo['user_id'])) { $pParamHash['user_id'] = $this->mInfo['user_id']; } // It is possible a derived class set this to something different if (@$this->verifyId($pParamHash['content_type_guid'])) { $pParamHash['content_type_guid'] = $this->mContentTypeGuid; } if (@$this->verifyId($pParamHash['content_id'])) { $pParamHash['group_pkg_store']['content_id'] = $pParamHash['content_id']; } if (@$this->verifyId($pParamHash['group_id'])) { $pParamHash['group_store']['group_id'] = $pParamHash['group_id']; $pParamHash['group_pkg_store']['group_id'] = $pParamHash['group_id']; } if (!empty($pParamHash['data'])) { $pParamHash['edit'] = $pParamHash['data']; } // check for name issues, first truncate length if too long if (!empty($pParamHash['title'])) { if (empty($this->mGroupId)) { if (empty($pParamHash['title'])) { $this->mErrors['title'] = tra('You must enter a name for this group.'); } else { $bindVars = array($pParamHash['title'], $this->mContentTypeGuid); // check to see if this name is already taken $query = "SELECT lc.title \n\t\t\t\t \t FROM `" . BIT_DB_PREFIX . "liberty_content` lc\n\t\t\t\t\t\t\t WHERE lc.`title` = ? AND lc.`content_type_guid` = ?"; if ($this->mDb->getOne($query, $bindVars)) { $this->mErrors['title'] = tra("We're sorry, this group name is already taken, please create a unique group name"); } $pParamHash['content_store']['title'] = substr($pParamHash['title'], 0, 160); // Copy title to name for group verify $pParamHash['name'] = $pParamHash['content_store']['title']; } } else { $pParamHash['content_store']['title'] = isset($pParamHash['title']) ? substr($pParamHash['title'], 0, 160) : ''; // Copy title to name for group verify $pParamHash['name'] = $pParamHash['content_store']['title']; } } else { if (empty($pParamHash['title'])) { // no name specified $this->mErrors['title'] = tra('You must specify a name for this group.'); } } // Constrain summary to 250 to fit in groups desc table as well if (isset($pParamHash['summary'])) { $pParamHash['summary'] = substr($pParamHash['summary'], 0, 250); $pParamHash['desc'] = $pParamHash['summary']; } // Setup the group home URL if (@$this->verifyId($this->mGroupId)) { $pParamHash['home'] = GROUP_PKG_URL . "index.php?group_id=" . $this->mGroupId; } elseif (!empty($pParamHash['name'])) { $pParamHash['home'] = GROUP_PKG_URL . urlencode($pParamHash['name']); } // Do we have after_registration data? if (!empty($pParamHash['after_registration']) && !empty($pParamHash['name'])) { $pParamHash['data_store']['after_registration'] = $pParamHash['after_registration']; $pParamHash['after_registration_page'] = $pParamHash['home'] = GROUP_PKG_URL . 'registered/' . $pParamHash['name']; } else { if (!empty($pParamHash['name'])) { $pParamHash['data_store']['after_registration'] = NULL; $pParamHash['after_registration_page'] = GROUP_PKG_URL . urlencode($pParamHash['name']); } } $pParamHash['group_pkg_store']['view_content_public'] = !empty($pParamHash['view_content_public']) ? $pParamHash['view_content_public'] : 'n'; $pParamHash['group_pkg_store']['mod_msgs'] = !empty($pParamHash['mod_msgs']) ? $pParamHash['mod_msgs'] : 'n'; $pParamHash['group_pkg_store']['mod_content'] = !empty($pParamHash['mod_content']) ? $pParamHash['mod_content'] : 'n'; $pParamHash['group_pkg_store']['admin_content_strict'] = !empty($pParamHash['admin_content_strict']) ? $pParamHash['admin_content_strict'] : 'n'; // Make sure we don't set is_default or batch_set_default for security if (isset($pParamHash['is_default']) || isset($pParamHash['batch_set_default'])) { $this->mErrors['default'] = tra('Attempt to set group as default group or batch set default. This is not allowed.'); } // Verify the group information $gBitUser->verifyGroup($pParamHash); // Merge errors from the group checks $this->mErrors = array_merge($gBitUser->mErrors, $this->mErrors); // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
function verify(&$pParamHash) { // prep hash for local storage // $pParamHash['action_store'] global $gBitUser, $gBitSystem, $gLibertySystem; if (@$this->verifyId($this->mInfo['content_id'])) { $pParamHash['content_id'] = $this->mInfo['content_id']; } if (@$this->verifyId($this->mInfo['action_id'])) { $pParamHash['action_id'] = $this->mInfo['action_id']; } if (@$this->verifyId($this->mInfo['key_id'])) { $pParamHash['key_id'] = $this->mInfo['key_id']; } if (@$this->verifyId($pParamHash['content_id'])) { $pParamHash['action_store']['content_id'] = $pParamHash['content_id']; } // this is stupid requiring the summary, but client really really wanted it if (empty($pParamHash['summary'])) { $this->mErrors['summary'] = tra('You must provide a description of your action item.'); } if ($this->isValid() && empty($pParamHash['key_id'])) { $this->mErrors['key_id'] = tra('Key Id is missing, please check the database and load process.'); } elseif (@$this->verifyId($pParamHash['key_id'])) { $pParamHash['action_store']['key_id'] = $pParamHash['key_id']; // for dia $pParamHash['key'] = $pParamHash['key_id']; } if (@$this->verifyId($pParamHash['action_id'])) { $pParamHash['action_store']['action_id'] = $pParamHash['action_id']; } if (!empty($pParamHash['edit'])) { $pParamHash['data'] = $pParamHash['edit']; // for dia $pParamHash['Description'] = $pParamHash['data']; } if (!empty($pParamHash['title'])) { // for dia $pParamHash['Title'] = $pParamHash['title']; $pParamHash['Reference_Name'] = $pParamHash['title']; } else { $this->mErrors['title'] = tra('You did not provide a title for your action.'); } // spot check of related data so that we dont bother storing an action just to have these parts fail if (empty($pParamHash['recommended_subject'])) { $this->mErrors['recommended_subject'] = tra('You did not provide a subject for your letter.'); } if (empty($pParamHash['recommended_content'])) { $this->mErrors['recommended_content'] = tra('You did not provide any text for your letter.'); } if (empty($pParamHash['action_targets'])) { $this->mErrors['action_targets'] = tra('You must select targets for your letter. Please click the Targets tab and select at least one target for your letter.'); } // end spot check if (!empty($pParamHash['thankyou_data'])) { $pParamHash['action_store']['thankyou_data'] = $pParamHash['thankyou_data']; // for dia // deprecated because losers dont suport html anymore $pParamHash['Thank_You_Text'] = $pParamHash['thankyou_data']; } // expire date if (!empty($pParamHash['expire']) && !empty($pParamHash['expire_Month'])) { $dateString = $pParamHash['expire_Year'] . '-' . $pParamHash['expire_Month'] . '-' . $pParamHash['expire_Day'] . ' ' . $pParamHash['expire_Hour'] . ':' . $pParamHash['expire_Minute']; $offset = $gBitSystem->get_display_offset(); $this->mDate = new BitDate($offset); $dateString = $this->mDate->gmmktime($pParamHash['expire_Hour'], $pParamHash['expire_Minute'], isset($pParamHash['expire_Second']) ? $pParamHash['expire_Second'] : 0, $pParamHash['expire_Month'], $pParamHash['expire_Day'], $pParamHash['expire_Year']); $timestamp = $this->mDate->getUTCFromDisplayDate($dateString); if ($timestamp !== -1) { $pParamHash['expire_date'] = $timestamp; } } $pParamHash['action_store']['expire_date'] = !empty($pParamHash['expire_date']) ? $pParamHash['expire_date'] : NULL; // target data // national if (!empty($pParamHash['targets_ids'])) { if (!is_array($_REQUEST['targets_ids'])) { $pParamHash['person_legislator_IDS'] = $_REQUEST['targets_ids']; } else { $pParamHash['person_legislator_IDS'] = implode(",", $pParamHash['targets_ids']); } } else { // this deletes all from the salsa database $pParamHash['person_legislator_IDS'] = ''; } // force values in diasalsa if ($gBitSystem->getConfig('diasalsa_organization_key')) { $pParamHash['organization_KEY'] = $gBitSystem->getConfig('diasalsa_organization_key'); } else { $this->mErrors['organization_key'] = tra('The Salsa organization key is not set, please report this error to an administrator'); } $pParamHash['object'] = 'action'; $pParamHash['Style'] = 'Targeted'; $pParamHash['Suppress_Automatic_Response_Email'] = TRUE; $pParamHash['Status'] = 'Active'; $pParamHash['Allow_Emails'] = TRUE; $pParamHash['Allow_Faxes'] = FALSE; $pParamHash['Hide_Message_Type_Options'] = TRUE; $pParamHash['alternate_action_path'] = '/o/' . $gBitSystem->getConfig('diasalsa_organization_key') . '/p/d/tekimaki/action/public/preaction.sjs'; // this is the map4change template in the salsa account // $pParamHash['template_KEY'] = 3655; if ($this->isValid()) { // $pParamHash['redirect_path'] = BIT_ROOT_URI.substr( $this->getDisplayUrl(), 1 ).'&thankyou=y'; // redirect path is to a special script at salsa - the url is relative $pParamHash['redirect_path'] = '/o/' . $gBitSystem->getConfig('diasalsa_organization_key') . '/p/d/tekimaki/action/public/postaction.sjs'; } // Max_Number_Of_Faxes // prep hash for storage at diasalsa $actionParams = array('organization_KEY', 'object', 'Style', 'key', 'Reference_Name', 'Title', 'Description', 'redirect_path', 'alternate_action_path', 'Allow_Emails', 'Allow_Faxes', 'Hide_Message_Type_Options', 'Thank_You_Text'); foreach ($pParamHash as $key => $value) { if (in_array($key, $actionParams)) { $pParamHash['salsa_action_store'][$key] = $value; } } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
/** * verify This function is responsible for data integrity and validation before any operations are performed with the $pParamHash * NOTE: This is a PRIVATE METHOD!!!! do not call outside this class, under penalty of death! * * @param array pParams reference to hash of values that will be used to store the page, they will be modified where necessary * * @return bool TRUE on success, FALSE if verify failed. If FALSE, $this->mErrors will have reason why * * @access private **/ function verify(&$pParamHash) { global $gBitUser, $gBitSystem; // make sure we're all loaded up of we have a mPageId if ($this->verifyId($this->mPageId) && empty($this->mInfo)) { $this->load(); } if (isset($this->mInfo['content_id']) && $this->verifyId($this->mInfo['content_id'])) { $pParamHash['content_id'] = $this->mInfo['content_id']; } // It is possible a derived class set this to something different if (empty($pParamHash['content_type_guid'])) { $pParamHash['content_type_guid'] = $this->mContentTypeGuid; } if (@$this->verifyId($pParamHash['content_id'])) { $pParamHash['page_store']['content_id'] = $pParamHash['content_id']; } // check for name issues, first truncate length if too long if (empty($pParamHash['title'])) { $this->mErrors['title'] = 'You must specify a title'; } elseif (!empty($pParamHash['title']) || !empty($this->mPageName)) { if (!$this->verifyId($this->mPageId)) { if (empty($pParamHash['title'])) { $this->mErrors['title'] = 'You must enter a name for this page.'; } else { $pParamHash['content_store']['title'] = substr($pParamHash['title'], 0, 160); if ($gBitSystem->isFeatureActive('wiki_allow_dup_page_names')) { # silently allow pages with duplicate names to be created } else { if ($this->pageExists($pParamHash['title'])) { $this->mErrors['title'] = 'Page "' . $pParamHash['title'] . '" already exists. Please choose a different name.'; } } } } else { $pParamHash['content_store']['title'] = isset($pParamHash['title']) ? substr($pParamHash['title'], 0, 160) : $this->mPageName; if ($gBitSystem->isFeatureActive('wiki_allow_dup_page_names')) { # silently allow pages with duplicate names to be created } else { if ($gBitUser->hasPermission('p_wiki_rename_page') && (isset($this->mInfo['title']) && $pParamHash['title'] != $this->mInfo['title'])) { if ($this->pageExists($pParamHash['title'])) { $this->mErrors['title'] = 'Page "' . $pParamHash['title'] . '" already exists. Please choose a different name.'; } } } } } if (empty($pParamHash['edit_comment'])) { $pParamHash['page_store']['edit_comment'] = NULL; } else { $pParamHash['page_store']['edit_comment'] = substr($pParamHash['edit_comment'], 0, 200); } if (!empty($pParamHash['minor']) && $this->isValid()) { // we can only minor save over our own versions if (!$gBitUser->isRegistered() || $this->mInfo['modifier_user_id'] != $gBitUser->mUserId && !$gBitUser->isAdmin()) { unset($pParamHash['minor']); } } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
/** * verify Make sure the data is safe to store * @param pParamHash be sure to pass by reference in case we need to make modifcations to the hash * This function is responsible for data integrity and validation before any operations are performed with the $pParamHash * NOTE: This is a PRIVATE METHOD!!!! do not call outside this class, under penalty of death! * * @param array $pParamHash reference to hash of values that will be used to store the page, they will be modified where necessary * @access private * @return boolean TRUE on success, FALSE on failure - $this->mErrors will contain reason for failure */ function verify(&$pParamHash) { // make sure we're all loaded up of we have a mEnergyMeasuresId if ($this->verifyId($this->mEnergyMeasuresId) && empty($this->mInfo)) { $this->load(); } if (@$this->verifyId($this->mInfo['content_id'])) { $pParamHash['content_id'] = $this->mInfo['content_id']; } // It is possible a derived class set this to something different if (@$this->verifyId($pParamHash['content_type_guid'])) { $pParamHash['content_type_guid'] = $this->mContentTypeGuid; } if (@$this->verifyId($pParamHash['content_id'])) { $pParamHash['energymeasures_store']['content_id'] = $pParamHash['content_id']; } if (!empty($pParamHash['data'])) { $pParamHash['edit'] = $pParamHash['data']; } // If title specified truncate to make sure not too long if (!empty($pParamHash['title'])) { if (strlen($pParamHash['title']) > 160) { $this->mErrors['title'] = 'The title is too long. Maximum title length is 160 characters.'; } else { $pParamHash['content_store']['title'] = $pParamHash['title']; } } else { if (empty($pParamHash['title'])) { // else is error as must have title $this->mErrors['title'] = 'You must enter a title.'; } } // required type if (!empty($pParamHash['type'])) { $pParamHash['energymeasures_store']['type'] = $pParamHash['type']; } else { $this->mErrors['type'] = "You must selected a type."; } // required MwH if (!empty($pParamHash['mwh'])) { $mwh = $pParamHash['mwh']; // someone might have put in commas, remove them $mwh = str_replace(',', '', $mwh); if (is_int((int) $mwh)) { $pParamHash['energymeasures_store']['mwh'] = $mwh; } else { $this->mErrors['mwh'] = "MwH must be an Integer. Commas will be automatically stripped."; } } else { $this->mErrors['mwh'] = "You must provide a MwH value."; } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }
/** * verify store hash * * @param array $pParamHash Data to be verified * @access public * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure */ function verify(&$pParamHash) { global $gBitSystem; trim_array($pParamHash); // DO NOT REMOVE - to allow specific setting of the user_id during the first store. // used by ROOT_USER_ID or ANONYMOUS_USER_ID during install. if (@$this->verifyId($pParamHash['user_id'])) { $pParamHash['user_store']['user_id'] = $pParamHash['user_id']; } // require login if (!empty($pParamHash['login']) && $pParamHash['login'] != $this->getField('login')) { $pParamHash['login'] = strip_tags($pParamHash['login']); if ($this->userExists(array('login' => $pParamHash['login']))) { $this->mErrors['login'] = '******' . $pParamHash['login'] . '" is already in use'; } elseif (preg_match('/[^A-Za-z0-9_.-]/', $pParamHash["login"])) { $this->mErrors['login'] = tra("Your username can only contain numbers, characters, underscores and hyphens."); } else { // LOWER CASE all logins $pParamHash['login'] = strtolower($pParamHash['login']); $pParamHash['user_store']['login'] = $pParamHash['login']; } } // some people really like using first and last names // push them into real_name if (!empty($pParamHash['first_name'])) { $pParamHash['real_name'] = $pParamHash['first_name']; } if (!empty($pParamHash['last_name'])) { $pParamHash['real_name'] = !empty($pParamHash['real_name']) ? $pParamHash['real_name'] . " " : ''; $pParamHash['real_name'] .= $pParamHash['last_name']; } // real_name if (!empty($pParamHash['real_name'])) { $pParamHash['user_store']['real_name'] = substr(strip_tags($pParamHash['real_name']), 0, 64); } // require email if (!empty($pParamHash['email'])) { // LOWER CASE all emails $pParamHash['email'] = strtolower($pParamHash['email']); if ($emailResult = $this->verifyEmail($pParamHash['email'], $this->mErrors)) { $pParamHash['verified_email'] = $emailResult === true; } } // check some new user requirements if (!$this->isRegistered()) { if (empty($pParamHash['login'])) { // choose a login based on the username in the email if (empty($pParamHash['email'])) { // obviously if they didnt enter an email address we cant help them out $this->mErrors['email'] = tra('You must enter your email address'); } else { $loginBase = preg_replace('/[^A-Za-z0-9_]/', '', substr($pParamHash['email'], 0, strpos($pParamHash['email'], '@'))); $login = $loginBase; do { if ($loginTaken = $this->userExists(array('login' => $login))) { $login = $loginBase . rand(100, 999); } } while ($loginTaken); $pParamHash['login'] = $login; } } if (empty($pParamHash['registration_date'])) { $pParamHash['registration_date'] = date("U"); } $pParamHash['user_store']['registration_date'] = $pParamHash['registration_date']; if (!empty($pParamHash['email']) && empty($this->mErrors['email'])) { $pParamHash['user_store']['email'] = substr($pParamHash['email'], 0, 200); } elseif (empty($pParamHash['email'])) { $this->mErrors['email'] = tra('You must enter your email address'); } if ($gBitSystem->isFeatureActive('users_validate_user')) { $pParamHash['user_store']['provpass'] = md5(BitSystem::genPass()); $pParamHash['pass_due'] = 0; } elseif (empty($pParamHash['password'])) { $this->mErrors['password'] = tra('Your password should be at least ' . $gBitSystem->getConfig('users_min_pass_length', 4) . ' characters long'); } } elseif ($this->isValid()) { // Prevent losing user info on save if (empty($pParamHash['edit'])) { $pParamHash['edit'] = $this->mInfo['data']; } } if (isset($pParamHash['password'])) { if (isset($pParamHash["password2"]) && $pParamHash["password"] != $pParamHash["password2"]) { $passwordErrors['password2'] = tra("The passwords didn't match"); } if ((!$this->isValid() || isset($pParamHash['password'])) && ($error = $this->verifyPasswordFormat($pParamHash['password']))) { $passwordErrors['password'] = $error; } if (!empty($passwordErrors)) { $this->mErrors = array_merge($this->mErrors, $passwordErrors); } else { // Generate a unique hash //$pParamHash['user_store']['hash'] = md5( strtolower( (!empty($pParamHash['login'])?$pParamHash['login']:'') ).$pPassword.$pParamHash['email'] ); $pParamHash['user_store']['hash'] = md5($pParamHash['password']); $now = $gBitSystem->getUTCTime(); // set password due date // if no pass_due and no user_pass_due value user will never have to update the password if (empty($pParamHash['pass_due']) && $gBitSystem->getConfig('users_pass_due')) { // renew password according to config value $pParamHash['user_store']['pass_due'] = $now + 60 * 60 * 24 * $gBitSystem->getConfig('users_pass_due'); } elseif (!empty($pParamHash['pass_due'])) { // renew password only next half year ;) $pParamHash['user_store']['pass_due'] = $now + 60 * 60 * 24 * $pParamHash['pass_due']; } if ($gBitSystem->isFeatureActive('users_clear_passwords') || !empty($pParamHash['user_store']['provpass'])) { $pParamHash['user_store']['user_password'] = $pParamHash['password']; } } } // if we have an error we get them all by checking parent classes for additional errors if (count($this->mErrors) > 0) { parent::verify($pParamHash); } return count($this->mErrors) == 0; }