protected function onSubmitCallback(\DataContainer $dc) { // HOOK: send insert ID and user data if (isset($GLOBALS['TL_HOOKS']['preRegistration']) && is_array($GLOBALS['TL_HOOKS']['preRegistration'])) { foreach ($GLOBALS['TL_HOOKS']['preRegistration'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($dc->activeRecord->id, $dc->activeRecord, $this->objModule); } } $objMember = \MemberModel::findByPk($dc->activeRecord->id); $objMember->login = $this->objModule->reg_allowLogin; $objMember->activation = md5(uniqid(mt_rand(), true)); $objMember->dateAdded = $dc->activeRecord->tstamp; // Set default groups if (empty($objMember->groups)) { $objMember->groups = $this->objModule->reg_groups; } // Disable account $objMember->disable = 1; $objMember->save(); if ($this->objModule->reg_activate_plus) { $this->formHybridSendConfirmationViaEmail = true; } // HOOK: send insert ID and user data if (isset($GLOBALS['TL_HOOKS']['createNewUser']) && is_array($GLOBALS['TL_HOOKS']['createNewUser'])) { foreach ($GLOBALS['TL_HOOKS']['createNewUser'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($objMember->id, $objMember->row(), $this->objModule); } } // $this->setReset(false); // debug - stay on current page }
/** * Send a lost password e-mail * @param object */ protected function sendPasswordLink($objMember) { $objNotification = \NotificationCenter\Model\Notification::findByPk($this->nc_notification); if ($objNotification === null) { $this->log('The notification was not found ID ' . $this->nc_notification, __METHOD__, TL_ERROR); return; } $confirmationId = md5(uniqid(mt_rand(), true)); // Store the confirmation ID $objMember = \MemberModel::findByPk($objMember->id); $objMember->activation = $confirmationId; $objMember->save(); $arrTokens = array(); // Add member tokens foreach ($objMember->row() as $k => $v) { $arrTokens['member_' . $k] = $v; } $arrTokens['recipient_email'] = $objMember->email; $arrTokens['domain'] = \Idna::decode(\Environment::get('host')); $arrTokens['link'] = \Idna::decode(\Environment::get('base')) . \Environment::get('request') . ($GLOBALS['TL_CONFIG']['disableAlias'] || strpos(\Environment::get('request'), '?') !== false ? '&' : '?') . 'token=' . $confirmationId; $objNotification->send($arrTokens); $this->log('A new password has been requested for user ID ' . $objMember->id . ' (' . $objMember->email . ')', __METHOD__, TL_ACCESS); // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } $this->reload(); }
/** * Get the member avatar * @param integer * @param integer * @param integer * @return string */ public static function getMember($intId, $intWidth = null, $intHeight = null) { $objMember = \MemberModel::findByPk($intId); // Use the default size if (!$intWidth || !$intHeight) { list($intWidth, $intHeight) = static::getMemberSize(); } // Use the Gravatar if ($objMember->avatar_gravatar) { return static::getGravatar($objMember->email, $intWidth); } $strFile = static::find($intId, static::getMemberPath()); // Use placeholder member has no avatar if ($strFile == '') { if (\Config::get('avatar_member_placeholder') == '') { return ''; } $objFile = \FilesModel::findByUuid(\Config::get('avatar_member_placeholder')); if ($objFile === null || !is_file(TL_ROOT . '/' . $objFile->path)) { return ''; } $strFile = $objFile->path; } return \Image::get($strFile, $intWidth, $intHeight); }
/** * Generate the module */ protected function compile() { $this->import('FrontendUser', 'User'); // Initialize the password widget $arrField = array('name' => 'password', 'inputType' => 'text', 'label' => $GLOBALS['TL_LANG']['MSC']['password'][0], 'eval' => array('hideInput' => true, 'mandatory' => true, 'required' => true, 'tableless' => $this->tableless)); $objWidget = new \FormTextField(\FormTextField::getAttributesFromDca($arrField, $arrField['name'])); $objWidget->rowClass = 'row_0 row_first even'; // Validate widget if (\Input::post('FORM_SUBMIT') == 'tl_close_account') { $objWidget->validate(); // Validate the password if (!$objWidget->hasErrors()) { // The password has been generated with crypt() if (\Encryption::test($this->User->password)) { $blnAuthenticated = \Encryption::verify($objWidget->value, $this->User->password); } else { list($strPassword, $strSalt) = explode(':', $this->User->password); $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value); } if (!$blnAuthenticated) { $objWidget->value = ''; $objWidget->addError($GLOBALS['TL_LANG']['ERR']['invalidPass']); } } // Close account if (!$objWidget->hasErrors()) { // HOOK: send account ID if (isset($GLOBALS['TL_HOOKS']['closeAccount']) && is_array($GLOBALS['TL_HOOKS']['closeAccount'])) { foreach ($GLOBALS['TL_HOOKS']['closeAccount'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User->id, $this->reg_close, $this); } } $objMember = \MemberModel::findByPk($this->User->id); // Remove the account if ($this->reg_close == 'close_delete') { $objMember->delete(); $this->log('User account ID ' . $this->User->id . ' (' . $this->User->email . ') has been deleted', __METHOD__, TL_ACCESS); } else { $objMember->disable = 1; $objMember->tstamp = time(); $objMember->save(); $this->log('User account ID ' . $this->User->id . ' (' . $this->User->email . ') has been deactivated', __METHOD__, TL_ACCESS); } $this->User->logout(); // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } $this->reload(); } } $this->Template->fields = $objWidget->parse(); $this->Template->formId = 'tl_close_account'; $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['closeAccount']); $this->Template->rowLast = 'row_1 row_last odd'; $this->Template->tableless = $this->tableless; }
/** * Generate the module */ protected function compile() { // add miscellaneous vars to the template $this->addTemplateVars(); // get href for the detail-page $objDetailPage = \PageModel::findWithDetails($this->detailPage); if ($objDetailPage === NULL) { $href = NULL; } else { $href = $this->generateFrontendUrl($objDetailPage->row(), \Config::get('useAutoItem') && !\Config::get('disableAlias') ? '/%s' : '/member/%s', $objDetailPage->language); } $objMember = $this->Database->prepare('SELECT * FROM tl_member WHERE disable = ?')->execute(0); $arrRows = array(); while ($row = $objMember->fetchAssoc()) { foreach ($row as $k => $v) { if ($k == 'id' || $k == 'tstamp' || $k == 'password' || $k == 'avatar') { continue; } $row[$k] = $v; } // score and grade $row['score'] = $this->getScore($row['id']); $row['averageRating'] = $this->getAverageRating($row['id']); $row['ratingEnities'] = $this->getRatingEnities($row['id']); $row['gradeLabel'] = $this->getGrade($row['id'], 'label'); $row['gradeIcon'] = $this->getGrade($row['id'], 'label'); // link to detail page $row['hrefDetailPage'] = $href ? sprintf($href, $row['id']) : false; // get avatar of member $arrSize = deserialize($this->avatarSizeListing); $title = $row['firstname'] . ' ' . $row['lastname']; $row['avatar'] = $this->getAvatar($objMember->id, $arrSize, 'avatar', $title, 'avatar_thumb', $this); // Show only Members from a selected group if ($this->limitUsers) { $arrGroups = deserialize($this->listedGroups); $oMember = \MemberModel::findByPk($objMember->id); if ($oMember !== null) { if (count(array_intersect(deserialize($oMember->groups), $arrGroups)) < 1) { continue; } } } $arrRows[] = $row; } // Sorting $arrSorting = array(); if (!empty($this->sortingField1) && !empty($this->sortingDirection1)) { $arrSorting[$this->sortingField1] = constant($this->sortingDirection1); } if (!empty($this->sortingField2) && !empty($this->sortingDirection2)) { $arrSorting[$this->sortingField2] = constant($this->sortingDirection2); } if (!empty($this->sortingField3) && !empty($this->sortingDirection3)) { $arrSorting[$this->sortingField3] = constant($this->sortingDirection3); } $arrRows = sortArrayByFields($arrRows, $arrSorting); $this->Template->rows = count($arrRows) ? $arrRows : false; }
public static function getMemberContentLink($intId) { if (($objMemberContentArchive = MemberContentArchiveModel::findByPk($intId)) !== null) { if (($objTag = MemberContentArchiveTagModel::findByPk($objMemberContentArchive->tag)) !== null && $objTag->jumpTo) { if (($objMember = \MemberModel::findByPk($objMemberContentArchive->mid)) !== null) { return Url::generateFrontendUrl($objTag->jumpTo) . '/' . General::getAliasIfAvailable($objMember); } } } }
/** * Check Credentials, ldap password != contao password * @param String - Input Username $username * @param String - Input Password $password * @param unknown $objMember */ public function checkCredentialsHook($strUsername, $strPassword, $objMember) { // store randomized password, so contao will always trigger the checkCredentials HOOK $objMember1 = \MemberModel::findByPk($objMember->id); LdapMember::resetPassword($objMember1, $strUsername); if (LdapMember::authenticateLdapMember($strUsername, $strPassword)) { LdapMember::doUpdateMember($objMember1, $objMember1->ldapUid, $objMember1->email, $objMember1->firstname, $objMember1->lastname, deserialize($GLOBALS['TL_CONFIG']['ldap_groups'], true)); return true; } else { return false; } }
/** * Actually execute the GoogleAnalytics tracking * @param Database_Result * @param IsotopeProductCollection $objOrder */ protected function trackGATransaction($objConfig, $objOrder) { // Initilize GA Tracker $tracker = new \UnitedPrototype\GoogleAnalytics\Tracker($objConfig->ga_account, \Environment::get('base')); // Assemble Visitor information // (could also get unserialized from database) $visitor = new \UnitedPrototype\GoogleAnalytics\Visitor(); $visitor->setIpAddress(\Environment::get('ip')); $visitor->setUserAgent(\Environment::get('httpUserAgent')); $transaction = new \UnitedPrototype\GoogleAnalytics\Transaction(); $transaction->setOrderId($objOrder->document_number); $transaction->setAffiliation($objConfig->name); $transaction->setTotal($objOrder->getTotal()); $transaction->setTax($objOrder->getTotal() - $objOrder->getTaxFreeTotal()); // $transaction->setShipping($objOrder->shippingTotal); $objAddress = $objOrder->getBillingAddress(); $transaction->setCity($objAddress->city); if ($objAddress->subdivision) { $arrSub = explode("-", $objAddress->subdivision, 2); $transaction->setRegion($arrSub[1]); } $transaction->setCountry($objAddress->country); /** @var \Isotope\Model\ProductCollectionItem $objItem */ foreach ($objOrder->getItems() as $objItem) { $item = new \UnitedPrototype\GoogleAnalytics\Item(); if ($objItem->getSku()) { $item->setSku($objItem->getSku()); } else { $item->setSku('product' . $objItem->product_id); } $item->setName($objItem->getName()); $item->setPrice($objItem->getPrice()); $item->setQuantity($objItem->quantity); $arrOptionValues = array(); foreach ($objItem->getConfiguration() as $option) { $arrOptionValues[] = (string) $option; } if (!empty($arrOptionValues)) { $item->setVariation(implode(', ', $arrOptionValues)); } $transaction->addItem($item); } // Track logged-in member as custom variable if ($objConfig->ga_member != '' && $objOrder->member > 0 && ($objMember = \MemberModel::findByPk($objOrder->member)) !== null) { $customVar = new \UnitedPrototype\GoogleAnalytics\CustomVariable(1, 'Member', $this->parseSimpleTokens($objConfig->ga_member, $objMember->row()), \UnitedPrototype\GoogleAnalytics\CustomVariable::SCOPE_VISITOR); $tracker->addCustomVariable($customVar); } // Assemble Session information // (could also get unserialized from PHP session) $session = new \UnitedPrototype\GoogleAnalytics\Session(); $tracker->trackTransaction($transaction, $session, $visitor); }
public function recordUsername($intId, &$arrData) { if (!strlen($arrData['username'])) { $arrData['username'] = $arrData['email']; \Input::setPost('username', $arrData['email']); \Database::getInstance()->prepare("UPDATE tl_member SET username=? WHERE id=?")->execute($arrData['email'], $intId); $memberModel = \MemberModel::findByPk($intId); // Fix the problem with versions (see #7) if (null !== $memberModel) { $memberModel->refresh(); } } }
public function listReviews($arrRow) { $strReview = '<div>'; if (($objMember = \MemberModel::findByPk($arrRow['jid'])) !== null) { $strReview .= $objMember->firstname . ' ' . $objMember->lastname; } if (($objSubmission = \HeimrichHannot\Competition\SubmissionModel::findByPk($arrRow['sid'])) !== null) { if ($objSubmission->companyTeamName) { $strReview .= ' <span style="color:#b3b3b3; padding-left:3px">[' . $objSubmission->companyTeamName . ']</span>'; } } $strReview .= '</div>'; return $strReview; }
/** * Generate the module */ protected function compile() { $this->import('FrontendUser', 'User'); // Initialize the password widget $arrField = array('name' => 'password', 'inputType' => 'text', 'label' => $GLOBALS['TL_LANG']['MSC']['password'][0], 'eval' => array('hideInput' => true, 'mandatory' => true, 'required' => true, 'tableless' => $this->tableless)); $objWidget = new \FormTextField($this->prepareForWidget($arrField, $arrField['name'])); $objWidget->rowClass = 'row_0 row_first even'; // Validate widget if (\Input::post('FORM_SUBMIT') == 'tl_close_account') { $objWidget->validate(); // Validate password if (!$objWidget->hasErrors()) { list(, $strSalt) = explode(':', $this->User->password); if (!strlen($strSalt) || sha1($strSalt . $objWidget->value) . ':' . $strSalt != $this->User->password) { $objWidget->value = ''; $objWidget->addError($GLOBALS['TL_LANG']['ERR']['invalidPass']); } } // Close account if (!$objWidget->hasErrors()) { // HOOK: send account ID if (isset($GLOBALS['TL_HOOKS']['closeAccount']) && is_array($GLOBALS['TL_HOOKS']['closeAccount'])) { foreach ($GLOBALS['TL_HOOKS']['closeAccount'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User->id, $this->reg_close, $this); } } $objMember = \MemberModel::findByPk($this->User->id); // Remove the account if ($this->reg_close == 'close_delete') { $objMember->delete(); $this->log('User account ID ' . $this->User->id . ' (' . $this->User->email . ') has been deleted', 'ModuleCloseAccount compile()', TL_ACCESS); } else { $objMember->disable = 1; $objMember->save(); $this->log('User account ID ' . $this->User->id . ' (' . $this->User->email . ') has been deactivated', 'ModuleCloseAccount compile()', TL_ACCESS); } $this->User->logout(); $this->jumpToOrReload($this->objModel->getRelated('jumpTo')->row()); } } $this->Template->fields = $objWidget->parse(); $this->Template->formId = 'tl_close_account'; $this->Template->action = $this->getIndexFreeRequest(); $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['closeAccount']); $this->Template->rowLast = 'row_1 row_last odd'; $this->Template->tableless = $this->tableless; }
/** * Return the "toggle visibility" button * @param array * @param string * @param string * @param string * @param string * @param string * @return string */ public function toggleIcon($row, $href, $label, $title, $icon, $attributes) { $objMember = \MemberModel::findByPk($row['id']); $href .= '&id=' . $row['id']; $arrDB = \Database::getInstance()->prepare("SELECT * FROM tl_abo as a, tl_abo_order as o WHERE o.memberId = ? and o.aboId = a.id")->execute($row['id'])->fetchAssoc(); if ($arrDB) { $icon = 'system/modules/abonnement/html/abo.png'; $title = "Abo: " . $arrDB['title'] . '<br>'; } else { $icon = 'system/modules/abonnement/html/abo_none.png'; $title = 'Derzeit kein Abo laufen!<br>'; } foreach (deserialize($objMember->groups, true) as $intGroupId) { $objGroup = MemberGroupModel::findByPk($intGroupId); $title .= "<br>" . $objGroup->name; } return '<a href="' . $this->addToUrl('do=member&' . $href) . '" title="' . specialchars($title) . '"' . $attributes . '>' . $this->generateImage($icon, $label) . '</a> '; }
public function setUsernameFromEmail(&$objDc) { if ($objDc instanceof \Contao\FrontendUser) { if (!$objDc->email) { return; } $objDc->username = $objDc->email; $objDc->save(); } elseif ($objDc->activeRecord) { if (!$objDc->activeRecord->email) { return; } $objMember = \MemberModel::findByPk($objDc->activeRecord->id); $objMember->refresh(); $objMember->username = $objDc->activeRecord->email; if (TL_MODE == 'BE') { $objDc->activeRecord->username = $objDc->activeRecord->email; } $objMember->save(); } }
/** * Send a lost password e-mail * * @param \MemberModel $objMember */ protected function sendPasswordLink($objMember) { $objNotification = \NotificationCenter\Model\Notification::findByPk($this->nc_notification); if ($objNotification === null) { $this->log('The notification was not found ID ' . $this->nc_notification, __METHOD__, TL_ERROR); return; } $confirmationId = md5(uniqid(mt_rand(), true)); // Store the confirmation ID $objMember = \MemberModel::findByPk($objMember->id); $objMember->activation = $confirmationId; $objMember->save(); $arrTokens = array(); // Add member tokens foreach ($objMember->row() as $k => $v) { if (\Validator::isBinaryUuid($v)) { $v = \StringUtil::binToUuid($v); } $arrTokens['member_' . $k] = specialchars($v); } // FIX: Add salutation token $arrTokens['salutation_user'] = NotificationCenterPlus::createSalutation($GLOBALS['TL_LANGUAGE'], $objMember); // ENDFIX $arrTokens['recipient_email'] = $objMember->email; $arrTokens['domain'] = \Idna::decode(\Environment::get('host')); $arrTokens['link'] = \Idna::decode(\Environment::get('base')) . \Environment::get('request') . ($GLOBALS['TL_CONFIG']['disableAlias'] || strpos(\Environment::get('request'), '?') !== false ? '&' : '?') . 'token=' . $confirmationId; // FIX: Add custom change password jump to if (($objJumpTo = $this->objModel->getRelated('changePasswordJumpTo')) !== null) { $arrTokens['link'] = \Idna::decode(\Environment::get('base')) . \Controller::generateFrontendUrl($objJumpTo->row(), '?token=' . $confirmationId); } // ENDFIX $objNotification->send($arrTokens, $GLOBALS['TL_LANGUAGE']); $this->log('A new password has been requested for user ID ' . $objMember->id . ' (' . $objMember->email . ')', __METHOD__, TL_ACCESS); // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } StatusMessage::addSuccess(sprintf($GLOBALS['TL_LANG']['notification_center_plus']['sendPasswordLink']['messageSuccess'], $arrTokens['recipient_email']), $this->objModel->id); $this->reload(); }
/** * Generate the module */ protected function compile() { /** @var \PageModel $objPage */ global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Old password widget $arrFields['oldPassword'] = array('name' => 'oldpassword', 'label' => &$GLOBALS['TL_LANG']['MSC']['oldPassword'], 'inputType' => 'text', 'eval' => array('mandatory' => true, 'preserveTags' => true, 'hideInput' => true)); // New password widget $arrFields['newPassword'] = $GLOBALS['TL_DCA']['tl_member']['fields']['password']; $arrFields['newPassword']['name'] = 'password'; $arrFields['newPassword']['label'] =& $GLOBALS['TL_LANG']['MSC']['newPassword']; $row = 0; $strFields = ''; $doNotSubmit = false; $objMember = \MemberModel::findByPk($this->User->id); $strTable = $objMember->getTable(); // Initialize the versioning (see #8301) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); /** @var \FormTextField $objOldPassword */ $objOldPassword = null; /** @var \FormPassword $objNewPassword */ $objNewPassword = null; // Initialize the widgets foreach ($arrFields as $strKey => $arrField) { /** @var \Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrField['inputType']]; // Continue if the class is not defined if (!class_exists($strClass)) { continue; } $arrField['eval']['tableless'] = $this->tableless; $arrField['eval']['required'] = $arrField['eval']['mandatory']; /** @var \Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name'])); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof \FormPassword) { $objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd'); } ++$row; // Store the widget objects $strVar = 'obj' . ucfirst($strKey); ${$strVar} = $objWidget; // Validate the widget if (\Input::post('FORM_SUBMIT') == 'tl_change_password') { $objWidget->validate(); // Validate the old password if ($strKey == 'oldPassword') { if (\Encryption::test($objMember->password)) { $blnAuthenticated = \Encryption::verify($objWidget->value, $objMember->password); } else { list($strPassword, $strSalt) = explode(':', $objMember->password); $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value); } if (!$blnAuthenticated) { $objWidget->value = ''; $objWidget->addError($GLOBALS['TL_LANG']['MSC']['oldPasswordWrong']); sleep(2); // Wait 2 seconds while brute forcing :) } } if ($objWidget->hasErrors()) { $doNotSubmit = true; } } $strFields .= $objWidget->parse(); } $this->Template->fields = $strFields; $this->Template->hasError = $doNotSubmit; // Store the new password if (\Input::post('FORM_SUBMIT') == 'tl_change_password' && !$doNotSubmit) { $objMember->tstamp = time(); $objMember->password = $objNewPassword->value; $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); } // HOOK: set new password callback if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) { foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($objMember, $objNewPassword->value, $this); } } // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } \Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['newPasswordSet']); $this->reload(); } $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['changePassword']); $this->Template->rowLast = 'row_' . $row . ' row_last' . ($row % 2 == 0 ? ' even' : ' odd'); $this->Template->tableless = $this->tableless; $this->Template->message = \Message::generate(false, true); }
/** * List a single record */ protected function listSingleRecord() { global $objPage; /** * Prepare URL */ $page_get = 'page_fd' . $this->id; $strUrl = preg_replace('/\\?.*$/', '', urldecode(\Environment::get('request'))); $strUrlParams = ''; $blnQuery = false; foreach (preg_split('/&(amp;)?/', urldecode($_SERVER['QUERY_STRING'])) as $fragment) { if (strlen($fragment)) { if (strncasecmp($fragment, 'file', 5) !== 0 && strncasecmp($fragment, $this->strDetailKey, strlen($this->strDetailKey)) !== 0 && strncasecmp($fragment, 'order_by', 8) !== 0 && strncasecmp($fragment, 'sort', 4) !== 0 && strncasecmp($fragment, $page_get, strlen($page_get)) !== 0) { $strUrlParams .= (!$blnQuery ? '' : '&') . $fragment; $blnQuery = true; } } } // check record if (intval($this->intRecordId) < 1) { $strRed = preg_replace(array('/\\/' . $this->strDetailKey . '\\/' . \Input::get($this->strDetailKey) . '/i', '/' . $this->strDetailKey . '=' . \Input::get($this->strDetailKey) . '/i'), array('', ''), $strUrl) . (strlen($strUrlParams) ? '?' . $strUrlParams : ''); \Controller::redirect($strRed); } // check access if (strlen($this->efg_list_access) && $this->efg_list_access != 'public') { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (!in_array(intval($varOwner['fd_member']), $this->arrAllowedOwnerIds)) { $strRed = preg_replace(array('/\\/' . $this->strDetailKey . '\\/' . \Input::get($this->strDetailKey) . '/i', '/' . $this->strDetailKey . '=' . \Input::get($this->strDetailKey) . '/i'), array('', ''), $strUrl) . (strlen($strUrlParams) ? '?' . $strUrlParams : ''); \Controller::redirect($strRed); } } // check edit access $blnEditAllowed = false; if ($this->efg_fe_edit_access == 'none') { $blnEditAllowed = false; } elseif ($this->efg_fe_edit_access == 'public') { $blnEditAllowed = true; } elseif (strlen($this->efg_fe_edit_access)) { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (in_array(intval($varOwner['fd_member']), $this->arrAllowedEditOwnerIds)) { $blnEditAllowed = true; } } // check delete access $blnDeleteAllowed = false; if ($this->efg_fe_delete_access == 'none') { $blnDeleteAllowed = false; } elseif ($this->efg_fe_delete_access == 'public') { $blnDeleteAllowed = true; } elseif (strlen($this->efg_fe_delete_access)) { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (in_array(intval($varOwner['fd_member']), $this->arrAllowedDeleteOwnerIds)) { $blnDeleteAllowed = true; } } // check export access $blnExportAllowed = false; if ($this->efg_fe_export_access == 'none') { $blnExportAllowed = false; } elseif ($this->efg_fe_export_access == 'public') { $blnExportAllowed = true; } elseif (strlen($this->efg_fe_export_access)) { $objOwner = \Database::getInstance()->prepare("SELECT fd_member FROM tl_formdata WHERE id=?")->execute($this->intRecordId); $varOwner = $objOwner->fetchAssoc(); if (in_array(intval($varOwner['fd_member']), $this->arrAllowedExportOwnerIds)) { $blnExportAllowed = true; } } $allowedDownload = trimsplit(',', strtolower($GLOBALS['TL_CONFIG']['allowedDownload'])); // Fallback template if ($this->list_info_layout == '') { $this->list_info_layout = 'info_fd_table_default'; } $this->Template = new \FrontendTemplate($this->list_info_layout); $this->Template->textlink_details = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_details']; $this->Template->textlink_edit = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_edit']; $this->Template->textlink_delete = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_delete']; $this->Template->text_confirmDelete = $GLOBALS['TL_LANG']['tl_formdata']['fe_deleteConfirm']; $this->Template->textlink_export = $GLOBALS['TL_LANG']['tl_formdata']['fe_link_export']; $this->Template->iconFolder = $this->strIconFolder; $this->Template->editAllowed = $blnEditAllowed; $this->Template->deleteAllowed = $blnDeleteAllowed; $this->Template->exportAllowed = $blnExportAllowed; $this->list_info = deserialize($this->list_info); $this->Template->record = array(); // also store as single item $this->Template->listItem = array(); $arrListFields = explode(',', $this->list_info); $strSep = ''; // wildcards * and - if ($arrListFields[0] == '*') { $arrTempFields = array_merge($this->arrBaseFields, $this->arrDetailFields); foreach ($arrListFields as $field) { if (substr($field, 0, 1) == '-') { $intKey = array_search(substr($field, 1), $arrTempFields); if (!is_bool($intKey)) { unset($arrTempFields[$intKey]); } } } $arrListFields = $arrTempFields; } $strQuery = "SELECT "; $strWhere = ''; foreach ($arrListFields as $field) { if (in_array($field, $this->arrBaseFields)) { $strQuery .= $strSep . $field; $strSep = ', '; } if (!empty($this->arrDetailFields) && in_array($field, $this->arrDetailFields)) { $strQuery .= $strSep . '(SELECT value FROM tl_formdata_details WHERE ff_name="' . $field . '" AND pid=f.id ) AS `' . $field . '`'; $strSep = ', '; } } $strQuery .= " FROM " . $this->list_table . " f"; $strWhere .= (strlen($strWhere) ? " AND " : " WHERE ") . "id=?"; $strQuery .= $strWhere; $objRecord = \Database::getInstance()->prepare($strQuery)->limit(1)->execute($this->intRecordId); if ($objRecord->numRows < 1) { return; } $arrFields = array(); $arrRow = $objRecord->fetchAssoc(); $count = -1; $strLinkEdit = ''; if ($blnEditAllowed) { if (strlen($arrRow['alias']) && !$GLOBALS['TL_CONFIG']['disableAlias']) { $strLinkEdit = $strUrl . '?act=edit' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } else { $strLinkEdit = $strUrl . '?' . $this->strDetailKey . '=' . $this->intRecordId . '&act=edit' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } } $strLinkDelete = ''; if ($blnDeleteAllowed) { if (strlen($arrRow['alias']) && !$GLOBALS['TL_CONFIG']['disableAlias']) { $strLinkDelete = $strUrl . '?act=delete' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } else { $strLinkDelete = $strUrl . '?' . $this->strDetailKey . '=' . $this->intRecordId . '&act=delete' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } } $strLinkExport = ''; if ($blnExportAllowed) { if (strlen($arrRow['alias']) && !$GLOBALS['TL_CONFIG']['disableAlias']) { $strLinkExport = $strUrl . '?act=export' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } else { $strLinkExport = $strUrl . '?' . $this->strDetailKey . '=' . $this->intRecordId . '&act=export' . (strlen($strUrlParams) ? '&' . $strUrlParams : ''); } } $arrItem = array(); foreach ($arrListFields as $intKey => $strVal) { $k = $strVal; $v = $arrRow[$k]; $value = $this->formatValue($k, $v); $v = deserialize(\String::decodeEntities($v)); if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['inputType'] == 'fileTree' && $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['eval']['multiple'] == true) { $v = is_string($v) && strpos($v, '|') !== false ? explode('|', $v) : deserialize($v); } $class = 'row_' . ++$count . ($count == 0 ? ' row_first' : '') . ($count >= count($arrListFields) - 1 ? ' row_last' : '') . ($count % 2 == 0 ? ' even' : ' odd'); // add CSS class defined in form generator if (isset($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['ff_class']) && strlen($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['ff_class'])) { $class .= ' ' . $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['ff_class']; } $arrFields[$class] = array('label' => strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['label'][0]) ? htmlspecialchars($label) : htmlspecialchars($this->arrFF[$k]['label']), 'content' => $value, 'raw' => $v); $arrItem[$k] = array('name' => $k, 'label' => strlen($label = $GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['label'][0]) ? htmlspecialchars($label) : htmlspecialchars($this->arrFF[$k]['label']), 'content' => $value, 'raw' => $v, 'class' => str_replace('row_', 'field_', $class)); if ($GLOBALS['TL_DCA'][$this->list_table]['fields'][$k]['inputType'] == 'fileTree') { if (is_dir(TL_ROOT . '/' . $arrFields[$class]['content'])) { $arrFields[$class]['content'] = ' '; $arrItem[$k]['content'] = ' '; } elseif (!is_array($arrFields[$class]['raw']) && strlen($arrFields[$class]['raw']) && is_file(TL_ROOT . '/' . $arrFields[$class]['raw'])) { $objFile = new \File($arrFields[$class]['content']); if (!in_array($objFile->extension, $allowedDownload)) { $arrFields[$class]['content'] = ' '; $arrItem[$k]['content'] = ' '; } else { $arrFields[$class]['type'] = 'file'; $arrFields[$class]['src'] = $this->urlEncode($arrFields[$class]['content']); $arrItem[$k]['type'] = 'file'; $arrItem[$k]['src'] = $this->urlEncode($arrFields[$class]['content']); if (substr($objFile->mime, 0, 6) == 'image/') { $arrFields[$class]['display'] = 'image'; $arrItem[$k]['display'] = 'image'; } else { $size = ' (' . number_format($objFile->filesize / 1024, 1, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' kB)'; $href = preg_replace('@(\\?|&)download=.*?(&|$)@si', '', \Environment::get('request')); $href .= (strpos($href, '?') >= 1 ? '&' : '?') . 'download=' . $this->intRecordId . '.' . $k; $href = ampersand($href); $arrFields[$class]['display'] = 'download'; $arrFields[$class]['size'] = $size; $arrFields[$class]['href'] = $href; $arrFields[$class]['linkTitle'] = basename($objFile->basename); $arrFields[$class]['icon'] = $this->strIconFolder . '/' . $objFile->icon; $arrItem[$k]['display'] = 'download'; $arrItem[$k]['size'] = $size; $arrItem[$k]['href'] = $href; $arrItem[$k]['linkTitle'] = basename($objFile->basename); $arrItem[$k]['icon'] = $this->strIconFolder . '/' . $objFile->icon; } } } elseif (is_array($arrFields[$class]['raw'])) { $arrTemp = array(); $keyTemp = -1; $arrFields[$class]['type'] = 'file'; $arrItem[$k]['type'] = 'file'; foreach ($arrFields[$class]['raw'] as $kF => $strFile) { if (strlen($strFile) && is_file(TL_ROOT . '/' . $strFile)) { $objFile = new \File($strFile); if (!in_array($objFile->extension, $allowedDownload)) { unset($arrFields[$class]['raw'][$kF]); continue; } else { $keyTemp++; $arrTemp[$keyTemp]['src'] = $this->urlEncode($strFile); if (substr($objFile->mime, 0, 6) == 'image/') { $arrTemp[$keyTemp]['display'] = 'image'; } else { $size = ' (' . number_format($objFile->filesize / 1024, 1, $GLOBALS['TL_LANG']['MSC']['decimalSeparator'], $GLOBALS['TL_LANG']['MSC']['thousandsSeparator']) . ' kB)'; $href = preg_replace('@(\\?|&)download=.*?(&|$)@si', '', \Environment::get('request')); $href .= (strpos($href, '?') >= 1 ? '&' : '?') . 'download=' . $this->intRecordId . '.' . $k; $href = ampersand($href); $arrTemp[$keyTemp]['display'] = 'download'; $arrTemp[$keyTemp]['size'] = $size; $arrTemp[$keyTemp]['href'] = $href; $arrTemp[$keyTemp]['linkTitle'] = basename($objFile->basename); $arrTemp[$keyTemp]['icon'] = $this->strIconFolder . '/' . $objFile->icon; } } } } $arrFields[$class]['content'] = $arrTemp; $arrItem[$k]['content'] = $arrTemp; $arrFields[$class]['multiple'] = true; $arrFields[$class]['number_of_items'] = count($arrTemp); $arrItem[$k]['multiple'] = true; $arrItem[$k]['number_of_items'] = count($arrTemp); unset($arrTemp); } } } /** * Prepare URL */ $strUrl = preg_replace('/\\?.*$/', '', urldecode(\Environment::get('request'))); $this->Template->url = $strUrl; $this->Template->listItem = $arrItem; $this->Template->record = $arrFields; $this->Template->recordID = $this->intRecordId; $this->Template->link_edit = $strLinkEdit; $this->Template->link_delete = $strLinkDelete; $this->Template->link_export = $strLinkExport; /** * Comments */ if (!$this->efg_com_allow_comments || !in_array('comments', \ModuleLoader::getActive())) { $this->Template->allowComments = false; return; } $this->Template->allowComments = true; // Adjust the comments headline level $intHl = min(intval(str_replace('h', '', $this->hl)), 5); $this->Template->hlc = 'h' . ($intHl + 1); $this->import('Comments'); $arrNotifies = array(); // Notify system administrator if ($this->efg_com_notify != 'notify_author') { $arrNotifies[] = $GLOBALS['TL_ADMIN_EMAIL']; } // Notify author if ($this->efg_com_notify != 'notify_admin') { if (intval($objRecord->fd_user) > 0) { $objUser = \UserModel::findByPk($objRecord->fd_user); if ($objUser !== null && !empty($objUser->email)) { $arrNotifies[] = $objUser->email; } } if (intval($objRecord->fd_member) > 0) { $objMember = \MemberModel::findByPk($objRecord->fd_member); if ($objMember !== null && !empty($objMember->email)) { $arrNotifies[] = $objMember->email; } } } $objConfig = new \stdClass(); $objConfig->perPage = $this->efg_com_per_page; $objConfig->order = $this->com_order; $objConfig->template = $this->com_template; $objConfig->requireLogin = $this->com_requireLogin; $objConfig->disableCaptcha = $this->com_disableCaptcha; $objConfig->bbcode = $this->com_bbcode; $objConfig->moderate = $this->com_moderate; $this->Comments->addCommentsToTemplate($this->Template, $objConfig, 'tl_formdata', $this->intRecordId, $arrNotifies); }
/** * Generate the module */ protected function compile() { /** @var \PageModel $objPage */ global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Call onload_callback (e.g. to check permissions) if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}(); } elseif (is_callable($callback)) { $callback(); } } } // Set the template if ($this->memberTpl != '') { /** @var \FrontendTemplate|object $objTemplate */ $objTemplate = new \FrontendTemplate($this->memberTpl); $this->Template = $objTemplate; $this->Template->setData($this->arrData); } $this->Template->fields = ''; $this->Template->tableless = $this->tableless; $arrFields = array(); $doNotSubmit = false; $hasUpload = false; $row = 0; // Predefine the group order (other groups will be appended automatically) $arrGroups = array('personal' => array(), 'address' => array(), 'contact' => array(), 'login' => array(), 'profile' => array()); $blnModified = false; $objMember = \MemberModel::findByPk($this->User->id); $strTable = $objMember->getTable(); // Initialize the versioning (see #7415) $objVersions = new \Versions($strTable, $objMember->id); $objVersions->setUsername($objMember->username); $objVersions->setUserId(0); $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1'); $objVersions->initialize(); // Build the form foreach ($this->editable as $field) { $arrData =& $GLOBALS['TL_DCA']['tl_member']['fields'][$field]; // Map checkboxWizards to regular checkbox widgets if ($arrData['inputType'] == 'checkboxWizard') { $arrData['inputType'] = 'checkbox'; } // Map fileTrees to upload widgets (see #8091) if ($arrData['inputType'] == 'fileTree') { $arrData['inputType'] = 'upload'; } /** @var \Widget $strClass */ $strClass = $GLOBALS['TL_FFL'][$arrData['inputType']]; // Continue if the class does not exist if (!$arrData['eval']['feEditable'] || !class_exists($strClass)) { continue; } $strGroup = $arrData['eval']['feGroup']; $arrData['eval']['required'] = false; $arrData['eval']['tableless'] = $this->tableless; // Use strlen() here (see #3277) if ($arrData['eval']['mandatory']) { if (is_array($this->User->{$field})) { if (empty($this->User->{$field})) { $arrData['eval']['required'] = true; } } else { if (!strlen($this->User->{$field})) { $arrData['eval']['required'] = true; } } } $varValue = $this->User->{$field}; // Call the load_callback if (isset($arrData['load_callback']) && is_array($arrData['load_callback'])) { foreach ($arrData['load_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback[0]}->{$callback[1]}($varValue, $this->User, $this); } elseif (is_callable($callback)) { $varValue = $callback($varValue, $this->User, $this); } } } /** @var \Widget $objWidget */ $objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $field, $varValue, $field, $strTable, $this)); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof \FormPassword) { if ($objMember->password != '') { $objWidget->mandatory = false; } $objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd'); } // Validate the form data if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id) { $objWidget->validate(); $varValue = $objWidget->value; $rgxp = $arrData['eval']['rgxp']; // Convert date formats into timestamps (check the eval setting first -> #3063) if ($varValue != '' && in_array($rgxp, array('date', 'time', 'datim'))) { try { $objDate = new \Date($varValue, \Date::getFormatFromRgxp($rgxp)); $varValue = $objDate->tstamp; } catch (\OutOfBoundsException $e) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varValue)); } } // Make sure that unique fields are unique (check the eval setting first -> #3063) if ($arrData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue('tl_member', $field, $varValue, $this->User->id)) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrData['label'][0] ?: $field)); } // Trigger the save_callback (see #5247) if ($objWidget->submitInput() && !$objWidget->hasErrors() && is_array($arrData['save_callback'])) { foreach ($arrData['save_callback'] as $callback) { try { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback[0]}->{$callback[1]}($varValue, $this->User, $this); } elseif (is_callable($callback)) { $varValue = $callback($varValue, $this->User, $this); } } catch (\Exception $e) { $objWidget->class = 'error'; $objWidget->addError($e->getMessage()); } } } // Do not submit the field if there are errors if ($objWidget->hasErrors()) { $doNotSubmit = true; } elseif ($objWidget->submitInput()) { // Store the form data $_SESSION['FORM_DATA'][$field] = $varValue; // Set the correct empty value (see #6284, #6373) if ($varValue === '') { $varValue = $objWidget->getEmptyValue(); } // Encrypt the value (see #7815) if ($arrData['eval']['encrypt']) { $varValue = \Encryption::encrypt($varValue); } // Set the new value if ($varValue !== $this->User->{$field}) { $this->User->{$field} = $varValue; // Set the new field in the member model $blnModified = true; $objMember->{$field} = $varValue; } } } if ($objWidget instanceof \uploadable) { $hasUpload = true; } $temp = $objWidget->parse(); $this->Template->fields .= $temp; $arrFields[$strGroup][$field] .= $temp; ++$row; } // Save the model if ($blnModified) { $objMember->tstamp = time(); $objMember->save(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $objVersions->create(); $this->log('A new version of record "' . $strTable . '.id=' . $objMember->id . '" has been created' . $this->getParentEntries($strTable, $objMember->id), __METHOD__, TL_GENERAL); } } $this->Template->hasError = $doNotSubmit; // Redirect or reload if there was no error if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id && !$doNotSubmit) { // HOOK: updated personal data if (isset($GLOBALS['TL_HOOKS']['updatePersonalData']) && is_array($GLOBALS['TL_HOOKS']['updatePersonalData'])) { foreach ($GLOBALS['TL_HOOKS']['updatePersonalData'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this->User, $_SESSION['FORM_DATA'], $this); } } // Call the onsubmit_callback if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($this->User, $this); } elseif (is_callable($callback)) { $callback($this->User, $this); } } } // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } \Message::addConfirmation($GLOBALS['TL_LANG']['MSC']['savedData']); $this->reload(); } $this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails']; $this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails']; $this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails']; $this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData']; // Add the groups foreach ($arrFields as $k => $v) { $this->Template->{$k} = $v; // backwards compatibility $key = $k . ($k == 'personal' ? 'Data' : 'Details'); $arrGroups[$GLOBALS['TL_LANG']['tl_member'][$key]] = $v; } $this->Template->categories = $arrGroups; $this->Template->formId = 'tl_member_' . $this->id; $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['saveData']); $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->enctype = $hasUpload ? 'multipart/form-data' : 'application/x-www-form-urlencoded'; $this->Template->rowLast = 'row_' . $row . ($row % 2 == 0 ? ' even' : ' odd'); $this->Template->message = \Message::generate(false, true); }
/** * Create a new user and redirect * @param object */ protected function sendPasswordLink($objMember) { $arrChunks = array(); $confirmationId = md5(uniqid(mt_rand(), true)); // Store the confirmation ID $objMember = \MemberModel::findByPk($objMember->id); $objMember->activation = $confirmationId; $objMember->save(); $strConfirmation = $this->reg_password; preg_match_all('/##[^#]+##/', $strConfirmation, $arrChunks); foreach ($arrChunks[0] as $strChunk) { $strKey = substr($strChunk, 2, -2); switch ($strKey) { case 'domain': $strConfirmation = str_replace($strChunk, \Idna::decode(\Environment::get('host')), $strConfirmation); break; case 'link': $strConfirmation = str_replace($strChunk, \Idna::decode(\Environment::get('base')) . \Environment::get('request') . (\Config::get('disableAlias') || strpos(\Environment::get('request'), '?') !== false ? '&' : '?') . 'token=' . $confirmationId, $strConfirmation); break; default: try { $strConfirmation = str_replace($strChunk, $objMember->{$strKey}, $strConfirmation); } catch (\Exception $e) { $strConfirmation = str_replace($strChunk, '', $strConfirmation); $this->log('Invalid wildcard "' . $strKey . '" used in password request e-mail', __METHOD__, TL_GENERAL, $e->getMessage()); } break; } } // Send e-mail $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['passwordSubject'], \Idna::decode(\Environment::get('host'))); $objEmail->text = $strConfirmation; $objEmail->sendTo($objMember->email); $this->log('A new password has been requested for user ID ' . $objMember->id . ' (' . $objMember->email . ')', __METHOD__, TL_ACCESS); // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } $this->reload(); }
/** * Create a new address for a member and automatically set default properties * @param int * @param array|null * @return Address */ public static function createForMember($intMember, $arrFill = null) { $objAddress = new Address(); $arrData = array('pid' => $intMember, 'ptable' => 'tl_member', 'tstamp' => time(), 'store_id' => Isotope::getCart()->store_id); if (!empty($arrFill) && is_array($arrFill) && ($objMember = \MemberModel::findByPk($intMember)) !== null) { $arrData = array_intersect_key(array_merge($objMember->row(), $arrData, array('street_1' => $objMember->street, 'subdivision' => strtoupper($objMember->country . '-' . $objMember->state))), array_flip($arrFill)); } $objAddress->setRow($arrData); return $objAddress; }
/** * Generate the module */ protected function compile() { global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; \System::loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Call onload_callback (e.g. to check permissions) if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1](); } elseif (is_callable($callback)) { $callback(); } } } // Set the template if ($this->memberTpl != '') { $this->Template = new \FrontendTemplate($this->memberTpl); $this->Template->setData($this->arrData); } $this->Template->fields = ''; $this->Template->tableless = $this->tableless; $arrFields = array(); $doNotSubmit = false; $hasUpload = false; $row = 0; $blnModified = false; $objMember = \MemberModel::findByPk($this->User->id); // Build the form foreach ($this->editable as $field) { $arrData =& $GLOBALS['TL_DCA']['tl_member']['fields'][$field]; // Map checkboxWizards to regular checkbox widgets if ($arrData['inputType'] == 'checkboxWizard') { $arrData['inputType'] = 'checkbox'; } $strClass = $GLOBALS['TL_FFL'][$arrData['inputType']]; // Continue if the class does not exist if (!$arrData['eval']['feEditable'] || !class_exists($strClass)) { continue; } $strGroup = $arrData['eval']['feGroup']; $arrData['eval']['required'] = false; $arrData['eval']['tableless'] = $this->tableless; // Use strlen() here (see #3277) if ($arrData['eval']['mandatory']) { if (is_array($this->User->{$field})) { if (empty($this->User->{$field})) { $arrData['eval']['required'] = true; } } else { if (!strlen($this->User->{$field})) { $arrData['eval']['required'] = true; } } } $varValue = $this->User->{$field}; // Call the load_callback if (isset($arrData['load_callback']) && is_array($arrData['load_callback'])) { foreach ($arrData['load_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback}[0]->{$callback}[1]($varValue, $this->User, $this); } elseif (is_callable($callback)) { $varValue = $callback($varValue, $this->User, $this); } } } $objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $field, $varValue, '', '', $this)); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof \FormPassword) { ++$row; $objWidget->rowClassConfirm = 'row_' . $row . ($row % 2 == 0 ? ' even' : ' odd'); } // Validate the form data if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id) { $objWidget->validate(); $varValue = $objWidget->value; $rgxp = $arrData['eval']['rgxp']; // Convert date formats into timestamps (check the eval setting first -> #3063) if (($rgxp == 'date' || $rgxp == 'time' || $rgxp == 'datim') && $varValue != '') { try { $objDate = new \Date($varValue); $varValue = $objDate->tstamp; } catch (\OutOfBoundsException $e) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varValue)); } } // Make sure that unique fields are unique (check the eval setting first -> #3063) if ($arrData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue('tl_member', $field, $varValue, $this->User->id)) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrData['label'][0] ?: $field)); } // Trigger the save_callback (see #5247) if ($objWidget->submitInput() && !$objWidget->hasErrors() && is_array($arrData['save_callback'])) { foreach ($arrData['save_callback'] as $callback) { try { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback}[0]->{$callback}[1]($varValue, $this->User, $this); } elseif (is_callable($callback)) { $varValue = $callback($varValue, $this->User, $this); } } catch (\Exception $e) { $objWidget->class = 'error'; $objWidget->addError($e->getMessage()); } } } // Do not submit the field if there are errors if ($objWidget->hasErrors()) { $doNotSubmit = true; } elseif ($objWidget->submitInput()) { // Store the form data $_SESSION['FORM_DATA'][$field] = $varValue; // Set the correct empty value (see #6284, #6373) if ($varValue === '') { $varValue = $objWidget->getEmptyValue(); } // Set the new value $this->User->{$field} = $varValue; // Set the new field in the member model $blnModified = true; $objMember->{$field} = $varValue; } } if ($objWidget instanceof \uploadable) { $hasUpload = true; } $temp = $objWidget->parse(); $this->Template->fields .= $temp; $arrFields[$strGroup][$field] .= $temp; ++$row; } // Save the model if ($blnModified) { $objMember->save(); $strTable = $objMember->getTable(); // Create a new version if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) { $intVersion = 1; $objVersion = $this->Database->prepare("SELECT MAX(version) AS version FROM tl_version WHERE pid=? AND fromTable=?")->execute($objMember->id, $strTable); if ($objVersion->version !== null) { $intVersion = $objVersion->version + 1; } $strUrl = 'contao/main.php?do=member&act=edit&id=' . $objMember->id . '&rt=1'; $this->Database->prepare("UPDATE tl_version SET active='' WHERE pid=? AND fromTable=?")->execute($objMember->id, $strTable); $this->Database->prepare("INSERT INTO tl_version (pid, tstamp, version, fromTable, username, userid, description, editUrl, active, data) VALUES (?, ?, ?, ?, ?, ?, ?, ?, 1, ?)")->execute($objMember->id, time(), $intVersion, $strTable, $objMember->username, 0, $objMember->firstname . ' ' . $objMember->lastname, $strUrl, serialize($objMember->row())); $this->log('A new version of record "' . $strTable . '.id=' . $objMember->id . '" has been created' . $this->getParentEntries($strTable, $objMember->id), __METHOD__, TL_GENERAL); } } $this->Template->hasError = $doNotSubmit; // Redirect or reload if there was no error if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id && !$doNotSubmit) { // HOOK: updated personal data if (isset($GLOBALS['TL_HOOKS']['updatePersonalData']) && is_array($GLOBALS['TL_HOOKS']['updatePersonalData'])) { foreach ($GLOBALS['TL_HOOKS']['updatePersonalData'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User, $_SESSION['FORM_DATA'], $this); } } // Call the onsubmit_callback if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User, $this); } elseif (is_callable($callback)) { $callback($this->User, $this); } } } // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } $this->reload(); } $this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails']; $this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails']; $this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails']; $this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData']; // Add groups foreach ($arrFields as $k => $v) { $this->Template->{$k} = $v; } $this->Template->formId = 'tl_member_' . $this->id; $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['saveData']); $this->Template->action = \Environment::get('indexFreeRequest'); $this->Template->enctype = $hasUpload ? 'multipart/form-data' : 'application/x-www-form-urlencoded'; $this->Template->rowLast = 'row_' . $row . ($row % 2 == 0 ? ' even' : ' odd'); // HOOK: add memberlist fields if (in_array('memberlist', \ModuleLoader::getActive())) { $this->Template->profile = $arrFields['profile']; $this->Template->profileDetails = $GLOBALS['TL_LANG']['tl_member']['profileDetails']; } // HOOK: add newsletter fields if (in_array('newsletter', \ModuleLoader::getActive())) { $this->Template->newsletter = $arrFields['newsletter']; $this->Template->newsletterDetails = $GLOBALS['TL_LANG']['tl_member']['newsletterDetails']; } // HOOK: add helpdesk fields if (in_array('helpdesk', \ModuleLoader::getActive())) { $this->Template->helpdesk = $arrFields['helpdesk']; $this->Template->helpdeskDetails = $GLOBALS['TL_LANG']['tl_member']['helpdeskDetails']; } }
/** * generate socialmedia-links textfield */ protected function generateSocialMediaLinksForm() { $this->Template->socialMediaFormId = 'tl_member_' . $this->id; $arrData =& $GLOBALS['TL_DCA']['tl_member']['fields']['socialmediaLinks']; $field = 'socialmediaLinks'; $strClass = $GLOBALS['TL_FFL'][$arrData['inputType']]; $arrData['eval']['tableless'] = 'true'; $arrData['label'] = $GLOBALS['TL_LANG']['tl_member']['socialmediaLinks'][0]; $varValue = 'http://'; $objWidget = new $strClass($strClass::getAttributesFromDca($arrData, $field, $varValue, '', '', $this)); $objWidget->storeValues = true; if (FE_USER_LOGGED_IN && \Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id) { $objMember = \MemberModel::findByPk($this->loggedInUser->id); if ($objMember !== null) { $arrSocialMediaLinks = deserialize($objMember->socialmediaLinks); $this->Template->loggedInUser->socialmediaLinks = $arrSocialMediaLinks; $objWidget->validate(); if (!$objWidget->hasErrors() && trim(\Input::post('socialmediaLinks')) != '') { $value = strtolower(\Input::post('socialmediaLinks')); // validate Link (check for a valid socialmedia Server) $doNotSubmit = true; if (trim($GLOBALS['TL_CONFIG']['socialmediaLinks']) != '') { foreach (explode('***', trim($GLOBALS['TL_CONFIG']['socialmediaLinks'])) as $item) { $arrSMBrand = explode('|', $item); if (is_array($arrSMBrand)) { if (count($arrSMBrand) == 2) { $strServer = $arrSMBrand[0]; if (strpos($value, strtolower($strServer)) !== false) { $doNotSubmit = false; } } } } } if ($doNotSubmit) { $objWidget->hasErrors(); $objWidget->addError($GLOBALS['TL_LANG']['MOD']['member_rating']['invalidSocialmediaLink']); } else { $arrSocialMediaLinks[] = $value; $objMember->socialmediaLinks = serialize($arrSocialMediaLinks); $objMember->save(); $this->log('A new version of tl_member ID ' . $objMember->id . ' has been created', __METHOD__, TL_GENERAL); $this->reload(); } } } } $this->Template->socialMediaTextField = $objWidget->parse(); // shit storm protection if ($this->blockingTime > 0) { $objRatings = $this->Database->prepare("SELECT * FROM tl_comments WHERE source = ? AND parent = ? AND owner = ? AND dateOfCreation > ? ORDER BY dateOfCreation DESC")->limit(1)->execute('tl_member', $this->ratedUser->id, $this->loggedInUser->id, time() - $this->blockingTime); if ($objRatings->numRows > 0) { $this->Template->commentFormLocked = true; $time = $this->blockingTime - (time() - $objRatings->dateOfCreation); $h = floor($time / 3600); $min = floor(($time / 3600 - $h) * 60); if ($time <= 60) { $this->Template->commentFormLockedTime = $time . ' s'; } else { $this->Template->commentFormLockedTime = ($h > 0 ? $h . ' h ' : '') . $min . ' min'; } } } }
/** * Create a new user and redirect * * @param \MemberModel $objMember */ protected function sendPasswordLink($objMember) { $confirmationId = md5(uniqid(mt_rand(), true)); // Store the confirmation ID $objMember = \MemberModel::findByPk($objMember->id); $objMember->activation = $confirmationId; $objMember->save(); // Prepare the simple token data $arrData = $objMember->row(); $arrData['domain'] = \Idna::decode(\Environment::get('host')); $arrData['link'] = \Idna::decode(\Environment::get('base')) . \Environment::get('request') . (\Config::get('disableAlias') || strpos(\Environment::get('request'), '?') !== false ? '&' : '?') . 'token=' . $confirmationId; // Send e-mail $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['passwordSubject'], \Idna::decode(\Environment::get('host'))); $objEmail->text = \String::parseSimpleTokens($this->reg_password, $arrData); $objEmail->sendTo($objMember->email); $this->log('A new password has been requested for user ID ' . $objMember->id . ' (' . $objMember->email . ')', __METHOD__, TL_ACCESS); // Check whether there is a jumpTo page if (($objJumpTo = $this->objModel->getRelated('jumpTo')) !== null) { $this->jumpToOrReload($objJumpTo->row()); } $this->reload(); }
protected function parseList($objEvent) { $objTemplate = new \FrontendTemplate('simple_events_registration_list'); $objTemplate->blnShowList = true; $objTemplate->listHeadline = $objEvent->ser_showheadline; $objTemplate->listid = 'simple_event_registration_list_table'; $objTemplate->listsummary = sprintf($GLOBALS['TL_LANG']['MSC']['ser_listsummary'], html_entity_decode($objEvent->title)); $objRegistrations = \FelixPfeiffer\SimpleEventRegistration\EventRegistrationsModel::findByPid($objEvent->id); if ($objRegistrations === null) { $objTemplate->blnShowList = false; $objTemplate->listMessage = sprintf($GLOBALS['TL_LANG']['MSC']['ser_emptylist'], html_entity_decode($objEvent->title)); } else { $arrRegistrations = array(); $arrAnonym = array(); $i = 0; while ($objRegistrations->next()) { $arrReg = array(); if ($objRegistrations->userId != 0) { $objUser = \MemberModel::findByPk($objRegistrations->userId); if ($objUser !== null) { $arrReg['firstname'] = $objUser->firstname; $arrReg['lastname'] = $objUser->lastname; $arrReg['email'] = $objUser->email; $arrReg['id'] = $objRegistrations->userId; $key = $arrReg['lastname']; $z = 0; do { $key = $arrReg['lastname'] . ++$z; } while (array_key_exists($key, $arrRegistrations)); } } if ($objRegistrations->anonym == 1 && $objRegistrations->lastname != '') { $arrReg['firstname'] = $objRegistrations->firstname; $arrReg['lastname'] = $objRegistrations->lastname; $arrReg['email'] = $objRegistrations->email; $arrReg['id'] = false; $key = $arrReg['lastname']; $z = 0; do { $key = $arrReg['lastname'] . ++$z; } while (array_key_exists($key, $arrRegistrations)); } if ($objRegistrations->anonym == 1 && $objRegistrations->lastname == '') { $arrReg['firstname'] = false; $arrReg['lastname'] = 'Anonyme Anmeldung Nr.' . ++$i; $arrReg['email'] = false; $arrReg['id'] = false; $key = $arrReg['lastname']; } $subkey = $objRegistrations->waitinglist; $arrRegistrations[$subkey][$key] = $arrReg; } foreach ($arrRegistrations as $k => $v) { ksort($v); $arrRegistrations[$k] = $v; } ksort($arrRegistrations); $arrRegistrations[0] = array_merge($arrRegistrations[0], $arrAnonym); foreach ($arrRegistrations as $k => $v) { $j = 0; $count = count($v); foreach ($v as $kk => $vv) { $class = ($k == 1 ? 'wtlist ' : '') . ($j++ == 0 ? 'first ' : '') . ($j % 2 == 0 ? 'even ' : 'odd ') . ($j == $count ? 'last' : ''); $arrRegistrations[$k][$kk]['class'] = $class; } } $objTemplate->head = $GLOBALS['TL_LANG']['MSC']['ser_list_heads']; $objTemplate->list = $arrRegistrations; } return $objTemplate->parse(); }
/** * Validate the input and set the value */ public function validate() { $this->maxlength = $GLOBALS['TL_CONFIG']['avatar_maxsize']; $this->extensions = $GLOBALS['TL_CONFIG']['avatar_filetype']; $this->uploadFolder = $GLOBALS['TL_CONFIG']['avatar_dir']; $this->storeFile = $this->uploadFolder != '' ? true : false; $arrImage = deserialize($GLOBALS['TL_CONFIG']['avatar_maxdims']); $this->import('FrontendUser', 'User'); // No file specified if (!isset($_FILES[$this->strName]) || empty($_FILES[$this->strName]['name'])) { if ($this->mandatory) { if ($this->strLabel == '') { $this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']); } else { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel)); } } return; } $file = $_FILES[$this->strName]; $maxlength_kb = $this->getReadableSize($this->maxlength); // Romanize the filename $file['name'] = utf8_romanize($file['name']); // File was not uploaded if (!is_uploaded_file($file['tmp_name'])) { if (in_array($file['error'], array(1, 2))) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb)); $this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb, 'FormFileUpload validate()', TL_ERROR); } if ($file['error'] == 3) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filepartial'], $file['name'])); $this->log('File "' . $file['name'] . '" was only partially uploaded', 'FormFileUpload validate()', TL_ERROR); } unset($_FILES[$this->strName]); return; } // File is too big if ($this->maxlength > 0 && $file['size'] > $this->maxlength) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filesize'], $maxlength_kb)); $this->log('File "' . $file['name'] . '" exceeds the maximum file size of ' . $maxlength_kb, 'FormFileUpload validate()', TL_ERROR); unset($_FILES[$this->strName]); return; } $strExtension = pathinfo($file['name'], PATHINFO_EXTENSION); $uploadTypes = trimsplit(',', $this->extensions); // File type is not allowed if (!in_array(strtolower($strExtension), $uploadTypes)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $strExtension)); $this->log('File type "' . $strExtension . '" is not allowed to be uploaded (' . $file['name'] . ')', 'FormFileUpload validate()', TL_ERROR); unset($_FILES[$this->strName]); return; } $blnResize = false; if (($arrImageSize = @getimagesize($file['tmp_name'])) != false) { // Image exceeds maximum image width if ($arrImageSize[0] > $arrImage[0]) { if ($GLOBALS['TL_CONFIG']['avatar_resize']) { $blnResize = true; } else { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['filewidth'], $file['name'], $arrImage[0])); $this->log('File "' . $file['name'] . '" exceeds the maximum image width of ' . $GLOBALS['TL_CONFIG']['imageWidth'] . ' pixels', 'FormFileUpload validate()', TL_ERROR); unset($_FILES[$this->strName]); return; } } // Image exceeds maximum image height if ($arrImageSize[1] > $arrImage[1]) { if ($GLOBALS['TL_CONFIG']['avatar_resize']) { $blnResize = true; } else { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['fileheight'], $file['name'], $arrImage[1])); $this->log('File "' . $file['name'] . '" exceeds the maximum image height of ' . $GLOBALS['TL_CONFIG']['imageHeight'] . ' pixels', 'FormFileUpload validate()', TL_ERROR); unset($_FILES[$this->strName]); return; } } } // Store file in the session and optionally on the server if (!$this->hasErrors()) { $_SESSION['FILES'][$this->strName] = $_FILES[$this->strName]; $this->log('File "' . $file['name'] . '" uploaded successfully', 'FormFileUpload validate()', TL_FILES); if ($this->storeFile) { $intUploadFolder = $this->uploadFolder; if ($this->User->assignDir && $this->User->homeDir) { $intUploadFolder = $this->User->homeDir; } $objUploadFolder = \FilesModel::findByUuid($intUploadFolder); // The upload folder could not be found if ($objUploadFolder === null) { throw new \Exception("Invalid upload folder ID {$intUploadFolder}"); } $strUploadFolder = $objUploadFolder->path; // Store the file if the upload folder exists if ($strUploadFolder != '' && is_dir(TL_ROOT . '/' . $strUploadFolder)) { $this->import('Files'); if ($GLOBALS['TL_CONFIG']['avatar_rename']) { $pathinfo = pathinfo($file['name']); $user = \MemberModel::findByPk($this->User->id); $targetName = standardize(\String::parseSimpleTokens($GLOBALS['TL_CONFIG']['avatar_name'], $user->row())) . '.' . $pathinfo['extension']; } else { $targetName = $file['name']; } // Do not overwrite existing files if ($this->doNotOverwrite && file_exists(TL_ROOT . '/' . $strUploadFolder . '/' . $targetName)) { $offset = 1; $pathinfo = pathinfo($targetName); $name = $pathinfo['filename']; $arrAll = scan(TL_ROOT . '/' . $strUploadFolder); $arrFiles = preg_grep('/^' . preg_quote($name, '/') . '.*\\.' . preg_quote($pathinfo['extension'], '/') . '/', $arrAll); foreach ($arrFiles as $strFile) { if (preg_match('/__[0-9]+\\.' . preg_quote($pathinfo['extension'], '/') . '$/', $strFile)) { $strFile = str_replace('.' . $pathinfo['extension'], '', $strFile); $intValue = intval(substr($strFile, strrpos($strFile, '_') + 1)); $offset = max($offset, $intValue); } } $targetName = str_replace($name, $name . '__' . ++$offset, $targetName); } $this->Files->move_uploaded_file($file['tmp_name'], $strUploadFolder . '/' . $targetName); $this->Files->chmod($strUploadFolder . '/' . $targetName, $GLOBALS['TL_CONFIG']['defaultFileChmod']); if ($blnResize) { \Image::resize($strUploadFolder . '/' . $targetName, $arrImageSize[0], $arrImageSize[1], $arrImageSize[2]); } $_SESSION['FILES'][$this->strName] = array('name' => $targetName, 'type' => $file['type'], 'tmp_name' => TL_ROOT . '/' . $strUploadFolder . '/' . $file['name'], 'error' => $file['error'], 'size' => $file['size'], 'uploaded' => true); $strFile = $strUploadFolder . '/' . $targetName; $objModel = \Dbafs::addResource($strFile, true); // new Avatar for Member $objMember = \MemberModel::findByPk($this->User->id); $objMember->avatar = $objModel->uuid; $objMember->save(); $this->varValue = $objModel->uuid; $this->log('File "' . $targetName . '" has been moved to "' . $strUploadFolder . '"', __METHOD__, TL_FILES); } } } unset($_FILES[$this->strName]); }
/** * Return customer email address for the collection * @return string */ public function getEmailRecipient() { $strName = ''; $strEmail = ''; $objBillingAddress = $this->getBillingAddress(); $objShippingAddress = $this->getShippingAddress(); if ($objBillingAddress->email != '') { $strName = $objBillingAddress->firstname . ' ' . $objBillingAddress->lastname; $strEmail = $objBillingAddress->email; } elseif ($objShippingAddress->email != '') { $strName = $objShippingAddress->firstname . ' ' . $objShippingAddress->lastname; $strEmail = $objShippingAddress->email; } elseif ($this->member > 0 && ($objMember = \MemberModel::findByPk($this->member)) !== null && $objMember->email != '') { $strName = $objMember->firstname . ' ' . $objMember->lastname; $strEmail = $objMember->email; } if (trim($strName) != '') { // Romanize friendly name to prevent email issues $strName = html_entity_decode($strName, ENT_QUOTES, $GLOBALS['TL_CONFIG']['characterSet']); $strName = strip_insert_tags($strName); $strName = utf8_romanize($strName); $strName = preg_replace('/[^A-Za-z0-9\\.!#$%&\'*+-\\/=?^_ `{\\|}~]+/i', '_', $strName); $strEmail = sprintf('"%s" <%s>', $strName, $strEmail); } // !HOOK: determine email recipient for collection if (isset($GLOBALS['ISO_HOOKS']['emailRecipientForCollection']) && is_array($GLOBALS['ISO_HOOKS']['emailRecipientForCollection'])) { foreach ($GLOBALS['ISO_HOOKS']['emailRecipientForCollection'] as $callback) { $objCallback = \System::importStatic($callback[0]); $strEmail = $objCallback->{$callback}[1]($strEmail, $this); } } return $strEmail; }
/** * Fetch rules */ protected static function findByConditions($arrProcedures, $arrValues = array(), $arrProducts = null, $blnIncludeVariants = false, $arrAttributeData = array()) { // Only enabled rules $arrProcedures[] = "enabled='1'"; // Date & Time restrictions $date = date('Y-m-d'); $time = date('H:i:s'); $arrProcedures[] = "(startDate='' OR startDate <= UNIX_TIMESTAMP('{$date}'))"; $arrProcedures[] = "(endDate='' OR endDate >= UNIX_TIMESTAMP('{$date}'))"; $arrProcedures[] = "(startTime='' OR startTime <= UNIX_TIMESTAMP('1970-01-01 {$time}'))"; $arrProcedures[] = "(endTime='' OR endTime >= UNIX_TIMESTAMP('1970-01-01 {$time}'))"; // Limits $arrProcedures[] = "(limitPerConfig=0 OR limitPerConfig>(SELECT COUNT(*) FROM tl_iso_rule_usage WHERE pid=r.id AND config_id=" . (int) Isotope::getConfig()->id . " AND order_id NOT IN (SELECT id FROM tl_iso_product_collection WHERE type='order' AND source_collection_id=" . (int) Isotope::getCart()->id . ")))"; if (Isotope::getCart()->member > 0) { $arrProcedures[] = "(limitPerMember=0 OR limitPerMember>(SELECT COUNT(*) FROM tl_iso_rule_usage WHERE pid=r.id AND member_id=" . (int) Isotope::getCart()->member . " AND order_id NOT IN (SELECT id FROM tl_iso_product_collection WHERE type='order' AND source_collection_id=" . (int) Isotope::getCart()->id . ")))"; } // Store config restrictions $arrProcedures[] = "(configRestrictions=''\n OR (configRestrictions='1' AND configCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='configs' AND object_id=" . (int) Isotope::getConfig()->id . ")>0)\n OR (configRestrictions='1' AND configCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='configs' AND object_id=" . (int) Isotope::getConfig()->id . ")=0))"; // Member restrictions if (Isotope::getCart()->member > 0) { $objMember = \MemberModel::findByPk(Isotope::getCart()->member); $arrGroups = null === $objMember ? array() : array_map('intval', deserialize($objMember->groups, true)); $arrProcedures[] = "(memberRestrictions='none'\n OR (memberRestrictions='guests' AND memberCondition='0')\n OR (memberRestrictions='members' AND memberCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='members' AND object_id=" . (int) Isotope::getCart()->member . ")>0)\n OR (memberRestrictions='members' AND memberCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='members' AND object_id=" . (int) Isotope::getCart()->member . ")=0)\n " . (!empty($arrGroups) ? "\n OR (memberRestrictions='groups' AND memberCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='groups' AND object_id IN (" . implode(',', $arrGroups) . "))>0)\n OR (memberRestrictions='groups' AND memberCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='groups' AND object_id IN (" . implode(',', $arrGroups) . "))=0)" : '') . ")"; } else { $arrProcedures[] = "(memberRestrictions='none' OR (memberRestrictions='guests' AND memberCondition='1'))"; } // Product restrictions if (!is_array($arrProducts)) { $arrProducts = Isotope::getCart()->getItems(); } if (!empty($arrProducts)) { $arrProductIds = array(0); $arrVariantIds = array(0); $arrAttributes = array(0); $arrTypes = array(0); // Prepare product attribute condition $objAttributeRules = \Database::getInstance()->execute("SELECT * FROM " . static::$strTable . " WHERE enabled='1' AND productRestrictions='attribute' AND attributeName!='' GROUP BY attributeName, attributeCondition"); while ($objAttributeRules->next()) { $arrAttributes[] = array('attribute' => $objAttributeRules->attributeName, 'condition' => $objAttributeRules->attributeCondition, 'values' => array()); } foreach ($arrProducts as $objProduct) { if ($objProduct instanceof ProductCollectionItem) { if (!$objProduct->hasProduct()) { continue; } $objProduct = $objProduct->getProduct(); } $arrProductIds[] = (int) $objProduct->getProductId(); $arrVariantIds[] = (int) $objProduct->{$objProduct->getPk()}; $arrTypes[] = (int) $objProduct->type; if ($objProduct->isVariant()) { $arrVariantIds[] = (int) $objProduct->pid; } if ($blnIncludeVariants && $objProduct->hasVariants()) { $arrVariantIds = array_merge($arrVariantIds, $objProduct->getVariantIds()); } $arrOptions = $objProduct->getOptions(); foreach ($arrAttributes as $k => $restriction) { $varValue = null; if (isset($arrAttributeData[$restriction['attribute']])) { $varValue = $arrAttributeData[$restriction['attribute']]; } elseif (isset($arrOptions[$restriction['attribute']])) { $varValue = $arrOptions[$restriction['attribute']]; } else { $varValue = $objProduct->{$restriction['attribute']}; } if (!is_null($varValue)) { $arrAttributes[$k]['values'][] = is_array($varValue) ? serialize($varValue) : $varValue; } } } $arrProductIds = array_unique($arrProductIds); $arrVariantIds = array_unique($arrVariantIds); $arrRestrictions = array("productRestrictions='none'"); $arrRestrictions[] = "(productRestrictions='producttypes' AND productCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='producttypes' AND object_id IN (" . implode(',', $arrTypes) . "))>0)"; $arrRestrictions[] = "(productRestrictions='producttypes' AND productCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='producttypes' AND object_id IN (" . implode(',', $arrTypes) . "))=0)"; $arrRestrictions[] = "(productRestrictions='products' AND productCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='products' AND object_id IN (" . implode(',', $arrProductIds) . "))>0)"; $arrRestrictions[] = "(productRestrictions='products' AND productCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='products' AND object_id IN (" . implode(',', $arrProductIds) . "))=0)"; $arrRestrictions[] = "(productRestrictions='variants' AND productCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='variants' AND object_id IN (" . implode(',', $arrVariantIds) . "))>0)"; $arrRestrictions[] = "(productRestrictions='variants' AND productCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='variants' AND object_id IN (" . implode(',', $arrVariantIds) . "))=0)"; $arrRestrictions[] = "(productRestrictions='pages' AND productCondition='1' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='pages' AND object_id IN (SELECT page_id FROM " . \Isotope\Model\ProductCategory::getTable() . " WHERE pid IN (" . implode(',', $arrProductIds) . ")))>0)"; $arrRestrictions[] = "(productRestrictions='pages' AND productCondition='0' AND (SELECT COUNT(*) FROM tl_iso_rule_restriction WHERE pid=r.id AND type='pages' AND object_id IN (SELECT page_id FROM " . \Isotope\Model\ProductCategory::getTable() . " WHERE pid IN (" . implode(',', $arrProductIds) . ")))=0)"; foreach ($arrAttributes as $restriction) { if (empty($restriction['values'])) { continue; } $strRestriction = "(productRestrictions='attribute' AND attributeName='" . $restriction['attribute'] . "' AND attributeCondition='" . $restriction['condition'] . "' AND "; switch ($restriction['condition']) { case 'eq': case 'neq': $strRestriction .= "attributeValue" . ($restriction['condition'] == 'neq' ? " NOT" : '') . " IN ('" . implode("','", array_map('mysql_real_escape_string', $restriction['values'])) . "')"; break; case 'lt': case 'gt': case 'elt': case 'egt': $arrOR = array(); foreach ($restriction['values'] as $value) { $arrOR[] = "attributeValue" . ($restriction['condition'] == 'lt' || $restriction['condition'] == 'elt' ? '>' : '<') . ($restriction['condition'] == 'elt' || $restriction['condition'] == 'egt' ? '=' : '') . '?'; $arrValues[] = $value; } $strRestriction .= '(' . implode(' OR ', $arrOR) . ')'; break; case 'starts': case 'ends': case 'contains': $arrOR = array(); foreach ($restriction['values'] as $value) { $arrOR[] = "? LIKE CONCAT(" . ($restriction['condition'] == 'ends' || $restriction['condition'] == 'contains' ? "'%', " : '') . "attributeValue" . ($restriction['condition'] == 'starts' || $restriction['condition'] == 'contains' ? ", '%'" : '') . ")"; $arrValues[] = $value; } $strRestriction .= '(' . implode(' OR ', $arrOR) . ')'; break; default: throw new \InvalidArgumentException('Unknown rule condition "' . $restriction['condition'] . '"'); } $arrRestrictions[] = $strRestriction . ')'; } $arrProcedures[] = '(' . implode(' OR ', $arrRestrictions) . ')'; } $objResult = \Database::getInstance()->prepare("SELECT * FROM " . static::$strTable . " r WHERE " . implode(' AND ', $arrProcedures))->execute($arrValues); if ($objResult->numRows) { return \Model\Collection::createFromDbResult($objResult, static::$strTable); } return null; }
/** * Create a new address for a product collection * * @param IsotopeProductCollection $objCollection * @param array|null $arrFill an array of member fields to inherit * @param bool $blnDefaultBilling * @param bool $blnDefaultShipping * * @return static */ public static function createForProductCollection(IsotopeProductCollection $objCollection, $arrFill = null, $blnDefaultBilling = false, $blnDefaultShipping = false) { $objAddress = new static(); $arrData = array('pid' => (int) $objCollection->id, 'ptable' => 'tl_iso_product_collection', 'tstamp' => time(), 'store_id' => (int) $objCollection->store_id, 'isDefaultBilling' => $blnDefaultBilling ? '1' : '', 'isDefaultShipping' => $blnDefaultShipping ? '1' : ''); if ($objCollection->member > 0 && !empty($arrFill) && is_array($arrFill) && ($objMember = \MemberModel::findByPk($objCollection->member)) !== null) { // Generate address data from tl_member, limit to fields enabled in the shop configuration $arrMember = array_intersect_key(array_merge($objMember->row(), array('street_1' => $objMember->street, 'subdivision' => strtoupper($objMember->country . '-' . $objMember->state))), array_flip($arrFill)); $arrData = array_merge($arrMember, $arrData); } if ($arrData['country'] == '' && ($objConfig = $objCollection->getRelated('config_id')) !== null) { if ($blnDefaultBilling) { $arrData['country'] = $objConfig->billing_country ?: $objConfig->country; } elseif ($blnDefaultShipping) { $arrData['country'] = $objConfig->shipping_country ?: $objConfig->country; } } $objAddress->setRow($arrData); return $objAddress; }
/** * Generate the module */ protected function compile() { global $objPage; $this->import('FrontendUser', 'User'); $GLOBALS['TL_LANGUAGE'] = $objPage->language; $this->loadLanguageFile('tl_member'); $this->loadDataContainer('tl_member'); // Call onload_callback (e.g. to check permissions) if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1](); } } } // Set the template if ($this->memberTpl != '') { $this->Template = new \FrontendTemplate($this->memberTpl); $this->Template->setData($this->arrData); } $this->Template->fields = ''; $this->Template->tableless = $this->tableless; $arrFields = array(); $doNotSubmit = false; $hasUpload = false; $row = 0; $blnModified = false; $objMember = \MemberModel::findByPk($this->User->id); // Build the form foreach ($this->editable as $field) { $arrData =& $GLOBALS['TL_DCA']['tl_member']['fields'][$field]; // Map checkboxWizards to regular checkbox widgets if ($arrData['inputType'] == 'checkboxWizard') { $arrData['inputType'] = 'checkbox'; } $strClass = $GLOBALS['TL_FFL'][$arrData['inputType']]; // Continue if the class does not exist if (!$arrData['eval']['feEditable'] || !class_exists($strClass)) { continue; } $strGroup = $arrData['eval']['feGroup']; $arrData['eval']['tableless'] = $this->tableless; $arrData['eval']['required'] = $this->User->{$field} == '' && $arrData['eval']['mandatory'] ? true : false; $varValue = $this->User->{$field}; // Call the load_callback if (isset($arrData['load_callback']) && is_array($arrData['load_callback'])) { foreach ($arrData['load_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $varValue = $this->{$callback}[0]->{$callback}[1]($varValue, $this->User, $this); } } } $objWidget = new $strClass($this->prepareForWidget($arrData, $field, $varValue)); $objWidget->storeValues = true; $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd'); // Increase the row count if it is a password field if ($objWidget instanceof \FormPassword) { ++$row; $objWidget->rowClassConfirm = 'row_' . $row . ($row % 2 == 0 ? ' even' : ' odd'); } // Validate the form data if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id) { $objWidget->validate(); $varValue = $objWidget->value; $rgxp = $arrData['eval']['rgxp']; // Convert date formats into timestamps (check the eval setting first -> #3063) if (($rgxp == 'date' || $rgxp == 'time' || $rgxp == 'datim') && $varValue != '') { // Use the numeric back end format here! $objDate = new \Date($varValue, $GLOBALS['TL_CONFIG'][$rgxp . 'Format']); $varValue = $objDate->tstamp; } // Make sure that unique fields are unique (check the eval setting first -> #3063) if ($arrData['eval']['unique'] && $varValue != '' && !$this->Database->isUniqueValue('tl_member', $field, $varValue, $this->User->id)) { $objWidget->addError(sprintf($GLOBALS['TL_LANG']['ERR']['unique'], $arrData['label'][0] ?: $field)); } // Trigger the save_callback if (is_array($arrData['save_callback'])) { foreach ($arrData['save_callback'] as $callback) { $this->import($callback[0]); try { $varValue = $this->{$callback}[0]->{$callback}[1]($varValue, $this->User, $this); } catch (\Exception $e) { $objWidget->class = 'error'; $objWidget->addError($e->getMessage()); } } } // Do not submit the field if there are errors if ($objWidget->hasErrors()) { $doNotSubmit = true; } elseif ($objWidget->submitInput()) { // Set the new value $this->User->{$field} = $varValue; $_SESSION['FORM_DATA'][$field] = $varValue; // Set the new field in the member model $blnModified = true; $objMember->{$field} = $varValue; // HOOK: set new password callback if ($objWidget instanceof \FormPassword && isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) { foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User, $varValue, $this); } } } } if ($objWidget instanceof \uploadable) { $hasUpload = true; } $temp = $objWidget->parse(); $this->Template->fields .= $temp; $arrFields[$strGroup][$field] .= $temp; ++$row; } // Save the model if ($blnModified) { $objMember->save(); } $this->Template->hasError = $doNotSubmit; // Redirect or reload if there was no error if (\Input::post('FORM_SUBMIT') == 'tl_member_' . $this->id && !$doNotSubmit) { // HOOK: updated personal data if (isset($GLOBALS['TL_HOOKS']['updatePersonalData']) && is_array($GLOBALS['TL_HOOKS']['updatePersonalData'])) { foreach ($GLOBALS['TL_HOOKS']['updatePersonalData'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User, $_SESSION['FORM_DATA'], $this); } } // Call the onsubmit_callback if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'])) { foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onsubmit_callback'] as $callback) { if (is_array($callback)) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($this->User, $this); } } } $this->jumpToOrReload($this->objModel->getRelated('jumpTo')->row()); } $this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails']; $this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails']; $this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails']; $this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData']; // Add groups foreach ($arrFields as $k => $v) { $this->Template->{$k} = $v; } $this->Template->formId = 'tl_member_' . $this->id; $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['saveData']); $this->Template->action = $this->getIndexFreeRequest(); $this->Template->enctype = $hasUpload ? 'multipart/form-data' : 'application/x-www-form-urlencoded'; $this->Template->rowLast = 'row_' . $row . ($row % 2 == 0 ? ' even' : ' odd'); // HOOK: add memberlist fields if (in_array('memberlist', $this->Config->getActiveModules())) { $this->Template->profile = $arrFields['profile']; $this->Template->profileDetails = $GLOBALS['TL_LANG']['tl_member']['profileDetails']; } // HOOK: add newsletter fields if (in_array('newsletter', $this->Config->getActiveModules())) { $this->Template->newsletter = $arrFields['newsletter']; $this->Template->newsletterDetails = $GLOBALS['TL_LANG']['tl_member']['newsletterDetails']; } // HOOK: add helpdesk fields if (in_array('helpdesk', $this->Config->getActiveModules())) { $this->Template->helpdesk = $arrFields['helpdesk']; $this->Template->helpdeskDetails = $GLOBALS['TL_LANG']['tl_member']['helpdeskDetails']; } }
/** * {@inheritdoc} */ public function canSendDraft(Message $objMessage) { // Create a dummy draft // All drafts get the member data as tokens with "member_" prefix. We imitate it here /** @var \MemberModel|\Model $objMember */ $objMember = \MemberModel::findByPk(\FrontendUser::getInstance()->id); /** @var ClockworkSmsMessageDraft $objDraft */ $objDraft = $this->createDraft($objMessage, array_combine(array_map(function ($key) { return 'member_' . $key; }, array_keys($objMember->row())), $objMember->row())); $arrRecipients = $objDraft->getRecipients(); if (empty($arrRecipients)) { throw new \LogicException($GLOBALS['TL_LANG']['ERR']['clockworkDraftCanNotSend']); } return true; }
/** * @param $objComment */ public function notifyUser($objComment) { global $objPage; $objRatedMember = \MemberModel::findByPk($objComment->parent); if ($objRatedMember === null) { return; } if ($objRatedMember->email == '') { return; } $objAuthor = \MemberModel::findByPk($objComment->owner); if ($objAuthor === null) { return; } // Generate the data array for simple token use $arrData = array(); foreach ($objAuthor->row() as $k => $v) { $arrData['author_' . $k] = $v; } foreach ($objRatedMember->row() as $k => $v) { $arrData['recipient_' . $k] = $v; } foreach ($objComment->row() as $k => $v) { $arrData['comments_' . $k] = $v; } $objTemplate = new \FrontendTemplate('member_rating_email_notification'); $objTemplate->comment = nl2br($objComment->comment); $objTemplate->score = $objComment->score; $objTemplate->link = \Environment::get('url') . '/' . \Controller::generateFrontendUrl($objPage->row(), '', $objPage->language) . '?publish=true&activation_token=' . $objComment->activation_token; $objTemplate->link_del = \Environment::get('url') . '/' . \Controller::generateFrontendUrl($objPage->row(), '', $objPage->language) . '?del=true&activation_token=' . $objComment->activation_token; $strContent = $objTemplate->parse(); // Mail $objEmail = new \Email(); $strSubject = sprintf($GLOBALS['TL_LANG']['MOD']['member_rating']['emailNotify']['subject'], $_SERVER['SERVER_NAME']); $objEmail->subject = \String::parseSimpleTokens($strSubject, $arrData); $strContent = $this->replaceInsertTags($strContent); $strContent = \String::parseSimpleTokens($strContent, $arrData); $objEmail->html = $strContent; // Text version $strContent = \String::decodeEntities($strContent); $strContent = strip_tags($strContent); $strContent = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strContent); $objEmail->text = $strContent; $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->sendTo($objRatedMember->email); }