public function set($fields = array())
{
if (!$this->_db->insert('posts', $fields)) {
throw new Exception('There was a problem posting');
}
$notification = new Notification();
$timestamp = date('Y-m-d H:i:s');
$notification->set(array('uid' => $fields['uid'], 'fid' => $fields['fid'], 'type' => 'new_post', 'timestamp' => $timestamp));
$notification->set(array('uid' => $fields['fid'], 'fid' => $fields['uid'], 'type' => 'posted', 'timestamp' => $timestamp));
}
/**
* Delete a sms client
*
* @access public
* @param int $id
* @return void
*/
public function delete($id)
{
$client = new Smsclient();
if ($client->delete($id)) {
Notification::set(Smsclients::SUCCESS, "Succesfully deleted the client");
} else {
Notification::set(Smsclients::DANGER, "Something went wrong");
}
redirect(base_url() . "smsclients/index");
}
public function update($id)
{
$region = (new Region())->findById($id);
if ($this->input->post('name')) {
$region->populate($this->input->post());
if ($region->save()) {
Notification::set(Regions::SUCCESS, "The region has been added");
redirect("/regions/");
}
}
$this->data["region"] = $region;
$this->load->view("regions/update.tpl", $this->data);
}
/**
* main toggle admin function
*/
public static function main()
{
// handle option form submit
if (Request::post('toggle_options')) {
if (Security::check(Request::post('csrf'))) {
Option::update('toggle_duration', (int) Request::post('toggle_duration'));
Option::update('toggle_easing', Request::post('toggle_easing'));
Notification::set('success', __('Configuration has been saved with success!', 'toggle'));
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'toggle'));
die;
}
Request::redirect('index.php?id=toggle');
}
// Display view
View::factory('toggle/views/backend/index')->display();
}
/**
* Main Emails admin function
*/
public static function main()
{
// Init vars
$email_templates_path = STORAGE . DS . 'emails' . DS;
$email_templates_list = array();
// Check for get actions
// -------------------------------------
if (Request::get('action')) {
// Switch actions
// -------------------------------------
switch (Request::get('action')) {
// Plugin action
// -------------------------------------
case "edit_email_template":
if (Request::post('edit_email_template') || Request::post('edit_email_template_and_exit')) {
if (Security::check(Request::post('csrf'))) {
// Save Email Template
File::setContent(STORAGE . DS . 'emails' . DS . Request::post('email_template_name') . '.email.php', Request::post('content'));
Notification::set('success', __('Your changes to the email template <i>:name</i> have been saved.', 'emails', array(':name' => Request::post('email_template_name'))));
if (Request::post('edit_email_template_and_exit')) {
Request::redirect('index.php?id=emails');
} else {
Request::redirect('index.php?id=emails&action=edit_email_template&filename=' . Request::post('email_template_name'));
}
}
}
$content = File::getContent($email_templates_path . Request::get('filename') . '.email.php');
// Display view
View::factory('box/emails/views/backend/edit')->assign('content', $content)->display();
break;
}
} else {
// Get email templates
$email_templates_list = File::scan($email_templates_path, '.email.php');
// Display view
View::factory('box/emails/views/backend/index')->assign('email_templates_list', $email_templates_list)->display();
}
}
/**
* Themes plugin admin
*/
public static function main()
{
// Get current themes
$current_site_theme = Option::get('theme_site_name');
$current_admin_theme = Option::get('theme_admin_name');
// Init vars
$themes_site = Themes::getSiteThemes();
$themes_admin = Themes::getAdminThemes();
$templates = Themes::getTemplates();
$chunks = Themes::getChunks();
$styles = Themes::getStyles();
$scripts = Themes::getScripts();
$errors = array();
$chunk_path = THEMES_SITE . DS . $current_site_theme . DS;
$template_path = THEMES_SITE . DS . $current_site_theme . DS;
$style_path = THEMES_SITE . DS . $current_site_theme . DS . 'css' . DS;
$script_path = THEMES_SITE . DS . $current_site_theme . DS . 'js' . DS;
// Save site theme
if (Request::post('save_site_theme')) {
if (Security::check(Request::post('csrf'))) {
Option::update('theme_site_name', Request::post('themes'));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles and Javascript version
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
Request::redirect('index.php?id=themes');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Save site theme
if (Request::post('save_admin_theme')) {
if (Security::check(Request::post('csrf'))) {
Option::update('theme_admin_name', Request::post('themes'));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Request::redirect('index.php?id=themes');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Its mean that you can add your own actions for this plugin
Action::run('admin_themes_extra_actions');
// Check for get actions
// -------------------------------------
if (Request::get('action')) {
// Switch actions
// -------------------------------------
switch (Request::get('action')) {
// Add chunk
// -------------------------------------
case "add_chunk":
if (Request::post('add_file') || Request::post('add_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($chunk_path . Security::safeName(Request::post('name'), null, false) . '.chunk.php')) {
$errors['file_exists'] = __('This chunk already exists', 'themes');
}
if (count($errors) == 0) {
// Save chunk
File::setContent($chunk_path . Security::safeName(Request::post('name'), null, false) . '.chunk.php', Request::post('content'));
Notification::set('success', __('Your changes to the chunk <i>:name</i> have been saved.', 'themes', array(':name' => Security::safeName(Request::post('name'), null, false))));
if (Request::post('add_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_chunk&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Save fields
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = '';
}
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
// Display view
View::factory('box/themes/views/backend/add')->assign('name', $name)->assign('content', $content)->assign('errors', $errors)->assign('action', 'chunk')->display();
break;
// Add template
// -------------------------------------
// Add template
// -------------------------------------
case "add_template":
if (Request::post('add_file') || Request::post('add_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($template_path . Security::safeName(Request::post('name'), null, false) . '.template.php')) {
$errors['file_exists'] = __('This template already exists', 'themes');
}
if (count($errors) == 0) {
// Save chunk
File::setContent($template_path . Security::safeName(Request::post('name'), null, false) . '.template.php', Request::post('content'));
Notification::set('success', __('Your changes to the chunk <i>:name</i> have been saved.', 'themes', array(':name' => Security::safeName(Request::post('name'), null, false))));
if (Request::post('add_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_template&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Save fields
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = '';
}
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
// Display view
View::factory('box/themes/views/backend/add')->assign('name', $name)->assign('content', $content)->assign('errors', $errors)->assign('action', 'template')->display();
break;
// Add styles
// -------------------------------------
// Add styles
// -------------------------------------
case "add_styles":
if (Request::post('add_file') || Request::post('add_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($style_path . Security::safeName(Request::post('name'), null, false) . '.css')) {
$errors['file_exists'] = __('This styles already exists', 'themes');
}
if (count($errors) == 0) {
// Save chunk
File::setContent($style_path . Security::safeName(Request::post('name'), null, false) . '.css', Request::post('content'));
Notification::set('success', __('Your changes to the styles <i>:name</i> have been saved.', 'themes', array(':name' => Security::safeName(Request::post('name'), null, false))));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles version
Stylesheet::stylesVersionIncrement();
if (Request::post('add_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_styles&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Save fields
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = '';
}
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
// Display view
View::factory('box/themes/views/backend/add')->assign('name', $name)->assign('content', $content)->assign('errors', $errors)->assign('action', 'styles')->display();
break;
// Add script
// -------------------------------------
// Add script
// -------------------------------------
case "add_script":
if (Request::post('add_file') || Request::post('add_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($script_path . Security::safeName(Request::post('name'), null, false) . '.js')) {
$errors['file_exists'] = __('This script already exists', 'themes');
}
if (count($errors) == 0) {
// Save chunk
File::setContent($script_path . Security::safeName(Request::post('name'), null, false) . '.js', Request::post('content'));
Notification::set('success', __('Your changes to the script <i>:name</i> have been saved.', 'themes', array(':name' => Security::safeName(Request::post('name'), null, false))));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Javascript version
Javascript::javascriptVersionIncrement();
if (Request::post('add_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_script&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Save fields
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = '';
}
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
// Display view
View::factory('box/themes/views/backend/add')->assign('name', $name)->assign('content', $content)->assign('errors', $errors)->assign('action', 'script')->display();
break;
// Edit chunk
// -------------------------------------
// Edit chunk
// -------------------------------------
case "edit_chunk":
// Save current chunk action
if (Request::post('edit_file') || Request::post('edit_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($chunk_path . Security::safeName(Request::post('name'), null, false) . '.chunk.php') and Security::safeName(Request::post('chunk_old_name'), null, false) !== Security::safeName(Request::post('name'), null, false)) {
$errors['file_exists'] = __('This chunk already exists', 'themes');
}
// Save fields
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
if (count($errors) == 0) {
$chunk_old_filename = $chunk_path . Request::post('chunk_old_name') . '.chunk.php';
$chunk_new_filename = $chunk_path . Security::safeName(Request::post('name'), null, false) . '.chunk.php';
if (!empty($chunk_old_filename)) {
if ($chunk_old_filename !== $chunk_new_filename) {
rename($chunk_old_filename, $chunk_new_filename);
$save_filename = $chunk_new_filename;
} else {
$save_filename = $chunk_new_filename;
}
} else {
$save_filename = $chunk_new_filename;
}
// Save chunk
File::setContent($save_filename, Request::post('content'));
Notification::set('success', __('Your changes to the chunk <i>:name</i> have been saved.', 'themes', array(':name' => basename($save_filename, '.chunk.php'))));
if (Request::post('edit_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_chunk&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = File::name(Request::get('filename'));
}
$content = File::getContent($chunk_path . Request::get('filename') . '.chunk.php');
// Display view
View::factory('box/themes/views/backend/edit')->assign('content', $content)->assign('name', $name)->assign('errors', $errors)->assign('action', 'chunk')->display();
break;
// Edit Template
// -------------------------------------
// Edit Template
// -------------------------------------
case "edit_template":
// Save current chunk action
if (Request::post('edit_file') || Request::post('edit_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($template_path . Security::safeName(Request::post('name'), null, false) . '.template.php') and Security::safeName(Request::post('template_old_name'), null, false) !== Security::safeName(Request::post('name'), null, false)) {
$errors['template_exists'] = __('This template already exists', 'themes');
}
// Save fields
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
if (count($errors) == 0) {
$template_old_filename = $template_path . Request::post('template_old_name') . '.template.php';
$template_new_filename = $template_path . Security::safeName(Request::post('name'), null, false) . '.template.php';
if (!empty($template_old_filename)) {
if ($template_old_filename !== $template_new_filename) {
rename($template_old_filename, $template_new_filename);
$save_filename = $template_new_filename;
} else {
$save_filename = $template_new_filename;
}
} else {
$save_filename = $template_new_filename;
}
// Save chunk
File::setContent($save_filename, Request::post('content'));
Notification::set('success', __('Your changes to the template <i>:name</i> have been saved.', 'themes', array(':name' => basename($save_filename, '.template.php'))));
if (Request::post('edit_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_template&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = File::name(Request::get('filename'));
}
$content = File::getContent($chunk_path . Request::get('filename') . '.template.php');
// Display view
View::factory('box/themes/views/backend/edit')->assign('content', $content)->assign('name', $name)->assign('errors', $errors)->assign('action', 'template')->display();
break;
// Edit Styles
// -------------------------------------
// Edit Styles
// -------------------------------------
case "edit_styles":
// Save current chunk action
if (Request::post('edit_file') || Request::post('edit_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($style_path . Security::safeName(Request::post('name'), null, false) . '.css') and Security::safeName(Request::post('styles_old_name'), null, false) !== Security::safeName(Request::post('name'), null, false)) {
$errors['file_exists'] = __('This styles already exists', 'themes');
}
// Save fields
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
if (count($errors) == 0) {
$styles_old_filename = $style_path . Request::post('styles_old_name') . '.css';
$styles_new_filename = $style_path . Security::safeName(Request::post('name'), null, false) . '.css';
if (!empty($styles_old_filename)) {
if ($styles_old_filename !== $styles_new_filename) {
rename($styles_old_filename, $styles_new_filename);
$save_filename = $styles_new_filename;
} else {
$save_filename = $styles_new_filename;
}
} else {
$save_filename = $styles_new_filename;
}
// Save chunk
File::setContent($save_filename, Request::post('content'));
Notification::set('success', __('Your changes to the styles <i>:name</i> have been saved.', 'themes', array(':name' => basename($save_filename, '.css'))));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles version
Stylesheet::stylesVersionIncrement();
if (Request::post('edit_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_styles&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = File::name(Request::get('filename'));
}
$content = File::getContent($style_path . Request::get('filename') . '.css');
// Display view
View::factory('box/themes/views/backend/edit')->assign('content', $content)->assign('name', $name)->assign('errors', $errors)->assign('action', 'styles')->display();
break;
// Edit Script
// -------------------------------------
// Edit Script
// -------------------------------------
case "edit_script":
// Save current chunk action
if (Request::post('edit_file') || Request::post('edit_file_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['file_empty_name'] = __('Required field', 'themes');
}
if (file_exists($script_path . Security::safeName(Request::post('name'), null, false) . '.js') and Security::safeName(Request::post('script_old_name'), null, false) !== Security::safeName(Request::post('name'), null, false)) {
$errors['file_exists'] = __('This script already exists', 'themes');
}
// Save fields
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
if (count($errors) == 0) {
$script_old_filename = $script_path . Request::post('script_old_name') . '.js';
$script_new_filename = $script_path . Security::safeName(Request::post('name'), null, false) . '.js';
if (!empty($script_old_filename)) {
if ($script_old_filename !== $script_new_filename) {
rename($script_old_filename, $script_new_filename);
$save_filename = $script_new_filename;
} else {
$save_filename = $script_new_filename;
}
} else {
$save_filename = $script_new_filename;
}
// Save chunk
File::setContent($save_filename, Request::post('content'));
Notification::set('success', __('Your changes to the script <i>:name</i> have been saved.', 'themes', array(':name' => basename($save_filename, '.js'))));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Javascript version
Javascript::javascriptVersionIncrement();
if (Request::post('edit_file_and_exit')) {
Request::redirect('index.php?id=themes');
} else {
Request::redirect('index.php?id=themes&action=edit_script&filename=' . Security::safeName(Request::post('name'), null, false));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = File::name(Request::get('filename'));
}
$content = File::getContent($script_path . Request::get('filename') . '.js');
// Display view
View::factory('box/themes/views/backend/edit')->assign('content', $content)->assign('name', $name)->assign('errors', $errors)->assign('action', 'script')->display();
break;
// Delete chunk
// -------------------------------------
// Delete chunk
// -------------------------------------
case "delete_chunk":
if (Security::check(Request::get('token'))) {
File::delete($chunk_path . Request::get('filename') . '.chunk.php');
Notification::set('success', __('Chunk <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
Request::redirect('index.php?id=themes');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
break;
// Delete styles
// -------------------------------------
// Delete styles
// -------------------------------------
case "delete_styles":
if (Security::check(Request::get('token'))) {
File::delete($style_path . Request::get('filename') . '.css');
Notification::set('success', __('Styles <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles version
Stylesheet::stylesVersionIncrement();
Request::redirect('index.php?id=themes');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
break;
// Delete script
// -------------------------------------
// Delete script
// -------------------------------------
case "delete_script":
if (Security::check(Request::get('token'))) {
File::delete($script_path . Request::get('filename') . '.js');
Notification::set('success', __('Script <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Javascript version
Javascript::javascriptVersionIncrement();
Request::redirect('index.php?id=themes');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
break;
// Delete template
// -------------------------------------
// Delete template
// -------------------------------------
case "delete_template":
if (Security::check(Request::get('token'))) {
File::delete($template_path . Request::get('filename') . '.template.php');
Notification::set('success', __('Template <i>:name</i> deleted', 'themes', array(':name' => File::name(Request::get('filename')))));
Request::redirect('index.php?id=themes');
}
break;
// Clone styles
// -------------------------------------
// Clone styles
// -------------------------------------
case "clone_styles":
if (Security::check(Request::get('token'))) {
File::setContent(THEMES_SITE . DS . $current_site_theme . DS . 'css' . DS . Request::get('filename') . '_clone_' . date("Ymd_His") . '.css', File::getContent(THEMES_SITE . DS . $current_site_theme . DS . 'css' . DS . Request::get('filename') . '.css'));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles version
Stylesheet::stylesVersionIncrement();
Request::redirect('index.php?id=themes');
}
break;
// Clone script
// -------------------------------------
// Clone script
// -------------------------------------
case "clone_script":
if (Security::check(Request::get('token'))) {
File::setContent(THEMES_SITE . DS . $current_site_theme . DS . 'js' . DS . Request::get('filename') . '_clone_' . date("Ymd_His") . '.js', File::getContent(THEMES_SITE . DS . $current_site_theme . DS . 'js' . DS . Request::get('filename') . '.js'));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Javascript version
Javascript::javascriptVersionIncrement();
Request::redirect('index.php?id=themes');
}
break;
// Clone template
// -------------------------------------
// Clone template
// -------------------------------------
case "clone_template":
if (Security::check(Request::get('token'))) {
File::setContent(THEMES_SITE . DS . $current_site_theme . DS . Request::get('filename') . '_clone_' . date("Ymd_His") . '.template.php', File::getContent(THEMES_SITE . DS . $current_site_theme . DS . Request::get('filename') . '.template.php'));
Request::redirect('index.php?id=themes');
}
break;
// Clone chunk
// -------------------------------------
// Clone chunk
// -------------------------------------
case "clone_chunk":
if (Security::check(Request::get('token'))) {
File::setContent(THEMES_SITE . DS . $current_site_theme . DS . Request::get('filename') . '_clone_' . date("Ymd_His") . '.chunk.php', File::getContent(THEMES_SITE . DS . $current_site_theme . DS . Request::get('filename') . '.chunk.php'));
Request::redirect('index.php?id=themes');
}
break;
}
} else {
// Display view
View::factory('box/themes/views/backend/index')->assign('themes_site', $themes_site)->assign('themes_admin', $themes_admin)->assign('templates', $templates)->assign('chunks', $chunks)->assign('styles', $styles)->assign('scripts', $scripts)->assign('current_site_theme', $current_site_theme)->assign('current_admin_theme', $current_admin_theme)->display();
}
}
/**
* @access public
* @param int $id
* @return void
*/
public function delete($id)
{
if (!is_numeric($id)) {
Notification::set(StationDetails::WARNING, "No access allowed");
redirect("/graph");
}
}
/**
* Resend invitation e-mail
*
* @access public
* @param int $id
* @return void
*/
public function resendInvite($id)
{
if ($this->_send_user_invitation($id)) {
Notification::set(User::SUCCESS, "The e-mail has been send");
}
redirect("/user");
}
/**
* Snippets admin function
*/
public static function main()
{
// Init vars
$snippets_path = STORAGE . DS . 'snippets' . DS;
$snippets_list = array();
$errors = array();
// Check for get actions
// -------------------------------------
if (Request::get('action')) {
// Switch actions
// -------------------------------------
switch (Request::get('action')) {
// Add snippet
// -------------------------------------
case "add_snippet":
if (Request::post('add_snippets') || Request::post('add_snippets_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['snippets_empty_name'] = __('Required field', 'snippets');
}
if (file_exists($snippets_path . Security::safeName(Request::post('name')) . '.snippet.php')) {
$errors['snippets_exists'] = __('This snippet already exists', 'snippets');
}
if (count($errors) == 0) {
// Save snippet
File::setContent($snippets_path . Security::safeName(Request::post('name')) . '.snippet.php', Request::post('content'));
Notification::set('success', __('Your changes to the snippet <i>:name</i> have been saved.', 'snippets', array(':name' => Security::safeName(Request::post('name')))));
if (Request::post('add_snippets_and_exit')) {
Request::redirect('index.php?id=snippets');
} else {
Request::redirect('index.php?id=snippets&action=edit_snippet&filename=' . Security::safeName(Request::post('name')));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Save fields
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = '';
}
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
// Display view
View::factory('box/snippets/views/backend/add')->assign('content', $content)->assign('name', $name)->assign('errors', $errors)->display();
break;
// Edit snippet
// -------------------------------------
// Edit snippet
// -------------------------------------
case "edit_snippet":
// Save current snippet action
if (Request::post('edit_snippets') || Request::post('edit_snippets_and_exit')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('name')) == '') {
$errors['snippets_empty_name'] = __('Required field', 'snippets');
}
if (file_exists($snippets_path . Security::safeName(Request::post('name')) . '.snippet.php') and Security::safeName(Request::post('snippets_old_name')) !== Security::safeName(Request::post('name'))) {
$errors['snippets_exists'] = __('This snippet already exists', 'snippets');
}
// Save fields
if (Request::post('content')) {
$content = Request::post('content');
} else {
$content = '';
}
if (count($errors) == 0) {
$snippet_old_filename = $snippets_path . Request::post('snippets_old_name') . '.snippet.php';
$snippet_new_filename = $snippets_path . Security::safeName(Request::post('name')) . '.snippet.php';
if (!empty($snippet_old_filename)) {
if ($snippet_old_filename !== $snippet_new_filename) {
rename($snippet_old_filename, $snippet_new_filename);
$save_filename = $snippet_new_filename;
} else {
$save_filename = $snippet_new_filename;
}
} else {
$save_filename = $snippet_new_filename;
}
// Save snippet
File::setContent($save_filename, Request::post('content'));
Notification::set('success', __('Your changes to the snippet <i>:name</i> have been saved.', 'snippets', array(':name' => basename($save_filename, '.snippet.php'))));
if (Request::post('edit_snippets_and_exit')) {
Request::redirect('index.php?id=snippets');
} else {
Request::redirect('index.php?id=snippets&action=edit_snippet&filename=' . Security::safeName(Request::post('name')));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('name')) {
$name = Request::post('name');
} else {
$name = File::name(Request::get('filename'));
}
$content = File::getContent($snippets_path . Request::get('filename') . '.snippet.php');
// Display view
View::factory('box/snippets/views/backend/edit')->assign('content', $content)->assign('name', $name)->assign('errors', $errors)->display();
break;
case "delete_snippet":
if (Security::check(Request::get('token'))) {
File::delete($snippets_path . Request::get('filename') . '.snippet.php');
Notification::set('success', __('Snippet <i>:name</i> deleted', 'snippets', array(':name' => File::name(Request::get('filename')))));
Request::redirect('index.php?id=snippets');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
break;
}
} else {
// Get snippets
$snippets_list = File::scan($snippets_path, '.snippet.php');
// Display view
View::factory('box/snippets/views/backend/index')->assign('snippets_list', $snippets_list)->display();
}
}
// Generate new hash
$new_hash = Text::random('alnum', 12);
// Update user hash
$users->updateWhere("[login='******']", array('hash' => $new_hash));
$mail = new PHPMailer();
$mail->CharSet = 'utf-8';
$mail->ContentType = 'text/html';
$mail->SetFrom(Option::get('system_email'));
$mail->AddReplyTo(Option::get('system_email'));
$mail->AddAddress($user['email'], $user['login']);
$mail->Subject = __('Your login details for :site_name', 'users', array(':site_name' => $site_name));
$mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')->assign('site_url', $site_url)->assign('site_name', $site_name)->assign('user_id', $user['id'])->assign('user_login', $user['login'])->assign('new_hash', $new_hash)->assign('email_template', 'reset-password')->render());
$mail->Send();
// Set notification
Notification::set('success', __('Your login details for :site_name has been sent', 'users', array(':site_name' => $site_name)));
Notification::set('reset_password', 'reset_password');
// Redirect to password-reset page
Request::redirect(Site::url() . '/admin');
}
Notification::setNow('reset_password', 'reset_password');
}
// If admin user is login = true then set is_admin = true
if (Session::exists('admin') && Session::get('admin') == true) {
$is_admin = true;
} else {
$is_admin = false;
}
// Logout user from system
if (Request::get('logout') && Request::get('logout') == 'do') {
Session::destroy();
}
/**
* System plugin admin
*/
public static function main()
{
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
$filters = Filter::$filters;
$plugins = Plugin::$plugins;
$components = Plugin::$components;
$actions = Action::$actions;
// Get pages table
$pages = new Table('pages');
// Get system timezone
$system_timezone = Option::get('timezone');
// Get languages files
$language_files = File::scan(PLUGINS_BOX . DS . 'system' . DS . 'languages' . DS, '.lang.php');
foreach ($language_files as $language) {
$parts = explode('.', $language);
$languages_array[$parts[0]] = I18n::$locales[$parts[0]];
}
// Get all pages
$pages_array = array();
$pages_list = $pages->select('[slug!="error404" and parent="" and status="published"]');
foreach ($pages_list as $page) {
$pages_array[$page['slug']] = Html::toText($page['title']);
}
// Create Sitemap
// -------------------------------------
if (Request::get('sitemap') == 'create') {
if (Security::check(Request::get('token'))) {
Notification::set('success', __('Sitemap created', 'system'));
Sitemap::create();
Request::redirect('index.php?id=system');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete temporary files
// -------------------------------------
if (Request::get('temporary_files') == 'delete') {
if (Security::check(Request::get('token'))) {
Monstra::cleanTmp();
if (count(File::scan(MINIFY, array('css', 'js', 'php'))) == 0 && count(Dir::scan(CACHE)) == 0) {
Notification::set('success', __('Temporary files deleted', 'system'));
Request::redirect('index.php?id=system');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Set maintenance state on or off
// -------------------------------------
if (Request::get('maintenance')) {
if (Security::check(Request::get('token'))) {
if ('on' == Request::get('maintenance')) {
Option::update('maintenance_status', 'on');
Request::redirect('index.php?id=system');
}
if ('off' == Request::get('maintenance')) {
Option::update('maintenance_status', 'off');
Request::redirect('index.php?id=system');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Edit settings
// -------------------------------------
if (Request::post('edit_settings')) {
if (Security::check(Request::post('csrf'))) {
// Add trailing slashes
$_site_url = Request::post('system_url');
Option::update(array('sitename' => Request::post('site_name'), 'keywords' => Request::post('site_keywords'), 'description' => Request::post('site_description'), 'slogan' => Request::post('site_slogan'), 'defaultpage' => Request::post('site_default_page'), 'siteurl' => $_site_url, 'timezone' => Request::post('system_timezone'), 'system_email' => Request::post('system_email'), 'language' => Request::post('system_language'), 'maintenance_message' => Request::post('site_maintenance_message')));
Notification::set('success', __('Your changes have been saved.', 'system'));
Request::redirect('index.php?id=system');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Its mean that you can add your own actions for this plugin
Action::run('admin_system_extra_actions');
// Display view
View::factory('box/system/views/backend/index')->assign('pages_array', $pages_array)->assign('languages_array', $languages_array)->display();
} else {
Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id'));
}
}
/**
* Get posts
*
* <code>
* // Get all posts
* echo Blog::getPosts();
*
* // Get last 5 posts
* echo Blog::getPosts(5);
* </code>
*
* @param integer $num Number of posts to show
* @return string
*/
public static function getPosts($nums = 10)
{
// Get page param
$page = Request::get('page') ? (int) Request::get('page') : 1;
if (Request::get('tag')) {
$query = '[parent="' . Blog::$parent_page_name . '" and status="published" and contains(tags, "' . Request::get('tag') . '")]';
Notification::set('tag', Request::get('tag'));
} else {
$query = '[parent="' . Blog::$parent_page_name . '" and status="published"]';
Notification::clean();
}
// Get Elements Count
$elements = count(Pages::$pages->select($query, 'all'));
// Get Pages Count
$pages = ceil($elements / $nums);
if ($page < 1) {
$page = 1;
} elseif ($page > $pages) {
$page = $pages;
}
$start = ($page - 1) * $nums;
// If there is no posts
if ($start < 0) {
$start = 0;
}
// Get posts and sort by DESC
$posts = Pages::$pages->select($query, $nums, $start, array('slug', 'title', 'author', 'date'), 'date', 'DESC');
// Loop
foreach ($posts as $key => $post) {
$post_short = explode("{cut}", Text::toHtml(File::getContent(STORAGE . DS . 'pages' . DS . $post['id'] . '.page.txt')));
$posts[$key]['content'] = Filter::apply('content', $post_short[0]);
}
// Display view
return View::factory('blog/views/frontend/index')->assign('posts', $posts)->render() . View::factory('blog/views/frontend/pager')->assign('pages', $pages)->assign('page', $page)->render();
}
/**
* @access protected
* @return boolean
*/
public function delete($id)
{
$this->allow("admin");
$feedback = new UserFeedback();
$obj = $feedback->findById($id);
if ($obj) {
if ($feedback->delete($id)) {
redirect("/feedback");
}
}
Notification::set(Feedback::DANGER, "Something went wrong. Please try again.");
redirect("/feedback");
}
/**
* Plugins admin
*/
public static function main()
{
// Get siteurl
$site_url = Option::get('siteurl');
// Get installed plugin from $plugins array
$installed_plugins = Plugin::$plugins;
// Get installed users plugins
$_users_plugins = array();
foreach (Plugin::$plugins as $plugin) {
if ($plugin['privilege'] !== 'box') {
$_users_plugins[] = $plugin['id'];
}
}
// Get plugins table
$plugins = new Table('plugins');
// Delete plugin
// -------------------------------------
if (Request::get('delete_plugin')) {
if (Security::check(Request::get('token'))) {
// Nobody cant remove box plugins
if ($installed_plugins[Text::lowercase(str_replace("Plugin", "", Request::get('delete_plugin')))]['privilege'] !== 'box') {
// Run plugin uninstaller file
$plugin_name = Request::get('delete_plugin');
if (File::exists(PLUGINS . DS . $plugin_name . DS . 'install' . DS . $plugin_name . '.uninstall.php')) {
include PLUGINS . DS . $plugin_name . DS . 'install' . DS . $plugin_name . '.uninstall.php';
}
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles and Javascript version
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
// Delete plugin form plugins table
$plugins->deleteWhere('[name="' . Request::get('delete_plugin') . '"]');
// Redirect
Request::redirect('index.php?id=plugins');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Install new plugin
// -------------------------------------
if (Request::get('install')) {
if (Security::check(Request::get('token'))) {
// Load plugin install xml file
$plugin_xml = XML::loadFile(PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . Request::get('install'));
// Add plugin to plugins table
$plugins->insert(array('name' => basename(Request::get('install'), '.manifest.xml'), 'location' => (string) $plugin_xml->plugin_location, 'status' => (string) $plugin_xml->plugin_status, 'priority' => (int) $plugin_xml->plugin_priority));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
// Run plugin installer file
$plugin_name = str_replace(array("Plugin", ".manifest.xml"), "", Request::get('install'));
if (File::exists(PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . $plugin_name . '.install.php')) {
include PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . $plugin_name . '.install.php';
}
Request::redirect('index.php?id=plugins');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete plugin from server
// -------------------------------------
if (Request::get('delete_plugin_from_server')) {
if (Security::check(Request::get('token'))) {
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
Dir::delete(PLUGINS . DS . basename(Request::get('delete_plugin_from_server'), '.manifest.xml'));
Request::redirect('index.php?id=plugins');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Upload & extract plugin archive
// -------------------------------------
if (Request::post('upload_file')) {
if (Security::check(Request::post('csrf'))) {
if ($_FILES['file']) {
if (in_array(File::ext($_FILES['file']['name']), array('zip'))) {
$tmp_dir = ROOT . DS . 'tmp' . DS . uniqid('plugin_');
$error = 'Plugin was not uploaded';
if (Dir::create($tmp_dir)) {
$file_locations = Zip::factory()->extract($_FILES['file']['tmp_name'], $tmp_dir);
if (!empty($file_locations)) {
$manifest = '';
foreach ($file_locations as $filepath) {
if (substr($filepath, -strlen('.manifest.xml')) === '.manifest.xml') {
$manifest = $filepath;
break;
}
}
if (!empty($manifest) && basename(dirname($manifest)) === 'install') {
$manifest_file = pathinfo($manifest, PATHINFO_BASENAME);
$plugin_name = str_replace('.manifest.xml', '', $manifest_file);
if (Dir::create(PLUGINS . DS . $plugin_name)) {
$tmp_plugin_dir = dirname(dirname($manifest));
Dir::copy($tmp_plugin_dir, PLUGINS . DS . $plugin_name);
Notification::set('success', __('Plugin was uploaded', 'plugins'));
$error = false;
}
}
}
} else {
$error = 'System error';
}
} else {
$error = 'Forbidden plugin file type';
}
} else {
$error = 'Plugin was not uploaded';
}
if ($error) {
Notification::set('error', __($error, 'plugins'));
}
if (Request::post('dragndrop')) {
Request::shutdown();
} else {
Request::redirect($site_url . '/admin/index.php?id=plugins#installnew');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Installed plugins
$plugins_installed = array();
// New plugins
$plugins_new = array();
// Plugins to install
$plugins_to_intall = array();
// Scan plugins directory for .manifest.xml
$plugins_new = File::scan(PLUGINS, '.manifest.xml');
// Get installed plugins from plugins table
$plugins_installed = $plugins->select(null, 'all', null, array('location', 'priority'), 'priority', 'ASC');
// Update $plugins_installed array. extract plugins names
foreach ($plugins_installed as $plg) {
$_plg[] = basename($plg['location'], 'plugin.php') . 'manifest.xml';
}
// Diff
$plugins_to_install = array_diff($plugins_new, $_plg);
// Create array of plugins to install
$count = 0;
foreach ($plugins_to_install as $plugin) {
$plg_path = PLUGINS . DS . Text::lowercase(basename($plugin, '.manifest.xml')) . DS . 'install' . DS . $plugin;
if (file_exists($plg_path)) {
$plugins_to_intall[$count]['path'] = $plg_path;
$plugins_to_intall[$count]['plugin'] = $plugin;
$count++;
}
}
// Draw template
View::factory('box/plugins/views/backend/index')->assign('installed_plugins', $installed_plugins)->assign('plugins_to_intall', $plugins_to_intall)->assign('_users_plugins', $_users_plugins)->assign('fileuploader', array('uploadUrl' => $site_url . '/admin/index.php?id=plugins', 'csrf' => Security::token(), 'errorMsg' => __('Upload server error', 'filesmanager')))->display();
}
/**
* Enable a station
*
* @access public
* @param int $id (station id)
* @return void
*/
public function enable($id)
{
$station = (new Station())->findById($id);
if ($station->getId() !== null) {
$station->setActive(1);
if ($station->save() !== false) {
Notification::set(Stations::SUCCESS, "The station is activated");
} else {
Notification::set(Stations::WARNING, "Something went wrong. Please try agian");
}
}
redirect("/stations/");
}
/**
* Pages admin function
*/
public static function main()
{
$current_theme = Option::get('theme_site_name');
$site_url = Option::get('siteurl');
$templates_path = THEMES_SITE;
$errors = array();
$pages = new Table('pages');
PagesAdmin::$pages = $pages;
$users = new Table('users');
$user = $users->select('[id=' . Session::get('user_id') . ']', null);
// Page author
if (!empty($user['firstname'])) {
$author = empty($user['lastname']) ? $user['firstname'] : $user['firstname'] . ' ' . $user['lastname'];
} else {
$author = Session::get('user_login');
}
$author = Html::toText($author);
// Status array
$status_array = array('published' => __('Published', 'pages'), 'draft' => __('Draft', 'pages'));
// Access array
$access_array = array('public' => __('Public', 'pages'), 'registered' => __('Registered', 'pages'));
// Check for get actions
// ---------------------------------------------
if (Request::get('action')) {
// Switch actions
// -----------------------------------------
switch (Request::get('action')) {
// Clone page
// -------------------------------------
case "clone_page":
if (Security::check(Request::get('token'))) {
// Generate rand page name
$rand_page_name = Request::get('name') . '_clone_' . date("Ymd_His");
// Get original page
$orig_page = $pages->select('[slug="' . Request::get('name') . '"]', null);
// Generate rand page title
$rand_page_title = $orig_page['title'] . ' [copy]';
// Clone page
if ($pages->insert(array('slug' => $rand_page_name, 'template' => $orig_page['template'], 'parent' => $orig_page['parent'], 'robots_index' => $orig_page['robots_index'], 'robots_follow' => $orig_page['robots_follow'], 'status' => $orig_page['status'], 'access' => isset($orig_page['access']) ? $orig_page['access'] : 'public', 'expand' => isset($orig_page['expand']) ? $orig_page['expand'] : '0', 'title' => $rand_page_title, 'meta_title' => $orig_page['meta_title'], 'description' => $orig_page['description'], 'keywords' => $orig_page['keywords'], 'tags' => $orig_page['tags'], 'date' => $orig_page['date'], 'author' => $orig_page['author']))) {
// Get cloned page ID
$last_id = $pages->lastId();
// Save cloned page content
File::setContent(STORAGE . DS . 'pages' . DS . $last_id . '.page.txt', File::getContent(STORAGE . DS . 'pages' . DS . $orig_page['id'] . '.page.txt'));
// Send notification
Notification::set('success', __('The page <i>:page</i> cloned.', 'pages', array(':page' => Security::safeName(Request::get('name'), '-', true))));
}
// Run add extra actions
Action::run('admin_pages_action_clone');
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
break;
// Add page
// -------------------------------------
// Add page
// -------------------------------------
case "add_page":
// Add page
if (Request::post('add_page') || Request::post('add_page_and_exit')) {
if (Security::check(Request::post('csrf'))) {
// Get parent page
if (Request::post('pages') == '0') {
$parent_page = '';
} else {
$parent_page = Request::post('pages');
}
// Validate
//--------------
if (trim(Request::post('page_name')) == '') {
$errors['pages_empty_name'] = __('Required field', 'pages');
}
if (trim(Request::post('page_title')) == '') {
$errors['pages_empty_title'] = __('Required field', 'pages');
}
if (count($pages->select('[slug="' . Security::safeName(Request::post('page_name'), '-', true) . '"]')) != 0) {
$errors['pages_exists'] = __('This page already exists', 'pages');
}
// Prepare date
if (Valid::date(Request::post('page_date'))) {
$date = strtotime(Request::post('page_date'));
} else {
$date = time();
}
if (Request::post('robots_index')) {
$robots_index = 'noindex';
} else {
$robots_index = 'index';
}
if (Request::post('robots_follow')) {
$robots_follow = 'nofollow';
} else {
$robots_follow = 'follow';
}
// If no errors then try to save
if (count($errors) == 0) {
// Insert new page
if ($pages->insert(array('slug' => Security::safeName(Request::post('page_name'), '-', true), 'template' => Request::post('templates'), 'parent' => $parent_page, 'status' => Request::post('status'), 'access' => Request::post('access'), 'expand' => '0', 'robots_index' => $robots_index, 'robots_follow' => $robots_follow, 'title' => Request::post('page_title'), 'meta_title' => Request::post('page_meta_title'), 'description' => Request::post('page_description'), 'keywords' => Request::post('page_keywords'), 'tags' => Request::post('page_tags'), 'date' => $date, 'author' => $author))) {
// Get inserted page ID
$last_id = $pages->lastId();
// Save content
File::setContent(STORAGE . DS . 'pages' . DS . $last_id . '.page.txt', XML::safe(Request::post('editor')));
// Send notification
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Security::safeName(Request::post('page_title'), '-', true))));
}
// Run add extra actions
Action::run('admin_pages_action_add');
// Redirect
if (Request::post('add_page_and_exit')) {
Request::redirect('index.php?id=pages');
} else {
Request::redirect('index.php?id=pages&action=edit_page&name=' . Security::safeName(Request::post('page_name'), '-', true));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Get all pages
$pages_list = $pages->select('[slug!="error404" and parent=""]');
$pages_array[] = '-none-';
foreach ($pages_list as $page) {
$pages_array[$page['slug']] = $page['title'];
}
// Get all templates
$templates_list = File::scan($templates_path, '.template.php');
foreach ($templates_list as $file) {
$templates_array[basename($file, '.template.php')] = basename($file, '.template.php');
}
// Save fields
if (Request::post('page_name')) {
$post_name = Request::post('page_name');
} else {
$post_name = '';
}
if (Request::post('page_title')) {
$post_title = Request::post('page_title');
} else {
$post_title = '';
}
if (Request::post('page_meta_title')) {
$post_meta_title = Request::post('page_meta_title');
} else {
$post_meta_title = '';
}
if (Request::post('page_keywords')) {
$post_keywords = Request::post('page_keywords');
} else {
$post_keywords = '';
}
if (Request::post('page_description')) {
$post_description = Request::post('page_description');
} else {
$post_description = '';
}
if (Request::post('page_tags')) {
$post_tags = Request::post('page_tags');
} else {
$post_tags = '';
}
if (Request::post('editor')) {
$post_content = Request::post('editor');
} else {
$post_content = '';
}
if (Request::post('templates')) {
$post_template = Request::post('templates');
} else {
$post_template = 'index';
}
if (Request::post('status')) {
$post_status = Request::post('status');
} else {
$post_status = 'published';
}
if (Request::post('access')) {
$post_access = Request::post('access');
} else {
$post_access = 'public';
}
if (Request::post('pages')) {
$parent_page = Request::post('pages');
} else {
if (Request::get('parent_page')) {
$parent_page = Request::get('parent_page');
} else {
$parent_page = '';
}
}
if (Request::post('robots_index')) {
$post_robots_index = true;
} else {
$post_robots_index = false;
}
if (Request::post('robots_follow')) {
$post_robots_follow = true;
} else {
$post_robots_follow = false;
}
//--------------
// Generate date
$date = Date::format(time(), 'Y-m-d H:i:s');
// Set Tabs State - page
Notification::setNow('page', 'page');
// Display view
View::factory('box/pages/views/backend/add')->assign('post_name', $post_name)->assign('post_title', $post_title)->assign('post_meta_title', $post_meta_title)->assign('post_description', $post_description)->assign('post_keywords', $post_keywords)->assign('post_tags', $post_tags)->assign('post_content', $post_content)->assign('pages_array', $pages_array)->assign('parent_page', $parent_page)->assign('templates_array', $templates_array)->assign('post_template', $post_template)->assign('post_status', $post_status)->assign('post_access', $post_access)->assign('status_array', $status_array)->assign('access_array', $access_array)->assign('date', $date)->assign('post_robots_index', $post_robots_index)->assign('post_robots_follow', $post_robots_follow)->assign('errors', $errors)->display();
break;
// Edit page
// -------------------------------------
// Edit page
// -------------------------------------
case "edit_page":
if (Request::post('edit_page') || Request::post('edit_page_and_exit')) {
if (Security::check(Request::post('csrf'))) {
// Get pages parent
if (Request::post('pages') == '0') {
$parent_page = '';
} else {
$parent_page = Request::post('pages');
}
// Save field
$post_parent = Request::post('pages');
// Validate
//--------------
if (trim(Request::post('page_name')) == '') {
$errors['pages_empty_name'] = __('Required field', 'pages');
}
if (count($pages->select('[slug="' . Security::safeName(Request::post('page_name'), '-', true) . '"]')) != 0 and Security::safeName(Request::post('page_old_name'), '-', true) !== Security::safeName(Request::post('page_name'), '-', true)) {
$errors['pages_exists'] = __('This page already exists', 'pages');
}
if (trim(Request::post('page_title')) == '') {
$errors['pages_empty_title'] = __('Required field', 'pages');
}
// Save fields
if (Request::post('page_name')) {
$post_name = Request::post('page_name');
} else {
$post_name = '';
}
if (Request::post('page_title')) {
$post_title = Request::post('page_title');
} else {
$post_title = '';
}
if (Request::post('page_meta_title')) {
$post_meta_title = Request::post('page_meta_title');
} else {
$post_meta_title = '';
}
if (Request::post('page_keywords')) {
$post_keywords = Request::post('page_keywords');
} else {
$post_keywords = '';
}
if (Request::post('page_description')) {
$post_description = Request::post('page_description');
} else {
$post_description = '';
}
if (Request::post('page_tags')) {
$post_tags = Request::post('page_tags');
} else {
$post_tags = '';
}
if (Request::post('editor')) {
$post_content = Request::post('editor');
} else {
$post_content = '';
}
if (Request::post('templates')) {
$post_template = Request::post('templates');
} else {
$post_template = 'index';
}
if (Request::post('status')) {
$post_status = Request::post('status');
} else {
$post_status = 'published';
}
if (Request::post('access')) {
$post_access = Request::post('access');
} else {
$post_access = 'public';
}
if (Request::post('robots_index')) {
$post_robots_index = true;
} else {
$post_robots_index = false;
}
if (Request::post('robots_follow')) {
$post_robots_follow = true;
} else {
$post_robots_follow = false;
}
//--------------
// Prepare date
if (Valid::date(Request::post('page_date'))) {
$date = strtotime(Request::post('page_date'));
} else {
$date = time();
}
if (Request::post('robots_index')) {
$robots_index = 'noindex';
} else {
$robots_index = 'index';
}
if (Request::post('robots_follow')) {
$robots_follow = 'nofollow';
} else {
$robots_follow = 'follow';
}
if (count($errors) == 0) {
// Update parents in all childrens
if (Security::safeName(Request::post('page_name'), '-', true) !== Security::safeName(Request::post('page_old_name'), '-', true) and Request::post('old_parent') == '') {
$_pages = $pages->select('[parent="' . Text::translitIt(trim(Request::post('page_old_name'))) . '"]');
if (!empty($_pages)) {
foreach ($_pages as $_page) {
$pages->updateWhere('[parent="' . $_page['parent'] . '"]', array('parent' => Security::safeName(Request::post('page_name'), '-', true)));
}
}
if ($pages->updateWhere('[slug="' . Request::get('name') . '"]', array('slug' => Security::safeName(Request::post('page_name'), '-', true), 'template' => Request::post('templates'), 'parent' => $parent_page, 'title' => Request::post('page_title'), 'meta_title' => Request::post('page_meta_title'), 'description' => Request::post('page_description'), 'keywords' => Request::post('page_keywords'), 'tags' => Request::post('page_tags'), 'robots_index' => $robots_index, 'robots_follow' => $robots_follow, 'status' => Request::post('status'), 'access' => Request::post('access'), 'date' => $date, 'author' => $author))) {
File::setContent(STORAGE . DS . 'pages' . DS . Request::post('page_id') . '.page.txt', XML::safe(Request::post('editor')));
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Security::safeName(Request::post('page_title'), '-', true))));
}
// Run edit extra actions
Action::run('admin_pages_action_edit');
} else {
if ($pages->updateWhere('[slug="' . Request::get('name') . '"]', array('slug' => Security::safeName(Request::post('page_name'), '-', true), 'template' => Request::post('templates'), 'parent' => $parent_page, 'title' => Request::post('page_title'), 'meta_title' => Request::post('page_meta_title'), 'description' => Request::post('page_description'), 'keywords' => Request::post('page_keywords'), 'tags' => Request::post('page_tags'), 'robots_index' => $robots_index, 'robots_follow' => $robots_follow, 'status' => Request::post('status'), 'access' => Request::post('access'), 'date' => $date, 'author' => $author))) {
File::setContent(STORAGE . DS . 'pages' . DS . Request::post('page_id') . '.page.txt', XML::safe(Request::post('editor')));
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Security::safeName(Request::post('page_title'), '-', true))));
}
// Run edit extra actions
Action::run('admin_pages_action_edit');
}
// Redirect
if (Request::post('edit_page_and_exit')) {
Request::redirect('index.php?id=pages');
} else {
Request::redirect('index.php?id=pages&action=edit_page&name=' . Security::safeName(Request::post('page_name'), '-', true));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Get all pages
$pages_list = $pages->select();
$pages_array[] = '-none-';
// Foreach pages find page whithout parent
foreach ($pages_list as $page) {
if (isset($page['parent'])) {
$c_p = $page['parent'];
} else {
$c_p = '';
}
if ($c_p == '') {
// error404 is system "constant" and no child for it
if ($page['slug'] !== 'error404' && $page['slug'] !== Request::get('name')) {
$pages_array[$page['slug']] = $page['title'];
}
}
}
// Get all templates
$templates_list = File::scan($templates_path, '.template.php');
foreach ($templates_list as $file) {
$templates_array[basename($file, '.template.php')] = basename($file, '.template.php');
}
$page = $pages->select('[slug="' . Request::get('name') . '"]', null);
if ($page) {
$page_content = File::getContent(STORAGE . DS . 'pages' . DS . $page['id'] . '.page.txt');
// Safe fields or load fields
if (Request::post('page_name')) {
$slug_to_edit = Request::post('page_name');
} else {
$slug_to_edit = $page['slug'];
}
if (Request::post('page_title')) {
$title_to_edit = Request::post('page_title');
} else {
$title_to_edit = $page['title'];
}
if (Request::post('page_meta_title')) {
$meta_title_to_edit = Request::post('page_meta_title');
} else {
$meta_title_to_edit = isset($page['meta_title']) ? $page['meta_title'] : '';
}
if (Request::post('page_description')) {
$description_to_edit = Request::post('page_description');
} else {
$description_to_edit = $page['description'];
}
if (Request::post('page_keywords')) {
$keywords_to_edit = Request::post('page_keywords');
} else {
$keywords_to_edit = $page['keywords'];
}
if (Request::post('page_tags')) {
$tags_to_edit = Request::post('page_tags');
} else {
$tags_to_edit = isset($page['tags']) ? $page['tags'] : '';
}
if (Request::post('editor')) {
$to_edit = Request::post('editor');
} else {
$to_edit = Text::toHtml($page_content);
}
if (Request::post('robots_index')) {
$post_robots_index = true;
} else {
if ($page['robots_index'] == 'noindex') {
$post_robots_index = true;
} else {
$post_robots_index = false;
}
}
if (Request::post('robots_follow')) {
$post_robots_follow = true;
} else {
if ($page['robots_follow'] == 'nofollow') {
$post_robots_follow = true;
} else {
$post_robots_follow = false;
}
}
if (Request::post('pages')) {
// Get pages parent
if (Request::post('pages') == '-none-') {
$parent_page = '';
} else {
$parent_page = Request::post('pages');
}
// Save field
$parent_page = Request::post('pages');
} else {
$parent_page = $page['parent'];
}
if (Request::post('templates')) {
$template = Request::post('templates');
} else {
$template = $page['template'];
}
if (Request::post('status')) {
$status = Request::post('status');
} else {
$status = $page['status'];
}
if (Request::post('access')) {
$access = Request::post('access');
} else {
$access = isset($page['access']) ? $page['access'] : 'public';
}
// Generate date
$date = Request::post('date') ? Request::post('date') : Date::format($page['date'], 'Y-m-d H:i:s');
Notification::setNow('page', 'page');
// Display view
View::factory('box/pages/views/backend/edit')->assign('slug_to_edit', $slug_to_edit)->assign('title_to_edit', $title_to_edit)->assign('meta_title_to_edit', $meta_title_to_edit)->assign('description_to_edit', $description_to_edit)->assign('keywords_to_edit', $keywords_to_edit)->assign('tags_to_edit', $tags_to_edit)->assign('page', $page)->assign('to_edit', $to_edit)->assign('pages_array', $pages_array)->assign('parent_page', $parent_page)->assign('templates_array', $templates_array)->assign('template', $template)->assign('status_array', $status_array)->assign('access_array', $access_array)->assign('status', $status)->assign('access', $access)->assign('date', $date)->assign('post_robots_index', $post_robots_index)->assign('post_robots_follow', $post_robots_follow)->assign('errors', $errors)->display();
}
break;
// Delete page
// -------------------------------------
// Delete page
// -------------------------------------
case "delete_page":
// Error 404 page can not be removed
if (Request::get('slug') !== 'error404') {
if (Security::check(Request::get('token'))) {
// Get specific page
$page = $pages->select('[slug="' . Request::get('name') . '"]', null);
// Delete page and update <parent> fields
if ($pages->deleteWhere('[slug="' . $page['slug'] . '" ]')) {
$_pages = $pages->select('[parent="' . $page['slug'] . '"]');
if (!empty($_pages)) {
foreach ($_pages as $_page) {
$pages->updateWhere('[slug="' . $_page['slug'] . '"]', array('parent' => ''));
}
}
File::delete(STORAGE . DS . 'pages' . DS . $page['id'] . '.page.txt');
Notification::set('success', __('Page <i>:page</i> deleted', 'pages', array(':page' => Html::toText($page['title']))));
}
// Run delete extra actions
Action::run('admin_pages_action_delete');
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
// Update page access
// -------------------------------------
// Update page access
// -------------------------------------
case "update_access":
if (Request::get('slug') !== 'error404') {
if (Security::check(Request::get('token'))) {
$pages->updateWhere('[slug="' . Request::get('slug') . '"]', array('access' => Request::get('access')));
// Run delete extra actions
Action::run('admin_pages_action_update_access');
// Send notification
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Request::get('slug'))));
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
// Update page status
// -------------------------------------
// Update page status
// -------------------------------------
case "update_status":
if (Request::get('name') !== 'error404') {
if (Security::check(Request::get('token'))) {
$pages->updateWhere('[slug="' . Request::get('slug') . '"]', array('status' => Request::get('status')));
// Run delete extra actions
Action::run('admin_pages_action_update_status');
// Send notification
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Request::get('slug'))));
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
}
// Its mean that you can add your own actions for this plugin
Action::run('admin_pages_extra_actions');
} else {
// Index action
// -------------------------------------
// Init vars
$pages_array = array();
$count = 0;
// Get pages
$pages_list = $pages->select(null, 'all', null, array('slug', 'title', 'status', 'date', 'author', 'expand', 'access', 'parent', 'template', 'tags'));
// Loop
foreach ($pages_list as $page) {
$pages_array[$count]['title'] = $page['title'];
$pages_array[$count]['meta_title'] = isset($page['meta_title']) ? $page['meta_title'] : '';
$pages_array[$count]['parent'] = $page['parent'];
$pages_array[$count]['_status'] = $page['status'];
$pages_array[$count]['_access'] = $page['access'];
$pages_array[$count]['status'] = $status_array[$page['status']];
$pages_array[$count]['access'] = isset($access_array[$page['access']]) ? $access_array[$page['access']] : $access_array['public'];
// hack for old Monstra Versions
$pages_array[$count]['date'] = $page['date'];
$pages_array[$count]['author'] = $page['author'];
$pages_array[$count]['expand'] = $page['expand'];
$pages_array[$count]['slug'] = $page['slug'];
$pages_array[$count]['tags'] = $page['tags'];
$pages_array[$count]['template'] = $page['template'];
if (isset($page['parent'])) {
$c_p = $page['parent'];
} else {
$c_p = '';
}
if ($c_p != '') {
$_page = $pages->select('[slug="' . $page['parent'] . '"]', null);
if (isset($_page['title'])) {
$_title = $_page['title'];
} else {
$_title = '';
}
$pages_array[$count]['sort'] = $_title . ' ' . $page['title'];
} else {
$pages_array[$count]['sort'] = $page['title'];
}
$_title = '';
$count++;
}
// Sort pages
$pages = Arr::subvalSort($pages_array, 'sort');
// Display view
View::factory('box/pages/views/backend/index')->assign('pages', $pages)->assign('site_url', $site_url)->display();
}
}
/**
* Users admin
*/
public static function main()
{
// Users roles
$roles = array('admin' => __('Admin', 'users'), 'editor' => __('Editor', 'users'), 'user' => __('User', 'users'));
// Get uses table
$users = new Table('users');
if (Option::get('users_frontend_registration') === 'true') {
$users_frontend_registration = true;
} else {
$users_frontend_registration = false;
}
if (Request::post('users_frontend_submit')) {
if (Security::check(Request::post('csrf'))) {
if (Request::post('users_frontend_registration')) {
$users_frontend_registration = 'true';
} else {
$users_frontend_registration = 'false';
}
if (Option::update('users_frontend_registration', $users_frontend_registration)) {
Notification::set('success', __('Your changes have been saved.', 'users'));
} else {
Notification::set('error', __('Your changes was not saved.', 'users'));
}
Request::redirect('index.php?id=users');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Check for get actions
// ---------------------------------------------
if (Request::get('action')) {
// Switch actions
// -----------------------------------------
switch (Request::get('action')) {
// Add
// -------------------------------------
case "add":
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
// Errors
$errors = array();
if (Request::post('register')) {
if (Security::check(Request::post('csrf'))) {
$user_login = trim(Request::post('login'));
$user_password = trim(Request::post('password'));
$user_email = trim(Request::post('email'));
if ($user_login == '') {
$errors['users_empty_login'] = __('Required field', 'users');
}
if ($user_password == '') {
$errors['users_empty_password'] = __('Required field', 'users');
}
if ($user_email == '') {
$errors['users_empty_email'] = __('Required field', 'users');
}
if ($users->select("[login='******']")) {
$errors['users_this_user_already_exists'] = __('This user already exists', 'users');
}
if ($users->select("[email='" . $user_email . "']")) {
$errors['users_this_email_already_exists'] = __('This email already exists', 'users');
}
if (count($errors) == 0) {
if ($users->insert(array('login' => Security::safeName($user_login), 'password' => Security::encryptPassword(Request::post('password')), 'email' => Request::post('email'), 'hash' => Text::random('alnum', 12), 'date_registered' => time(), 'role' => Request::post('role')))) {
Notification::set('success', __('New user have been registered.', 'users'));
} else {
Notification::set('error', __('New user was not registered.', 'users'));
}
Request::redirect('index.php?id=users');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Display view
View::factory('box/users/views/backend/add')->assign('roles', $roles)->assign('errors', $errors)->display();
} else {
Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id'));
}
break;
// Edit
// -------------------------------------
// Edit
// -------------------------------------
case "edit":
// Get current user record
$user = $users->select("[id='" . (int) Request::get('user_id') . "']", null);
if (isset($user['firstname'])) {
$user_firstname = $user['firstname'];
} else {
$user_firstname = '';
}
if (isset($user['lastname'])) {
$user_lastname = $user['lastname'];
} else {
$user_lastname = '';
}
if (isset($user['email'])) {
$user_email = $user['email'];
} else {
$user_email = '';
}
if (isset($user['twitter'])) {
$user_twitter = $user['twitter'];
} else {
$user_twitter = '';
}
if (isset($user['skype'])) {
$user_skype = $user['skype'];
} else {
$user_skype = '';
}
if (isset($user['about_me'])) {
$user_about_me = $user['about_me'];
} else {
$user_about_me = '';
}
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin', 'editor'))) {
if (Request::post('edit_profile') and ((int) Session::get('user_id') == (int) Request::get('user_id') or in_array(Session::get('user_role'), array('admin')))) {
if (Security::check(Request::post('csrf'))) {
if (Security::safeName(Request::post('login')) != '') {
if ($users->update(Request::post('user_id'), array('login' => Security::safeName(Request::post('login')), 'firstname' => Request::post('firstname'), 'lastname' => Request::post('lastname'), 'email' => Request::post('email'), 'skype' => Request::post('skype'), 'twitter' => Request::post('twitter'), 'about_me' => Request::post('about_me'), 'role' => Request::post('role')))) {
Notification::set('success', __('Your changes have been saved.', 'users'));
} else {
Notification::set('error', __('Your changes was not saved.', 'users'));
}
Request::redirect('index.php?id=users&action=edit&user_id=' . Request::post('user_id'));
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('edit_profile_password')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('new_password')) != '') {
if ($users->update(Request::post('user_id'), array('password' => Security::encryptPassword(trim(Request::post('new_password')))))) {
Notification::set('success', __('Your changes have been saved.', 'users'));
} else {
Notification::set('error', __('Your changes was not saved.', 'users'));
}
Request::redirect('index.php?id=users&action=edit&user_id=' . Request::post('user_id'));
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if ((int) Session::get('user_id') == (int) Request::get('user_id') or in_array(Session::get('user_role'), array('admin')) && count($user) != 0) {
// Display view
View::factory('box/users/views/backend/edit')->assign('user', $user)->assign('user_firstname', $user_firstname)->assign('user_lastname', $user_lastname)->assign('user_email', $user_email)->assign('user_twitter', $user_twitter)->assign('user_skype', $user_skype)->assign('user_about_me', $user_about_me)->assign('roles', $roles)->display();
} else {
echo __('Monstra says: This is not your profile...', 'users');
}
}
break;
// Delete
// -------------------------------------
// Delete
// -------------------------------------
case "delete":
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin')) && (int) $_SESSION['user_id'] != (int) Request::get('user_id')) {
if (Security::check(Request::get('token'))) {
$user = $users->select('[id="' . Request::get('user_id') . '"]', null);
if ($users->delete(Request::get('user_id'))) {
Notification::set('success', __('User <i>:user</i> have been deleted.', 'users', array(':user' => $user['login'])));
} else {
Notification::set('error', __('User <i>:user</i> was not deleted.', 'users', array(':user' => $user['login'])));
}
Request::redirect('index.php?id=users');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
}
} else {
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
// Dislay view
View::factory('box/users/views/backend/index')->assign('roles', $roles)->assign('users_list', $users->select())->assign('users_frontend_registration', $users_frontend_registration)->display();
} else {
Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id'));
}
}
}
/**
* Main function
*/
public static function main()
{
// Array of forbidden types
$forbidden_types = array('html', 'htm', 'js', 'jsb', 'mhtml', 'mht', 'php', 'phtml', 'php3', 'php4', 'php5', 'phps', 'shtml', 'jhtml', 'pl', 'py', 'cgi', 'sh', 'ksh', 'bsh', 'c', 'htaccess', 'htpasswd', 'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl', 'empty');
// Array of image types
$image_types = array('jpg', 'png', 'bmp', 'gif', 'tif');
// Get Site url
$site_url = Option::get('siteurl');
// Init vars
if (Request::get('path')) {
$path = Request::get('path');
} else {
$path = 'uploads/';
}
// Add slash if not exists
if (substr($path, -1, 1) != '/') {
$path .= '/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
// Upload corectly!
if ($path == 'uploads' || $path == 'uploads//') {
$path = 'uploads/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
// Only 'uploads' folder!
if (strpos($path, 'uploads') === false) {
$path = 'uploads/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
// Set default path value if path is empty
if ($path == '') {
$path = 'uploads/';
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
$files_path = ROOT . DS . 'public' . DS . $path;
$current = explode('/', $path);
// Delete file
// -------------------------------------
if (Request::get('id') == 'filesmanager' && Request::get('delete_file')) {
if (Security::check(Request::get('token'))) {
File::delete($files_path . Request::get('delete_file'));
if (!is_file($files_path . Request::get('delete_file'))) {
Notification::set('success', __('File was deleted', 'filesmanager'));
} else {
Notification::set('error', __('File was not deleted', 'filesmanager'));
}
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete dir
// -------------------------------------
if (Request::get('id') == 'filesmanager' && Request::get('delete_dir')) {
if (Security::check(Request::get('token'))) {
Dir::delete($files_path . Request::get('delete_dir'));
if (!is_dir($files_path . Request::get('delete_dir'))) {
Notification::set('success', __('Directory was deleted', 'filesmanager'));
} else {
Notification::set('error', __('Directory was not deleted', 'filesmanager'));
}
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Rename file/dir
// -------------------------------------
if (Request::post('rename_type')) {
if (Security::check(Request::post('csrf'))) {
$rename_type = Request::post('rename_type');
$rename_from = Request::post('rename_from');
$rename_to = Request::post('rename_to');
if (empty($rename_to)) {
Notification::set('error', __('Can not be empty', 'filesmanager'));
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
$ext = $rename_type === 'file' ? '.' . File::ext($rename_from) : '';
$rename_to = $files_path . Security::safeName($rename_to, null, false) . $ext;
if (is_dir($rename_to)) {
Notification::set('error', __('Directory exists', 'filesmanager'));
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
if (is_file($rename_to)) {
Notification::set('error', __('File exists', 'filesmanager'));
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
$success = rename($files_path . $rename_from, $rename_to);
if ($success) {
Notification::set('success', __('Renamed successfully', 'filesmanager'));
} else {
Notification::set('error', __('Failure', 'filesmanager'));
}
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Upload file
// -------------------------------------
if (Request::post('upload_file')) {
if (Security::check(Request::post('csrf'))) {
$error = false;
if ($_FILES['file']) {
if (!in_array(File::ext($_FILES['file']['name']), $forbidden_types)) {
$filepath = $files_path . Security::safeName(basename($_FILES['file']['name'], File::ext($_FILES['file']['name'])), null, false) . '.' . File::ext($_FILES['file']['name']);
$uploaded = move_uploaded_file($_FILES['file']['tmp_name'], $filepath);
if ($uploaded !== false && is_file($filepath)) {
Notification::set('success', __('File was uploaded', 'filesmanager'));
} else {
$error = 'File was not uploaded';
}
} else {
$error = 'Forbidden file type';
}
} else {
$error = 'File was not uploaded';
}
if ($error) {
Notification::set('error', __($error, 'filesmanager'));
}
if (Request::post('dragndrop')) {
Request::shutdown();
} else {
Request::redirect($site_url . '/admin/index.php?id=filesmanager&path=' . $path);
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Create Directory
// -------------------------------------
if (Request::post('directory_name')) {
if (Security::check(Request::post('csrf'))) {
$abs_path = $files_path . Security::safeName(Request::post('directory_name'), null, false);
$error = false;
if (!is_dir($abs_path)) {
try {
mkdir($abs_path);
} catch (Exception $e) {
$error = true;
}
} else {
$error = true;
}
if ($error) {
Alert::error(__('Directory was not created', 'filesmanager'));
} else {
Alert::success(__('Directory was created', 'filesmanager'));
}
}
}
// Get information about current path
$_list = FilesmanagerAdmin::fdir($files_path);
$files_list = array();
// Get files
if (isset($_list['files'])) {
foreach ($_list['files'] as $files) {
$files_list[] = $files;
}
}
$dir_list = array();
// Get dirs
if (isset($_list['dirs'])) {
foreach ($_list['dirs'] as $dirs) {
if (strpos($dirs, '.') === false && strpos($dirs, '..') === false) {
$dir_list[] = $dirs;
}
}
}
// Display view
View::factory('box/filesmanager/views/backend/index')->assign('path', $path)->assign('current', $current)->assign('files_list', $files_list)->assign('dir_list', $dir_list)->assign('forbidden_types', $forbidden_types)->assign('image_types', $image_types)->assign('site_url', $site_url)->assign('upload_max_filesize', FilesmanagerAdmin::uploadSize())->assign('files_path', $files_path)->assign('fileuploader', array('uploadUrl' => $site_url . '/admin/index.php?id=filesmanager&path=' . $path, 'csrf' => Security::token(), 'errorMsg' => __('Upload server error', 'filesmanager')))->display();
}
private function _disallow()
{
Notification::set(self::WARNING, "You cannot access this part");
redirect("/");
return false;
}
/**
* Backup admin
*/
public static function main()
{
$backups_path = ROOT . DS . 'backups';
// Create backup
// -------------------------------------
if (Request::post('create_backup')) {
if (Security::check(Request::post('csrf'))) {
@set_time_limit(0);
@ini_set("memory_limit", "512M");
$zip = Zip::factory();
// Add storage folder
$zip->readDir(STORAGE . DS, false);
// Add public folder
$zip->readDir(ROOT . DS . 'public' . DS, false);
// Add plugins folder
$zip->readDir(PLUGINS . DS, false, null, array(PLUGINS . DS . 'box'));
if ($zip->archive($backups_path . DS . Date::format(time(), "Y-m-d-H-i-s") . '.zip')) {
Notification::set('success', __('Backup was created', 'backup'));
} else {
Notification::set('error', __('Backup was not created', 'backup'));
}
Request::redirect(Option::get('siteurl') . '/admin/index.php?id=backup');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete backup
// -------------------------------------
if (Request::get('id') == 'backup' && Request::get('delete_file')) {
if (Security::check(Request::get('token'))) {
if (File::delete($backups_path . DS . Request::get('delete_file'))) {
Notification::set('success', __('Backup was deleted', 'backup'));
} else {
Notification::set('error', __('Backup was not deleted', 'backup'));
}
Request::redirect(Option::get('siteurl') . '/admin/index.php?id=backup');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Download backup
// -------------------------------------
if (Request::get('download')) {
if (Security::check(Request::get('token'))) {
File::download($backups_path . DS . Request::get('download'));
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Restore backup
// -------------------------------------
if (Request::get('restore')) {
if (Security::check(Request::get('token'))) {
$tmp_dir = ROOT . DS . 'tmp' . DS . uniqid('backup_');
if (Dir::create($tmp_dir)) {
$file_locations = Zip::factory()->extract($backups_path . DS . Request::get('restore'), $tmp_dir);
if (!empty($file_locations)) {
Dir::copy($tmp_dir, ROOT . DS);
Notification::set('success', __('Backup was restored', 'backup'));
} else {
Notification::set('error', __('Unzip error', 'backup'));
}
} else {
Notification::set('error', __('Backup was not restored', 'backup'));
}
Request::redirect(Option::get('siteurl') . '/admin/index.php?id=backup');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Display view
View::factory('box/backup/views/backend/index')->assign('backups_list', File::scan($backups_path, '.zip'))->display();
}
/**
* main events admin function
*/
public static function main()
{
$path = ROOT . DS . 'public' . DS . 'uploads' . DS;
// Request: add event
if (Request::post('add_event')) {
if (Security::check(Request::post('csrf'))) {
if (EventsRepository::insert(EventsAdmin::_getEventData())) {
Notification::set('success', __('Event was added with success!', 'events'));
} else {
Notification::set('error', __('Table->insert() returned an error. Event could not be saved.', 'events'));
}
Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus(EventsRepository::getLastId()) . '-events');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: edit event
if (Request::post('edit_event')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('edit_event');
if (EventsRepository::update($id, EventsAdmin::_getEventData())) {
Notification::set('success', __('Event was updated with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Event could not be saved.', 'events'));
}
Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus($id) . '-events');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: restore event
if (Request::post('restore_trash_event')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('restore_trash_event');
if (EventsRepository::update($id, array('deleted' => 0))) {
Notification::set('success', __('Event has been restored from trash with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Event could not be restored.', 'events'));
}
Request::redirect('index.php?id=events#trash/trash-events');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: delete event
if (Request::post('delete_event')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('delete_event');
if (EventsRepository::update($id, array('deleted' => 1))) {
Notification::set('success', __('Event has been moved to trash with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Event could not be deleted.', 'events'));
}
$record = EventsRepository::getById($id);
Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus($id) . '-events');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: delete trash event
if (Request::post('delete_trash_event')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('delete_trash_event');
if (EventsRepository::delete($id)) {
Notification::set('success', __('Event has been deleted permanently with success!', 'events'));
} else {
Notification::set('error', __('Table->delete() returned an error. Event could not be deleted.', 'events'));
}
Request::redirect('index.php?id=events#trash/trash-events');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: update event status ['published','draft']
if (Request::get('eventaction') and Request::get('eventaction') == 'update_status') {
if (Security::check(Request::get('token'))) {
$id = (int) Request::get('event_id');
if (EventsRepository::update($id, array('status' => Request::get('status')))) {
Notification::set('success', __('Event status has been updated with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Event status could not be updated.', 'events'));
}
Request::redirect('index.php?id=events#events/' . EventsRepository::getStatus($id) . '-events');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: add category
if (Request::post('add_category')) {
if (Security::check(Request::post('csrf'))) {
if (CategoriesRepository::insert(EventsAdmin::_getCategoryData())) {
Notification::set('success', __('Category was added with success!', 'events'));
} else {
Notification::set('error', __('Table->insert() returned an error. Category could not be saved.', 'events'));
}
Request::redirect('index.php?id=events#categories');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: edit category
if (Request::post('edit_category')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('edit_category');
if (CategoriesRepository::update($id, EventsAdmin::_getCategoryData())) {
Notification::set('success', __('Category was updated with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Category could not be saved.', 'events'));
}
Request::redirect('index.php?id=events#categories');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: restore category
if (Request::post('restore_trash_category')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('restore_trash_category');
if (CategoriesRepository::update($id, array('deleted' => 0))) {
Notification::set('success', __('Category has been restored from trash with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Category could not be restored.', 'events'));
}
Request::redirect('index.php?id=events#trash/trash-categories');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: delete category
if (Request::post('delete_category')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('delete_category');
if (!CategoriesRepository::hasEvents($id)) {
if (CategoriesRepository::update($id, array('deleted' => 1))) {
Notification::set('success', __('Category has been moved to trash with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Category could not be deleted.', 'events'));
}
} else {
Notification::set('error', __('Deletion failed. This category is assigned to at least one event. Remove this category from every event to delete it.', 'events'));
}
Request::redirect('index.php?id=events#categories');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: delete trash category
if (Request::post('delete_trash_category')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('delete_trash_category');
if (CategoriesRepository::delete($id)) {
Notification::set('success', __('Category has been deleted permanently with success!', 'events'));
} else {
Notification::set('error', __('Table->delete() returned an error. Category could not be deleted.', 'events'));
}
Request::redirect('index.php?id=events#trash/trash-categories');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: add location
if (Request::post('add_location')) {
if (Security::check(Request::post('csrf'))) {
if (LocationsRepository::insert(EventsAdmin::_getLocationData())) {
Notification::set('success', __('Location was added with success!', 'events'));
} else {
Notification::set('error', __('Table->insert() returned an error. Location could not be saved.', 'events'));
}
Request::redirect('index.php?id=events#locations');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: edit location
if (Request::post('edit_location')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('edit_location');
if (LocationsRepository::update($id, EventsAdmin::_getLocationData())) {
Notification::set('success', __('Location was updated with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Location could not be saved.', 'events'));
}
Request::redirect('index.php?id=events#locations');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: restore location
if (Request::post('restore_trash_location')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('restore_trash_location');
if (LocationsRepository::update($id, array('deleted' => 0))) {
Notification::set('success', __('Location has been restored from trash with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Location could not be restored.', 'events'));
}
Request::redirect('index.php?id=events#trash/trash-locations');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: delete location
if (Request::post('delete_location')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('delete_location');
if (!LocationsRepository::hasEvents($id)) {
if (LocationsRepository::update($id, array('deleted' => 1))) {
Notification::set('success', __('Location has been moved to trash with success!', 'events'));
} else {
Notification::set('error', __('Table->update() returned an error. Location could not be deleted.', 'events'));
}
} else {
Notification::set('error', __('Deletion failed. This location is assigned to at least one event. Remove this location from every event to delete it.', 'events'));
}
Request::redirect('index.php?id=events#locations');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: delete trash location
if (Request::post('delete_trash_location')) {
if (Security::check(Request::post('csrf'))) {
$id = (int) Request::post('delete_trash_location');
if (LocationsRepository::delete($id)) {
Notification::set('success', __('Location has been deleted permanently with success!', 'events'));
} else {
Notification::set('error', __('Table->delete() returned an error. Location could not be deleted.', 'events'));
}
Request::redirect('index.php?id=events#trash/trash-locations');
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// get upload directories
$directory_list = Dir::scan($path);
$directories = array(DS => DS);
if (!empty($directory_list)) {
foreach ($directory_list as $directory_name) {
$directories[$directory_name] = DS . $directory_name;
}
ksort($directories);
}
// Get files
$file_list = File::scan($path . Option::get('events_image_directory'));
$files = array('' => '');
if (!empty($file_list)) {
foreach ($file_list as $file_name) {
$files[$file_name] = $file_name;
}
ksort($files);
}
if (Request::get('action')) {
switch (Request::get('action')) {
// Request: configuration
case "configuration":
// Request: options
if (Request::post('events_options_update') or Request::post('events_options_update_and_exit')) {
if (Security::check(Request::post('csrf'))) {
Option::update('events_image_directory', (string) Request::post('events_image_directory'));
Option::update('events_placeholder_archive', (string) Request::post('events_placeholder_archive'));
Notification::set('success', __('Configuration has been saved with success!', 'events'));
Request::redirect('index.php?id=events' . (Request::post('events_options_update') ? '&action=configuration' : ''));
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Request: action: resize images
if (Request::post('events_action_resize_images') or Request::post('events_action_resize_images_and_exit')) {
if (Security::check(Request::post('csrf'))) {
$n = 0;
$size = (int) Request::post('events_action_resize_size');
$image_dir = $path . Option::get('events_image_directory');
$image_dir_res = $path . Option::get('events_image_directory') . DS . 'resized';
$images = File::scan($image_dir);
if (!empty($images)) {
// create 'resized' directory if not exists
if (!Dir::exists($image_dir_res)) {
Dir::create($image_dir_res);
}
foreach ($images as $file_name) {
if (File::exists($image_dir_res . DS . $file_name)) {
if (Request::post('events_action_resize_overwrite')) {
File::delete($image_dir_res . DS . $file_name);
} else {
continue;
}
}
list($width, $height) = getimagesize($image_dir . DS . $file_name);
$image_orientation = $width > $height ? Image::HEIGHT : Image::WIDTH;
Image::factory($image_dir . DS . $file_name)->resize($size, $size, $image_orientation)->save($image_dir_res . DS . $file_name);
$n++;
}
Notification::set('success', __($n . ' images have been resized and saved with success!', 'events'));
} else {
Notification::set('error', __('There are no images to resize in configured image directory.', 'events'));
}
Request::redirect('index.php?id=events' . (Request::post('events_action_resize_images') ? '&action=configuration' : ''));
} else {
Notification::set('error', __('Request was denied. Invalid security token. Please refresh the page and try again.', 'events'));
die;
}
}
// Display configuration view
View::factory('events/views/backend/configuration')->assign('directories', $directories)->display();
break;
// Request: statistics
// Request: statistics
case "stats":
// category-events
$categories = CategoriesRepository::getAll();
$categories_active = CategoriesRepository::getActive();
$categories_data = array();
foreach ($categories_active as $c) {
$categories_data[$c['id']] = array('title' => '"' . $c['title'] . '"', 'color' => '"#' . $c['color'] . '"', 'highlight' => '"' . EventsAdmin::adjustBrightness('#' . $c['color'], 25) . '"', 'count' => $categories[$c['id']]['count']);
}
// location-events
$locations = LocationsRepository::getAll();
$locations_active = LocationsRepository::getActive();
$locations_data = array();
foreach ($locations_active as $l) {
$locations_data[$l['id']] = array('title' => '"' . $l['title'] . '"', 'count' => $locations[$l['id']]['count']);
}
$locations_data = EventsAdmin::_sortArrayByFields($locations_data, array('count' => SORT_DESC, 'title' => array(SORT_ASC, SORT_STRING)));
// year-events and year-visitors
$years_data = array();
$categories_years_events = array();
foreach (EventsRepository::getYearEvents() as $year => $events) {
$years_data[$year] = array('number_events' => count($events), 'number_visitors' => array_sum(array_column($events, 'number_visitors')));
foreach ($events as $event) {
$categories_years_events[$event['category']][$year][] = $event;
}
}
$categories_years_data = array();
$categories_years_visitors = array();
foreach ($categories_years_events as $category => $years) {
foreach ($years as $year => $events) {
foreach ($years_data as $total_year => $total_count) {
if ($year == $total_year) {
$categories_years_data[$category][$year] = count($events);
$categories_years_visitors[$category][$year] = array_sum(array_column($events, 'number_visitors'));
} else {
if (array_key_exists($total_year, $categories_years_data[$category])) {
$categories_years_data[$category][$year] = count($events);
$categories_years_visitors[$category][$year] = array_sum(array_column($events, 'number_visitors'));
} else {
$categories_years_data[$category][$total_year] = 0;
$categories_years_visitors[$category][$total_year] = 0;
}
}
}
}
}
// locations
$locations_list = array();
$coordinates = array();
$longitudes = array();
$latitudes = array();
// get location data ready to use with OSM JavaScript
foreach (LocationsRepository::getActive() as $location) {
if ($location['address']) {
$locations_list[] = '"' . $location['address'] . '"';
$coordinates[] = $location['lon'] . ',' . $location['lat'];
$longitudes[] = $location['lon'];
$latitudes[] = $location['lat'];
}
}
// calculate map center
$longitudes = EventsAdmin::_removeOutliers($longitudes, 0.5);
$latitudes = EventsAdmin::_removeOutliers($latitudes, 0.5);
$coordinates_average = array('lon' => array_sum($longitudes) / count($longitudes), 'lat' => array_sum($latitudes) / count($latitudes));
// event visitors and staff
$participants = array();
$events = EventsRepository::getVisitorsAndStaff();
foreach ($events as $event) {
if (!CategoriesRepository::hiddenInArchive($event['category'])) {
$participants[$event['category']][] = array('title' => $event['title'], 'visitors' => (int) $event['number_visitors'], 'staff' => (int) $event['number_staff']);
}
}
// Display statistics view
View::factory('events/views/backend/statistics')->assign('categories', $categories)->assign('categories_active', $categories_active)->assign('categories_data', $categories_data)->assign('locations', $locations)->assign('locations_active', $locations_active)->assign('locations_data', $locations_data)->assign('years_data', $years_data)->assign('categories_years_data', $categories_years_data)->assign('categories_years_visitors', $categories_years_visitors)->assign('coordinates', $coordinates)->assign('coordinates_average', $coordinates_average)->assign('participants', $participants)->display();
break;
}
} else {
// Display index view
View::factory('events/views/backend/index')->assign('categories', CategoriesRepository::getAll())->assign('categories_active', CategoriesRepository::getActive())->assign('categories_select', CategoriesRepository::getActiveForSelect())->assign('categories_deleted', CategoriesRepository::getDeleted())->assign('locations', LocationsRepository::getAll())->assign('locations_active', LocationsRepository::getActive())->assign('locations_select', LocationsRepository::getActiveForSelect())->assign('locations_deleted', LocationsRepository::getDeleted())->assign('events_active', EventsRepository::getActive())->assign('events_upcoming', EventsRepository::getUpcoming())->assign('events_past', EventsRepository::getPast())->assign('events_draft', EventsRepository::getDraft())->assign('events_deleted', EventsRepository::getDeleted())->assign('imagepath', DS . 'public' . DS . 'uploads' . DS . Option::get('events_image_directory') . DS)->assign('files', $files)->display();
}
}
include "../patches.php";
$patch = new Patch(19);
if (!$patch->exists()) {
$createSql = "CREATE TABLE IF NOT EXISTS `notifications` (\n\t\t\t `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t `timestamp` datetime NOT NULL,\n\t\t\t `from_user_id` int(11) unsigned NULL,\n\t\t\t `to_user_id` int(11) unsigned NULL,\n\t\t\t `title` varchar(255) NOT NULL,\n\t\t\t `content` text NOT NULL,\n\t\t\t PRIMARY KEY (`id`),\n\t\t\t FOREIGN KEY (`from_user_id`) REFERENCES users(`id`) ON DELETE CASCADE,\n\t\t\t FOREIGN KEY (`to_user_id`) REFERENCES users(`id`) ON DELETE CASCADE\n\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
db()->execute($createSql);
$sql = "ALTER TABLE users ADD COLUMN `last_notification` int(11) NOT NULL DEFAULT 0 AFTER `registered_on`";
db()->execute($sql);
$content = "Welcome to the new notification center! I'm going to use this to let you know ";
$content .= "about awesome new updates that are happening to BotQueue. Eventually, you will ";
$content .= "receive updates to comments and messages from other users through this system. ";
$content .= "I'm still working on the placement of the notification icon in the full screen ";
$content .= "mode, because I want the icon to be to the left of the username.";
$content .= "\n\n";
$content .= "If you have any issues, or even suggestions, please let me know in either the ";
$content .= "<a href=\"https://groups.google.com/forum/#!forum/botqueue\">google group</a> or at ";
$content .= "<a href=\"https://github.com/Hoektronics/BotQueue/issues\">GitHub issues</a>.";
$content .= "\n\n";
$content .= "Thank you for using BotQueue!";
$content .= "\n\n";
$content .= " ~ Justin Nesselrotte";
$notification = new Notification();
$notification->set('from_user_id', null);
// From the system
$notification->set('to_user_id', null);
// To everyone
$notification->set('timestamp', date("2014-12-24 00:00:00"));
$notification->set('title', 'New notification system');
$notification->set('content', $content);
$notification->save();
$patch->finish("Added notifications table");
}
public function addFriend($fid)
{
$uid = $this->data()->id;
$request = new Request();
$requestInfo = array('uid' => $uid, 'fid' => $fid);
if ($request->delete('friend', $requestInfo)) {
$timestamp = date('Y-m-d H:i:s');
$fields = array('uid' => $uid, 'fid' => $fid, 'timestamp' => $timestamp);
if (!$this->_db->insert('friends', $fields)) {
throw new Exception('There was a problem adding friend');
}
$id = $this->_db->get('friends', "uid = '{$uid}' AND fid = '{$fid}'")->first()->id;
$fields2 = array('uid' => $fid, 'fid' => $uid, 'timestamp' => $timestamp);
if (!$this->_db->insert('friends', $fields2)) {
$this->_db->delete('friends', "id = '{$id}'");
throw new Exception('There was a problem adding friend');
}
$notification = new Notification();
$notification->set(array('uid' => $uid, 'fid' => $fid, 'type' => 'friend_added', 'timestamp' => $timestamp));
$notification->set(array('uid' => $fid, 'fid' => $uid, 'type' => 'friend_added', 'timestamp' => $timestamp));
return true;
}
return false;
}
/**
* Authenticate
*
* @access protected
* @return boolean
*/
protected function _authenticate()
{
if (!$this->_validate()) {
return false;
}
$remember = false;
$user = $this->input->post("identity");
$pass = $this->input->post("password");
if ($this->ion_auth->login($user, $pass, $remember)) {
return true;
}
//Check if the error returned contained a not_active string
if (stristr($this->ion_auth->errors(), "not_active") == false) {
Notification::set(Auth::DANGER, "You have entered a wrong username or password.");
} else {
Notification::set(Auth::DANGER, "Your account has been deactivated. Contact info@kukua.cc");
}
return false;
}
/**
* Get Password Reset
*/
public static function getPasswordReset()
{
// Is User Loged in ?
if (!Session::get('user_id')) {
$errors = array();
$site_url = Option::get('siteurl');
$site_name = Option::get('sitename');
// Reset Password from hash
if (Request::get('hash')) {
// Get user with specific hash
$user = Users::$users->select("[hash='" . Request::get('hash') . "']", null);
// If user exists
if (count($user) > 0 && $user['hash'] == Request::get('hash')) {
// Generate new password
$new_password = Text::random('alnum', 6);
// Update user profile
// Set new hash and new password
Users::$users->updateWhere("[login='******'login'] . "']", array('hash' => Text::random('alnum', 12), 'password' => Security::encryptPassword($new_password)));
$mail = new PHPMailer();
$mail->CharSet = 'utf-8';
$mail->ContentType = 'text/html';
$mail->SetFrom(Option::get('system_email'));
$mail->AddReplyTo(Option::get('system_email'));
$mail->AddAddress($user['email'], $user['login']);
$mail->Subject = __('Your new password for :site_name', 'users', array(':site_name' => $site_name));
$mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')->assign('site_url', $site_url)->assign('site_name', $site_name)->assign('user_id', $user['id'])->assign('user_login', $user['login'])->assign('new_password', $new_password)->assign('email_template', 'new-password')->render());
$mail->Send();
// Set notification
Notification::set('success', __('New password has been sent', 'users'));
// Redirect to password-reset page
Request::redirect(Site::url() . '/users/login');
}
}
// Reset Password Form Submit
if (Request::post('reset_password_submit')) {
$user_login = trim(Request::post('login'));
// Check csrf
if (Security::check(Request::post('csrf'))) {
if (Option::get('captcha_installed') == 'true' && !CryptCaptcha::check(Request::post('answer'))) {
$errors['users_captcha_wrong'] = __('Captcha code is wrong', 'users');
}
if ($user_login == '') {
$errors['users_empty_field'] = __('Required field', 'users');
}
if ($user_login != '' && !Users::$users->select("[login='******']")) {
$errors['users_user_doesnt_exists'] = __('This user doesnt exist', 'users');
}
if (count($errors) == 0) {
// Get user
$user = Users::$users->select("[login='******']", null);
// Generate new hash
$new_hash = Text::random('alnum', 12);
// Update user hash
Users::$users->updateWhere("[login='******']", array('hash' => $new_hash));
$mail = new PHPMailer();
$mail->CharSet = 'utf-8';
$mail->ContentType = 'text/html';
$mail->SetFrom(Option::get('system_email'));
$mail->AddReplyTo(Option::get('system_email'));
$mail->AddAddress($user['email'], $user['login']);
$mail->Subject = __('Your login details for :site_name', 'users', array(':site_name' => $site_name));
$mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')->assign('site_url', $site_url)->assign('site_name', $site_name)->assign('user_id', $user['id'])->assign('user_login', $user['login'])->assign('new_hash', $new_hash)->assign('email_template', 'reset-password')->render());
$mail->Send();
// Set notification
Notification::set('success', __('Your login details for :site_name has been sent', 'users', array(':site_name' => $site_name)));
// Redirect to password-reset page
Request::redirect(Site::url() . '/users/password-reset');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
View::factory('box/users/views/frontend/password_reset')->assign('errors', $errors)->assign('user_login', trim(Request::post('login')))->display();
}
}
