示例#1
0
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
/** @define "BASE" "../../../.." */
if (!defined('EXPONENT')) {
    exit('');
}
// Check for form errors
$post = $_POST;
$post['manual_redirect'] = true;
if (!expValidator::check_antispam($post)) {
    flash('error', gt('Security Validation Failed'));
    expHistory::back();
}
global $db, $user;
$f = $db->selectObject("formbuilder_form", "id=" . intval($_POST['id']));
$rpt = $db->selectObject("formbuilder_report", "form_id=" . intval($_POST['id']));
$controls = $db->selectObjects("formbuilder_control", "form_id=" . $f->id . " and is_readonly=0");
$controls = expSorter::sort(array('array' => $controls, 'sortby' => 'rank', 'order' => 'ASC'));
$db_data = null;
$emailFields = array();
$captions = array();
foreach ($controls as $c) {
    $ctl = unserialize($c->data);
    $control_type = get_class($ctl);
    $def = call_user_func(array($control_type, "getFieldDefinition"));
 function update()
 {
     global $db, $user;
     /* The global constants can be overridden by passing appropriate params */
     //sure wish I could do this once in the constructor. sadly $this->params[] isn't set yet
     $require_login = empty($this->params['require_login']) ? COMMENTS_REQUIRE_LOGIN : $this->params['require_login'];
     $require_approval = empty($this->params['require_approval']) ? COMMENTS_REQUIRE_APPROVAL : $this->params['require_approval'];
     $require_notification = empty($this->params['require_notification']) ? COMMENTS_REQUIRE_NOTIFICATION : $this->params['require_notification'];
     $notification_email = empty($this->params['notification_email']) ? COMMENTS_NOTIFICATION_EMAIL : $this->params['notification_email'];
     // check the anti-spam control
     if (!$user->isLoggedIn()) {
         expValidator::check_antispam($this->params, gt("Your comment could not be posted because anti-spam verification failed.  Please try again."));
     }
     // figure out the name and email address
     if (!empty($user->id) && empty($this->params['id'])) {
         $this->params['name'] = $user->firstname . " " . $user->lastname;
         $this->params['email'] = $user->email;
     }
     // save the comment
     if (empty($require_approval)) {
         $this->expComment->approved = 1;
     }
     $this->expComment->update($this->params);
     // attach the comment to the datatype it belongs to (blog, news, etc..);
     $obj->content_type = $this->params['content_type'];
     $obj->content_id = $this->params['content_id'];
     $obj->expcomments_id = $this->expComment->id;
     if (isset($this->params['subtype'])) {
         $obj->subtype = $this->params['subtype'];
     }
     $db->insertObject($obj, $this->expComment->attachable_table);
     $msg = 'Thank you for posting a comment.';
     if ($require_approval == 1 && !$user->isAdmin()) {
         $msg .= ' ' . gt('Your comment is now pending approval. You will receive an email to') . ' ';
         $msg .= $this->expComment->email . ' ' . gt('letting you know when it has been approved.');
     }
     if ($require_notification && !$user->isAdmin()) {
         $this->sendNotification($this->expComment, $this->params);
     }
     if ($require_approval == 1 && $this->params['approved'] == 1) {
         $this->sendApprovalNotification($this->expComment, $this->params);
     }
     //if ($require_notification && !$user->isAdmin()) {
     //}
     flash('message', $msg);
     expHistory::back();
 }
示例#3
0
 public function send_new_password()
 {
     global $db;
     // find the user
     //        $u = user::getByUsername($this->params['username']);
     $u = user::getUserByName($this->params['username']);
     if (!expValidator::check_antispam($this->params)) {
         expValidator::failAndReturnToForm(gt('Anti-spam verification failed'), $this->params);
     } elseif (empty($u)) {
         expValidator::failAndReturnToForm(gt('We were unable to find an account with that username'), $this->params);
     } elseif (empty($u->email)) {
         expValidator::failAndReturnToForm(gt('Your account does not appear to have an email address.  Please contact the site administrators to reset your password'), $this->params);
     } elseif ($u->isAdmin()) {
         expValidator::failAndReturnToForm(gt('You cannot reset passwords for an administrator account.'), $this->params);
     }
     $tok = null;
     $tok->uid = $u->id;
     $tok->expires = time() + 2 * 3600;
     $tok->token = md5(time()) . uniqid('');
     $email = $template = get_template_for_action($this, 'password_reset_email', $this->loc);
     $email->assign('token', $tok);
     $msg = $email->render();
     $mail = new expMail();
     $mail->quickSend(array('html_message' => $msg, 'to' => trim($u->email), 'from' => SMTP_FROMADDRESS, 'subject' => 'Your password has'));
     $db->delete('passreset_token', 'uid=' . $u->id);
     $db->insertObject($tok, 'passreset_token');
     flash('message', gt('An email has been sent to your email address with instructions on how to finish resetting your password.') . '<br><br>' . gt('The new password is good for 2 hours.  If you have not completed the password reset process in 2 hours time, the new password will expire.'));
     expHistory::back();
 }
示例#4
0
 public function signup()
 {
     global $db;
     // check the anti-spam control
     expValidator::check_antispam($this->params, gt("Anti-spam verification failed.  Please try again."));
     // make sure we have what we need.
     if (empty($this->params['email'])) {
         expQueue::flashAndFlow('error', 'You must supply an email address to sign up for email alerts.');
     }
     if (empty($this->params['ealerts'])) {
         expQueue::flashAndFlow('error', 'You did not select any E-Alert topics to subscribe to.');
     }
     // find or create the subscriber
     $id = $db->selectValue('subscribers', 'id', 'email="' . $this->params['email'] . '"');
     $subscriber = new subscribers($id);
     if (empty($subscriber->id)) {
         $subscriber->email = trim($this->params['email']);
         $subscriber->hash = md5($subscriber->email . time());
         $subscriber->save();
     }
     // delete any old subscriptions and add the user to new subscriptions
     $db->delete('expeAlerts_subscribers', 'subscribers_id=' . $subscriber->id);
     foreach ($this->params['ealerts'] as $ea_id) {
         $obj = null;
         $obj->subscribers_id = $subscriber->id;
         $obj->expeAlerts_id = $ea_id;
         $db->insertObject($obj, 'expeAlerts_subscribers');
     }
     // send a confirmation email to the user.
     $ealerts = $db->selectObjects('expeAlerts', 'id IN (' . implode(',', $this->params['ealerts']) . ')');
     $body = get_template_for_action($this, 'confirmation_email', $this->loc);
     $body->assign('ealerts', $ealerts);
     $body->assign('subscriber', $subscriber);
     $mail = new expMail();
     $mail->quickSend(array('html_message' => $body->render(), 'to' => $subscriber->email, 'from' => SMTP_FROMADDRESS, 'subject' => 'Please confirm your E-Alert subscriptions'));
     redirect_to(array('controller' => 'ealert', 'action' => 'pending', 'id' => $subscriber->id));
 }