/**
* set contact information.
*
* @access public
* @return void
*/
public function setContact()
{
if (!empty($_POST)) {
if (!empty($_POST['email'])) {
if (!validater::checkEmail($this->post->email)) {
$this->send(array('result' => 'fail', 'message' => $this->lang->company->error->email));
}
}
$contact = array('contact' => helper::jsonEncode($_POST));
$result = $this->loadModel('setting')->setItems('system.common.company', $contact);
if ($result) {
$this->send(array('result' => 'success', 'message' => $this->lang->setSuccess));
}
$this->send(array('result' => 'fail', 'message' => $this->lang->fail));
}
$this->view->title = $this->lang->company->setContact;
$this->view->contact = json_decode($this->config->company->contact);
$this->display();
}
/**
* Detect email config auto.
*
* @access public
* @return void
*/
public function detect()
{
if ($_POST) {
$error = '';
if ($this->post->fromAddress == false) {
$error = sprintf($this->lang->error->notempty, $this->lang->mail->fromAddress);
}
if (!validater::checkEmail($this->post->fromAddress)) {
$error .= '\\n' . sprintf($this->lang->error->email, $this->lang->mail->fromAddress);
}
if ($error) {
die(js::alert($error));
}
$mailConfig = $this->mail->autoDetect($this->post->fromAddress);
$mailConfig->fromAddress = $this->post->fromAddress;
$this->session->set('mailConfig', $mailConfig);
die(js::locate(inlink('edit'), 'parent'));
}
$this->view->title = $this->lang->mail->common . $this->lang->colon . $this->lang->mail->detect;
$this->view->position[] = html::a(inlink('index'), $this->lang->mail->common);
$this->view->position[] = $this->lang->mail->detect;
$this->view->fromAddress = $this->session->mailConfig ? $this->session->mailConfig->fromAddress : '';
$this->display();
}
/**
* Detect email config auto.
*
* @access public
* @return void
*/
public function detect()
{
if ($_POST) {
if ($this->post->fromAddress == false) {
$error = sprintf($this->lang->error->notempty, $this->lang->mail->fromAddress);
$message = array('fromAddress' => $error);
$this->send(array('result' => 'fail', 'message' => $message));
}
if (!validater::checkEmail($this->post->fromAddress)) {
$error = sprintf($this->lang->error->email, $this->lang->mail->fromAddress);
$message = array('fromAddress' => $error);
$this->send(array('result' => 'fail', 'message' => $message));
}
$mailConfig = $this->mail->autoDetect($this->post->fromAddress);
$mailConfig->fromAddress = $this->post->fromAddress;
$this->session->set('mailConfig', $mailConfig);
$this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => inlink('edit')));
}
$this->view->title = $this->lang->mail->common . $this->lang->colon . $this->lang->mail->detect;
$this->view->position[] = html::a(inlink('index'), $this->lang->mail->common);
$this->view->position[] = $this->lang->mail->detect;
$this->view->fromAddress = $this->session->mailConfig ? $this->session->mailConfig->fromAddress : '';
$this->display();
}
/**
* Save settings.
*
* @access public
* @return void
*/
public function saveSetting()
{
$errors = '';
if (!$this->post->payment) {
$errors['payment'] = array($this->lang->order->paymentRequired);
}
if (!$this->post->confirmLimit) {
$errors['confirmLimit'] = array($this->lang->order->confirmLimitRequired);
}
if (in_array('alipay', $this->post->payment) and strlen($this->post->pid) != 16) {
$errors['pid'] = array($this->lang->order->placeholder->pid);
}
if (in_array('alipay', $this->post->payment) and strlen($this->post->key) != 32) {
$errors['key'] = array($this->lang->order->placeholder->key);
}
if (in_array('alipay', $this->post->payment) and !validater::checkEmail($this->post->email)) {
$errors['email'] = array(sprintf($this->lang->error->email, $this->lang->order->alipayEmail));
}
if (!empty($errors)) {
return array('result' => 'fail', 'message' => $errors);
}
$shopSetting = array();
$shopSetting['payment'] = join(',', $this->post->payment);
$shopSetting['confirmLimit'] = $this->post->confirmLimit;
$this->loadModel('setting')->setItems('system.common.shop', $shopSetting);
$alipaySetting = array();
$alipaySetting['pid'] = $this->post->pid;
$alipaySetting['key'] = $this->post->key;
$alipaySetting['email'] = $this->post->email;
$result = $this->loadModel('setting')->setItems('system.common.alipay', $alipaySetting);
return array('result' => 'success', 'message' => $this->lang->saveSuccess);
}
/**
* Reply a message.
*
* @param int $messageID
* @access public
* @return void
*/
public function reply($messageID)
{
$account = $this->app->user->account;
$admin = $this->app->user->admin;
$message = $this->getByID($messageID);
$reply = fixer::input('post')->add('objectType', $message->type == 'reply' ? $message->objectType : $message->type)->add('objectID', $message->id)->add('to', $message->account)->add('type', 'reply')->add('date', helper::now())->add('status', '0')->add('public', 1)->setIF($account != 'guest', 'account', $account)->setIF($admin == 'super', 'status', '1')->add('ip', $this->server->REMOTE_ADDR)->get();
$this->dao->insert(TABLE_MESSAGE)->data($reply, $skip = 'captcha')->autoCheck()->check('captcha', 'captcha')->check('type', 'in', $this->config->message->types)->batchCheck($this->config->message->require->reply, 'notempty')->exec();
$replyID = $this->dao->lastInsertId();
if (!dao::isError()) {
if ($admin == 'super') {
$this->dao->update(TABLE_MESSAGE)->set('status')->eq(1)->where('status')->eq(0)->andWhere('id')->eq($messageID)->exec();
if (dao::isError()) {
return false;
}
}
/* if message type is comment , check is user want to receive email reminder */
if (validater::checkEmail($message->email) && ($message->type != 'comment' || $message->receiveEmail)) {
$mail = new stdclass();
$mail->to = $message->email;
$mail->subject = sprintf($this->lang->message->replySubject, $this->config->site->name);
$mail->body = $reply->content;
$this->loadModel('mail')->send($mail->to, $mail->subject, $mail->body);
}
return $replyID;
}
return false;
}
/**
* Batch edit user.
*
* @access public
* @return void
*/
public function batchEdit()
{
if (empty($_POST['verifyPassword']) or md5($this->post->verifyPassword) != $this->app->user->password) {
die(js::alert($this->lang->user->error->verifyPassword));
}
$oldUsers = $this->dao->select('id, account')->from(TABLE_USER)->where('id')->in(array_keys($this->post->account))->fetchPairs('id', 'account');
$accountGroup = $this->dao->select('id, account')->from(TABLE_USER)->where('account')->in($this->post->account)->fetchGroup('account', 'id');
$accounts = array();
foreach ($this->post->account as $id => $account) {
$users[$id]['account'] = $account;
$users[$id]['realname'] = $this->post->realname[$id];
$users[$id]['commiter'] = $this->post->commiter[$id];
$users[$id]['email'] = $this->post->email[$id];
$users[$id]['join'] = $this->post->join[$id];
$users[$id]['dept'] = $this->post->dept[$id] == 'ditto' ? isset($prev['dept']) ? $prev['dept'] : 0 : $this->post->dept[$id];
$users[$id]['role'] = $this->post->role[$id] == 'ditto' ? isset($prev['role']) ? $prev['role'] : 0 : $this->post->role[$id];
if (isset($accountGroup[$account]) and count($accountGroup[$account]) > 1) {
die(js::error(sprintf($this->lang->user->error->accountDupl, $id)));
}
if (in_array($account, $accounts)) {
die(js::error(sprintf($this->lang->user->error->accountDupl, $id)));
}
if (!validater::checkAccount($users[$id]['account'])) {
die(js::error(sprintf($this->lang->user->error->account, $id)));
}
if ($users[$id]['realname'] == '') {
die(js::error(sprintf($this->lang->user->error->realname, $id)));
}
if ($users[$id]['email'] and !validater::checkEmail($users[$id]['email'])) {
die(js::error(sprintf($this->lang->user->error->mail, $id)));
}
if (empty($users[$id]['role'])) {
die(js::error(sprintf($this->lang->user->error->role, $id)));
}
$accounts[$id] = $account;
$prev['dept'] = $users[$id]['dept'];
$prev['role'] = $users[$id]['role'];
}
foreach ($users as $id => $user) {
$this->dao->update(TABLE_USER)->data($user)->where('id')->eq((int) $id)->exec();
if ($user['account'] != $oldUsers[$id]) {
$oldAccount = $oldUsers[$id];
$this->dao->update(TABLE_USERGROUP)->set('account')->eq($user['account'])->where('account')->eq($oldAccount)->exec();
if (strpos($this->app->company->admins, ',' . $oldAccount . ',') !== false) {
$admins = str_replace(',' . $oldAccount . ',', ',' . $user['account'] . ',', $this->app->company->admins);
$this->dao->update(TABLE_COMPANY)->set('admins')->eq($admins)->where('id')->eq($this->app->company->id)->exec();
}
if (!dao::isError() and $this->app->user->account == $oldAccount) {
$this->app->user->account = $users['account'];
}
}
}
}
/**
* Identify a user.
*
* @param string $account the account
* @param string $password the password the plain password or the md5 hash
* @access public
* @return object if is valid user, return the user object.
*/
public function identify($account, $password)
{
if (!$account or !$password) {
return false;
}
/* First get the user from database by account or email. */
$user = $this->dao->setAutolang(false)->select('*')->from(TABLE_USER)->beginIF(validater::checkEmail($account))->where('email')->eq($account)->fi()->beginIF(!validater::checkEmail($account))->where('account')->eq($account)->fi()->fetch();
/* Then check the password hash. */
if (!$user) {
return false;
}
/* Can not login before ten minutes when user is locked. */
if ($user->locked != '0000-00-00 00:00:00') {
$dateDiff = (strtotime($user->locked) - time()) / 60;
/* Check the type of lock and show it. */
if ($dateDiff > 0 && $dateDiff <= 3) {
$this->lang->user->loginFailed = sprintf($this->lang->user->locked, '3' . $this->lang->date->minute);
return false;
} elseif ($dateDiff > 3) {
$dateDiff = ceil($dateDiff / 60 / 24);
$this->lang->user->loginFailed = $dateDiff <= 30 ? sprintf($this->lang->user->locked, $dateDiff . $this->lang->date->day) : $this->lang->user->lockedForEver;
return false;
} else {
$user->fails = 0;
$user->locked = '0000-00-00 00:00:00';
}
}
/* The password can be the plain or the password after md5. */
if (!$this->compareHashPassword($password, $user) and $user->password != $this->createPassword($password, $user->account)) {
/* Save login log if user is admin. */
if ($user->admin == 'super' or $user->admin == 'common') {
$this->saveLog($user->account, 'fail');
}
$user->fails++;
if ($user->fails > 2 * 4) {
$user->locked = date('Y-m-d H:i:s', time() + 3 * 60);
}
$this->dao->setAutolang(false)->update(TABLE_USER)->data($user)->where('id')->eq($user->id)->exec();
return false;
}
/* Update user data. */
$user->ip = $this->server->remote_addr;
$user->last = helper::now();
$user->fails = 0;
$user->visits++;
/* Save login log if user is admin. */
if ($user->admin == 'super' or $user->admin == 'common') {
$this->saveLog($user->account, 'success');
}
$this->dao->setAutolang(false)->update(TABLE_USER)->data($user)->where('account')->eq($account)->exec();
$user->realname = $this->computeRealname($user);
$user->shortLast = substr($user->last, 5, -3);
$user->shortJoin = substr($user->join, 5, -3);
unset($_SESSION['random']);
if (commonModel::isAvailable('score')) {
$viewType = $this->app->getViewType();
if ($user) {
$this->app->user->account = $account;
if ($user->maxLogin > 0) {
$this->app->loadConfig('score');
$login = $this->config->score->counts->login;
$this->dao->update(TABLE_USER)->set('maxLogin = maxLogin - ' . $login)->where('account')->eq($account)->exec();
$this->loadModel('score')->earn('login', '', '', 'LOGIN');
}
}
}
return $user;
}
/**
* Add a blacklist item.
*
* @access public
* @return void
*/
public function addBlacklist()
{
$typeList = $this->lang->guarder->blacklistModes;
if ($_POST) {
$item = $this->post->identity;
$type = 'keywords';
if (validater::checkIP($item)) {
$type = 'ip';
}
if (validater::checkEmail($item)) {
$type = 'email';
}
if (validater::checkAccount($item)) {
$user = $this->loadModel('user')->getByAccount($item);
if (!empty($user)) {
$type = 'account';
}
}
$result = $this->guarder->punish($type, $item, $this->post->reason, $this->post->expired);
if ($result) {
$this->send(array('result' => 'success', 'message' => $this->lang->setSuccess, 'locate' => inlink('blacklist', "mode={$type}")));
}
$this->send(array('result' => 'fail', 'message' => dao::geterror()));
}
$this->view->title = $this->lang->guarder->addBlacklist;
$this->display();
}
/**
* Identify a user.
*
* @param string $account the account
* @param string $password the password the plain password or the md5 hash
* @access public
* @return object if is valid user, return the user object.
*/
public function identify($account, $password)
{
if (!$account or !$password) {
return false;
}
/* First get the user from database by account or email. */
$user = $this->dao->select('*')->from(TABLE_USER)->where('deleted')->eq('0')->beginIF(validater::checkEmail($account))->andWhere('email')->eq($account)->fi()->beginIF(!validater::checkEmail($account))->andWhere('account')->eq($account)->fi()->fetch();
/* Then check the password hash. */
if (!$user) {
return false;
}
/* Can not login before ten minutes when user is locked. */
if ($user->locked != '0000-00-00 00:00:00') {
$dateDiff = (strtotime($user->locked) - time()) / 60;
/* Check the type of lock and show it. */
if ($dateDiff > 0 && $dateDiff <= 10) {
$this->lang->user->loginFailed = sprintf($this->lang->user->locked, '10' . $this->lang->date->minute);
return false;
} elseif ($dateDiff > 10) {
$dateDiff = ceil($dateDiff / 60 / 24);
$this->lang->user->loginFailed = $dateDiff <= 30 ? sprintf($this->lang->user->locked, $dateDiff . $this->lang->date->day) : $this->lang->user->lockedForEver;
return false;
} else {
$user->fails = 0;
$user->locked = '0000-00-00 00:00:00';
}
}
/* The password can be the plain or the password after md5. */
if (!$this->compareHashPassword($password, $user)) {
$user->fails++;
if ($user->fails > 2) {
$user->locked = date('Y-m-d H:i:s', time() + 10 * 60);
}
$this->dao->update(TABLE_USER)->data($user)->where('id')->eq($user->id)->exec();
return false;
}
/* Update user data. */
$user->ip = $this->server->remote_addr;
$user->last = helper::now();
$user->ping = helper::now();
$user->fails = 0;
$user->visits++;
/* Update password when create password by oldCreatePassword function. */
$this->dao->update(TABLE_USER)->data($user)->where('account')->eq($account)->exec();
$user->realname = empty($user->realname) ? $account : $user->realname;
$user->shortLast = substr($user->last, 5, -3);
$user->shortJoin = substr($user->join, 5, -3);
unset($_SESSION['random']);
/* Save sign in info. */
$this->loadModel('attend', 'oa')->signIn($user->account);
/* Return him.*/
return $user;
}
/**
* Send mail code.
*
* @access public
* @return void
*/
public function sendMailCode($account = '')
{
$account = ($account and $account != 'qq') ? $account : $this->app->user->account;
$user = $this->loadModel('user')->getByAccount($account);
$email = $this->post->email ? $this->post->email : $user->email;
$lastSendVar = "lastSendTo{$account}";
$lastSendTime = $this->session->{$lastSendVar};
if (time() - $lastSendTime < 180) {
$this->send(array('result' => 'fail', 'message' => $this->lang->mail->trySendlater));
}
if (!$this->config->mail->turnon) {
$this->send(array('result' => 'fail', 'message' => $this->lang->mail->noConfigure));
}
if (empty($email)) {
$this->send(array('result' => 'fail', 'message' => $this->lang->mail->noEmail));
}
if (!validater::checkEmail($email)) {
$this->send(array('result' => 'fail', 'message' => $this->lang->mail->error));
}
if (!$lastSendTime or time() - $lastSendTime > 1800 or !$this->session->verifyCode) {
$this->session->set('verifyCode', mt_rand());
}
$content = sprintf($this->lang->mail->sendContent, $account, $this->config->site->name, $this->server->http_host, $this->session->verifyCode, $this->config->site->name);
$this->loadModel('mail')->send($email, $this->lang->mail->captcha, $content, true);
if (!$this->mail->isError()) {
$this->session->set('lastSendTo' . $account, time());
$this->send(array('result' => 'success', 'message' => sprintf($this->lang->mail->sendSuccess, $email)));
}
$error = str_replace('\\n', "<br />", join('', $this->mail->getError()));
$this->send(array('result' => 'fail', 'message' => $error));
}
