/**
* Mail form
*
* @param integer $form_id
* @param array $data
* @return boolean true on succes, or false on fail
*/
function mail($form_id, $data)
{
$sm = vivvo_lite_site::get_instance();
if (!vivvo_hooks_manager::call('form_builder_mail', array(&$form_id, &$delete))) {
return vivvo_hooks_manager::get_status();
}
require_once VIVVO_FS_FRAMEWORK . 'PEAR/Mail.php';
$form_list = new FormBuilderForms_list();
$form = $form_list->get_form_by_id($form_id);
$data = array_map('urldecode', $data);
$attachments = array();
if ($form !== false) {
$form_element_list = new FormBuilderFields_list($this->_site_manager);
$form_element_list->get_elements_by_form_id($form->id);
$message = '';
foreach ($form_element_list->list as $field) {
if ($field->required && !key_exists($field->name, $data) && $data[$field->name] !== '' && $field->type != 'file_upload') {
$this->set_error_code(10712);
return false;
} else {
if ($field->required && $field->type == 'file_upload' && empty($_FILES['PFB_' . $field->name]['name'])) {
$this->set_error_code(10712);
return false;
}
}
if (key_exists($field->name, $data)) {
if ($field->reg_exp) {
if (!preg_match('/^' . $field->reg_exp . '$/', $data[$field->name])) {
$this->set_error_code(10713);
return false;
}
}
if ($field->type != 'submit') {
if ($field->label != '') {
$message .= $field->label . ': ' . $data[$field->name] . "\n";
} else {
$message .= $field->name . ': ' . $data[$field->name] . "\n";
}
}
}
if ($field->type == 'file_upload' && isset($_FILES['PFB_' . $field->name])) {
$attachments[] = 'PFB_' . $field->name;
}
}
if ($form->email) {
$files = array();
if (count($attachments)) {
foreach ($attachments as $attachment) {
if ($_FILES[$attachment]['error'] == 0 && $_FILES[$attachment]['size'] > 0 && $_FILES[$attachment]['size'] <= 2 * 1024 * 1024 && in_array(substr($_FILES[$attachment]['name'], strrpos($_FILES[$attachment]['name'], '.') + 1), array_map('trim', explode(',', VIVVO_ALLOWED_EXTENSIONS))) && is_uploaded_file($_FILES[$attachment]['tmp_name'])) {
$filename = VIVVO_FS_INSTALL_ROOT . 'cache/' . md5(uniqid(mt_rand(), true)) . basename($_FILES[$attachment]['name']);
if (move_uploaded_file($_FILES[$attachment]['tmp_name'], $filename)) {
$files[] = array($filename, basename($_FILES[$attachment]['name']));
}
}
}
}
$headers['From'] = VIVVO_ADMINISTRATORS_EMAIL;
$headers['Subject'] = "=?UTF-8?B?" . base64_encode($form->title) . "?=";
if (!count($files)) {
$headers['Content-Type'] = "text/plain; charset=UTF-8;";
} else {
require_once VIVVO_FS_INSTALL_ROOT . 'lib/vivvo/framework/PEAR/Mail/mime.php';
$mime = new Mail_mime();
$mime->setTXTBody($message);
foreach ($files as $file) {
$mime->addAttachment($file[0], 'application/octet-stream', $file[1]);
}
$message = $mime->get();
$headers = $mime->headers($headers);
foreach ($files as $file) {
@unlink($file[0]);
}
}
if (VIVVO_EMAIL_SMTP_PHP == 1) {
$mail_object = new Mail();
$mail_object->send($form->email, $headers, $message);
} else {
$mail_options['driver'] = 'smtp';
$mail_options['host'] = VIVVO_EMAIL_SMTP_HOST;
$mail_options['port'] = VIVVO_EMAIL_SMTP_PORT;
$mail_options['localhost'] = 'localhost';
if (VIVVO_EMAIL_SMTP_PASSWORD != '' && VIVVO_EMAIL_SMTP_USERNAME != '') {
$mail_options['auth'] = true;
$mail_options['username'] = VIVVO_EMAIL_SMTP_USERNAME;
$mail_options['password'] = VIVVO_EMAIL_SMTP_PASSWORD;
} else {
$mail_options['auth'] = false;
$mail_options['username'] = '';
$mail_options['password'] = '';
}
$mail_object = Mail::factory('smtp', $mail_options);
$mail_object->send($form->email, $headers, $message);
}
}
if ($form->message) {
return $form->message;
} else {
return ' ';
}
}
}
/**
* Edit comment
*
* @param integer $comment_id
* @param array $data
* @return boolean true on succes, or false on fail
*/
function vote($comment_id, $vote)
{
if (!vivvo_hooks_manager::call('comment_vote', array(&$comment_id, &$vote))) {
return vivvo_hooks_manager::get_status();
}
$sm = vivvo_lite_site::get_instance();
$dm = $sm->get_dump_manager();
if (!$sm->user && $sm->guest_group && $sm->guest_group->group_privileges['ARTICLE_COMMENT'] > 0 || $sm->user && $sm->user->privileges['ARTICLE_COMMENT'] > 0) {
if (!isset($_SESSION['vivvo']['comment'])) {
$_SESSION['vivvo']['comment'] = array();
}
if (in_array($comment_id, $_SESSION['vivvo']['comment'])) {
$this->set_error_code(2222);
return false;
} else {
if ($vote != 1 and $vote != -1) {
$this->set_error_code(2223);
return false;
}
$comment_list = new Comments_list();
$comment = $comment_list->get_comments_by_id($comment_id);
if ($comment !== false) {
$vote += $comment->get_vote();
$comment->set_vote($vote);
$this->_post_master->set_data_object($comment);
if ($this->_post_master->sql_update()) {
$_SESSION['vivvo']['comment'][] = $comment->id;
$dm->add_dump('info', 0, $vote);
return true;
} else {
$this->set_error_code(2224);
return false;
}
} else {
$this->set_error_code(2225);
return false;
}
}
} else {
$this->set_error_code(2226);
return false;
}
}
function group_edit($group_id, $in_group)
{
if (!$this->check_token()) {
return false;
}
if (!vivvo_hooks_manager::call('vivvoCore_groupEdit', array(&$group_id, &$in_group))) {
return vivvo_hooks_manager::get_status();
}
if ($this->_user && $this->_user->is_admin()) {
$sm = vivvo_lite_site::get_instance();
$user_manager = $sm->get_user_manager();
$group = $user_manager->get_group_by_id($group_id);
if ($group) {
if (VIVVO_USER_SOURCE == 'vivvo@localhost') {
$group->name = $in_group['name'];
$this->_post_master->set_data_object($group);
if (!$this->_post_master->sql_update()) {
$this->set_error_code(5115);
return false;
}
}
if ($user_manager->save_group_privileges($group, $in_group['privileges'])) {
admin_log($sm->user->get_username(), 'Edited group #' . $group_id);
return true;
} else {
$this->set_error_code(5116);
return false;
}
} else {
$this->set_error_code(5117);
return false;
}
} else {
$this->set_error_code(5118);
return false;
}
}
/**
* Change password procedure
*
* @param array $user_data
* @return boolean true on success or false on fail
*/
function change_password($user_data)
{
if (!$this->check_token()) {
return false;
}
if (!vivvo_hooks_manager::call('login_changePassword', array(&$user_data))) {
return vivvo_hooks_manager::get_status();
}
$key = $user_data['key'];
$user_list = new Users_list();
$user = $user_list->get_user_by_forgot_md5($key);
if ($user === false) {
$this->set_error_code(2713);
return false;
} else {
if (strlen($user_data['password']) < 6) {
$this->set_error_code(2706);
return false;
}
if ($user_data['password'] != $user_data['retype_password']) {
$this->set_error_code(2707);
return false;
}
$user_data['password'] = md5($user_data['password']);
$user->set_password($user_data['password']);
$this->_post_master->set_data_object($user);
if ($this->_post_master->sql_update()) {
admin_log($user->get_username(), ' Changed password');
return true;
} else {
$this->set_error_code(2711);
return false;
}
}
}
/**
* Remove tag from tag group
*
* @param int $tag_id
* @param int $group_id
*/
public function remove_tag_from_group($tag_id, $group_id)
{
if (!vivvo_hooks_manager::call('tag_removeTagFromGroup', array(&$tag_id, &$group_id))) {
return vivvo_hooks_manager::get_status();
}
$user = vivvo_lite_site::get_instance()->user;
if ($user && $user->can('MANAGE_TAGS')) {
$tag_group_rel = new TagsToTagsGroups_list();
$tag_group_rel->get_rel($tag_id, $group_id);
if ($tag_group_rel->sql_delete_list($this->_post_master)) {
return true;
}
$this->set_error_code(2416);
return false;
}
$this->set_error_code(2410);
return false;
}
/**
* Report 404 error via e-mail
*
* @param integer $comment_id
* @return boolean true on succes, or false on fail
*/
function report_404($url, $referrer = '')
{
if (!vivvo_hooks_manager::call('user_report404', array(&$url))) {
return vivvo_hooks_manager::get_status();
}
require_once dirname(__FILE__) . '/../../../lib/vivvo/framework/PEAR/Mail.php';
$url = htmlspecialchars($url);
$referrer = htmlspecialchars($referrer);
if (VIVVO_EMAIL_ENABLE == 1) {
$lang = vivvo_lang::get_instance();
$body .= $lang->get_value('LNG_REPORT_404_BODY') . "\n";
$body .= 'URL : ' . $url . "\n";
$body .= 'Referrer : ' . $referrer . "\n\n";
$to = VIVVO_ADMINISTRATORS_EMAIL;
$headers['From'] = VIVVO_ADMINISTRATORS_EMAIL;
$headers['To'] = VIVVO_ADMINISTRATORS_EMAIL;
$subject = str_replace('<WEBSITE_TITLE>', VIVVO_WEBSITE_TITLE, $lang->get_value('LNG_REPORT_404_MAIL_SUBJECT'));
$headers['Subject'] = "=?UTF-8?B?" . base64_encode($subject) . "?=";
$headers['Content-Type'] = "text/plain; charset=UTF-8;";
if (VIVVO_EMAIL_SMTP_PHP == 1) {
$mail_object = new Mail();
$mail_object->send($to, $headers, $body);
} else {
$mail_options['driver'] = 'smtp';
$mail_options['host'] = VIVVO_EMAIL_SMTP_HOST;
$mail_options['port'] = VIVVO_EMAIL_SMTP_PORT;
$mail_options['localhost'] = 'localhost';
if (VIVVO_EMAIL_SMTP_PASSWORD != '' && VIVVO_EMAIL_SMTP_USERNAME != '') {
$mail_options['auth'] = true;
$mail_options['username'] = VIVVO_EMAIL_SMTP_USERNAME;
$mail_options['password'] = VIVVO_EMAIL_SMTP_PASSWORD;
} else {
$mail_options['auth'] = false;
$mail_options['username'] = '';
$mail_options['password'] = '';
}
$mail_object =& Mail::factory('smtp', $mail_options);
$mail_object->send($to, $headers, $body);
}
return true;
}
}
/**
* Delete user filter
*
* @param integer $filter_id
* @return boolean true on success or false on fail
*/
function delete_UserFilters($filter_id)
{
if (!$this->check_token()) {
return false;
}
if (!vivvo_hooks_manager::call('UserFilter_delete', array(&$filter_id))) {
return vivvo_hooks_manager::get_status();
}
$sm = vivvo_lite_site::get_instance();
if ($sm->user) {
$filter_list = new UserFilters_list();
$filter_list->get_UserFilter_by_id($filter_id);
if ($filter_list->sql_delete_list($this->_post_master)) {
admin_log($sm->user->get_username(), 'Deleted user filter #' . $filter_id);
return true;
} else {
$this->set_error_code(2503);
return false;
}
} else {
$this->set_error_code(2504);
return false;
}
}
function rm_dir($dir)
{
if (!$this->check_token()) {
return false;
}
if (!vivvo_hooks_manager::call('asset_delete_dir', array(&$dir))) {
return vivvo_hooks_manager::get_status();
}
$sm = vivvo_lite_site::get_instance();
if ($sm->user) {
if ($sm->user->is('ASSET_MANAGER') or $sm->user->can('MANAGE_FILES')) {
$fulldir = VIVVO_FS_ROOT . $dir;
if (substr($fulldir, -1) != '/') {
$fulldir .= '/';
}
if (file_exists($fulldir) and is_dir($fulldir) and $files = @scandir($fulldir)) {
//quick check if not empty
if (count($files) > 3) {
$this->set_error_code(2832);
return false;
}
foreach ($files as $f) {
//check if any files inthere
if ($f != '.' and $f != '..' and $f != '.htstampdir') {
$this->set_error_code(2832);
return false;
}
}
//remove flagfile, if any
@unlink($fulldir . '.htstampdir');
// try to delete
if (@rmdir($fulldir)) {
admin_log($sm->user->get_username(), 'Removed directory ' . $fulldir);
$parts = explode('/', $dir);
$name = secure_sql(end($parts));
array_pop($parts);
$path = md5(implode('/', $parts) . '/');
$sm->get_db()->exec('DELETE FROM ' . VIVVO_DB_PREFIX . "asset_files WHERE path_md5 = '{$path}' AND name = '{$name}'");
return true;
} else {
$this->set_error_code(2831);
return false;
}
} else {
$this->set_error_code(2836);
return false;
}
} else {
$this->set_error_code(2826);
return false;
}
} else {
$this->set_error_code(2827);
return false;
}
}
/**
* Edit plugin preferences.
*
* @param string $variable_name
* @param int $variable_value
* @return bool true on succes or false on failure
*/
public function preferences_feed($variable_name, $variable_value)
{
if (!$this->check_token()) {
return false;
}
$sm = vivvo_lite_site::get_instance();
if ($sm->user and $sm->user->can('MANAGE_PLUGIN', 'feed_importer')) {
if (!vivvo_hooks_manager::call('feed_preferences', array(&$variable_name, &$variable_value))) {
return vivvo_hooks_manager::get_status();
}
require_once VIVVO_FS_FRAMEWORK . 'vivvo_preference.php';
$preferences_list = new preferences_list();
$preferences = $preferences_list->get_preference_by_variable_name($variable_name);
if ($preferences != false) {
if ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_USER_ID' and $variable_value < 0) {
$variable_value = 1;
} elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_STATUS' and $variable_value != 1) {
$variable_value = 0;
} elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_AUTO_ARCHIVE' and $variable_value <= 0) {
$variable_value = 0;
} elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_AUTO_DELETE' and $variable_value <= 0) {
$variable_value = 0;
} elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_PERIOD' and ($variable_value = (int) $variable_value) <= 0) {
$variable_value = 1;
}
$preferences->set_variable_value($variable_value);
$this->_post_master->set_data_object($preferences);
if ($this->_post_master->sql_update()) {
if ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_PERIOD') {
$pm = $sm->get_plugin_manager();
$cm = $sm->get_cron_manager();
if ($variable_value == 1) {
$variable_value = '*';
} else {
$variable_value = '*/' . $variable_value;
}
$cm->cron_job("19 {$variable_value} * * *", $pm->plugins['feed_importer']['root_dir'] . 'tasks/auto_import_feeds.php', null, 'auto_import_feeds');
}
return true;
} else {
$this->set_error_code(10101);
// can't update plugin preferences
return false;
}
} else {
$this->set_error_code(10102);
// preference does not exists
return false;
}
} else {
$this->set_error_code(10103);
// you don't have sufficient privileges for this action
return false;
}
}
function sql_delete_list($sql_table, $where, $from = false, $commit = true)
{
if ($from) {
$sql = 'DELETE FROM ' . $from . ' WHERE ' . $where;
$sql_table = preg_replace('/^' . VIVVO_DB_PREFIX . '/', '', $from);
} else {
$sql = 'DELETE FROM `' . VIVVO_DB_PREFIX . $sql_table . '` WHERE ' . $where;
}
$db = vivvo_lite_site::get_instance()->get_db();
if ($commit == true || !$db->supports('transactions')) {
$hook = 'db_' . $sql_table . '_delete_list';
if (vivvo_hooks_manager::call($hook . '_pre', array(&$this)) !== false) {
$res = $db->query($sql);
if (PEAR::isError($res)) {
vivvo_lite_site::get_instance()->debug_push("sql:", $res->getMessage(), 1);
return false;
}
vivvo_hooks_manager::call($hook . '_post', array(&$this));
} elseif (!vivvo_hooks_manager::get_status()) {
return false;
}
} else {
$this->stack[] = $sql;
}
vivvo_cache::get_instance()->cleanup();
return true;
}
/**
* Delete category image
*
* @param integer $category_id
* @return boolean true on success or false on fail
*/
function delete_image($category_id)
{
if (!$this->check_token()) {
return false;
}
if (!vivvo_hooks_manager::call('category_deleteImage', array(&$category_id))) {
return vivvo_hooks_manager::get_status();
}
$sm = vivvo_lite_site::get_instance();
if ($sm->user) {
if ($sm->user->is_admin()) {
$category_list = new Categories_list();
$category = $category_list->get_category($category_id);
if ($category !== false) {
$fm = $sm->get_file_manager();
if ($category->image != '') {
if ($fm->delete_fs(VIVVO_FS_ROOT . VIVVO_FS_FILES_DIR . $category->image)) {
$category->set_image('');
$this->_post_master->set_data_object($category);
if ($this->_post_master->sql_update()) {
admin_log($sm->user->get_username(), 'Edited category #' . $category_id);
return true;
} else {
$this->set_error_code(2117);
return false;
}
}
}
} else {
$this->set_error_code(2118);
return false;
}
} else {
$this->set_error_code(2119);
return false;
}
} else {
$this->set_error_code(2120);
return false;
}
}
function email_to_a_friend($article_id, $to, $bcc, $your_email, $message)
{
require_once VIVVO_FS_FRAMEWORK . 'PEAR/Mail.php';
if (!vivvo_hooks_manager::call('article_mail', array(&$article_id, &$to, &$bcc, &$your_email, &$message))) {
return vivvo_hooks_manager::get_status();
}
if (VIVVO_EMAIL_ENABLE == 1) {
if (isset($_SESSION['vivvo']['email_to_friend_time']) && $_SESSION['vivvo']['email_to_friend_time'] + VIVVO_EMAIL_FLOOD_CHECK > VIVVO_START_TIME) {
$this->set_error_code(2202);
return false;
}
$article_list = new Articles_list();
$article = $article_list->get_article_by_id($article_id);
$lang = vivvo_lang::get_instance();
if ($article !== false) {
$to = strip_tags($to);
$bcc = strip_tags($bcc);
if (!preg_match('/^[a-zA-Z0-9_\\-\\/\\.]+@[a-zA-Z0-9_\\-\\/]{2,}([\\.][a-zA-Z0-9_\\-\\/]{2,}){1,}$/', $your_email)) {
$this->set_error_code(2032);
return false;
}
if (!preg_match('/^[a-zA-Z0-9_\\-\\/\\.]+@[a-zA-Z0-9_\\-\\/]{2,}([\\.][a-zA-Z0-9_\\-\\/]{2,}){1,}$/', $bcc)) {
$bcc = '';
}
if (VIVVO_EMAIL_SEND_BCC) {
if ($bcc) {
$bcc .= ', ' . VIVVO_EMAIL_SEND_BCC;
} else {
$bcc = VIVVO_EMAIL_SEND_BCC;
}
}
if (VIVVO_EMAIL_SEND_CC) {
$headers['Cc'] = VIVVO_EMAIL_SEND_CC;
}
if (preg_match('/^[a-zA-Z0-9_\\-\\/\\.]+@[a-zA-Z0-9_\\-\\/]{2,}([\\.][a-zA-Z0-9_\\-\\/]{2,}){1,}$/', $to)) {
$body_template = new template();
$template_sting = xml_template_node::xmlentities_decode(VIVVO_EMAIL_TO_A_FRIEND_BODY);
$body_template->set_string_template($template_sting);
$body_template->assign('article', $article);
$body_template->assign('user_email_address', $your_email);
$body_template->assign('message', $message);
$body = $body_template->get_output() . "\n\n";
$headers['From'] = $your_email;
$recipients = array();
$recipients[] = $to;
if ($bcc != '') {
$headers['Bcc'] = $bcc;
}
$headers['Subject'] = "=?UTF-8?B?" . base64_encode(VIVVO_EMAIL_TO_A_FRIEND_SUBJECT) . "?=";
$headers['Content-Type'] = "text/plain; charset=UTF-8;";
if (VIVVO_EMAIL_SMTP_PHP == 1) {
$mail_object = new Mail();
$mail_object->send($to, $headers, $body);
} else {
$mail_options['driver'] = 'smtp';
$mail_options['host'] = VIVVO_EMAIL_SMTP_HOST;
$mail_options['port'] = VIVVO_EMAIL_SMTP_PORT;
$mail_options['localhost'] = 'localhost';
if (VIVVO_EMAIL_SMTP_PASSWORD != '' && VIVVO_EMAIL_SMTP_USERNAME != '') {
$mail_options['auth'] = true;
$mail_options['username'] = VIVVO_EMAIL_SMTP_USERNAME;
$mail_options['password'] = VIVVO_EMAIL_SMTP_PASSWORD;
} else {
$mail_options['auth'] = false;
$mail_options['username'] = '';
$mail_options['password'] = '';
}
$mail_object = Mail::factory('smtp', $mail_options);
$mail_object->send($to, $headers, $body);
}
$article->set_emailed($article->emailed + 1);
$this->_post_master->set_data_object($article);
if ($this->_post_master->sql_update()) {
$_SESSION['vivvo']['email_to_friend_time'] = time();
return true;
} else {
$this->set_error_code(2033);
return false;
}
} else {
$this->set_error_code(2034);
return false;
}
} else {
$this->set_error_code(2035);
return false;
}
}
}
function move($filename, $destination)
{
if (!$this->check_token()) {
return false;
}
if (!vivvo_hooks_manager::call('file_move', array(&$filename, &$destination))) {
return vivvo_hooks_manager::get_status();
}
$sm = vivvo_lite_site::get_instance();
if ($sm->user) {
if ($sm->user->is('ASSET_MANAGER') || $sm->user->can('MANAGE_FILES')) {
if (file_exists(VIVVO_FS_ROOT . $filename)) {
if (file_exists(VIVVO_FS_ROOT . $destination) && is_dir(VIVVO_FS_ROOT . $destination)) {
if (substr(VIVVO_FS_ROOT . $destination, -1, 1) != '/' && substr(VIVVO_FS_ROOT . $destination, -1, 1) != '\\') {
$destination .= '/';
}
$file = basename(VIVVO_FS_ROOT . $filename);
if (@rename(VIVVO_FS_ROOT . $filename, VIVVO_FS_ROOT . $destination . $file)) {
admin_log($sm->user->get_username(), 'Moved file ' . $filename . ' to ' . $destination);
return true;
} else {
$this->set_error_code(2823);
return false;
}
} else {
$this->set_error_code(2824);
return false;
}
} else {
$this->set_error_code(2825);
return false;
}
} else {
$this->set_error_code(2826);
return false;
}
} else {
$this->set_error_code(2827);
return false;
}
}
/**
* Delete article schedule
*
* @param array $schedule_params
* @return bool
*/
public function delete_schedule($schedule_params)
{
if (!vivvo_hooks_manager::call('schedule_delete', array(&$schedule_params))) {
return vivvo_hooks_manager::get_status();
}
$sm = $this->get_site_manager();
if ($sm->user && $sm->user->can('MANAGE_SCHEDULES')) {
$schedule_list = new ArticlesSchedule_list($sm);
$schedule = $schedule_list->get_schedule_by_id((int) $schedule_params['id']);
if ($schedule) {
$schedule->sql_delete();
return true;
} else {
$this->set_error_code(2805);
}
} else {
$this->set_error_code(2803);
}
return false;
}
