/** * Mail form * * @param integer $form_id * @param array $data * @return boolean true on succes, or false on fail */ function mail($form_id, $data) { $sm = vivvo_lite_site::get_instance(); if (!vivvo_hooks_manager::call('form_builder_mail', array(&$form_id, &$delete))) { return vivvo_hooks_manager::get_status(); } require_once VIVVO_FS_FRAMEWORK . 'PEAR/Mail.php'; $form_list = new FormBuilderForms_list(); $form = $form_list->get_form_by_id($form_id); $data = array_map('urldecode', $data); $attachments = array(); if ($form !== false) { $form_element_list = new FormBuilderFields_list($this->_site_manager); $form_element_list->get_elements_by_form_id($form->id); $message = ''; foreach ($form_element_list->list as $field) { if ($field->required && !key_exists($field->name, $data) && $data[$field->name] !== '' && $field->type != 'file_upload') { $this->set_error_code(10712); return false; } else { if ($field->required && $field->type == 'file_upload' && empty($_FILES['PFB_' . $field->name]['name'])) { $this->set_error_code(10712); return false; } } if (key_exists($field->name, $data)) { if ($field->reg_exp) { if (!preg_match('/^' . $field->reg_exp . '$/', $data[$field->name])) { $this->set_error_code(10713); return false; } } if ($field->type != 'submit') { if ($field->label != '') { $message .= $field->label . ': ' . $data[$field->name] . "\n"; } else { $message .= $field->name . ': ' . $data[$field->name] . "\n"; } } } if ($field->type == 'file_upload' && isset($_FILES['PFB_' . $field->name])) { $attachments[] = 'PFB_' . $field->name; } } if ($form->email) { $files = array(); if (count($attachments)) { foreach ($attachments as $attachment) { if ($_FILES[$attachment]['error'] == 0 && $_FILES[$attachment]['size'] > 0 && $_FILES[$attachment]['size'] <= 2 * 1024 * 1024 && in_array(substr($_FILES[$attachment]['name'], strrpos($_FILES[$attachment]['name'], '.') + 1), array_map('trim', explode(',', VIVVO_ALLOWED_EXTENSIONS))) && is_uploaded_file($_FILES[$attachment]['tmp_name'])) { $filename = VIVVO_FS_INSTALL_ROOT . 'cache/' . md5(uniqid(mt_rand(), true)) . basename($_FILES[$attachment]['name']); if (move_uploaded_file($_FILES[$attachment]['tmp_name'], $filename)) { $files[] = array($filename, basename($_FILES[$attachment]['name'])); } } } } $headers['From'] = VIVVO_ADMINISTRATORS_EMAIL; $headers['Subject'] = "=?UTF-8?B?" . base64_encode($form->title) . "?="; if (!count($files)) { $headers['Content-Type'] = "text/plain; charset=UTF-8;"; } else { require_once VIVVO_FS_INSTALL_ROOT . 'lib/vivvo/framework/PEAR/Mail/mime.php'; $mime = new Mail_mime(); $mime->setTXTBody($message); foreach ($files as $file) { $mime->addAttachment($file[0], 'application/octet-stream', $file[1]); } $message = $mime->get(); $headers = $mime->headers($headers); foreach ($files as $file) { @unlink($file[0]); } } if (VIVVO_EMAIL_SMTP_PHP == 1) { $mail_object = new Mail(); $mail_object->send($form->email, $headers, $message); } else { $mail_options['driver'] = 'smtp'; $mail_options['host'] = VIVVO_EMAIL_SMTP_HOST; $mail_options['port'] = VIVVO_EMAIL_SMTP_PORT; $mail_options['localhost'] = 'localhost'; if (VIVVO_EMAIL_SMTP_PASSWORD != '' && VIVVO_EMAIL_SMTP_USERNAME != '') { $mail_options['auth'] = true; $mail_options['username'] = VIVVO_EMAIL_SMTP_USERNAME; $mail_options['password'] = VIVVO_EMAIL_SMTP_PASSWORD; } else { $mail_options['auth'] = false; $mail_options['username'] = ''; $mail_options['password'] = ''; } $mail_object = Mail::factory('smtp', $mail_options); $mail_object->send($form->email, $headers, $message); } } if ($form->message) { return $form->message; } else { return ' '; } } }
/** * Edit comment * * @param integer $comment_id * @param array $data * @return boolean true on succes, or false on fail */ function vote($comment_id, $vote) { if (!vivvo_hooks_manager::call('comment_vote', array(&$comment_id, &$vote))) { return vivvo_hooks_manager::get_status(); } $sm = vivvo_lite_site::get_instance(); $dm = $sm->get_dump_manager(); if (!$sm->user && $sm->guest_group && $sm->guest_group->group_privileges['ARTICLE_COMMENT'] > 0 || $sm->user && $sm->user->privileges['ARTICLE_COMMENT'] > 0) { if (!isset($_SESSION['vivvo']['comment'])) { $_SESSION['vivvo']['comment'] = array(); } if (in_array($comment_id, $_SESSION['vivvo']['comment'])) { $this->set_error_code(2222); return false; } else { if ($vote != 1 and $vote != -1) { $this->set_error_code(2223); return false; } $comment_list = new Comments_list(); $comment = $comment_list->get_comments_by_id($comment_id); if ($comment !== false) { $vote += $comment->get_vote(); $comment->set_vote($vote); $this->_post_master->set_data_object($comment); if ($this->_post_master->sql_update()) { $_SESSION['vivvo']['comment'][] = $comment->id; $dm->add_dump('info', 0, $vote); return true; } else { $this->set_error_code(2224); return false; } } else { $this->set_error_code(2225); return false; } } } else { $this->set_error_code(2226); return false; } }
function group_edit($group_id, $in_group) { if (!$this->check_token()) { return false; } if (!vivvo_hooks_manager::call('vivvoCore_groupEdit', array(&$group_id, &$in_group))) { return vivvo_hooks_manager::get_status(); } if ($this->_user && $this->_user->is_admin()) { $sm = vivvo_lite_site::get_instance(); $user_manager = $sm->get_user_manager(); $group = $user_manager->get_group_by_id($group_id); if ($group) { if (VIVVO_USER_SOURCE == 'vivvo@localhost') { $group->name = $in_group['name']; $this->_post_master->set_data_object($group); if (!$this->_post_master->sql_update()) { $this->set_error_code(5115); return false; } } if ($user_manager->save_group_privileges($group, $in_group['privileges'])) { admin_log($sm->user->get_username(), 'Edited group #' . $group_id); return true; } else { $this->set_error_code(5116); return false; } } else { $this->set_error_code(5117); return false; } } else { $this->set_error_code(5118); return false; } }
/** * Change password procedure * * @param array $user_data * @return boolean true on success or false on fail */ function change_password($user_data) { if (!$this->check_token()) { return false; } if (!vivvo_hooks_manager::call('login_changePassword', array(&$user_data))) { return vivvo_hooks_manager::get_status(); } $key = $user_data['key']; $user_list = new Users_list(); $user = $user_list->get_user_by_forgot_md5($key); if ($user === false) { $this->set_error_code(2713); return false; } else { if (strlen($user_data['password']) < 6) { $this->set_error_code(2706); return false; } if ($user_data['password'] != $user_data['retype_password']) { $this->set_error_code(2707); return false; } $user_data['password'] = md5($user_data['password']); $user->set_password($user_data['password']); $this->_post_master->set_data_object($user); if ($this->_post_master->sql_update()) { admin_log($user->get_username(), ' Changed password'); return true; } else { $this->set_error_code(2711); return false; } } }
/** * Remove tag from tag group * * @param int $tag_id * @param int $group_id */ public function remove_tag_from_group($tag_id, $group_id) { if (!vivvo_hooks_manager::call('tag_removeTagFromGroup', array(&$tag_id, &$group_id))) { return vivvo_hooks_manager::get_status(); } $user = vivvo_lite_site::get_instance()->user; if ($user && $user->can('MANAGE_TAGS')) { $tag_group_rel = new TagsToTagsGroups_list(); $tag_group_rel->get_rel($tag_id, $group_id); if ($tag_group_rel->sql_delete_list($this->_post_master)) { return true; } $this->set_error_code(2416); return false; } $this->set_error_code(2410); return false; }
/** * Report 404 error via e-mail * * @param integer $comment_id * @return boolean true on succes, or false on fail */ function report_404($url, $referrer = '') { if (!vivvo_hooks_manager::call('user_report404', array(&$url))) { return vivvo_hooks_manager::get_status(); } require_once dirname(__FILE__) . '/../../../lib/vivvo/framework/PEAR/Mail.php'; $url = htmlspecialchars($url); $referrer = htmlspecialchars($referrer); if (VIVVO_EMAIL_ENABLE == 1) { $lang = vivvo_lang::get_instance(); $body .= $lang->get_value('LNG_REPORT_404_BODY') . "\n"; $body .= 'URL : ' . $url . "\n"; $body .= 'Referrer : ' . $referrer . "\n\n"; $to = VIVVO_ADMINISTRATORS_EMAIL; $headers['From'] = VIVVO_ADMINISTRATORS_EMAIL; $headers['To'] = VIVVO_ADMINISTRATORS_EMAIL; $subject = str_replace('<WEBSITE_TITLE>', VIVVO_WEBSITE_TITLE, $lang->get_value('LNG_REPORT_404_MAIL_SUBJECT')); $headers['Subject'] = "=?UTF-8?B?" . base64_encode($subject) . "?="; $headers['Content-Type'] = "text/plain; charset=UTF-8;"; if (VIVVO_EMAIL_SMTP_PHP == 1) { $mail_object = new Mail(); $mail_object->send($to, $headers, $body); } else { $mail_options['driver'] = 'smtp'; $mail_options['host'] = VIVVO_EMAIL_SMTP_HOST; $mail_options['port'] = VIVVO_EMAIL_SMTP_PORT; $mail_options['localhost'] = 'localhost'; if (VIVVO_EMAIL_SMTP_PASSWORD != '' && VIVVO_EMAIL_SMTP_USERNAME != '') { $mail_options['auth'] = true; $mail_options['username'] = VIVVO_EMAIL_SMTP_USERNAME; $mail_options['password'] = VIVVO_EMAIL_SMTP_PASSWORD; } else { $mail_options['auth'] = false; $mail_options['username'] = ''; $mail_options['password'] = ''; } $mail_object =& Mail::factory('smtp', $mail_options); $mail_object->send($to, $headers, $body); } return true; } }
/** * Delete user filter * * @param integer $filter_id * @return boolean true on success or false on fail */ function delete_UserFilters($filter_id) { if (!$this->check_token()) { return false; } if (!vivvo_hooks_manager::call('UserFilter_delete', array(&$filter_id))) { return vivvo_hooks_manager::get_status(); } $sm = vivvo_lite_site::get_instance(); if ($sm->user) { $filter_list = new UserFilters_list(); $filter_list->get_UserFilter_by_id($filter_id); if ($filter_list->sql_delete_list($this->_post_master)) { admin_log($sm->user->get_username(), 'Deleted user filter #' . $filter_id); return true; } else { $this->set_error_code(2503); return false; } } else { $this->set_error_code(2504); return false; } }
function rm_dir($dir) { if (!$this->check_token()) { return false; } if (!vivvo_hooks_manager::call('asset_delete_dir', array(&$dir))) { return vivvo_hooks_manager::get_status(); } $sm = vivvo_lite_site::get_instance(); if ($sm->user) { if ($sm->user->is('ASSET_MANAGER') or $sm->user->can('MANAGE_FILES')) { $fulldir = VIVVO_FS_ROOT . $dir; if (substr($fulldir, -1) != '/') { $fulldir .= '/'; } if (file_exists($fulldir) and is_dir($fulldir) and $files = @scandir($fulldir)) { //quick check if not empty if (count($files) > 3) { $this->set_error_code(2832); return false; } foreach ($files as $f) { //check if any files inthere if ($f != '.' and $f != '..' and $f != '.htstampdir') { $this->set_error_code(2832); return false; } } //remove flagfile, if any @unlink($fulldir . '.htstampdir'); // try to delete if (@rmdir($fulldir)) { admin_log($sm->user->get_username(), 'Removed directory ' . $fulldir); $parts = explode('/', $dir); $name = secure_sql(end($parts)); array_pop($parts); $path = md5(implode('/', $parts) . '/'); $sm->get_db()->exec('DELETE FROM ' . VIVVO_DB_PREFIX . "asset_files WHERE path_md5 = '{$path}' AND name = '{$name}'"); return true; } else { $this->set_error_code(2831); return false; } } else { $this->set_error_code(2836); return false; } } else { $this->set_error_code(2826); return false; } } else { $this->set_error_code(2827); return false; } }
/** * Edit plugin preferences. * * @param string $variable_name * @param int $variable_value * @return bool true on succes or false on failure */ public function preferences_feed($variable_name, $variable_value) { if (!$this->check_token()) { return false; } $sm = vivvo_lite_site::get_instance(); if ($sm->user and $sm->user->can('MANAGE_PLUGIN', 'feed_importer')) { if (!vivvo_hooks_manager::call('feed_preferences', array(&$variable_name, &$variable_value))) { return vivvo_hooks_manager::get_status(); } require_once VIVVO_FS_FRAMEWORK . 'vivvo_preference.php'; $preferences_list = new preferences_list(); $preferences = $preferences_list->get_preference_by_variable_name($variable_name); if ($preferences != false) { if ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_USER_ID' and $variable_value < 0) { $variable_value = 1; } elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_STATUS' and $variable_value != 1) { $variable_value = 0; } elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_AUTO_ARCHIVE' and $variable_value <= 0) { $variable_value = 0; } elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_AUTO_DELETE' and $variable_value <= 0) { $variable_value = 0; } elseif ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_PERIOD' and ($variable_value = (int) $variable_value) <= 0) { $variable_value = 1; } $preferences->set_variable_value($variable_value); $this->_post_master->set_data_object($preferences); if ($this->_post_master->sql_update()) { if ($variable_name == 'VIVVO_PLUGIN_FEED_IMPORTER_PERIOD') { $pm = $sm->get_plugin_manager(); $cm = $sm->get_cron_manager(); if ($variable_value == 1) { $variable_value = '*'; } else { $variable_value = '*/' . $variable_value; } $cm->cron_job("19 {$variable_value} * * *", $pm->plugins['feed_importer']['root_dir'] . 'tasks/auto_import_feeds.php', null, 'auto_import_feeds'); } return true; } else { $this->set_error_code(10101); // can't update plugin preferences return false; } } else { $this->set_error_code(10102); // preference does not exists return false; } } else { $this->set_error_code(10103); // you don't have sufficient privileges for this action return false; } }
function sql_delete_list($sql_table, $where, $from = false, $commit = true) { if ($from) { $sql = 'DELETE FROM ' . $from . ' WHERE ' . $where; $sql_table = preg_replace('/^' . VIVVO_DB_PREFIX . '/', '', $from); } else { $sql = 'DELETE FROM `' . VIVVO_DB_PREFIX . $sql_table . '` WHERE ' . $where; } $db = vivvo_lite_site::get_instance()->get_db(); if ($commit == true || !$db->supports('transactions')) { $hook = 'db_' . $sql_table . '_delete_list'; if (vivvo_hooks_manager::call($hook . '_pre', array(&$this)) !== false) { $res = $db->query($sql); if (PEAR::isError($res)) { vivvo_lite_site::get_instance()->debug_push("sql:", $res->getMessage(), 1); return false; } vivvo_hooks_manager::call($hook . '_post', array(&$this)); } elseif (!vivvo_hooks_manager::get_status()) { return false; } } else { $this->stack[] = $sql; } vivvo_cache::get_instance()->cleanup(); return true; }
/** * Delete category image * * @param integer $category_id * @return boolean true on success or false on fail */ function delete_image($category_id) { if (!$this->check_token()) { return false; } if (!vivvo_hooks_manager::call('category_deleteImage', array(&$category_id))) { return vivvo_hooks_manager::get_status(); } $sm = vivvo_lite_site::get_instance(); if ($sm->user) { if ($sm->user->is_admin()) { $category_list = new Categories_list(); $category = $category_list->get_category($category_id); if ($category !== false) { $fm = $sm->get_file_manager(); if ($category->image != '') { if ($fm->delete_fs(VIVVO_FS_ROOT . VIVVO_FS_FILES_DIR . $category->image)) { $category->set_image(''); $this->_post_master->set_data_object($category); if ($this->_post_master->sql_update()) { admin_log($sm->user->get_username(), 'Edited category #' . $category_id); return true; } else { $this->set_error_code(2117); return false; } } } } else { $this->set_error_code(2118); return false; } } else { $this->set_error_code(2119); return false; } } else { $this->set_error_code(2120); return false; } }
function email_to_a_friend($article_id, $to, $bcc, $your_email, $message) { require_once VIVVO_FS_FRAMEWORK . 'PEAR/Mail.php'; if (!vivvo_hooks_manager::call('article_mail', array(&$article_id, &$to, &$bcc, &$your_email, &$message))) { return vivvo_hooks_manager::get_status(); } if (VIVVO_EMAIL_ENABLE == 1) { if (isset($_SESSION['vivvo']['email_to_friend_time']) && $_SESSION['vivvo']['email_to_friend_time'] + VIVVO_EMAIL_FLOOD_CHECK > VIVVO_START_TIME) { $this->set_error_code(2202); return false; } $article_list = new Articles_list(); $article = $article_list->get_article_by_id($article_id); $lang = vivvo_lang::get_instance(); if ($article !== false) { $to = strip_tags($to); $bcc = strip_tags($bcc); if (!preg_match('/^[a-zA-Z0-9_\\-\\/\\.]+@[a-zA-Z0-9_\\-\\/]{2,}([\\.][a-zA-Z0-9_\\-\\/]{2,}){1,}$/', $your_email)) { $this->set_error_code(2032); return false; } if (!preg_match('/^[a-zA-Z0-9_\\-\\/\\.]+@[a-zA-Z0-9_\\-\\/]{2,}([\\.][a-zA-Z0-9_\\-\\/]{2,}){1,}$/', $bcc)) { $bcc = ''; } if (VIVVO_EMAIL_SEND_BCC) { if ($bcc) { $bcc .= ', ' . VIVVO_EMAIL_SEND_BCC; } else { $bcc = VIVVO_EMAIL_SEND_BCC; } } if (VIVVO_EMAIL_SEND_CC) { $headers['Cc'] = VIVVO_EMAIL_SEND_CC; } if (preg_match('/^[a-zA-Z0-9_\\-\\/\\.]+@[a-zA-Z0-9_\\-\\/]{2,}([\\.][a-zA-Z0-9_\\-\\/]{2,}){1,}$/', $to)) { $body_template = new template(); $template_sting = xml_template_node::xmlentities_decode(VIVVO_EMAIL_TO_A_FRIEND_BODY); $body_template->set_string_template($template_sting); $body_template->assign('article', $article); $body_template->assign('user_email_address', $your_email); $body_template->assign('message', $message); $body = $body_template->get_output() . "\n\n"; $headers['From'] = $your_email; $recipients = array(); $recipients[] = $to; if ($bcc != '') { $headers['Bcc'] = $bcc; } $headers['Subject'] = "=?UTF-8?B?" . base64_encode(VIVVO_EMAIL_TO_A_FRIEND_SUBJECT) . "?="; $headers['Content-Type'] = "text/plain; charset=UTF-8;"; if (VIVVO_EMAIL_SMTP_PHP == 1) { $mail_object = new Mail(); $mail_object->send($to, $headers, $body); } else { $mail_options['driver'] = 'smtp'; $mail_options['host'] = VIVVO_EMAIL_SMTP_HOST; $mail_options['port'] = VIVVO_EMAIL_SMTP_PORT; $mail_options['localhost'] = 'localhost'; if (VIVVO_EMAIL_SMTP_PASSWORD != '' && VIVVO_EMAIL_SMTP_USERNAME != '') { $mail_options['auth'] = true; $mail_options['username'] = VIVVO_EMAIL_SMTP_USERNAME; $mail_options['password'] = VIVVO_EMAIL_SMTP_PASSWORD; } else { $mail_options['auth'] = false; $mail_options['username'] = ''; $mail_options['password'] = ''; } $mail_object = Mail::factory('smtp', $mail_options); $mail_object->send($to, $headers, $body); } $article->set_emailed($article->emailed + 1); $this->_post_master->set_data_object($article); if ($this->_post_master->sql_update()) { $_SESSION['vivvo']['email_to_friend_time'] = time(); return true; } else { $this->set_error_code(2033); return false; } } else { $this->set_error_code(2034); return false; } } else { $this->set_error_code(2035); return false; } } }
function move($filename, $destination) { if (!$this->check_token()) { return false; } if (!vivvo_hooks_manager::call('file_move', array(&$filename, &$destination))) { return vivvo_hooks_manager::get_status(); } $sm = vivvo_lite_site::get_instance(); if ($sm->user) { if ($sm->user->is('ASSET_MANAGER') || $sm->user->can('MANAGE_FILES')) { if (file_exists(VIVVO_FS_ROOT . $filename)) { if (file_exists(VIVVO_FS_ROOT . $destination) && is_dir(VIVVO_FS_ROOT . $destination)) { if (substr(VIVVO_FS_ROOT . $destination, -1, 1) != '/' && substr(VIVVO_FS_ROOT . $destination, -1, 1) != '\\') { $destination .= '/'; } $file = basename(VIVVO_FS_ROOT . $filename); if (@rename(VIVVO_FS_ROOT . $filename, VIVVO_FS_ROOT . $destination . $file)) { admin_log($sm->user->get_username(), 'Moved file ' . $filename . ' to ' . $destination); return true; } else { $this->set_error_code(2823); return false; } } else { $this->set_error_code(2824); return false; } } else { $this->set_error_code(2825); return false; } } else { $this->set_error_code(2826); return false; } } else { $this->set_error_code(2827); return false; } }
/** * Delete article schedule * * @param array $schedule_params * @return bool */ public function delete_schedule($schedule_params) { if (!vivvo_hooks_manager::call('schedule_delete', array(&$schedule_params))) { return vivvo_hooks_manager::get_status(); } $sm = $this->get_site_manager(); if ($sm->user && $sm->user->can('MANAGE_SCHEDULES')) { $schedule_list = new ArticlesSchedule_list($sm); $schedule = $schedule_list->get_schedule_by_id((int) $schedule_params['id']); if ($schedule) { $schedule->sql_delete(); return true; } else { $this->set_error_code(2805); } } else { $this->set_error_code(2803); } return false; }