/** * Load your component. * * @param \Cx\Core\ContentManager\Model\Entity\Page $page The resolved page */ public function load(\Cx\Core\ContentManager\Model\Entity\Page $page) { global $objTemplate, $sessionObj; switch ($this->cx->getMode()) { case \Cx\Core\Core\Controller\Cx::MODE_FRONTEND: if (!isset($sessionObj) || !is_object($sessionObj)) { $sessionObj = \cmsSession::getInstance(); } $objLogin = new \Cx\Core_Modules\Login\Controller\Login(\Env::get('cx')->getPage()->getContent()); $pageTitle = \Env::get('cx')->getPage()->getTitle(); $pageMetaTitle = \Env::get('cx')->getPage()->getMetatitle(); \Env::get('cx')->getPage()->setContent($objLogin->getContent($pageMetaTitle, $pageTitle)); break; case \Cx\Core\Core\Controller\Cx::MODE_BACKEND: if (\FWUser::getFWUserObject()->objUser->login(true)) { \Cx\Core\Csrf\Controller\Csrf::header('location: index.php'); } $this->cx->getTemplate()->addBlockfile('CONTENT_OUTPUT', 'content_master', 'LegacyContentMaster.html'); $objTemplate = $this->cx->getTemplate(); $objLoginManager = new \Cx\Core_Modules\Login\Controller\LoginManager(); $objLoginManager->getPage(); break; default: break; } }
/** * Login to facebook and get the associated cloudrexx user. */ public function login() { $client = new \Google_Client(); $client->setApplicationName('Contrexx Login'); $client->setClientId($this->applicationData[0]); $client->setClientSecret($this->applicationData[1]); $client->setRedirectUri(\Cx\Lib\SocialLogin::getLoginUrl(self::OAUTH_PROVIDER)); $client->setDeveloperKey($this->applicationData[2]); $client->setUseObjects(true); $client->setApprovalPrompt('auto'); $client->setScopes(self::$scopes); self::$google = new \Google_Oauth2Service($client); self::$googleplus = new \Google_PlusService($client); if (isset($_GET['code'])) { try { $client->authenticate(); } catch (\Google_AuthException $e) { } } if (!$client->getAccessToken()) { \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . $client->createAuthUrl()); exit; } self::$userdata = $this->getUserData(); $this->getContrexxUser(self::$userdata['oauth_id']); }
/** * downloads the media * * act: download */ function _downloadMediaOLD() { if (is_file($this->path . $this->getFile)) { \Cx\Core\Csrf\Controller\Csrf::header("Location: " . $this->webPath . $this->getFile); exit; } }
public function preResolve(\Cx\Core\Routing\Url $url) { if ($this->cx->getMode() != \Cx\Core\Core\Controller\Cx::MODE_FRONTEND) { return; } $em = $this->cx->getDb()->getEntityManager(); $rewriteRuleRepo = $em->getRepository($this->getNamespace() . '\\Model\\Entity\\RewriteRule'); $rewriteRules = $rewriteRuleRepo->findAll(array(), array('order' => 'asc')); $last = false; $originalUrl = clone $url; foreach ($rewriteRules as $rewriteRule) { try { $url = $rewriteRule->resolve($url, $last); } catch (\Exception $e) { // This is thrown if the regex of the rule is not valid } if ($last) { break; } } if ($originalUrl->toString() != $url->toString()) { \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . $url->toString(), true, $rewriteRule->getRewriteStatusCode()); die; } }
/** * Login to facebook and get the associated contrexx user. */ public function login() { // fixing timestamp issue with twitter // it is necessary that the twitter server has the same time as our system date_default_timezone_set('UTC'); $tmhOAuth = new \tmhOAuth(array('consumer_key' => $this->applicationData[0], 'consumer_secret' => $this->applicationData[1])); // set the timestamp $tmhOAuth->config['force_timestamp'] = true; $tmhOAuth->config['timestamp'] = time(); if (isset($_GET['oauth_verifier'])) { $tmhOAuth->config['user_token'] = $_SESSION['oauth']['oauth_token']; $tmhOAuth->config['user_secret'] = $_SESSION['oauth']['oauth_token_secret']; $tmhOAuth->request('POST', $tmhOAuth->url('oauth/access_token', ''), array('oauth_verifier' => $_GET['oauth_verifier'], 'x_auth_access_type' => 'read')); $access_token = $tmhOAuth->extract_params($tmhOAuth->response['response']); $tmhOAuth->config['user_token'] = $access_token['oauth_token']; $tmhOAuth->config['user_secret'] = $access_token['oauth_token_secret']; $tmhOAuth->request('GET', $tmhOAuth->url('1.1/account/verify_credentials')); $resp = json_decode($tmhOAuth->response['response']); unset($_SESSION['oauth']); $name = explode(' ', $resp->name); self::$userdata = array('first_name' => $name[0], 'last_name' => $name[1], 'email' => $resp->screen_name . '@twitter.com'); $this->getContrexxUser($resp->id); } else { $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ""), array('oauth_callback' => \Cx\Lib\SocialLogin::getLoginUrl(self::OAUTH_PROVIDER))); $_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']); $url = 'https://api.twitter.com/oauth/authenticate?oauth_token=' . $_SESSION['oauth']['oauth_token']; \Cx\Core\Csrf\Controller\Csrf::header("Location: " . $url); exit; } }
/** * Redirects the browser to the noaccess webpage. * * @return void */ public static function noAccess($redirect = null) { global $objInit; $objFWUser = FWUser::getFWUserObject(); \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . CONTREXX_DIRECTORY_INDEX . '?' . ($objInit->mode == 'backend' ? '' : 'section=Login&' . (!empty($redirect) ? 'redirect=' . $redirect . '&' : '')) . ($objFWUser->objUser->login() ? 'cmd=noaccess' : '')); exit; }
/** * Login to facebook and get the associated contrexx user. */ public function login() { self::$facebook = new \Facebook(array('appId' => $this->applicationData[0], 'secret' => $this->applicationData[1])); $user = self::$facebook->getUser(); if (empty($user) && empty($_GET["state"])) { \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . self::$facebook->getLoginUrl(array('scope' => self::$permissions))); exit; } self::$userdata = $this->getUserData(); $this->getContrexxUser($user); }
/** * Entry details * @global array * @global ADONewConnection * @global array * @return string parsed content */ function getDetails() { global $objDatabase, $_ARRAYLANG; $this->_objTpl->setTemplate($this->pageContent); // Global module index for clones $this->_objTpl->setGlobalVariable('MODULE_INDEX', MODULE_INDEX); $id = intval($_GET['id']); if ($id <= 0) { \Cx\Core\Csrf\Controller\Csrf::header("Location: ?section=DocSys" . MODULE_INDEX); exit; } $query = "\n SELECT id, source, changelog, url1, url2,\n text, date, changelog, title, author\n FROM " . DBPREFIX . "module_docsys" . MODULE_INDEX . "\n WHERE status = 1\n AND id = {$id}\n AND lang={$this->langId}\n AND (startdate<=" . time() . " OR startdate=0)\n AND (enddate>=" . time() . " OR enddate=0)"; $objResult = $objDatabase->SelectLimit($query, 1); while ($objResult && !$objResult->EOF) { $lastUpdate = stripslashes($objResult->fields['changelog']); $date = stripslashes($objResult->fields['date']); $source = stripslashes($objResult->fields['source']); $url1 = stripslashes($objResult->fields['url1']); $url2 = stripslashes($objResult->fields['url2']); $docUrl = ""; $docSource = ""; $docLastUpdate = ""; if (!empty($url1)) { $docUrl = $_ARRAYLANG['TXT_IMPORTANT_HYPERLINKS'] . '<br /><a target="new" href="' . $url1 . '" title="' . $url1 . '">' . $url1 . '</a><br />'; } if (!empty($url2)) { $docUrl .= '<a target="new" href="' . $url2 . '">' . $url2 . '</a><br />'; } if (!empty($source)) { $docSource = $_ARRAYLANG['TXT_SOURCE'] . '<br /><a target="new" href="' . $source . '" title="' . $source . '">' . $source . '</a><br />'; } if (!empty($lastUpdate) and $lastUpdate != $date) { $docLastUpdate = $_ARRAYLANG['TXT_LAST_UPDATE'] . "<br />" . date(ASCMS_DATE_FORMAT, $lastUpdate); } $title = $objResult->fields['title']; $this->_objTpl->setVariable(array('DOCSYS_DATE' => date(ASCMS_DATE_FORMAT, $date), 'DOCSYS_TITLE' => stripslashes($title), 'DOCSYS_AUTHOR' => stripslashes($objResult->fields['author']), 'DOCSYS_TEXT' => stripslashes($objResult->fields['text']), 'DOCSYS_LASTUPDATE' => $docLastUpdate, 'DOCSYS_SOURCE' => $docSource, 'DOCSYS_URL' => $docUrl)); $objResult->MoveNext(); } $this->docSysTitle = strip_tags(stripslashes($title)); return $this->_objTpl->get(); }
/** * Gets the news details * * @global array $_CONFIG * @global array $_ARRAYLANG * @global object $objDatabase * @return string parsed content */ function getDetails() { global $_CONFIG, $objDatabase, $_ARRAYLANG; $this->_objTpl->setTemplate($this->pageContent); $id = intval($_GET['id']); /** * * First get Settings and build footnote * */ $footnotetext = ""; $footnotelink = ""; $footnote = ""; $link = ""; $url = ""; if ($id > 0) { $query = "SELECT *\n\t FROM `" . DBPREFIX . "module_jobs_settings`\n\t WHERE name = 'footnote'\n\t OR name = 'link'\n\t OR name = 'url'\n\t "; $objResult = $objDatabase->Execute($query); while (!$objResult->EOF) { if ($objResult->fields['name'] == "footnote") { $footnote = stripslashes($objResult->fields['value']); } elseif ($objResult->fields['name'] == "link") { $link = stripslashes($objResult->fields['value']); } elseif ($objResult->fields['name'] == "url") { $url = stripslashes($objResult->fields['value']); } $objResult->movenext(); } } $this->_objTpl->setVariable(array('TXT_JOBS_AUTOR' => $_ARRAYLANG['TXT_JOBS_AUTOR'], 'TXT_JOBS_WORKLOC' => $_ARRAYLANG['TXT_JOBS_WORKLOC'], 'TXT_JOBS_WORK_START' => $_ARRAYLANG['TXT_JOBS_WORK_START'], 'TXT_JOBS_WORKLOAD' => $_ARRAYLANG['TXT_JOBS_WORKLOAD'], 'TXT_JOBS_PUBLISHED_AT' => $_ARRAYLANG['TXT_JOBS_PUBLISHED_AT'])); if ($id > 0) { $query = "SELECT id,\n workloc,\n changelog,\n workload,\n work_start,\n text,\n date,\n changelog,\n title,\n author\n FROM " . DBPREFIX . "module_jobs\n WHERE status = 1\n AND id = {$id}\n AND lang=" . $this->langId . "\n AND (startdate<='" . date('Y-m-d') . "' OR startdate='0000-00-00 00:00:00')\n AND (enddate>='" . date('Y-m-d') . "' OR enddate='0000-00-00 00:00:00')"; $objResult = $objDatabase->SelectLimit($query, 1); while (!$objResult->EOF) { $lastUpdate = stripslashes($objResult->fields['changelog']); $date = stripslashes($objResult->fields['date']); $workloc = stripslashes($objResult->fields['workloc']); $workload = stripslashes($objResult->fields['workload']); $work_start = stripslashes($objResult->fields['work_start']); if (empty($work_start) or time() >= $work_start) { $work_start = $_ARRAYLANG['TXT_JOBS_WORK_START_NOW']; } else { $work_start = date("d.m.Y", $work_start); } $docLastUpdate = ""; if (!empty($lastUpdate) and $lastUpdate != $date) { $this->_objTpl->setVariable(array('TXT_JOBS_LASTUPDATE' => $_ARRAYLANG['TXT_JOBS_LASTUPDATE'], 'JOBS_LASTUPDATE' => date(ASCMS_DATE_FORMAT, $lastUpdate))); } $title = stripslashes($objResult->fields['title']); /* * Replace self defined placeholders in $url */ if (!empty($footnote)) { $footnotetext = nl2br($footnote); } if (!empty($link)) { $url = str_replace("%URL%", urlencode($_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']), $url); $url = htmlspecialchars(str_replace("%TITLE%", urlencode(stripslashes($title)), $url), ENT_QUOTES, CONTREXX_CHARSET); $footnotelink = "<a href='{$url}'>{$link}</a>"; } $this->_objTpl->setVariable(array('JOBS_DATE' => date(ASCMS_DATE_FORMAT, $date), 'JOBS_TITLE' => stripslashes($title), 'JOBS_AUTHOR' => stripslashes($objResult->fields['author']), 'JOBS_TEXT' => stripslashes($objResult->fields['text']), 'JOBS_FOOTNOTE' => $footnotetext, 'JOBS_FOOTNOTE_LINK' => $footnotelink, 'JOBS_WORKLOC' => $workloc, 'JOBS_WORKLOAD' => $workload, 'JOBS_WORK_START' => $work_start)); $objResult->MoveNext(); } } else { \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?section=Jobs"); exit; } $this->jobsTitle = strip_tags(stripslashes($title)); return $this->_objTpl->get(); }
public function editThumbnails($post) { /** * @var $cx \Cx\Core\Core\Controller\Cx */ $cx = \Env::get('cx'); $pdo = $cx->getDb()->getPdoConnection(); if (isset($_GET['deleteid'])) { $sth = $pdo->prepare('DELETE FROM `' . DBPREFIX . 'settings_thumbnail` WHERE id = :id'); $sth->bindParam(':id', $_GET['deleteid']); $sth->execute(); } if (isset($_POST['name']) && isset($_POST['size'])) { $stmt = $pdo->prepare('REPLACE INTO `' . DBPREFIX . 'settings_thumbnail`(id, name, size) VALUES (:id, :name, :size)'); $stmt->bindParam(':id', $_POST['id']); $stmt->bindParam(':name', $_POST['name']); $stmt->bindParam(':size', intval($_POST['size'])); $stmt->execute(); } Csrf::header('Location: index.php?cmd=Config&act=image'); die; }
private function download() { global $objInit; $objDownload = new Download(); $objDownload->load(!empty($_GET['download']) ? intval($_GET['download']) : 0); if (!$objDownload->EOF) { // check if the download is expired if ($objDownload->getExpirationDate() && $objDownload->getExpirationDate() < time() || !$objDownload->getActiveStatus()) { \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Error&id=404"); exit; } // check access to download-file if (!$this->hasUserAccessToCategoriesOfDownload($objDownload)) { \Permission::noAccess(base64_encode($objInit->getPageUri())); } // check access to download-file if ($objDownload->getAccessId() && !\Permission::checkAccess(143, 'static', true) && !\Permission::checkAccess($objDownload->getAccessId(), 'dynamic', true) && $objDownload->getOwnerId() != $this->userId) { \Permission::noAccess(base64_encode($objInit->getPageUri())); } $objDownload->incrementDownloadCount(); if ($objDownload->getType() == 'file') { $objDownload->send(); } else { // add socket -> prevent to hide the source from the customer \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . $objDownload->getSource()); } } }
/** * Return the page depending on the $_GET-params * * @global $objPerm * @global $objTemplate * @global $_ARRAYLANG */ function getPage() { global $objPerm, $objTemplate, $_ARRAYLANG; if (!isset($_GET['act'])) { $_GET['act'] = ''; } $_GET['section'] = empty($_GET['section']) ? "" : $_GET['section']; switch ($_GET['section']) { // The categories case 'categories': switch ($_GET['act']) { case 'add': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $content = $this->editCategory(true); $active = "add"; break; case 'edit': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $content = $this->editCategory(); $active = ""; break; case 'update': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $id = $this->updateCategory(); \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=Knowledge" . MODULE_INDEX . "§ion=categories&act=overview&highlight=" . $id); break; case 'insert': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $id = $this->insertCategory(); \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=Knowledge" . MODULE_INDEX . "§ion=categories&act=overview&highlight=" . $id); break; case 'delete': \Permission::checkAccess(ACCESS_ID_EDIT_CATEGORIES, 'static'); $this->deleteCategory(); break; case 'switchState': $this->checkAjaxAccess(ACCESS_ID_EDIT_CATEGORIES); $this->switchCategoryState(); break; case 'sort': $this->checkAjaxAccess(ACCESS_ID_EDIT_CATEGORIES); $this->sortCategory(); break; case 'overview': default: \Permission::checkAccess(ACCESS_ID_CATEGORIES, 'static'); $content = $this->categoriesOverview(); $active = "overview"; break; } $this->categories($content, $active); break; // The articles // The articles case 'articles': switch ($_GET['act']) { case 'add': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $content = $this->editArticle(true); $active = "add"; break; case 'edit': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $content = $this->editArticle(); $active = ""; break; case 'insert': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $id = $this->insertArticle(); $content = $this->articleOverview(); $active = "overview"; break; case 'update': \Permission::checkAccess(ACCESS_ID_EDIT_ARTICLES, 'static'); $id = $this->updateArticle(); $content = $this->articleOverview(); \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=Knowledge" . MODULE_INDEX . "§ion=articles&act=edit&id=" . $id . "&updated=true"); break; case 'getArticles': \Permission::checkAccess(ACCESS_ID_OVERVIEW, 'static'); $this->getArticles(); break; case 'sort': $this->checkAjaxAccess(ACCESS_ID_EDIT_ARTICLES); $this->sortArticles(); break; case 'switchState': $this->checkAjaxAccess(ACCESS_ID_EDIT_ARTICLES); $this->switchArticleState(); break; case 'getTags': \Permission::checkAccess(ACCESS_ID_OVERVIEW, 'static'); $this->getTags(); break; case 'delete': $this->checkAjaxAccess(ACCESS_ID_EDIT_ARTICLES); $this->deleteArticle(); break; case 'overview': default: \Permission::checkAccess(ACCESS_ID_OVERVIEW, 'static'); $content = $this->articleOverview(); $active = "overview"; break; } $this->articles($content, $active); break; case 'settings': \Permission::checkAccess(ACCESS_ID_SETTINGS, 'static'); switch ($_GET['act']) { case 'tidyTags': $this->tidyTags(); break; case 'resetVotes': $this->resetVotes(); break; case 'placeholders': $content = $this->settingsPlaceholders(); $active = "placeholders"; break; case 'update': $this->updateSettings(); try { $this->settings->readSettings(); } catch (DatabaseError $e) { $this->errorMessage = $_ARRAYLANG['TXT_KNOWLEDGE_ERROR_OVERVIEW']; $this->errorMessage .= $e->formatted(); } $content = $this->settingsOverview(); $active = "settings"; break; case 'show': default: $content = $this->settingsOverview(); $active = "settings"; break; } $this->settings($content, $active); break; default: \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=Knowledge" . MODULE_INDEX . "§ion=articles"); } $objTemplate->setVariable(array('CONTENT_TITLE' => $this->pageTitle, 'CONTENT_OK_MESSAGE' => $this->okMessage, 'CONTENT_STATUS_MESSAGE' => $this->errorMessage, 'ADMIN_CONTENT' => $this->tpl->get())); $this->act = $_REQUEST['section']; $this->setNavigation(); }
function modifyEntry() { global $_ARRAYLANG, $_CORELANG, $objDatabase, $_LANGID; \JS::activate('cx'); \JS::activate('jqueryui'); $this->_objTpl->loadTemplateFile('module_' . $this->moduleNameLC . '_modify_entry.html', true, true); $this->pageTitle = $_ARRAYLANG['TXT_MEDIADIR_ENTRIES']; //get seting values parent::getSettings(); $intEntryDourationAlways = ''; $intEntryDourationPeriod = ''; $intEntryDourationShowPeriod = 'none'; $intEntryDourationEnd = 0; $intEntryDourationStart = 0; $strOnSubmit = ''; if (!empty($_GET['id'])) { \Permission::checkAccess(MediaDirectoryAccessIDs::ModifyEntry, 'static'); $pageTitle = $_ARRAYLANG['TXT_MEDIADIR_ENTRY'] . " " . $_ARRAYLANG['TXT_MEDIADIR_EDIT']; $intEntryId = intval($_GET['id']); } else { \Permission::checkAccess(MediaDirectoryAccessIDs::AddEntry, 'static'); $pageTitle = $_ARRAYLANG['TXT_MEDIADIR_ENTRY'] . " " . $_ARRAYLANG['TXT_MEDIADIR_ADD']; $intEntryId = null; } //count forms $objForms = new MediaDirectoryForm(null, $this->moduleName); $arrActiveForms = array(); foreach ($objForms->arrForms as $intFormId => $arrForm) { if ($arrForm['formActive'] == 1) { $arrActiveForms[] = $intFormId; } } $intCountForms = count($arrActiveForms); if ($intCountForms > 0) { if (intval($intEntryId) == 0 && (empty($_POST['selectedFormId']) && empty($_POST['formId'])) && $intCountForms > 1) { $intFormId = null; //get form selector $objForms->listForms($this->_objTpl, 2, $intFormId); //parse blocks $this->_objTpl->hideBlock($this->moduleNameLC . 'EntryStatus'); $this->_objTpl->hideBlock($this->moduleNameLC . 'InputfieldList'); $this->_objTpl->hideBlock($this->moduleNameLC . 'SpezfieldList'); } else { //save entry data if (isset($_POST['submitEntryModfyForm']) && !empty($_POST['formId'])) { $objEntry = new MediaDirectoryEntry($this->moduleName); $intEntryId = intval($_POST['entryId']); $intEntryId = $objEntry->saveEntry($_POST, $intEntryId); if (!empty($_POST['entryId'])) { if ($intEntryId) { $this->strOkMessage = $_ARRAYLANG['TXT_MEDIADIR_ENTRY'] . ' ' . $_ARRAYLANG['TXT_MEDIADIR_SUCCESSFULLY_EDITED']; } else { $intEntryId = intval($_POST['entryId']); $this->strErrMessage = $_ARRAYLANG['TXT_MEDIADIR_ENTRY'] . ' ' . $_ARRAYLANG['TXT_MEDIADIR_CORRUPT_EDITED']; } } else { if ($intEntryId) { $this->strOkMessage = $_ARRAYLANG['TXT_MEDIADIR_ENTRY'] . ' ' . $_ARRAYLANG['TXT_MEDIADIR_SUCCESSFULLY_ADDED']; } else { $this->strErrMessage = $_ARRAYLANG['TXT_MEDIADIR_ENTRY'] . ' ' . $_ARRAYLANG['TXT_MEDIADIR_CORRUPT_ADDED']; } } } //get form id if (intval($intEntryId) != 0) { //get entry data $objEntry = new MediaDirectoryEntry($this->moduleName); $objEntry->getEntries($intEntryId, null, null, null, null, false, false); if (empty($objEntry->arrEntries)) { $objEntry->getEntries($intEntryId, null, null, null, null, true, false); } $intFormId = $objEntry->arrEntries[$intEntryId]['entryFormId']; } else { //set form id if ($intCountForms == 1) { $intFormId = intval($arrActiveForms[0]); } else { $intFormId = intval($_POST['selectedFormId']); } if (!empty($_POST['formId'])) { $intFormId = intval($_POST['formId']); } } //get inputfield object $objInputfields = new MediaDirectoryInputfield($intFormId, false, null, $this->moduleName); //list inputfields $objInputfields->listInputfields($this->_objTpl, 2, $intEntryId); //get translation status date if ($this->arrSettings['settingsTranslationStatus'] == 1) { $ownerRowClass = "row1"; foreach ($this->arrFrontendLanguages as $key => $arrLang) { $strLangStatus = ''; if ($intEntryId != 0) { if (in_array($arrLang['id'], $objEntry->arrEntries[$intEntryId]['entryTranslationStatus'])) { $strLangStatus = 'checked="checked"'; } } $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_TRANSLATION_LANG_NAME' => htmlspecialchars($arrLang['name'], ENT_QUOTES, CONTREXX_CHARSET), $this->moduleLangVar . '_TRANSLATION_LANG_ID' => intval($arrLang['id']), $this->moduleLangVar . '_TRANSLATION_LANG_STATUS' => $strLangStatus)); $this->_objTpl->parse($this->moduleNameLC . 'TranslationLangList'); } $this->_objTpl->parse($this->moduleNameLC . 'TranslationStatus'); } else { $ownerRowClass = "row2"; $this->_objTpl->hideBlock($this->moduleNameLC . 'TranslationStatus'); } //get user data $objFWUser = \FWUser::getFWUserObject(); $addedBy = isset($objEntry) ? $objEntry->arrEntries[$intEntryId]['entryAddedBy'] : ''; if (!empty($addedBy) && ($objUser = $objFWUser->objUser->getUser($addedBy))) { $userId = $objUser->getId(); } else { $userId = $objFWUser->objUser->getId(); } $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_OWNER' => $_ARRAYLANG['TXT_MEDIADIR_OWNER'], $this->moduleLangVar . '_OWNER_ROW' => $ownerRowClass, $this->moduleLangVar . '_OWNER_ID' => $userId)); \FWUser::getUserLiveSearch(); if ($intEntryId != 0) { $intEntryDourationStart = 1; $intEntryDourationEnd = 2; //parse contact data $objUser = $objFWUser->objUser; $intUserId = intval($objUser->getId()); $strUserMail = '<a href="mailto:' . contrexx_raw2xhtml($objUser->getEmail()) . '">' . contrexx_raw2xhtml($objUser->getEmail()) . '</a>'; $intUserLang = intval($objUser->getFrontendLanguage()); if ($objUser = $objUser->getUser($id = $intUserId)) { //get lang foreach ($this->arrFrontendLanguages as $intKey => $arrLang) { if ($arrLang['id'] == $intUserLang) { $strUserLang = $arrLang['name']; } } //get country $arrCountry = \Cx\Core\Country\Controller\Country::getById(intval($objUser->getProfileAttribute('country'))); $strCountry = $arrCountry['name']; //get title $objTitle = $objDatabase->Execute("SELECT `title` FROM " . DBPREFIX . "access_user_title WHERE id = '" . intval($objUser->getProfileAttribute('title')) . "' LIMIT 1"); $strTitle = $objTitle->fields['title']; $this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_CONTACT_DATA' => "Kontaktangaben", $this->moduleLangVar . '_CONTACT_ATTRIBUT_TITLE' => contrexx_raw2xhtml($strTitle), $this->moduleLangVar . '_CONTACT_ATTRIBUT_FIRSTNAME' => contrexx_raw2xhtml($objUser->getProfileAttribute('firstname')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_LASTNAME' => contrexx_raw2xhtml($objUser->getProfileAttribute('lastname')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_COMPANY' => contrexx_raw2xhtml($objUser->getProfileAttribute('company')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_ADRESS' => contrexx_raw2xhtml($objUser->getProfileAttribute('address')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_CITY' => contrexx_raw2xhtml($objUser->getProfileAttribute('city')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_ZIP' => contrexx_raw2xhtml($objUser->getProfileAttribute('zip')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_COUNTRY' => contrexx_raw2xhtml($strCountry), $this->moduleLangVar . '_CONTACT_ATTRIBUT_PHONE' => contrexx_raw2xhtml($objUser->getProfileAttribute('phone_office')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_FAX' => contrexx_raw2xhtml($objUser->getProfileAttribute('phone_fax')), $this->moduleLangVar . '_CONTACT_ATTRIBUT_WEBSITE' => '<a href="' . contrexx_raw2xhtml($objUser->getProfileAttribute('website')) . '" target="_blank">' . contrexx_raw2xhtml($objUser->getProfileAttribute('website')) . '</a>', $this->moduleLangVar . '_CONTACT_ATTRIBUT_MAIL' => $strUserMail, $this->moduleLangVar . '_CONTACT_ATTRIBUT_LANG' => $strUserLang)); } $this->_objTpl->parse($this->moduleNameLC . 'ContactData'); } else { $intEntryDourationStart = 1; $intEntryDourationEnd = 2; $this->_objTpl->hideBlock($this->moduleNameLC . 'ContactData'); } //get display duration data switch ($this->arrSettings['settingsEntryDisplaydurationValueType']) { case 1: $intDiffDay = $this->arrSettings['settingsEntryDisplaydurationValue']; $intDiffMonth = 0; $intDiffYear = 0; break; case 2: $intDiffDay = 0; $intDiffMonth = $this->arrSettings['settingsEntryDisplaydurationValue']; $intDiffYear = 0; break; case 3: $intDiffDay = 0; $intDiffMonth = 0; $intDiffYear = $this->arrSettings['settingsEntryDisplaydurationValue']; break; } if ($intEntryId != 0) { if (intval($objEntry->arrEntries[$intEntryId]['entryDurationType']) == 1) { $intEntryDourationAlways = 'selected="selected"'; $intEntryDourationStart = date("d.m.Y", mktime()); $intEntryDourationEnd = date("d.m.Y", mktime(0, 0, 0, date("m") + $intDiffMonth, date("d") + $intDiffDay, date("Y") + $intDiffYear)); } else { $intEntryDourationPeriod = 'selected="selected"'; $intEntryDourationShowPeriod = 'inline'; $intEntryDourationStart = date("d.m.Y", $objEntry->arrEntries[$intEntryId]['entryDurationStart']); $intEntryDourationEnd = date("d.m.Y", $objEntry->arrEntries[$intEntryId]['entryDurationEnd']); } if (intval($objEntry->arrEntries[$intEntryId]['entryDurationNotification']) == 1) { $this->_objTpl->setVariable(array($this->moduleLangVar . '_DISPLAYDURATION_RESET_NOTIFICATION_STATUS' => '<br /><input type="checkbox" name="durationResetNotification" value="1" /> ' . $_ARRAYLANG['TXT_MEDIADIR_DISPLAYDURATION_RESET_NOTIFICATION_STATUS'])); } } else { if (intval($this->arrSettings['settingsEntryDisplaydurationType']) == 1) { $intEntryDourationAlways = 'selected="selected"'; } else { $intEntryDourationPeriod = 'selected="selected"'; $intEntryDourationShowPeriod = 'inline'; } $intEntryDourationStart = date("d.m.Y", mktime()); $intEntryDourationEnd = date("d.m.Y", mktime(0, 0, 0, date("m") + $intDiffMonth, date("d") + $intDiffDay, date("Y") + $intDiffYear)); } //parse spez fields $this->_objTpl->touchBlock($this->moduleNameLC . 'SpezfieldList'); //generate javascript parent::setJavascript($this->getSelectorJavascript()); parent::setJavascript($objInputfields->getInputfieldJavascript()); //get form onsubmit $strOnSubmit = parent::getFormOnSubmit($objInputfields->arrJavascriptFormOnSubmit); $this->_objTpl->setVariable(array($this->moduleLangVar . '_ENTRY_STATUS' => $intEntryId && intval($objEntry->arrEntries[$intEntryId]['entryActive']) ? 'checked="checked"' : '', $this->moduleLangVar . '_MEDIABROWSER_BUTTON' => $this->getMediaBrowserButton($_ARRAYLANG['TXT_BROWSE'], array('type' => 'button', 'id' => 'mediabrowser_button', 'style' => 'display:none;')))); //parse blocks $this->_objTpl->hideBlock($this->moduleNameLC . 'FormList'); } //parse global variables $this->_objTpl->setGlobalVariable(array('TXT_' . $this->moduleLangVar . '_PAGE_TITLE' => $pageTitle, $this->moduleLangVar . '_ENTRY_ID' => $intEntryId, $this->moduleLangVar . '_FORM_ID' => $intFormId, 'TXT_' . $this->moduleLangVar . '_SUBMIT' => $_ARRAYLANG['TXT_' . $this->moduleLangVar . '_SUBMIT'], $this->moduleLangVar . '_JAVASCRIPT' => $this->getJavascript(), $this->moduleLangVar . '_FORM_ONSUBMIT' => $strOnSubmit, 'TXT_' . $this->moduleLangVar . '_PLEASE_CHECK_INPUT' => $_ARRAYLANG['TXT_MEDIADIR_PLEASE_CHECK_INPUT'], $this->moduleLangVar . '_DEFAULT_LANG_ID' => $_LANGID, 'TXT_' . $this->moduleLangVar . '_SPEZ_FIELDS' => $_ARRAYLANG['TXT_MEDIADIR_SPEZ_FIELDS'], 'TXT_' . $this->moduleLangVar . '_DISPLAYDURATION' => $_ARRAYLANG['TXT_MEDIADIR_DISPLAYDURATION'], 'TXT_' . $this->moduleLangVar . '_DISPLAYDURATION_ALWAYS' => $_ARRAYLANG['TXT_MEDIADIR_DISPLAYDURATION_ALWAYS'], 'TXT_' . $this->moduleLangVar . '_DISPLAYDURATION_PERIOD' => $_ARRAYLANG['TXT_MEDIADIR_DISPLAYDURATION_PERIOD'], 'TXT_' . $this->moduleLangVar . '_DISPLAYDURATION_FROM' => $_CORELANG['TXT_FROM'], 'TXT_' . $this->moduleLangVar . '_DISPLAYDURATION_TO' => $_CORELANG['TXT_TO'], $this->moduleLangVar . '_DISPLAYDURATION_START' => $intEntryDourationStart, $this->moduleLangVar . '_DISPLAYDURATION_END' => $intEntryDourationEnd, $this->moduleLangVar . '_DISPLAYDURATION_SELECT_ALWAYS' => $intEntryDourationAlways, $this->moduleLangVar . '_DISPLAYDURATION_SELECT_PERIOD' => $intEntryDourationPeriod, $this->moduleLangVar . '_DISPLAYDURATION_SHOW_PERIOD' => $intEntryDourationShowPeriod, 'TXT_' . $this->moduleLangVar . '_TRANSLATION_STATUS' => $_ARRAYLANG['TXT_MEDIADIR_TRANSLATION_STATUS'], 'TXT_' . $this->moduleLangVar . '_ENTRY_STATUS' => $_ARRAYLANG['TXT_MEDIADIR_ACTIVE'])); } else { \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=" . $this->moduleName . "&act=settings&tpl=forms"); exit; } }
function delEntry() { global $objDatabase, $_ARRAYLANG, $_CORELANG, $_CONFIG; $this->_objTpl->setTemplate($this->pageContent, true, true); if (!$this->settings['editEntry'] == '1' || !$this->communityModul && $this->settings['addEntry_only_community'] == '1') { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market&cmd=detail&id=' . $_POST['id']); exit; } elseif ($this->settings['addEntry_only_community'] == '1') { $objFWUser = \FWUser::getFWUserObject(); if ($objFWUser->objUser->login()) { if (!\Permission::checkAccess(101, 'static', true)) { \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Login&cmd=noaccess"); exit; } } else { $link = base64_encode(CONTREXX_DIRECTORY_INDEX . '?' . $_SERVER['QUERY_STRING']); \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Login&redirect=" . $link); exit; } } else { $objFWUser = \FWUser::getFWUserObject(); } //get search $this->getSearch(); if (isset($_GET['id'])) { $entryId = contrexx_addslashes($_GET['id']); $objResult = $objDatabase->Execute('SELECT id, userid, catid FROM ' . DBPREFIX . 'module_market WHERE id = ' . $entryId . ' LIMIT 1'); if ($objResult !== false) { while (!$objResult->EOF) { if ($objFWUser->objUser->login() && $objFWUser->objUser->getId() == $objResult->fields['userid'] || \Permission::hasAllAccess()) { $this->_objTpl->setVariable(array('MARKET_ENTRY_ID' => $entryId, 'TXT_MARKET_DEL' => $_ARRAYLANG['TXT_MARKET_DELETE_ADVERTISEMENT'], 'TXT_MARKET_ABORT' => $_CORELANG['TXT_CANCEL'], 'TXT_MARKET_CONFIRM_DEL' => $_ARRAYLANG['TXT_MARKET_ADVERTISEMENT_DELETE'])); //get navigatin $this->getNavigation($objResult->fields['catid']); $objResult->MoveNext(); } else { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market&cmd=detail&id=' . $_GET['id']); exit; } } } } else { if (isset($_POST['submitEntry'])) { $arrDelete = array(); $arrDelete[0] = $_POST['id']; $this->removeEntry($arrDelete); \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market'); exit; } else { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market'); exit; } } }
public function preResolve(\Cx\Core\Routing\Url $url) { if ($this->cx->getMode() != \Cx\Core\Core\Controller\Cx::MODE_FRONTEND) { return; } $em = $this->cx->getDb()->getEntityManager(); $rewriteRuleRepo = $em->getRepository($this->getNamespace() . '\\Model\\Entity\\RewriteRule'); $rewriteRules = $rewriteRuleRepo->findAll(array(), array('order' => 'asc')); $last = false; $originalUrl = clone $url; foreach ($rewriteRules as $rewriteRule) { try { $url = $rewriteRule->resolve($url, $last); } catch (\Exception $e) { // This is thrown if the regex of the rule is not valid } if ($last) { break; } } if ($originalUrl->toString() != $url->toString()) { if ($rewriteRule->getRewriteStatusCode() != \Cx\Core\Routing\Model\Entity\RewriteRule::REDIRECTION_TYPE_INTERN) { $headers = array('Location' => $url->toString()); if ($rewriteRule->getRewriteStatusCode() == 301) { array_push($headers, $_SERVER['SERVER_PROTOCOL'] . ' 301 Moved Permanently'); } $this->getComponent('Cache')->writeCacheFileForRequest(null, $headers, ''); \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . $url->toString(), true, $rewriteRule->getRewriteStatusCode()); die; } try { \DBG::log('Fetching content from ' . $url->toString()); $request = new \HTTP_Request2($url->toString(), \HTTP_Request2::METHOD_GET); $request->setConfig(array('follow_redirects' => true)); $response = $request->send(); $content = $response->getBody(); foreach ($response->getHeader() as $key => $value) { if (in_array($key, array('content-encoding', 'transfer-encoding'))) { continue; } \Cx\Core\Csrf\Controller\Csrf::header($key . ':' . $value); } $continue = false; die($content); } catch (\HTTP_Request2_Exception $e) { \DBG::dump($e); } } }
function importuser() { global $objDatabase, $_ARRAYLANG; $objTpl = new \Cx\Core\Html\Sigma(ASCMS_MODULE_PATH . '/Newsletter/View/Template/Backend'); \Cx\Core\Csrf\Controller\Csrf::add_placeholder($objTpl); $objTpl->setErrorHandling(PEAR_ERROR_DIE); \Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/importexport/import.class.php'); $objImport = new \Import(); $arrFields = array('email' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'sex' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'salutation' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'title' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'lastname' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'firstname' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'position' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'company' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'industry_sector' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'address' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'zip' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'city' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'country_id' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'phone_office' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'phone_private' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'phone_mobile' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'fax' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'birthday' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'uri' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'notes' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'language' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE']); if (isset($_POST['import_cancel'])) { // Abbrechen. Siehe Abbrechen $objImport->cancel(); \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?cmd=Newsletter&act=users&tpl=import"); exit; } elseif (isset($_POST['fieldsSelected'])) { // Speichern der Daten. Siehe Final weiter unten. $arrRecipients = $objImport->getFinalData($arrFields); if (empty($_POST['newsletter_recipient_associated_list'])) { self::$strErrMessage = $_ARRAYLANG['TXT_NEWSLETTER_SELECT_CATEGORY']; } else { $arrLists = array(); if (isset($_POST['newsletter_recipient_associated_list'])) { foreach (explode(',', $_POST['newsletter_recipient_associated_list']) as $listId) { array_push($arrLists, intval($listId)); } } $EmailCount = 0; $arrBadEmails = array(); $ExistEmails = 0; $NewEmails = 0; $recipientSendEmailId = isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0; foreach ($arrRecipients as $arrRecipient) { if (empty($arrRecipient['email'])) { continue; } if (!strpos($arrRecipient['email'], '@')) { continue; } $arrRecipient['email'] = trim($arrRecipient['email']); if (!\FWValidator::isEmail($arrRecipient['email'])) { array_push($arrBadEmails, $arrRecipient['email']); } else { $EmailCount++; $arrRecipientLists = $arrLists; // TODO: use FWUSER if (in_array($arrRecipient['salutation'], $this->_getRecipientTitles())) { $arrRecipientTitles = array_flip($this->_getRecipientTitles()); $recipientSalutationId = $arrRecipientTitles[$arrRecipient['salutation']]; } else { $recipientSalutationId = $this->_addRecipientTitle($arrRecipient['salutation']); } // try to parse the imported birthday in a usable format if (!empty($arrRecipient['birthday'])) { $arrDate = date_parse($arrRecipient['birthday']); $arrRecipient['birthday'] = $arrDate['day'] . '-' . $arrDate['month'] . '-' . $arrDate['year']; } $objRecipient = $objDatabase->SelectLimit("SELECT `id`,\n `language`,\n `status`,\n `notes`\n FROM `" . DBPREFIX . "module_newsletter_user`\n WHERE `email` = '" . addslashes($arrRecipient['email']) . "'", 1); if ($objRecipient->RecordCount() == 1) { $recipientId = $objRecipient->fields['id']; $recipientLanguage = $objRecipient->fields['language']; $recipientStatus = $objRecipient->fields['status']; $recipientNotes = !empty($objRecipient->fields['notes']) ? $objRecipient->fields['notes'] . ' ' . $arrRecipient['notes'] : $arrRecipient['notes']; $objList = $objDatabase->Execute("SELECT `category` FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"\n SELECT id\n FROM " . DBPREFIX . "module_newsletter_user\n WHERE email='" . contrexx_input2db($arrRecipient['email']) . "'", 1); $recipientId = $objRecipient->fields['id']; $this->insertTmpEmail($recipientSendEmailId, $arrRecipient['email'], self::USER_TYPE_NEWSLETTER); // setting TmpEntry=1 will set the newsletter status=1, this will force an imediate stop in the newsletter send procedere. if ($this->SendEmail($recipientId, $recipientSendEmailId, $arrRecipient['email'], 1, self::USER_TYPE_NEWSLETTER) == false) { self::$strErrMessage .= $_ARRAYLANG['TXT_SENDING_MESSAGE_ERROR']; } else { // TODO: Unused // $objUpdateCount = $objDatabase->execute(' UPDATE ' . DBPREFIX . 'module_newsletter SET recipient_count = recipient_count+1 WHERE id=' . intval($recipientSendEmailId)); } } } } } self::$strOkMessage = $_ARRAYLANG['TXT_DATA_IMPORT_SUCCESSFUL'] . "<br/>" . $_ARRAYLANG['TXT_CORRECT_EMAILS'] . ": " . $EmailCount . "<br/>" . $_ARRAYLANG['TXT_NOT_VALID_EMAILS'] . ": " . implode(', ', $arrBadEmails) . "<br/>" . $_ARRAYLANG['TXT_EXISTING_EMAILS'] . ": " . $ExistEmails . "<br/>" . $_ARRAYLANG['TXT_NEW_ADDED_EMAILS'] . ": " . $NewEmails; $objImport->initFileSelectTemplate($objTpl); $objTpl->setVariable(array("IMPORT_ACTION" => "index.php?cmd=Newsletter&act=users&tpl=import", 'TXT_FILETYPE' => $_ARRAYLANG['TXT_NEWSLETTER_FILE_TYPE'], 'TXT_HELP' => $_ARRAYLANG['TXT_NEWSLETTER_IMPORT_HELP'], 'IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'IMPORT_ADD_VALUE' => $this->_getEmailsDropDown(), 'IMPORT_ROWCLASS' => 'row1')); $objTpl->parse("additional"); $objTpl->setVariable(array('IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_LIST'], 'IMPORT_ADD_VALUE' => $this->_getAssociatedListSelection(), 'IMPORT_ROWCLASS' => 'row2')); $objTpl->parse("additional"); $this->_objTpl->setVariable('NEWSLETTER_USER_FILE', $objTpl->get()); } } elseif (empty($_POST['importfile']) || isset($_POST['imported']) && empty($_POST['newsletter_recipient_associated_list'])) { // Dateiauswahldialog. Siehe Fileselect $this->_pageTitle = $_ARRAYLANG['TXT_IMPORT']; $this->_objTpl->addBlockfile('NEWSLETTER_USER_FILE', 'module_newsletter_user_import', 'module_newsletter_user_import.html'); if (isset($_POST['imported']) && empty($_POST['newsletter_recipient_associated_list'])) { self::$strErrMessage = $_ARRAYLANG['TXT_NEWSLETTER_SELECT_CATEGORY']; } $objImport->initFileSelectTemplate($objTpl); $objTpl->setVariable(array("IMPORT_ACTION" => "index.php?cmd=Newsletter&act=users&tpl=import", 'TXT_FILETYPE' => $_ARRAYLANG['TXT_NEWSLETTER_FILE_TYPE'], 'TXT_HELP' => $_ARRAYLANG['TXT_NEWSLETTER_IMPORT_HELP'], 'IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'IMPORT_ADD_VALUE' => $this->_getEmailsDropDown(), 'IMPORT_ROWCLASS' => 'row1')); $objTpl->parse("additional"); $objTpl->setVariable(array('IMPORT_ADD_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_LIST'], 'IMPORT_ADD_VALUE' => $this->_getAssociatedListSelection(), 'IMPORT_ROWCLASS' => 'row2')); $objTpl->parse("additional"); $this->_objTpl->setVariable(array('TXT_NEWSLETTER_IMPORT_FROM_FILE' => $_ARRAYLANG['TXT_NEWSLETTER_IMPORT_FROM_FILE'], 'TXT_IMPORT' => $_ARRAYLANG['TXT_IMPORT'], 'TXT_NEWSLETTER_LIST' => $_ARRAYLANG['TXT_NEWSLETTER_LIST'], 'TXT_ENTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_ENTER_EMAIL_ADDRESS'], 'NEWSLETTER_CATEGORY_MENU' => $this->_getAssociatedListSelection(), 'NEWSLETTER_IMPORT_FRAME' => $objTpl->get())); if (isset($_POST['newsletter_import_plain'])) { if (empty($_POST['newsletter_recipient_associated_list'])) { self::$strErrMessage = $_ARRAYLANG['TXT_NEWSLETTER_SELECT_CATEGORY']; } else { $arrLists = array(); if (isset($_POST['newsletter_recipient_associated_list'])) { foreach ($_POST['newsletter_recipient_associated_list'] as $listId) { array_push($arrLists, intval($listId)); } } $EmailList = str_replace(array(']', '[', "\t", "\n", "\r"), ' ', $_REQUEST["Emails"]); $EmailArray = preg_split('/[\\s"\';,:<>\\n]+/', contrexx_stripslashes($EmailList)); $EmailCount = 0; $arrBadEmails = array(); $ExistEmails = 0; $NewEmails = 0; foreach ($EmailArray as $email) { if (empty($email)) { continue; } if (!strpos($email, '@')) { continue; } if (!\FWValidator::isEmail($email)) { array_push($arrBadEmails, $email); } else { $EmailCount++; $objRecipient = $objDatabase->SelectLimit("SELECT `id` FROM `" . DBPREFIX . "module_newsletter_user` WHERE `email` = '" . addslashes($email) . "'", 1); if ($objRecipient->RecordCount() == 1) { foreach ($arrLists as $listId) { $this->_addRecipient2List($objRecipient->fields['id'], $listId); } $ExistEmails++; } else { $NewEmails++; if ($objDatabase->Execute("\n INSERT INTO `" . DBPREFIX . "module_newsletter_user` (\n `code`, `email`, `status`, `emaildate`\n ) VALUES (\n '" . $this->_emailCode() . "', '" . addslashes($email) . "', 1, " . time() . "\n )") !== false) { $this->_setRecipientLists($objDatabase->Insert_ID(), $arrLists); } else { array_push($arrBadEmails, $email); } } } } self::$strOkMessage = $_ARRAYLANG['TXT_DATA_IMPORT_SUCCESSFUL'] . "<br/>" . $_ARRAYLANG['TXT_CORRECT_EMAILS'] . ": " . $EmailCount . "<br/>" . $_ARRAYLANG['TXT_NOT_VALID_EMAILS'] . ": "" . implode(', ', $arrBadEmails) . ""<br/>" . $_ARRAYLANG['TXT_EXISTING_EMAILS'] . ": " . $ExistEmails . "<br/>" . $_ARRAYLANG['TXT_NEW_ADDED_EMAILS'] . ": " . $NewEmails; } } $this->_objTpl->parse('module_newsletter_user_import'); } else { // Felderzuweisungsdialog. Siehe Fieldselect $objImport->initFieldSelectTemplate($objTpl, $arrFields); $arrLists = array(); if (isset($_POST['newsletter_recipient_associated_list'])) { foreach ($_POST['newsletter_recipient_associated_list'] as $listId) { array_push($arrLists, intval($listId)); } } $objTpl->setVariable(array('IMPORT_HIDDEN_NAME' => 'newsletter_recipient_associated_list', 'IMPORT_HIDDEN_VALUE' => !empty($arrLists) ? implode(',', $arrLists) : '')); $objTpl->parse('hidden_fields'); $objTpl->setVariable(array('IMPORT_HIDDEN_NAME' => 'sendEmail', 'IMPORT_HIDDEN_VALUE' => isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0)); $objTpl->parse('hidden_fields'); $objTpl->setVariable(array('IMPORT_ACTION' => 'index.php?cmd=Newsletter&act=users&tpl=import')); $this->_objTpl->setVariable(array('TXT_REMOVE_PAIR' => $_ARRAYLANG['TXT_REMOVE_PAIR'], 'NEWSLETTER_USER_FILE' => $objTpl->get())); } }
/** * update settings * @access public * @global array * @global ADONewConnection * @global array * @global array */ function updateSettings() { global $objDatabase, $_CORELANG, $_ARRAYLANG; if (isset($_POST['set_sys_submit'])) { //get post data foreach ($_POST['setvalue'] as $id => $value) { //update settings // check for description field to be required if ($id == 13 && $value == 1) { $objDatabase->Execute("UPDATE `" . DBPREFIX . "module_directory_inputfields` SET active='1', is_required='1', active_backend='1' WHERE name='description'"); } if (ini_get('allow_url_fopen') == false && $id == 19) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='0' WHERE setid=" . intval($id)); } else { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id)); } } $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_google_submit'])) { //get post data foreach ($_POST['setvalue'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings_google SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id)); } $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_homecontent_submit'])) { //update settings \Cx\Core\Setting\Controller\Setting::init('Config', 'component', 'Yaml'); if (isset($_POST['setHomeContent'])) { if (!\Cx\Core\Setting\Controller\Setting::isDefined('directoryHomeContent')) { \Cx\Core\Setting\Controller\Setting::add('directoryHomeContent', contrexx_addslashes($_POST['setHomeContent']), 1, \Cx\Core\Setting\Controller\Setting::TYPE_RADIO, '1:TXT_ACTIVATED,0:TXT_DEACTIVATED', 'component'); } else { \Cx\Core\Setting\Controller\Setting::set('directoryHomeContent', contrexx_addslashes($_POST['setHomeContent'])); \Cx\Core\Setting\Controller\Setting::update('directoryHomeContent'); } } \Cx\Core\Csrf\Controller\Csrf::header('Location: ?cmd=Directory&act=settings&tpl=homecontent'); exit; $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_mail_submit'])) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_mail SET title='" . contrexx_addslashes($_POST['mailConfirmTitle']) . "', content='" . $_POST['mailConfirmContent'] . "' WHERE id='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_mail SET title='" . contrexx_addslashes($_POST['mailRememberTitle']) . "', content='" . $_POST['mailRememberContent'] . "' WHERE id='2'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($_POST['mailRememberAdress']) . "' WHERE setid='30'"); $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_inputs_submit'])) { //update settings // title field should stay active, required and available for search $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='0' Where id !='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_search='0' Where id !='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_required='0' Where id !='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='0' Where id !='1'"); //get post data if ($_POST['setStatus'] != "") { $addressElements = 0; $googleMapIsEnabled = false; foreach ($_POST['setStatus'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("SELECT `name` FROM " . DBPREFIX . "module_directory_inputfields WHERE id=" . intval($id)); $name = $objResult->fields['name']; switch ($name) { case 'country': case 'zip': case 'street': case 'city': $addressElements++; break; case 'googlemap': $googleMapIsEnabled = true; break; default: } $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id)); } if ($googleMapIsEnabled && $addressElements < 4) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='country'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='zip'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='street'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='city'"); $this->strOkMessage = $_ARRAYLANG['TXT_DIRECTORY_GOOGLEMAP_REQUIRED_FIELDS_MISSING']; } } //get post data if ($_POST['setStatusBackend'] != "") { $addressElements = 0; $googleMapIsEnabled = false; foreach ($_POST['setStatusBackend'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("SELECT `name` FROM " . DBPREFIX . "module_directory_inputfields WHERE id=" . intval($id)); $name = $objResult->fields['name']; switch ($name) { case 'country': case 'zip': case 'street': case 'city': $addressElements++; break; case 'googlemap': $googleMapIsEnabled = true; break; default: } $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id)); } if ($googleMapIsEnabled && $addressElements < 4) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='country'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='zip'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='street'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='city'"); $this->strOkMessage = $_ARRAYLANG['TXT_DIRECTORY_GOOGLEMAP_REQUIRED_FIELDS_MISSING']; } } //get post data if ($_POST['setSort'] != "") { foreach ($_POST['setSort'] as $id => $sort) { $sort = $sort; //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET sort=" . intval($sort) . " WHERE id=" . intval($id)); } } //get post data if ($_POST['setSearch'] != "") { foreach ($_POST['setSearch'] as $id => $search) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_search=" . $search . " WHERE id=" . intval($id)); } } //get post data if ($_POST['setRequired'] != "") { foreach ($_POST['setRequired'] as $id => $required) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_required=" . $required . " WHERE id=" . intval($id)); } } //get post data if ($_POST['setSpezFields'] != "") { foreach ($_POST['setSpezFields'] as $id => $value) { //update settings $objReult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET title='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id)); } } //get dropdown data foreach ($_POST['setDropdown'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id)); } //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='title'"); if ($this->descriptionFieldRequired()) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1', is_required='1', active_backend='1' WHERE name='description'"); } $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if ($_POST['inputValue']['zoom'] != "") { $googleStartPoint = intval($_POST['inputValue']['lat']); $googleStartPoint .= '.' . intval($_POST['inputValue']['lat_fraction']); $googleStartPoint .= ':' . intval($_POST['inputValue']['lon']); $googleStartPoint .= '.' . intval($_POST['inputValue']['lon_fraction']); $googleStartPoint .= ':' . intval($_POST['inputValue']['zoom']); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . $googleStartPoint . "' WHERE setname='googlemap_start_location'"); } }
/** * Do something after resolving is done * * @param \Cx\Core\ContentManager\Model\Entity\Page $page The resolved page */ public function postResolve(\Cx\Core\ContentManager\Model\Entity\Page $page) { switch ($this->cx->getMode()) { case \Cx\Core\Core\Controller\Cx::MODE_BACKEND: global $plainCmd, $isRegularPageRequest; $objTemplate = $this->cx->getTemplate(); $objFWUser = \FWUser::getFWUserObject(); /* authentification */ $loggedIn = $objFWUser->objUser->login(true); //check if the user is already logged in if (!$loggedIn && (!empty($_POST['USERNAME']) && !empty($_POST['PASSWORD']) || !empty($_GET['auth-token']) && !empty($_GET['user-id'])) && (!isset($_GET['cmd']) || $_GET['cmd'] !== 'Login') && (!isset($_GET['act']) || $_GET['act'] !== 'resetpw')) { //not logged in already - do captcha and password checks $objFWUser->checkAuth(); } // User only gets the backend if he's logged in. // Exception: If it is a JsonData request, then the request will be // processed. In that case, JsonData will take over the // required access/permission check. // Default permission rule by JsonData is set to // only allow the execution of requests where the // requester is signed-in. if (!$objFWUser->objUser->login(true) && $plainCmd != 'JsonData') { $plainCmd = 'Login'; // If the user isn't logged in, the login mask will be showed. // This mask has its own template handling. // So we don't need to load any templates in the index.php. $isRegularPageRequest = false; } else { $userData = array('id' => \FWUser::getFWUserObject()->objUser->getId(), 'name' => \FWUser::getFWUserObject()->objUser->getUsername()); \Env::get('cx')->getDb()->setUsername(json_encode($userData)); } $objUser = \FWUser::getFWUserObject()->objUser; $firstname = $objUser->getProfileAttribute('firstname'); $lastname = $objUser->getProfileAttribute('lastname'); if (!empty($firstname) && !empty($lastname)) { $txtProfile = $firstname . ' ' . $lastname; } else { $txtProfile = $objUser->getUsername(); } $objTemplate->setVariable(array('TXT_PROFILE' => $txtProfile, 'USER_ID' => $objFWUser->objUser->getId())); if ($loggedIn) { break; } if (isset($_POST['redirect'])) { $redirect = \FWUser::getRedirectUrl(urlencode($_POST['redirect'])); \Cx\Core\Csrf\Controller\Csrf::header('location: ' . $redirect); } elseif (!empty($_GET['auth-token'])) { \Cx\Core\Csrf\Controller\Csrf::header('location: ' . \Env::get('cx')->getWebsiteBackendPath() . '/'); } break; default: break; } }
/** * update the company size * * @global object $objDatabase * @global array $_ARRAYLANG * @param array $fields post values * * @return null */ function modifyCompanySize($fields) { global $objDatabase, $_ARRAYLANG; $objTpl = $this->_objTpl; $objTpl->addBlockfile('CRM_SETTINGS_FILE', 'settings_block', 'module_' . $this->moduleNameLC . '_settings_modify_company_size.html'); $id = isset($_GET['id']) ? $_GET['id'] : 0; //Get the company size $this->getCompanySize($id); //parse the placeholders $this->parseCompanySizePlaceholders(); if ($_POST['save']) { if (!empty($id)) { //update $query = \SQL::update('module_' . $this->moduleNameLC . '_company_size', $fields, array('escape' => true)) . ' WHERE `id` = ' . $id; } $objResult = $objDatabase->Execute($query); if ($objResult) { $_SESSION['strOkMessage'] = $_ARRAYLANG['TXT_CRM_ENTRY_UPDATED_SUCCESS']; \Cx\Core\Csrf\Controller\Csrf::header("location:./index.php?cmd=" . $this->moduleName . "&act=settings&tpl=companySize"); exit; } else { $_SESSION['strErrMessage'] = $_ARRAYLANG['TXT_CRM_ENTRY_UPDATE_ERROR']; } } }
/** * Logs the User off and destroys the session. * * If the User was in backend mode, redirects her to the frontend home page. * Otherwise, if a redirect was requested, the desired page is called. * If no redirect parameter is present, the frontend login page is shown. */ function logout() { $this->logoutAndDestroySession(); if ($this->backendMode) { $pathOffset = ASCMS_PATH_OFFSET; \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . (!empty($pathOffset) ? $pathOffset : '/')); } else { $redirect = ''; if (!empty($_REQUEST['redirect'])) { $redirect = self::getRedirectUrl($_REQUEST['redirect']); } \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . (!empty($redirect) ? $redirect : CONTREXX_DIRECTORY_INDEX . '?section=Login')); } exit; }
/** * Modify fields * * Saves the modified fields * @global $objDatabase * @global $_ARRAYLANG * @access private */ function _modfields() { global $objDatabase, $_ARRAYLANG; $this->_getFieldNames(); $checked = array(); foreach ($_POST as $key => $value) { if (preg_match("/^value\\_[0-9]+_[0-9]+\$/", $key)) { $singleVals = explode("_", $key); $id = $singleVals[1]; $langId = $singleVals[2]; $newType = $_POST['select_list_' . $id]; $newOrder = $_POST['order_' . $id]; $newMandatory = $_POST['field_mandatory_' . $id]; $value = trim($value); if ($this->fieldNames[$id]['names'][$langId] != $value) { $query = " UPDATE " . DBPREFIX . "module_immo_fieldname\n SET `name` = '" . $value . "'\n WHERE `field_id` = '" . $id . "'\n AND `lang_id` = '" . $langId . "'"; $objDatabase->Execute($query); } if (!isset($checked[$id])) { $checked[$id] = true; if ($this->fieldNames[$id]['type'] != $newType) { $query = " UPDATE " . DBPREFIX . "module_immo_field\n SET `type` = '" . $newType . "'\n WHERE `id` = '" . $id . "'"; $objDatabase->Execute($query); } if ($this->fieldNames[$id]['order'] != $newOrder) { $query = " UPDATE " . DBPREFIX . "module_immo_field\n SET `order` = '" . $newOrder . "'\n WHERE `id` = '" . $id . "'"; $objDatabase->Execute($query); } if ($this->fieldNames[$id]['mandatory'] != $newMandatory) { $query = " UPDATE " . DBPREFIX . "module_immo_field\n SET `mandatory` = '" . $newMandatory . "'\n WHERE `id` = '" . $id . "'"; $objDatabase->Execute($query); } } } } \Cx\Core\Csrf\Controller\Csrf::header("Location: ?cmd=immo&act=settings"); exit; }
function showNews() { global $objDatabase, $_ARRAYLANG, $_LANGID; $this->_objTpl->setTemplate($this->pageContent, true, true); //feed path $this->feedpath = \Env::get('cx')->getWebsiteFeedPath() . '/'; //active (with $_LANGID) categories $query = "SELECT id,\n name\n FROM " . DBPREFIX . "module_feed_category\n WHERE status = '1'\n AND lang = '" . $_LANGID . "'\n ORDER BY pos"; if ($objResult = $objDatabase->Execute($query)) { while (!$objResult->EOF) { $cat_id[$objResult->fields['id']] = $objResult->fields['id']; $cat_name[$objResult->fields['id']] = $objResult->fields['name']; $objResult->MoveNext(); } } //active news $query = "SELECT id,\n subid,\n name\n FROM " . DBPREFIX . "module_feed_news\n WHERE status = '1'\n ORDER BY pos"; $objResult = $objDatabase->Execute($query); while (!$objResult->EOF) { $news_subid[$objResult->fields['subid']][$objResult->fields['id']] = $objResult->fields['subid']; $news_id[$objResult->fields['subid']][$objResult->fields['id']] = $objResult->fields['id']; $news_name[$objResult->fields['subid']][$objResult->fields['id']] = $objResult->fields['name']; $objResult->MoveNext(); } //no empty categories if (is_array($cat_id)) { foreach ($cat_id as $x) { if (!isset($news_id[$x])) { unset($cat_id[$x]); unset($cat_name[$x]); } } } if (count($cat_id) == 0) { unset($cat_id); } //output structure if (!is_array($cat_id)) { if (!isset($_GET['cat']) and !isset($_GET['news'])) { $this->_objTpl->setVariable('FEED_NO_NEWSFEED', $_ARRAYLANG['TXT_FEED_NO_NEWSFEED']); } else { \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Feed"); } } else { if ($this->_objTpl->blockExists('feed_cat')) { foreach ($cat_id as $x) { //out cat $this->_objTpl->setVariable('FEED_CAT_NAME', $cat_name[$x]); //out news foreach ($news_id[$x] as $y) { $this->_objTpl->setVariable(array('FEED_NEWS_LINK' => CONTREXX_DIRECTORY_INDEX . '?section=Feed&cat=' . $news_subid[$x][$y] . '&news=' . $news_id[$x][$y], 'FEED_NEWS_NAME' => strip_tags($news_name[$x][$y]))); $this->_objTpl->parse('feed_news'); } $this->_objTpl->parse('feed_cat'); } } // first access if (!isset($_GET['cat']) and !isset($_GET['news'])) { reset($cat_id); $_GET['cat'] = current($cat_id); reset($news_id[$_GET['cat']]); $_GET['news'] = current($news_id[$_GET['cat']]); /* foreach($cat_id as $x) { $_GET['cat'] = $cat_id[$x]; foreach($news_id[$x] as $y) { $_GET['news'] = $news_id[$x][$y]; break; } break; }*/ } $getCat = intval($_GET['cat']); $getNews = intval($_GET['news']); //refresh control $query = "SELECT time,\n cache\n FROM " . DBPREFIX . "module_feed_news\n WHERE id = '" . $getNews . "'\n AND subid = '" . $getCat . "'\n AND status = '1'"; $objResult = $objDatabase->Execute($query); if ($objResult->RecordCount() == 0) { \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Feed"); die; } $old_time = $objResult->fields['time'] + $objResult->fields['cache']; $time = time(); if ($time >= $old_time) { $this->showNewsRefresh($getNews, $time, $this->feedpath); } $query = "SELECT name,\n filename,\n time,\n articles,\n image\n FROM " . DBPREFIX . "module_feed_news\n WHERE id = '" . $getNews . "'\n AND subid = '" . $getCat . "'\n AND status = '1'"; $objResult = $objDatabase->Execute($query); //output selected news $news_name = $objResult->fields['name']; $this->_objTpl->setVariable(array('FEED_CAT' => $cat_name[$getCat], 'FEED_PAGE' => $news_name)); $filename = $this->feedpath . $objResult->fields['filename']; //rss class $rss = new \XML_RSS($filename); $rss->parse(); //channel info $out_title = strip_tags($rss->channel['title']); $out_time = date(ASCMS_DATE_FORMAT, $objResult->fields['time']); //image foreach ($rss->getImages() as $img) { if ($img['url'] != '' && $objResult->fields['image'] == 1) { $out_image = '<img src="' . strip_tags($img['url']) . '" alt="" /><br />'; } } $this->_objTpl->setVariable(array('FEED_IMAGE' => $out_image, 'FEED_TITLE' => $out_title, 'FEED_TIME' => $out_time, 'TXT_FEED_LAST_UPTDATE' => $_ARRAYLANG['TXT_FEED_LAST_UPDATE'])); //items $x = 0; foreach ($rss->getItems() as $value) { if ($x < $objResult->fields['articles']) { $this->_objTpl->setVariable(array('FEED_ROWCLASS' => $x % 2 ? 'row2' : 'row1', 'FEED_DATE' => date('d.m.Y', strtotime($value['pubdate'])), 'FEED_LINK' => $value['link'], 'FEED_NAME' => $value['title'])); $this->_objTpl->parse('feed_output_news'); $x++; } } $this->_objTpl->parse('feed_show_news'); } }
/** * Sets the placeholders used for the event * * @param object $objTpl Template object * @param integer $eventId Event Id * @param integer $eventStartDate Description * * @return null */ function showEvent($objTpl, $eventId, $eventStartDate) { global $objInit, $_ARRAYLANG, $_LANGID, $_CONFIG; parent::getSettings(); if ($objInit->mode == 'frontend' && ($eventId != null && $eventStartDate != null)) { $objEvent = $this->eventList[0]; if (empty($objEvent)) { \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?section=" . $this->moduleName); return; } if ($objEvent->access == 1 && !\FWUser::getFWUserObject()->objUser->login()) { $link = base64_encode(CONTREXX_SCRIPT_PATH . '?' . $_SERVER['QUERY_STRING']); \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_SCRIPT_PATH . "?section=Login&redirect=" . $link); return; } $objCategory = new \Cx\Modules\Calendar\Controller\CalendarCategory($objEvent->catId); list($priority, $priorityImg) = $this->getPriorityImage($objEvent); $plainDescription = contrexx_html2plaintext($objEvent->description); if (strlen($plainDescription) > 100) { $points = '...'; } else { $points = ''; } $parts = explode("\n", wordwrap($plainDescription, 100, "\n")); $attachNamePos = strrpos($objEvent->attach, '/'); $attachNamelength = strlen($objEvent->attach); $attachName = substr($objEvent->attach, $attachNamePos + 1, $attachNamelength); $hostUri = ''; $hostTarget = ''; if ($objEvent->external) { $objHost = new \Cx\Modules\Calendar\Controller\CalendarHost($objEvent->hostId); if (substr($objHost->uri, -1) != '/') { $hostUri = $objHost->uri . '/'; } else { $hostUri = $objHost->uri; } if (substr($hostUri, 0, 7) != 'http://') { $hostUri = "http://" . $hostUri; } $hostTarget = 'target="_blank"'; } if ($this->arrSettings['showEventsOnlyInActiveLanguage'] == 2) { $_LANGID = $objEvent->availableLang; } $picThumb = file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->pic . ".thumb") ? $objEvent->pic . ".thumb" : $objEvent->pic; $numRegistrations = (int) $objEvent->registrationCount; $numDeregistration = (int) $objEvent->cancellationCount; $objEscortManager = new \Cx\Modules\Calendar\Controller\CalendarRegistrationManager($objEvent->id, true, false); $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_ID' => $objEvent->id, $this->moduleLangVar . '_EVENT_START' => date(parent::getDateFormat() . " H:i", $objEvent->startDate), $this->moduleLangVar . '_EVENT_END' => date(parent::getDateFormat() . " H:i", $objEvent->endDate), $this->moduleLangVar . '_EVENT_START_DATE' => date(parent::getDateFormat(), $objEvent->startDate), $this->moduleLangVar . '_EVENT_START_TIME' => date("H:i", $objEvent->startDate), $this->moduleLangVar . '_EVENT_END_DATE' => date(parent::getDateFormat(), $objEvent->endDate), $this->moduleLangVar . '_EVENT_END_TIME' => date("H:i", $objEvent->endDate), $this->moduleLangVar . '_EVENT_TITLE' => $objEvent->title, $this->moduleLangVar . '_EVENT_ATTACHMENT' => $objEvent->attach != '' ? '<a href="' . $hostUri . $objEvent->attach . '" target="_blank" >' . $attachName . '</a>' : '', $this->moduleLangVar . '_EVENT_ATTACHMENT_SOURCE' => $objEvent->attach, $this->moduleLangVar . '_EVENT_PICTURE' => $objEvent->pic != '' ? '<img src="' . $hostUri . $objEvent->pic . '" alt="' . $objEvent->title . '" title="' . $objEvent->title . '" />' : '', $this->moduleLangVar . '_EVENT_PICTURE_SOURCE' => $objEvent->pic, $this->moduleLangVar . '_EVENT_THUMBNAIL' => $picThumb != '' ? '<img src="' . $hostUri . $picThumb . '" alt="' . $objEvent->title . '" title="' . $objEvent->title . '" />' : '', $this->moduleLangVar . '_EVENT_DESCRIPTION' => $objEvent->description, $this->moduleLangVar . '_EVENT_SHORT_DESCRIPTION' => $parts[0] . $points, $this->moduleLangVar . '_EVENT_PRIORITY' => $priority, $this->moduleLangVar . '_EVENT_PRIORITY_IMG' => $priorityImg, $this->moduleLangVar . '_EVENT_CATEGORY' => $objCategory->name, $this->moduleLangVar . '_EVENT_EXPORT_LINK' => $hostUri . 'index.php?section=' . $this->moduleName . '&export=' . $objEvent->id, $this->moduleLangVar . '_EVENT_EXPORT_ICON' => '<a href="' . $hostUri . 'index.php?section=' . $this->moduleName . '&export=' . $objEvent->id . '"><img src="modules/Calendar/View/Media/ical_export.gif" border="0" title="' . $_ARRAYLANG['TXT_CALENDAR_EXPORT_ICAL_EVENT'] . '" alt="' . $_ARRAYLANG['TXT_CALENDAR_EXPORT_ICAL_EVENT'] . '" /></a>', $this->moduleLangVar . '_EVENT_PRICE' => $this->arrSettings['paymentCurrency'] . ' ' . $objEvent->price, $this->moduleLangVar . '_EVENT_FREE_PLACES' => $objEvent->freePlaces == 0 ? $objEvent->freePlaces . ' (' . $_ARRAYLANG['TXT_CALENDAR_SAVE_IN_WAITLIST'] . ')' : $objEvent->freePlaces, $this->moduleLangVar . '_EVENT_ACCESS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_ACCESS_' . $objEvent->access], $this->moduleLangVar . '_EVENT_COUNT_REG' => $numRegistrations, $this->moduleLangVar . '_EVENT_COUNT_SIGNOFF' => $numDeregistration, $this->moduleLangVar . '_EVENT_COUNT_SUBSCRIBER' => $objEscortManager->getEscortData(), $this->moduleLangVar . '_REGISTRATIONS_SUBSCRIBER' => $objEvent->numSubscriber)); //show date and time by user settings if ($objTpl->blockExists('calendarDateDetail')) { $showStartDateDetail = $objEvent->useCustomDateDisplay ? $objEvent->showStartDateDetail : $this->arrSettings['showStartDateDetail'] == 1; $showEndDateDetail = $objEvent->useCustomDateDisplay ? $objEvent->showEndDateDetail : $this->arrSettings['showEndDateDetail'] == 1; $showStartTimeDetail = $objEvent->all_day ? false : ($objEvent->useCustomDateDisplay ? $objEvent->showStartTimeDetail : $this->arrSettings['showStartTimeDetail'] == 1); $showEndTimeDetail = $objEvent->all_day ? false : ($objEvent->useCustomDateDisplay ? $objEvent->showEndTimeDetail : $this->arrSettings['showEndTimeDetail'] == 1); $showTimeTypeDetail = $objEvent->useCustomDateDisplay ? $objEvent->showTimeTypeDetail : 1; // get date for several days format > show starttime with startdate and endtime with enddate > only if several days event and all values (dates/times) are displayed if (date(parent::getDateFormat(), $objEvent->startDate) != date(parent::getDateFormat(), $objEvent->endDate) && ($showStartDateDetail && $showEndDateDetail && $showStartTimeDetail && $showEndTimeDetail)) { //part 1 $part = 1; $this->getMultiDateBlock($objEvent, $this->arrSettings['separatorDateTimeDetail'], $this->arrSettings['separatorSeveralDaysDetail'], $this->arrSettings['showClockDetail'] == 1, $part); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_DETAIL' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_DETAIL' => $this->sepDateTime, $this->moduleLangVar . '_TIME_DETAIL' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_DETAIL' => $this->clock)); $objTpl->parse('calendarDateDetail'); //part 2 $part = 2; $this->getMultiDateBlock($objEvent, $this->arrSettings['separatorDateTimeDetail'], $this->arrSettings['separatorSeveralDaysDetail'], $this->arrSettings['showClockDetail'] == 1, $part); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_DETAIL' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_DETAIL' => $this->sepDateTime, $this->moduleLangVar . '_TIME_DETAIL' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_DETAIL' => $this->clock)); $objTpl->parse('calendarDateDetail'); } else { // get date for single day format $this->getSingleDateBlock($objEvent, $showStartDateDetail, $showEndDateDetail, $this->arrSettings['separatorDateDetail'], $showTimeTypeDetail, $showStartTimeDetail, $showEndTimeDetail, $this->arrSettings['separatorDateTimeDetail'], $this->arrSettings['separatorTimeDetail'], $this->arrSettings['showClockDetail'] == 1); $objTpl->setVariable(array($this->moduleLangVar . '_DATE_DETAIL' => $this->date, $this->moduleLangVar . '_SEP_DATE_TIME_DETAIL' => $this->sepDateTime, $this->moduleLangVar . '_TIME_DETAIL' => $this->time, 'TXT_' . $this->moduleLangVar . '_CLOCK_DETAIL' => $this->clock)); $objTpl->parse('calendarDateDetail'); } } if ($this->arrSettings['placeData'] == 1 && $objEvent->place == '' && $objEvent->place_street == '' && $objEvent->place_zip == '' && $objEvent->place_city == '' && $objEvent->place_country == '') { $objTpl->hideBlock('calendarEventAddress'); } else { /* if($objEvent->map == 1) { $googleCoordinates = self::_getCoorinates($objEvent->place_street, $objEvent->place_zip, $objEvent->place_city); if($googleCoordinates != false) { $lat = $googleCoordinates[0]; $lon = $googleCoordinates[1]; $objGoogleMap = new googleMap(); $objGoogleMap->setMapId($this->moduleName.'GoogleMap'); $objGoogleMap->setMapStyleClass('mapLarge'); $objGoogleMap->setMapType(0); $objGoogleMap->setMapZoom(12); $objGoogleMap->setMapCenter($lon, $lat); $strValueClick = 'marker'.$objEvent->id.'.openInfoWindowHtml(info'.$objEvent->id.');'; $objGoogleMap->addMapMarker($objEvent->id, $lon, $lat, "<b>".$objEvent->place."</b><br />".$objEvent->place_street."<br />".$objEvent->place_zip." ".$objEvent->place_city."<br />".$objEvent->place_country,true, null, true, $strValueClick, null, null); $googleMap = $objGoogleMap->getMap(); } else { $googleMap = '<a href="http://maps.google.ch/maps?q='.$objEvent->place_street.'+'.$objEvent->place_zip.'+'.$objEvent->place_city.'&z=15" target="_blank">'.$_ARRAYLANG['TXT_CALENDAR_MAP'].'</a>'; } } else { $googleMap = ''; } */ //place map $hasPlaceMap = !empty($objEvent->place_map) && file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->place_map); if ($hasPlaceMap) { $arrInfo = getimagesize(\Env::get('cx')->getWebsitePath() . $objEvent->place_map); $picWidth = $arrInfo[0] + 20; $picHeight = $arrInfo[1] + 20; } $map_thumb_name = file_exists(\Env::get('cx')->getWebsitePath() . $objEvent->place_map . ".thumb") ? $objEvent->place_map . ".thumb" : $objEvent->place_map; $placeLink = $objEvent->place_link != '' ? "<a href='" . $objEvent->place_link . "' target='_blank' >" . $objEvent->place_link . "</a>" : ""; $placeLinkSource = $objEvent->place_link; if ($this->arrSettings['placeData'] > 1 && $objEvent->locationType == 2) { $objEvent->loadPlaceFromMediadir($objEvent->place_mediadir_id, 'place'); list($placeLink, $placeLinkSource) = $objEvent->loadPlaceLinkFromMediadir($objEvent->place_mediadir_id, 'place'); } $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_PLACE' => $objEvent->place, $this->moduleLangVar . '_EVENT_LOCATION_ADDRESS' => $objEvent->place_street, $this->moduleLangVar . '_EVENT_LOCATION_ZIP' => $objEvent->place_zip, $this->moduleLangVar . '_EVENT_LOCATION_CITY' => $objEvent->place_city, $this->moduleLangVar . '_EVENT_LOCATION_COUNTRY' => $objEvent->place_country, $this->moduleLangVar . '_EVENT_LOCATION_LINK' => $placeLink, $this->moduleLangVar . '_EVENT_LOCATION_LINK_SOURCE' => $placeLinkSource, $this->moduleLangVar . '_EVENT_LOCATION_MAP_LINK' => $hasPlaceMap ? '<a href="' . $objEvent->place_map . '" onClick="window.open(this.href,\'\',\'resizable=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=no,fullscreen=no,dependent=no,width=' . $picWidth . ',height=' . $picHeight . ',status\'); return false">' . $_ARRAYLANG['TXT_CALENDAR_MAP'] . '</a>' : "", $this->moduleLangVar . '_EVENT_LOCATION_MAP_THUMBNAIL' => $hasPlaceMap ? '<a href="' . $objEvent->place_map . '" onClick="window.open(this.href,\'\',\'resizable=no,location=no,menubar=no,scrollbars=no,status=no,toolbar=no,fullscreen=no,dependent=no,width=' . $picWidth . ',height=' . $picHeight . ',status\'); return false"><img src="' . $map_thumb_name . '" border="0" alt="' . $objEvent->place_map . '" /></a>' : "", $this->moduleLangVar . '_EVENT_LOCATION_MAP_SOURCE' => $hasPlaceMap ? $objEvent->place_map : '')); $objTpl->parse('calendarEventAddress'); } $hostLink = $objEvent->org_link != '' ? "<a href='" . $objEvent->org_link . "' target='_blank' >" . $objEvent->org_link . "</a>" : ""; $hostLinkSource = $objEvent->org_link; if ($this->arrSettings['placeDataHost'] > 1 && $objEvent->hostType == 2) { $objEvent->loadPlaceFromMediadir($objEvent->host_mediadir_id, 'host'); list($hostLink, $hostLinkSource) = $objEvent->loadPlaceLinkFromMediadir($objEvent->host_mediadir_id, 'host'); } if ($this->arrSettings['placeDataHost'] == 1 && $objEvent->org_name == '' && $objEvent->org_street == '' && $objEvent->org_zip == '' && $objEvent->org_city == '' && $objEvent->org_country == '') { $objTpl->hideBlock('calendarEventHost'); } else { $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_HOST' => $objEvent->org_name, $this->moduleLangVar . '_EVENT_HOST_ADDRESS' => $objEvent->org_street, $this->moduleLangVar . '_EVENT_HOST_ZIP' => $objEvent->org_zip, $this->moduleLangVar . '_EVENT_HOST_CITY' => $objEvent->org_city, $this->moduleLangVar . '_EVENT_HOST_COUNTRY' => $objEvent->org_country, $this->moduleLangVar . '_EVENT_HOST_LINK' => $hostLink, $this->moduleLangVar . '_EVENT_HOST_LINK_SOURCE' => $hostLinkSource, $this->moduleLangVar . '_EVENT_HOST_EMAIL' => $objEvent->org_email != '' ? "<a href='mailto:" . $objEvent->org_email . "' >" . $objEvent->org_email . "</a>" : "", $this->moduleLangVar . '_EVENT_HOST_EMAIL_SOURCE' => $objEvent->org_email)); $objTpl->parse('calendarEventHost'); } if ($objEvent->registration == 1 && time() <= $objEvent->startDate) { if ($numRegistrations < $objEvent->numSubscriber || $objEvent->external == 1) { $regLinkSrc = $hostUri . '/' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '&cmd=register&id=' . $objEvent->id . '&date=' . $objEvent->startDate; $regLink = '<a href="' . $regLinkSrc . '" ' . $hostTarget . '>' . $_ARRAYLANG['TXT_CALENDAR_REGISTRATION'] . '</a>'; $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_REGISTRATION_LINK' => $regLink, $this->moduleLangVar . '_EVENT_REGISTRATION_LINK_SRC' => $regLinkSrc)); if ($objTpl->blockExists('calendarEventRegistrationOpen')) { $objTpl->parse('calendarEventRegistrationOpen'); } if ($objTpl->blockExists('calendarEventRegistrationClosed')) { $objTpl->hideBlock('calendarEventRegistrationClosed'); } } else { $regLink = '<i>' . $_ARRAYLANG['TXT_CALENDAR_EVENT_FULLY_BLOCKED'] . '</i>'; $objTpl->setVariable(array($this->moduleLangVar . '_EVENT_REGISTRATION_LINK' => $regLink)); if ($objTpl->blockExists('calendarEventRegistrationOpen')) { $objTpl->hideBlock('calendarEventRegistrationOpen'); } if ($objTpl->blockExists('calendarEventRegistrationClosed')) { $objTpl->touchBlock('calendarEventRegistrationClosed'); } } $objTpl->parse('calendarEventRegistration'); } else { $objTpl->hideBlock('calendarEventRegistration'); } } }
protected function verifyUserAccount() { $email = !empty($_GET['u']) ? contrexx_input2raw($_GET['u']) : null; $key = !empty($_GET['key']) ? contrexx_input2raw($_GET['key']) : null; if (empty($email) || empty($key)) { // TODO: implement error message } if (!\FWUser::getFWUserObject()->verifyUserAccount($email, $key)) { // TODO: implement error message } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?cmd=Home'); exit; }
/** * redirect feed * @access public * @return string $status * @global ADONewConnection * @global array * @param int $id */ function redirectFeed($id) { global $objDatabase, $_ARRAYLANG; //crate latest and popular xml $this->createRSSlatest(); //redirect link if (isset($id)) { $this->getHits($id); $objResult = $objDatabase->Execute("\n SELECT link, typ, filename\n FROM " . DBPREFIX . "module_directory_dir\n WHERE status='1'\n AND id='{$id}'\n ORDER BY id DESC\n "); if ($objResult) { while (!$objResult->EOF) { if ($objResult->fields['typ'] == "file") { $link = $this->mediaWebPath . "uploads/" . $objResult->fields['filename']; } else { if (substr($objResult->fields['link'], 0, 7) != "http://" && $objResult->fields['link'] != "") { $link = "http://" . $objResult->fields['link']; } else { $link = $objResult->fields['link']; } } $objResult->MoveNext(); } } \Cx\Core\Csrf\Controller\Csrf::header("Location: " . $link); exit; } }
private function settings() { global $_CONFIG, $_ARRAYLANG; $objFWUser = \FWUser::getFWUserObject(); if (!$objFWUser->objUser->login()) { \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . CONTREXX_DIRECTORY_INDEX . '?section=Login&redirect=' . base64_encode(ASCMS_PROTOCOL . '://' . $_CONFIG['domainUrl'] . CONTREXX_SCRIPT_PATH . '?section=Access&cmd=' . rawurlencode($_REQUEST['cmd']))); exit; } $settingsDone = false; $objFWUser->objUser->loadNetworks(); if (isset($_POST['access_delete_account'])) { // delete account \Cx\Core\Csrf\Controller\Csrf::check_code(); if ($objFWUser->objUser->checkPassword(isset($_POST['access_user_password']) ? $_POST['access_user_password'] : null)) { if ($objFWUser->objUser->isAllowedToDeleteAccount()) { if ($objFWUser->objUser->delete(true)) { $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', $_ARRAYLANG['TXT_ACCESS_YOUR_ACCOUNT_SUCCSESSFULLY_DELETED']); if ($this->_objTpl->blockExists('access_settings')) { $this->_objTpl->hideBlock('access_settings'); } if ($this->_objTpl->blockExists('access_settings_done')) { $this->_objTpl->touchBlock('access_settings_done'); } return; } else { $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', implode('<br />', $objFWUser->objUser->getErrorMsg())); } } else { $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', $_ARRAYLANG['TXT_ACCESS_NOT_ALLOWED_TO_DELETE_ACCOUNT']); } } else { $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', $_ARRAYLANG['TXT_ACCESS_INVALID_EXISTING_PASSWORD']); } } elseif (isset($_POST['access_change_password'])) { // change password \Cx\Core\Csrf\Controller\Csrf::check_code(); if (!empty($_POST['access_user_current_password']) && $objFWUser->objUser->checkPassword(trim(contrexx_stripslashes($_POST['access_user_current_password'])))) { $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', $objFWUser->objUser->setPassword(isset($_POST['access_user_password']) ? trim(contrexx_stripslashes($_POST['access_user_password'])) : '', isset($_POST['access_user_password_confirmed']) ? trim(contrexx_stripslashes($_POST['access_user_password_confirmed'])) : '', true) && $objFWUser->objUser->store() ? $_ARRAYLANG['TXT_ACCESS_PASSWORD_CHANGED_SUCCESSFULLY'] . (($settingsDone = true) && false) : implode('<br />', $objFWUser->objUser->getErrorMsg())); } else { $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', $_ARRAYLANG['TXT_ACCESS_INVALID_EXISTING_PASSWORD']); } } elseif (isset($_POST['access_store'])) { // store profile \Cx\Core\Csrf\Controller\Csrf::check_code(); $status = true; isset($_POST['access_user_username']) ? $objFWUser->objUser->setUsername(trim(contrexx_stripslashes($_POST['access_user_username']))) : null; $objFWUser->objUser->setEmail(isset($_POST['access_user_email']) ? trim(contrexx_stripslashes($_POST['access_user_email'])) : $objFWUser->objUser->getEmail()); $currentLangId = $objFWUser->objUser->getFrontendLanguage(); $objFWUser->objUser->setFrontendLanguage(isset($_POST['access_user_frontend_language']) ? intval($_POST['access_user_frontend_language']) : $objFWUser->objUser->getFrontendLanguage()); $objFWUser->objUser->setEmailAccess(isset($_POST['access_user_email_access']) && $objFWUser->objUser->isAllowedToChangeEmailAccess() ? contrexx_stripslashes($_POST['access_user_email_access']) : $objFWUser->objUser->getEmailAccess()); $objFWUser->objUser->setProfileAccess(isset($_POST['access_user_profile_access']) && $objFWUser->objUser->isAllowedToChangeProfileAccess() ? contrexx_stripslashes($_POST['access_user_profile_access']) : $objFWUser->objUser->getProfileAccess()); if (isset($_POST['access_profile_attribute']) && is_array($_POST['access_profile_attribute'])) { $arrProfile = $_POST['access_profile_attribute']; if (isset($_FILES['access_profile_attribute_images']) && is_array($_FILES['access_profile_attribute_images']) && ($result = $this->addUploadedImagesToProfile($objFWUser->objUser, $arrProfile, $_FILES['access_profile_attribute_images'])) !== true) { $status = false; } $objFWUser->objUser->setProfile($arrProfile); } $objFWUser->objUser->setSubscribedNewsletterListIDs(isset($_POST['access_user_newsletters']) && is_array($_POST['access_user_newsletters']) ? $_POST['access_user_newsletters'] : array()); if ($status) { if ($objFWUser->objUser->checkMandatoryCompliance() && $objFWUser->objUser->store()) { $msg = $_ARRAYLANG['TXT_ACCESS_USER_ACCOUNT_STORED_SUCCESSFULLY']; $settingsDone = true; $this->setLanguageCookie($currentLangId, $objFWUser->objUser->getFrontendLanguage()); } else { $msg = implode('<br />', $objFWUser->objUser->getErrorMsg()); } } else { $msg = implode('<br />', $result); } $this->_objTpl->setVariable('ACCESS_SETTINGS_MESSAGE', $msg); } elseif ($_GET['act'] == 'disconnect') { $objFWUser->objUser->getNetworks()->deleteNetwork($_GET['provider']); $currentUrl = clone \Env::get('Resolver')->getUrl(); $currentUrl->setParams(array('act' => null, 'provider' => null)); header('Location: ' . $currentUrl->__toString()); exit; } $this->parseAccountAttributes($objFWUser->objUser, true); $this->parseNewsletterLists($objFWUser->objUser); while (!$objFWUser->objUser->objAttribute->EOF) { $objAttribute = $objFWUser->objUser->objAttribute->getById($objFWUser->objUser->objAttribute->getId()); if (!$objAttribute->isProtected() || (\Permission::checkAccess($objAttribute->getAccessId(), 'dynamic', true) || $objAttribute->checkModifyPermission())) { $this->parseAttribute($objFWUser->objUser, $objAttribute->getId(), 0, true); } $objFWUser->objUser->objAttribute->next(); } $this->attachJavaScriptFunction('accessSetWebsite'); $this->_objTpl->setVariable(array('ACCESS_DELETE_ACCOUNT_BUTTON' => '<input type="submit" name="access_delete_account" value="' . $_ARRAYLANG['TXT_ACCESS_DELETE_ACCOUNT'] . '" />', 'ACCESS_USER_PASSWORD_INPUT' => '<input type="password" name="access_user_password" />', 'ACCESS_STORE_BUTTON' => '<input type="submit" name="access_store" value="' . $_ARRAYLANG['TXT_ACCESS_SAVE'] . '" />', 'ACCESS_CHANGE_PASSWORD_BUTTON' => '<input type="submit" name="access_change_password" value="' . $_ARRAYLANG['TXT_ACCESS_CHANGE_PASSWORD'] . '" />', 'ACCESS_JAVASCRIPT_FUNCTIONS' => $this->getJavaScriptCode())); $arrSettings = \User_Setting::getSettings(); if (function_exists('curl_init') && $arrSettings['sociallogin']['status']) { $this->parseNetworks($objFWUser->objUser); } if ($this->_objTpl->blockExists('access_user_networks')) { $this->_objTpl->{function_exists('curl_init') && $arrSettings['sociallogin']['status'] ? 'touchBlock' : 'hideBlock'}('access_user_networks'); } if ($this->_objTpl->blockExists('access_settings')) { $this->_objTpl->{$settingsDone ? 'hideBlock' : 'touchBlock'}('access_settings'); } if ($this->_objTpl->blockExists('access_settings_done')) { $this->_objTpl->{$settingsDone ? 'touchBlock' : 'hideBlock'}('access_settings_done'); } }
/** * show category * * @param integer $intCatId * @return void */ function showCategory($intCatId) { global $objDatabase, $_ARRAYLANG; $this->_communityLogin(); $intCatId = intval($intCatId); $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0; $this->_objTpl->setVariable(array('FORUM_NAME' => $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId), 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'FORUM_JAVASCRIPT' => $this->getJavascript(), 'FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'))); if ($intCatId != 0) { $arrForums = $this->createForumArray($this->_intLangId, $intCatId, 1); if (count($arrForums) > 0) { $this->_objTpl->setGlobalVariable(array('TXT_FORUM' => $_ARRAYLANG['TXT_FORUM_OVERVIEW_FORUM'], 'TXT_LASTPOST' => $_ARRAYLANG['TXT_FORUM_OVERVIEW_LASTPOST'], 'TXT_THREADS' => $_ARRAYLANG['TXT_FORUM_OVERVIEW_THREADS'], 'TXT_POSTINGS' => $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'])); $intCounter = 0; foreach ($arrForums as $intKey => $arrValues) { if ($arrValues['status'] == 1) { $this->_objTpl->setVariable(array('FORUM_SUBCATEGORY_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_SUBCATEGORY_SPACER' => (intval($arrValues['level']) - 1) * 25, 'FORUM_SUBCATEGORY_ICON' => '<img src="modules/Forum/View/Media/comment.gif" alt="comment.gif" border="0" />', 'FORUM_SUBCATEGORY_ID' => $arrValues['id'], 'FORUM_SUBCATEGORY_NAME' => $arrValues['name'], 'FORUM_SUBCATEGORY_DESC' => $arrValues['description'], 'FORUM_SUBCATEGORY_LASTPOST_ID' => $arrValues['last_post_id'], 'FORUM_SUBCATEGORY_LASTPOST_TITLE' => $arrValues['last_post_str'], 'FORUM_SUBCATEGORY_LASTPOST_DATE' => $arrValues['last_post_date'], 'FORUM_SUBCATEGORY_THREADS' => $arrValues['thread_count'], 'FORUM_SUBCATEGORY_POSTINGS' => $arrValues['post_count'])); $this->_objTpl->parse('forumSubCategory'); } } $this->_objTpl->setVariable(array('FORUM_THREADS_PAGING' => getPaging($this->_threadCount, $pos, '§ion=Forum&cmd=board&id=' . $intCatId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_THREADS'], true, $this->_arrSettings['thread_paging']))); } else { $this->_objTpl->setVariable('TXT_THREADS_NONE', $_ARRAYLANG['TXT_FORUM_THREADS_NONE']); } } else { \Cx\Core\Csrf\Controller\Csrf::header('location: index.php?section=Forum'); die; } }
/** * Do something after resolving is done * * @param \Cx\Core\ContentManager\Model\Entity\Page $page The resolved page */ public function postResolve(\Cx\Core\ContentManager\Model\Entity\Page $page) { // TODO: Deactivated license check for now. Implement new behavior. return true; global $plainCmd, $objDatabase, $_CORELANG, $_LANGID, $section; $license = \Cx\Core_Modules\License\License::getCached(\Env::get('config'), $objDatabase); switch ($this->cx->getMode()) { case \Cx\Core\Core\Controller\Cx::MODE_FRONTEND: if (!$license->isInLegalComponents('fulllanguage') && $_LANGID != \FWLanguage::getDefaultLangId()) { $_LANGID = \FWLanguage::getDefaultLangId(); \Env::get('Resolver')->redirectToCorrectLanguageDir(); } if (!empty($section) && !$license->isInLegalFrontendComponents($section)) { if ($section == 'Error') { // If the error module is not installed, show this die($_CORELANG['TXT_THIS_MODULE_DOESNT_EXISTS']); } else { //page not found, redirect to error page. \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . \Cx\Core\Routing\Url::fromModuleAndCmd('Error')); exit; } } break; case \Cx\Core\Core\Controller\Cx::MODE_BACKEND: // check if the requested module is active: if (!in_array($plainCmd, array('Login', 'noaccess', ''))) { $query = ' SELECT modules.is_licensed FROM ' . DBPREFIX . 'modules AS modules, ' . DBPREFIX . 'backend_areas AS areas WHERE areas.module_id = modules.id AND ( areas.uri LIKE "%cmd=' . contrexx_raw2db($plainCmd) . '&%" OR areas.uri LIKE "%cmd=' . contrexx_raw2db($plainCmd) . '" ) '; $res = $objDatabase->Execute($query); if (!$res->fields['is_licensed']) { $plainCmd = in_array('LicenseManager', \Env::get('cx')->getLicense()->getLegalComponentsList()) ? 'License' : 'Home'; } } // If logged in if (\Env::get('cx')->getUser()->objUser->login(true)) { $license->check(); if ($license->getState() == \Cx\Core_Modules\License\License::LICENSE_NOK) { $plainCmd = in_array('LicenseManager', \Env::get('cx')->getLicense()->getLegalComponentsList()) ? 'License' : 'Home'; $license->save($objDatabase); } $lc = \Cx\Core_Modules\License\LicenseCommunicator::getInstance(\Env::get('config')); $lc->addJsUpdateCode($_CORELANG, $license, $plainCmd == 'License'); } break; default: break; } }
/** * Delete Multiple Deals * * @param Array $dealsEntries entry ids * @param Boolean $deleteProjects status * * @global ADO Connection $objDatabase * * @return null */ function deleteDeals($dealsEntries, $deleteProjects = false) { global $objDatabase; if (!empty($dealsEntries) && is_array($dealsEntries)) { $ids = implode(',', $dealsEntries); // cahnge project to deleted status if pm module integrated if ($deleteProjects) { $deletedStatusId = $objDatabase->getOne("SELECT projectstatus_id FROM " . DBPREFIX . "module_" . $this->pm_moduleName . "_project_status WHERE deleted = 1"); $objProjects = $objDatabase->Execute("SELECT project_id FROM `" . DBPREFIX . "module_" . $this->moduleNameLC . "_deals` WHERE id IN ({$ids})"); $projectToBeDeleted = array(); if ($objProjects) { while (!$objProjects->EOF) { $projectToBeDeleted[] = (int) $objProjects->fields['project_id']; $objProjects->MoveNext(); } $projectIds = implode(',', $projectToBeDeleted); $updateProjectStatus = $objDatabase->Execute("UPDATE `" . DBPREFIX . "module_{$this->pm_moduleName}_projects`\n SET `status` = '{$deletedStatusId}'\n WHERE id IN ({$projectIds})"); } } $query = "DELETE FROM `" . DBPREFIX . "module_" . $this->moduleNameLC . "_deals` WHERE id IN ({$ids})"; $objResult = $objDatabase->Execute($query); } $message = base64_encode("dealsdeleted"); $cx = \Cx\Core\Core\Controller\Cx::instanciate(); \Cx\Core\Csrf\Controller\Csrf::header("location:" . $cx->getCodeBaseOffsetPath() . $cx->getBackendFolderName() . "/index.php?cmd=" . $this->moduleName . "&act=deals&mes={$message}"); }
/** * Searchs for an user with the given user id of the social media platform. * If there is no user, create one and directly log in. * * @param string $oauth_id the user id of the social media platform * @return bool * @throws OAuth_Exception */ protected function getContrexxUser($oauth_id) { global $sessionObj; //\DBG::activate(); $arrSettings = \User_Setting::getSettings(); $provider = $this::OAUTH_PROVIDER; $FWUser = \FWUser::getFWUserObject(); $objUser = $FWUser->objUser->getByNetwork($provider, $oauth_id); if (!$objUser) { // check whether the user is already logged in // if the user is logged in just add a new network to the user object if ($FWUser->objUser->login()) { $objUser = $FWUser->objUser; $this->addProviderToUserObject($provider, $oauth_id, $objUser); $objUser->getNetworks()->save(); return true; } // create a new user with the default profile attributes $objUser = new \User(); $objUser->setEmail($this->getEmail()); $objUser->setAdminStatus(0); $objUser->setProfile(array('firstname' => array($this->getFirstname()), 'lastname' => array($this->getLastname()))); $registrationRedirectNeeded = $arrSettings['sociallogin_show_signup']['status']; // if user_account_verification is true (1), then we need to do checkMandatoryCompliance(), because // the required fields must be set. if ($registrationRedirectNeeded == false && $arrSettings['user_account_verification']['value'] === 1) { $registrationRedirectNeeded = !$objUser->checkMandatoryCompliance(); } $objUser->setActiveStatus(!$registrationRedirectNeeded); if ($registrationRedirectNeeded) { $objUser->setRestoreKey(); $objUser->setRestoreKeyTime(intval($arrSettings['sociallogin_activation_timeout']['value']) * 60); } if (!empty($arrSettings['sociallogin_assign_to_groups']['value'])) { $groups = $arrSettings['sociallogin_assign_to_groups']['value']; } else { $groups = $arrSettings['assigne_to_groups']['value']; } $objUser->setGroups(explode(',', $groups)); // if we can create the user without sign up page if (!$objUser->store()) { // if the email address already exists but not with the given oauth-provider throw new OAuth_Exception(); } // add the social network to user $this->addProviderToUserObject($provider, $oauth_id, $objUser); $objUser->getNetworks()->save(); // check whether there are empty mandatory fields or the setting to show sign up everytime if ($registrationRedirectNeeded) { // start session if no session is open if (!isset($sessionObj) || !is_object($sessionObj)) { $sessionObj = \cmsSession::getInstance(); } // write the user id to session so we can pre-fill the sign up form $_SESSION['user_id'] = $objUser->getId(); // generate url for sign up page and redirect $signUpPageUri = \Cx\Core\Routing\Url::fromModuleAndCmd('Access', 'signup'); \Cx\Core\Csrf\Controller\Csrf::header('Location: ' . $signUpPageUri->__toString()); exit; } } $FWUser->loginUser($objUser); }