/**
* Update options data
* @return run update query and no return value
*/
function put_options()
{
$myFields = ['title' => 'site-title', 'desc' => 'site-desc', 'email' => 'site-email', 'url' => 'site-url', 'redirect' => 'site-redirect', 'register' => 'site-reg', 'permissions' => 'site-role'];
foreach ($myFields as $field => $postName) {
$qry = $this->sql()->table('options')->where('option_cat', 'options')->and('option_key', $field)->and('post_id', '#NULL')->and('user_id', '#NULL');
$fieldExist = $qry->select()->num();
// if exist more than 2 times remove all the properties
if ($fieldExist > 1) {
debug::true(T_("We find a problem and solve it!"));
$qry->delete();
$fieldExist = 0;
}
$value = utility::post($postName);
if (!$value) {
$value = '#""';
}
$qry = $qry->set('option_cat', 'options')->set('option_status', 'enable')->set('option_key', $field)->set('option_value', $value);
// if exist update field
if ($fieldExist == 1) {
$qry->update();
} else {
$qry->insert('IGNORE');
}
}
// exit();
$this->commit(function () {
debug::true(T_("Update Successfully"));
// $this->redirector()->set_url($_module.'/edit='.$_postId);
});
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}
function post_changepass()
{
$myid = $this->login('id');
$newpass = utility::post('password-new', 'hash');
$oldpass = utility::post('password-old');
$tmp_result = $this->sql()->tableUsers()->where('id', $myid)->and('user_status', 'active')->select();
// if exist
if ($tmp_result->num() == 1) {
$tmp_result = $tmp_result->assoc();
$myhashedPassword = $tmp_result['user_pass'];
// if password is correct. go for login:)
if (isset($myhashedPassword) && utility::hasher($oldpass, $myhashedPassword)) {
$newpass = utility::post('password-new', 'hash');
$qry = $this->sql()->table('users')->where('id', $myid)->set('user_pass', $newpass);
$sql = $qry->update();
$this->commit(function () {
debug::true(T_("change password successfully"));
$this->redirector()->set_domain()->set_url();
// \lib\utility\Sms::send($_mobile, 'changepass');
});
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::error(T_("change password failed!"));
});
} else {
debug::error(T_("Password is incorrect"));
}
} elseif ($tmp_result->num() == 0) {
debug::error(T_("user is incorrect"));
} else {
debug::error(T_("Please forward this message to administrator"));
}
sleep(0.1);
}
/**
* signup to system
* @return [type] [description]
*/
public function post_signup()
{
// get parameters and set to local variables
$mymobile = utility::post('mobile', 'filter');
$mypass = utility::post('password', 'hash');
$myperm = $this->option('account');
if (!$myperm) {
$myperm = 'NULL';
}
$user_id = \lib\db\users::signup($mymobile, $mypass, $myperm);
if ($user_id) {
// generate verification code
// save in logs table
// set SESSION verification_mobile
$code = \lib\utility\filter::generate_verification_code($user_id, $mymobile);
if ($code) {
\lib\utility\sms::send($mymobile, 'signup', $code);
debug::true(T_("Register successfully"));
$this->redirector()->set_url('verification?from=signup&mobile=' . $mymobile);
// $this->redirector()->set_url('login?from=signup&cp=1&mobile='.$mymobile);
} else {
debug::error(T_("Please contact to administrator!"));
}
} elseif ($user_id === false) {
debug::error(T_("Mobile number exist!"));
} else {
debug::error(T_("Please contact to administrator!"));
}
}
public function post_signup()
{
// get parameters and set to local variables
$mymobile = utility::post('mobile', 'filter');
$mypass = utility::post('password', 'hash');
// check for mobile exist
$tmp_result = $this->sql()->tableUsers()->whereUser_mobile($mymobile)->select();
// if exist
if ($tmp_result->num() == 1) {
debug::error(T_("mobile number exist!"));
} elseif ($tmp_result->num() == 0) {
$qry = $this->sql()->tableUsers()->setUser_mobile($mymobile)->setUser_pass($mypass)->setUser_permission(3)->setUser_createdate(date('Y-m-d H:i:s'));
$sql = $qry->insert();
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
// if query run without error means commit
$this->commit(function ($_mobile) {
// \lib\utility\Sms::send($_mobile, 'signup', $_code);
debug::true(T_("register successfully"));
// $this->redirector()->set_url('verification?from=signup&mobile='.$_mobile.'&referer='.$myreferer);
// $this->redirector()->set_url('login?from=signup&mobile='.$_mobile);
}, $mymobile);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::error(T_("register failed!"));
});
} else {
debug::error(T_("please forward this message to administrator"));
}
}
public function post_login()
{
// get parameters and set to local variables
$mymobile = utility::post('mobile', 'filter');
$mypass = utility::post('password');
// check for mobile exist
$tmp_result = $this->sql()->tableUsers()->whereUser_mobile($mymobile)->and('user_status', 'active')->select();
// $tmp_result = $this->sql()->tableUsers()->select();
// if exist
if ($tmp_result->num() == 1) {
$tmp_result = $tmp_result->assoc();
$myhashedPassword = $tmp_result['user_pass'];
// if password is correct. go for login:)
if (isset($myhashedPassword) && utility::hasher($mypass, $myhashedPassword)) {
// you can change the code way easily at any time!
// $qry = $this->sql()->tableUsers ()
// ->setUser_logincounter ($tmp_result['user_logincounter'] +1)
// ->whereId ($tmp_result['id']);
// $sql = $qry->update();
$myfields = array('id', 'user_displayname', 'user_mobile', 'user_meta', 'user_status');
$this->setLoginSession($tmp_result, $myfields);
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
// if query run without error means commit
$this->commit(function () {
// $this->logger('login');
// create code for pass with get to service home page
debug::true(T_("Login Successfully"));
\lib\utility\session::save();
$referer = \lib\router::urlParser('referer', 'host');
// set redirect to homepage
$this->redirector()->set_domain()->set_url();
if (\lib\utility\option::get('account', 'status')) {
$_redirect_sub = \lib\utility\option::get('account', 'meta', 'redirect');
if ($_redirect_sub !== 'home') {
if (\lib\utility\option::get('config', 'meta', 'fakeSub')) {
$this->redirector()->set_url($_redirect_sub);
} else {
$this->redirector()->set_sub_domain($_redirect_sub);
}
}
}
// do not use pushstate and run link direct
debug::msg('direct', true);
});
$this->rollback(function () {
debug::error(T_("Login failed!"));
});
} else {
debug::error(T_("Mobile or password is incorrect"));
}
} elseif ($tmp_result->num() == 0) {
debug::error(T_("Mobile or password is incorrect"));
} else {
debug::error(T_("Please forward this message to administrator"));
}
// sleep(0.1);
}
public function post_login()
{
// get parameters and set to local variables
$mymobile = utility::post('mobile', 'filter');
$mypass = utility::post('password');
// check for mobile exist
$tmp_result = $this->sql()->tableUsers()->whereUser_mobile($mymobile)->and('user_status', 'active')->select();
// $tmp_result = $this->sql()->tableUsers()->select();
// if exist
if ($tmp_result->num() == 1) {
$tmp_result = $tmp_result->assoc();
$myhashedPassword = $tmp_result['user_pass'];
// if password is correct. go for login:)
if (isset($myhashedPassword) && utility::hasher($mypass, $myhashedPassword)) {
// you can change the code way easily at any time!
// $qry = $this->sql()->tableUsers ()
// ->setUser_logincounter ($tmp_result['user_logincounter'] +1)
// ->whereId ($tmp_result['id']);
// $sql = $qry->update();
$myfields = array('id', 'user_displayname', 'user_mobile', 'user_status');
$this->setLoginSession($tmp_result, $myfields);
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
// if query run without error means commit
$this->commit(function () {
// $this->logger('login');
// create code for pass with get to service home page
debug::true(T_("Login Successfully"));
$referer = \lib\router::urlParser('referer', 'host');
/**
* temporary: after fix permissions below line must be delete
*/
if ($referer == 'archiver.dev' || $referer == 'irancamera.ir') {
$this->redirector()->set_domain()->set_sub_domain('files')->set_url();
} elseif (\lib\router::get_storage('CMS')) {
$this->redirector()->set_domain()->set_sub_domain(\lib\router::get_storage('CMS'))->set_url();
} else {
$this->redirector()->set_domain()->set_url();
}
});
$this->rollback(function () {
debug::error(T_("Login failed!"));
});
} else {
debug::error(T_("Mobile or password is incorrect"));
}
} elseif ($tmp_result->num() == 0) {
debug::error(T_("Mobile or password is incorrect"));
} else {
debug::error(T_("Please forward this message to administrator"));
}
sleep(0.1);
}
function _route()
{
if (!$this->login()) {
$mydomain = AccountService ? AccountService . MainTld : null;
\lib\debug::warn(T_("first of all, you must login to system!"));
$this->redirector(null, false)->set_domain($mydomain)->set_url('login')->redirect();
exit;
}
// Check permission and if user can do this operation
// allow to do it, else show related message in notify center
$this->access('cp', null, null, 'block');
}
/**
* Update profile data
* @return run update query and no return value
*/
function put_profile()
{
$qry = $this->sql()->table('users')->where('id', $this->login('id'))->set('user_mobile', utility::post('mobile'))->set('user_email', utility::post('email'))->set('user_displayname', utility::post('displayname'));
$qry->update();
$this->commit(function () {
debug::true(T_("Update Successfully"));
// $this->redirector()->set_url($_module.'/edit='.$_postId);
});
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}
public function put_verification()
{
// get parameters and set to local variables
$mycode = utility::post('code');
$mymobile = utility::post('mobile', 'filter');
if ($mymobile == '' && isset($_SESSION['verification_mobile'])) {
$mymobile = $_SESSION['verification_mobile'];
}
$myuserid = $this->sql()->table('users')->field('id')->where('user_mobile', $mymobile)->select()->assoc('id');
// check for mobile exist
$tmp_result = $this->sql()->table('logs')->where('user_id', $myuserid)->and('log_data', $mycode)->and('log_status', 'enable')->select();
if ($tmp_result->num()) {
// mobile and code exist update the record and verify
$qry = $this->sql()->table('logs')->set('log_status', 'expire')->where('user_id', $myuserid)->and('log_data', $mycode)->and('log_status', 'enable');
$sql = $qry->update();
$sql_users = $this->sql()->table('users')->where('id', $myuserid)->set('user_status', 'active')->update();
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
//
// if query run without error means commit
$this->commit(function ($_mobile, $_userid) {
$myfrom = utility\cookie::read('from');
if ($myfrom == 'signup') {
// login user to system
$this->model()->setLogin($_userid);
//Send SMS
\lib\utility\sms::send($_mobile, 'verification');
debug::true(T_("verify successfully."));
} else {
// login user to system
$this->model()->setLogin($_userid, false);
$this->redirector()->set_url('changepass');
$myreferer = utility\cookie::write('mobile', $_mobile, 60 * 5);
$myreferer = utility\cookie::write('from', 'verification', 60 * 5);
debug::true(T_("verify successfully.") . ' ' . T_("please Input your new password"));
}
}, $mymobile, $myuserid);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::error(T_("verify failed!"));
});
} elseif ($tmp_result->num() == 0) {
debug::error(T_("this data is incorrect"));
} else {
debug::error(T_("please forward this message to administrator"));
}
}
/**
* Update profile data
* @return run update query and no return value
*/
function put_profile()
{
// Check permission and if user can do this operation
// allow to do it, else show related message in notify center
$this->access('cp', 'posts', 'delete', 'notify');
$qry = $this->sql()->table('users')->where('id', $this->login('id'))->set('user_mobile', utility::post('mobile'))->set('user_email', utility::post('email'))->set('user_displayname', utility::post('displayname'));
$qry->update();
$this->commit(function () {
debug::true(T_("Update Successfully"));
// $this->redirector()->set_url($_module.'/edit='.$_postId);
});
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}
/**
* [delete_commit description]
* @param [type] $_qry [description]
* @return [type] [description]
*/
protected function delete_commit($_qry)
{
$_qry = $_qry->delete();
// var_dump($_qry);exit();
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
//
// if query run without error means commit
$this->commit(function () {
debug::true(T_("Delete Successfully"));
});
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::error(T_("Delete Failed!"));
});
}
function put_changeSmsStatus($mymobile)
{
$qry = $this->sql()->tableSmss()->setSms_status('expire')->whereSms_from($mymobile)->andSms_type('receive')->andSms_status('enable');
$sql = $qry->update();
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
//
// if query run without error means commit
$this->commit(function () {
debug::true(T_('we receive your message and your account is now verifited.'));
});
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::error(T_('error on verify your code!'));
});
}
public static function send($_mobile, $_status = null, $_arg = null, $_service = MainService)
{
$_status = is_null($_status) ? \lib\router::get_url() : $_status;
$mymessage = T_(ucfirst($_service)) . "\n";
switch ($_status) {
case 'signup':
$mymessage .= T_('your verification code is') . ' ' . $_arg;
break;
case 'recovery':
$mymessage .= T_('your recovery code is') . ' ' . $_arg;
break;
case 'verification':
$mymessage .= T_('you account is verified successfully');
break;
case 'changepass':
$mymessage .= T_('your password is changed successfully');
break;
default:
$mymessage .= T_('thanks for using our service') . "\n" . T_('made in iran');
break;
}
$mymessage .= "\n\n" . ucfirst($_service) . '.com';
if (substr($_mobile, 0, 2) == '98') {
$iran = true;
} else {
$iran = null;
}
if ($iran) {
$api = new \KavenegarApi();
$result = $api->send($_mobile, $mymessage, 0);
// $result = $api->select(27657835);
// $result = $api->cancel(27657835);
// $result = $api->selectoutbox(1410570000);
// $result = $api->account_info();
// var_dump($result);exit();
} else {
\lib\debug::warn(T_('now we only support Iran!'));
if (DEBUG) {
\lib\debug::warn("Think sms is send to {$_mobile}!");
\lib\debug::true($mymessage);
}
}
}
private function execute($_url, $_data)
{
$headers = array('Accept: application/json', 'Content-Type: application/x-www-form-urlencoded', 'charset: utf-8');
$fields_string = null;
if (!is_null($_data)) {
foreach ($_data as $key => $value) {
$fields_string .= $key . '=' . $value . '&';
}
rtrim($fields_string, '&');
}
// for debug you can uncomment below line to see the send parameters
// var_dump($_data);
//======================================================================================//
if (function_exists('curl_init')) {
$handle = curl_init();
curl_setopt($handle, CURLOPT_URL, $_url);
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $fields_string);
$response = curl_exec($handle);
$mycode = curl_getinfo($handle, CURLINFO_HTTP_CODE);
// check mycode in special situation, if has default code with status handle it
curl_close($handle);
//=====================================================================================//
// for debug you can uncomment below line to see the result get from server
// var_dump($response);
if (!$response) {
$this->status = -1;
$this->msg = null;
return 22;
}
$json_data = json_decode($response, true);
$this->status = $json_data["return"]["status"];
$this->msg = $json_data["return"]["message"];
return $json_data["entries"];
} else {
\lib\debug::true(T_("Error on Sms system"));
}
}
function _permission($_content = null, $_login = true)
{
// if user is not login then redirect
if ($_login && !$this->login()) {
\lib\debug::warn(T_("first of all, you must login to system!"));
$mydomain = \lib\utility\option::get('config', 'meta', 'redirectURL');
if ($mydomain && $mydomain !== 'on') {
$this->redirector($mydomain . '/login', false)->redirect();
} else {
$this->redirector(null, false)->set_domain()->set_url('login')->redirect();
}
}
// if content is not set then
if ($_content === null) {
$_content = \lib\router::get_sub_domain();
}
// Check permission and if user can do this operation
// allow to do it, else show related message in notify center
$this->access($_content, null, null, 'block');
}
public function post_recovery()
{
// get parameters and set to local variables
$mymobile = utility::post('mobile', 'filter');
// check for mobile exist
$tmp_result = $this->sql()->table('users')->where('user_mobile', $mymobile)->select();
if ($tmp_result->num() == 1) {
$myuserid = $tmp_result->assoc('id');
$mylogitem = $this->sql()->table('logitems')->field('id')->where('logitem_title', 'account/recovery')->select()->assoc('id');
if (!isset($mylogitem)) {
return;
}
$mycode = utility::randomCode();
$qry = $this->sql()->table('logs')->set('logitem_id', $mylogitem)->set('user_id', $myuserid)->set('log_data', $mycode)->set('log_status', 'enable')->set('log_createdate', date('Y-m-d H:i:s'));
// var_dump($qry->insertString());
// return;
$sql = $qry->insert();
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
//
// if query run without error means commit
$this->commit(function ($_mobile, $_code) {
$myreferer = utility\Cookie::read('referer');
//Send SMS
\lib\utility\Sms::send($_mobile, 'recovery', $_code);
debug::true(T_("we send a verification code for you"));
$myreferer = utility\Cookie::write('mobile', $_mobile, 60 * 5);
$myreferer = utility\Cookie::write('from', 'recovery', 60 * 5);
$this->redirector()->set_url('verification?from=recovery&mobile=' . $_mobile . '&referer=' . $myreferer);
}, $mymobile, $mycode);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::error(T_("recovery failed!"));
});
} elseif ($tmp_result->num() == 0) {
debug::error(T_("Mobile number is incorrect"));
} else {
debug::error(T_("please forward this message to administrator"));
}
}
/**
* return
* @param string $_loc location
* @param string $_type type of permission needed
* @return [type] [description]
*/
public function access($_content = null, $_loc = null, $_type = null, $_block = null)
{
$myStatus = null;
// if programmer not set content, give it automatically from address
if ($_content === 'all') {
$myStatus = [];
if (isset($_SESSION['permission'])) {
foreach ($_SESSION['permission'] as $key => $value) {
if (isset($value['enable'])) {
$myStatus[$key] = $value['enable'];
}
}
}
return $myStatus;
} elseif (!$_content) {
$_content = router::get_repository_name();
$_content = substr($_content, strpos($_content, '_') + 1);
}
// if user want specefic location
if ($_loc == 'all') {
if (isset($_SESSION['permission'][$_content]['modules'])) {
$myStatus = $_SESSION['permission'][$_content]['modules'];
}
} elseif ($_loc) {
if ($_type) {
if (isset($_SESSION['permission'][$_content]['modules'][$_loc][$_type])) {
$myStatus = $_SESSION['permission'][$_content]['modules'][$_loc][$_type];
}
} else {
if (isset($_SESSION['permission'][$_content]['modules'][$_loc])) {
$myStatus = $_SESSION['permission'][$_content]['modules'][$_loc];
}
}
} else {
if (isset($_SESSION['permission'][$_content]['enable'])) {
$myStatus = $_SESSION['permission'][$_content]['enable'];
}
}
if (!$myStatus) {
if ($_block === "notify" && $_type && $_loc) {
$msg = null;
switch ($_type) {
case 'view':
$msg = "You can't view this part of system";
break;
case 'add':
$msg = T_("you can't add new") . ' ' . T_($_loc);
break;
case 'edit':
$msg = T_("you can't edit") . ' ' . T_($_loc);
break;
case 'delete':
$msg = T_("you can't delete") . ' ' . T_($_loc);
break;
default:
$msg = "you can't access to this part of system";
break;
}
$msg = $msg . "<br/>" . T_(" Because of your permission");
\lib\debug::error(T_($msg));
$this->model()->_processor(object(array("force_json" => true, "force_stop" => true)));
} elseif ($_block) {
\lib\error::access(T_("you can't access to this page!"));
}
}
return $myStatus;
}
/**
* set options
* @return [type] return json contain datatable values
*/
public function get_options()
{
$opt = $this->model()->options();
debug::property('data', $opt);
$this->model()->_processor(object(array("force_json" => true, "force_stop" => true)));
// echo(json_encode($result, JSON_FORCE_OBJECT));
// exit();
}
/**
* [_processor description]
* @param boolean $options [description]
* @return [type] [description]
*/
public function _processor($options = false)
{
if (is_array($options)) {
$options = (object) $options;
}
$force_json = gettype($options) == 'object' && isset($options->force_json) && $options->force_json ? true : false;
$force_stop = gettype($options) == 'object' && isset($options->force_stop) && $options->force_stop ? true : false;
$not_redirect = gettype($options) == 'object' && isset($options->not_redirect) && $options->not_redirect ? true : false;
if ($not_redirect) {
$this->controller()->redirector = false;
}
if (\saloos::is_json_accept() || $force_json) {
header('Content-Type: application/json');
if (isset($this->controller()->redirector) && $this->controller()->redirector) {
$_SESSION['debug'][md5(strtok($this->redirector()->redirect(true), '?'))] = debug::compile();
debug::msg("redirect", $this->redirector()->redirect(true));
}
echo debug::compile(true);
} elseif (!\lib\router::get_storage('api') && strtolower($_SERVER['REQUEST_METHOD']) == "post") {
$this->redirector();
}
if (isset($this->controller()->redirector) && $this->controller()->redirector && !\saloos::is_json_accept()) {
$_SESSION['debug'][md5(strtok($this->redirector()->redirect(true), '?'))] = debug::compile();
$this->redirector()->redirect();
}
if ($force_stop) {
exit;
}
}
/**
* create a related query and run it
* @param [type] $_type [description]
* @return [type] [description]
*/
protected function qryPermission($_type)
{
$newPerm = utility::post('pName');
switch ($_type) {
case 'add':
if (!$newPerm) {
debug::warn(T_("First you must enter name of permission"));
return;
}
// check permission exist or not
$qryExist = $this->qryCreator($_type);
$qryExist = $qryExist->select()->num();
// if exist show related message
if ($qryExist) {
debug::warn(T_("This permission name exist!") . " " . T_("You can edit this permission"));
return;
}
// get last id in permissions
$qryMaxID = $this->qryCreator();
$qryMaxID = $qryMaxID->field('#max(option_key) as id')->select()->assoc('id');
// permission id start from 2 because id 1 used for superuser
$qryMaxID += $qryMaxID == 0 ? 2 : 1;
$qryAdd = $this->qryCreator();
$qryAdd = $qryAdd->set('option_cat', 'permissions')->set('option_key', $qryMaxID)->set('option_value', $newPerm)->set('option_status', 'enable')->insert();
$qryAdd = $qryAdd;
break;
case 'delete':
$delParam = $this->childparam('delete');
// if user pass child param, get this param and update status of permission
if ($delParam) {
$qryDel = $this->qryCreator($_type, $delParam);
$qryDel = $qryDel->set('option_status', 'disable')->update();
\lib\utility\session::deleteByPerm($editParam);
}
break;
case 'edit':
$editParam = $this->childparam('edit');
if ($editParam) {
$permResult = \lib\utility\permission::permListFill(true);
$permResult = json_encode($permResult, JSON_FORCE_OBJECT | JSON_UNESCAPED_UNICODE);
$qryEdit = $this->qryCreator($_type, $editParam);
$qryEdit = $qryEdit->set('option_meta', $permResult)->update();
\lib\utility\session::deleteByPerm($editParam);
$this->setPermissionSession();
}
break;
default:
break;
}
$this->commit(function ($_type, $_permName) {
switch ($_type) {
case 'add':
debug::true(T_("Insert Successfully"));
$this->redirector()->set_url('permissions/' . $_permName);
break;
case 'delete':
debug::true(T_("Delete Successfully"));
break;
case 'edit':
debug::true(T_("Update Successfully"));
break;
default:
break;
}
}, $_type, $newPerm);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}
/**
* do telegram settings
* @param [type] $_options [description]
* @return [type] [description]
*/
public function doTelegram($_options)
{
// if key is fake do not run telegram hook
if (!isset($_options['key']) || strlen($_options['key']) < 20) {
return null;
}
if (isset($_options['debug']) && $_options['debug']) {
return false;
}
if (isset($_options['hook'])) {
$result = \lib\telegram\tg::setWebhook();
} else {
$result = \lib\telegram\tg::unsetWebhook();
}
debug::true($result);
}
/**
* remove sessions and update ssid record in db for logout user from system
* @param [type] $_status [description]
* @return [type] [description]
*/
public function put_logout($_status = null)
{
$_ssid = isset($_SESSION['ssid']) ? $_SESSION['ssid'] : null;
// unset and destroy session then regenerate it
session_unset();
if (session_status() === PHP_SESSION_ACTIVE) {
session_destroy();
// session_regenerate_id(true);
}
if ($_ssid === null) {
return null;
}
// login user to system and set status to expire
$qry = $this->sql()->table('options')->set('option_status', 'disable')->where('option_cat', 'cookie_token')->and('option_key', ClientIP)->and('option_value', $_ssid);
$sql = $qry->update();
$this->commit(function () {
debug::true(T_("logout successfully"));
});
$this->rollback();
// debug::true(T_("logout successfully out"));
// $_SESSION['debug'][md5('http://ermile.dev')] = debug::compile();
if ($_status === 'redirect') {
$this->redirector()->set_domain()->set_url();
//->redirect();
$this->model()->_processor();
}
return null;
}
public function delete($_qry = null, $_id = null, $_table = null)
{
// if user pass the qry use it else use our automatic creator
// $myqry = $_qry? $_qry: null;
if (!$_qry) {
$tmp_table = $_table ? $_table : 'table' . ucfirst($this->module());
$tmp_id = $_id ? $_id : $this->childparam('delete');
$tmp_id = $tmp_id ? $tmp_id : \lib\utility::post('id');
$_qry = $this->sql()->{$tmp_table}()->whereId($tmp_id);
// var_dump($_qry);
}
if (!$_qry->select()->num()) {
debug::error(T_("id does not exist!"));
return false;
}
return $this->delete_commit($_qry);
}
/**
* optimize sql table, fields and value
* @param [string] $table [set table name]
* @param [string] $field [set field name]
* @param [string] $value [set value]
* @return [string] [optimize of string]
* @example
* oSting(users) return #users#
* oSting(users, id) return #users.id#
* oSting(users, id, 150) return #users.id 150#
*/
public function oString($table, $field = null, $value = null, $checkCondition = true)
{
if ($value !== null) {
$cInt = false;
// for insert or update multiple row
if (is_array($value)) {
} elseif (preg_match("/^#(.*)\$/", $value, $v)) {
$value = $v[1];
$cInt = true;
} elseif (substr($value, 0, 1) == '#') {
$value = substr($value, 1);
$cInt = true;
} else {
$sTable = "get" . ucfirst(dbconnection::get_db_name());
$cTable = sql\table::$sTable($table);
if (isset($cTable->{$field})) {
$type = $cTable->{$field}->type;
$int = array("int", "tinyint", "smallint", "decimal");
preg_match("/^([^@]*)@/", $type, $tp);
if (preg_grep("/^" . $tp[1] . "\$/", $int)) {
$cInt = true;
}
if ($this->auto_validate) {
$status = $this->auto_validate($field, $cTable->{$field}, $value);
if (!is_bool($status)) {
\lib\debug::error($status, $field, 'form');
}
}
}
if (isset($cTable->{$field}->closure) && $checkCondition) {
$gTable = $cTable->{$field}->closure;
$value = preg_replace("/^\\\\#/", "#", $value);
$v = new validator(array($field, $value), $gTable->validate, 'form');
$value = $v->compile();
$value = $value == '' && is_string($value) && $value === false ? "NULL" : $value;
}
// switch by type of field and encode data if needed
// var_dump($cTable->$field->type);
if (isset($cTable->{$field}->type)) {
$atPos = strpos($cTable->{$field}->type, '@');
} else {
// return false;
\lib\error::page("Field {$field} does not exist!");
}
if ($atPos !== false) {
switch (substr($cTable->{$field}->type, 0, $atPos)) {
// if the type of field is int do nothing
case 'tinyint':
case 'smallint':
case 'mediumint':
case 'int':
case 'bigint':
case 'decimal':
case 'float':
break;
// else doing entities
// else doing entities
case 'tinytext':
case 'text':
case 'mediumtext':
case 'longtext':
default:
// if does not contain meta doing nothing and encode value
if (strpos($field, '_meta') === false) {
$value = htmlentities($value, ENT_QUOTES, "UTF-8");
}
break;
}
}
// if(!$cInt)
// {
// $value = htmlentities($value, ENT_QUOTES, "UTF-8");
// }
}
if (is_array($value)) {
$optimize = $value;
} else {
$optimize = $cInt ? "{$value}" : "'{$value}'";
}
} else {
$optimize = "`{$table}`";
if ($field) {
if (preg_match("/^#/", $field)) {
$optimize = preg_replace("/^#/", "", $field);
} else {
// $optimize .= $field ? ($field === "*") ? ".$field" : ".`$field`" : "";
if ($field) {
if ($field === "*") {
$optimize .= ".{$field}";
} else {
$optimize .= ".`{$field}`";
}
} else {
$optimize .= "";
}
}
}
}
return $optimize;
}
public function _corridor()
{
if (method_exists($this, 'corridor')) {
$this->corridor();
}
if (!$this->method) {
$this->method = 'get';
}
$processor_arg = false;
if (isset($this->model_api_processor)) {
$name = $this->model_api_processor->method;
$args = $this->model_api_processor->args;
$api_callback = call_user_func_array(array($this->model(), $name), array($args));
$this->api_callback = $api_callback;
}
if (saloos::is_json_accept()) {
$this->display = false;
}
if (!\lib\router::get_storage('api') && $this->method == 'get' && $this->display) {
$this->view();
if (isset($this->view_api_processor)) {
$name = $this->view_api_processor->method;
$args = $this->view_api_processor->args;
if (isset($this->api_callback)) {
$args->api_callback = $api_callback;
}
call_user_func_array(array($this->view(), $name), array($args));
}
if ($this->display) {
$this->view()->corridor();
}
} elseif (router::get_storage('api') || !$this->display) {
$mycallback = isset($this->api_callback) ? $this->api_callback : null;
debug::msg('callback', $mycallback);
$processor_arg = object(array('force_json' => true));
}
if ($this->model) {
$this->model()->_processor($processor_arg);
}
}
public function display()
{
$render = false;
if (\saloos::is_Ajax()) {
$this->data->display['main'] = "content/main/layout-xhr.html";
$this->data->display['home'] = "content/home/display-xhr.html";
$this->data->display['cp'] = "content_cp/home/layout-xhr.html";
$this->data->display['account'] = "content_account/home/layout-xhr.html";
if ($this->method_exists("pushState")) {
$this->ipushState();
}
}
$module = preg_replace("/^[^\\/]*\\/?content/", "content", get_class($this->controller));
$module = preg_replace("/^content\\\\|(model|view|controller)\$/", "", $module);
$module = preg_replace("/[\\\\]/", "/", $module);
$a_repository = preg_split("/[\\/]/", router::get_repository(), -1, PREG_SPLIT_NO_EMPTY);
$repository = end($a_repository);
$repository = $repository === 'content' ? $repository . '/' : null;
// $tmpname = ($this->controller()->display_name)? $this->controller()->display_name : $repository.'/'.$module.'display.html';
$tmpname = $this->controller()->display_name ? $this->controller()->display_name : $repository . $module . 'display.html';
// ************************************************************************************ Twig
// twig method
$this->add_twig_filter('fcache');
$this->add_twig_filter('jdate');
$this->add_twig_filter('tdate');
$this->add_twig_filter('sdate');
$this->add_twig_filter('readableSize');
$this->add_twig_filter('persian');
$this->add_twig_filter('humantime');
$this->add_twig_filter('exist');
$this->add_twig_filter('decode');
$this->add_twig_function('breadcrumb');
$this->add_twig_function('posts');
require_once core . 'Twig/lib/Twig/Autoloader.php';
\Twig_Autoloader::register();
$loader = new \Twig_Loader_Filesystem($this->twig_include_path);
$array_option = array();
if ($this->controller()->debug()) {
$array_option['debug'] = true;
}
// twig var_dump filter for dumping value
$filter_dump = new \Twig_SimpleFilter('dump', 'var_dump');
// Delete a key of an array
$filter_unset_type = new \Twig_SimpleFilter('unset_type', function ($array = null) {
unset($array['attr']['type']);
return $array;
});
$twig = new \Twig_Environment($loader, $array_option);
$twig->addFilter($filter_dump);
// add a new filter to twig
$twig->addFilter($filter_unset_type);
// add a new filter to twig
$twig->addGlobal("session", $_SESSION);
if ($this->controller()->debug()) {
$twig->addExtension(new \Twig_Extension_Debug());
} else {
$this->add_twig_function('dump');
}
$twig->addExtension(new \Twig_Extensions_Extension_I18n());
$this->twig_Extentions($twig);
$template = $twig->loadTemplate($tmpname);
if (\saloos::is_Ajax()) {
$this->data->global->debug = \lib\debug::compile();
$req = apache_request_headers();
$xhr_render = $template->render($this->data->_toArray());
// $this->data->display['mvc'] = $this->data->display['xhr'];
$md5 = md5(json_encode($this->data->global) . $xhr_render);
if (isset($req['Cached-MD5']) && $req['Cached-MD5'] == $md5) {
echo json_encode(array("getFromCache" => true));
} else {
// $this->data->global->md5 = $md5;
echo json_encode($this->data->global);
echo "\n";
echo $xhr_render;
}
} else {
$template->display($this->data->_toArray());
}
}
/**
* this function set custom operator for each custom module in cp
* @param [type] $_id [description]
* @return [type] [description]
*/
function cp_create_query($_id = null)
{
if (!$_id) {
$_id = $this->childparam('edit');
}
$cpModule = $this->cpModule();
$mymodule = $this->cpModule('raw');
$qry = $this->sql();
$datarow = array();
$datarow['slug'] = utility::post('slug', 'filter');
$datarow['parent'] = utility::post('parent');
if (!$datarow['slug']) {
$datarow['slug'] = utility\filter::slug(utility::post('title'));
}
if ($datarow['parent']) {
$datarow['url'] = $this->sql()->table('terms')->where('id', $datarow['parent'])->select()->assoc('term_url') . '/' . $datarow['slug'];
} else {
$datarow['parent'] = '#NULL';
$datarow['url'] = $datarow['slug'];
}
if ($cpModule['raw'] === 'bookcategories') {
$datarow['url'] = 'book-index/' . preg_replace("#^(book-index\\/)+#", "", $datarow['url']);
}
// var_dump($datarow['slug']);exit();
if (utility::post('title')) {
$qry = $qry->table('terms')->set('term_type', $cpModule['type'])->set('term_language', utility::post('language'))->set('term_title', utility::post('title'))->set('term_slug', $datarow['slug'])->set('term_desc', utility::post('desc'))->set('term_parent', $datarow['parent'])->set('term_url', $datarow['url']);
} else {
debug::error(T_("Please enter title!"));
return false;
}
$post_new_id = null;
if ($_id) {
// on edit
$qry = $qry->where('id', $_id)->update();
$post_new_id = $_id;
} else {
// on add
$qry = $qry->insert();
$post_new_id = $qry->LAST_INSERT_ID();
}
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
// if query run without error means commit
$this->commit(function ($_module, $_postId, $_edit = null) {
if ($_edit) {
debug::true(T_("Update Successfully"));
// $this->redirector()->set_url($_module.'/edit='.$_postId);
} else {
debug::true(T_("Insert Successfully"));
$this->redirector()->set_url($_module . '/add');
// $this->redirector()->set_url($_module.'/edit='.$_postId);
}
}, $mymodule, $post_new_id, $_id);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}
/**
* return
* @param string $_loc location
* @param string $_type type of permission needed
* @return [type] [description]
*/
public static function access($_content = null, $_loc = null, $_type = null, $_block = null)
{
$myStatus = null;
$su = null;
// if user is superviser then set su to true
// permission id 1 is supervisior of system
if (isset($_SESSION['user']['permission']) && $_SESSION['user']['permission'] === "1") {
$su = true;
$suStatus = self::permListFill('su');
}
// if programmer not set content, give it automatically from address
if ($_content === 'all') {
$myStatus = [];
if ($su) {
foreach ($suStatus as $key => $value) {
if (isset($value['enable'])) {
$myStatus[$key] = $value['enable'];
}
}
} elseif (isset($_SESSION['permission'])) {
foreach ($_SESSION['permission'] as $key => $value) {
if (isset($value['enable'])) {
$myStatus[$key] = $value['enable'];
}
}
}
return $myStatus;
} elseif (!$_content) {
$_content = \lib\router::get_repository_name();
if ($_content !== "content") {
$_content = substr($_content, strpos($_content, '_') + 1);
}
}
if (!isset($suStatus[$_content]) || !isset($suStatus[$_content]['modules'])) {
$su = false;
}
// if user want specefic location
if ($_loc == 'all') {
if ($su) {
$myStatus = $suStatus[$_content]['modules'];
} elseif (isset($_SESSION['permission'][$_content]['modules'])) {
$myStatus = $_SESSION['permission'][$_content]['modules'];
}
} elseif ($_loc) {
if ($_type) {
if ($su) {
if (isset($suStatus[$_content]['modules'][$_loc][$_type])) {
$myStatus = $suStatus[$_content]['modules'][$_loc][$_type];
}
} elseif (isset($_SESSION['permission'][$_content]['modules'][$_loc][$_type])) {
$myStatus = $_SESSION['permission'][$_content]['modules'][$_loc][$_type];
}
} else {
if ($su) {
$myStatus = $suStatus[$_content]['modules'][$_loc];
} elseif (isset($_SESSION['permission'][$_content]['modules'][$_loc])) {
$myStatus = $_SESSION['permission'][$_content]['modules'][$_loc];
}
}
} else {
if ($su) {
$myStatus = $suStatus[$_content]['enable'];
} elseif (isset($_SESSION['permission'][$_content]['enable'])) {
$myStatus = $_SESSION['permission'][$_content]['enable'];
}
}
if (!$myStatus) {
if ($_block === "notify" && $_type && $_loc) {
$msg = null;
switch ($_type) {
case 'view':
$msg = "You can't view this part of system";
break;
case 'add':
$msg = T_("You can't add new") . ' ' . T_($_loc);
break;
case 'edit':
$msg = T_("You can't edit") . ' ' . T_($_loc);
break;
case 'delete':
$msg = T_("You can't delete") . ' ' . T_($_loc);
break;
default:
$msg = "You can't access to this part of system";
break;
}
$msg = $msg . "<br/> " . T_("Because of your permission");
\lib\debug::error(T_($msg));
// exit();
} elseif ($_block) {
\lib\error::access(T_("You can't access to this page!"));
} else {
// do nothing!
}
}
return $myStatus;
}
function _route()
{
if (!$this->login() && Tld !== 'dev') {
$mydomain = AccountService ? AccountService . MainTld : null;
\lib\debug::warn(T_("first of all, you must login to system!"));
$this->redirector(null, false)->set_domain($mydomain)->set_url('login')->redirect();
exit;
}
// // Restrict unwanted module
// if(!$this->cpModlueList())
// \lib\error::page(T_("Not found!"));
$mymodule = $this->cpModule('table');
$cpModule = $this->cpModule('raw');
// var_dump($this->child());
$this->display_name = 'content_cp/templates/raw.html';
switch ($this->child()) {
case 'dbtables':
\lib\utility\dbTables::create();
exit;
break;
case 'twigtrans':
\lib\utility\twigTrans::extract(\lib\utility::get('path'));
exit;
break;
case 'server':
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' && !class_exists("COM")) {
ob_start();
echo "<!DOCTYPE html><meta charset='UTF-8'/><title>Extract text form twig files</title><body style='padding:0 1%;margin:0 1%;direction:ltr;overflow:hidden'>";
echo "<h1>" . T_("First you need to enable COM on windows") . "</h1>";
echo "<a target='_blank' href='http://www.php.net/manual/en/class.com.php'>" . T_("Read More") . "</a>";
break;
}
\lib\utility\Linfo::show();
exit;
$this->display_name = 'content_cp/templates/raw-all.html';
break;
case 'twitter':
$a = \lib\utility\SocialNetwork::twitter('hello! test #api');
var_dump($a);
break;
case 'sitemap':
$site_url = \lib\router::get_storage('url_site');
$sitemap = new \lib\utility\Sitemap($site_url, root . 'public_html/', 'sitemap');
// echo "<pre>";
// add posts
foreach ($this->model()->sitemap('posts', 'post') as $row) {
$sitemap->addItem($row['post_url'], '0.8', 'daily', $row['post_publishdate']);
}
// add pages
foreach ($this->model()->sitemap('posts', 'page') as $row) {
$sitemap->addItem($row['post_url'], '0.6', 'weekly', $row['post_publishdate']);
}
// add attachments
foreach ($this->model()->sitemap('posts', 'attachment') as $row) {
$sitemap->addItem($row['post_url'], '0.2', 'weekly', $row['post_publishdate']);
}
// add books
foreach ($this->model()->sitemap('posts', 'book') as $row) {
$sitemap->addItem($row['post_url'], '0.6', 'yearly', $row['post_publishdate']);
}
// add cats and tags
foreach ($this->model()->sitemap('terms') as $row) {
$sitemap->addItem($row['term_url'], '0.4', 'weekly', $row['date_modified']);
}
$sitemap->createSitemapIndex();
echo "<p class='alert alert-success'>Create sitemap Successfully!</p>";
// echo "Create Successful";
break;
case 'git':
echo shell_exec("/" . Domain . " git pull");
// exec('git pull');
break;
case null:
$mypath = $this->url('path', '_');
if (is_file(addons . 'content_cp/templates/static_' . $mypath . '.html')) {
$this->display_name = 'content_cp/templates/static_' . $mypath . '.html';
}
// $this->display_name = 'content_cp/templates/static_'.$mypath.'.html';
break;
default:
$this->display_name = 'content_cp/templates/static_tools.html';
return;
break;
}
$this->get()->ALL();
return;
}
/**
* check route of account
* @return [type] [description]
*/
function _route()
{
// exit();
// \lib\debug::true("check", 'hi');
// var_dump();
$mymodule = $this->module();
$referer = \lib\router::urlParser('referer', 'domain');
$from = \lib\utility\cookie::read('from');
$from = $from ? $from : \lib\utility::get('from');
$islogin = $this->login();
// set referrer in cookie
if ($referer !== Domain) {
\lib\utility\cookie::write('referer', $referer, 60 * 15);
}
// check permission for changepass
if ($mymodule === 'changepass' && $from !== 'verification' && !$islogin) {
\lib\error::access(T_("you can't access to this page!"));
}
switch ($mymodule) {
case 'home':
$this->redirector()->set_url("login")->redirect();
break;
case 'verification':
case 'verificationsms':
if ($from && $from !== 'recovery' && $from !== 'signup' && $from !== 'verification') {
\lib\error::access(T_("you can't access to this page!"));
}
$this->model_name = '\\addons\\content_account\\' . $mymodule . '\\model';
$this->display_name = 'content_account\\' . $mymodule . '\\display.html';
$this->post($mymodule)->ALL($mymodule);
$this->get()->ALL($mymodule);
break;
case 'signup':
return;
/**
Fix it later, only access if posible
*/
/**
Fix it later, only access if posible
*/
case 'login':
case 'recovery':
if ($islogin) {
\lib\debug::true(T_("you are logined to system!"));
$myreferer = \lib\router::urlParser('referer', 'host');
$myssid = isset($_SESSION['ssid']) ? '?ssid=' . $_SESSION['ssid'] : null;
if (\lib\router::get_storage('CMS')) {
$this->redirector()->set_domain()->set_sub_domain(\lib\router::get_storage('CMS'))->set_url()->redirect();
} else {
$this->redirector()->set_domain()->set_url()->redirect();
}
}
case 'changepass':
$this->model_name = '\\addons\\content_account\\' . $mymodule . '\\model';
$this->display_name = 'content_account\\' . $mymodule . '\\display.html';
$this->post($mymodule)->ALL($mymodule);
$this->get()->ALL($mymodule);
break;
case 'smsdelivery':
case 'smscallback':
$uid = 201500001;
if (\lib\utility::get('uid') == $uid || \lib\utility\cookie::read('uid') == $uid) {
$this->model_name = '\\addons\\content_account\\sms\\model';
$this->display_name = 'content_account\\sms\\display.html';
$this->post($mymodule)->ALL($mymodule);
$this->get($mymodule)->ALL($mymodule);
} else {
\lib\error::access("SMS");
}
break;
// logout user from system then redirect to ermile
// logout user from system then redirect to ermile
case 'logout':
$this->model_name = '\\lib\\mvc\\model';
$this->model()->put_logout();
$this->redirector()->set_domain()->set_url()->redirect();
break;
default:
\lib\error::page();
break;
}
// $this->route_check_true = true;
}