Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F1160603
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Fri, Sep 19, 10:25 AM
Size
38 KB
Mime Type
text/x-diff
Expires
Sun, Sep 21, 10:25 AM (4 h, 21 m)
Engine
blob
Format
Raw Data
Handle
750501
Attached To
rINP In-Portal
in-portal
View Options
Index: branches/unlabeled/unlabeled-1.75.2/kernel/frontaction.php
===================================================================
--- branches/unlabeled/unlabeled-1.75.2/kernel/frontaction.php (nonexistent)
+++ branches/unlabeled/unlabeled-1.75.2/kernel/frontaction.php (revision 5256)
@@ -0,0 +1,1112 @@
+<?php
+
+switch($Action)
+{
+ case "m_login":
+ // if($objSession->ValidSession()) $objSession->Logout();
+ //echo $objSession->GetSessionKey()."<br>\n";
+ $url_params = Array();
+ $application =& kApplication::Instance();
+
+ if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["cookies_on"] != "1") {
+ $FormError["login"]["login_user"] = language("lu_cookies_error");
+ }
+ else
+ {
+ $MissingCount = SetMissingDataErrors("login");
+ if($MissingCount==2)
+ {
+ $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
+ unset($FormError["login"]["login_password"]);
+ }
+
+ if($MissingCount==0)
+ {
+ if($_POST["login_user"]=="root")
+ {
+ $FormError["login"]["login_user"]= language("lu_access_denied");
+ }
+ else
+ {
+ $LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
+ if($LoginCheck === true)
+ {
+ if( !headers_sent() && GetVar('usercookie') == 1 )
+ {
+ $c = $_POST["login_user"]."|";
+ $pw = $_POST["login_password"];
+ if(strlen($pw) < 31) $pw = md5($pw);
+ $c .= $pw;
+ set_cookie('login', $c, adodb_mktime() + 2592000);
+ }
+
+ // set new destination template if passed
+ $dest = GetVar('dest', true);
+ if(!$dest) $dest = GetVar('DestTemplate', true);
+ if($dest) $var_list['t'] = $dest;
+
+ $next_template = $objSession->GetVariable('next_template');
+ if($next_template)
+ {
+ $objSession->SetVariable('next_template','');
+ $var_list_update['t'] = $next_template;
+
+ $url_params['pass'] = 'all';
+ header('Location: ' . HREF_Wrapper('', $url_params) );
+ exit;
+ $var_list['t'] = $next_template.'.tpl';
+ }
+ elseif($var_list['t'] == 'login')
+ {
+ $var_list['t'] = 'index';
+ }
+
+ $event_params = Array('user' => $_POST['login_user'], 'pass' => $_POST['login_password']);
+ $application->HandleEvent( new kEvent('u:OnInpLogin', $event_params) );
+
+ $redirect_template = getArrayValue($var_list_update, 't') ? $var_list_update['t'] : $var_list['t'];
+ $application->Redirect($redirect_template);
+
+ }
+ else
+ {
+ switch($LoginCheck)
+ {
+ case -1: // user or/and pass wrong
+ $FormError["login"]["login_password"] = language("lu_incorrect_login");
+ break;
+
+ case -2: // user ok, but has no permission
+ $FormError["login"]["login_password"] = language("la_text_nopermissions");
+ break;
+ }
+ }
+ }
+ }
+ }
+ break;
+
+ case "m_resetpw":
+ $passed_key = $_GET['user_key'];
+
+ $u = $objUsers->GetItemByField("PwResetConfirm", $passed_key);
+ $found = is_object($u);
+
+ if($found)
+ {
+ $exp_time = $u->Get('PwRequestTime') + 3600;
+ $u->Set("PwResetConfirm", '');
+ $u->Set("PwRequestTime", 0);
+ if ($exp_time > adodb_mktime())
+ {
+ $objSession->SetVariable('codevalidationresult', 'lu_resetpw_confirm_text');
+ $newpw = makepassword();
+ SetVar('user_password', $newpw);
+ $u->Set("Password",$newpw);
+ $u->Set("PassResetTime", adodb_mktime());
+ $u->Set("PwResetConfirm", '');
+ $u->Set("PwRequestTime", 0);
+ $u->Update();
+ $u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.PSWD");
+ $u->Set("Password",md5($newpw));
+ $u->Update();
+ $u->Clean();
+ } else {
+ $objSession->SetVariable('codevalidationresult', 'lu_code_expired');
+ }
+ } else {
+ $objSession->SetVariable('codevalidationresult', 'lu_code_is_not_valid');
+ }
+ break;
+
+ case "m_forgotpw":
+ $MissingCount = SetMissingDataErrors("forgotpw");
+// $pass_reset_add = $objConfig->Get("Users_AllowReset");
+
+ if($MissingCount==0)
+ {
+ $username = $_POST["username"];
+ $email = $_POST["email"];
+ $found = false;
+ $allow_reset = true;
+ if(strlen($username))
+ {
+ $u = $objUsers->GetItemByField("Login",$username);
+ if(is_object($u))
+ $found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
+ }
+ else if(strlen($email))
+ {
+ $u = $objUsers->GetItemByField("Email",$email);
+ if(is_object($u))
+ $found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
+ }
+
+ if(is_object($u))
+ {
+ $PwResetConfirm = $u->Get('PwResetConfirm');
+ $PwRequestTime = $u->Get('PwRequestTime');
+ $PassResetTime = $u->Get('PassResetTime');
+ $MinPwResetDelay = $u->Get('MinPwResetDelay');
+ $allow_reset = (strlen($PwResetConfirm) ?
+ adodb_mktime() > $PwRequestTime + $MinPwResetDelay :
+ adodb_mktime() > $PassResetTime + $MinPwResetDelay);
+ }
+
+ if($found && $allow_reset)
+ {
+ //$newpw = makepassword();
+ //$objSession->Set('password', $newpw);
+ $objSession->Set('tmp_user_id', $u->Get("PortalUserId"));
+ $objSession->Set('tmp_email', $u->Get("Email"));
+ //$u->Set("Password",$newpw);
+ //$u->Update();
+ $u->SendUserEventMail("USER.PSWDC",$u->Get("PortalUserId"));
+ //$u->SendAdminEventMail("USER.PSWDC");
+ //$u->Set("Password",md5($newpw));
+ //$u->Update();
+ $u->Clean();
+
+ $var_list['t'] = GetVar('Confirm');
+ }
+ else
+ {
+ if(!strlen($username) && !strlen($email))
+ {
+ $FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
+ $MissingCount++;
+ }
+ else
+ {
+ $error_phrases=Array();
+
+ if($allow_reset)
+ {
+ $error_phrases['username']='lu_ferror_unknown_username';
+ $error_phrases['email']='lu_ferror_unknown_email';
+ }
+ else
+ {
+ $error_phrases['username']='lu_ferror_reset_denied';
+ $error_phrases['email']='lu_ferror_reset_denied';
+ }
+
+ foreach ($error_phrases as $field_name => $phrase_name) {
+ if(GetVar($field_name))
+ {
+ $FormError["forgotpw"][$field_name] = language($phrase_name);
+ break;
+ }
+ }
+ $MissingCount++;
+ }
+ if(strlen($_GET["error"]))
+ $var_list["t"] = $_GET["error"];
+ }
+ }
+ else
+ if(strlen($_GET["error"]))
+ $var_list["t"] = $_GET["error"];
+ break;
+ case "m_subscribe_confirm":
+
+ $t = "";
+ $_GET["subscribe_email"] = $_POST["subscribe_email"];
+ $SubscribeAddress = $_POST["subscribe_email"];
+
+ if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
+ {
+ $t = $_GET["Error"];
+ $objSession->SetVariable('SubscribeError', 'lu_invalid_emailaddress');
+ }
+ else
+ {
+ if((int)$objConfig->Get("User_SubscriberGroup")>0)
+ {
+ $g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
+ if(is_object($g))
+ {
+ $email = $_POST["subscribe_email"];
+ if(strlen($email)>0)
+ {
+ $u = $objUsers->GetItemByField("Email",$email);
+
+ if(is_object($u))
+ {
+ if($u->CheckBanned())
+ {
+ $t = $_GET["Error"];
+ $objSession->SetVariable('SubscribeError', 'lu_subscribe_banned');
+ }
+ else
+ {
+ if($u->IsInGroup($g->Get("GroupId")))
+ {
+ $t = $_GET["Unsubscribe"];
+ }
+ else
+ $t = $_GET["Subscribe"];
+ }
+ }
+ else
+ $t = $_GET["Subscribe"];
+ }
+ else
+ {
+ $t = $_GET["Error"];
+ $objSession->SetVariable('SubscribeError', 'lu_subscribe_no_address');
+ }
+ }
+ else
+ {
+ $t = $_GET["Error"];
+ $objSession->SetVariable('SubscribeError', 'lu_subscribe_unknown_error');
+ }
+ }
+ }
+ if(strlen($t))
+ {
+ $var_list["t"] = $t;
+ $var_list_update["t"] = $t;
+ }
+ $objSession->SetVariable('SubscribeAddress', $SubscribeAddress);
+
+ break;
+ case "m_subscribe":
+
+ if($_POST["buttons"][0]==language("lu_button_yes"))
+ {
+ $SubscribeAddress = $_POST["subscribe_email"];
+ if(strlen($SubscribeAddress)>0)
+ {
+ if(ValidEmail($SubscribeAddress))
+ {
+ $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
+ if ($GroupId)
+ {
+ $g = $objGroups->GetItem($GroupId);
+ $u = $objUsers->GetItemByField("Email",$SubscribeAddress);
+ if(is_object($u))
+ {
+ if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
+ {
+ $bExists = TRUE;
+ }
+ else
+ $bExists = FALSE;
+ }
+ if($bExists)
+ {
+ $g->AddUser($u->Get("PortalUserId"),0,false);
+ }
+ else
+ {
+ $u = new clsPortalUser(NULL);
+ $u->Set("Email",$SubscribeAddress);
+ $u->Set("ip",$_SERVER['REMOTE_ADDR']);
+ $u->Set("CreatedOn",adodb_date("U"));
+ $u->Set("Status",1);
+ if(!$u->CheckBanned())
+ {
+ $u->Create();
+ $g->AddUser($u->Get("PortalUserId"),1,false);
+ }
+ else
+ $SubscribeResult = "lu_subscribe_banned";
+ }
+
+ $SubscribeResult = "lu_subscribe_success";
+ $u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.SUBSCRIBE");
+ if(strlen($_GET["Subscribe"])>0)
+ $var_list["t"] = $_GET["Subscribe"];
+ }
+ }
+ else
+ {
+ $SubscribeResult = "lu_invalid_emailaddress";
+ }
+ }
+ else
+ $SubscribeResult = "lu_subscribe_missing_address";
+ }
+
+ if(!strlen($SubscribeResult))
+ $SubscribeResult = "lu_subscribe_success";
+
+ break;
+ case "m_unsubscribe":
+
+ if($_POST["buttons"][0]==language("lu_button_yes"))
+ {
+ $MissingCount = SetMissingDataErrors("m_unsubscribe");
+
+ if($MissingCount==0)
+ {
+ $email = $_POST["subscribe_email"];
+ $u = $objUsers->GetItemByField("Email",$email);
+ if(is_object($u))
+ {
+ if(strtolower($u->Get("Email"))==strtolower($email))
+ {
+ $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
+ if($u->PrimaryGroup()==$GroupId)
+ {
+ $u_gorup_list = $u->GetGroupList();
+
+ if (count($u_gorup_list) > 1) {
+ $u->RemoveFromGroup($GroupId);
+ }
+ else {
+ $u->RemoveFromAllGroups();
+ $u->Delete();
+ }
+ }
+ else
+ {
+ $u->RemoveFromGroup($GroupId);
+ }
+ }
+ }
+ if(strlen($_GET["Subscribe"])>0)
+ $var_list["t"] = $_GET["Subscribe"];
+ }
+ }
+
+ break;
+
+ case "m_register":
+ $_POST=inp_escape($_POST);
+ $MissingCount = SetMissingDataErrors("m_register");
+
+ if(!$objConfig->Get("User_Password_Auto"))
+ {
+ if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
+ }
+
+ if(strlen($_POST["password"])>30)
+ {
+ // echo "VAR: ".$_POST["password"]; die();
+ $MissingCount++;
+ $FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
+ }
+
+ if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
+ }
+ }
+
+ if(($_POST["username"]=="root"))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["username"] = language("lu_user_exists");
+ }
+ else
+ {
+
+ $u = $objUsers->GetItemByField("Login",$_POST["username"]);
+ if(is_object($u))
+ {
+ if($u->Get("Login")==$_POST["username"])
+ {
+ $MissingCount++;
+ $FormError["m_register"]["username"] = language("lu_user_exists");
+ }
+ }
+ }
+
+
+
+ if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
+ }
+
+ if(!$MissingCount)
+ {
+ $CreatedOn = adodb_date("U");
+ $GroupId = $objConfig->Get("User_NewGroup");
+ $Status=0;
+
+ /* determine the status of new users */
+ switch ($objConfig->Get("User_Allow_New"))
+ {
+ case "1":
+ $Status=1;
+ break;
+ case "3":
+ $Status=2;
+ break;
+ }
+
+ /* set Destination template */
+ $var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
+
+ if($Status>0)
+ {
+ if ($objConfig->Get("User_Password_Auto")) {
+ $password = makepassword();
+// $objSession->Set("password", $password);
+ SetVar('user_password', $password);
+ }
+ else {
+ $password = $_POST["password"];
+ }
+
+ $dob = adodb_mktime(0, 0, 0, $_POST['dob_month'], $_POST['dob_day'], $_POST['dob_year']);
+ $ip = $_SERVER['REMOTE_ADDR'];
+
+ $fields_hash = Array('Login' => $_POST['username'],
+ 'Password' => md5($password),
+ 'FirstName' => $_POST['firstname'],
+ 'LastName' => $_POST['lastname'],
+ 'Company' => $_POST['company'],
+ 'Email' => $_POST['email'],
+ 'Status' => $Status,
+ 'Phone' => $_POST['phone'],
+ 'Fax' => $_POST['fax'],
+ 'Street' => $_POST['street'],
+ 'Street2' => $_POST['street2'],
+ 'City' => $_POST['city'],
+ 'State' => $_POST['state'],
+ 'Zip' => $_POST['zip'],
+ 'Country' => $_POST['country'],
+ 'CreatedOn' => $CreatedOn,
+ 'dob' => $dob,
+ 'ip' => $ip);
+ $u =& $objUsers->Add_User_NEW($fields_hash, true);
+
+ if(!is_object($u))
+ {
+ $RuleId=$u;
+ $r = $objBanList->GetItem($RuleId);
+ $err = $r->Get("ErrorTag");
+
+ if(strlen($err))
+ {
+ $FormError["m_register"][$r->Get("ItemField")] = language($err);
+ $MissingCount++;
+ }
+ }
+ else
+ {
+ $u->Set("Password",$password);
+ $u->Clean();
+ if($GroupId>0)
+ {
+ $g = $objGroups->GetItem($GroupId);
+ $g->AddUser($u->Get("PortalUserId"),1,false);
+ }
+
+ $custom = $_POST["custom"];
+ if (is_array($custom)) {
+ for($x = 0; $x < count($custom); $x++) {
+ $u->SetCustomField($custom[$x],$_POST[$custom[$x]]);
+ }
+ $u->SaveCustomFields();
+ }
+
+ if($Status==1)
+ {
+ if($objConfig->Get("User_Password_Auto"))
+ {
+ $u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.VALIDATE");
+ }
+ else
+ {
+ $doLoginNow = true;
+ $u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.ADD");
+ }
+ }
+ else
+ {
+ $u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.ADD.PENDING");
+ }
+
+ if ($doLoginNow)
+ {
+ $login_ok = $objSession->Login($_POST["username"], md5($password));
+ if($login_ok)
+ {
+ $next_template = $objSession->GetVariable('next_template');
+ if($next_template)
+ {
+ $objSession->SetVariable('next_template','');
+ $var_list_update["t"] = $next_template;
+ header('Location: ' . HREF_Wrapper() );
+ exit;
+ $var_list['t'] = $next_template.'.tpl';
+ }
+
+ }
+ }
+ }
+ }
+ }
+ break;
+ case "m_add_friend":
+ $id = $_GET["UserId"];
+ $userid = $objSession->Get("PortalUserId");
+ if($id!=$userid)
+ {
+ $u =& $objUsers->GetItem($id);
+ $u->AddFavorite($userid);
+ }
+ DeleteModuleTagCache('kernel');
+ break;
+ case "m_del_friend":
+ $id = $_GET["UserId"];
+ $userid = $objSession->Get("PortalUserId");
+ $u =& $objUsers->GetItem($id);
+ $u->DeleteFavorite();
+ DeleteModuleTagCache('kernel');
+ break;
+
+ case 'm_acctinfo':
+ $_POST = inp_escape($_POST);
+ $MissingCount = SetMissingDataErrors("m_acctinfo");
+ $UserId = $_GET["UserId"];
+ if ($UserId != $objSession->Get("PortalUserId")) {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
+ }
+
+ if ($_POST["password"]) {
+ if (($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"])) {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
+ }
+
+ if (strlen($_POST["password"])>30) {
+ // echo "VAR: ".$_POST["password"]; die();
+ $MissingCount++;
+ $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
+ }
+
+ if (strlen($_POST['password']) < $objConfig->Get("Min_Password")) {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
+ }
+ }
+
+ $db =& GetADODBConnection();
+ $email = GetVar('email');
+ $test_id = $db->GetOne('SELECT PortalUserId FROM '.GetTablePrefix().'PortalUser WHERE Email = '.$db->qstr($email));
+ if ($test_id && ($test_id != $objSession->Get('PortalUserId')) ) {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["email"] = language("lu_ferror_email_duplicate");
+ }
+
+
+ if (!$MissingCount) {
+ /* save profile */
+ $u =& $objUsers->GetItem($UserId);
+ $status = $u->Get("Status");
+ $dob = adodb_mktime(0, 0, 0, $_POST['dob_month'], $_POST['dob_day'], $_POST['dob_year']);
+ $password = strlen($_POST["password"]) > 0 ? md5($_POST["password"]) : '';
+
+ $fields_hash = Array( 'Login' => $_POST['username'],
+ 'Password' => $password,
+ 'FirstName' => $_POST['firstname'],
+ 'LastName' => $_POST['lastname'],
+ 'Company' => $_POST['company'],
+ 'Email' => $_POST['email'],
+ 'Status' => $status,
+ 'Phone' => $_POST['phone'],
+ 'Fax' => $_POST['fax'],
+ 'Street' => $_POST['street'],
+ 'Street2' => $_POST['street2'],
+ 'City' => $_POST['city'],
+ 'State' => $_POST['state'],
+ 'Zip' => $_POST['zip'],
+ 'Country' => $_POST['country'],
+ 'dob' => $dob,
+ 'MinPwResetDelay' => $_POST['minpwresetdelay'],
+
+ );
+
+ $user =& $objUsers->Edit_User_NEW($UserId, $fields_hash);
+ saveCustomFields('u', $u->Get('ResourceId'), 6);
+ }
+ DeleteModuleTagCache('kernel');
+ break;
+ case "m_profile":
+ $userid = $objSession->Get("PortalUserId");
+ if($userid>0)
+ {
+ $u = $objUsers->GetItem($userid);
+ foreach($_POST as $field=>$value)
+ {
+ if(substr($field,0,3)=="pp_")
+ {
+ $objSession->SetPersistantVariable($field,$value);
+ }
+ }
+
+ }
+ break;
+ case "m_set_lang":
+ $lang = $_GET["lang"];
+ $LangId = 0;
+ if(strlen($lang))
+ {
+ $l = $objLanguages->GetItemByField("PackName",$lang);
+ if(is_object($l))
+ {
+ $LangId = $l->Get("LanguageId");
+ }
+ }
+ if($LangId)
+ {
+ if($objSession->Get("PortalUserId")>0)
+ {
+ $objSession->SetPersistantVariable("Language",$LangId);
+ }
+ $objSession->Set("Language",$LangId);
+ $objSession->Update();
+ $m_var_list_update["lang"] = $LangId;
+ $m_var_list["lang"] = $LangId;
+ }
+ break;
+
+ case "m_set_theme":
+ $id = $_POST["ThemeId"];
+ if(!is_numeric($id))
+ $id = $_GET["ThemeId"];
+ if($id)
+ {
+ $objSession->SetThemeName($id);
+ $m_var_list["t"] = "index";
+ $m_var_list_update["theme"] = $id;
+ $m_var_list["theme"] = $id;
+ unset($CurrentTheme);
+ }
+ break;
+
+ case "m_sort_cats":
+ $objSession->SetVariable("Category_Sortfield",$_POST["Category_Sortfield"]);
+ $objSession->SetVariable("Category_Sortorder",$_POST["Category_Sortorder"]);
+ $objSession->SetVariable("Perpage_Category",$_POST["Perpage_Category"]);
+ DeleteModuleTagCache('kernel');
+ break;
+ case "m_add_cat_confirm":
+ $perm = 0;
+ $CategoryId=$objCatList->CurrentCategoryID();
+ if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
+ $perm = 2;
+ if ($objSession->HasCatPermission("CATEGORY.ADD"))
+ $perm = 1;
+ if ($perm == 0)
+ {
+ $MissingCount++;
+ $FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
+ }
+ else
+ {
+ $MissingCount = SetMissingDataErrors("m_addcat");
+ if(is_array($_FILES))
+ {
+ foreach($_FILES as $field => $file)
+ {
+ $allowed = TRUE;
+ if(strlen($_POST["imagetypes"][$field]))
+ {
+ $types = explode(",",strtolower($_POST["imagetypes"][$field]));
+ if(is_array($types))
+ {
+ if(count($types)>0)
+ {
+ $path_parts = pathinfo($file["name"]);
+ $ext = $path_parts["extension"];
+ $allowed = in_array($ext,$types);
+ if(!$allowed)
+ {
+ $MissingCount++;
+ $FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
+ }
+ }
+ }
+ }
+ $maxsize = (int)$_POST["maxsize"][$field];
+ if($maxsize>0 && $allowed && $file["size"]>$maxsize)
+ {
+ $allowed = FALSE;
+ $MissingCount++;
+ $FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
+ }
+ }
+ }
+ if($MissingCount==0)
+ {
+ $_POST = inp_striptags($_POST);
+ $fields_hash = Array( 'ParentId' => $objCatList->CurrentCategoryID(),
+ $objCatList->TitleField => $_POST['name'],
+ $objCatList->DescriptionField => $_POST['description'],
+ 'CreatedOn' => adodb_date('U'),
+ 'EditorsPick' => 0,
+ 'Status' => $perm,
+ 'HotItem' => 2,
+ 'NewItem' => 2,
+ 'PopItem' => 2,
+ 'Priority' => 0,
+ 'MetaKeywords' => $_POST['meta_keywords'],
+ 'MetaDescription' => $_POST['meta_description'],
+ 'AutomaticFilename' => 1,
+ 'Filename' => '',
+ 'CategoryTemplate' => '',
+ 'ItemTemplate' => '',
+ );
+
+ $cat =& $objCatList->Add_NEW($fields_hash);
+ saveCustomFields('c', $cat->Get('ResourceId'), $cat->type);
+
+ $cat->UpdateCachedPath();
+ $cat->Update();
+ $cat->UpdateACL();
+ $objCatList->UpdateMissingCacheData();
+
+ if(strlen($_GET["Confirm"]))
+ {
+ $var_list["t"] = $_GET["Confirm"];
+ }
+ else
+ $var_list["t"] = $_GET["DestTemplate"];
+ }
+ }
+ DeleteModuleTagCache('kernel');
+ break;
+ case "m_front_review_add":
+ if($objSession->InSpamControl($_POST["ItemId"]))
+ {
+ $StatusMessage["review"] = language("la_Review_AlreadyReviewed");
+ }
+ else
+ {
+ $objReviews = new clsItemReviewList();
+ $Status = $objConfig->Get("Review_DefaultStatus");
+ $CreatedOn = adodb_date("U");
+ $html = (int)$objConfig->Get("Review_Html");
+ $ReviewText = inp_striptags($_POST["review_text"]);
+
+ $r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
+ 0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
+ foreach($ItemTypes as $type=>$id)
+ {
+ if($id==$_POST["ItemType"])
+ {
+ $ValName = $type."_ReviewDelay_Value";
+ $IntName = $type."_ReviewDelay_Interval";
+ break;
+ }
+ }
+ if(strlen($ValName) && strlen($IntName))
+ {
+ $exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
+ $objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
+ if(is_object($r))
+ {
+ if($Status)
+ {
+ $StatusMessage["review"] = language("la_Review_Added");
+ }
+ else
+ $StatusMessage["review"] = language("la_Review_Pending");
+ }
+ else
+ $StatusMessage["review"] = language("la_Review_Error");
+ }
+ else
+ $StatusMessage["error"] = language("la_ConfigError_Review");
+ }
+ DeleteModuleTagCache('kernel');
+ break;
+
+ case "m_suggest_email":
+ $cutoff = adodb_mktime()+(int)$objConfig->Get("Suggest_MinInterval");
+ $email = inp_striptags($_POST["suggest_email"]);
+
+ if (strlen($email))
+ {
+ if(ValidEmail($email))
+ {
+ $sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".$email."' and sent<".$cutoff;
+ $adodbConnection = &GetADODBConnection();
+ $rs = $adodbConnection->Execute($sql);
+
+ $rs = false;
+
+ if($rs && !$rs->EOF)
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+ $objSession->SetVariable('suggest_result', "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]) );
+ }
+ else
+ {
+ $Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
+ if(is_object($Event))
+ {
+ if($Event->Get("Enabled")=="1")
+ {
+ $Event->Item = null;
+ $Event->SendToAddress($email);
+
+ $sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".$email."','".adodb_mktime()."')";
+
+ $rs = $adodbConnection->Execute($sql);
+ $objSession->SetVariable('suggest_result', language("lu_suggest_success")." ".$email);
+ }
+ }
+ $e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
+
+ if($e->Get("Enabled")==1)
+ $e->SendAdmin();
+
+ if(strlen($_GET["Confirm"])>0)
+ $var_list["t"] = $_GET["Confirm"];
+ }
+ }
+ else
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+ $objSession->SetVariable('suggest_result', language("lu_invalid_emailaddress"));
+ }
+ }
+ else
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+ $objSession->SetVariable('suggest_result', language("lu_suggest_no_address"));
+ }
+ break;
+ case "m_simple_search":
+ $keywords = trim($_POST["keywords"]);
+ $type = $objItemTypes->GetTypeByName("Category");
+ $objSearch = new clsSearchResults("Category","clsCategory");
+ $length = $objConfig->Get('Search_MinKeyword_Length');
+
+ if(strlen($keywords))
+ {
+ $performSearch = false;
+ $isExact = (substr($keywords, 0, 2) == '\"' && substr($keywords, strlen($keywords) - 2, 2) == '\"');
+
+ if ($isExact) {
+ $performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
+ }
+ else {
+ $key_arr = explode(' ', $keywords);
+
+ /*foreach($key_arr as $value) {
+ if (strlen(str_replace("+", "", $value)) < $length || strlen(str_replace("-", "", $value)) < $length) {
+ $keywords = str_replace($value, '', $keywords);
+ //$keywords = str_replace($value, '', $keywords);
+ }
+ }
+
+ //$keywords = str_replace(' ', ' ', $keywords);
+ //$keywords = str_replace('\"', '', $keywords);
+ */
+ $tmp_keywords = str_replace("+", "", $keywords);
+ $tmp_keywords = str_replace("-", "", $tmp_keywords);
+
+ $performSearch = (strlen($tmp_keywords) >= $length);
+ }
+
+ if ($performSearch) {
+ $objSearchList = new clsSearchLogList();
+ $objSearchList->UpdateKeyword($keywords,0);
+
+ $objSearch->SetKeywords($keywords);
+ $objSearch->AddSimpleFields('c');
+ if (is_numeric($objConfig->Get("SearchRel_Pop_category"))) {
+ $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
+ }
+ if (is_numeric($objConfig->Get("SearchRel_Keyword_category"))) {
+ $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
+ }
+ if (is_numeric($objConfig->Get("SearchRel_Rating_category"))) {
+ $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
+ }
+
+ //echo "Searching On $keywords<br>\n";
+ $objSearch->PerformSearch(1,$SortOrder,TRUE);
+ $SearchPerformed = TRUE;
+ //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
+ //echo "Finished Setting Category Relevence<br>\n";
+ }
+ else {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+
+ $MissingCount = SetMissingDataErrors("m_simplesearch");
+ $MissingCount++;
+ setSearchError(lu_keywords_tooshort);
+ }
+ }
+ else
+ {
+ if (strlen($_GET["Error"])>0) {
+ $var_list["t"] = $_GET["Error"];
+ }
+
+ $MissingCount = SetMissingDataErrors("m_simplesearch");
+ $MissingCount++;
+ setSearchError('lu_no_keyword');
+ }
+ break;
+ case "m_adv_search":
+
+ if ($_GET['type']) {
+ $modules = Array( 1 => 'In-Portal', 2 => 'In-News',
+ 3 => 'In-Bulletin', 4 => 'In-Link',
+ 11 => 'In-Commerce');
+ $module = $modules[$_GET["type"]];
+ }
+ else {
+ $module = 0;
+ }
+
+ if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList($module);
+ switch($_GET["type"])
+ {
+ case 1: /* category */
+ //echo "Searching for categories<br>";
+ $objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory", $_GET["type"]);
+
+ foreach($objSearchConfig->Items as $field)
+ {
+ $fld = $field->Get("FieldName");
+
+ $Verb = $_POST["verb"][$field->Get("FieldName")];
+ if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
+ {
+ if($_POST["value"][$field->Get("FieldName")]!=-1)
+ {
+ $Value = $_POST["value"][$field->Get("FieldName")];
+ $Verb = "is";
+ }
+ }
+ else
+ {
+ $Value = $_POST["value"][$field->Get("FieldName")];
+ }
+ switch( $_POST["andor"][$field->Get("FieldName")])
+ {
+ case 1:
+ $Conjuction = "AND";
+ break;
+ case 2:
+ $Conjuction = "OR";
+ break;
+ default:
+ $Conjuction = "";
+ break;
+ }
+
+ if (strlen($Value) && $Verb=="any")
+ {
+ $Verb = 'contains';
+ }
+
+ if(strlen($Value) && strlen($Verb)>0 && $Verb!="any")
+ {
+// echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]<br>";
+ $objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction, 'c');
+ }
+
+ }
+ $objAdvSearch->PerformSearch(1,NULL,TRUE);
+ break;
+ }
+ break;
+ case "m_id":
+ echo $Action.":".$DownloadId;
+ die();
+ break;
+ case "m_simple_subsearch":
+ $keywords = $_POST["keywords"];
+ $type = $objItemTypes->GetTypeByName("Category");
+ $objSearch = new clsSearchResults("Category","clsCategory");
+ $length = $objConfig->Get('Search_MinKeyword_Length');
+
+ if(strlen($keywords))
+ {
+ $performSearch = false;
+ $isExact = (substr($keywords, 0, 1) == '"' && substr($keywords, strlen($keywords) - 1, 1) == '"');
+
+ if ($isExact) {
+ $performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
+ }
+ else {
+ $key_arr = explode(' ', $keywords);
+
+ /*foreach($key_arr as $value) {
+ if (strlen($value) < $length) {
+ $keywords = str_replace(' '.$value, '', $keywords);
+ $keywords = str_replace($value.' ', '', $keywords);
+ }
+ }*/
+
+ //$keywords = str_replace(' ', ' ', $keywords);
+
+ $tmp_keywords = str_replace("+", "", $keywords);
+ $tmp_keywords = str_replace("-", "", $tmp_keywords);
+
+ $performSearch = (strlen($tmp_keywords) >= $length);
+ }
+
+ if ($performSearch) {
+ $objSearchList = new clsSearchLogList();
+ $objSearchList->UpdateKeyword($keywords,0);
+
+ $objSearch->SetKeywords($keywords);
+ $objSearch->AddSimpleFields('c');
+ if (is_numeric($objConfig->Get("SearchRel_Pop_category"))) {
+ $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
+ }
+ if (is_numeric($objConfig->Get("SearchRel_Keyword_category"))) {
+ $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
+ }
+ if (is_numeric($objConfig->Get("SearchRel_Rating_category"))) {
+ $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
+ }
+
+ $SearchResultIdList = $objSearch->Result_IdList();
+ if(count($SearchResultIdList)>0)
+ {
+ $objSearch->PerformSearch(1,$SortOrder, TRUE,$SearchResultIdList);
+ //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
+ }
+ $SearchPerformed = TRUE;
+ }
+ else {
+ $MissingCount = SetMissingDataErrors("m_simplesearch");
+ $MissingCount++;
+ setSearchError('lu_keywords_tooshort');
+ }
+ }
+ else {
+ $MissingCount = SetMissingDataErrors("m_simplesearch");
+ $MissingCount++;
+ setSearchError('lu_no_keyword');
+ }
+ break;
+}
+
+ function setSearchError($error_phrase)
+ {
+ $GLOBALS['FormError']['m_simplesearch']['keywords'] = language($error_phrase);
+ $GLOBALS['objSession']->SetVariable('search_error', $error_phrase);
+ }
+?>
Property changes on: branches/unlabeled/unlabeled-1.75.2/kernel/frontaction.php
___________________________________________________________________
Added: cvs2svn:cvs-rev
## -0,0 +1 ##
+1.75
\ No newline at end of property
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Event Timeline
Log In to Comment