Page MenuHomeIn-Portal Phabricator
Files F1101233

in-portal
No OneTemporary
Actions

File Metadata

Created
Sat, Aug 16, 1:23 PM

in-portal
View Options

Index: trunk/kernel/include/portaluser.php
===================================================================
--- trunk/kernel/include/portaluser.php (revision 3108)
+++ trunk/kernel/include/portaluser.php (revision 3109)
@@ -1,1044 +1,1045 @@
<?php
RegisterPrefix("clsPortalUser","user","kernel/include/portaluser.php");
class clsPortalUser extends clsItem
{
var $Vars; //contains the PersistantSessionData for the user
var $VarsLoaded;
var $PrimeGroup;
function clsPortalUser($UserId=NULL)
{
// $this->clsParsedItem();
$this->clsItem();
$this->tablename=GetTablePrefix()."PortalUser";
$this->type=6;
$this->BasePermission="USER";
$this->id_field = "PortalUserId";
$this->TagPrefix="user";
$this->Vars = Array();
$this->VarsLoaded = FALSE;
$this->debuglevel = 0;
if(isset($UserId))
$this->LoadFromDatabase($UserId);
}
function Delete()
{
global $objGroups, $objFavorites;
$g = $objGroups->GetPersonalGroup($this->Get("Login"));
if(is_object($g))
$g->Delete();
$objFavorites->DeleteUser($this->Get("PortalUserId")); //delete favorites
parent::Delete();
}
function RemoveFromAllGroups()
{
$sql = "DELETE FROM ".GetTablePrefix()."UserGroup WHERE PortaluserId=".$this->Get("PortalUserId");
$this->adodbConnection->Execute($sql);
}
function RemoveFromGroup($GroupId)
{
$sql = "DELETE FROM ".GetTablePrefix()."UserGroup WHERE PortaluserId=".$this->Get("PortalUserId");
$sql .= " AND GroupId=$GroupId";
$this->adodbConnection->Execute($sql);
}
function PrimaryGroup($ReturnField = "GroupId")
{
global $objGroups;
$ret = "";
if(!is_object($this->PrimeGroup))
{
if((int)$this->Get("GroupId")>0)
{
$this->PrimeGroup =& $objGroups->GetItem($this->Get("GroupId"));
}
else
{
$this->PrimeGroup = new clsPortalGroup();
$sql = "SELECT * FROM ".GetTablePrefix()."UserGroup INNER JOIN ".GetTablePrefix()."PortalGroup ON (".GetTablePrefix()."UserGroup.GroupId=".GetTablePrefix()."PortalGroup.GroupId) WHERE PrimaryGroup = 1 AND PortalUserId=".$this->Get("PortalUserId");
//echo $sql;
$rs = $this->adodbConnection->Execute($sql);
if($rs && !$rs->EOF)
$this->PrimeGroup->SetFromArray($rs->fields);
}
}
$ret = $this->PrimeGroup->Get($ReturnField);
return $ret;
}
function SetPrimaryGroup($GroupId)
{
if($this->IsInGroup($GroupId))
{
$sql = "UPDATE ".GetTablePrefix()."UserGroup SET PrimaryGroup=0 WHERE PortalUserId=".$this->Get("PortalUserId");
$this->adodbConnection->Execute($sql);
$sql = "UPDATE ".GetTablePrefix()."UserGroup SET PrimaryGroup=1 WHERE GroupId=$GroupId AND PortalUserId=".$this->Get("PortalUserId");
$this->adodbConnection->Execute($sql);
}
}
function GetGroupList()
{
$ret = array();
$sql = "SELECT GroupId FROM %sUserGroup WHERE PortalUserId = %s ORDER BY PrimaryGroup";
$sql = sprintf($sql, GetTablePrefix(), $this->Get("PortalUserId"));
$ret = $this->adodbConnection->GetCol($sql);
return $ret;
}
function IsInGroup($GroupId)
{
$groups = $this->GetGroupList();
if( $groups === false ) return false;
return in_array($GroupId, $groups) ? true : false;
}
function GetPersonalGroup($CreateIfMissing = FALSE)
{
global $objGroups;
$n = "_".$this->Get("Login");
$g = $objGroups->GetItemByField("Name",$n);
if(!is_object($g) && $CreateIfMissing)
$g = $this->CreatePersonalGroup();
return $g;
}
function CreatePersonalGroup()
{
global $objGroups;
$Description = $this->Get("FirstName")." ".$this->Get("LastName");
$CreatedOn=time();
$n = "_".$this->Get("Login");
$g = $objGroups->Add_Group($n, $Description, $CreatedOn, 1, 0);
$g->Set("Personal",1);
$g->Set("System",0);
$g->Set("Enabled",1);
$g->Update();
if(is_object($g))
$g->AddUser($this->Get("PortalUserId"));
return $g;
}
function Validate()
{
global $Errors;
$dataValid = true;
if(!strlen($this->Get("Login")))
{
$Errors->AddError("error.fieldIsRequired",'Login',"","",get_class($this),"Validate");
$dataValid = false;
}
if(!strlen($this->Get("Email")))
{
$Errors->AddError("error.fieldIsRequired",'Email',"","",get_class($this),"Validate");
$dataValid = false;
}
return $dataValid;
}
function Approve()
{
$this->Set("Status", 1);
$this->Update();
$this->SendUserEventMail("USER.APPROVE",$this->Get("PortalUserId"));
$this->SendAdminEventMail("USER.APPROVE");
}
function Deny($IsBanned = 0)
{
$this->Set( Array('Status','IsBanned'), Array(0,$IsBanned) );
$this->Update();
$this->SendUserEventMail("USER.DENY",$this->Get("PortalUserId"));
$this->SendAdminEventMail("USER.DENY");
}
function HasSystemPermission($PermissionName)
{
global $objGroups;
$GroupList = $this->GetGroupList();
for($i=0;$i<count($GroupList);$i++)
{
$g = $objGroups->GetItem($GroupList[$i]);
$value = $g->HasSystemPermission($PermissionName);
if($value != -1)
break;
}
return $value;
}
function LoadPersistantVars()
{
global $objConfig;
unset($this->Vars);
$this->Vars = Array();
$user_id = $this->HasField('PortalUserId') ? $this->Get('PortalUserId') : 0;
$sql = "SELECT VariableName, VariableValue FROM ".GetTablePrefix()."PersistantSessionData WHERE PortalUserId = ".(int)$user_id." ORDER BY PortalUserId ASC";
$result = $this->adodbConnection->Execute($sql);
while ($result && !$result->EOF)
{
$data = $result->fields;
$this->Vars[$data["VariableName"]] = $data["VariableValue"];
if( basename($_SERVER['PHP_SELF']) != 'edit_config.php' )
{
$objConfig->Set($data["VariableName"], $data["VariableValue"], 1, 1);
}
$result->MoveNext();
}
$this->VarsLoaded = TRUE;
}
function SetPersistantVariable($variableName, $variableValue)
{
global $objConfig;
if(!$this->VarsLoaded)
$this->LoadPersistantVars();
$userid = $this->Get("PortalUserId");
$objConfig->Set($variableName,$variableValue,1);
$fields = array_keys($this->Vars);
if(strlen($variableValue)>0)
{
if(in_array($variableName,$fields))
{
$sql = "UPDATE ".GetTablePrefix()."PersistantSessionData SET VariableValue='$variableValue' WHERE VariableName='$variableName' AND PortalUserId=$userid";
}
else
$sql = "INSERT INTO ".GetTablePrefix()."PersistantSessionData (VariableName,VariableValue,PortalUserId) VALUES ('$variableName','$variableValue',$userid)";
}
else
$sql = "DELETE FROM ".GetTablePrefix()."PersistantSessionData WHERE VariableName='$variableName' AND PortalUserId=$userid";
$this->Vars[$variableName] = $variableValue;
// echo "<BR>SQL: $sql<BR>";
$this->adodbConnection->Execute($sql);
}
function GetPersistantVariable($variableName)
{
global $objConfig, $objSession;
if(!$this->VarsLoaded)
{
$this->LoadPersistantVars();
}
$fields = array_keys($this->Vars);
if(in_array($variableName,$fields))
{
$val = $this->Vars[$variableName];
}
else
{
if( $this->UniqueId() == $objSession->Get('PortalUserId') )
{
$val = $objConfig->Get($variableName);
}
else
{
$val = '';
}
}
return $val;
}
function GetAllPersistantVars()
{
if(!$this->VarsLoaded)
{
$this->LoadPersistantVars();
}
return $this->Vars;
}
function GetIcon()
{
}
function StatusIcon()
{
global $imagesURL;
$url = $imagesURL."/itemicons/icon16_user";
if($this->Get("Status")==0)
{
$url .= "_disabled";
}
else
if($this->Get("Status")==2)
{
$url .= "_pending";
}
$url .= ".gif";
return $url;
}
function IsFriend($UserId)
{
$ftable = GetTablePrefix()."Favorites";
$sql = "SELECT count(*) as FriendCount FROM $ftable WHERE PortalUserId=$UserId AND ResourceId=";
$sql .=$this->Get("ResourceId")." AND ItemTypeId=6";
$rs = $this->adodbConnection->Execute($sql);
if($rs && !$rs->EOF)
return ($rs->fields["FriendCount"]>0);
return FALSE;
}
function GetUserTime($timestamp)
{
if(is_numeric($this->Get("tz")))
{
return GetLocalTime($timestamp,$this->Get("tz"));
}
else
return GetLocalTime($timestamp);
}
function ParseObject($element)
{
global $objConfig, $objUsers, $objCatList,$objSession, $var_list_update, $var_list, $m_var_list_update;
//echo "<PRE>"; print_r($element); echo "</pre>";
//echo "Tag Prefix: ".$this->TagPrefix." Element: ".$element->name."<br>";
$this->clsPortalUser();
if (strtolower($element->name) == 'touser') {
$this->TagPrefix = "touser";
}
$extra_attribs = ExtraAttributes($element->attributes);
if(strtolower($element->name)==$this->TagPrefix)
{
$field = strtolower($element->attributes["_field"]);
if(substr($field,0,3)=="pp_")
{
$perm = $objSession->GetPersistantVariable($field);
if($perm)
{
$field = substr($field,3);
}
else
$field = "";
}
switch($field)
{
/*
@field:user.login
@description:User's login name
*/
case "username":
case "login":
$ret = $this->Get("Login");
break;
case "firstname":
$ret = $this->Get("FirstName");
break;
case "lastname":
$ret = $this->Get("LastName");
break;
case "password":
/*
@field:user.password
@description:User password
*/
- $ret = $objSession->Get("password");
- $objSession->Set("password", '');
+ /*$ret = $objSession->Get("password");
+ $objSession->Set("password", '');*/
+ $ret = GetVar('user_password');
break;
case "email":
$ret = $this->Get("Email");
break;
case "street":
$ret = $this->Get("Street");
break;
case "city":
$ret = $this->Get("City");
break;
case "state":
$ret = $this->Get("State");
break;
case "zip":
$ret = $this->Get("Zip");
break;
case "phone":
$ret = $this->Get("Phone");
break;
case "country":
$ret = $this->Get("Country");
break;
case "primarygroup":
/*
@field:user.primarygroup
@description:Parses a field from the user's primary group
@attrib:_groupfield::group field name to parse, defaults to group name
*/
$groupfield = $element->attributes["_groupfield"];
if(!strlen($groupfield))
$groupfield="Name";
$ret = $this->PrimaryGroup($groupfield);
break;
case "date":
/*
@field:user.date
@description:Returns the date/time the user was created
@attrib:_tz:bool:Convert the date to the user's local time
@attrib:_part::Returns part of the date. The following options are available: month,day,year,time_24hr,time_12hr
*/
$d = $this->Get("CreatedOn");
if($element->attributes["_tz"])
{
$d = GetLocalTime($d,$objSession->Get("tz"));
}
$part = strtolower($element->attributes["_part"]);
if(strlen($part))
{
$ret = ExtractDatePart($part,$d);
}
else
{
if($d<=0)
{
$ret = "";
}
else
$ret = LangDate($d);
}
break;
case "dob":
/*
@field:user.dob
@description:Returns the date/time of the users date of birth
@attrib:_tz:bool:Convert the date to the user's local time
@attrib:_part::Returns part of the date. The following options are available: month,day,year,time_24hr,time_12hr
*/
$d = $this->Get("dob");
if($element->attributes["_tz"])
{
$d = GetLocalTime($d,$objSession->Get("tz"));
}
$part = strtolower($element->attributes["_part"]);
if(strlen($part))
{
$ret = ExtractDatePart($part,$d);
}
else
{
// if($d<=0)
// {
// $ret = "";
// }
// else
$ret = LangDate($d);
}
break;
case "modified":
/*
@field:user.modified
@description:Returns the date/time the user was last modified
@attrib:_tz:bool:Convert the date to the user's local time
@attrib:_part::Returns part of the date. The following options are available: month,day,year,time_24hr,time_12hr
*/
$d = $this->Get("Modified");
if($d<=0)
$d = $this->Get("CreatedOn");
if($element->GetAttributeByName('_tz'))
{
$d = GetLocalTime($d,$objSession->Get("tz"));
}
$part = strtolower($element->GetAttributeByName('_part'));
if(strlen($part))
{
$ret = ExtractDatePart($part,$d);
}
else
{
if($d<=0)
{
$ret = "";
}
else
$ret = LangDate($d);
}
break;
case 'send_pm_link':
$var_list_update['t'] = $element->GetAttributeByName('_Template');
$ret = GetIndexURL(2)."?env=".BuildEnv()."&ToUser=".$this->Get('Login');
break;
case "profile_link":
/*
@field:user.profile_link
@description:Create a link to the user's profile
@attrib:_template:tpl:template the link should point to
*/
$t = $element->attributes["_template"];
if(strlen($t))
{
$var_list_update["t"] = $t;
}
else
$var_list_update["t"] = $var_list["t"];
$ret = GetIndexURL(2)."?env=" . BuildEnv()."&UserId=".$this->Get("PortalUserId");
break;
case "add_friend_link":
/*
@field:user.add_friend_link
@description:link to add a user to the friends list
@attrib:_template:tpl:Template link shoukd point to
*/
if($element->attributes["_force"] || !$this->IsFriend($objSession->Get("PortalUserId")) &&
$this->Get("PortalUserId") != $objSession->Get("PortalUserId"))
{
$t = $element->attributes["_template"];
if(strlen($t))
{
$var_list_update["t"] = $t;
}
else
$var_list_update["t"] = $var_list["t"];
$action = "m_add_friend";
$ret = GetIndexURL(2)."?env=" . BuildEnv()."&Action=".$action."&UserId=".$this->Get("PortalUserId");
}
else
$ret = "";
break;
case "del_friend_link":
/*
@field:user.del_friend_link
@description:link to remove a user from the friends list
@attrib:_template:tpl:Template link shoukd point to
*/
if($element->attributes["_force"] || $this->IsFriend($objSession->Get("PortalUserId")) &&
$this->Get("PortalUserId") != $objSession->Get("PortalUserId"))
{
$t = $element->attributes["_template"];
if(strlen($t))
{
$var_list_update["t"] = $t;
}
else
$var_list_update["t"] = $var_list["t"];
$action = "m_del_friend";
$ret = GetIndexURL(2)."?env=" . BuildEnv()."&Action=".$action."&UserId=".$this->Get("PortalUserId");
}
else
$ret = "";
break;
case "icon":
$ret = $this->GetIcon();
break;
case "image":
/*
@field:user.image
@description:Return an image associated with the user
@attrib:_default:bool:If true, will return the default image if the requested image does not exist
@attrib:_name::Return the image with this name
@attrib:_thumbnail:bool:If true, return the thumbnail version of the image
@attrib:_imagetag:bool:If true, returns a complete image tag. exta html attributes are passed to the image tag
*/
$avatar = $element->attributes["_avatar"];
$default = $element->attributes["_primary"];
$name = $element->attributes["_name"];
if ($avatar)
{
$img = $this->GetAvatarImage();
}
elseif(strlen($name))
{
$img = $this->GetImageByName($name);
// echo "<PRE>";print_r($img); echo "</PRE>";
}
elseif ($default)
{
$img = $this->GetDefaultImage();
}
if($img)
{
if($element->attributes["_thumbnail"])
{
$url = $img->parsetag("thumb_url");
}
else
$url = $img->parsetag("image_url");
}
else
{
$url = $element->attributes["_defaulturl"];
}
if($element->attributes["_imagetag"])
{
if(strlen($url))
{
$ret = "<IMG src=\"$url\" $extra_attribs >";
}
else
$ret = "";
}
else
$ret = $url;
break;
case "custom":
/*
@field:cat.custom
@description:Returns a custom field
@attrib:_customfield::field name to return
@attrib:_default::default value
*/
$field = $element->attributes["_customfield"];
$default = $element->attributes["
"];
$ret = $this->GetPersistantVariable($field);
if(!strlen($ret))
$ret = $this->GetCustomFieldValue($field,$default);
break;
default:
$ret = "Undefined:".$element->name;
break;
}
}
else
{
$ret = $this->parsetag($element->name);
}
return $ret;
}
function parsetag($tag)
{
global $m_var_list_update, $var_list_update, $var_list, $objConfig;
if(is_object($tag))
{
$tagname = $tag->name;
}
else
$tagname = $tag;
switch($tagname)
{
case "user_id":
return $this->Get("ResourceId");
break;
case "user_login":
return $this->Get("Login");
break;
case "user_group":
return $this->Get("PrimaryGroupName");
break;
case "user_firstname":
return $this->Get("FirstName");
break;
case "user_lastname":
return $this->Get("LastName");
break;
case "user_email":
return $this->Get("Email");
break;
case "user_date":
return LangDate($this->Get("CreatedOn"));
break;
case "user_time":
return LangTime($this->Get("CreatedOn"));
break;
case "user_dob":
return LangDate($this->Get("dob"));
break;
case "user_password":
return $this->Get("Password");
break;
case "user_phone":
return $this->Get("Phone");
break;
case "user_street":
return $this->Get("Street");
break;
case "user_city":
return $this->Get("City");
break;
case "user_state":
return $this->Get("State");
break;
case "user_zip":
return $this->Get("Zip");
break;
case "user_country":
return $this->Get("Country");
break;
case "user_resourceid":
return $this->Get("ResourceId");
break;
case "user_icon":
return $this->GetIcon();
break;
case "user_profile_link":
$var_list_update["t"] = "user_profile";
$m_var_list_update["action"] = $this->Get("UserId");
$ret = GetIndexURL(2)."?env=" . BuildEnv();
unset($m_var_list_update["action"], $var_list_update["t"]);
return $ret;
break;
case "user_messages":
return $this->NewMessages();
break;
case "user_messages_link":
$var_list_update["t"] = "inbulletin/bb_private_msg_list";
return GetIndexURL(2)."?env=" . BuildEnv();
unset($var_list_update);
break;
default:
return "Undefined:$tagname";
break;
}
}
} /* class clsPortalUser*/
class clsUserManager extends clsItemList //clsItemCollection
{
/*this class wraps common user-related functions */
// var $Page;
function clsUserManager()
{
$this->clsItemCollection(); // clsItemList() // need to use this, but double limit clause being created (normal+default 0,100)
$this->classname = "clsPortalUser";
$this->SetTable('live', GetTablePrefix().'PortalUser');
$this->Page = isset($_GET['lpn']) ? $_GET['lpn'] : 1;
$this->EnablePaging = true;
$this->PerPageVar = "Perpage_User";
$this->AdminSearchFields = array("Login","FirstName","LastName","Email","Street","City", "State","Zip","Country","Phone");
}
function GetPageLinkList($dest_template=NULL,$link_template=NULL,$page = "")
{
global $objConfig, $m_var_list_update, $var_list_update, $var_list;
if(!strlen($page))
$page = GetIndexURL(2);
$NumPages = $this->GetNumPages($objConfig->Get("Perpage_Topics"));
if(strlen($dest_template)>0)
{
$var_list_update["t"]=$dest_template;
}
else
{
$var_list_update["t"] = $var_list["t"];
}
$o = "";
if($this->Page>1)
{
$m_var_list_update["p"]=$this->Page-1;
$prev_url = $page."?env=".BuildEnv();
}
if($this->Page<$NumPages)
{
$m_var_list_update["p"]=$this->Page+1;
$next_url = $page."?env=".BuildEnv();
}
for($p=1;$p<=$NumPages;$p++)
{
$t = template($link_template);
if($p!=$this->Page)
{
$m_var_list_update["p"]=$p;
$href = $page."?env=".BuildEnv();
$t = str_replace("<%page_link%>", $href, $t);
$t = str_replace("<%page_number%>",$p,$t);
$t = str_replace("<%prev_url%>",$prev_url,$t);
$t = str_replace("<%next_url%>",$next_url,$t);
$o .= $t;
}
else
{
$o .= "<SPAN class=\"CURRENT_PAGE\">$p</SPAN>";
}
}
return $o;
}
function GetUser($ID)
{
$u = $this->GetItem($ID);
return $u;
}
function GetUserName($Id)
{
$rs = $this->adodbConnection->Execute("SELECT Login from ".$this->SourceTable." where PortalUserId=$Id");
return $rs->fields["Login"];
}
function GetUserId($Login)
{
$rs = $this->adodbConnection->Execute("SELECT PortalUserId from ".$this->SourceTable." where Login LIKE '$Login'");
return $rs->fields["PortalUserId"];
}
function GetTotalUsers()
{
return $this->UserCount("1");
}
function GetLatestUser()
{
global $Errors;
$sql = "SELECT max(CreatedOn) as LastDate FROM ".$this->SourceTable;
$result = $this->adodbConnection->Execute($sql);
if ($result === false || !is_object($result))
{
$Errors->AddError("error.DatabaseError",NULL,$adodbConnection->ErrorMsg(),"",get_class($this),"GetLatestUser");
return false;
}
$sql = "SELECT PortalUserId FROM ".$this->SourceTable." WHERE CreatedOn >= ".$result->fields["LastDate"];
$result = $this->adodbConnection->Execute($sql);
if (!rs || $rs->EOF)
{
$Errors->AddError("error.DatabaseError",NULL,$adodbConnection->ErrorMsg(),"",get_class($this),"GetLatestUser");
return false;
}
$u = $this->GetUser($result->fields["PortalUserId"]);
return $u;
}
function &Add_User($Login, $Password, $Email, $CreatedOn, $FirstName="", $LastName="", $Status=2,
$Phone="", $Street="", $City="", $State="", $Zip="", $Country="", $dob=0, $ip="", $CheckBanned=FALSE)
{
$u = new clsPortalUser(NULL);
$u->tablename = $this->SourceTable;
//echo "Creating User..<br>\n";
$u->Set(array("Login", "Password", "FirstName", "LastName", "Email", "Status",
"Phone","Street", "City", "State", "Zip", "Country", "CreatedOn","dob"),
array($Login, $Password, $FirstName, $LastName, $Email, $Status,
$Phone, $Street, $City, $State, $Zip, $Country, $CreatedOn, $dob));
$BrokenRule = $CheckBanned ? $u->CheckBanned() : false;
if(!$BrokenRule)
{
$u->Create();
return $u;
}
return $BrokenRule;
/*md5($Password)*/
}
function &Edit_User($UserId, $Login, $Password, $Email, $CreatedOn, $FirstName="", $LastName="",
$Status=2, $Phone="", $Street="", $City="", $State="", $Zip="", $Country="", $dob=0, $MinPwResetDelay=300)
{
//echo "<font color=\"red\">Editing User: [$UserId]</font><br>";
$u =& $this->GetItem($UserId);
if(!$CreatedOn)
$CreatedOn = $u->Get("CreatedOn");
// $u->debuglevel=1;
if (is_object($u))
{
$IsBanned = $u->Get('IsBanned');
if($Status == 1) $IsBanned = 0;
$u->Set(array("Login", "FirstName", "LastName", "Email", "Status",
"Phone", "Street", "City", "State", "Zip", "Country", "CreatedOn","dob","IsBanned", "MinPwResetDelay"),
array($Login, $FirstName, $LastName, $Email, $Status,
$Phone, $Street, $City, $State, $Zip, $Country, $CreatedOn,$dob,$IsBanned,$MinPwResetDelay));
if(strlen($Password))
$u->Set("Password",$Password);
$u->Update();
}
return $u;
}
function Delete_User($UserId)
{
$u = $this->GetItemByField("ResourceId",$UserId);
if(is_object($u))
{
$u->RemoveFromAllGroups();
$u->Delete();
}
}
function LoadUsers($where = "",$orderBy = "")
{
global $objConfig;
$this->Clear();
if($this->Page<1)
$this->Page=1;
if(is_numeric($objConfig->Get("Perpage_Users")))
{
$Start = ($this->Page-1)*$objConfig->Get("Perpage_Users");
$limit = "LIMIT ".$Start.",".$objConfig->Get("Perpage_Users");
}
else
$limit = NULL;
$where = trim($where);
$orderBy = trim($orderBy);
if(!strlen($where))
$where = "1";
$this->QueryItemCount=TableCount($this->SourceTable,$where,0);
if($this->QueryItemCount>0)
{
if ($orderBy!="")
{
$this->Query_PortalUser($where,$orderBy,$limit);
}
else
{
$this->Query_PortalUser($where,"Login DESC",$limit);
}
}
}
function Query_PortalUser($whereClause,$orderByClause="", $limitClause="")
{
global $m_var_list,$Errors, $objSession;
$resultSet = array();
$utable = $this->SourceTable;
$gtable = GetTablePrefix()."UserGroup";
$sql = "SELECT * FROM $utable LEFT JOIN $gtable ON ($utable.PortalUserId=$gtable.PortalUserId)";
if(isset($whereClause))
$sql = sprintf('%s WHERE %s',$sql,$whereClause);
if(isset($orderByClause))
if(strlen(trim($orderByClause))>0)
$sql = sprintf('%s ORDER BY %s',$sql,$orderByClause);
if(isset($limitClause))
$sql = sprintf('%s %s',$sql,$limitClause);
return $this->Query_Item($sql);
}
function Query_GroupPortalUser($whereClause,$orderByClause)
{
global $m_var_list,$objSession,$Errors;
$resultSet = array();
$table = $this->SourceTable;
$sql = "SELECT * FROM $table LEFT JOIN ".GetTablePrefix()."UserGroup USING (PortalUserId) ";
if(isset($whereClause))
$sql = sprintf('%s WHERE %s',$sql,$whereClause);
if(isset($orderByClause))
$sql = sprintf('%s ORDER BY %s',$sql,$orderByClause);
return $this->query_item($sql);
}
function UserCount($whereClause)
{
$count = TableCount($this->SourceTable,$whereClause,0);
return $count;
}
function CountActive()
{
return $this->UserCount("Status=1");
}
function CountPending()
{
return $this->UserCount("Status=2");
}
function CountDisabled()
{
return $this->UserCount("Status=0");
}
function CopyFromEditTable($idfield)
{
global $objSession;
$GLOBALS['_CopyFromEditTable']=1;
$edit_table = $objSession->GetEditTable($this->SourceTable);
$sql = "SELECT * FROM $edit_table";
$rs = $this->adodbConnection->Execute($sql);
//echo $sql."<BR>";
$item_ids = Array();
while($rs && !$rs->EOF)
{
$data = $rs->fields;
$c = new $this->classname;
$c->SetFromArray($data);
$c->idfield = $idfield;
$c->Dirty();
if($c->Get($idfield)<1)
{
$old_id = $c->Get($idfield);
$c->UnsetIdField();
$c->Create();
$sql = "UPDATE ".GetTablePrefix()."UserGroup SET PortalUserId=".$c->Get("PortalUserId");
$sql .=" WHERE PortalUserId=0";
$this->adodbConnection->Execute($sql);
}
else
{
$c->Update();
}
$item_ids[] = $c->UniqueId();
unset($c);
$rs->MoveNext();
}
@$this->adodbConnection->Execute("DROP TABLE IF EXISTS $edit_table");
unset($GLOBALS['_CopyFromEditTable']);
return $item_ids;
}
function PurgeEditTable()
{
parent::PurgeEditTable();
$sql = "DELETE FROM ".GetTablePrefix()."UserGroup WHERE PortalUserId=0";
$this->adodbConnection->Execute($sql);
}
} /*clsUserManager*/
?>
Property changes on: trunk/kernel/include/portaluser.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.27
\ No newline at end of property
+1.28
\ No newline at end of property
Index: trunk/kernel/frontaction.php
===================================================================
--- trunk/kernel/frontaction.php (revision 3108)
+++ trunk/kernel/frontaction.php (revision 3109)
@@ -1,1100 +1,1100 @@
<?php
switch($Action)
{
case "m_login":
// if($objSession->ValidSession()) $objSession->Logout();
//echo $objSession->GetSessionKey()."<br>\n";
if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") {
$FormError["login"]["login_user"] = language("lu_cookies_error");
}
else
{
$MissingCount = SetMissingDataErrors("login");
if($MissingCount==2)
{
$FormError["login"]["login_user"]= language("lu_ferror_loginboth");
unset($FormError["login"]["login_password"]);
}
if($MissingCount==0)
{
if($_POST["login_user"]=="root")
{
$FormError["login"]["login_user"]= language("lu_access_denied");
}
else
{
$LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
if($LoginCheck === true)
{
if( !headers_sent() && GetVar('usercookie') == 1 )
{
$c = $_POST["login_user"]."|";
$pw = $_POST["login_password"];
if(strlen($pw) < 31) $pw = md5($pw);
$c .= $pw;
set_cookie('login', $c, time() + 2592000);
}
// set new destination template if passed
$dest = GetVar('dest', true);
if(!$dest) $dest = GetVar('DestTemplate', true);
if($dest) $var_list['t'] = $dest;
$next_template = $objSession->GetVariable('next_template');
if($next_template)
{
$objSession->SetVariable('next_template','');
$var_list_update["t"] = $next_template;
$url = GetIndexURL(2)."?env=".BuildEnv();
header('Location: '.$url);
exit;
$var_list['t'] = $next_template.'.tpl';
}
elseif($var_list['t'] == 'login')
{
$var_list['t'] = 'index';
}
if( class_exists('kApplication') )
{
$application =& kApplication::Instance();
$application->HandleEvent( new kEvent('u:OnInpLogin') );
$redirect_template = getArrayValue($var_list_update, 't') ? $var_list_update['t'] : $var_list['t'];
$application->Redirect($redirect_template);
}
}
else
{
switch($LoginCheck)
{
case -1: // user or/and pass wrong
$FormError["login"]["login_password"] = language("lu_incorrect_login");
break;
case -2: // user ok, but has no permission
$FormError["login"]["login_password"] = language("la_text_nopermissions");
break;
}
}
}
}
}
break;
case "m_resetpw":
$passed_key = $_GET['user_key'];
$u = $objUsers->GetItemByField("PwResetConfirm", $passed_key);
$found = is_object($u);
if($found)
{
$exp_time = $u->Get('PwRequestTime') + 3600;
$u->Set("PwResetConfirm", '');
$u->Set("PwRequestTime", 0);
if ($exp_time > mktime())
{
$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword();
- $objSession->Set('password', $newpw);
+ SetVar('user_password', $newpw);
$u->Set("Password",$newpw);
$u->Set("PassResetTime", time());
$u->Set("PwResetConfirm", '');
$u->Set("PwRequestTime", 0);
$u->Update();
$u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.PSWD");
$u->Set("Password",md5($newpw));
$u->Update();
$u->Clean();
} else {
$m_var_list_update['codevalidationresult'] = 'lu_code_expired';
}
} else {
$m_var_list_update['codevalidationresult'] = 'lu_code_is_not_valid';
}
break;
case "m_forgotpw":
$MissingCount = SetMissingDataErrors("forgotpw");
// $pass_reset_add = $objConfig->Get("Users_AllowReset");
if($MissingCount==0)
{
$username = $_POST["username"];
$email = $_POST["email"];
$found = false;
$allow_reset = true;
if(strlen($username))
{
$u = $objUsers->GetItemByField("Login",$username);
if(is_object($u))
$found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
}
else if(strlen($email))
{
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
$found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
}
if(is_object($u))
{
$PwResetConfirm = $u->Get('PwResetConfirm');
$PwRequestTime = $u->Get('PwRequestTime');
$PassResetTime = $u->Get('PassResetTime');
$MinPwResetDelay = $u->Get('MinPwResetDelay');
$allow_reset = (strlen($PwResetConfirm) ?
mktime() > $PwRequestTime + $MinPwResetDelay :
mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
//$newpw = makepassword();
//$objSession->Set('password', $newpw);
$objSession->Set('tmp_user_id', $u->Get("PortalUserId"));
$objSession->Set('tmp_email', $u->Get("Email"));
//$u->Set("Password",$newpw);
//$u->Update();
$u->SendUserEventMail("USER.PSWDC",$u->Get("PortalUserId"));
//$u->SendAdminEventMail("USER.PSWDC");
//$u->Set("Password",md5($newpw));
//$u->Update();
$u->Clean();
$var_list['t'] = GetVar('Confirm');
}
else
{
if(!strlen($username) && !strlen($email))
{
$FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
$MissingCount++;
}
else
{
$error_phrases=Array();
if($allow_reset)
{
$error_phrases['username']='lu_ferror_unknown_username';
$error_phrases['email']='lu_ferror_unknown_email';
}
else
{
$error_phrases['username']='lu_ferror_reset_denied';
$error_phrases['email']='lu_ferror_reset_denied';
}
foreach ($error_phrases as $field_name => $phrase_name) {
if(GetVar($field_name))
{
$FormError["forgotpw"][$field_name] = language($phrase_name);
break;
}
}
$MissingCount++;
}
if(strlen($_GET["error"]))
$var_list["t"] = $_GET["error"];
}
}
else
if(strlen($_GET["error"]))
$var_list["t"] = $_GET["error"];
break;
case "m_subscribe_confirm":
$t = "";
$_GET["subscribe_email"] = $_POST["subscribe_email"];
$SubscribeAddress = $_POST["subscribe_email"];
if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
{
$t = $_GET["Error"];
$SubscribeError = "lu_invalid_emailaddress";
}
else
{
if((int)$objConfig->Get("User_SubscriberGroup")>0)
{
$g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
if(is_object($g))
{
$email = $_POST["subscribe_email"];
if(strlen($email)>0)
{
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
{
if($u->CheckBanned())
{
$t = $_GET["Error"];
$SubscribeError ="lu_subscribe_banned";
}
else
{
if($u->IsInGroup($g->Get("GroupId")))
{
$t = $_GET["Unsubscribe"];
}
else
$t = $_GET["Subscribe"];
}
}
else
$t = $_GET["Subscribe"];
}
else
{
$t = $_GET["Error"];
$SubscribeError ="lu_subscribe_no_address";
}
}
else
{
$t = $_GET["Error"];
$SubscribeError ="lu_subscribe_unknown_error";
}
}
}
if(strlen($t))
{
$var_list["t"] = $t;
$var_list_update["t"] = $t;
}
break;
case "m_subscribe":
if($_POST["buttons"][0]==language("lu_button_yes"))
{
$SubscribeAddress = $_POST["subscribe_email"];
if(strlen($SubscribeAddress)>0)
{
if(ValidEmail($SubscribeAddress))
{
$GroupId = (int)$objConfig->Get("User_SubscriberGroup");
if ($GroupId)
{
$g = $objGroups->GetItem($GroupId);
$u = $objUsers->GetItemByField("Email",$SubscribeAddress);
if(is_object($u))
{
if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
{
$bExists = TRUE;
}
else
$bExists = FALSE;
}
if($bExists)
{
$g->AddUser($u->Get("PortalUserId"),0,false);
}
else
{
$u = new clsPortalUser(NULL);
$u->Set("Email",$SubscribeAddress);
$u->Set("ip",$_SERVER['REMOTE_ADDR']);
$u->Set("CreatedOn",date("U"));
$u->Set("Status",1);
if(!$u->CheckBanned())
{
$u->Create();
$g->AddUser($u->Get("PortalUserId"),1,false);
}
else
$SubscribeResult = "lu_subscribe_banned";
}
$SubscribeResult = "lu_subscribe_success";
$u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.SUBSCRIBE");
if(strlen($_GET["Subscribe"])>0)
$var_list["t"] = $_GET["Subscribe"];
}
}
else
{
$SubscribeResult = "lu_invalid_emailaddress";
}
}
else
$SubscribeResult = "lu_subscribe_missing_address";
}
if(!strlen($SubscribeResult))
$SubscribeResult = "lu_subscribe_success";
break;
case "m_unsubscribe":
if($_POST["buttons"][0]==language("lu_button_yes"))
{
$MissingCount = SetMissingDataErrors("m_unsubscribe");
if($MissingCount==0)
{
$email = $_POST["subscribe_email"];
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
{
if(strtolower($u->Get("Email"))==strtolower($email))
{
$GroupId = (int)$objConfig->Get("User_SubscriberGroup");
if($u->PrimaryGroup()==$GroupId)
{
$u_gorup_list = $u->GetGroupList();
if (count($u_gorup_list) > 1) {
$u->RemoveFromGroup($GroupId);
}
else {
$u->RemoveFromAllGroups();
$u->Delete();
}
}
else
{
$u->RemoveFromGroup($GroupId);
}
}
}
if(strlen($_GET["Subscribe"])>0)
$var_list["t"] = $_GET["Subscribe"];
}
}
break;
case "m_register":
$_POST=inp_escape($_POST);
$MissingCount = SetMissingDataErrors("m_register");
if(!$objConfig->Get("User_Password_Auto"))
{
if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
{
$MissingCount++;
$FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
}
if(strlen($_POST["password"])>30)
{
// echo "VAR: ".$_POST["password"]; die();
$MissingCount++;
$FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
}
if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
{
$MissingCount++;
$FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
}
}
if(($_POST["username"]=="root"))
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_user_exists");
}
else
{
$u = $objUsers->GetItemByField("Login",$_POST["username"]);
if(is_object($u))
{
if($u->Get("Login")==$_POST["username"])
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_user_exists");
}
}
}
if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
}
if(!$MissingCount)
{
$CreatedOn = adodb_date("U");
$GroupId = $objConfig->Get("User_NewGroup");
$Status=0;
/* determine the status of new users */
switch ($objConfig->Get("User_Allow_New"))
{
case "1":
$Status=1;
break;
case "3":
$Status=2;
break;
}
/* set Destination template */
$var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
if($Status>0)
{
if($objConfig->Get("User_Password_Auto"))
{
$password = makepassword();
$objSession->Set("password", $password);
}
else
$password = $_POST["password"];
$_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
$dob = DateTimestamp($_POST["dob"],GetDateFormat());
$ip = $_SERVER['REMOTE_ADDR'];
$u = &$objUsers->Add_User($_POST["username"], md5($password), $_POST["email"], $CreatedOn, $_POST["firstname"], $_POST["lastname"], $Status, $_POST["phone"], $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"], $_POST["country"], $dob, $ip, TRUE);
if(!is_object($u))
{
$RuleId=$u;
$r = $objBanList->GetItem($RuleId);
$err = $r->Get("ErrorTag");
if(strlen($err))
{
$FormError["m_register"][$r->Get("ItemField")] = language($err);
$MissingCount++;
}
}
else
{
$u->Set("Password",$password);
$u->Clean();
if($GroupId>0)
{
$g = $objGroups->GetItem($GroupId);
$g->AddUser($u->Get("PortalUserId"),1,false);
}
$custom = $_POST["custom"];
if(is_array($custom))
{
for($x=0;$x<count($custom);$x++)
{
$u->SetCustomField($custom[$x],$_POST[$custom[$x]]);
}
$u->SaveCustomFields();
}
if($Status==1)
{
if($objConfig->Get("User_Password_Auto"))
{
$u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.VALIDATE");
}
else
{
$doLoginNow = true;
$u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.ADD");
}
}
else
{
$u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.ADD.PENDING");
}
if ($doLoginNow)
{
$login_ok = $objSession->Login($_POST["username"], md5($password));
if($login_ok)
{
$next_template = $objSession->GetVariable('next_template');
if($next_template)
{
$objSession->SetVariable('next_template','');
$var_list_update["t"] = $next_template;
$url = GetIndexURL(2)."?env=".BuildEnv();
header('Location: '.$url);
exit;
$var_list['t'] = $next_template.'.tpl';
}
}
}
}
}
}
break;
case "m_add_friend":
$id = $_GET["UserId"];
$userid = $objSession->Get("PortalUserId");
if($id!=$userid)
{
$u =& $objUsers->GetItem($id);
$u->AddFavorite($userid);
}
DeleteModuleTagCache('kernel');
break;
case "m_del_friend":
$id = $_GET["UserId"];
$userid = $objSession->Get("PortalUserId");
$u =& $objUsers->GetItem($id);
$u->DeleteFavorite();
DeleteModuleTagCache('kernel');
break;
case "m_acctinfo":
// phpinfo(INFO_VARIABLES);
$_POST=inp_escape($_POST);
$MissingCount = SetMissingDataErrors("m_acctinfo");
$UserId = $_GET["UserId"];
if($UserId != $objSession->Get("PortalUserId"))
{
$MissingCount++;
$FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
}
if(strlen($_POST["password"])>0)
{
if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
{
$MissingCount++;
$FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
}
if(strlen($_POST["password"])>30)
{
// echo "VAR: ".$_POST["password"]; die();
$MissingCount++;
$FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
}
if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
{
$MissingCount++;
$FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
}
}
$db =& GetADODBConnection();
$email = GetVar('email');
$test_id = $db->GetOne('SELECT PortalUserId FROM '.GetTablePrefix().'PortalUser WHERE Email = '.$db->qstr($email));
if($test_id && ($test_id != $objSession->Get('PortalUserId')) )
{
$MissingCount++;
$FormError["m_acctinfo"]["email"] = language("lu_ferror_email_duplicate");
}
if(!$MissingCount)
{
/* save profile */
$u =& $objUsers->GetItem($UserId);
$status = $u->Get("Status");
$_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
$dob = DateTimestamp($_POST["dob"], GetDateFormat());
if(strlen($_POST["password"])>0)
{
$password = md5($_POST["password"]);
}
else
$password = "";
$objUsers->Edit_User($UserId, $_POST["username"], $password, $_POST["email"], 0,
$_POST["firstname"], $_POST["lastname"], $status, $_POST["phone"],
$_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"],
$_POST["country"], $dob, $_POST['MinPwResetDelay']);
$ResourceId= $u->Get("ResourceId");
$objCustomDataList->LoadResource($ResourceId);
$objCustomFields = new clsCustomFieldList(6);
for($i=0;$i<$objCustomFields->NumItems(); $i++)
{
$field = & $objCustomFields->GetItemRefByIndex($i);
$fieldid= $field->Get("CustomFieldId");
$fname = $field->Get("FieldName");
if(isset($_POST[$fname]))
$objCustomDataList->SetFieldValue($fieldid,$ResourceId,$_POST[$fname]);
elseif(isset($_POST[strtolower($fname)]))
$objCustomDataList->SetFieldValue($fieldid,$ResourceId,$_POST[strtolower($fname)]);
}
$objCustomDataList->SaveData();
}
DeleteModuleTagCache('kernel');
break;
case "m_profile":
$userid = $objSession->Get("PortalUserId");
if($userid>0)
{
$u = $objUsers->GetItem($userid);
foreach($_POST as $field=>$value)
{
if(substr($field,0,3)=="pp_")
{
$objSession->SetPersistantVariable($field,$value);
}
}
}
break;
case "m_set_lang":
$lang = $_GET["lang"];
$LangId = 0;
if(strlen($lang))
{
$l = $objLanguages->GetItemByField("PackName",$lang);
if(is_object($l))
{
$LangId = $l->Get("LanguageId");
}
}
if($LangId)
{
if($objSession->Get("PortalUserId")>0)
{
$objSession->SetPersistantVariable("Language",$LangId);
}
$objSession->Set("Language",$LangId);
$objSession->Update();
$m_var_list_update["lang"] = $LangId;
$m_var_list["lang"] = $LangId;
}
break;
case "m_set_theme":
$id = $_POST["ThemeId"];
if(!is_numeric($id))
$id = $_GET["ThemeId"];
if($id)
{
$objSession->SetThemeName($id);
$m_var_list["t"] = "index";
$m_var_list_update["theme"] = $id;
$m_var_list["theme"] = $id;
unset($CurrentTheme);
}
break;
case "m_sort_cats":
$objSession->SetVariable("Category_Sortfield",$_POST["Category_Sortfield"]);
$objSession->SetVariable("Category_Sortorder",$_POST["Category_Sortorder"]);
$objSession->SetVariable("Perpage_Category",$_POST["Perpage_Category"]);
DeleteModuleTagCache('kernel');
break;
case "m_add_cat_confirm":
$perm = 0;
$CategoryId=$objCatList->CurrentCategoryID();
if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
$perm = 2;
if ($objSession->HasCatPermission("CATEGORY.ADD"))
$perm = 1;
if ($perm == 0)
{
$MissingCount++;
$FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
}
else
{
$MissingCount = SetMissingDataErrors("m_addcat");
if(is_array($_FILES))
{
foreach($_FILES as $field => $file)
{
$allowed = TRUE;
if(strlen($_POST["imagetypes"][$field]))
{
$types = explode(",",strtolower($_POST["imagetypes"][$field]));
if(is_array($types))
{
if(count($types)>0)
{
$path_parts = pathinfo($file["name"]);
$ext = $path_parts["extension"];
$allowed = in_array($ext,$types);
if(!$allowed)
{
$MissingCount++;
$FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
}
}
}
}
$maxsize = (int)$_POST["maxsize"][$field];
if($maxsize>0 && $allowed && $file["size"]>$maxsize)
{
$allowed = FALSE;
$MissingCount++;
$FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
}
}
}
if($MissingCount==0)
{
$CreatedOn = date("U");
$_POST=inp_striptags($_POST);
$name = $_POST["name"];
$desc = $_POST["description"];
$metadesc = $_POST["meta_description"];
$keywords = $_POST["meta_keywords"];
$parent = $objCatList->CurrentCategoryID();
$cat =& $objCatList->Add($parent, $name, $desc, $CreatedOn,
0, $perm, 2, 2, 2, 0, $keywords,$metadesc);
$CatResourceId= $cat->Get('ResourceId');
$objCustomFields = new clsCustomFieldList($cat->type);
$field_list = $objCustomFields->Query_CustomField('Type='.$cat->type);
for($i=0;$i<$objCustomFields->NumItems(); $i++)
{
$field = & $objCustomFields->GetItemRefByIndex($i);
$fieldid= $field->Get('CustomFieldId');
$fname = $field->Get('FieldName');
if(isset($_POST[$fname]))
{
$objCustomDataList->SetFieldValue($fieldid,$CatResourceId,$_POST[$fname]);
}
elseif(isset($_POST[strtolower($fname)]))
{
$objCustomDataList->SetFieldValue($fieldid,$CatResourceId,$_POST[strtolower($fname)]);
}
}
$objCustomDataList->SaveData();
$cat->UpdateCachedPath();
$cat->Update();
$cat->UpdateACL();
$objCatList->UpdateMissingCacheData();
if(strlen($_GET["Confirm"]))
{
$var_list["t"] = $_GET["Confirm"];
}
else
$var_list["t"] = $_GET["DestTemplate"];
}
}
DeleteModuleTagCache('kernel');
break;
case "m_front_review_add":
if($objSession->InSpamControl($_POST["ItemId"]))
{
$StatusMessage["review"] = language("la_Review_AlreadyReviewed");
}
else
{
$objReviews = new clsItemReviewList();
$Status = $objConfig->Get("Review_DefaultStatus");
$CreatedOn = adodb_date("U");
$html = (int)$objConfig->Get("Review_Html");
$ReviewText = inp_striptags($_POST["review_text"]);
$r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
foreach($ItemTypes as $type=>$id)
{
if($id==$_POST["ItemType"])
{
$ValName = $type."_ReviewDelay_Value";
$IntName = $type."_ReviewDelay_Interval";
break;
}
}
if(strlen($ValName) && strlen($IntName))
{
$exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
$objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
if(is_object($r))
{
if($Status)
{
$StatusMessage["review"] = language("la_Review_Added");
}
else
$StatusMessage["review"] = language("la_Review_Pending");
}
else
$StatusMessage["review"] = language("la_Review_Error");
}
else
$StatusMessage["error"] = language("la_ConfigError_Review");
}
DeleteModuleTagCache('kernel');
break;
case "m_suggest_email":
$cutoff = time()+(int)$objConfig->Get("Suggest_MinInterval");
$email = inp_striptags($_POST["suggest_email"]);
if (strlen($email))
{
if(ValidEmail($email))
{
$sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".$email."' and sent<".$cutoff;
$adodbConnection = &GetADODBConnection();
$rs = $adodbConnection->Execute($sql);
$rs = false;
if($rs && !$rs->EOF)
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$suggest_result = "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]);
}
else
{
$Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
if(is_object($Event))
{
if($Event->Get("Enabled")=="1")
{
$Event->Item = null;
$Event->SendToAddress($email);
$sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".$email."','".time()."')";
$rs = $adodbConnection->Execute($sql);
$suggest_result=language("lu_suggest_success")." ".$email;
}
}
$e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
if($e->Get("Enabled")==1)
$e->SendAdmin();
if(strlen($_GET["Confirm"])>0)
$var_list["t"] = $_GET["Confirm"];
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$suggest_result=language("lu_invalid_emailaddress");
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$suggest_result=language("lu_suggest_no_address");
}
break;
case "m_simple_search":
$keywords = trim($_POST["keywords"]);
$type = $objItemTypes->GetTypeByName("Category");
$objSearch = new clsSearchResults("Category","clsCategory");
$length = $objConfig->Get('Search_MinKeyword_Length');
if(strlen($keywords))
{
$performSearch = false;
$isExact = (substr($keywords, 0, 2) == '\"' && substr($keywords, strlen($keywords) - 2, 2) == '\"');
if ($isExact) {
$performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
}
else {
$key_arr = explode(' ', $keywords);
/*foreach($key_arr as $value) {
if (strlen(str_replace("+", "", $value)) < $length || strlen(str_replace("-", "", $value)) < $length) {
$keywords = str_replace($value, '', $keywords);
//$keywords = str_replace($value, '', $keywords);
}
}
//$keywords = str_replace(' ', ' ', $keywords);
//$keywords = str_replace('\"', '', $keywords);
*/
$tmp_keywords = str_replace("+", "", $keywords);
$tmp_keywords = str_replace("-", "", $tmp_keywords);
$performSearch = (strlen($tmp_keywords) >= $length);
}
if ($performSearch) {
$objSearchList = new clsSearchLogList();
$objSearchList->UpdateKeyword($keywords,0);
$objSearch->SetKeywords($keywords);
$objSearch->AddSimpleFields();
if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
$objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
$objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
$objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
//echo "Searching On $keywords<br>\n";
$objSearch->PerformSearch(1,$SortOrder,TRUE);
$SearchPerformed = TRUE;
//$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
//echo "Finished Setting Category Relevence<br>\n";
}
else {
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_keywords_tooshort");
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
}
break;
case "m_adv_search":
if ($_GET['type'])
{
$modules = Array( 1 => 'In-Portal', 2 => 'In-News',
3 => 'In-Bulletin', 4 => 'In-Link',
11 => 'In-Commerce');
$module = $modules[$_GET["type"]];
}
else
{
$module = 0;
}
if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList($module);
switch($_GET["type"])
{
case 1: /* category */
//echo "Searching for categories<br>";
$objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory", $_GET["type"]);
foreach($objSearchConfig->Items as $field)
{
$fld = $field->Get("FieldName");
$Verb = $_POST["verb"][$field->Get("FieldName")];
if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
{
if($_POST["value"][$field->Get("FieldName")]!=-1)
{
$Value = $_POST["value"][$field->Get("FieldName")];
$Verb = "is";
}
}
else
{
$Value = $_POST["value"][$field->Get("FieldName")];
}
switch( $_POST["andor"][$field->Get("FieldName")])
{
case 1:
$Conjuction = "AND";
break;
case 2:
$Conjuction = "OR";
break;
default:
$Conjuction = "";
break;
}
if (strlen($Value) && $Verb=="any")
{
$Verb = 'contains';
}
if(strlen($Value) && strlen($Verb)>0 && $Verb!="any")
{
//echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]<br>";
$objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction);
}
}
$objAdvSearch->PerformSearch(1,NULL,TRUE);
break;
}
break;
case "m_id":
echo $Action.":".$DownloadId;
die();
break;
case "m_simple_subsearch":
$keywords = $_POST["keywords"];
$type = $objItemTypes->GetTypeByName("Category");
$objSearch = new clsSearchResults("Category","clsCategory");
$length = $objConfig->Get('Search_MinKeyword_Length');
if(strlen($keywords))
{
$performSearch = false;
$isExact = (substr($keywords, 0, 1) == '"' && substr($keywords, strlen($keywords) - 1, 1) == '"');
if ($isExact) {
$performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
}
else {
$key_arr = explode(' ', $keywords);
/*foreach($key_arr as $value) {
if (strlen($value) < $length) {
$keywords = str_replace(' '.$value, '', $keywords);
$keywords = str_replace($value.' ', '', $keywords);
}
}*/
//$keywords = str_replace(' ', ' ', $keywords);
$tmp_keywords = str_replace("+", "", $keywords);
$tmp_keywords = str_replace("-", "", $tmp_keywords);
$performSearch = (strlen($tmp_keywords) >= $length);
}
if ($performSearch) {
$objSearchList = new clsSearchLogList();
$objSearchList->UpdateKeyword($keywords,0);
$objSearch->SetKeywords($keywords);
$objSearch->AddSimpleFields();
if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
$objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
$objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
$objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
$SearchResultIdList = $objSearch->Result_IdList();
if(count($SearchResultIdList)>0)
{
$objSearch->PerformSearch(1,$SortOrder, TRUE,$SearchResultIdList);
//$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
}
$SearchPerformed = TRUE;
}
else {
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_keywords_tooshort");
}
}
else {
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
}
break;
}
?>
Property changes on: trunk/kernel/frontaction.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.58
\ No newline at end of property
+1.59
\ No newline at end of property

Event Timeline

In-Portal CMS · In-Portal Community Pages · In-Portal Issue Tracker · In-Portal Repository Browser · Quality Assurance · In-Portal CI Server