Page MenuHomeIn-Portal Phabricator
Files F1101514

in-portal
No OneTemporary
Actions

File Metadata

Created
Sat, Aug 16, 10:26 PM

in-portal
View Options

Index: branches/unlabeled/unlabeled-1.29.2/core/units/email_events/email_events_event_handler.php
===================================================================
--- branches/unlabeled/unlabeled-1.29.2/core/units/email_events/email_events_event_handler.php (revision 7954)
+++ branches/unlabeled/unlabeled-1.29.2/core/units/email_events/email_events_event_handler.php (revision 7955)
@@ -1,379 +1,379 @@
<?php
define('EVENT_TYPE_FRONTEND', 0);
define('EVENT_TYPE_ADMIN', 1);
define('EVENT_STATUS_DISABLED', 0);
define('EVENT_STATUS_ENABLED', 1);
define('EVENT_STATUS_FRONTEND', 2);
class EmailEventsEventsHandler extends kDBEventHandler
{
/**
* Allows to override standart permission mapping
*
*/
function mapPermissions()
{
parent::mapPermissions();
$permissions = Array(
'OnFrontOnly' => Array('self' => 'edit'),
'OnSaveSelected' => Array('self' => 'view'),
);
$this->permMapping = array_merge($this->permMapping, $permissions);
}
/**
* Changes permission section to one from REQUEST, not from config
*
* @param kEvent $event
*/
function CheckPermission(&$event)
{
$module = $this->Application->GetVar('module');
$module = explode(':', $module, 2);
if (count($module) == 1) {
$main_prefix = $this->Application->findModule('Name', $module[0], 'Var');
}
else {
$exceptions = Array('Category' => 'c', 'Users' => 'u');
$main_prefix = $exceptions[ $module[1] ];
}
$section = $this->Application->getUnitOption($main_prefix.'.email', 'PermSection');
$event->setEventParam('PermSection', $section);
return parent::CheckPermission($event);
}
/**
* Apply any custom changes to list's sql query
*
* @param kEvent $event
* @access protected
* @see OnListBuild
*/
function SetCustomQuery(&$event)
{
if ($event->Special == 'module') {
$object =& $event->getObject();
$module = $this->Application->GetVar('module');
$object->addFilter('module_filter', '%1$s.Module = '.$this->Conn->qstr($module));
}
}
/**
* Sets status Front-End Only to selected email events
*
* @param kEvent $event
*/
function OnFrontOnly(&$event)
{
$ids = implode(',', $this->StoreSelectedIDs($event));
$table_name = $this->Application->getUnitOption($event->Prefix, 'TableName');
$sql = 'UPDATE '.$table_name.'
SET Enabled = 2
WHERE EventId IN ('.$ids.')';
$this->Conn->Query($sql);
}
/**
* Sets selected user to email events selected
*
* @param kEvent $event
*/
function OnSelectUser(&$event)
{
$items_info = $this->Application->GetVar('u');
if ($items_info) {
$user_id = array_shift( array_keys($items_info) );
$selected_ids = $this->getSelectedIDs($event, true);
$ids = $this->Application->RecallVar($event->getPrefixSpecial().'_selected_ids');
$id_field = $this->Application->getUnitOption($event->Prefix, 'IDField');
$table_name = $this->Application->getUnitOption($event->Prefix, 'TableName');
$sql = 'UPDATE '.$table_name.'
SET '.$this->Application->RecallVar('dst_field').' = '.$user_id.'
WHERE '.$id_field.' IN ('.$ids.')';
$this->Conn->Query($sql);
}
$this->finalizePopup($event);
}
/**
* Saves selected ids to session
*
* @param kEvent $event
*/
function OnSaveSelected(&$event)
{
$this->StoreSelectedIDs($event);
}
/**
* Returns sender & recipients ids plus event_id (as parameter by reference)
*
* @param kEvent $event
* @param int $event_id id of email event used
*
* @return mixed
*/
function GetMessageRecipients(&$event, &$event_id)
{
$email_event =& $event->getObject( Array('skip_autoload' => true) );
/* @var $email_event kDBItem */
// get event parameters by name & type
$load_keys = Array (
'Event' => $event->getEventParam('EmailEventName'),
'Type' => $event->getEventParam('EmailEventType'),
);
$email_event->Load($load_keys);
if (!$email_event->isLoaded()) {
// event record not found
return false;
}
$enabled = $email_event->GetDBField('Enabled');
if ($enabled == EVENT_STATUS_DISABLED) {
return false;
}
if ($enabled == EVENT_STATUS_FRONTEND && $this->Application->IsAdmin()) {
return false;
}
// initial values
$to_user_id = $event->getEventParam('EmailEventToUserId');
$from_user_id = $email_event->GetDBField('FromUserId');
if ($email_event->GetDBField('Type') == EVENT_TYPE_ADMIN) {
// For type "Admin" recipient is a user from field FromUserId which means From/To user in Email events list
$to_user_id = $from_user_id;
$from_user_id = -1;
}
$event_id = $email_event->GetDBField('EventId');
return Array ($from_user_id, $to_user_id);
}
/**
* Returns user name, email by id, or ones, that specified in $direct_params
*
* @param int $user_id
* @param string $user_type type of user = {to,from}
* @param Array $direct_params
* @return Array
*/
function GetRecipientInfo($user_id, $user_type, $direct_params = null)
{
// load user, because it can be addressed from email template tags
$user =& $this->Application->recallObject('u.email-'.$user_type, null, Array('skip_autoload' => true));
/* @var $user UsersItem */
$email = $name = '';
$result = $user_id > 0 ? $user->Load($user_id) : $user->Clear();
if ($user->IsLoaded()) {
$email = $user->GetDBField('Email');
$name = trim($user->GetDBField('FirstName').' '.$user->GetDBField('LastName'));
}
if (is_array($direct_params)) {
if (isset($direct_params[$user_type.'_email'])) {
$email = $direct_params[$user_type.'_email'];
}
if (isset($direct_params[$user_type.'_name'])) {
$name = $direct_params[$user_type.'_name'];
}
}
if (!$email) {
// if email is empty, then use admins email
$email = $this->Application->ConfigValue('Smtp_AdminMailFrom');
}
if (!$name) {
$name = $user_type == 'from' ? strip_tags($this->Application->ConfigValue('Site_Name')) : $email;
}
return Array ($email, $name);
}
/**
* Returns email event message by ID (headers & body in one piece)
*
* @param int $event_id
* @param string $message_type contains message type = {text,html}
*/
function GetMessageBody($event_id, &$message_type)
{
$current_language = $this->Application->GetVar('m_lang');
$message =& $this->Application->recallObject('emailmessages', null, Array('skip_autoload' => true));
/* @var $message kDBItem */
$message->Load( Array('EventId' => $event_id, 'LanguageId' => $current_language) );
if (!$message->isLoaded()) {
// event translation on required language not found
return false;
}
$message_type = $message->GetDBField('MessageType');
// 1. get message body
$message_body = $message->GetDBField('Template');
// 2. add footer
$sql = 'SELECT em.Template
FROM '.$message->TableName.' em
LEFT JOIN '.TABLE_PREFIX.'Events e ON e.EventId = em.EventId
WHERE em.LanguageId = '.$current_language.' AND e.Event = "COMMON.FOOTER"';
list (, $footer) = explode("\n\n", $this->Conn->GetOne($sql));
if ($message_type == 'text') {
$esender =& $this->Application->recallObject('EmailSender');
/* @var $esender kEmailSendingHelper */
$footer = $esender->ConvertToText($footer);
}
if ($footer) {
$message_body .= "\r\n".$footer;
}
// 3. replace tags if needed
// $replacement_tags = $message->GetDBField('ReplacementTags');
// $replacement_tags = $replacement_tags ? unserialize($replacement_tags) : Array ();
$replacement_tags = Array (
- '<inp:touser _Field="password"' => '<inp2:u_Field name="Password_plain"',
+ '<inp:touser _Field="password"' => '<inp2:m_get name="user_password"', // !!!field name in lowercase
'<inp:touser _Field="UserName"' => '<inp2:u_Field name="Login"',
'<inp:touser _Field' => '<inp2:u_Field name',
);
foreach ($replacement_tags as $replace_from => $replace_to) {
$message_body = str_replace($replace_from, $replace_to, $message_body);
}
return $message_body;
}
/**
* Parse message template and return headers (as array) and message body part
*
* @param string $message
* @param Array $direct_params
* @return Array
*/
function ParseMessageBody($message, $direct_params = null)
{
$direct_params['message_text'] = isset($direct_params['message']) ? $direct_params['message'] : ''; // parameter alias
// 1. parse template
$this->Application->InitParser();
$parser_params = $this->Application->Parser->Params; // backup parser params
$this->Application->Parser->Params = array_merge_recursive2($this->Application->Parser->Params, $direct_params);
$message = $this->Application->Parser->Parse($message, 'email_template', 0);
$this->Application->Parser->Params = $parser_params; // restore parser params
// 2. replace line endings, that are send with data submitted via request
$message = str_replace("\r\n", "\n", $message); // possible case
$message = str_replace("\r", "\n", $message); // impossible case, but just in case replace this too
// 3. separate headers from body
$message_headers = Array ();
list($headers, $message_body) = explode("\n\n", $message, 2);
$headers = explode("\n", $headers);
foreach ($headers as $header) {
$header = explode(':', $header, 2);
$message_headers[ trim($header[0]) ] = trim($header[1]);
}
return Array ($message_headers, $message_body);
}
/**
* Raised when email message shoul be sent
*
* @param kEvent $event
*/
function OnEmailEvent(&$event)
{
$email_event_name = $event->getEventParam('EmailEventName');
if (strpos($email_event_name, '_') !== false) {
trigger_error('<span class="debug_error">Invalid email event name</span> <b>'.$email_event_name.'</b>. Use only <b>UPPERCASE characters</b> and <b>dots</b> as email event names', E_USER_ERROR);
}
// additional parameters from kApplication->EmailEvent
$send_params = $event->getEventParam('DirectSendParams');
// 1. get information about message sender and recipient
$recipients = $this->GetMessageRecipients($event, $event_id);
if ($recipients === false) {
// if not valid recipients found, then don't send event
return false;
}
list ($from_id, $to_id) = $recipients;
list ($from_email, $from_name) = $this->GetRecipientInfo($from_id, 'from', $send_params);
list ($to_email, $to_name) = $this->GetRecipientInfo($to_id, 'to', $send_params);
// 2. prepare message to be sent
$message_template = $this->GetMessageBody($event_id, $message_type);
if (!trim($message_template)) {
return false;
}
list ($message_headers, $message_body) = $this->ParseMessageBody($message_template, $send_params);
if (!trim($message_body)) {
return false;
}
// 3. set headers & send message
$esender =& $this->Application->recallObject('EmailSender');
/* @var $esender kEmailSendingHelper */
$esender->SetFrom($from_email, $from_name);
$esender->AddTo($to_email, $to_name);
$message_subject = isset($message_headers['Subject']) ? $message_headers['Subject'] : 'Mail message';
$esender->SetSubject($message_subject);
foreach ($message_headers as $header_name => $header_value) {
$esender->SetEncodedHeader($header_name, $header_value);
}
$esender->CreateTextHtmlPart($message_body, $message_type == 'html');
$event->status = $esender->Deliver() ? erSUCCESS : erFAIL;
if ($event->status == erSUCCESS){
// all keys, that are not used in email sending are written to log record
$send_keys = Array ('from_email', 'from_name', 'to_email', 'to_name', 'message');
foreach ($send_keys as $send_key) {
unset($send_params[$send_key]);
}
$fields_hash = Array (
'fromuser' => $from_name.' ('.$from_email.')',
'addressto' => $to_name.' ('.$to_email.')',
'subject' => $message_subject,
'timestamp' => adodb_mktime(),
'event' => $email_event_name,
'EventParams' => serialize($send_params),
);
$this->Conn->doInsert($fields_hash, TABLE_PREFIX.'EmailLog');
}
$this->Application->removeObject('u.email-from');
$this->Application->removeObject('u.email-to');
}
}
?>
\ No newline at end of file
Property changes on: branches/unlabeled/unlabeled-1.29.2/core/units/email_events/email_events_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.29.2.5
\ No newline at end of property
+1.29.2.6
\ No newline at end of property
Index: branches/unlabeled/unlabeled-1.13.2/core/units/users/users_item.php
===================================================================
--- branches/unlabeled/unlabeled-1.13.2/core/units/users/users_item.php (revision 7954)
+++ branches/unlabeled/unlabeled-1.13.2/core/units/users/users_item.php (revision 7955)
@@ -1,171 +1,171 @@
<?php
class UsersItem extends kDBItem {
var $persistantVars = Array();
function LoadPersistantVars($id=null)
{
$id = $id == -1 ? -1 : $this->GetID();
if (!$id) return ;
$sql = 'SELECT VariableValue, VariableName
FROM '.TABLE_PREFIX.'PersistantSessionData
WHERE PortalUserId = '.$id;
$this->persistantVars = $this->Conn->GetCol($sql, 'VariableName');
}
function setPersistantVar($var_name, $var_value)
{
$this->persistantVars[$var_name] = $var_value;
if ($this->GetID() > 0 || $this->GetID() == -1) {
$replace_hash = Array( 'PortalUserId' => $this->GetID(),
'VariableName' => $var_name,
'VariableValue' => $var_value
);
$this->Conn->doInsert($replace_hash, TABLE_PREFIX.'PersistantSessionData', 'REPLACE');
}
else {
$this->Application->StoreVar($var_name, $var_value);
}
}
function getPersistantVar($var_name)
{
return getArrayValue($this->persistantVars, $var_name);
}
function Load($id, $id_field_name = null)
{
$ret = parent::Load($id, $id_field_name);
if ($ret || $id == -1) {
$this->LoadPersistantVars($id);
}
return $ret;
}
/**
* Returns IDs of groups to which user belongs and membership is not expired
*
* @return Array
* @access public
*/
function getMembershipGroups($force_reload = false)
{
$user_groups = $this->Application->RecallVar('UserGroups');
if($user_groups === false || $force_reload)
{
$sql = 'SELECT GroupId FROM %s WHERE (PortalUserId = %s) AND ( (MembershipExpires IS NULL) OR ( MembershipExpires >= UNIX_TIMESTAMP() ) )';
$sql = sprintf($sql, TABLE_PREFIX.'UserGroup', $this->GetID() );
return $this->Conn->GetCol($sql);
}
else
{
return explode(',', $user_groups);
}
}
/**
* Set's Login from Email if required by configuration settings
*
*/
function setLogin()
{
if( $this->Application->ConfigValue('Email_As_Login') )
{
$this->SetDBField('Login', $this->GetDBField('Email') );
}
}
function SendEmailEvents()
{
switch( $this->GetDBField('Status') )
{
case 1:
if ($this->Application->ConfigValue('User_Password_Auto')) {
$this->Application->EmailEventAdmin('USER.VALIDATE', $this->GetID() );
$this->Application->EmailEventUser('USER.VALIDATE', $this->GetID() );
}
else {
- $this->Application->EmailEventAdmin('USER.ADD', $this->GetID() );
- $this->Application->EmailEventUser('USER.ADD', $this->GetID() );
+ $this->Application->EmailEventAdmin('USER.ADD', $this->GetID() );
+ $this->Application->EmailEventUser('USER.ADD', $this->GetID() );
}
break;
case 2:
$this->Application->EmailEventAdmin('USER.ADD.PENDING', $this->GetID() );
$this->Application->EmailEventUser('USER.ADD.PENDING', $this->GetID() );
break;
}
}
function isSubscriberOnly()
{
$subscribers_group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'SELECT PortalUserId
FROM '.TABLE_PREFIX.'UserGroup
WHERE GroupId = '.$subscribers_group_id.' AND
PortalUserId = '.$this->GetDBField('PortalUserId').' AND
PrimaryGroup = 1';
return $this->Conn->GetOne($sql) == $this->GetDBField('PortalUserId');
}
function Create($force_id=false, $system_create=false)
{
$ret = parent::Create($force_id, $system_create);
if ($ret) {
// find out how to syncronize user only when it's copied to live table
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('createUser', $this->FieldValues);
}
return $ret;
}
function Update($id=null, $system_update=false)
{
$ret = parent::Update($id, $system_update);
if ($ret) {
// find out how to syncronize user only when it's copied to live table
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('updateUser', $this->FieldValues);
}
return $ret;
}
/**
* Deletes the record from databse
*
* @access public
* @return bool
*/
function Delete($id = null)
{
$ret = parent::Delete($id);
if ($ret) {
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('deleteUser', $this->FieldValues);
}
return $ret;
}
function setName($full_name)
{
$full_name = explode(' ', $full_name);
if (count($full_name) > 2) {
$last_name = array_pop($full_name);
$first_name = implode(' ', $full_name);
}
else {
$last_name = $full_name[1];
$first_name = $full_name[0];
}
$this->SetDBField('FirstName', $first_name);
$this->SetDBField('LastName', $last_name);
}
}
?>
\ No newline at end of file
Property changes on: branches/unlabeled/unlabeled-1.13.2/core/units/users/users_item.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.13
\ No newline at end of property
+1.13.2.1
\ No newline at end of property
Index: branches/unlabeled/unlabeled-1.78.2/kernel/frontaction.php
===================================================================
--- branches/unlabeled/unlabeled-1.78.2/kernel/frontaction.php (revision 7954)
+++ branches/unlabeled/unlabeled-1.78.2/kernel/frontaction.php (revision 7955)
@@ -1,1152 +1,1151 @@
<?php
switch($Action)
{
case "m_login":
// if($objSession->ValidSession()) $objSession->Logout();
//echo $objSession->GetSessionKey()."<br>\n";
$url_params = Array();
$application =& kApplication::Instance();
if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["cookies_on"] != "1") {
$FormError["login"]["login_user"] = language("lu_cookies_error");
}
else
{
$MissingCount = SetMissingDataErrors("login");
if($MissingCount==2)
{
$FormError["login"]["login_user"]= language("lu_ferror_loginboth");
unset($FormError["login"]["login_password"]);
}
if($MissingCount==0)
{
if($_POST["login_user"]=="root")
{
$FormError["login"]["login_user"]= language("lu_access_denied");
}
else
{
$LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
if($LoginCheck === true)
{
if( !headers_sent() && GetVar('usercookie') == 1 )
{
$c = $_POST["login_user"]."|";
$pw = $_POST["login_password"];
if(strlen($pw) < 31) $pw = md5($pw);
$c .= $pw;
set_cookie('login', $c, adodb_mktime() + 2592000);
}
// set new destination template if passed
$dest = GetVar('dest', true);
if(!$dest) $dest = GetVar('DestTemplate', true);
if($dest) $var_list['t'] = $dest;
$next_template = $objSession->GetVariable('next_template');
if($next_template)
{
$objSession->SetVariable('next_template','');
$var_list_update['t'] = $next_template;
$url_params['pass'] = 'all';
header('Location: ' . HREF_Wrapper('', $url_params) );
exit;
$var_list['t'] = $next_template.'.tpl';
}
elseif($var_list['t'] == 'login')
{
$var_list['t'] = 'index';
}
$event_params = Array('user' => $_POST['login_user'], 'pass' => $_POST['login_password']);
$application->HandleEvent( new kEvent('u:OnInpLogin', $event_params) );
$redirect_template = getArrayValue($var_list_update, 't') ? $var_list_update['t'] : $var_list['t'];
$application->Redirect($redirect_template);
}
else
{
switch($LoginCheck)
{
case -1: // user or/and pass wrong
$FormError["login"]["login_password"] = language("lu_incorrect_login");
break;
case -2: // user ok, but has no permission
$FormError["login"]["login_password"] = language("la_text_nopermissions");
break;
}
}
}
}
}
break;
case "m_resetpw":
$passed_key = $_GET['user_key'];
$u = $objUsers->GetItemByField("PwResetConfirm", $passed_key);
$found = is_object($u);
if($found)
{
$exp_time = $u->Get('PwRequestTime') + 3600;
$u->Set("PwResetConfirm", '');
$u->Set("PwRequestTime", 0);
if ($exp_time > adodb_mktime())
{
$objSession->SetVariable('codevalidationresult', 'lu_resetpw_confirm_text');
$newpw = makepassword();
SetVar('user_password', $newpw);
- $application->SetVar('user_password', $newpw);
$u->Set("Password",$newpw);
$u->Set("PassResetTime", adodb_mktime());
$u->Set("PwResetConfirm", '');
$u->Set("PwRequestTime", 0);
$u->Update();
$u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.PSWD");
$u->Set("Password",md5($newpw));
$u->Update();
$u->Clean();
} else {
$objSession->SetVariable('codevalidationresult', 'lu_code_expired');
}
} else {
$objSession->SetVariable('codevalidationresult', 'lu_code_is_not_valid');
}
break;
case "m_forgotpw":
$MissingCount = SetMissingDataErrors("forgotpw");
// $pass_reset_add = $objConfig->Get("Users_AllowReset");
if($MissingCount==0)
{
$username = $_POST["username"];
$email = $_POST["email"];
$found = false;
$allow_reset = true;
if(strlen($username))
{
$u = $objUsers->GetItemByField("Login",$username);
if(is_object($u))
$found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
}
else if(strlen($email))
{
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
$found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
}
if(is_object($u))
{
$PwResetConfirm = $u->Get('PwResetConfirm');
$PwRequestTime = $u->Get('PwRequestTime');
$PassResetTime = $u->Get('PassResetTime');
$MinPwResetDelay = $u->Get('MinPwResetDelay');
$allow_reset = (strlen($PwResetConfirm) ?
adodb_mktime() > $PwRequestTime + $MinPwResetDelay :
adodb_mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
//$newpw = makepassword();
//$objSession->Set('password', $newpw);
$objSession->Set('tmp_user_id', $u->Get("PortalUserId"));
$objSession->Set('tmp_email', $u->Get("Email"));
//$u->Set("Password",$newpw);
//$u->Update();
$u->SendUserEventMail("USER.PSWDC",$u->Get("PortalUserId"));
//$u->SendAdminEventMail("USER.PSWDC");
//$u->Set("Password",md5($newpw));
//$u->Update();
$u->Clean();
$var_list['t'] = GetVar('Confirm');
}
else
{
if(!strlen($username) && !strlen($email))
{
$FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
$MissingCount++;
}
else
{
$error_phrases=Array();
if($allow_reset)
{
$error_phrases['username']='lu_ferror_unknown_username';
$error_phrases['email']='lu_ferror_unknown_email';
}
else
{
$error_phrases['username']='lu_ferror_reset_denied';
$error_phrases['email']='lu_ferror_reset_denied';
}
foreach ($error_phrases as $field_name => $phrase_name) {
if(GetVar($field_name))
{
$FormError["forgotpw"][$field_name] = language($phrase_name);
break;
}
}
$MissingCount++;
}
if(strlen($_GET["error"]))
$var_list["t"] = $_GET["error"];
}
}
else
if(strlen($_GET["error"]))
$var_list["t"] = $_GET["error"];
break;
case "m_subscribe_confirm":
$t = "";
$_GET["subscribe_email"] = $_POST["subscribe_email"];
$SubscribeAddress = $_POST["subscribe_email"];
if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
{
$t = $_GET["Error"];
$objSession->SetVariable('SubscribeError', 'lu_invalid_emailaddress');
}
else
{
if((int)$objConfig->Get("User_SubscriberGroup")>0)
{
$g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
if(is_object($g))
{
$email = $_POST["subscribe_email"];
if(strlen($email)>0)
{
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
{
if($u->CheckBanned())
{
$t = $_GET["Error"];
$objSession->SetVariable('SubscribeError', 'lu_subscribe_banned');
}
else
{
if($u->IsInGroup($g->Get("GroupId")))
{
$t = $_GET["Unsubscribe"];
}
else
$t = $_GET["Subscribe"];
}
}
else
$t = $_GET["Subscribe"];
}
else
{
$t = $_GET["Error"];
$objSession->SetVariable('SubscribeError', 'lu_subscribe_no_address');
}
}
else
{
$t = $_GET["Error"];
$objSession->SetVariable('SubscribeError', 'lu_subscribe_unknown_error');
}
}
}
if(strlen($t))
{
$var_list["t"] = $t;
$var_list_update["t"] = $t;
}
$objSession->SetVariable('SubscribeAddress', $SubscribeAddress);
break;
case "m_subscribe":
if($_POST["buttons"][0]==language("lu_button_yes"))
{
$SubscribeAddress = $_POST["subscribe_email"];
if(strlen($SubscribeAddress)>0)
{
if(ValidEmail($SubscribeAddress))
{
$GroupId = (int)$objConfig->Get("User_SubscriberGroup");
if ($GroupId)
{
$g = $objGroups->GetItem($GroupId);
$u = $objUsers->GetItemByField("Email",$SubscribeAddress);
if(is_object($u))
{
if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
{
$bExists = TRUE;
}
else
$bExists = FALSE;
}
if($bExists)
{
$g->AddUser($u->Get("PortalUserId"),0,false);
}
else
{
$u = new clsPortalUser(NULL);
$u->Set("Email",$SubscribeAddress);
$u->Set("ip",$_SERVER['REMOTE_ADDR']);
$u->Set("CreatedOn",adodb_date("U"));
$u->Set("Status",1);
if(!$u->CheckBanned())
{
$u->Create();
$g->AddUser($u->Get("PortalUserId"),1,false);
}
else
$SubscribeResult = "lu_subscribe_banned";
}
$SubscribeResult = "lu_subscribe_success";
$u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.SUBSCRIBE");
if(strlen($_GET["Subscribe"])>0)
$var_list["t"] = $_GET["Subscribe"];
}
}
else
{
$SubscribeResult = "lu_invalid_emailaddress";
}
}
else
$SubscribeResult = "lu_subscribe_missing_address";
}
if(!strlen($SubscribeResult))
$SubscribeResult = "lu_subscribe_success";
break;
case "m_unsubscribe":
if($_POST["buttons"][0]==language("lu_button_yes"))
{
$MissingCount = SetMissingDataErrors("m_unsubscribe");
if($MissingCount==0)
{
$email = $_POST["subscribe_email"];
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
{
if(strtolower($u->Get("Email"))==strtolower($email))
{
$GroupId = (int)$objConfig->Get("User_SubscriberGroup");
if($u->PrimaryGroup()==$GroupId)
{
$u_gorup_list = $u->GetGroupList();
if (count($u_gorup_list) > 1) {
$u->RemoveFromGroup($GroupId);
}
else {
$u->RemoveFromAllGroups();
$u->Delete();
}
}
else
{
$u->RemoveFromGroup($GroupId);
}
}
}
if(strlen($_GET["Subscribe"])>0)
$var_list["t"] = $_GET["Subscribe"];
}
}
break;
case "m_register":
$_POST=inp_escape($_POST);
$MissingCount = SetMissingDataErrors("m_register");
if(!$objConfig->Get("User_Password_Auto"))
{
if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
{
$MissingCount++;
$FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
}
if(strlen($_POST["password"])>30)
{
// echo "VAR: ".$_POST["password"]; die();
$MissingCount++;
$FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
}
if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
{
$MissingCount++;
$FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
}
}
if(($_POST["username"]=="root"))
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_user_exists");
}
else
{
$u = $objUsers->GetItemByField("Login",$_POST["username"]);
if(is_object($u))
{
if($u->Get("Login")==$_POST["username"])
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_user_exists");
}
}
}
if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
}
if(!$MissingCount)
{
$CreatedOn = adodb_date("U");
$GroupId = $objConfig->Get("User_NewGroup");
$Status=0;
/* determine the status of new users */
switch ($objConfig->Get("User_Allow_New"))
{
case "1":
$Status=1;
break;
case "3":
$Status=2;
break;
}
/* set Destination template */
$var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
if($Status>0)
{
if ($objConfig->Get("User_Password_Auto")) {
$password = makepassword();
// $objSession->Set("password", $password);
SetVar('user_password', $password);
}
else {
$password = $_POST["password"];
}
$dob = adodb_mktime(0, 0, 0, $_POST['dob_month'], $_POST['dob_day'], $_POST['dob_year']);
$ip = $_SERVER['REMOTE_ADDR'];
$application =& kApplication::Instance();
$application->SetVar('user_password', $password);
SetVar('user_password', $password);
$fields_hash = Array('Login' => $_POST['username'],
'Password' => md5($password),
'FirstName' => $_POST['firstname'],
'LastName' => $_POST['lastname'],
'Company' => $_POST['company'],
'Email' => $_POST['email'],
'Status' => $Status,
'Phone' => $_POST['phone'],
'Fax' => $_POST['fax'],
'Street' => $_POST['street'],
'Street2' => $_POST['street2'],
'City' => $_POST['city'],
'State' => $_POST['state'],
'Zip' => $_POST['zip'],
'Country' => $_POST['country'],
'CreatedOn' => $CreatedOn,
'dob' => $dob,
'ip' => $ip);
$u =& $objUsers->Add_User_NEW($fields_hash, true);
if(!is_object($u))
{
$RuleId=$u;
$r = $objBanList->GetItem($RuleId);
$err = $r->Get("ErrorTag");
if(strlen($err))
{
$FormError["m_register"][$r->Get("ItemField")] = language($err);
$MissingCount++;
}
}
else
{
$u->Set("Password",$password);
$u->Clean();
if($GroupId>0)
{
$g = $objGroups->GetItem($GroupId);
$g->AddUser($u->Get("PortalUserId"),1,false);
}
$custom = $_POST["custom"];
if (is_array($custom)) {
for($x = 0; $x < count($custom); $x++) {
$u->SetCustomField($custom[$x],$_POST[$custom[$x]]);
}
$u->SaveCustomFields();
}
if($Status==1)
{
if($objConfig->Get("User_Password_Auto"))
{
$u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.VALIDATE");
}
else
{
$doLoginNow = true;
$u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.ADD");
}
}
else
{
$u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.ADD.PENDING");
}
if ($doLoginNow)
{
$login_ok = $objSession->Login($_POST["username"], md5($password));
if($login_ok)
{
$next_template = $objSession->GetVariable('next_template');
if (!$next_template) {
// $next_template = strlen($_GET["dest"])? $_GET["dest"] : "index";
}
if($next_template)
{
$objSession->SetVariable('next_template','');
$var_list_update["t"] = $next_template;
header('Location: ' . HREF_Wrapper() );
exit;
$var_list['t'] = $next_template.'.tpl';
}
}
}
}
}
}
break;
case "m_add_friend":
$id = $_GET["UserId"];
$userid = $objSession->Get("PortalUserId");
if($id!=$userid)
{
$u =& $objUsers->GetItem($id);
$u->AddFavorite($userid);
}
DeleteModuleTagCache('kernel');
break;
case "m_del_friend":
$id = $_GET["UserId"];
$userid = $objSession->Get("PortalUserId");
$u =& $objUsers->GetItem($id);
$u->DeleteFavorite();
DeleteModuleTagCache('kernel');
break;
case 'm_acctinfo':
$_POST = inp_escape($_POST);
$MissingCount = SetMissingDataErrors("m_acctinfo");
$UserId = $_GET["UserId"];
if ($UserId != $objSession->Get("PortalUserId")) {
$MissingCount++;
$FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
}
if ($_POST["password"]) {
if (($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"])) {
$MissingCount++;
$FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
}
if (strlen($_POST["password"])>30) {
// echo "VAR: ".$_POST["password"]; die();
$MissingCount++;
$FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
}
if (strlen($_POST['password']) < $objConfig->Get("Min_Password")) {
$MissingCount++;
$FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
}
}
$db =& GetADODBConnection();
$email = GetVar('email');
$test_id = $db->GetOne('SELECT PortalUserId FROM '.GetTablePrefix().'PortalUser WHERE Email = '.$db->qstr($email));
if ($test_id && ($test_id != $objSession->Get('PortalUserId')) ) {
$MissingCount++;
$FormError["m_acctinfo"]["email"] = language("lu_ferror_email_duplicate");
}
if (!$MissingCount) {
/* save profile */
$u =& $objUsers->GetItem($UserId);
$status = $u->Get("Status");
$dob = adodb_mktime(0, 0, 0, $_POST['dob_month'], $_POST['dob_day'], $_POST['dob_year']);
$password = strlen($_POST["password"]) > 0 ? md5($_POST["password"]) : '';
$fields_hash = Array( 'Login' => $_POST['username'],
'Password' => $password,
'FirstName' => $_POST['firstname'],
'LastName' => $_POST['lastname'],
'Company' => $_POST['company'],
'Email' => $_POST['email'],
'Status' => $status,
'Phone' => $_POST['phone'],
'Fax' => $_POST['fax'],
'Street' => $_POST['street'],
'Street2' => $_POST['street2'],
'City' => $_POST['city'],
'State' => $_POST['state'],
'Zip' => $_POST['zip'],
'Country' => $_POST['country'],
'dob' => $dob,
'MinPwResetDelay' => $_POST['minpwresetdelay'],
);
$user =& $objUsers->Edit_User_NEW($UserId, $fields_hash);
saveCustomFields('u', $u->Get('ResourceId'), 6);
}
DeleteModuleTagCache('kernel');
break;
case "m_profile":
$userid = $objSession->Get("PortalUserId");
if($userid>0)
{
$u = $objUsers->GetItem($userid);
foreach($_POST as $field=>$value)
{
if(substr($field,0,3)=="pp_")
{
$objSession->SetPersistantVariable($field,$value);
}
}
}
break;
case "m_set_lang":
$lang = $_GET["lang"];
$LangId = 0;
if(strlen($lang))
{
$l = $objLanguages->GetItemByField("PackName",$lang);
if(is_object($l))
{
$LangId = $l->Get("LanguageId");
}
}
if($LangId)
{
if($objSession->Get("PortalUserId")>0)
{
$objSession->SetPersistantVariable("Language",$LangId);
}
$objSession->Set("Language",$LangId);
$objSession->Update();
$m_var_list_update["lang"] = $LangId;
$m_var_list["lang"] = $LangId;
}
break;
case "m_set_theme":
$id = $_POST["ThemeId"];
if(!is_numeric($id))
$id = $_GET["ThemeId"];
if($id)
{
$objSession->SetThemeName($id);
$m_var_list["t"] = "index";
$m_var_list_update["theme"] = $id;
$m_var_list["theme"] = $id;
unset($CurrentTheme);
}
break;
case "m_sort_cats":
$_POST['Category_Sortfield'] = preg_replace('/^(Name$|^Description)$/', 'l'.$m_var_list['lang'].'_$1', $_POST['Category_Sortfield']);
$objSession->SetVariable("Category_Sortfield",$_POST["Category_Sortfield"]);
$objSession->SetVariable("Category_Sortorder",$_POST["Category_Sortorder"]);
$objSession->SetVariable("Perpage_Category",$_POST["Perpage_Category"]);
DeleteModuleTagCache('kernel');
break;
case "m_add_cat_confirm":
$perm = 0;
$CategoryId=$objCatList->CurrentCategoryID();
if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
$perm = 2;
if ($objSession->HasCatPermission("CATEGORY.ADD"))
$perm = 1;
if ($perm == 0)
{
$MissingCount++;
$FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
}
else
{
$MissingCount = SetMissingDataErrors("m_addcat");
if(is_array($_FILES))
{
foreach($_FILES as $field => $file)
{
$allowed = TRUE;
if(strlen($_POST["imagetypes"][$field]))
{
$types = explode(",",strtolower($_POST["imagetypes"][$field]));
if(is_array($types))
{
if(count($types)>0)
{
$path_parts = pathinfo($file["name"]);
$ext = $path_parts["extension"];
$allowed = in_array($ext,$types);
if(!$allowed)
{
$MissingCount++;
$FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
}
}
}
}
$maxsize = (int)$_POST["maxsize"][$field];
if($maxsize>0 && $allowed && $file["size"]>$maxsize)
{
$allowed = FALSE;
$MissingCount++;
$FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
}
}
}
if($MissingCount==0)
{
$_POST = inp_striptags($_POST);
$fields_hash = Array( 'ParentId' => $objCatList->CurrentCategoryID(),
$objCatList->TitleField => $_POST['name'],
$objCatList->DescriptionField => $_POST['description'],
'CreatedOn' => adodb_date('U'),
'EditorsPick' => 0,
'Status' => $perm,
'HotItem' => 2,
'NewItem' => 2,
'PopItem' => 2,
'Priority' => 0,
'MetaKeywords' => $_POST['meta_keywords'],
'MetaDescription' => $_POST['meta_description'],
'AutomaticFilename' => 1,
'Filename' => '',
'CategoryTemplate' => '',
);
$cat =& $objCatList->Add_NEW($fields_hash);
saveCustomFields('c', $cat->Get('ResourceId'), $cat->type);
$cat->UpdateCachedPath();
$cat->Update();
$cat->UpdateACL();
$objCatList->UpdateMissingCacheData();
if(strlen($_GET["Confirm"]))
{
$var_list["t"] = $_GET["Confirm"];
}
else
$var_list["t"] = $_GET["DestTemplate"];
}
}
DeleteModuleTagCache('kernel');
break;
case "m_front_review_add":
if($objSession->InSpamControl($_POST["ItemId"]))
{
$StatusMessage["review"] = language("la_Review_AlreadyReviewed");
}
else
{
$objReviews = new clsItemReviewList();
$Status = $objConfig->Get("Review_DefaultStatus");
$CreatedOn = adodb_date("U");
$html = (int)$objConfig->Get("Review_Html");
$ReviewText = inp_striptags($_POST["review_text"]);
$r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
foreach($ItemTypes as $type=>$id)
{
if($id==$_POST["ItemType"])
{
$ValName = $type."_ReviewDelay_Value";
$IntName = $type."_ReviewDelay_Interval";
break;
}
}
if(strlen($ValName) && strlen($IntName))
{
$exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
$objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
if(is_object($r))
{
if($Status)
{
$StatusMessage["review"] = language("la_Review_Added");
}
else
$StatusMessage["review"] = language("la_Review_Pending");
}
else
$StatusMessage["review"] = language("la_Review_Error");
}
else
$StatusMessage["error"] = language("la_ConfigError_Review");
}
DeleteModuleTagCache('kernel');
break;
case "m_suggest_email":
$cutoff = adodb_mktime()+(int)$objConfig->Get("Suggest_MinInterval");
$email = inp_striptags($_POST["suggest_email"]);
if (strlen($email))
{
if(ValidEmail($email))
{
$sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".$email."' and sent<".$cutoff;
$adodbConnection = &GetADODBConnection();
$rs = $adodbConnection->Execute($sql);
$rs = false;
if($rs && !$rs->EOF)
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$objSession->SetVariable('suggest_result', "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]) );
}
else
{
$application =& kApplication::Instance();
$got_string = $application->GetVar('captcha_string');
if ($objConfig->Get("Suggest_Captcha") && !$application->GetVar('check_captcha')) {
$captcha_helper = $application->recallObject('CaptchaHelper');
$captcha_code = $captcha_helper->GenerateCaptchaCode();
$objSession->SetVariable('suggest_captcha_code', $captcha_code);
$application->StoreVar('suggest_email', $email);
if ($var_list["DestTemplate"] != $_GET["Captcha"]) {
$var_list["DestTemplate"] = $var_list["t"];
}
$var_list["t"] = $_GET["Captcha"];
}
else {
// if no captcha or captcha Ok
if (!$objConfig->Get("Suggest_Captcha") || $got_string == $application->RecallVar('suggest_captcha_code')) {
$Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
if(is_object($Event))
{
if($Event->Get("Enabled")=="1")
{
$Event->Item = null;
$Event->SendToAddress($email);
$sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".$email."','".adodb_mktime()."')";
$rs = $adodbConnection->Execute($sql);
$objSession->SetVariable('suggest_result', language("lu_suggest_success")." ".$email);
}
}
$e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
if($e->Get("Enabled")==1)
$e->SendAdmin();
if(strlen($_GET["Confirm"])>0)
$var_list["t"] = $_GET["Confirm"];
$application->RemoveVar('suggest_captcha_code');
$application->RemoveVar('suggest_email');
}
elseif ($got_string != $application->RecallVar('suggest_captcha_code')) {
// generate new captcha code in case of error
$captcha_helper = $application->recallObject('CaptchaHelper');
$captcha_code = $captcha_helper->GenerateCaptchaCode();
$objSession->SetVariable('suggest_captcha_code', $captcha_code);
$objSession->SetVariable('suggest_result', language("lu_invalid_captcha"));
}
}
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$objSession->SetVariable('suggest_result', language("lu_invalid_emailaddress"));
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$objSession->SetVariable('suggest_result', language("lu_suggest_no_address"));
}
break;
case "m_simple_search":
$keywords = trim($_POST["keywords"]);
$type = $objItemTypes->GetTypeByName("Category");
$objSearch = new clsSearchResults("Category","clsCategory");
$length = $objConfig->Get('Search_MinKeyword_Length');
if(strlen($keywords))
{
$performSearch = false;
$isExact = (substr($keywords, 0, 2) == '\"' && substr($keywords, strlen($keywords) - 2, 2) == '\"');
if ($isExact) {
$performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
}
else {
$key_arr = explode(' ', $keywords);
/*foreach($key_arr as $value) {
if (strlen(str_replace("+", "", $value)) < $length || strlen(str_replace("-", "", $value)) < $length) {
$keywords = str_replace($value, '', $keywords);
//$keywords = str_replace($value, '', $keywords);
}
}
//$keywords = str_replace(' ', ' ', $keywords);
//$keywords = str_replace('\"', '', $keywords);
*/
$tmp_keywords = str_replace("+", "", $keywords);
$tmp_keywords = str_replace("-", "", $tmp_keywords);
$performSearch = (strlen($tmp_keywords) >= $length);
}
if ($performSearch) {
$objSearchList = new clsSearchLogList();
$objSearchList->UpdateKeyword($keywords,0);
$objSearch->SetKeywords($keywords);
$objSearch->AddSimpleFields('c');
if (is_numeric($objConfig->Get("SearchRel_Pop_category"))) {
$objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
}
if (is_numeric($objConfig->Get("SearchRel_Keyword_category"))) {
$objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
}
if (is_numeric($objConfig->Get("SearchRel_Rating_category"))) {
$objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
}
//echo "Searching On $keywords<br>\n";
$objSearch->PerformSearch(1,$SortOrder,TRUE);
$SearchPerformed = TRUE;
//$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
//echo "Finished Setting Category Relevence<br>\n";
}
else {
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
setSearchError(lu_keywords_tooshort);
}
}
else
{
if (strlen($_GET["Error"])>0) {
$var_list["t"] = $_GET["Error"];
}
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
setSearchError('lu_no_keyword');
}
break;
case "m_adv_search":
if ($_GET['type']) {
$modules = Array( 1 => 'In-Portal', 2 => 'In-News',
3 => 'In-Bulletin', 4 => 'In-Link',
11 => 'In-Commerce');
$module = $modules[$_GET["type"]];
}
else {
$module = 0;
}
if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList($module);
switch($_GET["type"])
{
case 1: /* category */
//echo "Searching for categories<br>";
$objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory", $_GET["type"]);
foreach($objSearchConfig->Items as $field)
{
$fld = $field->Get("FieldName");
$Verb = $_POST["verb"][$field->Get("FieldName")];
if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
{
if($_POST["value"][$field->Get("FieldName")]!=-1)
{
$Value = $_POST["value"][$field->Get("FieldName")];
$Verb = "is";
}
}
else
{
$Value = $_POST["value"][$field->Get("FieldName")];
}
switch( $_POST["andor"][$field->Get("FieldName")])
{
case 1:
$Conjuction = "AND";
break;
case 2:
$Conjuction = "OR";
break;
default:
$Conjuction = "";
break;
}
if (strlen($Value) && $Verb=="any")
{
$Verb = 'contains';
}
if(strlen($Value) && strlen($Verb)>0 && $Verb!="any")
{
// echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]<br>";
$objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction, 'c');
}
}
$objAdvSearch->PerformSearch(1,NULL,TRUE);
break;
}
break;
case "m_id":
$application->ApplicationDie($Action.':'.$DownloadId);
break;
case "m_simple_subsearch":
$keywords = $_POST["keywords"];
$type = $objItemTypes->GetTypeByName("Category");
$objSearch = new clsSearchResults("Category","clsCategory");
$length = $objConfig->Get('Search_MinKeyword_Length');
if(strlen($keywords))
{
$performSearch = false;
$isExact = (substr($keywords, 0, 1) == '"' && substr($keywords, strlen($keywords) - 1, 1) == '"');
if ($isExact) {
$performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
}
else {
$key_arr = explode(' ', $keywords);
/*foreach($key_arr as $value) {
if (strlen($value) < $length) {
$keywords = str_replace(' '.$value, '', $keywords);
$keywords = str_replace($value.' ', '', $keywords);
}
}*/
//$keywords = str_replace(' ', ' ', $keywords);
$tmp_keywords = str_replace("+", "", $keywords);
$tmp_keywords = str_replace("-", "", $tmp_keywords);
$performSearch = (strlen($tmp_keywords) >= $length);
}
if ($performSearch) {
$objSearchList = new clsSearchLogList();
$objSearchList->UpdateKeyword($keywords,0);
$objSearch->SetKeywords($keywords);
$objSearch->AddSimpleFields('c');
if (is_numeric($objConfig->Get("SearchRel_Pop_category"))) {
$objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
}
if (is_numeric($objConfig->Get("SearchRel_Keyword_category"))) {
$objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
}
if (is_numeric($objConfig->Get("SearchRel_Rating_category"))) {
$objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
}
$SearchResultIdList = $objSearch->Result_IdList();
if(count($SearchResultIdList)>0)
{
$objSearch->PerformSearch(1,$SortOrder, TRUE,$SearchResultIdList);
//$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
}
$SearchPerformed = TRUE;
}
else {
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
setSearchError('lu_keywords_tooshort');
}
}
else {
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
setSearchError('lu_no_keyword');
}
break;
}
function setSearchError($error_phrase)
{
$GLOBALS['FormError']['m_simplesearch']['keywords'] = language($error_phrase);
$GLOBALS['objSession']->SetVariable('search_error', $error_phrase);
}
?>
Property changes on: branches/unlabeled/unlabeled-1.78.2/kernel/frontaction.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.78.2.3
\ No newline at end of property
+1.78.2.4
\ No newline at end of property
Index: branches/unlabeled/unlabeled-1.71.2/core/units/users/users_event_handler.php
===================================================================
--- branches/unlabeled/unlabeled-1.71.2/core/units/users/users_event_handler.php (revision 7954)
+++ branches/unlabeled/unlabeled-1.71.2/core/units/users/users_event_handler.php (revision 7955)
@@ -1,1179 +1,1179 @@
<?php
class UsersEventHandler extends kDBEventHandler
{
/**
* Allows to override standart permission mapping
*
*/
function mapPermissions()
{
parent::mapPermissions();
$permissions = Array(
// admin
'OnSetPersistantVariable' => Array('self' => 'view'), // because setting to logged in user only
'OnUpdateRootPassword' => Array('self' => true), // because setting to logged in user only
// front
'OnRefreshForm' => Array('self' => true),
'OnForgotPassword' => Array('self' => true),
'OnResetPassword' => Array('self' => true),
'OnResetPasswordConfirmed' => Array('self' => true),
'OnSubscribeQuery' => Array('self' => true),
'OnSubscribeUser' => Array('self' => true),
'OnRecommend' => Array('self' => true),
);
$this->permMapping = array_merge($this->permMapping, $permissions);
}
/**
* Shows only admins when required
*
* @param kEvent $event
*/
function SetCustomQuery(&$event)
{
$object =& $event->getObject();
/* @var $object kDBList */
if ($event->Special == 'admins') {
$object->addFilter('primary_filter', 'ug.GroupId = 11');
}
if ($event->Special == 'regular') {
$object->addFilter('primary_filter', 'ug.GroupId <> 11');
}
if (!$this->Application->IsAdmin()) {
$object->addFilter('status_filter', '%1$s.Status = '.STATUS_ACTIVE);
}
}
/**
* Checks permissions of user
*
* @param kEvent $event
*/
function CheckPermission(&$event)
{
if ($event->Name == 'OnLogin' || $event->Name == 'OnLogout') {
// permission is checked in OnLogin event directly
return true;
}
if (!$this->Application->IsAdmin()) {
$user_id = $this->Application->RecallVar('user_id');
$items_info = $this->Application->GetVar($event->getPrefixSpecial(true));
if ($event->Name == 'OnCreate' && $user_id == -2) {
// "Guest" can create new users
return true;
}
if ($event->Name == 'OnUpdate' && $user_id > 0) {
$user_dummy =& $this->Application->recallObject($event->Prefix.'.-item', null, Array('skip_autoload' => true));
foreach ($items_info as $id => $field_values) {
if ($id != $user_id) {
// registered users can update their record only
return false;
}
$user_dummy->Load($id);
$status_field = array_shift($this->Application->getUnitOption($event->Prefix, 'StatusField'));
if ($user_dummy->GetDBField($status_field) != STATUS_ACTIVE) {
// not active user is not allowed to update his record (he could not activate himself manually)
return false;
}
if (isset($field_values[$status_field]) && $user_dummy->GetDBField($status_field) != $field_values[$status_field]) {
// user can't change status by himself
return false;
}
}
return true;
}
if ($event->Name == 'OnUpdate' && $user_id <= 0) {
// guests are not allowed to update their record, because they don't have it :)
return false;
}
}
return parent::CheckPermission($event);
}
function OnSessionExpire()
{
if ($this->Application->IsAdmin()) {
$this->Application->Redirect('index', Array('expired' => 1), '', 'index.php');
}
else {
$http_query =& $this->Application->recallObject('HTTPQuery');
$get = $http_query->getRedirectParams();
$t = $this->Application->GetVar('t');
$get['js_redirect'] = $this->Application->ConfigValue('UseJSRedirect');
$this->Application->Redirect($t ? $t : 'index', $get);
}
}
/**
* Checks user data and logs it in if allowed
*
* @param kEvent $event
*/
function OnLogin(&$event)
{
// persistent session data after login is not refreshed, because redirect will follow in any case
$prefix_special = $this->Application->IsAdmin() ? 'u.current' : 'u'; // "u" used on front not to change theme
$object =& $this->Application->recallObject($prefix_special, null, Array('skip_autoload' => true));
$password = $this->Application->GetVar('password');
$invalid_pseudo = $this->Application->IsAdmin() ? 'la_invalid_password' : 'lu_invalid_password';
if(!$password)
{
$object->SetError('ValidateLogin', 'invalid_password', $invalid_pseudo);
$event->status = erFAIL;
return false;
}
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login && !$this->Application->IsAdmin() ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
// process "Save Username" checkbox
if ($this->Application->IsAdmin()) {
$save_username = $this->Application->GetVar('cb_save_username') ? $login_value : '';
$this->Application->Session->SetCookie('save_username', $save_username, adodb_mktime() + 31104000); // 1 year expiration
$this->Application->SetVar('save_username', $save_username); // cookie will be set on next refresh, but refresh won't occur if login error present, so duplicate cookie in HTTPQuery
}
if ($this->Application->IsAdmin() && ($login_value == 'root')) {
// logging in "root" (admin only)
$root_password = $this->Application->ConfigValue('RootPass');
$password_formatter =& $this->Application->recallObject('kPasswordFormatter');
$test = $password_formatter->EncryptPassword($password, 'b38');
if ($root_password != $test) {
$object->SetError('ValidateLogin', 'invalid_password', $invalid_pseudo);
$event->status = erFAIL;
return false;
}
elseif ($this->checkLoginPermission($login_value)) {
$user_id = -1;
$object->Load($user_id);
$object->SetDBField('Login', $login_value);
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
// $session->SetField('GroupList', implode(',', $groups) );
$this->Application->SetVar('u.current_id', $user_id);
$this->Application->StoreVar('user_id', $user_id);
$this->processLoginRedirect($event, $password);
return true;
}
else {
$object->SetError('ValidateLogin', 'invalid_license', 'la_invalid_license');
$event->status = erFAIL;
return false;
}
}
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
if ($user_id) {
$object->Load($user_id);
if ($object->GetDBField('Status') == STATUS_ACTIVE) {
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
if ($this->checkLoginPermission($login_value)) {
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$session->SetField('GroupList', implode(',', $groups) );
$this->Application->SetVar('u.current_id', $user_id);
$this->Application->StoreVar('user_id', $user_id);
$this_login = (int)$object->getPersistantVar('ThisLogin');
$object->setPersistantVar('LastLogin', $this_login);
$object->setPersistantVar('ThisLogin', adodb_mktime());
}
else {
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
$this->processLoginRedirect($event, $password);
}
else {
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
else
{
$object->SetID(-2);
$object->SetError('ValidateLogin', 'invalid_password', $invalid_pseudo);
$event->status = erFAIL;
}
$event->SetRedirectParam('pass', 'm');
}
/**
* Enter description here...
*
* @param string $user_name
* @return bool
*/
function checkLoginPermission($user_name)
{
$ret = true;
if ($this->Application->IsAdmin()) {
$modules_helper =& $this->Application->recallObject('ModulesHelper');
if ($user_name != 'root') {
// root is virtual user, so allow him to login to admin in any case
$ret = $this->Application->CheckPermission('ADMIN', 1);
}
$ret = $ret && $modules_helper->checkLogin();
}
else {
$ret = $this->Application->CheckPermission('LOGIN', 1);
}
return $ret;
}
/**
* Process all required data and redirect logged-in user
*
* @param kEvent $event
*/
function processLoginRedirect(&$event, $password)
{
$prefix_special = $this->Application->IsAdmin() ? 'u.current' : 'u'; // "u" used on front not to change theme
$object =& $this->Application->recallObject($prefix_special, null, Array('skip_autoload' => true));
$next_template = $this->Application->GetVar('next_template');
if ($next_template == '_ses_redirect') {
$location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
if( $this->Application->isDebugMode() && constOn('DBG_REDIRECT') )
{
$this->Application->Debugger->appendTrace();
echo "<b>Debug output above!!!</b> Proceed to redirect: <a href=\"$location\">$location</a><br>";
}
else {
header('Location: '.$location);
}
$session =& $this->Application->recallObject('Session');
$session->SaveData();
exit;
}
if ($next_template) {
$event->redirect = $next_template;
}
if ($this->Application->ConfigValue('UseJSRedirect')) {
$event->SetRedirectParam('js_redirect', 1);
}
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
}
/**
* Called when user logs in using old in-portal
*
* @param kEvent $event
*/
function OnInpLogin(&$event)
{
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('LoginUser', $event->getEventParam('user'), $event->getEventParam('pass') );
if ($event->redirect && is_string($event->redirect)) {
// some real template specified instead of true
$this->Application->Redirect($event->redirect, $event->redirect_params);
}
}
/**
* Called when user logs in using old in-portal
*
* @param kEvent $event
*/
function OnInpLogout(&$event)
{
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('LogoutUser');
}
function OnLogout(&$event)
{
$sync_manager =& $this->Application->recallObjectP('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
$sync_manager->performAction('LogoutUser');
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', -2);
$this->Application->SetVar('u.current_id', -2);
$this->Application->StoreVar('user_id', -2);
$object =& $this->Application->recallObject('u.current', null, Array('skip_autoload' => true));
$object->Load(-2);
$this->Application->DestroySession();
$group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup');
$session->SetField('GroupList', $group_list);
$this->Application->StoreVar('UserGroups', $group_list);
if ($this->Application->ConfigValue('UseJSRedirect')) {
$event->SetRedirectParam('js_redirect', 1);
}
$event->SetRedirectParam('pass', 'm');
}
/**
* Prefill states dropdown with correct values
*
* @param kEvent $event
* @access public
*/
function OnPrepareStates(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->PopulateStates($event, 'State', 'Country');
$object =& $event->getObject();
if( $object->isRequired('Country') && $cs_helper->CountryHasStates( $object->GetDBField('Country') ) ) $object->setRequired('State', true);
$object->setLogin();
}
/**
* Redirects user after succesfull registration to confirmation template (on Front only)
*
* @param kEvent $event
*/
function OnAfterItemCreate(&$event)
{
$is_subscriber = $this->Application->GetVar('IsSubscriber');
if(!$is_subscriber)
{
$object =& $event->getObject();
$ug_table = TABLE_PREFIX.'UserGroup';
if ($object->mode == 't') {
$ug_table = $this->Application->GetTempName($ug_table, 'prefix:'.$event->Prefix);
}
$sql = 'UPDATE '.$ug_table.'
SET PrimaryGroup = 0
WHERE PortalUserId = '.$object->GetDBField('PortalUserId');
$this->Conn->Query($sql);
// set primary group to user
if ($this->Application->IsAdmin() && $this->Application->GetVar('user_group')) {
// while in admin you can set any group for new users
$group_id = $this->Application->GetVar('user_group');
}
else {
$group_id = $this->Application->ConfigValue('User_NewGroup');
}
$sql = 'REPLACE INTO '.$ug_table.'(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)';
$this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) );
}
}
/**
* Login user if possible, if not then redirect to corresponding template
*
* @param kEvent $event
*/
function autoLoginUser(&$event)
{
$object =& $event->getObject();
$this->Application->SetVar('u.current_id', $object->GetID() );
if($object->GetDBField('Status') == STATUS_ACTIVE && !$this->Application->ConfigValue('User_Password_Auto'))
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$this->Application->SetVar($submit_field, $object->GetDBField($login_field) );
$this->Application->SetVar('password', $object->GetDBField('Password_plain') );
$event->CallSubEvent('OnLogin');
}
}
/**
* When creating user & user with such email exists then force to use OnUpdate insted of ?
*
* @param kEvent $event
*/
function OnSubstituteSubscriber(&$event)
{
$ret = false;
$object =& $event->getObject( Array('skip_autoload' => true) );
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id, $field_values) = each($items_info);
$user_email = isset($field_values['Email']) ? $field_values['Email'] : false;
if($user_email)
{
// check if is subscriber
- $verify_user =& $this->Application->recallObject('u.verify', null, Array('skup_autoload' => true) );
+ $verify_user =& $this->Application->recallObject('u.verify', null, Array('skip_autoload' => true) );
$verify_user->Load($user_email, 'Email');
if( $verify_user->isLoaded() && $verify_user->isSubscriberOnly() )
{
$items_info = Array( $verify_user->GetDBField('PortalUserId') => $field_values );
$this->Application->SetVar($event->getPrefixSpecial(true), $items_info);
$ret = true;
}
}
}
if( isset($event->MasterEvent) )
{
$event->MasterEvent->setEventParam('is_subscriber_only', $ret);
}
else
{
$event->setEventParam('is_subscriber_only', $ret);
}
}
/**
* Enter description here...
*
* @param kEvent $event
* @return bool
*/
function isSubscriberOnly(&$event)
{
$event->CallSubEvent('OnSubstituteSubscriber');
$is_subscriber = false;
if( $event->getEventParam('is_subscriber_only') )
{
$is_subscriber = true;
$object =& $event->getObject( Array('skip_autoload' => true) );
$this->OnUpdate($event);
if($event->status == erSUCCESS)
{
$this->OnAfterItemCreate($event);
$object->SendEmailEvents();
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect) $this->autoLoginUser($event);
}
}
return $is_subscriber;
}
/**
* Creates new user
*
* @param kEvent $event
*/
function OnCreate(&$event)
{
if( !$this->Application->IsAdmin() ) $this->setUserStatus($event);
if( !$this->isSubscriberOnly($event) )
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
$object =& $event->getObject( Array('skip_autoload' => true) );
/* @var $object kDBItem */
if ($this->Application->ConfigValue('User_Password_Auto')) {
$pass = makepassword4(rand(5,8));
$object->SetField('Password', $pass);
$object->SetField('VerifyPassword', $pass);
$this->Application->SetVar('user_password',$pass);
}
parent::OnCreate($event);
$this->Application->SetVar('u.current_id', $object->getID() ); // for affil:OnRegisterAffiliate after hook
$this->setNextTemplate($event);
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect)
{
$object->SendEmailEvents();
$this->autoLoginUser($event);
}
}
}
/**
* Set's new user status based on config options
*
* @param kEvent $event
*/
function setUserStatus(&$event)
{
$object =& $event->getObject( Array('skip_autoload' => true) );
$new_users_allowed = $this->Application->ConfigValue('User_Allow_New');
// 1 - Instant, 2 - Not Allowed, 3 - Pending
switch ($new_users_allowed)
{
case 1: // Instant
$object->SetDBField('Status', 1);
$next_template = $this->Application->GetVar('registration_confirm_template');
if($next_template) $event->redirect = $next_template;
break;
case 3: // Pending
$next_template = $this->Application->GetVar('registration_confirm_pending_template');
if($next_template) $event->redirect = $next_template;
$object->SetDBField('Status', 2);
break;
case 2: // Not Allowed
$object->SetDBField('Status', 0);
break;
}
/*if ($object->GetDBField('PaidMember') == 1) {
$this->Application->HandleEvent($add_to_cart, 'ord:OnAddToCart');
$event->redirect = 'in-commerce/checkout/shop_cart';
} */
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnBeforeItemCreate(&$event)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
$object =& $event->getObject();
if ($email_as_login) {
$object->Fields['Email']['error_msgs']['unique'] = $this->Application->Phrase('lu_user_and_email_already_exist');
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnAfterItemValidate(&$event)
{
$object =& $event->getObject();
$resource_id = $object->GetDBField('ResourceId');
if (!$resource_id)
{
$object->SetDBField('ResourceId', $this->Application->NextResourceId() );
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRecommend(&$event){
$friend_email = $this->Application->GetVar('friend_email');
$friend_name = $this->Application->GetVar('friend_email');
// used for error reporting only -> rewrite code + theme (by Alex)
$object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email))
{
$send_params = array();
$send_params['to_email']=$friend_email;
$send_params['to_name']=$friend_name;
$user_id = $this->Application->RecallVar('user_id');
$email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params);
if ($email_event->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
else {
// $event->redirect_params = array('opener' => 's', 'pass' => 'all');
// $event->redirect = $this->Application->GetVar('template_fail');
$object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error');
$object->FieldErrors['Email']['pseudo'] = 'send_error';
$event->status = erFAIL;
}
}
else {
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['Email']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
}
/**
* Saves address changes and mades no redirect
*
* @param kEvent $event
*/
function OnUpdateAddress(&$event)
{
$object =& $event->getObject( Array('skip_autoload' => true) );
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id,$field_values) = each($items_info);
if($id > 0) $object->Load($id);
$object->SetFieldsFromHash($field_values);
$object->setID($id);
$object->Validate();
}
$event->redirect = false;
}
function OnSubscribeQuery(&$event)
{
$user_email = $this->Application->GetVar('subscriber_email');
if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){
$object = &$this->Application->recallObject($this->Prefix.'.subscriber', null, Array('skip_autoload' => true));
$this->Application->StoreVar('SubscriberEmail', $user_email);
if( $object->Load(array('Email'=>$user_email)) ){
$group_info = $this->GetGroupInfo($object->GetID());
$event->redirect = $this->Application->GetVar($group_info ? 'unsubscribe_template' : 'subscribe_template');
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
$this->Application->StoreVar('SubscriberEmail', $user_email);
}
}
else {
// used for error reporting only -> rewrite code + theme (by Alex)
$object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
//subscribe_query_ok_template
}
function OnSubscribeUser(&$event){
$object = &$this->Application->recallObject($this->Prefix.'.subscriber', null, Array('skip_autoload' => true));
$user_email = $this->Application->RecallVar('SubscriberEmail');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email)){
$this->RemoveRequiredFields($object);
if($object->Load(array('Email'=>$user_email))){
$group_info = $this->GetGroupInfo($object->GetID());
if ($group_info){
if ($event->getEventParam('no_unsubscribe')) return;
if ($group_info['PrimaryGroup']){
// delete user
$object->Delete();
}
else {
$this->RemoveSubscriberGroup($object->GetID());
}
$event->redirect = $this->Application->GetVar('unsubscribe_ok_template');
}
else {
$this->AddSubscriberGroup($object->GetID(), 0);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
}
else {
$object->SetField('Email', $user_email);
$object->SetField('Login', $user_email);
$object->SetDBField('dob', 1);
$object->SetDBField('dob_date', 1);
$object->SetDBField('dob_time', 1);
$ip = getenv('HTTP_X_FORWARDED_FOR')?getenv('HTTP_X_FORWARDED_FOR'):getenv('REMOTE_ADDR');
$object->SetDBField('ip', $ip);
$this->Application->SetVar('IsSubscriber', 1);
if ($object->Create()) {
$this->AddSubscriberGroup($object->GetID(), 1);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
$this->Application->SetVar('IsSubscriber', 0);
}
}
else {
// error handling here
$event->redirect = $this->Application->GetVar('subscribe_fail_template');
}
}
function AddSubscriberGroup($user_id, $is_primary){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')';
$this->Conn->Query( sprintf($sql, $user_id, $group_id) );
$this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
}
function RemoveSubscriberGroup($user_id){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup');
$this->Conn->Query($sql);
$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
}
function GetGroupInfo($user_id){
$group_info = $this->Conn->GetRow('SELECT * FROM '.TABLE_PREFIX.'UserGroup
WHERE PortalUserId='.$user_id.'
AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup'));
return $group_info;
}
function OnForgotPassword(&$event)
{
$user_object = &$this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true));
// used for error reporting only -> rewrite code + theme (by Alex)
$user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too
$username = $this->Application->GetVar('username');
$email = $this->Application->GetVar('email');
$found = false;
$allow_reset = true;
if( strlen($username) )
{
if( $user_object->Load(array('Login'=>$username)) )
$found = ($user_object->GetDBField("Login")==$username && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
else if( strlen($email) )
{
if( $user_object->Load(array('Email'=>$email)) )
$found = ($user_object->GetDBField("Email")==$email && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
if( $user_object->isLoaded() )
{
$PwResetConfirm = $user_object->GetDBField('PwResetConfirm');
$PwRequestTime = $user_object->GetDBField('PwRequestTime');
$PassResetTime = $user_object->GetDBField('PassResetTime');
//$MinPwResetDelay = $user_object->GetDBField('MinPwResetDelay');
$MinPwResetDelay = $this->Application->ConfigValue('Users_AllowReset');
$allow_reset = (strlen($PwResetConfirm) ?
adodb_mktime() > $PwRequestTime + $MinPwResetDelay :
adodb_mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
}
else
{
if(!strlen($username) && !strlen($email))
{
$user_current_object->ErrorMsgs['forgotpw_nodata'] = $this->Application->Phrase('lu_ferror_forgotpw_nodata');
$user_current_object->FieldErrors['Login']['pseudo'] = 'forgotpw_nodata';
$user_current_object->FieldErrors['Email']['pseudo'] = 'forgotpw_nodata';
}
else
{
if($allow_reset)
{
if( strlen($username) ){
$user_current_object->ErrorMsgs['unknown_username'] = $this->Application->Phrase('lu_ferror_unknown_username');
$user_current_object->FieldErrors['Login']['pseudo']='unknown_username';
}
if( strlen($email) ){
$user_current_object->ErrorMsgs['unknown_email'] = $this->Application->Phrase('lu_ferror_unknown_email');
$user_current_object->FieldErrors['Email']['pseudo']='unknown_email';
}
}
else
{
$user_current_object->ErrorMsgs['reset_denied'] = $this->Application->Phrase('lu_ferror_reset_denied');
if( strlen($username) ){
$user_current_object->FieldErrors['Login']['pseudo']='reset_denied';
}
if( strlen($email) ){
$user_current_object->FieldErrors['Email']['pseudo']='reset_denied';
}
}
}
if($user_current_object->FieldErrors){
$event->redirect = false;
}
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnResetPassword(&$event){
$user_object = &$this->Application->recallObject('u.forgot');
if($user_object->Load($this->Application->RecallVar('tmp_user_id'))){
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
$mod_object =& $this->Application->recallObject('mod.'.'In-Commerce');
$m_cat_id = $mod_object->GetDBField('RootCat');
$event->SetRedirectParam('pass', 'm');
//$event->SetRedirectParam('m_cat_id', $m_cat_id);
$this->Application->SetVar('m_cat_id', $m_cat_id);
}
}
function OnResetPasswordConfirmed(&$event)
{
$passed_key = $this->Application->GetVar('user_key');
$user_object = &$this->Application->recallObject('u.forgot');
// used for error reporting only -> rewrite code + theme (by Alex)
$user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true));// TODO: change theme too
if (strlen(trim($passed_key)) == 0) {
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = false;
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
}
if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
{
$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
if ( $exp_time > adodb_mktime() )
{
//$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword4();
$this->Application->StoreVar('password', $newpw);
$user_object->SetDBField("Password",$newpw);
$user_object->SetDBField("PassResetTime", adodb_mktime());
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
$user_object->Update();
$this->Application->SetVar('ForgottenPassword', $newpw);
$email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
$email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
$this->Application->DeleteVar('ForgottenPassword');
if ($email_event_user->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
$user_object->SetDBField("Password",md5($newpw));
$user_object->Update();
} else {
$user_current_object->ErrorMsgs['code_expired'] = $this->Application->Phrase('lu_code_expired');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_expired';
$event->redirect = false;
}
} else {
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
$event->redirect = false;
}
}
function OnUpdate(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnUpdate($event);
$this->setNextTemplate($event);
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function setNextTemplate(&$event)
{
if( !$this->Application->IsAdmin() )
{
$event->redirect_params['opener'] = 's';
$object =& $event->getObject();
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
}
}
/**
* Delete users from groups if their membership is expired
*
* @param kEvent $event
*/
function OnCheckExpiredMembership(&$event)
{
// send pre-expiration reminders: begin
$pre_expiration = adodb_mktime() + $this->Application->ConfigValue('User_MembershipExpirationReminder') * 3600 * 24;
$sql = 'SELECT PortalUserId, GroupId
FROM '.TABLE_PREFIX.'UserGroup
WHERE (MembershipExpires IS NOT NULL) AND (ExpirationReminderSent = 0) AND (MembershipExpires < '.$pre_expiration.')';
$skip_clause = $event->getEventParam('skip_clause');
if ($skip_clause) {
$sql .= ' AND !('.implode(') AND !(', $skip_clause).')';
}
$records = $this->Conn->Query($sql);
if ($records) {
$conditions = Array();
foreach ($records as $record) {
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION.NOTICE', $record['PortalUserId']);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION.NOTICE');
$conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')';
}
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET ExpirationReminderSent = 1
WHERE '.implode(' OR ', $conditions);
$this->Conn->Query($sql);
}
// send pre-expiration reminders: end
// remove users from groups with expired membership: begin
$sql = 'SELECT PortalUserId
FROM '.TABLE_PREFIX.'UserGroup
WHERE (MembershipExpires IS NOT NULL) AND (MembershipExpires < '.adodb_mktime().')';
$user_ids = $this->Conn->GetCol($sql);
if ($user_ids) {
foreach ($user_ids as $id) {
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
}
}
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup
WHERE (MembershipExpires IS NOT NULL) AND (MembershipExpires < '.adodb_mktime().')';
$this->Conn->Query($sql);
// remove users from groups with expired membership: end
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRefreshForm(&$event)
{
$event->redirect = false;
$item_info = $this->Application->GetVar($event->Prefix_Special);
list($id, $fields) = each($item_info);
$object =& $event->getObject( Array('skip_autoload' => true) );
$object->setID($id);
$object->IgnoreValidation = true;
$object->SetFieldsFromHash($fields);
}
/**
* Sets persistant variable
*
* @param kEvent $event
*/
function OnSetPersistantVariable(&$event)
{
$object =& $event->getObject();
$field = $this->Application->GetVar('field');
$value = $this->Application->GetVar('value');
$object->setPersistantVar($field, $value);
$force_tab = $this->Application->GetVar('SetTab');
if ($force_tab) {
$this->Application->StoreVar('force_tab', $force_tab);
}
}
/**
* Overwritten to return user from order by special .ord
*
* @param kEvent $event
*/
function getPassedId(&$event)
{
if ($event->Special == 'ord') {
$order =& $this->Application->recallObject('ord');
return $order->GetDBField('PortalUserId');
}
return parent::getPassedID($event);
}
/**
* Allows to change root password
*
* @param kEvent $event
*/
function OnUpdateRootPassword(&$event)
{
$user_id = $this->Application->RecallVar('user_id');
if ($user_id != -1) {
// not "root" can't change root's password via this event
return false;
}
// put salt to user's config
$field_options = $this->Application->getUnitOption($event->Prefix.'.RootPassword', 'Fields');
$field_options['salt'] = 'b38';
$this->Application->setUnitOption($event->Prefix.'.RootPassword', 'Fields', $field_options);
$object =& $event->getObject( Array('skip_autoload' => true) );
/* @var $object UsersItem */
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if ($items_info) {
list ($id, $field_values) = each($items_info);
$this->RemoveRequiredFields($object);
$object->SetDBField('RootPassword', $this->Application->ConfigValue('RootPass'));
$object->SetFieldsFromHash($field_values);
$status = $object->Validate();
if ($status) {
// validation on, password match too
$fields_hash = Array (
'VariableValue' => $object->GetDBField('RootPassword')
);
$conf_table = $this->Application->getUnitOption('conf', 'TableName');
$this->Conn->doUpdate($fields_hash, $conf_table, 'VariableName = "RootPass"');
$event->SetRedirectParam('opener', 'u');
}
else {
$event->status = erFAIL;
$event->redirect = false;
}
}
}
/**
* Apply some special processing to
* object beeing recalled before using
* it in other events that call prepareObject
*
* @param Object $object
* @param kEvent $event
* @access protected
*/
function prepareObject(&$object, &$event)
{
parent::prepareObject($object, $event);
if (!$this->Application->IsAdmin()) {
if ($this->Application->RecallVar('register_captcha_code')) return ;
$captcha_helper =& $this->Application->recallObject('CaptchaHelper');
/* @var $captcha_helper kCaptchaHelper */
$this->Application->StoreVar('register_captcha_code', $captcha_helper->GenerateCaptchaCode());
}
}
/**
* Apply custom processing to item
*
* @param kEvent $event
*/
function customProcessing(&$event, $type)
{
if ($event->Name == 'OnCreate' && $type == 'before') {
$object =& $event->getObject();
/* @var $object kDBItem */
// if auto password has not been set already - store real one - to be used in email events
if (!$this->Application->GetVar('user_password')) {
$this->Application->SetVar('user_password', $object->GetDirtyField('Password'));
$object->SetDBField('Password_plain', $object->GetDirtyField('Password'));
}
// Validate captcha image if it's requried
if ($this->Application->ConfigValue('RegistrationCaptcha') && $object->GetDBField('Captcha') != $this->Application->RecallVar('register_captcha_code')) {
$object->SetError('Captcha', 'captcha_error', 'lu_captcha_error');
$captcha_helper =& $this->Application->recallObject('CaptchaHelper');
/* @var $captcha_helper kCaptchaHelper */
$this->Application->StoreVar('register_captcha_code', $captcha_helper->GenerateCaptchaCode());
}
}
}
}
?>
\ No newline at end of file
Property changes on: branches/unlabeled/unlabeled-1.71.2/core/units/users/users_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.71.2.5
\ No newline at end of property
+1.71.2.6
\ No newline at end of property

Event Timeline

In-Portal CMS · In-Portal Community Pages · In-Portal Issue Tracker · In-Portal Repository Browser · Quality Assurance · In-Portal CI Server