mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-06 06:38:00 +02:00
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:e107inc/e107

Browse Source
This commit is contained in:
Miroslav Yovchev
2016-03-17 17:34:00 +02:00
parent ffe2740516 f1b1e2de92
commit 9a7ec8908c
18 changed files with 569 additions and 289 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
class2.php
View File

@@ -1064,9 +1064,9 @@ if (($_SERVER['QUERY_STRING'] == 'logout')/* || (($pref['user_tracking'] == 'ses
{
if (USER)
{
if (check_class(varset($pref['user_audit_class'],'')))
{ // Need to note in user audit trail
$admin_log->user_audit(USER_AUDIT_LOGOUT, '');
if (check_class(varset($pref['user_audit_class'],''))) // Need to note in user audit trail
{
e107::getLog()->user_audit(USER_AUDIT_LOGOUT, '', USERID, USERNAME);
}
}

9
e107_admin/admin_log.php
View File

@@ -152,7 +152,7 @@ class admin_log_ui extends e_admin_ui
protected $fields = array (
// 'checkboxes' => array ( 'title' => '', 'type' => null, 'data' => null, 'nolist'=>true, 'width' => '5%', 'thclass' => 'center', 'forced' => '1', 'class' => 'center', 'toggle' => 'e-multiselect', ),
'dblog_id' => array ( 'title' => LAN_ID, 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => '12%', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => '12%', 'filter' => true, 'help' => '', 'readParms' => array('mask'=>'dd MM yyyy hh:ii:ss'), 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
// 'dblog_microtime' => array ( 'title' => 'Microtime', 'type' => 'method', 'data' => 'int', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
'dblog_type' => array ( 'title' => RL_LAN_032, 'type' => 'method', 'data' => 'int', 'width' => '5%', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
'dblog_ip' => array ( 'title' => LAN_IP, 'type' => 'ip', 'data' => 'str', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
@@ -445,7 +445,8 @@ class admin_log_form_ui extends e_admin_form_ui
// define('USER_AUDIT_TEMP_ACCOUNT', 24); // User temporary account
$audit_checkboxes = array(USER_AUDIT_SIGNUP => RL_LAN_071, USER_AUDIT_EMAILACK => RL_LAN_072, USER_AUDIT_LOGIN => RL_LAN_073, // USER_AUDIT_LOGOUT => RL_LAN_074, // Logout is lumped in with login
$audit_checkboxes = array(USER_AUDIT_SIGNUP => RL_LAN_071, USER_AUDIT_EMAILACK => RL_LAN_072,
USER_AUDIT_LOGIN => LAN_AUDIT_LOG_013, USER_AUDIT_LOGOUT => LAN_AUDIT_LOG_014, // Logout is lumped in with login
USER_AUDIT_NEW_DN => RL_LAN_075, USER_AUDIT_NEW_PW => RL_LAN_076, USER_AUDIT_PW_RES => RL_LAN_078, USER_AUDIT_NEW_EML => RL_LAN_077, USER_AUDIT_NEW_SET => RL_LAN_079,
USER_AUDIT_ADD_ADMIN => RL_LAN_080, USER_AUDIT_MAIL_BOUNCE => RL_LAN_081, USER_AUDIT_BANNED => RL_LAN_082, USER_AUDIT_BOUNCE_RESET => RL_LAN_083,
USER_AUDIT_TEMP_ACCOUNT => RL_LAN_084);
@@ -713,7 +714,7 @@ class audit_log_ui extends e_admin_ui
protected $fields = array (
'checkboxes' => array ( 'title' => '', 'type' => null, 'data' => null, 'width' => '5%', 'thclass' => 'center', 'forced' => '1', 'class' => 'center', 'toggle' => 'e-multiselect', ),
'dblog_id' => array ( 'title' => LAN_ID, 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => array('mask'=>'dd MM yyyy hh:ii:ss'), 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_microtime' => array ( 'title' => 'Microtime', 'type' => 'text', 'data' => 'int', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
'dblog_eventcode' => array ( 'title' => 'Eventcode', 'type' => 'method', 'data' => 'str', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
'dblog_user_id' => array ( 'title' => LAN_USER, 'type' => 'user', 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
@@ -766,7 +767,7 @@ class dblog_ui extends e_admin_ui
protected $fields = array (
'checkboxes' => array ( 'title' => '', 'type' => null, 'data' => null, 'width' => '5%', 'thclass' => 'center', 'forced' => '1', 'class' => 'center', 'toggle' => 'e-multiselect', ),
// 'dblog_id' => array ( 'title' => LAN_ID, 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'datestamp', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => array('mask'=>'dd MM yyyy hh:ii:ss'), 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_microtime' => array ( 'title' => 'Microtime', 'type' => 'method', 'data' => 'int', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
'dblog_type' => array ( 'title' => LAN_TYPE, 'type' => 'method', 'data' => 'int', 'width' => 'auto', 'batch' => true, 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'dblog_eventcode' => array ( 'title' => 'Eventcode', 'type' => 'method', 'data' => 'str', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),

28
e107_admin/header.php
View File

@@ -508,17 +508,23 @@ echo getAlert();
return '
<div id="uiModal" class="modal hide fade" tabindex="-1" role="dialog" aria-hidden="true">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h4 class="modal-caption">&nbsp;</h4>
</div>
<div class="modal-body">
<p>Loading…</p>
</div>
<div class="modal-footer">
<a href="#" data-dismiss="modal" class="btn btn-primary">Close</a>
</div>
<div id="uiModal" class="modal fade" tabindex="-1" role="dialog" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h4 class="modal-caption">&nbsp;</h4>
</div>
<div class="modal-body">
<p>Loading…</p>
</div>
<div class="modal-footer">
<a href="#" data-dismiss="modal" class="btn btn-primary">Close</a>
</div>
</div>
</div>
</div>';
}

41
e107_admin/newspost.php
View File

@@ -298,8 +298,8 @@ class news_sub_form_ui extends e_admin_form_ui
$text .= '
<div id="submitted_'.$submitnews_id.'" class="modal fade" tabindex="-1" role="dialog" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-dialog modal-lg" >
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h4>'.$tp->toHtml($submitnews_title,false,'TITLE').'</h4>
@@ -326,9 +326,9 @@ class news_sub_form_ui extends e_admin_form_ui
$text .= '</p>
</div>
<div class="modal-footer">
<a href="#" data-dismiss="modal" class="btn btn-primary">'.LAN_NEWS_67.'</a>
</div>
<div class="modal-footer">
<a href="#" data-dismiss="modal" class="btn btn-primary">'.LAN_NEWS_67.'</a>
</div>
</div>
</div></div>';
@@ -835,6 +835,7 @@ class news_admin_ui extends e_admin_ui
$temp['nbr_cols'] = intval($_POST['nbr_cols']);
$temp['subnews_attach'] = intval($_POST['subnews_attach']);
$temp['subnews_resize'] = intval($_POST['subnews_resize']);
$temp['subnews_attach_minsize'] = e107::getParser()->filter($_POST['subnews_attach_minsize']);
$temp['subnews_class'] = intval($_POST['subnews_class']);
$temp['subnews_htmlarea'] = intval($_POST['subnews_htmlarea']);
$temp['news_subheader'] = e107::getParser()->toDB($_POST['news_subheader']);
@@ -1083,7 +1084,7 @@ class news_admin_ui extends e_admin_ui
$text = "
<form method='post' action='".e_SELF."?pref' id='core-newspost-settings-form'>";
<form method='post' action='".e_REQUEST_URI."' id='core-newspost-settings-form'>";
$tab1 = "
@@ -1164,6 +1165,28 @@ class news_admin_ui extends e_admin_ui
</tr>
";
$imageSizes = array(
'400×300' => '400x300',
'640×480' => '640x480',
'800×600' => '800x600',
'1024×768' => '1024x768',
'1600x1200' => '2 MP (1600×1200)',
'2272x1704' => '4 MP (2272×1704)',
'2816x2112' => '6 MP (2816×2112)',
'3264x2448' => '8 MP (3264×2448)',
// 10 MP (3648×2736)
// 12 MP (4096×3072)
);
$tab2 = "<table class='table adminform'>
<colgroup>
<col class='col-label' />
@@ -1188,6 +1211,12 @@ class news_admin_ui extends e_admin_ui
<td>
".$frm->radio_switch('subnews_attach', $pref['subnews_attach'])."
</td>
</tr>
<tr>
<td>Only accept images larger than</td>
<td>
".$frm->select('subnews_attach_minsize', $imageSizes, $pref['subnews_attach_minsize'], null, 'Any Size')."
</td>
</tr>
<tr>
<td>".NWSLAN_101."</td>

22
e107_admin/theme.php
View File

@@ -398,7 +398,7 @@ class theme_builder
{
$nm = $key.'-'.$type;
$name = "xml[$nm]";
$size = (count($val)==1) ? 'span7' : 'span2';
$size = (count($val)==1) ? 'col-md-7' : 'col-md-2';
$text .= "<div class='{$size}'>".$this->xmlInput($name, $key."-". $type, vartrue($defaults[$nm]))."</div>";
}
@@ -588,7 +588,8 @@ TEMPLATE;
$size = 30;
$help = '';
$sizex = '';
switch ($info)
{
@@ -601,7 +602,7 @@ TEMPLATE;
case 'main-lang':
$help = TPVLAN_CONV_4;
$required = false;
$placeholder= " ";
$placeholder= "LAN equivalent";
$pattern = "[A-Z0-9_]*";
break;
@@ -644,7 +645,7 @@ TEMPLATE;
case 'summary-summary':
$help = TPVLAN_CONV_10;
$required = true;
$size = 100;
$size = 200;
$placeholder= " ";
$pattern = "[A-Za-z,() \.0-9]*";
break;
@@ -681,7 +682,8 @@ TEMPLATE;
$req = ($required == true) ? "&required=1" : "";
$placeholder = (varset($placeholder)) ? $placeholder : $type;
$pat = ($pattern) ? "&pattern=".$pattern : "";
$text = '';
switch ($type)
{
@@ -695,9 +697,9 @@ TEMPLATE;
$file = str_replace(e_THEME.$this->themeName."/",'',$path);
$text .= "<div class='row-fluid'>";
$text .= "<div class='controls'>";
$text .= "<div class='span3'>".$frm->checkbox($name.'['.$key.'][file]',$file, false, array('label'=>$file))."
$text .= "<div class='col-md-3'>".$frm->checkbox($name.'['.$key.'][file]',$file, false, array('label'=>$file))."
<div class='field-help'>".TPVLAN_CONV_14."</div></div>";
$text .= "<div class='span3'>".$frm->text($name.'['.$key.'][name]', $default, $size, 'placeholder='.$file . $req. $pat)."
$text .= "<div class='col-md-3'>".$frm->text($name.'['.$key.'][name]', $default, $size, 'placeholder='.$file . $req. $pat)."
<div class='field-help'>".TPVLAN_CONV_15."</div></div>";
// $text .= "<div class='span2'>".$frm->checkbox('css['.$key.'][file]',$file, false, array('label'=>$file))."</div>";
// $text .= "<div class='span2'>".$frm->text('css['.$key.'][name]', $default, $size, 'placeholder='.$placeholder . $req. $pat)."</div>";
@@ -711,11 +713,11 @@ TEMPLATE;
case 'date':
$text = $frm->datepicker($name, time(), 'format=yyyy-mm-dd'.$req);
$text = $frm->datepicker($name, time(), 'format=yyyy-mm-dd'.$req.'&size=block-level');
break;
case 'description':
$text = $frm->textarea($name,$default, 3, 100, $req); // pattern not supported.
$text = $frm->textarea($name,$default, 3, 100, $req,'&size=block-level'); // pattern not supported.
break;
@@ -733,7 +735,7 @@ TEMPLATE;
default:
$text = $frm->text($name, $default, $size, 'placeholder='.$placeholder . $req. $pat);
$text = $frm->text($name, $default, $size, 'placeholder='.$placeholder . $req. $pat.'&size=block-level');
break;
}

86
e107_handlers/admin_log_class.php
View File

@@ -143,6 +143,7 @@ class e_admin_log
* @param integer $event_type [optional] Log level eg. E_LOG_INFORMATIVE, E_LOG_NOTICE, E_LOG_WARNING, E_LOG_FATAL
* @param string $event_code [optional] - eg. 'BOUNCE'
* @param integer $target [optional] LOG_TO_ADMIN, LOG_TO_AUDIT, LOG_TO_ROLLING
* @param array $user - user to attribute the log to. array('user_id'=>2, 'user_name'=>'whoever');
* @return e_admin_log
*
* Alternative admin log entry point - compatible with legacy calls, and a bit simpler to use than the generic entry point.
@@ -157,7 +158,7 @@ class e_admin_log
*
*/
public function add($event_title, $event_detail, $event_type = E_LOG_INFORMATIVE , $event_code = '', $target = LOG_TO_ADMIN )
public function add($event_title, $event_detail, $event_type = E_LOG_INFORMATIVE , $event_code = '', $target = LOG_TO_ADMIN, $userData=null )
{
if ($event_code == '')
{
@@ -203,7 +204,7 @@ class e_admin_log
}
$this->e_log_event($event_type, -1, $event_code, $event_title, $event_detail, FALSE, $target);
$this->e_log_event($event_type, -1, $event_code, $event_title, $event_detail, FALSE, $target, $userData);
return $this;
}
@@ -231,12 +232,13 @@ class e_admin_log
* LOG_TO_ADMIN - admin log
* LOG_TO_AUDIT - audit log
* LOG_TO_ROLLING - rolling log
*
* @param array $userData - attribute user to log entry. array('user_id'=>2, 'user_name'=>'whatever');
* @return none
* @todo - check microtime() call
* @deprecated - use add() method instead.
*/
public function e_log_event($importance, $source_call, $eventcode = "GEN", $event_title = "Untitled", $explain = "", $finished = FALSE, $target_logs = LOG_TO_AUDIT )
public function e_log_event($importance, $source_call, $eventcode = "GEN", $event_title = "Untitled", $explain = "", $finished = FALSE, $target_logs = LOG_TO_AUDIT, $userData=null )
{
$e107 = e107::getInstance();
$pref = e107::getPref();
@@ -256,10 +258,26 @@ class e_admin_log
//---------------------------------------
// Calculations common to all logs
//---------------------------------------
$userid = deftrue('USER') ? USERID : 0;
$userstring = deftrue('USER') ? USERNAME : 'LAN_ANONYMOUS';
$userIP = e107::getIPHandler()->getIP(FALSE);
if(!empty($userData['user_id']))
{
$userid = $userData['user_id'];
}
if(!empty($userData['user_name']))
{
$userstring = $userData['user_name'];
}
if(!empty($userData['user_ip']))
{
$userIP = $userData['user_ip'];
}
$importance = $tp->toDB($importance, true, false, 'no_html');
$eventcode = $tp->toDB($eventcode, true, false, 'no_html');
@@ -390,35 +408,71 @@ class e_admin_log
*/
function user_audit($event_type, $event_data, $id = '', $u_name = '')
{
global $e107,$tp;
list($time_usec, $time_sec) = explode(" ", microtime()); // Log event time immediately to minimise uncertainty
$time_usec = $time_usec * 1000000;
// See whether we should log this
$user_logging_opts = e107::getConfig()->get('user_audit_opts');
if (!isset($user_logging_opts[$event_type]))
return; // Finished if not set to log this event type
if (!isset($user_logging_opts[$event_type])) // Finished if not set to log this event type
{
return;
}
if ($this->rldb == NULL)
$this->rldb = new db; // Better use our own db - don't know what else is going on
if($this->rldb == null)
{
$this->rldb = e107::getDb('rldb'); // Better use our own db - don't know what else is going on
}
if(!empty($id))
{
$userid = $id;
}
else
{
$userid = (USER === true) ? USERID : 0;
}
if(!empty($u_name))
{
$userstring = $u_name;
}
else
{
$userstring = (USER === true ? USERNAME : "LAN_ANONYMOUS");
}
$userIP = e107::getIPHandler()->getIP(false);
if ($id) $userid = $id;
else $userid = (USER === TRUE) ? USERID : 0;
if ($u_name) $userstring = $u_name;
else $userstring = (USER === true ? USERNAME : "LAN_ANONYMOUS");
$userIP = e107::getIPHandler()->getIP(FALSE);
$eventcode = 'USER_'.$event_type;
$title = 'LAN_AUDIT_LOG_0'.$event_type; // This creates a string which will be displayed as a constant
$spacer = '';
/* $spacer = '';
$detail = '';
foreach ($event_data as $k=>$v)
{
$detail .= $spacer.$k.'=>'.$v;
$spacer = '<br />';
}
$this->rldb->db_Insert("audit_log", "0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' ");
*/
$insertQry = array(
'dblog_id' => 0,
'dblog_datestamp' => intval($time_sec),
'dblog_microtime' => intval($time_usec),
'dblog_eventcode' => $eventcode,
'dblog_user_id' => $userid,
'dblog_user_name' => $userstring,
'dblog_ip' => $userIP,
'dblog_title' => $title,
'dblog_remarks' => print_r($event_data,true),
);
$this->rldb->insert("audit_log", $insertQry);
// $this->rldb->insert("audit_log", "0, ".intval($time_sec).', '.intval($time_usec).", '{$eventcode}', {$userid}, '{$userstring}', '{$userIP}', '{$title}', '{$detail}' ");
}

6
e107_handlers/comment_class.php
View File

@@ -481,7 +481,9 @@ class comment
$COMMENT_TEMPLATE['item'] = str_replace("row", "row-fluid", $COMMENT_TEMPLATE['item']);
}
e107::getParser()->setThumbSize(100,100); // BC FIx. Set a default image size, in case the template doesn't have one.
if (vartrue($pref['nested_comments']))
{
// $width2 = 100 - $width;
@@ -1150,7 +1152,7 @@ class comment
{
$comment = $ns->tablerender(COMLAN_9, $comment, 'comment', true );
}

2
e107_handlers/e_parse_class.php
View File

@@ -1431,7 +1431,7 @@ class e_parse extends e_parser
$linktext = (!empty($textReplace)) ? $textReplace : '\\2';
$external = (!empty($opts['ext'])) ? 'rel="external"' : '';
$text = preg_replace("#(^|[\s])([\w]+?://(?:[\w-%]+?)(?:\.[\w-%]+?)+.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a class=\"e-url\" href=\"\\2\" ".$external.">".$linktext."</a>", $text);
$text = preg_replace("#(^|[\s]|&nbsp;)([\w]+?:\/\/(?:[\w-%]+?)(?:\.[\w-%]+?)+.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$|&nbsp;)#is", "\\1<a class=\"e-url\" href=\"\\2\" ".$external.">".$linktext."</a>", $text);
$text = preg_replace("#(^|[\s])((?:www|ftp)(?:\.[\w-%]+?){2}.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a class=\"e-url\" href=\"http://\\2\" ".$external.">".$linktext."</a>", $text);
break;

7
e107_handlers/login.php
View File

@@ -251,10 +251,11 @@ class userlogin
// Problem is that USERCLASS_LIST just contains 'guest' and 'everyone' at this point
$class_list = $this->userMethods->addCommonClasses($this->userData, TRUE);
$user_logging_opts = e107::getConfig()->get('user_audit_opts');
if (isset($user_logging_opts[USER_AUDIT_LOGIN]) && in_array(varset($pref['user_audit_class'],''),$class_list))
// $user_logging_opts = e107::getConfig()->get('user_audit_opts');
if (in_array(varset($pref['user_audit_class'],''), $class_list))
{ // Need to note in user audit trail
$this->e107->admin_log->user_audit(USER_AUDIT_LOGIN,'', $user_id,$user_name);
e107::getLog()->user_audit(USER_AUDIT_LOGIN,'', $user_id, $user_name);
}
$edata_li = array('user_id' => $user_id, 'user_name' => $user_name, 'class_list' => implode(',',$class_list), 'remember_me' => $autologin, 'user_admin'=>$user_admin, 'user_email'=> $user_email);

22
e107_handlers/model_class.php
View File

@@ -3001,7 +3001,8 @@ class e_admin_model extends e_front_model
if(is_numeric($id)) $id = intval($id);
else $id = "'".e107::getParser()->toDB($id)."'";
$table = $this->getModelTable();
$res = $sql->db_Delete($table, $this->getFieldIdName().'='.$id);
$where = $this->getFieldIdName().'='.$id;
$res = $sql->delete($table, $where);
$this->_db_qry = $sql->getLastQuery();
if(!$res)
@@ -3017,8 +3018,13 @@ class e_admin_model extends e_front_model
}
else
{
e107::getAdminLog()->addSuccess($table,false);
e107::getAdminLog()->addArray($sqlQry)->save('ADMINUI_03');
if($table != 'admin_log')
{
$logData = array('TABLE'=>$table, 'WHERE'=>$where);
e107::getAdminLog()->addSuccess($table,false);
e107::getAdminLog()->addArray($logData)->save('ADMINUI_03');
}
$this->clearCache();
}
return $res;
@@ -3595,7 +3601,7 @@ class e_admin_tree_model extends e_front_tree_model
$table = $this->getModelTable();
$sqlQry = $this->getFieldIdName().' IN (\''.$idstr.'\')';
$res = $sql->db_Delete($table, $sqlQry);
$res = $sql->delete($table, $sqlQry);
$this->_db_errno = $sql->getLastErrorNumber();
$this->_db_errmsg = $sql->getLastErrorText();
@@ -3627,9 +3633,11 @@ class e_admin_tree_model extends e_front_tree_model
}
}
$logData = array('TABLE'=>$table, 'WHERE'=>$sqlQry);
e107::getAdminLog()->addArray($logData)->save('ADMINUI_03');
if($table != 'admin_log')
{
$logData = array('TABLE'=>$table, 'WHERE'=>$sqlQry);
e107::getAdminLog()->addArray($logData)->save('ADMINUI_03');
}
return $res;
}

2
e107_handlers/notify_class.php
View File

@@ -216,7 +216,7 @@ class notify
}
if(E107_DEBUG_LEVEL > 0)
if(E107_DEBUG_LEVEL > 0 || deftrue('e_DEBUG_NOTIFY'))
{
$data = array('id'=>$id, 'subject'=>$subject, 'recipients'=> $recipients, 'prefs'=>$this->notify_prefs['event'][$id], 'message'=>$message);

5
e107_handlers/upload_handler.php
View File

@@ -191,6 +191,7 @@ function process_uploaded_files($uploaddir, $fileinfo = FALSE, $options = NULL)
$c = 0;
$tp = e107::getParser();
$uploadfile = null;
foreach ($files['name'] as $key=>$name)
{
@@ -299,6 +300,8 @@ function process_uploaded_files($uploaddir, $fileinfo = FALSE, $options = NULL)
if (!$first_error) // All tests passed - can store it somewhere
{
$uploaded[$c] = e107::getFile()->get_file_info($uploadfile,true);
$uploaded[$c]['name'] = $name;
$uploaded[$c]['rawname'] = $raw_name;
$uploaded[$c]['origname'] = $origname;
@@ -306,6 +309,8 @@ function process_uploaded_files($uploaddir, $fileinfo = FALSE, $options = NULL)
$uploaded[$c]['size'] = 0;
$uploaded[$c]['index'] = $key; // Store the actual index from the file_userfile array
// e107::getMessage()->addDebug(print_a($uploaded[$c],true));
// Store as flat file
if ((!$ul_temp_dir && @move_uploaded_file($uploadfile, $destination_file)) || ($ul_temp_dir && @rename($uploadfile, $destination_file))) // This should work on all hosts
{

41
e107_handlers/user_handler.php
View File

@@ -878,7 +878,7 @@ Following fields auto-filled in code as required:
{ // Valid user!
if ($row['user_ban'] != $newVal) // We could implement a hierarchy here, so that an important status isn't overridden by a lesser one
{ // Only update if needed
$db->db_Update('user', '`user_ban` = '.$newVal.', `user_email` = \'\' WHERE `user_id` = '.$row['user_id'].' LIMIT 1');
$db->update('user', '`user_ban` = '.$newVal.', `user_email` = \'\' WHERE `user_id` = '.$row['user_id'].' LIMIT 1');
// Add to user audit log TODO: Should we log to admin log as well?
$adminLog = e107::getAdminLog();
$adminLog->user_audit($logEvent, array('user_ban' => $newVal, 'user_email' => $row['user_email']), $row['user_id'], $row['user_loginname']);
@@ -947,7 +947,13 @@ class e_user_provider
}
}
}
private function log($class,$method,$line)
{
// e107::getLog()->add('XUP Debug', ($class.':'.$method.'-'.$line), E_LOG_INFORMATIVE, "XUP_DEBUG");
}
public function setBackUrl($url)
{
# system/xup/endpoint by default
@@ -956,6 +962,7 @@ class e_user_provider
public function getProvider()
{
// $this->log(__CLASS__, __METHOD__, __LINE__);
return $this->_provider;
}
@@ -975,6 +982,7 @@ class e_user_provider
public function userId()
{
if($this->adapter && $this->adapter->getUserProfile()->identifier)
{
return $this->getProvider().'_'.$this->adapter->getUserProfile()->identifier;
@@ -1009,7 +1017,8 @@ class e_user_provider
$redirectUrl = e107::getUrl()->create($redirectUrl);
}
}
if(e107::getUser()->isUser())
{
if($redirectUrl)
@@ -1022,14 +1031,17 @@ class e_user_provider
$this->adapter = $this->hybridauth->authenticate($this->getProvider());
$profile = $this->adapter->getUserProfile();
$this->log(__CLASS__, __METHOD__, __LINE__);
// returned back, if success...
if($profile->identifier)
{
$sql = e107::getDb();
$userMethods = e107::getUserSession();
$plainPwd = $userMethods->generateRandomString('************'); // auto plain passwords
// TODO - auto login name, shouldn't be used if system set to user_email login...
$userdata['user_loginname'] = $this->getProvider().$userMethods->generateUserLogin(e107::getPref('predefinedLoginName', '_..#..#..#'));
@@ -1064,11 +1076,14 @@ class e_user_provider
// user_name, user_xup, user_email and user_loginname shouldn't match
$insert = (!empty($userdata['user_email'])) ? "OR user_email='".$userdata['user_email']."' " : "";
$this->log(__CLASS__, __METHOD__, __LINE__);
if($sql->count("user", "(*)", "user_xup='".$sql->escape($this->userId())."' ".$insert." OR user_loginname='{$userdata['user_loginname']}' OR user_name='{$userdata['user_name']}'"))
if($uid = $sql->retrieve("user", "user_id", "user_xup='".$sql->escape($this->userId())."' ".$insert." OR user_loginname='{$userdata['user_loginname']}' OR user_name='{$userdata['user_name']}'"))
{
// $this->login($redirectUrl); // auto-login
e107::getUser()->loginProvider($this->userId());
if($redirectUrl)
{
e107::getRedirect()->redirect($redirectUrl);
@@ -1080,7 +1095,8 @@ class e_user_provider
if(empty($userdata['user_email']) && e107::getPref('disable_emailcheck', 0)==0) // Allow it if set-up that way.
{
throw new Exception( "Signup failed! Can't access user email - registration without an email is impossible.".print_a($userdata,true), 4); // TODO lan
// Twitter will not provide email addresses.
// throw new Exception( "Signup failed! Can't access user email - registration without an email is impossible.".print_a($userdata,true), 4); // TODO lan
}
// other fields
@@ -1108,9 +1124,11 @@ class e_user_provider
// user model error
if($user->hasError())
{
e107::getLog()->add('XUP Signup Failure', $userdata, E_LOG_WARNING, "XUP_SIGNUP");
throw new Exception($user->renderMessages(), 5);
}
### Successful signup!
//$user->set('provider', $this->getProvider());
$userdata = $user->getData();
@@ -1125,7 +1143,7 @@ class e_user_provider
if(true === $ret) return $this;
// send email
if($emailAfterSuccess)
if($emailAfterSuccess && !empty($userdata['user_email']))
{
$user->set('user_password', $plainPwd)->email('signup');
}
@@ -1146,6 +1164,8 @@ class e_user_provider
return true;
}
$this->log(__CLASS__, __METHOD__, __LINE__);
return false;
}
@@ -1153,6 +1173,7 @@ class e_user_provider
public function login($redirectUrl = true)
{
if(!e107::getPref('social_login_active', false))
{
throw new Exception( "Signup failed! This feature is disabled.", 100); // TODO lan
@@ -1174,7 +1195,8 @@ class e_user_provider
$redirectUrl = e107::getUrl()->create($redirectUrl);
}
}
if(e107::getUser()->isUser())
{
if($redirectUrl)
@@ -1186,7 +1208,8 @@ class e_user_provider
$this->adapter = $this->hybridauth->authenticate($this->getProvider());
$check = e107::getUser()->setProvider($this)->loginProvider($this->userId(), false);
if($redirectUrl)
{
e107::getRedirect()->redirect($redirectUrl);

40
e107_handlers/user_model.php
View File

@@ -1557,7 +1557,9 @@ class e_user extends e_user_model
$userlogin = new userlogin();
$userlogin->login($xup, '', 'provider', false, true);
$userdata = $userlogin->getUserData();
$userdata = $userlogin->getUserData();
e107::getLog()->add('XUP Debug', (__CLASS__.':'.__METHOD__.'-'.__LINE__), E_LOG_INFORMATIVE, "XUP_DEBUG");
$this->setSessionData(true)->setData($userdata);
@@ -1681,21 +1683,49 @@ class e_user extends e_user_model
// query DB
$sql = e107::getDb();
$where = array();
$userdata = array();
foreach ($connected as $providerId)
{
$adapter = Hybrid_Auth::getAdapter($providerId);
if(!$adapter->getUserProfile()->identifier) continue;
$id = $providerId.'_'.$adapter->getUserProfile()->identifier;
$profile = $adapter->getUserProfile();
$userdata['user_name'] = $sql->escape($profile->displayName);
$userdata['user_image'] = $profile->photoURL; // avatar
$id = $providerId.'_'.$profile->identifier;
$where[] = "user_xup='".$sql->escape($id)."'";
}
$where = implode(' OR ', $where);
if($sql->db_Select('user', 'user_id, user_password, user_xup', $where))
if($sql->select('user', 'user_id, user_name, user_image, user_password, user_xup', $where))
{
$user = $sql->db_Fetch();
$user = $sql->fetch();
e107::getUserSession()->makeUserCookie($user);
$this->setSessionData();
// Update display name or avatar image if they have changed.
if(($userdata['user_name'] != $user['user_name']) || ($userdata['user_image'] != $user['user_image']))
{
if($sql->update('user', "user_name='".$userdata['user_name']."', user_image='".$userdata['user_image']."' WHERE user_id=".$user['user_id']." LIMIT 1")!==false)
{
e107::getLog()->add('User Profile Updated', $userdata, E_LOG_INFORMATIVE, "XUP_LOGIN", LOG_TO_ADMIN, array('user_id'=>$user['user_id'],'user_name'=>$user['user_name']));
}
else
{
e107::getLog()->add('User Profile Update Failed', $userdata, E_LOG_WARNING, "XUP_LOGIN", LOG_TO_ADMIN, array('user_id'=>$user['user_id'],'user_name'=>$user['user_name']));
}
}
unset($user['user_password']);
e107::getLog()->user_audit(USER_AUDIT_LOGIN,'', $user['user_id'], $user['user_name']);
// e107::getLog()->add('XUP Login', $user, E_LOG_INFORMATIVE, "LOGIN", LOG_TO_ROLLING, array('user_id'=>$user['user_id'],'user_name'=>$user['user_name']));
}
return $this;

1
e107_languages/English/admin/lan_admin_log.php
View File

@@ -71,6 +71,7 @@ define("RL_LAN_069", "Download Name");
define("RL_LAN_071", "User registration (ignores class setting above)");
define("RL_LAN_072", "Signup email acknowledgement (ignores class setting above)");
define("RL_LAN_073", "Login/Logout");
define("RL_LAN_075", "Change display name");
define("RL_LAN_076", "Change password");
define("RL_LAN_077", "Change email address");

39
e107_plugins/news/templates/news_template.php
View File

@@ -80,25 +80,30 @@ $NEWS_TEMPLATE['default']['item'] = '
';
*/
$NEWS_WRAPPER['default']['item']['NEWSIMAGE: item=1'] = '<span class="news-images-main pull-left col-xs-12 col-sm-6 col-md-6">{---}</span>';
$NEWS_TEMPLATE['default']['item'] = '
{SETIMAGE: w=900&h=300}
{SETIMAGE: w=400&h=400}
<div class="default-item">
<h2 class="news-title">{NEWSTITLELINK}</h2>
<p class="lead">{GLYPH=user} &nbsp;{NEWSAUTHOR}</p>
<hr>
<div class="row">
<div class="col-md-4">{GLYPH=time} {NEWSDATE=short} </div>
<div class="col-md-8 text-right options">{GLYPH=tags} &nbsp;{NEWSTAGS} &nbsp; {GLYPH=folder-open} &nbsp;{NEWSCATEGORY} </div>
<hr class="news-heading-sep">
<div class="row">
<div class="col-md-6"><small>{GLYPH=user} &nbsp;{NEWSAUTHOR} &nbsp; {GLYPH=time} &nbsp;{NEWSDATE=short} </small></div>
<div class="col-md-6 text-right options"><small>{GLYPH=tags} &nbsp;{NEWSTAGS} &nbsp; {GLYPH=folder-open} &nbsp;{NEWSCATEGORY} </small></div>
</div>
<hr>
<hr>
{NEWSIMAGE: item=1}
<hr>
<p class="lead">{NEWSSUMMARY}</p>
{NEWSVIDEO: item=1}
<div class="text-justify">
{NEWSBODY}
</div>
<div class="text-right">
{EXTENDED}
</div>
<hr>
<div class="options">
<div class="btn-group hidden-print">{NEWSCOMMENTLINK: glyph=comments&class=btn btn-default}{PRINTICON: class=btn btn-default}{PDFICON}{SOCIALSHARE}{ADMINOPTIONS: class=btn btn-default}</div>
@@ -121,7 +126,7 @@ $NEWS_TEMPLATE['view']['item'] = '
{SETIMAGE: w=900&h=600}
<div class="view-item">
<h2 class="news-title">{NEWSTITLELINK}</h2>
<p class="lead">{NEWSSUMMARY}</p>
<hr class="news-heading-sep">
<div class="row">
<div class="col-md-6"><small>{GLYPH=user} &nbsp;{NEWSAUTHOR} &nbsp; {GLYPH=time} &nbsp;{NEWSDATE=short} </small></div>
@@ -132,7 +137,10 @@ $NEWS_TEMPLATE['view']['item'] = '
<div class="body">
{NEWSIMAGE: item=1}
<p class="lead">{NEWSSUMMARY}</p>
<div class="text-justify">
{NEWSBODY=body}
</div>
<div class="news-videos-1">
{NEWSVIDEO: item=1}
{NEWSVIDEO: item=2}
@@ -155,7 +163,7 @@ $NEWS_TEMPLATE['view']['item'] = '
{NEWSVIDEO: item=4}
{NEWSVIDEO: item=5}
<div class="body-extended">
<div class="body-extended text-justify">
{NEWSBODY=extended}
</div>
@@ -171,6 +179,7 @@ $NEWS_TEMPLATE['view']['item'] = '
{NEWSRELATED}
<hr>
{NEWSNAVLINK}
';
//$NEWS_MENU_TEMPLATE['view']['separator'] = '<br />';
@@ -201,7 +210,11 @@ $NEWS_TEMPLATE['category']['item'] = '
### Related 'start' - Options: Core 'single' shortcodes including {SETIMAGE}
### Related 'item' - Options: {RELATED_URL} {RELATED_IMAGE} {RELATED_TITLE} {RELATED_SUMMARY}
### Related 'end' - Options: Options: Core 'single' shortcodes including {SETIMAGE}
/*
$NEWS_TEMPLATE['related']['start'] = "<hr><h4>".defset('LAN_RELATED', 'Related')."</h4><ul class='e-related'>";
$NEWS_TEMPLATE['related']['item'] = "<li><a href='{RELATED_URL}'>{RELATED_TITLE}</a></li>";
$NEWS_TEMPLATE['related']['end'] = "</ul>";
$NEWS_TEMPLATE['related']['end'] = "</ul>";*/
$NEWS_TEMPLATE['related']['start'] = '{SETIMAGE: w=350&h=350&crop=1}<h2 class="caption">YOU MIGHT ALSO LIKE</h2><div class="row">';
$NEWS_TEMPLATE['related']['item'] = '<div class="col-md-4"><a href="{RELATED_URL}">{RELATED_IMAGE}</a><h3><a href="{RELATED_URL}">{RELATED_TITLE}</a></h3></div>';
$NEWS_TEMPLATE['related']['end'] = '</div>';

8
e107_plugins/social/admin_config.php
View File

@@ -263,8 +263,12 @@ class social_ui extends e_admin_ui
{
$this->testUrl = SITEURL."?route=system/xup/test";
$notice = "Note: In most cases you will need to obtain an id and secret key from one of the providers. Click the blue links below to configure.
<br />You may test your configuration with the following URL: <a href='".$this->testUrl."' rel='external'>".$this->testUrl."</a>";
$notice = "Note: In most cases you will need to obtain an id and secret key from one of the providers. Click the blue links to the right to configure.
<br />You may test your configuration with the following URL:<br /><a href='".$this->testUrl."' rel='external'>".$this->testUrl."</a>";
$callBack = SITEURL."index.php";
$notice .= "<br /><br />Your callback URL is: </br ><a href='".$callBack."'>".$callBack."</a>";
return array("caption"=>"Help",'text'=> $notice);

493
submitnews.php
View File

@@ -25,7 +25,6 @@ if (!isset($pref['subnews_class']))
}
if (!check_class($pref['subnews_class']))
{
$ns->tablerender(LAN_UI_403_TITLE_ERROR, LAN_UI_403_BODY_ERROR);
@@ -33,218 +32,320 @@ if (!check_class($pref['subnews_class']))
exit;
}
if (isset($_POST['submitnews_submit']) && $_POST['submitnews_title'] && $_POST['submitnews_item'])
{
$ip = e107::getIPHandler()->getIP(FALSE);
$fp = new floodprotect;
if ($fp->flood("submitnews", "submitnews_datestamp") == FALSE)
{
e107::redirect();
exit;
}
$submitnews_user = (USER ? USERNAME : trim($tp->toDB($_POST['submitnews_name'])));
$submitnews_email = (USER ? USEREMAIL : trim(check_email($tp->toDB($_POST['submitnews_email']))));
$submitnews_title = $tp->toDB($_POST['submitnews_title']);
$submitnews_item = $tp->toDB($_POST['submitnews_item']);
$submitnews_item = str_replace("src=&quot;e107_images", "src=&quot;".SITEURL."e107_images", $submitnews_item);
$submitnews_file = "";
$submitnews_error = FALSE;
if (!$submitnews_user || !$submitnews_email)
{
$message = SUBNEWSLAN_7;
$submitnews_error = TRUE;
}
// ==== Process File Upload ====
if (FILE_UPLOADS && $_FILES['file_userfile'] && vartrue($pref['subnews_attach']) && vartrue($pref['upload_enabled']) && check_class($pref['upload_class']))
{
require_once(e_HANDLER.'upload_handler.php');
$uploaded = process_uploaded_files(e_UPLOAD, FALSE, array('file_mask' => 'jpg,gif,png', 'max_file_count' => 1));
if (($uploaded === FALSE) || !is_array($uploaded))
{ // Non-specific error
$submitnews_error = TRUE;
$message = SUBNEWSLAN_8;
}
else
{
$submitnews_filearray = array();
foreach($uploaded as $c=>$v)
{
if (varset($uploaded[$c]['error'],0) != 0)
{
$submitnews_error = TRUE;
$message = handle_upload_messages($uploaded);
}
else
{
if (isset($uploaded[$c]['name']) && isset($uploaded[$c]['type']) && isset($uploaded[$c]['size']))
{
$filename = $uploaded[$c]['name'];
$filetype = $uploaded[$c]['type'];
$filesize = $uploaded[$c]['size'];
$fileext = substr(strrchr($filename, "."), 1);
$today = getdate();
$submitnews_file = USERID."_".$today[0]."_".$c."_".str_replace(" ", "_", substr($submitnews_title, 0, 6)).".".$fileext;
if (is_numeric($pref['subnews_resize']) && ($pref['subnews_resize'] > 30) && ($pref['subnews_resize'] < 5000))
{
require_once(e_HANDLER.'resize_handler.php');
if (!resize_image(e_UPLOAD.$filename, e_UPLOAD.$submitnews_file, $pref['subnews_resize']))
{
rename(e_UPLOAD.$filename, e_UPLOAD.$submitnews_file);
}
}
elseif ($filename)
{
rename(e_UPLOAD.$filename, e_UPLOAD.$submitnews_file);
}
}
}
if ($filename && file_exists(e_UPLOAD.$submitnews_file))
{
$submitnews_filearray[] = $submitnews_file;
}
}
}
}
if ($submitnews_error === FALSE)
{
$sql->insert("submitnews", "0, '$submitnews_user', '$submitnews_email', '$submitnews_title', '".intval($_POST['cat_id'])."', '$submitnews_item', '".time()."', '$ip', '0', '".implode(',',$submitnews_filearray)."' ");
$edata_sn = array("user" => $submitnews_user, "email" => $submitnews_email, "itemtitle" => $submitnews_title, "catid" => intval($_POST['cat_id']), "item" => $submitnews_item, "image" => $submitnews_file, "ip" => $ip);
e107::getEvent()->trigger("subnews", $edata_sn); // bc
e107::getEvent()->trigger("user_news_submit", $edata_sn);
$mes = e107::getMessage();
$mes->addSuccess(LAN_134);
echo $mes->render();
// $ns->tablerender(LAN_133, "<div style='text-align:center'>".LAN_134."</div>");
require_once(FOOTERF);
exit;
}
else
{
message_handler("P_ALERT", $message);
}
}
$text = "";
if (!defined("USER_WIDTH")) { define("USER_WIDTH","width:95%"); }
class submitNews
{
if (!empty($pref['news_subheader']))
private $minWidth = 1024;
private $minHeight = 768;
function __construct()
{
$mes = e107::getMessage();
$minDimensions = e107::pref('core','subnews_attach_minsize',false);
if(empty($minDimensions))
{
$this->minWidth = 0;
$this->minHeight = 0;
}
else
{
$tmp = explode('×',$minDimensions);
$this->minWidth = intval($tmp[0]);
$this->minHeight = intval($tmp[1]);
}
if(isset($_POST['submitnews_submit']) && !empty($_POST['submitnews_title']) && !empty($_POST['submitnews_item']))
{
$this->process();
}
echo $mes->render();
$this->form();
}
function process()
{
$ip = e107::getIPHandler()->getIP(FALSE);
$tp = e107::getParser();
$pref = e107::pref('core');
$sql = e107::getDb();
$mes = e107::getMessage();
$fp = new floodprotect;
if ($fp->flood("submitnews", "submitnews_datestamp") == false)
{
e107::redirect();
exit;
}
$submitnews_user = (USER ? USERNAME : trim($tp->toDB($_POST['submitnews_name'])));
$submitnews_email = (USER ? USEREMAIL : trim(check_email($tp->toDB($_POST['submitnews_email']))));
$submitnews_title = $tp->toDB($_POST['submitnews_title']);
$submitnews_item = $tp->toDB($_POST['submitnews_item']);
// $submitnews_item = str_replace("src=&quot;e107_images", "src=&quot;".SITEURL."e107_images", $submitnews_item);
$submitnews_file = "";
$submitnews_error = false;
$submitnews_filearray = array();
if (!$submitnews_user || !$submitnews_email)
{
$message = SUBNEWSLAN_7;
$submitnews_error = TRUE;
}
// ==== Process File Upload ====
if (FILE_UPLOADS && !empty($_FILES['file_userfile']) && vartrue($pref['subnews_attach']) && vartrue($pref['upload_enabled']) && check_class($pref['upload_class']))
{
$uploaded = e107::getFile()->getUploaded(e_UPLOAD, 'unique', array('file_mask' => 'jpg,gif,png', 'max_file_count' => 3));
if (empty($uploaded)) // Non-specific error
{
$submitnews_error = true;
$message = SUBNEWSLAN_8;
}
else
{
foreach($uploaded as $c=>$v)
{
// Check if images is too small.
if(!empty($this->minWidth) && !empty($v['img-width']) && (intval($v['img-width']) < $this->minWidth || intval($v['img-width']) < $this->minHeight))
{
//TODO Lan and review wording.
$mes->addWarning("One of your images has dimensions smaller than ".$this->minWidth."px x ".$this->minHeight."px. Please correct the attachment and submit the form again. ");
return false;
}
if (varset($uploaded[$c]['error'],0) != 0)
{
$submitnews_error = TRUE;
$message = handle_upload_messages($uploaded);
}
else
{
if (isset($uploaded[$c]['name']) && isset($uploaded[$c]['type']) && isset($uploaded[$c]['size']))
{
$filename = $uploaded[$c]['name'];
$filetype = $uploaded[$c]['type'];
$filesize = $uploaded[$c]['size'];
$fileext = substr(strrchr($filename, "."), 1);
$today = getdate();
$submitnews_file = USERID."_".$today[0]."_".$c."_".str_replace(" ", "_", substr($submitnews_title, 0, 6)).".".$fileext;
if (is_numeric($pref['subnews_resize']) && ($pref['subnews_resize'] > 30) && ($pref['subnews_resize'] < 5000))
{
require_once(e_HANDLER.'resize_handler.php');
if (!resize_image(e_UPLOAD.$filename, e_UPLOAD.$submitnews_file, $pref['subnews_resize']))
{
rename(e_UPLOAD.$filename, e_UPLOAD.$submitnews_file);
}
}
elseif ($filename)
{
rename(e_UPLOAD.$filename, e_UPLOAD.$submitnews_file);
}
}
}
if ($filename && file_exists(e_UPLOAD.$submitnews_file))
{
$submitnews_filearray[] = $submitnews_file;
}
}
}
}
if ($submitnews_error === false)
{
$insertQry = array(
'submitnews_id' => 0,
'submitnews_name' => $submitnews_user,
'submitnews_email' => $submitnews_email,
'submitnews_title' => $submitnews_title,
'submitnews_category' => intval($_POST['cat_id']),
'submitnews_item' => $submitnews_item,
'submitnews_datestamp' => time(),
'submitnews_ip' => $ip,
'submitnews_auth' => '0',
'submitnews_file' => implode(',',$submitnews_filearray),
);
if(!$sql->insert("submitnews", $insertQry))
{
$mes->addError(LAN_134);
return false;
}
// $sql->insert("submitnews", "0, '$submitnews_user', '$submitnews_email', '$submitnews_title', '".intval($_POST['cat_id'])."', '$submitnews_item', '".time()."', '$ip', '0', '".implode(',',$submitnews_filearray)."' ");
$edata_sn = array("user" => $submitnews_user, "email" => $submitnews_email, "itemtitle" => $submitnews_title, "catid" => intval($_POST['cat_id']), "item" => $submitnews_item, "image" => $submitnews_file, "ip" => $ip);
e107::getEvent()->trigger("subnews", $edata_sn); // bc
e107::getEvent()->trigger("user_news_submit", $edata_sn);
$mes->addSuccess(LAN_134);
// echo $mes->render();
unset($_POST);
// $ns->tablerender(LAN_133, "<div style='text-align:center'>".LAN_134."</div>");
}
else
{
// message_handler("P_ALERT", $message);
$mes->addWarning($message);
}
}
function form()
{
$tp = e107::getParser();
$sql = e107::getDb();
$ns = e107::getRender();
$pref = e107::pref('core');
$text = "";
if (!empty($pref['news_subheader']))
{
$text .= $tp->toHTML($pref['news_subheader'], true, "BODY");
}
$text .= "
<div>
<form id='dataform' method='post' action='".e_SELF."' enctype='multipart/form-data' onsubmit='return frmVerify()'>
<table class='table fborder'>";
if (!USER)
{
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".LAN_7."</td>
<td style='width:80%' class='forumheader3'>
<input class='tbox' type='text' name='submitnews_name' size='60' value='".$tp->toHTML($_POST['submitnew_name'],FALSE,'USER_TITLE')."' maxlength='100' required />
</td>
</tr>
<tr>
<td style='width:20%' class='forumheader3'>".LAN_112."</td>
<td style='width:80%' class='forumheader3'>
<input class='tbox' type='text' name='submitnews_email' size='60' value='".$tp->filter($_POST['submitnews_email'], 'email')."' maxlength='100' required />
</td>
</tr>";
}
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".NWSLAN_6.": </td>
<td style='width:80%' class='forumheader3'>";
if (!$sql->select("news_category"))
{
$text .= NWSLAN_10;
}
else
{
$text .= "<select name='cat_id' class='tbox form-control'>";
while (list($cat_id, $cat_name, $cat_icon) = $sql->fetch('num'))
{
$sel = (varset($_POST['cat_id'],'') == $cat_id) ? "selected='selected'" : "";
$text .= "<option value='{$cat_id}' {$sel}>".$tp->toHTML($cat_name, FALSE, "defs")."</option>";
}
$text .= "</select>";
}
$text .= "
</td>
</tr>
<tr>
<td style='width:20%' class='forumheader3'>".LAN_TITLE."</td>
<td style='width:80%' class='forumheader3'>".e107::getForm()->text('submitnews_title',$tp->toHTML(vartrue($_POST['submitnews_title']),TRUE,'USER_TITLE'),200, array('required'=>1))."
</td>
</tr>
<tr>
<td style='width:20%' class='forumheader3'>".LAN_135."</td>
<td style='width:80%' class='forumheader3'>
".e107::getForm()->bbarea('submitnews_item', $tp->toForm(vartrue($_POST['submitnews_item'])),null, null, 'large')."
</td>
</tr>
";
if ($pref['subnews_attach'] && $pref['upload_enabled'] && check_class($pref['upload_class']) && FILE_UPLOADS)
{
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".SUBNEWSLAN_5."<br /><span class='smalltext'>".SUBNEWSLAN_6."</span>";
$text .= "
</td>
<td style='width:80%' class='forumheader3'>
<input class='tbox' type='file' name='file_userfile[]' multiple='multiple' />
";
if(!empty($this->minWidth))
{
$text .= "<div class='alert alert-warning'>Minimum Dimensions: ".$this->minWidth."px × ".$this->minHeight."px</div>";
}
$text .= "
</td>
</tr>";
}
$text .= "
<tr>
<td colspan='2' style='text-align:center' class='forumheader'>
<input class='btn btn-success button' type='submit' name='submitnews_submit' value='".LAN_136."' />
<input type='hidden' name='e-token' value='".e_TOKEN."' />
</td>
</tr>
</table>
</form>
</div>";
$ns->tablerender(LAN_136, $text);
".$tp->toHTML($pref['news_subheader'], true, "BODY")."
";
}
$text .= "
<div>
<form id='dataform' method='post' action='".e_SELF."' enctype='multipart/form-data' onsubmit='return frmVerify()'>
<table class='table fborder'>";
if (!USER)
{
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".LAN_7."</td>
<td style='width:80%' class='forumheader3'>
<input class='tbox' type='text' name='submitnews_name' size='60' value='".$tp->toHTML($submitnews_user,FALSE,'USER_TITLE')."' maxlength='100' required />
</td>
</tr>
<tr>
<td style='width:20%' class='forumheader3'>".LAN_112."</td>
<td style='width:80%' class='forumheader3'>
<input class='tbox' type='text' name='submitnews_email' size='60' value='".$tp->toHTML($submitnews_email, FALSE, 'LINKTEXT')."' maxlength='100' required />
</td>
</tr>";
}
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".NWSLAN_6.": </td>
<td style='width:80%' class='forumheader3'>";
if (!$sql->select("news_category"))
new submitNews;
if(!vartrue($pref['subnews_htmlarea'])) // check after bbarea is called.
{
$text .= NWSLAN_10;
e107::wysiwyg(false);
}
else
{
$text .= "
<select name='cat_id' class='tbox form-control'>";
while (list($cat_id, $cat_name, $cat_icon) = $sql->fetch('num'))
{
$sel = (varset($_POST['cat_id'],'') == $cat_id) ? "selected='selected'" : "";
$text .= "<option value='{$cat_id}' {$sel}>".$tp->toHTML($cat_name, FALSE, "defs")."</option>";
}
$text .= "</select>";
}
$text .= "
</td>
</tr>
<tr>
<td style='width:20%' class='forumheader3'>".LAN_TITLE."</td>
<td style='width:80%' class='forumheader3'>".e107::getForm()->text('submitnews_title',$tp->toHTML(vartrue($_POST['submitnews_title']),TRUE,'USER_TITLE'),200, array('required'=>1))."
</td>
</tr>
<tr>
<td style='width:20%' class='forumheader3'>".LAN_135."</td>
<td style='width:80%' class='forumheader3'>
".e107::getForm()->bbarea('submitnews_item', $tp->toForm(vartrue($_POST['submitnews_item'])),null, null, 'large', 'required=1')."
</td>
</tr>
";
if ($pref['subnews_attach'] && $pref['upload_enabled'] && check_class($pref['upload_class']) && FILE_UPLOADS)
{
$text .= "
<tr>
<td style='width:20%' class='forumheader3'>".SUBNEWSLAN_5."<br /><span class='smalltext'>".SUBNEWSLAN_6."</span></td>
<td style='width:80%' class='forumheader3'>
<input class='tbox' type='file' name='file_userfile[]' style='width:90%' multiple='multiple' />
</td>
</tr>";
}
$text .= "
<tr>
<td colspan='2' style='text-align:center' class='forumheader'>
<input class='btn btn-success button' type='submit' name='submitnews_submit' value='".LAN_136."' />
<input type='hidden' name='e-token' value='".e_TOKEN."' />
</td>
</tr>
</table>
</form>
</div>";
$ns->tablerender(LAN_136, $text);
if(!vartrue($pref['subnews_htmlarea'])) // check after bbarea is called.
{
e107::wysiwyg(false);
}
require_once(FOOTERF);