diff --git a/e107_admin/cache.php b/e107_admin/cache.php index 6e91f6b48..3e98adf17 100644 --- a/e107_admin/cache.php +++ b/e107_admin/cache.php @@ -45,7 +45,8 @@ if (e107::getPref('cachestatus') == '2') if(!is_writable(e_CACHE_CONTENT)) { - e107::getRender()->tablerender(CACLAN_3, CACLAN_10."
(".$CACHE_DIRECTORY.")"); + $mes->addError(CACLAN_10." (".e_CACHE.")"); + e107::getRender()->tablerender(CACLAN_3, $mes->render()); require_once("footer.php"); exit; } diff --git a/e107_admin/prefs.php b/e107_admin/prefs.php index 4104486ae..f6cc076de 100644 --- a/e107_admin/prefs.php +++ b/e107_admin/prefs.php @@ -217,13 +217,33 @@ function sendTest() else { $mailheader_e107id = USERID; - require_once(e_HANDLER.'mail.php'); + // require_once(e_HANDLER.'mail.php'); $add = ($pref['mailer']) ? " (".strtoupper($pref['mailer']).")" : ' (PHP)'; $sendto = trim($_POST['testaddress']); - if (!sendemail($sendto, LAN_MAILOUT_113." ".SITENAME.$add, str_replace("[br]", "\n", LAN_MAILOUT_114),LAN_MAILOUT_189)) + + + $eml = array(); + + $eml['email_subject'] = LAN_MAILOUT_113." ".SITENAME.$add; + $eml['email_sender_email'] = null; + $eml['email_sender_name'] = null; + $eml['email_replyto'] = null; + $eml['email_replytonames'] = null; + $eml['send_html'] = true; + $eml['add_html_header'] = null; + $eml['email_body'] = str_replace("[br]", "
", LAN_MAILOUT_114); + $eml['email_attach'] = null; + $eml['template'] = 'default'; + $eml['e107_header'] = USERID; + + if (!e107::getEmail()->sendEmail($sendto, LAN_MAILOUT_189, $eml)) { $mes->addError(($pref['mailer'] == 'smtp') ? LAN_MAILOUT_67 : LAN_MAILOUT_106); } + // if (!sendemail($sendto, LAN_MAILOUT_113." ".SITENAME.$add, str_replace("[br]", "\n", LAN_MAILOUT_114),LAN_MAILOUT_189)) + // { + // $mes->addError(($pref['mailer'] == 'smtp') ? LAN_MAILOUT_67 : LAN_MAILOUT_106); + // } else { $mes->addSuccess(LAN_MAILOUT_81. ' ('.$sendto.')'); diff --git a/e107_core/templates/email_template.php b/e107_core/templates/email_template.php index 6be78599d..e6397da8b 100644 --- a/e107_core/templates/email_template.php +++ b/e107_core/templates/email_template.php @@ -2,25 +2,14 @@ /* * e107 website system * - * Copyright (C) 2008-2013 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * * Templates for all emails * - * $URL: $ - * $Revision: 11315 $ - * $Id: $ */ -/** - * - * @package e107 - * @subpackage e107_templates - * @version $Id: mail_manager_class.php 11315 2010-02-10 18:18:01Z secretr $; - * -*/ - /** * This file defines the default templates for each type of email which may be sent. @@ -318,13 +307,7 @@ $MONTHLYUPDATE_TEMPLATE = array( ); -/* - * QUICK ADD USER EMAIL TEMPLATE - BODY. - * This is the email that is sent when an admin creates a user account in admin. "Quick Add User" - USRLAN_185 = A user account has been created for you at {SITEURL} with the following login:
Login Name: {LOGIN}
Password: {PASSWORD}

- USRLAN_186 = Please go to the site as soon as possible and log in, then change your password using the \'Settings\' option.

- You can also change other settings at the same time.

Note that your password cannot be recovered if you lose it. -*/ + $QUICKADDUSER_TEMPLATE = array( 'template_name' => 'Quick-Add-User', @@ -334,7 +317,102 @@ $QUICKADDUSER_TEMPLATE = array( 'email_body' => USRLAN_185.USRLAN_186, // 'email_footer' => 'footer' ); - + + + + + +/** Standardized v2 template rewrite + * Format for individual emails sent by e107 (not bulk emails for now) - a work in progress - bulk could be ported later. + * @see e107Email::sendEmail(); + * Aim: to make email templates follow the same spec. as other templates while remaining as intuitive as other v2 templates in e107. + */ + + +// Default - test email and when no template specified. + +$EMAIL_TEMPLATE['default']['name'] = 'Default'; +$EMAIL_TEMPLATE['default']['header'] = " + + + + + + + +
+ "; + +$EMAIL_TEMPLATE['default']['body'] = "{BODY}"; + +$EMAIL_TEMPLATE['default']['footer'] = "

+ {SITENAME=link} +
+ + "; + + +// Signup Template. + + +$EMAIL_TEMPLATE['signup']['subject'] = LAN_SIGNUP_96.' {SITENAME}'; +$EMAIL_TEMPLATE['signup']['header'] = $EMAIL_TEMPLATE['default']['header']; +$EMAIL_TEMPLATE['signup']['body'] = " +
+ ".LAN_EMAIL_01." {USERNAME},
+
". + LAN_SIGNUP_97." {SITENAME}
+ ".LAN_SIGNUP_21."
+
+ {ACTIVATION_LINK}
+
+ ".LAN_SIGNUP_59."
+
+ ".LAN_SIGNUP_18."
+
+ ".LAN_LOGINNAME.": {LOGINNAME}
+ ".LAN_PASSWORD.": {PASSWORD}
+
+ ".LAN_EMAIL_04."
+ ".LAN_EMAIL_05."
+
+ ".LAN_EMAIL_06."
+
+ {SITENAME=link}
+ {SITEURL} + +

".($includeSiteButton ? "" : '')." +
+ + "; +$EMAIL_TEMPLATE['signup']['footer'] = " + + "; +$EMAIL_TEMPLATE['signup']['cc'] = ""; +$EMAIL_TEMPLATE['signup']['bcc'] = ""; +$EMAIL_TEMPLATE['signup']['attachments'] = ""; + +/* + * QUICK ADD USER EMAIL TEMPLATE - BODY. + * This is the email that is sent when an admin creates a user account in admin. "Quick Add User" + USRLAN_185 = A user account has been created for you at {SITEURL} with the following login:
Login Name: {LOGIN}
Password: {PASSWORD}

+ USRLAN_186 = Please go to the site as soon as possible and log in, then change your password using the \'Settings\' option.

+ You can also change other settings at the same time.

Note that your password cannot be recovered if you lose it. +*/ +$EMAIL_TEMPLATE['quickadd']['header'] = $EMAIL_TEMPLATE['default']['header']; // will use default header above. +$EMAIL_TEMPLATE['quickadd']['body'] = USRLAN_185.USRLAN_186; +$EMAIL_TEMPLATE['quickadd']['footer'] = $EMAIL_TEMPLATE['default']['footer']; // will use default footer above. + + +// Notify (@see admin-> notify) // TODO + +$EMAIL_TEMPLATE['notify']['header'] = $EMAIL_TEMPLATE['default']['header']; // will use default header above. +$EMAIL_TEMPLATE['notify']['body'] = $EMAIL_TEMPLATE['default']['body']; // will use default header above. +$EMAIL_TEMPLATE['notify']['footer'] = $EMAIL_TEMPLATE['default']['footer']; // will use default header above. + ?> \ No newline at end of file diff --git a/e107_core/templates/fpw_template.php b/e107_core/templates/fpw_template.php index 7e4d9fee9..13e30d526 100644 --- a/e107_core/templates/fpw_template.php +++ b/e107_core/templates/fpw_template.php @@ -81,16 +81,17 @@ if(!isset($FPW_TABLE_FOOTER)) $FPW_TEMPLATE['form'] = '
-
-

{FPW_TEXT}

-
{FPW_USEREMAIL}
-
-
- {FPW_SUBMIT} +
+

{FPW_TEXT}

+
{FPW_USEREMAIL}
+
{FPW_CAPTCHA_IMG}{FPW_CAPTCHA_INPUT}
+
+
+ {FPW_SUBMIT} +
+
-
-
'; $FPW_TEMPLATE['header'] = ''; $FPW_TEMPLATE['footer'] = ''; diff --git a/e107_core/xml/default_install.xml b/e107_core/xml/default_install.xml index 176391a39..25f858178 100644 --- a/e107_core/xml/default_install.xml +++ b/e107_core/xml/default_install.xml @@ -120,6 +120,8 @@ 3 none 4 + texthtml + 5 php 0 diff --git a/e107_handlers/chart_class.php b/e107_handlers/chart_class.php index 0f8f6ff01..3d900aaff 100644 --- a/e107_handlers/chart_class.php +++ b/e107_handlers/chart_class.php @@ -337,8 +337,44 @@ class e_chart var data = google.visualization.arrayToDataTable(".$this->getData()."); var options = ".$this->getOptions()." ; + "; - var chart = new google.visualization.AreaChart(document.getElementById('".$id."')); + + switch ($this->type) + { + + case 'bar': + // + break; + + case 'column': + $js .= "var chart = new google.visualization.ColumnChart(document.getElementById('".$id."')); "; + + break; + + case 'polar': + //TODO + break; + + case 'doughnut': + // + break; + + case 'pie': + $js .= "var chart = new google.visualization.PieChart(document.getElementById('".$id."')); "; + break; + + default: + case 'line': + case 'area': + + $js .= "var chart = new google.visualization.AreaChart(document.getElementById('".$id."')); "; + + break; + } + + + $js .= " chart.draw(data, options); } diff --git a/e107_handlers/form_handler.php b/e107_handlers/form_handler.php index 366bcecd7..d1e345155 100644 --- a/e107_handlers/form_handler.php +++ b/e107_handlers/form_handler.php @@ -109,8 +109,6 @@ class e_form parse_str($options,$options); - $target = str_replace("&", "&", $target); - if(vartrue($options['class'])) { $class = "class='".$options['class']."'"; @@ -125,11 +123,11 @@ class e_form $autoComplete = " autocomplete='".($options['autocomplete'] ? 'on' : 'off')."'"; } - $text = "\n
\n"; if($method == 'get' && strpos($target,'=')) { list($url,$qry) = explode("?",$target); + $text = "\n\n"; parse_str($qry,$m); foreach($m as $k=>$v) @@ -138,7 +136,11 @@ class e_form } } - + else + { + $target = str_replace("&", "&", $target); + $text = "\n\n"; + } return $text; } @@ -180,6 +182,11 @@ class e_form $options['size'] = 7; return $this->text($name, $value, $maxlength, $options); } + + + + + /** * Render Bootstrap Tabs @@ -226,8 +233,100 @@ class e_form return $text; } + + + - + /** + * Render Bootstrap Carousel + * @param $name : A unique name + * @param $array + * @param $options : placeholder for any future options. (currently not in use) + * @example + * $array = array( + * 'slide1' => array('caption' => 'Slide 1', 'text' => 'first slide content' ), + * 'slide2' => array('caption' => 'Slide 2', 'text' => 'second slide content' ), + * 'slide3' => array('caption' => 'Slide 3', 'text' => 'third slide content' ) + * ); + */ + function carousel($name="e-carousel", $array, $options = null) + { + $interval = null; + $wrap = null; + $pause = null; + + if(isset($options['wrap'])) + { + $wrap = 'data-wrap="'.$options['wrap'].'"'; + } + + if(isset($options['interval'])) + { + $interval = 'data-interval="'.$options['interval'].'"'; + } + + if(isset($options['pause'])) + { + $interval = 'data-pause="'.$options['pause'].'"'; + } + + $text =' + + + '; + + return $text; + + } + + /** @@ -4354,6 +4453,7 @@ class e_form } } +// DEPRECATED - use above methods instead ($frm) class form { function form_open($form_method, $form_action, $form_name = "", $form_target = "", $form_enctype = "", $form_js = "") diff --git a/e107_handlers/mail.php b/e107_handlers/mail.php index 7c1b7648a..ba5b7a62b 100644 --- a/e107_handlers/mail.php +++ b/e107_handlers/mail.php @@ -137,24 +137,25 @@ define('MAIL_LOG_PATH',e_LOG); class e107Email extends PHPMailer { - private $general_opts = array(); - private $logEnable = 0; // 0 = log disabled, 1 = 'dry run' (debug and log, no send). 2 = 'log all' (send, and log result) - private $logHandle = FALSE; // Save handle of log file if opened + private $general_opts = array(); + private $logEnable = 0; // 0 = log disabled, 1 = 'dry run' (debug and log, no send). 2 = 'log all' (send, and log result) + private $logHandle = FALSE; // Save handle of log file if opened - private $localUseVerp = FALSE; // Use our own variable - PHPMailer one doesn't work with all mailers - private $save_bouncepath = ''; // Used with VERP + private $localUseVerp = FALSE; // Use our own variable - PHPMailer one doesn't work with all mailers + private $save_bouncepath = ''; // Used with VERP - private $add_email = 0; // 1 includes email detail in log (if logging enabled, of course) - private $allow_html = 1; // Flag for HTML conversion - '1' = default, FALSE = disable, TRUE = force. - private $add_HTML_header = FALSE; // If TRUE, inserts a standard HTML header at the front of the HTML part of the email (set FALSE for BC) - private $SendCount = 0; // Keep track of how many emails sent since last SMTP open/connect (used for SMTP KeepAlive) - private $TotalSent = 0; // Info might be of interest - private $TotalErrors = 0; // Count errors in sending emails - private $pause_amount = 10; // Number of emails to send before pausing/resetting (or closing if SMTPkeepAlive set) - private $pause_time = 1; // Time to pause after sending a block of emails - - public $legacyBody = FALSE; // TRUE enables legacy conversion of plain text body to HTML in HTML emails + private $add_email = 0; // 1 includes email detail in log (if logging enabled, of course) + private $allow_html = 1; // Flag for HTML conversion - '1' = default, FALSE = disable, TRUE = force. + private $add_HTML_header = FALSE; // If TRUE, inserts a standard HTML header at the front of the HTML part of the email (set FALSE for BC) + private $SendCount = 0; // Keep track of how many emails sent since last SMTP open/connect (used for SMTP KeepAlive) + private $TotalSent = 0; // Info might be of interest + private $TotalErrors = 0; // Count errors in sending emails + private $pause_amount = 10; // Number of emails to send before pausing/resetting (or closing if SMTPkeepAlive set) + private $pause_time = 1; // Time to pause after sending a block of emails + public $legacyBody = false; // TRUE enables legacy conversion of plain text body to HTML in HTML emails + private $debug = false; // echos various debug info when set to true. + /** * Constructor sets up all the global options, and sensible defaults - it should be the only place the prefs are accessed * @@ -169,6 +170,11 @@ class e107Email extends PHPMailer $e107 = e107::getInstance(); $pref = e107::pref('core'); $tp = e107::getParser(); + + if(defined('MAIL_DEBUG')) + { + $this->debug = true; + } $this->CharSet = 'utf-8'; $this->SetLanguage(CORE_LC); @@ -184,9 +190,10 @@ class e107Email extends PHPMailer } $this->pause_amount = varset($pref['mail_pause'], 10); $this->pause_time = varset($pref['mail_pausetime'], 1); + $this->allow_html = varset($pref['mail_sendstyle'],'textonly') == 'texthtml' ? true : 1; if (varsettrue($pref['mail_options'])) $this->general_opts = explode(',',$pref['mail_options'],''); - if (defined('MAIL_DEBUG')) echo 'Mail_options: '.$pref['mail_options'].' Count: '.count($this->general_opts).'
'; + if ($this->debug) echo 'Mail_options: '.$pref['mail_options'].' Count: '.count($this->general_opts).'
'; foreach ($this->general_opts as $k => $v) { $v = trim($v); @@ -194,7 +201,7 @@ class e107Email extends PHPMailer if (strpos($v,'hostname') === 0) { list(,$this->HostName) = explode('=',$v); - if (defined('MAIL_DEBUG')) echo "Host name set to: {$this->HostName}
"; + if ($this->debug) echo "Host name set to: {$this->HostName}
"; } } @@ -246,7 +253,7 @@ class e107Email extends PHPMailer $this->Port = 465; break; default : - if (defined('MAIL_DEBUG')) echo "Invalid option: {$smtp_options['secure']}
"; + if ($this->debug) echo "Invalid option: {$smtp_options['secure']}
"; } } $this->SMTPKeepAlive = varset($smtp_options['keepalive'],FALSE); // ***** Control this @@ -482,10 +489,12 @@ class e107Email extends PHPMailer $want_HTML = FALSE; break; } - + + $message = str_replace("\t", "", $message); // filter out tabs from templates; + if ($want_HTML !== FALSE) { - if (defined('MAIL_DEBUG')) echo "Generating multipart email
"; + if ($this->debug) echo "Generating multipart email
"; if ($add_HTML_header) { $message = "\n @@ -493,6 +502,12 @@ class e107Email extends PHPMailer } if ($this->legacyBody && !preg_match('/<(font|br|a|img|b)/i', $message)) // Assume html if it includes one of these tags { // Otherwise assume its a plain text message which needs some conversion to render in HTML + + if($this->debug == true) + { + echo 'Running legacyBody mode
'; + } + $message = htmlspecialchars($message,ENT_QUOTES,$this->CharSet); $message = preg_replace('%(http|ftp|https)(://\S+)%', '\1\2', $message); $message = preg_replace('/([[:space:]()[{}])(www.[-a-zA-Z0-9@:%_\+.~#?&\/\/=]+)/i', '\\1\\2', $message); @@ -506,7 +521,7 @@ class e107Email extends PHPMailer } else { // generate the plain text as the sole part of the email - if (defined('MAIL_DEBUG')) echo "Generating plain text email
"; + if ($this->debug) echo "Generating plain text email
"; if (strpos($message,'') !== FALSE) { $text = strstr($message,''); @@ -577,49 +592,80 @@ class e107Email extends PHPMailer * Where parameter not present, doesn't change it - so can repeatedly call this function for bulk mailing, or to build up the list * (Note that there is no requirement to use this method for everything; parameters can be set by mixing this method with individual setting) * - * @param array $paramlist - list of parameters to set/change. Key is parameter name. @see{sendEmail()} for list of parameters + * @param array $eml - list of parameters to set/change. Key is parameter name. @see{sendEmail()} for list of parameters * * @return int zero if no errors detected */ - public function arraySet($paramlist) + public function arraySet($eml) { - if (isset($paramlist['SMTPDebug'])) $this->SMTPDebug = $paramlist['SMTPDebug']; // 'FALSE' is a valid value! - if (varsettrue($paramlist['email_subject'])) $this->Subject = $paramlist['email_subject']; - if (varsettrue($paramlist['email_sender_email'])) $this->From = $paramlist['email_sender_email']; - if (varsettrue($paramlist['email_sender_name'])) $this->FromName = $paramlist['email_sender_name']; - if (varsettrue($paramlist['email_replyto'])) $this->AddAddressList('replyto',$paramlist['email_replyto'],varsettrue($paramlist['email_replytonames'],'')); - if (isset($paramlist['send_html'])) $this->allow_html = $paramlist['send_html']; // 'FALSE' is a valid value! - if (isset($paramlist['add_html_header'])) $this->add_HTML_header = $paramlist['add_html_header']; // 'FALSE' is a valid value! - if (varsettrue($paramlist['email_body'])) $this->makeBody($paramlist['email_body'], $this->allow_html, $this->add_HTML_header); - if (varsettrue($paramlist['email_attach'])) $this->attach($paramlist['email_attach']); - if (varsettrue($paramlist['email_copy_to'])) $this->AddAddressList('cc',$paramlist['email_copy_to'],varsettrue($paramlist['email_cc_names'],'')); - if (varsettrue($paramlist['email_bcopy_to'])) $this->AddAddressList('bcc',$paramlist['email_bcopy_to'],varsettrue($paramlist['email_bcc_names'],'')); - if (varsettrue($paramlist['bouncepath'])) + + if($this->debug) { - $this->Sender = $paramlist['bouncepath']; // Bounce path - $this->save_bouncepath = $paramlist['bouncepath']; // Bounce path + print_a($eml); } - if (varsettrue($paramlist['returnreceipt'])) $this->ConfirmReadingTo = $paramlist['returnreceipt']; - if (varsettrue($paramlist['email_inline_images'])) $this->addInlineImages($paramlist['email_inline_images']); - if (varsettrue($paramlist['email_priority'])) $this->Priority = $paramlist['email_priority']; - if (varsettrue($paramlist['e107_header'])) $this->AddCustomHeader("X-e107-id: {$paramlist['e107_header']}"); - if (varsettrue($paramlist['extra_header'])) + + + if(vartrue($eml['template'])) // @see e107_core/templates/email_template.php { - if (is_array($paramlist['extra_header'])) + $tp = e107::getParser(); + + if($tmpl = e107::getCoreTemplate('email',$eml['template'], true, true)) // $EMAIL_TEMPLATE['default'] { - foreach($paramlist['extra_header'] as $eh) + $filter = array("\n", "\t"); + $tmpl['header'] = str_replace($filter,'', $tmpl['header']); + $tmpl['footer'] = str_replace($filter,'', $tmpl['footer']); + + $eml['email_body'] = ($tp->toEmail($tmpl['header']). str_replace('{BODY}', $eml['email_body'], $tmpl['body']). $tp->toEmail($tmpl['footer'])); + unset($eml['add_html_header']); // disable other headers when template is used. + } + + } + + + if (isset($eml['SMTPDebug'])) $this->SMTPDebug = $eml['SMTPDebug']; // 'FALSE' is a valid value! + if (vartrue($eml['email_subject'])) $this->Subject = $eml['email_subject']; + if (vartrue($eml['email_sender_email'])) $this->From = $eml['email_sender_email']; + if (vartrue($eml['email_sender_name'])) $this->FromName = $eml['email_sender_name']; + if (vartrue($eml['email_replyto'])) $this->AddAddressList('replyto',$eml['email_replyto'],vartrue($eml['email_replytonames'],'')); + if (isset($eml['send_html'])) $this->allow_html = $eml['send_html']; // 'FALSE' is a valid value! + if (isset($eml['add_html_header'])) $this->add_HTML_header = $eml['add_html_header']; // 'FALSE' is a valid value! + if (vartrue($eml['email_body'])) $this->makeBody($eml['email_body'], $this->allow_html, $this->add_HTML_header); + if (vartrue($eml['email_attach'])) $this->attach($eml['email_attach']); + if (vartrue($eml['email_copy_to'])) $this->AddAddressList('cc',$eml['email_copy_to'],vartrue($eml['email_cc_names'],'')); + if (vartrue($eml['email_bcopy_to'])) $this->AddAddressList('bcc',$eml['email_bcopy_to'],vartrue($eml['email_bcc_names'],'')); + + if (vartrue($eml['bouncepath'])) + { + $this->Sender = $eml['bouncepath']; // Bounce path + $this->save_bouncepath = $eml['bouncepath']; // Bounce path + } + + + + + + + if (vartrue($eml['returnreceipt'])) $this->ConfirmReadingTo = $eml['returnreceipt']; + if (vartrue($eml['email_inline_images'])) $this->addInlineImages($eml['email_inline_images']); + if (vartrue($eml['email_priority'])) $this->Priority = $eml['email_priority']; + if (vartrue($eml['e107_header'])) $this->AddCustomHeader("X-e107-id: {$eml['e107_header']}"); + if (vartrue($eml['extra_header'])) + { + if (is_array($eml['extra_header'])) + { + foreach($eml['extra_header'] as $eh) { $this->addCustomHeader($eh); } } else { - $this->addCustomHeader($paramlist['extra_header']); + $this->addCustomHeader($eml['extra_header']); } } - if (varset($paramlist['wordwrap'])) $this->WordWrap = $paramlist['wordwrap']; - if (varsettrue($paramlist['split'])) $this->SingleTo = ($paramlist['split'] != FALSE); + if (varset($eml['wordwrap'])) $this->WordWrap = $eml['wordwrap']; + if (vartrue($eml['split'])) $this->SingleTo = ($eml['split'] != FALSE); return 0; // No error } @@ -654,6 +700,7 @@ class e107Email extends PHPMailer $eml['extra_header'] - additional headers (format is name: value $eml['wordwrap'] - Set wordwrap value $eml['split'] - If true, sends an individual email to each recipient + $eml['template'] - template to use. 'default' * @param string $send_to - recipient email address * @param string $to_name - recipient name @@ -762,6 +809,12 @@ class e107Email extends PHPMailer preg_match_all("/(src|background)=([\"\'])(.*)\\2/Ui", $message, $images); // Modified to accept single quotes as well if(isset($images[3])) { + + if($this->debug) + { + print_a($images[3]); + } + foreach($images[3] as $i => $url) { // do not change urls for absolute images (thanks to corvuscorax) @@ -790,7 +843,7 @@ class e107Email extends PHPMailer } else { - if (defined('MAIL_DEBUG')) echo "Add embedded image {$url} failed
"; + if ($this->debug) echo "Add embedded image {$url} failed
"; } } } diff --git a/e107_handlers/redirection_class.php b/e107_handlers/redirection_class.php index f94a9d329..a6bdbc920 100644 --- a/e107_handlers/redirection_class.php +++ b/e107_handlers/redirection_class.php @@ -335,6 +335,8 @@ class redirection */ public function go($url, $replace = TRUE, $http_response_code = NULL, $preventCache = true) { + $url = str_replace("&", "&", $url); // cleanup when using e_QUERY in $url; + if(session_id()) { e107::getSession()->end(); diff --git a/e107_handlers/secure_img_handler.php b/e107_handlers/secure_img_handler.php index 0536d6a58..35db879d1 100644 --- a/e107_handlers/secure_img_handler.php +++ b/e107_handlers/secure_img_handler.php @@ -2,19 +2,14 @@ /* * e107 website system * - * Copyright (C) 2008-2009 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * - * - * $URL$ - * $Id$ */ if (!defined('e107_INIT')) { exit; } - - class secure_image { public $random_number; @@ -154,7 +149,7 @@ class secure_image } $code = $this->create_code(); - return "Missing Code"; + return "Missing Code"; } diff --git a/e107_handlers/theme_handler.php b/e107_handlers/theme_handler.php index 58263621e..1baa3f8a0 100644 --- a/e107_handlers/theme_handler.php +++ b/e107_handlers/theme_handler.php @@ -954,7 +954,8 @@ class themeHandler foreach ($var as $val) { - $text .= "".$val['caption'].":".$val['html'].""; + $text .= "".$val['caption'].":".$val['html']."
".$val['help']."
+"; } return $text; @@ -1134,17 +1135,16 @@ class themeHandler
@@ -1432,6 +1432,26 @@ class themeHandler ".$this->renderThemeConfig()." + +
"; + + if($mode == 2) // admin + { + $mainid = "selectmain[".$theme['id']."]"; + $text .= $this->frm->admin_button('submit_adminstyle', TPVLAN_35, 'update'); + //$text .= $this->frm->admin_button($mainid, TPVLAN_10, 'other'); + + } + else // main + { + $adminid = "selectadmin[".$theme['id']."]"; + $text .= $this->frm->admin_button('submit_style', TPVLAN_35, 'update'); + //$text .= $this->frm->admin_button($adminid, TPVLAN_32, 'other'); + } + + $text .= ""; + + $text .= "
\n"; diff --git a/e107_handlers/user_model.php b/e107_handlers/user_model.php index d3d99bc37..af786c111 100644 --- a/e107_handlers/user_model.php +++ b/e107_handlers/user_model.php @@ -995,6 +995,7 @@ class e_user_model extends e_admin_model // TODO - add some more useful methods, sc_* methods support class e_system_user extends e_user_model { + public $debug = false; /** * Constructor * @@ -1047,17 +1048,36 @@ class e_system_user extends e_user_model } $eml = $this->renderEmail($type, $userInfo); - if(empty($eml)) return false; + + + + if(empty($eml)) + { + if($this->debug) + { + echo '$eml returned nothing'; + } + return false; + } + else + { + if($this->debug) + { + echo '

$eml array

'; + print_a($eml); + } + } $mailer = e107::getEmail(); $mailer->template = $eml['template']; - unset($eml['template']); + // Custom e107 Header if($userInfo['user_id']) { - $mailer->AddCustomHeader("X-e107-id: {$userInfo['user_id']}"); + $eml['e107_header'] = $userInfo['user_id']; + // $mailer->AddCustomHeader("X-e107-id: {$userInfo['user_id']}"); } return $mailer->sendEmail($userInfo['user_email'], $userInfo['user_name'], $eml, false); @@ -1082,7 +1102,9 @@ class e_system_user extends e_user_model { $pref = e107::getPref(); $ret = array(); + $tp = e107::getParser(); + // mailer options if(isset($userInfo['mail_options']) && is_array($userInfo['mail_options'])) { @@ -1092,41 +1114,58 @@ class e_system_user extends e_user_model // required for signup and quickadd email type e107::coreLan('signup'); - // FIXME convert to the new template to avoid include on every call - // BC - if (file_exists(THEME.'email_template.php')) + + + $EMAIL_TEMPLATE = e107::getCoreTemplate('email'); + + if(!is_array($EMAIL_TEMPLATE)) //BC Fixes. pre v2 alpha3. { - include(THEME.'email_template.php'); - } - else - { - // new standards - include(e107::coreTemplatePath('email')); + // load from old location. (root of theme folder if it exists) + if (file_exists(THEME.'email_template.php')) + { + include(THEME.'email_template.php'); + } + else + { + // include core default. + include(e107::coreTemplatePath('email')); + } + + // BC Fixes. + $EMAIL_TEMPLATE['signup']['subject'] = $SIGNUPEMAIL_SUBJECT; + $EMAIL_TEMPLATE['signup']['cc'] = $SIGNUPEMAIL_CC; + $EMAIL_TEMPLATE['signup']['bcc'] = $SIGNUPEMAIL_BCC; + $EMAIL_TEMPLATE['signup']['attachments']= $SIGNUPEMAIL_ATTACHMENTS; + + $EMAIL_TEMPLATE['signup']['body'] = $SIGNUPEMAIL_TEMPLATE; + + $EMAIL_TEMPLATE['quickadd']['body'] = $QUICKADDUSER_TEMPLATE['email_body']; + $EMAIL_TEMPLATE['notify']['body'] = $NOTIFY_TEMPLATE['email_body']; + } - // FIXME by SecretR - email template mess - there are changes to emails and templates that need to be implemented here $template = ''; switch ($type) { case 'signup': - if(vartrue($SIGNUPPROVIDEREMAIL_TEMPLATE)) $template = $SIGNUPPROVIDEREMAIL_TEMPLATE; - else $template = $SIGNUPEMAIL_TEMPLATE; - $ret['template'] = false; // Don't allow additional headers (mailer) + $template = (vartrue($SIGNUPPROVIDEREMAIL_TEMPLATE)) ? $SIGNUPPROVIDEREMAIL_TEMPLATE : $EMAIL_TEMPLATE['signup']['body']; + $ret['template'] = false;// 'signup'; // false; // Don't allow additional headers (mailer) ?? break; case 'quickadd': - $template = $QUICKADDUSER_TEMPLATE['email_body']; // XXX quick fix - add the email templating engine - $ret['template'] = 'email'; // Don't allow additional headers (mailer) + $template = $EMAIL_TEMPLATE['quickadd']['body']; + $ret['template'] = 'quickadd'; // Don't allow additional headers (mailer) break; - case 'notify': //emailer changes - if(vartrue($userInfo['mail_body'])) $template = $userInfo['mail_body'];//$NOTIFY_HEADER.$userInfo['mail_body'].$NOTIFY_FOOTER; + case 'notify': + if(vartrue($userInfo['mail_body'])) $template = $userInfo['mail_body']; //$NOTIFY_HEADER.$userInfo['mail_body'].$NOTIFY_FOOTER; $ret['template'] = 'notify'; break; - case 'email'://emailer changes + case 'email': + case 'default': if(vartrue($userInfo['mail_body'])) $template = $userInfo['mail_body']; //$EMAIL_HEADER.$userInfo['mail_body'].$EMAIL_FOOTER; - $ret['template'] = 'email'; + $ret['template'] = 'default'; break; } @@ -1137,11 +1176,15 @@ class e_system_user extends e_user_model // signup email only if($type == 'signup') { + $HEAD = ''; + $FOOT = ''; + + $ret['e107_header'] = $userInfo['user_id']; - if (vartrue($SIGNUPEMAIL_CC)) { $ret['email_copy_to'] = $SIGNUPEMAIL_CC; } - if (vartrue($SIGNUPEMAIL_BCC)) { $ret['email_bcopy_to'] = $SIGNUPEMAIL_BCC; } + if (vartrue($EMAIL_TEMPLATE['signup']['cc'])) { $ret['email_copy_to'] = $EMAIL_TEMPLATE['signup']['cc']; } + if (vartrue($EMAIL_TEMPLATE['signup']['bcc'])) { $ret['email_bcopy_to'] = $EMAIL_TEMPLATE['signup']['bcc']; } if (vartrue($userInfo['email_attach'])) { $ret['email_attach'] = $userInfo['mail_attach']; } - elseif (vartrue($SIGNUPEMAIL_ATTACHMENTS)) { $ret['email_attach'] = $SIGNUPEMAIL_ATTACHMENTS; } + elseif (vartrue($EMAIL_TEMPLATE['signup']['attachments'])) { $ret['email_attach'] = $EMAIL_TEMPLATE['signup']['attachments']; } $style = vartrue($SIGNUPEMAIL_LINKSTYLE) ? "style='{$SIGNUPEMAIL_LINKSTYLE}'" : ""; @@ -1164,7 +1207,7 @@ class e_system_user extends e_user_model $replace[5] = $userInfo['user_name']; $search[6] = '{USERURL}'; - $replace[6] = varsettrue($userInfo['user_website']) ? $userInfo['user_website'] : ""; + $replace[6] = vartrue($userInfo['user_website']) ? $userInfo['user_website'] : ""; $search[7] = '{DISPLAYNAME}'; $replace[7] = $userInfo['user_login'] ? $userInfo['user_login'] : $userInfo['user_name']; @@ -1175,32 +1218,50 @@ class e_system_user extends e_user_model $search[9] = '{ACTIVATION_URL}'; $replace[9] = $userInfo['activation_url']; - $subject = str_replace($search, $replace, $SIGNUPEMAIL_SUBJECT); + $subject = str_replace($search, $replace, $EMAIL_TEMPLATE['signup']['subject']); + $ret['email_subject'] = $subject; $ret['send_html'] = TRUE; - $HEAD = "\n"; - $HEAD .= "\n"; - $HEAD .= "\n"; - $HEAD .= ($SIGNUPEMAIL_USETHEME == 1) ? "\n" : ""; - $HEAD .= "".LAN_SIGNUP_58."\n"; - - if($SIGNUPEMAIL_USETHEME == 2) + if(!varset($EMAIL_TEMPLATE['signup']['header'])) { - $CSS = file_get_contents(THEME."style.css"); - $HEAD .= ""; - } - $HEAD .= "\n"; - if(vartrue($SIGNUPEMAIL_BACKGROUNDIMAGE)) - { - $HEAD .= "\n"; + $HEAD = "\n"; + $HEAD .= "\n"; + $HEAD .= "\n"; + $HEAD .= ($SIGNUPEMAIL_USETHEME == 1) ? "\n" : ""; + $HEAD .= "".LAN_SIGNUP_58."\n"; + + if($SIGNUPEMAIL_USETHEME == 2) // @deprecated in favor of {STYLESHEET} + { + $CSS = file_get_contents(THEME."style.css"); + $HEAD .= ""; + } + + $HEAD .= "\n"; + if(vartrue($SIGNUPEMAIL_BACKGROUNDIMAGE)) // @deprecated. + { + $HEAD .= "\n"; + } + else + { + $HEAD .= "\n"; + } + } else { - $HEAD .= "\n"; + $HEAD = $tp->parseTemplate($EMAIL_TEMPLATE['signup']['header'], true); + } + + if(!varset($EMAIL_TEMPLATE['signup']['footer'])) + { + $FOOT = "\n\n\n"; + } + else + { + $FOOT = $tp->parseTemplate($EMAIL_TEMPLATE['signup']['footer'], true); } - $FOOT = "\n\n\n"; $ret['send_html'] = TRUE; $ret['email_body'] = e107::getParser()->parseTemplate(str_replace($search,$replace,$HEAD.$template.$FOOT), true); diff --git a/e107_languages/English/lan_fpw.php b/e107_languages/English/lan_fpw.php index 06e5dc17a..1bcbd4c48 100644 --- a/e107_languages/English/lan_fpw.php +++ b/e107_languages/English/lan_fpw.php @@ -1,14 +1,11 @@ db_Select("banner", "*", "banner_id = '{$query_string}' "); - $row = $sql->db_Fetch(); + $row = $sql->retrieve("banner", "*", "banner_id = '{$query_string}'"); // select the banner $ip = e107::getIPHandler()->getIP(FALSE); - $newip = (strpos($row['banner_ip'], "{$ip}^") !== FALSE) ? $row['banner_ip'] : "{$row['banner_ip']}{$ip}^"; - $sql->db_Update("banner", "banner_clicks = banner_clicks + 1, `banner_ip` = '{$newip}' WHERE `banner_id` = '{$query_string}'"); + $newip = (strpos($row['banner_ip'], "{$ip}^") !== FALSE) ? $row['banner_ip'] : "{$row['banner_ip']}{$ip}^"; // what does this do? + $sql->update("banner", "banner_clicks = banner_clicks + 1, `banner_ip` = '{$newip}' WHERE `banner_id` = '{$query_string}'"); header("Location: {$row['banner_clickurl']}"); exit; } @@ -48,48 +41,58 @@ require_once(HEADERF); if (isset($_POST['clientsubmit'])) { - $clean_login = $tp -> toDB($_POST['clientlogin']); - $clean_password = $tp -> toDB($_POST['clientpassword']); + $clean_login = $tp->toDB($_POST['clientlogin']); + $clean_password = $tp->toDB($_POST['clientpassword']); - if (!$sql->db_Select("banner", "*", "`banner_clientlogin` = '{$clean_login}' AND `banner_clientpassword` = '{$clean_password}'")) { - $ns->tablerender(LAN_ERROR, "
".BANNERLAN_20."

"); + // check login + // TODO: massive clean-up (integrate e107 users, proper login handling, password encryption for new and existing records) + if (!$sql->select("banner", "*", "`banner_clientlogin` = '{$clean_login}' AND `banner_clientpassword` = '{$clean_password}'")) { + $mes->addError(BANNERLAN_20); + $ns->tablerender(PAGE_NAME, $mes->render()); require_once(FOOTERF); exit; } - $row = $sql->db_Fetch(); - $banner_total = $sql->db_Select("banner", "*", "`banner_clientname` = '{$row['banner_clientname']}'"); - - if (!$banner_total) { - $ns->tablerender(LAN_ERROR, "
".BANNERLAN_29."

"); + $row = $sql->fetch(); + $banner_total = $sql->select("banner", "*", "`banner_clientname` = '{$row['banner_clientname']}'"); + + // check + if(!$banner_total) + { + $mes->addInfo(BANNERLAN_29); + $ns->tablerender(PAGE_NAME, $mes->render()); require_once(FOOTERF); exit; - } else { - while ($row = $sql->db_Fetch()) { - + } + else + { + while ($row = $sql->fetch()) + { $start_date = ($row['banner_startdate'] ? strftime("%d %B %Y", $row['banner_startdate']) : BANNERLAN_31); - $end_date = ($row['banner_enddate'] ? strftime("%d %B %Y", $row['banner_enddate']) : BANNERLAN_31); + $end_date = ($row['banner_enddate'] ? strftime("%d %B %Y", $row['banner_enddate']) : BANNERLAN_31); - $BANNER_TABLE_CLICKPERCENTAGE = ($row['banner_clicks'] && $row['banner_impressions'] ? round(($row['banner_clicks'] / $row['banner_impressions']) * 100)."%" : "-"); - $BANNER_TABLE_IMPRESSIONS_LEFT = ($row['banner_impurchased'] ? $row['banner_impurchased'] - $row['banner_impressions'] : BANNERLAN_30); + $BANNER_TABLE_CLICKPERCENTAGE = ($row['banner_clicks'] && $row['banner_impressions'] ? round(($row['banner_clicks'] / $row['banner_impressions']) * 100)."%" : "-"); + $BANNER_TABLE_IMPRESSIONS_LEFT = ($row['banner_impurchased'] ? $row['banner_impurchased'] - $row['banner_impressions'] : BANNERLAN_30); $BANNER_TABLE_IMPRESSIONS_PURCHASED = ($row['banner_impurchased'] ? $row['banner_impurchased'] : BANNERLAN_30); - $BANNER_TABLE_CLIENTNAME = $row['banner_clientname']; - $BANNER_TABLE_BANNER_ID = $row['banner_id']; - $BANNER_TABLE_BANNER_CLICKS = $row['banner_clicks']; - $BANNER_TABLE_BANNER_IMPRESSIONS = $row['banner_impressions']; - $BANNER_TABLE_ACTIVE = BANNERLAN_36.($row['banner_active'] != "255" ? LAN_YES : "".LAN_NO.""); - $BANNER_TABLE_STARTDATE = BANNERLAN_37." ".$start_date; - $BANNER_TABLE_ENDDATE = BANNERLAN_34." ".$end_date; + $BANNER_TABLE_CLIENTNAME = $row['banner_clientname']; + $BANNER_TABLE_BANNER_ID = $row['banner_id']; + $BANNER_TABLE_BANNER_CLICKS = $row['banner_clicks']; + $BANNER_TABLE_BANNER_IMPRESSIONS = $row['banner_impressions']; + $BANNER_TABLE_ACTIVE = BANNERLAN_36.($row['banner_active'] != "255" ? LAN_YES : "".LAN_NO.""); + $BANNER_TABLE_STARTDATE = BANNERLAN_37." ".$start_date; + $BANNER_TABLE_ENDDATE = BANNERLAN_34." ".$end_date; if ($row['banner_ip']) { $tmp = explode("^", $row['banner_ip']); $BANNER_TABLE_IP_LAN = (count($tmp)-1); + for($a = 0; $a <= (count($tmp)-2); $a++) { $BANNER_TABLE_IP .= $tmp[$a]."
"; } } - + + // FIXME template loading if (!$BANNER_TABLE) { if (file_exists(THEME."templates/banner/banner_template.php")) @@ -105,10 +108,12 @@ if (isset($_POST['clientsubmit'])) { require(e_PLUGIN."banner/banner_template.php"); } } + $textstring .= preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_TABLE); } } - + + // FIXME template loading if (!$BANNER_TABLE) { if (file_exists(THEME."banner_template.php")) @@ -120,31 +125,36 @@ if (isset($_POST['clientsubmit'])) { require(e_PLUGIN."banner/banner_template.php"); } } + $textstart = preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_TABLE_START); $textend = preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_TABLE_END); $text = $textstart.$textstring.$textend; - echo $text; + $ns->tablerender(PAGE_NAME, $text); require_once(FOOTERF); exit; } + +$BANNER_LOGIN_TABLE_LOGIN = $frm->text("clientlogin", $id); +$BANNER_LOGIN_TABLE_PASSW = $frm->password("clientpassword", $pw); +$BANNER_LOGIN_TABLE_SUBMIT = $frm->button("clientsubmit", LAN_CONTINUE, "submit"); -$BANNER_LOGIN_TABLE_LOGIN = $rs->form_text("clientlogin", 30, $id, 20, "tbox"); -$BANNER_LOGIN_TABLE_PASSW = $rs->form_password("clientpassword", 30, "", 20, "tbox"); -$BANNER_LOGIN_TABLE_SUBMIT = $rs->form_button("submit", "clientsubmit", LAN_CONTINUE); - -if (!$BANNER_LOGIN_TABLE) { - if (file_exists(THEME."banner_template.php")) { +if (!$BANNER_LOGIN_TABLE) +{ + if(file_exists(THEME."banner_template.php")) + { require_once(THEME."banner_template.php"); - } else { - require_once(e_BASE.$THEMES_DIRECTORY."templates/banner_template.php"); + } + else + { + require_once("banner_template.php"); } } + $text = preg_replace("/\{(.*?)\}/e", '$\1', $BANNER_LOGIN_TABLE); $ns->tablerender(BANNERLAN_19, $text); - require_once(FOOTERF); - +?> \ No newline at end of file diff --git a/e107_plugins/banner/languages/English_banner.php b/e107_plugins/banner/languages/English_banner.php index d620f5d73..73b8289fd 100644 --- a/e107_plugins/banner/languages/English_banner.php +++ b/e107_plugins/banner/languages/English_banner.php @@ -2,7 +2,7 @@ /* * e107 website system * - * Copyright (C) 2008-2013 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * diff --git a/e107_plugins/forum/forum_admin.php b/e107_plugins/forum/forum_admin.php index 0e4bdd254..cc1a0818d 100644 --- a/e107_plugins/forum/forum_admin.php +++ b/e107_plugins/forum/forum_admin.php @@ -519,8 +519,10 @@ class forumAdmin show_admin_menu(FORLAN_7, $action, $var); } + // Initial delete function. Determines which delete routine should be applied. function delete_item($id) { + // If a delete routine is cancelled, redirect back to forum listing if($_POST['cancel']) { $this->show_existing_forums(vartrue($sub_action), vartrue($id)); @@ -529,44 +531,44 @@ class forumAdmin $sql = e107::getDb(); $id = (int)$id; + $confirm = isset($_POST['confirm']) ? true : false; + + if($confirm) + { + e107::getRender()->tablerender('Forums', e107::getMessage()->render().$txt); + } + else + { + $this->delete_show_confirm($txt); + } - if($sql->select('forum', 'forum_parent, forum_sub', "forum_id = {$id}")) + if($row = $sql->retrieve('forum', 'forum_parent, forum_sub', "forum_id = {$id}")) { $txt = ""; - $row = $sql->fetch(); - + + // is parent if($row['forum_parent'] == 0) { $txt .= $this->delete_parent($id, $confirm); } + // is subforum elseif($row['forum_sub'] > 0) { $txt .= $this->delete_sub($id, $confirm); } + // is forum else { $txt .= $this->delete_forum($id, $confirm); } - - - if($confirm) - { - e107::getRender()->tablerender('', e107::getMessage()->render().$txt); - } - else - { - $this->delete_show_confirm($txt); - } } + // forum_id not found, should not happen. else { - // forum_id not found, should not happen. $this->show_existing_forums(vartrue($sub_action), vartrue($id)); return; } - - } function delete_parent($id, $confirm = false) @@ -575,10 +577,10 @@ class forumAdmin $mes = e107::getMessage(); $ns = e107::getRender(); - - if($sql->select('forum', 'forum_id', "forum_parent = {$id} AND forum_sub = 0")) + // check if parent contains forums and delete them if needed + if($sql->select('forum', 'forum_id', 'forum_parent = '.$id)) { - $fList = $sql->db_getList(); + $fList = $sql->rows(); foreach($fList as $f) { $this->delete_forum($f['forum_id'], $confirm); @@ -589,42 +591,43 @@ class forumAdmin { if($sql->delete('forum', "forum_id = {$id}")) { - return LAN_DELETED; + $mes->addSuccess(LAN_DELETED); } else { - return LAN_DELETED_FAILED; + $mes->addError(LAN_DELETED_FAILED); } } } - function deleteForum($forumId) - { - $sql = e107::getDb(); - $forumId = (int)$forumId; + // function deleteForum($forumId) + // { + // $sql = e107::getDb(); + // $forumId = (int)$forumId; - // Check for any sub forums - if($sql->select('forum', 'forum_id', "forum_sub = {$forumId}")) - { - $list = $sql->db_getList(); - foreach($list as $f) - { - $ret .= $this->deleteForum($f['forum_id']); - } - } - require_once(e_PLUGIN.'forum/forum_class.php'); - $f = new e107Forum; - if($sql->delete('forum_thread', 'thread_id','thread_forum_id='.$forumId)) - { - $list = $sql->db_getList(); - foreach($list as $t) - { - $f->threadDelete($t['thread_id'], false); - } - } - return $sql->delete('forum', 'forum_id = '.$forumId); - } + // // Check for any sub forums + // if($sql->select('forum', 'forum_id', "forum_sub = {$forumId}")) + // { + // $list = $sql->rows(); + // foreach($list as $f) + // { + // $ret .= $this->deleteForum($f['forum_id']); + // } + // } + // require_once(e_PLUGIN.'forum/forum_class.php'); + // $f = new e107Forum; + // if($sql->delete('forum_thread', 'thread_id','thread_forum_id='.$forumId)) + // { + // $list = $sql->rows(); + // foreach($list as $t) + // { + // $f->threadDelete($t['thread_id'], false); + // } + // } + // return $sql->delete('forum', 'forum_id = '.$forumId); + // } + // delete forum function delete_forum($id, $confirm = false) { $sql = e107::getDb(); @@ -632,10 +635,10 @@ class forumAdmin $ns = e107::getRender(); $mes = e107::getMessage(); - + // check if forum contains subforums if($sql->select('forum', 'forum_id', 'forum_sub = '.$id)) { - $fList = $sql->db_getList(); + $fList = $sql->rows(); foreach($fList as $f) { $this->delete_sub($f['forum_id'], $confirm); @@ -1492,6 +1495,7 @@ class forumAdmin $ns->tablerender(FORLAN_33, $txt); // FIX: LAN button update was WMGLAN_4." ".FORLAN_33) } + // TODO: check media category on $frm->bbarea() function show_rules() { $pref = e107::getPref(); @@ -1524,9 +1528,9 @@ class forumAdmin $admin_rules = $sql->fetch(); } - $guesttext = $tp->toFORM(vartrue($guest_rules['gen_chardata'])); - $membertext = $tp->toFORM(vartrue($member_rules['gen_chardata'])); - $admintext = $tp->toFORM(vartrue($admin_rules['gen_chardata'])); + $guesttext = $tp->toForm(vartrue($guest_rules['gen_chardata'])); + $membertext = $tp->toForm(vartrue($member_rules['gen_chardata'])); + $admintext = $tp->toForm(vartrue($admin_rules['gen_chardata'])); $text = " @@ -1539,7 +1543,7 @@ class forumAdmin ".WMGLAN_1.":
".WMGLAN_6.":"; if (vartrue($guest_rules['gen_intdata'])) - { + { $text .= ""; } else @@ -1549,11 +1553,7 @@ class forumAdmin $text .= " - -
- -
- ".display_help('helpb', 1, 'addtext1', 'help1')." + ".$frm->bbarea('guestrules', $guesttext)." @@ -1571,11 +1571,7 @@ class forumAdmin $text .= " - -
- -
- ".display_help('helpb', 1, 'addtext2', 'help2')." + ".$frm->bbarea('memberrules', $membertext)." @@ -1594,11 +1590,7 @@ class forumAdmin $text .= " - -
- -
- ".display_help('helpb', 1, 'addtext3', 'help3')." + ".$frm->bbarea('adminrules', $admintext)." diff --git a/e107_plugins/forum/forum_class.php b/e107_plugins/forum/forum_class.php index 5e601e9d1..5659c80f4 100644 --- a/e107_plugins/forum/forum_class.php +++ b/e107_plugins/forum/forum_class.php @@ -2,7 +2,7 @@ /* * e107 website system * -* Copyright (c) 2008-2013 e107 Inc (e107.org) +* Copyright (c) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * @@ -209,18 +209,35 @@ class e107forum return $baseDir; } + function sendFile($data) + { + $sql = e107::getDb(); + $post_id = intval($data['id']); // forum (post) id + $file_id = intval($data['dl']); // file id + $forum_id = $sql->retrieve('forum_post','post_forum','post_id='.$post_id); - function sendFile($data) - { - $sql = e107::getDb(); - $fid = intval($data['dl']); - - $array = $sql->retrieve('forum_post','post_user,post_attachments','post_id='.intval($data['id'])); - $attach = e107::serialize($array['post_attachments']); - $file = $this->getAttachmentPath($array['post_user']).varset($attach['file'][$fid]); + // Check if user is allowed to download this file (has 'view' permissions to forum) + if(!$this->checkPerm($forum_id, 'view')) + { + header('Location:'.e107::getUrl()->create('forum/forum/main')); // FIXME needs proper redirect and 403 header + exit; + } - e107::getFile()->send($file); - } + $array = $sql->retrieve('forum_post','post_user,post_attachments','post_id='.$post_id); + $attach = e107::unserialize($array['post_attachments']); + $file = $this->getAttachmentPath($array['post_user']).varset($attach['file'][$file_id]); + + // Check if file exists. Send file for download if it does, return 404 error code when file does not exist. + if(file_exists($file)) + { + e107::getFile()->send($file); + } + else + { + header('Location:'.e107::getUrl()->create('forum/forum/main', TRUE, 404)); // FIXME needs proper redirect and 404 header + exit; + } + } /** @@ -317,20 +334,20 @@ class e107forum // print_r($_POST); - $ret = array('hide'=>false,'msg'=>'','status'=>null); + $ret = array('hide' => false, 'msg' => '', 'status' => null); switch ($_POST['action']) { case 'delete': if($this->threadDelete($id)) { - $ret['msg'] = 'Deleted Thread #'.$id; + $ret['msg'] = 'Deleted topic #'.$id; $ret['hide'] = true; $ret['status'] = 'ok'; } else { - $ret['msg'] = "Couldn't Delete the Thread"; + $ret['msg'] = "Couldn't delete the topic"; $ret['status'] = 'error'; } break; @@ -338,19 +355,21 @@ class e107forum case 'deletepost': if(!$postId = vartrue($_POST['post'])) { - echo "No Post"; - exit; + // echo "No Post"; + // exit; + $ret['msg'] = 'Post not found'; + $ret['status'] = 'error'; } if($this->postDelete($postId)) { - $ret['msg'] = 'Deleted Post #'.$postId; + $ret['msg'] = 'Deleted post #'.$postId; $ret['hide'] = true; $ret['status'] = 'ok'; } else { - $ret['msg'] = "Couldn't Delete the Post #".$postId; + $ret['msg'] = "Couldn't delete post #".$postId; $ret['status'] = 'error'; } break; @@ -358,12 +377,12 @@ class e107forum case 'lock': if(e107::getDb()->update('forum_thread', 'thread_active=0 WHERE thread_id='.$id)) { - $ret['msg'] = FORLAN_CLOSE; + $ret['msg'] = FORLAN_CLOSE; $ret['status'] = 'ok'; } else { - $ret['msg'] = "failed to close thread"; + $ret['msg'] = "Failed to close thread"; $ret['status'] = 'error'; } break; @@ -824,6 +843,37 @@ class e107forum return $ret; } + /** + * Checks if post is the initial post which started the topic. + * Retrieves list of post_id's belonging to one post_thread. When lowest value is equal to input param, return true. + * Used to prevent deleting of the initial post (so topic shows empty does not get hidden accidently while posts remain in database) + * + * @param int id of the post + * @return boolean true if post is the initial post of the topic (false, if not) + * + */ + function threadDetermineInitialPost($postId) + { + $sql = e107::getDb(); + $postId = (int)$postId; + $threadId = $sql->retrieve('forum_post', 'post_thread', 'post_id = '.$postId); + + if($rows = $sql->retrieve('forum_post', 'post_id', 'post_thread = '.$threadId, TRUE)) + { + $postids = array(); + + foreach($rows as $row) + { + $postids[] = $row['post_id']; + } + + if($postId == min($postids)) + { + return true; + } + } + return false; + } function threadGetUserPostcount($threadId) { @@ -864,37 +914,97 @@ class e107forum } - function postDeleteAttachments($type = 'post', $id='', $f='') + function postDeleteAttachments($type = 'post', $id = '') // postDeleteAttachments($type = 'post', $id='', $f='') { $e107 = e107::getInstance(); - $sql = e107::getDb(); + $sql = e107::getDb(); + $log = e107::getAdminLog(); $id = (int)$id; if(!$id) { return; } + + // Moc: Is the code below used at all? When deleting a thread, threadDelete() loops through each post separately to delete attachments (type=post) + /* if($type == 'thread') { if(!$sql->select('forum_post', 'post_id', 'post_attachments IS NOT NULL')) { return true; } + $postList = array(); + while($row = $sql->Fetch(MYSQL_ASSOC)) { $postList[] = $row['post_id']; } + foreach($postList as $postId) { $this->postDeleteAttachment('post', $postId); } } + */ + + // if we are deleting just a single post if($type == 'post') { - if(!$sql->select('forum_post', 'post_attachments', 'post_id = '.$id)) + if(!$sql->select('forum_post', 'post_user, post_attachments', 'post_id = '.$id)) { return true; } + $tmp = $sql->fetch(MYSQL_ASSOC); - $attachments = explode(',', $tmp['post_attachments']); + + $attachment_array = e107::unserialize($tmp['post_attachments']); + $files = $attachment_array['file']; + $imgs = $attachment_array['img']; + + // TODO see if files/images check can be written more efficiently + // check if there are files to be deleted + if(is_array($files)) + { + // loop through each file and delete it + foreach ($files as $file) + { + $file = $this->getAttachmentPath($tmp['post_user']).$file; + @unlink($file); + + // Confirm that file has been deleted. Add warning to log file when file could not be deleted. + if(file_exists($file)) + { + $log->addWarning("Could not delete file: ".$file.". Please delete manually as this file is now no longer in use (orphaned)."); + } + } + } + + // check if there are images to be deleted + if(is_array($imgs)) + { + // loop through each image and delete it + foreach ($imgs as $img) + { + $img = $this->getAttachmentPath($tmp['post_user']).$img; + @unlink($img); + + // Confirm that file has been deleted. Add warning to log file when file could not be deleted. + if(file_exists($img)) + { + $log->addWarning("Could not delete image: ".$img.". Please delete manually as this file is now no longer in use (orphaned)."); + } + } + } + + // At this point we assume that all attachments have been deleted from the post. The log file may prove otherwise (see above). + $log->toFile('forum_delete_attachments', 'Forum plugin - Delete attachments', TRUE); + + // Empty the post_attachments field for this post in the database (prevents loop when deleting entire thread) + $sql->update("forum_post", "post_attachments = NULL WHERE post_id = ".$id); + + + /* Old code when attachments were still stored in plugin folder. + Left for review but may be deleted in future. + foreach($attachments as $k => $a) { $info = explode('*', $a); @@ -912,6 +1022,7 @@ class e107forum } unset($attachments[$k]); } + $tmp = array(); if(count($attachments)) { @@ -921,11 +1032,14 @@ class e107forum { $tmp['post_attachments'] = '_NULL_'; } + $info = array(); $info['data'] = $tmp; $info['_FILE_TYPES']['post_attachments'] = 'array'; $info['WHERE'] = 'post_id = '.$id; $sql->update('forum_post', $info); + + */ } } @@ -1739,9 +1853,12 @@ class e107forum if ($threadInfo = $this->threadGet($threadId)) { // delete poll if there is one - $sql->delete('poll', 'poll_datestamp='.$threadId); - - //decrement user post counts + if($sql->select('polls', '*', 'poll_datestamp='.$threadId)) + { + $sql->delete('polls', 'poll_datestamp='.$threadId); + } + + // decrement user post counts if ($postCount = $this->threadGetUserPostcount($threadId)) { foreach ($postCount as $k => $v) @@ -1751,14 +1868,14 @@ class e107forum } // delete all posts - $qry = 'SELECT post_id FROM `#forum_post` WHERE post_thread = '.$threadId; - if($sql->gen($qry)) + if($sql->select('forum_post', 'post_id', 'post_thread = '.$threadId)) { $postList = array(); while($row = $sql->fetch(MYSQL_ASSOC)) { $postList[] = $row['post_id']; } + foreach($postList as $postId) { $this->postDelete($postId, false); @@ -1772,8 +1889,11 @@ class e107forum } //Delete any thread tracking - $sql->delete('forum_track', 'track_thread='.$threadId); - + if($sql->select('forum_track', '*', 'track_thread='.$threadId)) + { + $sql->delete('forum_track', 'track_thread='.$threadId); + } + // update forum with correct thread/reply counts $sql->update('forum', "forum_threads=GREATEST(forum_threads-1,0), forum_replies=GREATEST(forum_replies-{$threadInfo['thread_total_replies']},0) WHERE forum_id=".$threadInfo['thread_forum_id']); @@ -1786,7 +1906,6 @@ class e107forum } } - /** * Delete a Post * @param $postId integer @@ -1805,6 +1924,7 @@ class e107forum echo 'NOT FOUND!'; return; } + $row = $sql->fetch(MYSQL_ASSOC); //delete attachments if they exist @@ -1813,15 +1933,16 @@ class e107forum $this->postDeleteAttachments('post', $postId); } - // delete post + // delete post from database if($sql->delete('forum_post', 'post_id='.$postId)) { $deleted = true; } + // update statistics if($updateCounts) { - //decrement user post counts + // decrement user post counts if ($row['post_user']) { $sql->update('user_extended', 'user_plugin_forum_posts=GREATEST(user_plugin_forum_posts-1,0) WHERE user_extended_id='.$row['post_user']); diff --git a/e107_plugins/forum/forum_post.php b/e107_plugins/forum/forum_post.php index 41ddaa633..53aa584a7 100644 --- a/e107_plugins/forum/forum_post.php +++ b/e107_plugins/forum/forum_post.php @@ -362,7 +362,8 @@ if (isset($_POST['newthread']) || isset($_POST['reply'])) - echo (isset($_POST['newthread']) ? $FORUMTHREADPOSTED : $FORUMREPLYPOSTED); + $txt = (isset($_POST['newthread']) ? $FORUMTHREADPOSTED : $FORUMREPLYPOSTED); + e107::getRender()->tablerender('Forums', e107::getMessage()->render().$txt); require_once(FOOTERF); exit; } @@ -576,6 +577,7 @@ function process_upload() { foreach($uploaded as $upload) { + //print_a($upload); exit; if ($upload['error'] == 0) { $_txt = ''; @@ -649,18 +651,19 @@ function process_upload() } } else - { // Error in uploaded file - echo 'Error in uploaded file: '.(isset($upload['rawname']) ? $upload['rawname'] : $upload['name']).'
'; + { + // Error in uploaded file, proceed but add error message. + //echo 'Error in uploaded file: '.(isset($upload['rawname']) ? $upload['rawname'] : $upload['name']).'
'; + e107::getMessage()->addError('Error in uploading attachment: '.vartrue($upload['message'])); } } - return $ret; } } else { - // error message? + e107::getMessage()->addError('Something went wrong during the attachment uploading process.'); } } diff --git a/e107_plugins/forum/forum_viewtopic.php b/e107_plugins/forum/forum_viewtopic.php index b50dadacf..50c685496 100644 --- a/e107_plugins/forum/forum_viewtopic.php +++ b/e107_plugins/forum/forum_viewtopic.php @@ -2,7 +2,7 @@ /* * e107 website system * - * Copyright (C) 2008-2013 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * @@ -12,6 +12,7 @@ require_once ('../../class2.php'); define('NAVIGATION_ACTIVE','forum'); + $e107 = e107::getInstance(); $tp = e107::getParser(); $ns = e107::getRender(); @@ -27,6 +28,7 @@ if (isset($_POST['fjsubmit'])) header('location:' . e107::getUrl()->create('forum/forum/view', array('id'=>(int) $_POST['forumjump']), 'full=1&encode=0')); exit; } + $highlight_search = isset($_POST['highlight_search']); if (!e_QUERY) @@ -36,23 +38,18 @@ if (!e_QUERY) exit; } - - -include_once (e_PLUGIN . 'forum/forum_class.php'); - +include_once(e_PLUGIN.'forum/forum_class.php'); $forum = new e107forum(); $thread = new e107ForumThread(); +// check if user wants to download a file if(vartrue($_GET['id']) && isset($_GET['dl'])) { $forum->sendFile($_GET); exit; - } - - if(e_AJAX_REQUEST && varset($_POST['action']) == 'quickreply') { $forum->ajaxQuickReply(); @@ -63,8 +60,6 @@ if(e_AJAX_REQUEST && MODERATOR) // see javascript above. $forum->ajaxModerate(); } - - if (isset($_GET['last'])) { $_GET['f'] = 'last'; @@ -114,8 +109,7 @@ e107::getScBatch('view', 'forum')->setScVar('forum', $forum); //var_dump(e107::getScBatch('forum', 'forum')); - -if (MODERATOR && isset($_POST['mod'])) +if(MODERATOR && isset($_POST['mod'])) { require_once(e_PLUGIN."forum/forum_mod.php"); $thread->message = forum_thread_moderate($_POST); @@ -135,7 +129,7 @@ if(count($postList)) } $gen = new convert; -if ($thread->message) +if($thread->message) { //$ns->tablerender('', $thread->message, array('forum_viewtopic', 'msg')); e107::getMessage()->add($thread->message); @@ -159,25 +153,31 @@ if(e107::isInstalled('poll')) } } //} + //Load forum templates // FIXME - new template paths! -if (file_exists(THEME . 'forum_design.php')) +if(file_exists(THEME.'forum_design.php')) // legacy file { - include_once (THEME . 'forum_design.php'); + include_once (THEME.'forum_design.php'); } + if (!vartrue($FORUMSTART)) { - if (file_exists(THEME . 'forum_viewtopic_template.php')) + if(file_exists(THEME.'forum_viewtopic_template.php')) { - require_once (THEME . 'forum_viewtopic_template.php'); + require_once(THEME.'forum_viewtopic_template.php'); } - elseif (file_exists(THEME . 'forum_template.php')) + elseif(file_exists(THEME.'templates/forum/forum_viewtopic_template.php')) { - require_once (THEME . 'forum_template.php'); + require_once(THEME.'templates/forum/forum_viewtopic_template.php'); + } + elseif(file_exists(THEME.'forum_template.php')) + { + require_once(THEME.'forum_template.php'); } else { - require_once (e_PLUGIN . 'forum/templates/forum_viewtopic_template.php'); + require_once(e_PLUGIN.'forum/templates/forum_viewtopic_template.php'); } } @@ -193,7 +193,6 @@ if(is_array($FORUM_VIEWTOPIC_TEMPLATE) && deftrue('BOOTSTRAP',false)) - // get info for main thread ------------------------------------------------------------------------------------------------------------------------------------------------------------------- $tVars = new e_vars; $forum->set_crumb(true, '', $tVars); // Set $BREADCRUMB (and BACKLINK) diff --git a/e107_plugins/forum/shortcodes/batch/view_shortcodes.php b/e107_plugins/forum/shortcodes/batch/view_shortcodes.php index 0fc331e9a..9d6b62bef 100644 --- a/e107_plugins/forum/shortcodes/batch/view_shortcodes.php +++ b/e107_plugins/forum/shortcodes/batch/view_shortcodes.php @@ -99,22 +99,23 @@ class plugin_forum_view_shortcodes extends e_shortcode $baseDir = $this->forum->getAttachmentPath($this->postInfo['post_user']); $images = array(); - - $attachArray = e107::unserialize($this->postInfo['post_attachments']); + $txt = ''; + $attachArray = e107::unserialize($this->postInfo['post_attachments']); + //print_a($attachArray); foreach($attachArray as $type=>$vals) { foreach($vals as $key=>$file) { - list($date,$user,$tmp,$name) = explode("_",$file,4); + list($date,$user, $name) = explode("_", $file, 3); switch($type) { case 'file': - + $url = e_SELF."?id=".$this->postInfo['post_id']."&dl=".$key; $txt .= IMAGE_attachment." {$name}
"; - + break; case 'img': //Always use thumb to hide the hash. @@ -142,15 +143,20 @@ class plugin_forum_view_shortcodes extends e_shortcode } - if(count($images) ) + if(count($images)) { - return (deftrue('BOOTSTRAP')) ? "" : implode("
",$images); + if(deftrue('BOOTSTRAP')) + { + + return "".vartrue($txt); + } + else + { + return implode("
",$images)."
".vartrue($txt); + } } - - + return $txt; - - } } @@ -441,9 +447,9 @@ class plugin_forum_view_shortcodes extends e_shortcode $text .= "
  • "; - if(plugInstalled('pm') && ($this->postInfo['post_user'] > 0)) + if(e107::isInstalled('pm') && ($this->postInfo['post_user'] > 0)) { - $text .= "
  • ".LAN_FORUM_2036."
    • "; + $text .= "
  • ".$tp->toGlyph('envelope')." ".LAN_FORUM_2036."
    • "; } if($website = $this->sc_website()) @@ -506,8 +512,12 @@ class plugin_forum_view_shortcodes extends e_shortcode $text .= "
  • $this->postInfo['post_id']))."'>".LAN_FORUM_2039." ".$tp->toGlyph('edit')."
    • "; } - $text .= "
  • ".LAN_FORUM_2040." ".$tp->toGlyph('trash')."
    • "; - + // only show delete button when post is not the initial post of the topic + if(!$this->forum->threadDetermineInitialPost($this->postInfo['post_id'])) + { + $text .= "
  • ".LAN_FORUM_2040." ".$tp->toGlyph('trash')."
    • "; + } + if ($type == 'thread') { $text .= "
  • $this->postInfo['post_id']))."'>".LAN_FORUM_2042." ".$tp->toGlyph('move')."
    • "; diff --git a/e107_plugins/pm/pm_class.php b/e107_plugins/pm/pm_class.php index d58d383ca..27cb8b7b9 100755 --- a/e107_plugins/pm/pm_class.php +++ b/e107_plugins/pm/pm_class.php @@ -2,7 +2,7 @@ /* * e107 website system * - * Copyright (C) 2008-2013 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * @@ -11,12 +11,6 @@ */ -/** - * e107 Private messenger plugin - * - * @package e107_plugins - * @subpackage pm - */ if (!defined('e107_INIT')) { exit; } @@ -162,7 +156,7 @@ class private_message 'pm_read' => 0, /* Date read */ 'pm_subject' => $pm_subject, 'pm_text' => $pm_message, - 'pm_sent_del' => 1, /* Set when can delete */ + 'pm_sent_del' => 0, /* Set when can delete */ 'pm_read_del' => 0, /* set when can delete */ 'pm_attachments' => $attachlist, 'pm_option' => $pm_options, /* Options associated with PM - '+rr' for read receipt */ @@ -279,18 +273,22 @@ class private_message if($sql->select('private_msg', '*', 'pm_id = '.$pmid.' AND (pm_from = '.USERID.' OR pm_to = '.USERID.')')) { $row = $sql->fetch(); + + // if user is the receiver of the PM if (!$force && ($row['pm_to'] == USERID)) { $newvals = 'pm_read_del = 1'; $ret .= LAN_PM_42.'
    '; - if($row['pm_sent_del'] == 1) { $force = TRUE; } + if($row['pm_sent_del'] == 1) { $force = TRUE; } // sender has deleted as well, set force to true so the DB record can be deleted } + + // if user is the sender of the PM if (!$force && ($row['pm_from'] == USERID)) { if($newvals != '') { $force = TRUE; } $newvals = 'pm_sent_del = 1'; $ret .= LAN_PM_43."
    "; - if($row['pm_read_del'] == 1) { $force = TRUE; } + if($row['pm_read_del'] == 1) { $force = TRUE; } // receiver has deleted as well, set force to true so the DB record can be deleted } if($force == TRUE) @@ -620,7 +618,7 @@ class private_message $qry = " SELECT SQL_CALC_FOUND_ROWS pm.*, u.user_image, u.user_name FROM #private_msg AS pm LEFT JOIN #user AS u ON u.user_id = pm.pm_to - WHERE pm.pm_from='{$uid}' AND pm.pm_read_del=0 + WHERE pm.pm_from='{$uid}' AND pm.pm_sent_del = '0' ORDER BY pm.pm_sent DESC LIMIT ".$from.', '.$limit; @@ -716,9 +714,9 @@ class private_message 'FORM_TOUSER' => 'PM_FORM_TOUSER', 'FORM_TOCLASS' => 'PM_FORM_TOCLASS', 'FORM_SUBJECT' => 'PM_FORM_SUBJECT', - 'FORM_MESSAGE ' => 'PM_FORM_MESSAGE ', - 'EMOTES' => 'PM_EMOTES', - 'ATTACHMENT' => 'PM_ATTACHMENT', + 'FORM_MESSAGE' => 'PM_FORM_MESSAGE', + 'EMOTES' => 'PM_EMOTES', + 'ATTACHMENT' => 'PM_ATTACHMENT', 'RECEIPT' => 'PM_RECEIPT', 'INBOX_TOTAL' => 'PM_INBOX_TOTAL', 'INBOX_UNREAD' => 'PM_INBOX_UNREAD', @@ -727,13 +725,10 @@ class private_message 'OUTBOX_UNREAD' => 'PM_OUTBOX_UNREAD', 'OUTBOX_FILLED' => 'PM_OUTBOX_FILLED', - 'SEND_PM_LINK' => 'PM_SEND_PM_LINK', 'NEWPM_ANIMATE' => 'PM_NEWPM_ANIMATE', 'BLOCKED_SENDERS_MANAGE' => 'PM_BLOCKED_SENDERS_MANAGE', - - 'DELETE_BLOCKED_SELECTED' => 'DELETE_BLOCKED_SELECTED' ); diff --git a/e107_plugins/pm/pm_func.php b/e107_plugins/pm/pm_func.php index 0ba74e35e..712f0ec0e 100755 --- a/e107_plugins/pm/pm_func.php +++ b/e107_plugins/pm/pm_func.php @@ -2,31 +2,16 @@ /* * e107 website system * - * Copyright (C) 2008-2009 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * * Private messenger plugin - utility functions * - * $Source: /cvs_backup/e107_0.8/e107_plugins/pm/pm_func.php,v $ - * $Revision$ - * $Date$ - * $Author$ - */ - - -/** - * e107 Private messenger plugin - * - * @package e107_plugins - * @subpackage pm - * @version $Id$; */ if (!defined('e107_INIT')) { exit; } - - class pmbox_manager { protected $pmPrefs = array(); @@ -67,13 +52,13 @@ class pmbox_manager } else { - $qry = "SELECT count(pm.pm_from) AS total, SUM(pm.pm_size)/1024 size, SUM(pm.pm_read = 0) as unread FROM `#private_msg` as pm WHERE pm.pm_from = ".USERID." AND pm.pm_read_del = 0"; + $qry = "SELECT count(pm.pm_from) AS total, SUM(pm.pm_size)/1024 size, SUM(pm.pm_read = 0) as unread FROM `#private_msg` as pm WHERE pm.pm_from = ".USERID." AND pm.pm_sent_del = 0"; } if(!isset($pm_info[$which]['total'])) { - $this->pmDB->db_Select_gen($qry); - $pm_info[$which] = $this->pmDB->db_Fetch(); + $this->pmDB->gen($qry); + $pm_info[$which] = $this->pmDB->fetch(); if ($which == 'inbox' && ($this->pmPrefs['animate'] == 1 || $this->pmPrefs['popup'] == 1)) { if($new = $this->pmDB->db_Count('private_msg', '(*)', "WHERE pm_sent > '".USERLV."' AND pm_read = 0 AND pm_to = '".USERID."' AND pm_read_del != 1")) @@ -99,9 +84,9 @@ class pmbox_manager { $qry = "SELECT MAX(gen_intdata) AS inbox_limit, MAX(gen_chardata) as outbox_limit FROM `#generic` WHERE gen_type='pm_limit' AND gen_datestamp IN (".USERCLASS_LIST.")"; } - if($this->pmDB->db_Select_gen($qry)) + if($this->pmDB->gen($qry)) { - $row = $this->pmDB->db_Fetch(); + $row = $this->pmDB->fetch(); $pm_info['inbox']['limit'] = $row['inbox_limit']; $pm_info['outbox']['limit'] = $row['outbox_limit']; } diff --git a/e107_plugins/pm/pm_template.php b/e107_plugins/pm/pm_template.php index 0cc00cd47..e29be4dd1 100755 --- a/e107_plugins/pm/pm_template.php +++ b/e107_plugins/pm/pm_template.php @@ -106,10 +106,10 @@ $PM_INBOX_HEADER = "   + "; $PM_INBOX_TABLE = " - {PM_SELECT} {PM_READ_ICON} diff --git a/e107_plugins/social/e_shortcode.php b/e107_plugins/social/e_shortcode.php index d8715bf47..552f249c9 100644 --- a/e107_plugins/social/e_shortcode.php +++ b/e107_plugins/social/e_shortcode.php @@ -22,13 +22,14 @@ class social_shortcodes extends e_shortcode { $social = array( - 'rss' => array('href'=> (e107::isInstalled('rss_menu') ? e_PLUGIN_ABS."rss_menu/rss.php?news.2" : ''), 'title'=>'Feed'), 'facebook' => array('href'=> deftrue('XURL_FACEBOOK'), 'title'=>'Facebook'), 'twitter' => array('href'=> deftrue('XURL_TWITTER'), 'title'=>'Twitter'), 'google-plus' => array('href'=> deftrue('XURL_GOOGLE'), 'title'=>'Google Plus'), 'linkedin' => array('href'=> deftrue('XURL_LINKEDIN'), 'title'=>'LinkedIn'), + 'github' => array('href'=> deftrue('XURL_GITHUB'), 'title'=>'Github'), 'pinterest' => array('href'=> deftrue('XURL_PINTEREST'), 'title'=>'Pinterest'), + 'flickr' => array('href'=> deftrue('XURL_FLICKR'), 'title'=>'Flickr'), 'instagram' => array('href'=> deftrue('XURL_INSTAGRAM'), 'title'=>'Instagram'), 'youtube' => array('href'=> deftrue('XURL_YOUTUBE'), 'title'=>'YouTube'), 'vimeo' => array('href'=> deftrue('XURL_VIMEO'), 'title'=>'Vimeo') diff --git a/e107_plugins/tagwords/tagwords_class.php b/e107_plugins/tagwords/tagwords_class.php index 0e53cd293..c58a1ec36 100644 --- a/e107_plugins/tagwords/tagwords_class.php +++ b/e107_plugins/tagwords/tagwords_class.php @@ -2,10 +2,10 @@ /* * e107 website system * - * Copyright (C) 2008-2013 e107 Inc (e107.org) + * Copyright (C) 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) - * + * * Tagwords Class * */ @@ -312,8 +312,8 @@ class tagwords //insert the differences (insert what has been added) $insert_diff = array_diff($new, $existing); $count = 0; - // print_a($insert_diff); - return ("Tagword Insert: ".print_a($new,true)); // FIXME + //print_a($insert_diff); + //return ("Tagword Insert: ".print_a($new,true)); // debug info foreach($insert_diff as $word) { @@ -325,10 +325,10 @@ class tagwords $args['tag_itemid'] = $tag_itemid; $args['tag_word'] = $word; $count += $sql->insert($this->table, $args) ? 1 : 0; - return "a Diff was made"; + //return "a Diff was made"; } - return "
    ".LAN_TAG_3.": ".$count." words."; // FIXME + return "
    ".LAN_TAG_3.": ".$count." words."; } /* diff --git a/e107_themes/_blank/_blank_config.php b/e107_themes/_blank/_blank_config.php index 23a0d76de..2b5c5ba00 100644 --- a/e107_themes/_blank/_blank_config.php +++ b/e107_themes/_blank/_blank_config.php @@ -8,10 +8,11 @@ class theme__blank implements e_theme_config function process() // Save posted values from config() fields. { $pref = e107::getConfig(); + $tp = e107::getParser(); $theme_pref = array(); - $theme_pref['example'] = $_POST['_blank_example']; - $theme_pref['example2'] = intval($_POST['_blank_example2']); + $theme_pref['example'] = $tp->toDb($_POST['_blank_example']); + $theme_pref['example2'] = $tp->toDb($_POST['_blank_example2']); $pref->set('sitetheme_pref', $theme_pref); return $pref->dataHasChanged(); @@ -21,11 +22,12 @@ class theme__blank implements e_theme_config { $frm = e107::getForm(); - $var[0]['caption'] = "Sample configuration field"; - $var[0]['html'] = $frm->text('_blank_example', e107::getThemePref('example', 'default')); + $var[0]['caption'] = "Sample configuration field"; + $var[0]['html'] = $frm->text('_blank_example', e107::getThemePref('example', 'default')); + $var[0]['help'] = "Example help text for this input field"; - $var[1]['caption'] = "Sample configuration field2"; - $var[1]['html'] = $frm->text('_blank_example2', e107::getThemePref('example2', 'default')); + $var[1]['caption'] = "Sample configuration field 2"; + $var[1]['html'] = $frm->text('_blank_example2', e107::getThemePref('example2', 'default')); return $var; } diff --git a/fpw.php b/fpw.php index ecd1cd820..429bb639c 100644 --- a/fpw.php +++ b/fpw.php @@ -2,18 +2,18 @@ /* * e107 website system * -* Copyright 2008-2010 e107 Inc (e107.org) +* Copyright 2008-2014 e107 Inc (e107.org) * Released under the terms and conditions of the * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) * * Interface for users who have forgotten their password * -* $URL$ -* $Id$ -* */ + require_once('class2.php'); -include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE); + +e107::coreLan('fpw'); + $tp = e107::getParser(); if (USER && !getperms('0')) @@ -24,19 +24,18 @@ if (USER && !getperms('0')) if($pref['fpwcode'] && extension_loaded('gd')) { - define('USE_IMAGECODE',TRUE); + define('USE_IMAGECODE', TRUE); require_once(e_HANDLER.'secure_img_handler.php'); $sec_img = new secure_image; } else { - define('USE_IMAGECODE',FALSE); + define('USE_IMAGECODE', FALSE); } class fpw_shortcodes extends e_shortcode -{ - +{ private $secImg; function __construct() @@ -45,23 +44,25 @@ class fpw_shortcodes extends e_shortcode $this->secImg = $sec_img; } - function sc_fpw_username($parm='') //TODO Use $frm + function sc_fpw_username($parm='') // used when email login is disabled { - return ""; + // return ""; + return e107::getForm()->text('username'); // $frm->userpicker()? } - function sc_fpw_useremail($parm='') //TODO Use $frm + function sc_fpw_useremail($parm='') { - return ''; - // return ""; + // return ''; + // return ""; + return e107::getForm()->email('email', '', 200, array('placeholder' => 'Email', 'required' => 'required')); } - function sc_fpw_submit($parm='') //TODO Use $frm + function sc_fpw_submit($parm='') { - $label = deftrue('LAN_FPW_102', LAN_156); - return ''; - + // return ''; // return ""; + $label = deftrue('LAN_FPW_102', LAN_156); + return e107::getForm()->button('pwsubmit', $label); } function sc_fpw_captcha_lan($parm='') @@ -93,20 +94,9 @@ class fpw_shortcodes extends e_shortcode { return deftrue('LAN_FPW_101',"Not to worry. Just enter your email address below and we'll send you an instruction email for recovery."); } - - } - - - - - - - - - if ($pref['membersonly_enabled']) { $sc = array ( @@ -134,43 +124,59 @@ require_once(HEADERF); function fpw_error($txt) { - global $ns; - $ns->tablerender(LAN_03, "
    ".$txt."
    ", 'fpw'); + if(deftrue('BOOTSTRAP')) + { + e107::getMessage()->addError($txt); + e107::getRender()->tablerender(LAN_03, e107::getMessage()->render()); + require_once(FOOTERF); + exit; + } + + e107::getRender()->tablerender(LAN_03, "
    ".$txt."
    ", 'fpw'); require_once(FOOTERF); exit; } - - //the separator character used define('FPW_SEPARATOR', '#'); //$fpw_sep = '#'; - -if (e_QUERY) -{ // User has clicked on the emailed link +// User has clicked on the emailed link +if(e_QUERY) +{ + // Make sure login menu is not giving any troubles define('FPW_ACTIVE','TRUE'); + + // Verify the password reset code syntax $tmpinfo = preg_replace("#[\W_]#", "", e107::getParser()->toDB(e_QUERY, true)); // query part is a 'random' number if ($tmpinfo != e_QUERY) { - die(); // Shouldn't be any characters that toDB() changes + // Shouldn't be any characters that toDB() changes + //die(); + e107::getRedirect()->redirect(SITEURL); } - if ($sql->db_Select('tmp', '*', "`tmp_ip`='pwreset' AND `tmp_info` LIKE '%".FPW_SEPARATOR.$tmpinfo."' ")) + + // Verify the password reset code + if ($sql->select('tmp', '*', "`tmp_ip`='pwreset' AND `tmp_info` LIKE '%".FPW_SEPARATOR.$tmpinfo."' ")) { - $row = $sql->db_Fetch(); - $sql->db_Delete('tmp', "`tmp_time` = ".$row['tmp_time']." AND `tmp_info` = '".$row['tmp_info']."' "); + $row = $sql->fetch(); + + // Delete the record + $sql->delete('tmp', "`tmp_time` = ".$row['tmp_time']." AND `tmp_info` = '".$row['tmp_info']."' "); list($loginName, $md5) = explode(FPW_SEPARATOR, $row['tmp_info']); - $loginName = $tp -> toDB($loginName, true); + $loginName = $tp->toDB($loginName, true); - if ($md5 != $tmpinfo) + // This should never happen! + if($md5 != $tmpinfo) { - die('Random mismatch!'); // This should never happen! + e107::getRedirect()->redirect(SITEURL); } - $newpw = $user_info->generateRandomString(str_repeat('*', rand(8, 12))); // Generate new temporary password - $mdnewpw = $user_info->HashPassword($newpw,$loginName); + // Generate new temporary password + $newpw = $user_info->generateRandomString(str_repeat('*', rand(8, 12))); + $mdnewpw = $user_info->HashPassword($newpw, $loginName); // Details for admin log $do_log['password_action'] = LAN_FPW21; @@ -180,43 +186,49 @@ if (e_QUERY) $do_log['user_password'] = $mdnewpw; $admin_log->user_audit(USER_AUDIT_PW_RES,$do_log,0,$do_log['user_name']); - $sql->db_Update('user', "`user_password`='{$mdnewpw}' WHERE `user_loginname`='".$loginName."' "); + // Update password in database + $sql->update('user', "`user_password`='{$mdnewpw}' WHERE `user_loginname`='".$loginName."' "); + // Prepare new information to display to user if((integer) e107::getPref('allowEmailLogin') > 0) { // always show email when possible - $sql->db_Select('user', 'user_email', "user_loginname='{$loginName}'"); - $tmp = $sql->db_Fetch(); + $sql->select('user', 'user_email', "user_loginname='{$loginName}'"); + $tmp = $sql->fetch(); $loginName = $tmp['user_email']; unset($tmp); } + // Reset login cookie/session (?) cookie($pref['cookie_name'], '', (time()-2592000)); $_SESSION[$pref['cookie_name']] = ''; + // Display success message containing new login information $txt = "
    ".LAN_FPW8."
    ".LAN_218."{$loginName}
    ".LAN_FPW9."{$newpw}


    ".LAN_FPW10." ".LAN_FPW11." ".LAN_FPW12; - fpw_error($txt); - + + e107::getMessage()->addSuccess($txt); + e107::getRender()->tablerender(LAN_03, e107::getMessage()->render()); + require_once(FOOTERF); + exit; } + // The password reset code was not found else { - fpw_error(LAN_FPW7); // No 'forgot password' entry found + fpw_error(LAN_FPW7); } } // Request to reset password -//-------------------------- if (isset($_POST['pwsubmit'])) -{ // Request for password reset submitted +{ require_once(e_HANDLER.'mail.php'); - $email = $_POST['email']; - + if ($pref['fpwcode'] && extension_loaded('gd')) { if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify'])) @@ -224,86 +236,102 @@ if (isset($_POST['pwsubmit'])) fpw_error(LAN_FPW3); } } - - $clean_email = check_email($tp -> toDB($_POST['email'])); - $clean_username = $tp -> toDB(varset($_POST['username'], '')); + + $email = $_POST['email']; + $clean_email = check_email($tp->toDB($_POST['email'])); + $clean_username = $tp->toDB(varset($_POST['username'], '')); + $query = "`user_email`='{$clean_email}' "; // Allow admins to remove 'username' from fpw_template.php if they wish. $query .= (isset($_POST['username'])) ? " AND `user_loginname`='{$clean_username}'" : ""; - if ($sql->db_Select('user', '*', $query)) - { // Found user in DB - $row = $sql->db_Fetch(); + if($sql->select('user', '*', $query)) + { + // Found user in DB + $row = $sql->fetch(); + // Main admin expected to be competent enough to never forget password! (And its a security check - so warn them) + // Sending email to admin alerting them of attempted admin password reset, and redirect user to homepage. if (($row['user_admin'] == 1) && (($row['user_perms'] == '0') OR ($row['user_perms'] == '0.'))) - { // Main admin expected to be competent enough to never forget password! (And its a security check - so warn them) + { sendemail($pref['siteadminemail'], LAN_06, LAN_07.' ['.e107::getIPHandler()->getIP(FALSE).'] '.e107::getIPHandler()->getIP(TRUE).' '.LAN_08); - echo "\n"; - die(); + e107::getRedirect()->redirect(SITEURL); } - switch ($row['user_ban']) - { // Banned user, or not validated - case USER_BANNED : - die(); - case USER_VALIDATED : + // Banned user, or not validated + switch($row['user_ban']) + { + case USER_BANNED: + e107::getRedirect()->redirect(SITEURL); + case USER_VALIDATED: break; - default : - fpw_error(LAN_FPW22.':'.$row['user_ban']); // Intentionally rather a vague message + default: + fpw_error(LAN_02.':'.$row['user_ban']); // Intentionally rather a vague message exit; } - if ($result = $sql->db_Select('tmp', '*', "`tmp_ip` = 'pwreset' AND `tmp_info` LIKE '".$row['user_loginname'].FPW_SEPARATOR."%'")) + // Check if password reset was already requested + if ($result = $sql->select('tmp', '*', "`tmp_ip` = 'pwreset' AND `tmp_info` LIKE '".$row['user_loginname'].FPW_SEPARATOR."%'")) { - fpw_error(LAN_FPW4); // Password reset already requested + fpw_error(LAN_FPW4); exit; } + // Set unique reset code mt_srand ((double)microtime() * 1000000); - $maxran = 1000000; - $rand_num = mt_rand(0, $maxran); - $datekey = date('r'); - $rcode = md5($_SERVER['HTTP_USER_AGENT'] . serialize($pref). $rand_num . $datekey); + $maxran = 1000000; + $rand_num = mt_rand(0, $maxran); + $datekey = date('r'); + $rcode = md5($_SERVER['HTTP_USER_AGENT'] . serialize($pref). $rand_num . $datekey); - $link = SITEURL.'fpw.php?'.$rcode; - $message = LAN_FPW5.' '.SITENAME.' '.LAN_FPW14.': '.e107::getIPHandler()->getIP(TRUE).".\n\n".LAN_FPW15."\n\n".LAN_FPW16."\n\n".LAN_FPW17."\n\n{$link}"; + // Prepare email + $link = SITEURL.'fpw.php?'.$rcode; + $message = LAN_FPW5.' '.SITENAME.' '.LAN_FPW14.': '.e107::getIPHandler()->getIP(TRUE).".\n\n".LAN_FPW15."\n\n".LAN_FPW16."\n\n".LAN_FPW17."\n\n{$link}"; - $deltime = time()+86400 * 2; //Set timestamp two days ahead so it doesn't get auto-deleted - $sql->db_Insert('tmp', "'pwreset',{$deltime},'".$row['user_loginname'].FPW_SEPARATOR.$rcode."'"); + // Set timestamp two days ahead so it doesn't get auto-deleted + $deltime = time()+86400 * 2; + + // Insert the password reset request into the database + $sql->insert('tmp', "'pwreset',{$deltime},'".$row['user_loginname'].FPW_SEPARATOR.$rcode."'"); - $do_log['password_action'] = LAN_FPW18; - $do_log['user_id'] = $row['user_id']; - $do_log['user_name'] = $row['user_name']; - $do_log['user_loginname'] = $row['user_loginname']; - $do_log['activation_code'] = $rcode; + // Setup the information to log + $do_log['password_action'] = LAN_FPW18; + $do_log['user_id'] = $row['user_id']; + $do_log['user_name'] = $row['user_name']; + $do_log['user_loginname'] = $row['user_loginname']; + $do_log['activation_code'] = $rcode; - if (sendemail($_POST['email'], "".LAN_09."".SITENAME, $message)) + // Try to send the email + if(sendemail($_POST['email'], "".LAN_09."".SITENAME, $message)) { - $text = "
    ".LAN_FPW6."
    "; - $do_log['password_result'] = LAN_FPW20; + e107::getMessage()->addInfo(LAN_FPW6); + $do_log['password_result'] = LAN_FPW20; } else { - $text = "
    ".LAN_02."
    "; - $do_log['password_result'] = LAN_FPW19; + //$text = "
    ".LAN_02."
    "; + $do_log['password_result'] = LAN_FPW19; + fpw_error(LAN_02); } - $admin_log->user_audit(USER_AUDIT_PW_RES,$do_log,$row['user_id'],$row['user_name']); - $ns->tablerender(LAN_03, $text); + // Log to user audit log + e107::getAdminLog()->user_audit(USER_AUDIT_PW_RES, $do_log, $row['user_id'], $row['user_name']); + + $ns->tablerender(LAN_03, $text.e107::getMessage()->render()); require_once(FOOTERF); exit; } else { - $text = LAN_213; - $ns->tablerender(LAN_214, "
    ".$text."
    "); + //$text = LAN_213; + //$ns->tablerender(LAN_214, "
    ".$text."
    "); + e107::getMessage()->addError(LAN_213); + $ns->tablerender(LAN_214, e107::getMessage()->render()); } } -$sc = array(); - - +$sc = array(); // needed? /* @@ -320,10 +348,13 @@ if (USE_IMAGECODE) if(deftrue('BOOTSTRAP')) { - $FPW_TABLE = e107::getCoreTemplate('fpw','form'); + // TODO do we want the element outside the template? + $FPW_TABLE = ""; + $FPW_TABLE .= e107::getCoreTemplate('fpw','form'); + $FPW_TABLE .= ""; $caption = deftrue('LAN_FPW_100',"Forgot your password?"); } -elseif (!$FPW_TABLE) +elseif(!$FPW_TABLE) { require_once (e107::coreTemplatePath('fpw')); //correct way to load a core template. $caption = LAN_03; @@ -343,9 +374,4 @@ $text = $tp->parseTemplate($FPW_TABLE, true, $sc); $ns->tablerender($caption, $text); require_once(FOOTERF); - - - - - ?> \ No newline at end of file