Front, Kernel Action ['.$Action."]
\n"; } if( defined('DEBUG_ACTIONS') && (DEBUG_ACTIONS & FRONT_SHOW_REQUEST) == FRONT_SHOW_REQUEST ) { // don't show debug output in tree & header of admin & while logging in $script = basename($_SERVER['PHP_SELF']); echo '
'; echo "
ScriptName: $script (".dirname($_SERVER['PHP_SELF']).")

"; $div_height = (count($_REQUEST)+1)*26; if($div_height > 300) $div_height = 300; echo '
'; echo ''; echo ''; foreach($_REQUEST as $key => $value) { if( !is_array($value) && trim($value) == '' ) $value = ' '; $src = isset($_GET[$key]) ? 'GE' : (isset($_POST[$key]) ? 'PO' : (isset($_COOKIE[$key]) ? 'CO' : '?') ); echo ''; } echo '
SrcNameValue
'.$src.''.$key.''.print_r($value, true).'
'; echo '
'; unset($script); // echo "SID: ".$objSession->GetSessionKey().'
'; } switch($Action) { case "m_login": // if($objSession->ValidSession()) $objSession->Logout(); //echo $objSession->GetSessionKey()."
\n"; if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") { $FormError["login"]["login_user"] = language("lu_cookies_error"); } else { $MissingCount = SetMissingDataErrors("login"); if($MissingCount==2) { $FormError["login"]["login_user"]= language("lu_ferror_loginboth"); unset($FormError["login"]["login_password"]); } if($MissingCount==0) { if($_POST["login_user"]=="root") { $FormError["login"]["login_user"]= language("lu_access_denied"); } else { if ($objSession->Login($_POST["login_user"], md5($_POST["login_password"])) == FALSE) { $FormError["login"]["login_password"] = language("lu_incorrect_login"); } else { if( !headers_sent() && GetVar('usercookie') == 1 ) { $c = $_POST["login_user"]."|"; $pw = $_POST["login_password"]; if(strlen($pw) < 31) $pw = md5($pw); $c .= $pw; setcookie("login",$c,time()+2592000); } // set new destination template if passed $dest = GetVar('dest', true); if(!$dest) $dest = GetVar('DestTemplate', true); if($dest) $var_list['t'] = $dest; echo "DEST: $dest
"; } } } } break; case "m_forgotpw": $MissingCount = SetMissingDataErrors("forgotpw"); if($MissingCount==0) { $username = $_POST["username"]; $email = $_POST["email"]; $found = FALSE; if(strlen($username)) { $u = $objUsers->GetItemByField("Login",$username); if(is_object($u)) $found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password")); } else if(strlen($email)) { $u = $objUsers->GetItemByField("Email",$email); if(is_object($u)) $found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password")); } if($found) { $newpw = makepassword(); $u->Set("Password",$newpw); $u->Update(); $u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId")); $u->SendAdminEventMail("USER.PSWD"); $u->Set("Password",md5($newpw)); $u->Update(); $u->Clean(); } else { if(!strlen($username) && !strlen($email)) { $FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata"); $MissingCount++; } else { if(strlen($username)) $FormError["forgotpw"]["username"] = language("lu_ferror_unknown_username"); if(strlen($email)) $FormError["forgotpw"]["email"] = language("lu_ferror_unknown_email"); $MissingCount++; } if(strlen($_GET["error"])) $var_list["t"] = $_GET["error"]; } } else if(strlen($_GET["error"])) $var_list["t"] = $_GET["error"]; break; case "m_subscribe_confirm": $t = ""; $SubscribeAddress = $_POST["subscribe_email"]; if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress)) { $t = $_GET["Error"]; $SubscribeError = "lu_invalid_emailaddress"; } else { if((int)$objConfig->Get("User_SubscriberGroup")>0) { $g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup")); if(is_object($g)) { $email = $_POST["subscribe_email"]; if(strlen($email)>0) { $u = $objUsers->GetItemByField("Email",$email); if(is_object($u)) { if($u->CheckBanned()) { $t = $_GET["Error"]; $SubscribeError ="lu_subscribe_banned"; } else { if($u->IsInGroup($g->Get("GroupId"))) { $t = $_GET["Unsubscribe"]; } else $t = $_GET["Subscribe"]; } } else $t = $_GET["Subscribe"]; } else { $t = $_GET["Error"]; $SubscribeError ="lu_subscribe_no_address"; } } else { $t = $_GET["Error"]; $SubscribeError ="lu_subscribe_unknown_error"; } } } if(strlen($t)) { $var_list["t"] = $t; $var_list_update["t"] = $t; } break; case "m_subscribe": //phpinfo(INFO_VARIABLES); if($_POST["buttons"][0]==language("lu_button_yes")) { $SubscribeAddress = $_POST["subscribe_email"]; if(strlen($SubscribeAddress)>0) { if(ValidEmail($SubscribeAddress)) { $GroupId = (int)$objConfig->Get("User_SubscriberGroup"); if ($GroupId) { $g = $objGroups->GetItem($GroupId); $u = $objUsers->GetItemByField("Email",$SubscribeAddress); if(is_object($u)) { if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress)) { $bExists = TRUE; } else $bExists = FALSE; } if($bExists) { $g->AddUser($u->Get("PortalUserId")); } else { $u = new clsPortalUser(NULL); $u->Set("Email",$SubscribeAddress); $u->Set("ip",$_SERVER['REMOTE_ADDR']); $u->Set("CreatedOn",date("U")); $u->Set("Status",1); if(!$u->CheckBanned()) { $u->Create(); $g->AddUser($u->Get("PortalUserId"),1); } else $SubscribeResult = "lu_subscribe_banned"; } $SubscribeResult = "lu_subscribe_success"; $u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId")); $u->SendAdminEventMail("USER.SUBSCRIBE"); if(strlen($_GET["Subscribe"])>0) $var_list["t"] = $_GET["Subscribe"]; } } else { $SubscribeResult = "lu_invalid_emailaddress"; } } else $SubscribeResult = "lu_subscribe_missing_address"; } if(!strlen($SubscribeResult)) $SubscribeResult = "lu_subscribe_success"; break; case "m_unsubscribe": if($_POST["buttons"][0]==language("lu_button_yes")) { $MissingCount = SetMissingDataErrors("m_unsubscribe"); if($MissingCount==0) { $email = $_POST["subscribe_email"]; $u = $objUsers->GetItemByField("Email",$email); if(is_object($u)) { if(strtolower($u->Get("Email"))==strtolower($email)) { $GroupId = (int)$objConfig->Get("User_SubscriberGroup"); if($u->PrimaryGroup()==$GroupId) { $u_gorup_list = $u->GetGroupList(); if (count($u_gorup_list) > 1) { $u->RemoveFromGroup($GroupId); } else { $u->RemoveFromAllGroups(); $u->Delete(); } } else { $u->RemoveFromGroup($GroupId); } } } if(strlen($_GET["Subscribe"])>0) $var_list["t"] = $_GET["Subscribe"]; } } break; case "m_logout": // $objSession->Logout(); //unset($objSession); //$objSession = new clsUserSession(); // $var_list_update["t"] = "index"; // setcookie("login","",time()-3600); break; case "m_register": $MissingCount = SetMissingDataErrors("m_register"); if(!$objConfig->Get("User_Password_Auto")) { if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"])) { $MissingCount++; $FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch"); } if(strlen($_POST["password"])>30) { // echo "VAR: ".$_POST["password"]; die(); $MissingCount++; $FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong"); } if (strlen($_POST['password']) < $objConfig->Get("Min_Password")) { $MissingCount++; $FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort"); } } $u = $objUsers->GetItemByField("Login",$_POST["username"]); if(is_object($u)) { if($u->Get("Login")==$_POST["username"]) { $MissingCount++; $FormError["m_register"]["username"] = language("lu_user_exists"); } } if (strlen($_POST['username']) < $objConfig->Get("Min_UserName")) { $MissingCount++; $FormError["m_register"]["username"] = language("lu_ferror_username_tooshort"); } if(!$MissingCount) { $CreatedOn = adodb_date("U"); $GroupId = $objConfig->Get("User_NewGroup"); $Status=0; /* determine the status of new users */ switch ($objConfig->Get("User_Allow_New")) { case "1": $Status=1; break; case "3": $Status=2; break; } /* set Destination template */ $var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index"; if($Status>0) { if($objConfig->Get("User_Password_Auto")) { $password = makepassword(); $objSession->Set("password", $password); } else $password = $_POST["password"]; $_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"]; $dob = DateTimestamp($_POST["dob"],GetDateFormat()); $ip = $_SERVER['REMOTE_ADDR']; $u = &$objUsers->Add_User($_POST["username"], md5($password), $_POST["email"], $CreatedOn, $_POST["firstname"], $_POST["lastname"], $Status, $_POST["phone"], $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"], $_POST["country"], $dob, $ip, TRUE); if(!is_object($u)) { $RuleId=$u; $r = $objBanList->GetItem($RuleId); $err = $r->Get("ErrorTag"); if(strlen($err)) { $FormError["m_register"][$r->Get("ItemField")] = language($err); $MissingCount++; } } else { $u->Set("Password",$password); $u->Clean(); if($GroupId>0) { $g = $objGroups->GetItem($GroupId); $g->AddUser($u->Get("PortalUserId"),1); } $custom = $_POST["custom"]; if(is_array($custom)) { for($x=0;$xSetCustomField($custom[$x],$_POST[$custom[$x]]); } $u->SaveCustomFields(); } if($Status==1) { if($objConfig->Get("User_Password_Auto")) { $u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId")); $u->SendAdminEventMail("USER.VALIDATE"); } else { $doLoginNow = true; $u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId")); $u->SendAdminEventMail("USER.ADD"); } } else { $u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId")); $u->SendAdminEventMail("USER.ADD.PENDING"); } if ($doLoginNow) $objSession->Login($_POST["username"], md5($password)); } } } break; case "m_add_friend": $id = $_GET["UserId"]; $userid = $objSession->Get("PortalUserId"); if($id!=$userid) { $u =& $objUsers->GetItem($id); $u->AddFavorite($userid); } break; case "m_del_friend": $id = $_GET["UserId"]; $userid = $objSession->Get("PortalUserId"); $u =& $objUsers->GetItem($id); $u->DeleteFavorite(); break; case "m_acctinfo": // phpinfo(INFO_VARIABLES); $MissingCount = SetMissingDataErrors("m_acctinfo"); $UserId = $_GET["UserId"]; if($UserId != $objSession->Get("PortalUserId")) { $MissingCount++; $FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid"); } if(strlen($_POST["password"])>0) { if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"])) { $MissingCount++; $FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch"); } if(strlen($_POST["password"])>30) { // echo "VAR: ".$_POST["password"]; die(); $MissingCount++; $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong"); } if (strlen($_POST['password']) < $objConfig->Get("Min_Password")) { $MissingCount++; $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort"); } } if(!$MissingCount) { /* save profile */ $u =& $objUsers->GetItem($UserId); $status = $u->Get("Status"); $_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"]; $dob = DateTimestamp($_POST["dob"], GetDateFormat()); if(strlen($_POST["password"])>0) { $password = md5($_POST["password"]); } else $password = ""; $objUsers->Edit_User($UserId, $_POST["username"], $password, $_POST["email"], 0, $_POST["firstname"], $_POST["lastname"], $status, $_POST["phone"], $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"], $_POST["country"], $dob); } break; case "m_profile": $userid = $objSession->Get("PortalUserId"); if($userid>0) { $u = $objUsers->GetItem($userid); foreach($_POST as $field=>$value) { if(substr($field,0,3)=="pp_") { $objSession->SetPersistantVariable($field,$value); } } } break; case "m_set_lang": $lang = $_GET["lang"]; $LangId = 0; if(strlen($lang)) { $l = $objLanguages->GetItemByField("PackName",$lang); if(is_object($l)) { $LangId = $l->Get("LanguageId"); } } if($LangId) { if($objSession->Get("PortalUserId")>0) { $objSession->SetPersistantVariable("Language",$LangId); } $objSession->Set("Language",$LangId); $objSession->Update(); $m_var_list_update["lang"] = $LangId; $m_var_list["lang"] = $LangId; } break; case "m_set_theme": $id = $_POST["ThemeId"]; if(!is_numeric($id)) $id = $_GET["ThemeId"]; if($id) { $objSession->SetThemeName($id); $m_var_list["t"] = "index"; $m_var_list_update["theme"] = $id; $m_var_list["theme"] = $id; unset($CurrentTheme); } break; case "m_sort_cats": $objSession->SetVariable("Category_Sortfield",$_POST["cat_field_sort"]); $objSession->SetVariable("Category_Sortorder",$_POST["cat_sort_order"]); break; case "m_add_cat_confirm": // phpinfo(INFO_VARIABLES); $perm = 0; $CategoryId=$objCatList->CurrentCategoryID(); if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING")) $perm = 2; if ($objSession->HasCatPermission("CATEGORY.ADD")) $perm = 1; if ($perm == 0) { $MissingCount++; $FormError["m_addcat"]["name"] = language("lu_ferror_no_access"); } else { $MissingCount = SetMissingDataErrors("m_addcat"); if(is_array($_FILES)) { foreach($_FILES as $field => $file) { $allowed = TRUE; if(strlen($_POST["imagetypes"][$field])) { $types = explode(",",strtolower($_POST["imagetypes"][$field])); if(is_array($types)) { if(count($types)>0) { $path_parts = pathinfo($file["name"]); $ext = $path_parts["extension"]; $allowed = in_array($ext,$types); if(!$allowed) { $MissingCount++; $FormError["m_addcat"][$field] = language("lu_ferror_wrongtype"); } } } } $maxsize = (int)$_POST["maxsize"][$field]; if($maxsize>0 && $allowed && $file["size"]>$maxsize) { $allowed = FALSE; $MissingCount++; $FormError["m_addcat"][$field] = language("lu_ferror_toolarge"); } } } if($MissingCount==0) { $CreatedOn = date("U"); $name = $_POST["name"]; $desc = $_POST["description"]; $metadesc = $_POST["meta_description"]; $keywords = $_POST["meta_keywords"]; $parent = $objCatList->CurrentCategoryID(); $cat =& $objCatList->Add($parent, $name, inp_escape($desc,0), $CreatedOn, 0, $perm, 2, 2, 2, 0, $keywords,$metadesc); $cat->UpdateCachedPath(); $cat->Update(); $cat->UpdateACL(); $objCatList->UpdateMissingCacheData(); if(strlen($_GET["Confirm"])) { $var_list["t"] = $_GET["Confirm"]; } else $var_list["t"] = $_GET["DestTemplate"]; } } break; case "m_front_review_add": if($objSession->InSpamControl($_POST["ItemId"])) { $StatusMessage["review"] = language("la_Review_AlreadyReviewed"); } else { $objReviews = new clsItemReviewList(); $Status = $objConfig->Get("Review_DefaultStatus"); $CreatedOn = adodb_date("U"); $html = (int)$objConfig->Get("Review_Html"); $ReviewText = inp_escape($_POST["review_text"],$html); $r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress, 0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId")); foreach($ItemTypes as $type=>$id) { if($id==$_POST["ItemType"]) { $ValName = $type."_ReviewDelay_Value"; $IntName = $type."_ReviewDelay_Interval"; break; } } if(strlen($ValName) && strlen($IntName)) { $exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName); $objSession->AddToSpamControl($_POST["ItemId"],$exp_secs); if(is_object($r)) { if($Status) { $StatusMessage["review"] = language("la_Review_Added"); } else $StatusMessage["review"] = language("la_Review_Pending"); } else $StatusMessage["review"] = language("la_Review_Error"); } else $StatusMessage["error"] = language("la_ConfigError_Review"); } break; case "m_suggest_email": $cutoff = time()+(int)$objConfig->Get("Suggest_MinInterval"); $email = $_POST["suggest_email"]; if (strlen($email)) { if(ValidEmail($email)) { $sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".inp_escape($email,0)."' and sent<".$cutoff; $adodbConnection = GetADODBConnection(); $rs = $adodbConnection->Execute($sql); $rs = false; if($rs && !$rs->EOF) { if(strlen($_GET["Error"])>0) $var_list["t"] = $_GET["Error"]; $suggest_result = "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]); } else { $Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST"); if(is_object($Event)) { if($Event->Get("Enabled")=="1") { $Event->Item = $this; $Event->SendToAddress($email); $sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".inp_escape($email,0)."','".time()."')"; $rs = $adodbConnection->Execute($sql); $suggest_result=language("lu_suggest_success")." ".$email; } } $e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1); if($e->Get("Enabled")==1) $e->SendAdmin(); if(strlen($_GET["Confirm"])>0) $var_list["t"] = $_GET["Confirm"]; } } else { if(strlen($_GET["Error"])>0) $var_list["t"] = $_GET["Error"]; $suggest_result=language("lu_invalid_emailaddress"); } } else { if(strlen($_GET["Error"])>0) $var_list["t"] = $_GET["Error"]; $suggest_result=language("lu_suggest_no_address"); } break; case "m_simple_search": $keywords = $_POST["keywords"]; $type = $objItemTypes->GetTypeByName("Category"); $objSearch = new clsSearchResults("Category","clsCategory"); if(strlen($keywords)) { $objSearchList = new clsSearchLogList(); $objSearchList->UpdateKeyword($keywords,0); $objSearch->SetKeywords($keywords); $objSearch->AddSimpleFields(); if(is_numeric($objConfig->Get("SearchRel_Pop_category"))) $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100); if(is_numeric($objConfig->Get("SearchRel_Keyword_category"))) $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100); if(is_numeric($objConfig->Get("SearchRel_Rating_article"))) $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100); //echo "Searching On $keywords
\n"; $objSearch->PerformSearch(1,$SortOrder,TRUE); $SearchPerformed = TRUE; //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId"); //echo "Finished Setting Category Relevence
\n"; } else { if(strlen($_GET["Error"])>0) $var_list["t"] = $_GET["Error"]; $MissingCount = SetMissingDataErrors("m_simplesearch"); $MissingCount++; $FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword"); } break; case "m_adv_search": if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList(); switch($_GET["type"]) { case 1: /* category */ //echo "Searching for categories
"; $objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory"); foreach($objSearchConfig->Items as $field) { $fld = $field->Get("FieldName"); $Verb = $_POST["verb"][$field->Get("FieldName")]; if(!strlen($Verb) && $field->Get("FieldType")=="boolean") { if($_POST["value"][$field->Get("FieldName")]!=-1) { $Value = $_POST["value"][$field->Get("FieldName")]; $Verb = "is"; } } else { $Value = $_POST["value"][$field->Get("FieldName")]; } switch( $_POST["andor"][$field->Get("FieldName")]) { case 1: $Conjuction = "AND"; break; case 2: $Conjuction = "OR"; break; default: $Conjuction = ""; break; } if(strlen($Verb)>0 && $Verb!="any") { //echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]
"; $objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction); } } $objAdvSearch->PerformSearch(1,NULL,TRUE); break; } break; case "m_id": echo $Action.":".$DownloadId; die(); break; case "m_simple_subsearch": $keywords = $_POST["keywords"]; $type = $objItemTypes->GetTypeByName("Category"); $objSearch = new clsSearchResults("Category","clsCategory"); if(strlen($keywords)) { $objSearchList = new clsSearchLogList(); $objSearchList->UpdateKeyword($keywords,0); $objSearch->SetKeywords($keywords); $objSearch->AddSimpleFields(); if(is_numeric($objConfig->Get("SearchRel_Pop_category"))) $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100); if(is_numeric($objConfig->Get("SearchRel_Keyword_category"))) $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100); if(is_numeric($objConfig->Get("SearchRel_Rating_article"))) $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100); $SearchResultIdList = $objSearch->Result_IdList(); if(count($SearchResultIdList)>0) { $objSearch->PerformSearch(1,$SortOrder,TRUE,$SearchResultIdList); //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId"); } $SearchPerformed = TRUE; } else { $MissingCount = SetMissingDataErrors("m_simplesearch"); $MissingCount++; $FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword"); } break; } ?>