Index: branches/RC/kernel/frontaction.php
===================================================================
diff -u -N
--- branches/RC/kernel/frontaction.php (revision 8929)
+++ branches/RC/kernel/frontaction.php (revision 0)
@@ -1,1151 +0,0 @@
-ValidSession()) $objSession->Logout();
- //echo $objSession->GetSessionKey()."
\n";
- $url_params = Array();
- $application =& kApplication::Instance();
-
- if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["cookies_on"] != "1") {
- $FormError["login"]["login_user"] = language("lu_cookies_error");
- }
- else
- {
- $MissingCount = SetMissingDataErrors("login");
- if($MissingCount==2)
- {
- $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
- unset($FormError["login"]["login_password"]);
- }
-
- if($MissingCount==0)
- {
- if($_POST["login_user"]=="root")
- {
- $FormError["login"]["login_user"]= language("lu_access_denied");
- }
- else
- {
- $LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
- if($LoginCheck === true)
- {
- if( !headers_sent() && GetVar('usercookie') == 1 )
- {
- $c = $_POST["login_user"]."|";
- $pw = $_POST["login_password"];
- if(strlen($pw) < 31) $pw = md5($pw);
- $c .= $pw;
- set_cookie('login', $c, adodb_mktime() + 2592000);
- }
-
- // set new destination template if passed
- $dest = GetVar('dest', true);
- if(!$dest) $dest = GetVar('DestTemplate', true);
- if($dest) $var_list['t'] = $dest;
-
- $next_template = $objSession->GetVariable('next_template');
- if($next_template)
- {
- $objSession->SetVariable('next_template','');
- $var_list_update['t'] = $next_template;
-
- $url_params['pass'] = 'all';
- header('Location: ' . HREF_Wrapper('', $url_params) );
- exit;
- $var_list['t'] = $next_template.'.tpl';
- }
- elseif($var_list['t'] == 'login')
- {
- $var_list['t'] = 'index';
- }
-
- $event_params = Array('user' => $_POST['login_user'], 'pass' => $_POST['login_password']);
- $application->HandleEvent( new kEvent('u:OnInpLogin', $event_params) );
-
- $redirect_template = getArrayValue($var_list_update, 't') ? $var_list_update['t'] : $var_list['t'];
- $application->Redirect($redirect_template);
-
- }
- else
- {
- switch($LoginCheck)
- {
- case -1: // user or/and pass wrong
- $FormError["login"]["login_password"] = language("lu_incorrect_login");
- break;
-
- case -2: // user ok, but has no permission
- $FormError["login"]["login_password"] = language("la_text_nopermissions");
- break;
- }
- }
- }
- }
- }
- break;
-
- case "m_resetpw":
- $passed_key = $_GET['user_key'];
-
- $u = $objUsers->GetItemByField("PwResetConfirm", $passed_key);
- $found = is_object($u);
-
- if($found)
- {
- $exp_time = $u->Get('PwRequestTime') + 3600;
- $u->Set("PwResetConfirm", '');
- $u->Set("PwRequestTime", 0);
- if ($exp_time > adodb_mktime())
- {
- $objSession->SetVariable('codevalidationresult', 'lu_resetpw_confirm_text');
- $newpw = makepassword();
- SetVar('user_password', $newpw);
- $u->Set("Password",$newpw);
- $u->Set("PassResetTime", adodb_mktime());
- $u->Set("PwResetConfirm", '');
- $u->Set("PwRequestTime", 0);
- $u->Update();
- $u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.PSWD");
- $u->Set("Password",md5($newpw));
- $u->Update();
- $u->Clean();
- } else {
- $objSession->SetVariable('codevalidationresult', 'lu_code_expired');
- }
- } else {
- $objSession->SetVariable('codevalidationresult', 'lu_code_is_not_valid');
- }
- break;
-
- case "m_forgotpw":
- $MissingCount = SetMissingDataErrors("forgotpw");
-// $pass_reset_add = $objConfig->Get("Users_AllowReset");
-
- if($MissingCount==0)
- {
- $username = $_POST["username"];
- $email = $_POST["email"];
- $found = false;
- $allow_reset = true;
- if(strlen($username))
- {
- $u = $objUsers->GetItemByField("Login",$username);
- if(is_object($u))
- $found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
- }
- else if(strlen($email))
- {
- $u = $objUsers->GetItemByField("Email",$email);
- if(is_object($u))
- $found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
- }
-
- if(is_object($u))
- {
- $PwResetConfirm = $u->Get('PwResetConfirm');
- $PwRequestTime = $u->Get('PwRequestTime');
- $PassResetTime = $u->Get('PassResetTime');
- $MinPwResetDelay = $u->Get('MinPwResetDelay');
- $allow_reset = (strlen($PwResetConfirm) ?
- adodb_mktime() > $PwRequestTime + $MinPwResetDelay :
- adodb_mktime() > $PassResetTime + $MinPwResetDelay);
- }
-
- if($found && $allow_reset)
- {
- //$newpw = makepassword();
- //$objSession->Set('password', $newpw);
- $objSession->Set('tmp_user_id', $u->Get("PortalUserId"));
- $objSession->Set('tmp_email', $u->Get("Email"));
- //$u->Set("Password",$newpw);
- //$u->Update();
- $u->SendUserEventMail("USER.PSWDC",$u->Get("PortalUserId"));
- //$u->SendAdminEventMail("USER.PSWDC");
- //$u->Set("Password",md5($newpw));
- //$u->Update();
- $u->Clean();
-
- $var_list['t'] = GetVar('Confirm');
- }
- else
- {
- if(!strlen($username) && !strlen($email))
- {
- $FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
- $MissingCount++;
- }
- else
- {
- $error_phrases=Array();
-
- if($allow_reset)
- {
- $error_phrases['username']='lu_ferror_unknown_username';
- $error_phrases['email']='lu_ferror_unknown_email';
- }
- else
- {
- $error_phrases['username']='lu_ferror_reset_denied';
- $error_phrases['email']='lu_ferror_reset_denied';
- }
-
- foreach ($error_phrases as $field_name => $phrase_name) {
- if(GetVar($field_name))
- {
- $FormError["forgotpw"][$field_name] = language($phrase_name);
- break;
- }
- }
- $MissingCount++;
- }
- if(strlen($_GET["error"]))
- $var_list["t"] = $_GET["error"];
- }
- }
- else
- if(strlen($_GET["error"]))
- $var_list["t"] = $_GET["error"];
- break;
- case "m_subscribe_confirm":
-
- $t = "";
- $_GET["subscribe_email"] = $_POST["subscribe_email"];
- $SubscribeAddress = $_POST["subscribe_email"];
-
- if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
- {
- $t = $_GET["Error"];
- $objSession->SetVariable('SubscribeError', 'lu_invalid_emailaddress');
- }
- else
- {
- if((int)$objConfig->Get("User_SubscriberGroup")>0)
- {
- $g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
- if(is_object($g))
- {
- $email = $_POST["subscribe_email"];
- if(strlen($email)>0)
- {
- $u = $objUsers->GetItemByField("Email",$email);
-
- if(is_object($u))
- {
- if($u->CheckBanned())
- {
- $t = $_GET["Error"];
- $objSession->SetVariable('SubscribeError', 'lu_subscribe_banned');
- }
- else
- {
- if($u->IsInGroup($g->Get("GroupId")))
- {
- $t = $_GET["Unsubscribe"];
- }
- else
- $t = $_GET["Subscribe"];
- }
- }
- else
- $t = $_GET["Subscribe"];
- }
- else
- {
- $t = $_GET["Error"];
- $objSession->SetVariable('SubscribeError', 'lu_subscribe_no_address');
- }
- }
- else
- {
- $t = $_GET["Error"];
- $objSession->SetVariable('SubscribeError', 'lu_subscribe_unknown_error');
- }
- }
- }
- if(strlen($t))
- {
- $var_list["t"] = $t;
- $var_list_update["t"] = $t;
- }
- $objSession->SetVariable('SubscribeAddress', $SubscribeAddress);
-
- break;
- case "m_subscribe":
-
- if($_POST["buttons"][0]==language("lu_button_yes"))
- {
- $SubscribeAddress = $_POST["subscribe_email"];
- if(strlen($SubscribeAddress)>0)
- {
- if(ValidEmail($SubscribeAddress))
- {
- $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
- if ($GroupId)
- {
- $g = $objGroups->GetItem($GroupId);
- $u = $objUsers->GetItemByField("Email",$SubscribeAddress);
- if(is_object($u))
- {
- if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
- {
- $bExists = TRUE;
- }
- else
- $bExists = FALSE;
- }
- if($bExists)
- {
- $g->AddUser($u->Get("PortalUserId"),0,false);
- }
- else
- {
- $u = new clsPortalUser(NULL);
- $u->Set("Email",$SubscribeAddress);
- $u->Set("ip",$_SERVER['REMOTE_ADDR']);
- $u->Set("CreatedOn",adodb_date("U"));
- $u->Set("Status",1);
- if(!$u->CheckBanned())
- {
- $u->Create();
- $g->AddUser($u->Get("PortalUserId"),1,false);
- }
- else
- $SubscribeResult = "lu_subscribe_banned";
- }
-
- $SubscribeResult = "lu_subscribe_success";
- $u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.SUBSCRIBE");
- if(strlen($_GET["Subscribe"])>0)
- $var_list["t"] = $_GET["Subscribe"];
- }
- }
- else
- {
- $SubscribeResult = "lu_invalid_emailaddress";
- }
- }
- else
- $SubscribeResult = "lu_subscribe_missing_address";
- }
-
- if(!strlen($SubscribeResult))
- $SubscribeResult = "lu_subscribe_success";
-
- break;
- case "m_unsubscribe":
-
- if($_POST["buttons"][0]==language("lu_button_yes"))
- {
- $MissingCount = SetMissingDataErrors("m_unsubscribe");
-
- if($MissingCount==0)
- {
- $email = $_POST["subscribe_email"];
- $u = $objUsers->GetItemByField("Email",$email);
- if(is_object($u))
- {
- if(strtolower($u->Get("Email"))==strtolower($email))
- {
- $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
- if($u->PrimaryGroup()==$GroupId)
- {
- $u_gorup_list = $u->GetGroupList();
-
- if (count($u_gorup_list) > 1) {
- $u->RemoveFromGroup($GroupId);
- }
- else {
- $u->RemoveFromAllGroups();
- $u->Delete();
- }
- }
- else
- {
- $u->RemoveFromGroup($GroupId);
- }
- }
- }
- if(strlen($_GET["Subscribe"])>0)
- $var_list["t"] = $_GET["Subscribe"];
- }
- }
-
- break;
-
- case "m_register":
- $_POST=inp_escape($_POST);
- $MissingCount = SetMissingDataErrors("m_register");
-
- if(!$objConfig->Get("User_Password_Auto"))
- {
- if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
- {
- $MissingCount++;
- $FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
- }
-
- if(strlen($_POST["password"])>30)
- {
- // echo "VAR: ".$_POST["password"]; die();
- $MissingCount++;
- $FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
- }
-
- if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
- {
- $MissingCount++;
- $FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
- }
- }
-
- if(($_POST["username"]=="root"))
- {
- $MissingCount++;
- $FormError["m_register"]["username"] = language("lu_user_exists");
- }
- else
- {
-
- $u = $objUsers->GetItemByField("Login",$_POST["username"]);
- if(is_object($u))
- {
- if($u->Get("Login")==$_POST["username"])
- {
- $MissingCount++;
- $FormError["m_register"]["username"] = language("lu_user_exists");
- }
- }
- }
-
-
-
- if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
- {
- $MissingCount++;
- $FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
- }
-
- if(!$MissingCount)
- {
- $CreatedOn = adodb_date("U");
- $GroupId = $objConfig->Get("User_NewGroup");
- $Status=0;
-
- /* determine the status of new users */
- switch ($objConfig->Get("User_Allow_New"))
- {
- case "1":
- $Status=1;
- break;
- case "3":
- $Status=2;
- break;
- }
-
- /* set Destination template */
- $var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
-
- if($Status>0)
- {
- if ($objConfig->Get("User_Password_Auto")) {
- $password = makepassword();
- // $objSession->Set("password", $password);
- SetVar('user_password', $password);
- }
- else {
- $password = $_POST["password"];
- }
-
- $dob = adodb_mktime(0, 0, 0, $_POST['dob_month'], $_POST['dob_day'], $_POST['dob_year']);
- $ip = $_SERVER['REMOTE_ADDR'];
-
- $application =& kApplication::Instance();
- $application->SetVar('user_password', $password);
- SetVar('user_password', $password);
- $fields_hash = Array('Login' => $_POST['username'],
- 'Password' => md5($password),
- 'FirstName' => $_POST['firstname'],
- 'LastName' => $_POST['lastname'],
- 'Company' => $_POST['company'],
- 'Email' => $_POST['email'],
- 'Status' => $Status,
- 'Phone' => $_POST['phone'],
- 'Fax' => $_POST['fax'],
- 'Street' => $_POST['street'],
- 'Street2' => $_POST['street2'],
- 'City' => $_POST['city'],
- 'State' => $_POST['state'],
- 'Zip' => $_POST['zip'],
- 'Country' => $_POST['country'],
- 'CreatedOn' => $CreatedOn,
- 'dob' => $dob,
- 'ip' => $ip);
- $u =& $objUsers->Add_User_NEW($fields_hash, true);
-
- if(!is_object($u))
- {
- $RuleId=$u;
- $r = $objBanList->GetItem($RuleId);
- $err = $r->Get("ErrorTag");
-
- if(strlen($err))
- {
- $FormError["m_register"][$r->Get("ItemField")] = language($err);
- $MissingCount++;
- }
- }
- else
- {
- $u->Set("Password",$password);
- $u->Clean();
- if($GroupId>0)
- {
- $g = $objGroups->GetItem($GroupId);
- $g->AddUser($u->Get("PortalUserId"),1,false);
- }
-
- $custom = $_POST["custom"];
- if (is_array($custom)) {
- for($x = 0; $x < count($custom); $x++) {
- $u->SetCustomField($custom[$x],$_POST[$custom[$x]]);
- }
- $u->SaveCustomFields();
- }
-
- if($Status==1)
- {
- if($objConfig->Get("User_Password_Auto"))
- {
- $u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.VALIDATE");
- }
- else
- {
- $doLoginNow = true;
- $u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.ADD");
- }
- }
- else
- {
- $u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.ADD.PENDING");
- }
-
- if ($doLoginNow)
- {
- $login_ok = $objSession->Login($_POST["username"], md5($password));
- if($login_ok)
- {
- $next_template = $objSession->GetVariable('next_template');
- if (!$next_template) {
-// $next_template = strlen($_GET["dest"])? $_GET["dest"] : "index";
- }
- if($next_template)
- {
- $objSession->SetVariable('next_template','');
- $var_list_update["t"] = $next_template;
- header('Location: ' . HREF_Wrapper() );
- exit;
- $var_list['t'] = $next_template.'.tpl';
- }
-
- }
- }
- }
- }
- }
- break;
- case "m_add_friend":
- $id = $_GET["UserId"];
- $userid = $objSession->Get("PortalUserId");
- if($id!=$userid)
- {
- $u =& $objUsers->GetItem($id);
- $u->AddFavorite($userid);
- }
- DeleteModuleTagCache('kernel');
- break;
- case "m_del_friend":
- $id = $_GET["UserId"];
- $userid = $objSession->Get("PortalUserId");
- $u =& $objUsers->GetItem($id);
- $u->DeleteFavorite();
- DeleteModuleTagCache('kernel');
- break;
-
- case 'm_acctinfo':
- $_POST = inp_escape($_POST);
- $MissingCount = SetMissingDataErrors("m_acctinfo");
- $UserId = $_GET["UserId"];
- if ($UserId != $objSession->Get("PortalUserId")) {
- $MissingCount++;
- $FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
- }
-
- if ($_POST["password"]) {
- if (($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"])) {
- $MissingCount++;
- $FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
- }
-
- if (strlen($_POST["password"])>30) {
- // echo "VAR: ".$_POST["password"]; die();
- $MissingCount++;
- $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
- }
-
- if (strlen($_POST['password']) < $objConfig->Get("Min_Password")) {
- $MissingCount++;
- $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
- }
- }
-
- $db =& GetADODBConnection();
- $email = GetVar('email');
- $test_id = $db->GetOne('SELECT PortalUserId FROM '.GetTablePrefix().'PortalUser WHERE Email = '.$db->qstr($email));
- if ($test_id && ($test_id != $objSession->Get('PortalUserId')) ) {
- $MissingCount++;
- $FormError["m_acctinfo"]["email"] = language("lu_ferror_email_duplicate");
- }
-
-
- if (!$MissingCount) {
- /* save profile */
- $u =& $objUsers->GetItem($UserId);
- $status = $u->Get("Status");
- $dob = adodb_mktime(0, 0, 0, $_POST['dob_month'], $_POST['dob_day'], $_POST['dob_year']);
- $password = strlen($_POST["password"]) > 0 ? md5($_POST["password"]) : '';
-
- $fields_hash = Array( 'Login' => $_POST['username'],
- 'Password' => $password,
- 'FirstName' => $_POST['firstname'],
- 'LastName' => $_POST['lastname'],
- 'Company' => $_POST['company'],
- 'Email' => $_POST['email'],
- 'Status' => $status,
- 'Phone' => $_POST['phone'],
- 'Fax' => $_POST['fax'],
- 'Street' => $_POST['street'],
- 'Street2' => $_POST['street2'],
- 'City' => $_POST['city'],
- 'State' => $_POST['state'],
- 'Zip' => $_POST['zip'],
- 'Country' => $_POST['country'],
- 'dob' => $dob,
- 'MinPwResetDelay' => $_POST['minpwresetdelay'],
-
- );
-
- $user =& $objUsers->Edit_User_NEW($UserId, $fields_hash);
- saveCustomFields('u', $u->Get('ResourceId'), 6);
- }
- DeleteModuleTagCache('kernel');
- break;
- case "m_profile":
- $userid = $objSession->Get("PortalUserId");
- if($userid>0)
- {
- $u = $objUsers->GetItem($userid);
- foreach($_POST as $field=>$value)
- {
- if(substr($field,0,3)=="pp_")
- {
- $objSession->SetPersistantVariable($field,$value);
- }
- }
-
- }
- break;
- case "m_set_lang":
- $lang = $_GET["lang"];
- $LangId = 0;
- if(strlen($lang))
- {
- $l = $objLanguages->GetItemByField("PackName",$lang);
- if(is_object($l))
- {
- $LangId = $l->Get("LanguageId");
- }
- }
- if($LangId)
- {
- if($objSession->Get("PortalUserId")>0)
- {
- $objSession->SetPersistantVariable("Language",$LangId);
- }
- $objSession->Set("Language",$LangId);
- $objSession->Update();
- $m_var_list_update["lang"] = $LangId;
- $m_var_list["lang"] = $LangId;
- }
- break;
-
- case "m_set_theme":
- $id = $_POST["ThemeId"];
- if(!is_numeric($id))
- $id = $_GET["ThemeId"];
- if($id)
- {
- $objSession->SetThemeName($id);
- $m_var_list["t"] = "index";
- $m_var_list_update["theme"] = $id;
- $m_var_list["theme"] = $id;
- unset($CurrentTheme);
- }
- break;
-
- case "m_sort_cats":
- $_POST['Category_Sortfield'] = preg_replace('/^(Name$|^Description)$/', 'l'.$m_var_list['lang'].'_$1', $_POST['Category_Sortfield']);
- $objSession->SetVariable("Category_Sortfield",$_POST["Category_Sortfield"]);
- $objSession->SetVariable("Category_Sortorder",$_POST["Category_Sortorder"]);
- $objSession->SetVariable("Perpage_Category",$_POST["Perpage_Category"]);
- DeleteModuleTagCache('kernel');
- break;
- case "m_add_cat_confirm":
- $perm = 0;
- $CategoryId=$objCatList->CurrentCategoryID();
- if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
- $perm = 2;
- if ($objSession->HasCatPermission("CATEGORY.ADD"))
- $perm = 1;
- if ($perm == 0)
- {
- $MissingCount++;
- $FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
- }
- else
- {
- $MissingCount = SetMissingDataErrors("m_addcat");
- if(is_array($_FILES))
- {
- foreach($_FILES as $field => $file)
- {
- $allowed = TRUE;
- if(strlen($_POST["imagetypes"][$field]))
- {
- $types = explode(",",strtolower($_POST["imagetypes"][$field]));
- if(is_array($types))
- {
- if(count($types)>0)
- {
- $path_parts = pathinfo($file["name"]);
- $ext = $path_parts["extension"];
- $allowed = in_array($ext,$types);
- if(!$allowed)
- {
- $MissingCount++;
- $FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
- }
- }
- }
- }
- $maxsize = (int)$_POST["maxsize"][$field];
- if($maxsize>0 && $allowed && $file["size"]>$maxsize)
- {
- $allowed = FALSE;
- $MissingCount++;
- $FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
- }
- }
- }
- if($MissingCount==0)
- {
- $_POST = inp_striptags($_POST);
- $fields_hash = Array( 'ParentId' => $objCatList->CurrentCategoryID(),
- $objCatList->TitleField => $_POST['name'],
- $objCatList->DescriptionField => $_POST['description'],
- 'CreatedOn' => adodb_date('U'),
- 'EditorsPick' => 0,
- 'Status' => $perm,
- 'HotItem' => 2,
- 'NewItem' => 2,
- 'PopItem' => 2,
- 'Priority' => 0,
- 'MetaKeywords' => $_POST['meta_keywords'],
- 'MetaDescription' => $_POST['meta_description'],
- 'AutomaticFilename' => 1,
- 'Filename' => '',
- 'CategoryTemplate' => '',
- );
-
- $cat =& $objCatList->Add_NEW($fields_hash);
- saveCustomFields('c', $cat->Get('ResourceId'), $cat->type);
-
- $cat->UpdateCachedPath();
- $cat->Update();
- $cat->UpdateACL();
- $objCatList->UpdateMissingCacheData();
-
- if(strlen($_GET["Confirm"]))
- {
- $var_list["t"] = $_GET["Confirm"];
- }
- else
- $var_list["t"] = $_GET["DestTemplate"];
- }
- }
- DeleteModuleTagCache('kernel');
- break;
- case "m_front_review_add":
- if($objSession->InSpamControl($_POST["ItemId"]))
- {
- $StatusMessage["review"] = language("la_Review_AlreadyReviewed");
- }
- else
- {
- $objReviews = new clsItemReviewList();
- $Status = $objConfig->Get("Review_DefaultStatus");
- $CreatedOn = adodb_date("U");
- $html = (int)$objConfig->Get("Review_Html");
- $ReviewText = inp_striptags($_POST["review_text"]);
-
- $r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
- 0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
- foreach($ItemTypes as $type=>$id)
- {
- if($id==$_POST["ItemType"])
- {
- $ValName = $type."_ReviewDelay_Value";
- $IntName = $type."_ReviewDelay_Interval";
- break;
- }
- }
- if(strlen($ValName) && strlen($IntName))
- {
- $exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
- $objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
- if(is_object($r))
- {
- if($Status)
- {
- $StatusMessage["review"] = language("la_Review_Added");
- }
- else
- $StatusMessage["review"] = language("la_Review_Pending");
- }
- else
- $StatusMessage["review"] = language("la_Review_Error");
- }
- else
- $StatusMessage["error"] = language("la_ConfigError_Review");
- }
- DeleteModuleTagCache('kernel');
- break;
-
- case "m_suggest_email":
- $cutoff = adodb_mktime()+(int)$objConfig->Get("Suggest_MinInterval");
- $email = inp_striptags($_POST["suggest_email"]);
-
- if (strlen($email))
- {
- if(ValidEmail($email))
- {
- $sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".$email."' and sent<".$cutoff;
- $adodbConnection = &GetADODBConnection();
- $rs = $adodbConnection->Execute($sql);
-
- $rs = false;
-
- if($rs && !$rs->EOF)
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
- $objSession->SetVariable('suggest_result', "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]) );
- }
- else
- {
- $application =& kApplication::Instance();
- $got_string = $application->GetVar('captcha_string');
- if ($objConfig->Get("Suggest_Captcha") && !$application->GetVar('check_captcha')) {
- $captcha_helper = $application->recallObject('CaptchaHelper');
- $captcha_code = $captcha_helper->GenerateCaptchaCode();
- $objSession->SetVariable('suggest_captcha_code', $captcha_code);
- $application->StoreVar('suggest_email', $email);
-
- if ($var_list["DestTemplate"] != $_GET["Captcha"]) {
- $var_list["DestTemplate"] = $var_list["t"];
- }
- $var_list["t"] = $_GET["Captcha"];
- }
- else {
- // if no captcha or captcha Ok
- if (!$objConfig->Get("Suggest_Captcha") || $got_string == $application->RecallVar('suggest_captcha_code')) {
- $Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
- if(is_object($Event))
- {
- if($Event->Get("Enabled")=="1")
- {
- $Event->Item = null;
- $Event->SendToAddress($email);
-
- $sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".$email."','".adodb_mktime()."')";
-
- $rs = $adodbConnection->Execute($sql);
- $objSession->SetVariable('suggest_result', language("lu_suggest_success")." ".$email);
- }
- }
- $e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
-
- if($e->Get("Enabled")==1)
- $e->SendAdmin();
-
- if(strlen($_GET["Confirm"])>0)
- $var_list["t"] = $_GET["Confirm"];
-
- $application->RemoveVar('suggest_captcha_code');
- $application->RemoveVar('suggest_email');
- }
- elseif ($got_string != $application->RecallVar('suggest_captcha_code')) {
- // generate new captcha code in case of error
- $captcha_helper = $application->recallObject('CaptchaHelper');
- $captcha_code = $captcha_helper->GenerateCaptchaCode();
- $objSession->SetVariable('suggest_captcha_code', $captcha_code);
-
- $objSession->SetVariable('suggest_result', language("lu_invalid_captcha"));
- }
- }
- }
- }
- else
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
- $objSession->SetVariable('suggest_result', language("lu_invalid_emailaddress"));
- }
- }
- else
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
- $objSession->SetVariable('suggest_result', language("lu_suggest_no_address"));
- }
- break;
- case "m_simple_search":
- $keywords = trim($_POST["keywords"]);
- $type = $objItemTypes->GetTypeByName("Category");
- $objSearch = new clsSearchResults("Category","clsCategory");
- $length = $objConfig->Get('Search_MinKeyword_Length');
-
- if(strlen($keywords))
- {
- $performSearch = false;
- $isExact = (substr($keywords, 0, 2) == '\"' && substr($keywords, strlen($keywords) - 2, 2) == '\"');
-
- if ($isExact) {
- $performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
- }
- else {
- $key_arr = explode(' ', $keywords);
-
- /*foreach($key_arr as $value) {
- if (strlen(str_replace("+", "", $value)) < $length || strlen(str_replace("-", "", $value)) < $length) {
- $keywords = str_replace($value, '', $keywords);
- //$keywords = str_replace($value, '', $keywords);
- }
- }
-
- //$keywords = str_replace(' ', ' ', $keywords);
- //$keywords = str_replace('\"', '', $keywords);
- */
- $tmp_keywords = str_replace("+", "", $keywords);
- $tmp_keywords = str_replace("-", "", $tmp_keywords);
-
- $performSearch = (strlen($tmp_keywords) >= $length);
- }
-
- if ($performSearch) {
- $objSearchList = new clsSearchLogList();
- $objSearchList->UpdateKeyword($keywords,0);
-
- $objSearch->SetKeywords($keywords);
- $objSearch->AddSimpleFields('c');
- if (is_numeric($objConfig->Get("SearchRel_Pop_category"))) {
- $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
- }
- if (is_numeric($objConfig->Get("SearchRel_Keyword_category"))) {
- $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
- }
- if (is_numeric($objConfig->Get("SearchRel_Rating_category"))) {
- $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
- }
-
- //echo "Searching On $keywords
\n";
- $objSearch->PerformSearch(1,$SortOrder,TRUE);
- $SearchPerformed = TRUE;
- //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
- //echo "Finished Setting Category Relevence
\n";
- }
- else {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
-
- $MissingCount = SetMissingDataErrors("m_simplesearch");
- $MissingCount++;
- setSearchError(lu_keywords_tooshort);
- }
- }
- else
- {
- if (strlen($_GET["Error"])>0) {
- $var_list["t"] = $_GET["Error"];
- }
-
- $MissingCount = SetMissingDataErrors("m_simplesearch");
- $MissingCount++;
- setSearchError('lu_no_keyword');
- }
- break;
- case "m_adv_search":
-
- if ($_GET['type']) {
- $modules = Array( 1 => 'In-Portal', 2 => 'In-News',
- 3 => 'In-Bulletin', 4 => 'In-Link',
- 11 => 'In-Commerce');
- $module = $modules[$_GET["type"]];
- }
- else {
- $module = 0;
- }
-
- if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList($module);
- switch($_GET["type"])
- {
- case 1: /* category */
- //echo "Searching for categories
";
- $objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory", $_GET["type"]);
-
-
- foreach($objSearchConfig->Items as $field)
- {
- $fld = $field->Get("FieldName");
-
- $Verb = $_POST["verb"][$field->Get("FieldName")];
- if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
- {
- if($_POST["value"][$field->Get("FieldName")]!=-1)
- {
- $Value = $_POST["value"][$field->Get("FieldName")];
- $Verb = "is";
- }
- }
- else
- {
- $Value = $_POST["value"][$field->Get("FieldName")];
- }
- switch( $_POST["andor"][$field->Get("FieldName")])
- {
- case 1:
- $Conjuction = "AND";
- break;
- case 2:
- $Conjuction = "OR";
- break;
- default:
- $Conjuction = "";
- break;
- }
-
- if (strlen($Value) && $Verb=="any")
- {
- $Verb = 'contains';
- }
-
-
-
- if(strlen($Value) && strlen($Verb)>0 && $Verb!="any")
- {
- // echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]
";
- $objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction, 'c');
- }
-
- }
- $objAdvSearch->PerformSearch(1,NULL,TRUE);
- break;
- }
- break;
-
- case "m_id":
- $application->ApplicationDie($Action.':'.$DownloadId);
- break;
-
- case "m_simple_subsearch":
- $keywords = $_POST["keywords"];
- $type = $objItemTypes->GetTypeByName("Category");
- $objSearch = new clsSearchResults("Category","clsCategory");
- $length = $objConfig->Get('Search_MinKeyword_Length');
-
- if(strlen($keywords))
- {
- $performSearch = false;
- $isExact = (substr($keywords, 0, 1) == '"' && substr($keywords, strlen($keywords) - 1, 1) == '"');
-
- if ($isExact) {
- $performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
- }
- else {
- $key_arr = explode(' ', $keywords);
-
- /*foreach($key_arr as $value) {
- if (strlen($value) < $length) {
- $keywords = str_replace(' '.$value, '', $keywords);
- $keywords = str_replace($value.' ', '', $keywords);
- }
- }*/
-
- //$keywords = str_replace(' ', ' ', $keywords);
-
- $tmp_keywords = str_replace("+", "", $keywords);
- $tmp_keywords = str_replace("-", "", $tmp_keywords);
-
- $performSearch = (strlen($tmp_keywords) >= $length);
- }
-
- if ($performSearch) {
- $objSearchList = new clsSearchLogList();
- $objSearchList->UpdateKeyword($keywords,0);
-
- $objSearch->SetKeywords($keywords);
- $objSearch->AddSimpleFields('c');
- if (is_numeric($objConfig->Get("SearchRel_Pop_category"))) {
- $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
- }
- if (is_numeric($objConfig->Get("SearchRel_Keyword_category"))) {
- $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
- }
- if (is_numeric($objConfig->Get("SearchRel_Rating_category"))) {
- $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
- }
-
- $SearchResultIdList = $objSearch->Result_IdList();
- if(count($SearchResultIdList)>0)
- {
- $objSearch->PerformSearch(1,$SortOrder, TRUE,$SearchResultIdList);
- //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
- }
- $SearchPerformed = TRUE;
- }
- else {
- $MissingCount = SetMissingDataErrors("m_simplesearch");
- $MissingCount++;
- setSearchError('lu_keywords_tooshort');
- }
- }
- else {
- $MissingCount = SetMissingDataErrors("m_simplesearch");
- $MissingCount++;
- setSearchError('lu_no_keyword');
- }
- break;
-}
-
- function setSearchError($error_phrase)
- {
- $GLOBALS['FormError']['m_simplesearch']['keywords'] = language($error_phrase);
- $GLOBALS['objSession']->SetVariable('search_error', $error_phrase);
- }
-?>