Index: trunk/kernel/frontaction.php
===================================================================
diff -u -r579 -r642
--- trunk/kernel/frontaction.php (.../frontaction.php) (revision 579)
+++ trunk/kernel/frontaction.php (.../frontaction.php) (revision 642)
@@ -1,864 +1,867 @@
-Front, Kernel Action ['.$Action."]
\n";
-}
-
-if( defined('DEBUG_ACTIONS') && (DEBUG_ACTIONS & FRONT_SHOW_REQUEST) == FRONT_SHOW_REQUEST )
-{
- // don't show debug output in tree & header of admin & while logging in
- $script = basename($_SERVER['PHP_SELF']);
-
- echo '
';
- echo " ScriptName: $script (".dirname($_SERVER['PHP_SELF']).") ";
- $div_height = (count($_REQUEST)+1)*26;
- if($div_height > 300) $div_height = 300;
- echo '';
- echo ' ';
- echo 'Src | Name | Value | ';
-
- foreach($_REQUEST as $key => $value)
- {
- if( !is_array($value) && trim($value) == '' ) $value = ' ';
- $src = isset($_GET[$key]) ? 'GE' : (isset($_POST[$key]) ? 'PO' : (isset($_COOKIE[$key]) ? 'CO' : '?') );
- echo ''.$src.' | '.$key.' | '.print_r($value, true).' | ';
- }
- echo ' ';
- echo ' |
';
- unset($script);
-// echo "SID: ".$objSession->GetSessionKey().'
';
-}
-
-switch($Action)
-{
- case "m_login":
- // if($objSession->ValidSession()) $objSession->Logout();
- //echo $objSession->GetSessionKey()."
\n";
- if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") {
- $FormError["login"]["login_user"] = language("lu_cookies_error");
- }
- else
- {
- $MissingCount = SetMissingDataErrors("login");
- if($MissingCount==2)
- {
- $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
- unset($FormError["login"]["login_password"]);
- }
-
- if($MissingCount==0)
- {
- if($_POST["login_user"]=="root")
- {
- $FormError["login"]["login_user"]= language("lu_access_denied");
- }
- else
- {
- $LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
- if($LoginCheck === true)
- {
- if( !headers_sent() && GetVar('usercookie') == 1 )
- {
- $c = $_POST["login_user"]."|";
- $pw = $_POST["login_password"];
- if(strlen($pw) < 31) $pw = md5($pw);
- $c .= $pw;
- setcookie("login",$c,time()+2592000);
- }
-
- // set new destination template if passed
- $dest = GetVar('dest', true);
- if(!$dest) $dest = GetVar('DestTemplate', true);
- if($dest) $var_list['t'] = $dest;
- }
- else
- {
- switch($LoginCheck)
- {
- case -1: // user or/and pass wrong
- $FormError["login"]["login_password"] = language("lu_incorrect_login");
- break;
-
- case -2: // user ok, but has no permission
- $FormError["login"]["login_password"] = language("la_text_nopermissions");
- break;
- }
- }
- }
- }
- }
- break;
-
- case "m_forgotpw":
- $MissingCount = SetMissingDataErrors("forgotpw");
- if($MissingCount==0)
- {
- $username = $_POST["username"];
- $email = $_POST["email"];
- $found = FALSE;
- if(strlen($username))
- {
- $u = $objUsers->GetItemByField("Login",$username);
- if(is_object($u))
- $found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
- }
- else if(strlen($email))
- {
- $u = $objUsers->GetItemByField("Email",$email);
- if(is_object($u))
- $found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
- }
- if($found)
- {
- $newpw = makepassword();
- $objSession->Set('password', $newpw);
- $u->Set("Password",$newpw);
- $u->Update();
- $u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.PSWD");
- $u->Set("Password",md5($newpw));
- $u->Update();
- $u->Clean();
- }
- else
- {
- if(!strlen($username) && !strlen($email))
- {
- $FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
- $MissingCount++;
- }
- else
- {
- if(strlen($username))
- $FormError["forgotpw"]["username"] = language("lu_ferror_unknown_username");
- if(strlen($email))
- $FormError["forgotpw"]["email"] = language("lu_ferror_unknown_email");
- $MissingCount++;
- }
- if(strlen($_GET["error"]))
- $var_list["t"] = $_GET["error"];
- }
- }
- else
- if(strlen($_GET["error"]))
- $var_list["t"] = $_GET["error"];
- break;
- case "m_subscribe_confirm":
- $t = "";
- $SubscribeAddress = $_POST["subscribe_email"];
- if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
- {
- $t = $_GET["Error"];
- $SubscribeError = "lu_invalid_emailaddress";
- }
- else
- {
- if((int)$objConfig->Get("User_SubscriberGroup")>0)
- {
- $g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
- if(is_object($g))
- {
- $email = $_POST["subscribe_email"];
- if(strlen($email)>0)
- {
- $u = $objUsers->GetItemByField("Email",$email);
-
- if(is_object($u))
- {
- if($u->CheckBanned())
- {
- $t = $_GET["Error"];
- $SubscribeError ="lu_subscribe_banned";
- }
- else
- {
- if($u->IsInGroup($g->Get("GroupId")))
- {
- $t = $_GET["Unsubscribe"];
- }
- else
- $t = $_GET["Subscribe"];
- }
- }
- else
- $t = $_GET["Subscribe"];
- }
- else
- {
- $t = $_GET["Error"];
- $SubscribeError ="lu_subscribe_no_address";
- }
- }
- else
- {
- $t = $_GET["Error"];
- $SubscribeError ="lu_subscribe_unknown_error";
- }
- }
- }
- if(strlen($t))
- {
- $var_list["t"] = $t;
- $var_list_update["t"] = $t;
- }
- break;
- case "m_subscribe":
- //phpinfo(INFO_VARIABLES);
- if($_POST["buttons"][0]==language("lu_button_yes"))
- {
- $SubscribeAddress = $_POST["subscribe_email"];
- if(strlen($SubscribeAddress)>0)
- {
- if(ValidEmail($SubscribeAddress))
- {
- $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
- if ($GroupId)
- {
- $g = $objGroups->GetItem($GroupId);
- $u = $objUsers->GetItemByField("Email",$SubscribeAddress);
- if(is_object($u))
- {
- if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
- {
- $bExists = TRUE;
- }
- else
- $bExists = FALSE;
- }
- if($bExists)
- {
- $g->AddUser($u->Get("PortalUserId"));
- }
- else
- {
- $u = new clsPortalUser(NULL);
- $u->Set("Email",$SubscribeAddress);
- $u->Set("ip",$_SERVER['REMOTE_ADDR']);
- $u->Set("CreatedOn",date("U"));
- $u->Set("Status",1);
- if(!$u->CheckBanned())
- {
- $u->Create();
- $g->AddUser($u->Get("PortalUserId"),1);
- }
- else
- $SubscribeResult = "lu_subscribe_banned";
- }
- $SubscribeResult = "lu_subscribe_success";
- $u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.SUBSCRIBE");
- if(strlen($_GET["Subscribe"])>0)
- $var_list["t"] = $_GET["Subscribe"];
- }
- }
- else
- {
- $SubscribeResult = "lu_invalid_emailaddress";
- }
- }
- else
- $SubscribeResult = "lu_subscribe_missing_address";
- }
-
- if(!strlen($SubscribeResult))
- $SubscribeResult = "lu_subscribe_success";
- break;
- case "m_unsubscribe":
-
- if($_POST["buttons"][0]==language("lu_button_yes"))
- {
- $MissingCount = SetMissingDataErrors("m_unsubscribe");
-
- if($MissingCount==0)
- {
- $email = $_POST["subscribe_email"];
- $u = $objUsers->GetItemByField("Email",$email);
- if(is_object($u))
- {
- if(strtolower($u->Get("Email"))==strtolower($email))
- {
- $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
- if($u->PrimaryGroup()==$GroupId)
- {
- $u_gorup_list = $u->GetGroupList();
-
- if (count($u_gorup_list) > 1) {
- $u->RemoveFromGroup($GroupId);
- }
- else {
- $u->RemoveFromAllGroups();
- $u->Delete();
- }
- }
- else
- {
- $u->RemoveFromGroup($GroupId);
- }
- }
- }
- if(strlen($_GET["Subscribe"])>0)
- $var_list["t"] = $_GET["Subscribe"];
- }
- }
-
- break;
- case "m_logout":
-// $objSession->Logout();
- //unset($objSession);
- //$objSession = new clsUserSession();
-// $var_list_update["t"] = "index";
-// setcookie("login","",time()-3600);
- break;
- case "m_register":
- $MissingCount = SetMissingDataErrors("m_register");
-
- if(!$objConfig->Get("User_Password_Auto"))
- {
- if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
- {
- $MissingCount++;
- $FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
- }
-
- if(strlen($_POST["password"])>30)
- {
- // echo "VAR: ".$_POST["password"]; die();
- $MissingCount++;
- $FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
- }
-
- if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
- {
- $MissingCount++;
- $FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
- }
- }
-
- $u = $objUsers->GetItemByField("Login",$_POST["username"]);
-
- if(is_object($u))
- {
- if($u->Get("Login")==$_POST["username"])
- {
- $MissingCount++;
- $FormError["m_register"]["username"] = language("lu_user_exists");
- }
- }
-
- if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
- {
- $MissingCount++;
- $FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
- }
-
- if(!$MissingCount)
- {
- $CreatedOn = adodb_date("U");
- $GroupId = $objConfig->Get("User_NewGroup");
- $Status=0;
-
- /* determine the status of new users */
- switch ($objConfig->Get("User_Allow_New"))
- {
- case "1":
- $Status=1;
- break;
- case "3":
- $Status=2;
- break;
- }
-
- /* set Destination template */
- $var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
-
- if($Status>0)
- {
- if($objConfig->Get("User_Password_Auto"))
- {
- $password = makepassword();
- $objSession->Set("password", $password);
- }
- else
- $password = $_POST["password"];
-
- $_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
- $dob = DateTimestamp($_POST["dob"],GetDateFormat());
- $ip = $_SERVER['REMOTE_ADDR'];
-
- $u = &$objUsers->Add_User($_POST["username"], md5($password), $_POST["email"], $CreatedOn, inp_escape($_POST["firstname"]), inp_escape($_POST["lastname"]), $Status, $_POST["phone"], $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"], $_POST["country"], $dob, $ip, TRUE);
-
- if(!is_object($u))
- {
- $RuleId=$u;
- $r = $objBanList->GetItem($RuleId);
- $err = $r->Get("ErrorTag");
-
- if(strlen($err))
- {
- $FormError["m_register"][$r->Get("ItemField")] = language($err);
- $MissingCount++;
- }
- }
- else
- {
- $u->Set("Password",$password);
- $u->Clean();
- if($GroupId>0)
- {
- $g = $objGroups->GetItem($GroupId);
- $g->AddUser($u->Get("PortalUserId"),1);
- }
-
- $custom = $_POST["custom"];
- if(is_array($custom))
- {
- for($x=0;$xSetCustomField($custom[$x],$_POST[$custom[$x]]);
- }
- $u->SaveCustomFields();
- }
-
- if($Status==1)
- {
- if($objConfig->Get("User_Password_Auto"))
- {
- $u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.VALIDATE");
- }
- else
- {
- $doLoginNow = true;
- $u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.ADD");
- }
- }
- else
- {
- $u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
- $u->SendAdminEventMail("USER.ADD.PENDING");
- }
-
- if ($doLoginNow)
- $objSession->Login($_POST["username"], md5($password));
-
- }
- }
- }
- break;
- case "m_add_friend":
- $id = $_GET["UserId"];
- $userid = $objSession->Get("PortalUserId");
- if($id!=$userid)
- {
- $u =& $objUsers->GetItem($id);
- $u->AddFavorite($userid);
- }
- break;
- case "m_del_friend":
- $id = $_GET["UserId"];
- $userid = $objSession->Get("PortalUserId");
- $u =& $objUsers->GetItem($id);
- $u->DeleteFavorite();
- break;
- case "m_acctinfo":
-// phpinfo(INFO_VARIABLES);
- $MissingCount = SetMissingDataErrors("m_acctinfo");
- $UserId = $_GET["UserId"];
- if($UserId != $objSession->Get("PortalUserId"))
- {
- $MissingCount++;
- $FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
- }
- if(strlen($_POST["password"])>0)
- {
- if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
- {
- $MissingCount++;
- $FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
- }
-
- if(strlen($_POST["password"])>30)
- {
- // echo "VAR: ".$_POST["password"]; die();
- $MissingCount++;
- $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
- }
-
- if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
- {
- $MissingCount++;
- $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
- }
- }
- if(!$MissingCount)
- {
- /* save profile */
- $u =& $objUsers->GetItem($UserId);
- $status = $u->Get("Status");
- $_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
- $dob = DateTimestamp($_POST["dob"], GetDateFormat());
- if(strlen($_POST["password"])>0)
- {
- $password = md5($_POST["password"]);
- }
- else
- $password = "";
- $objUsers->Edit_User($UserId, $_POST["username"], $password, $_POST["email"], 0,
- inp_escape($_POST["firstname"]), inp_escape($_POST["lastname"]), $status, $_POST["phone"],
- $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"],
- $_POST["country"], $dob);
- }
- break;
- case "m_profile":
- $userid = $objSession->Get("PortalUserId");
- if($userid>0)
- {
- $u = $objUsers->GetItem($userid);
- foreach($_POST as $field=>$value)
- {
- if(substr($field,0,3)=="pp_")
- {
- $objSession->SetPersistantVariable($field,$value);
- }
- }
- }
- break;
- case "m_set_lang":
- $lang = $_GET["lang"];
- $LangId = 0;
- if(strlen($lang))
- {
- $l = $objLanguages->GetItemByField("PackName",$lang);
- if(is_object($l))
- {
- $LangId = $l->Get("LanguageId");
- }
- }
- if($LangId)
- {
- if($objSession->Get("PortalUserId")>0)
- {
- $objSession->SetPersistantVariable("Language",$LangId);
- }
- $objSession->Set("Language",$LangId);
- $objSession->Update();
- $m_var_list_update["lang"] = $LangId;
- $m_var_list["lang"] = $LangId;
- }
- break;
-
- case "m_set_theme":
- $id = $_POST["ThemeId"];
- if(!is_numeric($id))
- $id = $_GET["ThemeId"];
- if($id)
- {
- $objSession->SetThemeName($id);
- $m_var_list["t"] = "index";
- $m_var_list_update["theme"] = $id;
- $m_var_list["theme"] = $id;
- unset($CurrentTheme);
- }
- break;
-
- case "m_sort_cats":
- $objSession->SetVariable("Category_Sortfield",$_POST["cat_field_sort"]);
- $objSession->SetVariable("Category_Sortorder",$_POST["cat_sort_order"]);
- break;
- case "m_add_cat_confirm":
-// phpinfo(INFO_VARIABLES);
- $perm = 0;
- $CategoryId=$objCatList->CurrentCategoryID();
- if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
- $perm = 2;
- if ($objSession->HasCatPermission("CATEGORY.ADD"))
- $perm = 1;
- if ($perm == 0)
- {
- $MissingCount++;
- $FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
- }
- else
- {
- $MissingCount = SetMissingDataErrors("m_addcat");
- if(is_array($_FILES))
- {
- foreach($_FILES as $field => $file)
- {
- $allowed = TRUE;
- if(strlen($_POST["imagetypes"][$field]))
- {
- $types = explode(",",strtolower($_POST["imagetypes"][$field]));
- if(is_array($types))
- {
- if(count($types)>0)
- {
- $path_parts = pathinfo($file["name"]);
- $ext = $path_parts["extension"];
- $allowed = in_array($ext,$types);
- if(!$allowed)
- {
- $MissingCount++;
- $FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
- }
- }
- }
- }
- $maxsize = (int)$_POST["maxsize"][$field];
- if($maxsize>0 && $allowed && $file["size"]>$maxsize)
- {
- $allowed = FALSE;
- $MissingCount++;
- $FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
- }
- }
- }
- if($MissingCount==0)
- {
- $CreatedOn = date("U");
- $name = $_POST["name"];
- $desc = $_POST["description"];
- $metadesc = $_POST["meta_description"];
- $keywords = $_POST["meta_keywords"];
- $parent = $objCatList->CurrentCategoryID();
- $cat =& $objCatList->Add($parent, $name, inp_escape($desc,0), $CreatedOn,
- 0, $perm, 2, 2, 2, 0, $keywords,$metadesc);
- $cat->UpdateCachedPath();
- $cat->Update();
- $cat->UpdateACL();
- $objCatList->UpdateMissingCacheData();
-
- if(strlen($_GET["Confirm"]))
- {
- $var_list["t"] = $_GET["Confirm"];
- }
- else
- $var_list["t"] = $_GET["DestTemplate"];
- }
- }
- break;
- case "m_front_review_add":
- if($objSession->InSpamControl($_POST["ItemId"]))
- {
- $StatusMessage["review"] = language("la_Review_AlreadyReviewed");
- }
- else
- {
- $objReviews = new clsItemReviewList();
- $Status = $objConfig->Get("Review_DefaultStatus");
- $CreatedOn = adodb_date("U");
- $html = (int)$objConfig->Get("Review_Html");
- $ReviewText = inp_escape($_POST["review_text"],$html);
-
- $r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
- 0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
- foreach($ItemTypes as $type=>$id)
- {
- if($id==$_POST["ItemType"])
- {
- $ValName = $type."_ReviewDelay_Value";
- $IntName = $type."_ReviewDelay_Interval";
- break;
- }
- }
- if(strlen($ValName) && strlen($IntName))
- {
- $exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
- $objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
- if(is_object($r))
- {
- if($Status)
- {
- $StatusMessage["review"] = language("la_Review_Added");
- }
- else
- $StatusMessage["review"] = language("la_Review_Pending");
- }
- else
- $StatusMessage["review"] = language("la_Review_Error");
- }
- else
- $StatusMessage["error"] = language("la_ConfigError_Review");
- }
- break;
- case "m_suggest_email":
- $cutoff = time()+(int)$objConfig->Get("Suggest_MinInterval");
- $email = $_POST["suggest_email"];
-
- if (strlen($email))
- {
- if(ValidEmail($email))
- {
- $sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".inp_escape($email,0)."' and sent<".$cutoff;
- $adodbConnection = &GetADODBConnection();
- $rs = $adodbConnection->Execute($sql);
-
- $rs = false;
-
- if($rs && !$rs->EOF)
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
- $suggest_result = "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]);
- }
- else
- {
- $Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
- if(is_object($Event))
- {
- if($Event->Get("Enabled")=="1")
- {
- $Event->Item = $this;
- $Event->SendToAddress($email);
-
- $sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".inp_escape($email,0)."','".time()."')";
-
- $rs = $adodbConnection->Execute($sql);
- $suggest_result=language("lu_suggest_success")." ".$email;
- }
- }
- $e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
-
- if($e->Get("Enabled")==1)
- $e->SendAdmin();
-
- if(strlen($_GET["Confirm"])>0)
- $var_list["t"] = $_GET["Confirm"];
- }
- }
- else
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
- $suggest_result=language("lu_invalid_emailaddress");
- }
- }
- else
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
- $suggest_result=language("lu_suggest_no_address");
- }
- break;
- case "m_simple_search":
- $keywords = $_POST["keywords"];
- $type = $objItemTypes->GetTypeByName("Category");
- $objSearch = new clsSearchResults("Category","clsCategory");
-
- if(strlen($keywords))
- {
- $objSearchList = new clsSearchLogList();
- $objSearchList->UpdateKeyword($keywords,0);
-
- $objSearch->SetKeywords($keywords);
- $objSearch->AddSimpleFields();
- if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
- $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
- if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
- $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
- if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
- $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
-
- //echo "Searching On $keywords
\n";
- $objSearch->PerformSearch(1,$SortOrder,TRUE);
- $SearchPerformed = TRUE;
- //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
- //echo "Finished Setting Category Relevence
\n";
- }
- else
- {
- if(strlen($_GET["Error"])>0)
- $var_list["t"] = $_GET["Error"];
-
- $MissingCount = SetMissingDataErrors("m_simplesearch");
- $MissingCount++;
- $FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
- }
- break;
- case "m_adv_search":
- if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList();
- switch($_GET["type"])
- {
- case 1: /* category */
- //echo "Searching for categories
";
- $objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory");
- foreach($objSearchConfig->Items as $field)
- {
- $fld = $field->Get("FieldName");
-
- $Verb = $_POST["verb"][$field->Get("FieldName")];
- if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
- {
- if($_POST["value"][$field->Get("FieldName")]!=-1)
- {
- $Value = $_POST["value"][$field->Get("FieldName")];
- $Verb = "is";
- }
- }
- else
- {
- $Value = $_POST["value"][$field->Get("FieldName")];
- }
- switch( $_POST["andor"][$field->Get("FieldName")])
- {
- case 1:
- $Conjuction = "AND";
- break;
- case 2:
- $Conjuction = "OR";
- break;
- default:
- $Conjuction = "";
- break;
- }
- if(strlen($Verb)>0 && $Verb!="any")
- {
- //echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]
";
- $objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction);
- }
-
- }
- $objAdvSearch->PerformSearch(1,NULL,TRUE);
- break;
- }
- break;
- case "m_id":
- echo $Action.":".$DownloadId;
- die();
- break;
- case "m_simple_subsearch":
- $keywords = $_POST["keywords"];
- $type = $objItemTypes->GetTypeByName("Category");
- $objSearch = new clsSearchResults("Category","clsCategory");
- if(strlen($keywords))
- {
- $objSearchList = new clsSearchLogList();
- $objSearchList->UpdateKeyword($keywords,0);
-
- $objSearch->SetKeywords($keywords);
- $objSearch->AddSimpleFields();
- if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
- $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
- if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
- $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
- if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
- $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
-
- $SearchResultIdList = $objSearch->Result_IdList();
- if(count($SearchResultIdList)>0)
- {
- $objSearch->PerformSearch(1,$SortOrder,TRUE,$SearchResultIdList);
- //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
- }
- $SearchPerformed = TRUE;
- }
- else {
- $MissingCount = SetMissingDataErrors("m_simplesearch");
- $MissingCount++;
- $FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
- }
- break;
-}
-?>
+Front, Kernel Action ['.$Action."]
\n";
+}
+
+if( defined('DEBUG_ACTIONS') && (DEBUG_ACTIONS & FRONT_SHOW_REQUEST) == FRONT_SHOW_REQUEST )
+{
+ // don't show debug output in tree & header of admin & while logging in
+ $script = basename($_SERVER['PHP_SELF']);
+
+ echo '';
+ echo " ScriptName: $script (".dirname($_SERVER['PHP_SELF']).") ";
+ $div_height = (count($_REQUEST)+1)*26;
+ if($div_height > 300) $div_height = 300;
+ echo '';
+ echo ' ';
+ echo 'Src | Name | Value | ';
+
+ foreach($_REQUEST as $key => $value)
+ {
+ if( !is_array($value) && trim($value) == '' ) $value = ' ';
+ $src = isset($_GET[$key]) ? 'GE' : (isset($_POST[$key]) ? 'PO' : (isset($_COOKIE[$key]) ? 'CO' : '?') );
+ echo ''.$src.' | '.$key.' | '.print_r($value, true).' | ';
+ }
+ echo ' ';
+ echo ' |
';
+ unset($script);
+// echo "SID: ".$objSession->GetSessionKey().'
';
+}
+
+switch($Action)
+{
+ case "m_login":
+ // if($objSession->ValidSession()) $objSession->Logout();
+ //echo $objSession->GetSessionKey()."
\n";
+ if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") {
+ $FormError["login"]["login_user"] = language("lu_cookies_error");
+ }
+ else
+ {
+ $MissingCount = SetMissingDataErrors("login");
+ if($MissingCount==2)
+ {
+ $FormError["login"]["login_user"]= language("lu_ferror_loginboth");
+ unset($FormError["login"]["login_password"]);
+ }
+
+ if($MissingCount==0)
+ {
+ if($_POST["login_user"]=="root")
+ {
+ $FormError["login"]["login_user"]= language("lu_access_denied");
+ }
+ else
+ {
+ $LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
+ if($LoginCheck === true)
+ {
+ if( !headers_sent() && GetVar('usercookie') == 1 )
+ {
+ $c = $_POST["login_user"]."|";
+ $pw = $_POST["login_password"];
+ if(strlen($pw) < 31) $pw = md5($pw);
+ $c .= $pw;
+ setcookie("login",$c,time()+2592000);
+ }
+
+ // set new destination template if passed
+ $dest = GetVar('dest', true);
+ if(!$dest) $dest = GetVar('DestTemplate', true);
+ if($dest) $var_list['t'] = $dest;
+ }
+ else
+ {
+ switch($LoginCheck)
+ {
+ case -1: // user or/and pass wrong
+ $FormError["login"]["login_password"] = language("lu_incorrect_login");
+ break;
+
+ case -2: // user ok, but has no permission
+ $FormError["login"]["login_password"] = language("la_text_nopermissions");
+ break;
+ }
+ }
+ }
+ }
+ }
+ break;
+
+ case "m_forgotpw":
+ $MissingCount = SetMissingDataErrors("forgotpw");
+ if($MissingCount==0)
+ {
+ $username = $_POST["username"];
+ $email = $_POST["email"];
+ $found = FALSE;
+ if(strlen($username))
+ {
+ $u = $objUsers->GetItemByField("Login",$username);
+ if(is_object($u))
+ $found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
+ }
+ else if(strlen($email))
+ {
+ $u = $objUsers->GetItemByField("Email",$email);
+ if(is_object($u))
+ $found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
+ }
+ if($found)
+ {
+ $newpw = makepassword();
+ $objSession->Set('password', $newpw);
+ $u->Set("Password",$newpw);
+ $u->Update();
+ $u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.PSWD");
+ $u->Set("Password",md5($newpw));
+ $u->Update();
+ $u->Clean();
+ }
+ else
+ {
+ if(!strlen($username) && !strlen($email))
+ {
+ $FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
+ $MissingCount++;
+ }
+ else
+ {
+ if(strlen($username))
+ $FormError["forgotpw"]["username"] = language("lu_ferror_unknown_username");
+ if(strlen($email))
+ $FormError["forgotpw"]["email"] = language("lu_ferror_unknown_email");
+ $MissingCount++;
+ }
+ if(strlen($_GET["error"]))
+ $var_list["t"] = $_GET["error"];
+ }
+ }
+ else
+ if(strlen($_GET["error"]))
+ $var_list["t"] = $_GET["error"];
+ break;
+ case "m_subscribe_confirm":
+ $t = "";
+ $SubscribeAddress = $_POST["subscribe_email"];
+ if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
+ {
+ $t = $_GET["Error"];
+ $SubscribeError = "lu_invalid_emailaddress";
+ }
+ else
+ {
+ if((int)$objConfig->Get("User_SubscriberGroup")>0)
+ {
+ $g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
+ if(is_object($g))
+ {
+ $email = $_POST["subscribe_email"];
+ if(strlen($email)>0)
+ {
+ $u = $objUsers->GetItemByField("Email",$email);
+
+ if(is_object($u))
+ {
+ if($u->CheckBanned())
+ {
+ $t = $_GET["Error"];
+ $SubscribeError ="lu_subscribe_banned";
+ }
+ else
+ {
+ if($u->IsInGroup($g->Get("GroupId")))
+ {
+ $t = $_GET["Unsubscribe"];
+ }
+ else
+ $t = $_GET["Subscribe"];
+ }
+ }
+ else
+ $t = $_GET["Subscribe"];
+ }
+ else
+ {
+ $t = $_GET["Error"];
+ $SubscribeError ="lu_subscribe_no_address";
+ }
+ }
+ else
+ {
+ $t = $_GET["Error"];
+ $SubscribeError ="lu_subscribe_unknown_error";
+ }
+ }
+ }
+ if(strlen($t))
+ {
+ $var_list["t"] = $t;
+ $var_list_update["t"] = $t;
+ }
+ break;
+ case "m_subscribe":
+ //phpinfo(INFO_VARIABLES);
+ if($_POST["buttons"][0]==language("lu_button_yes"))
+ {
+ $SubscribeAddress = $_POST["subscribe_email"];
+ if(strlen($SubscribeAddress)>0)
+ {
+ if(ValidEmail($SubscribeAddress))
+ {
+ $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
+ if ($GroupId)
+ {
+ $g = $objGroups->GetItem($GroupId);
+ $u = $objUsers->GetItemByField("Email",$SubscribeAddress);
+ if(is_object($u))
+ {
+ if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
+ {
+ $bExists = TRUE;
+ }
+ else
+ $bExists = FALSE;
+ }
+ if($bExists)
+ {
+ $g->AddUser($u->Get("PortalUserId"));
+ }
+ else
+ {
+ $u = new clsPortalUser(NULL);
+ $u->Set("Email",$SubscribeAddress);
+ $u->Set("ip",$_SERVER['REMOTE_ADDR']);
+ $u->Set("CreatedOn",date("U"));
+ $u->Set("Status",1);
+ if(!$u->CheckBanned())
+ {
+ $u->Create();
+ $g->AddUser($u->Get("PortalUserId"),1);
+ }
+ else
+ $SubscribeResult = "lu_subscribe_banned";
+ }
+ $SubscribeResult = "lu_subscribe_success";
+ $u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.SUBSCRIBE");
+ if(strlen($_GET["Subscribe"])>0)
+ $var_list["t"] = $_GET["Subscribe"];
+ }
+ }
+ else
+ {
+ $SubscribeResult = "lu_invalid_emailaddress";
+ }
+ }
+ else
+ $SubscribeResult = "lu_subscribe_missing_address";
+ }
+
+ if(!strlen($SubscribeResult))
+ $SubscribeResult = "lu_subscribe_success";
+ break;
+ case "m_unsubscribe":
+
+ if($_POST["buttons"][0]==language("lu_button_yes"))
+ {
+ $MissingCount = SetMissingDataErrors("m_unsubscribe");
+
+ if($MissingCount==0)
+ {
+ $email = $_POST["subscribe_email"];
+ $u = $objUsers->GetItemByField("Email",$email);
+ if(is_object($u))
+ {
+ if(strtolower($u->Get("Email"))==strtolower($email))
+ {
+ $GroupId = (int)$objConfig->Get("User_SubscriberGroup");
+ if($u->PrimaryGroup()==$GroupId)
+ {
+ $u_gorup_list = $u->GetGroupList();
+
+ if (count($u_gorup_list) > 1) {
+ $u->RemoveFromGroup($GroupId);
+ }
+ else {
+ $u->RemoveFromAllGroups();
+ $u->Delete();
+ }
+ }
+ else
+ {
+ $u->RemoveFromGroup($GroupId);
+ }
+ }
+ }
+ if(strlen($_GET["Subscribe"])>0)
+ $var_list["t"] = $_GET["Subscribe"];
+ }
+ }
+
+ break;
+ case "m_logout":
+// $objSession->Logout();
+ //unset($objSession);
+ //$objSession = new clsUserSession();
+// $var_list_update["t"] = "index";
+// setcookie("login","",time()-3600);
+ break;
+ case "m_register":
+ $_POST=inp_escape($_POST);
+ $MissingCount = SetMissingDataErrors("m_register");
+
+ if(!$objConfig->Get("User_Password_Auto"))
+ {
+ if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
+ }
+
+ if(strlen($_POST["password"])>30)
+ {
+ // echo "VAR: ".$_POST["password"]; die();
+ $MissingCount++;
+ $FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
+ }
+
+ if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
+ }
+ }
+
+ $u = $objUsers->GetItemByField("Login",$_POST["username"]);
+
+ if(is_object($u))
+ {
+ if($u->Get("Login")==$_POST["username"])
+ {
+ $MissingCount++;
+ $FormError["m_register"]["username"] = language("lu_user_exists");
+ }
+ }
+
+ if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
+ {
+ $MissingCount++;
+ $FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
+ }
+
+ if(!$MissingCount)
+ {
+ $CreatedOn = adodb_date("U");
+ $GroupId = $objConfig->Get("User_NewGroup");
+ $Status=0;
+
+ /* determine the status of new users */
+ switch ($objConfig->Get("User_Allow_New"))
+ {
+ case "1":
+ $Status=1;
+ break;
+ case "3":
+ $Status=2;
+ break;
+ }
+
+ /* set Destination template */
+ $var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
+
+ if($Status>0)
+ {
+ if($objConfig->Get("User_Password_Auto"))
+ {
+ $password = makepassword();
+ $objSession->Set("password", $password);
+ }
+ else
+ $password = $_POST["password"];
+
+ $_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
+ $dob = DateTimestamp($_POST["dob"],GetDateFormat());
+ $ip = $_SERVER['REMOTE_ADDR'];
+
+ $u = &$objUsers->Add_User($_POST["username"], md5($password), $_POST["email"], $CreatedOn, $_POST["firstname"], $_POST["lastname"], $Status, $_POST["phone"], $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"], $_POST["country"], $dob, $ip, TRUE);
+
+ if(!is_object($u))
+ {
+ $RuleId=$u;
+ $r = $objBanList->GetItem($RuleId);
+ $err = $r->Get("ErrorTag");
+
+ if(strlen($err))
+ {
+ $FormError["m_register"][$r->Get("ItemField")] = language($err);
+ $MissingCount++;
+ }
+ }
+ else
+ {
+ $u->Set("Password",$password);
+ $u->Clean();
+ if($GroupId>0)
+ {
+ $g = $objGroups->GetItem($GroupId);
+ $g->AddUser($u->Get("PortalUserId"),1);
+ }
+
+ $custom = $_POST["custom"];
+ if(is_array($custom))
+ {
+ for($x=0;$xSetCustomField($custom[$x],$_POST[$custom[$x]]);
+ }
+ $u->SaveCustomFields();
+ }
+
+ if($Status==1)
+ {
+ if($objConfig->Get("User_Password_Auto"))
+ {
+ $u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.VALIDATE");
+ }
+ else
+ {
+ $doLoginNow = true;
+ $u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.ADD");
+ }
+ }
+ else
+ {
+ $u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
+ $u->SendAdminEventMail("USER.ADD.PENDING");
+ }
+
+ if ($doLoginNow)
+ $objSession->Login($_POST["username"], md5($password));
+
+ }
+ }
+ }
+ break;
+ case "m_add_friend":
+ $id = $_GET["UserId"];
+ $userid = $objSession->Get("PortalUserId");
+ if($id!=$userid)
+ {
+ $u =& $objUsers->GetItem($id);
+ $u->AddFavorite($userid);
+ }
+ break;
+ case "m_del_friend":
+ $id = $_GET["UserId"];
+ $userid = $objSession->Get("PortalUserId");
+ $u =& $objUsers->GetItem($id);
+ $u->DeleteFavorite();
+ break;
+ case "m_acctinfo":
+// phpinfo(INFO_VARIABLES);
+ $_POST=inp_escape($_POST);
+ $MissingCount = SetMissingDataErrors("m_acctinfo");
+ $UserId = $_GET["UserId"];
+ if($UserId != $objSession->Get("PortalUserId"))
+ {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
+ }
+ if(strlen($_POST["password"])>0)
+ {
+ if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
+ {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
+ }
+
+ if(strlen($_POST["password"])>30)
+ {
+ // echo "VAR: ".$_POST["password"]; die();
+ $MissingCount++;
+ $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
+ }
+
+ if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
+ {
+ $MissingCount++;
+ $FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
+ }
+ }
+ if(!$MissingCount)
+ {
+ /* save profile */
+ $u =& $objUsers->GetItem($UserId);
+ $status = $u->Get("Status");
+ $_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
+ $dob = DateTimestamp($_POST["dob"], GetDateFormat());
+ if(strlen($_POST["password"])>0)
+ {
+ $password = md5($_POST["password"]);
+ }
+ else
+ $password = "";
+ $objUsers->Edit_User($UserId, $_POST["username"], $password, $_POST["email"], 0,
+ $_POST["firstname"], $_POST["lastname"], $status, $_POST["phone"],
+ $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"],
+ $_POST["country"], $dob);
+ }
+ break;
+ case "m_profile":
+ $userid = $objSession->Get("PortalUserId");
+ if($userid>0)
+ {
+ $u = $objUsers->GetItem($userid);
+ foreach($_POST as $field=>$value)
+ {
+ if(substr($field,0,3)=="pp_")
+ {
+ $objSession->SetPersistantVariable($field,$value);
+ }
+ }
+ }
+ break;
+ case "m_set_lang":
+ $lang = $_GET["lang"];
+ $LangId = 0;
+ if(strlen($lang))
+ {
+ $l = $objLanguages->GetItemByField("PackName",$lang);
+ if(is_object($l))
+ {
+ $LangId = $l->Get("LanguageId");
+ }
+ }
+ if($LangId)
+ {
+ if($objSession->Get("PortalUserId")>0)
+ {
+ $objSession->SetPersistantVariable("Language",$LangId);
+ }
+ $objSession->Set("Language",$LangId);
+ $objSession->Update();
+ $m_var_list_update["lang"] = $LangId;
+ $m_var_list["lang"] = $LangId;
+ }
+ break;
+
+ case "m_set_theme":
+ $id = $_POST["ThemeId"];
+ if(!is_numeric($id))
+ $id = $_GET["ThemeId"];
+ if($id)
+ {
+ $objSession->SetThemeName($id);
+ $m_var_list["t"] = "index";
+ $m_var_list_update["theme"] = $id;
+ $m_var_list["theme"] = $id;
+ unset($CurrentTheme);
+ }
+ break;
+
+ case "m_sort_cats":
+ $objSession->SetVariable("Category_Sortfield",$_POST["cat_field_sort"]);
+ $objSession->SetVariable("Category_Sortorder",$_POST["cat_sort_order"]);
+ break;
+ case "m_add_cat_confirm":
+// phpinfo(INFO_VARIABLES);
+ $perm = 0;
+ $CategoryId=$objCatList->CurrentCategoryID();
+ if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
+ $perm = 2;
+ if ($objSession->HasCatPermission("CATEGORY.ADD"))
+ $perm = 1;
+ if ($perm == 0)
+ {
+ $MissingCount++;
+ $FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
+ }
+ else
+ {
+ $MissingCount = SetMissingDataErrors("m_addcat");
+ if(is_array($_FILES))
+ {
+ foreach($_FILES as $field => $file)
+ {
+ $allowed = TRUE;
+ if(strlen($_POST["imagetypes"][$field]))
+ {
+ $types = explode(",",strtolower($_POST["imagetypes"][$field]));
+ if(is_array($types))
+ {
+ if(count($types)>0)
+ {
+ $path_parts = pathinfo($file["name"]);
+ $ext = $path_parts["extension"];
+ $allowed = in_array($ext,$types);
+ if(!$allowed)
+ {
+ $MissingCount++;
+ $FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
+ }
+ }
+ }
+ }
+ $maxsize = (int)$_POST["maxsize"][$field];
+ if($maxsize>0 && $allowed && $file["size"]>$maxsize)
+ {
+ $allowed = FALSE;
+ $MissingCount++;
+ $FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
+ }
+ }
+ }
+ if($MissingCount==0)
+ {
+ $CreatedOn = date("U");
+ $_POST=inp_striptags($_POST);
+ $name = $_POST["name"];
+ $desc = $_POST["description"];
+ $metadesc = $_POST["meta_description"];
+ $keywords = $_POST["meta_keywords"];
+ $parent = $objCatList->CurrentCategoryID();
+ $cat =& $objCatList->Add($parent, $name, $desc, $CreatedOn,
+ 0, $perm, 2, 2, 2, 0, $keywords,$metadesc);
+ $cat->UpdateCachedPath();
+ $cat->Update();
+ $cat->UpdateACL();
+ $objCatList->UpdateMissingCacheData();
+
+ if(strlen($_GET["Confirm"]))
+ {
+ $var_list["t"] = $_GET["Confirm"];
+ }
+ else
+ $var_list["t"] = $_GET["DestTemplate"];
+ }
+ }
+ break;
+ case "m_front_review_add":
+ if($objSession->InSpamControl($_POST["ItemId"]))
+ {
+ $StatusMessage["review"] = language("la_Review_AlreadyReviewed");
+ }
+ else
+ {
+ $objReviews = new clsItemReviewList();
+ $Status = $objConfig->Get("Review_DefaultStatus");
+ $CreatedOn = adodb_date("U");
+ $html = (int)$objConfig->Get("Review_Html");
+ $ReviewText = inp_striptags($_POST["review_text"]);
+
+ $r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
+ 0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
+ foreach($ItemTypes as $type=>$id)
+ {
+ if($id==$_POST["ItemType"])
+ {
+ $ValName = $type."_ReviewDelay_Value";
+ $IntName = $type."_ReviewDelay_Interval";
+ break;
+ }
+ }
+ if(strlen($ValName) && strlen($IntName))
+ {
+ $exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
+ $objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
+ if(is_object($r))
+ {
+ if($Status)
+ {
+ $StatusMessage["review"] = language("la_Review_Added");
+ }
+ else
+ $StatusMessage["review"] = language("la_Review_Pending");
+ }
+ else
+ $StatusMessage["review"] = language("la_Review_Error");
+ }
+ else
+ $StatusMessage["error"] = language("la_ConfigError_Review");
+ }
+ break;
+ case "m_suggest_email":
+ $cutoff = time()+(int)$objConfig->Get("Suggest_MinInterval");
+ $email = inp_striptags($_POST["suggest_email"]);
+
+ if (strlen($email))
+ {
+ if(ValidEmail($email))
+ {
+ $sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".$email."' and sent<".$cutoff;
+ $adodbConnection = &GetADODBConnection();
+ $rs = $adodbConnection->Execute($sql);
+
+ $rs = false;
+
+ if($rs && !$rs->EOF)
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+ $suggest_result = "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]);
+ }
+ else
+ {
+ $Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
+ if(is_object($Event))
+ {
+ if($Event->Get("Enabled")=="1")
+ {
+ $Event->Item = $this;
+ $Event->SendToAddress($email);
+
+ $sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".$email."','".time()."')";
+
+ $rs = $adodbConnection->Execute($sql);
+ $suggest_result=language("lu_suggest_success")." ".$email;
+ }
+ }
+ $e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
+
+ if($e->Get("Enabled")==1)
+ $e->SendAdmin();
+
+ if(strlen($_GET["Confirm"])>0)
+ $var_list["t"] = $_GET["Confirm"];
+ }
+ }
+ else
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+ $suggest_result=language("lu_invalid_emailaddress");
+ }
+ }
+ else
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+ $suggest_result=language("lu_suggest_no_address");
+ }
+ break;
+ case "m_simple_search":
+ $keywords = $_POST["keywords"];
+ $type = $objItemTypes->GetTypeByName("Category");
+ $objSearch = new clsSearchResults("Category","clsCategory");
+
+ if(strlen($keywords))
+ {
+ $objSearchList = new clsSearchLogList();
+ $objSearchList->UpdateKeyword($keywords,0);
+
+ $objSearch->SetKeywords($keywords);
+ $objSearch->AddSimpleFields();
+ if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
+ $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
+ if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
+ $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
+ if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
+ $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
+
+ //echo "Searching On $keywords
\n";
+ $objSearch->PerformSearch(1,$SortOrder,TRUE);
+ $SearchPerformed = TRUE;
+ //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
+ //echo "Finished Setting Category Relevence
\n";
+ }
+ else
+ {
+ if(strlen($_GET["Error"])>0)
+ $var_list["t"] = $_GET["Error"];
+
+ $MissingCount = SetMissingDataErrors("m_simplesearch");
+ $MissingCount++;
+ $FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
+ }
+ break;
+ case "m_adv_search":
+ if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList();
+ switch($_GET["type"])
+ {
+ case 1: /* category */
+ //echo "Searching for categories
";
+ $objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory");
+ foreach($objSearchConfig->Items as $field)
+ {
+ $fld = $field->Get("FieldName");
+
+ $Verb = $_POST["verb"][$field->Get("FieldName")];
+ if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
+ {
+ if($_POST["value"][$field->Get("FieldName")]!=-1)
+ {
+ $Value = $_POST["value"][$field->Get("FieldName")];
+ $Verb = "is";
+ }
+ }
+ else
+ {
+ $Value = $_POST["value"][$field->Get("FieldName")];
+ }
+ switch( $_POST["andor"][$field->Get("FieldName")])
+ {
+ case 1:
+ $Conjuction = "AND";
+ break;
+ case 2:
+ $Conjuction = "OR";
+ break;
+ default:
+ $Conjuction = "";
+ break;
+ }
+ if(strlen($Verb)>0 && $Verb!="any")
+ {
+ //echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]
";
+ $objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction);
+ }
+
+ }
+ $objAdvSearch->PerformSearch(1,NULL,TRUE);
+ break;
+ }
+ break;
+ case "m_id":
+ echo $Action.":".$DownloadId;
+ die();
+ break;
+ case "m_simple_subsearch":
+ $keywords = $_POST["keywords"];
+ $type = $objItemTypes->GetTypeByName("Category");
+ $objSearch = new clsSearchResults("Category","clsCategory");
+ if(strlen($keywords))
+ {
+ $objSearchList = new clsSearchLogList();
+ $objSearchList->UpdateKeyword($keywords,0);
+
+ $objSearch->SetKeywords($keywords);
+ $objSearch->AddSimpleFields();
+ if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
+ $objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
+ if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
+ $objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
+ if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
+ $objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
+
+ $SearchResultIdList = $objSearch->Result_IdList();
+ if(count($SearchResultIdList)>0)
+ {
+ $objSearch->PerformSearch(1,$SortOrder,TRUE,$SearchResultIdList);
+ //$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
+ }
+ $SearchPerformed = TRUE;
+ }
+ else {
+ $MissingCount = SetMissingDataErrors("m_simplesearch");
+ $MissingCount++;
+ $FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
+ }
+ break;
+}
+?>