本文整理汇总了PHP中cbSpoofCheck函数的典型用法代码示例。如果您正苦于以下问题:PHP cbSpoofCheck函数的具体用法?PHP cbSpoofCheck怎么用?PHP cbSpoofCheck使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了cbSpoofCheck函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getCBpluginComponent
/**
* @param TabTable $tab Current tab
* @param UserTable $user Current user
* @param int $ui 1 front, 2 admin UI
* @param array $postdata Raw unfiltred POST data
* @return string HTML
*/
public function getCBpluginComponent($tab, $user, $ui, $postdata)
{
global $_CB_framework;
outputCbJs(1);
outputCbTemplate(1);
$plugin = cbblogsClass::getPlugin();
$model = cbblogsClass::getModel();
$action = $this->input('action', null, GetterInterface::STRING);
$function = $this->input('func', null, GetterInterface::STRING);
$id = $this->input('id', null, GetterInterface::INT);
$user = CBuser::getUserDataInstance($_CB_framework->myId());
$tab = new TabTable();
$tab->load(array('pluginid' => (int) $plugin->id));
$profileUrl = $_CB_framework->userProfileUrl($user->get('id'), false, 'cbblogsTab');
if (!($tab->enabled && Application::MyUser()->canViewAccessLevel($tab->viewaccesslevel))) {
cbRedirect($profileUrl, CBTxt::T('Not authorized.'), 'error');
}
ob_start();
switch ($action) {
case 'blogs':
switch ($function) {
case 'new':
$this->showBlogEdit(null, $user, $model, $plugin);
break;
case 'edit':
$this->showBlogEdit($id, $user, $model, $plugin);
break;
case 'save':
cbSpoofCheck('plugin');
$this->saveBlogEdit($id, $user, $model, $plugin);
break;
case 'publish':
$this->stateBlog(1, $id, $user, $model, $plugin);
break;
case 'unpublish':
$this->stateBlog(0, $id, $user, $model, $plugin);
break;
case 'delete':
$this->deleteBlog($id, $user, $model, $plugin);
break;
case 'show':
default:
if ($model->type != 2) {
cbRedirect(cbblogsModel::getUrl((int) $id, false));
} else {
$this->showBlog($id, $user, $model, $plugin);
}
break;
}
break;
default:
cbRedirect($profileUrl, CBTxt::T('Not authorized.'), 'error');
break;
}
$html = ob_get_contents();
ob_end_clean();
$class = $plugin->params->get('general_class', null);
$return = '<div id="cbBlogs" class="cbBlogs' . ($class ? ' ' . htmlspecialchars($class) : null) . '">' . '<div id="cbBlogsInner" class="cbBlogsInner">' . $html . '</div>' . '</div>';
echo $return;
}
示例2: getCBpluginComponent
/**
* @param null $tab
* @param UserTable $user
* @param int $ui
* @param array $postdata
*/
public function getCBpluginComponent($tab, $user, $ui, $postdata)
{
global $_CB_framework, $_PLUGINS, $_CB_PMS;
cbSpoofCheck('plugin');
$id = $this->input('id', null, GetterInterface::INT);
$user = CBuser::getMyUserDataInstance();
if (!$id) {
cbRedirect($_CB_framework->userProfileUrl($user->get('id'), false, 'getmypmsproTab'), CBTxt::T('SEND_PMS_MISSING_TO_USER', 'Private message failed to send! Error: Missing to user'), 'error');
}
$profileUrl = $_CB_framework->userProfileUrl($id, false, 'getmypmsproTab');
if (!$user->get('id')) {
cbRedirect($profileUrl, CBTxt::T('Not authorized.'), 'error');
}
if ($id == $user->get('id')) {
cbRedirect($profileUrl, CBTxt::T('SEND_PMS_ERROR_SELF', 'Private message failed to send! Error: You can not send a private message to your self'), 'error');
}
$tab = new TabTable();
$tab->load(array('pluginclass' => 'getmypmsproTab'));
if (!($tab->enabled && Application::MyUser()->canViewAccessLevel($tab->viewaccesslevel))) {
cbRedirect($profileUrl, CBTxt::T('Not authorized.'), 'error');
}
$subject = $this->input('subject', null, GetterInterface::STRING);
$message = $this->input('message', null, GetterInterface::STRING);
$send = $_CB_PMS->sendPMSMSG($id, $user->get('id'), $subject, $message, false);
if (is_array($send) && count($send) > 0) {
$result = $send[0];
} else {
$result = false;
}
if ($result) {
cbRedirect($profileUrl, CBTxt::T('SEND_PMS_SUCCESS', 'Private message sent successfully!'));
} else {
cbRedirect($profileUrl, $_PLUGINS->getErrorMSG(), 'error');
}
}
示例3: store
/**
* If table key (id) is NULL : inserts a new row
* otherwise updates existing row in the database table
*
* Can be overridden or overloaded by the child class
*
* @param boolean $updateNulls TRUE: null object variables are also updated, FALSE: not.
* @return boolean TRUE if successful otherwise FALSE
*
* @throws \InvalidArgumentException
* @throws \RuntimeException
*/
public function store($updateNulls = false)
{
cbimport('cb.tabs');
cbimport('cb.imgtoolbox');
cbimport('cb.adminfilesystem');
cbimport('cb.installer');
cbimport('cb.params');
cbimport('cb.pagination');
cbSpoofCheck('plugin');
checkCanAdminPlugins('core.admin');
ob_start();
switch ($this->func) {
case 'installPluginUpload':
$success = $this->installPluginUpload();
break;
case 'installPluginDir':
$success = $this->installPluginDir($this->localdirectory);
break;
case 'installPluginURL':
$success = $this->installPluginURL($this->packageurl);
break;
case 'installPluginDisc':
$success = $this->installPluginDisc($this->plgfile);
break;
default:
throw new \InvalidArgumentException(CBTxt::T('INVALID_FUNCTION', 'Invalid function'), 500);
}
$html = ob_get_contents();
ob_end_clean();
$this->_resultMessage = $html;
if (!$success) {
$this->setError('Installation error');
}
return $success;
}
示例4: getCBpluginComponent
/**
* @param null $tab
* @param UserTable $user
* @param int $ui
* @param array $postdata
*/
public function getCBpluginComponent( $tab, $user, $ui, $postdata )
{
global $_CB_framework;
outputCbJs( 1 );
outputCbTemplate( 1 );
$action = $this->input( 'action', null, GetterInterface::STRING );
$function = $this->input( 'func', null, GetterInterface::STRING );
$id = $this->input( 'id', null, GetterInterface::INT );
$user = CBuser::getMyUserDataInstance();
$profileUrl = $_CB_framework->userProfileUrl( $user->get( 'id' ), false );
if ( ! $user->get( 'id' ) ) {
$profileUrl = 'index.php';
}
ob_start();
switch ( $action ) {
case 'privacy':
switch ( $function ) {
case 'disable':
$this->disableProfile( $id, $user );
break;
case 'disableuser':
cbSpoofCheck( 'plugin' );
$this->disableUser( $id, $user );
break;
case 'delete':
$this->deleteProfile( $id, $user );
break;
case 'deleteuser':
cbSpoofCheck( 'plugin' );
$this->deleteUser( $id, $user );
break;
default:
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
break;
}
break;
default:
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
break;
}
$html = ob_get_contents();
ob_end_clean();
$class = $this->params->get( 'general_class', null );
$return = '<div id="cbPrivacy" class="cbPrivacy' . ( $class ? ' ' . htmlspecialchars( $class ) : null ) . '">'
. '<div id="cbPrivacyInner" class="cbPrivacyInner">'
. $html
. '</div>'
. '</div>';
echo $return;
}
示例5: getCBpluginComponent
/**
* @param TabTable $tab Current tab
* @param UserTable $user Current user
* @param int $ui 1 front, 2 admin UI
* @param array $postdata Raw unfiltred POST data
* @return string HTML
*/
public function getCBpluginComponent( $tab, $user, $ui, $postdata )
{
$format = $this->input( 'format', null, GetterInterface::STRING );
if ( $format != 'raw' ) {
outputCbJs();
outputCbTemplate();
}
$action = $this->input( 'action', null, GetterInterface::STRING );
$function = $this->input( 'func', null, GetterInterface::STRING );
$id = (int) $this->input( 'id', null, GetterInterface::INT );
$user = CBuser::getMyUserDataInstance();
if ( $format != 'raw' ) {
ob_start();
}
switch ( $action ) {
case 'wall':
switch ( $function ) {
case 'publish':
$this->stateWall( 1, $id, $user );
break;
case 'unpublish':
$this->stateWall( 0, $id, $user );
break;
case 'delete':
$this->deleteWall( $id, $user );
break;
case 'new':
$this->showWallEdit( null, $user );
break;
case 'edit':
$this->showWallEdit( $id, $user );
break;
case 'save':
cbSpoofCheck( 'plugin' );
$this->saveWallEdit( $id, $user );
break;
}
break;
}
if ( $format != 'raw' ) {
$html = ob_get_contents();
ob_end_clean();
$class = $this->_gjParams->get( 'general_class', null );
$return = '<div class="cbGroupJive' . ( $class ? ' ' . htmlspecialchars( $class ) : null ) . '">'
. '<div class="cbGroupJiveInner">'
. $html
. '</div>'
. '</div>';
echo $return;
}
}
示例6: fieldClass
/**
* Direct access to field for custom operations, like for Ajax
*
* WARNING: direct unchecked access, except if $user is set, then check well for the $reason ...
*
* @param moscomprofilerFields $field
* @param moscomprofilerUser $user
* @param array $postdata
* @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'search' for searches
* @return string Expected output.
*/
function fieldClass(&$field, &$user, &$postdata, $reason)
{
global $_CB_framework;
// simple spoof check security
if (!cbSpoofCheck('fieldclass', 'POST', 2) || $reason == 'register' && $_CB_framework->getUi() == 1 && !cbRegAntiSpamCheck(2)) {
echo '<span class="cb_result_error">' . _UE_SESSION_EXPIRED . "</span>";
exit;
}
return false;
}
示例7: getCBpluginComponent
/**
* @param null $tab
* @param UserTable $user
* @param int $ui
* @param array $postdata
*/
public function getCBpluginComponent( $tab, $user, $ui, $postdata )
{
global $_CB_framework;
outputCbJs( 1 );
outputCbTemplate( 1 );
$action = $this->input( 'action', null, GetterInterface::STRING );
$function = $this->input( 'func', null, GetterInterface::STRING );
$id = $this->input( 'id', null, GetterInterface::INT );
$user = CBuser::getMyUserDataInstance();
$tab = new TabTable();
$tab->load( array( 'pluginclass' => 'cbinvitesTab' ) );
$profileUrl = $_CB_framework->userProfileUrl( $user->get( 'id' ), false, 'cbinvitesTab' );
if ( ! ( $tab->enabled && Application::MyUser()->canViewAccessLevel( $tab->viewaccesslevel ) ) ) {
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
}
ob_start();
switch ( $action ) {
case 'invites':
switch ( $function ) {
case 'new':
$this->showInviteEdit( null, $user );
break;
case 'edit':
$this->showInviteEdit( $id, $user );
break;
case 'save':
cbSpoofCheck( 'plugin' );
$this->saveInviteEdit( $id, $user );
break;
case 'send':
$this->sendInvite( $id, $user );
break;
case 'delete':
$this->deleteInvite( $id, $user );
break;
case 'show':
default:
cbRedirect( $profileUrl );
break;
}
break;
default:
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
break;
}
$html = ob_get_contents();
ob_end_clean();
$class = $this->params->get( 'general_class', null );
$return = '<div id="cbInvites" class="cbInvites' . ( $class ? ' ' . htmlspecialchars( $class ) : null ) . '">'
. '<div id="cbInvitesInner" class="cbInvitesInner">'
. $html
. '</div>'
. '</div>';
echo $return;
}
示例8: editPluginView
/**
* render backend edit plugin view
*
* @param object $row
* @param string $option
* @param string $task
* @param int $uid
* @param string $action
* @param string $element
* @param int $mode
* @param object $pluginParams
*/
public function editPluginView( $row, $option, $task, $uid, $action, $element, $mode, $pluginParams ) {
global $_CB_framework, $_CB_database, $_CB_Backend_Menu, $_CB_Backend_task, $_GJ_Backend_Title, $_PLUGINS;
if ( ! CBuser::getMyInstance()->authoriseAction( 'core.manage' ) ) {
cbRedirect( $_CB_framework->backendUrl( 'index.php' ), _UE_NOT_AUTHORIZED, 'error' );
}
outputCbJs( 2 );
outputCbTemplate( 2 );
$plugin = cbgjClass::getPlugin();
$_CB_framework->document->addHeadStyleSheet( $plugin->livePath . '/admin.' . $plugin->element . '.css' );
require_once( $plugin->absPath . '/admin.' . $plugin->element . '.html.php' );
$_CB_Backend_task = $task;
$_GJ_Backend_Title = array();
$_CB_Backend_Menu->mode = $plugin->element . 'Admin';
$actions = explode( '.', $action );
$action = ( isset( $actions[0] ) ? $actions[0] : null );
$function = ( isset( $actions[1] ) ? $actions[1] : null );
$id = cbGetParam( $_REQUEST, 'id', array( 0 ) );
$order = cbGetParam( $_REQUEST, 'order', array( 0 ) );
$user =& CBuser::getUserDataInstance( $_CB_framework->myId() );
if ( ! is_array( $id ) ) {
$id = array( $id );
}
if ( ! $id ) {
$id = array( 0 );
}
if ( ! is_array( $order ) ) {
$order = array( $order );
}
if ( ! $order ) {
$order = array( 0 );
}
$save_mode = ( $mode == 'applyPlugin' ? 'apply' : $function );
ob_start();
switch ( $action ) {
case 'categories':
switch ( $function ) {
case 'menu':
$this->createCategoryMenu( $id[0], $user, $plugin );
break;
case 'publish':
cbSpoofCheck( 'plugin' );
$this->stateCategory( $id, 1, $user, $plugin );
break;
case 'unpublish':
cbSpoofCheck( 'plugin' );
$this->stateCategory( $id, 0, $user, $plugin );
break;
case 'order':
cbSpoofCheck( 'plugin' );
$this->orderCategory( $id, $order, $user, $plugin );
break;
case 'orderup':
cbSpoofCheck( 'plugin' );
$this->orderCategory( $id[0], -1, $user, $plugin );
break;
case 'orderdown':
cbSpoofCheck( 'plugin' );
$this->orderCategory( $id[0], 1, $user, $plugin );
break;
case 'batch':
$this->batchCategory( $id, $user, $plugin );
break;
case 'copy':
$this->copyCategory( $id, $user, $plugin );
break;
case 'delete':
cbSpoofCheck( 'plugin' );
$this->deleteCategory( $id, $user, $plugin );
break;
case 'new':
$this->showCategoryEdit( null, $user, $plugin );
break;
case 'edit':
$this->showCategoryEdit( $id[0], $user, $plugin );
break;
//.........这里部分代码省略.........
示例9: _cbadmin_emailUsers
function _cbadmin_emailUsers( &$rows, $emailSubject, $emailBody, $limitstart, $limit, $total, $simulationMode ) {
global $_PLUGINS;
// simple spoof check security
cbSpoofCheck( 'cbadmingui' );
cbRegAntiSpamCheck();
$cbNotification = new cbNotification();
$mode = 1; // html
$usernames = '';
foreach ( $rows as $row ) {
$user = CBuser::getUserDataInstance( (int) $row->id );
$usernames .= ( $usernames ? ', ' : '' ) . htmlspecialchars( $user->username );
if ( $simulationMode ) {
$usernames .= ' (' . htmlspecialchars( CBTxt::T('email not send: simulation mode') ) . ')';
} else {
$extraStrings = array();
$_PLUGINS->trigger( 'onBeforeBackendUserEmail', array( &$user, &$emailSubject, &$emailBody, $mode, &$extraStrings, $simulationMode ) );
if ( ! $cbNotification->sendFromSystem( $user, $emailSubject, $this->_cbadmin_makeLinksAbsolute( $emailBody ), true, $mode, null, null, null, $extraStrings, false ) ) {
$usernames .= ': <span class="cb_result_error">' . htmlspecialchars( CBTxt::T('Error sending email!') ) . '</span>';
}
}
}
if ( $total < $limit ) {
$limit = $total;
}
ob_start();
$usersView = _CBloadView( 'users' );
$usersView->ajaxResults( $usernames, $emailSubject, $this->_cbadmin_makeLinksAbsolute( $emailBody ), $limitstart, $limit, $total );
$html = ob_get_contents();
ob_end_clean();
$reply = array( 'result' => 1,
'htmlcontent' => $html );
if ( ! ( $total - ( $limitstart + $limit ) > 0 ) ) {
$reply['result'] = 2;
}
echo json_encode( $reply );
sleep(3);
}
示例10: savePluginView
/**
* Saves the CB plugin view after an edit view form submit
*
* @param array $options
* @param array $actionPath
* @param array $keyValues
* @param array $parametersValues
* @param SimpleXMLElement $viewModel
* @param TableInterface $data
* @param RegistryEditController $params
* @param string $mode
* @param string $dataModelType
* @param PluginTable $plugin
* @param SimpleXMLElement $dataModel
* @param RegistryInterface $pluginParams
* @param string $cbprevstate
* @param int $ui
* @return null|string NULL: ok, STRING: error
*/
protected function savePluginView($options, $actionPath, $keyValues, $parametersValues, $viewModel, $data, $params, &$mode, $dataModelType, $plugin, $dataModel, $pluginParams, $cbprevstate, $ui)
{
global $_CB_framework;
new cbTabs(false, 2, -1, false);
// prevents output of CB tabs js code until we are done with drawing (or redirecting)
$resultingMsg = null;
cbSpoofCheck('plugin');
$postArray = $this->input->getNamespaceRegistry('post')->asArray();
// List of variables to exclude from the $postArray:
$exclude = array('option', 'cid', 'cbprevstate', cbSpoofField());
foreach ($actionPath as $k => $v) {
$exclude[] = $k;
}
// Remove the exclude variables from the $postArray before being used in the below cases:
foreach ($exclude as $v) {
if (isset($postArray[$v])) {
unset($postArray[$v]);
}
}
// Fix multi-selects and multi-checkboxes arrays to |*|-delimited strings:
$postArray = $this->recursiveMultiSelectFix($postArray);
foreach ($postArray as $key => $value) {
if (property_exists($data, $key)) {
$postArray[$key] = is_array($value) ? json_encode($value) : $value;
}
}
$errorMsg = null;
switch ($dataModelType) {
case 'sql:row':
if ($ui == 2) {
if (true !== ($error = RegistryEditView::validateAndBindPost($params, $postArray))) {
$errorMsg = $error;
break;
}
if (!$data->bind($postArray)) {
$errorMsg = $data->getError();
break;
}
} else {
RegistryEditView::setFieldsListArrayValues(true);
$fields = $params->draw(null, null, null, null, null, null, false, 'param', 'fieldsListArray');
// New CB2.0 way for bind():
foreach ($fields as $key => $value) {
if (property_exists($data, $key)) {
$data->{$key} = is_array($value) ? json_encode($value) : $value;
}
}
}
if (!$data->check()) {
$errorMsg = $data->getError();
break;
}
$dataModelKey = $data->getKeyName();
$dataModelValueOld = $data->{$dataModelKey};
if ($mode == 'savecopy') {
if (!$data->canCopy($data)) {
$errorMsg = $data->getError();
break;
}
if (!$data->copy($data)) {
$errorMsg = $data->getError();
break;
}
} else {
if (!$data->store()) {
$errorMsg = $data->getError();
break;
}
}
$dataModelValue = $data->{$dataModelKey};
// Id changed; be sure to update the url encase of redirect:
if (count($keyValues) == 1) {
$urlKeys = array_keys($keyValues);
$urlDataKey = $urlKeys[0];
if ($mode == 'savenew') {
unset($actionPath[$urlDataKey]);
} elseif ($dataModelValue != $dataModelValueOld) {
$actionPath[$urlDataKey] = $dataModelValue;
}
}
if ($data->hasFeature('checkout')) {
//.........这里部分代码省略.........
示例11: getDisplayTab
/**
* Generates the HTML to display the user profile tab
* @param moscomprofilerTab $tab the tab database entry
* @param moscomprofilerUser $user the user being displayed
* @param int $ui 1 for front-end, 2 for back-end
* @return mixed either string HTML for tab content, or false if ErrorMSG generated
*/
function getDisplayTab($tab,$user,$ui) {
global $_CB_framework, $_POST, $_CB_OneTwoRowsStyleToggle;
if ( ! $_CB_framework->myId() ) {
return null;
}
$return = "";
$params = $this->params;
$pmsType = $params->get('pmsType', '1');
$showTitle = $params->get('showTitle', "1");
$showSubject = $params->get('showSubject', "1");
$width = $params->get('width', "30");
$height = $params->get('height', "5");
$capabilities = $this->getPMScapabilites();
if (!$this->_checkPMSinstalled($pmsType) || ($capabilities === false)) {
return false;
}
if ($_CB_framework->myId() == $user->id) {
return null;
}
$newsub = null;
$newmsg = null;
// send PMS from this tab form input:
if ( cbGetParam( $_POST, $this->_getPagingParamName("sndnewmsg") ) == _UE_PM_SENDMESSAGE ) {
$sender = $this->_getReqParam("sender", null);
$recip = $this->_getReqParam("recip", null);
if ( $sender && $recip && ( $sender == $_CB_framework->myId() ) && ( $recip == $user->id ) ) {
cbSpoofCheck( 'pms' );
$newsub = htmlspecialchars($this->_getReqParam("newsub", null)); //urldecode done in _getReqParam
if($pmsType=='3' || $pmsType=='4') {
$newmsg = $this->_getReqParam("newmsg", null);
} else {
$newmsg = htmlspecialchars($this->_getReqParam("newmsg", null)); //don't allow html input on user profile!
}
if ( ( $newsub || $newmsg ) && isset( $_POST[$this->_getPagingParamName( "protect" )] ) ) {
$parts = explode( '_', $this->_getReqParam('protect', '' ) );
if ( ( count( $parts ) == 3 ) && ( $parts[0] == 'cbpms1' ) && ( strlen( $parts[2] ) == 32 ) && ( $parts[1] == md5($parts[2].$user->id.$user->lastvisitDate) ) )
{
if (!$newsub && $capabilities["subject"]) $newsub = _UE_PM_PROFILEMSG;
if ($this->sendUserPMS($recip, $sender, $newsub, $newmsg, $systemGenerated=false, $escaped=true)) {
$return .= "\n<script type='text/javascript'>alert('"._UE_PM_SENTSUCCESS."')</script>";
$newsub = null;
$newmsg = null;
} else {
$return .= "\n<script type='text/javascript'>alert('".$this->getErrorMSG()."')</script>";
}
} else {
$return .= "\n<script type='text/javascript'>alert('"._UE_SESSIONTIMEOUT." "._UE_PM_NOTSENT." "._UE_TRYAGAIN."')</script>";
}
} else {
$return .= "\n<script type='text/javascript'>alert('"._UE_PM_EMPTYMESSAGE." "._UE_PM_NOTSENT."')</script>";
}
}
}
// display Quick Message tab:
$return .= "\n\t<div class=\"sectiontableentry".$_CB_OneTwoRowsStyleToggle."\" style=\"padding-bottom:5px;\">\n";
$_CB_OneTwoRowsStyleToggle = ($_CB_OneTwoRowsStyleToggle == 1 ? 2 : 1);
if($showTitle) $return .= "\t\t<div class=\"titleCell\" style=\"align: left; text-align:left; margin-left: 0px;\">"
.cbUnHtmlspecialchars(getLangDefinition($tab->title)).(($showSubject && $capabilities["subject"])?"" : ":")."</div>\n";
$return .= $this->_writeTabDescription( $tab, $user );
$base_url = $this->_getAbsURLwithParam(array());
$return .= '<form method="post" action="'.$base_url.'">';
$return .= '<table cellspacing="0" cellpadding="5" class="contentpane" style="border:0px;align:left;width:90%;">';
if ($showSubject && $capabilities["subject"]) {
$return .= '<tr><td><b>'._UE_EMAILFORMSUBJECT.'</b></td>';
$return .= '<td><input type="text" class="inputbox" name="'.$this->_getPagingParamName("newsub")
.'" size="'.($width-8).'" value="'.stripslashes($newsub).'" /></td></tr>';
$return .= '<tr class="sectiontableentry1"><td colspan="2"><b>'._UE_EMAILFORMMESSAGE.'</b></td></tr>';
}
$return .= '<tr><td colspan="2"><textarea name="'.$this->_getPagingParamName("newmsg")
.'" class="inputbox" rows="'.$height.'" cols="'.$width.'">'.stripslashes($newmsg).'</textarea></td></tr>';
$return .= '<tr><td colspan="2"><input type="submit" class="button" name="'.$this->_getPagingParamName("sndnewmsg").'" value="'._UE_PM_SENDMESSAGE.'" /></td></tr>';
$return .= '</table>';
$return .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("sender")."\" value=\"" . $_CB_framework->myId() . "\" />";
$return .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("recip")."\" value=\"$user->id\" />";
$salt = cbMakeRandomString( 32 );
$return .= "<input type=\"hidden\" name=\"".$this->_getPagingParamName("protect")."\" value=\""
. 'cbpms1_' . md5($salt.$user->id.$user->lastvisitDate) . '_' . $salt . "\" />";
$return .= cbGetSpoofInputTag( 'pms' );
$return .= '</form>';
$return .= "</div>";
return $return;
}
示例12: getCBpluginComponent
/**
* @param TabTable $tab Current tab
* @param UserTable $user Current user
* @param int $ui 1 front, 2 admin UI
* @param array $postdata Raw unfiltred POST data
* @return string HTML
*/
public function getCBpluginComponent( $tab, $user, $ui, $postdata )
{
global $_CB_framework;
$format = $this->input( 'format', null, GetterInterface::STRING );
if ( $format != 'raw' ) {
outputCbJs( 1 );
outputCbTemplate( 1 );
}
$action = $this->input( 'action', null, GetterInterface::STRING );
$function = $this->input( 'func', null, GetterInterface::STRING );
$type = $this->input( 'type', null, GetterInterface::STRING );
$id = (int) $this->input( 'id', null, GetterInterface::INT );
$userId = (int) $this->input( 'user', null, GetterInterface::INT );
$tabId = (int) $this->input( 'tab', null, GetterInterface::INT );
if ( ! $tabId ) {
switch( $type ) {
case 'photos':
$tabId = 'cbgalleryTabPhotos';
break;
case 'files':
$tabId = 'cbgalleryTabFiles';
break;
case 'videos':
$tabId = 'cbgalleryTabVideos';
break;
case 'music':
$tabId = 'cbgalleryTabMusic';
break;
}
}
$viewer = CBuser::getMyUserDataInstance();
if ( $userId ) {
$user = CBuser::getUserDataInstance( (int) $userId );
} else {
$user = CBuser::getMyUserDataInstance();
}
$profileUrl = $_CB_framework->userProfileUrl( (int) $user->get( 'id' ), false, $tabId );
if ( ! in_array( $type, array( 'photos', 'files', 'videos', 'music' ) ) ) {
if ( ( $action == 'items' ) && in_array( $function, array( 'download', 'preview', 'show' ) ) ) {
header( 'HTTP/1.0 401 Unauthorized' );
exit();
} else {
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
}
}
$tab = new TabTable();
$tab->load( ( is_integer( $tabId ) ? $tabId : array( 'pluginclass' => $tabId ) ) );
if ( ! ( $tab->get( 'enabled' ) && Application::User( (int) $viewer->get( 'id' ) )->canViewAccessLevel( $tab->get( 'viewaccesslevel' ) ) ) ) {
if ( ( $action == 'items' ) && in_array( $function, array( 'download', 'preview', 'show' ) ) ) {
header( 'HTTP/1.0 401 Unauthorized' );
exit();
} else {
cbRedirect( $profileUrl, CBTxt::T( 'Not authorized.' ), 'error' );
}
}
if ( ! ( $tab->params instanceof ParamsInterface ) ) {
$tab->params = new Registry( $tab->params );
}
if ( $format != 'raw' ) {
ob_start();
}
switch ( $action ) {
case 'items':
switch ( $function ) {
case 'download':
$this->outputItem( false, false, $id, $type, $tab, $user, $viewer );
break;
case 'edit':
$this->showItemEdit( $id, $type, $tab, $user, $viewer );
break;
case 'new':
$this->showItemEdit( null, $type, $tab, $user, $viewer );
break;
case 'save':
cbSpoofCheck( 'plugin' );
$this->saveItemEdit( $id, $type, $tab, $user, $viewer );
break;
case 'publish':
$this->stateItem( 1, $id, $type, $tab, $user, $viewer );
//.........这里部分代码省略.........
示例13: showUsers
/**
* Outputs legacy user mass mailer and user reconfirm email display
*
* @param string $option
* @param string $task
* @param int[] $cid
* @return bool
* @deprecated 2.0
*/
public function showUsers($option, $task, $cid)
{
global $_CB_framework, $_CB_database, $ueConfig, $_PLUGINS;
cbimport('language.all');
cbimport('cb.tabs');
cbimport('cb.params');
cbimport('cb.pagination');
cbimport('cb.lists');
// We just need the user rows as we've already filtered down the IDs in user management:
$query = 'SELECT *' . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . " AS c" . "\n INNER JOIN " . $_CB_database->NameQuote('#__users') . " AS u" . ' ON u.' . $_CB_database->NameQuote('id') . ' = c.' . $_CB_database->NameQuote('id') . "\n WHERE u." . $_CB_database->NameQuote('id') . " IN ( " . implode(', ', cbArrayToInts($cid)) . " )";
$_CB_database->setQuery($query);
$rows = $_CB_database->loadObjectList(null, '\\CB\\Database\\Table\\UserTable', array($_CB_database));
$total = count($rows);
if ($task == 'resendconfirmationemails') {
if (!$rows) {
cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => $task)), 'error');
}
$count = 0;
/** @var UserTable[] $rows */
foreach ($rows as $row) {
if ($row->confirmed == 0) {
if ($row->cbactivation == '') {
// Generate a new confirmation code if the user doesn't have one (requires email confirmation to be enabled):
$row->store();
}
$cbNotification = new cbNotification();
$cbNotification->sendFromSystem($row->id, CBTxt::T($ueConfig['reg_pend_appr_sub']), CBTxt::T($ueConfig['reg_pend_appr_msg']), true, isset($ueConfig['reg_email_html']) ? (int) $ueConfig['reg_email_html'] : 0);
++$count;
}
}
cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SENT_CONFIRMATION_EMAILS_TO_NUM_USERS_USERS', 'Sent confirmation emails to [NUM_USERS] users', array('[NUM_USERS]' => $count)));
} else {
$emailSubject = stripslashes(cbGetParam($_POST, 'emailsubject', ''));
$emailBody = stripslashes(rawurldecode(cbGetParam($_POST, 'emailbody', '', _CB_ALLOWRAW | _CB_NOTRIM)));
$emailAttach = stripslashes(cbGetParam($_POST, 'emailattach', ''));
$emailsPerBatch = stripslashes(cbGetParam($_POST, 'emailsperbatch', 50));
$emailsBatch = stripslashes(cbGetParam($_POST, 'emailsbatch', 0));
$emailFromName = stripslashes(cbGetParam($_POST, 'emailfromname', ''));
$emailFromAddr = stripslashes(cbGetParam($_POST, 'emailfromaddr', ''));
$emailReplyName = stripslashes(cbGetParam($_POST, 'emailreplyname', ''));
$emailReplyAddr = stripslashes(cbGetParam($_POST, 'emailreplyaddr', ''));
$emailPause = stripslashes(cbGetParam($_POST, 'emailpause', 30));
$simulationMode = stripslashes(cbGetParam($_POST, 'simulationmode', ''));
// B/C trigger variables:
if (count($cid) > 0 && count($cid) < $total) {
$total = count($cid);
}
$pageNav = new cbPageNav($total, 0, 10);
$search = '';
$lists = array();
$inputTextExtras = null;
$select_tag_attribs = null;
if ($task == 'emailusers') {
if (!$rows) {
cbRedirect($_CB_framework->backendViewUrl('showusers', false), CBTxt::T('SELECT_A_ROW_TO_TASK', 'Select a row to [task]', array('[task]' => $task)), 'error');
}
$pluginRows = $_PLUGINS->trigger('onBeforeBackendUsersEmailForm', array(&$rows, &$pageNav, &$search, &$lists, &$cid, &$emailSubject, &$emailBody, &$inputTextExtras, &$select_tag_attribs, $simulationMode, $option, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr));
$usersView = _CBloadView('users');
/** @var CBView_users $usersView */
$usersView->emailUsers($rows, $emailSubject, $emailBody, $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsPerBatch, $emailsBatch, $emailPause, $simulationMode, $pluginRows);
} elseif ($task == 'startemailusers') {
$pluginRows = $_PLUGINS->trigger('onBeforeBackendUsersEmailStart', array(&$rows, $total, $search, $lists, $cid, &$emailSubject, &$emailBody, &$inputTextExtras, $simulationMode, $option, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr));
$usersView = _CBloadView('users');
/** @var CBView_users $usersView */
$usersView->startEmailUsers($rows, $emailSubject, $emailBody, $emailAttach, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr, $emailsPerBatch, $emailsBatch, $emailPause, $simulationMode, $pluginRows);
} elseif ($task == 'ajaxemailusers') {
cbSpoofCheck('cbadmingui');
cbRegAntiSpamCheck();
$cbNotification = new cbNotification();
$mode = 1;
// html
$errors = 0;
$success = array();
$failed = array();
$users = array_slice($rows, $emailsBatch, $emailsPerBatch);
if ($simulationMode) {
$success = array('<div class="alert alert-info">' . CBTxt::T('Emails do not send in simulation mode') . '</div>');
} else {
foreach ($users as $user) {
$extraStrings = array();
$_PLUGINS->trigger('onBeforeBackendUserEmail', array(&$user, &$emailSubject, &$emailBody, $mode, &$extraStrings, $simulationMode, &$emailAttach, &$emailFromName, &$emailFromAddr, &$emailReplyName, &$emailReplyAddr));
$attachments = cbReplaceVars($emailAttach, $user, $mode, true, $extraStrings);
if ($attachments) {
$attachments = preg_split(' *, *', $attachments);
} else {
$attachments = null;
}
if (!$cbNotification->sendFromSystem($user, $emailSubject, $this->makeLinksAbsolute($emailBody), true, $mode, null, null, $attachments, $extraStrings, false, $emailFromName, $emailFromAddr, $emailReplyName, $emailReplyAddr)) {
$failed[] = '<div class="alert alert-danger">' . '<strong>' . htmlspecialchars($user->name . ' <' . $user->email . '>') . '</strong>: ' . CBTxt::Th('ERROR_SENDING_EMAIL_ERRORMSG', 'Error sending email: [ERROR_MSG]', array('[ERROR_MSG]' => $cbNotification->errorMSG)) . '</div>';
++$errors;
} else {
//.........这里部分代码省略.........
示例14: processConnectionActions
function processConnectionActions($connectionids)
{
global $_CB_framework, $ueConfig, $_PLUGINS;
// simple spoof check security
cbSpoofCheck('manageconnections');
if (!$ueConfig['allowConnections']) {
$msg = CBTxt::Th('UE_FUNCTIONALITY_DISABLED', 'This functionality is currently disabled.');
} elseif (!($_CB_framework->myId() > 0)) {
$msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!');
} else {
$msg = null;
}
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onBeforeProcessConnectionsRequest', array($connectionids, &$msg));
if ($msg) {
$_CB_framework->enqueueMessage($msg, 'error');
return;
}
$cbCon = new cbConnection($_CB_framework->myId());
if (is_array($connectionids)) {
foreach ($connectionids as $cid) {
$action = cbGetParam($_POST, $cid . 'action');
if ($action == 'd') {
$cbCon->denyConnection($_CB_framework->myId(), $cid);
} elseif ($action == 'a') {
$cbCon->acceptConnection($_CB_framework->myId(), $cid);
}
}
}
$error = $cbCon->getErrorMSG();
if ($error) {
cbRedirect($_CB_framework->viewUrl('manageconnections', false), $error, 'error');
} else {
cbRedirect($_CB_framework->viewUrl('manageconnections', false), is_array($connectionids) ? CBTxt::Th('UE_CONNECTIONACTIONSSUCCESSFULL', 'Connection actions successful!') : null);
}
}
示例15: checkCanAdminPlugins
$cbController->editField(0, $option, $task);
break;
case "editField":
checkCanAdminPlugins('core.edit');
$cbController = _CBloadController('field');
$cbController->editField(intval($cid[0]), $option, $task);
break;
case "reloadField":
checkCanAdminPlugins('core.edit');
cbSpoofCheck('field');
$cbController = _CBloadController('field');
$cbController->editField((int) cbGetParam($_POST, 'fieldid', 0), $option, $task);
break;
case "saveField":
case "applyField":
cbSpoofCheck('field');
checkCanAdminPlugins('core.edit');
$cbController = _CBloadController('field');
$cbController->saveField($option, $task);
break;
default:
_CBloadController('default');
break;
}
ob_start();
include $_CB_adminpath . '/comprofiler.toolbar.php';
$toolbars = trim(ob_get_contents());
ob_end_clean();
if (checkJversion('j3.0+')) {
$bar = JToolbar::getInstance('toolbar');
$bar->prependButton('Custom', $toolbars, null);