deon/khosb
Archived
1
0
Fork 0
Code Issues 6 Pull Requests Packages Projects Releases Wiki Activity

OSB enhancements to date

Browse Source
This commit is contained in:
Deon George
2010-11-30 09:41:08 +11:00
parent 8715a2059b
commit ec6a542bc3
478 changed files with 23423 additions and 9309 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
modules/core/database.inc.php
View File

@@ -338,6 +338,9 @@ function sqlSelect($TableList,$FieldList,$sql=array()) {
$fields = $FieldList;
# Condition(s)
# @todo to remove sqlConditions() doesnt need $db
if (! isset($db))
$db = &DB();
$where = sqlConditions($db,$sql['where'],$TableList);
$line = '';
@@ -351,7 +354,7 @@ function sqlSelect($TableList,$FieldList,$sql=array()) {
# Limit
if (isset($sql['limit']) && $sql['limit'])
$line .= 'LIMIT '.$sql['limit'];
$line .= ' LIMIT '.$sql['limit'];
$SQL = sprintf('SELECT %s FROM %s %s %s',$fields,$table,$where,$line);

9
modules/core/database_add.inc.php
View File

@@ -171,7 +171,7 @@ function CORE_database_add($VAR,$construct,$type) {
$insert_value = $VAR[$field_var];
# Perform data conversions
if (isset($construct->field[$field_name]['convert']))
if (isset($construct->field[$field_name]['convert']) && ! isset($VAR['_noconvert']))
$insert_value = $validate->convert($field_name,$insert_value,$construct->field[$field_name]['convert']);
# Create the sql statement
@@ -185,17 +185,14 @@ function CORE_database_add($VAR,$construct,$type) {
$field_var = sprintf('%s_%s',$construct->module,$field_name);
if (isset($construct->field[$field_name]) && ! isset($VAR[$field_var]))
if (isset($construct->field[$field_name]['convert']))
if (isset($construct->field[$field_name]['convert']) && ! isset($VAR['_noconvert']))
$field_list[$field_name] = $validate->convert($field_name,time(),$construct->field[$field_name]['convert']);
else
$field_list[$field_name] = time();
}
# Determine the record id
$construct->record_id = $db->GenID(AGILE_DB_PREFIX.$construct->table.'_id');
# Define the new ID as a constant
define(strtoupper(sprintf('NEW_RECORD_%s_ID',$construct->table)),$construct->record_id);
$construct->record_id = isset($field_list['id']) ? $field_list['id'] : $db->GenID(AGILE_DB_PREFIX.$construct->table.'_id');
# Execute the query
$result = $db->Execute(sqlInsert($db,$construct->table,$field_list,$construct->record_id));

26
modules/core/database_update.inc.php
View File

@@ -45,15 +45,16 @@ function CORE_database_update($VAR,$construct,$type) {
$construct->validated = true;
# Quick Validation to see if we have too many variables.
foreach ($VAR as $field_name => $value)
if (preg_match("/^{$construct->module}_/",$field_name))
if (! in_array(preg_replace("/^{$construct->module}_/",'',$field_name),$arr))
array_push($construct->val_error,array(
'field'=>sprintf('%s_%s',$construct->table,$field_name),
'field_trans'=>$field_name,
'error'=>sprintf('WARNING: Variable passed to %s but it will be ignored.',__METHOD__),
'method'=>sprintf('%s:%s(%s)',__FILE__,__METHOD__,__LINE__)
));
if (! isset($VAR['_ignoreval']))
foreach ($VAR as $field_name => $value)
if (preg_match("/^{$construct->module}_/",$field_name))
if (! in_array(preg_replace("/^{$construct->module}_/",'',$field_name),$arr))
array_push($construct->val_error,array(
'field'=>sprintf('%s_%s',$construct->table,$field_name),
'field_trans'=>$field_name,
'error'=>sprintf('WARNING: Variable passed to %s but it will be ignored.',__METHOD__),
'method'=>sprintf('%s:%s(%s)',__FILE__,__METHOD__,__LINE__)
));
# Define this record id
$id = $VAR[$construct->module.'_id'];
@@ -67,7 +68,7 @@ function CORE_database_update($VAR,$construct,$type) {
$ignore_con = false;
$ignore_convert = array('sha','md5','rc5','crypt');
for ($ic=0; $ic<count($ignore_convert); $ic++)
if (isset($construct->field[$field_name]['convert']))
if (isset($construct->field[$field_name]['convert']) && ! isset($VAR['_noconvert']))
if ($construct->field[$field_name]['convert'] == $ignore_convert[$ic])
$ignore_con = true;
@@ -105,10 +106,11 @@ function CORE_database_update($VAR,$construct,$type) {
array_push($construct->val_error,array(
'field'=>sprintf('%s_%s',$construct->module,$field_name),
'field_trans'=>$C_translate->translate('field_'.$field_name,$construct->module,''),
'field_trans'=>$C_translate->translate('field_'.$field_name,$construct->module,'') ? $C_translate->translate('field_'.$field_name,$construct->module,'') : $field_name,
'error'=>$C_translate->translate('validate_any','',''),
'method'=>sprintf('%s:%s(%s)',__FILE__,__METHOD__,__LINE__)
));
}
}
}
@@ -158,7 +160,7 @@ function CORE_database_update($VAR,$construct,$type) {
$insert_value = $VAR[$field_var];
# Perform data conversions
if (isset($construct->field[$field_name]['convert']) && trim($construct->field[$field_name]['convert']))
if (isset($construct->field[$field_name]['convert']) && trim($construct->field[$field_name]['convert']) && ! isset($VAR['_noconvert']))
$insert_value = $validate->convert($field_name,$insert_value,$construct->field[$field_name]['convert']);
$field_list[$field_name] = $insert_value;

533
modules/core/list.inc.php
View File

@@ -37,7 +37,6 @@ class CORE_list {
public function menu($input_id,$name,$table,$field,$default,$class,$all=false) {
$this->mmenu($input_id,$name,$table,$field,$default,'',$class,$all);
}
/**
* Generate a select list, using the values in a table
*
@@ -83,7 +82,8 @@ class CORE_list {
$i = 0;
while (! $result->EOF) {
$return .= sprintf('<option value="%s"%s>%s</option>',$result->fields['id'],($default == $result->fields['id']) ? ' selected="selected"' : '',$result->fields[$field]);
$return .= sprintf('<option value="%s"%s>%s</option>',
$result->fields['id'],($default == $result->fields['id']) ? ' selected="selected"' : '',$result->fields[$field]);
$result->MoveNext();
$i++;
@@ -95,7 +95,7 @@ class CORE_list {
$return = $C_translate->translate('lists_none_defined');
if ($i > 0 && ! $noicon)
$return .= sprintf('&nbsp;<img src="themes/%s/images/icons/zoomi_16.gif" alt="Zoom" width="16" height="16" style="border: 0px;" onclick="menu_item_view(\'%s\',\'%s\');"/>',THEME_NAME,$table,$input_id);
$return .= sprintf('&nbsp;<img src="themes/%s/images/icons/zoomi_16.gif" alt="Zoom" width="16" height="16" style="border: 0px;" onclick="menu_item_view(\'%s\',\'%s\');"/>',THEME_NAME,$table,$input_id);
echo $return;
}
@@ -103,23 +103,27 @@ class CORE_list {
function decrypt($data) {
include_once(PATH_CORE.'crypt.inc.php');
return CORE_decrypt($data);
}
function menu_cc_admin($field, $account, $default, $class, $user=false) {
include_once(PATH_MODULES . 'account_billing/account_billing.inc.php');
$acct_bill = new account_billing;
echo $acct_bill->menu_admin($field, $account, $default, $class, $user);
function menu_cc_admin($field,$account,$default,$class,$user=false) {
include_once(PATH_MODULES.'account_billing/account_billing.inc.php');
$abo = new account_billing;
echo $abo->menu_admin($field,$account,$default,$class,$user);
}
function menu_multi($default, $name, $table, $field, $id, $max, $class) {
function menu_multi($default,$name,$table,$field,$id,$max,$class) {
include_once(PATH_CORE.'list_menu_multi.inc.php');
echo list_menu_multi($default, $name, $table, $field, $id, $max, $class);
echo list_menu_multi($default,$name,$table,$field,$id,$max,$class);
}
function menu_files($id, $name, $default, $path, $pre, $ext, $class) {
function menu_files($id,$name,$default,$path,$pre,$ext,$class) {
include_once(PATH_CORE.'list_menu_files.inc.php');
echo list_menu_files($id, $name, $default, $path, $pre, $ext, $class);
echo list_menu_files($id,$name,$default,$path,$pre,$ext,$class);
}
/**
@@ -133,249 +137,111 @@ class CORE_list {
* @param bool $all If true, then a blank item will be included.
*/
public function menu_staticlist($type,$input_id,$name,$default,$class,$all=false) {
global $C_list;
# Whether the values are also keys.
$nokeys = false;
$list = array();
switch ($type) {
case 'assoc_grant_type':
$list = array(0=>_('Grant access for specified amount of days'),1=>_('Grant access while associated subscription is active'),2=>_('Grant access forerver'));
break;
case 'assoc_prod_type':
$list = array(0=>_('Require All Selected Products'),1=>_('Require Any One Selected Product'));
break;
case 'charge_sweep':
$list = array(0=>_('Daily'),1=>_('Weekly'),2=>_('Monthly'),3=>_('Quarterly'),4=>_('Semi-Annually'),5=>_('Annually'),6=>_('Service Rebill'));
break;
case 'commissiontype':
$list = array(0=>_('None'),1=>_('Percentage Based'),2=>('Flat Rate'));
break;
# @todo To deprecate this and standardise with commissiontype
case 'discounttype':
$list = array(0=>_('Percentage Based'),1=>('Flat Rate'));
break;
case 'copluginmode':
$list = array(0=>_('Test'),1=>_('Live'));
break;
case 'domaintype':
$list = array(
'register'=>_('Register'),
'transfer'=>_('Transfer'),
'park'=>_('Park')
);
break;
case 'email_piping':
$list = array(0=>'&nbsp;',1=>'POP',2=>'IMAP');
break;
case 'email_piping_action':
$list = array(0=>_('Leave message in mailbox'),1=>_('Delete message from mailbox'));
break;
case 'invoice_delivery':
$list = array(0=>_('None'),1=>_('E-Mail'),2=>_('Print'));
break;
case 'invoice_show_itemized':
$list = array(0=>_('Overview Only'),1=>_('Full Detail'));
break;
case 'nametitle':
$list = array(_('Mr'),_('Ms'),_('Mrs'),_('Miss'),_('Dr'),_('Prof'));
$nokeys = true;
break;
case 'os':
$list = array(0=>'Linux',1=>'Windows');
break;
case 'recur_schedule':
$list = array(0=>_('Weekly'),1=>_('Monthly'),2=>_('Quarterly'),3=>_('Semi-Annually'),4=>_('Annually'),5=>_('Two years'),6=>_('Three Years'));
break;
case 'recur_type':
$list = array(0=>_('Bill on Aniversary Date of Subscription'),1=>_('Bill on Fixed Schedule'));
break;
case 'pricetype':
$list = array(0=>_('One-time Charge'),1=>_('Recurring Membership/Subscription'),2=>_('Trial for Membership/Subscription'));
break;
case 'servicetype':
if ($C_list->is_installed('host_server')) {
$list['host'] = _('Hosting');
$list['host_group'] = _('Hosting & Group Access');
$list['domain'] = _('Domain Name');
}
$list['none'] = _('Recurring Only');
break;
case 'servicequeue':
$list = array(
'new'=>_('Add New'),
'active'=>_('Activate'),
'inactive'=>_('Deactivate'),
'delete'=>_('Delete'),
'edit'=>_('Edit/Update'),
'queue_none'=>_('None')
);
break;
case 'statictype':
$list = array(
'small_text'=>_('Small Text'),
'medium_text'=>_('Medium Text'),
'large_text'=>_('Large Text'),
'dropdown_list'=>_('Dropdown List'),
'calendar'=>_('Calendar'),
'file_upload'=>_('File Upload'),
'status'=>_('Status'),
'checkbox'=>_('Checkbox'),
'hidden'=>_('Hidden')
);
break;
case 'tasktype':
$list = array(0=>_('Internal Method'),1=>_('System Call'));
break;
case 'trial_length':
$list = array(0=>_('Days'),1=>_('Weeks'),2=>_('Months'));
break;
default: return sprintf('Unknown staticlist: %s',$type);
}
# If id is blank, we'll just return the value
if (! $input_id)
return $list[$default];
$return = sprintf('<select id="%s" name="%s" class="%s">',$input_id,$name,$class);
if ($all)
$return .= '<option value="">&nbsp;</option>';
foreach ($list as $element => $details) {
$selected = '';
if ($nokeys) {
if ($default == $details)
$selected = ' selected="selected"';
} else {
if ($default == $element)
$selected = ' selected="selected"';
}
$return .= sprintf('<option value="%s"%s>%s</option>',$nokeys ? $details : $element,$selected,$details);
}
$return .= '</select>';
return $return;
include_once(PATH_CORE.'list_staticlist.inc.php');
return list_menu_staticlist($type,$input_id,$name,$default,$class,$all);
}
function format_currency ($number, $currency_id) {
if(empty($number)) $number = 0;
if(empty($currency_id)) $currency_id = DEFAULT_CURRENCY;
if(!isset($this->format_currency[$currency_id])) $this->currency($currency_id);
if($currency_id != DEFAULT_CURRENCY)
if(!isset($this->format_currency[DEFAULT_CURRENCY]))
$this->currency(DEFAULT_CURRENCY);
$number *= $this->format_currency[DEFAULT_CURRENCY]["convert"][$currency_id]["rate"];
if($number > .05 || $number == 0 || $number < -1)
return $this->format_currency[$currency_id]["symbol"]
. "" . number_format($number, DEFAULT_DECIMAL_PLACE) . " "
. $this->format_currency[$currency_id]["iso"];
else
return $this->format_currency[$currency_id]["symbol"]
. "" . number_format($number, 3) . " "
. $this->format_currency[$currency_id]["iso"];
public function format_currency($number,$currency_id=DEFAULT_CURRENCY) {
$number = $this->format_currency_decimal($number,$currency_id);
if (! $currency_id)
$currency_id = DEFAULT_CURRENCY;
return sprintf('%s%s %s',
$this->format_currency[$currency_id]['symbol'],
($number > .05 || $number == 0 || $number < -1 || DEFAULT_DECIMAL_PLACE == 2)
? number_format($number,DEFAULT_DECIMAL_PLACE)
: number_format($this->format_currency_decimal($number,$currency_id,2)),
$this->currency_iso($currency_id));
}
function format_currency_num ($number, $currency_id) {
if(empty($number)) $number = 0;
if(empty($currency_id)) $currency_id = DEFAULT_CURRENCY;
if(!isset($this->format_currency[$currency_id])) $this->currency($currency_id);
if(!isset($this->format_currency[DEFAULT_CURRENCY])) $this->currency(DEFAULT_CURRENCY);
$number *= $this->format_currency[DEFAULT_CURRENCY]["convert"][$currency_id]["rate"];
if($number > .05 || $number == 0 || $number < -1)
return $this->format_currency[$currency_id]["symbol"] . number_format($number, DEFAULT_DECIMAL_PLACE);
else
return $this->format_currency[$currency_id]["symbol"] . number_format($number, 2);
public function format_currency_num($number,$currency_id=DEFAULT_CURRENCY) {
$number = $this->format_currency_decimal($number,$currency_id);
if (! $currency_id)
$currency_id = DEFAULT_CURRENCY;
return sprintf('%s%s',
$this->format_currency[$currency_id]['symbol'],
($number > .05 || $number == 0 || $number < -1 || DEFAULT_DECIMAL_PLACE == 2)
? number_format($number,DEFAULT_DECIMAL_PLACE)
: number_format($this->format_currency_decimal($number,$currency_id),2));
}
function format_currency_decimal ($number, $currency_id) {
if(empty($number)) return 0;
if(empty($currency_id)) $currency_id = DEFAULT_CURRENCY;
if(!isset($this->format_currency[$currency_id])) $this->currency($currency_id);
if(!isset($this->format_currency[DEFAULT_CURRENCY])) $this->currency(DEFAULT_CURRENCY);
return round($number *= $this->format_currency[DEFAULT_CURRENCY]["convert"][$currency_id]["rate"], 2);
public function format_currency_decimal($number,$currency_id,$decimals=DEFAULT_DECIMAL_PLACE) {
if (empty($number))
return 0;
if (empty($currency_id))
$currency_id = DEFAULT_CURRENCY;
if (! isset($this->format_currency[$currency_id]))
$this->currency($currency_id);
if (! isset($this->format_currency[DEFAULT_CURRENCY]))
$this->currency(DEFAULT_CURRENCY);
return round($number*=$this->format_currency[DEFAULT_CURRENCY]['convert'][$currency_id]['rate'],$decimals);
}
function currency_list($ret) {
if(!isset($this->format_currency[$currency_id])) $this->currency(DEFAULT_CURRENCY);
public function currency_list($ret,$currency_id=DEFAULT_CURRENCY) {
global $smarty;
$smarty->assign("$ret", $this->format_currency[DEFAULT_CURRENCY]["convert"]);
if (! isset($this->format_currency[$currency_id]))
$this->currency(DEFAULT_CURRENCY);
$smarty->assign($ret,$this->format_currency[DEFAULT_CURRENCY]['convert']);
}
function currency_iso ($currency_id) {
if(empty($currency_id)) $currency_id = DEFAULT_CURRENCY;
if(!isset($this->format_currency[$currency_id])) $this->currency($currency_id);
return $this->format_currency[$currency_id]["iso"];
public function currency_iso($currency_id=DEFAULT_CURRENCY) {
if (! isset($this->format_currency[$currency_id]))
$this->currency(DEFAULT_CURRENCY);
return $this->format_currency[$currency_id]['iso'];
}
function currency($currency_id) {
public function currency($currency_id) {
static $CACHE = array();
$db = &DB();
$sql = 'SELECT * FROM ' . AGILE_DB_PREFIX . 'currency WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
id = ' . $db->qstr($currency_id);
$result = $db->Execute($sql);
if($result->RecordCount() > 0) {
$this->format_currency[$currency_id] = Array (
'symbol' => $result->fields["symbol"],
'convert' => unserialize($result->fields["convert_array"]),
'iso' => $result->fields["three_digit"]);
return true;
} else {
return false;
if (! isset($CACHE[$currency_id])) {
$rs = $db->Execute(sqlSelect('currency','*',array('where'=>array('id'=>$currency_id))));
if ($rs && $rs->RecordCount())
$this->format_currency[$currency_id] = array(
'symbol' => $rs->fields['symbol'],
'convert' => unserialize($rs->fields['convert_array']),
'iso' => $rs->fields['three_digit']);
else
return false;
}
return true;
}
function radio($input_id, $name, $table, $field, $id, $class) {
include_once(PATH_CORE . 'list_radio.inc.php');
echo list_radio($input_id, $name, $table, $field, $id, $class);
public function radio($input_id,$name,$table,$field,$id,$class) {
include_once(PATH_CORE.'list_radio.inc.php');
echo list_radio($input_id,$name,$table,$field,$id,$class);
}
function check($input_id, $name, $table, $field, $default, $class) {
include_once(PATH_CORE . 'list_check.inc.php');
echo list_check($input_id, $name, $table, $field, $default, $class);
public function check($input_id,$name,$table,$field,$default,$class) {
include_once(PATH_CORE.'list_check.inc.php');
echo list_check($input_id,$name,$table,$field,$default,$class);
}
function select_groups($default, $field_name, $class, $size, $own_account) {
include_once(PATH_CORE . 'list_select_groups.inc.php');
return list_select_groups($default, $field_name, $class, $size, $own_account);
public function select_groups($default,$field_name,$class,$size,$own_account) {
include_once(PATH_CORE.'list_select_groups.inc.php');
return list_select_groups($default,$field_name,$class,$size,$own_account);
}
function calender_view($field, $default, $css, $id) {
if(isset($default) && $default != '' && $default != '0')
$default = date(UNIX_DATE_FORMAT, $default);
else
$default = '';
public function calender_view($field,$default,$css,$id) {
include_once(PATH_CORE.'list_calendar.inc.php');
echo list_calender_add($field, $default, $css,$id);
if (isset($default) && $default != '' && $default != '0')
$default = date(UNIX_DATE_FORMAT,$default);
else
$default = '';
echo list_calender_add($field,$default,$css,$id);
}
public function calender_add($field,$default,$css,$id='') {
@@ -387,90 +253,94 @@ class CORE_list {
}
# @todo Remove?
function calender_add_static_var($field, $default, $css) {
if($default == 'now') $default = date(UNIX_DATE_FORMAT, time());
public function calender_add_static_var($field,$default,$css) {
include_once(PATH_CORE.'list_calendar.inc.php');
echo list_calender_add_static($field, $default, $css);
}
function calender_search($field, $default, $css) {
if ($default == 'now')
$default = date(UNIX_DATE_FORMAT, time());
$default = date(UNIX_DATE_FORMAT,time());
echo '
<select name="field_option['.$field.'][0]">
<option value=">">></option>
<option value="<"><</option>
<option value="<="><=</option>
<option value=">=">>=</option>
<option value="!=">!=</option>
</select>&nbsp;&nbsp;';
$this->calender_view($field,$default,$css,0);
echo '<br/>
<select name="field_option['.$field.'][1]">
<option value="<"><</option>
<option value=">">></option>
<option value="<="><=</option>
<option value=">=">>=</option>
<option value="!=">!=</option>
</select>&nbsp;&nbsp;';
$this->calender_view($field,$default,$css,1);
echo list_calender_add_static($field,$default,$css);
}
function setup_default_date($default, $css) {
include_once(PATH_CORE . 'list_setup_default_date.inc.php');
echo list_setup_default_date($default, $css);
public function calender_search($field,$default,$css) {
if ($default == 'now')
$default = date(UNIX_DATE_FORMAT,time());
foreach (array(0,1) as $id) {
printf('<select name="field_option[%s][%s]"><option value=">">></option><option value="<"><</option><option value="<="><=</option><option value=">=">>=</option><option value="!=">!=</option></select>&nbsp;&nbsp;',$field,$id);
$this->calender_view($field,$default,$css,$id);
echo '<br/>';
}
}
function card_type_menu($default_selected, $checkout_id, $field='checkout_plugin_data[card_type]', $class,$all=false) {
include_once(PATH_CORE . 'list_card_type_menu.inc.php');
echo list_card_type_menu($default_selected, $checkout_id, $field, $class,$all);
public function setup_default_date($default,$css) {
include_once(PATH_CORE.'list_setup_default_date.inc.php');
echo list_setup_default_date($default,$css);
}
function date($date) {
if($date == '') $date = time();
return date(UNIX_DATE_FORMAT, $date);
public function card_type_menu($default_selected,$checkout_id,$field='checkout_plugin_data[card_type]',$class,$all=false) {
include_once(PATH_CORE.'list_card_type_menu.inc.php');
echo list_card_type_menu($default_selected,$checkout_id,$field,$class,$all);
}
function date_time($date) {
if ($date == '')
return 'UNKNOWN';
$ret = date(UNIX_DATE_FORMAT, $date);
$ret .= " ".date(DEFAULT_TIME_FORMAT, $date);
return $ret;
public function time($date) {
if ($date == '')
$date = time();
return date(DEFAULT_TIME_FORMAT,$date);
}
function unserial ($data, $var) {
public function date($date) {
if ($date == '')
$date = time();
return date(UNIX_DATE_FORMAT,$date);
}
public function date_time($date) {
if ($date == '')
return 'UNKNOWN';
return sprintf('%s %s',$this->date($date),$this->time($date));
}
public function unserial($data,$var) {
global $smarty;
if(is_string($data)) $array = unserialize($data);
if(is_array($array)) $smarty->assign($var, $array);
return;
if (is_string($data))
$array = unserialize($data);
if (is_array($array))
$smarty->assign($var,$array);
}
function smarty_array($table, $field, $sql, $return) {
public function smarty_array($table,$field,$sql,$return) { return $this->tmSmartyArray($table,$field,$sql,$return); }
public function tmSmartyArray($table,$field,$sql,$return) {
$db = &DB();
$sql= "SELECT id, $field FROM ".AGILE_DB_PREFIX."$table
WHERE site_id = '" . DEFAULT_SITE . "'" . $sql . "
ORDER BY $field";
$result = $db->Execute($sql);
if ($result === false)
{
$smart = array();
# @todo this sqlSelect() is using a call for DEFAULT_SITE until all calls to smarty_array() dont start $sql with 'AND'
$result = $db->Execute($s=sqlSelect($table,sprintf('id,%s',$field),array('where'=>sprintf('site_id=%s %s',DEFAULT_SITE,$sql),'orderby'=>$field)));
if (! $result) {
global $C_debug;
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
return false;
}
while (!$result->EOF)
{
$smart[] = $result->fields;
while (! $result->EOF) {
array_push($smart,$result->fields);
$result->MoveNext();
}
global $smarty;
$smarty->assign("$return", $smart);
$smarty->assign($return,$smart);
return true;
}
function translate($table, $field1, $field2, $id, $var) {
function translate($table,$field1,$field2,$id,$var) {
global $smarty;
$db = &DB();
$sql= "SELECT id, $field1 FROM ".AGILE_DB_PREFIX."$table
@@ -484,7 +354,7 @@ class CORE_list {
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
return false;
} else if($result->RecordCount() > 0) {
$smarty->assign("$var", $result->fields);
$smarty->assign("$var",$result->fields);
return $result->fields;
} else {
if (SESS_LANGUAGE == DEFAULT_LANGUAGE) {
@@ -500,7 +370,7 @@ class CORE_list {
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
return false;
} else if($result->RecordCount() > 0) {
$smarty->assign("$var", $result->fields);
$smarty->assign("$var",$result->fields);
return $result->fields;
} else {
return false;
@@ -510,11 +380,9 @@ class CORE_list {
}
public function bool($field,$curr_value,$class='form_menu',$extra='') {
global $C_translate;
# If the field is blank, we'll just return true/false
if (! $field)
return $curr_value ? $C_translate->translate('true') : $C_translate->translate('false');
return $curr_value ? _('Yes') : _('No');
if ($curr_value == 'all') {
$true = '';
@@ -529,47 +397,25 @@ class CORE_list {
$false= ' selected="selected"';
}
$return = sprintf('<select id="%s" name="%s" class="%s" %s>',$field,$field,$class,$extra);
$return = sprintf('<select id="%s" name="%s" class="%s" %s>',preg_replace('/[\[\]]/','_',$field),$field,$class,$extra);
if ($curr_value == 'all')
$return .= '<option value="" selected="selected">&nbsp;</option>';
$return .= sprintf('<option value="1"%s>%s</option>',$true,$C_translate->translate('true'));
$return .= sprintf('<option value="0"%s>%s</option>',$false,$C_translate->translate('false'));
$return .= sprintf('<option value="1"%s>%s</option>',$true,_('Yes'));
$return .= sprintf('<option value="0"%s>%s</option>',$false,_('No'));
$return .= '</select>';
echo $return;
}
// @todo this looks the same as bool()
function bool_static_var($field, $curr_value, $class) {
global $C_translate;
if ($curr_value == 'all') {
$true = '';
$false= '';
} else if ($curr_value == 0) {
$true = '';
$false= ' selected';
} else {
$true = ' selected';
$false= '';
}
$return = '<select id="'.$field.'" name="'. $field .'">';
if($curr_value == 'all')
$return .= '<option value="" selected>&nbsp;</option>';
$return .= '<option value="1"' . $true . '>'. $C_translate->translate('true', 'CORE','') . '</option>';
$return .= '<option value="0"' . $false . '>'. $C_translate->translate('false','CORE','') . '</option>';
$return .= '</select>';
return $return;
}
function graphview() {
global $VAR, $C_method;
$auth = Array('product:top', 'account_admin:top', 'affiliate:top', 'invoice:compare');
global $VAR,$C_method;
$auth = Array('product:top','account_admin:top','affiliate:top','invoice:compare');
for($i=0; $i<count($auth); $i++) {
if($auth[$i] == $VAR['graph']) {
$m = explode(':', $VAR['graph']);
$C_method->exe_noauth($m[0], $m[1]);
$m = explode(':',$VAR['graph']);
$C_method->exe_noauth($m[0],$m[1]);
exit;
}
}
@@ -583,7 +429,7 @@ class CORE_list {
@$range = $VAR['graph_range'];
@$start = $VAR['graph_start'];
@$extra = $VAR['graph_extra'];
$graph->BAR_graph($module, $range, $start, $extra);
$graph->BAR_graph($module,$range,$start,$extra);
}
function pie_graph() {
@@ -595,35 +441,45 @@ class CORE_list {
@$range = $VAR['graph_range'];
@$start = $VAR['graph_start'];
@$extra = $VAR['graph_extra'];
$graph->PIE_graph($module, $method, $range, $start, $extra);
$graph->PIE_graph($module,$method,$range,$start,$extra);
}
# @todo consider changing this so that it returns the .inc file if the module is installed
# so that $a = x->is_installed('y'); require_once $a can be used
function is_installed($module) {
if(@$this->is_installed[$module] == true) return true;
if($this->auth_method_by_name($module, 'search')) {
/**
* Check if a module is installed
*
* @param string Name of Module to check
* @return string include path to module, if installed, otherwise false
*/
public function is_installed($module) {
$file = sprintf('%s%s/%s.inc.php',PATH_MODULES,$module,$module);
# If we have already checked, then return the file.
if (isset($this->is_installed[$module]) && $this->is_installed[$module])
return $file;
if (file_exists($file) && $this->auth_method_by_name($module,'search')) {
$this->is_installed[$module] = true;
return true;
return $file;
}
$db = &DB();
$sql = 'SELECT id FROM ' . AGILE_DB_PREFIX . 'module WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
name = ' . $db->qstr($module) . ' AND
status = ' . $db->qstr("1");
$result = $db->Execute($sql);
if($result->RecordCount() > 0) {
$result = $db->Execute(sqlSelect('module','id',array('where'=>array('name'=>$module,'status'=>1))));
if ($result && $result->RecordCount() && file_exists($file)) {
$this->is_installed[$module] = true;
return true;
return $file;
} else {
return false;
}
}
function auth_method_by_name($module, $method) {
# @todo this should probably be private?
public function auth_method_by_name($module,$method) {
global $C_auth;
if (!is_object($C_auth))
if (! is_object($C_auth))
return false;
return $C_auth->auth_method_by_name($module,$method);
@@ -638,7 +494,8 @@ class CORE_list {
echo $C_auth->generate_admin_menu();
}
function account($field) {
# @todo to deprecate
private function account($field) {
if (empty($this->account) && SESS_LOGGED) {
$db = &DB();
$sql = 'SELECT * FROM ' . AGILE_DB_PREFIX . 'account WHERE
@@ -651,7 +508,9 @@ class CORE_list {
}
# Get the AgileBill version info
function version() {
# @todo to deprecate
private function version() {
die();
require_once(PATH_CORE.'version.inc.php');
}
}

2
modules/core/list_menu_files.inc.php
View File

@@ -68,7 +68,7 @@ function list_menu_files($id,$name,$default,$path,$pre,$ext,$class) {
asort($arr);
$return = sprintf('<select id="%s_%s" name="%s">',$name,$id,$name);
$return = sprintf('<select id="%s%s" name="%s" class="%s">',$id ? $name.'_' : $name,$id,$name,$class);
if ($id == 'all' || $default == 'all')
$return .= '<option value="" selected="selected">&nbsp;</option>';

288
modules/core/list_staticlist.inc.php Normal file
View File

@@ -0,0 +1,288 @@
<?php
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* Originally authored by Tony Landis, AgileBill LLC
*
* Recent modifications by Deon George
*
* @author Deon George <deonATleenooksDOTnet>
* @copyright 2009 Deon George
* @link http://osb.leenooks.net
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <tony@agileco.com>
* @package AgileBill
* @subpackage Core
*/
/**
* The main AgileBill Static Lists Method
*
* @package AgileBill
* @subpackage List
*/
/**
* Generate a list of frequently used selections in OSB
*
* @param string $type List type
* @param string $input_id HTML id="" value.
* @param string $name HTML name="" value.
* @param string $default Default Value to pre-select (if it exists)
* @param string $class CSS class for the select list
* @param bool $all If true, then a blank item will be included.
*/
function list_menu_staticlist($type,$input_id,$name,$default,$class,$all=false) {
global $C_list;
# Whether the values are also keys.
$nokeys = false;
$list = array();
switch ($type) {
case 'assoc_grant_type':
$list = array(
0=>_('Grant access for specified amount of days'),
1=>_('Grant access while associated subscription is active'),
2=>_('Grant access forerver')
);
break;
case 'assoc_prod_type':
$list = array(
0=>_('Require All Selected Products'),
1=>_('Require Any One Selected Product')
);
break;
case 'charge_sweep':
$list = array(
0=>_('Daily'),
1=>_('Weekly'),
2=>_('Monthly'),
3=>_('Quarterly'),
4=>_('Semi-Annually'),
5=>_('Annually'),
6=>_('Service Rebill')
);
break;
case 'commissiontype':
$list = array(
0=>_('None'),
1=>_('Percentage Based'),
2=>('Flat Rate')
);
break;
# @todo To deprecate this and standardise with commissiontype
case 'discounttype':
$list = array(
0=>_('Percentage Based'),
1=>_('Flat Rate')
);
break;
case 'copluginmode':
$list = array(
0=>_('Test'),
1=>_('Live')
);
break;
case 'domaintype':
$list = array(
'register'=>_('Register'),
'transfer'=>_('Transfer'),
'park'=>_('Park')
);
break;
case 'email_piping':
$list = array(
0=>'&nbsp;',
1=>'POP',
2=>'IMAP'
);
break;
case 'email_piping_action':
$list = array(
0=>_('Leave message in mailbox'),
1=>_('Delete message from mailbox')
);
break;
case 'invoice_delivery':
$list = array(
0=>_('None'),
1=>_('E-Mail'),
2=>_('Print')
);
break;
case 'invoice_show_itemized':
$list = array(
0=>_('Overview Only'),
1=>_('Full Detail')
);
break;
case 'nametitle':
$list = array(
_('Mr'),
_('Ms'),
_('Mrs'),
_('Miss'),
_('Dr'),
_('Prof')
);
$nokeys = true;
break;
case 'os':
$list = array(
0=>'Linux',
1=>'Windows'
);
break;
case 'recur_schedule':
$list = array(
0=>_('Weekly'),
1=>_('Monthly'),
2=>_('Quarterly'),
3=>_('Semi-Annually'),
4=>_('Annually'),
5=>_('Two years'),
6=>_('Three Years')
);
break;
case 'recur_type':
$list = array(
0=>_('Bill on Aniversary Date of Subscription'),
1=>_('Bill on Fixed Schedule')
);
break;
case 'pricetype':
$list = array(
0=>_('One-time Charge'),
1=>_('Recurring Membership/Subscription'),
2=>_('Trial for Membership/Subscription')
);
break;
case 'servicetype':
if ($C_list->is_installed('host_server')) {
$list['host'] = _('Hosting');
$list['host_group'] = _('Hosting & Group Access');
$list['domain'] = _('Domain Name');
}
$list['none'] = _('Recurring Only');
break;
case 'servicequeue':
$list = array(
'new'=>_('Add New'),
'active'=>_('Activate'),
'inactive'=>_('Deactivate'),
'delete'=>_('Delete'),
'edit'=>_('Edit/Update'),
'queue_none'=>_('None')
);
break;
case 'statictype':
$list = array(
'small_text'=>_('Small Text'),
'medium_text'=>_('Medium Text'),
'large_text'=>_('Large Text'),
'dropdown_list'=>_('Dropdown List'),
'calendar'=>_('Calendar'),
'file_upload'=>_('File Upload'),
'status'=>_('Status'),
'checkbox'=>_('Checkbox'),
'hidden'=>_('Hidden')
);
break;
case 'tasktype':
$list = array(
0=>_('Internal Method'),
1=>_('System Call')
);
break;
case 'trial_length':
$list = array(
0=>_('Days'),
1=>_('Weeks'),
2=>_('Months')
);
break;
default: return sprintf('Unknown staticlist: %s',$type);
}
# If ID is blank, we'll just return the value
if (! $input_id)
return $list[$default];
# If the NAME is blank, we'll return the list itself
if (! $name)
return $list;
$return = sprintf('<select id="%s" name="%s" class="%s">',$input_id,$name,$class);
if ($all)
$return .= '<option value="">&nbsp;</option>';
foreach ($list as $element => $details) {
$selected = '';
if ($nokeys) {
if ($default == $details)
$selected = ' selected="selected"';
} else {
if ($default == $element)
$selected = ' selected="selected"';
}
$return .= sprintf('<option value="%s"%s>%s</option>',$nokeys ? $details : $element,$selected,$details);
}
$return .= '</select>';
return $return;
}

362
modules/core/login.inc.php
View File

@@ -1,327 +1,207 @@
<?php
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* Originally authored by Tony Landis, AgileBill LLC
*
* Recent modifications by Deon George
*
* @author Deon George <deonATleenooksDOTnet>
* @copyright 2009 Deon George
* @link http://osb.leenooks.net
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <tony@agileco.com>
* @author Tony Landis <tony@agileco.com>
* @package AgileBill
* @version 1.4.93
* @subpackage Core:Login
*/
class CORE_login_handler
{
function login($VAR, $md5=true)
{
global $C_translate, $C_debug;
/**
* The main AgileBill Login Class
*
* @package AgileBill
* @subpackage Core:Login
*/
class CORE_login_handler {
/**
* Login to OSB
*/
public function login($VAR,$md5=true) {
global $C_translate, $C_debug;
$db = &DB();
# check that the username/password are both set
if(($VAR['_username'] == '') || ($VAR['_password'] == ''))
{
if ((! $VAR['_username']) || (! $VAR['_password'])) {
$C_debug->alert($C_translate->translate('login_enter_both','',''));
return;
return false;
}
# md5 the password
if($md5)
$pass = md5($VAR['_password']);
else
$pass = $VAR['_password'];
$pass = $md5 ? md5($VAR['_password']) : $VAR['_password'];
# check the database for a match
$db = &DB();
$q = "SELECT id,status,username,password,date_expire FROM " . AGILE_DB_PREFIX . "account WHERE
password = '$pass' AND
username = '".$VAR['_username']."' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# Check the database for a match
$rs = $db->Execute(
sqlSelect('account','id,status,username,password,date_expire',
array('where'=>array('username'=>$VAR['_username'],'password'=>$pass))));
# get the account id
$id = $result->fields['id'];
# check that their is no lock on this account id or IP address:
if($this->locked ($id))
{
$C_debug->alert($C_translate->translate('login_locked','',''));
return;
}
# verify the username/password match.
if($result->fields['username'] == $VAR['_username'])
{
if (($result->fields['password'] !== $VAR['_password']) && ($result->fields['password'] != $pass))
{
# no match
$C_debug->alert($C_translate->translate('login_pw_failed','',''));
# log as a failed login
$this->lock_check($VAR,"0",$id);
return;
}
}
else
{
# no username match
if (! $rs || ! $rs->RecordCount() == 1) {
$C_debug->alert($C_translate->translate('login_un_pw_failed','',''));
# reload the login page
$VAR["_page"] = 'account:user_login';
# Log as a failed login
$this->lock_check($VAR,0,$VAR['_username']);
return false;
}
# Get the account id
$id = $rs->fields['id'];
# Check that their is no lock on this account id or IP address:
if ($this->locked($id)) {
$C_debug->alert($C_translate->translate('login_locked','',''));
# log as a failed login
$this->lock_check($VAR,"0",$VAR['_username']);
return;
}
if($result->fields['date_expire'] == "0" || $result->fields['date_expire'] == "")
$date_expire = time()+99;
if ($rs->fields['date_expire'] == 0 || ! $rs->fields['date_expire'])
$date_expire = time()+99;
else
$date_expire = $result->fields['date_expire'];
$date_expire = $rs->fields['date_expire'];
# Check that it is an active account
if ($rs->fields['status'] != 1 || $date_expire <= time()) {
# Inactive account
$C_debug->alert($C_translate->translate('login_inactive','',''));
# check that it is an active account
if($result->fields['status'] != "1" || $date_expire <= time())
{
# inactive account
$C_debug->alert($C_translate->translate('login_inactive','',''));
# Log as failed login
$this->lock_check($VAR,0,$id);
# log as failed login
$this->lock_check($VAR,"0",$id);
return;
}
else
{
# active account - check for password sharing if login_share module is installed
} else {
# Active account - check for password sharing if login_share module is installed
include_once(PATH_CORE.'list.inc.php');
$C_list = new CORE_list;
if($C_list->is_installed('login_share'))
{
$C_list = new CORE_list;
if ($C_list->is_installed('login_share')) {
include_once(PATH_MODULES.'login_share/login_share.inc.php');
$share = new login_share;
if(!$share->login($id, $VAR['_username']))
{
# shared account alert
if (! $share->login($id,$VAR['_username'])) {
# Shared account alert
$C_debug->alert($C_translate->translate('shared_account','login_share',''));
# log as failed login
$this->lock_check($VAR,"0",$id);
# Log as failed login
$this->lock_check($VAR,0,$id);
return;
}
}
return;
}
}
}
# set the expiry date of the login session
$date_expire = (time() + (SESSION_EXPIRE * 60));
# Set the expiry date of the login session
$date_expire = time()+(SESSION_EXPIRE*60);
# update the DB
$db = &DB();
$q = "UPDATE " . AGILE_DB_PREFIX . "session
SET
ip= '". USER_IP ."',
date_expire = '$date_expire',
logged = '1',
account_id = '$id'
WHERE
id = '" . SESS . "'
AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# Update the DB
$rs = $db->Execute(
sqlUpdate($db,'session',array('ip'=>USER_IP,'date_expire'=>$date_expire,'logged'=>1,'account_id'=>$id),array('id'=>SESS)));
# delete any old sessions for this account
$db = &DB();
$q = "DELETE FROM " . AGILE_DB_PREFIX . "session WHERE
account_id = '$id' AND
id != '" . SESS . "' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# Delete any old sessions for this account
$rs = $db->Execute(sqlDelete($db,'session',sprintf('account_id=%s AND id!="%s"',$id,SESS)));
#return logged in message
# Return logged in message
$C_debug->alert($C_translate->translate('login_success','',''));
# Get the last successful login:
$db = &DB();
$q = "SELECT * FROM " . AGILE_DB_PREFIX . "login_log WHERE
account_id = ". $db->qstr($id)." AND
status = ". $db->qstr(1)." AND
site_id = ". $db->qstr(DEFAULT_SITE) . "
ORDER BY date_orig DESC LIMIT 1";
$result = $db->Execute($q);
if($result->RecordCount() != 0)
{
$ip = $result->fields["ip"];
$date = $result->fields["date_orig"];
$date1 = date(UNIX_DATE_FORMAT, $date);
$date1.= " ".date(DEFAULT_TIME_FORMAT, $date);
$rs = $db->Execute(
sqlSelect('login_log','ip,date_orig',array('where'=>array('account_id'=>$id,'status'=>1),'orderby'=>'date_orig DESC','limit'=>1)));
$message = $C_translate->translate('login_log_success','','');
$message = ereg_replace('%date%', $date1, $message);
$message = ereg_replace('%ip%', $ip, $message);
$C_debug->alert($message);
}
if ($rs && $rs->RecordCount())
$C_debug->alert(
str_replace('%DATE%',
sprintf('<b>%s %s</b>',date(UNIX_DATE_FORMAT,$rs->fields['date_orig']),date(DEFAULT_TIME_FORMAT,$rs->fields['date_orig'])),
str_replace('%IP%',sprintf('<b>%s</b>',$rs->fields['ip']),_('Last successful login was on %DATE% from %IP%'))));
# log the successful login
$this->lock_check($VAR,"1",$id);
# Log the successful login
$this->lock_check($VAR,1,$id);
}
public function logout($VAR) {
global $C_debug,$C_translate;
function logout ($VAR)
{
global $C_debug, $C_translate;
$db = &DB();
# logout the current session by editing the database record
$q = "UPDATE ". AGILE_DB_PREFIX ."session SET logged='0'
WHERE id = '" . SESS . "' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# Logout the current session by editing the database record
$db->Execute(sqlUpdate($db,'session',array('logged'=>0),array('id'=>SESS)));
# delete any session caches!
$q = 'DELETE FROM '.AGILE_DB_PREFIX.'session_auth_cache WHERE
session_id = '. $db->qstr(SESS) .' AND
site_id = '. $db->qstr(DEFAULT_SITE);
$db->Execute($q);
# Delete any session caches!
$db->Execute(sqlDelete($db,'session_auth_cache',array('session_id'=>SESS)));
# logout success:
$C_debug->alert($C_translate->translate('logout_success','',''));
}
function locked ($account_id)
{
# @todo this should move to login_lock.inc.php
private function locked($account_id) {
global $C_list;
include_once(PATH_CORE.'list.inc.php');
$C_list = new CORE_list;
$C_list = new CORE_list;
if (! $C_list->is_installed('login_lock'))
return false;
if($account_id != '')
$sql = " OR account_id = '$account_id' AND ";
else
$sql = " AND ";
# check by IP & USER
$db = &DB();
$q = "SELECT id FROM " . AGILE_DB_PREFIX . "login_lock WHERE
ip = '" . USER_IP . "'";
$q .= $sql;
$q .= " date_expire >= '" . time() . "' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
$i = 0;
$rs = $db->Execute(
sqlSelect('login_lock','id',
array('where'=>
sprintf('ip=::%s:: AND date_expire>=%s %s',USER_IP,time(),$account_id ? sprintf('AND account_id=%s',$account_id) : ''))));
while (!$result->EOF)
{
$i++;
$result->MoveNext();
}
# return the results
if ($i > 0)
if ($rs && $rs->RecordCount())
return true;
else
return false;
}
# @todo this should move to login_lock.inc.php
private function lock_check($VAR,$status,$account_id) {
global $C_list;
include_once(PATH_CORE.'list.inc.php');
$C_list = new CORE_list;
function lock_check ($VAR,$status,$account_id)
{
# if this is a success, delete all login old login records..
/*
if($status == 1)
{
# delete all login attempts for this account
# (to clean the slate after the account login lock expires)
$db = &DB();
$q = "DELETE FROM " . AGILE_DB_PREFIX . "login_log WHERE
account_id = '$account_id' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
}
*/
# create the appropriate login attempt record.
$db = &DB();
$login_id = $db->GenID(AGILE_DB_PREFIX . 'login_log_id');
$q = "INSERT INTO " . AGILE_DB_PREFIX . "login_log SET
id = " . $db->qstr($login_id) . ",
ip = " . $db->qstr( USER_IP ) . ",
account_id = " . $db->qstr($account_id ) . ",
date_orig = " . $db->qstr(time()) . ",
status = " . $db->qstr($status ) . ",
site_id = " . $db->qstr(DEFAULT_SITE);
$result = $db->Execute($q);
# Create the appropriate login attempt record.
$db->Execute(sqlInsert($db,'login_log',array('ip'=>USER_IP,'account_id'=>$account_id,'date_orig'=>time(),'status'=>$status)));
# if this is a successfull login, we can now exit...
if($status == 1) return;
if ($status == 1 || ! $C_list->is_installed('login_lock'))
return true;
# determine the time period to check for login attempts after:
$date_orig = (time() - (LOGIN_ATTEMPT_TIME*60));
# Determine the time period to check for login attempts after:
$date_orig = time()-(LOGIN_ATTEMPT_TIME*60);
# check the database for all the failed login attempts from
# this IP withing the time period defined in the setup.
$q = "SELECT id FROM " . AGILE_DB_PREFIX . "login_log WHERE
ip = '" . USER_IP . "' AND
date_orig >= '$date_orig' AND
status = '0' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
$i = 0;
while (!$result->EOF)
{
$i++;
$result->MoveNext();
}
# Check the database for all the failed login attempts from this IP withing the time period defined in the setup.
$rs = $db->Execute(sqlSelect('login_log','COUNT(id) as id',array('where'=>sprintf('ip=::%s:: AND date_orig>=%s AND status=0',USER_IP,$date_orig))));
# Check that it does not exceed the allowed failed login attempts
if ($rs && $rs->fields['id']>=LOGIN_ATTEMPT_TRY) {
# Get the time this login block will expire:
$date_expire = time()+(LOGIN_ATTEMPT_LOCK*60);
# check that it does not exceed the allowed failed login attempts
if($i >= LOGIN_ATTEMPT_TRY)
{
# get the time this login block will expire:
$date_expire = (time() + (LOGIN_ATTEMPT_LOCK * 60));
# Delete all old blocks for this ip
$result = $db->Execute(sqlDelete($db,'login_lock',array('ip'=>USER_IP)));
# delete all old blocks for this ip
$q = "DELETE FROM " . AGILE_DB_PREFIX . "login_lock WHERE
ip = '" . USER_IP . "' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# create a block on this login
$q = "INSERT INTO " . AGILE_DB_PREFIX . "login_lock SET
ip = '" . USER_IP . "',
date_orig = '".time()."',
date_expire = '$date_expire',
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# delete all login attempts for this account
# (to clean the slate after the account login lock expires)
$q = "DELETE FROM " . AGILE_DB_PREFIX . "login_log WHERE
ip = '" . USER_IP . "' AND
status = '0' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# Create a block on this login
$result = $db->Execute(sqlInsert($db,'login_lock',array('ip'=>USER_IP,'date_orig'=>time(),'date_expire'=>$date_expire)));
}
}
}

13
modules/core/method.inc.php
View File

@@ -52,7 +52,8 @@ class CORE_method {
include_once($file);
if (class_exists($module) && method_exists($module,$method)) {
eval (sprintf('$%s = new %s();$%s->%s($VAR,$%s);',$module,$module,$module,$method,$module));
eval(sprintf('$%s = new %s(%s);$%s->%s($VAR,$%s);',
$module,$module,isset($VAR['id']) ? $VAR['id'] : 'null',$module,$method,$module));
} else {
$C_debug->alert($C_translate->translate('method_non_existant','core',''));
@@ -76,6 +77,13 @@ class CORE_method {
}
}
/**
* Execute a method that supports output for a template
*/
public function exetm($module,$method) {
return $this->exe($module,'tm'.$method);
}
/**
* Execute a modules method
*/
@@ -120,7 +128,8 @@ class CORE_method {
include_once($file);
if (class_exists($module) && method_exists($module,$method)) {
eval (sprintf('$%s = new %s();$%s->%s($VAR,$%s,$args);',$module,$module,$module,$method,$module));
eval(sprintf('$%s = new %s(%s);$%s->%s($VAR,$%s,$args);',
$module,$module,(isset($VAR['id']) ? $VAR['id'] : 'null'),$module,$method,$module));
global $smarty;

14
modules/core/search.inc.php
View File

@@ -61,7 +61,7 @@ class CORE_search {
),$this->id));
# Error reporting
if ($result === false) {
if (! $result) {
global $C_debug;
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
@@ -80,10 +80,10 @@ class CORE_search {
# Get the details for this search
$db = &DB();
$result = $db->Execute(sqlSelect($db,'search','*',sprintf('id=%s',$id)));
$result = $db->Execute(sqlSelect('search','*',array('where'=>array('id'=>$id))));
# Error reporting
if ($result === false) {
if (! $result) {
global $C_debug;
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
@@ -100,7 +100,7 @@ class CORE_search {
$this->limit = $result->fields['limit_no'];
# Check if this search has expired:
if($this->date_expire <= time()) {
if ($this->date_expire <= time()) {
# Refresh the search
# $this->results = $this->refresh($id);
# echo "<BR> this search has expired! Refreshing.... <BR>";
@@ -137,7 +137,7 @@ class CORE_search {
* @param int Contians the Search Id to be saved
* @param string Contains the name of the Module this search was for
*/
public function save($search_id,$module,$name) {
public function save($search_id,$module,$name) {
# Save the search
$db = &DB();
@@ -156,12 +156,12 @@ class CORE_search {
),$this->id));
# Error reporting
if ($result === false) {
if (! $result) {
global $C_debug;
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
}
}
}
/**
* Build the recent search menu and JavaScript

663
modules/core/session.inc.php
View File

@@ -1,416 +1,409 @@
<?php
/**
* AgileBill - Open Billing Software
*
* This body of work is free software; you can redistribute it and/or
* modify it under the terms of the Open AgileBill License
* License as published at http://www.agileco.com/agilebill/license1-4.txt
*
* For questions, help, comments, discussion, etc., please join the
* Agileco community forums at http://forum.agileco.com/
*
* Originally authored by Tony Landis, AgileBill LLC
*
* Recent modifications by Deon George
*
* @author Deon George <deonATleenooksDOTnet>
* @copyright 2009 Deon George
* @link http://osb.leenooks.net
*
* @link http://www.agileco.com/
* @copyright 2004-2008 Agileco, LLC.
* @license http://www.agileco.com/agilebill/license1-4.txt
* @author Tony Landis <tony@agileco.com>
* @author Tony Landis <tony@agileco.com>
* @package AgileBill
* @version 1.4.93
* @subpackage Core:Session
*/
class CORE_session
{
var $id;
function CORE_session()
{
global $C_debug, $_GET, $_POST,$_COOKIE, $HTTP_COOKIE_VARS, $VAR;
/**
* The main AgileBill Session Class
*
* @package AgileBill
* @subpackage Core:Session
*/
class CORE_session {
# Our session ID
private $id = '';
# The time our session expires
private $sess_date_expire = 0;
if (isset($_GET['s']))
$session_arr[] = $_GET['s'];
else if (isset($_POST['s']))
$session_arr[] = $_POST['s'];
else if(isset($_COOKIE[COOKIE_NAME]))
$session_arr[] = $_COOKIE[COOKIE_NAME];
else if (isset($HTTP_COOKIE_VARS[COOKIE_NAME]))
$session_arr[] = $HTTP_COOKIE_VARS[COOKIE_NAME];
public function __construct() {
global $C_debug,$VAR;
if(isset($session_arr)) {
for($i=0; $i<count($session_arr); $i++) {
if($session_arr[$i] != '') {
$validate = $this->validate($session_arr[$i]);
if($validate != FALSE) {
$this->id = $session_arr[$i];
$i = count($session_arr);
}
}
}
}
$session_arr = array();
@$this->sess_date_expire = time() + (SESSION_EXPIRE*60);
if(!isset($this->id))
{
empty($VAR['tid']) ? $this->sess_theme_id = DEFAULT_THEME : $this->sess_theme_id = $VAR['tid'];
empty($VAR['lid']) ? $this->sess_language_id = DEFAULT_LANGUAGE : $this->sess_language_id = $VAR['lid'];
empty($VAR['cid']) ? $this->sess_country_id = DEFAULT_COUNTRY : $this->sess_country_id = $VAR['cid'];
empty($VAR['cyid']) ? $this->sess_currency_id = DEFAULT_CURRENCY : $this->sess_currency_id = $this->get_currency($VAR['cyid']);
empty($VAR['wid']) ? $this->sess_weight_id = DEFAULT_WEIGHT : $this->sess_weight_id = $VAR['wid'];
@$this->sess_reseller_id = $VAR['rid'];
@$this->sess_affiliate_id = $this->get_affiliate(0);
@$this->sess_campaign_id = $this->get_campaign(0);
$this->sess_logged = false;
$this->sess_account_id = false;
$this->session();
# Get our SESSION ID, either as a GET/POST or COOKIE
if (isset($_GET['s']) && trim($_GET['s']))
array_push($session_arr,$_GET['s']);
elseif (isset($_POST['s']) && trim($_POST['s']))
array_push($session_arr,$_POST['s']);
elseif(isset($_COOKIE[COOKIE_NAME]) && trim($_COOKIE[COOKIE_NAME])) {
array_push($session_arr,$_COOKIE[COOKIE_NAME]);
# Clear the cookie, as we'll validate it
$this->id = $_COOKIE[COOKIE_NAME];
$this->setcookies(true);
$this->id = '';
}
else
{
empty($VAR['tid']) ? $this->sess_theme_id = $validate['theme_id'] : $this->sess_theme_id = $VAR['tid'];
empty($VAR['lid']) ? $this->sess_language_id = $validate['language_id'] : $this->sess_language_id = $VAR['lid'];
empty($VAR['cid']) ? $this->sess_country_id = $validate['country_id'] : $this->sess_country_id = $VAR['cid'];
empty($VAR['cyid']) ? $this->sess_currency_id = $validate['currency_id'] : $this->sess_currency_id = $this->get_currency($VAR['cyid']);
empty($VAR['wid']) ? $this->sess_weight_id = $validate['weight_id'] : $this->sess_weight_id = $VAR['wid'];
empty($VAR['rid']) ? $this->sess_reseller_id = $validate['reseller_id'] : $this->sess_reseller_id = $VAR['rid'];
empty($VAR['aid']) ? $this->sess_affiliate_id = $validate['affiliate_id'] : $this->sess_affiliate_id = $this->get_affiliate($validate['affiliate_id']);
empty($VAR['caid']) ? $this->sess_campaign_id = $validate['campaign_id'] : $this->sess_campaign_id = $this->get_campaign($validate['campaign_id']);
$this->sess_account_id = $validate['account_id'];
$this->sess_logged = $validate['logged'];
foreach ($session_arr as $s)
if ($validate = $this->validate($s))
$this->id = $s;
$this->sess_date_expire = time()+(SESSION_EXPIRE*60);
if (! $this->id) {
$this->tid = empty($VAR['tid']) ? DEFAULT_THEME : $VAR['tid'];
$this->lid = empty($VAR['lid']) ? DEFAULT_LANGUAGE : $VAR['lid'];
$this->cid = empty($VAR['cid']) ? DEFAULT_COUNTRY : $VAR['cid'];
$this->cyid = empty($VAR['cyid']) ? DEFAULT_CURRENCY : $this->get_currency($VAR['cyid']);
$this->wid = empty($VAR['wid']) ? DEFAULT_WEIGHT : $VAR['wid'];
$this->rid = empty($VAR['rid']) ? null : $VAR['rid'];
$this->aid = $this->get_session_link(0,'affiliate');
$this->caid = $this->get_session_link(0,'campaign');
$this->sess_logged = false;
$this->sess_account_id = false;
$this->session();
} else {
$this->tid = empty($VAR['tid']) ? $validate['theme_id'] : $VAR['tid'];
$this->lid = empty($VAR['lid']) ? $validate['language_id'] : $VAR['lid'];
$this->cid = empty($VAR['cid']) ? $validate['country_id'] : $VAR['cid'];
$this->cyid = empty($VAR['cyid']) ? $validate['currency_id'] : $this->get_currency($VAR['cyid']);
$this->wid = empty($VAR['wid']) ? $validate['weight_id'] : $VAR['wid'];
$this->rid = empty($VAR['rid']) ? $validate['reseller_id'] : $VAR['rid'];
$this->aid = empty($VAR['aid']) ? $validate['affiliate_id'] : $this->get_session_link($validate['affiliate_id'],'affiliate');
$this->caid = empty($VAR['caid']) ? $validate['campaign_id'] : $this->get_session_link($validate['campaign_id'],'campaign');
$this->sess_logged = $validate['logged'];
$this->sess_account_id = $validate['account_id'];
$db = &DB();
$q = "UPDATE " . AGILE_DB_PREFIX . "session SET
date_last = " . $db->qstr(time()) . ",
date_expire = " . $db->qstr($this->sess_date_expire) . ",
ip = " . $db->qstr(USER_IP) . ",
theme_id = " . $db->qstr($this->sess_theme_id) . ",
country_id = " . $db->qstr($this->sess_country_id) . ",
language_id = " . $db->qstr($this->sess_language_id) . ",
currency_id = " . $db->qstr($this->sess_currency_id) . ",
weight_id = " . $db->qstr($this->sess_weight_id) . ",
reseller_id = " . $db->qstr($this->sess_reseller_id) . ",
affiliate_id = " . $db->qstr($this->sess_affiliate_id). ",
campaign_id = " . $db->qstr($this->sess_campaign_id) . "
WHERE
id = " . $db->qstr($this->id) . "
AND
site_id = " . $db->qstr(DEFAULT_SITE);
// update the old session ONLY if info has changed or expires/no update in the past 5 minutes.
if (!empty($VAR['tid']) || !empty($VAR['lid']) || !empty($VAR['cid']) || !empty($VAR['cyid']) ||
!empty($VAR['wid']) || !empty($VAR['rid']) || !empty($VAR['aid']) || !empty($VAR['caid']) ) {
$result = $db->Execute($q);
} else if ($validate['logged'] == '0' && !empty($this->sess_date_expire) && $this->sess_date_expire+60*5 < time()) {
$result = $db->Execute($q);
} else if (!empty($validate['date_last']) && $validate['date_last']+60*5 < time()) {
$result = $db->Execute($q);
}
# Only update the session (every 5 mins) if we are logged in
if ($validate['logged'] && $this->sess_date_expire+60*5 < time())
$db->Execute(
sqlUpdate($db,'session',array(
'date_last'=>time(),
'date_expire'=>$this->sess_date_expire,
'ip'=>USER_IP,
'theme_id'=>$this->tid,
'country_id'=>$this->cid,
'language_id'=>$this->lid,
'currency_id'=>$this->cyid,
'weight_id'=>$this->wid,
'reseller_id'=>$this->rid,
'affiliate_id'=>$this->aid,
'campaign_id'=>$this->caid,
),array('id'=>$this->id)));
}
if(!defined("SESS")) define ('SESS', $this->id);
$this->setcookies();
if (! defined('SESS'))
define('SESS',$this->id);
$this->setcookies();
}
function validate($session_id) {
private function validate($session_id) {
global $C_debug;
$db = &DB();
$q = "SELECT
" . AGILE_DB_PREFIX . "session.*,
" . AGILE_DB_PREFIX . "account.id AS acct_id,
" . AGILE_DB_PREFIX . "account.status,
" . AGILE_DB_PREFIX . "account.date_expire AS account_date_expire,
" . AGILE_DB_PREFIX . "session_auth_cache.date_expire AS sess_auth_date_expire,
" . AGILE_DB_PREFIX . "session_auth_cache.group_arr,
" . AGILE_DB_PREFIX . "session_auth_cache.module_arr
FROM
" . AGILE_DB_PREFIX . "session
LEFT JOIN " . AGILE_DB_PREFIX . "account ON ".AGILE_DB_PREFIX."account.id = ".AGILE_DB_PREFIX."session.account_id
LEFT JOIN " . AGILE_DB_PREFIX . "session_auth_cache ON " . AGILE_DB_PREFIX . "session.id = " . AGILE_DB_PREFIX . "session_auth_cache.session_id
WHERE
" . AGILE_DB_PREFIX . "session.id = " . $db->qstr($session_id) . "
AND
" . AGILE_DB_PREFIX . "session.site_id = " . $db->qstr(DEFAULT_SITE) . "
AND ((
" . AGILE_DB_PREFIX . "account.site_id = " . $db->qstr(DEFAULT_SITE) . "
AND
" . AGILE_DB_PREFIX . "session.account_id IS NOT NULL
) OR (
" . AGILE_DB_PREFIX . "account.site_id IS NULL
AND
" . AGILE_DB_PREFIX . "session.account_id IS NULL
))
AND
" . AGILE_DB_PREFIX . "session_auth_cache.site_id = " . $db->qstr(DEFAULT_SITE);
$result = $db->Execute($q);
if ($result === false) {
$C_debug->error('session.inc.php','validate', $db->ErrorMsg());
echo '<BR>Unable to start session: Database Error: ' . $db->ErrorMsg();
return;
} else if ($result->RecordCount() == 0) {
return FALSE;
}
// Set the auth caching for use in the auth module to save a query there:
$this->auth_cache['date_expire'] = $result->fields["sess_auth_date_expire"];
$this->auth_cache['group_arr'] = $result->fields["group_arr"];
$this->auth_cache['module_arr'] = $result->fields["module_arr"];
$q = str_replace('{p}',AGILE_DB_PREFIX,str_replace('{s}',DEFAULT_SITE,sprintf(
'SELECT A.*,B.id AS acct_id,B.status,B.date_expire AS account_date_expire,C.date_expire AS sess_auth_date_expire,C.group_arr,C.module_arr
FROM {p}session AS A
LEFT JOIN {p}account AS B ON B.id=A.account_id LEFT JOIN {p}session_auth_cache AS C ON A.id=C.session_id
WHERE A.id=%s AND A.site_id={s} AND ((B.site_id={s} AND A.account_id IS NOT NULL) OR (B.site_id IS NULL AND A.account_id IS NULL)) AND C.site_id={s}',$db->qstr($session_id)
)));
if($result->fields['id'] == $session_id) {
if($result->fields["logged"] == "1") {
if($result->fields['status'] != "1") {
return FALSE;
} else if(!empty($result->fields['account_date_expire']) && $result->fields['account_date_expire'] < time()) {
return FALSE;
} else if(SESSION_EXPIRE != 0 && $result->fields['date_expire'] <= time()) {
$this->logout($session_id);
return FALSE;
}
}
$rs = $db->Execute($q);
if (! $rs) {
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
printf('Unable to start session: Database Error: %s',$db->ErrorMsg());
if(SESSION_IP_MATCH) {
if($result->fields['ip'] != USER_IP) {
$this->delete($session_id);
return FALSE;
}
}
return false;
} else {
return FALSE;
} elseif ($rs->RecordCount() == 0) {
return false;
}
return $result->fields;
# Set the auth caching for use in the auth module to save a query there:
$this->auth_cache['date_expire'] = $rs->fields['sess_auth_date_expire'];
$this->auth_cache['group_arr'] = $rs->fields['group_arr'];
$this->auth_cache['module_arr'] = $rs->fields['module_arr'];
if ($rs->fields['logged'] == 1) {
if ($rs->fields['status'] != 1)
return false;
elseif (! empty($rs->fields['account_date_expire']) && $rs->fields['account_date_expire'] < time())
return false;
elseif (SESSION_EXPIRE != 0 && $rs->fields['date_expire'] <= time()) {
$this->logout($session_id);
return false;
}
}
if (SESSION_IP_MATCH && ($rs->fields['ip'] != USER_IP)) {
$this->delete($session_id);
return false;
}
return $rs->fields;
}
function setcookies() {
if(defined("AGILE_COOKIE") && AGILE_COOKIE != '') {
/**
* Set or expire cookies
*/
private function setcookies($expire=false) {
if (defined('AGILE_COOKIE') && AGILE_COOKIE != '') {
$domain = AGILE_COOKIE;
} else {
global $_SERVER;
if(isset($_SERVER)) {
@$domain = $_SERVER['HTTP_HOST'];
} else {
$server = getallheaders();
$domain = $server['Host'];
}
$domain = '.'.preg_replace('/^www./', '', $domain);
}
if(COOKIE_EXPIRE == 0 )
$cookie_expire = (time() + 86400*365);
} else {
global $_SERVER;
if (isset($_SERVER['HTTP_HOST'])) {
$domain = $_SERVER['HTTP_HOST'];
} elseif (isset($_SERVER['SERVER_NAME'])) {
$domain = $_SERVER['SERVER_NAME'];
} elseif (function_exists('getallheaders')) {
$server = getallheaders();
$domain = $server['Host'];
} else {
echo '<PRE>';print_r($_SERVER);echo '</PRE>';
echo 'ERROR: Cant work out our domain?';
die();
}
$domain = '.'.preg_replace('/^www./','',$domain);
}
if ($expire)
$cookie_expire = 0;
elseif (COOKIE_EXPIRE == 0)
$cookie_expire = (time()+86400*365);
else
$cookie_expire = (time() + (COOKIE_EXPIRE*60));
if(empty($domain) || preg_match('/localhost/', $domain))
setcookie(COOKIE_NAME,$this->id,$cookie_expire,'/');
$cookie_expire = (time()+(COOKIE_EXPIRE*60));
if (empty($domain) || preg_match('/localhost/',$domain))
setcookie(COOKIE_NAME,$this->id,$cookie_expire,'/');
else
setcookie(COOKIE_NAME,$this->id,$cookie_expire,'/', $domain);
setcookie(COOKIE_NAME,$this->id,$cookie_expire,'/',$domain);
# Affiliate Cookie
if(!empty($this->sess_affiliate_id)) {
$aid_expire = time()+86400*720;
$aid_cookie_name = COOKIE_NAME . 'aid';
if(empty($domain) || eregi('localhost', $domain))
setcookie($aid_cookie_name, $this->sess_affiliate_id, $aid_expire,'/');
if (! empty($this->aid)) {
$aid_cookie_name = COOKIE_NAME.'aid';
if ($expire)
$aid_expire = 0;
else
setcookie($aid_cookie_name, $this->sess_affiliate_id, $aid_expire,'/', $domain);
$aid_expire = time()+86400*720;
if (empty($domain) || preg_match('/localhost/',$domain))
setcookie($aid_cookie_name,$this->aid,$aid_expire,'/');
else
setcookie($aid_cookie_name,$this->aid,$aid_expire,'/',$domain);
}
# Campaign Cookie
if(!empty($this->sess_campaign_id)) {
$cid_expire = time()+86400*720;
$cid_cookie_name = COOKIE_NAME . 'caid';
if(empty($domain) || eregi('localhost', $domain))
setcookie($cid_cookie_name, $this->sess_campaign_id, $cid_expire,'/');
if (! empty($this->caid)) {
$cid_cookie_name = COOKIE_NAME.'caid';
if ($expire)
$cid_expire = 0;
else
setcookie($cid_cookie_name, $this->sess_campaign_id, $cid_expire,'/', $domain);
$cid_expire = time()+86400*720;
if (empty($domain) || preg_match('/localhost/',$domain))
setcookie($cid_cookie_name,$this->caid,$cid_expire,'/');
else
setcookie($cid_cookie_name,$this->caid,$cid_expire,'/',$domain);
}
}
private function get_session_link($id,$type) {
global $VAR;
function get_affiliate($old_aid) {
global $_COOKIE, $VAR;
$aid_cookie_name = COOKIE_NAME.'aid';
if(isset($VAR['aid']))
$aid = $VAR['aid'];
else if(isset($_COOKIE[$aid_cookie_name]))
@$aid = $_COOKIE[$aid_cookie_name];
else if(isset($HTTP_COOKIE_VARS[$aid_cookie_name]))
@$aid = $HTTP_COOKIE_VARS[$aid_cookie_name];
if ($aid == $old_aid) {
return $aid;
} else if (empty($aid)) {
switch($type) {
case 'affiliate' : $var = 'aid'; $table = 'affiliate'; break;
case 'campaign' : $var = 'caid'; $table = 'campaign'; break;
default:
return '';
}
$cookie_name = sprintf('%s%s',COOKIE_NAME,$var);
if (isset($VAR[$var]))
$i = $VAR[$var];
elseif (isset($_COOKIE[$cookie_name]))
$i = $_COOKIE[$cookie_name];
if (empty($i))
return '';
} else {
// validate
elseif ($i == $id)
return $i;
# Validate
else {
$db = &DB();
$q = "SELECT id,account_id FROM " . AGILE_DB_PREFIX . "affiliate
WHERE id = ".$db->qstr($aid)." AND
site_id = ".$db->qstr(DEFAULT_SITE);
@$result = $db->Execute($q);
if(@$result->fields['id'] == $aid)
return $aid;
$rs = $db->Execute(sqlSelect($table,'id',array('where'=>array('id'=>$i))));
if ($rs && $rs->RecordCount())
return $i;
else
return '';
return '';
}
}
function get_campaign($old_cid) {
global $_COOKIE, $VAR;
$cid_cookie_name = COOKIE_NAME.'caid';
if(isset($VAR['caid']))
$cid = $VAR['caid'];
else if(isset($_COOKIE[$cid_cookie_name]))
@$cid = $_COOKIE[$cid_cookie_name];
else if(isset($HTTP_COOKIE_VARS[$cid_cookie_name]))
@$cid = $HTTP_COOKIE_VARS[$cid_cookie_name];
if ($cid == $old_cid) {
return $cid;
} else if (empty($cid)) {
return '';
} else {
// validate
$db = &DB();
$q = "SELECT id FROM " . AGILE_DB_PREFIX . "campaign
WHERE id = ".$db->qstr($cid)." AND
site_id = ".$db->qstr(DEFAULT_SITE);
@$result = $db->Execute($q);
if(@$result->fields['id'] == $cid)
return $cid;
else
return '';
}
}
function get_currency($id) {
$db = &DB();
$sql = 'SELECT * FROM ' . AGILE_DB_PREFIX . 'currency WHERE id = ' . $db->qstr($id) . ' AND site_id = ' . $db->qstr(DEFAULT_SITE);
$result = $db->Execute($sql);
if($result->fields['status'] == 1) return $id;
global $VAR; $VAR['cyid'] = DEFAULT_CURRENCY;
return DEFAULT_CURRENCY;
}
function session() {
global $C_debug;
mt_srand ((double) microtime() * 1000000);
$this->id = md5(uniqid(mt_rand(),1));
private function get_currency($id) {
$db = &DB();
$q = "SELECT id FROM " . AGILE_DB_PREFIX . "session
WHERE id = ".$db->qstr($this->id)." AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
if ($result === false) {
echo "SESSION FAILED: Unable to connect to database";
$rs = $db->Execute(sqlSelect('currency','status',array('where'=>array('id'=>$id))));
if ($rs && $rs->RecordCount() && $rs->fields['status'] == 1)
return $id;
global $VAR;
$VAR['cyid'] = DEFAULT_CURRENCY;
return DEFAULT_CURRENCY;
}
/**
* Create a session
*/
private function session() {
global $C_debug;
$db = &DB();
mt_srand((double)microtime()*1000000);
$this->id = md5(uniqid(mt_rand(),1));
$rs = $db->Execute(sqlSelect('session','id',array('where'=>array('id'=>$this->id))));
if (! $rs) {
echo 'SESSION FAILED: Unable to connect to database';
exit;
} if($result->RecordCount() == 0) {
$expires = time() + (SESSION_EXPIRE*60);
$db = &DB();
$q = "INSERT INTO " . AGILE_DB_PREFIX . "session SET
id = ".$db->qstr($this->id).",
date_orig = ".$db->qstr(time()).",
date_last = ".$db->qstr(time()).",
date_expire = ".$db->qstr($expires).",
logged = ".$db->qstr('0').",
ip = ".$db->qstr(USER_IP).",
site_id = ".$db->qstr(DEFAULT_SITE).",
affiliate_id= ".$db->qstr($this->sess_affiliate_id).",
reseller_id = ".$db->qstr($this->sess_reseller_id).",
country_id = ".$db->qstr($this->sess_country_id).",
language_id = ".$db->qstr($this->sess_language_id).",
currency_id = ".$db->qstr($this->sess_currency_id).",
weight_id = ".$db->qstr($this->sess_weight_id).",
theme_id = ".$db->qstr($this->sess_theme_id).",
campaign_id = ".$db->qstr($this->sess_campaign_id);
$result = $db->Execute($q);
if ($result === false) {
$C_debug->error('session.inc.php','validate', $db->ErrorMsg());
echo 'Unable to start session: Db error<RB><BR>' . $q . '<BR><BR>' . $db->ErrorMsg();
}
if (! $rs->RecordCount()) {
$rs = $db->Execute(
sqlInsert($db,'session',array(
'date_orig'=>time(),
'date_last'=>time(),
'date_expire'=>$this->sess_date_expire,
'affiliate_id'=>$this->aid,
'reseller_id'=>$this->rid,
'country_id'=>$this->cid,
'language_id'=>$this->lid,
'currency_id'=>$this->cyid,
'weight_id'=>$this->wid,
'theme_id'=>$this->tid,
'campaign_id'=>$this->caid,
'logged'=>0,
'ip'=>USER_IP
),$this->id));
if (! $rs) {
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
printf('Unable to start session: Db error<br/><br/>%s<br/><br/>%s',$q,$db->ErrorMsg());
exit;
}
}
}
function logout($sess) {
private function logout($sess) {
$db = &DB();
$q = "UPDATE " . AGILE_DB_PREFIX . "session SET logged = '0' WHERE
id = '$sess' AND
site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
if ($result === false) {
$rs = $db->Execute(sqlUpdate($db,'session',array('logged'=>0),array('id'=>$sess)));
if (! $rs) {
global $C_debug;
$C_debug->error('session.inc.php','logout', $db->ErrorMsg());
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
return false;
}
$q = 'DELETE FROM '.AGILE_DB_PREFIX.'session_auth_cache WHERE
session_id = '. $db->qstr($sess) .' AND
site_id = '. $db->qstr(DEFAULT_SITE);
$db->Execute($q);
$db->Execute(sqlDelete($db,'session_auth_cache',array('session_id'=>$sess)));
define('FORCE_SESS_ACCOUNT', 0);
define('FORCE_SESS_LOGGED', FALSE);
define('FORCE_SESS_ACCOUNT',0);
define('FORCE_SESS_LOGGED',false);
if (CACHE_SESSIONS == '1') {
$VAR['_login'] = '1';
$force = true;
$C_auth = new CORE_auth($force);
if(CACHE_SESSIONS == '1') {
$VAR['_login'] = '1';
$force = true;
$C_auth = new CORE_auth($force);
global $C_auth2;
$C_auth2 = $C_auth;
}
$C_auth2 = $C_auth;
}
}
function delete($sess) {
global $C_debug;
/**
* Delete a session
*/
private function delete($sess) {
$db = &DB();
$q = "DELETE FROM " . AGILE_DB_PREFIX . "session WHERE id = '$sess' AND site_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
if ($result === false) $C_debug->error('session.inc.php','delete', $db->ErrorMsg());
}
function session_constant() {
# Define the constants
define ('SESS_THEME', $this->sess_theme_id);
define ('SESS_COUNTRY', $this->sess_country_id);
define ('SESS_LANGUAGE', $this->sess_language_id);
define ('SESS_CURRENCY', $this->sess_currency_id);
define ('SESS_WEIGHT', $this->sess_weight_id);
define ('SESS_RESELLER', $this->sess_reseller_id);
define ('SESS_AFFILIATE', $this->sess_affiliate_id);
define ('SESS_CAMPAIGN', $this->sess_campaign_id);
}
function session_constant_log() {
global $VAR;
if(isset($VAR['_login']) || isset($VAR['_logout'])) {
$db = &DB();
$q = "SELECT logged,account_id FROM " . AGILE_DB_PREFIX . "session
WHERE id = " . $db->qstr($this->id) . "
AND site_id = " . $db->qstr(DEFAULT_SITE);
$result = $db->Execute($q);
$rs = $db->Execute(sqlDelete($db,'session',array('id'=>$sess)));
if (! $rs === false) {
global $C_debug;
if ($result === false) $C_debug->error('session.inc.php','session_constant', $db->ErrorMsg());
if(!defined("SESS_LOGGED"))
define ('SESS_LOGGED', $result->fields['logged']);
if(!defined("SESS_ACCOUNT"))
define ('SESS_ACCOUNT', $result->fields['account_id']);
} else {
if(!defined("SESS_LOGGED"))
define ('SESS_LOGGED', $this->sess_logged);
if(!defined("SESS_ACCOUNT"))
define ('SESS_ACCOUNT', $this->sess_account_id);
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
return false;
}
}
/**
* Define the session constants
*/
public function session_constant() {
# Define the constants
define('SESS_THEME',$this->tid);
define('SESS_LANGUAGE',$this->lid);
define('SESS_COUNTRY',$this->cid);
define('SESS_CURRENCY',$this->cyid);
define('SESS_WEIGHT',$this->wid);
define('SESS_RESELLER',$this->rid);
define('SESS_AFFILIATE',$this->aid);
define('SESS_CAMPAIGN',$this->caid);
}
public function session_constant_log() {
global $VAR;
if (isset($VAR['_login']) || isset($VAR['_logout'])) {
$db = &DB();
$rs = $db->Execute(sqlSelect('session','logged,account_id',array('where'=>array('id'=>$this->id))));
if (! $rs) {
global $C_debug;
$C_debug->error(__FILE__,__METHOD__,$db->ErrorMsg());
return;
}
if (! defined('SESS_LOGGED'))
define('SESS_LOGGED',$rs->fields['logged']);
if (! defined('SESS_ACCOUNT'))
define('SESS_ACCOUNT',$rs->fields['account_id']);
} else {
if (! defined('SESS_LOGGED'))
define('SESS_LOGGED',$this->sess_logged);
if (! defined('SESS_ACCOUNT'))
define('SESS_ACCOUNT',$this->sess_account_id);
}
if(SESS_LOGGED)
define ('SESS_EXPIRES', $this->sess_date_expire);
if (SESS_LOGGED)
define('SESS_EXPIRES',$this->sess_date_expire);
else
define ('SESS_EXPIRES', 0);
}
define('SESS_EXPIRES',0);
}
}
?>

2
modules/core/setup.inc.php
View File

@@ -113,7 +113,7 @@ class CORE_setup {
define('GRACE_PERIOD', $fields['grace_period']);
define('MAX_BILLING_NOTICE', $fields['max_billing_notice']);
error_reporting(ERROR_REPORTING);
eval('error_reporting('.ERROR_REPORTING.');');
}
private function get_setup() {

10
modules/core/static_var.inc.php
View File

@@ -329,13 +329,13 @@ class CORE_static_var
{
### BOOLEAN TRUE/FALSE
$C_list = new CORE_list;
$this_html = $C_list->bool_static_var($static_relation, $static_value, $css_menu);
$this_html = $C_list->bool($static_relation, $static_value, $css_menu);
}
elseif($display == 'search')
{
### BOOLEAN TRUE/FALSE
$C_list = new CORE_list;
$this_html = $C_list->bool_static_var($static_relation, 'all', $css_menu);
$this_html = $C_list->bool($static_relation, 'all', $css_menu);
}
else
{
@@ -358,7 +358,7 @@ class CORE_static_var
{
### BOOLEAN TRUE/FALSE
$C_list = new CORE_list;
$this_html = $C_list->bool_static_var($static_relation, 'all', $css_menu);
$this_html = $C_list->bool($static_relation, 'all', $css_menu);
}
else
{
@@ -677,7 +677,7 @@ class CORE_static_var
{
### BOOLEAN TRUE/FALSE
$C_list = new CORE_list;
$this_html = $C_list->bool_static_var($static_relation, $static_value, $css_menu);
$this_html = $C_list->bool($static_relation, $static_value, $css_menu);
}
else
{
@@ -935,7 +935,7 @@ class CORE_static_var
{
### BOOLEAN TRUE/FALSE
$C_list = new CORE_list;
$this_html = $C_list->bool_static_var($static_relation, $static_value, $css_menu);
$this_html = $C_list->bool($static_relation, $static_value, $css_menu);
}
else if ( $static_value != '' )
{

6
modules/core/translate.inc.php
View File

@@ -48,7 +48,7 @@ class CORE_translate {
function get_lang_pack($module, $language) {
# define the language names / ids (must match the language.name & language.id fields in the DB
$this->lang_arr[0] = 'english';
$this->lang_arr[0] = 'en';
# get the Core language pack
if($module=='CORE') {
@@ -132,6 +132,10 @@ class CORE_translate {
$language = DEFAULT_LANGUAGE;
}
#@todo TEMP
if ($language == 'en')
$language = 'english';
if(empty($module)) $module = 'CORE';
if(!empty($resource)) {

2
modules/core/validate.inc.php
View File

@@ -315,7 +315,7 @@ class CORE_validate {
}
public function validate_email($data,$field) {
if (preg_match('/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,4}$/',$data)) {
if (preg_match('/^[a-zA-Z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,4}$/',$data)) {
return true;
} else {

4
modules/core/vars.inc.php
View File

@@ -52,8 +52,8 @@ class CORE_vars
// mods for hardcoded vars in config/multi-site
global $hardcode;
if(is_array($hardcode)) {
foreach($hardcode as $hc) {
$this->f["{$hc[0]}"] = $hc[1];
foreach($hardcode as $hc => $value) {
$this->f[$hc] = $value;
}
}
}