__construct($pageContent);
}
/**
* PHP5 constructor
*
* @param string $pageContent
* @see HTML_Template_Sigma(), HTML_Template_Sigma::setErrorHandling(), HTML_Template_Sigma::setTemplate(), initialize()
*/
function __construct($pageContent)
{
$this->_objTpl = &new HTML_Template_Sigma('.');
$this->_objTpl->setErrorHandling(PEAR_ERROR_DIE);
$this->_objTpl->setTemplate($pageContent);
$this->initialize();
}
/**
* Get community page
*
* @access public
* @see _register(), _showRegisterPage(), _activate(), _showActivationPage(), _profile(), _showProfilePage(), $_objTpl, HTML_Template_Sigma::get()
* @return string content
*/
function getCommunityPage()
{
if (!isset($_GET['cmd'])) {
$_GET['cmd'] = "";
}
switch ($_GET['cmd']) {
case 'register':
$this->_register();
$this->_showRegisterPage();
break;
case 'activate':
$this->_activate();
$this->_showActivationPage();
break;
case 'profile':
$this->_profile();
$this->_showProfilePage();
break;
default:
break;
}
return $this->_objTpl->get();
}
/**
* Register a new user
*
* @access private
* @global array $_ARRAYLANG
* @global integer $_LANGID
*/
function _register()
{
global $_ARRAYLANG, $_LANGID, $_CONFIG;
$status = true;
if (isset($_POST['register'])) {
$objValidator = &new FWValidator();
$objUser = &new FWUser();
$_POST['username'] = contrexx_strip_tags($_POST['username']);
$_POST['email'] = contrexx_strip_tags($_POST['email']);
$_POST['password'] = contrexx_strip_tags($_POST['password']);
$_POST['password2'] = contrexx_strip_tags($_POST['password2']);
$_POST['residence'] = contrexx_strip_tags($_POST['residence']);
$_POST['zip'] = contrexx_strip_tags($_POST['zip']);
$_POST['bank'] = contrexx_strip_tags($_POST['bank']);
$_POST['blz'] = contrexx_strip_tags($_POST['blz']);
$_POST['kto'] = contrexx_strip_tags($_POST['kto']);
if (empty($_POST['username']) || empty($_POST['email']) || empty($_POST['password']) || empty($_POST['password2']) || empty($_POST['residence']) || empty($_POST['zip']) || empty($_POST['bank']) || empty($_POST['blz']) || empty($_POST['kto'])) {
$this->_statusMessage .= $_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS']."
";
$status = false;
} else {
if (!$objUser->checkUsernameIntegrity($_POST['username'])) {
$this->_statusMessage .= $_ARRAYLANG['TXT_USERNAME_ALREADY_USED']."
";
$status = false;
} elseif (!$objUser->isValidUsername($_POST['username'])) {
$this->_statusMessage .= 'Der Benutzername darf nur aus alphanumerischen Zeichen (a-z/A-Z/0-9) und den folgenden Sonderzeichen bestehen: -_
';
$status = false;
} else {
if (!$objValidator->isEmail($_POST['email'])) {
$this->_statusMessage .= $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS']."
";
$status = false;
} else {
if (!$objUser->checkEmailIntegrity($_POST['email'])) {
$this->_statusMessage .= $_ARRAYLANG['TXT_EMAIL_ALREADY_USED']."
";
$status = false;
}
}
if (strlen($_POST['password'])<6) {
$this->_statusMessage .= $_ARRAYLANG['TXT_INVALID_PASSWORD']."
";
$status = false;
} elseif ($_POST['username'] == $_POST['password']) {
$this->_statusMessage .= $_ARRAYLANG['TXT_PASSWORD_NOT_USERNAME_TEXT']."
";
$status = false;
} elseif ($_POST['password'] != $_POST['password2']) {
$this->_statusMessage .= $_ARRAYLANG['TXT_PW_DONOT_MATCH']."
";
$status = false;
}
}
}
if ($status) {
$groups = $this->arrConfig['community_groups']['value'];
if ($this->arrConfig['user_activation']['status']) {
$activationKey = md5($_POST['username'].$_POST['password'].time());
if ($objUser->addUser($_POST['username'], 0, $_POST['password'], $_POST['email'], "", "", $_POST['residence'], $_POST['zip'], $_POST['bank'], $_POST['blz'], $_POST['kto'], $_LANGID, $groups, 0, $activationKey, time() + ($this->arrConfig['user_activation_timeout']['value'] * 3600)) !== false) {
$sendto = $_POST['email'];
$subject = str_replace("%HOST%", $_CONFIG['domainUrl'], $_ARRAYLANG['TXT_CONFIRM_REGISTRATION']);
$activationLink = "http://".$_CONFIG['domainUrl'].ASCMS_PATH_OFFSET."/index.php?section=community&cmd=activate&username=".$_POST['username']."&activationKey=".$activationKey;
$hostLink = "http://".$_CONFIG['domainUrl'];
$message = str_replace(array("%HOST%","%USERNAME%","%PASSWORD%", "%ACTIVATION_LINK%", "%HOST_LINK%"), array($_CONFIG['domainUrl'], $_POST['username'], $_POST['password'], $activationLink, $hostLink), $_ARRAYLANG['TXT_CONFIRM_REGISTRATION_MAIL']);
if (@include_once ASCMS_LIBRARY_PATH.'/phpmailer/class.phpmailer.php') {
$objMail = new phpmailer();
if ($_CONFIG['coreSmtpServer'] > 0 && @include_once ASCMS_CORE_PATH.'/SmtpSettings.class.php') {
$objSmtpSettings = new SmtpSettings();
if (($arrSmtp = $objSmtpSettings->getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->From = $_CONFIG['coreAdminEmail'];
$objMail->FromName = $_CONFIG['coreAdminName'];
$objMail->AddReplyTo($_CONFIG['coreAdminEmail']);
$objMail->Subject = $subject;
$objMail->IsHTML(false);
$objMail->Body = $message;
$objMail->AddAddress($sendto);
}
if ($objMail && $objMail->Send()) {
$timeoutStr = "";
if ($this->arrConfig['user_activation_timeout']['status']) {
if ($this->arrConfig['user_activation_timeout']['value'] > 1) {
$timeoutStr = $this->arrConfig['user_activation_timeout']['value']." ".$_ARRAYLANG['TXT_HOURS_IN_STR'];
} else {
$timeoutStr = " ".$_ARRAYLANG['TXT_HOUR_IN_STR'];
}
$timeoutStr = str_replace("%TIMEOUT%", $timeoutStr, $_ARRAYLANG['TXT_ACTIVATION_TIMEOUT']);
}
$this->_statusMessage = $_ARRAYLANG['TXT_USER_ACCOUNT_SUCCESSFULLY_CREATED']."
".str_replace("%TIMEOUT%", $timeoutStr, $_ARRAYLANG['TXT_ACTIVATION_BY_USER_MSG']);
} else {
$mailSubject = str_replace("%HOST%", "http://".$_CONFIG['domainUrl'], $_ARRAYLANG['TXT_COULD_NOT_SEND_ACTIVATION_MAIL']);
$adminEmail = ''.$_CONFIG['coreAdminEmail'].'';
$this->_statusMessage = str_replace("%EMAIL%", $adminEmail, $_ARRAYLANG['TXT_COULD_NOT_SEND_EMAIL']);
}
} else {
$this->_statusMessage .= $_ARRAYLANG['TXT_DATABASE_QUERY_ERROR'];
}
} else {
if ($objUser->addUser($_POST['username'], 0, $_POST['password'], $_POST['email'], "", "", $_POST['residence'], $_POST['zip'], $_LANGID, $groups, 0, $activationKey, $_POST['bank'], $_POST['blz'], $_POST['kto']) !== false) {
$this->_statusMessage .= $_ARRAYLANG['TXT_USER_ACCOUNT_SUCCESSFULLY_CREATED']."
";
$this->_statusMessage .= $_POST['bank']."
";
$this->_statusMessage .= $_POST['blz']."
";
$this->_statusMessage .= $_POST['kto']."
";
$this->_statusMessage .= str_replace("%HOST%", $_CONFIG['domainUrl'], $_ARRAYLANG['TXT_ACTIVATION_BY_SYSTEM']);
} else {
$this->_statusMessage .= $_ARRAYLANG['TXT_DATABASE_QUERY_ERROR'];
}
}
if ($this->_objTpl->blockExists('community_registration_form')) {
$this->_objTpl->hideBlock('community_registration_form');
}
} else {
if ($this->_objTpl->blockExists('community_registration_form')) {
$this->_objTpl->touchBlock('community_registration_form');
}
}
}
}
/**
* Activate user account
*
* @access private
* @global object $objDatabase
* @global array $_ARRAYLANG
* @global array $_CONFIG
*/
function _activate()
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
if (isset($_GET['username']) && $_GET['activationKey']) {
$username = contrexx_addslashes($_GET['username']);
$activationKey = contrexx_addslashes($_GET['activationKey']);
$mailSubject = str_replace("%HOST%", "http://".$_CONFIG['domainUrl'], $_ARRAYLANG['TXT_ACCOUNT_ACTIVATION_NOT_POSSIBLE']);
$adminEmail = ''.$_CONFIG['coreAdminEmail'].'';
$status = true;
if ($this->arrConfig['user_activation_timeout']['status']) {
$objResult = $objDatabase->Execute("SELECT restore_key_time FROM ".DBPREFIX."access_users WHERE username='".$username."' AND restore_key='".$activationKey."'");
if ($objResult !== false) {
if ($objResult->RecordCount() == 1) {
if ($objResult->fields['restore_key_time'] < time()) {
$this->_statusMessage = $_ARRAYLANG['TXT_ACTIVATION_TIME_EXPIRED'].'
'.$_ARRAYLANG['TXT_REGISTER_NEW_ACCOUNT'].'';
$status = false;
}
} else {
$this->_statusMessage = str_replace("%EMAIL%", $adminEmail, $_ARRAYLANG['TXT_INVALID_USERNAME_OR_ACTIVATION_KEY']);
$status = false;
}
} else {
$this->_statusMessage = $_ARRAYLANG['TXT_DATABASE_QUERY_ERROR'];
}
}
if ($status) {
if ($objDatabase->Execute("UPDATE ".DBPREFIX."access_users SET active=1, restore_key='', restore_key_time='' WHERE username='".$username."' AND restore_key='".$activationKey."'") !== false) {
if ($objDatabase->Affected_Rows() == 1) {
$this->_statusMessage = $_ARRAYLANG['TXT_ACCOUNT_SUCCESSFULLY_ACTIVATED'];
} else {
$this->_statusMessage = str_replace("%EMAIL%", $adminEmail, $_ARRAYLANG['TXT_INVALID_USERNAME_OR_ACTIVATION_KEY']);
}
} else {
$this->_statusMessage = $_ARRAYLANG['TXT_DATABASE_QUERY_ERROR'];
}
}
} else {
$this->_statusMessage = str_replace("%EMAIL%", $adminEmail, $_ARRAYLANG['TXT_INVALID_USERNAME_OR_ACTIVATION_KEY']);
}
}
/**
* Change user profile data
*
* @access private
* @global object $objAuth
* @global object $objDatabase
* @global array $_ARRAYLANG
*/
function _profile()
{
global $objAuth, $_ARRAYLANG, $objDatabase, $_CONFIG;
if ($objAuth->checkAuth()) {
if (isset($_POST['change_profile'])) {
$_POST['firstname'] = contrexx_strip_tags($_POST['firstname']);
$_POST['lastname'] = contrexx_strip_tags($_POST['lastname']);
$_POST['residence'] = contrexx_strip_tags($_POST['residence']);
$_POST['profession'] = contrexx_strip_tags($_POST['profession']);
$_POST['interests'] = contrexx_strip_tags($_POST['interests']);
$_POST['webpage'] = contrexx_strip_tags($_POST['webpage']);
$_POST['bank'] = contrexx_strip_tags($_POST['bank']);
$_POST['blz'] = contrexx_strip_tags($_POST['blz']);
$_POST['kto'] = contrexx_strip_tags($_POST['kto']);
$_POST['company'] = contrexx_strip_tags($_POST['company']);
$_POST['street'] = contrexx_strip_tags($_POST['street']);
$_POST['zip'] = contrexx_strip_tags($_POST['zip']);
$_POST['phone'] = contrexx_strip_tags($_POST['phone']);
$_POST['mobile'] = contrexx_strip_tags($_POST['mobile']);
if ($objDatabase->Execute("UPDATE ".DBPREFIX."access_users
SET `firstname`='".contrexx_addslashes($_POST['firstname'])."',
`lastname`='".contrexx_addslashes($_POST['lastname'])."',
`residence`='".contrexx_addslashes($_POST['residence'])."',
`profession`='".contrexx_addslashes($_POST['profession'])."',
`interests`='".contrexx_addslashes($_POST['interests'])."',
`bank`='".contrexx_addslashes($_POST['bank'])."',
`blz`='".contrexx_addslashes($_POST['blz'])."',
`kto`='".contrexx_addslashes($_POST['kto'])."',
`webpage`='".contrexx_addslashes($_POST['webpage'])."',
`street`='".contrexx_addslashes($_POST['street'])."',
`zip`='".contrexx_addslashes($_POST['zip'])."',
`phone`='".contrexx_addslashes($_POST['phone'])."',
`mobile`='".contrexx_addslashes($_POST['mobile'])."',
`company`='".contrexx_addslashes($_POST['company'])."'
WHERE username='".contrexx_addslashes(contrexx_strip_tags($_SESSION['auth']['username']))."'") !== false) {
$this->_statusMessage = $_ARRAYLANG['TXT_PROFILE_DATA_SUCCESSFULLY_CHANGED'];
} else {
$this->_statusMessage = $_ARRAYLANG['TXT_DATABASE_QUERY_ERROR'];
}
$this->_objTpl->setVariable('COMMUNITY_STATUS_MESSAGE_PROFILE', $this->_statusMessage);
} elseif (isset($_POST['change_email'])) {
$objUser = &new FWUser();
$objValidator = &new FWValidator();
$_POST['email'] = contrexx_strip_tags($_POST['email']);
$_POST['email2'] = contrexx_strip_tags($_POST['email2']);
if (empty($_POST['email']) || empty($_POST['email2'])) {
$this->_statusMessage = $_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS'];
} elseif ($_POST['email'] != $_POST['email2']) {
$this->_statusMessage = $_ARRAYLANG['TXT_EMAIL_DO_NOT_MATCH'];
} elseif (!$objValidator->isEmail($_POST['email'])) {
$this->_statusMessage = $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS'];
} elseif (!$objUser->checkEmailIntegrity($_POST['email'])) {
$this->_statusMessage = $_ARRAYLANG['TXT_EMAIL_ALREADY_USED'];
} else {
if ($objDatabase->Execute("UPDATE ".DBPREFIX."access_users SET email='".contrexx_addslashes($_POST['email'])."' WHERE username='".contrexx_addslashes(contrexx_strip_tags($_SESSION['auth']['username']))."'") !== false) {
$this->_statusMessage = $_ARRAYLANG['TXT_EMAIL_SUCCESSFULLY_CHANGED'];
} else {
$this->_statusMessage = $_ARRAYLANG['TXT_DATABASE_QUERY_ERROR'];
}
}
$this->_objTpl->setVariable('COMMUNITY_STATUS_MESSAGE_EMAIL', $this->_statusMessage);
} elseif (isset($_POST['change_password'])) {
$_POST['password'] = contrexx_strip_tags($_POST['password']);
$_POST['password2'] = contrexx_strip_tags($_POST['password2']);
if (strlen($_POST['password'])<6) {
$this->_statusMessage .= $_ARRAYLANG['TXT_INVALID_PASSWORD']."
";
} elseif (contrexx_strip_tags($_SESSION['auth']['username']) == $_POST['password']) {
$this->_statusMessage .= $_ARRAYLANG['TXT_PASSWORD_NOT_USERNAME_TEXT']."
";
} elseif ($_POST['password'] != $_POST['password2']) {
$this->_statusMessage .= $_ARRAYLANG['TXT_PW_DONOT_MATCH']."
";
} else {
$password = md5($_POST['password']);
if ($objDatabase->Execute("UPDATE ".DBPREFIX."access_users SET password='".$password."', restore_key='' WHERE username='".contrexx_addslashes(contrexx_strip_tags($_SESSION['auth']['username']))."'") !== false) {
$this->_statusMessage = $_ARRAYLANG['TXT_PASSWORD_CHANGED_SUCCESSFULLY'];
$_POST['PASSWORD'] = $_POST['password'];
$objAuth->checkAuth();
} else {
$this->_statusMessage = $_ARRAYLANG['TXT_DATEBASE_QUERY_ERROR'];
}
}
$this->_objTpl->setVariable('COMMUNITY_STATUS_MESSAGE_PASSWORD', $this->_statusMessage);
}
} else {
header('Location: index.php?section=login&redirect='.base64_encode(ASCMS_PROTOCOL.'://'.$_CONFIG['domainUrl'].ASCMS_PATH_OFFSET.'/index.php?section=community&cmd=profile'));
exit;
}
}
/**
* Show the activation page
*
* @access private
*/
function _showActivationPage()
{
$this->_objTpl->setVariable('COMMUNITY_STATUS_MESSAGE', $this->_statusMessage);
}
/**
* Show the registration page
*
* @access private
* @global array $_ARRAYLANG
*/
function _showRegisterPage()
{
global $_ARRAYLANG;
$username = "";
$email = "";
$zip = "";
$residence = "";
if (isset($_POST['register'])) {
$username = htmlentities($_POST['username'], ENT_QUOTES, CONTREXX_CHARSET);
$email = htmlentities($_POST['email'], ENT_QUOTES, CONTREXX_CHARSET);
$zip = htmlentities($_POST['zip'], ENT_QUOTES, CONTREXX_CHARSET);
$residence = htmlentities($_POST['residence'], ENT_QUOTES, CONTREXX_CHARSET);
$bank = htmlentities($_POST['bank'], ENT_QUOTES, CONTREXX_CHARSET);
$blz = htmlentities($_POST['blz'], ENT_QUOTES, CONTREXX_CHARSET);
$kto = htmlentities($_POST['kto'], ENT_QUOTES, CONTREXX_CHARSET);
}
$this->_objTpl->setVariable(array(
'TXT_LOGIN_NAME' => $_ARRAYLANG['TXT_LOGIN_NAME'],
'TXT_LOGIN_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_PASSWORD'],
'TXT_PASSWORD_MINIMAL_CHARACTERS' => $_ARRAYLANG['TXT_PASSWORD_MINIMAL_CHARACTERS'],
'TXT_VERIFY_PASSWORD' => $_ARRAYLANG['TXT_VERIFY_PASSWORD'],
'TXT_FIRST_NAME' => $_ARRAYLANG['TXT_FIRST_NAME'],
'TXT_LAST_NAME' => $_ARRAYLANG['TXT_LAST_NAME'],
'TXT_EMAIL' => $_ARRAYLANG['TXT_EMAIL'],
'TXT_BANK' => $_ARRAYLANG['TXT_BANK'],
'TXT_BLZ' => $_ARRAYLANG['TXT_BLZ'],
'TXT_KTO' => $_ARRAYLANG['TXT_KTO'],
'TXT_REGISTER' => $_ARRAYLANG['TXT_REGISTER'],
'TXT_ALL_FIELDS_REQUIRED' => $_ARRAYLANG['TXT_ALL_FIELDS_REQUIRED'],
'TXT_PASSWORD_NOT_USERNAME_TEXT' => $_ARRAYLANG['TXT_PASSWORD_NOT_USERNAME_TEXT'],
'TXT_ZIP' => $_ARRAYLANG['TXT_ZIP'],
'TXT_RESIDENCE' => $_ARRAYLANG['TXT_RESIDENCE'],
'COMMUNITY_USERNAME' => $username,
'COMMUNITY_EMAIL' => $email,
'COMMUNITY_ZIP' => $zip,
'COMMUNITY_BANK' => $bank,
'COMMUNITY_BLZ' => $blz,
'COMMUNITY_KTO' => $kto,
'COMMUNITY_RESIDENCE' => $residence,
'COMMUNITY_STATUS_MESSAGE' => $this->_statusMessage
));
}
/**
* Show the user account profile page
*
* @access private
* @global object $objDatabase
*/
function _showProfilePage()
{
global $objDatabase;
$objResult = $objDatabase->SelectLimit("SELECT email, firstname, lastname, street, zip, phone, mobile, residence, profession, interests, webpage, company, bank, blz, kto FROM ".DBPREFIX."access_users WHERE username='".contrexx_addslashes($_SESSION['auth']['username'])."'");
if ($objResult !== false) {
$this->_objTpl->setVariable(array(
'COMMUNITY_FIRSTNAME' => $objResult->fields['firstname'],
'COMMUNITY_LASTNAME' => $objResult->fields['lastname'],
'COMMUNITY_STREET' => $objResult->fields['street'],
'COMMUNITY_ZIP' => $objResult->fields['zip'],
'COMMUNITY_RESIDENCE' => $objResult->fields['residence'],
'COMMUNITY_PROFESSION' => $objResult->fields['profession'],
'COMMUNITY_INTERESTS' => $objResult->fields['interests'],
'COMMUNITY_BANK' => $objResult->fields['bank'],
'COMMUNITY_BLZ' => $objResult->fields['blz'],
'COMMUNITY_KTO' => $objResult->fields['kto'],
'COMMUNITY_WEBPAGE' => $objResult->fields['webpage'],
'COMMUNITY_EMAIL' => $objResult->fields['email'],
'COMMUNITY_COMPANY' => $objResult->fields['company'],
'COMMUNITY_PHONE' => $objResult->fields['phone'],
'COMMUNITY_MOBILE' => $objResult->fields['mobile']
));
}
}
}
?>