first commit

2023-05-08 09:03:09 +02:00
commit 94149e1c6a
286 changed files with 19144 additions and 0 deletions
--- a/autoload/front/controls/class.Page.php
+++ b/autoload/front/controls/class.Page.php
@@ -0,0 +1,114 @@
+<?php
+namespace front\controls;
+
+class Page {
+
+  public function checkUrlParams()
+  {
+    global $db , $lang;
+
+    $rw   = \System::formGet( 'rw' );
+
+    switch ( $rw )
+    {
+      case 'change_language':
+        $id   = \System::formGet( 'id' );
+        $lang = \language\FLanguage::loadLang( $id );
+        \System::setSessionVar( 'lang' , $lang );
+      break;
+
+      case 'change_site':
+        if ( \System::formGet( 'type' ) )
+          $site = \site\FSite::loadSiteStatic( \System::formGet( 'type' ) );
+        else
+          $site = \site\FSite::loadSite( \System::formGetInt( 'id' ) );
+
+        \System::setSessionVar( 'site' , $site );
+      break;
+    }
+    
+    if ( \System::formGetInt( 'download') )
+    {
+      $query = $db -> prepare( 'SELECT file FROM pcms_article_files WHERE id = :id' );
+      $query -> bindValue( ':id', \System::formGetInt( 'download' ), \PDO::PARAM_INT );
+      $query -> execute();
+      if ( $query -> rowCount() ) while ( $row = $query -> fetch() )
+      {
+        if (file_exists( $row['file'] ) )
+        {
+          header( 'Content-Description: File Transfer');
+          header( 'Content-Type: application/octet-stream');
+          header( 'Content-Disposition: attachment; filename=' . basename( $row['file'] ) );
+          header( 'Content-Transfer-Encoding: binary');
+          header( 'Expires: 0');
+          header( 'Cache-Control: must-revalidate, post-check=0, pre-check=0');
+          header( 'Pragma: public');
+          header( 'Content-Length: ' . filesize( $row['file'] ) );
+          ob_clean();
+          flush();
+          readfile( $row['file'] );
+          exit;
+        }
+      }
+      $query -> closeCursor();
+    }
+
+    if ( \System::formGet( 'account_activation' ) && \System::formGetInt( 'value' ) )
+    {
+      $query = $db -> prepare( 'SELECT id FROM pcms_user WHERE hash = :hash AND id = :id AND enabled = :enabled' );
+      $query -> bindValue( ':hash'    , \System::saveString( \System::formGet( 'account_activation' ) ) , \PDO::PARAM_STR );
+      $query -> bindValue( ':id'      , \System::formGetInt( 'value' )                                  , \PDO::PARAM_INT );
+      $query -> bindValue( ':enabled' , 0                                                               , \PDO::PARAM_STR );
+      $query -> execute();
+      if ( $query -> rowCount() )
+      {
+        $query2 = $db -> prepare( 'UPDATE pcms_user SET enabled = :enabled WHERE hash = :hash AND id = :id' );
+        $query2 -> bindValue( ':hash'   , \System::saveString( \System::formGet( 'account_activation' ) ) , \PDO::PARAM_STR );
+        $query2 -> bindValue( ':id'     , \System::formGetInt( 'value' )                                  , \PDO::PARAM_INT );
+        $query2 -> bindValue( ':enabled', 1                                                               , \PDO::PARAM_STR );
+        $query2 -> execute();
+
+        \System::setAlert( $lang -> getTrans( 'T_KONTO_AKTYWOWANE' ) );
+      }
+      else
+        \System::setAlert( $lang -> getTrans( 'T_LINK_NIEPRAWIDLOWY' ) );
+      $query -> closeCursor();
+    }
+
+    if ( \System::formGet( 'recover_password' ) && \System::formGetInt( 'value' ) )
+    {
+      $query = $db -> prepare( 'SELECT id , email , login FROM pcms_user WHERE recover = :recover AND id = :id AND enabled = :enabled' );
+      $query -> bindValue( ':recover' , \System::saveString( \System::formGet( 'recover_password' ) ) , \PDO::PARAM_STR );
+      $query -> bindValue( ':id'      , \System::formGetInt( 'value' )                                , \PDO::PARAM_INT );
+      $query -> bindValue( ':enabled' , 1                                                             , \PDO::PARAM_STR );
+      $query -> execute();
+      if ( $query -> rowCount() ) while ( $row = $query -> fetch() )
+      {
+        $password = \System::gen_hash( 3 );
+
+        $query2 = $db -> prepare( 'UPDATE pcms_user SET password = :password , recover = :recover_n WHERE recover = :recover AND id = :id' );
+        $query2 -> bindValue( ':recover'    , \System::saveString( \System::formGet( 'recover_password' ) )   , \PDO::PARAM_STR );
+        $query2 -> bindValue( ':id'         , \System::formGetInt( 'value' )                                  , \PDO::PARAM_INT );
+        $query2 -> bindValue( ':password'   , md5( $password )                                                , \PDO::PARAM_STR );
+        $query2 -> bindValue( ':recover_n'  , null                                                            , \PDO::PARAM_STR );
+        $query2 -> execute();
+
+        $tresc = str_replace( '{LOGIN}'   , $row['login']                             , $lang -> getTrans( 'T_NOWE_HASLO_UZYTKOWNIK_TRESC' ) );
+        $tresc = str_replace( '{SERWER}'  , \System::getSystemSettings( 'firm_name' ) , $tresc );
+        $tresc = str_replace( '{HASLO}'   , $password                                 , $tresc );
+
+        \System::sendEmail(
+              $row['email'] ,
+              str_replace( '{SERWER}' , \System::getSystemSettings( 'firm_name' ) , $lang -> getTrans( 'T_NOWE_HASLO_TEMAT' ) ),
+              $tresc
+            );
+
+        \System::setAlert( $lang -> getTrans( 'T_NOWE_HASLO_UZYTKOWNIK_EMAIL' ) );
+      }
+      else
+        \System::setAlert( $lang -> getTrans( 'T_LINK_NIEPRAWIDLOWY' ) );
+      $query -> closeCursor();
+    }
+  }
+}
+?>