/app/controllers/users_controller.php
PHP | 2832 lines | 2162 code | 448 blank | 222 comment | 429 complexity | 65c87845cbaaff9e94f33200e3f126cf MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0, GPL-2.0, MIT
Large files files are truncated, but you can click here to view the full file
- <?php
- class UsersController extends AppController {
- var $name='Users';
- var $components = array('Pagination','Thumbnail','Thumbnailc','Sendmail'); // ,'Cakephpbb' for phpbb componrent - not need
- var $helpers = array('javascript', 'error', 'Pagination','Ajax','Friendsurl');
-
- //this function is used to display the comming soon page
- //delete this function along with LAYOUT = FALASE and VIEW - FALSEINDEX
- function falseindex() {
- $this->layout = 'false';
- }
-
- function index() {
- $this->layout = 'default';
- $this->checkSession();
- }
-
- function sendforgotpassword() {
-
- if(isset($this->data['User']['userForgotName']) && $this->data['User']['userForgotName']!='') {
-
- $forgotuser = "SELECT password,id from users where username='".mysql_escape_string($this->data['User']['userForgotName'])."' ";
- $forgotuser_res = mysql_query($forgotuser);
- if(mysql_num_rows($forgotuser_res)>0) {
- $forgotuser_arr = mysql_fetch_array($forgotuser_res);
- $userDetails=$this->getUserDetails($forgotuser_arr['id']);
-
- $this->set('receiptInfo',$userDetails);
- ####### MAIL TEMPLATE
- $this->Sendmail->Mail();
- $this->Sendmail->From(FROMMAIL);
- $this->Sendmail->To($userDetails['email']);
- //$this->Sendmail->Cc("sanjib@navsoft.in");
-
- $subject="XOIMAGES PASSWORD REQUEST";
- $this->Sendmail->Subject($subject);
- $this->Sendmail->layout='email';
- $this->Sendmail->view='mail_userpassword';
- $this->Sendmail->startup($this);
- $messageBody=$this->Sendmail->bodyText();
- $this->Sendmail->Body($messageBody); // set the body
- $this->Sendmail->Priority(1) ;
- $this->Sendmail->Send();
- $this->set('mailmsg','Your login information has been sent to your email.');
-
- #####
- }
- else {
- $this->set('mailmsg','Username is invalid. Please give A valid Username.');
-
- }
- }
- $this->render('validpasssending', 'ajax');
-
- }
-
- ################################################### PHOTOS SECTION #############################
- /*function indexnew(){
- $this->layout = 'xoindex';
- }*/
- function indexnew() {
- $this->layout = 'xoindex';
- $this->homepageslideInfo('Home');
- ################################################ Auction Invitation ################
- if(isset($_REQUEST['key'])&& $_REQUEST['key']!='') {
- $this->Session->write('auctKey',$_REQUEST['key']);
- if(isset($_REQUEST['act'])&& $_REQUEST['act']=='auctiondonorsinvite')
- $this->Session->write('auctType',$_REQUEST['act']);
- }
- ############################################ /Auction Invitation ################
- }
-
- function photos() {
- $this->layout = 'userphotoinner_home';
- $this->homepageslideInfo('Photos');
-
- }
-
- function customprofile($savimgpath=null) {
- $this->layout = 'profile_blank';
- $this->set("saveimagepath",$savimgpath);
- }
-
- function myalbum() {
- $this->checkSession();
- $this->layout = 'userphotoinner';
- $this->pageTitle = 'My Album';
- }
- function allalbum() {
- $this->layout = 'userphotoinner';
- $this->pageTitle = 'All Album';
-
- $select = " Select Xalbum.id,Xalbum.user_id,Xalbum.album_bg,Xalbum.album_access,Xalbum.album_name,Xuser.username";
-
- $from=" FROM user_albums Xalbum
- LEFT JOIN users Xuser ON Xalbum.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON Xalbum.user_id = Xuserdetail.user_id";
-
- $where="WHERE 1 AND Xalbum.album_access='public'";
- $others=" ";
- $others=" order by Xalbum.id desc";
- $PassParameter='';
- $fltr='';
- $CountField="Xalbum.id";
- $this->set("controller","users");
- $this->set("action","allalbum");
- $this->set("parameter",$PassParameter);
- $this->set("fltr",$fltr);
-
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
- if(isset($this->params['url']['Page'])) {
- $this->render("allalbum2","ajax");
- }
- }
-
-
- function photolisting() {
- $this->layout = 'userphotoinner';
- if(isset($_REQUEST['listtype']) && $_REQUEST['listtype']!='')
- $catlisttype = $_REQUEST['listtype'];
- else
- $catlisttype = '';
-
-
- ############################### Page Title & Head ############################
-
- $pageheadArr = array();
- $pageheadArr['featured'] = 'Featured';
- $pageheadArr['recent'] = 'Recent';
- $pageheadArr['mostvoted'] = 'Most Voted';
- $pageheadArr['mostcomment'] = 'Most Discussed';
- $pageheadArr['random'] = 'Random';
- $pageheadArr['favorite'] = 'Most Favorited ';
- $pageheadArr['tag'] = 'Tagged ';
- $pageheadArr['search'] = 'Search Result';
- $pageheadArr['mostviewed'] = 'Most Viewed';
- $pageheadArr['albumview'] = 'Album';
-
- if (array_key_exists($catlisttype, $pageheadArr)) {
- if($catlisttype=='albumview') {
- /* Album Name*/
- $albumNameSql = "Select IFNULL(album_name,'') as albumName from user_albums where id='".base64_decode($_REQUEST['albumid'])."'";
- $albumNameSql_res = mysql_fetch_array(mysql_query($albumNameSql));
- $albumName = stripslashes($albumNameSql_res['albumName']) ;
- /**/
- $this->pageTitle = $pageheadArr[$catlisttype]. $albumName.' Photos';
- $this->set('pagehead',$pageheadArr[$catlisttype].' : '. $albumName. ' Photos');
-
- }
- else {
- if($catlisttype=='tag') {
- $this->pageTitle = $pageheadArr[$catlisttype].' Photos : '. substr($_REQUEST['sortby'],0,20);
- $this->set('pagehead',$pageheadArr[$catlisttype].' Photos : '.substr($_REQUEST['sortby'],0,20));
- }
- else {
- $this->pageTitle = $pageheadArr[$catlisttype].' Photos';
- $this->set('pagehead',$pageheadArr[$catlisttype].' Photos');
- }
- }
- }
- else {
- $this->pageTitle = 'Photos';
- $this->set('pagehead','Photos');
-
- }
- ############################### Page Title & Head ############################
-
-
-
- /* Pagination and PHOTO listing */
- $select = " Select X.id,X.user_id,X.pic_original_name,X.pic_title,X.pic_desc,Xuser.username ,COUNT(Xcomment.id) as photoreview , Xuserdetail.user_profile_img , IFNULL(ROUND(AVG(Xrating.vote),0),0) as photorat,Xalbum.album_name ,Xalbum.id as albumid ,COUNT(Xfavorite.id) as photofavored ,X.is_featured , X.creation";
-
- $from=" FROM user_photo_albums X
- LEFT JOIN user_albums Xalbum ON X.user_album_id = Xalbum.id
- LEFT JOIN comments Xcomment ON X.id = Xcomment.user_photo_albums_id
- LEFT JOIN users Xuser ON X.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON X.user_id = Xuserdetail.user_id
- LEFT JOIN user_voting_images Xrating ON X.id = Xrating.image_id
- LEFT JOIN user_favorite_photo Xfavorite ON X.id=Xfavorite.favorite_photo_id ";
-
- $where="WHERE 1 AND X.is_blocked='0' AND X.is_temp='0' AND Xalbum.album_access='public'";
-
- if($catlisttype=='featured')
- $where.=" AND X.is_featured='1' ";
- if( $catlisttype=='albumview' && isset($_REQUEST['albumid']) && base64_decode($_REQUEST['albumid'])>0)
- $where.=" AND X.user_album_id='".base64_decode($_REQUEST['albumid'])."' ";
- if($catlisttype=='tag')
- $where.=" AND X.id IN (Select user_photo_album_id from user_photo_albums_tags where tagname Like '%".$_REQUEST['sortby']."%')";
- if($catlisttype=='search')
- $where.=" AND X.pic_title LIKE '%".$_REQUEST['srchtxt']."%' OR X.id IN (Select user_photo_album_id from user_photo_albums_tags where tagname Like '%".$_REQUEST['srchtxt']."%') ";
-
-
- $others=" group by X.id order by X.id desc ";
-
- if($catlisttype=='mostvoted')
- $others .=" ,photorat desc ";
-
- if($catlisttype=='mostcomment')
- $others .=" ,photoreview desc ";
-
- if($catlisttype=='mostviewed')
- $others .=" ,X.viewed desc ";
- if($catlisttype=='random')
- $others .=" , rand()";
-
- if($catlisttype=='favorite')
- $others .=" ,photofavored desc ";
-
- if($catlisttype=='recent')
- $others.=" ";
-
-
- if(isset($_REQUEST['sortby']) && $_REQUEST['sortby']!='')
- $PassParameter="listtype=".$catlisttype."&sortby=".$_REQUEST['sortby'];
- else {
- if(isset($catlisttype) && $catlisttype=='albumview')
- $PassParameter="listtype=".$catlisttype."&albumid=".$_REQUEST['albumid'];
- else {
- if(isset($_REQUEST['srchtxt']) && $_REQUEST['srchtxt']!='')
- $PassParameter="listtype=".$catlisttype."&srchtxt=".$_REQUEST['srchtxt'];
- else
- $PassParameter="listtype=".$catlisttype;
- }
- }
-
-
-
- $fltr='';
- $CountField="X.id";
- $this->set("controller","users");
- $this->set("action","photolisting");
- $this->set("parameter",$PassParameter);
- $this->set("fltr",$fltr);
-
- $this->pagination($select,$from,$where,$others,$CountField,$this->params['url'],$PassParameter);
- if(isset($this->params['url']['Page']) || (isset($fltr) && $fltr!="") ) {
- $this->set('pagehead','Most Recent');
- $this->render("photolisting2","ajax");
- }
-
- /**/
- }
-
- function featuredphoto($catlisttype=null) {
-
- $this->layout = 'profile_blank';
- /* Pagination and PHOTO listing */
- $select = " Select X.id,X.user_id,X.pic_original_name,X.pic_title,X.pic_desc,Xuser.username ,COUNT(Xcomment.id) as photoreview , Xuserdetail.user_profile_img , IFNULL(ROUND(AVG(Xrating.vote),0),0) as photorat,Xalbum.album_name ,Xalbum.id as albumid ,COUNT(Xfavorite.id) as photofavored ,X.is_featured,X.creation ";
-
- $from=" FROM user_photo_albums X
- LEFT JOIN user_albums Xalbum ON X.user_album_id = Xalbum.id
- LEFT JOIN comments Xcomment ON X.id = Xcomment.user_photo_albums_id
- LEFT JOIN users Xuser ON X.user_id = Xuser.id
- LEFT JOIN user_details Xuserdetail ON X.user_id = Xuserdetail.user_id
- LEFT JOIN user_voting_images Xrating ON X.id = Xrating.image_id
- LEFT JOIN user_favorite_photo Xfavorite ON X.id=Xfavorite.favorite_photo_id ";
-
- $where="WHERE 1 AND X.is_blocked='0' AND X.is_temp='0' AND Xalbum.album_access='public'";
-
- $moreUrl = $this->webroot.'users/photolisting?listtype=recent';
-
- if($catlisttype=='featured') {
- $where.=" AND X.is_featured='1' ";
- $moreUrl = $this->webroot.'users/photolisting?listtype=featured';
- }
-
- $others=" group by X.id ";
-
- if($catlisttype=='mostvoted') {
- $others .=" order by photorat desc ";
- $moreUrl = $this->webroot.'users/photolisting?listtype=mostvoted';
-
- }
-
- if($catlisttype=='')
- $others.=" order by X.id desc";
-
- $photoquery = mysql_query($select .$from .$where.$others .' LIMIT 12');
- $this->set('query',$photoquery) ;
- $this->set('morelink',$moreUrl) ;
-
- }
-
-
-
- function pagination($select,$from,$where,$others,$CountField,$arg,$PassParameter) {
- if(isset($arg['Page']))
- $pageFlag=$arg['Page'];
- $this->set("PassParameter",$PassParameter);
- $SetUserNumberOfVpsPerPage=SHOW_REC; /* Defined in config->paths.php*/
-
- $this->set("BackgroundClass",'pagination');
- $this->set("SelectedPage",'pagination_over');
- $this->set("Linkpage",'pagination_over');
- $this->set("FirstImage",'fdd.gif');
- $this->set("PreviousImage",'previous.gif');
- $this->set("NextImage",'next.gif');
- $this->set("LastImage",'rewd.gif');
-
- $UserNumberOfVpsPerPage=SHOW_REC; /* Defined in config->paths.php*/
- if(!is_numeric($UserNumberOfVpsPerPage)|| (intval($UserNumberOfVpsPerPage)!=$UserNumberOfVpsPerPage)||($UserNumberOfVpsPerPage<=0))
- $UserNumberOfVpsPerPage = $SetUserNumberOfVpsPerPage;
-
- if(!isset($arg['Page'])) $arg['Page']=1;
- if(!isset($arg['Offset'])) $arg['Offset']=0;
- ///echo "$select $from $where $others" ;
- $Query_ForNumber_Records=mysql_query("$select $from $where $others") or die('Line no 120' . mysql_error());
- //$Result_Query_ForNumber_Records=mysql_fetch_object($Query_ForNumber_Records);
-
- //$NoOfVps=$Result_Query_ForNumber_Records->NoOfVps;
- $NoOfVps=mysql_num_rows($Query_ForNumber_Records);
-
- $NumberOfVpsPerPage=$UserNumberOfVpsPerPage;
- $NoOfPages=ceil($NoOfVps/$NumberOfVpsPerPage); //3
- if($arg['Offset']==$NoOfVps) {
- if(isset($Offset)) {
- $Offset=$Offset-$NumberOfVpsPerPage;
- $Page--;
- if($Offset<0) {
- $Offset=0;
- $Page=1;
- }
- }else {
- $Offset=0;
- $Page=1;
- }
- }
-
- $this->set("Page",$arg['Page']);
- $this->set("Offset",$arg['Offset']);
- $this->set("NumberOfVpsPerPage",$NumberOfVpsPerPage);
- $this->set("NoOfPages",$NoOfPages);
- $this->set("UserNumberOfVpsPerPage",$UserNumberOfVpsPerPage);
-
- //print "$select $from $where $others";
- $this->set("qryOthr","$select $from $where");
- //echo "$select $from $where $others LIMIT ".$arg['Offset'].",$NumberOfVpsPerPage";
-
- $SelectRecord = mysql_query("$select $from $where $others LIMIT ".$arg['Offset'].",$NumberOfVpsPerPage") or die('Line no '.__LINE__ . mysql_error());
- $this->set("query",$SelectRecord);
-
- }
-
- ################################################### PHOTOS SECTION #############################
- function aboutus() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='1'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function contactus($windowType=null) {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='2'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- if($windowType)
- $this->set('windowcontent',$windowType);
- else
- $this->set('windowcontent','feedback');
-
- ######
- }
- function contactusajax($pageaction=null) {
- echo $pageaction;
- $this->set('pagecontentText',$pageaction);
- $this->render('contactusajax', 'ajax');
-
- }
- function terms() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='3'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function privacy() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='4'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function disclaimer() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='5'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
- function parents() {
- $this->layout = 'default';
- ########### data from table ######
- $contectsql = "Select description from site_managements where id='7'";
- $contectsql_res = mysql_query($contectsql);
- $contectsql_arr = mysql_fetch_array($contectsql_res);
- $this->set('content',$contectsql_arr['description']);
- ######
- }
-
- function home() {
- $this->layout = 'default';
- $this->pageTitle = 'Home';
- $this->pageTitle = 'User Login';
- if(isset($_SESSION['UserId']) && $_SESSION['UserId']!="") {
- $tempid = time();
- $tempsessid = session_id();
- $this->set('loggedUid',base64_encode($_SESSION['UserId']));
- $this->set('loggedId',$tempid);
- $this->set('loggedsid',$tempsessid);
-
- }
- }
- function login() {
- $this->layout = 'default';
- $this->pageTitle = 'User Login';
- if(!empty($this->data)) {
- $this->data['User']['username']=trim($this->data['User']['userLoginName']);
- $this->data['User']['password']=base64_encode(trim($this->data['User']['userLoginPass']));
- $someone = $this->User->findByUsername($this->data['User']['username']);
- $hRef = $_SERVER['HTTP_REFERER'];
- $this->Session->write('href', $hRef);
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $this->data['User']['password'] && $someone['User']['user_status']==1) {
- if($someone['User']['user_status']==1) {
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
- $userdetail = $this->getUserDetails($someone['User']['id']);
- $this->Session->write('PrjUserCityId', $userdetail['city']);
- $this->Session->write('PrjUserStateId', $userdetail['state']);
- $this->Session->write('PrjUserCountryId', $userdetail['c_id']);
- unset($_SESSION['PrjUserCityName']);
- unset($_SESSION['PrjUserStateName']);
- unset($_SESSION['PrjUserCountryName']);
- unset($_SESSION['PrjUserLocation']);
-
- ########################## AUCTION INVITATION OPERATION #######
- if(isset($_SESSION['auctKey']))
- $this->auctInviteoperation() ;
- ############################# /AUCTION INVITATION OPERATION #######
-
- if(isset($_REQUEST['act_event']) && $_REQUEST['act_event'] != "") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.$_REQUEST['invitation'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['act']) && $_REQUEST['act'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.base64_decode($_REQUEST['invitation']);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "sharecal") {
- $qry = "insert into calendar_import values(".base64_decode($_REQUEST['calid']).", ".$someone['User']['id'].", 'y')";
- $res = mysql_query($qry);
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.base64_encode(1);
- //$this->redirect($link);
- $this->redirect('tickets/index');
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "eventinvite") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else {
- $this->flash('The username with id: '.$this->data['User']['username'].' has been submitted.', '/users');
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.base64_encode(1);
- //$this->redirect($link);
- $this->redirect('tickets/index');
- }
- }
- else {
- $msg = "Invalid Login";
- $this->redirect('/users/signup?msg=error');
- }
- }
- else {
- $msg = "Invalid Login";
- $this->redirect('/users/signup?msg=error');
- }
-
- }
- }
-
- function headerlogin() {
- $this->layout = 'default';
- $this->pageTitle = 'User Login';
-
- if(empty($this->data)){
- $userarr = array('headerLoginName'=>'','headerLoginPass'=>'');
- if(isset($_POST['headerLoginName']))
- $userarr['headerLoginName'] = $_POST['headerLoginName'];
- if(isset($_POST['headerLoginPass']))
- $userarr['headerLoginPass'] = $_POST['headerLoginPass'];
- $this->data = array('User'=>$userarr);
- }
-
- if(!empty($this->data)) {
- $this->data['User']['username']=trim($this->data['User']['headerLoginName']);
- $this->data['User']['password']=base64_encode(trim($this->data['User']['headerLoginPass']));
- $someone = $this->User->findByUsername($this->data['User']['username']);//"http://adserver:8088/xoimage-115-07/Nnew/"
- $hRef = $_SERVER['HTTP_REFERER'];
- $this->Session->write('href', $hRef);
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $this->data['User']['password'] && $someone['User']['user_status']==1) {
-
- if($someone['User']['user_status']==1) {
- mysql_query("DELETE FROM xoevent_cart WHERE xoevent_pay_status='0' AND user_id='".$someone['User']['id']."' AND xoevent_sessionid!='".session_id()."'") or die(mysql_error());
-
- $userdetail = $this->getUserDetails($someone['User']['id']);
-
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
-
- $this->Session->write('PrjUserCityId', $userdetail['city']);
- $this->Session->write('PrjUserStateId', $userdetail['state']);
- $this->Session->write('PrjUserCountryId', $userdetail['c_id']);
- unset($_SESSION['PrjUserCityName']);
- unset($_SESSION['PrjUserStateName']);
- unset($_SESSION['PrjUserCountryName']);
- unset($_SESSION['PrjUserLocation']);
-
-
- ##################### FORUM SESSION START
- /* $ch = curl_init();
- $scriptUrl = DOMAIN. 'phpbbcakelogin.php?userName='.$this->data['User']['username'].'&password='.$this->data['User']['password'];
- curl_setopt($ch, CURLOPT_URL, $scriptUrl);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- $output =curl_exec($ch);
- curl_close($ch);
- echo $output ;/**/
- //$this->Cakephpbb->phpbbuserlogged($this->data['User']['username'],$this->data['User']['password']);*/
- ##################### FORUM SESSION START
-
-
- if($someone['User']['user_group_master_id']==2) {
- //echo "group id : 2";
- $_SESSION['pubSchool']='p';
- $_SESSION['is_public']=1;
- $_SESSION['categoryTab']=2;
- }
-
- if($someone['User']['user_group_master_id']==3) {
- //echo "group id : 3";
- $_SESSION['pubSchool']='s';
- $_SESSION['is_public']=2;
- $_SESSION['categoryTab']=3;
- }
-
- if(isset($_POST['redirectaction'])){
- $this->Session->write('cart_id',$_POST['cart_id']);
- $this->Session->write('ticket_id',$_POST['ticket_id']);
- $this->redirect('tickets/addtocart');
- return;
- }
- ########################## AUCTION INVITATION OPERATION #######
- if(isset($_SESSION['auctKey']))
- $this->auctInviteoperation() ;
- ############################# /AUCTION INVITATION OPERATION #######
-
- if(isset($_REQUEST['act']) && $_REQUEST['act'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.base64_decode($_REQUEST['invitation']);
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "sharecal") {
- $qry = "insert into calendar_import values(".base64_decode($_REQUEST['calid']).", ".$someone['User']['id'].", 'y')";
- $res = mysql_query($qry);
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']);
- $this->redirect('tickets/index');
- //$this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "eventinvite") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else {
- $this->flash('The username with id: '.$this->data['User']['username'].' has been submitted.', '/users');
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']);
- $this->redirect('tickets/index');
- //$this->redirect($link);
- }
- }
-
- }
- else {
- $msg = "Invalid Login";
- $this->redirect('/?msg=headererror');
- }
-
- }
-
- }
-
- ############## FOR POPUPLOGIN ######
- function checkpopuplogin() {
- if(!empty($this->data)) {
- $this->data['User']['username']=trim($this->data['User']['headerLoginName']);
- $this->data['User']['password']=base64_encode(trim($this->data['User']['headerLoginPass']));
- $someone = $this->User->findByUsername($this->data['User']['username']);//"http://adserver:8088/xoimage-115-07/Nnew/"
- if(!empty($someone['User']['password']) && $someone['User']['password'] == $this->data['User']['password']) {
-
- if($someone['User']['user_status']==1) {
- mysql_query("DELETE FROM xoevent_cart WHERE xoevent_pay_status='0' AND user_id='".$someone['User']['id']."' AND xoevent_sessionid!='".session_id()."'") or die(mysql_error());
- $this->Session->write('User', $someone['User']['username']);
- $this->Session->write('UserId', $someone['User']['id']);
- $this->Session->write('GrpId', $someone['User']['user_group_master_id']);
- $userdetail = $this->getUserDetails($someone['User']['id']);
- $this->Session->write('PrjUserCityId', $userdetail['city']);
- $this->Session->write('PrjUserStateId', $userdetail['state']);
- $this->Session->write('PrjUserCountryId', $userdetail['c_id']);
- unset($_SESSION['PrjUserCityName']);
- unset($_SESSION['PrjUserStateName']);
- unset($_SESSION['PrjUserCountryName']);
- unset($_SESSION['PrjUserLocation']);
-
- if($someone['User']['user_group_master_id']==2) {
- $_SESSION['pubSchool']='p';
- $_SESSION['is_public']=1;
- $_SESSION['categoryTab']=2;
- }
-
- if($someone['User']['user_group_master_id']==3) {
- $_SESSION['pubSchool']='s';
- $_SESSION['is_public']=2;
- $_SESSION['categoryTab']=3;
- }
-
-
-
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']);
- $this->set("validated",0); ///right Info
- $this->set('userHome',$link);
- }
-
- }
- else {
- $this->set("validated",1); /// Error Info
- }
-
- }
- $this->render('validpopuplogin', 'ajax');
- }
- ############## FOR POPUPLOGIN ######
-
- function auctInviteoperation() {
- $this->checkSession();
- if(isset($_SESSION['auctKey'])) {
- $updatesql = "UPDATE auctxon_donors_invite SET is_respond='1' , registered_invitee_userid='".$_SESSION['UserId']."' where is_respond='0' and hash_key='".$_SESSION['auctKey']."' ";
- @mysql_query($updatesql);
- }
- }
-
- function signup() {
- if(isset($_SESSION['UserId'])) {
- $this->redirect('/?id=1');
- }
- $group=base64_decode($_REQUEST['gr']);
- $this->set('group',$group);
- ################################################ Auction Invitation ################
- if(isset($_REQUEST['key'])&& $_REQUEST['key']!='') {
- $this->Session->write('auctKey',$_REQUEST['key']);
- if(isset($_REQUEST['act'])&& $_REQUEST['act']=='auctiondonorsinvite')
- $this->Session->write('auctType',$_REQUEST['act']);
- }
- ############################################ /Auction Invitation ################
-
- $this->layout = 'user_signup';
- $this->pageTitle = 'Xoimage Sign-up';
- if (!empty($this->data)) {
-
- if(isset($_REQUEST['userType']) && $_REQUEST['userType']!="") {
- $this->data['User']['user_group_master_id'] = $_REQUEST['userType'];
- //die();
- }
- $this->data['User']['user_status'] = 1;
- $this->data['User']['password'] = base64_encode($this->data['User']['password']);
- if ($this->User->save($this->data)) {
- $id = mysql_insert_id();
- $fname = addslashes(strtolower($this->data['User']['first_name']));
- $lname = addslashes(strtolower($this->data['User']['last_name']));
- $email = $this->data['User']['email'];
-
-
- $user_name = trim($this->data['User']['username']) ;
- $pass=base64_encode(trim($this->data['User']['password']));
-
- ################ FORUM INTEGRATION
- $pass=$this->data['User']['password'];
- $email_hash=crc32($email);
- $sql1="INSERT INTO phpbb_users (username, username_clean, user_password, user_pass_convert, user_email, user_email_hash, group_id, user_type, user_permissions, user_timezone, user_dateformat, user_lang, user_style, user_allow_pm, user_actkey, user_ip, user_regdate, user_passchg, user_options, user_inactive_reason, user_inactive_time, user_lastmark, user_lastvisit, user_lastpost_time, user_lastpage, user_posts, user_dst, user_colour, user_occ, user_interests, user_avatar, user_avatar_type, user_avatar_width, user_avatar_height, user_new_privmsg, user_unread_privmsg, user_last_privmsg, user_message_rules, user_full_folder, user_emailtime, user_notify, user_notify_pm, user_notify_type, user_allow_viewonline, user_allow_viewemail, user_allow_massemail, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_form_salt) VALUES ('$user_name', '$user_name', '$pass', 0, '$email', '$email_hash', 2, 0, '', 0, 'D M d, Y g:i a', 'en', '1', 1, '', '0.0.0.0', 1202106072, 1202106072, 895, 0, 0, 1202106072, 0, 0, '', 0, '0', '', '', '', '', 0, 0, 0, 0, 0, 0, 0, -3, 0, 0, 1, 0, 1, 1, 1, '', '', '', '39390ba638fe9a78')";
- //echo $sql1;
- @mysql_query($sql1);
-
- $new_query_group="select MAX(user_id) AS USERID FROM phpbb_users";
- $new_result_group=mysql_query($new_query_group);
- $new_data_group=mysql_fetch_array($new_result_group);
- $new_user_id=$new_data_group['USERID'];
- //echo $new_user_id;
- $new_query_insert="INSERT INTO phpbb_user_group (group_id,user_id,group_leader,user_pending) VALUES ('2','$new_user_id','0','0')";
- @mysql_query($new_query_insert);
- ################ FORUM INTEGRATION
-
- if(isset($_REQUEST['userFrndId'])) {
- $group = $_REQUEST['userType'];
- $frnd_id = base64_decode($_REQUEST['userFrndId']);
- $noOfFrndUsr = mysql_num_rows(mysql_query("select * from user_friends where user_id=".$id));
- $noFrnd = mysql_num_rows(mysql_query("select * from user_friends where user_id=".$frnd_id));
- $frnd_qry = mysql_query("INSERT INTO `user_friends` ( `id` , `user_id`,`friend_id`, `status` )VALUES ('',".$id.",".$frnd_id.",".($noOfFrndUsr+1).")") ;
- $frnd_qry = mysql_query("INSERT INTO `user_friends` ( `id` , `user_id`,`friend_id`, `status` )VALUES ('',".$frnd_id.",".$id.",".($noFrnd+1).")") ;
- }
- else
- $group = $this->data['User']['group_id'];
-
- $dob = $_REQUEST['year']."-".$_REQUEST['mon']."-".$_REQUEST['dob'];
- $gender=$_REQUEST['sex'];
- $city=$_REQUEST['city'];
- $state=$_REQUEST['province'];
- $country=$_REQUEST['country'];
-
-
-
- $qry = "INSERT INTO `user_details` ( `id` , `user_id`, `first_name`, `last_name`, `email`, `dob`,gender,city,state,c_id)VALUES ('',".$id.",'".$fname."','".$lname."','".$email."', '".$dob."','".$gender."','".$city."','".$state."','".$country."')" ;
- if($res = mysql_query($qry)) {
- $this->Session->write('User', $this->data['User']['username']);
- $this->Session->write('UserId', $id);
- $this->Session->write('GrpId', $this->data['User']['user_group_master_id']);
-
- //$this->flash('User has been saved.','/users');
-
- ########################## AUCTION INVITATION OPERATION #######
- if(isset($_SESSION['auctKey']))
- $this->auctInviteoperation() ;
- ############################# /AUCTION INVITATION OPERATION #######
-
- $this->sendVerifyemail();
-
- $this->redirect('/users/congratulations?id='.time().'&uid='.base64_encode($id).'&sessid='.session_id());
- }
- else {
- $id = mysql_insert_id();
- $this->Session->write('User', $this->data['User']['username']);
- $this->Session->write('UserId', $id);
-
-
- }
- if(isset($_REQUEST['act_event']) && $_REQUEST['act_event'] != "") {
- //echo $_REQUEST['act_event'].", ".$_REQUEST['evtid'].", ".$_REQUEST['invitation'];
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.$_REQUEST['invitation'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['act']) && $_REQUEST['act'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evtid'].'&invitation='.$_REQUEST['invitation'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "sharecal") {
- $checkCalIm = mysql_num_rows(mysql_query("select * from calendar_import where importer_id=".$someone['User']['id']." and import_cal_id=".base64_decode($_REQUEST['calid'])));
- if($checkCalIm<1) {
- $qry = "insert into calendar_import values(".base64_decode($_REQUEST['calid']).", ".$someone['User']['id'].", 'y')";
- $res = mysql_query($qry);
- }
- $link = 'users/user_home?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.base64_encode(1);
- //$this->redirect($link);
- $this->redirect("tickets/index");
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "eventinvite") {
- $link = 'calendars/acceptinvitation?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else if(isset($_REQUEST['actVal']) && $_REQUEST['actVal'] == "activityinvite") {
- $link = 'calendars/showactivity?id='.time().'&uid='.base64_encode($someone['User']['id']).'&sessid='.'&evid='.$_REQUEST['evidVal'].'&invitation='.$_REQUEST['invitationVal'];
- $this->redirect($link);
- }
- else {
- //$this->sendVerifyemail();
- $this->flash('The username with id: '.$this->data['User']['username'].' has been submitted.', '/users');
- $this->redirect('/users/congratulations?id='.time().'&uid='.base64_encode($id).'&sessid='.session_id());
- }
- }
- }
-
-
- $currentuser = array('topleft'=>'event-photo-tab-top-left.gif','topmiddle'=>'eventphoto-tab_topmidsml','topright'=>'event-photo-tab-top-right.gif','midleft'=>'eventphoto-tab_leftmid','midbgcolur'=>'fafeff','midright'=>'eventphoto-tab_rightmid','bottomleft'=>'event-photo-tab-bottom-left.gif','bottommid'=>'eventphoto-tab_botmid','bottomright'=>'event-photo-tab-bottom-right.gif') ;
- if(isset($_REQUEST['gr']) && base64_decode($_REQUEST['gr'])==2)
- $currentuser = array('topleft'=>'sponsor-tab-top-left.gif','topmiddle'=>'sponsor-tab_topmidsml','topright'=>'sponsor-tab-top-right.gif','midleft'=>'sponsor-tab_leftmid','midbgcolur'=>'fff6f6','midright'=>'sponsor-tab_rightmid','bottomleft'=>'sponsor-tab-bottom-left.gif','bottommid'=>'sponsor-tab_botmid','bottomright'=>'sponsor-tab-bottom-right.gif') ;
-
- if(isset($_REQUEST['gr']) && base64_decode($_REQUEST['gr'])==3)
- $currentuser = array('topleft'=>'tickets-tab-top-left.gif','topmiddle'=>'ticket-tab_topmidsml','topright'=>'tickets-tab-top-right.gif','midleft'=>'ticket-tab_leftmid','midbgcolur'=>'fdfff4','midright'=>'ticket-tab_rightmid','bottomleft'=>'tickets-tab-bottom-left.gif','bottommid'=>'ticket-tab_botmid','bottomright'=>'tickets-tab-bottom-right.gif') ;
-
- $this->set('currentStyle', $currentuser);
-
-
- }
- ################################## USERS PROFILE PAGE #####################
-
- function myprofile($userid=null) {
- $this->pageTitle = 'Profile';
- $this->layout = 'default';
- $this->checkSession();
-
- $userid = $_REQUEST['uid'];
- if($userid)
- $uid = base64_decode($userid);
- else
- $uid = $_SESSION['UserId'];
-
- $this->set('userprofileId',$uid) ;
- $this->data = $this->User->UserDetails->findByUserId($uid);
- $this->set('profiledetail',$this->data);
- }
-
- function social() {
- $this->layout = 'profile_blank';
- }
- function professional() {
- $this->layout = 'profile_blank';
- }
- function personalinfo() {
- $this->layout = 'profile_blank';
- }
- ###########################################################################
-
- function user_home() {
-
- $this->pageTitle = 'User Home';
- //$this->checkSession();
- $this->layout = 'userprofilevisit';
-
- $this->userProfileLeftPanel();
-
- $profilehomelink = $this->webroot."users/user_home?id=".time()."&uid=".base64_encode($this->profileUserIdforQry)."&sessid=".session_id()."";
- $this->set('profilehomelink',$profilehomelink);
-
-
-
- //$someone = $this->User->findById($_SESSION['UserId']);
-
- ##################### Insert the recored for profile allingment #########
- if(isset($_SESSION['UserId'])) {
-
- $liitem=array('firstlist_1','firstlist_2','firstlist_3','firstlist_4','firstlist_5','firstlist_8','firstlist_9');
- $liitem2=array('secondlist_1','secondlist_2','secondlist_3','secondlist_4','secondlist_5','secondlist_6');
- if($_SESSION['GrpId']==2) /// Photographer
- array_push($liitem,'firstlist_6');
- if($_SESSION['GrpId']==3) /// Organisation
- array_push($liitem,'firstlist_7');
-
- $stleftpos=1;
- $strightpos=1;
- $maxLeftposition = "SELECT MAX(boxorder) as leftpos from profilemap where userid='".$_SESSION['UserId']."' and position='left'" ;
- $maxLeftposition_res = mysql_query($maxLeftposition);
- if(mysql_num_rows($maxLeftposition_res)>0) {
- $maxLeftposition_arr =mysql_fetch_array($maxLeftposition_res);
- $stleftpos = $maxLeftposition_arr['leftpos'];
- }
-
- $maxLeftposition = "SELECT MAX(boxorder) as rightpos from profilemap where userid='".$_SESSION['UserId']."' and position='right'" ;
- $maxLeftposition_res = mysql_query($maxLeftposition);
- if(mysql_num_rows($maxLeftposition_res)>0) {
- $maxLeftposition_arr =mysql_fetch_array($maxLeftposition_res);
- $strightpos = $maxLeftposition_arr['rightpos'];
- }
-
-
-
-
- foreach($liitem as $liitem_item=>$liitem_value) {
- $profilesql = "SELECT * from profilemap where boxname='".$liitem_value."' and userid='".$_SESSION['UserId']."'";
- $profilesql_res = mysql_query($profilesql);
- if(mysql_num_rows($profilesql_res)==0) {
- $stleftpos++;
- $insertleftinfo = "INSERT INTO profilemap SET boxname='".$liitem_value."' ,userid='".$_SESSION['UserId']."',display='block',position='left',boxorder='".$stleftpos."',boxid='".$stleftpos."' ";
- mysql_query($insertleftinfo);
- }
- }
-
- foreach($liitem2 as $liitem_item=>$liitem_value) {
- $profilesql = "SELECT * from profilemap where boxname='".$liitem_value."' and userid='".$_SESSION['UserId']."'";
- $profilesql_res = mysql_query($profilesql);
- if(mysql_num_rows($profilesql_res)==0) {
- $strightpos++;
- $insertleftinfo = "INSERT INTO profilemap SET boxname='".$liitem_value."' ,userid='".$_SESSION['UserId']."',display='block',position='right',boxorder='".$strightpos."',boxid='".$strightpos."' ";
- mysql_query($insertleftinfo);
- }
- }
-
- ##################### Insert the recored for profile allingment #########
- }
- if(isset($_REQUEST['uid'])) {
- $uid = base64_decode($_REQUEST['uid']);
- $mail = mysql_query("select * from emails where user_id=".$uid." and inbox_status='unread'");
- if($mail) {
- $mailQry = mysql_num_rows($mail);
- $this->set('mails', $mailQry);
- }
- if(empty($this->data)) {
- $this->data = $this->User->UserDetails->read(null, $uid);
- $this->set('user_det',$this->data);
- }
- }
- else {
- $this->redirect('../index');
- }
-
- $this->createStuffArray();
- $this->getMyComments($this->PROFILE_USER_ID);
-
- }
- function postcomment() {
- mysql_query("INSERT INTO user_comments(user_id,friend_id,comment) VALUES('".$this->params['form']['profileid']."','".$_SESSION['UserId']."','".mysql_escape_string($this->params['form']['comment'])."')");
- $this->getMyComments($this->params['form']['profileid']);
- $this->render("usercomment","ajax");
- }
-
- function congratulations() {
- $this->checkSession(1);
- $this->pageTitle = 'Invite Friend';
- $this->layout = 'userloggedin';
- $someone = $this->User->findById($_SESSION['UserId']);
- $this->set('firstname',$someone['UserDetails']['first_name']);
- $this->set('lasttname',$someone['UserDetails']['last_name']);
- /*if(empty($this->data))
- {
- $this->data = $this->User->read(null, $id);
- $this->set('data',$this->data);
- }*/
-
- }
-
- function logout() {
- //$this->layout = 'default';
- //$this->session->delete('Admin');
- //$this->session->delete('Admin_id');
- if(isset($_SESSION['UserId'])){
- $sql = "SELECT * FROM ticket_carts WHERE user_id='".$_SESSION['UserId']."' AND pay_status='0'";
-
- $result = mysql_query($sql);
- while($row = mysql_fetch_array($result)){
- //delete cart
- mysql_query("DELETE FROM ticket_cart_details WHERE cart_id='".$row['id']."'") or die(mysql_error());
- mysql_query("DELETE FROM ticket_seat_booked WHERE cart_id='".$row['id']."'") or die(mysql_error());
- mysql_query("DELETE FROM ticket_carts WHERE id='".$row['id']."'") or die(mysql_error());
- mysql_query("DELETE FROM transaction_ticket WHERE id='".$row['transaction_id']."'") or die(mysql_error());
- }
- }
-
- unset($_SESSION);
- $this->Session->destroy();
- $this->Session->destroy('User');
- $this->Session->destroy('UserId');
- $this->redirect('/');
- /*if(session_destroy())
- $this->redirect('users/home');
- else
- $this->flash('session destruction unsuccessfull.','/users/home');*/
- }
- function forgotPass() {
- $this->layout = 'default';
- echo $_REQUEST['msg'];
- $this->set('data',$_REQUEST['msg']);
- }
- function forgotPassword() {
- $this->render('forgotpassview', 'ajax');
- }
-
- function my_photo() {
- $this->checkSession();
- $this->layout = 'userloggedin';
- $this->pageTitle = 'My Photo';
- }
-
- function sendinvite() {
- $this->checkSession();
- $this->layout = 'userloggedin';
- $someone = $this->User->findById($_SESSION['UserId']);
- $this->set('invitedGrp',$someone['User']['user_group_master_id']);
- $this->set('inviterId',$someone['User']['id']);
-
- $FriendInviteUrl = "http://www.xoimages.com/users/signup?id=".time()."&gr=".base64_encode($someone['User']['user_group_master_id'])."&sessid=".session_id()."&task=invite&taskbyId=".base64_encode($someone['User']['id'])."";
-
- $this->set('inviteMailUrl','<a href="'.$FriendInviteUrl.'">Click Here</a>');
-
-
- }
- ####################### TESTING##########
- function userprofile() …
Large files files are truncated, but you can click here to view the full file