File anners.php

  1: <?php
  2: /**
  3:  * XOOPS banner management
  4:  *
  5:  * You may not change or alter any portion of this comment or credits
  6:  * of supporting developers from this source code or any supporting source code
  7:  * which is considered copyrighted (c) material of the original comment or credit authors.
  8:  * This program is distributed in the hope that it will be useful,
  9:  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 10:  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 11:  *
 12:  * @copyright       (c) 2000-2016 XOOPS Project (www.xoops.org)
 13:  * @license             GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html)
 14:  * @since               2.0.0
 15:  * @author              Kazumi Ono <webmaster@myweb.ne.jp>
 16:  * @author              Taiwen Jiang <phppp@users.sourceforge.net>
 17:  * @author              DuGris aka L. Jen <http://www.dugris.info>
 18:  * @author              Kris <kris@frxoops.org>
 19:  */
 20: 
 21: $xoopsOption['pagetype'] = 'banners';
 22: include __DIR__ . '/mainfile.php';
 23: 
 24: /********************************************/
 25: /* Function to let your client login to see */
 26: /* the stats                                */
 27: /********************************************/
 28: function clientlogin()
 29: {
 30:     global $xoopsDB, $xoopsLogger, $xoopsConfig;
 31:     include 'header.php';
 32:     $GLOBALS['xoTheme']->addStylesheet(null, null, '
 33:         #login_window  {
 34:             max-width:                          480px;
 35:             margin:                             1em auto;
 36:             background-color:                   #f8f8f8;
 37:             color:                              inherit;
 38:             border:                             1px solid #000;
 39:         }
 40:         #login_window  h2 {
 41:             margin:                             .5em;
 42:             padding:                            130px 0 0;
 43:             background:                         url( images/password.png) no-repeat center top;
 44:             text-align:                         center;
 45:         }
 46:         .login_form  .credentials {
 47:             margin:                             .5em 1em;
 48:             padding:                            1em;
 49:             background-color:                   #ccc;
 50:             color:                              inherit;
 51:         }
 52:         .login_form  .credentials label {
 53:             display:                            inline-block;
 54:             width:                              33%;
 55:             margin:                             1px;
 56:         }
 57:         .login_form  .credentials input {
 58:             width:                              50%;
 59:             margin:                             1px;
 60:             padding:                            1px;
 61:             border:                             1px solid #000;
 62:         }
 63:         .login_form  .credentials input:focus {
 64:             border:                             1px solid #2266cc;
 65:         }
 66:         .login_form  .actions {
 67:             padding:                            1.5em .5em .5em;
 68:             text-align:                         center;
 69:         }
 70:         .login_info {
 71:             margin:                             .5em 1em;
 72:             text-align:                         center;
 73:         }
 74:         .content_title {
 75:             font-size:                          1.2em;
 76:         }
 77:     ');
 78:     echo "<div id='login_window'>
 79:           <h2 class='content_title'>" . _BANNERS_LOGIN_TITLE . "</h2>
 80:           <form method='post' action='banners.php' class='login_form'>
 81:           <div class='credentials'>
 82:           <label for='login_form-login'>" . _BANNERS_LOGIN_LOGIN . "</label>
 83:           <input type='text' name='login' id='login_form-login' value='' /><br>
 84:           <label for='login_form-password'>" . _BANNERS_LOGIN_PASS . "</label>
 85:           <input type='password' name='pass' id='login_form-password' value='' /><br>
 86:           </div>
 87:           <div class='actions'><input type='hidden' name='op' value='Ok' /><button type='submit'>" . _BANNERS_LOGIN_OK . "</button></div>
 88:           <div class='login_info'>" . _BANNERS_LOGIN_INFO . '</div>' . $GLOBALS['xoopsSecurity']->getTokenHTML('BANNER_LOGIN') . '
 89:           </form></div>';
 90:     include $GLOBALS['xoops']->path('footer.php');
 91: }
 92: 
 93: /*********************************************/
 94: /* Function to display the banners stats for */
 95: /* each client                               */
 96: /*********************************************/
 97: function bannerstats()
 98: {
 99:     global $xoopsDB, $xoopsConfig, $xoopsLogger, $myts;
100:     if ($_SESSION['banner_login'] == '' || $_SESSION['banner_pass'] == '') {
101:         redirect_header('banners.php', 2, _BANNERS_NO_LOGIN_DATA);
102:     }
103:     $result = $xoopsDB->query(sprintf('SELECT cid, name, passwd FROM %s WHERE login=%s', $xoopsDB->prefix('bannerclient'), $xoopsDB->quoteString($_SESSION['banner_login'])));
104:     list($cid, $name, $passwd) = $xoopsDB->fetchRow($result);
105:     if ($_SESSION['banner_pass'] == $passwd) {
106:         include $GLOBALS['xoops']->path('header.php');
107:         $GLOBALS['xoTheme']->addStylesheet(null, null, '
108:             #bannerstats {}
109:             #bannerstats td {
110:                 text-align: center;
111:             }
112:         ');
113: 
114:         echo "<div id='bannerstats'>
115:               <h4 class='content_title'>" . sprintf(_BANNERS_TITLE, $name) . "</h4><hr />
116:               <table summary=''>
117:               <caption>" . sprintf(_BANNERS_TITLE, $name) . '</caption>
118:               <thead><tr>
119:               <td>ID</td>
120:               <td>' . _BANNERS_IMP_MADE . '</td>
121:               <td>' . _BANNERS_IMP_TOTAL . '</td>
122:               <td>' . _BANNERS_IMP_LEFT . '</td>
123:               <td>' . _BANNERS_CLICKS . '</td>
124:               <td>' . _BANNERS_PER_CLICKS . '</td>
125:               <td>' . _BANNERS_FUNCTIONS . "</td></tr></thead>
126:               <tfoot><tr><td colspan='7'></td></tr></tfoot>";
127: 
128:         $result = $xoopsDB->query('SELECT bid, imptotal, impmade, clicks, date FROM ' . $xoopsDB->prefix('banner') . " WHERE cid={$cid}");
129:         $i      = 0;
130:         while (list($bid, $imptotal, $impmade, $clicks, $date) = $xoopsDB->fetchRow($result)) {
131:             if ($impmade == 0) {
132:                 $percent = 0;
133:             } else {
134:                 $percent = substr(100 * $clicks / $impmade, 0, 5);
135:             }
136:             if ($imptotal == 0) {
137:                 $left = _BANNERS_UNLIMITED;
138:             } else {
139:                 $left = $imptotal - $impmade;
140:             }
141:             $class = ($i % 2 == 0) ? 'even' : 'odd';
142:             echo "<tbody><tr class='{$class}'>
143:                   <td>{$bid}</td>
144:                   <td>{$impmade}</td>
145:                   <td>{$imptotal}</td>
146:                   <td>{$left}</td>
147:                   <td>{$clicks}</td>
148:                   <td>{$percent}%</td>
149:                   <td><a href='banners.php?op=EmailStats&amp;cid={$cid}&amp;bid={$bid}' title='" . _BANNERS_STATS . "'>" . _BANNERS_STATS . '</a></td></tr></tbody>';
150:             ++$i;
151:         }
152:         echo "</table>
153:               <br><br>
154:               <h4 class='content_title'>" . _BANNERS_FOW_IN . htmlspecialchars($xoopsConfig['sitename']) . '</h4><hr />';
155: 
156:         $result = $xoopsDB->query('SELECT bid, imageurl, clickurl, htmlbanner, htmlcode FROM ' . $xoopsDB->prefix('banner') . " WHERE cid={$cid}");
157:         while (list($bid, $imageurl, $clickurl, $htmlbanner, $htmlcode) = $xoopsDB->fetchRow($result)) {
158:             $numrows = $xoopsDB->getRowsNum($result);
159:             if ($numrows > 1) {
160:                 echo '<br>';
161:             }
162:             if (!empty($htmlbanner) && !empty($htmlcode)) {
163:                 echo $myts->displayTarea($htmlcode);
164:             } else {
165:                 if (strtolower(substr($imageurl, strrpos($imageurl, '.'))) === '.swf') {
166:                     echo "<object type='application/x-shockwave-flash' width='468' height='60' data='{$imageurl}'>";
167:                     echo "<param name='movie' value='{$imageurl}' />";
168:                     echo "<param name='quality' value='high' />";
169:                     echo '</object>';
170:                 } else {
171:                     echo "<img src='{$imageurl}' alt='' />";
172:                 }
173:             }
174:             echo '<br><strong>' . _BANNERS_ID . $bid . '</strong><br>' . sprintf(_BANNERS_SEND_STATS, 'banners.php?op=EmailStats&amp;cid=' . $cid . '&amp;bid=' . $bid) . '<br>';
175:             if (!$htmlbanner) {
176:                 $clickurl = htmlspecialchars($clickurl, ENT_QUOTES);
177:                 echo sprintf(_BANNERS_POINTS, $clickurl) . "<br>
178:                 <form action='banners.php' method='post'>" . _BANNERS_URL . "
179:                 <input type='text' name='url' size='50' maxlength='200' value='{$clickurl}' />
180:                 <input type='hidden' name='bid' value='{$bid}' />
181:                 <input type='hidden' name='cid' value='{$cid}' />
182:                 <input type='submit' name='op' value='" . _BANNERS_CHANGE . "' />" . $GLOBALS['xoopsSecurity']->getTokenHTML('BANNER_EDIT') . '</form>';
183:             }
184:         }
185: 
186:         /* Finnished Banners */
187:         echo '<br>';
188:         if ($result = $xoopsDB->query('SELECT bid, impressions, clicks, datestart, dateend FROM ' . $xoopsDB->prefix('bannerfinish') . " WHERE cid={$cid}")) {
189:             echo "<h4 class='content_title'>" . sprintf(_BANNERS_FINISHED, $name) . "</h4><hr />
190:                   <table summary=''>
191:                   <caption>" . sprintf(_BANNERS_FINISHED, $name) . '</caption>
192:                   <thead><tr>
193:                   <td>ID</td>
194:                   <td>' . _BANNERS_IMP_MADE . '</td>
195:                   <td>' . _BANNERS_CLICKS . '</td>
196:                   <td>' . _BANNERS_PER_CLICKS . '</td>
197:                   <td>' . _BANNERS_STARTED . '</td>
198:                   <td>' . _BANNERS_ENDED . "</td></tr></thead>
199:                   <tfoot><tr><td colspan='6'></td></tr></tfoot>";
200: 
201:             $i = 0;
202:             while (list($bid, $impressions, $clicks, $datestart, $dateend) = $xoopsDB->fetchRow($result)) {
203:                 if ($impressions == 0) {
204:                     $percent = 0;
205:                 } else {
206:                     $percent = substr(100 * $clicks / $impressions, 0, 5);
207:                 }
208:                 $class = ($i % 2 == 0) ? 'even' : 'odd';
209:                 echo "<tbody><tr class='{$class}'>
210:                       <td>{$bid}</td>
211:                       <td>{$impressions}</td>
212:                       <td>{$clicks}</td>
213:                       <td>{$percent}%</td>
214:                       <td>" . formatTimestamp($datestart) . '</td>
215:                       <td>' . formatTimestamp($dateend) . '</td></tr></tbody>';
216:             }
217:             echo '</table></div>';
218:         }
219:         include $GLOBALS['xoops']->path('footer.php');
220:     } else {
221:         redirect_header('banners.php', 2);
222:     }
223: }
224: 
225: /*********************************************/
226: /* Function to let the client E-mail his     */
227: /* banner Stats                              */
228: /*********************************************/
229: /**
230:  * @param $cid
231:  * @param $bid
232:  */
233: function emailStats($cid, $bid)
234: {
235:     global $xoopsDB, $xoopsConfig;
236:     if ($_SESSION['banner_login'] != '' && $_SESSION['banner_pass'] != '') {
237:         $cid = (int)$cid;
238:         $bid = (int)$bid;
239:         if ($result2 = $xoopsDB->query(sprintf('SELECT name, email, passwd FROM %s WHERE cid=%u AND login=%s', $xoopsDB->prefix('bannerclient'), $cid, $xoopsDB->quoteString($_SESSION['banner_login'])))) {
240:             list($name, $email, $passwd) = $xoopsDB->fetchRow($result2);
241:             if ($_SESSION['banner_pass'] == $passwd) {
242:                 if ($email == '') {
243:                     redirect_header('banners.php', 3, sprintf(_BANNERS_MAIL_ERROR, $name));
244:                 } else {
245:                     if ($result = $xoopsDB->query('SELECT bid, imptotal, impmade, clicks, imageurl, clickurl, date FROM ' . $xoopsDB->prefix('banner') . " WHERE bid={$bid} AND cid={$cid}")) {
246:                         list($bid, $imptotal, $impmade, $clicks, $imageurl, $clickurl, $date) = $xoopsDB->fetchRow($result);
247:                         if ($impmade == 0) {
248:                             $percent = 0;
249:                         } else {
250:                             $percent = substr(100 * $clicks / $impmade, 0, 5);
251:                         }
252:                         if ($imptotal == 0) {
253:                             $left     = _BANNERS_UNLIMITED;
254:                             $imptotal = _BANNERS_UNLIMITED;
255:                         } else {
256:                             $left = $imptotal - $impmade;
257:                         }
258:                         $fecha       = date('F jS Y, h:iA.');
259:                         $subject     = sprintf(_BANNERS_MAIL_SUBJECT, $xoopsConfig['sitename']);
260:                         $message     = sprintf(_BANNERS_MAIL_MESSAGE, $xoopsConfig['sitename'], $name, $bid, $imageurl, $clickurl, $imptotal, $impmade, $left, $clicks, $percent, $fecha);
261:                         $xoopsMailer = &xoops_getMailer();
262:                         $xoopsMailer->useMail();
263:                         $xoopsMailer->setToEmails($email);
264:                         $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
265:                         $xoopsMailer->setFromName($xoopsConfig['sitename']);
266:                         $xoopsMailer->setSubject($subject);
267:                         $xoopsMailer->setBody($message);
268:                         $xoopsMailer->send();
269:                         redirect_header('banners.php?op=Ok', 3, _BANNERS_MAIL_OK);
270:                     }
271:                 }
272:             }
273:         }
274:     }
275:     redirect_header('banners.php', 2);
276: }
277: 
278: /*********************************************/
279: /* Function to let the client to change the  */
280: /* url for his banner                        */
281: /*********************************************/
282: /**
283:  * @param $cid
284:  * @param $bid
285:  * @param $url
286:  */
287: function change_banner_url_by_client($cid, $bid, $url)
288: {
289:     global $xoopsDB;
290:     if ($_SESSION['banner_login'] != '' && $_SESSION['banner_pass'] != '' && $url != '') {
291:         $cid = (int)$cid;
292:         $bid = (int)$bid;
293:         $sql = sprintf('SELECT passwd FROM %s WHERE cid=%u AND login=%s', $xoopsDB->prefix('bannerclient'), $cid, $xoopsDB->quoteString($_SESSION['banner_login']));
294:         if ($result = $xoopsDB->query($sql)) {
295:             list($passwd) = $xoopsDB->fetchRow($result);
296:             if ($_SESSION['banner_pass'] == $passwd) {
297:                 $sql = sprintf('UPDATE %s SET clickurl=%s WHERE bid=%u AND cid=%u', $xoopsDB->prefix('banner'), $xoopsDB->quoteString($url), $bid, $cid);
298:                 if ($xoopsDB->query($sql)) {
299:                     redirect_header('banners.php?op=Ok', 3, _BANNERS_DBUPDATED);
300:                 }
301:             }
302:         }
303:     }
304:     redirect_header('banners.php', 2);
305: }
306: 
307: /**
308:  * @param $bid
309:  */
310: function clickbanner($bid)
311: {
312:     global $xoopsDB;
313:     $bid = (int)$bid;
314:     if ($bid > 0) {
315:         $bresult = $xoopsDB->query('SELECT clickurl FROM ' . $xoopsDB->prefix('banner') . " WHERE bid={$bid}");
316:         list($clickurl) = $xoopsDB->fetchRow($bresult);
317:         if ($clickurl) {
318:             if ($GLOBALS['xoopsSecurity']->checkReferer()) {
319:                 $xoopsDB->queryF('UPDATE ' . $xoopsDB->prefix('banner') . " SET clicks=clicks+1 WHERE bid=$bid");
320:                 header('Location: ' . $clickurl);
321:             } else {
322:                 //No valid referer found so some javascript error or direct access found
323:                 echo _BANNERS_NO_REFERER;
324:             }
325:             exit();
326:         }
327:     }
328:     redirect_header(XOOPS_URL, 3, _BANNERS_NO_ID);
329: }
330: 
331: XoopsLoad::load('XoopsFilterInput');
332: $myts = MyTextSanitizer::getInstance();
333: 
334: $op = '';
335: if (!empty($_POST['op'])) {
336:     // from $_POST we use keys: op, login, pass, url, pass, bid, cid
337:     $op = trim(XoopsFilterInput::clean($_POST['op'], 'STRING'));
338: 
339:     $clean_login = '';
340:     if (isset($_POST['login'])) {
341:         $clean_login = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['login']), 'STRING'));
342:     }
343: 
344:     $clean_pass = '';
345:     if (isset($_POST['pass'])) {
346:         $clean_pass = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['pass']), 'STRING'));
347:     }
348: 
349:     $clean_url = '';
350:     if (isset($_POST['url'])) {
351:         $clean_url = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['url']), 'WEBURL'));
352:     }
353: 
354:     $clean_bid = 0;
355:     if (isset($_POST['bid'])) {
356:         $clean_bid = XoopsFilterInput::clean($_POST['bid'], 'INT');
357:     }
358: 
359:     $clean_cid = 0;
360:     if (isset($_POST['cid'])) {
361:         $clean_cid = XoopsFilterInput::clean($_POST['cid'], 'INT');
362:     }
363: } elseif (!empty($_GET['op'])) {
364:     // from $_POST we use keys: op, bid, cid
365:     $op = trim(XoopsFilterInput::clean($_GET['op'], 'STRING'));
366: 
367:     $clean_bid = 0;
368:     if (isset($_GET['bid'])) {
369:         $clean_bid = XoopsFilterInput::clean($_GET['bid'], 'INT');
370:     }
371: 
372:     $clean_cid = 0;
373:     if (isset($_GET['cid'])) {
374:         $clean_cid = XoopsFilterInput::clean($_GET['cid'], 'INT');
375:     }
376: }
377: 
378: $myts = MyTextSanitizer::getInstance();
379: switch ($op) {
380:     case 'click':
381:         $bid = $clean_bid;
382:         clickbanner($bid);
383:         break;
384:     case 'Ok':
385:         if ($_SERVER['REQUEST_METHOD'] === 'POST') {
386:             if (!$GLOBALS['xoopsSecurity']->check(true, false, 'BANNER_LOGIN')) {
387:                 redirect_header('banners.php', 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors()));
388:             }
389: 
390:             $_SESSION['banner_login'] = $clean_login;
391:             $_SESSION['banner_pass']  = $clean_pass;
392:         }
393:         bannerstats();
394:         break;
395:     case _BANNERS_CHANGE:
396:         if (!$GLOBALS['xoopsSecurity']->check(true, false, 'BANNER_EDIT')) {
397:             redirect_header('banners.php', 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors()));
398:         }
399:         $url = $clean_url;
400:         $bid = $clean_bid;
401:         $cid = $clean_cid;
402:         change_banner_url_by_client($cid, $bid, $url);
403:         break;
404:     case 'EmailStats':
405:         $bid = $clean_bid;
406:         $cid = $clean_cid;
407:         emailStats($cid, $bid);
408:         break;
409:     case 'login':
410:     default:
411:         clientlogin();
412:         break;
413: }
414:
Namespaces

Classes

Interfaces

Exceptions

Functions
