private function saveData(Text $text, Request $request, Document $document, DocumentRepository $documentRepo)
{
if (!$request->hasRequestValue("intro") || !$request->hasRequestValue("title")) {
return;
}
if ($document->isForWidgetArea()) {
$text->addError($text->t("main.document") . ' ' . $text->t("errors.not_editable"));
return;
}
$document->setIntro($request->getRequestString("intro", ''));
$document->setTitle($request->getRequestString("title", ''));
$valid = true;
if (!Validate::requestToken($request)) {
$valid = false;
}
if (!Validate::stringLength($document->getIntro(), Document::INTRO_MIN_LENGTH, Document::INTRO_MAX_LENGTH)) {
$text->addError($text->t("documents.intro") . ' ' . Validate::getLastError($text));
$valid = false;
}
if (!Validate::stringLength($document->getTitle(), Document::TITLE_MIN_LENGTH, Document::TITLE_MAX_LENGTH)) {
$text->addError($text->t("documents.title") . ' ' . Validate::getLastError($text));
$valid = false;
}
if (!$valid) {
return;
}
$isNew = $document->getId() == 0;
$documentRepo->saveDocument($document);
if ($isNew) {
$text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_created"));
} else {
$text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_edited"));
}
}
public function getPageContent(Website $website, Request $request)
{
// Don't allow to edit your own rank (why would admins want to downgrade
// themselves?)
if (!$this->editing_someone_else) {
$website->addError($website->t("users.account") . " " . $website->t("errors.not_editable"));
return "";
}
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("rank")) {
// Sent
$rank = $request->getRequestInt("rank");
$oAuth = $website->getAuth();
if ($oAuth->isValidRankForAccounts($rank)) {
// Valid rank id
$this->user->setRank($rank);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.rank") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid rank
$website->addError($website->t("users.rank") . ' ' . $website->t("errors.not_found"));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.rank", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Variables
$rank = $request->getRequestInt("rank", $this->user->getRank());
$ranks = array(Authentication::RANK_USER, Authentication::RANK_MODERATOR, Authentication::RANK_ADMIN);
// Form itself
$textToDisplay .= <<<EOT
<p>
{$website->t("users.rank.edit.explained")}
{$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")}
</p>
<p>
{$website->t("main.fields_required")}
</p>
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="rank">{$website->t("users.rank")}</label>:<span class="required">*</span><br />
{$this->get_ranks_box_html($website, $ranks, $rank)}
</p>
<p>
<input type="hidden" name="p" value="edit_rank" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('users.rank.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("email")) {
// Sent
$email = $request->getRequestString("email");
if (Validate::email($email)) {
// Valid email
$this->user->setEmail($email);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.email") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid email
$website->addError($website->t("users.email") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.email", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->t("users.email.edit.explained") . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$email = htmlSpecialChars($request->getRequestString("email", $this->user->getEmail()));
$textToDisplay .= <<<EOT
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="email">{$website->t('users.email')}:</label><br /><input type="text" id="email" name="email" value="{$email}"/><br />
</p>
<p>
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="hidden" name="p" value="edit_email" />
<input type="submit" value="{$website->t('users.email.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$this->requestToken = RequestToken::generateNew();
$commentId = $request->getParamInt(0, 0);
$auth = $website->getAuth();
$user = $auth->getCurrentUser();
$repo = new CommentRepository($website->getDatabase());
$this->comment = $repo->getCommentOrFail($commentId);
if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) {
// Can only edit own comment unless moderator
throw new NotFoundException();
}
if ($request->hasRequestValue("submit") && Validate::requestToken($request)) {
// Validate and save comment
$this->updateCommentFromRequest($this->comment, $request);
if ($repo->validateComment($this->comment, $text)) {
$repo->saveComment($this->comment);
$this->redirectLink = $this->comment->getUrl($text);
}
}
$this->requestToken->saveToSession();
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("password")) {
// Sent
$old_password = $request->getRequestString("old_password");
if ($this->editing_someone_else || $this->user->verifyPassword($old_password)) {
// Old password entered correctly
$password = $request->getRequestString("password");
$password2 = $request->getRequestString("password2");
if (Validate::password($password, $password2)) {
// Valid password
$this->user->setPassword($password);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.password") . ' ' . $website->t("editor.is_changed") . '</p>';
// Update login cookie (only when changing your own password)
if (!$this->editing_someone_else) {
$website->getAuth()->setLoginCookie();
}
// Don't show form
$show_form = false;
} else {
// Invalid new password
$website->addError($website->t("users.password") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.password", true) . '</em></p>';
}
} else {
// Invalid old password
$website->addError($website->t("users.old_password") . ' ' . $website->t("errors.not_correct"));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.password", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->tReplaced("users.password.edit.explained", Validate::$MIN_PASSWORD_LENGHT) . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$old_password_text = "";
if (!$this->editing_someone_else) {
// Add field to verify old password when editing yourself
$old_password_text = <<<EOT
<label for="old_password">{$website->t('users.old_password')}:</label><span class="required">*</span><br />
<input type="password" id="old_password" name="old_password" value=""/><br />
EOT;
}
$textToDisplay .= <<<EOT
<p>{$website->t("main.fields_required")}</p>
<form action="{$website->getUrlMain()}" method="post">
<p>
{$old_password_text}
<label for="password">{$website->t('users.password')}:</label><span class="required">*</span><br />
<input type="password" id="password" name="password" value=""/><br />
<label for="password2">{$website->t('users.password.repeat')}:</label><span class="required">*</span><br />
<input type="password" id="password2" name="password2" value=""/><br />
</p>
<p>
<input type="hidden" name="p" value="edit_password" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('users.password.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function processInput(Text $text, Request $request, CategoryRepository $oCategories)
{
$article = $this->articleObject;
$noErrors = true;
// Title
if ($request->hasRequestValue("article_title")) {
$title = trim($request->getRequestString('article_title'));
if (strLen($title) > Article::MAX_TITLE_LENGTH) {
$text->addError($text->t("articles.title") . " " . $text->tReplaced("errors.is_too_long_num", Article::MAX_TITLE_LENGTH));
$noErrors = false;
}
if (strLen($title) < Article::MIN_TITLE_LENGTH) {
$text->addError($text->tReplacedKey("errors.please_enter_this", "articles.title", true));
$noErrors = false;
}
$article->setTitle($title);
}
// Intro
if ($request->hasRequestValue("article_intro")) {
$intro = trim($request->getRequestString("article_intro"));
if (strLen($intro) < Article::MIN_INTRO_LENGTH) {
$text->addError($text->tReplacedKey("errors.please_enter_this", "articles.intro", true));
$noErrors = false;
}
if (strLen($intro) > Article::MAX_INTRO_LENGTH) {
$text->addError($text->t("articles.intro") . " " . $text->tReplaced("errors.is_too_long_num", Article::MAX_INTRO_LENGTH));
$noErrors = false;
}
$article->setIntro($intro);
}
// Body
if ($request->hasRequestValue("article_body")) {
$body = trim($request->getRequestString("article_body"));
if (strLen($body) < Article::MIN_BODY_LENGTH) {
$text->addError($text->tReplacedKey("errors.please_enter_this", "articles.body", true));
$noErrors = false;
}
if (strLen($body) > Article::MAX_BODY_LENGTH) {
$text->addError($text->t("articles.body") . " " . $text->tReplaced("errors.is_too_long_num", Article::MAX_BODY_LENGTH));
$noErrors = false;
}
$article->setBody($body);
}
// Category
if ($request->hasRequestValue("article_category")) {
$categoryId = (int) $request->getRequestString('article_category', 0);
if ($categoryId == 0) {
// Silent failure when category id is set to 0, as it is a default value
$noErrors = false;
} elseif (!$this->categoryExists($oCategories, $categoryId)) {
$text->addError($text->t("main.category") . " " . $website->t("errors.not_found"));
$noErrors = false;
}
$article->categoryId = $categoryId;
}
// Featured image
if ($request->hasRequestValue("article_featured_image")) {
$featuredImage = trim($request->getRequestString("article_featured_image"));
if (strLen($featuredImage) > Article::MAX_FEATURED_IMAGE_URL_LENGTH) {
$text->addError($text->t("articles.featured_image") . " " . $text->tReplaced("ërrors.is_too_long_num", Article::MAX_FEATURED_IMAGE_URL_LENGTH));
$noErrors = false;
}
$article->featuredImage = $featuredImage;
}
// Pinned, hidden, comments
if ($request->hasRequestValue("submit")) {
$article->pinned = $request->hasRequestValue("article_pinned");
$article->setHidden($request->hasRequestValue("article_hidden"));
$article->showComments = $request->hasRequestValue("article_comments");
}
// Event date
$eventDate = "";
$eventTime = "";
if ($request->hasRequestValue("article_eventdate")) {
$eventDate = trim($request->getRequestString("article_eventdate"));
}
if ($request->hasRequestValue("article_eventtime") && $eventDate) {
$eventTime = trim($request->getRequestString("article_eventtime"));
}
if (empty($eventDate) && $request->hasRequestValue("article_eventdate")) {
// Field was made empty, so delete date on article
$article->onCalendar = null;
}
if (!empty($eventDate)) {
if (strtotime($eventDate) === false) {
$text->addError($text->t("articles.event_date") . " " . $text->t("errors.not_correct"));
$noErrors = false;
} else {
// Add date to article
$article->onCalendar = new DateTime($eventDate . " " . $eventTime);
}
}
return $noErrors;
}
public function getPageContent(Website $website, Request $request)
{
// Don't allow to edit your own status (why would admins want to downgrade
// themselves?)
if (!$this->editing_someone_else) {
$website->addError($website->t("users.account") . " " . $website->t("errors.not_editable"));
return "";
}
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("status")) {
// Sent
$status = $request->getRequestInt("status");
$status_text = $request->getRequestString("status_text");
$oAuth = $website->getAuth();
$valid = true;
// Check status id
if (!$oAuth->isValidStatus($status)) {
$website->addError($website->t("users.status") . ' ' . $website->t("errors.not_found"));
$valid = false;
}
// Check status text
if (!Validate::stringLength($status_text, 1, self::MAXIMUM_STATUS_TEXT_LENGTH)) {
$website->addError($website->t("users.status_text") . " " . Validate::getLastError($website));
$valid = false;
}
if ($valid) {
// Valid status
$this->user->setStatus($status);
$this->user->setStatusText($status_text);
$oAuth->getUserRepository()->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.status") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid status
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.status", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Variables
$status = $website->getRequestInt("status", $this->user->getStatus());
$statuses = array(Authentication::STATUS_NORMAL, Authentication::STATUS_BANNED, Authentication::STATUS_DELETED);
$status_text = htmlSpecialChars($request->getRequestString("status_text", $this->user->getStatusText()));
// Form itself
$textToDisplay .= <<<EOT
<p>
{$website->t("users.status.edit.explained")}
{$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")}
</p>
<p>
{$website->t("main.fields_required")}
</p>
<form action="{$website->getUrlMain()}" method="get">
<p>
<label for="status">{$website->t("users.status")}</label>:<span class="required">*</span><br />
{$this->get_statuses_box_html($website->getAuth(), $statuses, $status)}
</p>
<p>
<label for="status_text">{$website->t("users.status_text")}</label>:<span class="required">*</span><br />
<input type="text" name="status_text" id="status_text" size="80" value="{$status_text}" />
</p>
<p>
<input type="hidden" name="p" value="edit_account_status" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('editor.save')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
