public function __construct()
{
parent::__construct();
$this->load->model('mp_master');
if (!User::IsAuthenticated()) {
redirect('/login');
}
$this->user = User::GetCurrentUser();
$this->load->model('mp_pandora');
}
header("Pragma: no-cache");
header("Content-Type: text/html");
header("Connection:");
header("Content-length:");
echo "Vote successful.";
Error::generate('debug', 'memcached delete ' . $params['cid']);
$p = (int) $params['id'];
$crs = new CourseDefn($p);
$success = $crs->load();
$memcached->delete($crs->cid);
}
}
} else {
if ($action == 'post') {
// post a comment
if (!$params['owner'] || !User::IsAuthenticated()) {
//check_perms(false);
Error::generate('warn', 'Must be logged in to post a comment.', Error::$FLAGS['single']);
die('Must be logged in to post a comment.');
} else {
if (!($cid = Comment::Create(array('subject' => xssfilterstring($params['subject']), 'body' => xssfilterstring($params['body']), 'owner' => User::GetAuthenticatedID(), 'id' => xssfilterint($params['cid']))))) {
Error::generate('warn', 'Could not create comment.', Error::$FLAGS['single']);
}
}
} else {
if ($action == 'check_lock') {
// check the status of a comment lock
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
function IsUserInRole($username, $role)
{
if (empty($role)) {
debug_print_backtrace();
return;
}
if (empty($username)) {
//test myself
if (!User::IsAuthenticated()) {
return FALSE;
}
$username = $_SESSION["PANDORA_USERNAME"];
}
if (isset(User::$userRole[$username . "_" . $role])) {
return User::$userRole[$username . "_" . $role];
}
$dbObj = $this->load->database('default', TRUE);
$dbObj->where('role', $role);
$dbObj->where('user_id', $username);
$dbQuery = $dbObj->get('user_roles');
User::$userRole[$username . "_" . $role] = $dbQuery->num_rows() > 0;
return User::$userRole[$username . "_" . $role];
}
$attribs = ResourceReport::Get($id);
$args['info'] = array();
$attribs['user_name'] = User::GetAttrib($attribs['user_id'], 'name');
$attribs['resource_subject'] = get_subject($attribs['resource_id'], $attribs['type']);
if (!$attribs) {
Error::generate('notice', 'Invalid ID in action show.');
header("Location: {$PAGE_REL_URL}");
} else {
foreach ($attribs as $k => $v) {
$args['info'][] = array($k, $v);
}
include "views/show.view.php";
}
} else {
if ($action == 'create') {
if (!$params['uid'] || !User::IsAuthenticated()) {
check_perms(false);
} else {
if (!ResourceReport::Create(array('user_id' => User::GetAuthenticatedID(), 'resource_id' => $params['cid'], 'comments' => $params['comments'], 'type' => $params['type']))) {
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: text/html");
header("Connection:");
header("Content-length:");
echo "Could not report.";
} else {
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
redirect_raw($_SESSION['last_rendered_page']);
} else {
redirect();
}
}
}
} else {
if ($action == 'upload') {
$fparts = explode('.', $_FILES['file']['name']);
$ext = end($fparts);
// TODO: Check file extension.
if (!isset($_FILES['file'])) {
Error::generate('notice', 'No file specified.');
include "views/upload.view.php";
} else {
if (!User::IsAuthenticated()) {
Error::generate('notice', 'Not logged in.');
include "views/upload.view.php";
} else {
if ($_FILES['file']['error'] != UPLOAD_ERR_OK) {
Error::generate('debug', 'File upload error: ' . $_FILES['file']['error']);
switch ($_FILES['file']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
Error::generate('notice', 'File too big.');
include "views/upload.view.php";
break;
case UPLOAD_ERR_PARTIAL:
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
case UPLOAD_ERR_EXTENSION:
