public function onPageRequest(PageRequestEvent $event) { global $config, $page, $user; // user info is shown on all pages if ($user->is_anonymous()) { $this->theme->display_login_block($page); } else { $ubbe = new UserBlockBuildingEvent(); send_event($ubbe); ksort($ubbe->parts); $this->theme->display_user_block($page, $user, $ubbe->parts); } if ($event->page_matches("user_admin")) { if ($event->get_arg(0) == "login") { if (isset($_POST['user']) && isset($_POST['pass'])) { $this->login($page); } else { $this->theme->display_login_page($page); } } else { if ($event->get_arg(0) == "recover") { $user = User::by_name($_POST['username']); if (is_null($user)) { $this->theme->display_error(404, "Error", "There's no user with that name"); } else { if (is_null($user->email)) { $this->theme->display_error(400, "Error", "That user has no registered email address"); } else { // send email } } } else { if ($event->get_arg(0) == "create") { if (!$config->get_bool("login_signup_enabled")) { $this->theme->display_signups_disabled($page); } else { if (!isset($_POST['name'])) { $this->theme->display_signup_page($page); } else { if ($_POST['pass1'] != $_POST['pass2']) { $this->theme->display_error(400, "Password Mismatch", "Passwords don't match"); } else { try { if (!captcha_check()) { throw new UserCreationException("Error in captcha"); } $uce = new UserCreationEvent($_POST['name'], $_POST['pass1'], $_POST['email']); send_event($uce); $this->set_login_cookie($uce->username, $uce->password); $page->set_mode("redirect"); $page->set_redirect(make_link("user")); } catch (UserCreationException $ex) { $this->theme->display_error(400, "User Creation Error", $ex->getMessage()); } } } } } else { if ($event->get_arg(0) == "list") { // select users.id,name,joindate,admin, // (select count(*) from images where images.owner_id=users.id) as images, // (select count(*) from comments where comments.owner_id=users.id) as comments from users; // select users.id,name,joindate,admin,image_count,comment_count // from users // join (select owner_id,count(*) as image_count from images group by owner_id) as _images on _images.owner_id=users.id // join (select owner_id,count(*) as comment_count from comments group by owner_id) as _comments on _comments.owner_id=users.id; $this->theme->display_user_list($page, User::by_list(0), $user); } else { if ($event->get_arg(0) == "logout") { set_prefixed_cookie("session", "", time() + 60 * 60 * 24 * $config->get_int('login_memory'), "/"); if (CACHE_HTTP || SPEED_HAX) { # to keep as few versions of content as possible, # make cookies all-or-nothing set_prefixed_cookie("user", "", time() + 60 * 60 * 24 * $config->get_int('login_memory'), "/"); } log_info("user", "Logged out"); $page->set_mode("redirect"); // Try forwarding to same page on logout unless user comes from registration page if ($config->get_int("user_loginshowprofile", 0) == 0 && isset($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], "post/")) { $page->set_redirect($_SERVER['HTTP_REFERER']); } else { $page->set_redirect(make_link()); } } } } } } if (!$user->check_auth_token()) { return; } else { if ($event->get_arg(0) == "change_pass") { if (isset($_POST['id']) && isset($_POST['pass1']) && isset($_POST['pass2'])) { $duser = User::by_id($_POST['id']); if (!$duser instanceof User) { throw new NullUserException("Error: the user id does not exist!"); } $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; $this->change_password_wrapper($duser, $pass1, $pass2); } } else { if ($event->get_arg(0) == "change_email") { if (isset($_POST['id']) && isset($_POST['address'])) { $duser = User::by_id($_POST['id']); if (!$duser instanceof User) { throw new NullUserException("Error: the user id does not exist!"); } $address = $_POST['address']; $this->change_email_wrapper($duser, $address); } } else { if ($event->get_arg(0) == "change_class") { global $_user_classes; if (isset($_POST['id']) && isset($_POST['class'])) { $duser = User::by_id($_POST['id']); if (!$duser instanceof User) { throw new NullUserException("Error: the user id does not exist!"); } $class = $_POST['class']; if (!array_key_exists($class, $_user_classes)) { throw Exception("Invalid user class: " . html_escape($class)); } $this->change_class_wrapper($duser, $class); } } else { if ($event->get_arg(0) == "delete_user") { $this->delete_user($page, isset($_POST["with_images"]), isset($_POST["with_comments"])); } } } } } } if ($event->page_matches("user")) { $display_user = $event->count_args() == 0 ? $user : User::by_name($event->get_arg(0)); if ($event->count_args() == 0 && $user->is_anonymous()) { $this->theme->display_error(401, "Not Logged In", "You aren't logged in. First do that, then you can see your stats."); } else { if (!is_null($display_user) && $display_user->id != $config->get_int("anon_id")) { $e = new UserPageBuildingEvent($display_user); send_event($e); $this->display_stats($e); } else { $this->theme->display_error(404, "No Such User", "If you typed the ID by hand, try again; if you came from a link on this " . "site, it might be bug report time..."); } } } }
public function onPageRequest(Event $event) { global $config, $database, $page, $user; // user info is shown on all pages if ($user->is_anonymous()) { $this->theme->display_login_block($page); } else { $ubbe = new UserBlockBuildingEvent(); send_event($ubbe); ksort($ubbe->parts); $this->theme->display_user_block($page, $user, $ubbe->parts); } if ($event->page_matches("user_admin")) { if ($event->get_arg(0) == "login") { if (isset($_POST['user']) && isset($_POST['pass'])) { $this->login($page); } else { $this->theme->display_login_page($page); } } else { if ($event->get_arg(0) == "logout") { set_prefixed_cookie("session", "", time() + 60 * 60 * 24 * $config->get_int('login_memory'), "/"); if (CACHE_HTTP) { # to keep as few versions of content as possible, # make cookies all-or-nothing set_prefixed_cookie("user", "", time() + 60 * 60 * 24 * $config->get_int('login_memory'), "/"); } log_info("user", "Logged out"); $page->set_mode("redirect"); $page->set_redirect(make_link()); } else { if ($event->get_arg(0) == "change_pass") { $this->change_password_wrapper($page); } else { if ($event->get_arg(0) == "change_email") { $this->change_email_wrapper($page); } else { if ($event->get_arg(0) == "recover") { $user = User::by_name($_POST['username']); if (is_null($user)) { $this->theme->display_error($page, "Error", "There's no user with that name"); } if (is_null($user->email)) { // } } else { if ($event->get_arg(0) == "create") { if (!$config->get_bool("login_signup_enabled")) { $this->theme->display_signups_disabled($page); } else { if (!isset($_POST['name'])) { $this->theme->display_signup_page($page); } else { if ($_POST['pass1'] != $_POST['pass2']) { $this->theme->display_error($page, "Password Mismatch", "Passwords don't match"); } else { try { if (!captcha_check()) { throw new UserCreationException("Error in captcha"); } $uce = new UserCreationEvent($_POST['name'], $_POST['pass1'], $_POST['email']); send_event($uce); $this->set_login_cookie($uce->username, $uce->password); $page->set_mode("redirect"); $page->set_redirect(make_link("user")); } catch (UserCreationException $ex) { $this->theme->display_error($page, "User Creation Error", $ex->getMessage()); } } } } } else { if ($event->get_arg(0) == "set_more") { $this->set_more_wrapper($page); } else { if ($event->get_arg(0) == "list") { // select users.id,name,joindate,admin, // (select count(*) from images where images.owner_id=users.id) as images, // (select count(*) from comments where comments.owner_id=users.id) as comments from users; // select users.id,name,joindate,admin,image_count,comment_count // from users // join (select owner_id,count(*) as image_count from images group by owner_id) as _images on _images.owner_id=users.id // join (select owner_id,count(*) as comment_count from comments group by owner_id) as _comments on _comments.owner_id=users.id; $this->theme->display_user_list($page, User::by_list(0), $user); } } } } } } } } } if ($event instanceof PageRequestEvent && $event->page_matches("user")) { $display_user = $event->count_args() == 0 ? $user : User::by_name($event->get_arg(0)); if ($event->count_args() == 0 && $user->is_anonymous()) { $this->theme->display_error($page, "Not Logged In", "You aren't logged in. First do that, then you can see your stats."); } else { if (!is_null($display_user)) { send_event(new UserPageBuildingEvent($display_user)); } else { $this->theme->display_error($page, "No Such User", "If you typed the ID by hand, try again; if you came from a link on this " . "site, it might be bug report time..."); } } } }
public function onPageRequest(PageRequestEvent $event) { global $config, $page, $user; $this->show_user_info(); if ($event->page_matches("user_admin")) { if ($event->get_arg(0) == "login") { if (isset($_POST['user']) && isset($_POST['pass'])) { $this->page_login($_POST['user'], $_POST['pass']); } else { $this->theme->display_login_page($page); } } else { if ($event->get_arg(0) == "recover") { $this->page_recover($_POST['username']); } else { if ($event->get_arg(0) == "create") { $this->page_create(); } else { if ($event->get_arg(0) == "list") { // select users.id,name,joindate,admin, // (select count(*) from images where images.owner_id=users.id) as images, // (select count(*) from comments where comments.owner_id=users.id) as comments from users; // select users.id,name,joindate,admin,image_count,comment_count // from users // join (select owner_id,count(*) as image_count from images group by owner_id) as _images on _images.owner_id=users.id // join (select owner_id,count(*) as comment_count from comments group by owner_id) as _comments on _comments.owner_id=users.id; $this->theme->display_user_list($page, User::by_list(0), $user); } else { if ($event->get_arg(0) == "logout") { $this->page_logout(); } } } } } if (!$user->check_auth_token()) { return; } else { if ($event->get_arg(0) == "change_name") { $input = validate_input(array('id' => 'user_id,exists', 'name' => 'user_name')); $duser = User::by_id($input['id']); $this->change_name_wrapper($duser, $input['name']); } else { if ($event->get_arg(0) == "change_pass") { $input = validate_input(array('id' => 'user_id,exists', 'pass1' => 'password', 'pass2' => 'password')); $duser = User::by_id($input['id']); $this->change_password_wrapper($duser, $input['pass1'], $input['pass2']); } else { if ($event->get_arg(0) == "change_email") { $input = validate_input(array('id' => 'user_id,exists', 'address' => 'email')); $duser = User::by_id($input['id']); $this->change_email_wrapper($duser, $input['address']); } else { if ($event->get_arg(0) == "change_class") { $input = validate_input(array('id' => 'user_id,exists', 'class' => 'user_class')); $duser = User::by_id($input['id']); $this->change_class_wrapper($duser, $input['class']); } else { if ($event->get_arg(0) == "delete_user") { $this->delete_user($page, isset($_POST["with_images"]), isset($_POST["with_comments"])); } } } } } } } if ($event->page_matches("user")) { $display_user = $event->count_args() == 0 ? $user : User::by_name($event->get_arg(0)); if ($event->count_args() == 0 && $user->is_anonymous()) { $this->theme->display_error(401, "Not Logged In", "You aren't logged in. First do that, then you can see your stats."); } else { if (!is_null($display_user) && $display_user->id != $config->get_int("anon_id")) { $e = new UserPageBuildingEvent($display_user); send_event($e); $this->display_stats($e); } else { $this->theme->display_error(404, "No Such User", "If you typed the ID by hand, try again; if you came from a link on this " . "site, it might be bug report time..."); } } } }