Beispiel #1
0
 public function delete($arguments)
 {
     if (!CheckAcl::can('deleteNotices')) {
         return Error::set('You are not allowed to delete notices!');
     }
     if (empty($arguments[0])) {
         return Error::set('No notice id was found!');
     }
     $notices = new notices(ConnectionFactory::get('redis'));
     $return = $notices->delete($arguments[0]);
     if (is_string($return)) {
         return Error::set($return);
     }
     header('Location: ' . Url::format('/notice/'));
 }
Beispiel #2
0
 public function vote($arguments)
 {
     if (!CheckAcl::can('voteOnNews')) {
         return Error::set('You can not vote on news posts.');
     }
     if (empty($arguments[0]) || empty($arguments[1])) {
         return Error::set('Vote or news id not found.');
     }
     $news = new news(ConnectionFactory::get('mongo'));
     $result = $news->castVote($arguments[0], $arguments[1]);
     $post = $news->get($arguments[0], false, true);
     if (is_string($result)) {
         return Error::set($result, false, array('Back' => Url::format('/news/view/' . Id::create($post, 'news'))));
     }
     Error::set('Vote cast!', true, array('Back' => Url::format('/news/view/' . Id::create($post, 'news'))));
 }
Beispiel #3
0
 public function index()
 {
     if (!CheckAcl::can('viewStats')) {
         return Error::set('You are not allowed to view stats!');
     }
     $info = new APCIterator('user');
     $redis = new redisInfo(ConnectionFactory::get('redis'));
     $redisInfo = $redis->info();
     $this->view['apcNoKeys'] = $info->getTotalCount();
     $this->view['apcSize'] = $info->getTotalSize();
     $this->view['redisVersion'] = $redisInfo['redis_version'];
     $this->view['redisSIP'] = $redisInfo['bgsave_in_progress'];
     $this->view['redisNoChans'] = $redisInfo['pubsub_channels'];
     $this->view['redisMem'] = $redisInfo['used_memory'];
     $this->view['redisLastSave'] = $redisInfo['last_save_time'];
     $this->view['valid'] = true;
 }
Beispiel #4
0
 public function changeStatus($arguments)
 {
     if (!CheckAcl::can('editBugStatus')) {
         return Error::set('You are not allowed to change bug statuses.');
     }
     if (empty($_POST['id'])) {
         return Error::set('Invalid id.');
     }
     $bugs = new bugs(ConnectionFactory::get('mongo'));
     $bug = $bugs->get($_POST['id'], false);
     if (empty($bug)) {
         return Error::set('Invalid id.');
     }
     $extra = array('public', 'private', 'delete');
     $acceptable = array_merge(bugs::$status, $extra);
     if (empty($_POST['status']) || !in_array($_POST['status'], $acceptable)) {
         return Error::set('Invalid status.');
     }
     if (in_array($_POST['status'], $extra)) {
         // Altering
         switch ($_POST['status']) {
             case 'public':
                 $diff = array('public' => true);
                 break;
             case 'private':
                 $diff = array('public' => false);
                 break;
             case 'delete':
                 $diff = array('ghosted' => true);
                 break;
             default:
                 $diff = array();
                 break;
         }
     } else {
         // Standard status change.
         $diff = array('status' => array_search($_POST['status'], bugs::$status));
     }
     $bugs->alter($_POST['id'], $diff);
     $this->view['valid'] = true;
     Error::set('Status changed.', true);
     apc_delete('bugs_' . Id::create(current($bug), 'bugs'));
 }
 public function authChange($type, $comment)
 {
     return CheckAcl::can($type . 'AllComment') || CheckAcl::can($type . 'Comment') && Session::getVar('username') == $comment['user']['username'];
 }
<?php

if (!empty($valid) && $valid) {
    ?>

<?php 
}
if (CheckAcl::can('haveConnections')) {
    ?>
<form class="form-horizontal well" action="<?php 
    echo Url::format('/user/connections');
    ?>
" method="post">
    <legend>Manage Connections</legend>
    <div class="control-group">
        <label class="control-label">GitHub Username</label>
        
        <div class="controls">
            <input type="text" name="github"<?php 
    echo !empty($github) ? 'value="' . $github . '"' : '';
    ?>
 />
        </div>
    </div>
    
    <input type="submit" value="Save" class="btn btn-primary" />
</form>
<?php 
}
Beispiel #7
0
</td>
        <td>
<?php 
            if (CheckAcl::can('editNotice')) {
                ?>
            <a href="<?php 
                echo Url::format('/notice/edit/' . ($id + 1));
                ?>
" class="btn btn-warning">Edit</a><br />
<?php 
            }
            ?>
		</td>
		<td>
<?php 
            if (CheckAcl::can('deleteNotice')) {
                ?>
            <a href="<?php 
                echo Url::format('/notice/delete/' . ($id + 1));
                ?>
" class="btn btn-danger">Delete</a>
<?php 
            }
            ?>
        </td>
    </tr>
<?php 
        }
        ?>
</tbody></table>
<?php 
Beispiel #8
0
 public function revisions($arguments)
 {
     if (!$this->hasRevisions) {
         return Error::set('Revisions are not enabled for ' . $this->name . '.');
     }
     if (!CheckAcl::can('view' . $this->permission . 'Revisions')) {
         return Error::set('You are not allowed to view ' . $this->name . ' revisions.');
     }
     if (empty($arguments[0])) {
         return Error::set('No ' . $this->name . ' id found.');
     }
     $model = new $this->model(ConnectionFactory::get($this->db));
     $current = $model->get($arguments[0], false, true);
     $this->view['current'] = $current;
     if (empty($current)) {
         return Error::set('Invalid id.');
     }
     if (is_string($current)) {
         return Error::set($current);
     }
     Layout::set('title', ucwords($this->name) . ' Revisions');
     $revisions = new revisions(ConnectionFactory::get('mongo'));
     // Start excerpt soley for reverting
     $revert = $this->revert($arguments, $model, $revisions, $current);
     // End excerpt
     $revisions = $revisions->getForId($arguments[0]);
     $this->view['revisions'] = array();
     if (empty($revisions)) {
         return Error::set('This entry has no revisions.');
     }
     $this->view['revisions'] = revisions::resolve($current, $revisions, $this->diffdFields);
 }
Beispiel #9
0
    public function validate($username, $password, $email, $hideEmail, $group, $lockToIp, $creating = true)
    {
        if (strpos($username, '\'') || strpos($username, '"')) {
            return 'Invalid username.';
        }
        $passEmpty = false;
        if (empty($password) && $creating) {
            return 'Invalid password';
        }
        if (empty($password)) {
            $passEmpty = true;
        }
        // Cleaning
        $username = substr($this->clean($username), 0, 80);
        $password = $this->hash($password, $username);
        $email = filter_var($email, FILTER_SANITIZE_EMAIL);
        $hideEmail = (bool) $hideEmail;
        // Error checking
        if (empty($username) && $creating) {
            return 'Invalid username.';
        }
        if (!preg_match('/^[A-Za-z0-9 _-]+$/', $username)) {
            return 'Invalid username';
        }
        if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
            return 'Invalid email.';
        }
        if ($group != null && !in_array($group, acl::$acls)) {
            return 'Invalid group.';
        }
        if ($creating) {
            $user = $this->get($username);
            if (!empty($user)) {
                return 'Username taken.';
            }
            $user = $this->mongo->unimportedUsers->findOne(array('username' => $this->clean($username)));
            if (!empty($user)) {
                return 'Username is reserved.  If this is you, try to 
reclaim your account instead.';
            }
        }
        $entry = array('username' => $username, 'password' => $password, 'email' => $email, 'status' => self::ACCT_OPEN, 'hideEmail' => $hideEmail, 'lockToIP' => (bool) $lockToIp, 'auths' => array('password'), 'notes' => array(), 'connections' => array('nil' => 'nil'), 'certs' => array(), 'bans' => array());
        if ($creating) {
            $entry['group'] = $group == null ? self::DEFAULT_GROUP : $group;
        }
        if (!$creating && !CheckAcl::can('changeUsername')) {
            unset($entry['username']);
        }
        if (!$creating && !CheckAcl::can('changeAcctStatus')) {
            unset($entry['status']);
        }
        if (!$creating && !CheckAcl::can('editAcl')) {
            unset($entry['group']);
        }
        if (!$creating && $passEmpty) {
            unset($entry['password']);
        }
        if (!$creating) {
            unset($entry['auth']);
        }
        return $entry;
    }
Beispiel #10
0
<div class="well">
    <h1><?php 
echo $title;
?>
</h1>
    <small>By <?php 
echo $lecturer;
$access = array();
if (CheckAcl::can('editLectures')) {
    array_push($access, '<a href="' . Url::format('lecture/edit/' . $_id) . '">Edit</a>');
}
if (CheckAcl::can('deleteLectures')) {
    array_push($access, '<a href="' . Url::format('lecture/delete/' . $_id) . '">Delete</a>');
}
if (!empty($access)) {
    echo ' - ' . implode(' - ', $access);
}
?>
</small>

    <p><?php 
echo BBCode::parse($description);
?>
</p>
    <em><?php 
echo Date::minuteFormat($time);
?>
 to 
    <?php 
echo Date::minuteFormat($time + $duration);
?>
        ?>
		<?php 
        if (CheckAcl::can('viewArticleRevisions')) {
            ?>
&nbsp;-&nbsp;<a href="<?php 
            echo Url::format('/article/revisions/' . $_id);
            ?>
">Revisions</a><?php 
        }
        ?>
		<?php 
    }
} elseif (empty($preview)) {
    ?>
		<?php 
    if (CheckAcl::can('revertArticles')) {
        ?>
&nbsp;-&nbsp;<a href="<?php 
        echo Url::format('/articles/revisions/' . $contentId . '/revert/' . $_id);
        ?>
">Revert</a><?php 
    }
    ?>
		<?php 
}
?>
	</small>
    
<?php 
if (!$published || !empty($revision) || !empty($preview)) {
    ?>
Beispiel #12
0
 public static function canView($bug)
 {
     if ($bug['public'] == true) {
         return true;
     }
     if (Session::isLoggedIn() && (string) $bug['reporter']['$id'] == (string) Session::getVar('_id') || CheckAcl::can('viewPrivateBug')) {
         return true;
     }
     return false;
 }
Beispiel #13
0
 private static function _populate()
 {
     self::$acl = new acl(ConnectionFactory::get('redis'));
     self::$populated = true;
 }
Beispiel #14
0
    }
    ?>
		<?php 
    if (CheckAcl::can('viewNewsRevisions')) {
        ?>
&nbsp;-&nbsp;<a href="<?php 
        echo Url::format('/news/revisions/' . $_id);
        ?>
">Revisions</a><?php 
    }
    ?>
		<?php 
} elseif (empty($preview)) {
    ?>
		<?php 
    if (CheckAcl::can('revertNews')) {
        ?>
&nbsp;-&nbsp;<a href="<?php 
        echo Url::format('/news/revisions/' . $contentId . '/revert/' . $_id);
        ?>
">Revert</a><?php 
    }
    ?>
		<?php 
}
?>
	</small>
	
	<p><?php 
echo BBCode::parse($body);
?>
Beispiel #15
0
    echo Url::format('/user/logs');
    ?>
">View Account Activity</a>&nbsp;-&nbsp;
    <a href="<?php 
    echo Url::format('/user/connections');
    ?>
">Manage Your Connections</a>
</small>
<form class="well form-horizontal" action="<?php 
    echo Url::format('/user/settings/save');
    ?>
" method="post">
<fieldset>
	<legend>Account Information</legend>
<?php 
    if (CheckAcl::can('changeUsername')) {
        ?>
	<div class="control-group">
		<label class="control-label">Username:</label>
		
		<div class="controls">
			<input type="text" name="username" value="<?php 
        echo htmlentities($user['username'], ENT_QUOTES, '', false);
        ?>
" />
		</div>
	</div>
<?php 
    }
    ?>
	
        echo Url::format('/lecture/post');
        ?>
">Post Lecture</a></li><?php 
    }
    ?>
    <?php 
    if (CheckAcl::can('manageNotice')) {
        ?>
<li><a href="<?php 
        echo Url::format('/notice');
        ?>
">Manage Notices</a></li><?php 
    }
    ?>
    <?php 
    if (CheckAcl::can('viewStats')) {
        ?>
<li><a href="<?php 
        echo Url::format('/stats');
        ?>
">View Stats</a></li><?php 
    }
}
?>
						<li class="nav-header">Search</li>
						<li>
							<form class="form-search" action="<?php 
echo Url::format('search');
?>
" method="post">
								<input type="text" name="query" placeholder="Search" class="input-medium search-query" />
Beispiel #17
0
<div class="page-header"><h1>Submitted Bugs</h1></div>

<div class="btn-toolbar">
<?php 
if (CheckAcl::can('postBugs')) {
    ?>
	<div class="btn-group">
		<a href="<?php 
    echo Url::format('/bugs/post');
    ?>
" class="btn btn-primary">Submit Bug</a>
	</div>
<?php 
}
?>

	<div class="btn-group">
		<a href="<?php 
echo Url::format('/bugs/index/all');
?>
" class="btn<?php 
echo $filter == 'all' ? ' disabled' : '';
?>
">All</a>
		<a href="<?php 
echo Url::format('/bugs/index/open');
?>
" class="btn<?php 
echo $filter == 'open' ? ' disabled' : '';
?>
">Open</a>
Beispiel #18
0
 public function admin_note()
 {
     if (!CheckAcl::can('postNotes')) {
         return Error::set('You are not allowed to post notes.');
     }
     if (empty($_POST['userId'])) {
         return Error::set('No user id was found.');
     }
     if (empty($_POST['note'])) {
         return Error::set('No note text was found.');
     }
     $users = new users(ConnectionFactory::get('mongo'));
     $return = $users->addNote($_POST['userId'], $_POST['note']);
     if (is_string($return)) {
         return Error::set($return);
     }
     Error::set('Note posted.', true);
     if (!empty($_SERVER['HTTP_REFERER'])) {
         header('Location: ' . Url::format($_SERVER['HTTP_REFERER']));
     }
 }
Beispiel #19
0
    }
    if ($rating['dislikes'] != 0) {
        $html[] = $rating['dislikes'] . ' dislike' . ($rating['dislikes'] == 1 ? '' : 's');
    }
    $html = implode(', ', $html);
    if (empty($html)) {
        $html = 'No votes!';
    }
}
?>
        <em><?php 
echo $html;
?>
</em>
<?php 
if (CheckAcl::can('voteOn' . $type)) {
    ?>
        <a href="<?php 
    echo Url::format('/' . $where . '/vote/' . $_id . '/like');
    ?>
" 
        class="btn btn-small">
            <i class="icon-plus"></i>
            Like
        </a>&nbsp;
        <a href="<?php 
    echo Url::format('/' . $where . '/vote/' . $_id . '/dislike');
    ?>
" 
        class="btn btn-inverse btn-small">
            <i class="icon-minus icon-white"></i>
Beispiel #20
0
            ?>
" method="post">
			<input type="hidden" name="userId" value="<?php 
            echo $user['_id'];
            ?>
" />
			<input class="span6" type="text" name="note" placeholder="Something here to help you keep track of who is who." />
			<input type="submit" value="Save" class="btn btn-primary" />
		</form>
<?php 
        }
        ?>
	</div>
</div>
<?php 
        if (CheckAcl::can('banUsers')) {
            ?>
<hr />
<div class="row">
    <div class="span4 offset5">
        <form class="form-inline" style="float: right" action="<?php 
            echo Url::format('/user/admin/ban/');
            ?>
" method="post">
            <input type="hidden" name="userId" value="<?php 
            echo $user['_id'];
            ?>
" />
            
            <label class="checkbox">
                <input type="checkbox" name="slowban" value="true"<?php 
Beispiel #21
0
    }
    ?>
				</div>
				<?php 
    echo nl2br($comment['text']);
    ?>
			</p>
		</td>
	</tr>
</table>
<?php 
}
if ($total != 0) {
    echo $pagination;
}
if (CheckAcl::can('postComment')) {
    ?>
<legend>New Comment</legend>
<form class="well form-vertical" action="<?php 
    echo Url::format('/comment/post/save');
    ?>
" method="post">
    <input type="hidden" name="contentId" value="<?php 
    echo $id;
    ?>
" />
    <textarea name="text" rows="7" style="width: 100%"></textarea><br />
    <input type="submit" class="btn btn-primary" value="Post Comment" />
</form>
<?php 
}