function render() { $result = new Dto_FormResult('notsubmitted'); # check the users' permissions $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_view_spotdetail, ''); $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_edit_spotdetail, ''); # and actually retrieve the spot $fullSpot = ''; try { $svcActn_GetSpot = new Services_Actions_GetSpot($this->_settings, $this->_daoFactory, $this->_spotSec); $fullSpot = $svcActn_GetSpot->getFullSpot($this->_currentSession, $this->_messageId, true); $fullSpot = str_replace("[br]", "\n", $fullSpot); } catch (Exception $ex) { $result->addError($ex->getMessage()); } # catch # and create a nice and shiny page title $this->_pageTitle = "spot: edit spot"; /* * bring the forms' action into the local scope for * easier access */ $formAction = $this->_spotForm['action']; # Only perform certain validations when the form is actually submitted if (!empty($formAction)) { switch ($formAction) { case 'delete': # check permissions $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_delete_spot, ''); # assume success $result->setResult('success'); # remove the spot from the database $svcSpotEditor = new Services_Posting_Editor($this->_daoFactory, $this->_currentSession); $svcSpotEditor->deleteSpot($this->_messageId); break; # case 'delete' # case 'delete' case 'edit': # create a fullspot xml from the data entered by the user and the original fullspot $svcSpotEditor = new Services_Posting_Editor($this->_daoFactory, $this->_currentSession); $result = $svcSpotEditor->updateSpotXml($fullSpot, $this->_spotForm); if ($result->isSuccess()) { # update the spot in the database $svcSpotEditor->updateSpot($this->_messageId, $result->getData('spotxml')); } # if break; # case 'edit' } # switch } # if #- display stuff -# $this->template('editspot', array('editspotform' => $fullSpot, 'result' => $result)); }
public function createUserRecord(array $spotUser) { $result = new Dto_FormResult(); $spotUser['userid'] = false; /* * Create a random password for this user */ $spotUser['newpassword1'] = substr(Services_User_Util::generateUniqueId(), 1, 9); $spotUser['newpassword2'] = $spotUser['newpassword1']; /* * Validate several properties of the user, we share * this code with the user editor */ $result->mergeResult($this->validateUserRecord($spotUser, false)); /* * Make sure no other user exists with the same username */ $userIdForName = $this->_userDao->findUserIdForName($spotUser['username']); if (!empty($userIdForName)) { $result->addError(sprintf(_("'%s' already exists"), $spotUser['username'])); } # if if ($result->isSuccess()) { # Create a private and public key pair for this user $spotSigning = Services_Signing_Base::factory(); $userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path')); $spotUser['publickey'] = $userKey['public']; $spotUser['privatekey'] = $userKey['private']; # Actually add the user $spotUser['userid'] = $this->addUser($spotUser); /* * We assume the user was successfully added, all validation is done at * a higher level, and addUser() will throw an exception if something is * seriously wrong */ $result->addData('userid', $spotUser['userid']); $result->addData('username', $spotUser['username']); $result->addData('password', $spotUser['newpassword1']); $result->addData('userrecord', $spotUser); $result->addInfo(sprintf(_("User <strong>"%s"</strong> successfully added"), $spotUser['username'])); $result->addInfo(sprintf(_("Password: <strong>"%s"</strong>"), $spotUser['newpassword1'])); $result->setResult('success'); } # if return $result; }
function render() { $result = new Dto_FormResult('notsubmitted'); # Check permissions $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_perform_login, ''); /* * Create a default SpotUser so the form is always able to render * the values of the form */ $credentials = array('username' => '', 'password' => ''); # Instantiate the Spot user system $svcUserAuth = new ServiceS_User_Authentication($this->_daoFactory, $this->_settings); # set the page title $this->_pageTitle = "spot: login"; # bring the form action into the local scope $formAction = $this->_loginForm['action']; # Are we already submitting the form login? if (!empty($formAction)) { # make sure we can simply assume all fields are there $credentials = array_merge($credentials, $this->_loginForm); $tryLogin = $svcUserAuth->authenticate($credentials['username'], $credentials['password']); if (!$tryLogin) { /* Create an audit event */ if ($this->_settings->get('auditlevel') != SpotSecurity::spot_secaudit_none) { $spotAudit = new SpotAudit($this->_daoFactory, $this->_settings, $this->_currentSession['user'], $this->_currentSession['session']['ipaddr']); $spotAudit->audit(SpotSecurity::spotsec_perform_login, 'incorrect user or pass', false); } # if $result->addError(_('Invalid username or password')); } else { $result->setResult("success"); $this->_currentSession = $tryLogin; } # else } else { # When the user is already logged in, show this as a warning if ($this->_currentSession['user']['userid'] != $this->_settings->get('nonauthenticated_userid')) { $result->addError(_('You are already logged in')); } # if } # else #- display stuff -# $this->template('login', array('loginform' => $credentials, 'result' => $result, 'http_referer' => $this->_loginForm['http_referer'], 'data' => $this->_params['data'])); }
function render() { # Check users' permissions $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_blacklist_spotter, ''); # Make sure the editresult is set to 'not comitted' per default $result = new Dto_FormResult('notsubmitted'); # Create the default blacklist information $blackList = array('spotterid' => '', 'origin' => ''); # set the page title $this->_pageTitle = "report: blacklist spotter"; /* * bring the forms' action into the local scope for * easier access */ if (isset($this->_blForm['action'])) { $formAction = $this->_blForm['action']; } else { $formAction = ''; } # else # Instantiate the user system which does the actually heavy lifting $svcUserRecord = new Services_User_Record($this->_daoFactory, $this->_settings); if (!empty($formAction) && !$result->isError()) { $result->setResult('success'); # Make sure we have a complete blacklist information $blackList = array_merge($blackList, $this->_blForm); switch ($formAction) { case 'addspotterid': $result->mergeResult($svcUserRecord->addSpotterToList($this->_currentSession['user'], $blackList['spotterid'], $blackList['origin'], $blackList['idtype'])); break; # case addspotterid # case addspotterid case 'removespotterid': $result->mergeResult($svcUserRecord->removeSpotterFromList($this->_currentSession['user'], $blackList['spotterid'])); break; # case removespotterid } # switch } # if #- display stuff -# $this->template('jsonresult', array('result' => $result)); }
function render() { $result = new Dto_FormResult('notsubmitted'); # Check users' permissions $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_perform_logout, ''); # Instanatiate the spotweb user system $svcUserAuth = new Services_User_Authentication($this->_daoFactory, $this->_settings); # make sure the logout isn't cached $this->sendExpireHeaders(true); # send the appropriate content-type header $this->sendContentTypeHeader('json'); # and remove the users' session if the user isn't the anonymous one if ($svcUserAuth->removeSession($this->_currentSession)) { $result->setResult('success'); } else { $result->addError(_('Unable to remove session')); } # else $this->template('jsonresult', array('result' => $result)); }
function render() { # Make sure the result is set to 'not comited' per default $result = new Dto_FormResult('notsubmitted'); # Validate proper permissions $this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, ''); # Sportparser is nodig voor het escapen van de random string $spotParseUtil = new Services_Format_Util(); # we need the spotuser system $svcUserRecord = new Services_User_Record($this->_daoFactory, $this->_settings); /* * Create a default form so we can be sure to always be able * to render the form without notices or whatever */ $spot = array('title' => '', 'body' => '', 'category' => 0, 'subcata' => '', 'subcatb' => array(), 'subcatc' => array(), 'subcatd' => array(), 'subcatz' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => ''); /* * bring the forms' action into the local scope for * easier access */ $formAction = $this->_spotForm['action']; # set the page title $this->_pageTitle = "spot: post"; # Make sure all variables are merged with the default form $spot = array_merge($spot, $this->_spotForm); # If user tried to submit, validate the file uploads $nzbFilename = ''; $imgFilename = ''; if ($formAction == 'post') { $result->setResult('success'); # Make sure an NZB file was provided $uploadHandler = new Services_Providers_FileUpload('newspotform', 'nzbfile'); if (!$uploadHandler->isUploaded()) { $result->addError(_('Please select NZB file')); } elseif (!$uploadHandler->success()) { $result->addError(_('Invalid NZB file') . ' (' . $uploadHandler->errorText() . ')'); } else { $nzbFilename = $uploadHandler->getTempName(); } # if # Make sure an picture was provided $uploadHandler = new Services_Providers_FileUpload('newspotform', 'imagefile'); if (!$uploadHandler->isUploaded()) { $result->addError(_('Please select a picture')); } elseif (!$uploadHandler->success()) { $result->addError(_('Invalid picture') . ' (' . $uploadHandler->errorText() . ')'); } else { $imgFilename = $uploadHandler->getTempName(); } # if } # if if ($formAction == 'post' && $result->isSuccess()) { # Initialize notificatiesystem $spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $this->_currentSession); # Make sure we can post this spot, if so, make it happen $svcPostSpot = new Services_Posting_Spot($this->_daoFactory, $this->_settings); $result = $svcPostSpot->postSpot($svcUserRecord, $this->_currentSession['user'], $spot, $imgFilename, $nzbFilename); if ($result->isSuccess()) { $result->addData('user', $this->_currentSession['user']['username']); $result->addData('spotterid', $spotParseUtil->calculateSpotterId($this->_currentSession['user']['publickey']['modulo'])); # en send a notification $spotsNotifications->sendSpotPosted($spot); } # if } # if #- display stuff -# $this->template('newspot', array('postspotform' => $spot, 'result' => $result)); }