public static function render($header, $subHeader = null) { $html = "<div id='header'>\n"; $needSpacing = $header != null && $subHeader != null; if ($header != null) { $html .= "<h1"; if ($needSpacing === true) { $html .= " class='withBottomMargin'"; } $html .= ">{$header}</h1>\n"; } if ($subHeader !== null) { $html .= "<h3>{$subHeader}</h3>\n"; } $html .= "</div>\n"; $msg = GlobalMessage::getGlobalMessage(); if ($msg) { $clazz = 'roundcorners'; $clazz .= $msg['type'] === GlobalMessage::ERROR ? ' error' : ''; $html .= "<p id='globalMessage' class='{$clazz}' style='display: block'><span id='messageBody'>" . $msg['msg'] . '</span>'; GlobalMessage::clear(); } else { $html .= "<p id='globalMessage'><span id='messageBody'></span>"; } $html .= "<span id='closeMessage'>" . _('Close') . "</span></p>"; return $html; }
} extract($_POST); if (!Utils::isEmptyString($feedback)) { $mailHelper = new MailHelper(); $wantToStr = isset($wantTo) && isset($feedbackOptions[$wantTo]) ? $feedbackOptions[$wantTo] : _("Other"); $params = array('wantTo' => $wantToStr, 'feedback' => $feedback, 'email' => $email); $body = $mailHelper->render('views/feedbackMail.php', $params); $to = getConfiguration('feedback.mail'); $toName = getConfiguration('feedback.to.name'); $from = getConfiguration('feedback.from'); $fromName = getConfiguration('feedback.from.name'); $replyTo = Utils::isEmptyString($email) ? null : Utils::buildEmail($email); Utils::sendMail($to, $toName, $from, 'Carpool feedback', 'New carpool feedback', $body, $replyTo, $replyTo); GlobalMessage::setGlobalMessage(_('Thanks for the feedback!')); } else { GlobalMessage::setGlobalMessage(_('Please write something.'), GlobalMessage::ERROR); } // Get after post Utils::redirect('feedback.php'); } else { AuthHandler::putUserToken(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" type="text/css" href="css/reset-fonts.css"> <link rel="stylesheet" type="text/css" href="css/common.css"> <?php if (LocaleManager::getInstance()->isRtl()) { ?>
throw new Exception("No ride found for contact {$contactId}"); } $rideId = $ride['Id']; if ($ride['Active'] == RIDE_ACTIVE) { // Hidden status is always status + 2 $newStatus = RIDE_INACTIVE; $msg = _("Ride de-activated. From now on, this ride will not appear in the search results."); } else { if ($ride['Active'] == RIDE_INACTIVE) { $newStatus = RIDE_ACTIVE; $msg = _("Ride activated. You are back in business!"); } else { throw new Exception("Illegal status"); } } if (!$server->updateRideActive($rideId, $newStatus)) { throw new Exception("Could not change status to ride {$rideId}"); } GlobalMessage::setGlobalMessage($msg); echo json_encode(array('status' => 'ok')); } catch (PDOException $e) { logException($e); echo json_encode(array('status' => 'err')); } catch (Exception $e) { logException($e); if (ENV == ENV_DEVELOPMENT) { echo json_encode(array('status' => 'err', 'msg' => $e->getMessage())); } else { echo json_encode(array('status' => 'err')); } }
public function __construct() { parent::__construct("masseges"); }
} else { if (AuthHandler::getAuthMode() == AuthHandler::AUTH_MODE_TOKEN) { $acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'index.php', 'AddRideAll.php', 'feedback.php', 'SearchRides.php', 'GetRegionConfiguration.php')); } } $acl->addResource(ROLE_IDENTIFIED, array('join.php', 'help.php', 'index.php', 'feedback.php', 'logout.php', 'thanks.php', 'SearchRides.php', 'AddRideAll.php', 'GetRegionConfiguration.php')); $acl->addResource(ROLE_IDENTIFIED_REGISTERED, array('ActivateToggle.php', 'DeleteRide.php', 'ShowInterest.php')); // Content management $acl->addResource(ROLE_ADMINISTRATOR, array('translations.php')); // Enfore access control $role = AuthHandler::getRole(); $resource = Utils::getRunningScript(); if (!$acl->isAllowed($role, $resource)) { if ($role == ROLE_GUEST && $acl->isAllowed($role, 'auth.php')) { // Not allowed: if not logged in and allowed to - redirect to login page GlobalMessage::setGlobalMessage(_('Please login to access this page'), GlobalMessage::ERROR); Utils::redirect('auth.php', array('ref' => $resource)); } else { if ($acl->isAllowed($role, 'auth.php')) { // User is logged in but not permitted to use this page header("HTTP/1.1 401 Unauthorized"); die('<p>' . _('Access Denied') . '</p>'); } else { // User is not logged-in and not allowed to do that - totally forbidden header("HTTP/1.1 403 Forbidden"); die('<p>' . _('Sorry, you are not allowed to use this application.') . '</p>'); } } } $GLOBALS['acl'] = $acl; info('Bootstrap done.');
<?php include "env.php"; include APP_PATH . "/Bootstrap.php"; // Don't need to show any message now GlobalMessage::clear(); $contact = AuthHandler::getLoggedInUser(); $authUrl = Utils::buildLocalUrl('auth.php', array('c' => $contact['Id'], 'i' => $contact['Identifier'])); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" type="text/css" href="css/reset-fonts.css"> <link rel="stylesheet" type="text/css" href="css/common.css"> <?php if (LocaleManager::getInstance()->isRtl()) { ?> <link rel="stylesheet" type="text/css" href="css/common_rtl.css"> <?php } ?> <title>Carpool</title> </head> <body> <div id="bd"> <?php echo View_Navbar::buildNavbar(); echo View_Header::render(_("Thanks for joining") . ', ' . htmlspecialchars($contact['Name']) . "!"); ?> <div id="content">
if (!$authHelper->validateForm($_POST)) { GlobalMessage::setGlobalMessage(_('Failed to authenticate') . ': ' . _('Please fill in all the required details.'), GlobalMessage::ERROR); } else { if (AuthHandler::authenticate($authHelper, $_POST) !== false) { // Redirect to original page if (!isset($ref)) { $ref = 'index.php'; } Utils::redirect($ref); } else { GlobalMessage::setGlobalMessage(_('Failed to authenticate') . ': ' . _('Incorrect credentials.'), GlobalMessage::ERROR); } } } catch (Exception $e) { logException($e); GlobalMessage::setGlobalMessage(_('Failed to authenticate') . ': ' . _('Internal error.'), GlobalMessage::ERROR); } // GET after POST Utils::redirect('auth.php'); } else { AuthHandler::putUserToken(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="stylesheet" type="text/css" href="css/reset-fonts.css"> <link rel="stylesheet" type="text/css" href="css/common.css"> <?php if (LocaleManager::getInstance()->isRtl()) { ?>
<?php include "env.php"; include APP_PATH . "/Bootstrap.php"; $contact = null; // TODO: Is this page still relevant? Maybe use the token for quick authentication? $contactId = Utils::getParam('c'); $identifier = Utils::getParam('i'); $contact = AuthHandler::authByVerification($contactId, $identifier); if ($contact) { try { Service_DeleteUser::run(AuthHandler::getLoggedInUserId()); GlobalMessage::setGlobalMessage(_('Contact successfully deleted.'), GlobalMessage::INFO); } catch (Exception $e) { GlobalMessage::setGlobalMessage(_('Deletion failed') . ': ' . _('Internal error.'), GlobalMessage::ERROR); } } else { GlobalMessage::setGlobalMessage(_('Deletion failed') . ': ' . _('Authentication failed.'), GlobalMessage::ERROR); } AuthHandler::logout(); Utils::redirect('index.php');
public function __construct() { parent::__construct("messages"); }
<?php include "env.php"; include APP_PATH . "/Bootstrap.php"; $contact = null; $ref = Utils::getParam('ref'); if (AuthHandler::isLoggedIn()) { AuthHandler::logout(); info('Contact ' . AuthHandler::getLoggedInUserId() . ' logged out'); GlobalMessage::setGlobalMessage(_('Goodbye!')); } else { warn('User tried to logout without being logged in'); } if ($ref) { // The redirect method is only redirecting to internal pages Utils::redirect($ref); } else { Utils::redirect('index.php'); }
// If it is a new ride - register this contact $contactId = $db->addContact($name, $phone, $email, ROLE_IDENTIFIED_REGISTERED, $password); AuthHandler::authByContactId($contactId); AuthHandler::setRole(ROLE_IDENTIFIED_REGISTERED); } } catch (PDOException $e) { if ($e->getCode() == 23000) { $messages[] = _("This email address is already in use"); } throw $e; } // Add or update ride $rideParams = array('SrcCityId' => $srcCityId, 'SrcLocation' => $srcLocation, 'DestCityId' => $destCityId, 'DestLocation' => $destLocation, 'TimeMorning' => $timeMorning, 'TimeEvening' => $timeEvening, 'Comment' => $comment, 'Notify' => $notify, 'Status' => $wantTo, 'Region' => $region); if ($isUpdateRide) { if ($db->updateRide($rideId, $srcCityId, $srcLocation, $destCityId, $destLocation, $timeMorning, $timeEvening, $comment, $wantTo, $notify, $region)) { GlobalMessage::setGlobalMessage(_("Ride successfully updated.")); } else { throw new Exception("Could not update ride"); } } else { $rideId = $db->addRide($srcCityId, $srcLocation, $destCityId, $destLocation, $timeMorning, $timeEvening, $contactId, $comment, $wantTo, $notify, $region); if (!$rideId) { throw new Exception("Could not add ride"); } AuthHandler::updateRegisteredRideStatus(true); $mailBody = MailHelper::render(VIEWS_PATH . '/registrationMail.php', array('contact' => $db->getContactById($contactId))); Utils::sendMail(Utils::buildEmail($email), $name, getConfiguration('mail.addr'), getConfiguration('mail.display'), getConfiguration('app.name') . ' Registration', $mailBody); } $db->commit(); // XXX: Should show interest even if it's update? if (!$isUpdateRide && getConfiguration('notify.immediate') == 1) {
<?php include "../env.php"; include APP_PATH . "/Bootstrap.php"; if (ENV !== ENV_DEVELOPMENT && !Utils::IsXhrRequest()) { die; } $action = 'deleted'; $contactId = AuthHandler::getLoggedInUserId(); if (!$contactId) { warn("Delete command sent while no user is logged in"); die; } try { Service_DeleteUser::run($contactId); GlobalMessage::setGlobalMessage(_("Ride deleted. Happy now?")); echo json_encode(array('status' => 'ok', 'action' => $action)); } catch (Exception $e) { logException($e); echo json_encode(array('status' => 'err', 'action' => $action)); }