/**
* Export core
*
* Replaces definition in GridFieldPrintButton
* same as original except sources data from $gridField->getList() instead of $gridField->getManipulatedList()
*
* @param GridField
*/
public function generatePrintData(GridField $gridField)
{
$printColumns = $this->getPrintColumnsForGridField($gridField);
$header = null;
if ($this->printHasHeader) {
$header = new ArrayList();
foreach ($printColumns as $field => $label) {
$header->push(new ArrayData(array("CellString" => $label)));
}
}
// The is the only variation from the parent class, using getList() instead of getManipulatedList()
$items = $gridField->getList();
$itemRows = new ArrayList();
foreach ($items as $item) {
$itemRow = new ArrayList();
foreach ($printColumns as $field => $label) {
$value = $gridField->getDataFieldValue($item, $field);
$itemRow->push(new ArrayData(array("CellString" => $value)));
}
$itemRows->push(new ArrayData(array("ItemRow" => $itemRow)));
$item->destroy();
}
$ret = new ArrayData(array("Title" => $this->getTitle($gridField), "Header" => $header, "ItemRows" => $itemRows, "Datetime" => SS_Datetime::now(), "Member" => Member::currentUser()));
return $ret;
}
/**
* Ensure all root requests go to login
* @return SS_HTTPResponse
*/
public function index()
{
if (Member::currentUser()) {
return $this->redirect($this->Link('directory'));
}
return $this->redirect('/Security/login/?BackURL=/summit-admin');
}
/**
* @param $data
* @param $form
* @return bool|SS_HTTPResponse|void
* @throws ValidationException
* @throws null
*/
public function Save($data, $form)
{
/** @var Form $form */
$data = $form->getData();
if ($CurrentMember = Member::currentUser()) {
if ($member = DataObject::get_one('Member', "Email = '" . Convert::raw2sql($data['Email']) . "' AND ID != " . $CurrentMember->ID)) {
$form->addErrorMessage('Email', 'Sorry, that Email already exists.', 'validation');
return $this->controller->redirectBack();
} else {
/** If no password don't save the field */
if (!isset($data['password'])) {
unset($data['password']);
}
$this->controller->setFlash('Your profile has been updated', 'success');
$form->saveInto($CurrentMember);
$CurrentMember->write();
return $this->controller->redirect($this->controller->Link());
}
} else {
/** Get registration page otherwise display warning.
*
* @var RegistrationPage $registerPage
*/
if ($registerPage = DataObject::get_one('RegistrationPage')) {
return Security::PermissionFailure($this->controller, 'You must <a href="' . $registerPage->Link() . '">registered</a> and logged in to edit your profile.');
} else {
$this->controller->setFlash('You must registered and logged in to edit your profile.', 'warning');
return $this->controller->redirect(Director::absoluteBaseURL());
}
}
}
public function edit()
{
$member = Member::currentUser();
$this->customise(array("ClassName" => "AccountPage", "Form" => $this->EditAccountForm()->loadDataFrom($member)));
$this->extend("onBeforeEdit");
return $this->renderWith(array("UserAccount_edit", "UserAccount", "Page"));
}
/**
* Adds token creation fields to CMS
*
* @param FieldSet $fields
* @return void
*/
public function updateCMSFields(FieldSet &$fields)
{
// Only modify file objects with parent nodes
if (!$this->owner instanceof Folder || !$this->owner->ID) {
return;
}
// Only allow ADMIN and SECURE_FILE_SETTINGS members to edit these options
if (!Permission::checkMember(Member::currentUser(), array('ADMIN', 'SECURE_FILE_SETTINGS'))) {
return;
}
// Update Security Tab
$secureFilesTab = $fields->findOrMakeTab('Root.' . _t('SecureFiles.SECUREFILETABNAME', 'Security'));
$secureFilesTab->push(new HeaderField(_t('SecureFiles.TOKENACCESSTITLE', 'Token Access')));
if (!$this->owner->containsFiles()) {
$secureFilesTab->push(new ReadonlyField('DummyTokenList', '', _t('SecureFiles.NOFILESINFOLDER', 'There are no files in this folder.')));
return;
}
$secureFilesTab->push($tokenList = new ComplexTableField($this->owner, 'ContainedFileTokens', 'SecureFileAccessToken', null, null, "File.ParentID = '{$this->owner->ID}'", $sourceSort = null, "JOIN File ON FileID = File.ID"));
$tokenList->setParentIdName('FolderID');
$tokenList->setRelationAutoSetting(false);
// Remove add link if there are no files in this folder
if (!$this->owner->containsFiles()) {
$tokenList->setPermissions(array('edit', 'delete'));
}
}
/**
* This does not actually perform any validation, but just creates the
* initial registration object.
*/
public function validateStep($data, $form)
{
$form = $this->getForm();
$datetime = $form->getController()->getDateTime();
$confirmation = $datetime->Event()->RegEmailConfirm;
$registration = $this->getForm()->getSession()->getRegistration();
// If we require email validation for free registrations, then send
// out the email and mark the registration. Otherwise immediately
// mark it as valid.
if ($confirmation) {
$email = new Email();
$config = SiteConfig::current_site_config();
$registration->TimeID = $datetime->ID;
$registration->Status = 'Unconfirmed';
$registration->write();
if (Member::currentUserID()) {
$details = array('Name' => Member::currentUser()->getName(), 'Email' => Member::currentUser()->Email);
} else {
$details = $form->getSavedStepByClass('EventRegisterTicketsStep');
$details = $details->loadData();
}
$link = Controller::join_links($this->getForm()->getController()->Link(), 'confirm', $registration->ID, '?token=' . $registration->Token);
$regLink = Controller::join_links($datetime->Event()->Link(), 'registration', $registration->ID, '?token=' . $registration->Token);
$email->setTo($details['Email']);
$email->setSubject(sprintf('Confirm Registration For %s (%s)', $datetime->getTitle(), $config->Title));
$email->setTemplate('EventRegistrationConfirmationEmail');
$email->populateTemplate(array('Name' => $details['Name'], 'Registration' => $registration, 'RegLink' => $regLink, 'Title' => $datetime->getTitle(), 'SiteConfig' => $config, 'ConfirmLink' => Director::absoluteURL($link)));
$email->send();
Session::set("EventRegistration.{$registration->ID}.message", $datetime->Event()->EmailConfirmMessage);
} else {
$registration->Status = 'Valid';
$registration->write();
}
return true;
}
public function init()
{
parent::init();
$member = Member::currentUser();
$this->member = $member;
$request = $this->getRequest();
//echo $request->getVar('test');
//Setting dates based on request variables
//We could add some sanity check herre
$this->start = $request->getVar('start');
$this->end = $request->getVar('end');
if ($request->getVar('allDay') == 'true') {
$this->allDay = true;
}
//Setting event based on request vars
if (($eventID = (int) $request->getVar('eventID')) && $eventID > 0) {
$event = Event::get()->byID($eventID);
if ($event && $event->exists()) {
if ($event->ClassName == 'PrivateEvent') {
//Only show private events to their owners
if ($event->OwnerID == $member->ID) {
$this->event = $event;
}
} else {
$this->event = $event;
}
}
}
}
/**
* @param Order $order
* @param array $data
*
* @throws ValidationException
*/
public function validateData(Order $order, array $data)
{
$result = ValidationResult::create();
$existingID = !empty($data[$this->addresstype . "AddressID"]) ? (int) $data[$this->addresstype . "AddressID"] : 0;
if ($existingID) {
// If existing address selected, check that it exists in $member->AddressBook
if (!Member::currentUserID() || !Member::currentUser()->AddressBook()->byID($existingID)) {
$result->error("Invalid address supplied", $this->addresstype . "AddressID");
throw new ValidationException($result);
}
} else {
// Otherwise, require the normal address fields
$required = parent::getRequiredFields($order);
$addressLabels = singleton('Address')->fieldLabels(false);
foreach ($required as $fieldName) {
if (empty($data[$fieldName])) {
// attempt to get the translated field name
$fieldLabel = isset($addressLabels[$fieldName]) ? $addressLabels[$fieldName] : $fieldName;
$errorMessage = _t('Form.FIELDISREQUIRED', '{name} is required', array('name' => $fieldLabel));
$result->error($errorMessage, $fieldName);
throw new ValidationException($result);
}
}
}
}
/**
* standard SS function - we dont need to show the Wish List field in the CMS.
*/
function updateCMSFields(&$fields)
{
$fields->removeByName("WishList");
$member = Member::currentUser();
if ($member && $member->IsAdmin()) {
$html = "";
$array = unserialize($this->owner->WishList);
$links = array();
if (is_array($array) && count($array)) {
foreach ($array as $item) {
$object = DataObject::get_by_id($item[0], $item[1]);
if ($object) {
$links[] = "<a href=\"" . $object->Link() . "\">" . $object->Title . "</a>";
} else {
$links[] = "error in retrieving object " . implode(", ", $item);
}
}
} else {
$links[] = "no items on wishlist";
}
$html = "<ul><li>" . implode("</li><li>", $links) . "</li></ul>";
$field = new LiteralField("WishListOverview", $html);
$fields->addFieldToTab("Root.WishList", $field);
} else {
$fields->removeByName("WishList");
}
}
/**
* If the flag has been set from the provided array, create a new
* address and assign to the current user.
*
* @param $data Form data submitted
*/
private function save_address($data)
{
$member = Member::currentUser();
// If the user ticked "save address" then add to their account
if ($member && array_key_exists('SaveAddress', $data) && $data['SaveAddress']) {
// First save the details to the users account if they aren't set
// We don't save email, as this is used for login
$member->FirstName = $member->FirstName ? $member->FirstName : $data['FirstName'];
$member->Surname = $member->Surname ? $member->Surname : $data['Surname'];
$member->Company = $member->Company ? $member->Company : $data['Company'];
$member->PhoneNumber = $member->PhoneNumber ? $member->PhoneNumber : $data['PhoneNumber'];
$member->write();
$address = MemberAddress::create();
$address->Company = $data['Company'];
$address->FirstName = $data['FirstName'];
$address->Surname = $data['Surname'];
$address->Address1 = $data['Address1'];
$address->Address2 = $data['Address2'];
$address->City = $data['City'];
$address->PostCode = $data['PostCode'];
$address->Country = $data['Country'];
$address->OwnerID = $member->ID;
$address->write();
}
}
/**
* @param Member $member
* @return boolean
*/
public function canCreate($member = null)
{
if (!$member) {
$member = Member::currentUser();
}
return false || Permission::check('ADMIN', 'any', $member) || Permission::check('CMS_ACCESS_AdvancedReportsAdmin', 'any', $member);
}
/**
* @param string $token
* @param string $password
* @param string $password_confirmation
* @throws InvalidResetPasswordTokenException
* @throws EmptyPasswordException
* @throws InvalidPasswordException
* @throws PasswordMismatchException
*/
public function changePassword($token, $password, $password_confirmation)
{
$member = Member::currentUser();
if (!$member) {
if (empty($token)) {
throw new InvalidResetPasswordTokenException();
}
$member = Member::member_from_autologinhash($token);
}
if (!$member) {
throw new InvalidResetPasswordTokenException();
}
if (empty($password)) {
throw new EmptyPasswordException();
}
if ($password !== $password_confirmation) {
throw new PasswordMismatchException();
}
$isValid = $member->changePassword($password);
if (!$isValid->valid()) {
throw new InvalidPasswordException($isValid->starredList());
}
//invalidate former auto login token
$member->generateAutologinTokenAndStoreHash();
//send confirmation email
$email = EmailFactory::getInstance()->buildEmail(CHANGE_PASSWORD_EMAIL_FROM, $member->Email, CHANGE_PASSWORD_EMAIL_SUBJECT);
$email->setTemplate('ChangedPasswordEmail');
$email->populateTemplate(array('MemberName' => $member->getFullName()));
$email->send();
}
/**
* @return mixed
*/
public function initialValue()
{
if (Member::currentUser()) {
return Member::currentUser()->Email;
}
return '';
}
/**
* Initialise the controller
*/
public function init()
{
parent::init();
if (!Member::currentUser() || !Member::currentUser()->IsAdmin()) {
$this->redirect('cloud/index');
}
}
function testAccessingStageWithBlankStage() {
$this->useDraftSite(false);
$this->autoFollowRedirection = false;
$page = $this->objFromFixture('Page', 'draftOnlyPage');
if($member = Member::currentUser()) {
$member->logOut();
}
$response = $this->get($page->URLSegment . '?stage=Live');
$this->assertEquals($response->getStatusCode(), '404');
$response = $this->get($page->URLSegment . '?stage=');
$this->assertEquals($response->getStatusCode(), '404');
// should be prompted for a login
$response = $this->get($page->URLSegment . '?stage=Stage');
$this->assertEquals($response->getStatusCode(), '302');
$this->assertContains('Security/login', $response->getHeader('Location'));
$this->logInWithPermission('ADMIN');
$response = $this->get($page->URLSegment . '?stage=Live');
$this->assertEquals($response->getStatusCode(), '404');
$response = $this->get($page->URLSegment . '?stage=Stage');
$this->assertEquals($response->getStatusCode(), '200');
$response = $this->get($page->URLSegment . '?stage=');
$this->assertEquals($response->getStatusCode(), '404');
}
function __construct($controller, $name)
{
$org_field = null;
$current_user = Member::currentUser();
$current_affiliations = $current_user->getCurrentAffiliations();
if (!$current_affiliations) {
$org_field = new TextField('Organization', 'Your Organization Name');
} else {
if (count($current_affiliations) > 1) {
$source = array();
foreach ($current_affiliations as $a) {
$org = $a->Organization();
$source[$org->ID] = $org->Name;
}
$source['0'] = "-- New One --";
$ddl = new DropdownField('OrgID', 'Your Organization', $source);
$ddl->setEmptyString('-- Select Your Organization --');
$org_field = new FieldGroup();
$org_field->push($ddl);
$org_field->push($txt = new TextField('Organization', ''));
$txt->addExtraClass('new-org-name');
} else {
$org_field = new TextField('Organization', 'Your Organization Name', $current_user->getOrgName());
}
}
$fields = new FieldList($org_field, new DropdownField('Industry', 'Your Organization’s Primary Industry', ArrayUtils::AlphaSort(DeploymentSurveyOptions::$industry_options, array('' => '-- Please Select One --'), array('Other' => 'Other Industry (please specify)'))), new TextareaField('OtherIndustry', 'Other Industry'), $org_it_activity = new TextareaField('ITActivity', 'Your Organization’s Primary IT Activity'), new LiteralField('Break', '<hr/>'), new LiteralField('Break', '<p>Your Organization’s Primary Location or Headquarters</p>'), $country = new DropdownField('PrimaryCountry', 'Country', CountryCodes::$iso_3166_countryCodes), new TextField('PrimaryState', 'State / Province / Region'), new TextField('PrimaryCity', 'City'), new DropdownField('OrgSize', 'Your Organization Size (All Branches, Locations, Sites)', DeploymentSurveyOptions::$organization_size_options), new CustomCheckboxSetField('OpenStackInvolvement', 'What best describes your Organization’s involvement with OpenStack?<BR>Select All That Apply', ArrayUtils::AlphaSort(DeploymentSurveyOptions::$openstack_involvement_options)));
$org_it_activity->addExtraClass('hidden');
$country->setEmptyString('-- Select One --');
$nextButton = new FormAction('NextStep', ' Next Step ');
$actions = new FieldList($nextButton);
$validator = new RequiredFields();
Requirements::javascript('surveys/js/deployment_survey_yourorganization_form.js');
parent::__construct($controller, $name, $fields, $actions, $validator);
}
protected function getMessageFromSession()
{
parent::getMessageFromSession();
if (($member = Member::currentUser()) && !$this->message) {
$this->message = sprintf(_t('Member.LOGGEDINAS'), $member->FirstName);
}
}
/**
* A simple form for creating blog entries
*/
function FrontEndPostForm()
{
if ($this->owner->request->latestParam('ID')) {
$id = (int) $this->owner->request->latestParam('ID');
} else {
$id = 0;
}
$membername = Member::currentUser() ? Member::currentUser()->getName() : "";
// Set image upload
$uploadfield = UploadField::create('FeaturedImage', _t('BlogFrontEnd.ShareImage', "Share an image"));
$uploadfield->setCanAttachExisting(false);
$uploadfield->setCanPreviewFolder(false);
$uploadfield->setAllowedFileCategories('image');
$uploadfield->relationAutoSetting = false;
if (BlogFrontEnd::config()->allow_wysiwyg_editing) {
$content_field = TrumbowygHTMLEditorField::create("Content", _t("BlogFrontEnd.Content"));
} else {
$content_field = TextareaField::create("Content", _t("BlogFrontEnd.Content"));
}
$form = new Form($this->owner, 'FrontEndPostForm', $fields = new FieldList(HiddenField::create("ID", "ID"), TextField::create("Title", _t('BlogFrontEnd.Title', "Title")), $uploadfield, $content_field), $actions = new FieldList(FormAction::create('doSavePost', _t('BlogFrontEnd.PostEntry', 'Post Entry'))), new RequiredFields('Title'));
$uploadfield->setForm($form);
if ($this->owner->Categories()->exists()) {
$fields->add(CheckboxsetField::create("Categories", _t("BlogFrontEnd.PostUnderCategories", "Post this in a category? (optional)"), $this->owner->Categories()->map()));
}
if ($this->owner->Tags()->exists()) {
$fields->add(CheckboxsetField::create("Categories", _t("BlogFrontEnd.AddTags", "Add a tag? (optional)"), $this->owner->Tags()->map()));
}
if ($id && ($post = BlogPost::get()->byID($id))) {
$form->loadDataFrom($post);
}
$this->owner->extend("updateFrontEndPostForm", $form);
return $form;
}
/**
* Constructor.
*
* @param Controller $controller
* @param string $name method on the $controller
* @param FieldList $fields
* @param FieldList $actions
* @param bool $checkCurrentUser - show logout button if logged in
*/
public function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true)
{
parent::__construct($controller, $name, $fields, $actions, $checkCurrentUser);
// will be used to get correct Link()
$this->ldapSecController = Injector::inst()->create('LDAPSecurityController');
$usernameField = new TextField('Username', _t('Member.USERNAME', 'Username'), null, null, $this);
$this->Fields()->replaceField('Email', $usernameField);
$this->setValidator(new RequiredFields('Username', 'Password'));
if (Security::config()->remember_username) {
$usernameField->setValue(Session::get('SessionForms.MemberLoginForm.Email'));
} else {
// Some browsers won't respect this attribute unless it's added to the form
$this->setAttribute('autocomplete', 'off');
$usernameField->setAttribute('autocomplete', 'off');
}
// Users can't change passwords unless appropriate a LDAP user with write permissions is
// configured the LDAP connection binding
$this->Actions()->remove($this->Actions()->fieldByName('forgotPassword'));
$allowPasswordChange = Config::inst()->get('LDAPService', 'allow_password_change');
if ($allowPasswordChange && $name != 'LostPasswordForm' && !Member::currentUser()) {
$forgotPasswordLink = sprintf('<p id="ForgotPassword"><a href="%s">%s</a></p>', $this->ldapSecController->Link('lostpassword'), _t('Member.BUTTONLOSTPASSWORD', "I've lost my password"));
$forgotPassword = new LiteralField('forgotPassword', $forgotPasswordLink);
$this->Actions()->add($forgotPassword);
}
// Focus on the Username field when the page is loaded
Requirements::block('MemberLoginFormFieldFocus');
$js = <<<JS
\t\t\t(function() {
\t\t\t\tvar el = document.getElementById("Username");
\t\t\t\tif(el && el.focus && (typeof jQuery == 'undefined' || jQuery(el).is(':visible'))) el.focus();
\t\t\t})();
JS;
Requirements::customScript($js, 'LDAPLoginFormFieldFocus');
}
/**
* Get the locale of the Member, or if we're not logged in or don't have a locale, use the default one
* @return string
*/
protected function locale()
{
if (($member = Member::currentUser()) && $member->Locale) {
return $member->Locale;
}
return i18n::get_locale();
}
/**
* Taken from MemberLoginForm::__construct with minor changes
*/
public function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true)
{
$customCSS = project() . '/css/member_login.css';
if (Director::fileExists($customCSS)) {
Requirements::css($customCSS);
}
if (isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = Session::get('BackURL');
}
if ($checkCurrentUser && Member::currentUser() && Member::logged_in_session_exists()) {
$fields = new FieldList(new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this));
$actions = new FieldList(new FormAction("logout", _t('Member.BUTTONLOGINOTHER', "Log in as someone else")));
} else {
if (!$fields) {
$fields = new FieldList(new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this));
}
if (!$actions) {
$actions = new FieldList(new FormAction('dologin', _t('GoogleAuthenticator.BUTTONLOGIN', "Log in with Google")));
}
}
if (isset($backURL)) {
$fields->push(new HiddenField('BackURL', 'BackURL', $backURL));
}
// Allow GET method for callback
$this->setFormMethod('GET', true);
parent::__construct($controller, $name, $fields, $actions);
}
/**
* Change the password
*
* @param array $data The user submitted data
* @return SS_HTTPResponse
*/
public function doChangePassword(array $data)
{
if ($member = Member::currentUser()) {
// The user was logged in, check the current password
if (empty($data['OldPassword']) || !$member->checkPassword($data['OldPassword'])->valid()) {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), "bad");
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
return $this->controller->redirect($this->controller->Link('changepassword'));
}
}
if (!$member) {
if (Session::get('AutoLoginHash')) {
$member = Member::member_from_autologinhash(Session::get('AutoLoginHash'));
}
// The user is not logged in and no valid auto login hash is available
if (!$member) {
Session::clear('AutoLoginHash');
return $this->controller->redirect($this->controller->Link('login'));
}
}
// Check the new password
if (empty($data['NewPassword1'])) {
$this->clearMessage();
$this->sessionMessage(_t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"), "bad");
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
return $this->controller->redirect($this->controller->Link('changepassword'));
} else {
if ($data['NewPassword1'] == $data['NewPassword2']) {
$isValid = $member->changePassword($data['NewPassword1']);
if ($isValid->valid()) {
$member->logIn();
// TODO Add confirmation message to login redirect
Session::clear('AutoLoginHash');
// Clear locked out status
$member->LockedOutUntil = null;
$member->FailedLoginCount = null;
$member->write();
if (!empty($_REQUEST['BackURL']) && Director::is_site_url($_REQUEST['BackURL'])) {
$url = Director::absoluteURL($_REQUEST['BackURL']);
return $this->controller->redirect($url);
} else {
// Redirect to default location - the login form saying "You are logged in as..."
$redirectURL = HTTP::setGetVar('BackURL', Director::absoluteBaseURL(), $this->controller->Link('login'));
return $this->controller->redirect($redirectURL);
}
} else {
$this->clearMessage();
$this->sessionMessage(_t('Member.INVALIDNEWPASSWORD', "We couldn't accept that password: {password}", array('password' => nl2br("\n" . $isValid->starredList()))), "bad");
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
return $this->controller->redirect($this->controller->Link('changepassword'));
}
} else {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"), "bad");
// redirect back to the form, instead of using redirectBack() which could send the user elsewhere.
return $this->controller->redirect($this->controller->Link('changepassword'));
}
}
}
/**
* @todo fix this BIG mess.
*/
public static function postFacebook($message, $link = null, $impression = null)
{
$member = Member::currentUser();
$postresult = false;
$SiteConfig = SiteConfig::current_site_config();
if ($member && $SiteConfig->FBAppID && $SiteConfig->FBSecret) {
if ($link == null) {
$link = Director::absoluteBaseURL();
}
$page = '/' . $SiteConfig->FBPageID . '/feed';
$facebook = new Facebook(array('appId' => $SiteConfig->FBAppID, 'secret' => $SiteConfig->FBSecret));
$token = $facebook->api('/me/accounts');
foreach ($token['data'] as $pages) {
if ($pages['id'] == $SiteConfig->FBPageID) {
$facebook->setAccessToken($pages['access_token']);
$verified = true;
break;
}
}
if ($verified) {
$data = array('message' => $message, 'link' => $link, 'picture' => $impression);
$postresult = $facebook->api($page, 'post', $data);
}
}
return $postresult;
}
/**
* @param array $data
* @return SS_HTTPResponse|void
*/
function doChangePassword(array $data)
{
try {
$token = Session::get('AutoLoginHash');
$this->password_manager->changePassword($token, @$data['NewPassword1'], @$data['NewPassword2']);
$member = Member::currentUser();
if (!$member) {
if (empty($token)) {
throw new InvalidResetPasswordTokenException();
}
$member = Member::member_from_autologinhash($token);
}
Session::clear('AutoLoginHash');
$back_url = isset($_REQUEST['BackURL']) ? $_REQUEST['BackURL'] : '/';
return OpenStackIdCommon::loginMember($member, $back_url);
} catch (InvalidResetPasswordTokenException $ex1) {
Session::clear('AutoLoginHash');
Controller::curr()->redirect('login');
} catch (EmptyPasswordException $ex2) {
$this->clearMessage();
$this->sessionMessage(_t('Member.EMPTYNEWPASSWORD', "The new password can't be empty, please try again"), "bad");
Controller::curr()->redirectBack();
} catch (PasswordMismatchException $ex3) {
$this->clearMessage();
$this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "You have entered your new password differently, try again"), "bad");
Controller::curr()->redirectBack();
} catch (InvalidPasswordException $ex4) {
$this->clearMessage();
$this->sessionMessage(sprintf(_t('Member.INVALIDNEWPASSWORD', "We couldn't accept that password: %s"), nl2br("\n" . $ex4->getMessage())), "bad");
Controller::curr()->redirectBack();
}
}
public function canCreate($member = null)
{
if (!$member) {
$member = Member::currentUser();
}
return $member->ID > 0;
}
public function canEdit($member = null)
{
if (!$member) {
$member = Member::currentUser();
}
return Permission::checkMember($member, array('CMS_ACCESS_AssetAdmin', 'CMS_ACCESS_LeftAndMain'));
}
/**
* This page can only be seen by logged in users
* This feature could be enhanced (e.g. only allowing for certain groups)
* by subclassing this page
* @param Member
* @return boolean
*/
public function canView($member = null)
{
$o = $this->owner;
//strangely it seems that the member is passed as int sometimes?
//these lines should fix that
if (is_int($member)) {
$member = Member::get()->filter('ID', $member)->first();
}
if (!$member) {
$member = Member::currentUser();
}
if ($member) {
if ($groups = $o->DictatedViewerGroups()) {
//if specific viewer groups have been defined, we'll
//only give access to thos groups
return $member->inGroups($groups);
} else {
//if no specific viewer groups ahve been defined,
//we'll give access to all logged in users
return true;
}
} else {
return false;
}
}
function getCMSFields() {
Requirements::javascript('blog/javascript/bbcodehelp.js');
Requirements::themedCSS('bbcodehelp');
$firstName = Member::currentUser() ? Member::currentUser()->FirstName : '';
$codeparser = new BBCodeParser();
$fields = parent::getCMSFields();
if(!self::$allow_wysiwyg_editing) {
$fields->removeFieldFromTab("Root.Content.Main","Content");
$fields->addFieldToTab("Root.Content.Main", new TextareaField("Content", _t("BlogEntry.CN", "Content"), 20));
}
$fields->addFieldToTab("Root.Content.Main", new PopupDateTimeField("Date", _t("BlogEntry.DT", "Date")),"Content");
$fields->addFieldToTab("Root.Content.Main", new TextField("Author", _t("BlogEntry.AU", "Author"), $firstName),"Content");
if(!self::$allow_wysiwyg_editing) {
$fields->addFieldToTab("Root.Content.Main", new LiteralField("BBCodeHelper", "<div id='BBCode' class='field'>" .
"<a id=\"BBCodeHint\" target='new'>" . _t("BlogEntry.BBH", "BBCode help") . "</a>" .
"<div id='BBTagsHolder' style='display:none;'>".$codeparser->useable_tagsHTML()."</div></div>"));
}
$fields->addFieldToTab("Root.Content.Main", new TextField("Tags", _t("BlogEntry.TS", "Tags (comma sep.)")),"Content");
return $fields;
}
function testDeleteLink()
{
$post = $this->objFromFixture('Post', 'Post1');
// should be false since we're not logged in.
if ($member = Member::currentUser()) {
$member->logOut();
}
$this->assertFalse($post->EditLink());
// logged in as the member. Should be able to delete it
$member = $this->objFromFixture('Member', 'test1');
$member->logIn();
$this->assertContains($post->Thread()->URLSegment . '/deletepost/' . $post->ID, $post->DeleteLink());
// because this is the first post test for the class which is used in javascript
$this->assertContains("class=\"deleteLink firstPost\"", $post->DeleteLink());
$member->logOut();
// log in as another member who is not in a position to delete this post
$member = $this->objFromFixture('Member', 'test2');
$member->logIn();
$this->assertFalse($post->DeleteLink());
// log in as someone who can moderator this post (and therefore delete it)
$member = $this->objFromFixture('Member', 'moderator');
$member->logIn();
// should be able to edit post since they're moderators
$this->assertContains($post->Thread()->URLSegment . '/deletepost/' . $post->ID, $post->DeleteLink());
// test that a 2nd post doesn't have the first post ID hook
$memberOthersPost = $this->objFromFixture('Post', 'Post2');
$this->assertFalse(strstr($memberOthersPost->DeleteLink(), "firstPost"));
}
function submit($data, $form)
{
$member = Member::currentUser();
if (!$member || !$member->inGroup("ADMIN")) {
$form->setMessage("You need to be logged as an admin to send this email.", "bad");
return Controller::curr()->redirectBack();
}
$data = Convert::raw2sql($data);
$page = null;
if (isset($data["ModuleProductID"])) {
$page = ModuleProduct::get()->byID(intval($data["ModuleProductID"]));
}
if (!$page) {
$form->setMessage("Can not find the right page for saving this email.", "bad");
return Controller::curr()->redirectBack();
}
$email = new ModuleProductEmail();
$form->saveInto($email);
$email->write();
if (Director::is_ajax()) {
return "mail sent!";
} else {
return Controller::curr()->redirect($page->Link());
}
}
