function topMenu()
{
$menu = array();
if (Permission::checkPermission(pow(2, 2))) {
$user = new User((int) $_SESSION['user_id']);
$user->fetch();
$menu[] = array('name' => $user->getNickname(), 'href' => 'user.php?user_id=' . $user->getUserId());
}
return $menu;
}
public function run()
{
$msg = "";
$to = 1;
$user = new User();
if (isset($_REQUEST['str'])) {
$email = mysql_real_escape_string(base64_decode($_REQUEST['str']));
$confirm_string = substr($_REQUEST['cs'], 0, 10);
// verify the email belongs to a user
if ($user->findUserByUsername($email) && substr($user->getConfirm_string(), 0, 10) == $confirm_string) {
$sql = "\n UPDATE " . USERS . "\n SET\n confirm_string = '',\n confirm = 1,\n is_active = 1\n WHERE username = '******'";
mysql_query($sql);
// send welcome email
Utils::sendTemplateEmail($user->getUsername(), 'welcome', array('nickname' => $user->getNickname()), 'Worklist <*****@*****.**>');
User::login($user, false);
//Optionally can login with confirm URL
$jumbotron = "\n <h2>Welcome to Worklist!</h2>\n <p>\n Click on a job and add your bid, or come join us in our \n <a href='https://gitter.im/highfidelity/worklist' target='_blank'>public chat room</a>.\n Questions? Check out the <a href='./help'>help tab</a>.\n </p>";
} else {
Utils::redirect('./');
}
} elseif (isset($_REQUEST['ppstr'])) {
// paypal address confirmation
$paypal_email = mysql_real_escape_string(base64_decode($_REQUEST['ppstr']));
$hash = mysql_real_escape_string($_REQUEST['pp']);
// verify the email belongs to a user
if (!$user->findUserByPPUsername($paypal_email, $hash)) {
// hacking attempt, or some other error
Utils::redirect('./');
} else {
$user->setPaypal_verified(true);
$user->setPaypal_hash('');
$user->save();
$jumbotron = "\n <h2>Thank you for confirming your Paypal address.</h2>\n <p>You can now bid on items in the Worklist!</p>";
}
} elseif (isset($_REQUEST['emstr'])) {
// new email address confirmation
$new_email = mysql_real_escape_string(base64_decode($_REQUEST['emstr']));
if (!$user->findUserByUsername($_SESSION['username'])) {
Utils::redirect('login');
//we are not logged in
}
//save new email
$user->setUsername($new_email);
$user->save();
$_SESSION['username'] = $new_email;
$jumbotron = "<h2>Thank you for confirming your changed email address.</h2>";
}
$jobs = new JobController();
$jobs->view->jumbotron = $jumbotron;
$jobs->listView();
}
/**
* @param User $user
*/
public function signIn($user)
{
$userID = $user->getId();
$this->setAttribute('subscriber_id', $userID, self::SUBSCRIBER_NAMESPACE);
$this->setAuthenticated(true);
$this->setAttribute('nickname', $user->getNickname(), self::SUBSCRIBER_NAMESPACE);
$this->addCredential('subscriber');
if ($user->getIsModerator()) {
$this->addCredential('moderator');
}
if ($user->getIsAdministrator()) {
$this->addCredential('administrator');
}
$this->setHasAgents();
$this->setHasVocabulary();
$this->setHasSchema();
}
//$newPoint = new Point(0, 'Foyer');
//echo $newPoint->getName();
echo '<h2>Ok id etu</h2>';
$User = new User('6362', 2, '', 1);
echo $User->getState();
echo '<h2>Ok id buckutt</h2>';
$User = new User('1', 3, '', 1);
echo $User->getState();
echo '<h2>Ok login</h2>';
$User = new User('bernardx', 1, '', 1);
echo $User->getState();
echo '<h2>usr inconnu</h2>';
$User = new User('636462', 2, '', 1);
echo $User->getState();
echo $User->getFirstname();
echo '<h2>Avec mot de passe</h2>';
$User = new User('bernardx', 1, 'toto');
echo $User->getState() . '<br />';
echo $User->getId() . '<br />';
echo $User->getFirstname() . '<br />';
echo $User->getLastname() . '<br />';
echo $User->getNickname() . '<br />';
echo $User->getMail() . '<br />';
echo $User->getCredit() . '<br />';
echo $User->getIp();
/*
echo '<h2>Avec mot de passe faux</h2>';
$User = new User('6362', 2, 'pezfzev');
echo $User->getState();
echo $User->getLastname();
*/
/**
* Deny acces to a special section. Sets a deny message and forwards the user to the login site.
* @author Clemens John <*****@*****.**>
*/
public static function denyAccess($permission = false, $owner = false)
{
// if $permission is != false, then get the Names of the Roles that are wrapped into $permission
if ($permission) {
$role_string = "";
foreach (Permission::getRolesByPermission($permission) as $key => $role) {
if ($key) {
$role_string .= ", ";
}
$role_string .= permission::getRoleNameByRoleNumber($role);
}
}
if ($owner) {
$user = new User($owner);
$user->fetch();
}
// prepare the "permission denied"-message for the user based on the combination of $permission and $owner
if ($permission and !$owner) {
$message[] = array("Auf diesen Bereich dürfen nur Benutzer mit den folgenden Rechten zugreifen: " . $role_string, 2);
} elseif (!$permission and $owner) {
$message[] = array("Auf diesen Bereich darf nur der Benutzer " . $user->getNickname() . " zugreifen.", 2);
} elseif ($permission and $owner) {
$message[] = array("Auf diesen Bereich dürfen nur der Benutzer " . $user->getNickname() . " oder Benutzer mit den folgenden Rechten zugreifen: " . $role_string, 2);
} else {
$message[] = array("Du darfst auf diesen Bereich nicht zugreifen.", 2);
}
// set the message
Message::setMessage($message);
// redirect the user to the last page he visited if it was a page inside netmon
// if the page was not inside netmon, redirect to the default path
if (!empty($_SESSION['last_page']) and $_SESSION['last_page'] != $_SESSION['current_page']) {
header('Location: ' . $_SESSION['last_page']);
} else {
header('Location: ./');
}
}
public function acceptBid($bid_id, $budget_id = 0, $is_mechanic = true)
{
$this->conditionalLoadByBidId($bid_id);
/*if ($this->hasAcceptedBids()) {
throw new Exception('Can not accept an already accepted bid.');
}*/
$user_id = isset($_SESSION['userid']) ? (int) $_SESSION['userid'] : 0;
$is_runner = isset($_SESSION['is_runner']) ? (int) $_SESSION['is_runner'] : 0;
// If a bid is being accepted, and the runner for the workitem does not exist (incase a bid went from suggested straight
// to working) or is different than current user, then we should set the person accepting the bid as the runner;
if ($this->getRunnerId() != $user_id) {
$this->setRunnerId($user_id);
}
$res = mysql_query('SELECT * FROM `' . BIDS . '` WHERE `id`=' . $bid_id);
$bid_info = mysql_fetch_assoc($res);
$workitem_info = $this->getWorkItem($bid_info['worklist_id']);
// Get bidder information
$bidder = new User();
if (!$bidder->findUserById($bid_info['bidder_id'])) {
// If bidder doesn't exist, return false. Don't want to throw an
// exception because it would kill multiple bid acceptances
return false;
}
$bid_info['nickname'] = $bidder->getNickname();
$project = new Project($this->getProjectId());
// Get the repo for this project
$repository = $this->getRepository();
$job_id = $this->getId();
/* Verify whether the user already has this repo forked on his account
*If not create the fork
*Check for existing unix account in dev. If new, make call to create account
*/
$GitHubUser = new User($bid_info['bidder_id']);
$url = TOWER_API_URL;
$fields = array('action' => 'create_unixaccount', 'nickname' => $bidder->getNickname());
$result = CURLHandler::Post($url, $fields);
if (!$GitHubUser->verifyForkExists($project)) {
$forkStatus = $GitHubUser->createForkForUser($project);
$bidderEmail = $bidder->getUsername();
$emailTemplate = 'forked-repo';
$data = array('project_name' => $forkStatus['data']['full_name'], 'nickname' => $bidder->getNickname(), 'users_fork' => $forkStatus['data']['git_url'], 'master_repo' => str_replace('https://', 'git://', $project->getRepository()));
$senderEmail = 'Worklist <*****@*****.**>';
Utils::sendTemplateEmail($bidderEmail, $emailTemplate, $data, $senderEmail);
sleep(10);
}
// Create a branch for the user
if (!$forkStatus['error']) {
$branchStatus = $GitHubUser->createBranchForUser($job_id, $project);
$bidderEmail = $bidder->getUsername();
$emailTemplate = 'branch-created';
$data = array('branch_name' => $job_id, 'nickname' => $bidder->getNickname(), 'users_fork' => $forkStatus['data']['git_url'], 'master_repo' => str_replace('https://', 'git://', $project->getRepository()));
$bid_info = array_merge($data, $bid_info);
}
if (!$branchStatus['error']) {
$bid_info['sandbox'] = $branchStatus['branch_url'];
}
$bid_info['bid_done'] = strtotime('+' . $bid_info['bid_done_in'], time());
// Adding transaction wrapper around steps
if (mysql_query('BEGIN')) {
$is_runner_or_assignee = $is_runner || $this->getAssigned_id() == $user_id;
// changing mechanic of the job
$sql = "UPDATE `" . WORKLIST . "` SET " . ($is_mechanic ? "`mechanic_id` = '" . $bid_info['bidder_id'] . "', " : '') . ($is_runner_or_assignee && $user_id > 0 && $workitem_info['runner_id'] != $user_id ? "`runner_id` = '" . $user_id . "', " : '') . " `status` = 'In Progress',`status_changed`=NOW(),`sandbox` = '" . $bid_info['sandbox'] . "',`budget_id` = " . $budget_id . " WHERE `" . WORKLIST . "`.`id` = " . $bid_info['worklist_id'];
if (!($myresult = mysql_query($sql))) {
error_log("AcceptBid:UpdateMechanic failed: " . mysql_error());
mysql_query("ROLLBACK");
return false;
}
// marking bid as "accepted"
if (!($result = mysql_query("UPDATE `" . BIDS . "` SET `accepted` = 1, `bid_done` = FROM_UNIXTIME('" . $bid_info['bid_done'] . "') WHERE `id` = " . $bid_id))) {
error_log("AcceptBid:MarkBid failed: " . mysql_error());
mysql_query("ROLLBACK");
return false;
}
// adding bid amount to list of fees
if (!($result = mysql_query("INSERT INTO `" . FEES . "` (`id`, `worklist_id`, `amount`, `user_id`, `desc`, `bid_notes`, `date`, `bid_id`) VALUES (NULL, " . $bid_info['worklist_id'] . ", '" . $bid_info['bid_amount'] . "', '" . $bid_info['bidder_id'] . "', 'Accepted Bid', '" . mysql_real_escape_string($bid_info['notes']) . "', NOW(), '{$bid_id}')"))) {
error_log("AcceptBid:Insert Fee failed: " . mysql_error());
mysql_query("ROLLBACK");
return false;
}
$creator_fee = 0;
$creator_fee_desc = 'Creator';
$creator_fee_added = false;
$runner_fee = 0;
$runner_fee_desc = 'Designer';
$runner_fee_added = false;
$accepted_bid_amount = $bid_info['bid_amount'];
$fee_category = '';
$is_expense = '';
$is_rewarder = '';
$fees = $this->getFees($this->getId());
foreach ($fees as $fee) {
// find the accepted bid amount
if ($fee['desc'] == 'Accepted Bid') {
$accepted_bid_amount = $fee['amount'];
}
if (preg_match($reviewer_fee_desc, $fee['desc'])) {
$reviewer_fee_added = true;
}
if ($fee['desc'] == $creator_fee_desc) {
$creator_fee_added = true;
}
if ($fee['desc'] == $runner_fee_desc) {
$runner_fee_added = true;
}
}
// get project creator role settings, if not available, no fee is added
// and will need to be added manually if applicable
$project = new Project();
$project_roles = $project->getRoles($this->getProjectId(), "role_title = 'Creator'");
if (count($project_roles) != 0 && !$creator_fee_added) {
// fees are not automatically created for internal users
if (!$this->getCreator()->isInternal()) {
$creator_role = $project_roles[0];
if ($creator_role['percentage'] !== null && $creator_role['min_amount'] !== null) {
$creator_fee = $creator_role['percentage'] / 100 * $accepted_bid_amount;
if ((double) $creator_fee < $creator_role['min_amount']) {
$creator_fee = $creator_role['min_amount'];
}
// add the fee
/**
* @TODO - We call addfees and then deduct from budget
* seems we should add the deduction process to the Fee::add
* function
*
*/
Fee::add($this->getId(), $creator_fee, $fee_category, $creator_fee_desc, $this->getCreatorId(), $is_expense, $is_rewarder);
// and reduce the runners budget
$myRunner = new User();
$myRunner->findUserById($this->getRunnerId());
$myRunner->updateBudget(-$creator_fee, $this->getBudget_id());
}
}
}
$project_roles = $project->getRoles($this->getProjectId(), "role_title = 'Runner'");
if (count($project_roles) != 0 && !$runner_fee_added) {
error_log("[FEES] we have a role for runner");
$runner_role = $project_roles[0];
// fees are not automatically created for internal users
if (!$this->getRunner()->isInternal()) {
if ($runner_role['percentage'] !== null && $runner_role['min_amount'] !== null) {
$runner_fee = $runner_role['percentage'] / 100 * $accepted_bid_amount;
if ((double) $runner_fee < $runner_role['min_amount']) {
$runner_fee = $runner_role['min_amount'];
}
// add the fee
Fee::add($this->getId(), $runner_fee, $fee_category, $runner_fee_desc, $this->getRunnerId(), $is_expense, $is_rewarder);
// and reduce the runners budget
$myRunner = new User();
$myRunner->findUserById($this->getRunnerId());
$myRunner->updateBudget(-$runner_fee, $this->getBudget_id());
}
}
}
// add an entry to the status log
$status_sql = "\n INSERT INTO " . STATUS_LOG . " (worklist_id, status, user_id, change_date)\n VALUES({$bid_info['worklist_id']}, 'Working', {$_SESSION['userid']}, NOW())";
if (!($result = mysql_query($status_sql))) {
error_log("AcceptedBid:Insert status log failed: " . mysql_error());
mysql_query("ROLLBACK");
return false;
}
// When we get this far, commit and return bid_info
if (mysql_query('COMMIT')) {
$bid_info['summary'] = $workitem_info['summary'];
$this->setMechanicId($bid_info['bidder_id']);
return $bid_info;
} else {
return false;
}
} else {
return false;
}
}
public function view($id)
{
try {
$project = Project::find($id);
} catch (Exception $e) {
$error = $e->getMessage();
die($error);
}
$is_runner = !empty($_SESSION['is_runner']) ? 1 : 0;
$is_payer = !empty($_SESSION['is_payer']) ? 1 : 0;
//get the project owner
$project_user = new User();
$project_user->findUserById($project->getOwnerId());
$this->write('project_user', $project_user);
$userId = Session::uid();
if ($userId > 0) {
Utils::initUserById($userId);
$user = new User();
$user->findUserById($userId);
// @TODO: this is overwritten below.. -- lithium
$nick = $user->getNickname();
$userbudget = $user->getBudget();
$budget = number_format($userbudget);
$is_owner = $project->isOwner($user->getId());
$is_admin = $user->getIs_admin();
} else {
$is_owner = false;
$is_admin = false;
}
$runners = $project->getRunners();
if (isset($_REQUEST['save_project']) && ($is_runner || $is_payer || $is_owner)) {
$project->setDescription($_REQUEST['description'])->setShortDescription($_REQUEST['short_description']);
$project->setWebsite($_REQUEST['website']);
$cr_anyone = $_REQUEST['cr_anyone'] ? 1 : 0;
$cr_3_favorites = $_REQUEST['cr_3_favorites'] ? 1 : 0;
$cr_project_admin = isset($_REQUEST['cr_project_admin']) ? 1 : 0;
$cr_users_specified = isset($_REQUEST['cr_users_specified']) ? 1 : 0;
$cr_job_runner = isset($_REQUEST['cr_job_runner']) ? 1 : 0;
$internal = isset($_REQUEST['internal']) ? 1 : 0;
$require_sandbox = isset($_REQUEST['require_sandbox']) ? 1 : 0;
$hipchat_enabled = isset($_REQUEST['hipchat_enabled']) ? 1 : 0;
$project->setCrAnyone($cr_anyone);
$project->setCrFav($cr_3_favorites);
$project->setCrAdmin($cr_project_admin);
$project->setCrRunner($cr_job_runner);
$project->setCrUsersSpecified($cr_users_specified);
$project->setHipchatEnabled($hipchat_enabled);
$project->setHipchatNotificationToken($_REQUEST['hipchat_notification_token']);
$project->setHipchatRoom($_REQUEST['hipchat_room']);
$project->setHipchatColor($_REQUEST['hipchat_color']);
if ($user->getIs_admin()) {
$project->setInternal($internal);
}
if ($user->getIs_admin()) {
$project->setRequireSandbox($require_sandbox);
}
if ($_REQUEST['logoProject'] != "") {
$project->setLogo(basename($_REQUEST['logoProject']));
}
$project->save();
// we clear post to prevent the page from redirecting
$_POST = array();
}
$project_id = $project->getProjectId();
$hide_project_column = true;
// save,edit,delete roles <mikewasmie 16-jun-2011>
if ($is_runner || $is_payer || $project->isOwner($userId)) {
if (isset($_POST['save_role'])) {
$args = array('role_title', 'percentage', 'min_amount');
foreach ($args as $arg) {
${$arg} = mysql_real_escape_string($_POST[$arg]);
}
$role_id = $project->addRole($project_id, $role_title, $percentage, $min_amount);
}
if (isset($_POST['edit_role'])) {
$args = array('role_id', 'role_title', 'percentage', 'min_amount');
foreach ($args as $arg) {
${$arg} = mysql_real_escape_string($_POST[$arg]);
}
$res = $project->editRole($role_id, $role_title, $percentage, $min_amount);
}
if (isset($_POST['delete_role'])) {
$role_id = mysql_real_escape_string($_POST['role_id']);
$res = $project->deleteRole($role_id);
}
}
/* Prevent reposts on refresh */
if (!empty($_POST)) {
unset($_POST);
header('Location: ' . $projectName);
exit;
}
$edit_mode = false;
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'edit' && ($is_admin || $is_owner)) {
$edit_mode = true;
}
$this->write('project', $project);
$this->write('edit_mode', $edit_mode);
$this->write('is_owner', $is_owner);
parent::run();
}
function setFavorite()
{
if (!isset($_REQUEST['favorite_user_id']) || !isset($_REQUEST['newVal'])) {
echo json_encode(array('error' => "Invalid parameters!"));
}
$userId = Session::uid();
if ($userId > 0) {
Utils::initUserById($userId);
$user = new User();
$user->findUserById($userId);
$favorite_user_id = (int) $_REQUEST['favorite_user_id'];
$newVal = (int) $_REQUEST['newVal'];
$users_favorites = new Users_Favorite();
$res = $users_favorites->setMyFavoriteForUser($userId, $favorite_user_id, $newVal);
if ($res == "") {
// send chat if user has been marked a favorite
$favorite_user = new User();
$favorite_user->findUserById($favorite_user_id);
if ($newVal == 1) {
$resetUrl = SECURE_SERVER_URL . 'user/' . $favorite_user_id;
$resetUrl = '<a href="' . $resetUrl . '" title="Your profile">' . $resetUrl . '</a>';
$data = array();
$data['link'] = $resetUrl;
$nick = $favorite_user->getNickname();
if (!Utils::sendTemplateEmail($favorite_user->getUsername(), 'trusted', $data)) {
error_log("setFavorite: Utils::send_email failed on favorite notification");
}
// get favourite count
$count = $users_favorites->getUserFavoriteCount($favorite_user_id);
if ($count > 0) {
if ($count == 1) {
$message = "**{$count}** person";
} else {
$message = "**{$count}** people";
}
$journal_message = '@' . $nick . ' is now trusted by ' . $message . '!';
//sending journal notification
Utils::systemNotification(stripslashes($journal_message));
}
}
echo json_encode(array('return' => "Trusted saved."));
} else {
echo json_encode(array('error' => $res));
}
} else {
echo json_encode(array('error' => "You must be logged in!"));
}
}
header('Location: user.php?user_id=' . $_GET['user_id']);
} else {
header('Location: user_edit.php?section=edit&user_id=' . $_GET['user_id']);
}
} else {
Permission::denyAccess(PERM_ROOT, (int) $_GET['user_id']);
}
} elseif ($_GET['section'] == "delete") {
if (permission::checkIfUserIsOwnerOrPermitted(PERM_ROOT, (int) $_GET['user_id'])) {
if ($_POST['delete'] == "true") {
//fetch user data
$user = new User((int) $_GET['user_id']);
$user->fetch();
//logout user if the logged in user is the user to be deleted
if ($_GET['user_id'] == $_SESSION['user_id']) {
Login::user_logout();
}
//delete user
$user->delete();
$message[] = array("Der Benutzer " . $user->getNickname() . " wurde gelöscht.", 1);
message::setMessage($message);
header('Location: index.php');
} else {
$message[] = array("Sie müssen das Häckchen bei <i>Ja</i> setzen um den Benutzer zu löschen.", 2);
message::setMessage($message);
header('Location: user_edit.php?section=edit&user_id=' . $_GET['user_id']);
}
} else {
Permission::denyAccess(PERM_ROOT, (int) $_GET['user_id']);
}
}
$message = $sql->query('
SELECT connector_id, subject
FROM ' . DB_PREFIX . 'pm
WHERE id = ' . u3 . ' AND folder != 1')->fetch(PDO::FETCH_ASSOC);
$form['subject'] = 'Re: ' . $message['subject'];
} else {
$message = $sql->query('
SELECT connector_id, subject, message
FROM ' . DB_PREFIX . 'pm
WHERE id = ' . (int) u3 . ' AND folder = 1')->fetch(PDO::FETCH_ASSOC);
$form['subject'] = $message['subject'];
$form['message'] = $message['message'];
}
$form['receiver'] = User::getNickname(BY_ID, $message['connector_id']);
} elseif (ctype_digit(u2)) {
$form['receiver'] = User::getNickname(BY_ID, u2);
}
if ($_POST['send']) {
// Form values
$form = array('receiver' => filter($_POST['receiver'], 100), 'subject' => filter($_POST['subject'], 100), 'save' => $_POST['save'], 'bbcode' => $_POST['bbcode'] ? BBCODE : 0, 'emoticons' => $_POST['emoticons'] ? EMOTICONS : 0, 'autolinks' => $_POST['autolinks'] ? AUTOLINKS : 0, 'message' => filter($_POST['message'], 250));
$err->receiver_empty(t('ERROR_RECEIVER_EMPTY'), !$form['receiver']);
$err->receiver_not_exists(t('ERROR_RECEIVER_NOT_EXISTS'), $form['receiver'] && !User::getId(BY_NICKNAME, $form['receiver']));
$err->subject_empty(t('ERROR_SUBJECT_EMPTY'), !$form['subject']);
$err->message_empty(t('ERROR_MESSAGE_EMPTY'), !$form['message']);
// No errors
if (!$err->count()) {
$form['receiver'] = User::getId(BY_NICKNAME, $form['receiver']);
$form['message'] = cut($form['message'], $cfg->pm['message_max']);
$form['parsers'] = $form['bbcode'] . $form['autolinks'] . $form['emoticons'] . CENSURE . PRE;
$stmt = $sql->prepare('
INSERT INTO ' . DB_PREFIX . 'pm
public function getContent()
{
global $sql;
$this->err = new Error();
$pager = new Pager('guestbook', Kio::getStat('entries', 'guestbook'), Kio::getConfig('limit', 'guestbook'));
if (Kio::getConfig('order_by', 'guestbook') == 'DESC') {
$x = $pager->items + 1 - $pager->offset;
$y = '$x--;';
} else {
$x = $pager->offset;
$y = '$x++;';
}
// $entries = $sql->getCache('guestbook_'.$pager->current);
if (!$entries) {
$stmt = $sql->query('
SELECT gb.id, gb.added, gb.author, gb.email, gb.website, gb.message, gb.author_id, gb.author_ip,
u.nickname, u.group_id, u.avatar, u.signature
FROM ' . DB_PREFIX . 'guestbook gb
LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = gb.author_id
ORDER BY gb.id ' . Kio::getConfig('order_by', 'guestbook') . '
LIMIT ' . $pager->limit . '
OFFSET ' . $pager->offset);
if ($stmt->rowCount()) {
while ($row = $stmt->fetch()) {
eval($y);
$row['number'] = $x;
if ($row['author_id']) {
$row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
}
$row['message'] = parse($row['message'], Kio::getConfig('parsers', 'guestbook'));
$row['signature'] = $row['signature'] ? parse($row['signature'], Kio::getConfig('parsers', 'guestbook')) : '';
$entries[] = $row;
}
$sql->putCacheContent('guestbook_' . $pager->current, $entries);
} else {
$this->note->info('Jeszcze nikt nie dodał żadnego wpisu.');
}
}
// Editing entry
if (ctype_digit(u2)) {
// guestbook/edit/u2
$edited_id = u1 == 'edit' ? u2 : '';
if (!User::hasPermit('guestbook edit')) {
$this->note->error(t('You do not have access to edit entries.'));
} else {
if ($edited_id) {
$row = $sql->query('
SELECT id, added, author, author_id, author_ip, email, website, message
FROM ' . DB_PREFIX . 'guestbook
WHERE id = ' . $edited_id)->fetch();
// Entry exists
if ($row) {
$form = $row;
$form['edit_mode'] = true;
if (!$row['author']) {
$form['author'] = User::getNickname(BY_ID, $row['author_id']);
}
} else {
$this->note->error(t('Selected entry doesn't exist.'));
}
}
}
}
if (!$form['edit_mode']) {
$form['author'] = User::$nickname;
}
// Form action
$add = $_POST['add'] ? true : false;
$edit = $_POST['edit'] ? true : false;
// On form submit
if ($add || $edit) {
$this->formSumbit();
} else {
if (ctype_digit($_POST['delete_id']) && $_POST['auth'] == AUTH && User::hasPermit('guestbook delete')) {
$sql->exec('
UPDATE ' . DB_PREFIX . 'stats SET content = content - 1 WHERE name = "guestbook_entries";
DELETE FROM ' . DB_PREFIX . 'guestbook WHERE id = ' . $_POST['delete_id']);
$sql->clearCacheGroup('guestbook_*');
}
}
try {
$tpl = new PHPTAL('modules/guestbook/guestbook.tpl.html');
$tpl->message_limit = Kio::getConfig('message_max', 'guestbook');
$tpl->form = $form;
$tpl->entries = $entries;
$tpl->err = $this->err->toArray();
$tpl->note = $this->note;
$tpl->pagination = $pager->getLinks();
return $tpl->execute();
} catch (Exception $e) {
return template_error($e);
}
}
public function getContent()
{
global $sql;
$this->err = new Error();
$this->pager = new Pager('guestbook', Kio::getStat('entries', 'guestbook'), Kio::getConfig('limit', 'guestbook'));
$show_form = true;
$entries = $this->getEntries();
// Editing entry
if (ctype_digit(u2)) {
// guestbook/edit/u2
$edited_id = u1 == 'edit' ? u2 : '';
if (!User::hasPermit('guestbook edit')) {
$this->note->error(t('You don't have access to edit entries.'));
$show_form = false;
} else {
if ($edited_id) {
$row = $sql->query('
SELECT id, added, author, author_id, author_ip, email, website, message
FROM ' . DB_PREFIX . 'guestbook
WHERE id = ' . $edited_id)->fetch();
// Entry exists
if ($row) {
$form = $row;
$this->edit_mode = true;
if (!$row['author']) {
$form['author'] = User::getNickname(BY_ID, $row['author_id']);
}
} else {
$this->note->error(t('Selected entry doesn't exist.'));
}
}
}
}
if (!$this->edit_mode) {
$form['author'] = User::$nickname;
}
// Form action
$add = isset($_POST['add']) ? true : false;
$edit = isset($_POST['edit']) ? true : false;
// On form submit
if ($add || $edit) {
$form = $this->formSumbit();
} else {
if (isset($_POST['delete_id']) && ctype_digit($_POST['delete_id']) && $_POST['auth'] == AUTH && User::hasPermit('guestbook delete')) {
$sql->exec('
UPDATE ' . DB_PREFIX . 'stats SET content = content - 1 WHERE name = "guestbook_entries";
DELETE FROM ' . DB_PREFIX . 'guestbook WHERE id = ' . $_POST['delete_id']);
$sql->clearCacheGroup('guestbook_*');
}
}
try {
$tpl = new PHPTAL('modules/guestbook/guestbook.tpl.html');
$tpl->message_limit = Kio::getConfig('message_max', 'guestbook');
$tpl->form = $form;
$tpl->edit_mode = $this->edit_mode;
$tpl->entries = $entries;
$tpl->err = $this->err->toArray();
$tpl->show_form = $show_form;
$tpl->note = $this->note;
$tpl->pagination = $this->pager->getLinks();
return $tpl->execute();
} catch (Exception $e) {
return template_error($e);
}
}
case 'get-rewarder-list':
$period = $rewarder->getPeriod($_REQUEST['period_id']);
$rewarderList = $rewarder->getRewarderUserList($period['id']);
$json = json_encode(array(0, $rewarderList, $period));
echo $json;
break;
case 'get-audit-list':
$rewarderList = $rewarder->getRewarderAuditList();
$json = json_encode($rewarderList);
echo $json;
break;
case 'get-rewarder-user-detail':
$detailUser = new User();
$detailUser->findUserById($_REQUEST['id']);
$rewarderList = $rewarder->getRewarderUserDetail($_REQUEST['id']);
$json = json_encode(array($detailUser->getNickname(), $rewarderList));
echo $json;
break;
case 'update-rewarder-auditor':
$auditorUser = new User();
$auditorUser->findUserById($_REQUEST['id']);
$toggledAuditor = $auditorUser->getIs_auditor() ? 0 : 1;
$auditorUser->getIs_auditor($toggledAuditor);
$auditorUser->save();
break;
case 'update-rewarder-user':
$period_id = $_REQUEST['period_id'];
$rewardeeId = intval($_REQUEST["id"]);
$points_val = isset($_REQUEST["points_val"]) ? max(0, intval($_REQUEST["points_val"])) : 0;
$points_perc = isset($_REQUEST["points_perc"]) ? max(0, floatval($_REQUEST["points_perc"])) : 0;
$delete = isset($_REQUEST["delete"]) ? intval($_REQUEST["delete"]) : 0;
function getContent()
{
global $cfg, $user, $sql, $plug;
$note = new Notifier();
$tpl = new PHPTAL('plugins/comments/comments.tpl.html');
$err = new Error();
$tpl->entries = '';
if ($this->total_comments != -1 && !Kio::getConfig('view_only_logged', 'comments')) {
if ($this->total_comments > 0) {
$tpl->backlink = $this->backlink;
$tpl->cfg = $cfg;
$tpl->user = $user;
$tpl->entries = $this->getEntries();
} else {
$note->info('There is no comments.');
}
if (!Kio::getConfig('add_only_logged', 'comments') || LOGGED) {
if ($this->edited) {
$form = array('id' => $this->edited['comment_id'], 'author' => $this->edited['comment_author'], 'author_id' => $this->edited['comment_author_id'], 'message' => $this->edited['comment_message']);
if (!$form['author']) {
$form['author'] = User::getNickname(BY_ID, $this->edited['comment_author_id']);
}
$this->edit_mode = true;
} else {
$form['author'] = User::$nickname;
}
$add = isset($_POST['add']) ? true : false;
$edit = isset($_POST['edit']) ? true : false;
// Add or delete
if (isset($_POST['add']) || $edit) {
$form['author'] = isset($_POST['add']) && LOGGED ? User::$nickname : filter($_POST['author'], 100);
$form['message'] = filter($_POST['message'], Kio::getConfig('message_max', 'comments'));
$err->setError('author_empty', t('Author field is required.'))->condition(!$form['author']);
$err->setError('author_exists', t('Entered nickname is registered.'))->condition($add && !LOGGED && is_registered($form['author'], 'nickname'));
$err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']);
// No errors
if ($err->noErrors()) {
// Add
if (isset($_POST['add'])) {
$sql->exec('
INSERT INTO ' . DB_PREFIX . 'comments (
comment_owner, comment_owner_child_id, comment_author,
comment_author_id, comment_author_ip, comment_added,
comment_message, comment_backlink)
VALUES(
"' . u0 . '",
' . $this->connector_id . ',
"' . (!LOGGED || isset($_POST['edit']) ? $form['author'] : '') . '",
' . UID . ',
"' . IP . '",
' . TIMESTAMP . ',
"' . $form['message'] . '",
"' . $this->backlink . '")');
$last = $sql->lastInsertId();
$sql->exec('
UPDATE ' . DB_PREFIX . $this->owner . '
SET comments = (comments + 1)
WHERE id = ' . $this->connector_id);
setcookie(COOKIE . '-comments', 'true', TIMESTAMP + Kio::getConfig('flood_interval', 'comments') + 1, '/');
redirect(HREF . PATH . '#comment-' . $last);
} else {
if (isset($_POST['edit'])) {
if ($form['author_id'] = User::getId(BY_NICKNAME, $form['author'])) {
$form['author'] = '';
} else {
$form['author_id'] = 0;
}
$sql->exec('
UPDATE ' . DB_PREFIX . 'comments
SET
comment_author = "' . $form['author'] . '",
comment_author_id = ' . $form['author_id'] . ',
comment_message = "' . $form['message'] . '"
WHERE comment_id = ' . $this->edited['comment_id']);
redirect(HREF . $this->edited['comment_backlink'] . '#comment-' . $this->edited['comment_id']);
}
}
} else {
$note->error($err->toArray());
}
} else {
if (isset($_POST['delete_id']) && ctype_digit($_POST['delete_id'])) {
$sql->exec('
DELETE FROM ' . DB_PREFIX . 'comments WHERE comment_id = ' . $_POST['delete_id'] . ';
UPDATE ' . DB_PREFIX . $this->owner . ' SET comments = (comments - 1) WHERE id = ' . $this->connector_id);
redirect(strpos(REFERER, 'admin') ? REFERER : '#comments');
}
}
//$tpl->comments = $comments;
$tpl->form = $form;
$tpl->err = $err->toArray();
} else {
$note->error(sprintf('Dodawanie komentarzy jest możliwe tylko dla <a href="%1$slogin">zalogowanych</a> osób, <a href="%1$sregistration">zarejestruj się</a> jeśli nie masz jeszcze konta.', HREF));
}
} else {
if ($this->total_comments != -1) {
$note->error(array('Komentarze są widoczne tylko dla zalogowanych osób.', '<a href="' . HREF . 'registration">Zarejestruj się</a> jeśli nie masz jeszcze konta.'));
}
}
$tpl->edit_mode = $this->edit_mode;
$tpl->total_comments = $this->total_comments;
$tpl->note = $note;
return $tpl->execute();
}
public function info($id)
{
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : false;
$this->write('tab', isset($_REQUEST['tab']) ? $_REQUEST['tab'] : "");
$reqUserId = Session::uid();
$this->write('reqUserId', $reqUserId);
$reqUser = new User();
if ($reqUserId > 0) {
$reqUser->findUserById($reqUserId);
$budget = $reqUser->getBudget();
}
$this->write('reqUser', $reqUser);
$is_runner = isset($_SESSION['is_runner']) ? $_SESSION['is_runner'] : 0;
$is_payer = isset($_SESSION['is_payer']) ? $_SESSION['is_payer'] : 0;
// admin posting data
if (!empty($_POST) && ($is_runner || $is_payer) && !$action) {
$user_id = (int) $_POST['user_id'];
if (!empty($_POST['save-salary'])) {
$field = 'salary';
$value = mysql_real_escape_string($_POST['value']);
} else {
$field = $_POST['field'];
$value = (int) $_POST['value'];
}
$updateUser = new User();
if ($updateUser->findUserById($user_id)) {
switch ($field) {
case 'salary':
$updateUser->setAnnual_salary($value);
Utils::systemNotification("A new salary has been set for @" . $updateUser->getNickname());
break;
case 'ispayer':
$updateUser->setIs_payer($value);
break;
case 'isrunner':
$updateUser->setIs_runner($value);
break;
case 'isinternal':
$updateUser->setIs_internal($value);
break;
case 'ispaypalverified':
$updateUser->setPaypal_verified($value);
if ($value) {
$updateUser->setHas_w2(false);
}
break;
case 'isw2employee':
$updateUser->setHas_w2($value);
if ($value) {
$updateUser->setPaypal_verified(false);
$updateUser->setw9_status('not-applicable');
}
break;
case 'manager':
$updateUser->setManager($value);
if ($value) {
$manager = new User();
$manager->findUserById($value);
// Send journal notification
Utils::systemNotification("The manager for @" . $updateUser->getNickname() . " is now set to @" . $manager->getNickname());
} else {
Utils::systemNotification("The manager for @" . $updateUser->getNickname() . " has been removed");
}
break;
case 'referrer':
$updateUser->setReferred_by($value);
if ($value) {
$referrer = new User();
$referrer->findUserById($value);
// Send journal notification
Utils::systemNotification("The referrer for @" . $updateUser->getNickname() . " is now set to @" . $referrer->getNickname());
} else {
Utils::systemNotification("The referrer for @" . $updateUser->getNickname() . " has been removed");
}
break;
case 'isactive':
$updateUser->setIs_active($value);
break;
default:
break;
}
$updateUser->save();
$response = array('succeeded' => true, 'message' => 'User details updated successfully');
echo json_encode($response);
exit(0);
} else {
die(json_encode(array('succeeded' => false, 'message' => 'Error: Could not determine the user_id')));
}
}
$user = new User();
$user = User::find($id ? $id : Session::uid());
$userId = $user->getId();
/**
* If we couldn't find a valid User, return an ErrorView
*/
if (!$user->getId()) {
$this->write('msg', 'That user doesn\'t exist.');
$this->write('link', WORKLIST_URL);
$this->view = new ErrorView();
parent::run();
}
$this->write('userId', $userId);
$this->write('user', $user);
$this->write('Annual_Salary', $user->getAnnual_salary() > 0 ? $user->getAnnual_salary() : '');
$this->write('manager', $user->getManager());
$this->write('referred_by', $user->getReferred_by());
if ($action == 'create-sandbox') {
$result = array();
try {
if (!$is_runner) {
throw new Exception("Access Denied");
}
$args = array('unixusername', 'projects');
foreach ($args as $arg) {
${$arg} = mysql_real_escape_string($_REQUEST[$arg]);
}
$projectList = explode(",", str_replace(" ", "", $projects));
// Create sandbox for user
$sandboxUtil = new SandBoxUtil();
$sandboxUtil->createSandbox($user->getUsername(), $user->getNickname(), $unixusername, $projectList);
// If sb creation was successful, update users table
$user->setHas_sandbox(1);
$user->setUnixusername($unixusername);
$user->setProjects_checkedout($projects);
$user->save();
// add to project_users table
foreach ($projectList as $project) {
$project_id = Project::getIdFromRepo($project);
$user->checkoutProject($project_id);
}
} catch (Exception $e) {
$result["error"] = $e->getMessage();
}
echo json_encode($result);
die;
}
$reviewee_id = (int) $userId;
$review = new Review();
$this->write('reviewsList', $review->getReviews($reviewee_id, $reqUserId));
$this->write('projects', $this->getProjectList());
$user_projects = $user->getProjects_checkedout();
$this->write('has_sandbox', count($user_projects) > 0);
$users_favorite = new Users_Favorite();
$favorite_enabled = 1;
$favorite = $users_favorite->getMyFavoriteForUser($reqUserId, $userId);
if (isset($favorite['favorite'])) {
$favorite_enabled = $favorite['favorite'];
}
$favorite_count = $users_favorite->getUserFavoriteCount($userId);
$this->write('favorite_count', $favorite_count);
$this->write('favorite_enabled', $favorite_enabled);
parent::run();
}
public function listView($projectName = null, $filterName = null)
{
$this->view = new JobsView();
// $nick is setup above.. and then overwritten here -- lithium
$nick = '';
$userId = Session::uid();
if ($userId > 0) {
Utils::initUserById($userId);
$user = new User();
$user->findUserById($userId);
// @TODO: this is overwritten below.. -- lithium
$nick = $user->getNickname();
$userbudget = $user->getBudget();
$budget = number_format($userbudget);
$this->is_internal = $user->isInternal();
}
$this->is_runner = !empty($_SESSION['is_runner']) ? 1 : 0;
$is_payer = !empty($_SESSION['is_payer']) ? 1 : 0;
$is_admin = !empty($_SESSION['is_admin']) ? 1 : 0;
$workitem = new WorkItem();
$queryFilter = empty($_REQUEST['query']) ? '' : $_REQUEST['query'];
$this->write('queryFilter', $queryFilter);
$this->write('followingFilter', $filterName != null && $filterName == "following" ? true : false);
if ($projectName != null && $projectName != "all") {
$project = Project::find($projectName);
$this->write('projectFilter', $project ? $project->getProjectId() : 0);
} else {
$this->write('projectFilter', 0);
}
if ($filterName != null && $filterName != "following") {
$this->write('statusFilter', $filterName);
} else {
$this->write('statusFilter', empty($queryFilter) ? 'Active' : 'All');
}
$this->write('labelsFilter', array_slice(func_get_args(), 2));
// Prevent reposts on refresh
if (!empty($_POST)) {
unset($_POST);
$this->view = null;
Utils::redirect('./jobs');
exit;
}
$worklist_id = isset($_REQUEST['job_id']) ? intval($_REQUEST['job_id']) : 0;
$this->write('req_status', isset($_GET['status']) ? $_GET['status'] : '');
$this->write('review_only', isset($_GET['status']) && $_GET['status'] == 'needs-review' ? 'true' : 'false');
parent::run();
}
public function testLoadByUsernameIsCaseInsensitive()
{
$failureAffects = "Login cannot load users case insensitive";
$dbConfig = array();
$dbConfig['adapter'] = 'mysqli';
$dbConfig['host'] = 'mysql.dev.sendlove.us';
$dbConfig['dbname'] = 'LM_logintest';
$dbConfig['username'] = '******';
$dbConfig['password'] = '******';
$userId = 2;
// load by username test case insensitivity
$user = new User(new mysqli($dbConfig['host'], $dbConfig['username'], $dbConfig['password'], $dbConfig['dbname']));
$user->loadByUsername('*****@*****.**');
$this->assertEquals($userId, $user->getId(), $failureAffects);
$this->assertEquals('*****@*****.**', $user->getUsername(), $failureAffects);
$this->assertTrue($user->authenticate('9*NvF6rU'), $failureAffects);
$this->assertEquals('existingUser', $user->getNickname(), $failureAffects);
$this->assertEquals(User::USER_CONFIRMED, $user->getConfirmed(), $failureAffects);
$this->assertEquals('2010-09-15 17:38:53', $user->getDateAdded(), $failureAffects);
$this->assertEquals('0000-00-00 00:00:00', $user->getDateModified(), $failureAffects);
}
public static function sendReviewNotification($reviewee_id, $type, $oReview)
{
$review = $oReview[0]['feeRange'] . " " . $oReview[0]['review'];
$reviewee = new User();
$reviewee->findUserById($reviewee_id);
$worklist_link = WORKLIST_URL;
$to = $reviewee->getNickname() . ' <' . $reviewee->getUsername() . '>';
$body = "<p>" . $review . "</p>";
$nickname = $reviewee->getNickname();
$headers = array();
if ($type == "new") {
$userinfo_link = WORKLIST_URL . 'user/?id=' . $reviewee->getId();
$headers['From'] = 'worklist<*****@*****.**>';
$subject = 'New Peer Review';
$journal = '@' . $nickname . " received a new review: " . $review;
$body = '<p>Hello ' . $nickname . ',</p><br />';
$body .= '<p>You have received a review from one of your peers in the Worklist.</p><br />';
$body .= '<p>To see your current user reviews, click <a href="' . $userinfo_link . '">here</a>.</p>';
$body .= '<p><a href="' . $userinfo_link . '">' . $userinfo_link . '</a></p><br />';
$body .= '<p><a href="' . WORKLIST_URL . '"jobs>worklist' . '</a></p>';
} else {
if ($type == "update") {
$subject = "A review of you has been updated";
$journal = "A review of @" . $nickname . " has been updated: " . $review;
} else {
$subject = "One of your reviews has been deleted";
$journal = "One review of @" . $nickname . " has been deleted: " . $review;
}
}
if (!Utils::send_email($to, $subject, $body, null, $headers)) {
error_log("Utils::sendReviewNotification: Utils::send_email failed");
}
Utils::systemNotification($journal);
}
<?php
session_start();
$user = new User();
if ($user->selectByEmail(Database::sessionDecrypt($_SESSION['user']))) {
if ($_POST['update'] == 'true') {
$user->setNickname($_POST['nick']);
$user->setCellPhone($_POST['phone']);
$user->setName($_POST['name']);
$user->setSurname($_POST['surname']);
if ($user->update()) {
echo ReturnCode::$success;
} else {
echo ReturnCode::$error;
}
} else {
echo $user->getNickname() . PHP_EOL;
echo $user->getName() . PHP_EOL;
echo $user->getSurname() . PHP_EOL;
echo $user->getCellPhone();
}
} else {
echo ReturnCode::$userNotFound;
}
private function closeOutBudgetSource($remainingFunds, $budget, $budgetReceiver, $budgetGiver)
{
$sources = $budget->loadSources(" ORDER BY s.transfer_date DESC");
if ($sources == null) {
$this->setOutput(array('success' => true, 'message' => 'No source budget found!'));
exit;
}
foreach ($sources as $source) {
$budgetGiver = new User();
if (!$budgetGiver->findUserById($source["giver_id"])) {
$this->setOutput(array('success' => true, 'message' => 'Invalid giver id.'));
exit;
}
if ($remainingFunds < 0) {
if ($budget->seed != 1) {
$budget->updateSources($source["source_id"], -$remainingFunds);
$budgetGiver->updateBudget($remainingFunds, $source["budget_id"]);
}
$this->sendBudgetcloseOutEmail(array("budget_id" => $budget->id, "reason" => $budget->reason, "giver_id" => $source["giver_id"], "receiver_id" => $budget->receiver_id, "receiver_nickname" => $budgetReceiver->getNickname(), "receiver_email" => $budgetReceiver->getUsername(), "giver_nickname" => $budgetGiver->getNickname(), "giver_email" => $budgetGiver->getUsername(), "remainingFunds" => $remainingFunds, "original_amount" => $budget->original_amount, "amount" => $budget->amount, "seed" => $budget->seed));
return;
} else {
if ($remainingFunds > $source["amount_granted"]) {
$remainingFundsToGiveBack = $source["amount_granted"];
$remainingFunds = $remainingFunds - $source["amount_granted"];
} else {
$remainingFundsToGiveBack = $remainingFunds;
$remainingFunds = 0;
}
if ($budget->seed != 1) {
$budget->updateSources($source["source_id"], -$remainingFundsToGiveBack);
$budgetGiver->updateBudget($remainingFundsToGiveBack, $source["budget_id"]);
}
$this->sendBudgetcloseOutEmail(array("budget_id" => $budget->id, "reason" => $budget->reason, "giver_id" => $source["giver_id"], "receiver_id" => $budget->receiver_id, "receiver_nickname" => $budgetReceiver->getNickname(), "receiver_email" => $budgetReceiver->getUsername(), "giver_nickname" => $budgetGiver->getNickname(), "giver_email" => $budgetGiver->getUsername(), "remainingFunds" => $remainingFundsToGiveBack, "original_amount" => $budget->original_amount, "amount" => $budget->amount, "seed" => $budget->seed));
if ($remainingFunds == 0) {
return;
}
}
}
if ($remainingFunds != 0) {
error_log("closeOutBudgetSource, remainingFunds not equal to 0, budget id: " . $budget->id);
}
}
/**
* Synchronise data between GitHub and Worklist User
*
* @param User $user Worklist User object
* @param object $gh_user GitHub User JSON object
*/
public function sync($user, $gh_user)
{
/**
* Compare User nickname with GitHub login. If they differ,
* verify the GitHub login does not already exist in Worklist.
*
* If it exists, try the GitHub name with spaces removed
* If it sill exists, append a random number to the login, and
* to the name, until we get a unique Worklist nickname
*/
if ($user->getNickname() != $gh_user->login) {
$nicknameTestUser = new User();
$nickname = $gh_user->login;
if ($nicknameTestUser->findUserByNickname($nickname)) {
$nickname = preg_replace('/[^a-zA-Z0-9]/', '', $gh_user->name);
}
while ($nicknameTestUser->findUserByNickname($nickname)) {
$rand = mt_rand(1, 99999);
$nickname = $gh_user->login . $rand;
if ($nicknameTestUser->findUserByNickname($nickname)) {
$nickname = preg_replace('/[^a-zA-Z0-9]/', '', $gh_user->name) . $rand;
}
}
$user->setNickname($nickname);
}
// save the name to the worklist database
if (isset($gh_user->name)) {
$fullname = $gh_user->name;
$nameArray = explode(' ', $fullname);
$user->setFirst_name($nameArray[0]);
$user->setLast_name(end($nameArray));
}
$user->setPicture($gh_user->avatar_url);
$user->save();
}
/**
* Notify a user that one of their notices has been chosen as a 'fave'
*
* @param User $rcpt The user whose notice was faved
* @param Profile $sender The user who faved the notice
* @param Notice $notice The notice that was faved
*
* @return void
*/
function mail_notify_fave(User $rcpt, Profile $sender, Notice $notice)
{
if (!$rcpt->receivesEmailNotifications() || !$rcpt->getConfigPref('email', 'notify_fave')) {
return;
}
// This test is actually "if the sender is sandboxed"
if (!$sender->hasRight(Right::EMAILONFAVE)) {
return;
}
if ($rcpt->hasBlocked($sender)) {
// If the author has blocked us, don't spam them with a notification.
return;
}
// We need the global mail.php for various mail related functions below.
require_once INSTALLDIR . '/lib/mail.php';
$bestname = $sender->getBestName();
common_switch_locale($rcpt->language);
// TRANS: Subject for favorite notification e-mail.
// TRANS: %1$s is the adding user's long name, %2$s is the adding user's nickname.
$subject = sprintf(_('%1$s (@%2$s) added your notice as a favorite'), $bestname, $sender->getNickname());
// TRANS: Body for favorite notification e-mail.
// TRANS: %1$s is the adding user's long name, $2$s is the date the notice was created,
// TRANS: %3$s is a URL to the faved notice, %4$s is the faved notice text,
// TRANS: %5$s is a URL to all faves of the adding user, %6$s is the StatusNet sitename,
// TRANS: %7$s is the adding user's nickname.
$body = sprintf(_("%1\$s (@%7\$s) just added your notice from %2\$s" . " as one of their favorites.\n\n" . "The URL of your notice is:\n\n" . "%3\$s\n\n" . "The text of your notice is:\n\n" . "%4\$s\n\n" . "You can see the list of %1\$s's favorites here:\n\n" . "%5\$s"), $bestname, common_exact_date($notice->created), common_local_url('shownotice', array('notice' => $notice->id)), $notice->content, common_local_url('showfavorites', array('nickname' => $sender->getNickname())), common_config('site', 'name'), $sender->getNickname()) . mail_footer_block();
$headers = _mail_prepare_headers('fave', $rcpt->getNickname(), $sender->getNickname());
common_switch_locale();
mail_to_user($rcpt, $subject, $body, $headers);
}
private function getComposeForm()
{
global $sql;
Kio::addTitle(t('Compose message'));
Kio::addBreadcrumb(t('Compose message'), 'pm/write');
$err = new Error();
$note = new Notifier();
if ((u2 == 'resend' || u2 == 'reply') && ctype_digit(u3)) {
if (u2 == 'reply') {
$message = $sql->query('
SELECT connector_id, subject
FROM ' . DB_PREFIX . 'pm
WHERE id = ' . u3 . ' AND folder != 1')->fetch(PDO::FETCH_ASSOC);
$form['subject'] = 'Re: ' . $message['subject'];
} else {
$message = $sql->query('
SELECT connector_id, subject, message
FROM ' . DB_PREFIX . 'pm
WHERE id = ' . (int) u3 . ' AND folder = 1')->fetch(PDO::FETCH_ASSOC);
$form['subject'] = $message['subject'];
$form['message'] = $message['message'];
}
$form['receiver'] = User::getNickname(BY_ID, $message['connector_id']);
} else {
if (ctype_digit(u2)) {
$form['receiver'] = User::getNickname(BY_ID, u2);
}
}
if (isset($_POST['send'])) {
// Form values
$form = array('receiver' => filter($_POST['receiver'], 100), 'subject' => filter($_POST['subject'], 100), 'save' => $_POST['save'], 'bbcode' => $_POST['bbcode'] ? BBCODE : 0, 'emoticons' => $_POST['emoticons'] ? EMOTICONS : 0, 'autolinks' => $_POST['autolinks'] ? AUTOLINKS : 0, 'message' => filter($_POST['message'], 250));
$err->setError('receiver_empty', t('ERROR_RECEIVER_EMPTY'))->condition(!$form['receiver']);
$err->setError('receiver_not_exists', t('ERROR_RECEIVER_NOT_EXISTS'))->condition($form['receiver'] && !User::getId(BY_NICKNAME, $form['receiver']));
$err->setError('subject_empty', t('ERROR_SUBJECT_EMPTY'))->condition(!$form['subject']);
$err->setError('message_empty', t('ERROR_MESSAGE_EMPTY'))->condition(!$form['message']);
// No errors
if ($err->noErrors()) {
$form['receiver'] = User::getId(BY_NICKNAME, $form['receiver']);
$form['message'] = cut($form['message'], Kio::getConfig('message_max', 'pm'));
$form['parsers'] = $form['bbcode'] . $form['autolinks'] . $form['emoticons'] . CENSURE . PRE;
$stmt = $sql->prepare('
INSERT INTO ' . DB_PREFIX . 'pm
(sent, owner_id, connector_id, subject, message, folder, is_read, parsers)
VALUES
(:sent, :owner_id, :connector_id, :subject, :message, :folder, :is_read, :parsers)' . ($form['save'] ? ', (:sent, :owner_id, :connector_id, :subject, :message, :folder, :is_read, :parsers)' : ''));
$stmt->execute(array('sent' => TIMESTAMP, 'owner_id' => $form['receiver'], 'connector_id' => UID, 'subject' => $form['subject'], 'message' => $form['message'], 'folder' => 0, 'is_read' => 0, 'parsers' => $form['parsers']));
setcookie(COOKIE . '-pm', 'true', TIMESTAMP + Kio::getConfig('flood_interval', 'pm') + 1, '/');
$note->success('Wiadomość została wysłana.');
redirect(HREF . 'pm/inbox');
} else {
$note->error($err->toArray());
}
} else {
$note->info(array(t('WELCOME_MESSAGE'), t('REQUIRED')));
}
try {
$tpl = new PHPTAL('modules/pm/write.tpl.html');
$tpl->err = $err->toArray();
$tpl->form = $form;
$tpl->note = $note;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e);
}
}
