function initialize(Zikula_Form_View $view) { $this->id = (int) FormUtil::getPassedValue('id', -1, 'GETPOST'); $objectid = FormUtil::getPassedValue('objectid', '', 'GETPOST'); $redirect = base64_decode(FormUtil::getPassedValue('redirect', '', 'GETPOST')); $view->caching = false; $comment = ModUtil::apiFunc('EZComments', 'user', 'get', array('id' => $this->id)); if ($comment == false || !is_array($comment)) { return LogUtil::registerError($this->__('No such comment found.'), ModUtil::url('EZComments', 'user', 'main')); } // check if user is allowed to modify this content $modifyowntime = (int) ModUtil::getVar('EZComments', 'modifyowntime'); $ts = strtotime($comment['date']); if (!SecurityUtil::checkPermission('EZComments::', '::', ACCESS_ADMIN)) { // user has no admin permissions. Only commenting user should be able to modify if ($comment['uid'] != UserUtil::getVar('uid')) { // foreign content and no admin permissions $view->assign('nomodify', 1); $this->nomodify = 1; } else { if ($modifyowntime > 0 && $ts + $modifyowntime * 60 * 60 < time()) { $view->assign('nomodify', 1); $this->nomodify = 1; } } } else { $view->assign('nomodify', 0); $this->nomodify = 0; } $view->assign('redirect', isset($redirect) && !empty($redirect) ? true : false); // finally asign the comment information $view->assign($comment); return true; }
/** * Return an array of items to show in the your account panel * * @return array */ public function getall($args) { $items = array(); $uname = (isset($args['uname'])) ? $args['uname'] : UserUtil::getVar('uname'); // does this user exist? if(UserUtil::getIdFromName($uname)==false) { // user does not exist return $items; } // Create an array of links to return if (SecurityUtil::checkPermission('News::', '::', ACCESS_COMMENT)) { $items[] = array('url' => ModUtil::url('News', 'user', 'newitem'), 'module' => 'News', 'title' => $this->__('Submit an article'), 'icon' => 'news_add.gif'); /* If users can save draft articles and the viewdraft function is implemented, this can be enabled $items[] = array('url' => ModUtil::url('News', 'user', 'viewdraft'), 'module' => 'News', 'title' => __('View personal draft articles', $dom), 'icon' => 'news_draft.gif'); */ } // Return the items return $items; }
/** * Vetos (denies) a login attempt, and forces the user to change his password. * * This handler is triggered by the 'user.login.veto' event. It vetos (denies) a * login attempt if the users's account record is flagged to force the user to change * his password maintained by the Users module. If the user does not maintain a * password on his Users account (e.g., he registered with and logs in with a Google * Account or an OpenID, and never established a Users password), then this handler * will not trigger a change of password. * * @param Zikula_Event $event The event that triggered this handler. * * @return void */ public static function forcedPasswordChangeListener(Zikula_Event $event) { $userObj = $event->getSubject(); $userMustChangePassword = UserUtil::getVar('_Users_mustChangePassword', $userObj['uid'], false); if ($userMustChangePassword && ($userObj['pass'] != Users_Constant::PWD_NO_USERS_AUTHENTICATION)) { $event->stop(); $event->setData(array( 'redirect_func' => array( 'modname' => self::$modname, 'type' => 'user', 'func' => 'changePassword', 'args' => array( 'login' => true, ), 'session' => array( 'var' => 'Users_Controller_User_changePassword', 'namespace' => 'Zikula_Users', ) ), )); LogUtil::registerError(__("Your log-in request was not completed. You must change your web site account's password first.")); } }
public function display($blockinfo) { // Security check (1) if (!SecurityUtil::checkPermission('IWmenu:topblock:', "$blockinfo[title]::", ACCESS_READ)) { return false; } // Check if the module is available. (2) if (!ModUtil::available('IWmenu')) { return false; } // Get variables from content block (3) //Get cached user menu $uid = is_null(UserUtil::getVar('uid')) ? '-1' : UserUtil::getVar('uid'); //Generate menu $menu_estructure = ModUtil::apiFunc('IWmenu', 'user', 'getMenuStructure'); // Defaults (4) if (empty($menu_estructure)) { return false; } // Create output object (6) $view = Zikula_View::getInstance('IWmenu'); // assign your data to to the template (7) $view->assign('menu', $menu_estructure); // Populate block info and pass to theme (8) $menu = $view->fetch('IWmenu_block_top.htm'); //$blockinfo['content'] = $menu; //return BlockUtil::themesideblock($blockinfo); return $menu; }
/** * Constructor. * * @param integer $objectId Identifier of treated object. * @param integer $areaId Name of hook area. * @param string $module Name of the owning module. * @param string $urlString **deprecated** * @param Zikula_ModUrl $urlObject Object carrying url arguments. */ function __construct($objectId, $areaId, $module, $urlString = null, Zikula_ModUrl $urlObject = null) { // call base constructor to store arguments in member vars parent::__construct($objectId, $areaId, $module, $urlString, $urlObject); // derive object type from url object $urlArgs = $urlObject->getArgs(); $objectType = isset($urlArgs['ot']) ? $urlArgs['ot'] : 'review'; $component = $module . ':' . ucwords($objectType) . ':'; $perm = SecurityUtil::checkPermission($component, $objectId . '::', ACCESS_READ); if (!$perm) { return; } $entityClass = $module . '_Entity_' . ucwords($objectType); $serviceManager = ServiceUtil::getManager(); $entityManager = $serviceManager->getService('doctrine.entitymanager'); $repository = $entityManager->getRepository($entityClass); $useJoins = false; /** TODO support composite identifiers properly at this point */ $entity = $repository->selectById($objectId, $useJoins); if ($entity === false || !is_array($entity) && !is_object($entity)) { return; } $this->setObjectTitle($entity->getTitleFromDisplayPattern()); $dateFieldName = $repository->getStartDateFieldName(); if ($dateFieldName != '') { $this->setObjectDate($entity[$dateFieldName]); } else { $this->setObjectDate(''); } if (method_exists($entity, 'getCreatedUserId')) { $this->setObjectAuthor(UserUtil::getVar('uname', $entity['createdUserId'])); } else { $this->setObjectAuthor(''); } }
public function pageLock($args) { $lockName = $args['lockName']; $returnUrl = (array_key_exists('returnUrl', $args) ? $args['returnUrl'] : null); $ignoreEmptyLock = (array_key_exists('ignoreEmptyLock', $args) ? $args['ignoreEmptyLock'] : false); $uname = UserUtil::getVar('uname'); $lockedHtml = ''; if (!empty($lockName) || !$ignoreEmptyLock) { PageUtil::AddVar('javascript', 'zikula.ui'); PageUtil::AddVar('javascript', 'system/PageLock/javascript/pagelock.js'); PageUtil::AddVar('stylesheet', ThemeUtil::getModuleStylesheet('pagelock')); $lockInfo = ModUtil::apiFunc('pagelock', 'user', 'requireLock', array('lockName' => $lockName, 'lockedByTitle' => $uname, 'lockedByIPNo' => $_SERVER['REMOTE_ADDR'])); $hasLock = $lockInfo['hasLock']; if (!$hasLock) { $view = Zikula_View::getInstance('pagelock'); $view->assign('lockedBy', $lockInfo['lockedBy']); $lockedHtml = $view->fetch('PageLock_lockedwindow.tpl'); } } else { $hasLock = true; } $html = "<script type=\"text/javascript\">/* <![CDATA[ */ \n"; if (!empty($lockName)) { if ($hasLock) { $html .= "document.observe('dom:loaded', PageLock.UnlockedPage);\n"; } else { $html .= "document.observe('dom:loaded', PageLock.LockedPage);\n"; } } $lockedHtml = str_replace("\n", "", $lockedHtml); $lockedHtml = str_replace("\r", "", $lockedHtml); // Use "PageLockLifetime*2/3" to add a good margin to lock timeout when pinging // disabled due to #2556 and #2745 // $returnUrl = DataUtil::formatForDisplayHTML($returnUrl); $html .= " PageLock.LockName = '$lockName'; PageLock.ReturnUrl = '$returnUrl'; PageLock.PingTime = " . (PageLockLifetime*2/3) . "; PageLock.LockedHTML = '" . $lockedHtml . "'; /* ]]> */</script>"; PageUtil::addVar('header', $html); return true; }
/** * Construct. * * @param int $objectId Object ID. * @param int $areaId A blockinfo structure. * @param string $module Module. * @param string $urlString Url. * @param Zikula_ModUrl $urlObject Url object. */ function __construct($objectId, $areaId, $module, $urlString = null, Zikula_ModUrl $urlObject = null) { parent::__construct($objectId, $areaId, $module, $urlString, $urlObject); $args = $urlObject->getArgs(); $ot = $args['ot']; if ($ot == 'posting') { $posting = ModUtil::apiFunc('MUBoard', 'selection', 'getEntity', array('ot' => 'posting', 'id' => $this->getObjectId())); // the Api checks for perms and there is nothing else to check if ($posting) { $userid = $posting->getCreatedUserId(); $date = $posting->getCreatedDate(); $title = $posting->getTitle(); $this->setObjectAuthor(UserUtil::getVar('uname', $userid)); $this->setObjectDate($date); $this->setObjectTitle($title); } } if ($ot == 'picture') { $picture = ModUtil::apiFunc('MUImage', 'selection', 'getEntity', array('ot' => 'picture', 'id' => $this->getObjectId())); // the Api checks for perms and there is nothing else to check if ($picture) { $userid = $picture->getCreatedUserId(); $date = $picture->getCreatedDate(); $title = $picture->getTitle(); $this->setObjectAuthor(UserUtil::getVar('uname', $userid)); $this->setObjectDate($date); $this->setObjectTitle($title); } } }
/** * avatar search-user * * * @author Frank Schummertz, Carsten Volmer * @return output The search-user admin page. */ public function searchusers() { if (!SecurityUtil::checkPermission('Avatar::', '::', ACCESS_ADMIN)) { return LogUtil::registerPermissionError(); } $username = FormUtil::getPassedValue('username', '', 'GETPOST'); $userid = UserUtil::getIDFromName($username); if ($userid == false) { $username = ''; $avatar = ''; } else { $avatar = UserUtil::getVar('avatar', $userid); } $page = (int) FormUtil::getPassedValue('page', 1, 'GETPOST'); $perpage = (int) FormUtil::getPassedValue('perpage', 50, 'GETPOST'); list($avatarsarray, $allavatarscount) = ModUtil::apiFunc('Avatar', 'user', 'getAvatars', array('page' => $page, 'perpage' => $perpage)); // avoid some vars in the url of the pager unset($_GET['submit']); unset($_POST['submit']); unset($_REQUEST['submit']); $this->view->assign('avatarpath', ModUtil::getVar('Users', 'avatarpath')); $this->view->assign('username', $username); $this->view->assign('userid', $userid); $this->view->assign('avatar', $avatar); $this->view->assign('avatars', $avatarsarray); $this->view->assign('allavatarscount', $allavatarscount); $this->view->assign('page', $page); $this->view->assign('perpage', $perpage); return $this->view->fetch('Avatar_admin_searchusers.htm'); }
/** * get the username associated with a category * */ public function getusercategoryname($args) { $uid = isset($args['uid']) && $args['uid'] ? $args['uid'] : UserUtil::getVar('uid'); $uname = UserUtil::getVar('uname', $uid); $userCatName = "{$uname} [{$uid}]"; return $userCatName; }
/** * Install the MUBoard application. * * @return boolean True on success, or false. */ public function install() { parent::install(); $uid = UserUtil::getVar('uid'); MUBoard_Util_View::actualUser($uid, 1); // update successful return true; }
function getPluginData($filtAfterDate = null) { if (!$this->pluginAvailable()) { return array(); } if (!SecurityUtil::checkPermission('ZphpBB2::', '::', ACCESS_READ, $this->userNewsletter)) { return array(); } //ModUtil::load('ZphpBB2'); $table_prefix = ModUtil::getVar('ZphpBB2', 'table_prefix', 'phpbb_'); $TOPICS_TABLE = $table_prefix . "topics"; $POSTS_TABLE = $table_prefix . "posts"; $POSTS_TEXT_TABLE = $table_prefix . "posts_text"; $FORUMS_TABLE = $table_prefix . "forums"; $connection = Doctrine_Manager::getInstance()->getCurrentConnection(); $sql = "SELECT forum_id, forum_name FROM {$FORUMS_TABLE} WHERE auth_view <= 0 AND auth_read <= 0"; $stmt = $connection->prepare($sql); try { $stmt->execute(); } catch (Exception $e) { return LogUtil::registerError(__('Error in plugin') . ' ZphpBB2: ' . $e->getMessage()); } $userforums = $stmt->fetchAll(Doctrine_Core::FETCH_ASSOC); $allowedforums = array(); foreach (array_keys($userforums) as $k) { if (SecurityUtil::checkPermission('ZphpBB2::', ":" . $userforums[$k]['forum_id'] . ":", ACCESS_READ, $this->userNewsletter)) { $allowedforums[] = $userforums[$k]['forum_id']; } } if (count($allowedforums) == 0) { // user is not allowed to read any forum at all return array(); } $sql = "SELECT {$TOPICS_TABLE}.topic_title, {$TOPICS_TABLE}.topic_replies, {$TOPICS_TABLE}.topic_views, {$TOPICS_TABLE}.topic_id, \n {$POSTS_TABLE}.post_id, {$POSTS_TABLE}.poster_id, {$POSTS_TABLE}.post_time, \n {$POSTS_TEXT_TABLE}.post_subject, {$POSTS_TEXT_TABLE}.post_text, \n {$FORUMS_TABLE}.forum_name \n FROM {$TOPICS_TABLE} \n INNER JOIN {$POSTS_TABLE} ON {$POSTS_TABLE}.topic_id = {$TOPICS_TABLE}.topic_id \n INNER JOIN {$POSTS_TEXT_TABLE} ON {$POSTS_TEXT_TABLE}.post_id = {$POSTS_TABLE}.post_id \n INNER JOIN {$FORUMS_TABLE} ON {$FORUMS_TABLE}.forum_id = {$TOPICS_TABLE}.forum_id"; $sql .= " WHERE {$TOPICS_TABLE}.forum_id IN (" . implode(',', $allowedforums) . ")"; if ($filtAfterDate) { $sql .= " AND FROM_UNIXTIME(post_time)>='" . $filtAfterDate . "'"; } $sql .= " ORDER BY post_time DESC LIMIT " . $this->nItems; $stmt = $connection->prepare($sql); try { $stmt->execute(); } catch (Exception $e) { return LogUtil::registerError(__('Error in plugin') . ' ZphpBB2: ' . $e->getMessage()); } $items = $stmt->fetchAll(Doctrine_Core::FETCH_BOTH); foreach (array_keys($items) as $k) { $items[$k]['topicurl'] = ModUtil::url('ZphpBB2', 'user', 'viewtopic', array('t' => $items[$k]['topic_id'])); $items[$k]['posturl'] = ModUtil::url('ZphpBB2', 'user', 'viewtopic', array('p' => $items[$k]['post_id'] . '#' . $items[$k]['post_id'])); $items[$k]['postdate'] = DateUtil::getDatetime($items[$k]['post_time']); $items[$k]['username'] = UserUtil::getVar('uname', $items[$k]['poster_id']); $items[$k]['nl_title'] = $items[$k]['topic_title']; $items[$k]['nl_url_title'] = System::getBaseUrl() . $items[$k]['posturl']; $items[$k]['nl_content'] = $items[$k]['forum_name'] . ', ' . $items[$k]['username'] . "<br />\n" . $items[$k]['post_text']; $items[$k]['nl_url_readmore'] = $items[$k]['nl_url_title']; } return $items; }
/** * Gets qv summary information * * @author: Sara Arjona Téllez (sarjona@xtec.cat) */ function IWqv_qvsummaryblock_display($row) { // Security check if (!SecurityUtil::checkPermission('IWqv:summaryBlock:', $row['title'] . "::", ACCESS_READ) || !UserUtil::isLoggedIn()) { return false; } $uid = UserUtil::getVar('uid'); if (!isset($uid)) $uid = '-1'; // Get the qvsummary saved in the user vars. It is renovate every 10 minutes $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $exists = ModUtil::apiFunc('IWmain', 'user', 'userVarExists', array('name' => 'qvsummary', 'module' => 'IWqv', 'uid' => $uid, 'sv' => $sv)); if ($exists) { $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $s = ModUtil::func('IWmain', 'user', 'userGetVar', array('uid' => $uid, 'name' => 'qvsummary', 'module' => 'IWqv', 'sv' => $sv, 'nult' => true)); } else { $teacherassignments = ModUtil::apiFunc('IWqv', 'user', 'getall', array("teacher" => $uid)); $studentassignments = ModUtil::apiFunc('IWqv', 'user', 'getall', array("student" => $uid)); if (empty($teacherassignments) && empty($studentassignments)) { } $view = Zikula_View::getInstance('IWqv', false); $view->assign('teacherassignments', $teacherassignments); $view->assign('studentassignments', $studentassignments); $view->assign('isblock', true); $s = $view->fetch('IWqv_block_summary.htm'); if (empty($teacherassignments) && empty($studentassignments)) { $s = ''; } //Copy the block information into user vars $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); ModUtil::func('IWmain', 'user', 'userSetVar', array('uid' => $uid, 'name' => 'qvsummary', 'module' => 'IWqv', 'sv' => $sv, 'value' => $s, 'lifetime' => '2000')); } if ($s == '') { return false; } $row['content'] = $s; return BlockUtil::themesideblock($row); }
/** * Zikula_View function to display the user name * * Example * {user} * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @see function.userwelcome.php::smarty_function_user() * * @return string The username. */ function smarty_function_user($params, Zikula_View $view) { if (UserUtil::isLoggedIn()) { $username = UserUtil::getVar('uname'); } else { $username = __('anonymous guest'); } return DataUtil::formatForDisplayHTML($username); }
/** * Zikula_View function to display the welcome message * * Example * {userwelcome} * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @see function.userwelcome.php::smarty_function_userwelcome() * * @return string The welcome message. */ function smarty_function_userwelcome($params, Zikula_View $view) { if (UserUtil::isLoggedIn()) { $username = UserUtil::getVar('uname'); } else { $username = __('anonymous guest'); } return __f('Welcome, %s!', $username); }
/** * Gets topics information * * @author Albert Pérez Monfort (aperezm@xtec.cat) * @author Josep Ferràndiz Farré (jferran6@xtec.cat) */ public function display($row) { // Security check if (!SecurityUtil::checkPermission('IWmyrole::', "::", ACCESS_ADMIN)) { return false; } $uid = UserUtil::getVar('uid'); //Check if user belongs to change group. If not the block is not showed $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $isMember = ModUtil::func('IWmain', 'user', 'isMember', array('sv' => $sv, 'gid' => ModUtil::getVar('IWmyrole', 'rolegroup'), 'uid' => $uid)); if (!$isMember) { return false; } $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $uidGroups = ModUtil::func('IWmain', 'user', 'getAllUserGroups', array('sv' => $sv, 'uid' => $uid)); foreach ($uidGroups as $g) { $originalGroups[$g['id']] = 1; } $view = Zikula_View::getInstance('IWmyrole', false); // Gets the groups $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $allGroups = ModUtil::func('IWmain', 'user', 'getAllGroups', array('sv' => $sv, 'less' => ModUtil::getVar('IWmyrole', 'rolegroup'))); $groupsNotChangeable = ModUtil::getVar('IWmyrole', 'groupsNotChangeable'); foreach ($allGroups as $group) { if (strpos($groupsNotChangeable, '$' . $group['id'] . '$') == false) $groupsArray[] = $group; } $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $invalidChange = ModUtil::func('IWmain', 'user', 'userGetVar', array('uid' => $uid, 'name' => 'invalidChange', 'module' => 'IWmyrole', 'nult' => true, 'sv' => $sv)); $view->assign('groups', $groupsArray); $view->assign('invalidChange', $invalidChange); $view->assign('roleGroups', $originalGroups); $s = $view->fetch('IWmyrole_block_change.htm'); $row['content'] = $s; return BlockUtil::themesideblock($row); }
/** * Display the output of the online block. * * @param array $blockinfo A blockinfo structure. * * @todo Move sql queries to calls to relevant API's. * * @return string|void The output. */ public function display($blockinfo) { if (!SecurityUtil::checkPermission('Onlineblock::', $blockinfo['bid'].'::', ACCESS_READ)) { return; } if ($this->view->getCaching()) { // Here we use the user id as the cache id since the block shows user based // information; username and number of private messages. $uid = UserUtil::getVar('uid'); $cacheid = $blockinfo['bkey'].'/bid'.$blockinfo['bid'].'/'.($uid ? $uid : 'guest'); // We use an individual cache with a lifetime specified on the block configuration. $this->view->setCaching(Zikula_View::CACHE_INDIVIDUAL) ->setCacheLifetime($blockinfo['refresh']) ->setCacheId($cacheid); // check out if the contents are cached. // If this is the case, we do not need to make DB queries. if ($this->view->is_cached('users_block_online.tpl')) { $blockinfo['content'] = $this->view->fetch('users_block_online.tpl'); return BlockUtil::themeBlock($blockinfo); } } $table = DBUtil::getTables(); $sessioninfocolumn = $table['session_info_column']; $activetime = strftime('%Y-%m-%d %H:%M:%S', time() - (System::getVar('secinactivemins') * 60)); $where = "WHERE $sessioninfocolumn[lastused] > '$activetime' AND $sessioninfocolumn[uid] > 0"; $numusers = DBUtil::selectObjectCount('session_info', $where, 'uid', true); $where = "WHERE $sessioninfocolumn[lastused] > '$activetime' AND $sessioninfocolumn[uid] = '0'"; $numguests = DBUtil::selectObjectCount('session_info', $where, 'ipaddr', true); $msgmodule = System::getVar('messagemodule', ''); if ($msgmodule && SecurityUtil::checkPermission($msgmodule.'::', '::', ACCESS_READ) && UserUtil::isLoggedIn()) { // check if message module is available and add the necessary info if (ModUtil::available($msgmodule)) { $this->view->assign('messages', ModUtil::apiFunc($msgmodule, 'user', 'getmessagecount')); } else { $this->view->assign('messages', array()); } } $this->view->assign('registerallowed', $this->getVar('reg_allowreg')) ->assign('userscount', $numusers) ->assign('guestcount', $numguests) ->assign('msgmodule', $msgmodule); $blockinfo['content'] = $this->view->fetch('users_block_online.tpl'); return BlockUtil::themeBlock($blockinfo); }
/** * Zikula_View function to display the avatar of a user * * Available parameters: * - uid User uid * - width, height Width and heigt of the image (optional) * - assign The results are assigned to the corresponding variable instead of printed out (optional). * Gravatar parameters * - size Size of the gravtar (optional) * - rating Gravatar allows users to self-rate their images so that they can indicate if an image is appropriate for a certain audience. * [g|pg|r|x] see: http://en.gravatar.com/site/implement/images/ (optional) * * Examples: * {useravatar uid="2"} * {useravatar uid="2" width=80 height=80} * {useravatar uid="2" size=80 rating=g} * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @return string A formatted string containing the avatar image. */ function smarty_function_useravatar($params, Zikula_View $view) { if (!isset($params['uid'])) { $view->trigger_error("Error! Missing 'uid' attribute for useravatar."); return false; } $email = UserUtil::getVar('email', $params['uid']); $avatar = UserUtil::getVar('avatar', $params['uid']); $uname = UserUtil::getVar('uname', $params['uid']); $avatarpath = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_AVATAR_IMAGE_PATH, UsersConstant::DEFAULT_AVATAR_IMAGE_PATH); $allowgravatars = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_GRAVATARS_ENABLED, UsersConstant::DEFAULT_GRAVATARS_ENABLED); $gravatarimage = ModUtil::getVar(UsersConstant::MODNAME, UsersConstant::MODVAR_GRAVATAR_IMAGE, UsersConstant::DEFAULT_GRAVATAR_IMAGE); if (isset($avatar) && !empty($avatar) && $avatar != $gravatarimage && $avatar != 'blank.gif') { $avatarURL = System::getBaseUrl() . $avatarpath . '/' . $avatar; } elseif ($avatar == $gravatarimage && $allowgravatars == 1) { if (!isset($params['rating'])) { $params['rating'] = false; } if (!isset($params['size'])) { if (isset($params['width'])) { $params['size'] = $params['width']; } $params['size'] = 80; } $params['width'] = $params['size']; $params['height'] = $params['size']; $avatarURL = 'http://www.gravatar.com/avatar.php?gravatar_id=' . md5($email); if (isset($params['rating']) && !empty($params['rating'])) { $avatarURL .= "&rating=" . $params['rating']; } if (isset($params['size']) && !empty($params['size'])) { $avatarURL .= "&size=" . $params['size']; } $avatarURL .= "&default=" . urlencode(System::getBaseUrl() . $avatarpath . '/' . $gravatarimage); } else { // e.g. blank.gif or empty avatars return false; } $classString = ''; if (isset($params['class'])) { $classString = "class=\"{$params['class']}\" "; } $html = '<img ' . $classString . ' src="' . DataUtil::formatForDisplay($avatarURL) . '" title="' . DataUtil::formatForDisplay($uname) . '" alt="' . DataUtil::formatForDisplay($uname); if (isset($params['width'])) { $html .= ' width="' . $params['width'] . '"'; } if (isset($params['height'])) { $html .= ' height="' . $params['height'] . '"'; } $html .= '" />'; if (isset($params['assign'])) { $view->assign($params['assign'], $avatarURL); } else { return $html; } }
/** * This function shows the content of the main MyProfile tab * * @return output */ public function tab($args) { // generate output $render = Zikula_View::getInstance('EZComments'); $render->assign('uid', (int) $args['uid']); $render->assign('viewer_uid', UserUtil::getVar('uid')); $render->assign('uname', UserUtil::getVar('uname', (int) $args['uid'])); $render->assign('settings', ModUtil::apiFunc('MyProfile', 'user', 'getSettings', array('uid' => $args['uid']))); return $render->fetch('ezcomments_myprofile_tab.tpl'); }
/** * Show the month calendar into a bloc * * @param array $blockinfo The month and the year to show * * @return The calendar content */ public function display($blockinfo) { $mes = FormUtil::getPassedValue('mes', isset($args['mes']) ? $args['mes'] : 0, 'REQUEST'); $any = FormUtil::getPassedValue('any', isset($args['any']) ? $args['any'] : 0, 'REQUEST'); // Security check if (!SecurityUtil::checkPermission("IWagendas:calendarblock:", $blockinfo['title'] . "::", ACCESS_READ)) return; // Check if the module is available if (!ModUtil::available('IWagendas')) return; $user = (UserUtil::isLoggedIn()) ? UserUtil::getVar('uid') : '-1'; //get the calendar saved in the user vars. $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $exists = ModUtil::apiFunc('IWmain', 'user', 'userVarExists', array('name' => 'Calendar', 'module' => 'IWagendas', 'uid' => $user, 'sv' => $sv)); /* if ($exists) { $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $s = ModUtil::func('IWmain', 'user', 'userGetVar', array('uid' => $user, 'name' => 'calendar', 'module' => 'IWagendas', 'sv' => $sv, 'nult' => true)); $blockinfo['content'] = $s; return BlockUtil::themesideblock($blockinfo); } * */ $s = ModUtil::func('IWagendas', 'user', 'getCalendarContent', array('mes' => $mes, 'any' => $any)); //Copy the block information into user vars $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); ModUtil::func('IWmain', 'user', 'userSetVar', array('uid' => $user, 'name' => 'calendar', 'module' => 'IWagendas', 'sv' => $sv, 'value' => $s, 'lifetime' => '700')); //Copy the block information into user vars $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); ModUtil::func('IWmain', 'user', 'userSetVar', array('uid' => $user, 'name' => 'month', 'module' => 'IWagendas', 'sv' => $sv, 'value' => $mes)); // Populate block info and pass to theme $blockinfo['content'] = $s; return BlockUtil::themesideblock($blockinfo); }
public function hasPermission($access = ACCESS_READ) { // Perform access check if (!$this->hasPermissionRaw('KaikmediaGalleryModule::', '::', $access)) { return false; } // Get the uid of the user $uid = \UserUtil::getVar('uid'); // Return user uid to signify everything is OK. return $uid; }
/** * If enabled and logged in, save login name of user in Apache session variable for Apache logs. * * Implements 'core.init' event when Zikula_Core::STAGE_SESSIONS. * * @param Zikula_Event $event The event handler. * * @return void */ public function sessionLogging(Zikula_Event $event) { if ($event['stage'] & Zikula_Core::STAGE_SESSIONS) { // If enabled and logged in, save login name of user in Apache session variable for Apache logs if (isset($GLOBALS['ZConfig']['Log']['log.apache_uname']) && $GLOBALS['ZConfig']['Log']['log.apache_uname'] && UserUtil::isLoggedIn()) { if (function_exists('apache_setenv')) { apache_setenv('Zikula-Username', UserUtil::getVar('uname')); } } } }
/** * Construct. * * @param int $objectId Object ID. * @param int $areaId A blockinfo structure. * @param string $module Module. * @param string $urlString Url. * @param Zikula_ModUrl $urlObject Url object. */ function __construct($objectId, $areaId, $module, $urlString = null, Zikula_ModUrl $urlObject = null) { parent::__construct($objectId, $areaId, $module, $urlString, $urlObject); $page = ModUtil::apiFunc('Pages', 'user', 'get', array('pageid' => $this->getObjectId())); // the Api checks for perms and there is nothing else to check if ($page) { $this->setObjectAuthor(UserUtil::getVar('uname', $page['cr_uid'])); $this->setObjectDate($page['cr_date']); $this->setObjectTitle($page['title']); } }
/** * change a page lock * */ public function checkpagelock($args) { $this->checkAjaxToken(); $lockName = $this->request->getPost()->get('lockname'); $uname = UserUtil::getVar('uname'); $lockInfo = ModUtil::apiFunc('PageLock', 'user', 'requireLock', array('lockName' => $lockName, 'sessionId' => session_id(), 'lockedByTitle' => $uname, 'lockedByIPNo' => $_SERVER['REMOTE_ADDR'])); if (!$lockInfo['hasLock']) { $lockInfo['message'] = $this->__('Error! Lock broken!'); } else { $lockInfo['message'] = null; } return new Zikula_Response_Ajax($lockInfo); }
/** * Display the block. * * @param array $blockinfo A blockinfo structure. * * @return string The rendered block. */ public function display($blockinfo) { // Check if the Profile module is available. if (!ModUtil::available('Profile')) { return false; } // Security check if (!SecurityUtil::checkPermission('Profile:MembersOnlineblock:', "$blockinfo[title]::", ACCESS_READ)) { return false; } // Get variables from content block $vars = BlockUtil::varsFromContent($blockinfo['content']); // Defaults if (empty($vars['lengthmax'])) { $vars['lengthmax'] = 30; } $uid = (int)UserUtil::getVar('uid'); $users = ModUtil::apiFunc('Profile', 'memberslist', 'getallonline'); $usersonline = array(); if ($users) { foreach ($users['unames'] as $user) { $usersonline[] = $user; } } $this->view->setCaching(false) ->setCacheId($uid); // check which messaging module is available and add the necessary info $msgmodule = ModUtil::apiFunc('Profile', 'memberslist', 'getmessagingmodule'); if (!empty($msgmodule) && UserUtil::isLoggedIn()) { $this->view->assign('messages', ModUtil::apiFunc($msgmodule, 'user', 'getmessagecount')); } $this->view->assign('msgmodule', $msgmodule); $this->view->assign('maxLength', $vars['lengthmax']); $this->view->assign('usersonline', $usersonline); $this->view->assign('membonline', $users['numusers']); $this->view->assign('anononline', $users['numguests']); $this->view->assign('uid', $uid); $blockinfo['content'] = $this->view->fetch('profile_block_membersonline.tpl'); return BlockUtil::themeBlock($blockinfo); }
/** * Sets the user groups membership * @author: Albert Pérez Monfort (aperezm@xtec.cat) * @author: Josep Ferràndiz (jferran6@xtec.cat) * @param: Array with the id's of the groups where the user will be enroled * @return: True if success and false in other case */ public function addUserToGroup($args) { $roles = FormUtil::getPassedValue('roles', isset($args['roles']) ? $args['roles'] : null, 'POST'); $defaultRoles = FormUtil::getPassedValue('defaultRoles', isset($args['defaultRoles']) ? $args['defaultRoles'] : null, 'POST'); // Security check if (!SecurityUtil::checkPermission('IWmyrole::', "::", ACCESS_ADMIN) && $defaultRoles != 1) { throw new Zikula_Exception_Forbidden(); } if ($defaultRoles == 1) { $roles = array(); //get user default roles $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $defaultRoles = ModUtil::func('IWmain', 'user', 'userGetVar', array('uid' => $uid, 'name' => 'defaultRoles', 'module' => 'IWmyrole', 'sv' => $sv)); //set default roles $userGroups = explode('$$', $defaultRoles); $i = 0; foreach ($userGroups as $group) { if ($group != '') { $roles[$i] = $group; $i++; } } } $uid = UserUtil::getVar('uid'); $count = count($roles); for ($i = 0; $i < $count; $i++) { //Check if user belongs to change group. If not the block is not showed $sv = ModUtil::func('IWmain', 'user', 'genSecurityValue'); $isMember = ModUtil::func('IWmain', 'user', 'isMember', array('sv' => $sv, 'gid' => $roles[$i], 'uid' => $uid)); if (!$isMember) { $obj[] = array('uid' => $uid, 'gid' => $roles[$i]); } } if ($count > 0) { if (!DBUtil::insertObjectArray($obj, 'group_membership')) { return LogUtil::registerError($this->__('Error! Creation attempt failed.')); } } return true; }
/** * Return an array of items to show in the your account panel * * @return array */ public function getall($args) { $items = array(); $uname = isset($args['uname']) ? $args['uname'] : UserUtil::getVar('uname'); // does this user exist? if (UserUtil::getIdFromName($uname) == false) { // user does not exist return $items; } // Create an array of links to return if (SecurityUtil::checkPermission('Content::', '::', ACCESS_EDIT)) { $items[] = array('url' => ModUtil::url('Content', 'admin', 'newpage'), 'module' => 'Content', 'title' => $this->__('Add a new page'), 'icon' => 'content_add.gif'); } // Return the items return $items; }
/** * Display block. * * @param array $blockInfo A blockinfo structure. * * @return string|void The rendered block. */ public function display($blockInfo) { if (!SecurityUtil::checkPermission('Userblock::', $blockInfo['title']."::", ACCESS_READ)) { return; } if (UserUtil::isLoggedIn() && UserUtil::getVar('ublockon') == 1) { if (!isset($blockInfo['title']) || empty($blockInfo['title'])) { $blockInfo['title'] = $this->__f('Custom block content for %s', UserUtil::getVar('name')); } $blockInfo['content'] = nl2br(UserUtil::getVar('ublock')); return BlockUtil::themeBlock($blockInfo); } return; }
/** * Change the status of a block. * * Invert the status of a given block id (collapsed/uncollapsed). * * @return void */ public function changestatus() { $bid = FormUtil::getPassedValue('bid'); $uid = UserUtil::getVar('uid'); $dbtable = DBUtil::getTables(); $column = $dbtable['userblocks_column']; $where = "WHERE {$column['bid']}='" . DataUtil::formatForStore($bid) . "' AND {$column['uid']}='" . DataUtil::formatForStore($uid) . "'"; $active = DBUtil::selectField('userblocks', 'active', $where); $obj = array(); $obj['active'] = $active ? 0 : 1; $where = "WHERE {$column['uid']}='" . DataUtil::formatForStore($uid) . "' AND {$column['bid']}='" . DataUtil::formatForStore($bid) . "'"; $res = DBUtil::updateObject($obj, 'userblocks', $where); if (!$res) { return LogUtil::registerError($this->__('Error! An SQL error occurred.')); } // now lets get back to where we came from $this->redirect(System::serverGetVar('HTTP_REFERER')); }
/** * This function increment the page view if the user is not the creator */ public static function addView($id) { $serviceManager = ServiceUtil::getManager(); $modelHelper = new Reviews_Util_Model($serviceManager); // build review repository $repository = $modelHelper->getReviewRepository(); $entity = $repository->selectById($id); $serviceManager = ServiceUtil::getManager(); $entityManager = $serviceManager->getService('doctrine.entitymanager'); if ($entity->getCreatedUserId() != UserUtil::getVar('uid')) { $hits = $entity->getHits(); $entity->setHits($hits + 1); $email = $entity->getEmail(); $email = html_entity_decode($email); $entity->setEmail($email); $entityManager->flush(); } return true; }
/** * Change the status of a block. * * Invert the status of a given block id (collapsed/uncollapsed). * * @return void */ public function changestatus() { $bid = FormUtil::getPassedValue('bid'); $uid = UserUtil::getVar('uid'); $entity = $this->name . '_Entity_UserBlock'; $item = $this->entityManager->getRepository($entity)->findOneBy(array('uid' => $uid, 'bid' => $bid)); if ($item['active'] == 1) { $item['active'] = 0; } else { $item['active'] = 1; } $this->entityManager->flush(); // now lets get back to where we came from $this->redirect(System::serverGetVar('HTTP_REFERER')); }