public function getUsername()
{
$objUser = new clsUser($this->get('user_id'));
if ($objUser->isNew()) {
return $this->get('username');
}
return $objUser->get('username');
}
try {
/* Update the DB if we need to. */
require_once 'include/upgrade.php';
$strAction = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
$strSubAction = isset($_REQUEST['subaction']) ? $_REQUEST['subaction'] : '';
$objBreadcrumbs = new clsBreadcrumbs();
$objBreadcrumbs->add('Home', 'index.php');
$objMiniMenu = new clsMiniMenu();
if (!isset($_SESSION['objUser'])) {
$objUser = clsUser::getCookie();
} else {
$objUser = $_SESSION['objUser'];
}
/* This re-loads the user object in case it's changed. */
if ($objUser) {
$objUser = new clsUser($objUser->get('id'));
}
if ($objUser && $objUser->isNew()) {
$objUser = null;
}
if (!preg_match('/^[a-zA-Z2-9_-]*$/', $strAction)) {
throw new Exception(ERRORMSG_INVALID);
}
$objTemplate = new clsTemplate('default');
$objTemplate->setText('SCRIPT', clsDB::initializeJS());
$objTemplate->setText('TITLE', "OSPAP2");
/* Inline CSS for advanced. */
$objTemplate->setText('HEAD', clsUser::getAdvancedStyle($objUser));
if (isset($_REQUEST['error']) && isset($arrMessages[$_REQUEST['error']])) {
$objTemplate->setText('ERROR', $arrMessages[$_REQUEST['error']]);
} else {
/* If it's the base album, allow filtering by user. */
if ($objAlbum->isNew()) {
print $objAlbum->getUserFilter("Filter by user") . "<hr>";
}
/* Display the expand/contract all buttons. */
print "<a href='#' onClick='expand_all()' class='nounderline'><img src='images/expand.png'> Expand All</a><br>";
print "<a href='#' onClick='contract_all()' class='nounderline'><img src='images/contract.png'> Hide All</a><br>";
print "<br>";
/* Display any sub-albums. */
clsAlbum::displayAlbums($arrSubAlbums, $objUser);
/* Display any pictures. */
clsPicture::displayPictures($objAlbum->getPictures(), $objAlbum->get('id') ? true : false);
}
if ($strSubAction == 'useralbums') {
if ($objUser && $objUser->get('remember_filter')) {
$objUser->set('filter_user', $objMember->get('id'));
$objUser->save();
}
if (!$objMember || $objMember->isNew()) {
header("Location: index.php?action=albums");
exit;
}
$objTemplate->setText('PAGETITLE', $objMember->get('username') . "'s Albums");
$objBreadcrumbs->add('Members', 'index.php?action=members');
$objBreadcrumbs->add($objMember->get('username'), 'index.php?action=members&subaction=view&' . $objGroup->getIDPair());
$objBreadcrumbs->add('Albums', "index.php?action=albums&subaction=memberalbums" . $objMember->getIDPair());
$arrAlbums = clsAlbum::getUserAlbums($objUser, $objMember);
/* This script allows the albums to be expanded/hidden. */
$objTemplate->setText('SCRIPT', clsAlbum::getSubAlbumScript());
$objTemplate->setText('SCRIPT', clsAlbum::getAllAlbumScript($arrAlbums));
/* Display the expand/contract all buttons. */
$objMember = new clsUser();
$objMember->getFromRequest();
$objMember->load();
if ($strSubAction == '') {
$objTemplate->setText('PAGETITLE', "Members");
$objMiniMenu->add('Groups', 'index.php?action=groups');
$arrUsers = clsUser::getUserList();
print "<table class='members'>";
print "<tr>";
print "<th width='150' align='left'>Name</td>";
print "<th width='100'>Albums</td>";
print "<th width='100'>Pictures</td>";
print "</tr>";
foreach ($arrUsers as $objMember) {
print "<tr>";
print "<td><a href='index.php?action=members&subaction=view&" . $objMember->getIDPair() . "' class='nounderline'>" . $objMember->get('username') . "</a></td>";
print "<td align='center'><a href='index.php?action=albums&subaction=useralbums&" . $objMember->getIDPair() . "' class='nounderline'>" . clsAlbum::getUserAlbumCount($objUser, $objMember) . "</a></td>";
print "<td align='center'><a href='index.php?action=albums&subaction=userpictures&" . $objMember->getIDPair() . "' class='nounderline'>" . clsAlbum::getUserPictureCount($objUser, $objMember) . "</a></td>";
print "</tr>";
}
print "</table>";
}
if ($strSubAction == 'view') {
if (clsUser::canEdit($objMember, $objUser)) {
if ($objMember->isNew()) {
$objMember->getFromRequest(array('id', 'username', 'password1', 'password2', 'email', 'is_advanced', 'show_empty', 'remember_filter', 'realname', 'location'));
$objTemplate->setText('PAGETITLE', 'Registration');
$objBreadcrumbs->add('Registration', "index.php?action=members&subaction=view");
} else {
$objTemplate->setText('PAGETITLE', 'Editing ' . $objMember->get('username'));
$objBreadcrumbs->add('Registration', "index.php?action=members&subaction=view&" . $objMember->getIDPair());
// $objMiniMenu->add('Disband', 'index.php?action=groups&subaction=disband&' . $objGroup->getIDPair());
}
/* The user can edit the group. */
if ($objGroup->canEdit($objUser)) {
$objMiniMenu->add('Edit', 'index.php?action=groups&subaction=edit&' . $objGroup->getIDPair());
}
$objGroupTemplate = new clsTemplate('viewgroup');
$objGroupTemplate->setText('NAME', $objGroup->get('name'));
$objGroupTemplate->setText('FOUNDER', $objGroup->getFrom('user', 'username'));
$objGroupTemplate->setText('ISPRIVATE', $objGroup->get('is_private') ? "Yes" : "No");
$objGroupTemplate->setText('ISHIDDEN', $objGroup->get('is_hidden') ? "Yes" : "No");
$arrMembers = $objGroup->getMembers();
foreach ($arrMembers as $objMember) {
$str = '';
$str .= "<tr>";
$str .= "<td><a href='index.php?action=members&subaction=view&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></td>";
$str .= "</tr>";
$objGroupTemplate->setText('MEMBERS', $str);
}
$arrRequestedJoins = $objGroup->getRequestedJoins();
foreach ($arrRequestedJoins as $objMember) {
$str = '';
$str .= "<tr>";
$str .= "<td><a href='index.php?action=members&subaction=view&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></td>";
if ($objGroup->isMember($objUser)) {
$str .= "<td><a href='index.php?action=groups&subaction=approve&" . $objGroup->getIDPair() . "&" . $objMember->getIDPair() . "'>Approve</td>";
} else {
$str .= "<td>Awaiting Approval</td>";
}
$objGroupTemplate->setText('PENDING', $str);
}
public static function getByName($strName)
{
/* By putting the username into an object, it is sanitized. */
$objUser = new clsUser();
$objUser->set('username', $strName);
$arrResults = clsDB::getListStatic('user', "`<<user><username>>`='" . $objUser->get('username') . "'");
if (sizeof($arrResults) == 0) {
return null;
}
// Username wasn't found
if (sizeof($arrResults) > 1) {
throw new Exception("exception_multiplenames");
}
/* should never happen, but who knows? */
return new clsUser($arrResults[0]->get('id'));
}
<?php
if ($strSubAction == '') {
$objTemplate->setText('PAGETITLE', "Password Recovery");
$objBreadcrumbs->add('Password Recovery', 'index.php?action=forgotpassword');
$objRecoverUser = new clsUser();
print "<form action='index.php' method='get'>";
print "<input type='hidden' name='action' value='forgotpassword'>";
print "<input type='hidden' name='subaction' value='go'>";
print "Your account name: " . $objRecoverUser->getTextField('username') . "<br>";
print $objRecoverUser->getSubmit('Recover');
print "</form>";
}
if ($strSubAction == 'go') {
$objRecoverUser = new clsUser();
$objRecoverUser->getFromRequest();
$strResult = clsUser::attemptRecover($objRecoverUser->get('username'));
header("Location: index.php?message={$strResult}");
}
