Inheritance: extends CI_Controller
Beispiel #1
1
 private function _send_reset($form)
 {
     $user_name = $form->reset->inputs["name"]->value;
     $user = user::lookup_by_name($user_name);
     if ($user && !empty($user->email)) {
         $user->hash = random::hash();
         $user->save();
         $message = new View("reset_password.html");
         $message->confirm_url = url::abs_site("password/do_reset?key={$user->hash}");
         $message->user = $user;
         Sendmail::factory()->to($user->email)->subject(t("Password Reset Request"))->header("Mime-Version", "1.0")->header("Content-type", "text/html; charset=UTF-8")->message($message->render())->send();
         log::success("user", t("Password reset email sent for user %name", array("name" => $user->name)));
     } else {
         if (!$user) {
             // Don't include the username here until you're sure that it's XSS safe
             log::warning("user", t("Password reset email requested for user %user_name, which does not exist.", array("user_name" => $user_name)));
         } else {
             log::warning("user", t("Password reset failed for %user_name (has no email address on record).", array("user_name" => $user->name)));
         }
     }
     // Always pretend that an email has been sent to avoid leaking
     // information on what user names are actually real.
     message::success(t("Password reset email sent"));
     json::reply(array("result" => "success"));
 }
Beispiel #2
0
 public function reset_api_key()
 {
     access::verify_csrf();
     rest::reset_access_key();
     message::success(t("Your REST API key has been reset."));
     json::reply(array("result" => "success"));
 }
Beispiel #3
0
 public function make_call($path, $data = array(), $method = "GET")
 {
     $fields = $this->getFields($data);
     $field_string = implode('&', $fields);
     //open connection
     $ch = curl_init();
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
     //what type of request?
     if ($method == "GET") {
         curl_setopt($ch, CURLOPT_URL, $this->api_url . $path . '?' . $field_string);
     } elseif ($method == "POST" || $method == "PATCH" || $method == "DELETE") {
         if ($method == "PATCH") {
             curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PATCH");
         }
         if ($method == "DELETE") {
             curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
         }
         curl_setopt($ch, CURLOPT_URL, $this->api_url . $path);
         curl_setopt($ch, CURLOPT_POST, count($fields));
         curl_setopt($ch, CURLOPT_POSTFIELDS, $field_string);
     }
     //execute post
     $result = curl_exec($ch);
     //close connection
     curl_close($ch);
     //send our data back
     return json::decode($result);
 }
Beispiel #4
0
 public function confirm()
 {
     access::verify_csrf();
     $messages = array("error" => array(), "warn" => array());
     $desired_list = array();
     foreach (module::available() as $module_name => $info) {
         if ($info->locked) {
             continue;
         }
         if ($desired = Input::instance()->post($module_name) == 1) {
             $desired_list[] = $module_name;
         }
         if ($info->active && !$desired && module::is_active($module_name)) {
             $messages = array_merge($messages, module::can_deactivate($module_name));
         } else {
             if (!$info->active && $desired && !module::is_active($module_name)) {
                 $messages = array_merge($messages, module::can_activate($module_name));
             }
         }
     }
     if (empty($messages["error"]) && empty($messages["warn"])) {
         $this->_do_save();
         $result["reload"] = 1;
     } else {
         $v = new View("admin_modules_confirm.html");
         $v->messages = $messages;
         $v->modules = $desired_list;
         $result["dialog"] = (string) $v;
         $result["allow_continue"] = empty($messages["error"]);
     }
     json::reply($result);
 }
Beispiel #5
0
 function encodeData()
 {
     $this->data = $this->pretty_output ? json::pretty($this->data) . "\n" : json_encode($this->data);
     if ($this->data === null) {
         $this->throwJSONError(false, 'Failed to encode $data (' . gettype($this->data) . ') as JSON');
     }
 }
Beispiel #6
0
 private function get_member_list()
 {
     // Call site settings for stored roster & member ranks to track
     $siteSettings = site::setting();
     // Decode JSON from stored roster data
     $roster = json_decode($siteSettings[0]['fullRoster'], true);
     $data = array();
     // Decode JSON from stored roster ranks
     $ranks = json_decode($siteSettings[0]['rosterRanks'], true);
     $filterRanks = array();
     // Ranks to track
     foreach ($ranks as $key => $value) {
         try {
             // echo $key . ' == ' . $value['track'] . '<br/>';
             if ($value['track']) {
                 $filterRanks[] = $key;
             }
         } catch (Exception $e) {
             //
         }
     }
     foreach ($roster['members'] as $key => $character) {
         // echo var_dump($character['character']);
         // echo $character['character']['name'];
         if (in_array($character['rank'], $filterRanks)) {
             $data[] = $character['character']['name'];
         }
     }
     json::resp(array('success' => true, 'data' => $data));
 }
Beispiel #7
0
 function request($type, $url, $get = [], $post = [])
 {
     $developer = cookie::developer();
     if ($developer) {
         $get['_mode'] = 'developer';
     }
     $request = ['method' => $type, 'protocol_version' => '1.1', 'header' => 'Connection: Close'];
     foreach ($post as $name => &$param) {
         if (is_array($param) and empty($param)) {
             $param = '_empty_array';
         }
     }
     if (!empty($post)) {
         $request['header'] .= "\r\nContent-type: application/x-www-form-urlencoded";
         $request['content'] = http_build_query($post);
     }
     $ctx = stream_context_create(['http' => $request]);
     $response = file_get_contents($this->endpoint . (empty($get) ? $url : $url . '?' . http_build_query($get)), false, $ctx);
     $object = json::decode($response, true);
     if (is_null($object)) {
         if ($developer) {
             var_dump($response);
             die;
         } else {
             throw new Exception("Error Processing Request", 1);
         }
     }
     $content = $object['content'];
     return (is_object($content) or is_array($content) and array_values($content) !== $content) ? (object) $content : $content;
 }
Beispiel #8
0
 public function auth()
 {
     if (!identity::active_user()->admin) {
         access::forbidden();
     }
     access::verify_csrf();
     $form = self::_form();
     $valid = $form->validate();
     $user = identity::active_user();
     if ($valid) {
         module::event("user_auth", $user);
         if (!request::is_ajax()) {
             message::success(t("Successfully re-authenticated!"));
         }
         url::redirect(Session::instance()->get_once("continue_url"));
     } else {
         $name = $user->name;
         log::warning("user", t("Failed re-authentication for %name", array("name" => $name)));
         module::event("user_auth_failed", $name);
         if (request::is_ajax()) {
             $v = new View("reauthenticate.html");
             $v->form = $form;
             $v->user_name = identity::active_user()->name;
             json::reply(array("html" => (string) $v));
         } else {
             self::_show_form($form);
         }
     }
 }
 public function save($module_name, $var_name)
 {
     access::verify_csrf();
     module::set_var($module_name, $var_name, Input::instance()->post("value"));
     message::success(t("Saved value for %var (%module_name)", array("var" => $var_name, "module_name" => $module_name)));
     json::reply(array("result" => "success"));
 }
Beispiel #10
0
/**
* 抛出json回执信息
* 
* @access public
* @param string $message 消息体
* @param string $charset 信息编码
* @return void
*/
function throwJson($message, $charset = NULL)
{
    /** 设置http头信息 */
    header('content-Type: application/json; charset=' . (empty($charset) ? 'UTF-8' : $charset), true);
    echo json::encode($message);
    /** 终止后续输出 */
    exit;
}
Beispiel #11
0
function rsp_err($msg = '', $status = '400 Bad Request', $bt = null)
{
    $rsp = array('message' => $msg);
    if ($bt) {
        $rsp['bt'] = $bt;
    }
    rsp_ok(json::pretty(array('error' => $rsp)), $status);
}
Beispiel #12
0
 public static function add($file, $content)
 {
     $a = json::open($file);
     if (is_array($a)) {
         $a[] = $content;
         return json::save($file, $a);
     }
     return false;
 }
Beispiel #13
0
 /**
  * Allows the given item to be displayed again.
  *
  * @param int $id  the item id
  */
 public function show($id)
 {
     $item = model_cache::get("item", $id);
     $msg = t("Displayed <b>%title</b> item", array("title" => html::purify($item->title)));
     $this->_check_hide_permissions($item);
     hide::show($item);
     message::success($msg);
     json::reply(array("result" => "success", "reload" => 1));
 }
 /**
  * Método inicial do controle
  */
 function inicial()
 {
     $this->entidade = $_GET;
     $arNome = explode(' ', strtolower($this->entidade['entidade']));
     $nome = array_shift($arNome);
     $arNome = array_map("ucFirst", $arNome);
     array_unshift($arNome, $nome);
     $this->nomeEntidade = implode('', $arNome);
     $this->nomeNegocio = "N{$this->nomeEntidade}";
     $xml = array();
     if (arquivo::legivel("{$this->nomeEntidade}/xml/entidade.xml")) {
         $xml['entidade'] = simplexml_load_file("{$this->nomeEntidade}/xml/entidade.xml");
     }
     if (arquivo::legivel("{$this->nomeEntidade}/xml/pt_BR.xml")) {
         $xml['inter'] = simplexml_load_file("{$this->nomeEntidade}/xml/pt_BR.xml");
     }
     $j = new json();
     echo $j->pegarJson($xml);
 }
Beispiel #15
0
 public function star_only_off()
 {
     //$item = model_cache::get("item", $id);
     access::verify_csrf();
     $msg = t("Showing all items.");
     //$this->_check_star_permissions($item);
     star::star_only_off();
     message::success($msg);
     json::reply(array("result" => "success", "reload" => 1));
 }
Beispiel #16
0
 public function save()
 {
     access::verify_csrf();
     if (!identity::active_user()->admin) {
         access::forbidden();
     }
     $locale = Gallery_I18n::instance()->locale();
     $input = Input::instance();
     $key = $input->post("l10n-message-key");
     $root_message = ORM::factory("incoming_translation")->where("key", "=", $key)->where("locale", "=", "root")->find();
     if (!$root_message->loaded()) {
         throw new Exception("@todo bad request data / illegal state");
     }
     $is_plural = Gallery_I18n::is_plural_message(unserialize($root_message->message));
     $is_empty = true;
     if ($is_plural) {
         $plural_forms = l10n_client::plural_forms($locale);
         $translation = array();
         foreach ($plural_forms as $plural_form) {
             $value = $input->post("l10n-edit-plural-translation-{$plural_form}");
             if (null === $value || !is_string($value)) {
                 throw new Exception("@todo bad request data");
             }
             $translation[$plural_form] = $value;
             $is_empty = $is_empty && empty($value);
         }
     } else {
         $translation = $input->post("l10n-edit-translation");
         $is_empty = empty($translation);
         if (null === $translation || !is_string($translation)) {
             throw new Exception("@todo bad request data");
         }
     }
     $entry = ORM::factory("outgoing_translation")->where("key", "=", $key)->where("locale", "=", $locale)->find();
     if ($is_empty) {
         if ($entry->loaded()) {
             $entry->delete();
         }
     } else {
         if (!$entry->loaded()) {
             $entry->key = $key;
             $entry->locale = $locale;
             $entry->message = $root_message->message;
             $entry->base_revision = null;
         }
         $entry->translation = serialize($translation);
         $entry_from_incoming = ORM::factory("incoming_translation")->where("key", "=", $key)->where("locale", "=", $locale)->find();
         if (!$entry_from_incoming->loaded()) {
             $entry->base_revision = $entry_from_incoming->revision;
         }
         $entry->save();
     }
     Gallery_I18n::clear_cache($locale);
     json::reply(new stdClass());
 }
Beispiel #17
0
 public function auth_ajax()
 {
     access::verify_csrf();
     list($valid, $form) = $this->_auth("login/auth_ajax");
     if ($valid) {
         json::reply(array("result" => "success"));
     } else {
         $view = new View("login_ajax.html");
         $view->form = $form;
         json::reply(array("result" => "error", "html" => (string) $view));
     }
 }
Beispiel #18
0
 public function doClear($id)
 {
     $photo = ORM::factory("item", $id);
     $rateid = "rate" . $id;
     $ratable = db::build()->select("id")->from("ratables")->where("ratableKey", "=", $rateid)->execute()->current();
     if (db::build()->select("id")->from("ratings")->where("ratable_id", "=", $ratable->id)->execute()->count() < 1) {
         message::warning(t("No votes have been registered for this item:  Nothing cleared!"));
         json::reply(array("result" => "success", "location" => $photo->url()));
         return;
     }
     $ratings = db::build()->delete("ratings")->where("ratable_id", "=", $ratable->id)->execute();
     message::success(t("All ratings and votes for this item have been cleared!"));
     json::reply(array("result" => "success", "location" => $photo->url()));
 }
Beispiel #19
0
 public function __construct($status, $username, $data)
 {
     $json = new json();
     $json->add('Status', $status);
     $json->add('Username', $username);
     $json->add('UserData', $data);
     $json->add('Success');
     $this->json = $json->make();
 }
Beispiel #20
0
 private static function _reauth_check()
 {
     $session = Session::instance();
     $last_active_auth = $session->get("active_auth_timestamp", 0);
     $last_admin_area_activity = $session->get("admin_area_activity_timestamp", 0);
     $admin_area_timeout = module::get_var("gallery", "admin_area_timeout");
     $time_remaining = max($last_active_auth, $last_admin_area_activity) + $admin_area_timeout - time();
     $result = new stdClass();
     $result->result = "success";
     if ($time_remaining < 30) {
         message::success(t("Automatically logged out of the admin area for your security"));
         $result->location = url::abs_site("");
     }
     json::reply($result);
 }
Beispiel #21
0
 function prepStr($str)
 {
     global $CONF_use_utf, $langEncodings, $nativeLanguage;
     if (!$CONF_use_utf) {
         require_once dirname(__FILE__) . '/../ConvertCharset/ConvertCharset.class.php';
         $NewEncoding = new ConvertCharset();
         $str = $NewEncoding->Convert($str, $langEncodings[$nativeLanguage], "utf-8", $Entities);
     }
     $newStr = json::encode($str);
     if ($newStr[0] == '"') {
         return substr($newStr, 1, -1);
     } else {
         return $newStr;
     }
     // return str_replace('"','\"',$str);
 }
Beispiel #22
0
 public function send($id)
 {
     access::verify_csrf();
     $user = identity::lookup_user($id);
     if (!$this->_can_view_profile_pages($user)) {
         throw new Kohana_404_Exception();
     }
     $form = user_profile::get_contact_form($user);
     if ($form->validate()) {
         Sendmail::factory()->to($user->email)->subject(html::clean($form->message->subject->value))->header("Mime-Version", "1.0")->header("Content-type", "text/html; charset=UTF-8")->reply_to($form->message->reply_to->value)->message(html::purify($form->message->message->value))->send();
         message::success(t("Sent message to %user_name", array("user_name" => $user->display_name())));
         json::reply(array("result" => "success"));
     } else {
         json::reply(array("result" => "error", "html" => (string) $form));
     }
 }
Beispiel #23
0
 public function save()
 {
     access::verify_csrf();
     $input = Input::instance();
     locales::update_installed($input->post("installed_locales"));
     $installed_locales = array_keys(locales::installed());
     $new_default_locale = $input->post("default_locale");
     if (!in_array($new_default_locale, $installed_locales)) {
         if (!empty($installed_locales)) {
             $new_default_locale = $installed_locales[0];
         } else {
             $new_default_locale = "en_US";
         }
     }
     module::set_var("gallery", "default_locale", $new_default_locale);
     json::reply(array("result" => "success"));
 }
 function query_direct($args)
 {
     switch ($this->method) {
         case 'photos':
             isset($args['_venue_id']) or backend_error('bad_query', 'Foursquare _venue_id argument missing');
             $photos = [];
             if ($result = json::decode(file_get_contents('https://api.foursquare.com/v2/venues/' . $args['venue_id'] . '/photos?' . $this->foursquare->get()))) {
                 foreach ($result->response->photos->groups as $group) {
                     if ($group->type == 'venue') {
                         foreach ($group->items as $item) {
                             $photo = ['url' => $item->url, 'created' => $item->createdAt, 'user' => ['id' => $item->user->id, 'firstName' => $item->user->firstName, 'lastName' => @$item->user->lastName, 'gender' => $item->user->gender, 'photo' => $item->user->photo]];
                             $resampled = [];
                             foreach ($item->sizes->items as $size) {
                                 $resampled[] = ['url' => $size->url, 'width' => $size->width, 'height' => $size->height];
                             }
                             $photo['resampled'] = $resampled;
                             $photos[] = $photo;
                         }
                     }
                 }
             }
             !(empty($photos) and $this->required) or backend_error('bad_input', 'Empty response from Froursquare procedure');
             return (object) $photos;
         case 'venues':
             isset($args['_latitude']) or backend_error('bad_query', 'Foursquare _latitude argument missing');
             isset($args['_longitude']) or backend_error('bad_query', 'Foursquare _longitude argument missing');
             $venues = [];
             if ($result = json::decode(file_get_contents('https://api.foursquare.com/v2/venues/search?ll=' . $args['_latitude'] . ',' . $args['_longitude'] . '&' . $this->foursquare->get()))) {
                 foreach ($result->response->groups as $group) {
                     if ($group->type == 'nearby') {
                         foreach ($group->items as $item) {
                             $venue[] = ['id' => $item->id, 'name' => $item->name, 'url' => $item->canonicalUrl];
                             $categories = [];
                             foreach ($item->categories as $category) {
                                 $categories[] = ['id' => $category->id, 'name' => $category->name, 'pluralName' => $category->pluralName, 'shortName' => $category->shortName, 'icon' => $category->icon];
                             }
                             $venue['categories'] = $categories;
                             $venues[] = $venue;
                         }
                     }
                 }
             }
             !(empty($venues) and $this->required) or backend_error('bad_input', 'Empty response from Froursquare procedure');
             return (object) $venues;
     }
 }
Beispiel #25
0
 /**
  * Add a new comment to the collection.
  */
 public function create($id)
 {
     $item = ORM::factory("item", $id);
     access::required("view", $item);
     if (!comment::can_comment()) {
         access::forbidden();
     }
     $form = comment::get_add_form($item);
     try {
         $valid = $form->validate();
         $comment = ORM::factory("comment");
         $comment->item_id = $id;
         $comment->author_id = identity::active_user()->id;
         $comment->text = $form->add_comment->text->value;
         $comment->guest_name = $form->add_comment->inputs["name"]->value;
         $comment->guest_email = $form->add_comment->email->value;
         $comment->guest_url = $form->add_comment->url->value;
         $comment->validate();
     } catch (ORM_Validation_Exception $e) {
         // Translate ORM validation errors into form error messages
         foreach ($e->validation->errors() as $key => $error) {
             switch ($key) {
                 case "guest_name":
                     $key = "name";
                     break;
                 case "guest_email":
                     $key = "email";
                     break;
                 case "guest_url":
                     $key = "url";
                     break;
             }
             $form->add_comment->inputs[$key]->add_error($error, 1);
         }
         $valid = false;
     }
     if ($valid) {
         $comment->save();
         $view = new Theme_View("comment.html", "other", "comment-fragment");
         $view->comment = $comment;
         json::reply(array("result" => "success", "view" => (string) $view, "form" => (string) comment::get_add_form($item)));
     } else {
         $form = comment::prefill_add_form($form);
         json::reply(array("result" => "error", "form" => (string) $form));
     }
 }
 public function add_to_basket()
 {
     access::verify_csrf();
     if (!isset($_POST['id'])) {
         die("no id");
     }
     $form = self::getAddToBasketForm($_POST['id']);
     $valid = $form->validate();
     if ($valid) {
         $basket = Session_Basket::getOrCreate();
         $basket->add($form->add_to_basket->id->value, $form->add_to_basket->product->value, $form->add_to_basket->quantity->value);
         $item = ORM::factory("item", $form->add_to_basket->id->value);
         Session::instance()->set("redirect_home", $item->parent_id);
         print json::reply(array("result" => "success"));
     } else {
         log_error("invalid form!");
     }
 }
Beispiel #27
0
 public function create($item_id)
 {
     $item = ORM::factory("item", $item_id);
     access::required("view", $item);
     access::required("edit", $item);
     $form = tag::get_add_form($item);
     if ($form->validate()) {
         foreach (explode(",", $form->add_tag->inputs["name"]->value) as $tag_name) {
             $tag_name = trim($tag_name);
             if ($tag_name) {
                 $tag = tag::add($item, $tag_name);
             }
         }
         json::reply(array("result" => "success", "cloud" => (string) tag::cloud(30)));
     } else {
         json::reply(array("result" => "error", "html" => (string) $form));
     }
 }
Beispiel #28
0
 private function del_file()
 {
     $folder_name = $_POST['folder'];
     $file_name = $_POST['file'];
     // Lookup file first for the ext
     $file = self::get_fileDetails($file_name);
     // Delete actual file (thumbnail)
     @unlink('../../uploads/' . $folder_name . '/' . $file_name . '_thumb' . $file['fileExt']);
     // Delete actual file (full)
     if (unlink('../../uploads/' . $folder_name . '/' . $file_name . $file['fileExt'])) {
         // Delete DB record for file
         $resp = self::delete_item($folder_name, $file_name);
     }
     if ($resp) {
         json::resp(array('success' => $resp, 'msg' => 'File \'' . $folder_name . '/' . $file_name . $file['fileExt'] . '\' Deleted!'));
     } else {
         json::resp(array('success' => $resp, 'msg' => 'File delete error!'));
     }
 }
Beispiel #29
0
 public function json($array)
 {
     $this->auto_render = FALSE;
     $array = json::decode_url();
     $json = array();
     $items = ORM::factory($array['class'][0])->where($array['where'])->orderby($array['orderby'])->limit($array['limit'][0])->find_all();
     foreach ($items as $item) {
         $array = $item->as_array();
         if (isset($array['url']) && !$array['url']) {
             unset($array['url']);
         }
         if (method_exists($item, 'get_url')) {
             $array['url'] = $item->get_url();
         }
         $json[] = $array;
     }
     echo json_encode($json);
     $this->auto_render = FALSE;
 }
 /**
  * the index page of the user homes admin
  */
 public function index()
 {
     $form = upload_configuration::get_configure_form();
     if (request::method() == "post") {
         access::verify_csrf();
         if ($form->validate()) {
             upload_configuration::extractForm($form);
             message::success(t("GWTOrganise Module Configured!"));
             json::reply(array("result" => "success"));
             return;
         } else {
             json::reply(array("result" => "error", "html" => (string) $form));
             return;
         }
     } else {
         upload_configuration::populateForm($form);
     }
     print $form;
 }