/** * Handle profile viewing which will handle posting to a publication / * * @param object $context The context object for the site * * @return void */ public function handle($context) { # Get the publication corresponding to this RESTful call. $pub = R::load('publication', $context->rest()[0]); # Redbean generates a bean with id 0 if it doesn't exist if ($pub->id == 0) { # Ensure to not post to imaginary publication (new Web())->bad(); } # Dispense a Post. $post = R::dispense('post'); # Set which staff is making the post. $post->poster = $context->user()->id; # Must post content, silently strip to a maximum of 8000 characters. $post->content = substr(strip_tags($context->mustpostpar('content')), 0, 8000); # Associate it to the publication, one->many relation with cascade. $pub->xownPosts[] = $post; # Persist the data. R::store($pub); # Divert back to the viewer. $context->divert("/viewpub/" . $pub->id); }
/** * Handle an action * * @param object $context The context object for the site * * @return mixed A template name or an array [template name, mimetype, HTTP code] */ public function handle($context) { # should never get called really $context->divert('/'); /* NOT REACHED */ }
/** * Handle things to do with email address confirmation * * @param object $context The context object for the site * * @return string A template name */ public function confirm($context) { if ($context->hasuser()) { # logged in, so this stupid.... $context->divert('/'); } $local = $context->local(); $tpl = 'index.twig'; $rest = $context->rest(); if ($rest[0] === '' || $rest[0] == 'resend') { # asking for resend $lg = $context->formdata()->post('eorl', ''); if ($lg === '') { # show the form $tpl = 'resend.twig'; } else { # handle the form $user = $this->eorl($lg); if (!is_object($user)) { $local->message(Local::ERROR, 'Sorry, there is no user with that name or email address.'); } elseif ($user->confirm) { $local->message(Local::WARNING, 'Your email address has already been confirmed.'); } else { $this->sendconfirm($context, $user); $local->message(Local::MESSAGE, 'A new confirmation link has been sent to your email address.'); } } } else { # confirming the email $x = R::findOne('confirm', 'code=? and kind=?', array($rest[0], 'C')); if (is_object($x)) { $interval = (new DateTime($context->utcnow()))->diff(new DateTime($x->issued)); if ($interval->days <= 3) { $x->user->doconfirm(); R::trash($x); $local->message(Local::MESSAGE, 'Thank you for confirming your email address. You can now login.'); } else { $local->message(Local::ERROR, 'Sorry, that code has expired!'); } } } return $tpl; }
/** * Handle things to do with password reset * * @param object $context The context object for the site * * @return string A template name */ public function forgot($context) { if ($context->hasuser()) { # logged in, so this stupid.... $context->divert('/'); } $local = $context->local(); $tpl = 'index.twig'; $rest = $context->rest(); if ($rest[0] === '') { $lg = $context->postpar('eorl', ''); $tpl = 'reset.twig'; if ($lg != '') { $user = $this->eorl($lg); if (is_object($user)) { $this->sendreset($context, $user); $local->message('message', 'A password reset link has been sent to your email address.'); $tpl = 'index.twig'; } else { $local->message('errmessage', 'Sorry, there is no user with that name or email address.'); $tpl = 'reset.twig'; } } } elseif ($rest[0] === 'reset') { $tpl = 'pwreset.twig'; $user = $context->load('user', $context->mustpostpar('uid')); $code = $context->mustpostpar('code'); $xc = R::findOne('confirm', 'code=? and kind=?', array($code, 'P')); if (is_object($xc) && $xc->user_id == $user->getID()) { $interval = (new DateTime($context->utcnow()))->diff(new DateTime($xc->issued)); if ($interval->days <= 1) { $pw = $context->mustpostpar('password'); if ($pw === $context->mustpostpar('repeat')) { $xc->user->setpw($pw); R::trash($xc); $local->message('message', 'You have reset your password. You can now login.'); $tpl = 'index.twig'; } else { $local->message('errmessage', 'Sorry, the passwords do not match!'); } } else { $local->message('errmessage', 'Sorry, that code has expired!'); } } else { $context->divert('/'); } } else { $x = R::findOne('confirm', 'code=? and kind=?', array($rest[0], 'P')); if (is_object($x)) { $interval = (new DateTime($context->utcnow()))->diff(new DateTime($x->issued)); if ($interval->days <= 1) { $local->addval('pwuser', $x->user); $local->addval('code', $x->code); $tpl = 'pwreset.twig'; } else { $local->message('errmessage', 'Sorry, that code has expired!'); } } } return $tpl; }