/**
* @Route("/edit")
* @Request({"id"})
*/
public function editAction($id = '')
{
/** @var \Bixie\Formmaker\FormmakerModule $formmaker */
$formmaker = App::module('bixie/formmaker');
if (is_numeric($id)) {
$field = Field::find($id);
} else {
$field = Field::create();
$field->setFieldType($id);
}
if (!$field) {
App::abort(404, __('Field not found.'));
}
if (!($type = $formmaker->getFieldType($field->type))) {
App::abort(404, __('Type not found.'));
}
//default values
$fixedFields = ['multiple', 'required'];
if (!$field->id) {
foreach ($type->getConfig() as $key => $value) {
if (!in_array($key, $fixedFields)) {
$field->set($key, $value);
}
}
}
//check fixed value
foreach ($fixedFields as $key) {
if ($type[$key] != -1) {
$field->set($key, $type[$key]);
}
}
return ['field' => $field, 'type' => $type, 'roles' => array_values(Role::findAll())];
}
/**
* @Request({"email": "string"})
*/
public function requestAction($email)
{
try {
if (App::user()->isAuthenticated()) {
return App::redirect();
}
if (!App::csrf()->validate()) {
throw new Exception(__('Invalid token. Please try again.'));
}
if (empty($email)) {
throw new Exception(__('Enter a valid email address.'));
}
if (!($user = User::findByEmail($email))) {
throw new Exception(__('Unknown email address.'));
}
if ($user->isBlocked()) {
throw new Exception(__('Your account has not been activated or is blocked.'));
}
$user->activation = App::get('auth.random')->generateString(32);
$url = App::url('@user/resetpassword/confirm', ['user' => $user->username, 'key' => $user->activation], 0);
try {
$mail = App::mailer()->create();
$mail->setTo($user->email)->setSubject(__('Reset password for %site%.', ['%site%' => App::module('system/site')->config('title')]))->setBody(App::view('system/user:mails/reset.php', compact('user', 'url', 'mail')), 'text/html')->send();
} catch (\Exception $e) {
throw new Exception(__('Unable to send confirmation link.'));
}
$user->save();
return ['message' => __('Check your email for the confirmation link.')];
} catch (Exception $e) {
App::abort(400, $e->getMessage());
}
}
/**
* @Route(methods="POST", defaults={"_maintenance" = true})
* @Request({"credentials": "array", "_remember_me": "boolean"})
*/
public function authenticateAction($credentials, $remember = false)
{
$isXml = App::request()->isXmlHttpRequest();
try {
if (!App::csrf()->validate()) {
throw new AuthException(__('Invalid token. Please try again.'));
}
App::auth()->authorize($user = App::auth()->authenticate($credentials, false));
if (!$isXml) {
return App::auth()->login($user, $remember);
} else {
App::auth()->setUser($user, $remember);
return ['success' => true];
}
} catch (BadCredentialsException $e) {
$error = __('Invalid username or password.');
} catch (AuthException $e) {
$error = $e->getMessage();
}
if (!$isXml) {
App::message()->error($error);
return App::redirect(App::url()->previous());
} else {
App::abort(400, $error);
}
}
/**
* {@inheritdoc}
*/
public function match(array $parameters = [])
{
if (isset($parameters['id'])) {
return $parameters;
}
if (!isset($parameters['slug'])) {
App::abort(404, 'Project not found.');
}
$slug = $parameters['slug'];
$id = false;
foreach ($this->cacheEntries as $entry) {
if ($entry['slug'] === $slug) {
$id = $entry['id'];
}
}
if (!$id) {
if (!($project = Project::where(compact('slug'))->first())) {
App::abort(404, 'Project not found.');
}
$this->addCache($project);
$id = $project->id;
}
$parameters['id'] = $id;
return $parameters;
}
/**
* @Request({"user", "key"})
*/
public function confirmAction($username = "", $activation = "")
{
if (empty($username) || empty($activation) || !($user = User::where(compact('username', 'activation'))->first())) {
App::abort(400, __('Invalid key.'));
}
if ($user->isBlocked()) {
App::abort(400, __('Your account has not been activated or is blocked.'));
}
if ('POST' === App::request()->getMethod()) {
try {
if (!App::csrf()->validate()) {
throw new Exception(__('Invalid token. Please try again.'));
}
$password = App::request()->request->get('password');
if (empty($password)) {
throw new Exception(__('Enter password.'));
}
if ($password != trim($password)) {
throw new Exception(__('Invalid password.'));
}
$user->password = App::get('auth.password')->hash($password);
$user->activation = null;
$user->save();
App::message()->success(__('Your password has been reset.'));
return App::redirect('@user/login');
} catch (Exception $e) {
$error = $e->getMessage();
}
}
return ['$view' => ['title' => __('Reset Confirm'), 'name' => 'system/user/reset-confirm.php'], 'username' => $username, 'activation' => $activation, 'error' => isset($error) ? $error : ''];
}
/**
* @Route(methods="POST", defaults={"_maintenance" = true})
* @Request({"credentials": "array", "remember_me": "boolean", "redirect": "string"})
*/
public function authenticateAction($credentials, $remember = false, $redirect = '')
{
try {
if (!App::csrf()->validate()) {
throw new CsrfException(__('Invalid token. Please try again.'));
}
App::auth()->authorize($user = App::auth()->authenticate($credentials, false));
if (($event = App::auth()->login($user, $remember)) && $event->hasResponse()) {
return $event->getResponse();
}
if (App::request()->isXmlHttpRequest()) {
return App::response()->json(['csrf' => App::csrf()->generate()]);
} else {
return App::redirect(preg_replace('#(https?:)?//[^/]+#', '', $redirect));
}
} catch (CsrfException $e) {
if (App::request()->isXmlHttpRequest()) {
return App::response()->json(['csrf' => App::csrf()->generate()], 401);
}
$error = $e->getMessage();
} catch (BadCredentialsException $e) {
$error = __('Invalid username or password.');
} catch (AuthException $e) {
$error = $e->getMessage();
}
if (App::request()->isXmlHttpRequest()) {
App::abort(401, $error);
} else {
App::message()->error($error);
return App::redirect(preg_replace('#(https?:)?//[^/]+#', '', App::url()->previous()));
}
}
/**
* @Request({"user": "******"}, csrf=true)
*/
public function saveAction($data)
{
$user = App::user();
if (!$user->isAuthenticated()) {
App::abort(404);
}
try {
$user = User::find($user->id);
if ($password = @$data['password_new']) {
if (!App::auth()->getUserProvider()->validateCredentials($user, ['password' => @$data['password_old']])) {
throw new Exception(__('Invalid Password.'));
}
if (trim($password) != $password || strlen($password) < 3) {
throw new Exception(__('Invalid Password.'));
}
$user->password = App::get('auth.password')->hash($password);
}
if (@$data['email'] != $user->email) {
$user->set('verified', false);
}
$user->name = @$data['name'];
$user->email = @$data['email'];
$user->validate();
$user->save();
return ['message' => 'success'];
} catch (Exception $e) {
App::abort(400, $e->getMessage());
}
}
/**
* @Route("/{id}", methods="DELETE", requirements={"id"="\d+"})
* @Request({"id": "int"}, csrf=true)
*/
public function deleteAction($id)
{
if (!($widget = Widget::find($id))) {
App::abort(404, 'Widget not found.');
}
$widget->delete();
return ['message' => 'success'];
}
/**
* @Request({"id", "data"}, csrf=true)
*/
public function saveAction($id, $data)
{
if (!$id || !($record = TestBD::find($id))) {
App::abort(404, __('Record not found.'));
}
$record->save($data);
return ['res' => 'success'];
}
public function indexAction($id = 0)
{
if (!($page = Page::find($id))) {
App::abort(404, __('Page not found.'));
}
$page->content = App::content()->applyPlugins($page->content, ['page' => $page, 'markdown' => $page->get('markdown')]);
return ['$view' => ['title' => $page->title, 'name' => 'system/site/page.php'], 'page' => $page, 'node' => App::node()];
}
/**
* @Access(admin=true)
* @Request({"order": "array"})
*/
public function adminMenuAction($order)
{
if (!$order) {
App::abort(400, __('Missing order data.'));
}
$user = User::find(App::user()->id);
$user->set('admin.menu', $order);
$user->save();
return ['message' => __('Order saved.')];
}
/**
* @Access("userprofile: view profiles")
* @Route("/{id}", methods="GET", name="id")
* @Request({"id": "int"})
*/
public function detailsAction($id)
{
if (!($user = App::auth()->getUserProvider()->find((int) $id)) or !($profileUser = ProfileUser::load($user))) {
App::abort(404, __('User not found.'));
}
if ($breadcrumbs = App::module('bixie/breadcrumbs')) {
$breadcrumbs->addUrl(['title' => $user->name, 'url' => '']);
}
return ['$view' => ['title' => __('User Profile'), 'name' => 'bixie/userprofile/profile-details.php'], '$data' => [], 'config' => App::module('bixie/userprofile')->config(), 'profileUser' => $profileUser, 'node' => App::node()];
}
/**
* @Access("user: manage users")
* @Request({"id": "int"})
*/
public function editAction($id = 0)
{
if (!$id) {
$user = User::create(['roles' => [Role::ROLE_AUTHENTICATED]]);
} else {
if (!($user = User::find($id))) {
App::abort(404, 'User not found.');
}
}
return ['$view' => ['title' => $id ? __('Edit User') : __('Add User'), 'name' => 'system/user/admin/user-edit.php'], '$data' => ['user' => $user, 'config' => ['statuses' => User::getStatuses(), 'roles' => array_values($this->getRoles($user)), 'emailVerification' => App::module('system/user')->config('require_verification'), 'currentUser' => App::user()->id]]];
}
/**
* @Request({"id": "int", "type": "string"})
*/
public function editAction($id = 0, $type = null)
{
if (!$id) {
$widget = Widget::create(['type' => $type]);
} else {
if (!($widget = Widget::find($id))) {
App::abort(404, 'Widget not found.');
}
}
return ['$view' => ['title' => __('Widgets'), 'name' => 'system/widget/edit.php'], '$data' => ['widget' => $widget, 'config' => ['menus' => App::menu(), 'nodes' => array_values(Node::query()->get()), 'roles' => array_values(Role::findAll()), 'types' => array_values(App::widget()->all()), 'positions' => array_values(App::position()->all())]]];
}
/**
* Reads the access expressions and evaluates them on the current user.
*/
public function onLateRequest($event, $request)
{
if (!($access = $request->attributes->get('_access'))) {
return;
}
foreach ($access as $expression) {
if (!App::user()->hasAccess($expression)) {
App::abort(403, __('Insufficient User Rights.'));
}
}
}
/**
* @Route("category/edit", name="admin/category/edit")
* @Access("download: manage categories")
* @Request({"id": "int"})
*/
public function editCategoryAction($id = 0)
{
if (!($category = Category::where(compact('id'))->related('files')->first())) {
if ($id) {
App::abort(404, __('Invalid file id.'));
}
$category = Category::create(['status' => 1, 'slug' => '']);
$category->set('markdown', $this->download->config('markdown'));
}
return ['$view' => ['title' => $id ? __('Edit category') : __('Add category'), 'name' => 'bixie/download/admin/category.php'], '$data' => ['roles' => array_values(Role::findAll()), 'category' => $category], 'category' => $category];
}
/**
* @Route("/{id}", name="id")
*/
public function projectAction($id = 0)
{
if (!($project = Project::where(['id = ?', 'date < ?'], [$id, new \DateTime()])->first())) {
App::abort(404, __('Project not found.'));
}
$project->intro = App::content()->applyPlugins($project->intro, ['project' => $project, 'markdown' => $project->get('markdown')]);
$project->content = App::content()->applyPlugins($project->content, ['project' => $project, 'markdown' => $project->get('markdown')]);
$previous = Project::getPrevious($project);
$next = Project::getNext($project);
return ['$view' => ['title' => __($project->title), 'name' => 'bixie/portfolio/project.php'], 'portfolio' => $this->portfolio, 'config' => $this->portfolio->config(), 'previous' => $previous, 'next' => $next, 'project' => $project];
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"role": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
// is new ?
if (!($role = Role::find($id))) {
if ($id) {
App::abort(404, __('Role not found.'));
}
$role = Role::create();
}
$role->save($data);
return ['message' => 'success', 'role' => $role];
}
/**
* @Route("/ajax", methods="POST")
* @Request({"field_id": "int", "action": "string"})
*/
public function ajaxAction($field_id, $action)
{
if (!($field = Field::find($field_id))) {
App::abort(400, __('Field not found.'));
}
$fieldValue = Profilevalue::create()->setField($field);
$fieldType = $fieldValue->getFieldType();
if (method_exists($fieldType, $action)) {
return call_user_func([$fieldType, $action], $fieldValue);
}
return 'No response';
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"field": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
if (!($field = Field::find($id))) {
$field = Field::create();
unset($data['id']);
}
try {
$field->save($data);
} catch (Exception $e) {
App::abort(400, $e->getMessage());
}
return ['message' => 'success', 'field' => $field];
}
/**
* @Route("/", methods="GET")
* @Route("/{id}", methods="GET", requirements={"id"="\d+"})
*/
public function indexAction($id = 0)
{
$self = App::user();
$userprofile = App::module('bixie/userprofile');
$id = $id ?: $self->id;
if (!$self->hasAccess('user: manage users') && $id != $self->id) {
App::abort(403, 'Insufficient permissions.');
}
if (!($user = User::find($id))) {
App::abort(404, 'User not found.');
}
return ['config' => $userprofile->config(), 'fields' => Field::getProfileFields(), 'profilevalues' => Profilevalue::getUserProfilevalues($user), 'user' => ['id' => $user->id, 'username' => $user->username, 'name' => $user->name, 'email' => $user->email]];
}
/**
* @Route("/{id}", name="id")
*/
public function postAction($id = 0)
{
if (!($post = Post::where(['id = ?', 'status = ?', 'date < ?'], [$id, Post::STATUS_PUBLISHED, new \DateTime()])->related('user')->first())) {
App::abort(404, __('Post not found!'));
}
if (!$post->hasAccess(App::user())) {
App::abort(403, __('Insufficient User Rights.'));
}
$post->excerpt = App::content()->applyPlugins($post->excerpt, ['post' => $post, 'markdown' => $post->get('markdown')]);
$post->content = App::content()->applyPlugins($post->content, ['post' => $post, 'markdown' => $post->get('markdown')]);
$user = App::user();
return ['$view' => ['title' => __($post->title), 'name' => 'blog/post.php'], '$comments' => ['config' => ['post' => $post->id, 'enabled' => $post->isCommentable(), 'requireinfo' => $this->blog->config('comments.require_email'), 'max_depth' => $this->blog->config('comments.max_depth')], 'user' => ['name' => $user->name, 'isAuthenticated' => $user->isAuthenticated(), 'canComment' => $user->hasAccess('blog: post comments'), 'skipApproval' => $user->hasAccess('blog: skip comment approval')]], 'blog' => $this->blog, 'post' => $post];
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"project": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
if (!$id || !($project = Project::find($id))) {
if ($id) {
App::abort(404, __('Post not found.'));
}
$project = Project::create();
}
if (!($data['slug'] = App::filter($data['slug'] ?: $data['title'], 'slugify'))) {
App::abort(400, __('Invalid slug.'));
}
$project->save($data);
return ['message' => 'success', 'project' => $project];
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"category": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
if (!($category = Category::where(compact('id'))->related('files')->first())) {
$category = Category::create();
unset($data['id']);
}
if (!($data['slug'] = App::filter($data['slug'] ?: $data['title'], 'slugify'))) {
App::abort(400, __('Invalid slug.'));
}
$category->updateOrdering($data);
//unset array typed files
unset($data['files']);
$category->save($data);
return ['message' => 'success', 'category' => $category];
}
/**
* @Route("/{id}")
*/
public function formAction($id = 0)
{
$user = App::user();
if (!($form = Form::where(['id = ?'], [$id])->where(function ($query) use($user) {
if (!$user->isAdministrator()) {
$query->where('status = 1');
}
})->related('fields')->first())) {
App::abort(404, __('Form not found!'));
}
if (!App::node()->hasAccess(App::user())) {
App::abort(403, __('Insufficient User Rights.'));
}
return ['$view' => ['title' => __($form->title), 'name' => 'formmaker:views/form.php'], '$data' => ['formitem' => $form, 'fields' => array_values($form->fields)]];
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"file": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
/** @var File $file */
if (!$id || !($file = File::where(compact('id'))->related('categories')->first())) {
if ($id) {
App::abort(404, __('File not found.'));
}
$file = File::create();
}
if (!($data['slug'] = App::filter($data['slug'] ?: $data['title'], 'slugify'))) {
App::abort(400, __('Invalid slug.'));
}
$file->save($data);
$file->saveCategories($data['category_ids']);
return ['message' => 'success', 'file' => $file];
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"field": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
if (!($field = Field::find($id))) {
$field = Field::create(['data' => ['value' => [], 'data' => [], 'classSfx' => '', 'help_text' => '', 'help_show' => '']]);
unset($data['id']);
}
if (!($data['slug'] = App::filter($data['slug'] ?: $data['label'], 'slugify'))) {
App::abort(400, __('Invalid slug.'));
}
try {
$field->save($data);
} catch (Exception $e) {
App::abort(400, $e->getMessage());
}
return ['message' => 'success', 'field' => $field];
}
/**
* @Route("/", methods="POST")
* @Route("/{id}", methods="POST", requirements={"id"="\d+"})
* @Request({"formitem": "array", "id": "int"}, csrf=true)
*/
public function saveAction($data, $id = 0)
{
if (!($form = Form::find($id))) {
$form = Form::create();
unset($data['id']);
}
if (!($data['slug'] = $this->slugify($data['slug'] ?: $data['title']))) {
App::abort(400, __('Invalid slug.'));
}
try {
$form->save($data);
} catch (Exception $e) {
App::abort(400, $e->getMessage());
}
return ['message' => 'success', 'formitem' => $form];
}
/**
* @Route("/project/edit", name="project/edit")
* @Access("portfolio: manage portfolio")
* @Request({"id": "int"})
*/
public function editAction($id = 0)
{
try {
if (!($project = Project::where(compact('id'))->first())) {
if ($id) {
App::abort(404, __('Invalid project id.'));
}
$module = App::module('bixie/portfolio');
$project = Project::create(['data' => [], 'tags' => [], 'date' => new \DateTime()]);
$project->set('markdown', $module->config('markdown'));
}
return ['$view' => ['title' => $id ? __('Edit Project') : __('Add Project'), 'name' => 'bixie/portfolio/admin/project.php'], '$data' => ['config' => App::module('bixie/portfolio')->config(), 'project' => $project, 'tags' => Project::allTags()], 'project' => $project];
} catch (\Exception $e) {
App::message()->error($e->getMessage());
return App::redirect('@portfolio/post');
}
}
/**
* @Route("/", methods="POST")
* @Request({"menu":"array"}, csrf=true)
*/
public function saveAction($menu)
{
$oldId = isset($menu['id']) ? trim($menu['id']) : null;
$label = trim($menu['label']);
if (!($id = App::filter($label, 'slugify'))) {
App::abort(400, __('Invalid id.'));
}
if ($id != $oldId) {
if ($this->config->has('menus.' . $id)) {
throw new ConflictException(__('Duplicate Menu Id.'));
}
$this->config->remove('menus.' . $oldId);
Node::where(['menu = :old'], [':old' => $oldId])->update(['menu' => $id]);
}
$this->config->merge(['menus' => [$id => compact('id', 'label')]]);
App::menu()->assign($id, $menu['positions']);
return ['message' => 'success', 'menu' => $menu];
}