function destroy_public()
{
if(!isset($_SESSION['active_user']))
redirect_to(make_url('users', 'login'));
if(!isset($_POST['Submit']))
redirect_to(make_url('dmessages', 'public_msg'));
$user_id = $_SESSION['active_user']['id'];
// get message
$dm = instance_model('direct_message');
$message = $dm->get_by_id($user_id, $_POST['id']);
if($message == array())
{
new_flash('Message does not exist', 1);
redirect_to(make_url('dmessages', 'public_msg'));
}
// Delete
$dm->delete_by_id($user_id, $_POST['id']);
redirect_to(make_url('dmessages', 'public_msg'));
}
function delete_set($id, $clean_user_name)
{
$m_gallery = instance_model('gallery');
$m_gallery->delete_gallery($id, $clean_user_name);
$this->delete_by_id($id);
}
function create($user_id, $message, $time)
{
$usr = instance_model('users');
$usr->verify_user_id($user_id);
validate_message($message);
$query = "INSERT INTO `messages` (`User_ID`, `Time`, `Message`)
VALUES ('@v', '@v', '@v')";
$this->query($query, $user_id, $time, $message);
}
function note_ajax()
{
if(isset($_POST['note_content']))
{
$note_db = instance_model('notes');
$note_id = $_POST['note_id'];
$note = $_POST['note_content'];
$note_db->update_note($note_id, $note);
}
}
function display_navigation()
{
$m_navi = instance_model('navigation');
$navi = $m_navi->get_all('Order');
$m_page = instance_model('page');
$output = array();
foreach($navi as $row)
{
$out_title = '';
$out_url = '';
if($row['Type'] == 'page')
{
$page = $m_page->get_by_id($row['Data']);
if($page == array())
{
$out_title = '[Not Found]';
$out_url = '#';
}
else
{
$out_title = $row['Title'];
$out_url = make_url('page', $page[0]['Clean_title']);
}
}
else if($row['Type'] == 'url')
{
$out_title = $row['Title'];
$out_url = $row['Data'];
}
$output []= array(
'title' => $out_title,
'url' => $out_url);
}
$view = instance_view('navigation');
$view->parse(array(
'navi' => $output
));
}
function handle_error($e)
{
if(APP_MODE == 'test')
throw $e;
else
{
// Log the error with transaction id if avalable
$type = get_class($e);
$trace = print_r($e->getTrace(), true);
$msg = $e->getMessage();
$pay_id = 'n/a';
if(isset($_SESSION['payment_id']))
$pay_id = $_SESSION['payment_id'];
if($type == 'e_404')
{
$error = instance_view('404', 'theme/');
$error = $error->parse_to_variable(array());
}
else
{
try {
$model = instance_model('error_log');
$code = $model->create($type, $msg, $trace, $pay_id);
} catch(exception $e) {
die();
}
$error = instance_view('server_error', 'theme/');
$error = $error->parse_to_variable(array(
'code' => $code
));
}
$outer_template = instance_view('template', 'theme/');
$outer_template->parse(array(
'content' => $error
));
}
}
function new_dm($user_id, $type, $remote_name, $remote_profile,
$remote_avatar, $remote_message, $remote_time)
{
$users = instance_model('users');
$users->verify_user_id($user_id);
if(!($type == "public" || $type == 'private'))
throw new invalid_dm_type_exception();
validate_username($remote_name);
validate_url($remote_profile);
validate_avatar($remote_avatar);
validate_message($remote_message);
$query = "INSERT INTO `direct-message`
(`User_ID`, `Type`, `Remote_name`, `Remote_profile`,
`Remote_avatar`, `Remote_message`, `Remote_time`)
VALUES ('@v','@v','@v','@v','@v', '@v', '@v')";
$this->query($query, $user_id, $type, $remote_name,
$remote_profile, $remote_avatar, $remote_message, $remote_time);
}
function get_in_category($id)
{
$m_set = instance_model('gallery_set');
$m_members = instance_model('members');
// Get sets in category
$set = $m_set->get_by_category($id);
$listed_users = array();
$cat_contents = array();
foreach($set as $itm)
{
$i_member = $m_members->get_by_id($itm['Owner']);
// Merge in members
if(count($i_member) > 0 && !in_array($i_member[0]['ID'], $listed_users))
$cat_contents = array_merge($cat_contents, $i_member);
}
return $cat_contents;
}
function check_update($remote_url, $rmt = false)
{
$cached_user = $this->get_cached_user($remote_url);
if($rmt == false)
$rmt = instance_model('remotes');
if($cached_user == array())
{
$this->new_cached_user($remote_url);
$cached_user[0]['Update_cache'] = 1;
}
if($cached_user[0]['Update_cache'] == 1)
{
//download remotes message stream
$messages = $rmt->get_message_stream($remote_url);
$user_url = $remote_url;
$user_profile = $messages->head->user_profile;
$user_avatar = $messages->head->user_avatar;
$user_alias = $messages->head->by_user;
//delete any existing cache from that user
$this->purge_remote($remote_url);
foreach($messages->message as $message)
{
$this->new_item($user_url, $user_alias, $user_profile,
$user_avatar, $message->time, $message->message);
}
// clear the cache update flag
$this->clear_cache_update($remote_url);
}
}
function edit()
{
if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin'))
redirect_to('/');
$this->load_outer_template('admin');
$usr = instance_model('users');
if(!isset($_POST['Submit']))
{
$user = $usr->get_user_by_id($_SESSION['active_user']['id']);
if($user == array())
throw new exception("User does not exist");
$form_vals = make_reg_vals_array('', $user[0]['Ppal_email'], '', '');
// display user edit form
$view = instance_view('users/edit');
$view = $view->parse_to_variable(array(
'form_vals' => $form_vals));
$this->set_template_paramiters(array(
'content' => $view
));
}
else
{
// reed the form
$form_vals = array(
'errs' => array(),
'ppal_email' => $_POST['ppal_email'],
'oldpass' => $_POST['oldpass'],
'pass' => $_POST['pass'],
'pass_v' => $_POST['pass_v']);
// Instance users model
$test_exists = array();
// Validate email
try
{
validate_email($form_vals['ppal_email']);
$test_exists = $usr->get_user_by_email($form_vals['ppal_email']);
if($test_exists != array() && $test_exists[0]['ID'] != $_SESSION['active_user']['id'])
{
new_flash('Email address is already in use', 1);
$form_vals['ppal_email'] = '';
}
}
catch(exception $e)
{
new_flash('Email address is invalid', 1);
}
// Validate passwords
if($form_vals['oldpass'] != '')
{
try {
$selected_user = $usr->verify_user($_SESSION['active_user']['name'], $form_vals['oldpass']);
if($selected_user == false)
throw new exception();
if(mb_strlen($form_vals['pass'], 'utf8') < 6)
new_flash('Password too short, min 6 charicters', 1);
else if(sha1($form_vals['pass']) != sha1($form_vals['pass_v']))
new_flash('Passwords do not match', 1);
}
catch(redirecting_to $e)
{
throw $e;
}
catch(exception $e)
{
new_flash('Username or password is incorrect', 1);
}
}
if(count(get_errors()) == 0)
{
// Everything was valid, save, login and redirect
$usr->update_user_email($_SESSION['active_user']['id'], $form_vals['ppal_email']);
if($form_vals['oldpass'])
{
$usr->update_password($_SESSION['active_user']['id'], $form_vals['pass']);
}
new_flash("Settings updated", 1);
}
// else re-display the register form and show errors
//else
//{
$view = instance_view("users/edit");
$view = $view->parse_to_variable(array(
'form_vals' => $form_vals));
$this->set_template_paramiters(array(
'content' => $view
));
//}
}
}
function avatar()
{
if(!isset($_SESSION['active_user']))
redirect_to(make_url("users"));
$usr = instance_model('users');
$user = $usr->get_user_by_id($_SESSION['active_user']['id']);
if($user == array())
throw new no_such_user_exception();
if(!isset($_POST['Submit']))
{
// Display main
$view = instance_view('settings_avatar');
$view = $view->parse_to_variable(array(
'user' => $user));
}
else
{
// Validate file type
$type = array_pop(preg_split('/\./', $_FILES['file']['name']));
$valid_extensions = array('png', 'jpg', 'jpeg', 'JPG', 'JPEG');
for($found_type = 0; $found_type < count($valid_extensions); $found_type ++)
if($type == $valid_extensions[$found_type])
{
$found_type = -1;
break;
}
if($found_type != -1)
{
new_flash('Invalid file type', 1);
redirect_to(make_url('settings', 'avatar'));
}
$tmpname = 'media/' . sha1(time()) . '.' . $type;
if (@move_uploaded_file($_FILES['file']['tmp_name'], $tmpname))
{
// Load the image
if($type == 'png')
$img = @imagecreatefrompng($tmpname);
else
$img = @imagecreatefromjpeg($tmpname);
if($img == false)
{
new_flash('Problem with image', 1);
redirect_to(make_url('settings', 'avatar'));
}
// Resize
$oldsize = getimagesize($tmpname);
$img_n = imagecreatetruecolor(100, 100);
imagecopyresampled($img_n, $img, 0, 0, 0, 0,
100, 100, $oldsize[0], $oldsize[1]);
$avatar = 'media/' . $_SESSION['active_user']['name'] . '.jpg';
$result = imagejpeg($img_n, $avatar , 90);
unlink($tmpname);
if($result == false)
{
new_flash('Problem with image', 1);
redirect_to(make_url('settings', 'avatar'));
}
print make_ext_url($avatar);
$usr->update_avatar($user[0]['ID'],
make_ext_url($avatar));
// Delete the old avatar as long as it is not the default
$old_avatar = basename($user[0]['Avatar']);
if(preg_match('/.+default_avatar\.jpg/', $old_avatar))
unlink('media/' . $old_avatar);
redirect_to(make_url('settings', 'avatar'));
}
else
{
new_flash("File failed to upload");
redirect_to(make_url('settings', 'avatar'));
}
}
// Display sidebar
$sb_view = instance_view("settings_sidebar");
$sb_view = $sb_view->parse_to_variable(array(
'uid' => $_SESSION['active_user']['id'],
'uname' => $_SESSION['active_user']['name']));
$this->set_template_paramiters(
array('main_content' => $view,
'sidebar' => $sb_view));
}
function admin_files_delete()
{
// Require admin login
if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin'))
redirect_to('/');
$this->load_outer_template('admin');
$m_files = instance_model('files');
if(isset($_POST['Submit']))
{
$action = $_POST['Submit'];
$id = $_POST['item'];
if($action == "Delete") {
$file = $m_files->get_by_id($id);
if($file == array())
throw new exception("File does not exist");
// delete file on disk
$path = 'res/files/' . $file[0]['Title'];
if(file_exists($path))
unlink($path);
$path = 'res/files/thumbs/' . $file[0]['Title'];
if(file_exists($path))
unlink($path);
// remove from db
$m_files->delete_by_id($id);
}
redirect_to(make_url('files', 'admin_files'));
}
if(!isset($this->params[2]) || (!is_numeric($this->params[2])))
throw new exception("No member specified");
$item = $this->params[2];
$file = $m_files->get_by_id($item);
if($file == array())
throw new exception("File does not exist");
$title = $file[0]['Title'];
$view = instance_view('admin/delete_generic');
$view = $view->parse_to_variable(array(
'back_url' => make_url('files', 'admin_files'),
'title' => 'Delete file page',
'msg' => "Are you sure you wish to <strong>permenantly</strong> delete file $title?",
'form_url' => make_url('files', 'admin_files_delete'),
'item' => $item
));
$this->set_template_paramiters(array(
'content' => $view
));
}
function test_follow_valid_user()
{
$usr = new mdl_users();
$usr->update_avatar(1, APP_ROOT . 'media/default_avatar.jpg');
$msg = new ctrl_messages();
$msg->params = array('messages', 'follow', 'fred');
// catch result with output buffering
ob_start();
$msg->follow();
$result = ob_get_contents();
ob_end_clean();
// run through get_message_stream() to validate
$rmt = instance_model('remotes');
$rmt->get_message_stream(APP_ROOT . 'messages/follow/fred',
$result);
}
function ping($rmt = false)
{
try
{
$this->outer_template = null;
$usr = instance_model('users');
$rel = instance_model("relations");
if($rmt == false)
$rmt = instance_model('remotes');
$ping_data = $rmt->decode_ping($_POST['data']);
/*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
switch($ping_data->type)
{
case 'add':
// Validate remote stream
try {
validate_url($ping_data->data);
} catch(exception $e) {
echo $rmt->make_ping_response('fail',
"Message stream URL is invalid");
return;
}
$messages = $rmt->get_message_stream($ping_data->data);
// Check if the user exists
$user = $usr->get_user_by_name($ping_data->user);
if($user == array())
{
echo $rmt->make_ping_response('fail',
"The requested user does not exist on this node");
return;
}
// check if the user from the remote is already registered as a follower
$follower = $rel->get_follower_by_rmt_url($user[0]['ID'], $ping_data->data);
if($follower != array())
{
echo $rmt->make_ping_response('fail',
"You are already following this user.");
return;
}
// If not, add it
$rel->create_follower($user[0]['ID'], $ping_data->data, $messages->head->by_user,
$messages->head->user_profile, $messages->head->user_avatar, $ping_data->user_pub_key,
$messages->head->relation_pingback, $messages->head->message_pingback);
echo $rmt->make_ping_response('success');
break;
/*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
case 'remove':
// Get the user
$user = $usr->get_user_by_name($ping_data->user);
if($user == array())
{
echo $rmt->make_ping_response('fail',
"The requested user does not exist on this node");
return;
}
// Get follower from followers table
$follower = $rel->get_follower_by_rmt_url($user[0]['ID'], $ping_data->data);
if($follower == array())
{
echo $rmt->make_ping_response('fail',
"Follower not found");
return;
}
$rmt->varify_ping_signature($ping_data, $follower[0]['Remote_pub_key']);
// If valid, remove the remote user as a follower
$rel->remove_follower_by_id($user[0]['ID'], $follower[0]['ID']);
echo $rmt->make_ping_response('success');
break;
/*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
default:
echo $rmt->make_ping_response('fail', 'Invalid ping type');
}
}
catch(exception $e)
{
echo $rmt->make_ping_response('fail', "Server error");
}
}
function admin_gallery_delete()
{
// Require admin login
if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin'))
redirect_to('/');
$this->load_outer_template('admin');
if(!isset($this->params[2]) || (!is_numeric($this->params[2])))
throw new exception("No set specified");
$set_id = $this->params[2];
$m_gallery = instance_model('gallery');
if(isset($_POST['Submit']))
{
$action = $_POST['Submit'];
$id = $_POST['item'];
if($action == "Delete") {
$image = $m_gallery->get_by_id($id);
if($image == array())
throw new exception("Image does not exist");
$m_set = instance_model('gallery_set');
$m_members = instance_model('members');
$set = $m_set->get_by_id($set_id);
if($set == array())
throw new exception("Image set does not exist");
$member = $m_members->get_by_id($set[0]['Owner']);
if($member == array())
throw new exception("Member does not exist");
// delete file on disk
$path = 'res/gallery/' . $member[0]['Clean_title'] . '/' . $image[0]['File'];
if(file_exists($path))
unlink($path);
$path = 'res/gallery/' . $member[0]['Clean_title'] . '/thumbs/' . $image[0]['File'];
if(file_exists($path))
unlink($path);
// remove from db
$m_gallery->delete_by_id($id);
}
redirect_to(make_url('members', 'admin_gallery', $set_id));
}
if(!isset($this->params[3]) || (!is_numeric($this->params[3])))
throw new exception("No image specified");
$item = $this->params[3];
$image = $m_gallery->get_by_id($item);
if($image == array())
throw new exception("Image does not exist");
$title = $image[0]['File'];
$view = instance_view('admin/delete_generic');
$view = $view->parse_to_variable(array(
'back_url' => make_url('members', 'admin_gallery', $set_id),
'title' => 'Delete gallery image',
'msg' => "Are you sure you wish to <strong>permenantly</strong> delete image $title?",
'form_url' => make_url('members', 'admin_gallery_delete', $set_id, $item),
'item' => $item
));
$this->set_template_paramiters(array(
'content' => $view
));
}
function ping($rmt = false)
{
try
{
$this->outer_template = null;
if($rmt == false)
$rmt = instance_model('remotes');
@header('Content-type: text/xml');
if(!isset($_POST['data']))
throw new exception();
// Decode ping
$ping_data = $rmt->decode_ping($_POST['data']);
/*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
switch($ping_data->type)
{
case 'update':
$csh = instance_model('message_cache');
$csh->flag_cache_update($ping_data->data);
echo $rmt->make_ping_response('success');
break;
/*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
case 'public':
// Get the user
$usr = instance_model('users');
$user = $usr->get_user_by_name($ping_data->user);
$dim = instance_model('direct_message');
// Decode data xml
$XML = simplexml_load_string($ping_data->data);
$remote_name = (string) $XML->remote_name;
$remote_profile = (string) $XML->remote_profile;
$remote_avatar = (string) $XML->remote_avatar;
$remote_message = (string) $XML->remote_message;
$remote_time = (string) $XML->remote_time;
// Create DM
$dim->new_dm($user[0]['ID'], $ping_data->type,
$remote_name, $remote_profile, $remote_avatar,
$remote_message, $remote_time);
echo $rmt->make_ping_response('success');
break;
/*+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
default:
echo $rmt->make_ping_response('fail', 'Invalid ping type');
}
}
catch(Exception $e)
{
echo $rmt->make_ping_response('fail', 'Server error');
}
}
function get_latest_by_local($user_id)
{
$msg = instance_model("messages");
return $msg->get_by_user_id($user_id);
}
function test_register_valid()
{
$_POST = array(
'name' => 'test',
'email' => '*****@*****.**',
'pass' => 'aaaaaa',
'pass_v' => 'aaaaaa',
'Submit' => 'Submit');
$usr = new ctrl_users();
try
{
$usr->register();
$this->fail();
}
catch(exception $e)
{
$this->assertEquals(preg_match("/messages/", $e->getMessage()), 1);
}
$users = instance_model('users');
$user = $users->get_user_by_name('test');
$this->assertFalse($user == array());
}
function profile()
{
$flash = 'The specified user does not exist, here are the users on this node';
if(!isset($this->params[2]))
{
new_flash($flash, 1);
redirect_to(make_url('users'));
}
$user_name = $this->params[2];
$usr = instance_model('users');
$user = $usr->get_user_by_name($user_name);
if($user == array())
{
new_flash($flash, 1);
redirect_to(make_url('users'));
}
$msg = instance_model('messages');
$messages = $msg->get_by_user_id($user[0]['ID']);
$view = instance_view('profile');
$view = $view->parse_to_variable(array(
'messages' => $messages,
'user' => $user,
'form_message' => 'Delete',
'form_target' => make_url('messages', 'destroy')));
$sb_view = instance_view('profile_sidebar');
$sb_view = $sb_view->parse_to_variable(array(
'uid' => $user[0]['ID'],
'uname' => $user[0]['User_name'],
'fname' => $user[0]['Full_name'],
'location' => $user[0]['Location'],
'web' => $user[0]['Web'],
'bio' => $user[0]['Bio']));
// Display
$this->set_template_paramiters(
array('main_content' => $view,
'sidebar' => $sb_view));
}
function get_message_count($user_id)
{
$msg = instance_model('messages');
$messages = $msg->get_by_user_id($user_id);
return count($messages);
}
function admin_navi_delete()
{
// Require admin login
if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin'))
redirect_to('/');
$this->load_outer_template('admin');
$m_navi = instance_model('navigation');
if(isset($_POST['Submit']))
{
$action = $_POST['Submit'];
$id = $_POST['item'];
if($action == "Delete") {
$link = $m_navi->get_by_id($id);
if($link == array())
throw new exception("Navi link does not exist");
// remove from db
$m_navi->delete_by_id($id);
}
redirect_to(make_url('navi', 'admin_navi'));
}
if(!isset($this->params[2]) || (!is_numeric($this->params[2])))
throw new exception("No link specified");
$item = $this->params[2];
$link = $m_navi->get_by_id($item);
if($link == array())
throw new exception("Navi link does not exist");
$title = $link[0]['Title'];
$view = instance_view('admin/delete_generic');
$view = $view->parse_to_variable(array(
'back_url' => make_url('navi', 'admin_navi'),
'title' => 'Delete navigation link',
'msg' => "Are you sure you wish to <strong>permenantly</strong> delete link $title?",
'form_url' => make_url('navi', 'admin_navi_delete'),
'item' => $item
));
$this->set_template_paramiters(array(
'content' => $view
));
}
function create_follower($id, $remote_url, $remote_name,
$remote_profile, $remote_avatar, $pub_key, $relation_pingback,
$message_pingback)
{
$users = instance_model('users');
$user = $users->verify_user_id($id);
validate_pub_key($pub_key);
$pub_key = base64_encode($pub_key);
validate_url($remote_url);
validate_username($remote_name);
validate_url($remote_profile);
validate_url($remote_avatar);
validate_url($relation_pingback);
validate_url($message_pingback);
$query = "INSERT INTO `followers`
(`User_ID`, `Remote_URL`, `Remote_name`, `Remote_profile`,
`Remote_avatar`, `Remote_pub_key`, `Relation_pingback`,
`Message_pingback`) VALUES
('@v', '@v', '@v', '@v', '@v', '@v', '@v', '@v')";
$this->query($query, $id, $remote_url, $remote_name,
$remote_profile, $remote_avatar, $pub_key,
$relation_pingback, $message_pingback);
}