/**
* sets the proper elements from $data into the fields on this instance of the model
*
*@access public
*@param array $data the array of data to set
*@param bool $insert Is this an insert or an update?
*@param string $auth_mod The authmod this person should be updated for.
*/
public function set_data($data, $insert = 0, $auth_mod = NULL)
{
if ($auth_mod == NULL) {
$auth_mod = self::$config->auth_class;
}
if ($insert === TRUE) {
return $this->insert($data);
} else {
$where_tmp = new WhereClause('uid', $data['id']);
$this->where_clause($where_tmp);
API::DEBUG("[Prefs::set_data()] data is " . print_r($data, true), 8);
$this->update($data);
API::Message("User Authentication Information Saved!");
if (isset($do_redirect)) {
API::Redirect($do_redirect);
}
return NULL;
}
}
public function logoutAction()
{
session_destroy();
API::Redirect("/");
}
/**
* sets the proper elements from $data into the fields on this instance of the model
*
*@access public
*@param array $data the array of data to set
*@param bool $insert Is this an insert or an update?
*@param string $auth_mod The authmod this person should be updated for.
*/
public function set_data($data, $insert = 0, $auth_mod = NULL)
{
if ($auth_mod == NULL) {
$auth_mod = self::$config->auth_class;
}
if (isset($data['set_perms'])) {
if (!self::$CertisInst->Perms->checkPerm($this->authed_user, 'perms_admin')) {
error_log("[Prefs::check_input()] Security Violation (perms_admin) ERR_SEC. ");
// effectively log off the user
$_SESSION['authed_user'] = NULL;
$this->authed_user = NULL;
// set display messages to the user.
$_SESSION['errors'] = $errors;
// redirect them to the home page.
API::Redirect("/");
}
$perms = 0;
if (isset($data['perms'])) {
foreach ($data['perms'] as $perm) {
if ($perm == -1) {
$perms = -1;
continue;
}
$perms = $perms | 1 << $perm;
}
}
$data['perms'] = $perms;
unset($data['set_perms']);
$do_redirect = API::printUrl("perms", "display", NULL, "uid=" . $data['uid']);
}
if ($insert === TRUE) {
return $this->insert($data);
} else {
$where_tmp = new WhereClause('uid', $data['uid']);
$where_tmp->w_and('auth_mod', $auth_mod);
$this->where_clause($where_tmp);
API::DEBUG("[Prefs::set_data()] data is " . print_r($data, true), 8);
$this->update($data);
API::Message("User Information Saved!");
if (isset($do_redirect)) {
API::Redirect($do_redirect);
}
return NULL;
}
}
/**
* default action processing new requests passed in from the display action. Does
* not use a template. Uses the 'set_data' function on the model object of the implementing
* class to do data verification.
*
* @return none
*/
public function newAction()
{
# process the new entry form.
# check the post data and filter it.
if (isset($_POST['cancel'])) {
API::Redirect(API::printUrl($this->_redirect));
}
$input_check = $this->_model->check_input($_POST);
if (is_array($input_check)) {
API::Error($input_check);
// redirect to index and displayed an error there.
API::redirect(API::printUrl($this->_redirect));
}
// all hooks will stack their errors onto the API::Error stack
// but WILL NOT redirect.
API::callHooks(self::$module, 'validate', 'controller', $_POST);
if (API::hasErrors()) {
API::redirect(API::printUrl($this->_redirect));
}
// set the id into the post var for any hooks.
$_POST['id'] = $this->_model->set_data($_POST, TRUE);
// auto call the hooks for this module/action
API::callHooks(self::$module, 'save', 'controller', $_POST);
if (isset($this->params['redir'])) {
API::Redirect($this->params['redir']);
}
API::redirect(API::printUrl($this->_redirect));
}
$CertisInst->action = 'error';
API::Error('FATAL ERROR: Unable to find Authentication Class');
}
}
API::DEBUG("[__SYSTEM__] index.php: authentication check done.");
$controller = null;
if (!empty($CertisInst->module)) {
if (preg_match("/\\.\\./", $CertisInst->module)) {
error_log("[index.php] FATAL ERROR! SOMEONE TRIED TO ESCAPE! " . $CertisInst->module);
print "UNAUTHORIZED!!!!!!";
exit(1);
}
// first check to see if the module exists.
if (!file_exists(_SYSTEM_ . "/modules/" . $CertisInst->module)) {
error_log("[index.php] Unable to find requested module: " . $CertisInst->module);
API::Redirect("/");
}
// use this module's controller
// to create a new instance of it's controller to work with for
// this request.
$classname = ucfirst($CertisInst->module) . "Controller";
} else {
// if no module is specified, pull in the main system controller and
// set it to be the new intantiated class
$classname = "MainController";
if ($CertisInst->action == 'error') {
// unset the leftNav var so no nav links are displayed
unset($GLOBALS['leftNav']);
}
}
// now we know what controller to bring in.
