function secondstageAction() { $request = new Bolts_Request($this->getRequest()); $appNamespace = new Zend_Session_Namespace('Bolts_Temp'); $basepath = Zend_Registry::get('basepath'); $config_table = new Config(); $appname = "My Application"; if ($request->has('appname')) { $appname = $request->appname; } $config_table->set('bolts', 'site_name', $appname); $config_table->set('bolts', 'title_prefix', $appname); $config_table->set('bolts', 'upload_path', $basepath . "/uploads", true); $config_table->set('bolts', 'theme', 'default', true); $config_table->set('bolts', 'missing_image', $basepath . "/themes/frontend/bolts/images/image-missing.png", true); $config_table->set('bolts', 'site_url', 'http://' . $_SERVER['SERVER_NAME']); $config_table->set('bolts', 'salt', substr(md5(rand(1, 1000)), 0, 10)); $config_table->cache(); $username = $request->username; $users_table = new Users(); $user = $users_table->fetchByUsername($username); $password = substr(md5(rand(50000, 100000)), 0, 8); if (!is_null($user)) { $user->password = $password; $user->save(); $users_table->setMetaData($username, "is_installer", 1); $appNamespace->autoLogin = true; $appNamespace->autoLoginUsername = $username; $appNamespace->autoLoginPassword = $password; $appNamespace->autoLoginPasswordHash = md5($password); } else { die("Somehow the admin user didn't get created or didn't get sent with the request. This is bad. Really, really bad."); } $this->_redirect("/bolts/install/finished/username/" . $username); }
function indexAction() { $config_table = new Config(); $modules_table = new Modules("core"); $request = new Bolts_Request($this->getRequest()); if ($request->has('modid')) { $modid = $request->modid; } else { $modid = 'bolts'; } if ($this->_request->isPost()) { //we are posting $config_params = $this->_request->getParams(); foreach ($config_params as $ckey => $value) { $data = array('value' => $value); $config_table->update($data, "ckey = '" . $ckey . "' and module='" . $modid . "'"); } $this->view->success = $this->_T('Configuration Updated.'); $config_table->cache(); $params = array(); $this->_Bolts_plugin->doAction($this->_mca . '_post_save', $params); // ACTION HOOK } $config = $config_table->fetchAll($config_table->select()->where('module = ?', $modid)); if (count($config) > 0) { $config = $config->toArray(); sort($config); $this->view->config = $config; } $modules = $modules_table->getEnabledModules(); sort($modules); $this->view->modules = $modules; $this->view->current = $modid; $this->view->modid = $modid; }
function setcookieAction() { // TODO maybe? - prevent people from viewing this page if localization is not enabled $request = new Bolts_Request($this->getRequest()); if ($request->has("code") && $request->code != "") { $locale_code = $request->code; $time = Bolts_Registry::get('locale_cache_lifetime'); if (Bolts_Translate::validateLocaleCode($locale_code)) { setcookie("locale_code", $locale_code, time() + $time, "/"); if ($request->has("return_url")) { $url_filter = new Bolts_Url_Filter(); header("Location: " . $url_filter->filter($request->return_url, array('locale_code' => $locale_code))); } else { header("Location: /" . $locale_code); } } } else { $this->_redirect("/bolts/locale/choose/"); } }
function deleteAction() { $request = new Bolts_Request($this->getRequest()); $roles_table = new Roles(); if ($request->has('id')) { $id = $request->id; $role = $roles_table->fetchRow("id = " . $id); if (is_null($role)) { $this->_redirect('/bolts/role'); } } else { $this->_redirect('/bolts/role'); } if ($this->getRequest()->isPost() and $request->has("delete")) { $errors = array(); // can't be last admin if ((bool) $role->isadmin and $roles_table->getCountByWhereClause("isadmin = 1") == 1) { $errors[] = $this->_T("This is the only admin role. It cannot be deleted."); } // can't be guest if ((bool) $role->isguest) { $errors[] = $this->_T("This is the guest role. It cannot be deleted."); } // can't be default if ((bool) $role->isdefault) { $errors[] = $this->_T("This is the default role. It cannot be deleted."); } // can't have any users $userwhereclause = "role_id = " . $role->id; $users_table = new UsersRoles(); if ($users_table->getCountByWhereClause($userwhereclause) > 0) { $errors[] = $this->_T("This role cannot be deleted because there are users assigned to it."); } // can't have children $inherited_by = $roles_table->fetchImmediateChildren($role->id); if (count($inherited_by) > 0) { $error = $this->_T("This role is inherited by role(s) "); $firstpass = true; foreach ($inherited_by as $role_i) { if ($firstpass) { $firstpass = false; } else { $error .= ", "; } $error .= $role_i->shortname; } $error .= $this->_T(". It cannot be deleted."); $errors[] = $error; } if ($request->delete == "Yes") { if (count($errors) > 0) { $this->view->errors = $errors; } else { $roles_table->delete("id = " . $id); $this->view->success = $this->_T("Role deleted."); } } else { $this->_redirect("/bolts/role"); } } $this->view->role = $role->toArray(); }
function testdataAction() { $request = new Bolts_Request($this->getRequest()); if ($this->getRequest()->isPost()) { $errors = array(); $data_path = $request->data_path; $data_file = $data_path . "/users.dat"; $image_dir = $data_path . "/images"; $users_table = new Users(); $users_roles_table = new UsersRoles(); if ($request->has("email_domain")) { $email_domain = $request->email_domain; } else { $email_domain = "nowhere.com"; } if (!file_exists($data_file)) { $errors[] = $this->_T("Data file missing. Check path."); } else { $users = unserialize(file_get_contents($data_file)); if (!is_array($users)) { $errors[] = $this->_T("Data file is corrupt or something."); } } if (count($errors) == 0) { $old_users = $users_table->fetchAll(); foreach ($old_users as $old_user) { if ($users_table->getMetaData($old_user->username, "is_test_user") == "true") { $where = $users_table->getAdapter()->quoteInto("username = ?", $old_user->username); $users_table->delete($where); $users_roles_table->delete($where); } } $count = 0; foreach ($users as $user) { $tmp_user = array(); foreach ($user as $key => $value) { if ($key != "avatar") { $tmp_user[$key] = $value; } } $tmp_user['email'] = strtolower($tmp_user['username'] . "@" . $email_domain); $tmp_user['password'] = "******"; $destination_path = $users_table->getAvatarPath($user['username']); $destination_filename = $users_table->getAvatarPath($user['username'], true); if (!is_dir($destination_path)) { mkdir($destination_path, 0777, true); } if (file_exists($destination_filename)) { unlink($destination_filename); } $source_image = $image_dir . "/" . $user['avatar']; copy($source_image, $destination_filename); $role_data = array("username" => $tmp_user['username'], "role_id" => $tmp_user['role_id']); $users_roles_table->insert($role_data); unset($tmp_user['role_id']); $users_table->insert($tmp_user); $users_table->setMetaData($tmp_user['username'], "is_test_user", "true"); $save_users[] = $user; $count++; } $this->view->success = "User data loaded. Created " . $count . " users."; Bolts_Registry::set('test_data_path', $request->data_path); $this->view->data_path = Bolts_Registry::get('test_data_path'); $this->view->email_domain = $email_domain; } else { $this->view->errors = $errors; $this->view->data_path = Zend_Registry::get('basepath') . "/tmp/testdata"; $this->view->email_domain = $request->email_domain; } } else { $this->view->data_path = Zend_Registry::get('basepath') . "/tmp/testdata"; $this->view->email_domain = "nowhere.com"; $this->view->notice = $this->_T("Warning: If you are reinstalling the test data, the old test data will be overwritten. Users created outside the test data should not be affected."); } }
function uninstallAction() { $request = new Bolts_Request($this->getRequest()); if ($request->has('id')) { $this->view->id = $request->id; $this->view->notice = $this->_T("You are about to uninstall a module. This cannot be undone."); } else { $this->_redirect('/bolts/module/index'); } if ($this->getRequest()->isPost()) { $del = strtolower($request->delete); if ($del == 'yes' && $request->has('id')) { $this->_redirect("/bolts/module/index/id/" . $request->id . "/perform/uninstall"); } else { $this->_redirect('/bolts/module/index'); } } }
function editAction() { $request = new Bolts_Request($this->getRequest()); $modules_table = new Modules(); $roles_resources_table = new RolesResources(); $roles_res_extra_table = new RolesResourcesExtra(); if ($request->has("id")) { $role_id = $request->id; $roles_table = new Roles(); $role = $roles_table->fetchRow("id = " . $role_id); if (!is_null($role)) { $this->view->role = $role->toArray(); $this->view->roleshortname = $role->shortname; } else { $this->_redirect("/role"); } } else { $this->_redirect("/role"); } if ($request->has("modid")) { if ($modules_table->exists($request->modid)) { $module_id = $request->modid; } else { $module_id = "default"; } } else { $module_id = "default"; } if ($this->getRequest()->isPost()) { $resources = $this->getRequest()->getPost('resource'); // Hose everything for this role and module $where = $roles_resources_table->getAdapter()->quoteInto("role_id = ? and ", $role_id); $where .= $roles_resources_table->getAdapter()->quoteInto("module = ? ", $module_id); $roles_resources_table->delete($where); foreach ($resources as $resource) { $resource_array = explode("-", $resource); $resource_module = $resource_array[0]; $resource_controller = $resource_array[1]; $resource_action = $resource_array[2]; $data = array('role_id' => $role_id, 'module' => $resource_module, 'controller' => $resource_controller, 'action' => $resource_action); $roles_resources_table->insert($data); } $where = $roles_res_extra_table->getAdapter()->quoteInto("role_id = ? and ", $role_id); $where .= $roles_res_extra_table->getAdapter()->quoteInto("module = ? ", $module_id); $roles_res_extra_table->delete($where); if ($request->has("extra_resource")) { foreach ($request->extra_resource as $extra_resource_item) { $data = array('role_id' => $role_id, 'module' => $module_id, 'resource' => $extra_resource_item); $roles_res_extra_table->insert($data); } } $this->view->success = $this->_T("Resources updated."); } $db_roles_resources = $roles_resources_table->fetchAll('role_id = ' . $role_id); $resources = array(); foreach ($db_roles_resources as $resource) { if (!array_key_exists($resource->module, $resources)) { $resources[$resource->module] = array(); } if (!array_key_exists($resource->controller, $resources[$resource->module])) { $resources[$resource->module][$resource->controller] = array(); } $resources[$resource->module][$resource->controller][] = $resource->action; } /* * This is a poor man's introspector. The reflection API needs the classes actually available, * which creates naming conflicts between modules. What I do instead is read the physical files, * line by line, find the lines with "function fooAction" and determine that the action name is * "foo". It's a hack, but it works. */ $all_actions = array(); $modules = array(); $controllerdirs = array(); $enabled_modules = $modules_table->getEnabledModules(); foreach ($enabled_modules as $enabled_module) { $controllerdirs[$enabled_module] = Zend_Registry::get("basepath") . "/modules/" . $enabled_module . "/controllers"; } $controllerdir = $controllerdirs[$module_id]; $d = dir($controllerdir); $modules[] = $module_id; while (($entry = $d->read()) !== false) { if ($entry != '.' and $entry != '..' and $entry != '.svn') { $controller_name = substr($entry, 0, stripos($entry, 'Controller.php')); if ($module_id != "default" && substr($controller_name, 0, 1) == "_") { $controller_name = substr($controller_name, stripos($controller_name, '_') + 1); } $lines = file($controllerdir . '/' . $entry); foreach ($lines as $line) { if (preg_match('/function.*Action.*\\(.*\\).*\\{?/', $line)) { $action_name = trim(preg_replace('/Action.*/', '', preg_replace('/^.*function/', '', $line))); $allowed = false; if (array_key_exists($module_id, $resources)) { if (array_key_exists($controller_name, $resources[$module_id])) { if (in_array($action_name, $resources[$module_id][$controller_name])) { $allowed = true; } } } $inherited = false; if (count($roles_table->getInheritedRoles($role_id)) > 0) { $inherited = $this->isResourceInherited($module_id, $controller_name, $action_name, $role_id); } $all_actions[$module_id][$controller_name][$action_name] = array('allowed' => $allowed, 'inherited' => $inherited); } } } } $d->close(); $this->view->modid = $module_id; $mod_cfg = $modules_table->parseIni($module_id); $this->view->module_title = $mod_cfg['general']['name']; $this->view->actions = $all_actions; $this->view->modules = $enabled_modules; // get "extra" resources $extra_resources = array(); if (array_key_exists('resources', $mod_cfg)) { foreach ($mod_cfg['resources'] as $resource_name => $nicename) { $extra_resources[$resource_name]['nicename'] = $nicename; $extra_resources[$resource_name]['inherited'] = $this->isExtraResourceInherited($module_id, $resource_name, $role_id); $extra_resources[$resource_name]['allowed'] = $roles_res_extra_table->isAllowed($role_id, $module_id, $resource_name); } } $this->view->extra_resources = $extra_resources; }
function editAction() { if ($this->_user->username != $this->_identity->username) { $this->_forward('default', 'auth', 'missing'); return; } else { $countries_table = new Countries(); $this->view->countries = $countries_table->getCountriesArray('Choose a country...'); $user = $this->_user->toArray(); $params = array('user' => $user, 'request' => $this->_request, 'session' => $this->session); $pre_render = $this->_Bolts_plugin->doFilter($this->_mca . "_pre_render", $params); // FILTER HOOK $user = $pre_render['user']; foreach ($pre_render as $key => $value) { if ($key != "user") { $this->view->{$key} = $value; } } //$tags = unserialize($user->tags); if ($this->getRequest()->isPost()) { $errors = array(); $request = new Bolts_Request($this->getRequest()); $request->stripTags(array('email', 'newpassword', 'confirm', 'aboutme')); $user['username'] = $this->_identity->username; $user['email'] = $request->email; $user['full_name'] = $request->full_name; $user['password'] = $request->newpassword; $user['confirm'] = $request->confirm; $user['birthday'] = $birthday = strtotime($request->Birthday_Day . $request->Birthday_Month . $request->Birthday_Year); //$user['tags'] = $tag_array = Bolts_Common::makeTagArray($request->tags); $user['gender'] = $request->gender; $user['country_code'] = $request->country_code; $user['aboutme'] = $request->aboutme; // validate email if (!Bolts_Validate::checkEmail($user['email'])) { $errors[] = $this->_T("Email is not valid"); } // check to see if email is in use already by someone else if ($this->_users_table->isEmailInUse($user['email'], $user['username'])) { $errors[] = $this->_T("Email already in use"); } // if password isn't blank, validate it if ($user['password'] != "") { if (!Bolts_Validate::checkLength($user['password'], 6, Bolts_Registry::get('password_length'))) { $errors[] = $this->_T("Password must be between %d and %d characters", array(6, Bolts_Registry::get('password_length'))); } // if password is set, make sure it matches confirm if ($user['password'] != $user['confirm']) { $errors[] = $this->_T("Passwords don't match"); } } if (!Bolts_Validate::checkLength($user['aboutme'], 0, Bolts_Registry::get('user_about_me_length'))) { $errors[] = $this->_T("About me must be less than %d characters.", Bolts_Registry::get('user_about_me_length')); } // convert birthday_ts to mysql date $birthday = date("Y-m-d H:i:s", $user['birthday']); $params = array('request' => $this->getRequest(), 'user' => $user, 'errors' => $errors); // upload new avatar image if present if (array_key_exists('filedata', $_FILES)) { if ($_FILES['filedata']['tmp_name'] != '') { $users_table = new Users(); $destination_path = $users_table->getAvatarPath($user['username']); $destination_filename = $users_table->getAvatarPath($user['username'], true); if (!is_dir($destination_path)) { mkdir($destination_path, 0777, true); Bolts_Log::report("Creating user folder at " . $destination_path, null, Zend_Log::DEBUG); } if (file_exists($destination_filename)) { unlink($destination_filename); Bolts_Log::report("Deleted existing user avatar from " . $destination_path, null, Zend_Log::DEBUG); } else { Bolts_Log::report("User avatar did not exist in " . $destination_path, null, Zend_Log::DEBUG); } move_uploaded_file($_FILES['filedata']['tmp_name'], $destination_filename); Users::clearUserCache($user['username']); Bolts_Log::report("User avatar uploaded to " . $destination_path, null, Zend_Log::DEBUG); $params['user']['hasnewfile'] = true; } else { $params['user']['hasnewfile'] = false; } } $additional = $this->_Bolts_plugin->doFilter($this->_mca . "_pre_save", $params); // FILTER HOOK $errors = $additional['errors']; $user = $additional['user']; if (strlen($user['full_name']) < 1) { $user['full_name'] = $this->_T("Unidentified User"); } if (count($errors) == 0) { $data = array('email' => $user['email'], 'full_name' => $user['full_name'], 'birthday' => $birthday, 'aboutme' => nl2br($user['aboutme']), 'gender' => $user['gender'], 'country_code' => $user['country_code'], 'last_modified_on' => date(DB_DATETIME_FORMAT)); if ($user['password'] != "") { $data['password'] = $user['password']; } $where = $this->_users_table->getAdapter()->quoteInto('username = ?', $this->_username); $this->_users_table->update($data, $where); $this->_Bolts_plugin->doAction('default_user_edit_post_save', array('username' => $this->_username)); // ACTION HOOK $this->view->success = $this->_T("Profile Updated."); } else { $this->view->errors = $errors; } } //$this->view->tags = Bolts_Common::makeTagString($tags); $this->view->end_year = -Bolts_Registry::get('minimum_registration_age'); // multiply min age by number of seconds in a year $this->view->genders = Bolts_Common::getGenderArray(); $user['aboutme'] = Bolts_Common::br2nl(stripslashes($user['aboutme'])); $this->view->user = $user; } }