function secondstageAction()
{
$request = new Bolts_Request($this->getRequest());
$appNamespace = new Zend_Session_Namespace('Bolts_Temp');
$basepath = Zend_Registry::get('basepath');
$config_table = new Config();
$appname = "My Application";
if ($request->has('appname')) {
$appname = $request->appname;
}
$config_table->set('bolts', 'site_name', $appname);
$config_table->set('bolts', 'title_prefix', $appname);
$config_table->set('bolts', 'upload_path', $basepath . "/uploads", true);
$config_table->set('bolts', 'theme', 'default', true);
$config_table->set('bolts', 'missing_image', $basepath . "/themes/frontend/bolts/images/image-missing.png", true);
$config_table->set('bolts', 'site_url', 'http://' . $_SERVER['SERVER_NAME']);
$config_table->set('bolts', 'salt', substr(md5(rand(1, 1000)), 0, 10));
$config_table->cache();
$username = $request->username;
$users_table = new Users();
$user = $users_table->fetchByUsername($username);
$password = substr(md5(rand(50000, 100000)), 0, 8);
if (!is_null($user)) {
$user->password = $password;
$user->save();
$users_table->setMetaData($username, "is_installer", 1);
$appNamespace->autoLogin = true;
$appNamespace->autoLoginUsername = $username;
$appNamespace->autoLoginPassword = $password;
$appNamespace->autoLoginPasswordHash = md5($password);
} else {
die("Somehow the admin user didn't get created or didn't get sent with the request. This is bad. Really, really bad.");
}
$this->_redirect("/bolts/install/finished/username/" . $username);
}
function indexAction()
{
$config_table = new Config();
$modules_table = new Modules("core");
$request = new Bolts_Request($this->getRequest());
if ($request->has('modid')) {
$modid = $request->modid;
} else {
$modid = 'bolts';
}
if ($this->_request->isPost()) {
//we are posting
$config_params = $this->_request->getParams();
foreach ($config_params as $ckey => $value) {
$data = array('value' => $value);
$config_table->update($data, "ckey = '" . $ckey . "' and module='" . $modid . "'");
}
$this->view->success = $this->_T('Configuration Updated.');
$config_table->cache();
$params = array();
$this->_Bolts_plugin->doAction($this->_mca . '_post_save', $params);
// ACTION HOOK
}
$config = $config_table->fetchAll($config_table->select()->where('module = ?', $modid));
if (count($config) > 0) {
$config = $config->toArray();
sort($config);
$this->view->config = $config;
}
$modules = $modules_table->getEnabledModules();
sort($modules);
$this->view->modules = $modules;
$this->view->current = $modid;
$this->view->modid = $modid;
}
function setcookieAction()
{
// TODO maybe? - prevent people from viewing this page if localization is not enabled
$request = new Bolts_Request($this->getRequest());
if ($request->has("code") && $request->code != "") {
$locale_code = $request->code;
$time = Bolts_Registry::get('locale_cache_lifetime');
if (Bolts_Translate::validateLocaleCode($locale_code)) {
setcookie("locale_code", $locale_code, time() + $time, "/");
if ($request->has("return_url")) {
$url_filter = new Bolts_Url_Filter();
header("Location: " . $url_filter->filter($request->return_url, array('locale_code' => $locale_code)));
} else {
header("Location: /" . $locale_code);
}
}
} else {
$this->_redirect("/bolts/locale/choose/");
}
}
function deleteAction()
{
$request = new Bolts_Request($this->getRequest());
$roles_table = new Roles();
if ($request->has('id')) {
$id = $request->id;
$role = $roles_table->fetchRow("id = " . $id);
if (is_null($role)) {
$this->_redirect('/bolts/role');
}
} else {
$this->_redirect('/bolts/role');
}
if ($this->getRequest()->isPost() and $request->has("delete")) {
$errors = array();
// can't be last admin
if ((bool) $role->isadmin and $roles_table->getCountByWhereClause("isadmin = 1") == 1) {
$errors[] = $this->_T("This is the only admin role. It cannot be deleted.");
}
// can't be guest
if ((bool) $role->isguest) {
$errors[] = $this->_T("This is the guest role. It cannot be deleted.");
}
// can't be default
if ((bool) $role->isdefault) {
$errors[] = $this->_T("This is the default role. It cannot be deleted.");
}
// can't have any users
$userwhereclause = "role_id = " . $role->id;
$users_table = new UsersRoles();
if ($users_table->getCountByWhereClause($userwhereclause) > 0) {
$errors[] = $this->_T("This role cannot be deleted because there are users assigned to it.");
}
// can't have children
$inherited_by = $roles_table->fetchImmediateChildren($role->id);
if (count($inherited_by) > 0) {
$error = $this->_T("This role is inherited by role(s) ");
$firstpass = true;
foreach ($inherited_by as $role_i) {
if ($firstpass) {
$firstpass = false;
} else {
$error .= ", ";
}
$error .= $role_i->shortname;
}
$error .= $this->_T(". It cannot be deleted.");
$errors[] = $error;
}
if ($request->delete == "Yes") {
if (count($errors) > 0) {
$this->view->errors = $errors;
} else {
$roles_table->delete("id = " . $id);
$this->view->success = $this->_T("Role deleted.");
}
} else {
$this->_redirect("/bolts/role");
}
}
$this->view->role = $role->toArray();
}
function testdataAction()
{
$request = new Bolts_Request($this->getRequest());
if ($this->getRequest()->isPost()) {
$errors = array();
$data_path = $request->data_path;
$data_file = $data_path . "/users.dat";
$image_dir = $data_path . "/images";
$users_table = new Users();
$users_roles_table = new UsersRoles();
if ($request->has("email_domain")) {
$email_domain = $request->email_domain;
} else {
$email_domain = "nowhere.com";
}
if (!file_exists($data_file)) {
$errors[] = $this->_T("Data file missing. Check path.");
} else {
$users = unserialize(file_get_contents($data_file));
if (!is_array($users)) {
$errors[] = $this->_T("Data file is corrupt or something.");
}
}
if (count($errors) == 0) {
$old_users = $users_table->fetchAll();
foreach ($old_users as $old_user) {
if ($users_table->getMetaData($old_user->username, "is_test_user") == "true") {
$where = $users_table->getAdapter()->quoteInto("username = ?", $old_user->username);
$users_table->delete($where);
$users_roles_table->delete($where);
}
}
$count = 0;
foreach ($users as $user) {
$tmp_user = array();
foreach ($user as $key => $value) {
if ($key != "avatar") {
$tmp_user[$key] = $value;
}
}
$tmp_user['email'] = strtolower($tmp_user['username'] . "@" . $email_domain);
$tmp_user['password'] = "******";
$destination_path = $users_table->getAvatarPath($user['username']);
$destination_filename = $users_table->getAvatarPath($user['username'], true);
if (!is_dir($destination_path)) {
mkdir($destination_path, 0777, true);
}
if (file_exists($destination_filename)) {
unlink($destination_filename);
}
$source_image = $image_dir . "/" . $user['avatar'];
copy($source_image, $destination_filename);
$role_data = array("username" => $tmp_user['username'], "role_id" => $tmp_user['role_id']);
$users_roles_table->insert($role_data);
unset($tmp_user['role_id']);
$users_table->insert($tmp_user);
$users_table->setMetaData($tmp_user['username'], "is_test_user", "true");
$save_users[] = $user;
$count++;
}
$this->view->success = "User data loaded. Created " . $count . " users.";
Bolts_Registry::set('test_data_path', $request->data_path);
$this->view->data_path = Bolts_Registry::get('test_data_path');
$this->view->email_domain = $email_domain;
} else {
$this->view->errors = $errors;
$this->view->data_path = Zend_Registry::get('basepath') . "/tmp/testdata";
$this->view->email_domain = $request->email_domain;
}
} else {
$this->view->data_path = Zend_Registry::get('basepath') . "/tmp/testdata";
$this->view->email_domain = "nowhere.com";
$this->view->notice = $this->_T("Warning: If you are reinstalling the test data, the old test data will be overwritten. Users created outside the test data should not be affected.");
}
}
function uninstallAction()
{
$request = new Bolts_Request($this->getRequest());
if ($request->has('id')) {
$this->view->id = $request->id;
$this->view->notice = $this->_T("You are about to uninstall a module. This cannot be undone.");
} else {
$this->_redirect('/bolts/module/index');
}
if ($this->getRequest()->isPost()) {
$del = strtolower($request->delete);
if ($del == 'yes' && $request->has('id')) {
$this->_redirect("/bolts/module/index/id/" . $request->id . "/perform/uninstall");
} else {
$this->_redirect('/bolts/module/index');
}
}
}
function editAction()
{
$request = new Bolts_Request($this->getRequest());
$modules_table = new Modules();
$roles_resources_table = new RolesResources();
$roles_res_extra_table = new RolesResourcesExtra();
if ($request->has("id")) {
$role_id = $request->id;
$roles_table = new Roles();
$role = $roles_table->fetchRow("id = " . $role_id);
if (!is_null($role)) {
$this->view->role = $role->toArray();
$this->view->roleshortname = $role->shortname;
} else {
$this->_redirect("/role");
}
} else {
$this->_redirect("/role");
}
if ($request->has("modid")) {
if ($modules_table->exists($request->modid)) {
$module_id = $request->modid;
} else {
$module_id = "default";
}
} else {
$module_id = "default";
}
if ($this->getRequest()->isPost()) {
$resources = $this->getRequest()->getPost('resource');
// Hose everything for this role and module
$where = $roles_resources_table->getAdapter()->quoteInto("role_id = ? and ", $role_id);
$where .= $roles_resources_table->getAdapter()->quoteInto("module = ? ", $module_id);
$roles_resources_table->delete($where);
foreach ($resources as $resource) {
$resource_array = explode("-", $resource);
$resource_module = $resource_array[0];
$resource_controller = $resource_array[1];
$resource_action = $resource_array[2];
$data = array('role_id' => $role_id, 'module' => $resource_module, 'controller' => $resource_controller, 'action' => $resource_action);
$roles_resources_table->insert($data);
}
$where = $roles_res_extra_table->getAdapter()->quoteInto("role_id = ? and ", $role_id);
$where .= $roles_res_extra_table->getAdapter()->quoteInto("module = ? ", $module_id);
$roles_res_extra_table->delete($where);
if ($request->has("extra_resource")) {
foreach ($request->extra_resource as $extra_resource_item) {
$data = array('role_id' => $role_id, 'module' => $module_id, 'resource' => $extra_resource_item);
$roles_res_extra_table->insert($data);
}
}
$this->view->success = $this->_T("Resources updated.");
}
$db_roles_resources = $roles_resources_table->fetchAll('role_id = ' . $role_id);
$resources = array();
foreach ($db_roles_resources as $resource) {
if (!array_key_exists($resource->module, $resources)) {
$resources[$resource->module] = array();
}
if (!array_key_exists($resource->controller, $resources[$resource->module])) {
$resources[$resource->module][$resource->controller] = array();
}
$resources[$resource->module][$resource->controller][] = $resource->action;
}
/*
* This is a poor man's introspector. The reflection API needs the classes actually available,
* which creates naming conflicts between modules. What I do instead is read the physical files,
* line by line, find the lines with "function fooAction" and determine that the action name is
* "foo". It's a hack, but it works.
*/
$all_actions = array();
$modules = array();
$controllerdirs = array();
$enabled_modules = $modules_table->getEnabledModules();
foreach ($enabled_modules as $enabled_module) {
$controllerdirs[$enabled_module] = Zend_Registry::get("basepath") . "/modules/" . $enabled_module . "/controllers";
}
$controllerdir = $controllerdirs[$module_id];
$d = dir($controllerdir);
$modules[] = $module_id;
while (($entry = $d->read()) !== false) {
if ($entry != '.' and $entry != '..' and $entry != '.svn') {
$controller_name = substr($entry, 0, stripos($entry, 'Controller.php'));
if ($module_id != "default" && substr($controller_name, 0, 1) == "_") {
$controller_name = substr($controller_name, stripos($controller_name, '_') + 1);
}
$lines = file($controllerdir . '/' . $entry);
foreach ($lines as $line) {
if (preg_match('/function.*Action.*\\(.*\\).*\\{?/', $line)) {
$action_name = trim(preg_replace('/Action.*/', '', preg_replace('/^.*function/', '', $line)));
$allowed = false;
if (array_key_exists($module_id, $resources)) {
if (array_key_exists($controller_name, $resources[$module_id])) {
if (in_array($action_name, $resources[$module_id][$controller_name])) {
$allowed = true;
}
}
}
$inherited = false;
if (count($roles_table->getInheritedRoles($role_id)) > 0) {
$inherited = $this->isResourceInherited($module_id, $controller_name, $action_name, $role_id);
}
$all_actions[$module_id][$controller_name][$action_name] = array('allowed' => $allowed, 'inherited' => $inherited);
}
}
}
}
$d->close();
$this->view->modid = $module_id;
$mod_cfg = $modules_table->parseIni($module_id);
$this->view->module_title = $mod_cfg['general']['name'];
$this->view->actions = $all_actions;
$this->view->modules = $enabled_modules;
// get "extra" resources
$extra_resources = array();
if (array_key_exists('resources', $mod_cfg)) {
foreach ($mod_cfg['resources'] as $resource_name => $nicename) {
$extra_resources[$resource_name]['nicename'] = $nicename;
$extra_resources[$resource_name]['inherited'] = $this->isExtraResourceInherited($module_id, $resource_name, $role_id);
$extra_resources[$resource_name]['allowed'] = $roles_res_extra_table->isAllowed($role_id, $module_id, $resource_name);
}
}
$this->view->extra_resources = $extra_resources;
}
function registerAction()
{
$request = new Bolts_Request($this->getRequest());
if ($this->_auth->hasIdentity()) {
$this->_redirect('/bolts/user/profile/username/' . $this->_identity->username);
}
$users_table = new Users();
$user = array();
$pre_register_params = array();
if ($request->has('url')) {
$this->view->url_param = $request->url;
$pre_register_params['return_url'] = $request->url;
} else {
$pre_register_params['return_url'] = false;
}
$pre_register_params = $this->_Bolts_plugin->doFilter('default_pre_register', $pre_register_params);
// FILTER HOOK
foreach ($pre_register_params as $key => $value) {
if ($key == 'return_url') {
$this->view->url_param = $value;
} else {
$this->view->{$key} = $value;
}
}
if ($this->getRequest()->isPost()) {
$errors = array();
$user['username'] = $request->username;
if ($request->has('full_name')) {
if (strlen($request->full_name) < 1) {
$user['full_name'] = $this->_T("Unidentified User");
} else {
$user['full_name'] = $request->full_name;
}
} else {
$user['full_name'] = $this->_T("Unidentified User");
}
$user['email'] = $request->email;
$user['password'] = $request->password;
$user['confirm'] = $request->confirm;
if ($request->has('Birthday_Day') && $request->has('Birthday_Month') && $request->has('Birthday_Year')) {
$user['birthday'] = strtotime($request->Birthday_Day . " " . $request->Birthday_Month . " " . $request->Birthday_Year);
} else {
$user['birthday'] = null;
}
// validate username
$username_validator = new Zend_Validate();
$username_validator->addValidator(new Zend_Validate_StringLength(1, Bolts_Registry::get('username_length')));
$username_validator->addValidator(new Zend_Validate_Alnum());
if (!$username_validator->isValid($user['username'])) {
$show_username = "******" . $user['username'] . "'";
if (trim($user['username']) == "") {
$show_username = "******" . $this->_T("empty") . "]";
}
$errors[] = $this->_T("%s isn't a valid username. (Between %d and %d characters, only letters and numbers)", array($show_username, 1, Bolts_Registry::get('username_length')));
}
$user_where = $users_table->getAdapter()->quoteInto('username = ?', $user['username']);
if ($users_table->getCountByWhereClause($user_where) > 0) {
$errors[] = $this->_T("The username '%s' is already in use", $user['username']);
}
// validate email
$email_validator = new Zend_Validate_EmailAddress();
if (!$email_validator->isValid($user['email'])) {
$show_email = "'" . $user['email'] . "'";
if (trim($user['email']) == "") {
$show_email = "[" . $this->_T("empty") . "]";
}
$errors[] = $show_email . ' ' . $this->_T('is not a valid email.');
}
// make sure no one is using this email already
$email_where = $users_table->getAdapter()->quoteInto('email = ?', $user['email']);
if ($users_table->getCountByWhereClause($email_where) > 0) {
$errors[] = $this->_T("Email is already in use.");
}
$password_validator = new Zend_Validate();
$password_validator->addValidator(new Zend_Validate_StringLength(6, 32));
// make sure password is at least six chars
if (!$password_validator->isValid($user['password'])) {
$errors[] = $this->_T("Password must be between %d and %d characters", array(6, Bolts_Registry::get('password_length')));
}
// if password is set, make sure it matches confirm
if ($user['password'] != $user['confirm']) {
$errors[] = $this->_T("Passwords don't match");
}
// do we meet the minimum age?
$minimum_age = Bolts_Registry::get('minimum_registration_age', '13');
$years_ago = strtotime($minimum_age . ' years ago');
if ($user['birthday'] > $years_ago) {
$errors[] = $this->_T("You must be at least %d years old to register.", $minimum_age);
}
$params = array('request' => $this->getRequest(), 'user' => $user, 'errors' => $errors);
$additional = $this->_Bolts_plugin->doFilter($this->_mca, $params);
// FILTER HOOK
$errors = $additional['errors'];
$user = $additional['user'];
// convert birthday_ts to mysql date
$birthday_db = date(DB_DATETIME_FORMAT, $user['birthday']);
if (count($errors) == 0) {
$roles_table = new Roles();
$users_roles_table = new UsersRoles();
$default_role_shortname = Bolts_Registry::get('default_role_shortname');
$role_data = array("username" => $user['username'], "role_id" => $roles_table->getIdByShortname($default_role_shortname));
$users_roles_table->insert($role_data);
$user_data = array('username' => $user['username'], 'email' => $user['email'], 'full_name' => $user['full_name'], 'birthday' => $birthday_db, 'password' => $user['password'], 'created_on' => date("Y-m-d H:i:s"), 'ip' => getenv('REMOTE_ADDR'));
if (array_key_exists('about_me', $additional['user'])) {
$user_data['about_me'] = $additional['user']['about_me'];
}
// MAKE IT OFFICIAL
$users_table->insert($user_data);
// DO SOME PLUGINS
$params = array('user' => $user_data, 'request' => $request, 'username' => $user['username'], 'autologin' => true, 'autologin_username' => $user['username'], 'autologin_password' => $user['password'], 'autologin_password_hash' => md5($user['password']), 'locale_code' => $this->locale_code);
$params = $this->_Bolts_plugin->doFilter("default_post_register", $params);
// FILTER HOOK
$this->_Bolts_plugin->doAction($this->_mca . "_post_register", $params);
// ACTION HOOK (deprecated)
// SET UP AUTO-LOGIN, OR DON'T
if ($params['autologin']) {
$appNamespace = new Zend_Session_Namespace('Bolts_Temp');
$appNamespace->autoLogin = $params['autologin'];
$appNamespace->autoLoginUsername = $params['autologin_username'];
$appNamespace->autoLoginPassword = $params['autologin_password'];
$appNamespace->autoLoginPasswordHash = $params['autologin_password_hash'];
}
// SEND THE USER ON THEIR WAY
$url = '/bolts/user/postregister';
// if there was a URL passed in then add that encoded URL as a param to the default redirect
if ($request->has('url')) {
$url .= '/url/' . $request->url;
}
$this->_redirect($url);
} else {
$this->view->errors = $errors;
}
}
$this->view->user = $user;
$this->view->pagetitle = $this->_T("Register");
}
