function render()
{
$result = new Dto_FormResult('notsubmitted');
# check the users' permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_view_spotdetail, '');
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_edit_spotdetail, '');
# and actually retrieve the spot
$fullSpot = '';
try {
$svcActn_GetSpot = new Services_Actions_GetSpot($this->_settings, $this->_daoFactory, $this->_spotSec);
$fullSpot = $svcActn_GetSpot->getFullSpot($this->_currentSession, $this->_messageId, true);
$fullSpot = str_replace("[br]", "\n", $fullSpot);
} catch (Exception $ex) {
$result->addError($ex->getMessage());
}
# catch
# and create a nice and shiny page title
$this->_pageTitle = "spot: edit spot";
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_spotForm['action'];
# Only perform certain validations when the form is actually submitted
if (!empty($formAction)) {
switch ($formAction) {
case 'delete':
# check permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_delete_spot, '');
# assume success
$result->setResult('success');
# remove the spot from the database
$svcSpotEditor = new Services_Posting_Editor($this->_daoFactory, $this->_currentSession);
$svcSpotEditor->deleteSpot($this->_messageId);
break;
# case 'delete'
# case 'delete'
case 'edit':
# create a fullspot xml from the data entered by the user and the original fullspot
$svcSpotEditor = new Services_Posting_Editor($this->_daoFactory, $this->_currentSession);
$result = $svcSpotEditor->updateSpotXml($fullSpot, $this->_spotForm);
if ($result->isSuccess()) {
# update the spot in the database
$svcSpotEditor->updateSpot($this->_messageId, $result->getData('spotxml'));
}
# if
break;
# case 'edit'
}
# switch
}
# if
#- display stuff -#
$this->template('editspot', array('editspotform' => $fullSpot, 'result' => $result));
}
public function createUserRecord(array $spotUser)
{
$result = new Dto_FormResult();
$spotUser['userid'] = false;
/*
* Create a random password for this user
*/
$spotUser['newpassword1'] = substr(Services_User_Util::generateUniqueId(), 1, 9);
$spotUser['newpassword2'] = $spotUser['newpassword1'];
/*
* Validate several properties of the user, we share
* this code with the user editor
*/
$result->mergeResult($this->validateUserRecord($spotUser, false));
/*
* Make sure no other user exists with the same username
*/
$userIdForName = $this->_userDao->findUserIdForName($spotUser['username']);
if (!empty($userIdForName)) {
$result->addError(sprintf(_("'%s' already exists"), $spotUser['username']));
}
# if
if ($result->isSuccess()) {
# Create a private and public key pair for this user
$spotSigning = Services_Signing_Base::factory();
$userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path'));
$spotUser['publickey'] = $userKey['public'];
$spotUser['privatekey'] = $userKey['private'];
# Actually add the user
$spotUser['userid'] = $this->addUser($spotUser);
/*
* We assume the user was successfully added, all validation is done at
* a higher level, and addUser() will throw an exception if something is
* seriously wrong
*/
$result->addData('userid', $spotUser['userid']);
$result->addData('username', $spotUser['username']);
$result->addData('password', $spotUser['newpassword1']);
$result->addData('userrecord', $spotUser);
$result->addInfo(sprintf(_("User <strong>"%s"</strong> successfully added"), $spotUser['username']));
$result->addInfo(sprintf(_("Password: <strong>"%s"</strong>"), $spotUser['newpassword1']));
$result->setResult('success');
}
# if
return $result;
}
function render()
{
$result = new Dto_FormResult('notsubmitted');
# Check permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_perform_login, '');
/*
* Create a default SpotUser so the form is always able to render
* the values of the form
*/
$credentials = array('username' => '', 'password' => '');
# Instantiate the Spot user system
$svcUserAuth = new ServiceS_User_Authentication($this->_daoFactory, $this->_settings);
# set the page title
$this->_pageTitle = "spot: login";
# bring the form action into the local scope
$formAction = $this->_loginForm['action'];
# Are we already submitting the form login?
if (!empty($formAction)) {
# make sure we can simply assume all fields are there
$credentials = array_merge($credentials, $this->_loginForm);
$tryLogin = $svcUserAuth->authenticate($credentials['username'], $credentials['password']);
if (!$tryLogin) {
/* Create an audit event */
if ($this->_settings->get('auditlevel') != SpotSecurity::spot_secaudit_none) {
$spotAudit = new SpotAudit($this->_daoFactory, $this->_settings, $this->_currentSession['user'], $this->_currentSession['session']['ipaddr']);
$spotAudit->audit(SpotSecurity::spotsec_perform_login, 'incorrect user or pass', false);
}
# if
$result->addError(_('Invalid username or password'));
} else {
$result->setResult("success");
$this->_currentSession = $tryLogin;
}
# else
} else {
# When the user is already logged in, show this as a warning
if ($this->_currentSession['user']['userid'] != $this->_settings->get('nonauthenticated_userid')) {
$result->addError(_('You are already logged in'));
}
# if
}
# else
#- display stuff -#
$this->template('login', array('loginform' => $credentials, 'result' => $result, 'http_referer' => $this->_loginForm['http_referer'], 'data' => $this->_params['data']));
}
function render()
{
# Check users' permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_blacklist_spotter, '');
# Make sure the editresult is set to 'not comitted' per default
$result = new Dto_FormResult('notsubmitted');
# Create the default blacklist information
$blackList = array('spotterid' => '', 'origin' => '');
# set the page title
$this->_pageTitle = "report: blacklist spotter";
/*
* bring the forms' action into the local scope for
* easier access
*/
if (isset($this->_blForm['action'])) {
$formAction = $this->_blForm['action'];
} else {
$formAction = '';
}
# else
# Instantiate the user system which does the actually heavy lifting
$svcUserRecord = new Services_User_Record($this->_daoFactory, $this->_settings);
if (!empty($formAction) && !$result->isError()) {
$result->setResult('success');
# Make sure we have a complete blacklist information
$blackList = array_merge($blackList, $this->_blForm);
switch ($formAction) {
case 'addspotterid':
$result->mergeResult($svcUserRecord->addSpotterToList($this->_currentSession['user'], $blackList['spotterid'], $blackList['origin'], $blackList['idtype']));
break;
# case addspotterid
# case addspotterid
case 'removespotterid':
$result->mergeResult($svcUserRecord->removeSpotterFromList($this->_currentSession['user'], $blackList['spotterid']));
break;
# case removespotterid
}
# switch
}
# if
#- display stuff -#
$this->template('jsonresult', array('result' => $result));
}
function render()
{
$result = new Dto_FormResult('notsubmitted');
# Check users' permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_perform_logout, '');
# Instanatiate the spotweb user system
$svcUserAuth = new Services_User_Authentication($this->_daoFactory, $this->_settings);
# make sure the logout isn't cached
$this->sendExpireHeaders(true);
# send the appropriate content-type header
$this->sendContentTypeHeader('json');
# and remove the users' session if the user isn't the anonymous one
if ($svcUserAuth->removeSession($this->_currentSession)) {
$result->setResult('success');
} else {
$result->addError(_('Unable to remove session'));
}
# else
$this->template('jsonresult', array('result' => $result));
}
function render()
{
# Make sure the result is set to 'not comited' per default
$result = new Dto_FormResult('notsubmitted');
# Validate proper permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, '');
# Sportparser is nodig voor het escapen van de random string
$spotParseUtil = new Services_Format_Util();
# we need the spotuser system
$svcUserRecord = new Services_User_Record($this->_daoFactory, $this->_settings);
/*
* Create a default form so we can be sure to always be able
* to render the form without notices or whatever
*/
$spot = array('title' => '', 'body' => '', 'category' => 0, 'subcata' => '', 'subcatb' => array(), 'subcatc' => array(), 'subcatd' => array(), 'subcatz' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => '');
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_spotForm['action'];
# set the page title
$this->_pageTitle = "spot: post";
# Make sure all variables are merged with the default form
$spot = array_merge($spot, $this->_spotForm);
# If user tried to submit, validate the file uploads
$nzbFilename = '';
$imgFilename = '';
if ($formAction == 'post') {
$result->setResult('success');
# Make sure an NZB file was provided
$uploadHandler = new Services_Providers_FileUpload('newspotform', 'nzbfile');
if (!$uploadHandler->isUploaded()) {
$result->addError(_('Please select NZB file'));
} elseif (!$uploadHandler->success()) {
$result->addError(_('Invalid NZB file') . ' (' . $uploadHandler->errorText() . ')');
} else {
$nzbFilename = $uploadHandler->getTempName();
}
# if
# Make sure an picture was provided
$uploadHandler = new Services_Providers_FileUpload('newspotform', 'imagefile');
if (!$uploadHandler->isUploaded()) {
$result->addError(_('Please select a picture'));
} elseif (!$uploadHandler->success()) {
$result->addError(_('Invalid picture') . ' (' . $uploadHandler->errorText() . ')');
} else {
$imgFilename = $uploadHandler->getTempName();
}
# if
}
# if
if ($formAction == 'post' && $result->isSuccess()) {
# Initialize notificatiesystem
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $this->_currentSession);
# Make sure we can post this spot, if so, make it happen
$svcPostSpot = new Services_Posting_Spot($this->_daoFactory, $this->_settings);
$result = $svcPostSpot->postSpot($svcUserRecord, $this->_currentSession['user'], $spot, $imgFilename, $nzbFilename);
if ($result->isSuccess()) {
$result->addData('user', $this->_currentSession['user']['username']);
$result->addData('spotterid', $spotParseUtil->calculateSpotterId($this->_currentSession['user']['publickey']['modulo']));
# en send a notification
$spotsNotifications->sendSpotPosted($spot);
}
# if
}
# if
#- display stuff -#
$this->template('newspot', array('postspotform' => $spot, 'result' => $result));
}
