static function do_login()
{
if (!self::cookie_support()) {
return null;
}
$current_visitor = self::details();
if (!isset($current_visitor['ip']) || !isset($current_visitor['browser'])) {
return null;
}
$user = new M_User(MGet::string('user'), true);
if ($user && $user->is_enabled() && $user->compare_pass(MGet::string('pass'))) {
if (strlen($user->get_username()) > 0) {
$username = $user->get_username();
} else {
return null;
}
$msession = mapi_random(24);
$time = date_format(new DateTime('now'), 'Y-m-d H:i:s');
$rand = $username . ' ' . $msession;
self::send_auth_cookie($rand, $time, $current_visitor['browser']);
$user->update_lastlogin($rand, $time, $current_visitor['browser']);
header('Location: ' . $_SERVER['REQUEST_URI']);
exit(0);
}
mapi_report_message('Invalid username/password.', 'error');
}
public function widget_uninstall()
{
if (isset($_POST['widget_uninstall']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('uninstall_widgets');
}
$this->widget_list();
}
public function module_uninstall()
{
if (isset($_POST['module_uninstall']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('uninstall_modules');
}
$this->module_list();
}
public function geocode()
{
if (isset($_GET['address']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$result = $this->model('geocode', null, 'majax_geo');
}
if ($result) {
echo json_encode($result);
}
}
public function preferences()
{
$this->set_page_title('#mappiamo - Preferences');
if (isset($_POST['preferences_update']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('update_preferences');
}
$preferences = $this->model('get_preferences');
$this->view('default', $preferences);
}
public function page_menu()
{
$this->set_as_ajax();
if (isset($_GET['menu_add']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('add_menu', $this->get_object());
}
if (isset($_GET['menu_remove']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('remove_menu', $this->get_object());
}
}
public function profile()
{
$this->set_page_title('#mappiamo - Profile');
if (isset($_POST['profile_update']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('update_profile');
}
if (isset($_POST['change_password']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('change_password');
}
$profile = $this->model('get_profile');
$this->view('default', $profile);
}
static function import()
{
$what = MGet::string('import_what');
if (!in_array($what, self::$availables)) {
return null;
}
$import_method = 'import_' . $what;
if (method_exists('MModel_MContent_Import', $import_method)) {
return self::$import_method();
}
return null;
}
public function category_delete()
{
$this->set_page_title('#mappiamo - Delete category');
if (isset($_POST['category_delete']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('delete_category', $this->get_object());
}
$category = $this->model('get_category', $this->get_object());
if ($category) {
$this->view('delete', $category);
} else {
$this->category_list();
}
}
public function menu_delete()
{
$this->set_page_title('#mappiamo - Delete menu');
if (isset($_POST['menu_delete']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('delete_menu', $this->get_object());
}
$menu = $this->model('get_menu', $this->get_object());
if ($menu) {
$this->view('delete', $menu);
} else {
$this->menu_list();
}
}
public function user_delete()
{
$this->set_page_title('#mappiamo - Delete user');
if (isset($_POST['user_delete']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('delete_user', $this->get_object());
}
$user = $this->model('get_user', $this->get_object());
if ($user) {
$this->view('delete', $user);
} else {
$this->user_list();
}
}
static function change_password()
{
if (!MGet::string('user_pass')) {
return null;
}
$profile = self::get_profile();
if ($profile) {
if (MGet::string('user_pass') != MGet::string('user_pass_repeat')) {
return mapi_report_message('Passwords do not match');
}
$profile->change_password(MGet::string('user_pass'), false);
}
}
private function route($env)
{
$request = mapi_request();
switch ($env) {
case 'manager':
if (isset($request['module'])) {
$this->set_module(MGet::string('module'));
}
if (isset($request['task'])) {
$this->set_task(MGet::string('task'));
}
if (isset($request['object'])) {
$this->set_num_object_id(MGet::string('object'));
}
break;
case 'frontend':
$routing = 'default';
$pref = MObject::get('preference', 'routing');
if ($pref && is_object($pref) && 'sef' == $pref->get_value()) {
$routing = 'sef';
}
// sef routing here
if (isset($request['module'])) {
$this->set_module(MGet::string('module'));
}
if (isset($request['task'])) {
$this->set_task(MGet::string('task'));
}
if (isset($request['object'])) {
$this->set_num_object_id(MGet::string('object'));
}
break;
}
MAuth::init();
if ('manager' == $env) {
if ('register' != $this->module) {
if ('login' != $this->module && !MAuth::is_auth()) {
$this->reset_to('login');
} elseif ('login' == $this->module && MAuth::is_auth() && !isset($_POST['do-logout'])) {
$this->reset_to('dashboard');
}
} else {
if (MAuth::is_auth()) {
$this->reset_to('dashboard');
}
}
if ('login' != $this->module && 'register' != $this->module) {
//if ( ! MAuth::check_perm( self::$this->module, $this->task ) ) $this->reset_to( 'denied' );
}
}
}
public function register()
{
$reg_allowed = MObject::get('preference', 'registration');
if ('yes' == $reg_allowed->get_value()) {
if (isset($_POST['do-register']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$this->model('register');
}
if (isset($_GET['activate']) && 1 == $_GET['activate']) {
$this->model('activate');
}
$this->view();
} else {
header('Location: ../index.php');
exit(0);
}
}
static function string($input, $method = null)
{
$value = strval(MGet::get($input, $method));
if (!$value) {
return null;
}
$clean = MGet::remove_invisible($value);
if (!$clean) {
return null;
}
$forced_clean = MGet::force_utf8($clean);
if (!$forced_clean) {
return null;
}
return stripslashes($forced_clean);
}
static function geocode()
{
$result = array('status' => 'FAIL', 'lat' => null, 'lng' => null);
$address = MGet::string('address');
if (!MValidate::address($address)) {
return $result;
}
global $geocoder;
try {
$geocode = $geocoder->geocode($address);
$result['status'] = 'OK';
$result['lat'] = $geocode->getLatitude();
$result['lng'] = $geocode->getLongitude();
} catch (Exception $e) {
return $result;
}
return $result;
}
static function data_object($task, $object = null)
{
$data = new stdClass();
$inputs = array('title' => 'category_title', 'flagship' => 'category_contents', 'enabled' => 'category_enabled');
$data->id = 0;
if ($object && method_exists($object, 'get_id')) {
$data->id = $object->get_id();
}
$data->title = '';
if (MGet::string($inputs['title'])) {
$data->title = MGet::string($inputs['title']);
} elseif ($object && method_exists($object, 'get_title')) {
$data->title = $object->get_title();
}
$data->flagship = 0;
if (MGet::int($inputs['flagship'])) {
$data->flagship = MGet::int($inputs['flagship']);
} elseif ($object && method_exists($object, 'get_flagship')) {
$data->flagship = $object->get_flagship();
}
$data->enabled = false;
if (MGet::int($inputs['enabled']) && 1 == MGet::int($inputs['enabled'])) {
$data->enabled = true;
} elseif ($object && method_exists($object, 'is_enabled') && $object->is_enabled()) {
$data->enabled = true;
}
$data->content_count = 0;
if ($object && method_exists($object, 'count_contents')) {
$data->content_count = $object->count_contents();
}
$data->contents = '';
if ($object && method_exists($object, 'get_contents')) {
$data->contents = $object->get_contents();
}
$data->created = array();
if ($object && method_exists($object, 'created')) {
$data->created = $object->created();
}
$data->modified = array();
if ($object && method_exists($object, 'modified')) {
$data->modified = $object->modified();
}
return $data;
}
static function activate()
{
$availables = mapi_for_activation();
if (in_array(urlencode(MGet::string('c', 'GET')), $availables)) {
$activation = urlencode(MGet::string('c', 'GET'));
} else {
return null;
}
$user = ORM::for_table('users')->where('enabled', 0)->where('activation', $activation)->find_one();
if ($user) {
$user->enabled = 1;
if ($user->save()) {
mapi_report('Your account is successfully activated. You can login now.', 'success');
$user->activation = null;
$user->save();
header('Location: index.php?module=login');
exit(0);
}
}
}
static function data_object($object = null)
{
$data = new stdClass();
$inputs = array('title' => 'menu_title', 'enabled' => 'menu_enabled');
$data->id = 0;
if ($object && method_exists($object, 'get_id')) {
$data->id = $object->get_id();
}
$data->title = '';
if (MGet::string($inputs['title'])) {
$data->title = MGet::string($inputs['title']);
} elseif ($object && method_exists($object, 'get_title')) {
$data->title = $object->get_title();
}
$data->enabled = false;
if (MGet::int($inputs['enabled']) && 1 == MGet::int($inputs['enabled'])) {
$data->enabled = true;
} elseif ($object && method_exists($object, 'is_enabled') && $object->is_enabled()) {
$data->enabled = true;
}
$data->pages_count = 0;
if ($object && method_exists($object, 'count_pages')) {
$data->pages_count = $object->count_pages();
}
$data->pages = array();
if ($object && method_exists($object, 'get_pages')) {
$data->pages = $object->get_pages();
}
$data->created = array();
if ($object && method_exists($object, 'created')) {
$data->created = $object->created();
}
$data->modified = array();
if ($object && method_exists($object, 'modified')) {
$data->modified = $object->modified();
}
return $data;
}
static function data_object($object = null)
{
$data = new stdClass();
$inputs = array('group_id' => 'user_group_id', 'username' => 'user_username', 'email' => 'user_email', 'name' => 'user_name', 'enabled' => 'user_enabled');
$data->id = 0;
if ($object && method_exists($object, 'get_id')) {
$data->id = $object->get_id();
}
$data->group = 3;
if (MGet::int($inputs['group_id'])) {
$data->group = MGet::int($inputs['group_id']);
} elseif ($object && method_exists($object, 'get_group_id')) {
$data->group = $object->get_group_id();
}
$data->username = '';
if (MGet::string($inputs['username'])) {
$data->username = MGet::string($inputs['username']);
} elseif ($object && method_exists($object, 'get_username')) {
$data->username = $object->get_username();
}
$data->email = '';
if (MGet::string($inputs['email'])) {
$data->email = MGet::string($inputs['email']);
} elseif ($object && method_exists($object, 'get_email')) {
$data->email = $object->get_email();
}
$data->name = '';
if (MGet::string($inputs['name'])) {
$data->name = MGet::string($inputs['name']);
} elseif ($object && method_exists($object, 'get_name')) {
$data->name = $object->get_name();
}
$data->enabled = false;
if (MGet::int($inputs['enabled']) && 1 == MGet::int($inputs['enabled'])) {
$data->enabled = true;
} elseif ($object && method_exists($object, 'is_enabled') && $object->is_enabled()) {
$data->enabled = true;
}
$data->created = array();
if ($object && method_exists($object, 'created')) {
$data->created = $object->created();
}
$data->modified = array();
if ($object && method_exists($object, 'modified')) {
$data->modified = $object->modified();
}
$data->created = array();
if ($object && method_exists($object, 'created')) {
$data->created = $object->created();
}
$data->modified = array();
if ($object && method_exists($object, 'modified')) {
$data->modified = $object->modified();
}
return $data;
}
static function data_object($object = null)
{
$data = new stdClass();
$inputs = array('title' => 'page_title', 'url' => 'page_url', 'blank' => 'page_on_blank', 'enabled' => 'page_enabled');
$data->id = 0;
if ($object && method_exists($object, 'get_id')) {
$data->id = $object->get_id();
}
$data->title = '';
if (MGet::string($inputs['title'])) {
$data->title = MGet::string($inputs['title']);
} elseif ($object && method_exists($object, 'get_title')) {
$data->title = $object->get_title();
}
$data->url = '';
if (MGet::string($inputs['url'])) {
$data->url = MGet::string($inputs['url']);
} elseif ($object && method_exists($object, 'get_url')) {
$data->url = $object->get_url();
}
$data->blank = false;
if (MGet::int($inputs['blank']) && 1 == MGet::int($inputs['blank'])) {
$data->blank = true;
} elseif ($object && method_exists($object, 'page_on_blank') && $object->page_on_blank()) {
$data->blank = true;
}
$data->enabled = false;
if (MGet::int($inputs['enabled']) && 1 == MGet::int($inputs['enabled'])) {
$data->enabled = true;
} elseif ($object && method_exists($object, 'is_enabled') && $object->is_enabled()) {
$data->enabled = true;
}
$data->menus = array();
if ($object && method_exists($object, 'get_menus')) {
$data->menus = $object->get_menus();
}
$data->created = array();
if ($object && method_exists($object, 'created')) {
$data->created = $object->created();
}
$data->modified = array();
if ($object && method_exists($object, 'modified')) {
$data->modified = $object->modified();
}
return $data;
}
static function force_utf8($input)
{
return MGet::force_utf8($input);
}
public function content_import()
{
$this->set_page_title('#mappiamo - Import content');
if (isset($_POST['content_import']) && mapi_csrf_check(MGet::string('mapi_csrf'))) {
$content = $this->model('import_content');
if ($content && $content->get_id()) {
header('Location: index.php?module=mcontent&task=content_edit&object=' . intval($content->get_id()));
exit(0);
}
}
if (isset($_POST['import_begin'])) {
$data = $this->model('import', null, 'mcontent_import');
$this->view('import_results', $data);
} else {
$this->view('import');
}
}
<?php
MMessaging::show();
?>
</div>
<h2 class="form-signin-heading">#mappiamo</h2>
<input type="text" name="user" class="form-control" placeholder="Username" value="<?php
MPut::_html_attr(MGet::string('user'));
?>
" autofocus>
<input type="text" name="name" class="form-control" placeholder="Name" value="<?php
MPut::_html_attr(MGet::string('name'));
?>
">
<input type="text" name="email" class="form-control" placeholder="Email" value="<?php
MPut::_html_attr(MGet::string('email'));
?>
" >
<input type="password" name="pass" class="form-control" placeholder="Password">
<input type="password" name="pass_repeat" class="form-control" placeholder="Repeat password">
<script>
var RecaptchaOptions = {
theme : 'white'
};
</script>
<?php
echo recaptcha_get_html('6LeZNOUSAAAAALQAQuZXkMq-kI0ZOnaCb-YMP5z1');
?>
<br />
<label>All fields are required</label>
static function data_object($task, $object = null)
{
$data = new stdClass();
$inputs = array('type' => 'content_type', 'title' => 'content_title', 'address' => 'content_address', 'lat' => 'content_lat', 'lng' => 'content_lng', 'start' => 'content_start', 'end' => 'content_end', 'license' => 'content_license', 'enabled' => 'content_enabled', 'text' => 'content_text');
if ('content_add' == $task && MGet::string('content_type')) {
if ('post' == MGet::string('content_type')) {
$inputs['title'] = 'post_title';
$inputs['license'] = 'post_license';
}
if ('place' == MGet::string('content_type')) {
$inputs['title'] = 'place_title';
$inputs['license'] = 'place_license';
}
if ('event' == MGet::string('content_type')) {
$inputs['title'] = 'event_title';
$inputs['start'] = 'event_start';
$inputs['end'] = 'event_end';
$inputs['license'] = 'event_license';
}
}
$data->id = 0;
if ($object && method_exists($object, 'get_id')) {
$data->id = $object->get_id();
}
if (MGet::string($inputs['type'])) {
$data->type = MGet::string($inputs['type']);
} elseif ($object && method_exists($object, 'get_type')) {
$data->type = $object->get_type();
}
$data->title = '';
if (MGet::string($inputs['title'])) {
$data->title = MGet::string($inputs['title']);
} elseif ($object && method_exists($object, 'get_title')) {
$data->title = $object->get_title();
}
$data->address = '';
if (MGet::string($inputs['address'])) {
$data->address = MGet::string($inputs['address']);
} elseif ($object && method_exists($object, 'get_address')) {
$data->address = $object->get_address();
}
$data->lat = '';
if (MGet::double($inputs['lat'])) {
$data->lat = MGet::double($inputs['lat']);
} elseif ($object && method_exists($object, 'get_lat')) {
$data->lat = $object->get_lat();
}
$data->lng = '';
if (MGet::double($inputs['lng'])) {
$data->lng = MGet::double($inputs['lng']);
} elseif ($object && method_exists($object, 'get_lng')) {
$data->lng = $object->get_lng();
}
$data->start = '';
if (MGet::string($inputs['start'])) {
$data->start = MGet::string($inputs['start']);
} elseif ($object && method_exists($object, 'get_start')) {
$data->start = $object->get_start();
}
$data->end = '';
if (MGet::string($inputs['end'])) {
$data->end = MGet::string($inputs['end']);
} elseif ($object && method_exists($object, 'get_end')) {
$data->end = $object->get_end();
}
$data->license = 0;
if (MGet::int($inputs['license'])) {
$data->license = MGet::int($inputs['license']);
} elseif ($object && method_exists($object, 'get_license')) {
$data->license = $object->get_license();
}
$data->enabled = false;
if (MGet::int($inputs['enabled']) && 1 == MGet::int($inputs['enabled'])) {
$data->enabled = true;
} elseif ($object && method_exists($object, 'is_enabled') && $object->is_enabled()) {
$data->enabled = true;
}
$data->text = '';
if (MGet::string($inputs['text'])) {
$data->text = MGet::string($inputs['text']);
} elseif ($object && method_exists($object, 'get_text')) {
$data->text = $object->get_text();
}
$data->hits = '';
if ($object && method_exists($object, 'get_hits')) {
$data->hits = $object->get_hits();
}
$data->parent = '';
if ($object && method_exists($object, 'get_parent')) {
$data->parent = $object->get_parent();
}
$data->language = '';
if ($object && method_exists($object, 'get_language')) {
$data->language = $object->get_language();
}
$data->categories = array();
if ($object && method_exists($object, 'get_categories')) {
$data->categories = $object->get_categories();
}
$data->meta = array();
if ($object && method_exists($object, 'get_meta')) {
$data->meta = $object->get_meta();
}
$data->media = array();
if ($object && method_exists($object, 'get_media')) {
$data->media = $object->get_media();
}
$data->created = array();
if ($object && method_exists($object, 'created')) {
$data->created = $object->created();
}
$data->modified = array();
if ($object && method_exists($object, 'modified')) {
$data->modified = $object->modified();
}
return $data;
}
