/**
* Constructor
*
* @param Controller $controller The parent controller, necessary to
* create the appropriate form action tag.
* @param string $name The method on the controller that will return this
* form object.
* @param FieldSet|FormField $fields All of the fields in the form - a
* {@link FieldSet} of {@link FormField}
* objects.
* @param FieldSet|FormAction $actions All of the action buttons in the
* form - a {@link FieldSet} of
* {@link FormAction} objects
* @param bool $checkCurrentUser If set to TRUE, it will be checked if a
* the user is currently logged in, and if
* so, only a logout button will be rendered
* @param string $authenticatorClassName Name of the authenticator class that this form uses.
*/
function __construct($controller, $name, $fields = null, $actions = null,
$checkCurrentUser = true) {
// This is now set on the class directly to make it easier to create subclasses
// $this->authenticator_class = $authenticatorClassName;
$customCSS = project() . '/css/member_login.css';
if(Director::fileExists($customCSS)) {
Requirements::css($customCSS);
}
// Focus on the email input when the page is loaded
Requirements::customScript("
(function($){
$(document).ready(function() {
$('#Email input').focus();
});
})(jQuery);
");
if(isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = Session::get('BackURL');
}
if($checkCurrentUser && Member::currentUserID()) {
$fields = new FieldSet();
$actions = new FieldSet(new FormAction("logout", _t('Member.BUTTONLOGINOTHER', "Log in as someone else")));
} else {
if(!$fields) {
$fields = new FieldSet(
new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this),
new TextField("Email", _t('Member.EMAIL', 'Email'), Session::get('SessionForms.MemberLoginForm.Email'), null, $this),
new PasswordField("Password", _t('Member.PASSWORD', 'Password'))
);
if(Security::$autologin_enabled) {
$fields->push(new CheckboxField(
"Remember",
_t('Member.REMEMBERME', "Remember me next time?")
));
}
}
if(!$actions) {
$actions = new FieldSet(
new FormAction('dologin', _t('Member.BUTTONLOGIN', "Log in")),
new LiteralField(
'forgotPassword',
'<p id="ForgotPassword"><a href="Security/lostpassword">' . _t('Member.BUTTONLOSTPASSWORD', "I've lost my password") . '</a></p>'
)
);
}
}
if(isset($backURL)) {
$fields->push(new HiddenField('BackURL', 'BackURL', $backURL));
}
parent::__construct($controller, $name, $fields, $actions);
}
/**
* If profile editing is disabled, but the current user can add members,
* just link directly to the add action.
*
* @param string $action
*/
public function Link($action = null)
{
if (!$action && Member::currentUserID() && !$this->AllowProfileEditing && $this->CanAddMembers()) {
$action = 'add';
}
return parent::Link($action);
}
/**
* Set the owner automatically if needed
*/
protected function onBeforeWrite()
{
parent::onBeforeWrite();
if (!$this->OwnerID) {
$this->OwnerID = Member::currentUserID();
}
}
/**
* This does not actually perform any validation, but just creates the
* initial registration object.
*/
public function validateStep($data, $form)
{
$form = $this->getForm();
$datetime = $form->getController()->getDateTime();
$confirmation = $datetime->Event()->RegEmailConfirm;
$registration = $this->getForm()->getSession()->getRegistration();
// If we require email validation for free registrations, then send
// out the email and mark the registration. Otherwise immediately
// mark it as valid.
if ($confirmation) {
$email = new Email();
$config = SiteConfig::current_site_config();
$registration->TimeID = $datetime->ID;
$registration->Status = 'Unconfirmed';
$registration->write();
if (Member::currentUserID()) {
$details = array('Name' => Member::currentUser()->getName(), 'Email' => Member::currentUser()->Email);
} else {
$details = $form->getSavedStepByClass('EventRegisterTicketsStep');
$details = $details->loadData();
}
$link = Controller::join_links($this->getForm()->getController()->Link(), 'confirm', $registration->ID, '?token=' . $registration->Token);
$regLink = Controller::join_links($datetime->Event()->Link(), 'registration', $registration->ID, '?token=' . $registration->Token);
$email->setTo($details['Email']);
$email->setSubject(sprintf('Confirm Registration For %s (%s)', $datetime->getTitle(), $config->Title));
$email->setTemplate('EventRegistrationConfirmationEmail');
$email->populateTemplate(array('Name' => $details['Name'], 'Registration' => $registration, 'RegLink' => $regLink, 'Title' => $datetime->getTitle(), 'SiteConfig' => $config, 'ConfirmLink' => Director::absoluteURL($link)));
$email->send();
Session::set("EventRegistration.{$registration->ID}.message", $datetime->Event()->EmailConfirmMessage);
} else {
$registration->Status = 'Valid';
$registration->write();
}
return true;
}
public function load($request)
{
$response = new SS_HTTPResponse();
$response->addHeader('Content-Type', 'application/json');
$response->setBody(Convert::array2json(array("_memberID" => Member::currentUserID())));
return $response;
}
public function getCMSFields()
{
$fields = new FieldList();
$_REQUEST['entity_survey'] = 1;
$fields->add(new TextField('EntityName', 'Entity Name (Without Spaces)'));
$fields->add(new CheckboxField('Enabled', 'Is Enabled?'));
$fields->add(new CheckboxField('UseTeamEdition', 'Allow Team Edition?'));
$fields->add(new HiddenField('CreatedByID', 'CreatedByID', Member::currentUserID()));
$fields->add(new HiddenField('ParentID', 'ParentID'));
//steps
if ($this->ID > 0) {
$_REQUEST['survey_template_id'] = $this->ID;
// steps
$config = GridFieldConfig_RecordEditor::create();
$config->removeComponentsByType('GridFieldAddNewButton');
$multi_class_selector = new GridFieldAddNewMultiClass();
$multi_class_selector->setClasses(array('SurveyRegularStepTemplate' => 'Regular Step'));
$config->addComponent($multi_class_selector);
$config->addComponent(new GridFieldSortableRows('Order'));
$gridField = new GridField('Steps', 'Steps', $this->Steps(), $config);
$fields->add($gridField);
$config = GridFieldConfig_RecordEditor::create();
$config->removeComponentsByType('GridFieldAddNewButton');
$multi_class_selector = new GridFieldAddNewMultiClass();
$migration_mapping_types = array('OldDataModelSurveyMigrationMapping' => 'Old Survey Data Mapping');
$multi_class_selector->setClasses($migration_mapping_types);
$config->addComponent($multi_class_selector);
$gridField = new GridField('MigrationMappings', 'Migration Mappings', $this->MigrationMappings(), $config);
$fields->add($gridField);
}
return $fields;
}
/**
* If profile editing is disabled, but the current user can add members,
* just link directly to the add action.
*
* @param string $action
*/
public function Link($action = null)
{
if (!$action && Member::currentUserID() && !$this->AllowProfileEditing && $this->AllowAdding && singleton('Member')->canCreate()) {
$action = 'add';
}
return parent::Link($action);
}
public function init()
{
if (!Member::currentUserID() || !Permission::check($this->config()->access_permission)) {
return Security::permissionFailure($this);
}
parent::init();
}
public function init()
{
parent::init();
if (!Member::currentUserID()) {
$this->redirect('Security/login?BackURL=' . $this->getRequest()->getVar('url'));
}
}
public function validateStep($data, $form)
{
Session::set("FormInfo.{$form->FormName()}.data", $form->getData());
$payment = $data['PaymentMethod'];
$tickets = $this->getForm()->getSavedStepByClass('EventRegisterTicketsStep');
$total = $tickets->getTotal();
$registration = $this->form->getSession()->getRegistration();
if (!is_subclass_of($payment, 'Payment')) {
return false;
}
$payment = new $payment();
$payment->Amount = $total;
$payment->PaidForClass = 'EventRegistration';
$payment->PaidForID = $registration->ID;
$payment->PaidBy = Member::currentUserID();
$payment->write();
$registration->PaymentID = $payment->ID;
$registration->write();
$result = $payment->processPayment($data, $form);
if ($result->isProcessing()) {
throw new SS_HTTPResponse_Exception($result->getValue());
}
if (!$result->isSuccess()) {
$form->sessionMessage($result->getValue(), 'required');
return false;
}
// Write an empty registration object so we have an ID to reference the
// payment against. This will be populated in the form's finish() method.
$registration->Status = 'Valid';
$registration->write();
Session::set("EventRegistration.{$registration->ID}.message", strip_tags($payment->Message));
return true;
}
/**
* Controller inititalisation
* Check if user is logged in, if not redirect to login form
*/
public function init()
{
parent::init();
if (!Member::currentUserID()) {
Security::permissionFailure();
}
}
public function onBeforeSave()
{
parent::onBeforeSave();
if (!$this->ID) {
$this->AuthorID = Member::currentUserID();
}
}
/**
* Display the current security token (allowing regeneration for an administrator).
*/
public function updateEditForm(&$form)
{
// Determine whether the security section is being used.
if ($this->owner instanceof SecurityAdmin) {
$gridfield = null;
foreach ($form->fields->items[0]->Tabs()->first()->Fields() as $field) {
if ($field instanceof GridField) {
$gridfield = $field;
break;
}
}
} else {
$gridfield = $form->fields->items[0];
}
if (isset($gridfield) && $gridfield instanceof GridField) {
// Restrict the security token to administrators.
$user = Member::currentUserID();
if (Permission::checkMember($user, 'ADMIN')) {
Requirements::css(APIWESOME_PATH . '/css/apiwesome.css');
// Display a confirmation message when regenerating the security token.
Requirements::javascript(APIWESOME_PATH . '/javascript/apiwesome.js');
$configuration = $gridfield->config;
$configuration->addComponent(new APIwesomeTokenView());
}
}
}
/**
* Constructor
*
* @param Controller $controller The parent controller, necessary to
* create the appropriate form action tag.
* @param string $name The method on the controller that will return this
* form object.
* @param FieldSet|FormField $fields All of the fields in the form - a
* {@link FieldSet} of {@link FormField}
* objects.
* @param FieldSet|FormAction $actions All of the action buttons in the
* form - a {@link FieldSet} of
* {@link FormAction} objects
* @param bool $checkCurrentUser If set to TRUE, it will be checked if a
* the user is currently logged in, and if
* so, only a logout button will be rendered
*/
function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true)
{
$this->authenticator_class = 'MemberAuthenticator';
$customCSS = project() . '/css/member_login.css';
if (Director::fileExists($customCSS)) {
Requirements::css($customCSS);
}
if (isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = Session::get('BackURL');
}
if ($checkCurrentUser && Member::currentUserID()) {
$fields = new FieldSet();
$actions = new FieldSet(new FormAction("logout", _t('Member.BUTTONLOGINOTHER', "Log in as someone else")));
} else {
if (!$fields) {
$fields = new FieldSet(new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this), new TextField("Email", _t('Member.EMAIL'), Session::get('SessionForms.MemberLoginForm.Email'), null, $this), new EncryptField("Password", _t('Member.PASSWORD'), null, $this), new CheckboxField("Remember", _t('Member.REMEMBERME', "Remember me next time?"), Session::get('SessionForms.MemberLoginForm.Remember'), $this));
}
if (!$actions) {
$actions = new FieldSet(new FormAction("dologin", _t('Member.BUTTONLOGIN', "Log in")), new FormAction("forgotPassword", _t('Member.BUTTONLOSTPASSWORD', "I've lost my password")));
}
}
if (isset($backURL)) {
$fields->push(new HiddenField('BackURL', 'BackURL', $backURL));
}
parent::__construct($controller, $name, $fields, $actions);
}
/**
* Attempt to login
* @param {stdClass} $data Data passed from ActionScript
* @return {array} Returns a standard response array
*/
public function login($data)
{
$response = CodeBank_ClientAPI::responseBase();
$response['login'] = true;
//Try to login
$member = MemberAuthenticator::authenticate(array('Email' => $data->user, 'Password' => $data->pass));
if ($member instanceof Member && $member->ID != 0 && Permission::check('CODE_BANK_ACCESS', 'any', $member)) {
try {
$member->logIn();
$ipAgrement = CodeBankConfig::CurrentConfig()->IPAgreement;
//Get preferences
$prefs = new stdClass();
$prefs->heartbeat = $member->UseHeartbeat;
//Set the response to HELO
$response['status'] = 'HELO';
$response['message'] = _t('CodeBankAPI.WELCOME_USER', '_Welcome {user}', array('user' => htmlentities($member->Name)));
//Set the message to "Welcome ...."
$response['data'] = array('id' => Member::currentUserID(), 'hasIPAgreement' => !empty($ipAgrement), 'preferences' => $prefs, 'isAdmin' => Permission::check('ADMIN') !== false, 'displayName' => trim($member->Name) == '' ? $member->Email : trim($member->Name));
} catch (Exception $e) {
//Something happend on the server
$response['status'] = 'EROR';
$response['message'] = _t('CodeBankAPI.SERVER_ERROR', '_Server error has occured, please try again later');
}
} else {
//Bad username/pass combo
$response['status'] = 'EROR';
$response['message'] = _t('CodeBankAPI.INVALID_LOGIN', '_Invalid Login');
}
return $response;
}
/**
* Constructor
*
* @param Controller $controller The parent controller, necessary to
* create the appropriate form action tag.
* @param string $name The method on the controller that will return this
* form object.
* @param FieldSet|FormField $fields All of the fields in the form - a
* {@link FieldSet} of {@link FormField}
* objects.
* @param FieldSet|FormAction $actions All of the action buttons in the
* form - a {@link FieldSet} of
* {@link FormAction} objects
* @param bool $checkCurrentUser If set to TRUE, it will be checked if a
* the user is currently logged in, and if
* so, only a logout button will be rendered
*/
function __construct($controller, $name, $fields = null, $actions = null, $checkCurrentUser = true)
{
$this->authenticator_class = 'OpenIDAuthenticator';
Requirements::themedCSS('openid_login');
if (isset($_REQUEST['BackURL'])) {
$backURL = $_REQUEST['BackURL'];
} else {
$backURL = Session::get('BackURL');
}
if ($checkCurrentUser && Member::currentUserID()) {
$fields = new FieldSet();
$actions = new FieldSet(new FormAction("logout", _t('Member.BUTTONLOGINOTHER')));
} else {
if (!$fields) {
$fields = new FieldSet(new LiteralField("OpenIDDescription", _t('OpenIDLoginForm.DESC', '<div id="OpenIDDescription"><p>OpenID is an Internet-wide identity system
that allows you to sign in to many websites with a single account.
For more information visit <a href="http://openid.net">openid.net</a>.</p></div>
')), new HiddenField("AuthenticationMethod", null, $this->authenticator_class, $this), new TextField("OpenIDURL", _t('OpenIDLoginForm.URL', "OpenID URL"), Session::get('SessionForms.OpenIDLoginForm.OpenIDURL'), null, $this), new CheckboxField("Remember", _t('Member.REMEMBERME'), Session::get('SessionForms.OpenIDLoginForm.Remember'), $this));
}
if (!$actions) {
$actions = new FieldSet(new FormAction("dologin", _t('Member.BUTTONLOGIN')));
}
}
if (isset($backURL)) {
$fields->push(new HiddenField('BackURL', 'BackURL', $backURL));
}
parent::__construct($controller, $name, $fields, $actions);
}
protected function onBeforeWrite()
{
parent::onBeforeWrite();
if ($this->getIdentifier() === 0) {
$this->OwnerID = Member::currentUserID();
}
}
function doSave($data, $form)
{
if (isset($data['Password']) && is_array($data['Password'])) {
$data['Password'] = $data['Password']['_Password'];
}
// We need to ensure that the unique field is never overwritten
$uniqueField = Member::get_unique_identifier_field();
if (isset($data[$uniqueField])) {
$SQL_unique = Convert::raw2sql($data[$uniqueField]);
$existingUniqueMember = Member::get()->filter(array($uniqueField => $SQL_unique))->first();
if ($existingUniqueMember && $existingUniqueMember->exists()) {
if (Member::currentUserID() != $existingUniqueMember->ID) {
die("current member does not match enrolled member.");
return false;
}
}
}
$member = Member::currentUser();
if (!$member) {
$member = new Member();
}
$member->update($data);
$member->write();
$arrayExtraFields = array();
if (isset($data["SelectedOption"])) {
$arrayExtraFields["SelectedOption"] = $data["SelectedOption"];
}
if (isset($data["BookingCode"])) {
$arrayExtraFields["BookingCode"] = $data["BookingCode"];
}
$this->controller->addAttendee($member, $arrayExtraFields);
$this->redirect($this->getController()->Link("thankyou"));
return;
}
/**
* @param Order $order
* @param array $data
*
* @throws ValidationException
*/
public function validateData(Order $order, array $data)
{
$result = ValidationResult::create();
$existingID = !empty($data[$this->addresstype . "AddressID"]) ? (int) $data[$this->addresstype . "AddressID"] : 0;
if ($existingID) {
// If existing address selected, check that it exists in $member->AddressBook
if (!Member::currentUserID() || !Member::currentUser()->AddressBook()->byID($existingID)) {
$result->error("Invalid address supplied", $this->addresstype . "AddressID");
throw new ValidationException($result);
}
} else {
// Otherwise, require the normal address fields
$required = parent::getRequiredFields($order);
$addressLabels = singleton('Address')->fieldLabels(false);
foreach ($required as $fieldName) {
if (empty($data[$fieldName])) {
// attempt to get the translated field name
$fieldLabel = isset($addressLabels[$fieldName]) ? $addressLabels[$fieldName] : $fieldName;
$errorMessage = _t('Form.FIELDISREQUIRED', '{name} is required', array('name' => $fieldLabel));
$result->error($errorMessage, $fieldName);
throw new ValidationException($result);
}
}
}
}
public function onBeforeWrite()
{
if ($this->owner->CreatorID == 0) {
$this->owner->CreatorID = Member::currentUserID();
}
$this->owner->LastEditorID = Member::currentUserID();
}
public function handleGetAllPresentations(SS_HTTPRequest $r)
{
$limit = $r->getVar('limit') ?: 50;
if ($limit > 50) {
$limit = 50;
}
$start = $r->getVar('page') ?: 0;
$presentations = Member::currentUser() ? Member::currentUser()->getRandomisedPresentations() : Presentation::get()->filter(array('SummitEvent.SummitID' => Summit::get_active()->ID));
if ($r->getVar('category')) {
$presentations = $presentations->filter('CategoryID', (int) $r->getVar('category'));
}
if ($r->getVar('keyword')) {
$k = $r->getVar('keyword');
$presentations = $presentations->filterAny(array('Title:PartialMatch' => $k, 'Description:PartialMatch' => $k, 'Speakers.FirstName:PartialMatch' => $k, 'Speakers.LastName:PartialMatch' => $k));
}
if ($r->getVar('voted') == "true") {
$presentations = $presentations->leftJoin("PresentationVote", "PresentationVote.PresentationID = Presentation.ID")->where("IFNULL(PresentationVote.MemberID,0) = " . Member::currentUserID());
}
if ($r->getVar('voted') == "false") {
$presentations = $presentations->leftJoin("PresentationVote", "PresentationVote.PresentationID = Presentation.ID")->where("IFNULL(PresentationVote.MemberID,0) != " . Member::currentUserID());
}
$count = $presentations->count();
$presentations = $presentations->limit($limit, $start * $limit);
$data = array('results' => array(), 'has_more' => $count > $limit * ($start + 1), 'total' => $count, 'remaining' => $count - $limit * ($start + 1));
foreach ($presentations as $p) {
$data['results'][] = array('id' => $p->ID, 'title' => $p->Title, 'user_vote' => $p->getUserVote() ? $p->getUserVote()->Vote : null);
}
return (new SS_HTTPResponse(Convert::array2json($data), 200))->addHeader('Content-Type', 'application/json');
}
/**
* constructor
*
* @param Controller $controller the controller object
* @param array $params additional parameters
* @param array $preferences array with preferences
* @param bool $barebone is the form initialized completely?
*
* @return void
*
* @author Sebastian Diel <*****@*****.**>,
* Sascha Koehler <*****@*****.**>
* @since 15.11.2014
*/
public function __construct($controller, $params = null, $preferences = null, $barebone = false)
{
parent::__construct($controller, $params, $preferences, $barebone);
if (!$barebone) {
/*
* redirect a user if his cart is empty and no order exists
*/
$checkoutData = $this->controller->getCombinedStepData();
if (!SilvercartCustomer::currentUser() || !SilvercartCustomer::currentUser()->getCart()->isFilled() && !array_key_exists('orderId', $checkoutData)) {
$frontPage = SilvercartPage_Controller::PageByIdentifierCode();
$this->getController()->redirect($frontPage->RelativeLink());
}
if (Member::currentUserID() > 0) {
foreach ($this->getAllowedPaymentMethods() as $paymentMethod) {
if ($paymentMethod->getNestedFormName()) {
$formName = $paymentMethod->getNestedFormName();
} else {
$formName = "SilvercartCheckoutFormStep4DefaultPayment";
}
$params = array('PaymentMethod' => $paymentMethod->ID);
$preferences = array('submitButtonTitle' => sprintf(_t('SilvercartCheckoutFormStep4.CHOOSE_PAYMENT_METHOD', 'I want to pay with %s'), $paymentMethod->Name));
$registeredNestedForm = new $formName($this->controller, $params, $preferences, $barebone);
$this->registerCustomHtmlForm($formName . $paymentMethod->ID, $registeredNestedForm);
$this->addRegisteredNestedForm($registeredNestedForm);
}
}
}
}
public function BillingHistory()
{
$billingHistory = new ArrayList();
$orders = Order::get()->filter(array('MemberID' => Member::currentUserID(), 'OrderStatus' => 'c'))->sort('Created');
foreach ($orders as $order) {
$productId = $order->ProductID;
if (($productId == 1 || $productId == 2 || $productId == 3) && $order->IsTrial == 1) {
$productDesc = 'First Month Trial';
} else {
$product = Product::get()->byID($productId);
$productDesc = $product->Name;
}
$creditCard = $order->CreditCard();
$ccNumber = 'XXXX-XXXX-XXXX-' . substr($creditCard->CreditCardNumber, -4);
$orderDetails = array('Date' => $order->Created, 'Description' => $productDesc, 'CCType' => strtoupper($creditCard->CreditCardType), 'CCNumber' => $ccNumber, 'Amount' => $order->Amount);
$billingHistory->push(new ArrayData($orderDetails));
}
$memBillHistory = MemberBillingHistory::get()->filter('MemberID', Member::currentUserID())->sort('Created');
foreach ($memBillHistory as $history) {
$creditCard = $history->CreditCard();
$ccNumber = 'XXXX-XXXX-XXXX-' . substr($creditCard->CreditCardNumber, -4);
$details = array('Date' => $history->Created, 'Description' => $history->Product()->Name, 'CCType' => strtoupper($creditCard->CreditCardType), 'CCNumber' => $ccNumber, 'Amount' => $history->Product()->RecurringPrice);
$billingHistory->push(new ArrayData($details));
}
$sortedBillingHistory = $billingHistory->sort('Date');
return $sortedBillingHistory;
}
public function onBeforeWrite()
{
if (!$this->AuthorID) {
$this->AuthorID = Member::currentUserID();
}
parent::onBeforeWrite();
}
/**
* Attempt to regenerate the current security token.
*/
public function regenerateToken()
{
// Restrict this functionality to administrators.
$user = Member::currentUserID();
if (Permission::checkMember($user, 'ADMIN')) {
// Attempt to create a random hash.
$regeneration = $this->service->generateHash();
if ($regeneration) {
// Instantiate the new security token.
$token = APIwesomeToken::create();
$token->Hash = $regeneration['hash'];
$token->AdministratorID = $user;
$token->write();
// Temporarily use the session to display the new security token key.
Session::set('APIwesomeToken', "{$regeneration['key']}:{$regeneration['salt']}");
} else {
// Log the failed security token regeneration.
SS_Log::log('APIwesome security token regeneration failed.', SS_Log::ERR);
Session::set('APIwesomeToken', -1);
}
// Determine where the request came from.
$from = $this->getRequest()->getVar('from');
$redirect = $from ? $from : 'admin/json-xml/';
return $this->redirect($redirect);
} else {
return $this->httpError(404);
}
}
public function transition($request)
{
if (!Member::currentUserID()) {
return Security::permissionFailure($this, _t('AdvancedWorkflowActionController.ACTION_ERROR', "You must be logged in"));
}
$id = $this->request->requestVar('id');
$transition = $this->request->requestVar('transition');
$instance = DataObject::get_by_id('WorkflowInstance', (int) $id);
if ($instance && $instance->canEdit()) {
$transition = DataObject::get_by_id('WorkflowTransition', (int) $transition);
if ($transition) {
if ($this->request->requestVar('comments')) {
$action = $instance->CurrentAction();
$action->Comment = $this->request->requestVar('comments');
$action->write();
}
singleton('WorkflowService')->executeTransition($instance->getTarget(), $transition->ID);
$result = array('success' => true, 'link' => $instance->getTarget()->AbsoluteLink());
if (Director::is_ajax()) {
return Convert::raw2json($result);
} else {
return $this->redirect($instance->getTarget()->Link());
}
}
}
if (Director::is_ajax()) {
$result = array('success' => false);
return Convert::raw2json($result);
} else {
$this->redirect($instance->getTarget()->Link());
}
}
/**
* Send email to subscribers, notifying them the thread has been created or post added.
*/
public function notifySubscribers()
{
// all members id except current user
$member_id = Member::currentUserID();
$list = DataObject::get("Forum_Subscribers", "\"ForumID\" = '" . $this->owner->ForumID . "' AND \"MemberID\" != '{$member_id}'");
if ($list) {
foreach ($list as $obj) {
$SQL_id = Convert::raw2sql((int) $obj->MemberID);
// Get the members details
$member = DataObject::get_one("Member", "\"Member\".\"ID\" = '{$SQL_id}'");
if ($member) {
//error_log("email sent ".$member->Email);
$type = $obj->Type;
switch ($type) {
// send all email notification
case 'all':
$this->createEmail($member);
break;
// send new thread only email notification
// send new thread only email notification
case 'thread':
//if($this->owner->isFirstPost()){
$this->createEmail($member);
//}
break;
//
//
default:
break;
}
}
}
}
}
/**
* Save json content in database
*
* @return boolean
*/
public function saveJson()
{
$ExtensionData = new ExtensionData();
$ExtensionData->SubmittedByID = Member::currentUserID();
$result = $this->dataFields($ExtensionData);
return $result;
}
public function init()
{
if (!$this->currentDashboard) {
Restrictable::set_enabled(false);
if (Member::currentUserID()) {
Restrictable::set_enabled(true);
$this->currentDashboard = $this->getDashboard();
}
Restrictable::set_enabled(true);
}
parent::init();
if ($this->currentDashboard && !$this->currentDashboard->checkPerm('View')) {
if (!Member::currentUserID() && !$this->redirectedTo()) {
Security::permissionFailure($this, "You must be logged in");
return;
}
}
Requirements::block(THIRDPARTY_DIR . '/jquery/jquery.js');
Requirements::javascript('frontend-dashboards/javascript/jquery-1.10.2.min.js');
Requirements::javascript(THIRDPARTY_DIR . '/jquery-ui/jquery-ui.js');
Requirements::javascript(THIRDPARTY_DIR . '/jquery-form/jquery.form.js');
Requirements::javascript(THIRDPARTY_DIR . '/jquery-entwine/dist/jquery.entwine-dist.js');
Requirements::javascript('frontend-dashboards/thirdparty/jquery-cookie/jquery.cookie.js');
Requirements::javascript(FRAMEWORK_DIR . '/javascript/jquery-ondemand/jquery.ondemand.js');
Requirements::javascript('frontend-dashboards/javascript/dashboards.js');
Requirements::javascript('frontend-dashboards/javascript/dashboard-dialogs.js');
Requirements::css('frontend-dashboards/css/dashboards.css');
Requirements::javascript('frontend-dashboards/javascript/jquery.gridster.js');
Requirements::css('frontend-dashboards/css/jquery.gridster.css');
// Requirements::javascript('frontend-dashboards/javascript/jquery.gridly.js');
// Requirements::css('frontend-dashboards/css/jquery.gridly.css');
}
public function authenticate(SS_HTTPRequest $request)
{
$token = $this->getToken($request);
$user = null;
if (!Member::currentUserID() && !$this->allowPublicAccess || $token) {
if (!$token) {
throw new WebServiceException(403, "Missing token parameter");
}
$user = $this->tokenAuthenticator->authenticate($token);
if (!$user) {
throw new WebServiceException(403, "Invalid user token");
}
} else {
if ($this->allowSecurityId && Member::currentUserID()) {
// we check the SecurityID parameter for the current user
$secParam = SecurityToken::inst()->getName();
$securityID = $request->requestVar($secParam);
if ($securityID && $securityID != SecurityToken::inst()->getValue()) {
throw new WebServiceException(403, "Invalid security ID");
}
$user = Member::currentUser();
}
}
if (!$user && !$this->allowPublicAccess) {
throw new WebServiceException(403, "Invalid request");
}
// now, if we have an hmacValidator in place, use it
if ($this->hmacValidator && $user) {
if (!$this->hmacValidator->validateHmac($user, $request)) {
throw new WebServiceException(403, "Invalid message");
}
}
return true;
}
