function __construct($cb, $page_id, $title, $page_template = "homepage_pa.tpl", $header_template = "header.tpl", $default_mode = PRI, $default_block_type = HOMEPAGE, $network_info_ = NULL, $onload = NULL, $setting_data = NULL)
{
global $app, $page;
if (PA::$profiler) {
PA::$profiler->startTimer('PageRenderer_init');
}
// we may want to know the page_tpe elsewhere too
PA::$config->page_type = $page_id;
// NOTE: PA::$config->page_type var = $page_id and should be removed!
$this->page_id = $page_id;
$this->debugging = isset($_GET['debug']);
$this->page_template = $page_template;
$this->top_navigation_template = 'top_navigation_bar.tpl';
//TO DO: Remove this hardcoded text afterwards
$this->header_template = $header_template;
//settings for current network
$this->network_info = $network_info_ ? $network_info_ : PA::$network_info;
//FIXME: does this have to be a parameter? can't we just always use the global PA::$network_info?
$this->module_arrays = array();
// the function hide_message_window is added here
// so whenever html page is loaded the message window's ok button gets focus
// here if previouly some function is defined as
// onload = "ajax_call_method(ajax_titles, $uid, ajax_urls);"
// now it will look like
// onload = "ajax_call_method(ajax_titles, $uid, ajax_urls); hide_message_window();"
$this->onload = "{$onload} hide_message_window('confirm_btn');";
$this->page_title = $title;
$this->html_body_attributes = "";
// default settings for the tiers
$this->main_tier = @$_GET['tier_one'];
$this->second_tier = @$_GET['tier_two'];
$this->third_tier = @$_GET['tier_three'];
$navigation = new Navigation();
$this->navigation_links = $navigation->get_links();
$this->message_count = null;
if (!isset(PA::$login_uid)) {
PA::$login_uid = @$_SESSION['user']['id'];
}
if (PA::$login_uid) {
$this->message_count = Message::get_new_msg_count(PA::$login_uid);
}
if (!isset($dynamic_page)) {
$dynamic_page = new DynamicPage($this->page_id);
if (!is_object($dynamic_page) or !$dynamic_page->docLoaded) {
throw new Exception("Page XML config file for page ID: {$page_id} - not found!");
}
$dynamic_page->initialize();
}
if (false !== strpos($dynamic_page->page_type, 'group') && (!empty($_REQUEST['gid']) || !empty($_REQUEST['ccid']))) {
// page is a group page - get group module settings
$_gr_id = !empty($_REQUEST['gid']) ? $_REQUEST['gid'] : $_REQUEST['ccid'];
$this->setting_data = ModuleSetting::load_setting($this->page_id, $_gr_id, 'group');
$this->page_template = $this->setting_data['page_template'];
if (empty($this->setting_data['access_permission'])) {
// no permissions required to access page
$access_permission = true;
} else {
$access_permission = PermissionsHandler::can_group_user(PA::$login_uid, $_gr_id, array('permissions' => $this->setting_data['access_permission']));
}
} else {
if (false !== strpos($dynamic_page->page_type, 'user') && !empty(PA::$login_uid)) {
// page is an user page - get user module settings
// echo "POSTING TO USER PAGE"; die();
$this->setting_data = ModuleSetting::load_setting($this->page_id, PA::$login_uid, 'user');
$this->page_template = $this->setting_data['page_template'];
if (empty($this->setting_data['access_permission'])) {
// no permissions required to access page
$access_permission = true;
} else {
$access_permission = PermissionsHandler::can_user(PA::$login_uid, array('permissions' => $this->setting_data['access_permission']));
}
} else {
// page is a network page - get network module settings
$this->setting_data = ModuleSetting::load_setting($this->page_id, PA::$network_info->network_id, 'network');
$this->page_template = $this->setting_data['page_template'];
if (empty($this->setting_data['access_permission'])) {
// no permissions required to access page
$access_permission = true;
} else {
$access_permission = PermissionsHandler::can_network_user(PA::$login_uid, PA::$network_info->network_id, array('permissions' => $this->setting_data['access_permission']));
}
}
}
$this->page = new Template(CURRENT_THEME_FSPATH . "/" . $this->page_template);
$this->page->set('current_theme_path', PA::$theme_url);
$this->page->set('current_theme_rel_path', PA::$theme_rel);
// Loading the templates variables for the Outer templates files
$this->page->set('outer_class', get_class_name(PA::$config->page_type));
$this->top_navigation_bar = new Template(CURRENT_THEME_FSPATH . "/" . $this->top_navigation_template);
$this->top_navigation_bar->set('current_theme_path', PA::$theme_url);
$this->top_navigation_bar->set('current_theme_rel_path', PA::$theme_rel);
$this->top_navigation_bar->set('navigation_links', $this->navigation_links);
$this->setHeader($this->header_template);
$this->footer = new Template(CURRENT_THEME_FSPATH . "/footer.tpl");
$this->footer->set('current_theme_path', PA::$theme_url);
$this->footer->set('page_name', $title);
$page = $this;
$this->preInitialize($this->setting_data);
$this->initNew($cb, $default_mode, $default_block_type, $this->setting_data);
if (!$access_permission) {
$configure = unserialize(ModuleData::get('configure'));
if (PA::logged_in()) {
$redir_url = PA::$url . PA_ROUTE_USER_PRIVATE;
} else {
if (!isset($configure['show_splash_page']) || $configure['show_splash_page'] == INACTIVE) {
$redir_url = PA::$url . '/' . FILE_LOGIN;
} else {
$redir_url = PA::$url;
}
}
$er_msg = urlencode("Sorry! you are not authorized to to access this page.");
$this->showDialog($er_msg, $type = 'error', $redir_url, 10);
}
if (PA::$profiler) {
PA::$profiler->stopTimer('PageRenderer_init');
}
}
public function getCurrentUser()
{
global $page_uid, $page_user, $login_uid, $login_name, $login_user;
require_once "api/User/User.php";
session_start();
PA::$login_uid = NULL;
PA::$login_user = NULL;
$login_uid = NULL;
$login_name = NULL;
$login_user = NULL;
$this->CurrUser = isset($_SESSION['user']) ? $_SESSION['user'] : null;
// Check if an authToken variable in GET and use it if available
$authToken = isset($_GET['authToken']) ? $_GET['authToken'] : null;
if ($authToken) {
try {
$user = new User();
$user = $this->getUserFromAuthToken($authToken);
if ($user && $user->user_id) {
// User is valid so log_in the user
// Since we know that AuthToken was passed into the URL, we can assume this
// user was redirected here from a partner web site. We need to log in the user
// as if they logged in through the normal PeopleAggregator login form:
// (ie. set all session variables just as if dologin.php was called).
$referer = "external site";
if (isset($_SERVER['HTTP_REFERER'])) {
$referer = $_SERVER['HTTP_REFERER'];
}
$pal = new PA_Login();
$pal->log_in($user->user_id, false, $referer);
// Set authToken as a session variable so that it can be accessed anywhere
$_SESSION['authToken'] = $authToken;
}
} catch (Exception $e) {
if (!in_array($e->getCode(), array(USER_NOT_FOUND, USER_ALREADY_DELETED, USER_TOKEN_INVALID, USER_TOKEN_EXPIRED))) {
throw $e;
}
// The currently logged-in user has been deleted; invalidate the session.
session_destroy();
session_start();
$login_uid = PA::$login_uid = $login_name = $login_user = PA::$login_user = NULL;
}
}
if ($this->CurrUser) {
try {
$user = new User();
$user->load((int) $this->CurrUser['id'], "user_id", TRUE);
} catch (Exception $e) {
if (!in_array($e->getCode(), array(USER_NOT_FOUND, USER_ALREADY_DELETED))) {
throw $e;
}
// The currently logged-in user has been deleted; invalidate the session.
session_destroy();
session_start();
$login_uid = PA::$login_uid = $login_name = $login_user = PA::$login_user = NULL;
}
}
if (isset($user) && $user) {
// if the user variable is set
if ($user->user_id) {
$login_name = $this->CurrUser['name'];
PA::$login_user = $login_user = $user;
PA::$login_uid = $login_uid = $user->user_id;
}
if (PA::$login_uid) {
PA::$login_user->update_user_time_spent();
User::track_status(PA::$login_uid);
}
}
// If a user is specified on the query string as an ID (uid=123) or
// login name (login=phil), validate the id/name and load the user
// object.
if (!empty($_GET['uid'])) {
$page_uid = PA::$page_uid = (int) $_GET['uid'];
$page_user = PA::$page_user = new User();
PA::$page_user->load(PA::$page_uid);
} else {
if (!empty($_GET['login'])) {
$page_user = PA::$page_user = new User();
if (is_numeric($_GET['login'])) {
PA::$page_user->load((int) $_GET['login']);
} else {
PA::$page_user->load($_GET['login']);
}
$page_uid = PA::$page_uid = PA::$page_user->user_id;
} else {
$page_uid = PA::$page_uid = $page_user = PA::$page_user = NULL;
}
}
// Copy PA::$page_* into PA::$* if present, otherwise use PA::$login_*.
if (PA::$page_uid) {
$uid = PA::$uid = PA::$page_uid;
$user = PA::$user = PA::$page_user;
} else {
$uid = PA::$uid = PA::$login_uid;
$user = PA::$user = PA::$login_user;
}
session_commit();
}
function handle_request()
{
$json = new Services_JSON();
try {
global $_PA, $HTTP_RAW_POST_DATA;
if (!@$_PA->enable_widgetization_server) {
$this->fail("Widget server is not enabled; you must set \$_PA->enable_widgetization_server = TRUE in local_config.php.");
}
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->fail("This URL handles POST requests only");
}
if ($_SERVER['CONTENT_TYPE'] != 'application/x-javascript') {
$this->fail("Content-Type of application/x-javascript required");
}
// Parse input
$request = $json->decode($HTTP_RAW_POST_DATA);
if ($request == NULL) {
$this->fail("Null request");
}
if (@$_PA->log_widget_requests) {
Logger::log("WidgetServer::handle_request(): request={$HTTP_RAW_POST_DATA}", LOGGER_ACTION);
}
$this->global = $request->global;
// This should probably be in config.inc. For the moment
// we figure out the network based on the URL, as with the
// rest of the system.
PA::$network_info = get_network_info();
$lang = "english";
if (!empty($this->global->language)) {
switch ($this->global->language) {
case 'en':
break;
case 'fr':
$lang = "french";
break;
default:
$this->fail("Unknown language: {$this->global}->language");
}
}
PA::load_language($lang);
// Create items as required
if (!empty($this->global->items)) {
foreach ($this->global->items as $item) {
$item_params = array();
foreach ($item as $k => $v) {
$item_params[$k] = $v;
}
Item::sync($item_params);
// create or update row in 'items' database table
}
}
// Set up globals - network, user etc
if (!empty($this->global->user)) {
$user_info = array("user_id" => $this->global->user->id, "login_name" => $this->global->user->login, "email" => $this->global->user->email, "first_name" => $this->global->user->first_name, "last_name" => $this->global->user->last_name, "url" => $this->global->user->url, "thumbnail_url" => $this->global->user->thumbnail_url);
// load (and sync!) or create a shadow user for the current remote user
PA::$login_user = new ShadowUser($this->global->user->namespace);
if (!PA::$login_user->load($user_info)) {
// we haven't seen this remote user before - create account
PA::$login_user = ShadowUser::create($this->global->user->namespace, $user_info, PA::$network_info);
//FIXME: need to define what remote urls mean. in this case "url" should be used instead of /users/$login_name when generating internal urls, so it should go in a global profile block rather than something specific to the remote site.
PA::$login_user->set_profile_field($this->global->user->namespace, "url", $this->global->user->url);
}
PA::$login_uid = PA::$login_user->user_id;
}
// Render modules
$modules = array();
foreach ($request->modules as $req_module) {
$module = array();
$module['id'] = $req_module->id;
$module['name'] = $name = $req_module->name;
$params = array();
foreach ($req_module->params as $k => $v) {
$params[$k] = $v;
}
// clean up URLs that may have the port 80 specified
// this would lead to cross server AJAX problems in safari etc
// although we are actually on the same server
// domain.tld:80/file/ and domain.tld/file/
foreach (array('get_url', 'ajax_url', 'post_url') as $i => $url) {
$req_module->{$url} = preg_replace('|:80/*|', '/', $req_module->{$url});
}
// dispatch module
ob_start();
$module['html'] = $this->render_module($req_module->method, $req_module->name, $req_module->args, $params, $req_module->get_url, $req_module->ajax_url, $req_module->post_url, $req_module->param_prefix);
// prefix for input parameters and textareas
$errors = ob_get_contents();
ob_end_clean();
if (!empty($errors)) {
$module['errors'] = $errors;
}
$modules[] = $module;
}
$response = array('modules' => $modules);
header("Content-Type: application/x-javascript");
echo $json->encode($response);
} catch (WidgetException $e) {
echo $json->encode(array("error" => $e->getMessage()));
}
}
$login_uid = PA::$login_uid = @$_SESSION['user']['id'];
$login_name = @$_SESSION['user']['name'];
if (!$login_uid) {
$login_user = PA::$login_user = NULL;
} else {
$login_user = PA::$login_user = new User();
try {
PA::$login_user->load((int) $login_uid, 'user_id', TRUE);
} catch (CNException $e) {
if (!in_array($e->getCode(), array(USER_NOT_FOUND, USER_ALREADY_DELETED))) {
throw $e;
}
// The currently logged-in user has been deleted; invalidate the session.
session_destroy();
session_start();
$login_uid = PA::$login_uid = $login_name = $login_user = PA::$login_user = NULL;
}
// update tracking stuff
if (PA::$login_uid) {
PA::$login_user->update_user_time_spent();
User::track_status(PA::$login_uid);
}
}
// If a user is specified on the query string as an ID (uid=123) or
// login name (login=phil), validate the id/name and load the user
// object.
if (!empty($_GET['uid'])) {
$page_uid = PA::$page_uid = (int) $_GET['uid'];
$page_user = PA::$page_user = new User();
PA::$page_user->load(PA::$page_uid);
} elseif (!empty($_GET['login'])) {
$redirect_url = PA_ROUTE_GROUP . "/gid={$gid}&action=join&GInvID={$group_invitation_id}";
} else {
//else redirect registered user to its page.
$redirect_url = PA_ROUTE_USER_PRIVATE . '/' . "msg_id=7014";
}
// end of if group invitation is valid
} else {
$redirect_url = PA_ROUTE_USER_PRIVATE . '/' . "msg_id=7014";
}
}
header("Location: " . PA::$url . $redirect_url);
exit;
} else {
register_session($newuser->login_name, $newuser->user_id, $newuser->role, $newuser->first_name, $newuser->last_name, $newuser->email, $newuser->picture);
PA::$login_user = $newuser;
PA::$login_uid = $newuser->user_id;
if (isset($_GET['gid'])) {
//if gid is available, redirect to group home page
header("Location: " . PA::$url . PA_ROUTE_GROUP . "/gid=" . $_GET['gid']);
exit;
}
if (isset($_GET['aid'])) {
//if gid is available, redirect to group home page
header("Location: " . PA::$url . "/network_announcement.php?aid=" . $_GET['aid']);
exit;
}
if (isset($user->user_id)) {
//if uid is set, then look for action
if (isset($_GET['action']) && $_GET['action'] == 'user') {
//redirect user to user's private page
header("Location: " . PA::$url . PA_ROUTE_USER_PUBLIC . '/' . $user->user_id);
function peopleaggregator_logout($args)
{
session_start();
$token = $args['authToken'];
$user = User::from_auth_token($token);
if ($user) {
PA::$login_uid = $user->user_id;
// destroy the login cookie
PA_Login::log_out();
}
// invalidate the cache for user profile
$file = PA::$theme_url . "/user_profile.tpl?uid=" . PA::$login_uid;
CachedTemplate::invalidate_cache($file);
// kill the session
$_SESSION = array();
session_destroy();
session_start();
return array('success' => TRUE);
}
function handle_request()
{
$json = new Services_JSON();
try {
global $HTTP_RAW_POST_DATA;
if (!@PA::$config->enable_widgetization_server) {
$this->fail("Widget server is not enabled; you must set \\PA::{$config->enable_widgetization_server} = TRUE in local_config.php.");
}
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->fail("This URL handles POST requests only");
}
if ($_SERVER['CONTENT_TYPE'] != 'application/x-javascript') {
$this->fail("Content-Type of application/x-javascript required");
}
// Parse input
$request = $json->decode($HTTP_RAW_POST_DATA);
if ($request == NULL) {
$this->fail("Null request");
}
$this->global = $request->global;
// Set up globals - network, user etc
if (!empty($this->global->user)) {
PA::$login_user = new ShadowUser($this->global->namespace);
// see if we can load it already
if (!PA::$login_user->load($this->global->user->user_id)) {
// wasn't here before, so we create a shadow account
PA::$login_user = ShadowUser::create($this->global->namespace, $this->global->user, PA::$network_info);
}
PA::$login_uid = PA::$login_user->user_id;
}
// This should probably be in config.inc. For the moment
// we figure out the network based on the URL, as with the
// rest of the system.
PA::$network_info = get_network_info();
// Render modules
$modules = array();
foreach ($request->modules as $req_module) {
$module = array();
$module['id'] = $req_module->id;
$module['name'] = $name = $req_module->name;
$params = array();
foreach ($req_module->params as $k => $v) {
$params[$k] = $v;
}
// dispatch module
ob_start();
$module['html'] = $this->render_module($req_module->method, $req_module->name, $req_module->args, $params, $req_module->post_url, $req_module->param_prefix);
// prefix for input parameters and textareas
$errors = ob_get_contents();
ob_end_clean();
if (!empty($errors)) {
$module['errors'] = $errors;
}
$modules[] = $module;
}
$response = array('modules' => $modules);
header("Content-Type: application/x-javascript");
echo $json->encode($response);
} catch (WidgetException $e) {
echo $json->encode(array("error" => $e->getMessage()));
}
}
