public function action_Department($Kid)
{
//CSRF対策
$this->data['token_key'] = Config::get('security.csrf_token_key');
$this->data['token'] = Security::fetch_token();
//カテゴリごとの投稿件数を取得
$count = Model_Post::query()->where('Kid', '=', $Kid)->count();
//ページネーションの設定(カテゴリごとの投稿表示仕様)
$config = array('pagination_url' => 'noteshare/list/' . $Kid, 'uri_segment' => 3, 'num_links' => 3, 'per_page' => $this->per_page, 'total_items' => $count, 'show_first' => true, 'show_last' => true);
$pagination = Pagination::forge('post_pagination', $config);
$this->data['posts'] = Model_Post::query()->where('Kid', '=', $Kid)->order_by('Ptime', 'desc')->limit($this->per_page)->offset($pagination->offset)->get();
$this->data['department'] = Model_Category::query()->where('Kid', '=', $Kid)->get();
$this->action_categorize();
//homeのビューオブジェクトを生成
if (!$count) {
$this->data['error'] = true;
$view = View::forge('list/DepartmentList', $this->data);
$view->set_safe('pagination', $pagination);
//メッセージの定義
} else {
$view = View::forge('list/DepartmentList', $this->data);
$view->set_safe('pagination', $pagination);
}
return $view;
}
public function action_send()
{
$data['token_key'] = Config::get('security.csrf_token_key');
$data['token'] = Security::fetch_token();
$error = array();
if (Security::check_token()) {
$val = Validation::forge();
$val->add_field('username', 'ユーザID', 'required|max_length[9]');
$val->add_field('mail', 'メールアドレス', 'required|valid_email');
if ($val->run()) {
//受信データの整理
$username = Input::post('username');
$email = Input::post('mail');
//登録ユーザの有無の確認
$user_count = Model_Users::query()->where('username', $username)->where('email', $email)->count();
//該当ユーザがいれば
if ($user_count > 0) {
//Authのインスタンス化
$auth = Auth::instance();
//新しいパスワードの自動発行
$repass = $auth->reset_password($username);
//送信データの整理
$data['fullname'] = Model_Users::query()->select('fullname')->where('username', $username)->get();
$data['repass'] = $repass;
$data['email'] = $email;
$data['anchor'] = 'login';
$body = View::forge('login/email/autorepass', $data);
//Eメールのインスタンス化
$sendmail = Email::forge();
//メール情報の設定
$sendmail->from('*****@*****.**', '');
$sendmail->to($email, $username);
$sendmail->subject('パスワードの再発行');
$sendmail->html_body($body);
//メールの送信
$sendmail->send();
$view = View::forge('login/success', $data);
//該当者0のとき
} else {
$view = View::forge('login/contact', $data);
$msg = '該当者が存在しませんでした。';
$view->set('msg', $msg);
}
//バリデーションエラー
} else {
$error = $val->error();
$view = View::forge('login/contact', $data);
$view->set_global('error', $error, false);
}
//CSRF対策
} else {
$view = View::forge('login/contact', $data);
$msg = 'CSRF対策です';
$view->set('msg', $msg);
}
return $view;
}
<?php
echo \Form::open(array('action' => \Uri::current(), 'method' => 'post', 'id' => 'cart_form'));
?>
<?php
echo \Form::hidden('product_id', $product->id);
?>
<?php
echo \Form::hidden('attributeid', '', array('class' => 'attributeid'));
?>
<?php
if (isset($attr_obj)) {
echo \Form::hidden('product_attribute_id', $attr_obj->id, array('class' => 'product_attribute_id'));
}
?>
<?php
echo \Form::hidden(\Config::get('security.csrf_token_key'), \Security::fetch_token());
?>
<?php
echo \Form::hidden('quantity', 1);
?>
<span class="product-action add_to_cart">
<i class="icon icon-plus"></i>
</span>
<?php
echo \Form::close();
?>
<?php
} else {
?>
<span class="product-action">
<i class="icon icon-search"></i>
/**
* Add a CSRF token and a validation rule to check it
*/
public function add_csrf()
{
$this->add(\Config::get('security.csrf_token_key', 'fuel_csrf_token'), 'CSRF Token')->set_type('hidden')->set_value(\Security::fetch_token())->add_rule(array('Security', 'check_token'));
return $this;
}
/**
* 掲示板新規登録・修正用フォーム作成
* @param type $board
* @return type
*/
public function makeBBSRegistForm($board = null)
{
//Modelから投稿用フォームを取得
$bd = Model_Board::forge();
$postFormFieldSet = Fieldset::forge('newBBSForm');
$postFormFieldSet->add_model($bd);
if ($board != null) {
$postFormFieldSet->populate($board);
}
//処理内容追加
if ($board != null) {
$postFormFieldSet->add('kind', '処理内容', array('type' => 'select', 'options' => array('修正' => ' 修正 ', '削除' => ' 削除 ')));
}
//CSRF対策用
$postFormFieldSet->add(Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => Security::fetch_token()));
//送信ボタン追加
$postFormFieldSet->add('submit', '<BR>', array('type' => 'submit', 'width' => 80, 'value' => '送信'));
return $postFormFieldSet;
}
<?php
$token = Form::hidden(Config::get('security.csrf_token_key'), Security::fetch_token());
?>
<div id="contents-wrap">
<div id="main">
<?php
if ($is_chenged) {
?>
<p>Update success.</p>
<?php
}
?>
<h3>Email</h3>
<section class="content-wrap">
<form action="" method="post" enctype="multipart/form-data">
<ul class="forms">
<li>
<h4>Reservation email</h4>
<div>
<label for="reservation-on">
<input <?php
if (Input::post("need_reservation_email", $user->need_reservation_email) == 1) {
echo "checked";
}
?>
id="reservation-on" name="need_reservation_email" type="radio" value="1">On
</label>
<label for="reservation-off">
<input <?php
if (Input::post("need_reservation_email", $user->need_reservation_email) == 0) {
public function action_csrf()
{
$this->data['token_key'] = Config::get('security.csrf_token_key');
$this->data['token'] = Security::fetch_token();
}
<td><?php
echo $item->name;
?>
</td>
<td><?php
echo $item->nb_posts;
?>
</td>
<td>
<div class="btn-toolbar">
<div class="btn-group pull-right">
<?php
echo Html::anchor('blog/admin/category/edit/' . $item->id, 'Edit', array('class' => 'btn btn-default btn-sm'));
?>
<?php
echo Html::anchor('blog/admin/category/delete/' . $item->id . '?' . \Config::get('security.csrf_token_key') . '=' . \Security::fetch_token(), 'Delete', array('onclick' => "return confirm('Are you sure?')", 'class' => 'btn btn-sm btn-danger'));
?>
</div>
</div>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
} else {
?>
<p>No Categories.</p>
public function action_newRegist()
{
$msg = Session::get('errorMsg');
Session::delete('errorMsg');
$loginFieldSet = Fieldset::forge('loginForm');
$loginFieldSet->add('username', 'ユーザー名', array('type' => 'text', 'size' => 20));
$loginFieldSet->add('password', 'パスワード', array('type' => 'text', 'size' => 20));
$loginFieldSet->add('email_', 'E-Mail', array('type' => 'text', 'width' => 80));
$loginFieldSet->repopulate();
$this->setBoardTitle();
$dsc2 = <<<END
<BR>\t\t\t\t
<div id = 'article'>
新規ユーザー登録を行います。<BR>
フォームに入力後、登録したメールアドレス宛てに確認メールが届きます。<BR>
メールの文中のリンクをクリックすると、登録完了となります。<BR>
</div>
END;
$this->template->set('boardDescription2', $dsc2, false);
//CSRF対策用
$loginFieldSet->add(Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => Security::fetch_token()));
//送信ボタン追加
$loginFieldSet->add('submit', '投稿', array('type' => 'submit', 'width' => 80, 'value' => ' 送信 '));
$content = View::forge('index/newregist');
$content->set('loginForm', $loginFieldSet->build('index/newUser'), false);
//エラーメッセージ設定
if ($msg != null) {
$content->set('msg', $msg, false);
}
//no follow
$this->template->nofollow = true;
$this->template->content = $content;
}
<BR>
<?php
if (Auth::check()) {
?>
<p style="margin-left:30px;"><a href ="/bbsadmin/index">掲示板管理・作成</a></p>
<?php
} else {
?>
<form action="/index/login" method="post">
UserName<input type="text" name="username" size="10">
PassWord<input type="password" name="password" size="10">
<input type="hidden" name="<?php
echo \Config::get('security.csrf_token_key');
?>
" value="<?php
echo \Security::fetch_token();
?>
" />
<input type="submit" value="ログイン">
<a href ="/index/newRegist" rel="nofollow">新規ユーザー登録</a>
</form>
<?php
}
?>
</div>
<?php
if (isset($msg)) {
echo $msg;
}
/**
* Create a CSRF hidden field
*
* @return string
*/
public static function csrf()
{
return static::hidden(\Config::get('security.csrf_token_key', 'fuel_csrf_token'), \Security::fetch_token());
}
/**
* Gets form by platform
*
* @access private
* @param $platform platform of database
* @return Fieldset
*/
private static function _get_form($platform)
{
Model_Dbdocs::set_properties($platform);
$fieldset = Fieldset::forge()->add_model(Model_Dbdocs::forge());
$fieldset->add('submit', '', array('type' => 'submit', 'value' => 'Generate'));
$fieldset->add(Config::get('security.csrf_token_key'), Config::get('security.csrf_token_key'), array('type' => 'hidden', 'value' => Security::fetch_token()));
return $fieldset;
}
public function action_Adetail($Pid = 0)
{
//トークンの生成
$this->data['token_key'] = Config::get('security.csrf_token_key');
$this->data['token'] = Security::fetch_token();
//投稿内容取得
$this->data['posts'] = Model_Post::query()->where('Pid', '=', $Pid)->get();
$is_record = count($this->data['posts']);
//投稿IDが存在し、そのレコードが取得されているか
if ($is_record) {
$this->data['comments'] = Model_Comment::query()->where('Pid', '=', $Pid)->get();
$this->action_categorize();
$view = View::forge('post/PostsDetail_2', $this->data);
$view->set_global('error', $this->error, false);
return $view;
} else {
Response::redirect('_404_');
}
}
public function build($data = array(), $edit_mode = false)
{
if ($this->check_csrf) {
$this->add_field(static::$csrf_token_key, 'CSRF Token', \Security::fetch_token(), array('type' => 'hidden'), array('Security', 'check_token'));
}
$form_open = \Form::open($this->attributes);
$form_close = \Form::close();
$fields = '';
is_null($this->sequence) and $this->sequence = array_keys($this->fields);
foreach ($this->sequence as $f) {
if ($f[0] == '<') {
$fields .= $f;
continue;
}
$props = $this->fields[$f];
if ($f == static::$csrf_token_key) {
$value = '';
} else {
$value = \Input::post($f, !empty($data) ? $data->{$f} : '');
}
$label = $props['label'];
$form = $props['form'];
$type = isset($form['type']) ? $form['type'] : 'input';
$options = isset($form['options']) ? $form['options'] : array();
$attr = isset($form['attr']) ? $form['attr'] : array();
$errors = $this->error();
if ($edit_mode and !$form['editable'] and !array_key_exists('readonly', $attr)) {
$attr['readonly'] = 'readonly';
}
switch ($type) {
case false:
continue;
case 'hidden':
$fields .= \Form::hidden($f, $value);
break;
case 'textarea':
$fields .= static::textarea($f, $value, $attr, $label, $errors);
break;
case 'password':
$fields .= static::password($f, $value, $attr, $label, $errors);
break;
case 'radio':
$fields .= static::radio_group($f, $options, $value, false, $attr, $label, $errors);
break;
case 'checkbox':
$fields .= static::checkbox_group($f, $options, $value, false, $attr, $label, $errors);
break;
case 'select':
$fields .= static::select($f, $value, $options, $attr, $label, $errors);
break;
case 'lookup':
default:
$fields .= static::input($f, $value, $attr, $label, $errors);
}
$fields .= PHP_EOL;
}
$form_actions = static::render_buttons($this->buttons);
return static::template('form', array('{open}', '{fields}', '{form_buttons}', '{close}'), array($form_open, $fields, $form_actions, $form_close));
}
public function action_category($Kid = 0)
{
//CSRF対策
$this->data['token_key'] = Config::get('security.csrf_token_key');
$this->data['token'] = Security::fetch_token();
//カテゴリごとの投稿件数を取得
$count = Model_Post::query()->where('Kid', '=', $Kid)->count();
//ページネーションの設定(カテゴリごとの投稿表示仕様)
$config = array('pagination_url' => 'noteshare/home/category/' . $Kid, 'uri_segment' => 4, 'num_links' => 3, 'per_page' => $this->per_page, 'total_items' => $count, 'show_first' => true, 'show_last' => true);
$pagination = Pagination::forge('post_pagination', $config);
//記事とカテゴリの情報を取得する
$this->data['rows'] = Model_Post::query()->where('Kid', '=', $Kid)->order_by('Ptime', 'desc')->limit($this->per_page)->offset($pagination->offset)->get();
$this->action_categorize();
//homeのビューオブジェクトを生成
if (!$count) {
$view = View::forge('home/home', $this->data);
$view->set_safe('pagination', $pagination);
//メッセージの定義
$this->msg = '現在このカテゴリの投稿はありません。';
$view->set_global('error', $this->error, FALSE);
$view->set_global('csrmsg', $this->csrmsg, false);
$view->set_global('msg', $this->msg, false);
} else {
$view = View::forge('home/home', $this->data);
$view->set_safe('pagination', $pagination);
//メッセージの定義
$view->set_global('error', $this->error, FALSE);
$view->set_global('csrmsg', $this->csrmsg, false);
$view->set_global('msg', $this->msg, false);
}
return $view;
}
/**
* 投稿用フォームを作成
* @param type $board Model_Boardオブジェクト
* @return type
*/
public function makePostFormFieldSet($board, $article = null)
{
//Modelから投稿用フォームを取得
$ar = Model_Article::forge();
$postFormFieldSet = Fieldset::forge('postForm');
$postFormFieldSet->add_model($ar);
if ($article != null) {
$postFormFieldSet->populate($article);
} else {
$postFormFieldSet->repopulate();
}
//レスの場合、タイトルはつかないのでhiddenにする
if ($article != null) {
if ($article->commentOf != 0) {
$postFormFieldSet->field('title')->set_type('hidden');
}
}
//画像送信用フィールド追加
if ($board->allowAttach == true) {
if ($article == null) {
$postFormFieldSet->set_config('form_attributes', array('enctype' => 'multipart/form-data'));
$postFormFieldSet->add('Image1', '画像1', array('type' => 'file'));
$postFormFieldSet->add('Image2', '画像2', array('type' => 'file'));
$postFormFieldSet->add('Image3', '画像3', array('type' => 'file'));
}
}
//2ch型掲示板では、書き込み者の情報を簡略化
if ($board->type == 2) {
$postFormFieldSet->field('authorAge')->set_type('hidden');
$postFormFieldSet->field('authorPrefecture')->set_type('hidden');
$postFormFieldSet->field('authorAge')->set_type('hidden');
$postFormFieldSet->field('authorIsMale')->set_type('hidden');
$postFormFieldSet->field('authorProfile')->set_type('hidden');
}
if ($board->allowXvideos != true) {
$postFormFieldSet->field('xvideosURL')->set_type('hidden');
}
//送信ボタン追加
if ($article != null) {
$postFormFieldSet->add('submit', '修正', array('type' => 'submit', 'width' => 80, 'value' => '送信'));
} else {
$postFormFieldSet->add('submit', '投稿', array('type' => 'submit', 'width' => 80, 'value' => '送信'));
}
//CSRF対策用
$postFormFieldSet->add(Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => Security::fetch_token()));
//BBSのIDをHiddenでフォームに仕込む(bbsidはModel_Articleに含まれるのでbbsId_にする)
$postFormFieldSet->add('bbsId_', '', array('type' => 'hidden', 'value' => $board->id));
return $postFormFieldSet;
}
