private function loadFile()
 {
     if ($this->file != NULL) {
         return;
     }
     $this->file = File::find('alias', $this->getParam('alias', ''));
     if ($this->file == NULL) {
         System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found');
     }
     if (System::getUser() != NULL) {
         $user_id = System::getUser()->uid;
     } else {
         $user_id = -1;
     }
     if ($user_id != $this->file->uid) {
         if ($this->file->permission == FilePermissions::PRIVATE_ACCESS) {
             System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden');
             exit;
         } elseif ($this->file->permission == FilePermissions::RESTRICTED_ACCESS) {
             if (is_array(System::getSession()->getData("authenticatedFiles"))) {
                 if (!in_array($this->file->alias, System::getSession()->getData("authenticatedFiles"))) {
                     System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file));
                     exit;
                 }
             } else {
                 System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file));
                 exit;
             }
         }
     }
 }
 public function index()
 {
     $user = System::getUser();
     $form = new Form('form-profile');
     $form->setAttribute('data-noajax', 'true');
     $form->binding = $user;
     $fieldset = new Fieldset(System::getLanguage()->_('General'));
     $firstname = new Text('firstname', System::getLanguage()->_('Firstname'));
     $firstname->binding = new Databinding('firstname');
     $lastname = new Text('lastname', System::getLanguage()->_('Lastname'));
     $lastname->binding = new Databinding('lastname');
     $email = new Text('email', System::getLanguage()->_('EMail'), true);
     $email->binding = new Databinding('email');
     $email->blacklist = $this->getListOfMailAdresses($user);
     $email->error_msg[4] = System::getLanguage()->_('ErrorMailAdressAlreadyExists');
     $language = new Radiobox('lang', System::getLanguage()->_('Language'), L10N::getLanguages());
     $language->binding = new Databinding('lang');
     $fieldset->addElements($firstname, $lastname, $email, $language);
     $form->addElements($fieldset);
     $fieldset = new Fieldset(System::getLanguage()->_('Password'));
     $password = new Password('password', System::getLanguage()->_('Password'));
     $password->minlength = PASSWORD_MIN_LENGTH;
     $password->binding = new Databinding('password');
     $password2 = new Password('password2', System::getLanguage()->_('ReenterPassword'));
     $fieldset->addElements($password, $password2);
     $form->addElements($fieldset);
     $fieldset = new Fieldset(System::getLanguage()->_('Settings'));
     $quota = new Text('quota', System::getLanguage()->_('Quota'));
     if ($user->quota > 0) {
         $quota->value = System::getLanguage()->_('QuotaAvailabe', Utils::formatBytes($user->getFreeSpace()), Utils::formatBytes($user->quota));
     } else {
         $quota->value = System::getLanguage()->_('Unlimited');
     }
     $quota->readonly = true;
     $fieldset->addElements($quota);
     $form->addElements($fieldset);
     if (Utils::getPOST('submit', false) !== false) {
         if (!empty($password->value) && $password->value != $password2->value) {
             $password2->error = System::getLanguage()->_('ErrorInvalidPasswords');
         } else {
             if ($form->validate()) {
                 $form->save();
                 System::getUser()->save();
                 System::getSession()->setData('successMsg', System::getLanguage()->_('ProfileUpdated'));
                 System::forwardToRoute(Router::getInstance()->build('ProfileController', 'index'));
                 exit;
             }
         }
     } else {
         $form->fill();
     }
     $form->setSubmit(new Button(System::getLanguage()->_('Save'), 'floppy-disk'));
     $smarty = new Template();
     $smarty->assign('title', System::getLanguage()->_('MyProfile'));
     $smarty->assign('heading', System::getLanguage()->_('MyProfile'));
     $smarty->assign('form', $form->__toString());
     $smarty->display('form.tpl');
 }
 /**
  * Checks if user is authentificated
  * if not - user is redirected to login page
  */
 public final function checkAuthentification()
 {
     if (System::getUser() == NULL) {
         if (System::$isXHR) {
             System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden');
         } else {
             System::forwardToRoute(Router::getInstance()->build('AuthController', 'login'));
             exit;
         }
     }
 }
 public function permissions()
 {
     try {
         $file = File::find('alias', $this->getParam('alias', ''));
     } catch (FileNotFoundException $e) {
         System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found');
     }
     $form = new Form('form-permissions', '');
     $fieldset = new Fieldset(System::getLanguage()->_('PermissionSetting'));
     $permission = new Select('permission', System::getLanguage()->_('Permission'), FilePermissions::getAll());
     $permission->selected_value = $file->permission;
     $password = new Password('password', System::getLanguage()->_('Password'));
     $fieldset->addElements($permission, $password);
     $form->addElements($fieldset);
     if (Utils::getPOST('submit', false) !== false) {
         if ($form->validate()) {
             if ($permission->selected_value == 2 && empty($password->value)) {
                 $password->error = System::getLanguage()->_('InvalidPassword');
             } else {
                 $file->permission->setPermission($permission->selected_value, $password->value);
                 System::forwardToRoute(Router::getInstance()->build('DownloadController', 'download', $file));
                 exit;
             }
         }
     }
     $form->addButton(new Button(System::getLanguage()->_('Cancel'), 'icon icon-cancel', Router::getInstance()->build('DownloadController', 'download', $file)));
     $smarty = new Template();
     $smarty->assign('title', System::getLanguage()->_('PermissionSetting'));
     $smarty->assign('form', $form->__toString());
     $smarty->display('form.tpl');
 }
 public function clear()
 {
     LogEntry::deleteAll();
     Log::sysLog('LogController', 'Log table cleared');
     System::forwardToRoute(Router::getInstance()->build('LogController', 'index'));
 }
 public function lostpw_check()
 {
     $hash = $this->getParam('hash', '');
     if (!LostPW::hashExists($hash)) {
         System::getSession()->setData('errorMsg', System::getLanguage()->_('HashNotFound'));
         System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
     }
     $password = Utils::getPOST('password', '');
     $password2 = Utils::getPOST('password2', '');
     $errorMsg = '';
     if (Utils::getPOST('submit', false) != false) {
         if (strlen($password) < PASSWORD_MIN_LENGTH) {
             $errorMsg = sprintf(System::getLanguage()->_('PasswordMinLength'), PASSWORD_MIN_LENGTH);
         } else {
             if ($password != $password2) {
                 $errorMsg = System::getLanguage()->_('ErrorInvalidPasswords');
             } else {
                 LostPW::resetPassword($hash, $password);
                 System::getSession()->setData('successMsg', System::getLanguage()->_('LostPWSuccess'));
                 System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
             }
         }
     }
     $smarty = new Template();
     $smarty->assign('title', System::getLanguage()->_('LostPW'));
     $smarty->assign('successMsg', '');
     $smarty->assign('form_url', Router::getInstance()->build('AuthController', 'lostpw_check', array('hash' => $hash)));
     $smarty->assign('errorMsg', $errorMsg);
     $smarty->requireResource('auth');
     $smarty->display('auth/lostpw.newpw.tpl');
 }
 public function upload()
 {
     $form = new Form('form-upload', Router::getInstance()->build('UploadController', 'upload'));
     $form->setAttribute('data-noajax', 'true');
     $form->setEnctype();
     $fieldset = new Fieldset(System::getLanguage()->_('General'));
     $folderInput = new Select('folder', System::getLanguage()->_('ChooseFolder'), Folder::getAll());
     $folderInput->selected_value = Utils::getGET('parent', NULL);
     $fieldset->addElements($folderInput);
     $form->addElements($fieldset);
     $fieldset = new Fieldset(System::getLanguage()->_('FileUpload'));
     $fileInput = new FileUpload('file', System::getLanguage()->_('ChooseFile'), false);
     $fieldset->addElements($fileInput);
     $form->addElements($fieldset);
     if (DOWNLOAD_VIA_SERVER) {
         $fieldset = new Fieldset(System::getLanguage()->_('UploadFromURL'));
         $url = new Text('url', System::getLanguage()->_('EnterURL'), false);
         $name = new Text('name', System::getLanguage()->_('Name'), false);
         $name->setValue(System::getLanguage()->_('DownloadedFile'));
         $fieldset->addElements($url, $name);
         $form->addElements($fieldset);
     }
     $fieldset = new Fieldset(System::getLanguage()->_('PermissionSetting'));
     $permissionInput = new Select('permissions', System::getLanguage()->_('Permission'), FilePermissions::getAll());
     $permissionInput->selected_value = DEFAULT_FILE_PERMISSION;
     $password = new Password('password', System::getLanguage()->_('Password'), false);
     $fieldset->addElements($permissionInput, $password);
     $form->addElements($fieldset);
     if (Utils::getPOST('submit', false) != false) {
         if ($permissionInput->selected_value == 2 && empty($password->value)) {
             $password->error = System::getLanguage()->_('ErrorEmptyTextfield');
         } else {
             if ($form->validate() && (!empty($url->value) || !empty($fileInput->uploaded_file))) {
                 // Specify input control for error display
                 $err = empty($url->value) ? $fileInput : $url;
                 try {
                     $folder = Folder::find('_id', $folderInput->selected_value);
                     $file = new File();
                     $file->folder = $folder;
                     $file->permission = $permissionInput->selected_value;
                     $file->password = $password->value;
                     if (empty($url->value)) {
                         $file->filename = $fileInput->filename;
                         $file->upload($fileInput->uploaded_file);
                     } else {
                         $file->filename = $name->value;
                         $file->remote($url->value);
                     }
                     $file->save();
                     System::forwardToRoute(Router::getInstance()->build('BrowserController', 'show', $folder));
                     exit;
                 } catch (UploadException $e) {
                     $fileInput->filename = '';
                     $fileInput->uploaded_file = '';
                     $err->error = $e->getMessage();
                     if ($e->getCode() != 0) {
                         $err->error .= ' Code: ' . $e->getCode();
                     }
                 } catch (QuotaExceededException $e) {
                     $err->error = System::getLanguage()->_('ErrorQuotaExceeded');
                 } catch (Exception $e) {
                     $fileInput->filename = '';
                     $fileInput->uploaded_file = '';
                     $err->error = System::getLanguage()->_('ErrorWhileUpload') . ' ' . $e->getMessage();
                 }
             }
         }
     }
     $form->setSubmit(new Button(System::getLanguage()->_('Upload'), 'open'));
     if ($folderInput->selected_value == 0) {
         $form->addButton(new Button(System::getLanguage()->_('Cancel'), '', Router::getInstance()->build('BrowserController', 'index')));
     } else {
         $form->addButton(new Button(System::getLanguage()->_('Cancel'), '', Router::getInstance()->build('BrowserController', 'show', new Folder($folderInput->selected_value))));
     }
     $smarty = new Template();
     $smarty->assign('title', System::getLanguage()->_('Upload'));
     $smarty->assign('heading', System::getLanguage()->_('FileUpload'));
     $smarty->assign('form', $form->__toString());
     $smarty->assign('BODY_CLASS', 'preventreload');
     $smarty->requireResource('upload');
     $smarty->display('form.tpl');
 }
 public function delete()
 {
     $user = User::find('_id', $this->getParam('uid', 0));
     if ($user == NULL) {
         System::displayError(System::getLanguage()->_('ErrorUserNotFound'), '404 Not Found');
     } else {
         if ($user->uid == System::getUser()->uid) {
             System::displayError(System::getLanguage()->_('ErrorCannotDeleteYourself'), '403 Forbidden');
         }
     }
     $form = new Form('form-user', Router::getInstance()->build('UsersController', 'delete', $user));
     $fieldset = new Fieldset(System::getLanguage()->_('Confirm'));
     $checkbox = new Checkbox('confirm', System::getLanguage()->_('ConfirmDeleteUser'), true);
     $p = new Paragraph(System::getLanguage()->_('ConfirmDeleteUserInfo'));
     $fieldset->addElements($checkbox, $p);
     $form->addElements($fieldset);
     $form->setSubmit(new Button(System::getLanguage()->_('Confirm'), 'icon icon-delete'));
     $form->addButton(new Button(System::getLanguage()->_('Cancel'), 'icon icon-cancel', Router::getInstance()->build('UsersController', 'index')));
     if (Utils::getPOST('submit', false) !== false) {
         if ($form->validate()) {
             $user->delete();
             System::forwardToRoute(Router::getInstance()->build('UsersController', 'index'));
             exit;
         }
     }
     $smarty = new Template();
     $smarty->assign('title', System::getLanguage()->_('DeleteUser'));
     $smarty->assign('heading', System::getLanguage()->_('DeleteUser'));
     $smarty->assign('form', $form);
     $smarty->display('form.tpl');
 }
 public function index()
 {
     System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
     exit;
 }