/**
* editsmilies
*
*
*/
public function editsmilies()
{
if (!SecurityUtil::checkPermission('BBSmile::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError(System::getHomepageUrl());
}
$submit = $this->getPassedValue('submit', null, 'POST');
if (!$submit) {
$smilies = $this->getVar('smilie_array');
$this->view->assign('smilies', $smilies);
return $this->view->fetch('admin/editsmiles.tpl');
}
// submit is set
$this->checkCsrfToken();
// Get input
$keys = $this->getPassedValue('key', array(), 'POST');
$shorts = $this->getPassedValue('short', array(), 'POST');
$imgsrcs = $this->getPassedValue('imgsrc', array(), 'POST');
$alts = $this->getPassedValue('alt', array(), 'POST');
$aliases = $this->getPassedValue('alias', array(), 'POST');
$types = $this->getPassedValue('smilietype', array(), 'POST');
$active = $this->getPassedValue('active', array(), 'POST');
$smilies = array();
// Create an array with the input and deaktivate all smilies
for ($i = 0; $i < sizeof($keys); $i++) {
$smilies[$keys[$i]] = array('type' => $types[$i], 'short' => $shorts[$i], 'imgsrc' => $imgsrcs[$i], 'alt' => $alts[$i], 'alias' => $aliases[$i], 'active' => 0);
}
// And now set the active flag for all selected smilies
for ($i = 0; $i < sizeof($active); $i++) {
$smilies[$active[$i]]['active'] = 1;
}
$this->setVar('smilie_array', $smilies);
LogUtil::registerStatus($this->__('The edited smilies have been saved.'));
$this->redirect(ModUtil::url('BBSmile', 'admin', 'main'));
}
/**
* Plugin to return the homepage address.
*
* Available parameters:
* - assign: If set, the results are assigned to the corresponding variable instead of printed out
*
* Example
* {homepage}
*
* @param array $params All attributes passed to this function from the template.
* @param Zikula_View $view Reference to the Zikula_View object.
*
* @return string The base URL of the site.
*/
function smarty_function_homepage($params, Zikula_View $view)
{
$assign = isset($params['assign']) ? $params['assign'] : null;
$result = htmlspecialchars(System::getHomepageUrl());
if ($assign) {
$view->assign($assign, $result);
} else {
return $result;
}
}
/**
* Modify a comment
*
* This is a standard function that is called whenever an administrator
* wishes to modify a comment
*
* @param tid the id of the comment to be modified
* @return string the modification page
*/
public function modify($args)
{
// get our input
$id = isset($args['id']) ? $args['id'] : FormUtil::getPassedValue('id', null, 'GETPOST');
// Security check
$securityCheck = ModUtil::apiFunc('EZComments', 'user', 'checkPermission', array('module' => '', 'objectid' => '', 'commentid' => $id, 'level' => ACCESS_EDIT));
if (!$securityCheck) {
$redirect = base64_decode(FormUtil::getPassedValue('redirect'));
if (!isset($redirect)) {
$redirect = System::getHomepageUrl();
}
return LogUtil::registerPermissionError($redirect);
}
// Create Form output object
$render = FormUtil::newForm('EZComments', $this);
// Return the output that has been generated by this function
return $render->execute("ezcomments_admin_modify.tpl", new EZComments_Form_Handler_Admin_Modify());
}
/**
* Generate a configuration for javascript and return script tag to embed in HTML HEAD.
*
* @return string HTML code with script tag
*/
public static function getJSConfig()
{
$return = '';
$config = array(
'entrypoint' => System::getHomepageUrl(),
'baseURL' => System::getBaseUrl(),
'baseURI' => System::getBaseUri() . '/',
'ajaxtimeout' => (int)System::getVar('ajaxtimeout', 5000),
'lang' => ZLanguage::getLanguageCode(),
'sessionName' => session_name(),
);
$config = DataUtil::formatForDisplay($config);
$return .= "<script type=\"text/javascript\">/* <![CDATA[ */ \n";
if (System::isLegacyMode()) {
$return .= 'document.location.entrypoint="' . $config['entrypoint'] . '";';
$return .= 'document.location.pnbaseURL="' . $config['baseURL'] . '"; ';
$return .= 'document.location.ajaxtimeout=' . $config['ajaxtimeout'] . ";\n";
}
$return .= "if (typeof(Zikula) == 'undefined') {var Zikula = {};}\n";
$return .= "Zikula.Config = " . json_encode($config) . "\n";
$return .= ' /* ]]> */</script>' . "\n";
return $return;
}
/**
* Add a new user to the system.
*
* Parameters passed via GET:
* --------------------------
* None.
*
* Parameters passed via POST:
* ---------------------------
* See the definition of {@link Users_Controller_FormData_NewUserForm}.
*
* Parameters passed via SESSION:
* ------------------------------
* None.
*
* @return string HTML string containing the rendered template.
*
* @throws Zikula_Exception_Forbidden Thrown if the current user does not have add access, or if the method of accessing this function is improper.
*/
public function newUser()
{
// The user must have ADD access to submit a new user record.
if (!SecurityUtil::checkPermission($this->name . '::', '::', ACCESS_ADD)) {
throw new Zikula_Exception_Forbidden();
}
// When new user registration is disabled, the user must have ADMIN access instead of ADD access.
if (!$this->getVar(Users_Constant::MODVAR_REGISTRATION_ENABLED, false) && !SecurityUtil::checkPermission($this->name . '::', '::', ACCESS_ADMIN)) {
$registrationUnavailableReason = $this->getVar(Users_Constant::MODVAR_REGISTRATION_DISABLED_REASON, $this->__('Sorry! New user registration is currently disabled.'));
$this->registerError($registrationUnavailableReason);
// TODO - The home page typically does not display errors.
$this->redirect(System::getHomepageUrl());
}
$proceedToForm = true;
$formData = new Users_Controller_FormData_NewUserForm('users_newuser', $this->serviceManager);
$errorFields = array();
$errorMessages = array();
if ($this->request->isPost()) {
// Returning from a form POST operation. Process the input.
$this->checkCsrfToken();
$formData->setFromRequestCollection($this->request->request);
$registrationArgs = array(
'checkMode' => 'new',
'emailagain' => $formData->getField('emailagain')->getData(),
'setpass' => (bool)$formData->getField('setpass')->getData(),
'antispamanswer' => '',
);
$registrationArgs['passagain'] = $registrationArgs['setpass'] ? $formData->getField('passagain')->getData() : '';
$registrationInfo = array(
'uname' => $formData->getField('uname')->getData(),
'pass' => $registrationArgs['setpass'] ? $formData->getField('pass')->getData() : '',
'passreminder' => $registrationArgs['setpass'] ? $this->__('(Password provided by site administrator)') : '',
'email' => mb_strtolower($formData->getField('email')->getData()),
);
$registrationArgs['reginfo'] = $registrationInfo;
$sendPass = $formData->getField('sendpass')->getData();
if ($formData->isValid()) {
$errorFields = ModUtil::apiFunc($this->name, 'registration', 'getRegistrationErrors', $registrationArgs);
} else {
$errorFields = $formData->getErrorMessages();
}
$event = new Zikula_Event('module.users.ui.validate_edit.new_user', $registrationInfo, array(), new Zikula_Hook_ValidationProviders());
$validators = $this->eventManager->notify($event)->getData();
$hook = new Zikula_ValidationHook('users.ui_hooks.user.validate_edit', $validators);
$this->notifyHooks($hook);
$validators = $hook->getValidators();
if (empty($errorFields) && !$validators->hasErrors()) {
// TODO - Future functionality to suppress e-mail notifications, see ticket #2351
//$currentUserEmail = UserUtil::getVar('email');
//$adminNotifyEmail = $this->getVar('reg_notifyemail', '');
//$adminNotification = (strtolower($currentUserEmail) != strtolower($adminNotifyEmail));
$registeredObj = ModUtil::apiFunc($this->name, 'registration', 'registerNewUser', array(
'reginfo' => $registrationInfo,
'sendpass' => $sendPass,
'usernotification' => true,
'adminnotification' => true,
));
if (isset($registeredObj) && $registeredObj) {
$event = new Zikula_Event('module.users.ui.process_edit.new_user', $registeredObj);
$this->eventManager->notify($event);
$hook = new Zikula_ProcessHook('users.ui_hooks.user.process_edit', $registeredObj['uid']);
$this->notifyHooks($hook);
if ($registeredObj['activated'] == Users_Constant::ACTIVATED_PENDING_REG) {
$this->registerStatus($this->__('Done! Created new registration application.'));
} elseif (isset($registeredObj['activated'])) {
$this->registerStatus($this->__('Done! Created new user account.'));
} else {
$this->registerError($this->__('Warning! New user information has been saved, however there may have been an issue saving it properly.'));
}
$proceedToForm = false;
} else {
$this->registerError($this->__('Error! Could not create the new user account or registration application.'));
}
}
} elseif (!$this->request->isGet()) {
throw new Zikula_Exception_Forbidden();
}
if ($proceedToForm) {
return $this->view->assign_by_ref('formData', $formData)
->assign('mode', 'new')
->assign('errorMessages', $errorMessages)
->assign('errorFields', $errorFields)
->fetch('users_admin_newuser.tpl');
} else {
$this->redirect(ModUtil::url($this->name, 'admin', 'view'));
}
}
/**
* Display main admin panel for a category
*
* @param int $args['acid'] the id of the category to be displayed
* @return string HTML string
*/
public function adminpanel($args)
{
if (!SecurityUtil::checkPermission('::', '::', ACCESS_EDIT)) {
// suppress admin display - return to index.
$this->redirect(System::getHomepageUrl());
}
if (!$this->getVar('ignoreinstallercheck') && System::getVar('development') == 0) {
// check if the Zikula Recovery Console exists
$zrcexists = file_exists('zrc.php');
// check if upgrade scripts exist
if ($zrcexists == true) {
return $this->view->assign('zrcexists', $zrcexists)
->assign('adminpanellink', ModUtil::url('Admin','admin', 'adminpanel'))
->fetch('admin_admin_warning.tpl');
}
}
// Now prepare the display of the admin panel by getting the relevant info.
// Get parameters from whatever input we need.
$acid = FormUtil::getPassedValue('acid', (isset($args['acid']) ? $args['acid'] : null), 'GET');
// cid isn't set, so go to the default category
if (empty($acid)) {
$acid = $this->getVar('startcategory');
}
// Add category menu to output
$this->view->assign('menu', $this->categorymenu(array('acid' => $acid)));
// Check to see if we have access to the requested category.
if (!SecurityUtil::checkPermission("Admin::", "::$acid", ACCESS_ADMIN)) {
$acid = -1;
}
// Get Details on the selected category
if ($acid > 0) {
$category = ModUtil::apiFunc('Admin', 'admin', 'get', array('cid' => $acid));
} else {
$category = null;
}
if (!$category) {
// get the default category
$acid = $this->getVar('startcategory');
// Check to see if we have access to the requested category.
if (!SecurityUtil::checkPermission("Admin::", "::$acid", ACCESS_ADMIN)) {
return LogUtil::registerPermissionError(System::getHomepageUrl());
}
$category = ModUtil::apiFunc('Admin', 'admin', 'get', array('cid' => $acid));
}
// assign the category
$this->view->assign('category', $category);
$displayNameType = $this->getVar('displaynametype', 1);
// get admin capable modules
$adminmodules = ModUtil::getAdminMods();
$adminlinks = array();
foreach ($adminmodules as $adminmodule) {
if (SecurityUtil::checkPermission("{$adminmodule['name']}::", 'ANY', ACCESS_EDIT)) {
$catid = ModUtil::apiFunc('Admin', 'admin', 'getmodcategory',
array('mid' => ModUtil::getIdFromName($adminmodule['name'])));
$order = ModUtil::apiFunc('Admin', 'admin', 'getSortOrder',
array('mid' => ModUtil::getIdFromName($adminmodule['name'])));
if (($catid == $acid) || (($catid == false) && ($acid == $this->getVar('defaultcategory')))) {
$modinfo = ModUtil::getInfoFromName($adminmodule['name']);
$menutexturl = ModUtil::url($modinfo['name'], 'admin', 'main');
$modpath = ($modinfo['type'] == ModUtil::TYPE_SYSTEM) ? 'system' : 'modules';
if ($displayNameType == 1) {
$menutext = $modinfo['displayname'];
} elseif ($displayNameType == 2) {
$menutext = $modinfo['name'];
} elseif ($displayNameType == 3) {
$menutext = $modinfo['displayname'] . ' (' . $modinfo['name'] . ')';
}
$menutexttitle = $modinfo['description'];
$adminicon = ModUtil::getModuleImagePath($adminmodule['name']);
$adminlinks[] = array('menutexturl' => $menutexturl,
'menutext' => $menutext,
'menutexttitle' => $menutexttitle,
'modname' => $modinfo['name'],
'adminicon' => $adminicon,
'id' => $modinfo['id'],
'order'=> $order);
}
}
}
usort($adminlinks, '_sortAdminModsByOrder');
$this->view->assign('adminlinks', $adminlinks);
return $this->view->fetch('admin_admin_adminpanel.tpl');
}
/**
* block configuration
*/
public function modify($blockinfo)
{
$vars = BlockUtil::varsFromContent($blockinfo['content']);
// set some default vars
$vars['isnew'] = empty($vars);
$vars['menutree_content'] = isset($vars['menutree_content']) ? $vars['menutree_content'] : array();
$vars['menutree_tpl'] = isset($vars['menutree_tpl']) ? $vars['menutree_tpl'] : '';
$vars['menutree_stylesheet'] = isset($vars['menutree_stylesheet']) ? $vars['menutree_stylesheet'] : '';
$vars['menutree_linkclass'] = isset($vars['menutree_linkclass']) ? $vars['menutree_linkclass'] : false;
$vars['menutree_linkclasses'] = isset($vars['menutree_linkclasses']) ? $vars['menutree_linkclasses'] : array();
$vars['menutree_titles'] = isset($vars['menutree_titles']) ? $vars['menutree_titles'] : array();
$vars['menutree_editlinks'] = isset($vars['menutree_editlinks']) ? $vars['menutree_editlinks'] : false;
$vars['menutree_stripbaseurl'] = isset($vars['menutree_stripbaseurl']) ? $vars['menutree_stripbaseurl'] : true;
$vars['menutree_maxdepth'] = isset($vars['menutree_maxdepth']) ? $vars['menutree_maxdepth'] : 0;
$vars['oldlanguages'] = isset($vars['oldlanguages']) ? $vars['oldlanguages'] : array();
$vars['olddefaultanguage'] = isset($vars['olddefaultanguage']) ? $vars['olddefaultanguage'] :'';
// get list of languages
$vars['languages'] = ZLanguage::getInstalledLanguageNames();
$userlanguage = ZLanguage::getLanguageCode();
// get default langs
$vars['defaultanguage'] = !empty($blockinfo['language']) ? $blockinfo['language'] : $userlanguage;
// rebuild langs array - default lang has to be first
if (isset($vars['languages']) && count($vars['languages']) > 1) {
$deflang[$vars['defaultanguage']] = $vars['languages'][$vars['defaultanguage']];
unset($vars['languages'][$vars['defaultanguage']]);
$vars['languages'] = array_merge($deflang,$vars['languages']);
$vars['multilingual'] = true;
} else {
$vars['multilingual'] = false;
}
$langs = array('list' => array_keys($vars['languages']),
'flat' => false);
// check if there is allredy content
if (empty($vars['menutree_content'])) {
// no content - get list of menus to allow import
$vars['menutree_menus'] = $this->_get_current_menus($blockinfo['bid']);
} else {
// are there new langs not present in current menu?
// check if there are new languages not present in current menu
// if so - need to set reference lang to copy initial menu items data
if (count(array_diff($vars['languages'],$vars['oldlanguages'])) > 1) {
// fisrt try current default lang
if (in_array($vars['defaultanguage'],$vars['oldlanguages'])) {
$langs['ref'] = $vars['defaultanguage'];
// or user lang
} elseif (in_array($userlanguage,$vars['oldlanguages'])) {
$langs['ref'] = $userlanguage;
// or old default lang
} elseif (in_array($vars['olddefaultanguage'],$vars['languages'])) {
$langs['ref'] = $vars['olddefaultanguage'];
// it must be any language present in old and new lang list
} else {
$langs['ref'] = current(array_intersect($vars['languages'], $vars['oldlanguages']));
}
}
}
// decode tree array
$tree = new Blocks_MenutreeTree();
$tree->setOption('id', 'adm-menutree'.$blockinfo['bid']);
$tree->setOption('sortable', true);
if (isset($langs)) {
$tree->setOption('langs', $langs['list']);
}
$tree->setOption('stripbaseurl', $vars['menutree_stripbaseurl']);
$tree->setOption('maxDepth', $vars['menutree_maxdepth']);
$tree->loadArrayData($vars['menutree_content']);
$vars['menutree_content'] = $tree->getHTML();
// get all templates and stylesheets.
$vars['tpls'] = Blocks_MenutreeUtil::getTemplates();
$vars['styles'] = Blocks_MenutreeUtil::getStylesheets();
$someThemes = $this->__('Only in some themes');
$vars['somethemes'] = isset($vars['tpls'][$someThemes]) || isset($vars['styles'][$someThemes]) ? true : false;
// template to use
if (empty($vars['menutree_tpl']) || !$this->view->template_exists($vars['menutree_tpl'])) {
$vars['menutree_tpl'] = 'menutree/blocks_block_menutree_default.tpl';
}
// prepare block titles array
foreach (array_keys($vars['languages']) as $lang) {
if (!array_key_exists($lang, $vars['menutree_titles'])) {
$vars['menutree_titles'][$lang] = '';
}
}
// for permissions settings get first supported permlevels
$vars['permlevels'] = $this->_permlevels();
// check if saved permlevels are correct
$vars['menutree_titlesperms'] = !empty($vars['menutree_titlesperms']) ? $vars['menutree_titlesperms'] : 'ACCESS_EDIT';
$vars['menutree_displayperms'] = !empty($vars['menutree_displayperms']) ? $vars['menutree_displayperms'] : 'ACCESS_EDIT';
$vars['menutree_settingsperms'] = !empty($vars['menutree_settingsperms']) ? $vars['menutree_settingsperms'] : 'ACCESS_EDIT';
// check user permissions for settings sections
$useraccess = SecurityUtil::getSecurityLevel(SecurityUtil::getAuthInfo(), 'Blocks::', "$blockinfo[bkey]:$blockinfo[title]:$blockinfo[bid]");
$vars['menutree_titlesaccess'] = $useraccess >= constant($vars['menutree_titlesperms']);
$vars['menutree_displayaccess'] = $useraccess >= constant($vars['menutree_displayperms']);
$vars['menutree_settingsaccess'] = $useraccess >= constant($vars['menutree_settingsperms']);
$vars['menutree_adminaccess'] = $useraccess >= ACCESS_ADMIN;
$vars['menutree_anysettingsaccess'] = $vars['menutree_adminaccess'] || $vars['menutree_titlesaccess'] || $vars['menutree_displayaccess'] || $vars['menutree_settingsaccess'];
// check if the users wants to add a new link via the "Add current url" link in the block
$addurl = FormUtil::getPassedValue('addurl', 0, 'GET');
// or if we come from the normal "edit this block" link
$fromblock = FormUtil::getPassedValue('fromblock', null, 'GET');
$vars['redirect'] = '';
$vars['menutree_newurl'] = '';
if ($addurl == 1) {
// set a marker for redirection later on
$newurl = System::serverGetVar('HTTP_REFERER');
$vars['redirect'] = urlencode($newurl);
$newurl = str_replace(System::getBaseUrl(), '', $newurl);
if (empty($newurl)) {
$newurl = System::getHomepageUrl();
}
$vars['menutree_newurl'] = $newurl;
} elseif (isset($fromblock)) {
$vars['redirect'] = urlencode(System::serverGetVar('HTTP_REFERER'));
}
// Create output object
$this->view->setCaching(Zikula_View::CACHE_DISABLED);
// assign all block variables
$this->view->assign($vars)
->assign('blockinfo', $blockinfo);
// Return the output that has been generated by this function
return $this->view->fetch('menutree/blocks_block_menutree_modify.tpl');
}
/**
* Allow the user to accept active terms of use and/or privacy policy.
*
* This function is currently used by the Legal module's handler for the users.login.veto event.
*
* @return string The rendered output from the template.
*
* @throws Zikula_Exception_Forbidden Thrown if the user is not logged in and the acceptance attempt is not a result of a login attempt.
*
* @throws Zikula_Exception_Fatal Thrown if the user is already logged in and the acceptance attempt is a result of a login attempt;
* also thrown in cases where expected data is not present or not in an expected form;
* also thrown if the call to this function is not the result of a POST operation or a GET operation.
*/
public function acceptPolicies()
{
// Retrieve and delete any session variables being sent in by the log-in process before we give the function a chance to
// throw an exception. We need to make sure no sensitive data is left dangling in the session variables.
$sessionVars = $this->request->getSession()->get('Legal_Controller_User_acceptPolicies', null, $this->name);
$this->request->getSession()->del('Legal_Controller_User_acceptPolicies', $this->name);
$processed = false;
$helper = new Legal_Helper_AcceptPolicies();
if ($this->request->isPost()) {
$this->checkCsrfToken();
$isLogin = isset($sessionVars) && !empty($sessionVars);
if (!$isLogin && !UserUtil::isLoggedIn()) {
throw new Zikula_Exception_Forbidden();
} elseif ($isLogin && UserUtil::isLoggedIn()) {
throw new Zikula_Exception_Fatal();
}
$policiesUid = $this->request->getPost()->get('acceptedpolicies_uid', false);
$acceptedPolicies = array(
'termsOfUse' => $this->request->getPost()->get('acceptedpolicies_termsofuse', false),
'privacyPolicy' => $this->request->getPost()->get('acceptedpolicies_privacypolicy', false),
'agePolicy' => $this->request->getPost()->get('acceptedpolicies_agepolicy', false),
'cancellationRightPolicy' => $this->request->getPost()->get('acceptedpolicies_cancellationrightpolicy', false),
'tradeConditions' => $this->request->getPost()->get('acceptedpolicies_tradeconditions', false)
);
if (!isset($policiesUid) || empty($policiesUid) || !is_numeric($policiesUid)) {
throw new Zikula_Exception_Fatal();
}
$activePolicies = $helper->getActivePolicies();
$originalAcceptedPolicies = $helper->getAcceptedPolicies($policiesUid);
$fieldErrors = array();
if ($activePolicies['termsOfUse'] && !$originalAcceptedPolicies['termsOfUse'] && !$acceptedPolicies['termsOfUse']) {
$fieldErrors['termsofuse'] = $this->__('You must accept this site\'s Terms of Use in order to proceed.');
}
if ($activePolicies['privacyPolicy'] && !$originalAcceptedPolicies['privacyPolicy'] && !$acceptedPolicies['privacyPolicy']) {
$fieldErrors['privacypolicy'] = $this->__('You must accept this site\'s Privacy Policy in order to proceed.');
}
if ($activePolicies['agePolicy'] && !$originalAcceptedPolicies['agePolicy'] && !$acceptedPolicies['agePolicy']) {
$fieldErrors['agepolicy'] = $this->__f('In order to log in, you must confirm that you meet the requirements of this site\'s Minimum Age Policy. If you are not %1$s years of age or older, and you do not have a parent\'s permission to use this site, then please ask your parent to contact a site administrator.', array(ModUtil::getVar('Legal', Legal_Constant::MODVAR_MINIMUM_AGE, 0)));
}
if ($activePolicies['cancellationRightPolicy'] && !$originalAcceptedPolicies['cancellationRightPolicy'] && !$acceptedPolicies['cancellationRightPolicy']) {
$fieldErrors['cancellationrightpolicy'] = $this->__('You must accept our cancellation right policy in order to proceed.');
}
if ($activePolicies['tradeConditions'] && !$originalAcceptedPolicies['tradeConditions'] && !$acceptedPolicies['tradeConditions']) {
$fieldErrors['tradeconditions'] = $this->__('You must accept our general terms and conditions of trade in order to proceed.');
}
if (empty($fieldErrors)) {
$now = new DateTime('now', new DateTimeZone('UTC'));
$nowStr = $now->format(DateTime::ISO8601);
if ($activePolicies['termsOfUse'] && $acceptedPolicies['termsOfUse']) {
$termsOfUseProcessed = UserUtil::setVar(Legal_Constant::ATTRIBUTE_TERMSOFUSE_ACCEPTED, $nowStr, $policiesUid);
} else {
$termsOfUseProcessed = !$activePolicies['termsOfUse'] || $originalAcceptedPolicies['termsOfUse'];
}
if ($activePolicies['privacyPolicy'] && $acceptedPolicies['privacyPolicy']) {
$privacyPolicyProcessed = UserUtil::setVar(Legal_Constant::ATTRIBUTE_PRIVACYPOLICY_ACCEPTED, $nowStr, $policiesUid);
} else {
$privacyPolicyProcessed = !$activePolicies['privacyPolicy'] || $originalAcceptedPolicies['privacyPolicy'];
}
if ($activePolicies['agePolicy'] && $acceptedPolicies['agePolicy']) {
$agePolicyProcessed = UserUtil::setVar(Legal_Constant::ATTRIBUTE_AGEPOLICY_CONFIRMED, $nowStr, $policiesUid);
} else {
$agePolicyProcessed = !$activePolicies['agePolicy'] || $originalAcceptedPolicies['agePolicy'];
}
if ($activePolicies['cancellationRightPolicy'] && $acceptedPolicies['cancellationRightPolicy']) {
$cancellationRightPolicyProcessed = UserUtil::setVar(Legal_Constant::ATTRIBUTE_CANCELLATIONRIGHTPOLICY_ACCEPTED, $nowStr, $policiesUid);
} else {
$cancellationRightPolicyProcessed = !$activePolicies['cancellationRightPolicy'] || $originalAcceptedPolicies['cancellationRightPolicy'];
}
if ($activePolicies['tradeConditions'] && $acceptedPolicies['tradeConditions']) {
$tradeConditionsProcessed = UserUtil::setVar(Legal_Constant::ATTRIBUTE_TRADECONDITIONS_ACCEPTED, $nowStr, $policiesUid);
} else {
$tradeConditionsProcessed = !$activePolicies['tradeConditions'] || $originalAcceptedPolicies['tradeConditions'];
}
$processed = $termsOfUseProcessed && $privacyPolicyProcessed && $agePolicyProcessed && $cancellationRightPolicyProcessed && $tradeConditionsProcessed;
}
if ($processed) {
if ($isLogin) {
$loginArgs = $this->request->getSession()->get('Users_Controller_User_login', array(), 'Zikula_Users');
$loginArgs['authentication_method'] = $sessionVars['authentication_method'];
$loginArgs['authentication_info'] = $sessionVars['authentication_info'];
$loginArgs['rememberme'] = $sessionVars['rememberme'];
return ModUtil::func('Users', 'user', 'login', $loginArgs);
} else {
$this->redirect(System::getHomepageUrl());
}
}
} elseif ($this->request->isGet()) {
$isLogin = $this->request->getGet()->get('login', false);
$fieldErrors = array();
} else {
throw new Zikula_Exception_Forbidden();
}
// If we are coming here from the login process, then there are certain things that must have been
// send along in the session variable. If not, then error.
if ($isLogin && (!isset($sessionVars['user_obj']) || !is_array($sessionVars['user_obj'])
|| !isset($sessionVars['authentication_info']) || !is_array($sessionVars['authentication_info'])
|| !isset($sessionVars['authentication_method']) || !is_array($sessionVars['authentication_method']))
) {
throw new Zikula_Exception_Fatal();
}
if ($isLogin) {
$policiesUid = $sessionVars['user_obj']['uid'];
} else {
$policiesUid = UserUtil::getVar('uid');
}
if (!$policiesUid || empty($policiesUid)) {
throw new Zikula_Exception_Fatal();
}
if ($isLogin) {
// Pass along the session vars to updateAcceptance. We didn't want to just keep them in the session variable
// Legal_Controller_User_acceptPolicies because if we hit an exception or got redirected, then the data
// would have been orphaned, and it contains some sensitive information.
SessionUtil::requireSession();
$this->request->getSession()->set('Legal_Controller_User_acceptPolicies', $sessionVars, $this->name);
}
$templateVars = array(
'login' => $isLogin,
'policiesUid' => $policiesUid,
'activePolicies' => $helper->getActivePolicies(),
'acceptedPolicies' => isset($acceptedPolicies) ? $acceptedPolicies : $helper->getAcceptedPolicies($policiesUid),
'originalAcceptedPolicies' => isset($originalAcceptedPolicies) ? $originalAcceptedPolicies : $helper->getAcceptedPolicies($policiesUid),
'fieldErrors' => $fieldErrors,
);
return $this->view->assign($templateVars)
->fetch('legal_user_acceptpolicies.tpl');
}
/**
* Disable mobile Theme
*
* @return string html output
*/
public function disableMobileTheme()
{
CookieUtil::setCookie('zikulaMobileTheme', '2', time()+3600*24*365, '/');
return $this->redirect(System::getHomepageUrl());
}
/**
* Log into a site that is currently "off" (normal logins are not allowed).
*
* Allows the administrator to access the site during maintenance.
*
* Parameters passed via GET:
* --------------------------
* None.
*
* Parameters passed via POST:
* ---------------------------
* string user The user name of the user attempting to log in.
* string pass The password of the user attempting to log in.
* boolean rememberme Whether the login session should persist.
*
* Parameters passed via SESSION:
* ------------------------------
* None.
*
* @return bool True.
*/
public function siteOffLogin()
{
// do not process if the site is enabled
$this->redirectIf(!System::getVar('siteoff', false), System::getHomepageUrl());
if ($this->request->isPost()) {
$user = $this->request->request->get('user', null);
$pass = $this->request->request->get('pass', null);
$rememberme = $this->request->request->get('rememberme', false);
} else {
throw new Zikula_Exception_Forbidden();
}
$redirectUrl = System::getHomepageUrl();
$authenticationInfo = array(
'login_id' => $user,
'pass' => $pass
);
$authenticationMethod = array(
'modname' => $this->name,
'method' => 'uname',
);
if (UserUtil::loginUsing($authenticationMethod, $authenticationInfo, $rememberme)) {
$user = UserUtil::getVars(UserUtil::getVar('uid'));
if (!SecurityUtil::checkPermission('Settings::', 'SiteOff::', ACCESS_ADMIN)) {
UserUtil::logout();
$eventArgs = array(
'authentication_method' => $authenticationMethod,
'redirecturl' => '',
);
$event = new Zikula_Event('module.users.ui.login.failed', $user, $eventArgs);
$event = $this->eventManager->notify($event);
$redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : $redirectUrl;
} else {
$eventArgs = array(
'authentication_method' => $authenticationMethod,
'redirecturl' => $redirectUrl,
);
$event = new Zikula_Event('module.users.ui.login.succeeded', $user, $eventArgs);
$event = $this->eventManager->notify($event);
$redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : $redirectUrl;
}
} else {
$eventArgs = array(
'authentication_method' => $authenticationMethod,
'authentication_info' => $authenticationInfo,
'redirecturl' => '',
);
$event = new Zikula_Event('module.users.ui.login.failed', null, $eventArgs);
$event = $this->eventManager->notify($event);
$redirectUrl = $event->hasArg('redirecturl') ? $event->getArg('redirecturl') : '';
}
$this->redirect($redirectUrl);
}
/**
* BlankTheme plugin to display the user navigation menu.
*
* Available parameters:
* - id (string) ID of the wrapper div (default: 'nav_main')
* - current (string) Current screen ID (.ini current value or module name) (optional)
* - currentclass (string) CSS class name of the current tab, list item (default: 'current')
* - span (bool) Flag to enable SPAN wrappers on the links text, useful for sliding doors (default: false)
* - desc (bool) Flag to put the parent links descriptions inside SPAN.bt_desc instead the link title (default: false)
*
* Example:
* {bt_userlinks id='myId' current='home' currentclass='myActiveClass'}
*
* @author Mateo Tibaquirá
* @since 08/11/07
*
* @param array $params All parameters passed to this function from the template.
* @param Zikula_View_Theme &$view Reference to the View_Theme object.
*
* @return string User menu output.
*/
function smarty_function_bt_userlinks($params, Zikula_View_Theme &$view)
{
$dom = ZLanguage::getThemeDomain('BlankTheme');
$id = isset($params['id']) ? $params['id'] : 'nav_main';
if (!isset($params['current'])) {
$current = $view->getTplVar('current') ? $view->getTplVar('current') : $view->getToplevelmodule();
} else {
$current = $params['current'];
}
$currentclass = isset($params['currentclass']) ? $params['currentclass'] : 'current';
$span = isset($params['span']) ? (bool)$params['span'] : false;
$desc = isset($params['desc']) ? (bool)$params['desc'] : false;
/*** Build the menu-array ***/
$menu = array();
$menu[] = array(
'home', // page id / module name
__('Home', $dom), // translatable title
__('Go to home page', $dom), // translatable description
System::getHomepageUrl(), // link
null // array of sublinks (optional)
);
if (ModUtil::available('News')) {
$menu[] = array(
'News',
__('News', $dom),
__('Articles index', $dom),
ModUtil::url('News', 'user', 'main')
);
}
if (ModUtil::available('Pages')) {
$menu[] = array(
'Pages',
__('Pages', $dom),
__('Content section', $dom),
ModUtil::url('Pages', 'user', 'main')
);
}
if (ModUtil::available('Dizkus')) {
$menu[] = array(
'Dizkus',
__('Forums', $dom),
__('Discuss area', $dom),
ModUtil::url('Dizkus', 'user', 'main')
);
}
if (ModUtil::available('FAQ')) {
$menu[] = array(
'FAQ',
__('FAQ', $dom),
__('Frequent questions', $dom),
ModUtil::url('FAQ', 'user', 'main')
);
}
if (ModUtil::available('Wikula')) {
$menu[] = array(
'Wikula',
__('Wiki', $dom),
__('Documents', $dom),
ModUtil::url('Wikula', 'user', 'main')
);
}
if (ModUtil::available('TimeIt')) {
$menu[] = array(
'TimeIt',
__('Calendar', $dom),
__('List of events', $dom),
ModUtil::url('TimeIt', 'user', 'main')
);
}
if (ModUtil::available('crpCalendar')) {
$menu[] = array(
'crpCalendar',
__('Calendar', $dom),
__('List of events', $dom),
ModUtil::url('crpCalendar', 'user', 'main')
);
}
if (ModUtil::available('Formicula')) {
$menu[] = array(
'Formicula',
__('Contact us', $dom),
__('Comment or suggest', $dom),
ModUtil::url('Formicula', 'user', 'main')
);
}
// render the menu
$output = '<div id="'.$id.'"><ul>';
foreach ($menu as $option) {
$output .= bt_userlinks_drawmenu($option, $current, $currentclass, $span, $desc);
}
$output .= '</ul></div>';
return $output;
}
/**
* Install controller.
*
* @return void
*/
function install(Core $core)
{
define('_ZINSTALLVER', Core::VERSION_NUM);
$serviceManager = $core->getContainer();
$eventManager = $core->getDispatcher();
// Lazy load DB connection to avoid testing DSNs that are not yet valid (e.g. no DB created yet)
$dbEvent = new GenericEvent(null, array('lazy' => true));
$eventManager->dispatch('doctrine.init_connection', $dbEvent);
$core->init(Core::STAGE_ALL & ~Core::STAGE_THEME & ~Core::STAGE_MODS & ~Core::STAGE_LANGS & ~Core::STAGE_DECODEURLS & ~Core::STAGE_SESSIONS);
// Power users might have moved the temp folder out of the root and changed the config.php
// accordingly. Make sure we respect this security related settings
$tempDir = isset($GLOBALS['ZConfig']['System']['temp']) ? $GLOBALS['ZConfig']['System']['temp'] : 'ztemp';
// define our smarty object
$smarty = new Smarty();
$smarty->caching = false;
$smarty->compile_check = true;
$smarty->left_delimiter = '{';
$smarty->right_delimiter = '}';
$smarty->compile_dir = $tempDir . '/view_compiled';
$smarty->template_dir = 'install/templates';
$smarty->plugins_dir = array('plugins', 'install/templates/plugins');
$smarty->clear_compiled_tpl();
file_put_contents("{$tempDir}/view_compiled/index.html", '');
$lang = FormUtil::getPassedValue('lang', '', 'GETPOST');
$dbhost = FormUtil::getPassedValue('dbhost', '', 'GETPOST');
$dbusername = FormUtil::getPassedValue('dbusername', '', 'GETPOST');
$dbpassword = FormUtil::getPassedValue('dbpassword', '', 'GETPOST');
$dbname = FormUtil::getPassedValue('dbname', '', 'GETPOST');
$dbprefix = '';
$dbdriver = FormUtil::getPassedValue('dbdriver', '', 'GETPOST');
$dbtabletype = FormUtil::getPassedValue('dbtabletype', '', 'GETPOST');
$username = FormUtil::getPassedValue('username', '', 'POST');
$password = FormUtil::getPassedValue('password', '', 'POST');
$repeatpassword = FormUtil::getPassedValue('repeatpassword', '', 'POST');
$email = FormUtil::getPassedValue('email', '', 'GETPOST');
$action = FormUtil::getPassedValue('action', '', 'GETPOST');
$notinstalled = isset($_GET['notinstalled']);
$installedState = isset($GLOBALS['ZConfig']['System']['installed']) ? $GLOBALS['ZConfig']['System']['installed'] : 0;
// If somehow we are browsing the not installed page but installed, redirect back to homepage
if ($installedState && $notinstalled) {
$response = new RedirectResponse(System::getHomepageUrl());
return $response->send();
}
// see if the language was already selected
$languageAlreadySelected = $lang ? true : false;
if (!$notinstalled && $languageAlreadySelected && empty($action)) {
$response = new RedirectResponse(System::getBaseUri() . "/install.php?action=requirements&lang={$lang}");
return $response->send();
}
// see if the language was already selected
$languageAlreadySelected = $lang ? true : false;
if (!$notinstalled && $languageAlreadySelected && empty($action)) {
$response = new RedirectResponse(System::getBaseUri() . "/install.php?action=requirements&lang={$lang}");
return $response->send();
}
// load the installer language files
if (empty($lang)) {
if (is_readable('config/installer.ini')) {
$test = parse_ini_file('config/installer.ini');
$lang = isset($test['language']) ? $test['language'] : 'en';
} else {
$available = ZLanguage::getInstalledLanguages();
$detector = new ZLanguageBrowser($available);
$lang = $detector->discover();
}
$lang = DataUtil::formatForDisplay($lang);
}
// setup multilingual
$GLOBALS['ZConfig']['System']['language_i18n'] = $lang;
$GLOBALS['ZConfig']['System']['multilingual'] = true;
$GLOBALS['ZConfig']['System']['languageurl'] = true;
$GLOBALS['ZConfig']['System']['language_detect'] = false;
$serviceManager->loadArguments($GLOBALS['ZConfig']['System']);
$_lang = ZLanguage::getInstance();
$_lang->setup();
$lang = ZLanguage::getLanguageCode();
$installbySQL = file_exists("install/sql/custom-{$lang}.sql") ? "install/sql/custom-{$lang}.sql" : false;
$smarty->assign('lang', $lang);
$smarty->assign('installbySQL', $installbySQL);
$smarty->assign('langdirection', ZLanguage::getDirection());
$smarty->assign('charset', ZLanguage::getEncoding());
// show not installed case
if ($notinstalled) {
header('HTTP/1.1 503 Service Unavailable');
$smarty->display('notinstalled.tpl');
$smarty->clear_compiled_tpl();
file_put_contents("{$tempDir}/view_compiled/index.html", '');
exit;
}
// assign the values from config.php
$smarty->assign($GLOBALS['ZConfig']['System']);
// if the system is already installed, halt.
if ($GLOBALS['ZConfig']['System']['installed']) {
_installer_alreadyinstalled($smarty);
}
// check for an empty action - if so then show the first installer page
if (empty($action)) {
$action = 'lang';
}
// perform tasks based on our action
switch ($action) {
case 'processBDInfo':
$dbname = trim($dbname);
$dbusername = trim($dbusername);
if (empty($dbname) || empty($dbusername)) {
$action = 'dbinformation';
$smarty->assign('dbconnectmissing', true);
} elseif (!preg_match('/^[\\w-]*$/', $dbname) || strlen($dbname) > 64) {
$action = 'dbinformation';
$smarty->assign('dbinvalidname', true);
} else {
update_config_php($dbhost, $dbusername, $dbpassword, $dbname, $dbdriver, $dbtabletype);
update_installed_status(0);
try {
$dbh = new PDO("{$dbdriver}:host={$dbhost};dbname={$dbname}", $dbusername, $dbpassword);
} catch (PDOException $e) {
$action = 'dbinformation';
$smarty->assign('reason', $e->getMessage());
$smarty->assign('dbconnectfailed', true);
}
}
if ($action != 'dbinformation') {
$action = 'createadmin';
}
break;
case 'finish':
if (!$username || preg_match('/[^\\p{L}\\p{N}_\\.\\-]/u', $username)) {
$action = 'createadmin';
$smarty->assign('uservalidatefailed', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} elseif (mb_strlen($password) < 7) {
$action = 'createadmin';
$smarty->assign('badpassword', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} elseif ($password !== $repeatpassword) {
$action = 'createadmin';
$smarty->assign('passwordcomparefailed', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} elseif (!validateMail($email)) {
$action = 'createadmin';
$smarty->assign('emailvalidatefailed', true);
$smarty->assign(array('username' => $username, 'password' => $password, 'repeatpassword' => $repeatpassword, 'email' => $email));
} else {
$installedOk = false;
// if it is the distribution and the process have not failed in a previous step
if ($installbySQL) {
// checks if exists a previous installation with the same prefix
$proceed = true;
$dbnameConfig = $GLOBALS['ZConfig']['DBInfo']['databases']['default']['dbname'];
$exec = $dbdriver == 'mysql' || $dbdriver == 'mysqli' ? "SHOW TABLES FROM `{$dbnameConfig}` LIKE '%'" : "SHOW TABLES FROM {$dbnameConfig} LIKE '%'";
$tables = DBUtil::executeSQL($exec);
if ($tables->rowCount() > 0) {
$proceed = false;
$action = 'dbinformation';
$smarty->assign('dbexists', true);
}
if ($proceed) {
// checks if file exists
if (!file_exists($installbySQL)) {
$action = 'dbinformation';
$smarty->assign('dbdumpfailed', true);
} else {
// execute the SQL dump
$lines = file($installbySQL);
$exec = '';
foreach ($lines as $line_num => $line) {
$line = trim($line);
if (empty($line) || strpos($line, '--') === 0) {
continue;
}
$exec .= $line;
if (strrpos($line, ';') === strlen($line) - 1) {
if (!DBUtil::executeSQL($exec)) {
$action = 'dbinformation';
$smarty->assign('dbdumpfailed', true);
break;
}
$exec = '';
}
}
ModUtil::dbInfoLoad('Users', 'Users');
ModUtil::dbInfoLoad('Extensions', 'Extensions');
ModUtil::initCoreVars(true);
createuser($username, $password, $email);
$installedOk = true;
}
}
} else {
installmodules($lang);
createuser($username, $password, $email);
$installedOk = true;
}
if ($installedOk) {
// create our new site admin
// TODO: Email username/password to administrator email address. Cannot use ModUtil::apiFunc for this.
$serviceManager->get('session')->start();
$authenticationInfo = array('login_id' => $username, 'pass' => $password);
$authenticationMethod = array('modname' => 'Users', 'method' => 'uname');
UserUtil::loginUsing($authenticationMethod, $authenticationInfo);
// add admin email as site email
System::setVar('adminmail', $email);
if (!$installbySQL) {
Theme_Util::regenerate();
}
// set site status as installed and protect config.php file
update_installed_status(1);
@chmod('config/config.php', 0400);
if (!is_readable('config/config.php')) {
@chmod('config/config.php', 0440);
if (!is_readable('config/config.php')) {
@chmod('config/config.php', 0444);
}
}
// install all plugins
$systemPlugins = PluginUtil::loadAllSystemPlugins();
foreach ($systemPlugins as $plugin) {
PluginUtil::install($plugin);
}
LogUtil::registerStatus(__('Congratulations! Zikula has been successfullly installed.'));
$response = new RedirectResponse(ModUtil::url('Admin', 'admin', 'adminpanel'));
$response->send();
exit;
}
}
break;
case 'requirements':
$checks = _check_requirements();
$ok = true;
foreach ($checks as $check) {
if (!$check) {
$ok = false;
break;
}
}
foreach ($checks['files'] as $check) {
if (!$check['writable']) {
$ok = false;
break;
}
}
if ($ok) {
$response = new RedirectResponse(System::getBaseUri() . "/install.php?action=dbinformation&lang={$lang}");
$response->send();
exit;
}
$smarty->assign('checks', $checks);
break;
}
// check our action template exists
$action = DataUtil::formatForOS($action);
if ($smarty->template_exists("installer_{$action}.tpl")) {
$smarty->assign('action', $action);
$templateName = "installer_{$action}.tpl";
} else {
$smarty->assign('action', 'error');
$templateName = 'installer_error.tpl';
}
$smarty->assign('maincontent', $smarty->fetch($templateName));
$smarty->display('installer_page.tpl');
$smarty->clear_compiled_tpl();
file_put_contents("{$tempDir}/view_compiled/index.html", '');
}
/**
* main funcion
* The main function is not used in the bbsmile module, we just rediret to homepage
*
*/
public function main()
{
return System::redirect(System::getHomepageUrl());
}
/**
* When Zikula authentication has failed, start SiriusXtecAuth
*
* @return bool true authetication succesful
*/
public static function trySiriusXtecAuth(Zikula_Event $event)
{
$authentication_info = FormUtil::getPassedValue('authentication_info', isset($args['authentication_info']) ? $args['authentication_info'] : null, 'POST');
// Argument check
if ($authentication_info['login_id'] == '' || $authentication_info['pass'] == '') {
LogUtil::registerError(__('Usuari o contrasenya en blanc.'));
return System::redirect(System::getHomepageUrl());
}
$uname = $authentication_info['login_id'];
$pass = $authentication_info['pass'];
// check if ldap is active
if (!ModUtil::getVar('SiriusXtecAuth','ldap_active',false)) return false;
// checking new users case
$userid = UserUtil::getIdFromName($uname);
if (($userid === false) && (ModUtil::getVar('SiriusXtecAuth','users_creation',false) === false)) return false;
// connect to ldap server
if (!$ldap_ds = ldap_connect(ModUtil::getVar('SiriusXtecAuth', 'ldap_server'))) {
LogUtil::registerError(__('No ha pogut connectar amb el servidor ldap.'));
return false;
}
///////////////////
// Checking ldap validation
$ldaprdn = ModUtil::getVar('SiriusXtecAuth', 'ldap_searchattr') . '=' . $uname . ',' . ModUtil::getVar('SiriusXtecAuth', 'ldap_basedn');
$bind = @ldap_bind($ldap_ds, $ldaprdn, $pass);
if (!$bind) {
LogUtil::registerError(__('La informació introduïda no correspon a cap validació manual ni XTEC.'));
return false;
}
LogUtil::getErrorMessages();
// Case new users
if ($userid === false) {
$userLdapFields = array ('cn', 'uid', 'givenname', 'sn', 'mail');
// search the directory for our user
if (!$ldap_sr = ldap_search($ldap_ds, ModUtil::getVar('SiriusXtecAuth', 'ldap_basedn'), ModUtil::getVar('SiriusXtecAuth', 'ldap_searchattr') . '=' . DataUtil::formatForStore($uname),$userLdapFields)) {
LogUtil::registerError(__('Problemes en la creació d\'un nou usuari de Sirus des de la validació XTEC (I).'));
return false;
}
$info = ldap_get_entries($ldap_ds, $ldap_sr);
if (!$info || $info['count'] == 0) {
LogUtil::registerError('Problemes en la creació d\'un nou usuari de Sirus des de la validació XTEC (II).');
return false;
} else {
if (!isset($info[0]['dn'])) {
LogUtil::registerError('Problemes en la creació d\'un nou usuari de Sirus des de la validació XTEC (III).');
return false;
}
}
$user['zk']['uname'] =$uname;
$user['zk']['email'] = $info[0]['mail'][0];
if (ModUtil::getVar('SiriusXtecAuth','iw_write',false) && ModUtil::available('IWusers')) {
$user['iw']['nom'] = ucwords(strtolower($info[0]['givenname'][0]));
$cognom_separator = strpos($info[0]['sn'][0],' ');
if ($cognom_separator && ModUtil::getVar('SiriusXtecAuth','iw_lastnames',false)) {
$user['iw']['cognom1'] = ucwords(strtolower(substr($info[0]['sn'][0],0,$cognom_separator)));
$user['iw']['cognom2'] = ucwords(strtolower(substr($info[0]['sn'][0],$cognom_separator+1)));
} else{
$user['iw']['cognom1'] = ucwords(strtolower($info[0]['sn'][0]));
$user['iw']['cognom1'] = '';
}
}
if (ModUtil::getVar('SiriusXtecAuth','new_users_activation', false)) {
$user['zk']['activated'] = 1;
}else {
$user['zk']['activated'] = 0;
}
$user['gr'] = ModUtil::getVar('SiriusXtecAuth','new_users_groups');
$userid = ModUtil::apifunc('SiriusXtecAuth', 'listeners', 'createUser', $user);
if (!$userid) {
LogUtil::registerError(__('No s\'ha pogut crear l\'usuari. Torneu a validar-vos.'));
return false;
}
}
@ldap_unbind($ldap_ds);
UserUtil::setUserByUid($userid);
if (!ModUtil::getVar('SiriusXtecAuth','loginXtecApps',false)) {
return System::redirect(System::getHomepageUrl());
} else {
$pass_e = urlencode(base64_encode($pass));
return System::redirect(ModUtil::url('SiriusXtecAuth', 'user', 'logingXtecApps',array('uname'=>$uname,'pass'=>$pass_e,'logtype'=>'in')));
}
}
/**
* Create a new user or registration.
*
* This is the primary and almost exclusive method for creating new user accounts, and the primary and
* exclusive method for creating registration applications that are either pending approval, pending e-mail
* verification, or both. 99.9% of all cases where a new user record needs to be created should use this
* function to create the user or registration. This will ensure that all users and registrations are created
* consistently, and that the system configuration for approval and verification is carried out correctly.
* Only a few system-related internal edge cases should attempt to create user accounts without going through
* this function.
*
* All information provided to this function is in the form of registration data, even if it is expected that
* the end result will be a fully active user account.
*
* Parameters passed in the $args array:
* -------------------------------------
* array $args['reginfo'] The core registration or user information collected from the user.
* numeric $args['reginfo']['uid'] If the information is for a new user registration, then this should not be set. Otherwise,
* the uid of the registration record.
* string $args['reginfo']['uname'] The user name for the registering user.
* string $args['reginfo']['pass'] The password for the registering user.
* string $args['reginfo']['passreminder'] The password reminder for the registering user.
* string $args['reginfo']['email'] The e-mail address for the registering user.
*
* @param array $args All arguments passed to this function.
*
* @return array|bool If the user registration information is successfully saved (either full user record was
* created or a pending registration record was created in the users table), then the array containing
* the information saved is returned; false on error.
*
* @throws Zikula_Exception_Forbidden Thrown if the user does not have read access.
*/
public function registerNewUser($args)
{
if (!SecurityUtil::checkPermission('Users::', '::', ACCESS_READ)) {
throw new Zikula_Exception_Forbidden();
}
$isAdmin = $this->currentUserIsAdmin();
$isAdminOrSubAdmin = $this->currentUserIsAdminOrSubAdmin();
if (!$isAdmin && !$this->getVar('reg_allowreg', false)) {
$registrationUnavailableReason = $this->getVar('reg_noregreasons', $this->__('New user registration is currently disabled.'));
$this->registerError($registrationUnavailableReason, 403, System::getHomepageUrl());
return false;
}
if (!isset($args['reginfo']) || empty($args['reginfo']) || !is_array($args['reginfo'])) {
$this->registerError(LogUtil::getErrorMsgArgs());
return false;
}
$reginfo = $args['reginfo'];
$adminWantsVerification = $isAdminOrSubAdmin && ((isset($args['usermustverify']) ? (bool)$args['usermustverify'] : false)
|| !isset($reginfo['pass']) || empty($reginfo['pass']));
$reginfo['isverified'] = ($isAdminOrSubAdmin && !$adminWantsVerification) || (!$isAdminOrSubAdmin && ($this->getVar('reg_verifyemail') == Users_Constant::VERIFY_NO));
$reginfo['isapproved'] = $isAdminOrSubAdmin || !$this->getVar('moderation', false);
$createRegistration = !$reginfo['isapproved'] || !$reginfo['isverified'];
// Notification flags
$userNotification = isset($args['usernotification']) ? $args['usernotification'] : true;
$adminNotification = isset($args['adminnotification']) ? $args['adminnotification'] : true;
// Handle password
$sendPassword = isset($args['sendpass']) ? $args['sendpass'] : false;
if ($sendPassword) {
// Function called by admin adding user/reg, administrator created the password; no approval needed, so must need verification.
$passwordCreatedForUser = $reginfo['pass'];
} else {
$passwordCreatedForUser = '';
}
if (isset($reginfo['pass']) && !empty($reginfo['pass']) && ($reginfo['pass'] != Users_Constant::PWD_NO_USERS_AUTHENTICATION)) {
$reginfo['pass'] = UserUtil::getHashedPassword($reginfo['pass']);
}
// Dispatch to the appropriate function, depending on whether a registration record or a full user record is needed.
if ($createRegistration) {
// We need a registration record
$registeredObj = $this->createRegistration($reginfo, $userNotification, $adminNotification, $passwordCreatedForUser);
} else {
// Everything is in order for a full user record
$registeredObj = $this->createUser($reginfo, $userNotification, $adminNotification, $passwordCreatedForUser);
}
return $registeredObj;
}
/**
* Handle an AccessDeniedException
*
* @param GetResponseForExceptionEvent $event
* @param $userLoggedIn
* @param string $message a custom error message (default: 'Access Denied') (The default message from Symfony)
* @see http://api.symfony.com/2.6/Symfony/Component/Security/Core/Exception/AccessDeniedException.html
*/
private function handleAccessDeniedException(GetResponseForExceptionEvent $event, $userLoggedIn, $message = 'Access Denied')
{
if (!$userLoggedIn) {
$message = $message == 'Access Denied' ? __('You do not have permission. You must login first.') : $message;
$event->getRequest()->getSession()->getFlashBag()->add('error', $message);
$params = array('returnpage' => urlencode($event->getRequest()->getSchemeAndHttpHost() . $event->getRequest()->getRequestUri()));
// redirect to login page
$route = $this->router->generate('zikulausersmodule_user_login', $params, RouterInterface::ABSOLUTE_URL);
} else {
$message = $message == 'Access Denied' ? __('You do not have permission for that action.') : $message;
$event->getRequest()->getSession()->getFlashBag()->add('error', $message);
// redirect to previous page
$route = $event->getRequest()->server->get('HTTP_REFERER', \System::getHomepageUrl());
}
// optionally add logging action here
$response = new RedirectResponse($route);
$event->setResponse($response);
$event->stopPropagation();
}
/**
* Common method for decoding url from bracket notation.
*
* @param strign url String to decode.
*
* @return string Decoded url.
*/
public function encodebracketurl($url)
{
// allow a simple portable way to link to the home page of the site
if (empty($url) || $url == '{homepage}') {
return htmlspecialchars(System::getHomepageUrl());
}
if (!preg_match('#\{(.*)\}#', $url, $matches)) {
return $url;
}
$url = explode(':', $matches[1]);
$modname = $url[0];
if (isset($url[1])) {
$type = $url[1];
} else {
// defaults allowed here for usability
$type = 'user';
}
if (isset($url[2])) {
$func = $url[2];
} else {
// defaults allowed here for usability
$func = 'main';
}
$params = array();
if (isset($url[3])) {
$urlparts = explode('&', $url[3]);
foreach ($urlparts as $urlpart) {
$part = explode('=', $urlpart);
$params[trim($part[0])] = trim($part[1]);
}
}
return ModUtil::url($modname, $type, $func, $params);
}
public function processEdit(Zikula_ProcessHook $hook)
{
// will need this to update URLs in table
// get db table and column for where statement
ModUtil::dbInfoLoad('EZComments');
$tables = DBUtil::getTables();
$column = $tables['EZComments_column'];
$mod = DataUtil::formatForStore($hook->getCaller());
$objectid = DataUtil::formatForStore($hook->getId());
$areaid = DataUtil::formatForStore($hook->getAreaId());
$where = "{$column['modname']} = '{$mod}' AND {$column['objectid']} = '{$objectid}' AND {$column['areaid']} = '{$areaid}'";
$objUrl = $hook->getUrl()->getUrl(null, null, false, false);
// objecturl provided by subscriber
// the fourth arg is forceLang and if left to default (true) then the url is malformed - core bug as of 1.3.0
$comment = array('url' => System::getHomepageUrl() . DataUtil::formatForStore($objUrl));
DBUtil::updateObject($comment, 'EZComments', $where);
}
/**
* modify block settings
*
* @param array $blockinfo a blockinfo structure
* @return output the bock form
*/
public function modify($blockinfo)
{
// Break out options from our content field
$vars = BlockUtil::varsFromContent($blockinfo['content']);
$blockinfo['content'] = '';
// Defaults
if (empty($vars['displaymodules'])) {
$vars['displaymodules'] = 0;
}
// template to use
if (empty($vars['template'])) {
$vars['template'] = 'blocks_block_extmenu.tpl';
}
// create default block variables
if (!isset($vars['blocktitles'])) {
$vars['blocktitles'] = array();
}
if (!isset($vars['links'])) {
$vars['links'] = array();
}
if (!isset($vars['stylesheet'])) {
$vars['stylesheet'] = '';
}
if (!isset($vars['menuid'])) {
$vars['menuid'] = 0;
}
$languages = ZLanguage::getInstalledLanguages();
$userlanguage = ZLanguage::getLanguageCode();
// filter out invalid languages
foreach ($vars['blocktitles'] as $k => $v) {
if (!in_array($k, $languages)) {
unset($vars['blocktitles'][$k]);
unset($vars['links'][$k]);
}
}
// check if the users wants to add a new link via the "Add current url" link in the block
$addurl = FormUtil::getPassedValue('addurl', 0, 'GET');
// or if we come from the normal "edit this block" link
$fromblock = FormUtil::getPassedValue('fromblock', null, 'GET');
$redirect = '';
if ($addurl == 1) {
// set a marker for redirection later on
$newurl = System::serverGetVar('HTTP_REFERER');
$redirect = urlencode($newurl);
$newurl = str_replace(System::getBaseUrl(), '', $newurl);
if (empty($newurl)) {
$newurl = System::getHomepageUrl();
}
foreach ($languages as $singlelanguage) {
$vars['links'][$singlelanguage][] = array('name' => $this->__('--New link--'), 'url' => $newurl, 'title' => $this->__('--New link--'), 'level' => 0, 'parentid' => null, 'image' => '', 'active' => 1);
}
} elseif (isset($fromblock)) {
$redirect = urlencode(System::serverGetVar('HTTP_REFERER'));
}
// add new languages to the blocktitles and link arrays
// we need to know which language has the most links, this language will be the "master"
// for new languages to be added. this ensures that all links for the new language
// are prepared.
$link_master = array();
foreach ($languages as $lang) {
if (isset($vars['links'][$lang]) && count($link_master) < count($vars['links'][$lang])) {
$link_master = $vars['links'][$lang];
}
}
foreach ($languages as $lang) {
// create an empty blocktitle string
if (!array_key_exists($lang, $vars['blocktitles'])) {
$vars['blocktitles'][$lang] = '';
}
if (!array_key_exists($lang, $vars['links'])) {
$vars['links'][$lang] = $link_master;
}
}
// menuitems are sorted by language per default for easier
// access when showing them (which is more often necessary than
// editing them), but for editing them we need them sorted by id
$menuitems = array();
foreach ($vars['links'] as $lang => $langlinks) {
// langlinks now contains an array of links for a certain language
// sorted by key=id
foreach ($langlinks as $linkid => $link) {
// pre zk1.2 check
if (!isset($link['id'])) {
$link['id'] = $linkid;
}
$link['errors'] = array();
$this->checkImage($link);
$menuitems[$linkid][$lang] = $link;
}
}
$vars['links'] = $menuitems;
$this->view->setCaching(Zikula_View::CACHE_DISABLED);
// assign the vars
$this->view->assign($vars)->assign('languages', $languages)->assign('userlanguage', $userlanguage)->assign('redirect', $redirect)->assign('blockinfo', $blockinfo);
// return the output
return $this->view->fetch('blocks_block_extmenu_modify.tpl');
}
/**
* get homepage URL for Zikula
*
* @deprecated Deprecated since version 1.3.0.
* @see System::getHomepageUrl()
*
* @return string homepage URL for Zikula
*/
function pnGetHomepageURL()
{
LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'System::getHomepageUrl')), E_USER_DEPRECATED);
return System::getHomepageUrl();
}
