public function requireLoggedOut($uri, $actions) { if (in_array($uri['action'], $actions) && isset($_SESSION['user_id'])) { Application::flash('error', 'You are already logged in!'); $this->app->redirect_to('items'); exit; } }
function remove() { $user = User::get_by_id($_SESSION['user_id']); if ($user->deauthenticate() == TRUE) { Application::flash('info', 'You are now logged out.'); Application::redirect_to('items'); } else { Application::flash('info', 'Nothing to see here.'); $this->loadView(); } }
public static function initialise() { require_once 'vendor/autoload.php'; try { require_once 'lib/routing.php'; $uri = Routing::fetch_uri(); $controller = ucfirst($uri['controller']) . 'Controller'; @(include "controllers/{$uri['controller']}_controller.php"); if (substr($uri['action'], 0, 1) == '?') { $uri['action'] = ''; } if (empty($uri['action']) && method_exists($controller, 'index')) { $uri['action'] = 'index'; } // If controller found and action exists if (class_exists($controller) && method_exists($controller, $uri['action'])) { $app = new $controller(); } else { $uri = Routing::route(); $controller = ucfirst($uri['controller']) . 'Controller'; include "controllers/{$uri['controller']}_controller.php"; $app = new $controller(); } $app->loadConfig(); $app->loadTwig(); $app->loadAws(); $app->loadModels(); $app->loadPlugins(); $app->uri = $uri; // Helper var to simplify reponding to json $app->json = $app->uri['format'] == 'json'; require_once 'lib/filter.php'; $app->runFilters(); $app->loadDefaultLibs(); // Set timezone from config date_default_timezone_set($config->timezone); // Call relevant function in controller $app->loadAction(); unset($_SESSION['flash']); } catch (ValidationException $e) { ob_end_clean(); Application::flash('error', $e->getMessage()); header('Location: ' . $_SERVER['HTTP_REFERER']); } catch (RoutingException $e) { ob_end_flush(); // RoutingExceptions only thrown from static context // so must set up new Application before rendering 404 $app = new Application(); $app->loadView('pages/404'); } catch (ApplicationException $e) { ob_end_flush(); $e->app->loadView('pages/500'); } }
function add() { $user = User::get_by_id($_SESSION['user_id']); $_POST['email'] = trim($_POST['email']); $error = ''; if ($_POST['email'] == '') { $error .= 'Please enter an email address.<br />'; } if ($user->invites < 1) { $error .= 'You don\'t have any invites remaining.<br />'; } // Check if email contains spaces if (User::check_contains_spaces($_POST['email']) == TRUE) { $error .= 'Email address cannot contain spaces.<br />'; } if (User::check_contains_at($_POST['email']) != TRUE) { $error .= 'Email must contain an @ symbol.<br />'; } // Check if already invited if (Invite::check_invited($_SESSION['user_id'], $_POST['email']) == TRUE) { $error .= 'You have already invited this person.<br />'; } // Check if already a user if (is_object(User::get_by_email($_POST['email'])) == TRUE) { $error .= 'This person is already using ' . $this->config->name . '!<br />'; } if ($error == '') { // No problems so do signup + login // Add invite to database $id = Invite::add($_SESSION['user_id'], $_POST['email']); // Decrement invites in users table $user->update_invites(-1); // Award points if (isset($this->plugins->points)) { $this->plugins->points->update($_SESSION['user_id'], $this->plugins->points['per_invite_sent']); } // Log invite if (isset($this->plugins->log)) { $this->plugins->log->add($_SESSION['user_id'], 'invite', $id, 'add', $_POST['email']); } $admin = User::get_by_id($this->config->admin_users[0]); $to = array('email' => $_POST['email']); $subject = '[' . $this->config->name . '] An invitation from ' . $user->username; $link = $this->config->url . 'signup/' . $id; $body = $this->twig_string->render(file_get_contents("themes/{$this->config->theme}/emails/invite_friend.html"), array('user' => $user, 'link' => $link, 'app' => $this)); // Email user $this->email->send_email($to, $subject, $body); Application::flash('success', 'Invite sent!'); } else { $this->uri['params']['email'] = $_POST['email']; Application::flash('error', $error); } $this->index(); }
function grant_invites() { if ($this->uri['params']['count'] > 0) { Admin::update_invites($this->uri['params']['count']); Application::flash('success', 'Invites updated!'); } $this->users(); }
private function signup_full() { $error = ''; // Check email $_POST['email'] = trim($_POST['email']); $email_check = $this->check_email($_POST['email']); if ($email_check !== TRUE) { $error .= $email_check; } // Check username $username_check = $this->check_username($_POST['username']); if ($username_check !== TRUE) { $error .= $username_check; } // Check password $password_check = $this->check_password($_POST['password1'], $_POST['password2']); if ($password_check !== TRUE) { $error .= $password_check; } // Error processing if ($error == '') { // No error so proceed... // First check if user added $user = User::get_by_email($_POST['email']); // If not then add if ($user == NULL) { $user_id = User::add($_POST['email']); $user = User::get_by_id($user_id); } // Do signup User::signup($user->id, $_POST['username'], $_POST['password1'], $this->config->encryption_salt); if ($this->config->send_emails == TRUE) { // Send 'thank you for signing up' email $admin = User::get_by_id($this->config->admin_users[0]); $to = array('name' => $_POST['username'], 'email' => $_POST['email']); $subject = '[' . $this->config->name . '] Welcome to ' . $this->config->name . '!'; $body = $this->twig_string->render(file_get_contents("themes/{$this->config->theme}/emails/signup.html"), array('username' => $_POST['username'], 'app' => $this)); // Email user $this->email->send_email($to, $subject, $body); } // Log signup if (isset($this->plugins->log)) { $this->plugins->log->add($user->id, 'user', NULL, 'signup'); } // Admin alert email if ($this->config->send_emails && $this->config->signup_email_notifications == TRUE) { $admin = User::get_by_id($this->config->admin_users[0]); $to = array('name' => $admin->username, 'email' => $admin->email); $subject = '[' . $this->config->name . '] New signup on ' . $this->config->name . '!'; $link = substr($this->config->url, 0, -1) . $this->url_for('users', 'show', $user->id); $body = $this->twig_string->render(file_get_contents("themes/{$this->config->theme}/emails/admin_signup_notification.html"), array('link' => $link, 'app' => $this)); // Email user $this->email->send_email($to, $subject, $body); } // Start session $_SESSION['user_id'] = $user->id; // Check invites are enabled and the code is valid if ($this->config->invites->enabled == TRUE && Invite::check_code_valid($_POST['code'], $_POST['email']) == TRUE) { // Get invites $invites = Invite::list_by_code($_POST['code']); if (is_array($invites)) { foreach ($invites as $invite) { // Update invites $invite->update(); // Log invite update if (isset($this->plugins->log)) { $this->plugins->log->add($_SESSION['user_id'], 'invite', $invite->id, 'accept'); } // Update points (but only if inviting user is not an admin) if (isset($this->plugins->points) && in_array($invite->user_id, $this->config->admin_users) != TRUE) { // Update points $this->plugins->points->update($invite->user_id, $this->plugins->points['per_invite_accepted']); // Log points update if (isset($this->plugins->log)) { $this->plugins->log->add($invite->user_id, 'points', NULL, $this->plugins->points['per_invite_accepted'], 'invite_accepted = ' . $invite->id); } } } // end foreach } // end if is_array } // Log login if (isset($this->plugins->log)) { $this->plugins->log->add($_SESSION['user_id'], 'user', NULL, 'login'); } // If redirect_to is set then redirect if ($this->uri['params']['redirect_to']) { header('Location: ' . $this->uri['params']['redirect_to']); exit; } // Set welcome message Application::flash('success', 'Welcome to ' . $this->config->name . '!'); // Go forth! header('Location: ' . $this->config->url); exit; } else { // There was an error // Propagate get vars to be picked up by the form $this->uri['params']['email'] = $_POST['email']; $this->uri['params']['username'] = $_POST['username']; if (isset($_POST['code'])) { $this->code = $_POST['code']; } // Show error message Application::flash('error', $error); // Show signup form $this->loadView('users/add', array('title' => 'Signup')); } }
function remove($item_id) { $item = Item::get_by_id($item_id); if ($_SESSION['user_id'] == $item->user->id && $item != NULL) { // Delete item $item->remove(); // Log item deletion if (isset($this->plugins->log)) { $this->plugins->log->add($_SESSION['user_id'], 'item', $item->id, 'remove'); } // Delete comments if (is_array($item->comments)) { foreach ($item->comments as $comment) { // Remove comment $id = $comment->remove(); // Log comment removal if (isset($this->plugins->log)) { $this->plugins->log->add($_SESSION['user_id'], 'comment', $id, 'remove'); } } } // Delete likes if (is_array($item->comments)) { foreach ($item->likes as $like) { // Remove like $id = $like->remove(); // Log like removal if (isset($this->plugins->log)) { $this->plugins->log->add($_SESSION['user_id'], 'like', $like->id, 'remove'); } } } // Set message Application::flash('success', ucfirst($this->config->items->name) . ' removed!'); // Return from whence you came header('Location: ' . $_SERVER['HTTP_REFERER']); exit; } else { // Naughtiness = expulsion! // Go forth header('Location: ' . $this->config->url); exit; } }