private function getUserDetail($userId) { $database = gGetDb(); $user = User::getById($userId, $database); if ($user == false) { return BootstrapSkin::displayAlertBox("User not found", "alert-error", "Error", true, false, true); } global $smarty; $activitySummary = $database->prepare(<<<SQL SELECT COALESCE(c.mail_desc, l.log_action) AS action, COUNT(*) AS count FROM acc_log l LEFT JOIN closes c ON l.log_action = c.closes WHERE l.log_user = :username GROUP BY action; SQL ); $activitySummary->execute(array(":username" => $user->getUsername())); $activitySummaryData = $activitySummary->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("user", $user); $smarty->assign("activity", $activitySummaryData); $usersCreatedQuery = $database->prepare(<<<SQL SELECT l.log_time time, r.name name, r.id id FROM acc_log l JOIN request r ON r.id = l.log_pend LEFT JOIN emailtemplate e ON concat('Closed ', e.id) = l.log_action WHERE l.log_user = :username AND l.log_action LIKE 'Closed %' AND (e.oncreated = '1' OR l.log_action = 'Closed custom-y') ORDER BY l.log_time; SQL ); $usersCreatedQuery->execute(array(":username" => $user->getUsername())); $usersCreated = $usersCreatedQuery->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("created", $usersCreated); $usersNotCreatedQuery = $database->prepare(<<<SQL SELECT l.log_time time, r.name name, r.id id FROM acc_log l JOIN request r ON r.id = l.log_pend LEFT JOIN emailtemplate e ON concat('Closed ', e.id) = l.log_action WHERE l.log_user = :username AND l.log_action LIKE 'Closed %' AND (e.oncreated = '0' OR l.log_action = 'Closed custom-n' OR l.log_action='Closed 0') ORDER BY l.log_time; SQL ); $usersNotCreatedQuery->execute(array(":username" => $user->getUsername())); $usersNotCreated = $usersNotCreatedQuery->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("notcreated", $usersNotCreated); $accountLogQuery = $database->prepare(<<<SQL SELECT * FROM acc_log l WHERE l.log_pend = :userid \t AND log_action IN ('Approved','Suspended','Declined','Promoted','Demoted','Renamed','Prefchange'); SQL ); $accountLogQuery->execute(array(":userid" => $user->getId())); $accountLog = $accountLogQuery->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("accountlog", $accountLog); return $smarty->fetch("statistics/userdetail.tpl"); }
/** * Show the login page */ function showlogin() { global $smarty; // Check whether there are any errors. $errorbartext = ""; if (isset($_GET['error'])) { if ($_GET['error'] == 'authfail') { $errorbartext = BootstrapSkin::displayAlertBox("Username and/or password incorrect. Please try again.", "alert-error", "Auth failure", true, false, true); } elseif ($_GET['error'] == 'noid') { $errorbartext = BootstrapSkin::displayAlertBox("User account is not identified. Please email accounts-enwiki-l@lists.wikimedia.org if you believe this is in error.", "alert-error", "Auth failure", true, false, true); } elseif ($_GET['error'] == 'newacct') { $errorbartext = BootstrapSkin::displayAlertBox("I'm sorry, but, your account has not been approved by a site administrator yet. Please stand by.", "alert-info", "Account pending", true, false, true); } } $smarty->assign("errorbar", $errorbartext); global $strictTransportSecurityExpiry; if ($strictTransportSecurityExpiry !== false) { if (isHttps()) { // Client can clearly use HTTPS, so let's enforce it for all connections. header("Strict-Transport-Security: max-age=15768000"); } else { // This is the login form, not the request form. We need protection here. $path = 'https://' . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; header("Location: " . $path); } } $smarty->display("login.tpl"); }
public function isTOR() { // Checks whether the IP is of the TOR network. $toruser = $this->checktor($_SERVER['REMOTE_ADDR']); // Checks whether the tor field in the array is said to yes. if ($toruser['tor'] == "yes") { // Gets message to display to the user. $message = InterfaceMessage::get(InterfaceMessage::DECL_BANNED); // Displays the appropiate message to the user. echo "{$message}<strong><a href=\"https://en.wikipedia.org/wiki/Tor_%28anonymity_network%29\">TOR</a> nodes are not permitted to use this tool, due to abuse.</strong><br /></div>\n"; // Display the footer of the interface. BootstrapSkin::displayPublicFooter(); // we probably want to output ob_end_flush(); // Terminates the current script, as the user is banned. // This is done because the requesting process should be stopped. die; } }
protected function execute() { $qb = new QueryBrowser(); $query = "SELECT COUNT(DISTINCT log_id) AS 'Requests Closed', YEAR(log_time) AS 'Year', MONTHNAME(log_time) AS 'Month' FROM acc_log WHERE log_action LIKE 'Closed%' GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;"; $out = $qb->executeQueryToTable($query); global $showGraphs; if ($showGraphs == 1) { global $filepath; require_once $filepath . 'graph/pChart/pChart.class'; require_once $filepath . 'graph/pChart/pData.class'; $queries = array(); $queries[] = array('query' => "SELECT COUNT(DISTINCT log_id) AS 'y', CONCAT( YEAR(log_time), '/' , MONTHNAME(log_time)) AS 'x' FROM acc_log WHERE log_action LIKE 'Closed%' AND YEAR(log_time) != 0 GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;", 'series' => "All closed requests by month"); $queries[] = array('query' => "SELECT COUNT(DISTINCT log_id) AS 'y', CONCAT( YEAR(log_time), '/' , MONTHNAME(log_time)) AS 'x' FROM acc_log WHERE log_action LIKE 'Closed 0' AND YEAR(log_time) != 0 GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;", 'series' => "Dropped requests by month"); $query = gGetDb()->query("SELECT id, name FROM emailtemplate WHERE active = '1';"); if (!$query) { die("Query error."); } foreach ($query->fetchAll(PDO::FETCH_ASSOC) as $row) { $id = $row['id']; $name = $row['name']; $queries[] = array('query' => "SELECT COUNT(DISTINCT log_id) AS 'y', CONCAT( YEAR(log_time), '/' , MONTHNAME(log_time)) AS 'x' FROM acc_log WHERE log_action LIKE 'Closed {$id}' AND YEAR(log_time) != 0 GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;", 'series' => "{$name} requests by month"); } $queries[] = array('query' => "SELECT COUNT(DISTINCT log_id) AS 'y', CONCAT( YEAR(log_time), '/' , MONTHNAME(log_time)) AS 'x' FROM acc_log WHERE log_action LIKE 'Closed custom-y' AND YEAR(log_time) != 0 GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;", 'series' => "Custom created requests by month"); $queries[] = array('query' => "SELECT COUNT(DISTINCT log_id) AS 'y', CONCAT( YEAR(log_time), '/' , MONTHNAME(log_time)) AS 'x' FROM acc_log WHERE log_action LIKE 'Closed custom-n' AND YEAR(log_time) != 0 GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;", 'series' => "Custom not created requests by month"); global $availableRequestStates; foreach ($availableRequestStates as $state) { $queries[] = array('query' => "SELECT COUNT(DISTINCT log_id) AS 'y', CONCAT( YEAR(log_time), '/' , MONTHNAME(log_time)) AS 'x' FROM acc_log WHERE log_action LIKE 'Deferred to " . $state['defertolog'] . "' AND YEAR(log_time) != 0 GROUP BY EXTRACT(YEAR_MONTH FROM log_time) ORDER BY YEAR(log_time), MONTH(log_time) ASC;", 'series' => "Requests deferred to " . $state['deferto'] . " by month"); } global $baseurl; foreach ($this->createClosuresGraph($queries) as $i) { $out .= '<img src="' . $baseurl . '/render/' . $i[0] . '" alt="' . $i[1] . '"/>'; } } else { $out .= BootstrapSkin::displayAlertBox("Graph drawing is currently disabled.", "alert-info", "", false, false, true); } return $out; }
$smarty->display("request/request-form.tpl"); } else { if ($enableEmailConfirm == 1) { $request->generateEmailConfirmationHash(); $database->transactionally(function () use($request) { $request->save(); // checksum depends on the ID, so we have to save again! $request->updateChecksum(); $request->save(); }); $request->sendConfirmationEmail(); $smarty->display("request/email-confirmation.tpl"); } else { $request->setEmailConfirm(0); // Since it can't be null $database->transactionally(function () use($request) { $request->save(); $request->updateChecksum(); $request->save(); }); $smarty->display("request/email-confirmed.tpl"); Notification::requestReceived($request); BootstrapSkin::displayPublicFooter(); } } BootstrapSkin::displayPublicFooter(); } else { $smarty->display("request/request-form.tpl"); BootstrapSkin::displayPublicFooter(); } }
/** * Shows the statistics page. */ public function Show() { // Get the needed objects. // fetch and show page header global $dontUseWikiDb; BootstrapSkin::displayInternalHeader(); if ($this->requiresWikiDatabase() && $dontUseWikiDb == 1) { // wiki database unavailable, don't show stats page BootstrapSkin::displayAlertBox("This statistics page is currently unavailable.", "alert-error", "Database unavailable", true, false); BootstrapSkin::displayInternalFooter(); die; } // wiki database available OR stats page doesn't need wiki database // check protection level if ($this->isProtected()) { if (User::getCurrent()->isCommunityUser()) { showlogin(); BootstrapSkin::displayInternalFooter(); die; } $session = new session(); $session->checksecurity(); } // not protected or access allowed echo '<div class="page-header"><h1>' . $this->getPageTitle() . '</h1></div>'; if ($this->requiresSimpleHtmlEnvironment()) { echo '<div class="row-fluid"><div class="span12">'; BootstrapSkin::pushTagStack("</div>"); BootstrapSkin::pushTagStack("</div>"); } echo $this->execute(); // Display the footer of the interface. BootstrapSkin::displayInternalFooter(); }
/** * Check the user's security level on page load, and bounce accordingly * * @deprecated */ public function checksecurity() { global $secure, $smarty; // CommunityUser has no database row, and we really don't want CommunityUser to have oauth credentials... if (!User::getCurrent()->isCommunityUser()) { if (User::getCurrent()->getStoredOnWikiName() == "##OAUTH##" && User::getCurrent()->getOAuthAccessToken() == null) { reattachOAuthAccount(User::getCurrent()); } if (User::getCurrent()->isOAuthLinked()) { try { // test retrieval of the identity User::getCurrent()->getOAuthIdentity(); } catch (TransactionException $ex) { User::getCurrent()->setOAuthAccessToken(null); User::getCurrent()->setOAuthAccessSecret(null); User::getCurrent()->save(); reattachOAuthAccount(User::getCurrent()); } } else { global $enforceOAuth; if ($enforceOAuth) { reattachOAuthAccount(User::getCurrent()); } } } if (User::getCurrent()->isNew()) { BootstrapSkin::displayAlertBox("I'm sorry, but, your account has not been approved by a site administrator yet. Please stand by.", "alert-error", "New account", true, false); BootstrapSkin::displayInternalFooter(); die; } elseif (User::getCurrent()->isSuspended()) { $database = gGetDb(); $suspendstatement = $database->prepare(<<<SQL SELECT comment FROM log WHERE action = 'Suspended' AND objectid = :userid and objecttype = 'User' ORDER BY timestamp DESC LIMIT 1; SQL ); $suspendstatement->bindValue(":userid", User::getCurrent()->getId()); $suspendstatement->execute(); $suspendreason = $suspendstatement->fetchColumn(); $suspendstatement->closeCursor(); $smarty->assign("suspendreason", $suspendreason); $smarty->display("login/suspended.tpl"); BootstrapSkin::displayInternalFooter(); die; } elseif (User::getCurrent()->isDeclined()) { $database = gGetDb(); $suspendstatement = $database->prepare(<<<SQL SELECT comment FROM log WHERE action = 'Declined' AND objectid = :userid and objecttype = 'User' ORDER BY timestamp DESC LIMIT 1; SQL ); $suspendstatement->bindValue(":userid", User::getCurrent()->getId()); $suspendstatement->execute(); $suspendreason = $suspendstatement->fetchColumn(); $suspendstatement->closeCursor(); $smarty->assign("suspendreason", $suspendreason); $smarty->display("login/declined.tpl"); BootstrapSkin::displayInternalFooter(); die; } elseif (!User::getCurrent()->isCommunityUser() && (User::getCurrent()->isUser() || User::getCurrent()->isAdmin())) { $secure = 1; } else { //die("Not logged in!"); } }
/** * Shows the statistics page. */ public function Show() { // Get the needed objects. // fetch and show page header global $dontUseWikiDb, $session; BootstrapSkin::displayInternalHeader(); if ($this->requiresWikiDatabase() && $dontUseWikiDb == 1) { // wiki database unavailable, don't show stats page BootstrapSkin::displayAlertBox("This statistics page is currently unavailable.", "alert-error", "Database unavailable", true, false); BootstrapSkin::displayInternalFooter(); die; } // wiki database available OR stats page doesn't need wiki database // check protection level if ($this->isProtected()) { // protected, check accesslevel. $sessionuser = isset($_SESSION['user']) ? $_SESSION['user'] : ""; if (!($session->hasright($sessionuser, "Admin") || $session->hasright($sessionuser, "User"))) { // not authed showlogin(); BootstrapSkin::displayInternalFooter(); die; } } // not protected or access allowed echo '<div class="page-header"><h1>' . $this->getPageTitle() . '</h1></div>'; if ($this->requiresSimpleHtmlEnvironment()) { echo '<div class="row-fluid"><div class="span12">'; BootstrapSkin::pushTagStack("</div>"); BootstrapSkin::pushTagStack("</div>"); } echo $this->execute(); // Display the footer of the interface. BootstrapSkin::displayInternalFooter(); }
/** * Summary of transactionally * @param Closure $method */ public function transactionally($method) { if (!$this->beginTransaction()) { BootstrapSkin::displayAlertBox("Error starting database transaction.", "alert-error", "Database transaction error", true, false); BootstrapSkin::displayInternalFooter(); die; } try { $method(); $this->commit(); } catch (TransactionException $ex) { $this->rollBack(); BootstrapSkin::displayAlertBox($ex->getMessage(), $ex->getAlertType(), $ex->getTitle(), true, false); // TODO: yuk. if (defined("PUBLICMODE")) { BootstrapSkin::displayPublicFooter(); } else { BootstrapSkin::displayInternalFooter(); } die; } }
private function getUserDetail($userId) { $database = gGetDb(); $user = User::getById($userId, $database); if ($user == false) { return BootstrapSkin::displayAlertBox("User not found", "alert-error", "Error", true, false, true); } global $smarty; $activitySummary = $database->prepare(<<<SQL SELECT COALESCE(closes.mail_desc, log.action) AS action, COUNT(*) AS count FROM log INNER JOIN user ON log.user = user.id LEFT JOIN closes ON log.action = closes.closes WHERE user.username = :username GROUP BY action; SQL ); $activitySummary->execute(array(":username" => $user->getUsername())); $activitySummaryData = $activitySummary->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("user", $user); $smarty->assign("activity", $activitySummaryData); $usersCreatedQuery = $database->prepare(<<<SQL SELECT log.timestamp time, request.name name, request.id id FROM log INNER JOIN request ON (request.id = log.objectid and log.objecttype = 'Request') INNER JOIN user ON log.user = user.id LEFT JOIN emailtemplate ON concat('Closed ', emailtemplate.id) = log.action WHERE user.username = :username AND log.action LIKE 'Closed %' AND (emailtemplate.oncreated = '1' OR log.action = 'Closed custom-y') ORDER BY log.timestamp; SQL ); $usersCreatedQuery->execute(array(":username" => $user->getUsername())); $usersCreated = $usersCreatedQuery->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("created", $usersCreated); $usersNotCreatedQuery = $database->prepare(<<<SQL SELECT log.timestamp time, request.name name, request.id id FROM log JOIN request ON request.id = log.objectid and log.objecttype = 'Request' JOIN user ON log.user = user.id LEFT JOIN emailtemplate ON concat('Closed ', emailtemplate.id) = log.action WHERE user.username = :username AND log.action LIKE 'Closed %' AND (emailtemplate.oncreated = '0' OR log.action = 'Closed custom-n' OR log.action = 'Closed 0') ORDER BY log.timestamp; SQL ); $usersNotCreatedQuery->execute(array(":username" => $user->getUsername())); $usersNotCreated = $usersNotCreatedQuery->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("notcreated", $usersNotCreated); $accountLogQuery = $database->prepare(<<<SQL SELECT \tuser.username as log_user, log.action as log_action, log.timestamp as log_time, log.comment as log_cmt FROM log INNER JOIN user ON user.id = log.user WHERE log.objectid = :userid AND log.objecttype = 'User' AND log.action IN ('Approved','Suspended','Declined','Promoted','Demoted','Renamed','Prefchange'); SQL ); $accountLogQuery->execute(array(":userid" => $user->getId())); $accountLog = $accountLogQuery->fetchAll(PDO::FETCH_ASSOC); $smarty->assign("accountlog", $accountLog); return $smarty->fetch("statistics/userdetail.tpl"); }
function zoomPage($id, $urlhash) { global $session, $availableRequestStates, $createdid; global $smarty, $locationProvider, $rdnsProvider, $antispoofProvider; global $xffTrustProvider, $enableEmailConfirm; $database = gGetDb(); $request = Request::getById($id, $database); if ($request == false) { // Notifies the user and stops the script. BootstrapSkin::displayAlertBox("Could not load the requested request!", "alert-error", "Error", true, false); BootstrapSkin::displayInternalFooter(); die; } $smarty->assign('ecenable', $enableEmailConfirm); if (isset($_GET['ecoverride']) && User::getCurrent()->isAdmin()) { $smarty->assign('ecoverride', true); } else { $smarty->assign('ecoverride', false); } $smarty->assign('request', $request); $smarty->assign("usernamerawunicode", html_entity_decode($request->getName())); $smarty->assign("iplocation", $locationProvider->getIpLocation($request->getTrustedIp())); $createdreason = EmailTemplate::getById($createdid, gGetDb()); $smarty->assign("createdEmailTemplate", $createdreason); #region setup whether data is viewable or not $viewableDataStatement = $database->prepare(<<<SQL SELECT COUNT(*) FROM request WHERE ( email = :email OR ip = :trustedIp OR forwardedip LIKE :trustedProxy ) AND reserved = :reserved AND emailconfirm = 'Confirmed' AND status != 'Closed'; SQL ); $viewableDataStatement->bindValue(":email", $request->getEmail()); $viewableDataStatement->bindValue(":reserved", User::getCurrent()->getId()); $viewableDataStatement->bindValue(":trustedIp", $request->getTrustedIp()); $viewableDataStatement->bindValue(":trustedProxy", '%' . $request->getTrustedIp() . '%'); $viewableDataStatement->execute(); $viewableData = $viewableDataStatement->fetchColumn(); $viewableDataStatement->closeCursor(); $hideinfo = $viewableData == 0; #endregion if ($request->getStatus() == "Closed") { $hash = md5($request->getId() . $request->getEmail() . $request->getTrustedIp() . microtime()); //If the request is closed, change the hash based on microseconds similar to the checksums. $smarty->assign("isclosed", true); } else { $hash = md5($request->getId() . $request->getEmail() . $request->getTrustedIp()); $smarty->assign("isclosed", false); } $smarty->assign("hash", $hash); if ($hash == $urlhash) { $correcthash = true; } else { $correcthash = false; } $smarty->assign("showinfo", false); if ($hideinfo == false || $correcthash == true || User::getCurrent()->isAdmin() || User::getCurrent()->isCheckuser()) { $smarty->assign("showinfo", true); } // force to not show, overriden later $smarty->assign("proxyip", ""); if ($hideinfo == false || $correcthash == true || User::getCurrent()->isAdmin() || User::getCurrent()->isCheckuser()) { $smarty->assign("proxyip", $request->getForwardedIp()); if ($request->getForwardedIp()) { $smartyproxies = array(); // Initialize array to store data to be output in Smarty template. $smartyproxiesindex = 0; $proxies = explode(",", $request->getForwardedIp()); $proxies[] = $request->getIp(); $origin = $proxies[0]; $smarty->assign("origin", $origin); $proxies = array_reverse($proxies); $trust = true; global $rfc1918ips; foreach ($proxies as $proxynum => $p) { $p2 = trim($p); $smartyproxies[$smartyproxiesindex]['ip'] = $p2; // get data on this IP. $trusted = $xffTrustProvider->isTrusted($p2); $ipisprivate = ipInRange($rfc1918ips, $p2); if (!$ipisprivate) { $iprdns = $rdnsProvider->getRdns($p2); $iplocation = $locationProvider->getIpLocation($p2); } else { // this is going to fail, so why bother trying? $iprdns = false; $iplocation = false; } // current trust chain status BEFORE this link $pretrust = $trust; // is *this* link trusted? $smartyproxies[$smartyproxiesindex]['trustedlink'] = $trusted; // current trust chain status AFTER this link $trust = $trust & $trusted; if ($pretrust && $p2 == $origin) { $trust = true; } $smartyproxies[$smartyproxiesindex]['trust'] = $trust; $smartyproxies[$smartyproxiesindex]['rdnsfailed'] = $iprdns === false; $smartyproxies[$smartyproxiesindex]['rdns'] = $iprdns; $smartyproxies[$smartyproxiesindex]['routable'] = !$ipisprivate; $smartyproxies[$smartyproxiesindex]['location'] = $iplocation; if ($iprdns == $p2 && $ipisprivate == false) { $smartyproxies[$smartyproxiesindex]['rdns'] = null; } $smartyproxies[$smartyproxiesindex]['showlinks'] = (!$trust || $p2 == $origin) && !$ipisprivate; $smartyproxiesindex++; } $smarty->assign("proxies", $smartyproxies); } } global $defaultRequestStateKey; // TODO: remove me and replace with call in the template directly $smarty->assign("isprotected", $request->isProtected()); $smarty->assign("defaultstate", $defaultRequestStateKey); $smarty->assign("requeststates", $availableRequestStates); try { $spoofs = $antispoofProvider->getSpoofs($request->getName()); } catch (Exception $ex) { $spoofs = $ex->getMessage(); } $smarty->assign("spoofs", $spoofs); // START LOG DISPLAY $logs = Logger::getRequestLogsWithComments($request->getId(), $request->getDatabase()); $requestLogs = array(); if (trim($request->getComment()) !== "") { $requestLogs[] = array('type' => 'comment', 'security' => 'user', 'userid' => null, 'user' => $request->getName(), 'entry' => null, 'time' => $request->getDate(), 'canedit' => false, 'id' => $request->getId(), 'comment' => $request->getComment()); } $namecache = array(); $editableComments = false; if (User::getCurrent()->isAdmin() || User::getCurrent()->isCheckuser()) { $editableComments = true; } foreach ($logs as $entry) { // both log and comment have a 'user' field if (!array_key_exists($entry->getUser(), $namecache)) { $namecache[$entry->getUser()] = $entry->getUserObject(); } if ($entry instanceof Comment) { $requestLogs[] = array('type' => 'comment', 'security' => $entry->getVisibility(), 'user' => $namecache[$entry->getUser()]->getUsername(), 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), 'entry' => null, 'time' => $entry->getTime(), 'canedit' => $editableComments || $entry->getUser() == User::getCurrent()->getId(), 'id' => $entry->getId(), 'comment' => $entry->getComment()); } if ($entry instanceof Log) { $requestLogs[] = array('type' => 'log', 'security' => 'user', 'userid' => $entry->getUser() == -1 ? null : $entry->getUser(), 'user' => $namecache[$entry->getUser()]->getUsername(), 'entry' => Logger::getLogDescription($entry), 'time' => $entry->getTimestamp(), 'canedit' => false, 'id' => $entry->getId(), 'comment' => $entry->getComment()); } } $smarty->assign("requestLogs", $requestLogs); // START OTHER REQUESTS BY IP AND EMAIL STUFF // Displays other requests from this ip. // assign to user $userListQuery = "SELECT username FROM user WHERE status = 'User' or status = 'Admin';"; $userListResult = gGetDb()->query($userListQuery); $userListData = $userListResult->fetchAll(PDO::FETCH_COLUMN); $userListProcessedData = array(); foreach ($userListData as $userListItem) { $userListProcessedData[] = "\"" . htmlentities($userListItem) . "\""; } $userList = '[' . implode(",", $userListProcessedData) . ']'; $smarty->assign("jsuserlist", $userList); // end: assign to user // TODO: refactor this! $createreasons = EmailTemplate::getActiveTemplates(EmailTemplate::CREATED); $smarty->assign("createreasons", $createreasons); $declinereasons = EmailTemplate::getActiveTemplates(EmailTemplate::NOT_CREATED); $smarty->assign("declinereasons", $declinereasons); $allcreatereasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::CREATED); $smarty->assign("allcreatereasons", $allcreatereasons); $alldeclinereasons = EmailTemplate::getAllActiveTemplates(EmailTemplate::NOT_CREATED); $smarty->assign("alldeclinereasons", $alldeclinereasons); $allotherreasons = EmailTemplate::getAllActiveTemplates(false); $smarty->assign("allotherreasons", $allotherreasons); return $smarty->fetch("request-zoom.tpl"); }
} $smarty->assign("term", $term); $smarty->assign("requests", $requests); $target = "IP address"; $smarty->assign("target", $target); $smarty->display("search/searchresult.tpl"); } elseif ($_GET['type'] == 'Request') { $qterm = '%' . $term . '%'; $statement = gGetDb()->prepare("SELECT * FROM request WHERE name LIKE :term;"); $statement->bindValue(":term", $qterm); $statement->execute(); $requests = $statement->fetchAll(PDO::FETCH_CLASS, "Request"); foreach ($requests as $r) { $r->setDatabase(gGetDb()); } $smarty->assign("term", $term); $smarty->assign("requests", $requests); $target = "requested name"; $smarty->assign("target", $target); $smarty->display("search/searchresult.tpl"); } else { BootstrapSkin::displayAlertBox("Unknown search type", "alert-error", "Error"); $smarty->display("search/searchform.tpl"); BootstrapSkin::displayInternalFooter(); die; } } else { $smarty->display("search/searchform.tpl"); } BootstrapSkin::displayInternalFooter();
public function getAlertBox() { return BootstrapSkin::displayAlertBox($this->message, $this->type, $this->title, $this->block, $this->closable, true); }
$smarty->assign("userlist", $result); $smarty->display("usermanagement/userlist.tpl"); echo '</div></div></div>'; if (isset($_GET['showall'])) { echo <<<HTML <div class="accordion-group"> <div class="accordion-heading"> <a class="accordion-toggle" data-toggle="collapse" data-parent="#accordion2" href="#collapseFive">Suspended accounts</a> </div> <div id="collapseFive" class="accordion-body collapse"><div class="accordion-inner"> HTML; $result = User::getAllWithStatus("Suspended", $database); $smarty->assign("userlist", $result); $smarty->display("usermanagement/userlist.tpl"); echo <<<HTML </div> </div></div> <div class="accordion-group"> <div class="accordion-heading"> <a class="accordion-toggle" data-toggle="collapse" data-parent="#accordion2" href="#collapseSix">Declined accounts</a> </div> <div id="collapseSix" class="accordion-body collapse"><div class="accordion-inner"> HTML; $result = User::getAllWithStatus("Declined", $database); $smarty->assign("userlist", $result); $smarty->display("usermanagement/userlist.tpl"); echo "</div></div></div>"; } BootstrapSkin::displayInternalFooter($tailscript); die;