public function init()
{
$this->_items = array('admin' => array('text' => 'Admin overview', 'href' => '/core/admin'), 'config' => array('text' => 'Configuration', 'href' => '/core/config', 'resource' => 'Core_Model_Config', 'permission' => 'index', 'icon' => 'fa-wrench'), 'templates' => array('text' => 'Mail templates', 'href' => '/core/templates', 'resource' => 'Core_Model_Templates', 'permission' => 'index', 'icon' => 'fa-envelope-o'), 'messages' => array('text' => 'Status messages', 'href' => '/core/messages', 'resource' => 'Core_Model_Messages', 'permission' => 'index', 'icon' => 'fa-comment'), 'user' => array('text' => 'User management', 'href' => '/auth/user', 'resource' => 'Auth_Model_User', 'permission' => 'rows', 'icon' => 'fa-users'), 'sessions' => array('text' => 'Sessions management', 'href' => '/auth/sessions', 'resource' => 'Auth_Model_Sessions', 'permission' => 'rows', 'icon' => 'fa-laptop'), 'data' => array('text' => 'Database management', 'href' => '/data', 'resource' => 'Data_Model_Databases', 'permission' => 'show', 'icon' => 'fa-database'), 'static' => array('text' => 'Static HTML management', 'href' => '/data/static', 'resource' => 'Data_Model_Static', 'permission' => 'show', 'icon' => 'fa-file'), 'meetings' => array('text' => 'Meetings management', 'href' => '/meetings/', 'resource' => 'Meetings_Model_Meetings', 'permission' => 'index', 'icon' => 'fa-calendar'), 'contact' => array('text' => 'Contact messages', 'href' => '/contact/messages', 'resource' => 'Contact_Model_Messages', 'permission' => 'rows', 'icon' => 'fa-envelope'), 'examples' => array('text' => 'Query examples', 'href' => '/query/examples', 'resource' => 'Query_Model_Examples', 'permission' => 'index', 'icon' => 'fa-code'), 'query' => array('text' => 'Query jobs', 'href' => '/query/jobs', 'resource' => 'Query_Model_Jobs', 'permission' => 'rows', 'icon' => 'fa-gears'));
if (Daiquiri_Config::getInstance()->core->cms->enabled && in_array(Daiquiri_Auth::getInstance()->getCurrentRole(), array('manager', 'admin'))) {
$this->_items['cms'] = array('text' => 'CMS Admin', 'href' => rtrim(Daiquiri_Config::getInstance()->core->cms->url, '/') . '/wp-admin/', 'icon' => 'fa-pencil');
}
}
/**
* Initializes the form element.
*/
function init()
{
// set filter
$this->addFilter('StringTrim');
// set required
$this->setRequired(true);
// set label
$this->setLabel(ucfirst($this->getName()));
// set validator for lowercase or regular alnum
if (Daiquiri_Config::getInstance()->auth->lowerCaseUsernames) {
$this->addValidator(new Daiquiri_Form_Validator_LowerCaseAlnum());
} else {
$this->addValidator(new Daiquiri_Form_Validator_AlnumUnderscore());
}
// add validator for min and max string length
$minLength = Daiquiri_Config::getInstance()->auth->usernameMinLength;
$this->addValidator('StringLength', false, array($minLength, 256));
// add validator for beeing unique in the database
$validator = new Zend_Validate();
$message = 'The username is in use, please use another username.';
$userTableValidator = new Zend_Validate_Db_NoRecordExists('Auth_User', 'username');
$userTableValidator->setMessage($message);
if (!empty($this->_excludeId)) {
$userTableValidator->setExclude(array('field' => 'id', 'value' => $this->_excludeId));
}
$registrationTableValidator = new Zend_Validate_Db_NoRecordExists('Auth_Registration', 'username');
$registrationTableValidator->setMessage($message);
$appTableValidator = new Zend_Validate_Db_NoRecordExists('Auth_Apps', 'appname');
$appTableValidator->setMessage($message);
$validator->addValidator($userTableValidator)->addValidator($registrationTableValidator)->addValidator($appTableValidator);
$this->addValidator($validator);
}
/**
* @brief preDispatch method - called by Front Controller after dispatch
* @param Zend_Controller_Request_Abstract $request: request object
*
* Checks whether the Daiquiri configuration environment has been properly set. If
* not, raise error.
*
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// set config and throw error if it fails
if (Daiquiri_Config::getInstance()->setConfig() === false) {
// throw error only if is not already thrown
$this->getResponse()->clearHeaders()->setHttpResponseCode(503)->setBody('<h1>The application is not correctly set up.</h1>')->sendResponse();
die(0);
}
}
public function deleteAction()
{
$requestParams = $this->_getAllParams();
$response = $this->_model->delete($requestParams);
// now that the job has been deleted, reroute the request by sending 303
$href = Daiquiri_Config::getInstance()->getSiteUrl() . "/uws/" . urlencode($requestParams['moduleName']);
$this->getResponse()->clearHeaders()->setHttpResponseCode(303)->setHeader('Location', $href)->sendResponse();
die(0);
}
/**
* Initializes the form element.
*/
function init()
{
parent::init();
// set label
$this->setLabel('New password');
// add validator for min and max string length
$minLength = Daiquiri_Config::getInstance()->auth->passwordMinLength;
$this->addValidator('StringLength', false, array($minLength, 256));
}
/**
* Sets the adapter of the resource retroactively.
* @param string $db name of the database
* @throws Exception
*/
public function init($db)
{
if (empty($db)) {
throw new Exception('$db not provided in ' . get_class($this) . '::' . __FUNCTION__ . '()');
}
// set adapter
$this->setAdapter(Daiquiri_Config::getInstance()->getUserDbAdapter($db));
// set database variable
$this->_db = $db;
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// get active modules from application configuration
$modules = Daiquiri_Config::getInstance()->getApplication()->resources->modules->toArray();
// add the default and admin modules
$modules[] = 'default';
// check module in url
if (!in_array($request->getModuleName(), $modules)) {
throw new Daiquiri_Exception_NotFound();
}
}
/**
* Constructor. Sets processing and permissions resource.
*/
public function __construct()
{
$this->_permissions = new Query_Model_Resource_Permissions();
$this->_processing = new Query_Model_Resource_Processing();
// get current user
$username = Daiquiri_Auth::getInstance()->getCurrentUsername();
if ($username === null) {
$username = '******';
}
$this->_userDb = Daiquiri_Config::getInstance()->getUserDbName($username);
}
public function changePassword($user)
{
$config = Daiquiri_Config::getInstance()->core->notification;
if ($config->changePassword) {
if ($config->mail) {
$this->getModel()->getModelHelper('mail')->send('notification.changePassword', array('to' => $config->mail->toArray(), 'id' => $user['id'], 'username' => $user['username'], 'firstname' => $user['details']['firstname'], 'lastname' => $user['details']['lastname']));
}
if ($config->webhook) {
$this->getModel()->getModelHelper('webhook')->send($config->webhook, array('action' => 'changePassword', 'user' => $user));
}
}
}
public function setFormAction($response, $url = null)
{
if (array_key_exists('form', $response)) {
if ($url === null) {
$action = $this->getRequest()->getRequestUri();
} else {
$action = Daiquiri_Config::getInstance()->getBaseUrl() . $url;
}
$form = $response['form'];
$form->setAction($action);
}
}
public function send($template, array $values = array())
{
// create a new mail
$mail = new Zend_Mail('UTF-8');
if (isset($values['to'])) {
if (is_array($values['to'])) {
foreach ($values['to'] as $address) {
$mail->addTo($address);
}
} else {
$mail->addTo($values['to']);
}
unset($values['to']);
} else {
throw new Exception('to not send in $values');
}
// set cc
if (isset($values['cc'])) {
if (is_array($values['cc'])) {
foreach ($values['cc'] as $address) {
$mail->addCc($address);
}
} else {
$mail->addCc($values['cc']);
}
unset($values['cc']);
}
// set bcc
if (isset($values['bcc'])) {
if (is_array($values['bcc'])) {
foreach ($values['bcc'] as $address) {
$mail->addBcc($address);
}
} else {
$mail->addBcc($values['bcc']);
}
unset($values['bcc']);
}
// get the template
$templateModel = new Core_Model_Templates();
$data = $templateModel->show($template, $values);
// set subject and body
$mail->setSubject($data['subject']);
$mail->setBodyText($data['body']);
if (empty(Daiquiri_Config::getInstance()->mail->debug)) {
$mail->send();
} else {
Zend_Debug::dump($mail->getRecipients());
Zend_Debug::dump($mail->getSubject());
Zend_Debug::dump($mail->getBodyText());
}
}
/**
* Creates inserts and returns a new token.
* @param array $data row data
* @return string $token the new token
*/
public function insertRow(array $data = array())
{
// get lifetime for token
$lifetime = Daiquiri_Config::getInstance()->auth->tokenLifetime;
// randomly create the new token
$token = md5(mt_rand(1, 1000000));
// set expiration date to tomorrow
$expires = date("Y-m-d\\TH:i:s", time() + $lifetime);
// insert into database credentials
$this->getAdapter()->insert('Auth_Token', array('username' => Daiquiri_Auth::getInstance()->getCurrentUsername(), 'token' => $token, 'path' => $data['path'], 'expires' => $expires));
// return the id of the newly created user
return $token;
}
/**
* @brief wpNavigation method - produces a navigation list from the html files written by wordpress
* @param string $meny: name of the menu in wordpress
* @return HTML string
*
* Produces a a navigation list from the html files written by the daiquiri wordpress plugin.
* Used to make the wordpress navigation menus available in daiquiri.
*
*/
public function wpNavigation($menu)
{
if (Daiquiri_Config::getInstance()->core->cms->enabled) {
$this->view->addScriptPath(Daiquiri_Config::getInstance()->core->cms->navPath);
try {
return $this->view->partial($menu . '.html');
} catch (Zend_View_Exception $e) {
return '';
}
} else {
return '';
}
}
/**
* Constructor. Sets resource object and the database table. Also sets a list of use templates with fields.
*/
public function __construct()
{
$this->setResource('Daiquiri_Model_Resource_Table');
$this->getResource()->setTablename('Core_Templates');
$this->templates = array('auth.register' => array('firstname', 'lastname', 'username', 'link'), 'auth.forgotPassword' => array('firstname', 'lastname', 'username', 'link'), 'auth.validate' => array('firstname', 'lastname', 'username', 'link'), 'auth.confirm' => array('firstname', 'lastname', 'username', 'manager', 'id'), 'auth.reject' => array('firstname', 'lastname', 'username', 'manager', 'id'), 'auth.activate' => array('firstname', 'lastname', 'username', 'id'), 'notification.changePassword' => array('firstname', 'lastname', 'username', 'id'), 'notification.updateUser' => array('firstname', 'lastname', 'username', 'id'), 'contact.submit_user' => array('firstname', 'lastname', 'username'), 'contact.submit_support' => array('firstname', 'lastname', 'username', 'email', 'category', 'subject', 'message', 'link'), 'contact.respond' => array('subject', 'body'), 'query.plan' => array('firstname', 'lastname', 'email', 'sql', 'plan', 'message'), 'meetings.validate' => array('meeting', 'firstname', 'lastname', 'link'));
if (in_array('meetings', Daiquiri_Config::getInstance()->getApplication()->resources->modules->toArray())) {
$participantDetailKeysModel = new Meetings_Model_ParticipantDetailKeys();
$contributionTypesModel = new Meetings_Model_ContributionTypes();
$this->templates['meetings.register'] = array_merge(array('meeting', 'firstname', 'lastname', 'affiliation', 'email', 'arrival', 'departure'), $participantDetailKeysModel->getResource()->fetchValues('key'));
foreach ($contributionTypesModel->getResource()->fetchValues('contribution_type') as $contribution_type) {
$this->templates['meetings.register'][] = $contribution_type . '_title';
$this->templates['meetings.register'][] = $contribution_type . '_abstract';
}
}
}
public function logoutAction()
{
// get redirect url
$redirect = $this->_getParam('redirect', '/');
// get model NOT poxied since acl are not necessarily there
$model = new Auth_Model_Login();
$response = $model->logout();
// set cookies
foreach ($this->_request->getCookie() as $cookie => $value) {
if (strpos($cookie, 'wordpress_') === 0 || strpos($cookie, 'wp-settings') === 0) {
$cookiePath = Daiquiri_Config::getInstance()->getBaseUrl() . '/';
setcookie($cookie, ' ', time() - 31536000, $cookiePath);
}
}
$this->redirect($redirect);
}
/**
* Returns the columns of a given table and database.
* @param array $params get params of the request
* @return array
*/
public function cols(array $params = array())
{
// get db and table from params
if (empty($params['db']) || empty($params['table'])) {
return array('status' => 'error');
} else {
$db = $params['db'];
$table = $params['table'];
}
// init table
$this->getResource()->init($params['db'], $params['table']);
// get columns from the database
$colnames = array_keys($this->getResource()->fetchCols());
// obtain table metadata
$tablesResource = new Data_Model_Resource_Tables();
$tableMeta = $tablesResource->fetchRowByName($db, $table, true);
if ($tableMeta === false) {
// this table is not in the metadata table - let's see if we can get
// further information from the table itself
$descResource = new Data_Model_Resource_Description();
$descResource->init($params['db']);
$tableMeta = $descResource->describeTable($params['table']);
}
// construct metadata array
$meta = array();
foreach ($tableMeta['columns'] as $key => $colMeta) {
$meta[$colMeta['name']] = array('id' => $key, 'ucd' => explode(';', str_replace(' ', '', $colMeta['ucd'])));
}
// return columns of this table
$cols = array();
foreach ($colnames as $colname) {
$col = array('id' => $meta[$colname]['id'], 'name' => $colname, 'sortable' => true, 'ucfirst' => false, 'ucd' => $meta[$colname]['ucd']);
// add removenewline flag if this is set in the config
if (Daiquiri_Config::getInstance()->data->viewer->columnWidth) {
$col['width'] = Daiquiri_Config::getInstance()->data->viewer->columnWidth;
} else {
$col['width'] = 100;
}
// add removenewline flag if this is set in the config
if (Daiquiri_Config::getInstance()->data->viewer->removeNewline) {
$col['format'] = array('removeNewline' => true);
}
// append col to cols array
$cols[] = $col;
}
return array('status' => 'ok', 'cols' => $cols);
}
public function indexAction()
{
$this->view->status = 'ok';
// get the csrf token
$session = new Zend_Session_Namespace('csrf');
$csrf = $session->hash;
// get the forms to display
$options = array('defaultForm' => Null, 'polling' => Daiquiri_Config::getInstance()->query->polling->toArray(), 'forms' => array(), 'csrf' => $csrf);
foreach (Daiquiri_Config::getInstance()->query->forms as $key => $form) {
if ($form->default) {
$options['defaultForm'] = $key;
}
$options['forms'][] = array('key' => $key, 'title' => $form->title);
}
$this->view->options = $options;
// get options for the query plan
$queryModel = new Query_Model_Query();
$this->view->plan = array('enabled' => $queryModel->canShowPlan(), 'editable' => $queryModel->canAlterPlan(), 'mail' => Daiquiri_Config::getInstance()->query->processor->mail->enabled);
// get the different download options
$this->view->downloadAdapter = Daiquiri_Config::getInstance()->getQueryDownloadAdapter();
// check if imageviewer is enabled
if (Daiquiri_Config::getInstance()->query->images->enabled) {
$this->view->images = true;
} else {
$this->view->images = false;
}
// check if the table cols/rows should be selectable
if (Daiquiri_Config::getInstance()->query->results->select) {
$this->view->select = true;
} else {
$this->view->select = false;
}
// check if samp is enabled
if (Daiquiri_Config::getInstance()->query->samp->enabled && Daiquiri_Auth::getInstance()->getCurrentUsername() !== 'guest') {
$this->view->samp = true;
} else {
$this->view->samp = false;
}
// check if plot is enabled
if (Daiquiri_Config::getInstance()->query->plot->enabled) {
$this->view->plot = true;
} else {
$this->view->plot = false;
}
}
/**
* Submits a contact message.
* @param array $formParams
* @return array $response
*/
public function contact(array $formParams = array())
{
// get categories
$categoriesModel = new Contact_Model_Categories();
$categories = $categoriesModel->getResource()->fetchValues('category');
// get user if one is logged in
$userId = Daiquiri_Auth::getInstance()->getCurrentId();
if ($userId > 0) {
// get the user model for getting user details
$userModel = new Auth_Model_User();
$user = $userModel->getResource()->fetchRow($userId);
} else {
$user = array();
}
// create the form object
$form = new Contact_Form_Submit(array('categories' => $categories, 'user' => $user));
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// form is valid, get values
$values = $form->getValues();
unset($values['submit']);
// set the user_id
$values['user_id'] = $userId;
// set timestamp
$values['datetime'] = date("Y-m-d H:i:s");
// set status of new message to active
$statusModel = new Contact_Model_Status();
$values['status_id'] = $statusModel->getResource()->fetchId(array('where' => array('`status` = "active"')));
// store in database (if enabled)
$this->getResource()->insertRow($values);
// get the category
$row = $categoriesModel->getResource()->fetchRow($values['category_id']);
$values['category'] = $row['category'];
// send mail to user who used the contact form
$this->getModelHelper('mail')->send('contact.submit_user', array('to' => $values['email'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname']));
// send mail to support
$userResource = new Auth_Model_Resource_User();
$this->getModelHelper('mail')->send('contact.submit_support', array('to' => array_merge($userResource->fetchEmailByRole('manager'), $userResource->fetchEmailByRole('admin')), 'reply_to' => $values['email'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname'], 'email' => $values['email'], 'category' => $values['category'], 'subject' => $values['subject'], 'message' => $values['message'], 'link' => Daiquiri_Config::getInstance()->getSiteUrl() . '/contact/messages'));
return array('status' => 'ok');
} else {
return array('status' => 'error', 'errors' => $form->getMessages(), 'form' => $form);
}
}
return array('form' => $form, 'status' => 'form');
}
/**
* Produces the HTML header by adding the required JS and CSS script to the view.
* These are the files necessary for Daiquiri to work as defined in $_files and any
* additional file given in $inputfiles. If minify is enabled in the configuration
* file, the JS and CSS files are minified.
* @param array $customFiles additional static files
* @param array $overrideFiles files that override the default files
*/
public function headStatic(array $customFiles, array $overrideFiles = array())
{
$hl = $this->view->headLink();
$hs = $this->view->headScript();
$js = array();
$css = array();
if (Daiquiri_Config::getInstance()->core->minify->enabled == true) {
$js[] = 'min/js/daiquiri.js';
$css[] = 'min/css/daiquiri.css';
} else {
foreach (Daiquiri_View_Helper_HeadStatic::$files as $key => $file) {
if (array_key_exists($key, $overrideFiles)) {
$file = $overrideFiles[$key];
}
$ext = pathinfo($file, PATHINFO_EXTENSION);
if ($ext === 'js') {
$js[] = $file;
} else {
if ($ext === 'css') {
$css[] = $file;
}
}
}
}
foreach ($customFiles as $file) {
$ext = pathinfo($file, PATHINFO_EXTENSION);
if ($ext === 'js') {
$js[] = $file;
} else {
if ($ext === 'css') {
$css[] = $file;
}
}
}
// prepend files in reverse order
foreach (array_reverse($css) as $file) {
$hl->prependStylesheet($this->view->baseUrl($file));
}
foreach (array_reverse($js) as $file) {
$hs->prependFile($this->view->baseUrl($file));
}
// echo the view helpers
echo PHP_EOL . PHP_EOL . $hl . PHP_EOL . PHP_EOL . $hs . PHP_EOL . PHP_EOL;
}
/**
* Inserts a new row into the App table and create the corresponding user table.
* @param array $data
* @throws Exception
* @return int $id id of the new app
*/
public function insertRow(array $data = array())
{
if (empty($data)) {
throw new Exception('$data not provided in ' . get_class($this) . '::' . __FUNCTION__ . '()');
}
// handle unencrypted password
$data['password'] = Daiquiri_Crypt_Abstract::factory()->encrypt($data['new_password']);
// insert the new row
$this->getAdapter()->insert('Auth_Apps', array('appname' => $data['appname'], 'password' => $data['password'], 'active' => 1));
// create database for app
if (Daiquiri_Config::getInstance()->query) {
$userDb = Daiquiri_Config::getInstance()->getUserDbName($data['appname']);
$adapter = Daiquiri_Config::getInstance()->getUserDbAdapter('', $data['appname']);
$sql = "CREATE DATABASE `{$userDb}`";
$adapter->query($sql)->closeCursor();
}
// return the id of the newly created app
return $this->getAdapter()->lastInsertId();
}
/**
* Returns one specific meeting.
* @param mixed $input int id or array with "slug" key
* @return array $response
*/
public function show($input)
{
if (is_int($input)) {
$row = $this->getResource()->fetchRow($input);
} elseif (is_array($input)) {
if (empty($input['slug'])) {
throw new Exception('Either int id or array with "slug" key must be provided as $input');
}
$row = $this->getResource()->fetchRow(array('where' => array('slug = ?' => $input['slug'])));
} else {
throw new Exception('$input has wrong type.');
}
if (empty($row)) {
throw new Daiquiri_Exception_NotFound();
}
$siteUrl = Daiquiri_Config::getInstance()->getSiteUrl();
$row['public_registration_page'] = $siteUrl . '/meetings/' . $row['slug'] . '/registration/';
$row['public_participants_page'] = $siteUrl . '/meetings/' . $row['slug'] . '/info/participants/';
$row['public_contributions_page'] = $siteUrl . '/meetings/' . $row['slug'] . '/info/contributions/';
return array('status' => 'ok', 'row' => $row);
}
/**
* Constructor. Sets options.
* @param string $$application_path
* @param string $daiquiri_path
* @param array $input
*/
public function __construct($application_path, $daiquiri_path, $input)
{
$this->application_path = $application_path;
$this->daiquiri_path = $daiquiri_path;
$this->input = $input;
// put Zend in the include_path
set_include_path(implode(PATH_SEPARATOR, array(realpath($this->daiquiri_path . '/library'), get_include_path())));
// setup autoloader
require_once 'Zend/Loader/Autoloader.php';
Zend_Loader_Autoloader::getInstance();
// parse command line
$this->_parseCommandLine();
// init the options array with database and mail options
$this->options = array();
$this->_processDatabaseOptions();
$this->_processMailOptions();
$this->_processModulesOptions();
// setup zend application environment
$this->_setupEnvironment();
// get init models from the modules
foreach (array_keys(Daiquiri_Init::$_modules) as $module) {
$classname = ucfirst($module) . '_Model_Init';
$this->models[$module] = new $classname($this);
}
// parse the config array for each model
$this->options['config'] = array();
foreach ($this->options['modules'] as $module) {
$model = $this->models[$module];
$model->processConfig();
}
// update config singleton
Daiquiri_Config::getInstance()->setConfig($this->options['config']);
// parse the init array for each model
$this->options['init'] = array();
foreach ($this->options['modules'] as $module) {
$model = $this->models[$module];
$model->processInit();
}
}
/**
* @brief factory method for specified crypt algorithm object
* @param string $algorithm: name of crypt algorithm
* @return Daiquiri_Crypt_Abstract instance of initialised crypt object
*
* Returns an initialised and newly allocated crypt object with the specified
* algorithm. An implementation of a given algorithm must have the same name
* as the one given by the $algorithm parameter. If no algorithm is given, a
* default one is used.
*
* The default algorithm is set in daiquiri.ini as auth.password.default.algo
*
*/
static function factory($algorithm = 'default')
{
$authConfig = Daiquiri_Config::getInstance()->auth;
if ($authConfig == Null) {
// values are not set in the configuration
throw new Daiquiri_Exception_Forbidden();
}
// get the values from the config
$cryptConfig = $authConfig->password->{$algorithm};
$algo = $cryptConfig->algo;
if ($cryptConfig->salt) {
$salt = $cryptConfig->salt;
} else {
$salt = null;
}
// get the name of the class
$className = 'Daiquiri_Crypt_' . ucfirst($algo);
if (is_subclass_of($className, 'Daiquiri_Crypt_Abstract')) {
return new $className($salt);
} else {
throw new Exception('Unknown hashing algorithm in ' . __METHOD__);
}
}
/**
* Validates a raw query before any processing and altering of the query occurred.
* @param string $sql query string
* @param string $table name of the job's table
* @param array $errors array holding any errors that occur
* @param array $options any options that a specific implementation of validateQuery needs to get
* @return bool $success
*/
public function validateQuery($sql, $table, array &$errors, $options = false)
{
$errors = array();
// preprocess string
$noMultilineCommentSQL = $this->_processing->removeMultilineComments($sql);
$multiLines = $this->_processing->splitQueryIntoMultiline($noMultilineCommentSQL, $errors);
if ($multiLines === false) {
return false;
}
$multiLineParseTrees = $this->_processing->multilineParseTree($multiLines, $errors);
if (!empty($errors)) {
return false;
}
$multiLineUsedDBs = $this->_processing->multilineUsedDB($multiLineParseTrees, $this->_userDb);
$multiLineParseTrees = $this->_processing->multilineProcessQueryWildcard($multiLineParseTrees, $multiLineUsedDBs, $errors);
if (!empty($errors)) {
return false;
}
// check ACLs
if ($this->_permissions->check($multiLineParseTrees, $multiLineUsedDBs, $errors) === false) {
return false;
}
// check if table already exists
if ($table !== null && $this->_processing->tableExists($table)) {
$errors['submitError'] = "Table '{$table}' already exists";
return false;
}
// combine multiline queries into one
$combinedQuery = $this->_processing->combineMultiLine($multiLines);
// validate sql on server
if (Daiquiri_Config::getInstance()->query->validate->serverSide) {
if ($this->_processing->validateSQLServerSide($combinedQuery, $this->_userDb, $errors) !== true) {
return false;
}
}
return true;
}
public function checkDbFunction($function)
{
// switch of security for debugging
if (Daiquiri_Config::getInstance()->auth->debug === '1') {
return true;
}
// check in the data module, if metadata exists and handle them
// accordingly
$functionsResource = new Data_Model_Resource_Functions();
return $functionsResource->checkACL($function);
}
/**
* Registers a participant.
* @param string $slug slug of the meeting
* @param array $formParams
* @return array $response
*/
public function register($slug, array $formParams = array())
{
// get models
$meetingsModel = new Meetings_Model_Meetings();
$meeting = $meetingsModel->getResource()->fetchRow(array('where' => array('slug = ?' => $slug)));
if (empty($meeting)) {
throw new Daiquiri_Exception_NotFound();
}
if (!Daiquiri_Auth::getInstance()->checkPublicationRoleId($meeting['registration_publication_role_id'])) {
return array('status' => 'forbidden', 'message' => $meeting['registration_message']);
}
// get user if one is logged in
$userId = Daiquiri_Auth::getInstance()->getCurrentId();
if ($userId > 0) {
// get the user model for getting user details
$userModel = new Auth_Model_User();
$user = $userModel->getResource()->fetchRow($userId);
} else {
$user = array();
}
// create the form object
$form = new Meetings_Form_Registration(array('submit' => 'Register for this meeting', 'meeting' => $meeting, 'user' => $user));
// valiadate the form if POST
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// get the form values
$values = $form->getValues();
$values['meeting_id'] = $meeting['id'];
$values['details'] = array();
foreach ($meeting['participant_detail_keys'] as $keyId => $detailKey) {
if (is_array($values[$detailKey['key']])) {
$values['details'][$keyId] = Zend_Json::encode($values[$detailKey['key']]);
} else {
if ($values[$detailKey['key']] === null) {
$values['details'][$keyId] = Zend_Json::encode(array());
} else {
$values['details'][$keyId] = $values[$detailKey['key']];
}
}
unset($values[$detailKey['key']]);
}
$values['contributions'] = array();
foreach ($meeting['contribution_types'] as $contributionTypeId => $contributionType) {
if ($values[$contributionType . '_bool'] === '1') {
$values['contributions'][$contributionTypeId] = array('title' => $values[$contributionType . '_title'], 'abstract' => $values[$contributionType . '_abstract']);
} else {
$values['contributions'][$contributionTypeId] = false;
}
unset($values[$contributionType . '_bool']);
unset($values[$contributionType . '_title']);
unset($values[$contributionType . '_abstract']);
}
// get the right status
$participantStatusModel = new Meetings_Model_ParticipantStatus();
if (empty(Daiquiri_Config::getInstance()->meetings->autoAccept)) {
$values['status_id'] = $participantStatusModel->getResource()->fetchId(array('where' => array('`status` = "registered"')));
} else {
$values['status_id'] = $participantStatusModel->getResource()->fetchId(array('where' => array('`status` = "accepted"')));
}
if (Daiquiri_Config::getInstance()->meetings->validation) {
$code = $this->createRandomString(32);
// store the values in the database
$id = $this->getResource()->insertRow(array('email' => $values['email'], 'code' => $code, 'values' => Zend_Json::encode($values), 'meeting_id' => $meeting['id']));
// prepare and send mail
$link = Daiquiri_Config::getInstance()->getSiteUrl() . '/meetings/registration/validate/id/' . $id . '/code/' . $code;
$this->getModelHelper('mail')->send('meetings.validate', array('to' => $values['email'], 'meeting' => $meeting['title'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname'], 'link' => $link));
return array('status' => 'validate');
} else {
$participantModel = new Meetings_Model_Participants();
$id = $participantModel->getResource()->insertRow($values);
$participant = $participantModel->getResource()->fetchRow($id);
$mailValues = array('to' => $participant['email'], 'meeting' => $meeting['title'], 'firstname' => $participant['firstname'], 'lastname' => $participant['lastname'], 'affiliation' => $participant['affiliation'], 'email' => $participant['email'], 'arrival' => $participant['arrival'], 'departure' => $participant['departure']);
foreach ($meeting['participant_detail_keys'] as $d) {
if (in_array(Meetings_Model_ParticipantDetailKeys::$types[$d['type_id']], array('radio', 'select'))) {
$options = Zend_Json::decode($d['options']);
$mailValues[$d['key']] = $options[$participant['details'][$d['key']]];
} else {
if (in_array(Meetings_Model_ParticipantDetailKeys::$types[$d['type_id']], array('checkbox', 'multiselect'))) {
$options = Zend_Json::decode($d['options']);
$values = array();
foreach (Zend_Json::decode($participant['details'][$d['key']]) as $value_id) {
$values[] = $options[$value_id];
}
$mailValues[$d['key']] = implode(', ', $values);
} else {
$mailValues[$d['key']] = $participant['details'][$d['key']];
}
}
}
foreach ($meeting['contribution_types'] as $contribution_type) {
if (!empty($participant['contributions'][$contribution_type])) {
$mailValues[$contribution_type . '_title'] = $participant['contributions'][$contribution_type]['title'];
$mailValues[$contribution_type . '_abstract'] = $participant['contributions'][$contribution_type]['abstract'];
} else {
$mailValues[$contribution_type . '_title'] = '---';
}
}
$this->getModelHelper('mail')->send('meetings.register', $mailValues);
return array('status' => 'ok');
}
} else {
return $this->getModelHelper('CRUD')->validationErrorResponse($form);
}
}
return array('form' => $form, 'status' => 'form', 'message' => $meeting['registration_message']);
}
/**
* Returns all config entries for export.
* @return array $response
*/
public function export()
{
return array('data' => array('config' => Daiquiri_Config::getInstance()->getConfig()->toArray()), 'status' => 'ok');
}
/**
* Sets the status of a given user from 'disabled' to 'active'.
* @param int $userId id of the user
* @param array $formParams
* @return array $response
*/
public function reenable($userId, array $formParams = array())
{
// create the form object
$form = new Daiquiri_Form_Confirm(array('submit' => 'Reenable user'));
// valiadate the form if POST
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// get the user credentials
$user = $this->getResource()->fetchRow($userId);
// update the use
if ($user['status'] === 'active') {
$form->setDescription('User status is already "active"');
return $this->getModelHelper('CRUD')->validationErrorResponse($form);
} else {
// get the new status id
$statusId = Daiquiri_Auth::getInstance()->getStatusId('active');
// activate user in database
$this->getResource()->updateRow($userId, array('status_id' => $statusId));
// send a notification mail
if (Daiquiri_Config::getInstance()->auth->notification->updateUser) {
$user = $this->getResource()->fetchRow($userId);
$this->getModelHelper('mail')->send('auth.updateUser', array('to' => Daiquiri_Config::getInstance()->auth->notification->mail->toArray(), 'id' => $user['id'], 'username' => $user['username'], 'firstname' => $user['details']['firstname'], 'lastname' => $user['details']['lastname']));
}
// log the event and return
Daiquiri_Log::getInstance()->notice("user '{$user['username']}' reenabled");
return array('status' => 'ok');
}
} else {
return $this->getModelHelper('CRUD')->validationErrorResponse($form);
}
}
return array('form' => $form, 'status' => 'form');
}
/**
* Creates a downloadable file from the given table of the users database
* @param string $table table in the users database
* @param string $suffix
* @return array $response
*/
private function _createDownloadFile($table, $format, $regen = false)
{
// sanity check for format
if (!in_array($format, Daiquiri_Config::getInstance()->query->download->adapter->enabled->toArray())) {
throw new Exception('Error: format not valid.');
}
// create link and file sysytem path for table dump
$username = Daiquiri_Auth::getInstance()->getCurrentUsername();
$suffix = Daiquiri_Config::getInstance()->query->download->adapter->config->{$format}->suffix;
$filename = $this->_generateFileName($table, $suffix);
$url = '/query/download/file?table=' . $table . '&format=' . $format;
$dir = Daiquiri_Config::getInstance()->query->download->dir . DIRECTORY_SEPARATOR . $username;
$file = $dir . DIRECTORY_SEPARATOR . $filename;
// get queue type and validate
$queueType = strtolower(Daiquiri_Config::getInstance()->query->download->type);
if ($queueType !== "direct" and $queueType !== "gearman") {
throw new Exception('Download queue type not valid');
}
// create dir if neccessary
if (!is_dir($dir)) {
if (mkdir($dir) === false) {
return array('status' => 'error', 'error' => 'Configuration of download directory wrong, please contact support.');
}
chmod($dir, 0775);
}
// delete the old file if regen is set
if ($regen === true) {
if (file_exists($file . ".lock")) {
throw new Daiquiri_Exception_Forbidden();
}
// delete the files...
if (file_exists($file)) {
unlink($file);
}
if (file_exists($file . ".err")) {
unlink($file . ".err");
}
}
if (!file_exists($file) && ($queueType === "direct" || empty($queueType))) {
//get the user db name
$username = Daiquiri_Auth::getInstance()->getCurrentUsername();
$db = Daiquiri_Config::getInstance()->getUserDbName($username);
// get the resource and create dump
$resource = new Data_Model_Resource_Viewer();
$resource->init($db, $table);
try {
$resource->dumpTable($format, $file);
} catch (Exception $e) {
return array('status' => 'error', 'error' => array('form' => $e->getMessage() . ' Please contact support.'));
}
}
if ((!file_exists($file) || file_exists($file . ".lock")) && $queueType === "gearman") {
// check if gearman is up and running
exec('pgrep gearmand', $output, $return);
if ($return != 0) {
throw new Exception('gearmand is not running.');
}
// check if
$restartGeamanManager = false;
$pidfile = Daiquiri_Config::getInstance()->query->download->gearman->pid;
if (file_exists($pidfile)) {
$pid = file_get_contents($pidfile);
exec('ps -p ' . $pid, $output, $return);
if ($return != 0) {
$restartGeamanManager = true;
}
} else {
$restartGeamanManager = true;
}
if ($restartGeamanManager) {
// check if we have write access to actually create this PID file
if (!is_writable(dirname(Daiquiri_Config::getInstance()->query->download->gearman->pid))) {
return array('status' => 'error', 'error' => 'Cannot write to the gearman PID file, please contact support.');
}
$gearmanConf = Daiquiri_Config::getInstance()->query->download->gearman;
// not there, start GearmanManager
$cmd = escapeshellcmd($gearmanConf->manager) . ' -d' . ' -D ' . escapeshellcmd($gearmanConf->numThread) . ' -h ' . escapeshellcmd($gearmanConf->host) . ':' . escapeshellcmd($gearmanConf->port) . ' -P ' . escapeshellcmd($gearmanConf->pid) . ' -w ' . escapeshellcmd($gearmanConf->workerDir) . ' -r 1 > /tmp/Daiquiri_GearmanManager.log &';
shell_exec($cmd);
// DOES NOT WORK IN NEWER PHP, NEED TO BE FIXED
// http://stackoverflow.com/questions/12322811/call-time-pass-by-reference-has-been-removed
// check if pid exists, if not, an error occured - wait for 10 seconds to start gearman manager
$count = 0;
while (!file_exists($gearmanConf->pid)) {
$count += 1;
sleep(1);
if ($count > 10) {
throw new Exception('Error: Could not start GearmanManager.');
}
}
}
// check if lockfile is present and if not, create
if (!file_exists($file . ".lock")) {
if (file_exists($file . ".err")) {
return array('status' => 'error', 'error' => 'An error file exists on the server, please contact support.');
}
// write lock file
touch($file . ".lock");
// get the user db name
$username = Daiquiri_Auth::getInstance()->getCurrentUsername();
$db = Daiquiri_Config::getInstance()->getUserDbName($username);
// get the resource and create dump
$resource = new Data_Model_Resource_Viewer();
$resource->init($db, $table);
try {
$resource->dumpTableGearman($format, $file);
} catch (Exception $e) {
unlink($file . ".lock");
return array('status' => 'error', 'error' => array('form' => $e->getMessage() . ' Please contact support.'));
}
return array('status' => 'pending', 'format' => $format);
} else {
return array('status' => 'pending', 'format' => $format);
}
}
return array('status' => 'ok', 'link' => Daiquiri_Config::getInstance()->getSiteUrl() . $url, 'format' => $format);
}
/**
* Edits the password of the currenly logged in user.
* @param array $formParams
* @return array $response
*/
public function change(array $formParams = array())
{
// get the id of the user from the request
$userId = Daiquiri_Auth::getInstance()->getCurrentId();
// create the form object
$form = new Auth_Form_ChangePassword();
// valiadate the form if POST
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// get the form values
$values = $form->getValues();
// get the user credentials
$user = $this->getResource()->fetchRow($userId);
// check if the old password is valid
$result = Daiquiri_Auth::getInstance()->authenticateUser($user['username'], $values['old_password']);
if ($result) {
// update the user and redirect
$this->getResource()->updatePassword($userId, $values['new_password']);
// log the event
Daiquiri_Log::getInstance()->notice('password changed by user');
// send a notification mail
if (Daiquiri_Config::getInstance()->auth->notification->changePassword) {
$this->getModelHelper('mail')->send('auth.changePassword', array('to' => Daiquiri_Config::getInstance()->auth->notification->mail->toArray(), 'id' => $user['id'], 'username' => $user['username'], 'firstname' => $user['details']['firstname'], 'lastname' => $user['details']['lastname']));
}
return array('status' => 'ok');
} else {
return $this->getModelHelper('CRUD')->validationErrorResponse($form, 'Wrong (old) password provided');
}
} else {
return $this->getModelHelper('CRUD')->validationErrorResponse($form);
}
}
return array('form' => $form, 'status' => 'form');
}
