public static function issrt($key, $destroy = false)
{
return self::issr($key);
$token = Form::token($key);
if ($token && InPost::issr($token->key) == $token->value) {
return isset($_POST[$key]) && $_POST[$key] ? $_POST[$key] : false;
}
return false;
}
public function action_message()
{
Controller::$full_width = TRUE;
if ($this->request->param('id') !== NULL and is_numeric($id_msg_thread = $this->request->param('id'))) {
$messages = Model_Message::get_thread($id_msg_thread, $this->user->id_user);
if ($messages !== FALSE) {
$msg_thread = new Model_Message();
$msg_thread = $msg_thread->where('id_message', '=', $this->request->param('id'))->find();
// send reply message
if ($this->request->post() and Form::token('reply_message', TRUE)) {
$validation = Validation::factory($this->request->post())->rule('message', 'not_empty');
if ($validation->check()) {
$ret = Model_Message::reply(core::post('message'), $this->user->id_user, $id_msg_thread, NULL);
if ($ret !== FALSE) {
//who is who? if from is the same then send to TO, else to from
if ($msg_thread->id_user_from == $this->user->id_user) {
$user_to = $msg_thread->to;
$user_from = $msg_thread->from;
} else {
$user_to = $msg_thread->from;
$user_from = $msg_thread->to;
}
//email title
if ($msg_thread->id_ad !== NULL) {
$email_title = $msg_thread->ad->title;
} else {
$email_title = sprintf(__('Direct message from %s'), $user_from->name);
}
$user_to->email('messaging-reply', array('[TITLE]' => $email_title, '[DESCRIPTION]' => core::post('message'), '[URL.QL]' => $user_to->ql('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => $this->request->param('id')))));
Alert::set(Alert::SUCCESS, __('Reply created.'));
$this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => Request::current()->param('id'))));
} else {
Alert::set(Alert::ERROR, __('Message not sent'));
}
} else {
$errors = $validation->errors('message');
}
}
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Messaging'))->set_url(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'))));
if ($msg_thread->id_ad !== NULL) {
Breadcrumbs::add(Breadcrumb::factory()->set_title($msg_thread->ad->title));
} else {
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Direct Message')));
}
$this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen');
$this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', 'js/messages.js');
$this->template->content = View::factory('oc-panel/pages/messages/message', array('msg_thread' => $msg_thread, 'messages' => $messages, 'user' => $this->user));
} else {
Alert::set(Alert::ERROR, __('Message not found'));
$this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')));
}
} else {
Alert::set(Alert::ERROR, __('Message not found'));
$this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')));
}
}
public function render()
{
$url = $this->getUrl();
$label = $this->getLabel();
$onclick = null;
if ($this->isConfirm()) {
$onclick = 'onclick="return confirm(\'' . $this->getConfirmMessage() . '\')"';
}
return sprintf('<form action="%s" method="post" class="form-inline">
<input type="submit" name="grid-view-submit" value="%s" class="%s" %s>
<input type="hidden" name="_method" value="DELETE">
%s
</form>', $url, $label, $this->getCss(), $onclick, \Form::token());
}
public function render()
{
$url = $this->getUrl();
$label = $this->getLabel();
$onclick = null;
if (strtolower($this->method) == 'put') {
$this->hiddenFields['_method'] = 'PUT';
}
if ($this->isConfirm()) {
$onclick = 'onclick="return confirm(\'' . $this->getConfirmMessage() . '\')"';
}
return sprintf('<form action="%s" method="%s" class="form-inline">
<input type="submit" name="grid-view-submit" value="%s" class="%s" %s>
%s
%s
</form>', $url, $this->method, $label, $this->getCss(), $onclick, $this->buildHiddenFields(), \Form::token());
}
public function action_message()
{
Controller::$full_width = TRUE;
if ($this->request->param('id') !== NULL and is_numeric($id_msg_thread = $this->request->param('id'))) {
$messages = Model_Message::get_thread($id_msg_thread, $this->user);
if ($messages !== FALSE) {
$msg_thread = new Model_Message();
$msg_thread = $msg_thread->where('id_message', '=', $id_msg_thread)->where('id_message_parent', '=', $id_msg_thread)->find();
// send reply message
if ($this->request->post() and Form::token('reply_message', TRUE)) {
$validation = Validation::factory($this->request->post())->rule('message', 'not_empty');
if ($validation->check()) {
$ret = Model_Message::reply(core::post('message'), $this->user, $id_msg_thread, NULL);
if ($ret !== FALSE) {
Alert::set(Alert::SUCCESS, __('Reply created.'));
$this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'message', 'id' => Request::current()->param('id'))));
} else {
Alert::set(Alert::ERROR, __('Message not sent'));
}
} else {
$errors = $validation->errors('message');
}
}
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Messaging'))->set_url(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'))));
if ($msg_thread->id_ad !== NULL) {
Breadcrumbs::add(Breadcrumb::factory()->set_title($msg_thread->ad->title));
} else {
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Direct Message')));
}
$this->template->styles = array('css/jquery.sceditor.default.theme.min.css' => 'screen', '//cdn.jsdelivr.net/sweetalert/0.1.2/sweet-alert.min.css' => 'screen');
$this->template->scripts['footer'] = array('js/jquery.sceditor.bbcode.min.js', '//cdn.jsdelivr.net/sweetalert/0.1.2/sweet-alert.min.js', 'js/messages.js');
$this->template->content = View::factory('oc-panel/pages/messages/message', array('msg_thread' => $msg_thread, 'messages' => $messages, 'user' => $this->user));
} else {
Alert::set(Alert::ERROR, __('Message not found'));
$this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')));
}
} else {
Alert::set(Alert::ERROR, __('Message not found'));
$this->redirect(Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index')));
}
}
<?php
echo Form::open(Route::get('backend')->uri(array('controller' => 'layout', 'action' => $action, 'id' => $layout->name)), array('id' => 'layoutEditForm', 'class' => 'form-horizontal panel'));
?>
<?php
echo Form::token('token');
?>
<?php
echo Form::hidden('layout_name', $layout->name);
?>
<div class="panel-heading">
<div class="form-group form-group-lg">
<label for="layout-input-name" class="col-sm-2 control-label"><?php
echo __('Layout name');
?>
</label>
<div class="col-sm-10">
<div class="input-group">
<?php
echo Form::input('name', $layout->name, array('class' => 'slug form-control', 'id' => 'layout-input-name', 'tabindex' => 1, 'placeholder' => __('Layout name')));
?>
<span class="input-group-addon"><?php
echo EXT;
?>
</span>
</div>
</div>
</div>
</div>
public static function getAllConversationList()
{
$user_ID = Session::get("account_id");
$conversations = "<div id='gridForm' class='gridContent' style='display:none'></div><div id='loadingAdd' style='display:none'></div>";
$conversations .= '<div class="table-responsive">
<!-- THE MESSAGES -->
' . Form::token() . '<table class="table table-mailbox" id="report" title="conversations">';
$rs = Conversation::getConversationList($user_ID, true);
$conversations .= "<tr title=''>\n <td colspan='5'>\n </td>\n </tr>";
if (count($rs['records']) > 0) {
foreach ($rs['records'] as $conv) {
$conversations .= '<tr ' . (Conversation::getMsgStatus($conv->message_hash) == 0 ? 'class="unread"' : 'class="read"') . ' title="' . $conv->message_hash . '" >
<td class="small-col"></td>
<td>' . (Conversation::getMsgStatus($conv->message_hash) == 0 ? '<i class="fa fa-star"></i>' : '<i class="fa fa-star-o"></i>') . '</td>
<td colspan="3"><b>' . $conv->recipient . '</b> (' . $conv->recipient_email . ') & <b>' . $conv->sender . '</b> (' . $conv->sender_email . ')</td>
</tr>';
$conversations .= "<tr title='" . $conv->message_hash . "'>\n <td colspan='5'>\n <div id='loading" . $conv->message_hash . "' class='loadingview'></div>\n <div id='ajaxcontent" . $conv->message_hash . "'>\n </div>\n </td>\n </tr>";
}
} else {
$conversations .= "<tr title='d'>\n <td colspan='5' style='text-align:center'>\n No conversations \n </td>\n </tr>";
}
$pagination = Paginator::make($rs['records'], $rs['total_pages'], Session::get('rec_per_page'));
$paginationString = $pagination->links();
$conversations .= '</table>
<div class="box-footer clearfix">
<div class="pull-right">
' . $paginationString . '
</div>
</div><!-- box-footer -->
</div><!-- /.table-responsive -->';
return $conversations;
}
<div class="form-group">
<label class="col-md-2"><?php
echo __("Reply");
?>
:</label>
<div class="col-md-9 col-sm-9 col-xs-12">
<textarea name="description" rows="10" class="form-control" required><?php
echo core::post('description');
?>
</textarea>
</div>
</div>
<?php
echo Form::token('reply_ticket');
?>
<div class="form-actions">
<a href="<?php
echo Route::url('oc-panel', array('controller' => 'support', 'action' => 'index'));
?>
" class="btn btn-default"><?php
echo __('Cancel');
?>
</a>
<button type="submit" class="btn btn-primary"><?php
echo __('Reply');
?>
</button>
</div>
</form>
/**
* Helper to generate hidden html input field with embedded csrf token
*
* @return string
*/
function csrf_html()
{
return Form::token();
}
{!! Form::open(array('method' => 'post', 'class'=>'form-horizontal', 'role'=>'form')) !!}
{!! Form::setModel($address); !!}
<?php
\Form::token();
?>
@include('addresses::fields')
<button type="submit" class="btn btn-primary">Save Address</button>
{!! Form::close() !!}
/**
* Outputs Session and Cookie data in various forms.
* Used to understand how Sessions and Cookies are working
*/
public function getSessionsAndCookies()
{
# Log in check
if (Auth::check()) {
echo "You are logged in: " . Auth::user();
} else {
echo "You are not logged in.";
}
echo "<br><br>";
# Cookies
echo "<h1>Your Raw, encrypted Cookies</h1>";
echo Paste\Pre::render($_COOKIE, '');
# Decrypted cookies
echo "<h1>Your Decrypted Cookies</h1>";
echo Paste\Pre::render(Cookie::get(), '');
echo "<br><br>";
# All Session files
echo "<h1>All Session Files</h1>";
$files = File::files(app_path() . '/storage/sessions');
foreach ($files as $file) {
if (strstr($file, Cookie::get('laravel_session'))) {
echo "<div style='background-color:yellow'><strong>YOUR SESSION FILE:</strong><br>";
} else {
echo "<div>";
}
echo "<strong>" . $file . "</strong>:<br>" . File::get($file) . "<br>";
echo "</div><br>";
}
echo "<br><br>";
# Your Session Data
$data = Session::all();
echo "<h1>Your Session Data</h1>";
echo Paste\Pre::render($data, 'Session data');
echo "<br><br>";
# Token
echo "<h1>Your CSRF Token</h1>";
echo Form::token();
echo "<script>document.querySelector('[name=_token]').type='text'</script>";
echo "<br><br>";
}
public function testToken()
{
$form = $this->Form->withToken()->make(array('name' => 'Test'));
$this->assertContains(Form::token(), $form);
$this->assertTrue(Form::validToken(Form::token()));
}
public function action_ticket()
{
$this->template->scripts['footer'] = array('js/oc-panel/ticket.js');
//after creating the reply we redirect to the ticket view
$errors = NULL;
$user = Auth::instance()->get_user();
$ticket_id = $this->request->param('id', 0);
//getting the parent ticket
$ticket = new Model_Ticket();
if (!$user->has_access('supportadmin')) {
$ticket->where('id_user', '=', $user->id_user);
}
$ticket->where('id_ticket', '=', $ticket_id)->where('id_ticket_parent', 'IS', NULL)->limit(1)->find();
if (!$ticket->loaded()) {
Alert::set(Alert::ERROR, __('Not your ticket.'));
$this->redirect(Route::url('oc-panel', array('controller' => 'support', 'action' => 'index')));
}
//marking it as read if was not assign we assign an agent.
if ($ticket->status == Model_Ticket::STATUS_CREATED and $user->has_access('supportadmin') and !is_numeric($ticket->id_user_support)) {
//modify status of parent ticket
$ticket->id_user_support = $user->id_user;
$ticket->read_date = Date::unix2mysql();
$ticket->status = Model_Ticket::STATUS_READ;
$ticket->save();
}
//Change the agent assigned to this ticket
if (core::post('agent') and $user->has_access('supportadmin')) {
//modify ticket
$ticket->id_user_support = core::post('agent');
$ticket->status = Model_Ticket::STATUS_CREATED;
$ticket->save();
//send notification to agent
$agent = new Model_User(core::post('agent'));
$agent->email('assign-agent', array('[TITLE]' => $ticket->title, '[DESCRIPTION]' => $ticket->description, '[URL.QL]' => $agent->ql('oc-panel', array('controller' => 'support', 'action' => 'ticket', 'id' => $ticket->id_ticket))));
Alert::set(Alert::SUCCESS, __('Agent assigned.'));
$this->redirect(Route::url('oc-panel', array('controller' => 'support', 'action' => 'index', 'id' => 'admin')));
}
//create new reply
if ($this->request->post() and Form::token('reply_ticket', TRUE)) {
$validation = Validation::factory($this->request->post())->rule('description', 'not_empty')->rule('description', 'min_length', array(':value', 5))->rule('description', 'max_length', array(':value', 1000));
if ($validation->check()) {
//creates the answer ticket
$ticketr = new Model_Ticket();
$ticketr->id_user = $user->id_user;
$ticketr->id_order = $ticket->id_order;
$ticketr->id_ticket_parent = $ticket->id_ticket;
$ticketr->description = core::post('description');
$ticketr->ip_address = ip2long(Request::$client_ip);
$ticketr->save();
unset($_POST['description']);
//modify status of parent ticket
$ticket->status = Model_Ticket::STATUS_CREATED;
$ticket->save();
//an admin answer so we send email to owner of ticket
if ($user->has_access('supportadmin')) {
$ticket->id_user_support = $user->id_user;
$ticket->read_date = Date::unix2mysql();
$ticket->status = Model_Ticket::STATUS_HOLD;
$ticket->save();
//send email to creator of the ticket
$ticket->user->email('new-reply', array('[TITLE]' => $ticket->title, '[DESCRIPTION]' => $user->signature, '[URL.QL]' => $ticket->user->ql('oc-panel', array('controller' => 'support', 'action' => 'ticket', 'id' => $ticket->id_ticket))));
} elseif (is_numeric($ticket->id_user_support)) {
//send notification to agent
$agent = new Model_User($ticket->id_user_support);
$agent->email('new-reply', array('[TITLE]' => $ticket->title, '[DESCRIPTION]' => $ticketr->description, '[URL.QL]' => $agent->ql('oc-panel', array('controller' => 'support', 'action' => 'ticket', 'id' => $ticket->id_ticket))));
} elseif (core::config('email.new_sale_notify')) {
Email::content(core::config('email.notify_email'), NULL, NULL, NULL, 'new-reply', array('[TITLE]' => $ticket->title, '[DESCRIPTION]' => $ticketr->description, '[URL.QL]' => Route::url('oc-panel', array('controller' => 'support', 'action' => 'ticket', 'id' => $ticket->id_ticket))));
}
//set empty since they already replied
Request::current()->post('description', '');
Alert::set(Alert::SUCCESS, __('Reply created.'));
} else {
$errors = $validation->errors('ad');
}
}
//getting all the ticket replies
$replies = new Model_Ticket();
$replies = $replies->where('id_ticket_parent', '=', $ticket->id_ticket)->order_by('created', 'asc')->find_all();
Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Ticket')));
$this->template->title = $ticket->title . ' - ' . __('Ticket');
//loading agents/admins
$users = NULL;
if ($user->has_access('supportadmin')) {
//getting the roles that have access to the supportadmin since are the agents ;)
$support_roles = array(Model_Role::ROLE_ADMIN);
$access = new Model_Access();
$access = $access->where('access', '=', 'supportadmin.*')->find_all();
foreach ($access as $a) {
$support_roles[] = $a->id_role;
}
//getting agents ;)
$users_db = DB::select('u.id_user')->select('u.name')->from(array('users', 'u'))->where('id_role', 'in', $support_roles)->as_object()->execute();
foreach ($users_db as $key => $value) {
$users[$value->id_user] = $value->name;
}
}
$this->template->bind('content', $content);
$this->template->content = View::factory('oc-panel/pages/support/ticket', array('replies' => $replies, 'ticket' => $ticket, 'users' => $users));
$content->errors = $errors;
}
$method_string = substr($field->options, 5);
$method_parts = explode(',', $method_string);
$method = $method_parts['0'];
unset($method_parts['0']);
if (is_callable($method)) {
if (count($method_parts) > 1) {
$params = implode(',', $method_parts);
$field->options = call_user_func($method, $params);
} else {
$field->options = call_user_func($method);
}
}
}
}
if ($type == 'token') {
return Form::token();
} elseif ($type == 'password') {
return Form::password($field->slug, array('name' => $field->slug));
} elseif ($type == 'textarea') {
return Form::textarea($field->slug, $field->value, array('name' => $field->slug));
} elseif ($type == 'select') {
$options_lang = array();
if (is_array($field->options)) {
foreach ($field->options as $key => $value) {
$options_lang[$key] = Lang::line($bundle . '::lang.' . $value)->get(ADM_LANG);
}
} else {
$options = json_decode($field->options, true);
if (isset($options) and !empty($options)) {
foreach ($options as $key => $value) {
$options_lang[$key] = Lang::line($bundle . '::lang.' . $value)->get(ADM_LANG);
<label class="col-sm-3 control-label" for="content"><strong>回覆內容</strong></label>
<div class="col-sm-5">
<textarea class="form-control" id="content" name="content" style="width: 650px; min-height: 150px;"><?php
echo Arr::get($reply, 'content', '');
?>
</textarea>
</div>
</div>
<!-- title -->
<div class="form-group">
<div style="margin-top: 10px;">
<button class="btn" type="button" onclick="history.back();">取消</button> <button class="btn btn-inverse btn-submit">回覆</button>
</div>
</div>
<?php
echo Form::token();
?>
<input type="hidden" name="board_id" value="<?php
echo $board['id'];
?>
" />
</form>
@stop
@section('bottom')
{{ HTML::script(asset('js/admin/widgets/labels/js_widget_labels.js')) }}
{{ HTML::script(asset('js/admin/board/js_reply.js')) }}
@stop
?>
</ul>
</div>
<?php
}
?>
<div class="form-group control-group pad_10">
<textarea name="message" rows="7" class="form-control input-xxlarge disable-bbcode" placeholder="Type reply here...." data-editor="html" required><?php
echo core::post('message');
?>
</textarea>
</div>
<div class="form-group">
<?php
echo Form::token('reply_message');
?>
</div>
</div>
</div>
<div class="panel-footer text-center">
<a href="<?php
echo Route::url('oc-panel', array('controller' => 'messages', 'action' => 'index'));
?>
" class="btn btn-default"><?php
echo __('Cancel');
?>
</a>
<button type="submit" class="btn btn-success"><?php
echo __('Reply');
?>
});
/*
* -------------------------------------------------------------------------------------
* Application Routes
* -------------------------------------------------------------------------------------
*/
Route::get('login', 'LoginController@show');
Route::post('login', 'LoginController@login');
Route::get('logout', 'LoginController@logout');
Route::group(array('prefix' => 'app', 'before' => 'auth'), function () {
Route::get('/', function () {
return View::make('layouts.application', array('content' => ''));
});
Route::resource('teachers', 'AppTeachersController');
});
Route::group(array('prefix' => 'admin', 'before' => 'auth'), function () {
Route::get('/', 'AppTeachersController@index');
Route::resource('teachers', 'AppTeachersController');
Route::resource('students', 'AppStudentsController');
Route::resource('careers', 'AppCareersController');
});
// Route::get('api', function(){
// $uri = 'https://github.com/api/v2/xml/user/show/nategood';
// $res = HttpfulReq::get($uri)->send();
// return "bien";
// });
Route::get('test', array('before' => 'api.type:json'), function () {
$sess_token = Session::token();
$form_token = Form::token();
return Response::make("Sess token: {$sess_token} <br>Form token: {$form_token}", 200);
});
