/**
* This function is called before any output is generated or any other
* actions are performed. Initializations happen here.
*
* @param $action Name of the action to perform
* @param $args Arguments for the given action
*/
public function before_filter(&$action, &$args)
{
parent::before_filter($action, $args);
$this->modules = array();
// Set Navigation
PageLayout::setHelpKeyword("Basis.ProfileModules");
PageLayout::setTitle(_("Mehr Funktionen"));
PageLayout::addSqueezePackage('lightbox');
Navigation::activateItem('/profile/modules');
// Get current user.
$this->username = Request::username('username', $GLOBALS['user']->username);
$this->user_id = get_userid($this->username);
$this->plugins = array();
$blubber = PluginEngine::getPlugin('Blubber');
// Add blubber to plugin list so status can be updated.
if ($blubber) {
$this->plugins[] = $blubber;
}
// Get homepage plugins from database.
$this->plugins = array_merge($this->plugins, PluginEngine::getPlugins('HomepagePlugin'));
// Show info message if user is not on his own profile
if ($this->user_id != $GLOBALS['user']->id) {
$current_user = User::find($this->user_id);
$message = sprintf(_('Daten von: %s %s (%s), Status: %s'), htmlReady($current_user->Vorname), htmlReady($current_user->Nachname), htmlReady($current_user->username), htmlReady($current_user->perms));
PageLayout::postMessage(MessageBox::info($message));
}
$this->setupSidebar();
}
public function before_filter(&$action, &$args)
{
parent::before_filter($action, $args);
// Lock context to user id
$this->owner = $GLOBALS['user'];
$this->context_id = $this->owner->id;
$this->full_access = true;
if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS) {
$username = Request::username('username', $GLOBALS['user']->username);
$user = User::findByUsername($username);
if ($user && $user->id !== $GLOBALS['user']->id) {
$this->owner = $user;
$this->context_id = $user->id;
$this->full_access = Config::get()->PERSONALDOCUMENT_OPEN_ACCESS_ROOT_PRIVILEDGED && $GLOBALS['user']->perms === 'root';
URLHelper::bindLinkParam('username', $username);
}
}
$this->limit = $GLOBALS['user']->cfg->PERSONAL_FILES_ENTRIES_PER_PAGE ?: Config::get()->ENTRIES_PER_PAGE;
$this->userConfig = DocUsergroupConfig::getUserConfig($GLOBALS['user']->id);
if ($this->userConfig['area_close'] == 1) {
$this->redirect('document/closed/index');
}
if (Request::isPost()) {
CSRFProtection::verifySecurityToken();
}
if (($ticket = Request::get('studip-ticket')) && !check_ticket($ticket)) {
$message = _('Bei der Verarbeitung Ihrer Anfrage ist ein Fehler aufgetreten.') . "\n" . _('Bitte versuchen Sie es erneut.');
PageLayout::postMessage(MessageBox::error($message));
$this->redirect('document/files/index');
}
}
/**
* Controller for all buddy related action.
*
* The following actions are supported:
* - "add" to add a user to the current user's buddy list
* - "remove" to remove a user from the current user's buddy list
*
* @param String $action The action to be executed
*/
public function buddy_action($action = 'add')
{
$username = Request::username('username');
if ($action === 'add' && $username !== null) {
if (Contact::import(array('owner_id' => User::findCurrent()->id, 'user_id' => User::findByUsername($username)->id))->store()) {
PageLayout::postMessage(MessageBox::success(_('Der Benutzer wurde zu Ihren Kontakten hinzugefügt.')));
}
} elseif ($action === 'remove' && $username !== null) {
$contact = Contact::find(array(User::findCurrent()->id, User::findByUsername($username)->id));
if ($contact && $contact->delete()) {
PageLayout::postMessage(MessageBox::success(_('Der Benutzer gehört nicht mehr zu Ihren Kontakten.')));
}
}
$this->redirect('online');
}
/**
* Sets up the controller
*
* @param String $action Which action shall be invoked
* @param Array $args Arguments passed to the action method
*/
public function before_filter(&$action, &$args)
{
// Abwärtskompatibilität, erst ab 1.1 bekannt
if (!isset($GLOBALS['ALLOW_CHANGE_NAME'])) {
$GLOBALS['ALLOW_CHANGE_NAME'] = TRUE;
}
parent::before_filter($action, $args);
// Ensure user is logged in
$GLOBALS['auth']->login_if($action !== 'logout' && $GLOBALS['auth']->auth['uid'] === 'nobody');
// extract username
$username = Request::username('username', $GLOBALS['user']->username);
$user = User::findByUsername($username);
if (!$GLOBALS['perm']->have_profile_perm('user', $user->user_id)) {
$username = $GLOBALS['user']->username;
} else {
$username = $user->username;
URLHelper::addLinkParam('username', $username);
}
$this->about = new about($username, null);
$this->about->get_user_details();
if (!$this->about->check) {
$this->reportErrorWithDetails(_('Zugriff verweigert.'), array(_("Wahrscheinlich ist Ihre Session abgelaufen. Bitte " . "nutzen Sie in diesem Fall den untenstehenden Link, " . "um zurück zur Anmeldung zu gelangen.\n\n" . "Eine andere Ursache kann der Versuch des Zugriffs " . "auf Userdaten, die Sie nicht bearbeiten dürfen, sein. " . "Nutzen Sie den untenstehenden Link, um zurück auf " . "die Startseite zu gelangen."), sprintf(_('%s Hier%s geht es wieder zur Anmeldung beziehungsweise Startseite.'), '<a href="index.php">', '</a>')));
$this->render_nothing();
return;
}
$this->user = User::findByUsername($username);
$this->restricted = $GLOBALS['perm']->get_profile_perm($this->user->user_id) !== 'user' && $username !== $GLOBALS['user']->username;
$this->config = UserConfig::get($this->user->user_id);
$this->validator = new email_validation_class();
# Klasse zum Ueberpruefen der Eingaben
$this->validator->timeout = 10;
// Default auth plugin to standard
if (!$this->user->auth_plugin) {
$this->user->auth_plugin = 'standard';
}
PageLayout::addSqueezePackage('settings');
// Show info message if user is not on his own profile
if ($username != $GLOBALS['user']->username) {
$message = sprintf(_('Daten von: %s %s (%s), Status: %s'), htmlReady($this->user->Vorname), htmlReady($this->user->Nachname), $username, $this->user->perms);
$this->reportInfo($message);
}
Sidebar::get()->setImage('sidebar/person-sidebar.png');
$this->set_layout($GLOBALS['template_factory']->open('layouts/base'));
}
public function testUsernameParam()
{
$this->assertNull(Request::username('null'));
$this->assertSame(Request::username('a'), 'test');
$this->assertSame(Request::username('f'), 'root@studip');
$this->assertNull(Request::username('b'));
$this->assertNull(Request::username('v1'));
}
/**
* @return bool|string
*/
function auth_doregister()
{
global $_language_path;
$this->error_msg = "";
// check for direct link to register2.php
if (!$_SESSION['_language'] || $_SESSION['_language'] == "") {
$_SESSION['_language'] = get_accepted_languages();
}
$_language_path = init_i18n($_SESSION['_language']);
$this->auth["uname"] = Request::username('username');
// This provides access for "crcregister.ihtml"
$validator = new email_validation_class();
// Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
// Wie lange warten wir auf eine Antwort des Mailservers?
if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) {
return false;
}
$username = trim(Request::get('username'));
$Vorname = trim(Request::get('Vorname'));
$Nachname = trim(Request::get('Nachname'));
// accept only registered domains if set
$cfg = Config::GetInstance();
$email_restriction = $cfg->getValue('EMAIL_DOMAIN_RESTRICTION');
if ($email_restriction) {
$Email = trim(Request::get('Email')) . '@' . trim(Request::get('emaildomain'));
} else {
$Email = trim(Request::get('Email'));
}
if (!$validator->ValidateUsername($username)) {
$this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist zu kurz!") . "<br>";
return false;
}
// username syntaktisch falsch oder zu kurz
// auf doppelte Vergabe wird weiter unten getestet.
if (!$validator->ValidatePassword(Request::quoted('password'))) {
$this->error_msg = $this->error_msg . _("Das Passwort ist zu kurz!") . "<br>";
return false;
}
if (!$validator->ValidateName($Vorname)) {
$this->error_msg = $this->error_msg . _("Der Vorname fehlt oder ist unsinnig!") . "<br>";
return false;
}
// Vorname nicht korrekt oder fehlend
if (!$validator->ValidateName($Nachname)) {
$this->error_msg = $this->error_msg . _("Der Nachname fehlt oder ist unsinnig!") . "<br>";
return false;
// Nachname nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailAddress($Email)) {
$this->error_msg = $this->error_msg . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "<br>";
return false;
}
// E-Mail syntaktisch nicht korrekt oder fehlend
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
if (!$validator->ValidateEmailHost($Email)) {
// Mailserver nicht erreichbar, ablehnen
$this->error_msg = $this->error_msg . _("Der Mailserver ist nicht erreichbar, bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken und empfangen können!") . "<br>";
return false;
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($Email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("Register", "Emailbox unbekannt\n\nUser: {$username}\nEmail: {$Email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse ist nicht erreichbar, bitte überprüfen Sie Ihre Angaben!") . "<br>";
return false;
} else {
// Alles paletti, jetzt kommen die Checks gegen die Datenbank...
}
}
$check_uname = StudipAuthAbstract::CheckUsername($username);
if ($check_uname['found']) {
// error_log("username schon vorhanden", 0);
$this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist bereits vorhanden!") . "<br>";
return false;
// username schon vorhanden
}
if (count(User::findBySQL("Email LIKE " . DbManager::get()->quote($Email)))) {
$this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer verwendet. Sie müssen eine andere E-Mail-Adresse angeben!") . "<br>";
return false;
// Email schon vorhanden
}
// alle Checks ok, Benutzer registrieren...
$hasher = UserManagement::getPwdHasher();
$new_user = new User();
$new_user->username = $username;
$new_user->perms = 'user';
$new_user->password = $hasher->HashPassword(Request::get('password'));
$new_user->vorname = $Vorname;
$new_user->nachname = $Nachname;
$new_user->email = $Email;
$new_user->geschlecht = Request::int('geschlecht');
$new_user->title_front = trim(Request::get('title_front', Request::get('title_front_chooser')));
$new_user->title_rear = trim(Request::get('title_rear', Request::get('title_rear_chooser')));
$new_user->auth_plugin = 'standard';
$new_user->store();
if ($new_user->user_id) {
self::sendValidationMail($new_user);
$this->auth["perm"] = $new_user->perms;
return $new_user->user_id;
}
}
if ($seminar_id !== null) {
$query .= " AND seminar_id = ?";
$parameters[] = $seminar_id;
}
$statement = DBManager::get()->prepare($query);
$statement->execute($parameters);
return $statement->fetchAll(PDO::FETCH_COLUMN);
}
if (!is_array($_SESSION['_user_activities'])) {
$_SESSION['_user_activities']['open'] = array();
$_SESSION['_user_activities']['details'] = 'files';
}
$queries = array();
$msg = array();
if (Request::get('username')) {
$_SESSION['_user_activities']['username'] = Request::username('username');
$_SESSION['_user_activities']['open'] = array();
$_SESSION['_user_activities']['details'] = 'files';
}
if (Request::get('details')) {
$_SESSION['_user_activities']['details'] = Request::option('details');
}
if (Request::get('open')) {
$_SESSION['_user_activities']['open'][Request::get('open')] = time();
}
if (Request::get('close')) {
unset($_SESSION['_user_activities']['open'][Request::get('close')]);
}
$user_id = get_userid($_SESSION['_user_activities']['username']);
arsort($_SESSION['_user_activities']['open'], SORT_NUMERIC);
if (Request::get('download_as_zip')) {
/**
* Display an information page that the user has been logged out
*/
public function logout_action()
{
// Check whether this is a valid logout request
if ($this->flash['logout-token'] !== Request::get('token')) {
$this->redirect('settings/account');
}
$this->username = Request::username('username', $GLOBALS['user']->username);
}
/**
* Get the activation status of this plugin in the given context.
* This also checks the plugin default activations.
*
* @param $context context range id (optional)
* @param $type type of activation (optional), can be set to 'user'
* in order to point to a homepage plugin
*/
public function isActivated($context = null, $type = 'sem')
{
global $user;
$plugin_id = $this->getPluginId();
$plugin_manager = PluginManager::getInstance();
/*
* Context can be a Seminar ID or the current user ID if not set.
* Identification is done via the "username" parameter.
*/
if (!isset($context)) {
if ($type == 'user') {
$context = get_userid(Request::username('username', $user->username));
} else {
$context = $_SESSION['SessionSeminar'];
}
}
if ($type == 'user') {
$activated = $plugin_manager->isPluginActivatedForUser($plugin_id, $context);
} else {
$activated = $plugin_manager->isPluginActivated($plugin_id, $context);
}
return $activated;
}
/**
* Create a new banner
*/
public function new_action()
{
// add new banner input
if (Request::submitted('anlegen')) {
$description = Request::get('description');
$alttext = Request::get('alttext');
$target_type = Request::option('target_type');
//add the right target
if ($target_type == 'url') {
$target = Request::get('target');
} else {
if ($target_type == 'inst') {
$target = Request::option('institut');
} else {
if ($target_type == 'user') {
$target = Request::username('user');
} else {
if ($target_type == 'seminar') {
$target = Request::option('seminar');
} else {
$target = Request::get('target');
}
}
}
}
$priority = Request::int('priority');
$errors = array();
$upload = $_FILES['imgfile'];
if (!$upload['name']) {
$errors[] = _('Es wurde kein Bild ausgewählt.');
} else {
$banner_path = $this->bannerupload($upload['tmp_name'], $upload['size'], $upload['name'], $errors);
}
$startDate = explode('.', Request::get('start_date'));
if (($x = $this->valid_date(Request::int('start_hour'), Request::int('start_minute'), $startDate[0], $startDate[1], $startDate[2])) == -1) {
$errors[] = _('Bitte geben Sie einen gültiges Startdatum ein.');
} else {
$startdate = $x;
}
$endDate = explode('.', Request::get('end_date'));
if (($x = $this->valid_date(Request::int('end_hour'), Request::int('end_minute'), $endDate[0], $endDate[1], $endDate[2])) == -1) {
$errors[] = _('Bitte geben Sie einen gültiges Enddatum ein.');
} else {
$enddate = $x;
}
if (!$target && $target_type != 'none') {
$errors[] = _('Es wurde kein Verweisziel angegeben.');
} else {
switch ($target_type) {
case 'url':
if (!preg_match('~^(https?|ftp)://~i', $target)) {
$errors[] = _('Das Verweisziel muss eine gültige URL sein (incl. http://).');
}
break;
case 'inst':
if (Institute::find($target) === null) {
$errors[] = _('Die angegebene Einrichtung existiert nicht. ' . 'Bitte geben Sie eine gültige Einrichtungs-ID ein.');
}
break;
case 'user':
if (User::findByUsername($target) === null) {
$errors[] = _('Der angegebene Benutzername existiert nicht.');
}
break;
case 'seminar':
try {
Seminar::getInstance($target);
} catch (Exception $e) {
$errors[] = _('Die angegebene Veranstaltung existiert nicht. ' . 'Bitte geben Sie eine gültige Veranstaltungs-ID ein.');
}
break;
case 'none':
$target = '';
break;
}
}
if (count($errors) > 0) {
PageLayout::postMessage(MessageBox::error(_('Es sind folgende Fehler aufgetreten:'), $errors));
} else {
$banner = new Banner();
$banner->banner_path = $banner_path;
$banner->description = $description;
$banner->alttext = $alttext;
$banner->target_type = $target_type;
$banner->target = $target;
$banner->startdate = $startdate;
$banner->enddate = $enddate;
$banner->priority = $priority;
$banner->store();
PageLayout::postMessage(MessageBox::success(_('Der Banner wurde erfolgreich gespeichert.')));
$this->redirect('admin/banner');
}
}
}
?>
<?php
echo Icon::create("group3", "clickable")->asImg($width, ['class' => "private click"]);
?>
<?php
echo Icon::create("seminar", "clickable")->asImg($width, ['class' => "seminar click"]);
?>
</div>
<textarea id="new_posting" placeholder="<?php
echo _("Schreib was, frag was.");
?>
" aria-label="<?php
echo _("Schreib was, frag was.");
?>
"><?php
echo ($search ? htmlReady("#" . $search) . " " : "") . (Request::get("mention") ? "@" . htmlReady(Request::username("mention")) . ", " : "");
?>
</textarea>
<label title="<?php
echo _("Datei hochladen");
?>
" class="uploader">
<input type="file" style="display: none;" multiple>
<?php
echo Assets::img('ajax-indicator-black.svg', array('class' => "text-bottom uploading", 'width' => "16px", 'height' => "16px"));
?>
<?php
echo Icon::create('upload', 'clickable')->asImg(['class' => "text-bottom upload"]);
?>
</label>
</div>
/**
* Lets the user compose a message and send it.
*/
public function write_action()
{
PageLayout::setTitle(_("Neue Nachricht schreiben"));
//collect possible default adressees
$this->to = array();
$this->default_message = new Message();
if (Request::username("rec_uname")) {
$user = new MessageUser();
$user->setData(array('user_id' => get_userid(Request::username("rec_uname")), 'snd_rec' => "rec"));
$this->default_message->receivers[] = $user;
}
if (Request::getArray("rec_uname")) {
foreach (Request::usernameArray("rec_uname") as $username) {
$user = new MessageUser();
$user->setData(array('user_id' => get_userid($username), 'snd_rec' => "rec"));
$this->default_message->receivers[] = $user;
}
}
if (Request::option("group_id")) {
$this->default_message->receivers = array();
$group = Statusgruppen::find(Request::option("group_id"));
if ($group['range_id'] === $GLOBALS['user']->id || $GLOBALS['perm']->have_studip_perm("autor", $group['range_id'])) {
foreach ($group->members as $member) {
$user = new MessageUser();
$user->setData(array('user_id' => $member['user_id'], 'snd_rec' => "rec"));
$this->default_message->receivers[] = $user;
}
}
}
if (Request::get('inst_id') && $GLOBALS['perm']->have_perm('admin')) {
$query = "SELECT user_id FROM user_inst WHERE Institut_id = ? AND inst_perms != 'user'";
$this->default_message->receivers = DBManager::get()->fetchAll($query, array(Request::option('inst_id')), 'MessageUser::build');
}
if (Request::get("filter") && Request::option("course_id")) {
$course = new Course(Request::option('course_id'));
if ($GLOBALS['perm']->have_studip_perm("tutor", Request::option('course_id')) || $course->getSemClass()['studygroup_mode']) {
$this->default_message->receivers = array();
if (Request::get("filter") === 'claiming') {
$cs = CourseSet::getSetForCourse(Request::option("course_id"));
if (is_object($cs) && !$cs->hasAlgorithmRun()) {
foreach (AdmissionPriority::getPrioritiesByCourse($cs->getId(), Request::option("course_id")) as $user_id => $p) {
$this->default_message->receivers[] = MessageUser::build(array('user_id' => $user_id, 'snd_rec' => 'rec'));
}
}
} else {
$params = array(Request::option('course_id'), Request::option('who'));
switch (Request::get("filter")) {
case 'send_sms_to_all':
$query = "SELECT b.user_id,'rec' as snd_rec FROM seminar_user a, auth_user_md5 b WHERE a.Seminar_id = ? AND a.user_id = b.user_id AND a.status = ? ORDER BY Nachname, Vorname";
break;
case 'all':
$query = "SELECT user_id,'rec' as snd_rec FROM seminar_user LEFT JOIN auth_user_md5 USING(user_id) WHERE Seminar_id = ? ORDER BY Nachname, Vorname";
break;
case 'prelim':
$query = "SELECT user_id,'rec' as snd_rec FROM admission_seminar_user LEFT JOIN auth_user_md5 USING(user_id) WHERE seminar_id = ? AND status='accepted' ORDER BY Nachname, Vorname";
break;
case 'awaiting':
$query = "SELECT user_id,'rec' as snd_rec FROM admission_seminar_user LEFT JOIN auth_user_md5 USING(user_id) WHERE seminar_id = ? AND status='awaiting' ORDER BY Nachname, Vorname";
break;
case 'inst_status':
$query = "SELECT b.user_id,'rec' as snd_rec FROM user_inst a, auth_user_md5 b WHERE a.Institut_id = ? AND a.user_id = b.user_id AND a.inst_perms = ? ORDER BY Nachname, Vorname";
break;
}
$this->default_message->receivers = DBManager::get()->fetchAll($query, $params, 'MessageUser::build');
}
}
}
if (Request::option('prof_id') && Request::option('deg_id') && $GLOBALS['perm']->have_perm('root')) {
$query = "SELECT DISTINCT user_id,'rec' as snd_rec\n FROM user_studiengang\n WHERE studiengang_id = ? AND abschluss_id = ?";
$this->default_message->receivers = DBManager::get()->fetchAll($query, array(Request::option('prof_id'), Request::option('deg_id')), 'MessageUser::build');
}
if (Request::option('sd_id') && $GLOBALS['perm']->have_perm('root')) {
$query = "SELECT DISTINCT user_id,'rec' as snd_rec\n FROM user_studiengang\n WHERE abschluss_id = ?";
$this->default_message->receivers = DBManager::get()->fetchAll($query, array(Request::option('sd_id')), 'MessageUser::build');
}
if (Request::option('sp_id') && $GLOBALS['perm']->have_perm('root')) {
$query = "SELECT DISTINCT user_id,'rec' as snd_rec\n FROM user_studiengang\n WHERE studiengang_id = ?";
$this->default_message->receivers = DBManager::get()->fetchAll($query, array(Request::option('sp_id')), 'MessageUser::build');
}
if (!$this->default_message->receivers->count() && is_array($_SESSION['sms_data']['p_rec'])) {
$this->default_message->receivers = DBManager::get()->fetchAll("SELECT user_id,'rec' as snd_rec FROM auth_user_md5 WHERE username IN(?) ORDER BY Nachname,Vorname", array($_SESSION['sms_data']['p_rec']), 'MessageUser::build');
unset($_SESSION['sms_data']);
}
if (Request::option("answer_to")) {
$this->default_message->receivers = array();
$old_message = new Message(Request::option("answer_to"));
if (!$old_message->permissionToRead()) {
throw new AccessDeniedException("Message is not for you.");
}
if (!Request::get('forward')) {
if (Request::option("quote") === $old_message->getId()) {
if (Studip\Markup::isHtml($old_message['message'])) {
$this->default_message['message'] = "<div>[quote]\n" . $old_message['message'] . "\n[/quote]</div>";
} else {
$this->default_message['message'] = "[quote]\n" . $old_message['message'] . "\n[/quote]";
}
}
$this->default_message['subject'] = substr($old_message['subject'], 0, 4) === "RE: " ? $old_message['subject'] : "RE: " . $old_message['subject'];
$user = new MessageUser();
$user->setData(array('user_id' => $old_message['autor_id'], 'snd_rec' => "rec"));
$this->default_message->receivers[] = $user;
$this->answer_to = $old_message->id;
} else {
$messagesubject = 'FWD: ' . $old_message['subject'];
$message = _("-_-_ Weitergeleitete Nachricht _-_-");
$message .= "\n" . _("Betreff") . ": " . $old_message['subject'];
$message .= "\n" . _("Datum") . ": " . strftime('%x %X', $old_message['mkdate']);
$message .= "\n" . _("Von") . ": " . get_fullname($old_message['autor_id']);
$num_recipients = $old_message->getNumRecipients();
if ($GLOBALS['user']->id == $old_message->autor_id) {
$message .= "\n" . _("An") . ": " . ($num_recipients == 1 ? _('Eine Person') : sprintf(_('%s Personen'), $num_recipients));
} else {
$message .= "\n" . _("An") . ": " . $GLOBALS['user']->getFullname() . ($num_recipients > 1 ? ' ' . sprintf(_('(und %d weitere)'), $num_recipients) : '');
}
$message .= "\n\n";
if (Studip\Markup::isHtml($old_message['message'])) {
$message = '<div>' . htmlReady($message, false, true) . '</div>' . $old_message['message'];
} else {
$message .= $old_message['message'];
}
if (count($old_message->attachments)) {
Request::set('message_id', $old_message->getNewId());
foreach ($old_message->attachments as $attachment) {
$attachment->range_id = 'provisional';
$attachment->seminar_id = $GLOBALS['user']->id;
$attachment->autor_host = $_SERVER['REMOTE_ADDR'];
$attachment->user_id = $GLOBALS['user']->id;
$attachment->description = Request::option('message_id');
$new_attachment = $attachment->toArray(array('range_id', 'user_id', 'seminar_id', 'name', 'description', 'filename', 'filesize'));
$new_attachment = StudipDocument::createWithFile(get_upload_file_path($attachment->getId()), $new_attachment);
$this->default_attachments[] = array('icon' => GetFileIcon(getFileExtension($new_attachment['filename']))->asImg(['class' => "text-bottom"]), 'name' => $new_attachment['filename'], 'document_id' => $new_attachment->id, 'size' => relsize($new_attachment['filesize'], false));
}
}
$this->default_message['subject'] = $messagesubject;
$this->default_message['message'] = $message;
}
}
if (Request::get("default_body")) {
$this->default_message['message'] = Request::get("default_body");
}
if (Request::get("default_subject")) {
$this->default_message['subject'] = Request::get("default_subject");
}
$settings = UserConfig::get($GLOBALS['user']->id)->MESSAGING_SETTINGS;
$this->mailforwarding = Request::get('emailrequest') ? true : $settings['request_mail_forward'];
if (trim($settings['sms_sig'])) {
if (Studip\Markup::isHtml($this->default_message['message']) || Studip\Markup::isHtml($settings['sms_sig'])) {
if (!Studip\Markup::isHtml($this->default_message['message'])) {
$this->default_message['message'] = '<div>' . nl2br($this->default_message['message']) . '</div>';
}
$this->default_message['message'] .= '<br><br>--<br>';
if (Studip\Markup::isHtml($settings['sms_sig'])) {
$this->default_message['message'] .= $settings['sms_sig'];
} else {
$this->default_message['message'] .= formatReady($settings['sms_sig']);
}
} else {
$this->default_message['message'] .= "\n\n--\n" . $settings['sms_sig'];
}
}
NotificationCenter::postNotification("DefaultMessageForComposerCreated", $this->default_message);
}
/**
*
*/
function auth_loginform()
{
if (Request::isXhr()) {
if (Request::isDialog()) {
header('X-Location: ' . URLHelper::getURL($_SERVER['REQUEST_URI']));
page_close();
die;
}
throw new AccessDeniedException();
}
// first of all init I18N because seminar_open is not called here...
global $_language_path;
// set up dummy user environment
if ($GLOBALS['user']->id !== 'nobody') {
$GLOBALS['user'] = new Seminar_User('nobody');
$GLOBALS['perm'] = new Seminar_Perm();
$GLOBALS['auth'] = $this;
}
if (!$_SESSION['_language']) {
$_SESSION['_language'] = get_accepted_languages();
}
if (!$_SESSION['_language']) {
$_SESSION['_language'] = $GLOBALS['DEFAULT_LANGUAGE'];
}
// init of output via I18N
$_language_path = init_i18n($_SESSION['_language']);
include 'config.inc.php';
// load the default set of plugins
PluginEngine::loadPlugins();
if (Request::get('loginname') && !$_COOKIE[get_class($GLOBALS['sess'])]) {
$login_template = $GLOBALS['template_factory']->open('nocookies');
} else {
if (isset($this->need_email_activation)) {
$this->unauth();
header('Location: ' . URLHelper::getURL('activate_email.php?cancel_login=1&key=&uid=' . $this->need_email_activation));
page_close();
die;
} else {
unset($_SESSION['semi_logged_in']);
// used by email activation
$login_template = $GLOBALS['template_factory']->open('loginform');
$login_template->set_attribute('loginerror', isset($this->auth["uname"]) && $this->error_msg);
$login_template->set_attribute('error_msg', $this->error_msg);
$login_template->set_attribute('uname', isset($this->auth["uname"]) ? $this->auth["uname"] : Request::username('loginname'));
$login_template->set_attribute('self_registration_activated', $GLOBALS['ENABLE_SELF_REGISTRATION']);
}
}
PageLayout::setHelpKeyword('Basis.AnmeldungLogin');
$header_template = $GLOBALS['template_factory']->open('header');
$header_template->current_page = _('Login');
$header_template->link_params = array('cancel_login' => 1);
include 'lib/include/html_head.inc.php';
echo $header_template->render();
echo $login_template->render();
include 'lib/include/html_end.inc.php';
page_close();
}
/**
* Constructor of Plugin : adds Navigation and collects information for javascript-update.
*/
public function __construct()
{
parent::__construct();
if (UpdateInformation::isCollecting()) {
$data = Request::getArray("page_info");
if (stripos(Request::get("page"), "plugins.php/blubber") !== false && isset($data['Blubber'])) {
$output = array();
switch ($data['Blubber']['stream']) {
case "global":
$stream = BlubberStream::getGlobalStream();
break;
case "course":
$stream = BlubberStream::getCourseStream($data['Blubber']['context_id']);
break;
case "profile":
$stream = BlubberStream::getProfileStream($data['Blubber']['context_id']);
break;
case "thread":
$stream = BlubberStream::getThreadStream($data['Blubber']['context_id']);
break;
case "custom":
$stream = new BlubberStream($data['Blubber']['context_id']);
break;
}
$last_check = $data['Blubber']['last_check'] ? $data['Blubber']['last_check'] : time() - 5 * 60;
$new_postings = $stream->fetchNewPostings($last_check);
$factory = new Flexi_TemplateFactory($this->getPluginPath() . "/views");
foreach ($new_postings as $new_posting) {
if ($new_posting['root_id'] === $new_posting['topic_id']) {
$thread = $new_posting;
$template = $factory->open("streams/thread.php");
$template->set_attribute('thread', $new_posting);
} else {
$thread = new BlubberPosting($new_posting['root_id']);
$template = $factory->open("streams/comment.php");
$template->set_attribute('posting', $new_posting);
}
BlubberPosting::$course_hashes = $thread['user_id'] !== $thread['Seminar_id'] ? $thread['Seminar_id'] : false;
$template->set_attribute("course_id", $data['Blubber']['seminar_id']);
$output['postings'][] = array('posting_id' => $new_posting['topic_id'], 'discussion_time' => $new_posting['discussion_time'], 'mkdate' => $new_posting['mkdate'], 'root_id' => $new_posting['root_id'], 'content' => $template->render());
}
UpdateInformation::setInformation("Blubber.getNewPosts", $output);
//Events-Queue:
$db = DBManager::get();
$events = $db->query("SELECT event_type, item_id " . "FROM blubber_events_queue " . "WHERE mkdate >= " . $db->quote($last_check) . " " . "ORDER BY mkdate ASC " . "")->fetchAll(PDO::FETCH_ASSOC);
UpdateInformation::setInformation("Blubber.blubberEvents", $events);
$db->exec("DELETE FROM blubber_events_queue " . "WHERE mkdate < UNIX_TIMESTAMP() - 60 * 60 * 6 " . "");
}
}
if (Navigation::hasItem("/community")) {
$nav = new Navigation($this->getDisplayTitle(), PluginEngine::getURL($this, array(), "streams/global"));
$nav->addSubNavigation("global", new AutoNavigation(_("Globaler Stream"), PluginEngine::getURL($this, array(), "streams/global")));
foreach (BlubberStream::findMine() as $stream) {
$url = PluginEngine::getURL($this, array(), "streams/custom/" . $stream->getId());
$nav->addSubNavigation($stream->getId(), new AutoNavigation($stream['name'], $url));
if ($stream['defaultstream']) {
$nav->setURL($url);
}
}
$nav->addSubNavigation("add", new AutoNavigation(_("Neuen Stream erstellen"), PluginEngine::getURL($this, array(), "streams/edit")));
Navigation::insertItem("/community/blubber", $nav, "online");
Navigation::getItem("/community")->setURL($nav->getURL());
}
if (Navigation::hasItem("/profile") && $this->isActivated(get_userid(Request::username('username', $GLOBALS['auth']->auth['uname'])), 'user')) {
$nav = new AutoNavigation(_("Blubber"), PluginEngine::getURL($this, array('user_id' => get_userid(Request::get("username"))), "streams/profile"));
Navigation::addItem("/profile/blubber", $nav);
}
}
/**
* Initialize the subnavigation of this item. This method
* is called once before the first item is added or removed.
*/
public function initSubNavigation()
{
global $user, $perm;
parent::initSubNavigation();
$username = Request::username('username', $user->username);
$current_user = $username == $user->username ? $user : User::findByUsername($username);
// profile
$navigation = new Navigation(_('Profil'), 'dispatch.php/profile/index');
$this->addSubNavigation('index', $navigation);
if ($perm->have_profile_perm('user', $current_user->user_id)) {
// avatar
$navigation = new Navigation(_('Bild'), 'dispatch.php/settings/avatar');
$this->addSubNavigation('avatar', $navigation);
// profile data
$navigation = new Navigation(_('Nutzerdaten'));
$navigation->addSubNavigation('profile', new Navigation(_('Grunddaten'), 'dispatch.php/settings/account'));
if (($perm->get_profile_perm($current_user->user_id) == 'user' || $perm->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && !StudipAuthAbstract::CheckField('auth_user_md5.password', $current_user->auth_plugin) && !LockRules::check($current_user->user_id, 'password')) {
$navigation->addSubNavigation('password', new Navigation(_('Passwort ändern'), 'dispatch.php/settings/password'));
}
$navigation->addSubNavigation('details', new Navigation(_('Weitere Daten'), 'dispatch.php/settings/details'));
if (!in_array($current_user->perms, words('user admin root'))) {
$navigation->addSubNavigation('studies', new Navigation(_('Studiendaten'), 'dispatch.php/settings/studies'));
}
if ($current_user->perms != 'root') {
if (count(UserDomain::getUserDomains())) {
$navigation->addSubNavigation('userdomains', new Navigation(_('Nutzerdomänen'), 'dispatch.php/settings/userdomains'));
}
if ($perm->is_staff_member($current_user->user_id)) {
$navigation->addSubNavigation('statusgruppen', new Navigation(_('Einrichtungsdaten'), 'dispatch.php/settings/statusgruppen'));
}
}
$this->addSubNavigation('edit', $navigation);
if ($perm->have_perm('autor')) {
$navigation = new Navigation(_('Einstellungen'));
$navigation->addSubNavigation('general', new Navigation(_('Allgemeines'), 'dispatch.php/settings/general'));
$navigation->addSubNavigation('privacy', new Navigation(_('Privatsphäre'), 'dispatch.php/settings/privacy'));
$navigation->addSubNavigation('messaging', new Navigation(_('Nachrichten'), 'dispatch.php/settings/messaging'));
if (get_config('CALENDAR_ENABLE')) {
$navigation->addSubNavigation('calendar_new', new Navigation(_('Terminkalender'), 'dispatch.php/settings/calendar'));
}
if (!$perm->have_perm('admin') and get_config('MAIL_NOTIFICATION_ENABLE')) {
$navigation->addSubNavigation('notification', new Navigation(_('Benachrichtigung'), 'dispatch.php/settings/notification'));
}
if (isDefaultDeputyActivated() && $perm->get_perm() == 'dozent') {
$navigation->addSubNavigation('deputies', new Navigation(_('Standardvertretung'), 'dispatch.php/settings/deputies'));
}
if (Config::Get()->API_ENABLED) {
$navigation->addSubNavigation('api', new Navigation(_('API-Berechtigungen'), 'dispatch.php/api/authorizations'));
}
$this->addSubNavigation('settings', $navigation);
}
// user defined sections
$navigation = new Navigation(_('Kategorien'), 'dispatch.php/settings/categories');
$this->addSubNavigation('categories', $navigation);
}
// user documents page
if (Config::get()->PERSONALDOCUMENT_ENABLE && ($perm->have_profile_perm('user', $current_user->user_id) || Config::get()->PERSONALDOCUMENT_OPEN_ACCESS)) {
$title = _('Meine Dateien');
if (Config::get()->PERSONALDOCUMENT_OPEN_ACCESS && $current_user->id !== $user->id) {
$title = _('Dateibereich');
}
$navigation = new Navigation($title, 'dispatch.php/document/files');
$this->addSubNavigation('files', $navigation);
}
}
function remove_action($group = null)
{
$contact = Contact::find(array(User::findCurrent()->id, User::findByUsername(Request::username('user'))->id));
if ($contact) {
if ($group) {
$contact->group_assignments->unsetBy('statusgruppe_id', $group);
if ($contact->store()) {
PageLayout::postMessage(MessageBox::success(_("Der Kontakt wurde aus der Gruppe entfernt.")));
}
} else {
if ($contact->delete()) {
PageLayout::postMessage(MessageBox::success(_("Der Kontakt wurde entfernt.")));
}
}
}
$this->redirect('contact/index/' . $group);
}
/**
* Adds the user identified by the variable username to the current user's
* contacts.
*/
public function add_buddy_action()
{
$username = Request::username('username');
$user = User::findByUsername($username);
$current = User::findCurrent();
$current->contacts[] = $user;
$current->store();
PageLayout::postMessage(MessageBox::success(_('Der Nutzer wurde zu Ihren Kontakten hinzugefügt.')));
$this->redirect('profile/index?username=' . $username);
}
