public function execute() { $tp = SJB_System::getTemplateProcessor(); $oSubAdmin = SJB_ObjectMother::createSubAdmin($_REQUEST); $registration_form = SJB_ObjectMother::createForm($oSubAdmin); $registration_form->registerTags($tp); $form_submitted = SJB_Request::getVar('action', '') == 'add'; $errors = array(); $acl = SJB_SubAdminAcl::getInstance(); $type = 'subadmin'; $resources = $acl->getResources(); SJB_SubAdminAcl::mergePermissionsWithResources($resources); switch (SJB_Request::getVar('action')) { case 'save': if ($registration_form->isDataValid($errors)) { SJB_SubAdminManager::saveSubAdmin($oSubAdmin); $role = $oSubAdmin->getSID(); SJB_Acl::clearPermissions($type, $role); foreach ($resources as $name => $resource) { SJB_SubAdminAcl::allow($name, $type, $role, SJB_SubAdminAcl::definePermission($name), SJB_Request::getVar($name . '_params')); } // get new defined permissions for notification letter $permissions = SJB_SubAdminAcl::getAllPermissions($type, $role); $resources = $acl->getResources(); SJB_SubAdminAcl::mergePermissionsWithResources($resources, $permissions); SJB_Notifications::sendSubAdminRegistrationLetter($oSubAdmin, SJB_Request::get(), $resources); SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/manage-subadmins/'); } break; case 'delete': $subadmins = SJB_Request::getVar('subadmin', array()); foreach ($subadmins as $subadmin_sid) { $username = SJB_SubAdminManager::getUserNameBySubAdminSID($subadmin_sid); SJB_SubAdminManager::deleteSubAdminByUserName($username); } SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/manage-subadmins/'); break; default: break; } $tp->assign('errors', $errors); $tp->assign('form_fields', $registration_form->getFormFieldsInfo()); $aPermissionGroups = SJB_SubAdminAcl::getPermissionGroups(); if ('save' == SJB_Request::getVar('action', '')) { SJB_SubAdminAcl::mergePermissionsWithRequest($resources); } SJB_SubAdminAcl::prepareSubPermissions($resources); $tp->assign('groups', $aPermissionGroups); $tp->assign('resources', $resources); $tp->assign('type', $type); $tp->assign('role', 0); $tp->display('add_subadmin.tpl'); }
public static function getVar($name, $default = null, $hash = 'default', $type = 'none') { $input = SJB_Request::get($hash); if (isset($input[$name])) { $var = $input[$name]; if ($type !== 'none') { settype($var, $type); } return $var; } return $default; }
public function execute() { $tp = SJB_System::getTemplateProcessor(); $errors = array(); $fatal_errors = array(); $isDataSubmitted = false; try { $controller = new SJB_SendListingInfoController($_REQUEST); } catch (Exception $e) { $controller = false; } if (empty($controller)) { $fatal_errors['LISTING_ID_IS_NOT_NUMERIC'] = $e->getMessage(); } elseif ($controller->isListingSpecified()) { if ($controller->isDataSubmitted()) { SJB_Captcha::getInstance($tp, $_REQUEST)->isValid($errors); if (!preg_match('^[a-zA-Z0-9\\._-]+@[a-zA-Z0-9\\._-]+\\.[a-zA-Z]{2,}$^', $_REQUEST['friend_email'])) { $errors['NOT_VALID_EMAIL_FORMAT'] = true; } if (empty($errors)) { $data_to_send = $controller->getData(); if (!SJB_Notifications::sendTellFriendLetter($data_to_send)) { $errors['SEND_ERROR'] = true; } $isDataSubmitted = true; } } $tp->assign('listing_info', SJB_ListingManager::createTemplateStructureForListing(SJB_ListingManager::getObjectBySID($controller->getListingID()))); } else { $fatal_errors['UNDEFINED_LISTING_ID'] = true; } $tp->assign('fatal_errors', $fatal_errors); $tp->assign('errors', $errors); $tp->assign('info', SJB_Request::get()); $tp->assign('is_data_submitted', $isDataSubmitted); $tp->display('tell_friend.tpl'); }
public function execute() { $tp = SJB_System::getTemplateProcessor(); $errors = array(); $template = 'sub_accounts.tpl'; $currentUserInfo = SJB_UserManager::getCurrentUserInfo(); $listSubusers = false; if (!empty($currentUserInfo['subuser']) && SJB_Request::getVar('action_name') != 'edit' && SJB_Request::getVar('user_id', 0) != $currentUserInfo['subuser']['sid']) { $errors['ACCESS_DENIED'] = 'ACCESS_DENIED'; } switch (SJB_Request::getVar('action_name')) { case 'new': $form_submitted = SJB_Request::getMethod() === SJB_Request::METHOD_POST; $user_group_sid = $currentUserInfo['user_group_sid']; $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_group_sid); $_REQUEST['user_group_id'] = $user_group_info['id']; $user = SJB_ObjectMother::createUser($_REQUEST, $user_group_sid); $props = $user->getProperties(); $allowedProperties = array('username', 'email', 'password'); foreach ($props as $prop) { if (!in_array($prop->getID(), $allowedProperties)) { $user->deleteProperty($prop->getID()); } } $registration_form = SJB_ObjectMother::createForm($user); $registration_form->registerTags($tp); if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_group_sid) && $form_submitted) { $email = $user->getPropertyValue('email'); if (is_array($email)) { $email = $email['original']; } $user->setPropertyValue('username', $email); } $registration_form = SJB_ObjectMother::createForm($user); if ($form_submitted && $registration_form->isDataValid($errors)) { $user->addParentProperty($currentUserInfo['sid']); $subuserPermissions = array('subuser_add_listings' => array('title' => 'Add new listings', 'value' => 'deny'), 'subuser_manage_listings' => array('title' => 'Manage listings and applications of other sub users', 'value' => 'deny'), 'subuser_manage_subscription' => array('title' => 'View and update subscription', 'value' => 'deny'), 'subuser_use_screening_questionnaires' => array('title' => 'Manage Questionnaries', 'value' => 'deny')); SJB_UserManager::saveUser($user); SJB_Statistics::addStatistics('addSubAccount', $user->getUserGroupSID(), $user->getSID()); SJB_Acl::clearPermissions('user', $user->getSID()); foreach ($subuserPermissions as $permissionID => $permission) { $allowDeny = SJB_Request::getVar($permissionID, 'deny'); $subuserPermissions[$permissionID]['value'] = $allowDeny; SJB_Acl::allow($permissionID, 'user', $user->getSID(), $allowDeny); } SJB_UserManager::activateUserByUserName($user->getUserName()); SJB_Notifications::sendSubuserRegistrationLetter($user, SJB_Request::get(), $subuserPermissions); $tp->assign('isSubuserRegistered', true); $listSubusers = true; } else { if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_group_sid)) { $user->deleteProperty("username"); } $registration_form = SJB_ObjectMother::createForm($user); if ($form_submitted) { $registration_form->isDataValid($errors); } $registration_form->registerTags($tp); $form_fields = $registration_form->getFormFieldsInfo(); $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_group_sid); $tp->assign("user_group_info", $user_group_info); $tp->assign("errors", $errors); $tp->assign("form_fields", $form_fields); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields))); $tp->display('subuser_registration_form.tpl'); } break; case 'edit': $userInfo = SJB_UserManager::getUserInfoBySID(SJB_Request::getVar('user_id', 0)); if (!empty($userInfo) && $userInfo['parent_sid'] === $currentUserInfo['sid']) { $userInfo = array_merge($userInfo, $_REQUEST); $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($currentUserInfo['user_group_sid']); $user = new SJB_User($userInfo, $userInfo['user_group_sid']); $user->setSID($userInfo['sid']); $user->addParentProperty($currentUserInfo['sid']); $props = $user->getProperties(); $allowedProperties = array('username', 'email', 'password'); foreach ($props as $prop) { if (!in_array($prop->getID(), $allowedProperties)) { $user->deleteProperty($prop->getID()); } } $user->makePropertyNotRequired("password"); $edit_profile_form = SJB_ObjectMother::createForm($user); $edit_profile_form->registerTags($tp); $edit_profile_form->makeDisabled("username"); $form_submitted = SJB_Request::getMethod() == SJB_Request::METHOD_POST; if (empty($errors) && $form_submitted && $edit_profile_form->isDataValid($errors)) { $password_value = $user->getPropertyValue('password'); if (empty($password_value['original'])) { $user->deleteProperty('password'); } $currentUser = SJB_UserManager::getCurrentUser(); if (!$currentUser->isSubuser()) { $subuserPermissions = array('subuser_add_listings', 'subuser_manage_listings', 'subuser_manage_subscription', 'subuser_use_screening_questionnaires'); SJB_Acl::clearPermissions('user', $user->getSID()); foreach ($subuserPermissions as $permission) { SJB_Acl::allow($permission, 'user', $user->getSID(), SJB_Request::getVar($permission, 'deny')); } } SJB_UserManager::saveUser($user); $tp->assign("form_is_submitted", true); } else { $tp->assign("errors", $errors); } $form_fields = $edit_profile_form->getFormFieldsInfo(); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields))); $tp->assign("form_fields", $form_fields); $tp->assign('user_info', $userInfo); $tp->display('edit_subuser_profile.tpl'); } break; case 'delete': $users = SJB_Request::getVar('user_id', array()); foreach ($users as $user) { SJB_UserManager::deleteUserById($user); } $listSubusers = true; break; default: $listSubusers = true; break; } if ($listSubusers) { $tp->assign('errors', $errors); $tp->assign('subusers', SJB_UserManager::getSubusers($currentUserInfo['sid'])); $tp->assign('isEmailAsUsername', SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($currentUserInfo['user_group_sid'])); $tp->display($template); } }
public function execute() { $tp = SJB_System::getTemplateProcessor(); $template = SJB_Request::getVar('input_template', 'input_form.tpl'); $error = null; $listingTypeID = SJB_Request::getVar('listing_type_id', false); $passed_parameters_via_uri = SJB_Request::getVar('passed_parameters_via_uri', false); $pageID = false; if ($passed_parameters_via_uri) { $passed_parameters_via_uri = SJB_UrlParamProvider::getParams(); $listingTypeID = isset($passed_parameters_via_uri[0]) ? $passed_parameters_via_uri[0] : $listingTypeID; $pageID = isset($passed_parameters_via_uri[1]) ? $passed_parameters_via_uri[1] : false; $listing_id = isset($passed_parameters_via_uri[2]) ? $passed_parameters_via_uri[2] : false; } if (SJB_UserManager::isUserLoggedIn()) { $post_max_size_orig = ini_get('post_max_size'); $server_content_length = isset($_SERVER['CONTENT_LENGTH']) ? $_SERVER['CONTENT_LENGTH'] : null; $fromPreview = SJB_Request::getVar('from-preview', false); // get post_max_size in bytes $val = trim($post_max_size_orig); $tmp = substr($val, strlen($val) - 1); $tmp = strtolower($tmp); /* if ini value is K - then multiply to 1024 * if ini value is M - then multiply twice: in case 'm', and case 'k' * if ini value is G - then multiply tree times: in 'g', 'm', 'k' * out value - in bytes! */ switch ($tmp) { case 'g': $val *= 1024; case 'm': $val *= 1024; case 'k': $val *= 1024; } $post_max_size = $val; $filename = SJB_Request::getVar('filename', false); if ($filename) { $file = SJB_UploadFileManager::openFile($filename, $listing_id); $errors['NO_SUCH_FILE'] = true; } if (empty($_POST) && $server_content_length > $post_max_size) { $errors['MAX_FILE_SIZE_EXCEEDED'] = 1; $tp->assign('post_max_size', $post_max_size_orig); } $listingInfo = SJB_ListingManager::getListingInfoBySID($listing_id); $currentUser = SJB_UserManager::getCurrentUser(); $contractID = $listingInfo['contract_id']; if ($contractID == 0) { $extraInfo = unserialize($listingInfo['product_info']); $productSID = $extraInfo['product_sid']; } else { $contract = new SJB_Contract(array('contract_id' => $contractID)); $extraInfo = $contract->extra_info; } if ($listingInfo['user_sid'] != SJB_UserManager::getCurrentUserSID()) { $errors['NOT_OWNER_OF_LISTING'] = $listing_id; } else { $listing_type_sid = SJB_ListingTypeManager::getListingTypeSIDByID($listingTypeID); $pages = SJB_PostingPagesManager::getPagesByListingTypeSID($listing_type_sid); if (!$pageID) { $pageID = $pages[0]['page_id']; } $pageSID = SJB_PostingPagesManager::getPostingPageSIDByID($pageID, $listing_type_sid); $isPageLast = SJB_PostingPagesManager::isLastPageByID($pageSID, $listing_type_sid); // preview listing $isPreviewListingRequested = SJB_Request::getVar('preview_listing', false, 'POST'); $form_submitted = isset($_REQUEST['action_add']) || isset($_REQUEST['action_add_pictures']) || $isPreviewListingRequested; // fill listing from an array of social data if allowed $aAutoFillData = array('formSubmitted' => &$form_submitted, 'listingTypeID' => &$listingTypeID); SJB_Event::dispatch('SocialSynchronization', $aAutoFillData); $listingInfo = array_merge($listingInfo, $_REQUEST); $listing = new SJB_Listing($listingInfo, $listing_type_sid, $pageSID); if ($fromPreview) { if ($form_submitted) { $properties = $listing->getProperties(); foreach ($properties as $fieldID => $property) { switch ($property->getType()) { case 'date': if (!empty($listing_info[$fieldID])) { $listingInfo[$fieldID] = SJB_I18N::getInstance()->getDate($listingInfo[$fieldID]); } break; case 'complex': $complex = $property->type->complex; $complexProperties = $complex->getProperties(); foreach ($complexProperties as $complexfieldID => $complexProperty) { if ($complexProperty->getType() == 'date') { $values = $complexProperty->getValue(); foreach ($values as $index => $value) { if (!empty($listingInfo[$fieldID][$complexfieldID][$index])) { $listingInfo[$fieldID][$complexfieldID][$index] = SJB_I18N::getInstance()->getDate($listingInfo[$fieldID][$complexfieldID][$index]); } } } } break; } } $listing = new SJB_Listing($listingInfo, $listing_type_sid, $pageSID); } } $previousComplexFields = $this->processComplexFields($listing, $listingInfo); $listing->deleteProperty('featured'); $listing->deleteProperty('priority'); $listing->deleteProperty('status'); $listing->deleteProperty('reject_reason'); $listing->deleteProperty('ListingLogo'); $listing->setSID($listing_id); $access_type = $listing->getProperty('access_type'); if ($form_submitted && !empty($access_type)) { $listing->addProperty(array('id' => 'access_list', 'type' => 'multilist', 'value' => SJB_Request::getVar('list_emp_ids'), 'is_system' => true)); } $screening_questionnaires = SJB_ScreeningQuestionnaires::getList($currentUser->getSID()); if (SJB_Acl::getInstance()->isAllowed('use_screening_questionnaires') && $screening_questionnaires) { $issetQuestionnairyField = $listing->getProperty('screening_questionnaire'); if ($issetQuestionnairyField) { $value = SJB_Request::getVar('screening_questionnaire'); $value = $value ? $value : isset($listingInfo['screening_questionnaire']) ? $listingInfo['screening_questionnaire'] : ''; $listing->addProperty(array('id' => 'screening_questionnaire', 'type' => 'list', 'caption' => 'Screening Questionnaire', 'value' => $value, 'list_values' => SJB_ScreeningQuestionnaires::getListSIDsAndCaptions($currentUser->getSID()), 'is_system' => true)); } } else { $listing->deleteProperty('screening_questionnaire'); } /* social plugin * "synchronization" * if user is not registered using linkedin , delete linkedin sync property * also deletes it if sync is turned off in admin part */ if ($pages[0]['page_id'] == $pageID) { $aAutoFillData = array('oListing' => &$listing, 'userSID' => $currentUser->getSID(), 'listingTypeID' => $listingTypeID, 'listing_info' => $listingInfo); SJB_Event::dispatch('SocialSynchronizationFields', $aAutoFillData); } $add_listing_form = new SJB_Form($listing); $add_listing_form->registerTags($tp); $field_errors = array(); if ($form_submitted && (SJB_Session::getValue(self::PREVIEW_LISTING_SID) == $listing_id || $add_listing_form->isDataValid($field_errors))) { /* delete temp preview listing sid */ SJB_Session::unsetValue(self::PREVIEW_LISTING_SID); if ($isPageLast) { $listing->addProperty(array('id' => 'complete', 'type' => 'integer', 'value' => 1, 'is_system' => true)); } $listing->setUserSID($currentUser->getSID()); if (empty($access_type->value)) { $listing->setPropertyValue('access_type', 'everyone'); } if (isset($_SESSION['tmp_file_storage'])) { foreach ($_SESSION['tmp_file_storage'] as $k => $v) { SJB_DB::query('UPDATE `listings_pictures` SET `listing_sid` = ?n WHERE `picture_saved_name` = ?s', $listing->getSID(), $v['picture_saved_name']); SJB_DB::query('UPDATE `listings_pictures` SET `listing_sid` = ?n WHERE `thumb_saved_name` = ?s', $listing->getSID(), $v['thumb_saved_name']); } SJB_Session::unsetValue('tmp_file_storage'); } // >>> SJB-1197 // check temporary uploaded storage for listing uploads and assign it to saved listing $formToken = SJB_Request::getVar('form_token'); $sessionFilesStorage = SJB_Session::getValue('tmp_uploads_storage'); $uploadedFields = SJB_Array::getPath($sessionFilesStorage, $formToken); if (!empty($uploadedFields)) { foreach ($uploadedFields as $fieldId => $fieldValue) { // get field of listing $isComplex = false; if (strpos($fieldId, ':') !== false) { $isComplex = true; } $tmpUploadedFileId = $fieldValue['file_id']; // rename it to real listing field value $newFileId = $fieldId . "_" . $listing->getSID(); SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` =?s", $newFileId, $tmpUploadedFileId); if ($isComplex) { list($parentField, $subField, $complexStep) = explode(':', $fieldId); $parentProp = $listing->getProperty($parentField); $parentValue = $parentProp->getValue(); // look for complex property with current $fieldID and set it to new value of property if (!empty($parentValue)) { foreach ($parentValue as $id => $value) { if ($id == $subField) { $parentValue[$id][$complexStep] = $newFileId; } } $listing->setPropertyValue($parentField, $parentValue); } } else { $listing->setPropertyValue($fieldId, $newFileId); } // unset value from session temporary storage $sessionFilesStorage = SJB_Array::unsetValueByPath($sessionFilesStorage, "{$formToken}/{$fieldId}"); } //and remove token key from temporary storage $sessionFilesStorage = SJB_Array::unsetValueByPath($sessionFilesStorage, "{$formToken}"); SJB_Session::setValue('tmp_uploads_storage', $sessionFilesStorage); } // <<< SJB-1197 SJB_ListingManager::saveListing($listing); foreach ($previousComplexFields as $propertyId) { $listing->deleteProperty($propertyId); } if ($isPageLast && !$isPreviewListingRequested) { $listingSID = $listing->getSID(); $listing = SJB_ListingManager::getObjectBySID($listingSID); $listing->setSID($listingSID); $keywords = $listing->getKeywords(); SJB_ListingManager::updateKeywords($keywords, $listing->getSID()); // Start Event $listingSid = $listing->getSID(); SJB_Event::dispatch('listingSaved', $listingSid); // is listing featured by default if ($extraInfo['featured']) { SJB_ListingManager::makeFeaturedBySID($listing->getSID()); } if ($extraInfo['priority']) { SJB_ListingManager::makePriorityBySID($listing->getSID()); } if ($contractID) { if (SJB_ListingManager::activateListingBySID($listing->getSID())) { SJB_Notifications::sendUserListingActivatedLetter($listing, $listing->getUserSID()); } // notify administrator SJB_AdminNotifications::sendAdminListingAddedLetter($listing); if (isset($_REQUEST['action_add_pictures'])) { SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . "/manage-pictures/?listing_id=" . $listing->getSID()); } else { SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/manage-' . strtolower($listingTypeID) . '/?listing_id=' . $listing->getSID()); } } else { SJB_ListingManager::unmakeCheckoutedBySID($listing->getSID()); $this->proceedToCheckout($currentUser->getSID(), $productSID); } } elseif ($isPageLast && $isPreviewListingRequested) { // for listing preview SJB_Session::setValue(self::PREVIEW_LISTING_SID, $listing->getSID()); SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/' . strtolower($listingTypeID) . '-preview/' . $listing->getSID() . '/'); } else { // listing steps (pages) SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . "/add-listing/{$listingTypeID}/" . SJB_PostingPagesManager::getNextPage($pageSID) . '/' . $listing->getSID()); } } else { foreach ($previousComplexFields as $propertyId) { $listing->deleteProperty($propertyId); } $listing->deleteProperty('access_list'); $listing->deleteProperty('contract_id'); $add_listing_form = new SJB_Form($listing); if (SJB_Request::get('action_add') == 'Next') { $add_listing_form->setUseDefaultValues(); } if ($form_submitted) { $add_listing_form->isDataValid($field_errors); } $add_listing_form->registerTags($tp); $form_fields = $add_listing_form->getFormFieldsInfo(); $employers_list = SJB_Request::getVar('list_emp_ids', false); $employers = array(); if (is_array($employers_list)) { foreach ($employers_list as $emp) { $currEmp = SJB_UserManager::getUserInfoBySID($emp); $employers[] = array('user_id' => $emp, 'value' => $currEmp['CompanyName']); } sort($employers); } else { $access_type = $listing->getPropertyValue('access_type'); $employers = SJB_ListingManager::getListingAccessList($listing_id, $access_type); } $numberOfPictures = isset($extraInfo['number_of_pictures']) ? $extraInfo['number_of_pictures'] : 0; $tp->assign('pic_limit', $numberOfPictures); $tp->assign('listing_sid', $listing_id); $tp->assign('listing_id', $listing_id); $tp->assign('listingSID', $listing->getSID()); $tp->assign('listing_access_list', $employers); $tp->assign('listingTypeID', $listingTypeID); $tp->assign('contract_id', $contractID); $tp->assign('field_errors', $field_errors); $tp->assign('form_fields', $form_fields); $tp->assign("extraInfo", $extraInfo); $tp->assign('pages', $pages); $tp->assign('pageSID', $pageSID); $tp->assign('currentPage', SJB_PostingPagesManager::getPageInfoBySID($pageSID)); $tp->assign('isPageLast', $isPageLast); $tp->assign('nextPage', SJB_PostingPagesManager::getNextPage($pageSID)); $tp->assign('prevPage', SJB_PostingPagesManager::getPrevPage($pageSID)); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign('METADATA', array('form_fields' => $metaDataProvider->getFormFieldsMetadata($form_fields))); // social plugin only for Resume listing types $aAutoFillData = array('tp' => &$tp, 'listingTypeID' => $listingTypeID, 'userSID' => $currentUser->getSID()); SJB_Event::dispatch('SocialSynchronizationForm', $aAutoFillData); SJB_Session::unsetValue(self::PREVIEW_LISTING_SID); $tp->display($template); } } } else { $tp->assign('listingTypeID', $listingTypeID); $tp->assign('error', 'NOT_LOGGED_IN'); $tp->display('add_listing_error.tpl'); } }