public function logout()
{
$response = new AjaxResponse();
System::getSession()->logout();
$response->success = true;
$response->send();
}
private function loadFile()
{
if ($this->file != NULL) {
return;
}
$this->file = File::find('alias', $this->getParam('alias', ''));
if ($this->file == NULL) {
System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found');
}
if (System::getUser() != NULL) {
$user_id = System::getUser()->uid;
} else {
$user_id = -1;
}
if ($user_id != $this->file->uid) {
if ($this->file->permission == FilePermissions::PRIVATE_ACCESS) {
System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden');
exit;
} elseif ($this->file->permission == FilePermissions::RESTRICTED_ACCESS) {
if (is_array(System::getSession()->getData("authenticatedFiles"))) {
if (!in_array($this->file->alias, System::getSession()->getData("authenticatedFiles"))) {
System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file));
exit;
}
} else {
System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file));
exit;
}
}
}
}
/**
* Construct
*/
public function __construct()
{
parent::__construct();
$this->JSRMS = new JSRMS();
$this->JSRMS->requireResource('system');
$this->muteExpectedErrors();
$this->setCacheDir(SYSTEM_ROOT . '/classes/smarty/cache/');
$this->setCompileDir(SYSTEM_ROOT . '/classes/smarty/templates_c/');
$this->setTemplateDir(SYSTEM_ROOT . '/view/');
$this->registerObject('Router', Router::getInstance(), array('build'), false);
$this->registerObject('L10N', System::getLanguage(), array('_'), false);
$this->assign('LoggedIn', System::getUser() != NULL);
$this->assign('User', System::getUser());
$this->assign('Navigation', Navigation::$elements);
$this->assign('LangStrings', System::getLanguage()->getAllStrings());
// Configuration
$this->assign('HTTP_BASEDIR', System::getBaseURL());
$this->assign('MOD_REWRITE', MOD_REWRITE);
$this->assign('MAX_UPLOAD_SIZE', Utils::maxUploadSize());
if (System::getSession()->getData('successMsg', '') != '') {
$this->assign('successMsg', System::getSession()->getData('successMsg', ''));
System::getSession()->setData('successMsg', '');
}
if (System::getSession()->getData('errorMsg', '') != '') {
$this->assign('errorMsg', System::getSession()->getData('errorMsg', ''));
System::getSession()->setData('errorMsg', '');
}
if (System::getSession()->getData('infoMsg', '') != '') {
$this->assign('infoMsg', System::getSession()->getData('infoMsg', ''));
System::getSession()->setData('infoMsg', '');
}
}
public function index()
{
$user = System::getUser();
$form = new Form('form-profile');
$form->setAttribute('data-noajax', 'true');
$form->binding = $user;
$fieldset = new Fieldset(System::getLanguage()->_('General'));
$firstname = new Text('firstname', System::getLanguage()->_('Firstname'));
$firstname->binding = new Databinding('firstname');
$lastname = new Text('lastname', System::getLanguage()->_('Lastname'));
$lastname->binding = new Databinding('lastname');
$email = new Text('email', System::getLanguage()->_('EMail'), true);
$email->binding = new Databinding('email');
$email->blacklist = $this->getListOfMailAdresses($user);
$email->error_msg[4] = System::getLanguage()->_('ErrorMailAdressAlreadyExists');
$language = new Radiobox('lang', System::getLanguage()->_('Language'), L10N::getLanguages());
$language->binding = new Databinding('lang');
$fieldset->addElements($firstname, $lastname, $email, $language);
$form->addElements($fieldset);
$fieldset = new Fieldset(System::getLanguage()->_('Password'));
$password = new Password('password', System::getLanguage()->_('Password'));
$password->minlength = PASSWORD_MIN_LENGTH;
$password->binding = new Databinding('password');
$password2 = new Password('password2', System::getLanguage()->_('ReenterPassword'));
$fieldset->addElements($password, $password2);
$form->addElements($fieldset);
$fieldset = new Fieldset(System::getLanguage()->_('Settings'));
$quota = new Text('quota', System::getLanguage()->_('Quota'));
if ($user->quota > 0) {
$quota->value = System::getLanguage()->_('QuotaAvailabe', Utils::formatBytes($user->getFreeSpace()), Utils::formatBytes($user->quota));
} else {
$quota->value = System::getLanguage()->_('Unlimited');
}
$quota->readonly = true;
$fieldset->addElements($quota);
$form->addElements($fieldset);
if (Utils::getPOST('submit', false) !== false) {
if (!empty($password->value) && $password->value != $password2->value) {
$password2->error = System::getLanguage()->_('ErrorInvalidPasswords');
} else {
if ($form->validate()) {
$form->save();
System::getUser()->save();
System::getSession()->setData('successMsg', System::getLanguage()->_('ProfileUpdated'));
System::forwardToRoute(Router::getInstance()->build('ProfileController', 'index'));
exit;
}
}
} else {
$form->fill();
}
$form->setSubmit(new Button(System::getLanguage()->_('Save'), 'floppy-disk'));
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('MyProfile'));
$smarty->assign('heading', System::getLanguage()->_('MyProfile'));
$smarty->assign('form', $form->__toString());
$smarty->display('form.tpl');
}
/**
* Initialises the system
* @static
*/
public static function init()
{
self::redirectHTTPS();
Router::getInstance()->init(HOST_PATH, MOD_REWRITE);
self::$database = new Database('mysql:dbname=' . DATABASE_NAME . ';host=' . DATABASE_HOST, DATABASE_USER, DATABASE_PASS);
self::$session = new Session();
self::$user = System::getSession()->getUID() != NULL ? User::find('_id', System::getSession()->getUID()) : NULL;
self::$language = new L10N(System::getUser() != NULL ? System::getUser()->lang : LANGUAGE);
self::buildNavigation();
}
public function addComment($topic_id, array $data)
{
$prep = $this->db->prepare('
INSERT INTO forum_messages (message,date,id_createur,id_topic)
VALUES (:message,NOW(),:id_createur,:id_topic)
');
$session = System::getSession();
if ($session->isConnected()) {
$user_id = $_SESSION['userid'];
}
$prep->bindParam(':message', $data['message']);
$prep->bindParam(':id_createur', $user_id);
$prep->bindParam(':id_topic', $topic_id);
if ($prep->execute()) {
return $this->db->lastInsertId('id');
} else {
return false;
}
}
function modif(array $params)
{
if (isset($params[0])) {
$article_id = intval($params[0]);
// Récupérer l'evenement lié depuis le model
if (!($data = $this->model->getArticle($article_id))) {
return array();
}
// Get creator's name and id
$data['creator'] = $this->model->getCreatorForArticle($data['id']);
//recupere id utilisateur
$session = System::getSession();
if ($session->isConnected()) {
$user_id = $_SESSION['userid'];
}
//recupere infos sur evenements crees par utilisateur
$data['evenements'] = $this->model->getUserEvents($user_id);
return $data;
} else {
return false;
}
}
public function contactorganisateur(array $params)
{
if (isset($params[0])) {
$id_event = intval($params[0]);
$data = $this->model->getEvent($id_event);
} else {
return array('success' => false);
}
$message = Request::get('message');
$sujet = Request::get('subject');
$organisateur = $this->model->getUser($data['id_createur']);
$session = System::getSession();
if ($session->isConnected()) {
$user_id = $_SESSION['userid'];
} else {
return array('data' => $data, 'not_register' => 'Vous n\'êtes pas connecté');
}
$mail_envoyeur = $this->model->getUser($user_id);
$headers = "From: " . strip_tags($mail_envoyeur['email']) . "\r\n";
$headers .= "Reply-To: " . strip_tags($mail_envoyeur['email']) . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
if (!empty($message) && !empty($sujet)) {
$html_message = 'Bonjour <strong>' . $organisateur['nickname'] . '</strong>,<br><br>' . "\r\n";
$html_message .= 'Vous avez reçu un message au sujet de votre événement <a href="' . Config::get('config.base') . '/events/detail/' . $data['id'] . '">' . $data['nom'] . '</a> sur <strong>Event-You-All</strong>.<br><br>' . "\r\n";
$html_message .= $message;
mail($organisateur['email'], $sujet, $html_message, $headers);
return array('data' => $data, 'success' => true);
} else {
return array('data' => $data, 'success' => '');
}
}
/**
* Check whether or not the current user has access to the asked module
*
* @param string $module Module to check
* @return bool True if the user has access, false if not
*/
public function hasAccess($module)
{
$session = System::getSession();
$required_level = $this->getAccessLevel($module);
$user_level = $session->isConnected() ? $_SESSION['access'] : 0;
return $user_level >= $required_level;
}
public function createTopic($id)
{
$data = $this->getEvent($id);
$prep = $this->db->prepare('
INSERT INTO forum_topics (titre,description,date_creation,id_createur)
VALUES (:titre,:description,NOW(),:id_createur)
');
$session = System::getSession();
if ($session->isConnected()) {
$user_id = $_SESSION['userid'];
}
$title = '[Evénement] ' . $data['nom'];
$descri = $data['description'] . '<p><a href="' . Config::get('config.base') . '/events/detail/' . $data['id'] . '">Voir la page de l\'événement</a></p>';
$prep->bindParam(':titre', $title);
$prep->bindParam(':description', $descri);
$prep->bindParam(':id_createur', $user_id);
if ($prep->execute()) {
return $this->db->lastInsertId('id');
} else {
return false;
}
}
public function lostpw_check()
{
$hash = $this->getParam('hash', '');
if (!LostPW::hashExists($hash)) {
System::getSession()->setData('errorMsg', System::getLanguage()->_('HashNotFound'));
System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
}
$password = Utils::getPOST('password', '');
$password2 = Utils::getPOST('password2', '');
$errorMsg = '';
if (Utils::getPOST('submit', false) != false) {
if (strlen($password) < PASSWORD_MIN_LENGTH) {
$errorMsg = sprintf(System::getLanguage()->_('PasswordMinLength'), PASSWORD_MIN_LENGTH);
} else {
if ($password != $password2) {
$errorMsg = System::getLanguage()->_('ErrorInvalidPasswords');
} else {
LostPW::resetPassword($hash, $password);
System::getSession()->setData('successMsg', System::getLanguage()->_('LostPWSuccess'));
System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index'));
}
}
}
$smarty = new Template();
$smarty->assign('title', System::getLanguage()->_('LostPW'));
$smarty->assign('successMsg', '');
$smarty->assign('form_url', Router::getInstance()->build('AuthController', 'lostpw_check', array('hash' => $hash)));
$smarty->assign('errorMsg', $errorMsg);
$smarty->requireResource('auth');
$smarty->display('auth/lostpw.newpw.tpl');
}
public function contact(array $params)
{
if (isset($params[0])) {
$id_user = intval($params[0]);
$user = $this->model->getUser($id_user);
} else {
return array('success' => false);
}
$message = Request::get('message');
$sujet = Request::get('subject');
$session = System::getSession();
if ($session->isConnected()) {
$expediteur_id = $_SESSION['userid'];
} else {
return array('data' => $data, 'not_register' => 'Vous n\'êtes pas connecté');
}
$expediteur = $this->model->getUser($expediteur_id);
$headers = "From: " . strip_tags($expediteur['email']) . "\r\n";
$headers .= "Reply-To: " . strip_tags($expediteur['email']) . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
if (!empty($message) && !empty($sujet)) {
$html_message = 'Bonjour <strong>' . $user['nickname'] . '</strong>,<br><br>' . "\r\n";
$html_message .= 'Vous avez reçu un message de la part de <strong>' . $expediteur['nickname'] . '</strong> sur <strong>Event-You-All</strong>.<br><br>' . "\r\n";
$html_message .= '<blockquote>' . $message . '</blockquote>';
mail($user['email'], $sujet, $html_message, $headers);
return array('user' => $user, 'success' => true);
} else {
return array('user' => $user, 'success' => '');
}
}
/**
* Initializes session
*/
private function setupSession()
{
// Instanciates it
$session = System::getSession();
}
/**
* Login with clearpaswd
* @param String Cleartext Password
* @return bool Success
*/
public function login($clearPswd)
{
if (Utils::createPasswordHash($clearPswd, $this->salt) == $this->curPassword) {
System::getSession()->setUID($this->uid);
$this->last_login = time();
$this->save();
return true;
}
return false;
}
function deleted(array $params)
{
if (isset($params[0])) {
$id_event = intval($params[0]);
$articles = $this->model->getArticle($id_event);
$session = System::getSession();
$user_id = $_SESSION['userid'];
if ($articles['id_createur'] == $user_id) {
$this->model->deleteArticle($id_event);
return 1;
} else {
return 0;
}
}
}
public function basicsearchindatabase($search)
{
$prep = $this->db->prepare('SELECT ev.id_createur, ev.nom, ev.ville, ev.date_debut,ev.poster,ev.id_theme,ev.id_type,ev.id FROM evenements AS ev
LEFT OUTER JOIN evenements_vip AS v ON v.id_evenement = ev.id
WHERE
nom LIKE :search
OR date_debut = :search
OR description LIKE :search
OR adresse LIKE :search
OR ville LIKE :search
OR region LIKE :search
OR pays LIKE :search
ORDER BY ville
');
$filtered = '%' . $search['search'] . '%';
$prep->bindParam(':search', $filtered);
$prep->execute();
$resultat = $prep->fetchAll(PDO::FETCH_ASSOC);
$filtered = array();
//recupere tableau vip
$prep2 = $this->db->prepare('SELECT * FROM evenements_vip');
$prep2->execute();
$priv = $prep2->fetchAll(PDO::FETCH_ASSOC);
//recupere id event vip
$id_vip = array();
foreach ($priv as $vipid) {
$id_vip[] = $vipid['id_evenement'];
}
//regarder si privé si le cas enlever si pas dans vip
foreach ($resultat as $result) {
if (!in_array($result['id'], $id_vip)) {
$filtered[] = $result;
} else {
//recupere tableau vip d'users
$prep21 = $this->db->prepare('SELECT id_utilisateur FROM evenements_vip');
$prep21->execute();
$priv1 = $prep21->fetchAll(PDO::FETCH_ASSOC);
$id_vip2 = array();
foreach ($priv1 as $vipid) {
$id_vip2[] = $vipid['id_utilisateur'];
}
$session = System::getSession();
if ($session->isConnected()) {
$user_id = $_SESSION['userid'];
if (in_array($user_id, $id_vip2) or $_SESSION['access'] == 3 or $result['id_createur'] == $user_id) {
$filtered[] = $result;
}
}
}
}
return $filtered;
}
?>
" />
</div>
<?php
}
?>
<div id="entete">
<h1>
<?php
echo $model['nom'];
?>
</h1>
</div>
<div class="bouton">
<?php
$session = System::getSession();
if ($session->isConnected()) {
// User is logged in
$user_id = $_SESSION['userid'];
if ($model['creator']['id'] == $user_id) {
// User is the creator
?>
<a class="button" href="<?php
echo Config::get('config.base');
?>
/article/modif/<?php
echo $model['id'];
?>
">Modifier l'article</a>
<?php
}
public function getArticles($from = 0, $number = 9999999, $order = 'date_creation', $asc = true, $where_clause = '')
{
$prep = $this->db->prepare('
SELECT * FROM articles
' . $where_clause . '
ORDER BY ' . $order . ' ' . ($asc ? 'ASC' : 'DESC') . '
LIMIT :from, :number
');
$prep->bindParam(':from', $from, PDO::PARAM_INT);
$prep->bindParam(':number', $number, PDO::PARAM_INT);
$prep->execute();
$events = $prep->fetchAll(PDO::FETCH_ASSOC);
foreach ($events as &$event) {
// Get event linked for the article
if (!empty($event['id_evenement'])) {
$prep = $this->db->prepare('SELECT * FROM evenements WHERE id = :id_theme');
$prep->bindParam(':id_theme', $event['id_evenement']);
$prep->execute();
$event['event'] = $prep->fetch(PDO::FETCH_ASSOC);
}
// Get creator of the article infos
if (!empty($event['id_createur'])) {
$prep = $this->db->prepare('SELECT * FROM users WHERE id = :id_user');
$prep->bindParam(':id_user', $event['id_createur']);
$prep->execute();
$event['author'] = $prep->fetch(PDO::FETCH_ASSOC);
}
}
//---------filtre-------------
$resultat = $events;
$filtered = array();
//recupere tableau vip
$prep2 = $this->db->prepare('SELECT * FROM evenements_vip');
$prep2->execute();
$priv = $prep2->fetchAll(PDO::FETCH_ASSOC);
//recupere id event vip
$id_vip = array();
foreach ($priv as $vipid) {
$id_vip[] = $vipid['id_evenement'];
}
//regarder si privé si le cas enlever si pas dans vip
foreach ($resultat as $result) {
if (!in_array($result['id_evenement'], $id_vip)) {
$filtered[] = $result;
} else {
//recupere tableau vip d'users
$prep21 = $this->db->prepare('SELECT id_utilisateur FROM evenements_vip');
$prep21->execute();
$priv1 = $prep21->fetchAll(PDO::FETCH_ASSOC);
$id_vip2 = array();
foreach ($priv1 as $vipid) {
$id_vip2[] = $vipid['id_utilisateur'];
}
$session = System::getSession();
if ($session->isConnected()) {
$user_id = $_SESSION['userid'];
if (in_array($user_id, $id_vip2) or $_SESSION['access'] == 3 or $result['id_createur'] == $user_id) {
$filtered[] = $result;
}
}
}
}
return $filtered;
}