function displayAllUsers()
{
$usersDAO = new UsersDAO(MaBD::getInstance());
$users = $usersDAO->getAll();
foreach ($users as $user) {
displayUser($user);
}
}
public static function FindByUsername($username)
{
$vo_Query = new Users(array("username" => $username));
$a_Results = UsersDAO::search($vo_Query);
if (sizeof($a_Results) != 1) {
return NULL;
}
return array_pop($a_Results);
}
/**
*
*/
public function testViewProblemInAContestDetailsValid()
{
// Get a contest
$contestData = ContestsFactory::createContest();
// Get a user to be the author
$author = UserFactory::createUser();
// Get a problem
$problemData = ProblemsFactory::createProblem(null, null, 1, $author);
// Add the problem to the contest
ContestsFactory::addProblemToContest($problemData, $contestData);
// Get a user for our scenario
$contestant = UserFactory::createUser();
// Prepare our request
$r = new Request();
$r["contest_alias"] = $contestData["request"]["alias"];
$r["problem_alias"] = $problemData["request"]["alias"];
// Log in the user
$r["auth_token"] = $this->login($contestant);
// Explicitly join contest
ContestController::apiOpen($r);
// Call api
$response = ProblemController::apiDetails($r);
// Get problem and contest from DB to check it
$problemDAO = ProblemsDAO::getByAlias($problemData["request"]["alias"]);
$contestDAO = ContestsDAO::getByAlias($contestData["request"]["alias"]);
$contestantsDAO = UsersDAO::search(new Users(array("username" => $contestant->getUsername())));
$contestantDAO = $contestantsDAO[0];
// Assert data
$this->assertEquals($response["title"], $problemDAO->getTitle());
$this->assertEquals($response["alias"], $problemDAO->getAlias());
$this->assertEquals($response["validator"], $problemDAO->getValidator());
$this->assertEquals($response["time_limit"], $problemDAO->getTimeLimit());
$this->assertEquals($response["memory_limit"], $problemDAO->getMemoryLimit());
$this->assertEquals($response["problemsetter"]['username'], $author->username);
$this->assertEquals($response["problemsetter"]['name'], $author->name);
$this->assertEquals($response["source"], $problemDAO->getSource());
$this->assertContains("<h1>Entrada</h1>", $response["problem_statement"]);
$this->assertEquals($response["order"], $problemDAO->getOrder());
$this->assertEquals($response["score"], 0);
// Default data
$this->assertEquals(0, $problemDAO->getVisits());
$this->assertEquals(0, $problemDAO->getSubmissions());
$this->assertEquals(0, $problemDAO->getAccepted());
$this->assertEquals(0, $problemDAO->getDifficulty());
// Verify that we have an empty array of runs
$this->assertEquals(0, count($response["runs"]));
// Verify that problem was marked as Opened
$problem_opened = ContestProblemOpenedDAO::getByPK($contestDAO->getContestId(), $problemDAO->getProblemId(), $contestantDAO->getUserId());
$this->assertNotNull($problem_opened);
// Verify open time
$this->assertEquals(Utils::GetPhpUnixTimestamp(), Utils::GetPhpUnixTimestamp($problem_opened->getOpenTime()));
}
public function testUserNameCollision()
{
$salt = time();
// Test users should not exist
$this->assertNull(UsersDAO::FindByUsername('A' . $salt));
$this->assertNull(UsersDAO::FindByUsername('A' . $salt . '1'));
$this->assertNull(UsersDAO::FindByUsername('A' . $salt . '2'));
// Create collision
$c = new SessionController();
$c->LoginViaGoogle('A' . $salt . '@isp1.com');
$c->LoginViaGoogle('A' . $salt . '@isp2.com');
$c->LoginViaGoogle('A' . $salt . '@isp3.com');
$this->assertNotNull(UsersDAO::FindByUsername('A' . $salt));
$this->assertNotNull(UsersDAO::FindByUsername('A' . $salt . '1'));
$this->assertNotNull(UsersDAO::FindByUsername('A' . $salt . '2'));
}
public function testShouldRefuseMultipleRequestsInShortInterval()
{
$user_data = UserFactory::generateUser();
$r = new Request(array('email' => $user_data['email']));
$response = ResetController::apiCreate($r);
try {
ResetController::apiCreate($r);
} catch (InvalidParameterException $expected) {
$message = $expected->getMessage();
}
$this->assertEquals('passwordResetMinWait', $message);
// time travel
$reset_sent_at = ApiUtils::GetStringTime(time() - PASSWORD_RESET_MIN_WAIT - 1);
$user = UsersDAO::FindByEmail($user_data['email']);
$user->setResetSentAt($reset_sent_at);
UsersDAO::save($user);
ResetController::apiCreate($r);
}
/**
* Resolves the target user for the API. If a username is provided in
* the request, then we use that one. Otherwise, we use currently logged-in
* user.
*
* Request must be authenticated before this function is called.
*
* @param Request $r
* @return Users
* @throws InvalidDatabaseOperationException
* @throws NotFoundException
*/
protected static function resolveTargetUser(Request $r)
{
// By default use current user
$user = $r['current_user'];
if (!is_null($r['username'])) {
Validators::isStringNonEmpty($r['username'], 'username');
try {
$user = UsersDAO::FindByUsername($r['username']);
if (is_null($user)) {
throw new InvalidParameterException('parameterNotFound', 'Username');
}
} catch (ApiException $e) {
throw $e;
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
}
return $user;
}
/**
* Gets the user that solved more problems during last month
*
* @global type $conn
* @param string (date) $firstDay
* @return null|Users
*/
public static function calculateCoderOfTheMonth($firstDay)
{
$endTime = $firstDay;
$startTime = null;
$lastMonth = intval(date('m')) - 1;
if ($lastMonth === 0) {
// First month of the year, we need to check into last month of last year.
$lastYear = intval(date('Y')) - 1;
$startTime = date($lastYear . '-12-01');
} else {
$startTime = date('Y-' . $lastMonth . '-01');
}
$sql = "\n\t\t\tSELECT\n\t\t\t\tusername, name, up.user_id, COUNT(ps.problem_id) ProblemsSolved, SUM(ROUND(100 / LOG(2, ps.accepted+1) , 0)) score\n\t\t\tFROM\n\t\t\t\t(\n\t\t\t\t\tSELECT DISTINCT\n\t\t\t\t\t\tr.user_id, r.problem_id\n\t\t\t\t\tFROM\n\t\t\t\t\t\tRuns r\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tr.verdict = 'AC' AND r.test = 0 AND \n\t\t\t\t\t\tr.time >= ? AND \n\t\t\t\t\t\tr.time <= ?\n\t\t\t\t) AS up\n\t\t\tINNER JOIN\n\t\t\t\tProblems ps ON ps.problem_id = up.problem_id and ps.public = 1\n\t\t\tINNER JOIN\n\t\t\t\tUsers u ON u.user_id = up.user_id \n\t\t\tGROUP BY\n\t\t\t\tuser_id\n\t\t\tORDER BY\n\t\t\t\tscore DESC\n\t\t\tLIMIT 1\n\t\t";
$val = array($startTime, $endTime);
global $conn;
$rs = $conn->GetRow($sql, $val);
if (count($rs) == 0) {
return NULL;
}
$totalCount = $rs['ProblemsSolved'];
$user = UsersDAO::getByPK($rs['user_id']);
$score = $rs['score'];
return array("totalCount" => $totalCount, "user" => $user, "score" => $score);
}
/**
* Verifies a user and returns its DAO
*
* @param Users $user
* @return type
*/
public static function verifyUser(Users $user)
{
UserController::apiVerifyEmail(new Request(array('id' => $user->getVerificationId())));
// Get user from db again to pick up verification changes
return UsersDAO::FindByUsername($user->getUsername());
}
}
// end of handle submit
// initialize page
$checksDAO = new ChecksDAO();
if (isset($check_id)) {
$check_row = $checksDAO->getCheckByID($check_id);
if (!$check_row) {
// invalid check id
$msg->addError('INVALID_CHECK_ID');
require AC_INCLUDE_PATH . 'header.inc.php';
$msg->printAll();
require AC_INCLUDE_PATH . 'footer.inc.php';
exit;
}
// get author name
$usersDAO = new UsersDAO();
$user_name = $usersDAO->getUserName($check_row['user_id']);
if ($user_name != '') {
$savant->assign('author', $user_name);
}
$check_pass_example_rows = $checkExamplesDAO->getByCheckIDAndType($check_id, AC_CHECK_EXAMPLE_PASS);
$check_fail_example_rows = $checkExamplesDAO->getByCheckIDAndType($check_id, AC_CHECK_EXAMPLE_FAIL);
$check_example_row['pass_example_desc'] = $check_pass_example_rows[0]['description'];
$check_example_row['pass_example'] = $check_pass_example_rows[0]['content'];
$check_example_row['fail_example_desc'] = $check_fail_example_rows[0]['description'];
$check_example_row['fail_example'] = $check_fail_example_rows[0]['content'];
$savant->assign('check_row', $check_row);
$savant->assign('pre_rows', $checkPrerequisitesDAO->getPreChecksByCheckID($check_id));
$savant->assign('next_rows', $testPassDAO->getNextChecksByCheckID($check_id));
$savant->assign('guideline_rows', $guidelinesDAO->getEnabledGuidelinesByCheckID($check_id));
$savant->assign('check_example_row', $check_example_row);
}
} else {
if ($usersDAO->Update($_GET['id'], $_POST['user_group_id'], $_POST['login'], $_POST['email'], $_POST['first_name'], $_POST['last_name'], $_POST['status'])) {
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
header('Location: index.php');
exit;
}
}
}
}
}
// end of handle submit
// initialize page
$userGroupsDAO = new UserGroupsDAO();
if (isset($_GET['id'])) {
$usersDAO = new UsersDAO();
$savant->assign('user_row', $usersDAO->getUserByID($_GET['id']));
$savant->assign('show_password', false);
} else {
$savant->assign('show_password', true);
}
/*****************************/
/* template starts down here */
global $onload;
$onload = 'document.form.login.focus();';
$savant->assign('show_user_group', true);
$savant->assign('show_status', true);
$savant->assign('all_user_groups', $userGroupsDAO->getAll());
$savant->assign('title', _AC('create_edit_user'));
$savant->assign('submit_button_text', _AC('save'));
$savant->assign('show_captcha', false);
function optUsersTypes()
{
$USER = UsersDAO::userLoged();
$html = "";
$read = new Read();
$read->ExeRead('a.users_types', "WHERE a.status = 1 AND (a.id = :type OR :type = 1 OR a.permissoes LIKE CONCAT('%[',:type,']%')) ORDER BY a.id ASC", array('type' => $USER->getId()));
foreach ($read->getResult() as $v) {
$html .= "<option value='{$v['id']}'>{$v['title']}</option>";
}
return $html;
}
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
//// unset $_SESSION['user_id'] to avoid page redirecting in vitals.inc.php
//if (isset($_SESSION['user_id']))
//{
// $_SESSION['current_user'] = $_SESSION['user_id'];
// unset($_SESSION['user_id']);
//}
define('TR_INCLUDE_PATH', '../include/');
require TR_INCLUDE_PATH . 'vitals.inc.php';
require_once TR_INCLUDE_PATH . 'classes/DAO/UsersDAO.class.php';
require_once TR_INCLUDE_PATH . 'classes/DAO/OAuthServerTokensDAO.class.php';
$usersDAO = new UsersDAO();
$oAuthServerTokensDAO = new OAuthServerTokensDAO();
// Validation input parameters
if ($_REQUEST['oauth_token'] == '') {
echo 'error=' . urlencode('Empty oauth token');
exit;
}
$token_row = $oAuthServerTokensDAO->getByTokenAndType($_REQUEST['oauth_token'], 'request');
if (!is_array($token_row)) {
echo 'error=' . urlencode('Invalid oauth token');
exit;
}
// $_SESSION['token'] is used to encrypt the password from web form
if (!isset($_SESSION['token'])) {
$_SESSION['token'] = sha1(mt_rand() . microtime(TRUE));
}
/************************************************************************/
/* AChecker */
/************************************************************************/
/* Copyright (c) 2008 - 2011 */
/* Inclusive Design Institute */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
// $Id$
define('AC_INCLUDE_PATH', 'include/');
require AC_INCLUDE_PATH . 'vitals.inc.php';
require_once AC_INCLUDE_PATH . 'classes/DAO/UsersDAO.class.php';
$usersDAO = new UsersDAO();
// $_SESSION['token'] is used to encrypt the password from web form
if (!isset($_SESSION['token'])) {
$_SESSION['token'] = sha1(mt_rand() . microtime(TRUE));
}
if (isset($_POST['submit'])) {
$user_id = $usersDAO->Validate($addslashes($_POST['form_login']), $addslashes($_POST['form_password_hidden']));
if (!$user_id) {
$msg->addError('INVALID_LOGIN');
} else {
if ($usersDAO->getStatus($user_id) == AC_STATUS_DISABLED) {
$msg->addError('ACCOUNT_DISABLED');
} else {
if ($usersDAO->getStatus($user_id) == AC_STATUS_UNCONFIRMED) {
$msg->addError('ACCOUNT_UNCONFIRMED');
} else {
/**
* Test that we are able to submit a problem without testplan
*/
public function testValidProblemNoTestplan()
{
// Get the problem data
$problemData = ProblemsFactory::getRequest(OMEGAUP_RESOURCES_ROOT . 'triangulos.zip');
$r = $problemData['request'];
$problemAuthor = $problemData['author'];
// Login user
$r['auth_token'] = $this->login($problemAuthor);
// Get File Uploader Mock and tell Omegaup API to use it
FileHandler::SetFileUploader($this->createFileUploaderMock());
// Call the API
$response = ProblemController::apiCreate($r);
// Validate
// Verify response
$this->assertEquals('ok', $response['status']);
$this->assertEquals('cases/1.in', $response['uploaded_files'][0]);
// Verify data in DB
$problem_mask = new Problems();
$problem_mask->setTitle($r['title']);
$problems = ProblemsDAO::search($problem_mask);
// Check that we only retreived 1 element
$this->assertEquals(1, count($problems));
$problem = $problems[0];
// Verify contest was found
$this->assertNotNull($problem);
$this->assertNotNull($problem->getProblemId());
// Verify DB data
$this->assertEquals($r['title'], $problem->getTitle());
$this->assertEquals(substr($r['title'], 0, 32), $problem->getAlias());
$this->assertEquals($r['validator'], $problem->getValidator());
$this->assertEquals($r['time_limit'], $problem->getTimeLimit());
$this->assertEquals($r['memory_limit'], $problem->getMemoryLimit());
$this->assertEquals($r['order'], $problem->getOrder());
$this->assertEquals($r['source'], $problem->getSource());
// Verify author username -> author id conversion
$user = UsersDAO::getByPK($problem->getAuthorId());
$this->assertEquals($user->getUsername(), $r['author_username']);
// Verify problem contents were copied
$targetpath = PROBLEMS_PATH . DIRECTORY_SEPARATOR . $problem->getAlias() . DIRECTORY_SEPARATOR;
$this->assertFileExists($targetpath . 'cases');
$this->assertFileExists($targetpath . 'statements' . DIRECTORY_SEPARATOR . 'es.html');
// Default data
$this->assertEquals(0, $problem->getVisits());
$this->assertEquals(0, $problem->getSubmissions());
$this->assertEquals(0, $problem->getAccepted());
$this->assertEquals(0, $problem->getDifficulty());
}
/**
* Updates the main email of the current user
*
* @param Request $r
*/
public static function apiUpdateMainEmail(Request $r)
{
self::authenticateRequest($r);
Validators::isEmail($r['email'], 'email');
try {
// Update email
$email = EmailsDAO::getByPK($r['current_user']->getMainEmailId());
$email->setEmail($r['email']);
EmailsDAO::save($email);
// Add verification_id if not there
if ($r['current_user']->getVerified() == '0') {
self::$log->info('User not verified.');
if ($r['current_user']->getVerificationId() == null) {
self::$log->info('User does not have verification id. Generating.');
try {
$r['current_user']->setVerificationId(self::randomString(50));
UsersDAO::save($r['current_user']);
} catch (Exception $e) {
// best effort, eat exception
}
}
}
} catch (Exception $e) {
// If duplicate in DB
if (strpos($e->getMessage(), '1062') !== false) {
throw new DuplicatedEntryInDatabaseException('mailInUse');
} else {
throw new InvalidDatabaseOperationException($e);
}
}
// Delete profile cache
Cache::deleteFromCache(Cache::USER_PROFILE, $r['current_user']->getUsername());
// Send verification email
$r['user'] = $r['current_user'];
self::sendVerificationEmail($r);
return array('status' => 'ok');
}
}
if (isset($_GET['gg'])) {
$guidelineGroupsDAO->Delete($_GET['gg']);
}
header('Location: create_edit_guideline.php?id=' . $gid);
exit;
}
// interface display
if (!isset($gid)) {
// create guideline
$checksDAO = new ChecksDAO();
$savant->assign('author', $_current_user->getUserName());
} else {
// edit existing guideline
$checksDAO = new ChecksDAO();
$rows = $guidelinesDAO->getGuidelineByIDs($gid);
// get author name
$usersDAO = new UsersDAO();
$user_name = $usersDAO->getUserName($rows[0]['user_id']);
if (!$user_name) {
$user_name = _AC('author_not_exist');
}
$savant->assign('gid', $gid);
$savant->assign('row', $rows[0]);
$savant->assign('author', $user_name);
$savant->assign('checksDAO', $checksDAO);
}
if (isset($_current_user)) {
$savant->assign('is_admin', $_current_user->isAdmin());
}
$savant->display('guideline/create_edit_guideline.tmpl.php');
private static function validateUpdateRequest($r)
{
$user = UsersDAO::FindByEmail($r['email']);
$reset_token = $r['reset_token'];
$password = $r['password'];
$password_confirmation = $r['password_confirmation'];
if (is_null($user) || is_null($reset_token) || is_null($password) || is_null($password_confirmation)) {
throw new InvalidParameterException('invalidParameters');
}
if ($user->reset_digest !== hash('sha1', $reset_token)) {
throw new InvalidParameterException('invalidResetToken');
}
if ($password !== $password_confirmation) {
throw new InvalidParameterException('passwordMismatch');
}
SecurityTools::testStrongPassword($password);
$seconds = time() - strtotime($user->reset_sent_at);
if ($seconds > PASSWORD_RESET_TIMEOUT) {
throw new InvalidParameterException('passwordResetResetExpired');
}
}
/**
* Entry point for Problem runs API
*
* @param Request $r
* @throws InvalidFilesystemOperationException
* @throws InvalidDatabaseOperationException
*/
public static function apiRuns(Request $r)
{
// Get user
self::authenticateRequest($r);
// Validate request
self::validateRuns($r);
$response = array();
if ($r['show_all']) {
if (!Authorization::CanEditProblem($r['current_user_id'], $r['problem'])) {
throw new ForbiddenAccessException();
}
if (!is_null($r['username'])) {
try {
$r['user'] = UsersDAO::FindByUsername($r['username']);
} catch (Exception $e) {
throw new NotFoundException('userNotFound');
}
}
try {
$runs = RunsDAO::GetAllRuns(null, $r['status'], $r['verdict'], $r['problem']->problem_id, $r['language'], !is_null($r['user']) ? $r['user']->user_id : null, $r['offset'], $r['rowcount']);
$result = array();
foreach ($runs as $run) {
$run['time'] = (int) $run['time'];
$run['score'] = round((double) $run['score'], 4);
if ($run['contest_score'] != null) {
$run['contest_score'] = round((double) $run['contest_score'], 2);
}
array_push($result, $run);
}
$response['runs'] = $result;
} catch (Exception $e) {
// Operation failed in the data layer
throw new InvalidDatabaseOperationException($e);
}
} else {
$keyrun = new Runs(array('user_id' => $r['current_user_id'], 'problem_id' => $r['problem']->getProblemId()));
// Get all the available runs
try {
$runs_array = RunsDAO::search($keyrun);
// Create array of relevant columns for list of runs
$relevant_columns = array('guid', 'language', 'status', 'verdict', 'runtime', 'penalty', 'memory', 'score', 'contest_score', 'time', 'submit_delay');
// Add each filtered run to an array
$response['runs'] = array();
if (count($runs_array) >= 0) {
$runs_filtered_array = array();
foreach ($runs_array as $run) {
$filtered = $run->asFilteredArray($relevant_columns);
$filtered['time'] = strtotime($filtered['time']);
$filtered['username'] = $r['current_user']->username;
$filtered['alias'] = $r['problem']->alias;
array_push($response['runs'], $filtered);
}
}
} catch (Exception $e) {
// Operation failed in the data layer
throw new InvalidDatabaseOperationException($e);
}
}
$response['status'] = 'ok';
return $response;
}
exit;
}
}
} else {
$msg->addError(array('EMPTY_FIELDS', _AC('password')));
header('Location: change_email.php');
exit;
}
// email check
if ($_POST['email'] == '') {
$msg->addError(array('EMPTY_FIELDS', _AC('email')));
} else {
if (!preg_match("/^[a-z0-9\\._-]+@+[a-z0-9\\._-]+\\.+[a-z]{2,6}\$/i", $_POST['email'])) {
$msg->addError('EMAIL_INVALID');
}
$usersDAO = new UsersDAO();
$row = $usersDAO->getUserByEmail($_POST['email']);
if ($row['user_id'] > 0 && $row['user_id'] != $_SESSION['user_id']) {
$msg->addError('EMAIL_EXISTS');
}
}
if (!$msg->containsErrors()) {
if (defined('AC_EMAIL_CONFIRMATION') && AC_EMAIL_CONFIRMATION) {
//send confirmation email
$row = $_current_user->getInfo();
if ($row['email'] != $_POST['email']) {
$code = substr(md5($_POST['email'] . $row['creation_date'] . $_SESSION['user_id']), 0, 10);
$confirmation_link = AC_BASE_HREF . 'confirm.php?id=' . $_SESSION['user_id'] . SEP . 'e=' . urlencode($_POST['email']) . SEP . 'm=' . $code;
/* send the email confirmation message: */
require AC_INCLUDE_PATH . 'classes/phpmailer/acheckermailer.class.php';
$mail = new ACheckerMailer();
<?php
/************************************************************************/
/* AContent */
/************************************************************************/
/* Copyright (c) 2010 */
/* Inclusive Design Institute */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
define('TR_INCLUDE_PATH', '../include/');
include TR_INCLUDE_PATH . 'vitals.inc.php';
include_once TR_INCLUDE_PATH . 'classes/DAO/UsersDAO.class.php';
$usersDAO = new UsersDAO();
$ids = explode(',', $_REQUEST['id']);
if (isset($_POST['submit_no'])) {
$msg->addFeedback('CANCELLED');
header('Location: index.php');
exit;
} else {
if (isset($_POST['submit_yes'])) {
foreach ($ids as $id) {
$usersDAO->Delete($id);
}
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
header('Location: index.php');
exit;
}
}
public function LoginViaFacebook()
{
//ok, the user does not have any auth token
//if he wants to test facebook login
//Facebook must send me the state=something
//query, so i dont have to be testing
//facebook sessions on every single petition
//made from the front-end
if (!isset($_GET['state'])) {
return false;
}
//if that is not true, may still be logged with
//facebook, lets test that
$facebook = self::getFacebookInstance();
// Get User ID
$fb_user = $facebook->getUser();
if ($fb_user == 0) {
self::$log->info('FB session unavailable.');
return false;
}
// We may or may not have this data based on whether the user is logged in.
// If we have a $fb_user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
try {
// Proceed knowing you have a logged in user who's authenticated.
$fb_user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
$fb_user = null;
self::$log->error('FacebookException:' . $e);
return false;
}
//ok we know the user is logged in,
//lets look for his information on the database
//if there is none, it means that its the first
//time the user has been here, lets register his info
self::$log->info('User is logged in via facebook !!');
$results = UsersDAO::FindByEmail($fb_user_profile['email']);
if (!is_null($results)) {
//user has been here before with facebook!
$vo_User = $results;
self::$log->info('user has been here before with facebook!');
} else {
// The user has never been here before, let's register him
// I have a problem with this:
$username = self::getUniqueUsernameFromEmail($fb_user_profile['email']);
// Even if the user gave us his/her email, we should not
// just go ahead and assume its ok to share with the world
// maybe we could do:
// $username = str_replace(" ", "_", $fb_user_profile["name"] ),
UserController::$permissionKey = uniqid();
$r = new Request(array('name' => $fb_user_profile['name'], 'username' => $username, 'email' => $fb_user_profile['email'], 'facebook_user_id' => $fb_user_profile['id'], 'password' => null, 'permission_key' => UserController::$permissionKey, 'ignore_password' => true));
try {
$res = UserController::apiCreate($r);
} catch (ApiException $e) {
self::$log->error('Unable to login via Facebook ' . $e);
return false;
}
$vo_User = UsersDAO::getByPK($res['user_id']);
}
//since we got here, this user does not have
//any auth token, lets give him one
//so we dont have to call facebook to see
//if he is still logged in, and he can call
//the api
$this->RegisterSession($vo_User);
}
}
// end of parsing parameters
// initialize defaults for the ones not set or not set right but with default values
if ($output != 'html' && $output != 'rest') {
$output = DEFAULT_WEB_SERVICE_OUTPUT;
}
// end of initialization
// validate parameters
if ($uri == '') {
$errors[] = 'AC_ERROR_EMPTY_URI';
}
if ($web_service_id == '') {
$errors[] = 'AC_ERROR_EMPTY_WEB_SERVICE_ID';
} else {
// validate web service id
$usersDAO = new UsersDAO();
$user_row = $usersDAO->getUserByWebServiceID($web_service_id);
if (!$user_row) {
$errors[] = 'AC_ERROR_INVALID_WEB_SERVICE_ID';
} else {
$user_id = $user_row['user_id'];
}
}
if (!is_array($decisions)) {
$errors[] = 'AC_ERROR_SEQUENCEID_NOT_GIVEN';
}
// return errors
if (is_array($errors)) {
if ($output == 'rest') {
echo RESTWebServiceOutput::generateErrorRpt($errors);
} else {
/**
* Details of a scoreboard. Returns a list with all contests that belong to
* the given scoreboard_alias
*
* @param Request $r
*/
public static function apiDetails(Request $r)
{
self::validateGroupScoreboard($r);
$response = array();
// Fill contests
$response["contests"] = array();
$response["ranking"] = array();
try {
$groupScoreboardContestKey = new GroupsScoreboardsContests(array("group_scoreboard_id" => $r["scoreboard"]->group_scoreboard_id));
$r["gscs"] = GroupsScoreboardsContestsDAO::search($groupScoreboardContestKey);
$i = 0;
$contest_params = array();
foreach ($r["gscs"] as $gsc) {
$contest = ContestsDAO::getByPK($gsc->contest_id);
$response["contests"][$i] = $contest->asArray();
$response["contests"][$i]["only_ac"] = $gsc->only_ac;
$response["contests"][$i]["weight"] = $gsc->weight;
// Fill contest params to pass to scoreboardMerge
$contest_params[$contest->alias] = array("only_ac" => $gsc->only_ac == 0 ? false : true, "weight" => $gsc->weight);
$i++;
}
} catch (ApiException $ex) {
throw $ex;
} catch (Exception $ex) {
throw new InvalidDatabaseOperationException($ex);
}
$r["contest_params"] = $contest_params;
// Fill details of this scoreboard
$response["scoreboard"] = $r["scoreboard"]->asArray();
// If we have contests, calculate merged&filtered scoreboard
if (count($response["contests"]) > 0) {
// Get merged scoreboard
$r["contest_aliases"] = "";
foreach ($response["contests"] as $contest) {
$r["contest_aliases"] .= $contest["alias"] . ",";
}
$r["contest_aliases"] = rtrim($r["contest_aliases"], ",");
try {
$groupUsers = GroupsUsersDAO::search(new GroupsUsers(array("group_id" => $r["scoreboard"]->group_id)));
$r["usernames_filter"] = "";
foreach ($groupUsers as $groupUser) {
$user = UsersDAO::getByPK($groupUser->user_id);
$r["usernames_filter"] .= $user->username . ",";
}
$r["usernames_filter"] = rtrim($r["usernames_filter"], ",");
} catch (Exception $ex) {
throw new InvalidDatabaseOperationException($ex);
}
$mergedScoreboardResponse = ContestController::apiScoreboardMerge($r);
$response["ranking"] = $mergedScoreboardResponse["ranking"];
}
$response["status"] = "ok";
return $response;
}
/**
* Admin can verify users only with username
*/
public function testUsernameVerificationByAdmin()
{
// User to be verified
$user = UserFactory::createUser(null, null, null, false);
// Admin will verify $user
$admin = UserFactory::createAdminUser();
// Call api using admin
$response = UserController::apiVerifyEmail(new Request(array('auth_token' => $this->login($admin), 'usernameOrEmail' => $user->getUsername())));
// Get user from db again to pick up verification changes
$userdb = UsersDAO::FindByUsername($user->getUsername());
$this->assertEquals(1, $userdb->getVerified());
$this->assertEquals('ok', $response['status']);
}
/**
* Details of a group (users in a group)
*
* @param Request $r
*/
public static function apiDetails(Request $r)
{
self::validateGroupAndOwner($r);
$response = array();
$response["group"] = array();
$response["users"] = array();
$response["scoreboards"] = array();
try {
$response["group"] = $r["group"]->asArray();
$userGroups = GroupsUsersDAO::search(new GroupsUsers(array("group_id" => $r["group"]->group_id)));
foreach ($userGroups as $userGroup) {
$r["user"] = UsersDAO::getByPK($userGroup->user_id);
$userProfile = UserController::getProfile($r);
$response["users"][] = $userProfile;
}
$scoreboards = GroupsScoreboardsDAO::search(new GroupsScoreboards(array("group_id" => $r["group"]->group_id)));
foreach ($scoreboards as $scoreboard) {
$response["scoreboards"][] = $scoreboard->asArray();
}
} catch (Exception $ex) {
throw new InvalidDatabaseOperationException($ex);
}
$response["status"] = "ok";
return $response;
}
/**
* Logins with empty passwords in DB are disabled
*
* @expectedException LoginDisabledException
*/
public function testLoginDisabled()
{
// User to be verified
$user = UserFactory::createUser();
// Force empty password
$user->setPassword('');
UsersDAO::save($user);
$this->login($user);
}
/**
* Test update main email api
*/
public function testUpdateMainEmail()
{
$user = UserFactory::createUser();
$r = new Request(array("auth_token" => self::login($user), "email" => "*****@*****.**"));
$response = UserController::apiUpdateMainEmail($r);
// Check email in db
$user_in_db = UsersDAO::FindByEmail("*****@*****.**");
$this->assertEquals($user->getUserId(), $user_in_db->getUserId());
}
if (isset($_POST['submit'])) {
/* password check: password is verified front end by javascript. here is to handle the errors from javascript */
if ($_POST['password_error'] != "") {
$pwd_errors = explode(",", $_POST['password_error']);
foreach ($pwd_errors as $pwd_error) {
if ($pwd_error == "missing_password") {
$missing_fields[] = _AT('password');
} else {
$msg->addError($pwd_error);
}
}
}
if (!$msg->containsErrors()) {
// insert into the db.
$password = $addslashes($_POST['form_password_hidden']);
$usersDAO = new UsersDAO();
if (!$usersDAO->setPassword($_GET['id'], $password)) {
require TR_INCLUDE_PATH . 'header.inc.php';
$msg->printErrors('DB_NOT_UPDATED');
require TR_INCLUDE_PATH . 'footer.inc.php';
exit;
}
// send email to user
$user_row = $usersDAO->getUserByID($_GET['id']);
$tmp_message = _AT('password_change_msg') . "\n\n";
$tmp_message .= _AT('web_site') . ' : ' . TR_BASE_HREF . "\n";
$tmp_message .= _AT('login_name') . ' : ' . $user_row['login'] . "\n";
require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php';
$mail = new TransformableMailer();
$mail->From = $_config['contact_email'];
$mail->AddAddress($user_row['email']);
$glossary_manifest_xml = $ims_template_xml['glossary'];
} else {
$glossary_manifest_xml = '';
}
*/
ob_start();
print_organizations($top_content_parent_id, $content, 0, '', array(), $toc_html);
//Exoprt Forum:
print_resources_forum();
$organizations_str = ob_get_contents();
ob_end_clean();
// end of modified by Cindy Qi Li on Jan 12, 2010
/* append the Organizations and Resources to the imsmanifest */
$imsmanifest_xml .= str_replace(array('{ORGANIZATIONS}', '{GLOSSARY}', '{RESOURCES}', '{TEST_ITEMS}', '{COURSE_TITLE}'), array($organizations_str, $glossary_manifest_xml, $resources, $test_xml_items, $ims_course_title), $ims_template_xml['final']);
// generate the vcard for the instructor/author
$usersDAO = new UsersDAO();
$row = $usersDAO->getUserByID($instructor_id);
//$sql = "SELECT first_name, last_name, email, website, login, phone FROM ".TABLE_PREFIX."members WHERE member_id=$instructor_id";
//$result = mysql_query($sql, $db);
$vcard = new vCard();
if (isset($row)) {
$vcard->setName($row['last_name'], $row['first_name'], $row['login']);
$vcard->setEmail($row['email']);
$vcard->setNote('Originated from an AContent at ' . TR_BASE_HREF . '. See ATutor.ca for additional information.');
$vcard->setURL($row['website']);
$imsmanifest_xml = str_replace('{VCARD}', $vcard->getVCard(), $imsmanifest_xml);
} else {
$imsmanifest_xml = str_replace('{VCARD}', '', $imsmanifest_xml);
}
/* save the imsmanifest.xml file */
$zipfile->add_file($imsmanifest_xml, 'imsmanifest.xml');
/**
* Returns ALL users participating in a contest
*
* @param Request $r
* @return array
* @throws InvalidDatabaseOperationException
*/
public static function apiUsers(Request $r)
{
// Authenticate request
self::authenticateRequest($r);
Validators::isStringNonEmpty($r["contest_alias"], "contest_alias");
try {
$contest = ContestsDAO::getByAlias($r["contest_alias"]);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
if (!Authorization::IsContestAdmin($r["current_user_id"], $contest)) {
throw new ForbiddenAccessException();
}
// Get users from DB
$contest_user_key = new ContestsUsers();
$contest_user_key->setContestId($contest->getContestId());
try {
$db_results = ContestsUsersDAO::search($contest_user_key);
} catch (Exception $e) {
// Operation failed in the data layer
throw new InvalidDatabaseOperationException($e);
}
$users = array();
// Add all users to an array
foreach ($db_results as $result) {
$user_id = $result->getUserId();
$user = UsersDAO::getByPK($user_id);
$users[] = array("user_id" => $user_id, "username" => $user->getUsername(), 'access_time' => $result->access_time, 'country' => $user->getCountryId());
}
$response = array();
$response["users"] = $users;
$response["status"] = "ok";
return $response;
}
