/**
* Mmeber_profile edit
*
* @access public
* @return Response
*/
public function action_edit($type = null)
{
list($type, $is_regist) = self::validate_type($type, $this->u->id);
$form_member_profile = new Form_MemberProfile($type == 'regist' ? 'regist-config' : 'config', $this->u);
$form_member_profile->set_validation();
if (\Input::method() == 'POST') {
\Util_security::check_csrf();
try {
$form_member_profile->validate(true);
\DB::start_transaction();
$form_member_profile->seve();
if ($is_regist) {
Model_MemberConfig::delete_value($this->u->id, 'terms_un_agreement');
}
\DB::commit_transaction();
$message = $is_regist ? sprintf('%sが%sしました。', term('site.registration'), term('form.complete')) : term('profile') . 'を編集しました。';
$redirect_uri = $is_regist ? $this->after_auth_uri : 'member/profile';
\Session::set_flash('message', $message);
\Response::redirect($redirect_uri);
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
}
$this->set_title_and_breadcrumbs(term('profile') . term($is_regist ? 'site.registration' : 'form.edit'), $is_regist ? array() : array('member/profile' => term('common.my', 'profile')), $is_regist ? null : $this->u);
$this->template->content = View::forge('member/profile/edit', array('is_regist' => $is_regist, 'val' => $form_member_profile->get_validation(), 'member_public_flags' => $form_member_profile->get_member_public_flags(), 'profiles' => $form_member_profile->get_profiles(), 'member_profile_public_flags' => $form_member_profile->get_member_profile_public_flags()));
}
/**
* Mmeber setting viewtype
*
* @access public
* @return Response
*/
public function action_index()
{
$page_name = term('notice', 'site.setting');
$val = \Form_MemberConfig::get_validation($this->u->id, 'notice', 'Notice');
if (\Input::method() == 'POST') {
\Util_security::check_csrf();
try {
if (!$val->run()) {
throw new \FuelException($val->show_errors());
}
$post = $val->validated();
\DB::start_transaction();
\Form_MemberConfig::save($this->u->id, $val, $post);
\DB::commit_transaction();
\Session::set_flash('message', $page_name . 'を変更しました。');
\Response::redirect('member/setting');
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
}
$this->set_title_and_breadcrumbs($page_name, array('member/setting' => term('site.setting', 'form.update')), $this->u);
$this->template->content = \View::forge('member/setting/_parts/form', array('val' => $val, 'label_size' => 5, 'form_params' => array('common' => array('radio' => array('layout_type' => 'grid')))));
}
/**
* Mmeber setting timeline_view
*
* @access public
* @return Response
*/
public function action_viewtype()
{
$page_name = term('timeline', 'site.view', 'site.setting');
$val = \Form_MemberConfig::get_validation($this->u->id, 'timeline_viewType');
if (Input::method() == 'POST') {
Util_security::check_csrf();
try {
if (!$val->run()) {
throw new \FuelException($val->show_errors());
}
$post = $val->validated();
\DB::start_transaction();
\Form_MemberConfig::save($this->u->id, $val, $post);
\DB::commit_transaction();
\Session::set_flash('message', $page_name . 'を変更しました。');
\Response::redirect('member/setting');
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
}
$this->set_title_and_breadcrumbs($page_name, array('member/setting' => term('site.setting', 'form.update')), $this->u);
$this->template->content = \View::forge('member/setting/timeline_viewtype', array('val' => $val));
}
/**
* Note delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
\Util_security::check_csrf(\Input::get(\Config::get('security.csrf_token_key')));
$comment = Model_NoteComment::check_authority($id, $this->u->id);
$comment->delete();
\Session::set_flash('message', term('note') . 'を削除しました。');
\Response::redirect('note/detail/' . $comment->note_id);
}
/**
* Album image comment delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
$id = (int) $id;
$album_image_comment = Model_AlbumImageComment::check_authority($id, $this->u->id);
\Util_security::check_csrf(\Input::get(\Config::get('security.csrf_token_key')));
$album_image_id = $album_image_comment->album_image_id;
$album_image_comment->delete();
\Session::set_flash('message', 'コメントを削除しました。');
\Response::redirect('album/image/' . $album_image_id);
}
function form_open($exists_required_fields = false, $is_upload = false, $atter = array(), $hidden = array(), $form_title = '')
{
$atter_default = array('class' => 'form-stacked form-horizontal', 'method' => 'post', 'id' => site_get_form_id());
$atter = array_merge($atter_default, $atter);
if ($is_upload) {
$atter['enctype'] = 'multipart/form-data';
}
$hidden_default = array(Config::get('security.csrf_token_key') => Util_security::get_csrf());
$hidden = array_merge($hidden_default, $hidden);
return render('_parts/form/open', array('exists_required_fields' => $exists_required_fields, 'atter' => $atter, 'hidden' => $hidden, 'title' => $form_title));
}
public function action_delete()
{
Util_security::check_method('POST');
Util_security::check_csrf();
$form = $this->form_leave();
$val = $form->validation();
if (!$val->run()) {
Session::set_flash('error', $val->show_errors());
$this->action_index();
return;
}
if (!$this->u->check_registered_oauth(true) && !$this->auth_instance->check_password()) {
Session::set_flash('error', term('site.password') . 'が正しくありません');
$this->action_index();
return;
}
$error_message = '';
$is_transaction_rollback = false;
try {
$message = Site_Member::remove($this->u);
$this->auth_instance->logout();
Session::set_flash('message', $message);
Response::redirect(conf('login_uri.site'));
} catch (EmailValidationFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' validation error');
$error_message = 'メール送信エラー';
} catch (EmailSendingFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' sending error');
$error_message = 'メール送信エラー';
} catch (SimpleUserUpdateException $e) {
$is_transaction_rollback = true;
$error_message = term('member.view') . 'が存在しません。';
} catch (Database_Exception $e) {
$is_transaction_rollback = true;
$error_message = Site_Controller::get_error_message($e, true);
} catch (FuelException $e) {
$is_transaction_rollback = true;
if (!($error_message = $e->getMessage())) {
$error_message = term('site.left') . 'に失敗しました。';
}
}
if ($error_message) {
if ($is_transaction_rollback && DB::in_transaction()) {
DB::rollback_transaction();
}
Session::set_flash('error', $error_message);
}
$this->action_index();
}
public function action_change_password()
{
Util_security::check_method('POST');
Util_security::check_csrf();
$form = $this->form_setting_password();
$val = $form->validation();
if (!$val->run()) {
Session::set_flash('error', $val->show_errors());
$this->action_password();
return;
}
$post = $val->validated();
$error_message = '';
$is_transaction_rollback = false;
try {
DB::start_transaction();
$this->change_password($post['old_password'], $post['password']);
DB::commit_transaction();
$mail = new Site_Mail('memberSettingPassword');
$mail->send($this->u->member_auth->email, array('to_name' => $this->u->name));
Session::set_flash('message', term('site.password') . 'を変更しました。');
Response::redirect('member/setting');
} catch (EmailValidationFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' validation error');
$error_message = 'メール送信エラー';
} catch (EmailSendingFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' sending error');
$error_message = 'メール送信エラー';
} catch (WrongPasswordException $e) {
$is_transaction_rollback = true;
$error_message = sprintf('現在の%sが正しくありません。', term('site.password'));
} catch (\Auth\SimpleUserUpdateException $e) {
$is_transaction_rollback = true;
$error_message = term('site.password') . 'の変更に失敗しました。';
} catch (Database_Exception $e) {
$is_transaction_rollback = true;
$error_message = Site_Controller::get_error_message($e, true);
} catch (FuelException $e) {
$is_transaction_rollback = true;
$error_message = $e->getMessage();
}
if ($error_message) {
if ($is_transaction_rollback && DB::in_transaction()) {
DB::rollback_transaction();
}
Session::set_flash('error', $error_message);
}
$this->action_password();
}
/**
* Mmeber leave
*
* @access public
* @return Response
*/
public function action_index()
{
$val = self::get_validation_object();
if (\Input::method() == 'POST') {
\Util_security::check_csrf();
$success_message = sprintf('%sを%sしました。', term('form.invite', 'site.mail'), term('form.post'));
$error_message = '';
$is_transaction_rollback = false;
try {
if (!$val->run()) {
throw new ValidationFailedException($val->show_errors());
}
$post = $val->validated();
if (Model_MemberPre::get_one4invite_member_id_and_email($this->u->id, $post['email'])) {
throw new ValidationFailedException(sprintf('その%sは既に%sです。', term('site.email'), term('form.invited')));
}
DB::start_transaction();
$token = Model_MemberPre::save_with_token($post['email'], null, $this->u->id);
DB::commit_transaction();
$mail = new Site_Mail('memberInvite');
$mail->send($post['email'], array('register_url' => sprintf('%s?token=%s', Uri::create('member/register'), $token), 'invite_member_name' => $this->u->name, 'invite_message' => $post['message']));
Session::set_flash('message', $success_message);
Response::redirect('member/invite');
} catch (ValidationFailedException $e) {
$error_message = Site_Controller::get_error_message($e);
} catch (EmailValidationFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' validation error');
$error_message = 'メール送信エラー';
} catch (EmailSendingFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' sending error');
$error_message = 'メール送信エラー';
} catch (\Database_Exception $e) {
$is_transaction_rollback = true;
$error_message = Site_Controller::get_error_message($e, true);
} catch (FuelException $e) {
$is_transaction_rollback = true;
$error_message = Site_Controller::get_error_message($e);
}
if ($is_transaction_rollback && DB::in_transaction()) {
DB::rollback_transaction();
}
if ($error_message) {
Session::set_flash('error', $error_message);
}
}
$this->set_title_and_breadcrumbs(term('form.invite_friend'), null, $this->u);
$this->template->content = \View::forge('member/invite', array('val' => $val, 'member_pres' => Model_MemberPre::get4invite_member_id($this->u->id)));
}
/**
* The login.
*
* @access public
* @return Response or void
*/
public function action_login($_provider = null, $method = null)
{
// Already logged in
Auth::check() and Response::redirect('member');
if ($_provider) {
return $this->opauth_login_start($_provider, $method);
}
$destination = Session::get_flash('destination') ?: Input::post('destination', '');
if (Input::method() == 'POST') {
try {
Util_security::check_csrf();
if (!$this->login_val->run()) {
throw new FuelException($this->login_val->show_errors());
}
$post = $this->login_val->validated();
$posted_email = Arr::get($post, \Config::get('uzuraauth.username_post_key'));
$posted_password = Arr::get($post, \Config::get('uzuraauth.password_post_key'));
$auth = Auth::instance();
// account lock check.
if ($auth->check_is_account_locked($posted_email)) {
throw new FuelException('アカウントがロックされています');
}
// login check.
if (!Auth::check() && !$auth->login($posted_email, $posted_password)) {
throw new FuelException();
}
// does the user want to be remembered?
if (Input::param('rememberme', false)) {
// create the remember-me cookie
Auth::remember_me();
} else {
// delete the remember-me cookie if present
Auth::dont_remember_me();
}
// credentials ok, go right in
return $this->login_succeeded($destination);
} catch (FuelException $e) {
$this->login_failed(false, $e->getMessage());
}
}
$this->set_title_and_breadcrumbs('ログイン');
$this->template->content = View::forge('auth/_parts/login', array('destination' => $destination));
}
/**
* The edit_all action.
*
* @access public
* @return void
*/
public function action_edit_all()
{
$news_categories = \News\Model_NewsCategory::get_all();
$posted_vals = array();
if (\Input::method() == 'POST') {
try {
\Util_security::check_csrf();
$posted_vals = \Input::post('labels');
if (count($posted_vals) != count($news_categories)) {
throw new \httpinvalidinputexception();
}
\DB::start_transaction();
foreach ($news_categories as $news_category) {
$value = $posted_vals[$news_category->id];
if (!strlen($value)) {
throw new \httpinvalidinputexception('未入力の項目があります。');
}
if ($value !== $news_category->label) {
$news_category->label = $value;
$news_category->save();
}
}
\DB::commit_transaction();
\Session::set_flash('message', term('news.category.view') . 'を編集しました。');
\Response::redirect('admin/news/category');
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
}
$vals = array();
foreach ($news_categories as $news_category) {
$vals[$news_category->id] = isset($posted_vals[$news_category->id]) ? $posted_vals[$news_category->id] : $news_category->label;
}
$this->set_title_and_breadcrumbs(term('news.view', 'news.category.label', 'form.edit_all'), array('admin/news' => term('news.view', 'site.management'), 'admin/news/category' => term('news.category.view', 'site.management')));
$this->template->content = \View::forge('news/category/edit_all', array('vals' => $vals, 'news_categories' => $news_categories));
}
/**
* News delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
$id = (int) $id;
\Util_security::check_method('POST');
\Util_security::check_csrf();
$error_message = '';
$is_transaction_rollback = false;
try {
$member = \Model_Member::check_authority($id);
$message = \Site_Member::remove($member);
\Session::set_flash('message', $message);
} catch (\EmailValidationFailedException $e) {
\Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' validation error');
$error_message = 'メール送信エラー';
} catch (\EmailSendingFailedException $e) {
\Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' sending error');
$error_message = 'メール送信エラー';
} catch (\Auth\SimpleUserUpdateException $e) {
$is_transaction_rollback = true;
$error_message = term('member.view') . 'が存在しません。';
} catch (\Database_Exception $e) {
$is_transaction_rollback = true;
$error_message = \Site_Controller::get_error_message($e, true);
} catch (\FuelException $e) {
$is_transaction_rollback = true;
if (!($error_message = $e->getMessage())) {
$error_message = term('site.left') . 'に失敗しました。';
}
}
if ($error_message) {
if ($is_transaction_rollback && \DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $error_message);
}
\Response::redirect(\Site_Util::get_redirect_uri('admin/member'));
}
public function action_login()
{
// Already logged in
\Auth::check() and \Response::redirect('admin');
$destination = \Session::get_flash('destination') ?: \Input::post('destination', '');
$val = \Validation::forge();
$val->add(\Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => \Util_security::get_csrf()));
$val->add('email', 'Username')->add_rule('required');
$val->add('password', 'Password', array('type' => 'password'))->add_rule('required');
if (\Input::method() == 'POST') {
if ($val->run()) {
$auth = \Auth::instance();
// check the credentials. This assumes that you have the previous table created
if (\Auth::check() or $auth->login(\Input::post('email'), \Input::post('password'))) {
// credentials ok, go right in
return $this->login_succeeded($destination);
} else {
\Session::set_flash('error', 'ログインに失敗しました');
}
}
}
$this->set_title_and_breadcrumbs('Login', null, null, null, null, true);
$this->template->content = \View::forge('login', array('val' => $val, 'destination' => $destination));
}
/**
* News delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
\Util_security::check_method('POST');
\Util_security::check_csrf();
$content_page = \Content\Model_ContentPage::check_authority($id);
$error_message = '';
try {
\DB::start_transaction();
$content_page->delete();
\DB::commit_transaction();
\Session::set_flash('message', term('content.page') . 'を削除しました。');
} catch (\Database_Exception $e) {
$error_message = \Site_Controller::get_error_message($e, true);
} catch (\FuelException $e) {
$error_message = $e->getMessage();
}
if ($error_message) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $error_message);
}
\Response::redirect(\Site_Util::get_redirect_uri('admin/content/page'));
}
function get_csrf_query_str($delimitter = '?')
{
return sprintf('%s%s=%s', $delimitter, Config::get('security.csrf_token_key'), Util_security::get_csrf());
}
/**
* Note publish
*
* @access public
* @params integer
* @return Response
*/
public function action_publish($id = null)
{
\Util_security::check_method('POST');
\Util_security::check_csrf();
$note = Model_Note::check_authority($id, $this->u->id);
if ($note->is_published) {
\Session::set_flash('error', '既に公開されています。');
\Response::redirect('note/detail/' . $id);
}
try {
\DB::start_transaction();
list($is_changed, $is_published) = $note->save_with_relations($this->u->id, array('is_published' => 1));
\DB::commit_transaction();
\Session::set_flash('message', term('note') . 'を公開しました。');
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
\Response::redirect('note/detail/' . $id);
}
/**
* Action image delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
\Util_security::check_csrf();
$site_image = \Model_SiteImage::check_authority($id);
try {
\DB::start_transaction();
$site_image->delete();
\DB::commit_transaction();
\Session::set_flash('message', term('site.image') . 'を削除しました。');
\Response::redirect('admin/content/image');
} catch (\Database_Exception $e) {
$error_message = \Site_Controller::get_error_message($e, true);
} catch (Exception $e) {
$error_message = $e->getMessage();
}
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $error_message);
\Response::redirect('admin/content/image/' . $id);
}
/**
* Mmeber_Profile_Image delete
*
* @access public
* @return Response
*/
public function action_delete($album_image_id = null)
{
try {
Util_security::check_csrf();
if (!conf('upload.types.img.types.m.save_as_album_image')) {
throw new HttpNotFoundException();
}
$album_image = \Album\Model_AlbumImage::check_authority($album_image_id, $this->u->id);
if ($album_image->album->foreign_table != 'member') {
throw new FuelException('Disabled to set album image as profile image.');
}
DB::start_transaction();
$album_image->delete();
DB::commit_transaction();
Session::set_flash('message', term('profile', 'site.picture') . 'を削除しました。');
} catch (Database_Exception $e) {
if (DB::in_transaction()) {
DB::rollback_transaction();
}
Session::set_flash('error', Site_Controller::get_error_message($e, true));
} catch (FuelException $e) {
if (DB::in_transaction()) {
DB::rollback_transaction();
}
Session::set_flash('error', $e->getMessage());
}
Response::redirect('member/profile/image');
}
/**
* Album_image delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
\Util_security::check_method('POST');
\Util_security::check_csrf();
$album_image = Model_Albumimage::check_authority($id, $this->u->id);
$album_id = $album_image->album_id;
try {
\DB::start_transaction();
$album_image->delete();
\DB::commit_transaction();
\Session::set_flash('message', term('album_image') . 'を削除しました。');
} catch (Exception $e) {
\Session::set_flash('error', $e->getMessage());
\DB::rollback_transaction();
}
\Response::redirect('album/' . $album_id);
}
var is_current_protocol = (arguments.length > 0) ? arguments[0] : false;
if (is_current_protocol) return '<?php
echo Uri::base(true);
?>
';
return '<?php
echo Uri::base();
?>
';
}
function get_token_key() {return '<?php
echo Config::get('security.csrf_token_key');
?>
';}
function get_token() {return '<?php
echo Util_security::get_csrf();
?>
';}
function is_sp() {return <?php
echo IS_SP ? 'true' : 'false';
?>
;}
function get_term(key) {
var terms = {
<?php
if (conf('memberRelation.follow.isEnabled')) {
?>
'follow': '<?php
echo term('follow');
?>
',
foreach ($input['lang'] as $lang) {
echo Form::hidden('lang[]', $lang, array('dont_prep' => true));
}
?>
<div class="actions">
<?php
echo Form::submit('submit1', '修正');
?>
</div>
<?php
echo Form::close();
?>
<?php
echo Form::open('contact/send');
echo Form::hidden(Config::get('security.csrf_token_key'), Util_security::get_csrf());
echo Form::hidden('name', $input['name'], array('id' => 'name', 'dont_prep' => true));
echo Form::hidden('email', $input['email'], array('id' => 'email', 'dont_prep' => true));
echo Form::hidden('comment', $input['comment'], array('id' => 'comment', 'dont_prep' => true));
echo Form::hidden('gender', $input['gender'], array('id' => 'gender', 'dont_prep' => true));
echo Form::hidden('kind', $input['kind'], array('id' => 'kind', 'dont_prep' => true));
foreach ($input['lang'] as $lang) {
echo Form::hidden('lang[]', $lang, array('id' => 'lang', 'dont_prep' => true));
}
?>
<div class="actions">
<?php
echo Form::submit('submit2', '送信');
?>
</div>
<?php
private function change_publish_status($id, $target_status)
{
$target_status = \Util_string::cast_bool_int($target_status);
\Util_security::check_method('POST');
\Util_security::check_csrf();
$news = \News\Model_News::check_authority($id);
$msg_status = $target_status ? term('form.publish') : term('form.unpublish') . 'に';
$redirect_uri = \Site_Util::get_redirect_uri('admin/news/' . $id);
if ($news->is_published == $target_status) {
\Session::set_flash('error', sprintf('既に%sされています。', $msg_status));
\Response::redirect($redirect_uri);
}
try {
\DB::start_transaction();
$news->is_published = $target_status;
if ($news->is_published && !isset_datatime($news->published_at)) {
$news->published_at = date('Y-m-d H:i:s');
}
$news->save();
//// timeline 投稿
//if (is_enabled('timeline')) \Timeline\Site_Model::save_timeline($this->u->id, $note->public_flag, 'note', $note->id);
\DB::commit_transaction();
\Session::set_flash('message', sprintf('%sを%sしました。', term('news.view'), $msg_status));
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
\Response::redirect($redirect_uri);
}
/**
* Execute confirm signup
*
* @access public
* @return Response
*/
public function action_confirm_signup()
{
Util_security::check_method('POST');
Util_security::check_csrf();
if (!($form = Fieldset::instance('confirm_signup'))) {
$form = $this->get_form_signup_confirm();
}
$val = $form->validation();
$val->fieldset()->field('email')->delete_rule('unique');
$redirect_uri = conf('login_uri.site');
$success_message = '仮登録が完了しました。受信したメール内に記載された URL より本登録を完了してください。';
$error_message = '';
$is_transaction_rollback = false;
try {
if (!$val->run()) {
throw new \FuelException($val->show_errors());
}
$post = $val->validated();
if (Model_MemberAuth::get4email($post['email'])) {
if (conf('member.register.email.hideUniqueCheck')) {
Session::set_flash('message', $success_message);
Response::redirect($redirect_uri);
}
throw new FuelException('その' . term('site.email') . 'は登録できません。');
}
DB::start_transaction();
$token = Model_MemberPre::save_with_token($post['email'], $post['password']);
DB::commit_transaction();
$mail = new Site_Mail('memberSignup');
$mail->send($post['email'], array('register_url' => sprintf('%s?token=%s', Uri::create('member/register'), $token)));
Session::set_flash('message', $success_message);
Response::redirect($redirect_uri);
} catch (EmailValidationFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' validation error');
$error_message = 'メール送信エラー';
} catch (EmailSendingFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' sending error');
$error_message = 'メール送信エラー';
} catch (\Database_Exception $e) {
$is_transaction_rollback = true;
$error_message = \Site_Controller::get_error_message($e, true);
} catch (FuelException $e) {
$is_transaction_rollback = true;
$error_message = $e->getMessage();
}
if ($is_transaction_rollback && DB::in_transaction()) {
DB::rollback_transaction();
}
Session::set_flash('error', $error_message);
$this->action_signup();
}
protected function controller_common_api(callable $func)
{
try {
$this->check_response_format($this->api_accept_formats);
if (Input::method() != 'GET' && !$this->api_not_check_csrf) {
Util_security::check_csrf();
}
$this->response_body = $func() ?: $this->response_body;
// execute main.
if (Site_Model::check_is_orm_obj($this->response_body)) {
throw new \FuelException('Response body not allowed Orm obj.');
}
$status_code = 200;
} catch (\HttpNotFoundException $e) {
$status_code = 404;
} catch (\ApiNotAuthorizedException $e) {
$status_code = 401;
} catch (\HttpForbiddenException $e) {
$status_code = 403;
} catch (\HttpMethodNotAllowed $e) {
$status_code = 405;
} catch (\HttpBadRequestException $e) {
$status_code = 400;
} catch (\HttpInvalidInputException $e) {
$status_code = 400;
} catch (\ValidationFailedException $e) {
$this->response_body['errors']['message'] = Site_Controller::get_error_message($e);
$status_code = 400;
} catch (\DisableToUpdateException $e) {
$this->response_body['errors']['message'] = $e->getMessage() ?: term('form.update') . 'が禁止されています。';
$status_code = 400;
} catch (\Database_Exception $e) {
$this->response_body['errors']['message'] = Site_Controller::get_error_message($e, true);
$status_code = 500;
} catch (\FuelException $e) {
$status_code = 500;
} catch (\Exception $e) {
$status_code = 500;
}
if ($status_code == 500) {
if (!empty($e)) {
Util_Toolkit::log_error($e->getMessage());
}
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
}
$response_body = Site_Controller::supply_response_body($this->response_body, $status_code, $this->format);
return self::response($response_body, $status_code);
}
/**
* Admin account delete
*
* @access public
* @params integer
* @return Response
*/
public function action_delete($id = null)
{
\Util_security::check_method('POST');
\Util_security::check_csrf();
if (check_original_user($id, true)) {
throw new \HttpForbiddenException();
}
$user = Model_AdminUser::check_authority($id);
try {
$auth = \Auth::instance();
\DB::start_transaction();
$auth->delete_user($user->username);
\DB::commit_transaction();
\Session::set_flash('message', term('admin.user.view') . 'を削除しました。');
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
\Response::redirect(\Site_Util::get_redirect_uri('admin/account'));
}
/**
* Album upload image
*
* @access public
* @return Response
*/
public function action_upload_image($album_id = null)
{
\Util_security::check_method('POST');
\Util_security::check_csrf();
$album = Model_Album::check_authority($album_id, $this->u->id, 'member');
if (Site_Util::check_album_disabled_to_update($album->foreign_table, true)) {
throw new \HttpForbiddenException();
}
try {
$val = self::get_validation_public_flag();
if (!$val->run()) {
throw new \ValidationFailedException($val->show_errors());
}
$post = $val->validated();
\DB::start_transaction();
list($album_image, $file) = Model_AlbumImage::save_with_relations($album_id, $this->u, $post['public_flag'], null, 'album_image');
\DB::commit_transaction();
\Session::set_flash('message', '写真を投稿しました。');
} catch (\ValidationFailedException $e) {
\Session::set_flash('error', $e->getMessage());
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
\Response::redirect('album/' . $album_id);
}
public static function get_form_instance($name = 'default', $model_obj = null, $is_horizontal = true, $add_fields = array(), $btn_field = array(), $form_attr = array(), $hide_fields = array())
{
$form = Fieldset::forge($name);
if ($is_horizontal) {
if (empty($form_attr['class'])) {
$form_attr['class'] = 'form-horizontal';
} else {
$form_attr['class'] .= ' form-horizontal';
}
}
$form->set_config('form_attributes', $form_attr);
$form->add(\Config::get('security.csrf_token_key'), '', array('type' => 'hidden', 'value' => \Util_security::get_csrf()));
if (!empty($add_fields['pre'])) {
foreach ($add_fields['pre'] as $name => $item) {
$form->add($name, isset($item['label']) ? $item['label'] : '', isset($item['attributes']) ? $item['attributes'] : '', isset($item['rules']) ? $item['rules'] : '');
}
unset($add_fields['pre']);
}
if ($model_obj) {
$form->add_model($model_obj);
}
if (!empty($add_fields['post']) || !empty($add_fields)) {
$add_fields_post = !empty($add_fields['post']) ? $add_fields['post'] : $add_fields;
foreach ($add_fields_post as $name => $item) {
$form->add($name, isset($item['label']) ? $item['label'] : '', isset($item['attributes']) ? $item['attributes'] : array(), isset($item['rules']) ? $item['rules'] : array());
}
}
if (!empty($btn_field)) {
$btn_name = '';
$btn_attr = array();
if (!is_array($btn_field)) {
if (in_array($btn_field, array('submit', 'button'))) {
$btn_name = $btn_field;
$btn_attr = array('type' => $btn_field, 'value' => term('form.do_submit'), 'class' => 'btn btn-default btn-primary');
}
} else {
if (!isset($btn_field['attributes'])) {
$tmp = $btn_field;
unset($btn_field);
$btn_field = array('attributes' => $tmp);
}
if (empty($btn_field['attributes']['type'])) {
$btn_field['attributes']['type'] = 'submit';
}
if (empty($btn_field['attributes']['value'])) {
$btn_field['attributes']['value'] = term('form.submit');
}
if (empty($btn_field['attributes']['class'])) {
$btn_field['attributes']['class'] = 'btn btn-default btn-primary';
}
$btn_attr = $btn_field['attributes'];
$btn_name = isset($btn_field['name']) ? $btn_field['name'] : $btn_field['attributes']['type'];
}
if (!empty($btn_name)) {
$form->add($btn_name, '', $btn_attr);
}
}
foreach ($hide_fields as $hide_field_name) {
$form->disable($hide_field_name, $hide_field_name);
$form->field($hide_field_name)->delete_rule('required');
}
return $form;
}
/**
* Execute reset password.
*
* @access public
* @return Response
*/
public function action_reset_password()
{
// Already logged in
Auth::check() and Response::redirect('member');
$member_password_pre = Model_MemberPasswordPre::get4token(Input::param('token'));
if (!$member_password_pre || !Site_Util::check_token_lifetime($member_password_pre->updated_at, conf('member.recover.password.token_lifetime'))) {
Session::set_flash('error', sprintf('URLが%sです。', term('form.disabled')));
throw new HttpNotFoundException();
}
$form = $this->form_reset_password();
$val = $form->validation();
if (Input::method() == 'POST') {
Util_security::check_csrf();
$auth = Auth::instance();
$error_message = '';
$is_transaction_rollback = false;
try {
if (!$val->run()) {
throw new FuelException($val->show_errors() ?: term('site.password') . 'が正しくありません');
}
$post = $val->validated();
$to_email = $member_password_pre->email;
$to_name = $member_password_pre->member->name;
DB::start_transaction();
$auth->change_password_simple($member_password_pre->member_id, $post['password']);
$member_password_pre->delete();
// 仮登録情報の削除
DB::commit_transaction();
$mail = new Site_Mail('memberResetPassword');
$mail->send($to_email, array('to_name' => $to_name));
$auth->login($to_email, $post['password']);
Session::set_flash('message', term('site.password') . 'を登録しました。');
Response::redirect('member');
} catch (EmailValidationFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' validation error');
$error_message = 'メール送信エラー';
} catch (EmailSendingFailedException $e) {
Util_Toolkit::log_error('send mail error: ' . __METHOD__ . ' sending error');
$error_message = 'メール送信エラー';
} catch (Auth\SimpleUserUpdateException $e) {
$is_transaction_rollback = true;
$error_message = term('site.password') . 'の登録に失敗しました。';
} catch (\Database_Exception $e) {
$is_transaction_rollback = true;
$error_message = \Site_Controller::get_error_message($e, true);
} catch (FuelException $e) {
$is_transaction_rollback = true;
$error_message = $e->getMessage();
}
if ($error_message) {
if ($is_transaction_rollback && DB::in_transaction()) {
DB::rollback_transaction();
}
Session::set_flash('error', $error_message);
}
}
$this->set_title_and_breadcrumbs(term('site.password') . 'の再登録');
$data = array('val' => $val, 'member_password_pre' => $member_password_pre);
$this->template->content = View::forge('member/recover/reset_password', $data);
$this->template->content->set_safe('html_form', $form->build('member/recover/reset_password'));
// form の action に入る
}
/**
* Admin change email.
*
* @access public
* @return Response
*/
public function action_change_email()
{
\Util_security::check_method('POST');
\Util_security::check_csrf();
$form = $this->form_setting_email();
$val = $form->validation();
if ($val->run()) {
try {
$post = $val->validated();
$email = $post['email'];
\DB::start_transaction();
if (!$this->auth_instance->update_user(array('email' => $email))) {
throw new \FuelException('change email error.');
}
\DB::commit_transaction();
$maildata = array();
$maildata['from_name'] = conf('mail.admin.from_name');
$maildata['from_address'] = conf('mail.admin.from_email');
$maildata['subject'] = term('site.email', 'form.update', 'form.complete') . 'の' . term('site.notice');
$maildata['to_address'] = $email;
$maildata['to_name'] = $this->u->username;
$this->send_change_email_mail($maildata);
\Session::set_flash('message', term('site.email') . 'を変更しました。');
\Response::redirect('admin/setting');
} catch (\EmailValidationFailedException $e) {
$this->display_error(term('member.view') . '登録: 送信エラー', __METHOD__ . ' email validation error: ' . $e->getMessage());
return;
} catch (\EmailSendingFailedException $e) {
$this->display_error(term('member.view') . '登録: 送信エラー', __METHOD__ . ' email sending error: ' . $e->getMessage());
return;
} catch (\Auth\SimpleUserUpdateException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', sprintf('その%sは登録できません。', term('site.email')));
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', term('site.email') . 'の変更に失敗しました。');
}
} else {
\Session::set_flash('error', $val->show_errors());
}
$this->action_email();
}
/**
* The edit_options action.
*
* @access public
* @return void
*/
public function action_edit_options($id = null)
{
if (!$id || !($profile = \Model_Profile::find($id))) {
throw new \HttpNotFoundException();
}
if (!in_array($profile->form_type, \Site_Profile::get_form_types_having_profile_options())) {
throw new \HttpInvalidInputException();
}
$profile_options = \Model_ProfileOption::get4profile_id($id);
$posted_vals = array();
if (\Input::method() == 'POST') {
try {
\Util_security::check_csrf();
$posted_vals = \Input::post('labels');
if (count($posted_vals) != count($profile_options)) {
throw new \httpinvalidinputexception();
}
\DB::start_transaction();
foreach ($profile_options as $profile_option) {
$value = $posted_vals[$profile_option->id];
if (!strlen($value)) {
throw new \httpinvalidinputexception('未入力の項目があります。');
}
if ($value !== $profile_option->label) {
$profile_option->label = $value;
$profile_option->save();
}
}
\DB::commit_transaction();
\Session::set_flash('message', term('profile', 'form.choices') . 'を編集しました。');
\Response::redirect('admin/profile/options/' . $profile->id);
} catch (\FuelException $e) {
if (\DB::in_transaction()) {
\DB::rollback_transaction();
}
\Session::set_flash('error', $e->getMessage());
}
}
$vals = array();
foreach ($profile_options as $profile_option) {
$vals[$profile_option->id] = isset($posted_vals[$profile_option->id]) ? $posted_vals[$profile_option->id] : $profile_option->label;
}
$this->set_title_and_breadcrumbs(sprintf('%s %s: %s', term('profile'), term('form.edit'), $profile->caption));
$this->template->content = \View::forge('profile/edit_options', array('profile' => $profile, 'vals' => $vals, 'profile_options' => $profile_options));
}
