/**
* @param Request $request
*
* @return bool
*/
public function searchAuthors(Request $request)
{
$field = Validator::sanitizeText($request->get('field'));
$search = Validator::sanitizeText($request->get('search'));
if (!$search) {
$this->errors[] = 'Your search input is invalid';
return false;
}
$search_words = explode(' ', $search);
$repo = new AuthorRepository($this->db);
switch (true) {
case $field === 'given':
foreach ($search_words as $word) {
$repo->where('given', 'LIKE', '%' . $word . '%');
}
break;
case $field === 'family':
foreach ($search_words as $word) {
$repo->where('family', 'LIKE', '%' . $word . '%');
}
break;
case $field === 'about':
foreach ($search_words as $word) {
$repo->where('about', 'LIKE', '%' . $word . '%');
}
break;
default:
throw new UnexpectedValueException();
}
$this->result = $repo->order('family', 'ASC')->find();
return true;
}
/** @noinspection PhpUnusedPrivateMethodInspection
* @param Request $request
*
* @return bool
*/
private function sendNewPassword(Request $request)
{
$user_id = Validator::sanitizeText($request->post('user_id'));
if (!$user_id) {
throw new UnexpectedValueException();
}
$repo = new UserRepository($this->db);
$user = $repo->where('id', '=', $user_id)->findSingle();
$password = $this->auth->generatePassword();
//print_r('new pw is '.$password); // TODO remove this
$this->auth->setPassword($user->getName(), $password);
$subject = 'Your password at ' . Request::createUrl() . ' was reset!';
$message = 'Greetings,' . "\n\n" . $this->auth->getCurrentUser()->getName() . ' has reset your password for you at ' . Request::createUrl() . '.' . "\n\n";
$message .= 'The new temporary password is: ' . $password . "\n";
$message .= "\n" . 'Please change your password soon at ' . Request::createUrl(array('p' => 'user')) . '!';
if (MailHandler::sendMail($user->getMail(), $subject, $message)) {
return true;
} else {
$this->errors[] = 'The mail to the user could not be sent';
return false;
}
}
/** @noinspection PhpUnusedPrivateMethodInspection
* @param Request $request
*
* @return string
* @throws Exception
* @throws NotFoundException
*/
private function login(Request $request)
{
$errors = array();
if ($request->post('username') && $request->post('password')) {
$username = Validator::sanitizeText($request->post('username'));
$password = Validator::sanitizeText($request->post('password'));
if ($this->auth->login($username, $password)) {
$destination = !empty($_SESSION['referrer']) ? $_SESSION['referrer'] : Request::createUrl(array(), true);
$this->redirect($destination);
} else {
$errors[] = 'Invalid user name or password';
}
}
$view = new View('login', $errors);
return $view->display();
}
/** @noinspection PhpUnusedPrivateMethodInspection
* @param Request $request
*
* @return bool
* @throws PermissionRequiredException
* @throws exceptions\LoginRequiredException
*/
private function edit(Request $request)
{
if (!$this->auth->checkPermission(Auth::EDIT_PUBLICATION)) {
throw new PermissionRequiredException(Auth::EDIT_PUBLICATION);
}
$id = Validator::sanitizeNumber($request->get('id'));
$type = Validator::sanitizeText($request->post('type'));
if (!$id || !$type) {
throw new UnexpectedValueException();
}
$validator = $this->model->getValidator($type);
if ($validator->validate($request->post())) {
$input = $validator->getSanitizedResult();
$this->model->update($id, $input);
return true;
} else {
$this->errors = array_merge($this->errors, $validator->getErrors());
return false;
}
}
/** @noinspection PhpUnusedPrivateMethodInspection
* @param Request $request
*
* @return bool|int
*/
private function changePassword(Request $request)
{
$password = Validator::sanitizeText($request->post('password'));
if (!$password || !$this->auth->validateLogin($this->user->getName(), $password)) {
$this->errors[] = 'Invalid current password';
return false;
}
$password_new = Validator::sanitizeText($request->post('password_new'));
$password_confirm = Validator::sanitizeText($request->post('password_confirm'));
if (!$password_new || !$password_confirm) {
$this->errors[] = 'New password required but invalid';
return false;
}
if ($password_new !== $password_confirm) {
$this->errors[] = 'Entered passwords are not the same';
return false;
}
return $this->auth->setPassword($this->user->getName(), $password_new);
}
/**
*
* @param string $url
*
* @return boolean
*/
private function getInputFromUrl($url)
{
if (ini_get('allow_url_fopen')) {
$sccOpts = array('http' => array('timeout' => 200));
$input = @file_get_contents($url, false, stream_context_create($sccOpts));
if ($input) {
return Validator::sanitizeText($input);
}
} else {
$this->errors[] = 'Can not get content from URL. file_get_contents is disabled by server configuration allow_url_fopen=0';
}
return false;
}
