/**
* Pre-execute function for search functions
*
* @param framework\Request $request
*/
public function preExecute(framework\Request $request, $action)
{
$this->forward403unless(framework\Context::getUser()->hasPageAccess('search') && framework\Context::getUser()->canSearchForIssues());
if ($project_key = $request['project_key']) {
$project = entities\Project::getByKey($project_key);
} elseif (is_numeric($request['project_id']) && ($project_id = (int) $request['project_id'])) {
$project = tables\Projects::getTable()->selectById($project_id);
} else {
$project = false;
}
if ($project instanceof entities\Project) {
$this->forward403unless(framework\Context::getUser()->hasProjectPageAccess('project_issues', $project));
framework\Context::getResponse()->setPage('project_issues');
framework\Context::setCurrentProject($project);
}
$this->search_object = entities\SavedSearch::getFromRequest($request);
$this->issavedsearch = $this->search_object instanceof entities\SavedSearch && $this->search_object->getB2DBID();
$this->show_results = $this->issavedsearch || $request->hasParameter('quicksearch') || $request->hasParameter('fs') || $request->getParameter('search', false) ? true : false;
$this->searchterm = $this->search_object instanceof entities\SavedSearch ? $this->search_object->getSearchterm() : '';
$this->searchtitle = $this->search_object instanceof entities\SavedSearch ? $this->search_object->getTitle() : '';
if ($this->issavedsearch) {
if (!($this->search_object instanceof entities\SavedSearch && framework\Context::getUser()->canAccessSavedSearch($this->search_object))) {
framework\Context::setMessage('search_error', framework\Context::getI18n()->__("You don't have access to this saved search"));
}
}
}
protected function _parse_insert_template($matches)
{
switch ($matches[1]) {
case 'CURRENTMONTH':
return date('m');
case 'CURRENTMONTHNAMEGEN':
case 'CURRENTMONTHNAME':
return date('F');
case 'CURRENTDAY':
return date('d');
case 'CURRENTDAYNAME':
return date('l');
case 'CURRENTYEAR':
return date('Y');
case 'CURRENTTIME':
return date('H:i');
case 'NUMBEROFARTICLES':
return 0;
case 'PAGENAME':
return framework\Context::getResponse()->getPage();
case 'NAMESPACE':
return 'None';
case 'TOC':
return isset($this->options['included']) ? '' : '{{TOC}}';
case 'SITENAME':
case 'SITETAGLINE':
return \thebuggenie\core\framework\Settings::getSiteHeaderName();
default:
$details = explode('|', $matches[1]);
$template_name = array_shift($details);
if (substr($template_name, 0, 1) == ':') {
$template_name = substr($template_name, 1);
}
$template_name = Article::doesArticleExist($template_name) ? $template_name : 'Template:' . $template_name;
$template_article = Articles::getTable()->getArticleByName($template_name);
$parameters = array();
if (count($details)) {
foreach ($details as $parameter) {
$param = explode('=', $parameter);
if (count($param) == 2) {
$parameters[$param[0]] = $param[1];
} else {
$parameters[] = $parameter;
}
}
}
if ($template_article instanceof Article) {
return tbg_parse_text($template_article->getContent(), false, null, array('included' => true, 'parameters' => $parameters));
} else {
return $matches[0];
}
}
}
/**
* Returns the logged in user, or default user if not logged in
*
* @param \thebuggenie\core\framework\Request $request
* @param \thebuggenie\core\framework\Action $action
*
* @return \thebuggenie\core\entities\User
*/
public static function loginCheck(framework\Request $request, framework\Action $action)
{
try {
$authentication_method = $action->getAuthenticationMethodForAction(framework\Context::getRouting()->getCurrentRouteAction());
$user = null;
$external = false;
switch ($authentication_method) {
case framework\Action::AUTHENTICATION_METHOD_ELEVATED:
case framework\Action::AUTHENTICATION_METHOD_CORE:
$username = $request['tbg3_username'];
$password = $request['tbg3_password'];
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = $request['tbg3_elevated_password'];
}
$raw = true;
// If no username and password specified, check if we have a session that exists already
if ($username === null && $password === null) {
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$username = framework\Context::getRequest()->getCookie('tbg3_username');
$password = framework\Context::getRequest()->getCookie('tbg3_password');
$user = self::getB2DBTable()->getByUsername($username);
if ($authentication_method == framework\Action::AUTHENTICATION_METHOD_ELEVATED) {
$elevated_password = framework\Context::getRequest()->getCookie('tbg3_elevated_password');
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
} else {
if ($user instanceof User && !$user->hasPasswordHash($elevated_password)) {
framework\Context::setUser($user);
framework\Context::getRouting()->setCurrentRouteName('elevated_login_page');
throw new framework\exceptions\ElevatedLoginException('reenter');
}
}
} else {
if ($user instanceof User && !$user->hasPasswordHash($password)) {
$user = null;
}
}
if (!$user instanceof User) {
framework\Context::logout();
throw new \Exception('No such login');
}
}
}
// If we have authentication details, validate them
if (framework\Settings::isUsingExternalAuthenticationBackend() && $username !== null && $password !== null) {
$external = true;
framework\Logging::log('Authenticating with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
if (framework\Context::getRequest()->hasCookie('tbg3_username') && framework\Context::getRequest()->hasCookie('tbg3_password')) {
$user = $mod->verifyLogin($username, $password);
} else {
$user = $mod->doLogin($username, $password);
}
if (!$user instanceof User) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
}
} catch (\Exception $e) {
throw $e;
}
} elseif (framework\Settings::isUsingExternalAuthenticationBackend()) {
$external = true;
framework\Logging::log('Authenticating without credentials with backend: ' . framework\Settings::getAuthenticationBackend(), 'auth', framework\Logging::LEVEL_INFO);
try {
$mod = framework\Context::getModule(framework\Settings::getAuthenticationBackend());
if ($mod->getType() !== Module::MODULE_AUTH) {
framework\Logging::log('Auth module is not the right type', 'auth', framework\Logging::LEVEL_FATAL);
}
$user = $mod->doAutoLogin();
if ($user == false) {
// Invalid
framework\Context::logout();
throw new \Exception('No such login');
//framework\Context::getResponse()->headerRedirect(framework\Context::getRouting()->generate('login'));
} else {
if ($user == true) {
$user = null;
}
}
} catch (\Exception $e) {
throw $e;
}
} elseif ($username !== null && $password !== null && !$user instanceof User) {
$external = false;
framework\Logging::log('Using internal authentication', 'auth', framework\Logging::LEVEL_INFO);
$user = self::getB2DBTable()->getByUsername($username);
if ($user instanceof User && !$user->hasPassword($password)) {
$user = null;
}
if (!$user instanceof User) {
framework\Context::logout();
}
}
break;
case framework\Action::AUTHENTICATION_METHOD_DUMMY:
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
break;
case framework\Action::AUTHENTICATION_METHOD_CLI:
$user = self::getB2DBTable()->getByUsername(framework\Context::getCurrentCLIusername());
break;
case framework\Action::AUTHENTICATION_METHOD_RSS_KEY:
$user = self::getB2DBTable()->getByRssKey($request['rsskey']);
break;
case framework\Action::AUTHENTICATION_METHOD_APPLICATION_PASSWORD:
$user = self::getB2DBTable()->getByUsername($request['api_username']);
if (!$user->authenticateApplicationPassword($request['api_token'])) {
$user = null;
}
break;
}
if ($user === null && !framework\Settings::isLoginRequired()) {
$user = self::getB2DBTable()->getByUserID(framework\Settings::getDefaultUserID());
}
if ($user instanceof User) {
if (!$user->isActivated()) {
throw new \Exception('This account has not been activated yet');
} elseif (!$user->isEnabled()) {
throw new \Exception('This account has been suspended');
} elseif (!$user->isConfirmedMemberOfScope(framework\Context::getScope())) {
if (!framework\Settings::isRegistrationAllowed()) {
throw new \Exception('This account does not have access to this scope');
}
}
if ($external == false && $authentication_method == framework\Action::AUTHENTICATION_METHOD_CORE) {
$password = $user->getHashPassword();
if (!$request->hasCookie('tbg3_username') && !$user->isGuest()) {
if ($request->getParameter('tbg3_rememberme')) {
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
} else {
framework\Context::getResponse()->setSessionCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setSessionCookie('tbg3_password', $user->getPassword());
}
}
}
} elseif (framework\Settings::isLoginRequired()) {
throw new \Exception('Login required');
} else {
throw new \Exception('No such login');
}
} catch (\Exception $e) {
throw $e;
}
return $user;
}
function tbg_get_stylesheets()
{
return \thebuggenie\core\framework\Context::getResponse()->getStylesheets();
}
public function runAddCommitGitorious(framework\Request $request)
{
framework\Context::getResponse()->setContentType('text/plain');
framework\Context::getResponse()->renderHeaders();
$passkey = framework\Context::getRequest()->getParameter('passkey');
$project_id = framework\Context::getRequest()->getParameter('project_id');
$project = Project::getB2DBTable()->selectByID($project_id);
// Validate access
if (!$project) {
echo 'Error: The project with the ID ' . $project_id . ' does not exist';
exit;
}
if (framework\Settings::get('access_method_' . $project->getID(), 'vcs_integration') == Vcs_integration::ACCESS_DIRECT) {
echo 'Error: This project uses the CLI access method, and so access via HTTP has been disabled';
exit;
}
if (framework\Settings::get('access_passkey_' . $project->getID(), 'vcs_integration') != $passkey) {
echo 'Error: The passkey specified does not match the passkey specified for this project';
exit;
}
// Validate data
$data = html_entity_decode(framework\Context::getRequest()->getParameter('payload', null, false));
if (empty($data) || $data == null) {
die('Error: No payload was provided');
}
$entries = json_decode($data);
if ($entries == null) {
die('Error: The payload could not be decoded');
}
$entries = json_decode($data);
$previous = $entries->before;
// Branch is stored in the ref
$ref = $entries->ref;
$parts = explode('/', $ref);
if (count($parts) == 3) {
$branch = $parts[2];
} else {
$branch = null;
}
// Parse each commit individually
foreach (array_reverse($entries->commits) as $commit) {
$email = $commit->author->email;
$author = $commit->author->name;
$new_rev = $commit->id;
$old_rev = $previous;
$commit_msg = $commit->message;
$time = strtotime($commit->timestamp);
// Add commit
echo Vcs_integration::processCommit($project, $commit_msg, $old_rev, $previous, $time, "", $author, $branch);
$previous = $new_rev;
exit;
}
}
public function doLogin($username, $password, $mode = 1)
{
$validgroups = $this->getSetting('groups');
$base_dn = $this->getSetting('b_dn');
$dn_attr = $this->escape($this->getSetting('dn_attr'));
$username_attr = $this->escape($this->getSetting('u_attr'));
$fullname_attr = $this->escape($this->getSetting('f_attr'));
$buddyname_attr = $this->escape($this->getSetting('b_attr'));
$email_attr = $this->escape($this->getSetting('e_attr'));
$groups_members_attr = $this->escape($this->getSetting('g_attr'));
$user_class = framework\Context::getModule('auth_ldap')->getSetting('u_type');
$group_class = framework\Context::getModule('auth_ldap')->getSetting('g_type');
$email = null;
$integrated_auth = $this->getSetting('integrated_auth');
/*
* Do the LDAP check here.
*
* If a connection error or something, throw an exception and log
*
* If we can, set $mail and $realname to correct values from LDAP
* otherwise don't touch those variables.
*
* To log do:
* framework\Logging::log('error goes here', 'ldap', framework\Logging::LEVEL_FATAL);
*/
try {
/*
* First job is to connect to our control user (may be an anonymous bind)
* so we can find the user we want to log in as/validate.
*/
$connection = $this->connect();
$control_user = $this->getSetting('control_user');
$control_password = $this->getSetting('control_pass');
$this->bind($connection, $control_user, $control_password);
// Assume bind successful, otherwise we would have had an exception
/*
* Search for a user with the username specified. We search in the base_dn, so we can
* find users in multiple parts of the directory, and only return users of a specific
* class (default person).
*
* We want exactly 1 user to be returned. We get the user's full name, email, cn
* and dn.
*/
$fields = array($fullname_attr, $buddyname_attr, $email_attr, 'cn', $dn_attr);
$filter = '(&(objectClass=' . $this->escape($user_class) . ')(' . $username_attr . '=' . $this->escape($username) . '))';
$results = ldap_search($connection, $base_dn, $filter, $fields);
if (!$results) {
framework\Logging::log('failed to search for user: '******'ldap', framework\Logging::LEVEL_FATAL);
throw new \Exception(framework\Context::geti18n()->__('Search failed: ') . ldap_error($connection));
}
$data = ldap_get_entries($connection, $results);
// User does not exist
if ($data['count'] == 0) {
framework\Logging::log('could not find user ' . $username . ', class ' . $user_class . ', attribute ' . $username_attr, 'ldap', framework\Logging::LEVEL_FATAL);
throw new \Exception(framework\Context::geti18n()->__('User does not exist in the directory'));
}
// If we have more than 1 user, something is seriously messed up...
if ($data['count'] > 1) {
framework\Logging::log('too many users for ' . $username . ', class ' . $user_class . ', attribute ' . $username_attr, 'ldap', framework\Logging::LEVEL_FATAL);
throw new \Exception(framework\Context::geti18n()->__('This user was found multiple times in the directory, please contact your administrator'));
}
/*
* If groups are specified, perform group restriction tests
*/
if ($validgroups != '') {
/*
* We will repeat this for every group, but groups are supplied as a comma-separated list
*/
if (strstr($validgroups, ',')) {
$groups = explode(',', $validgroups);
} else {
$groups = array();
$groups[] = $validgroups;
}
// Assumed we are initially banned
$allowed = false;
foreach ($groups as $group) {
// No need to carry on looking if we have access
if ($allowed == true) {
continue;
}
/*
* Find the group we are looking for, we search the entire directory as per users (See that stuff)
* We want to find 1 group, if we don't get 1, silently ignore this group.
*/
$fields2 = array($groups_members_attr);
$filter2 = '(&(objectClass=' . $this->escape($group_class) . ')(cn=' . $this->escape($group) . '))';
$results2 = ldap_search($connection, $base_dn, $filter2, $fields2);
if (!$results2) {
framework\Logging::log('failed to search for user after binding: ' . ldap_error($connection), 'ldap', framework\Logging::LEVEL_FATAL);
throw new \Exception(framework\Context::geti18n()->__('Search failed ') . ldap_error($connection));
}
$data2 = ldap_get_entries($connection, $results2);
if ($data2['count'] != 1) {
continue;
}
/*
* Look through the group's member list. If we are found, grant access.
*/
foreach ($data2[0][strtolower($groups_members_attr)] as $member) {
$member = preg_replace('/(?<=,) +(?=[a-zA-Z])/', '', $member);
$user_dn = preg_replace('/(?<=,) +(?=[a-zA-Z])/', '', $data[0][strtolower($dn_attr)][0]);
if (!is_numeric($member) && strtolower($member) == strtolower($user_dn)) {
$allowed = true;
}
}
}
if ($allowed == false) {
throw new \Exception(framework\Context::getI18n()->__('You are not a member of a group allowed to log in'));
}
}
/*
* Set user's properties.
* Realname is obtained from directory, if not found we set it to the username
* Email is obtained from directory, if not found we set it to blank
*/
if (!array_key_exists(strtolower($fullname_attr), $data[0])) {
$realname = $username;
} else {
$realname = $data[0][strtolower($fullname_attr)][0];
}
if (!array_key_exists(strtolower($buddyname_attr), $data[0])) {
$buddyname = $username;
} else {
$buddyname = $data[0][strtolower($buddyname_attr)][0];
}
if (!array_key_exists(strtolower($email_attr), $data[0])) {
$email = '';
} else {
$email = $data[0][strtolower($email_attr)][0];
}
/*
* If we are performing a non integrated authentication login,
* now bind to the user and see if the credentials
* are valid. We bind using the full DN of the user, so no need for DOMAIN\ stuff
* on Windows, and more importantly it fixes other servers.
*
* If the bind fails (exception), we throw a nicer exception and don't continue.
*/
if ($mode == 1 && !$integrated_auth) {
try {
if (!is_array($data[0][strtolower($dn_attr)])) {
$dn = $data[0][strtolower($dn_attr)];
} else {
$dn = $data[0][strtolower($dn_attr)][0];
}
$bind = $this->bind($connection, $this->escape($dn), $password);
} catch (\Exception $e) {
throw new \Exception(framework\Context::geti18n()->__('Your password was not accepted by the server'));
}
} elseif ($mode == 1) {
if (!isset($_SERVER[$this->getSetting('integrated_auth_header')]) || $_SERVER[$this->getSetting('integrated_auth_header')] != $username) {
throw new \Exception(framework\Context::geti18n()->__('HTTP authentication internal error.'));
}
}
} catch (\Exception $e) {
ldap_unbind($connection);
throw $e;
}
try {
/*
* Get the user object. If the user exists, update the user's
* data from the directory.
*/
$user = \thebuggenie\core\entities\User::getByUsername($username);
if ($user instanceof \thebuggenie\core\entities\User) {
$user->setBuddyname($buddyname);
$user->setRealname($realname);
$user->setPassword($user->getJoinedDate() . $username);
// update password
$user->setEmail($email);
// update email address
$user->save();
} else {
/*
* If not, and we are performing an initial login, create the user object
* if we are validating a log in, kick the user out as the session is invalid.
*/
if ($mode == 1) {
// create user
$user = new \thebuggenie\core\entities\User();
$user->setUsername($username);
$user->setRealname('temporary');
$user->setBuddyname($username);
$user->setEmail('temporary');
$user->setEnabled();
$user->setActivated();
$user->setJoined();
$user->setPassword($user->getJoinedDate() . $username);
$user->save();
} else {
throw new \Exception('User does not exist in TBG');
}
}
} catch (\Exception $e) {
ldap_unbind($connection);
throw $e;
}
ldap_unbind($connection);
/*
* Set cookies and return user row for general operations.
*/
framework\Context::getResponse()->setCookie('tbg3_username', $username);
framework\Context::getResponse()->setCookie('tbg3_password', \thebuggenie\core\entities\User::hashPassword($user->getJoinedDate() . $username, $user->getSalt()));
return \thebuggenie\core\entities\tables\Users::getTable()->getByUsername($username);
}
public function componentLogin()
{
$this->selected_tab = isset($this->section) ? $this->section : 'login';
$this->options = $this->getParameterHolder();
if (framework\Context::hasMessage('login_referer')) {
$this->referer = htmlentities(framework\Context::getMessage('login_referer'), ENT_COMPAT, framework\Context::getI18n()->getCharset());
} elseif (array_key_exists('HTTP_REFERER', $_SERVER)) {
$this->referer = htmlentities($_SERVER['HTTP_REFERER'], ENT_COMPAT, framework\Context::getI18n()->getCharset());
} else {
$this->referer = framework\Context::getRouting()->generate('dashboard');
}
try {
$this->loginintro = null;
$this->registrationintro = null;
$this->loginintro = \thebuggenie\modules\publish\entities\tables\Articles::getTable()->getArticleByName('LoginIntro');
$this->registrationintro = \thebuggenie\modules\publish\entities\tables\Articles::getTable()->getArticleByName('RegistrationIntro');
} catch (\Exception $e) {
}
if (framework\Settings::isLoginRequired()) {
framework\Context::getResponse()->deleteCookie('tbg3_username');
framework\Context::getResponse()->deleteCookie('tbg3_password');
$this->error = framework\Context::geti18n()->__('You need to log in to access this site');
} elseif (!framework\Context::getUser()->isAuthenticated()) {
$this->error = framework\Context::geti18n()->__('Please log in');
} else {
//$this->error = framework\Context::geti18n()->__('Please log in');
}
}
/**
* Do login (AJAX call)
*
* @Route(name="login", url="/do/login")
* @AnonymousRoute
*
* @param \thebuggenie\core\framework\Request $request
*/
public function runDoLogin(framework\Request $request)
{
$i18n = framework\Context::getI18n();
$options = $request->getParameters();
$forward_url = framework\Context::getRouting()->generate('home');
if ($request->hasParameter('persona') && $request['persona'] == 'true') {
$url = 'https://verifier.login.persona.org/verify';
$assert = filter_input(INPUT_POST, 'assertion', FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
//Use the $_POST superglobal array for PHP < 5.2 and write your own filter
$params = 'assertion=' . urlencode($assert) . '&audience=' . urlencode(framework\Context::getURLhost() . ':80');
$ch = curl_init();
$options = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_POST => 2, CURLOPT_POSTFIELDS => $params);
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
$details = json_decode($result);
$user = null;
if ($details->status == 'okay') {
$user = entities\User::getByEmail($details->email);
if ($user instanceof entities\User) {
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
framework\Context::getResponse()->setCookie('tbg3_persona_session', true);
$user->setOnline();
$user->save();
return $this->renderJSON(array('status' => 'login ok', 'redirect' => in_array($request['referer_route'], array('home', 'login'))));
}
}
if (!$user instanceof entities\User) {
$this->getResponse()->setHttpStatus(401);
$this->renderJSON(array('message' => $this->getI18n()->__('Invalid login')));
}
return;
}
if (framework\Settings::isOpenIDavailable()) {
$openid = new \LightOpenID(framework\Context::getRouting()->generate('login_page', array(), false));
}
if (framework\Settings::isOpenIDavailable() && !$openid->mode && $request->isPost() && $request->hasParameter('openid_identifier')) {
$openid->identity = $request->getRawParameter('openid_identifier');
$openid->required = array('contact/email');
$openid->optional = array('namePerson/first', 'namePerson/friendly');
return $this->forward($openid->authUrl());
} elseif (framework\Settings::isOpenIDavailable() && $openid->mode == 'cancel') {
$this->error = framework\Context::getI18n()->__("OpenID authentication cancelled");
} elseif (framework\Settings::isOpenIDavailable() && $openid->mode) {
try {
if ($openid->validate()) {
if ($this->getUser()->isAuthenticated() && !$this->getUser()->isGuest()) {
if (tables\OpenIdAccounts::getTable()->getUserIDfromIdentity($openid->identity)) {
framework\Context::setMessage('openid_used', true);
throw new \Exception('OpenID already in use');
}
$user = $this->getUser();
} else {
$user = entities\User::getByOpenID($openid->identity);
}
if ($user instanceof entities\User) {
$attributes = $openid->getAttributes();
$email = array_key_exists('contact/email', $attributes) ? $attributes['contact/email'] : null;
if (!$user->getEmail()) {
if (array_key_exists('contact/email', $attributes)) {
$user->setEmail($attributes['contact/email']);
}
if (array_key_exists('namePerson/first', $attributes)) {
$user->setRealname($attributes['namePerson/first']);
}
if (array_key_exists('namePerson/friendly', $attributes)) {
$user->setBuddyname($attributes['namePerson/friendly']);
}
if (!$user->getNickname() || $user->isOpenIdLocked()) {
$user->setBuddyname($user->getEmail());
}
if (!$user->getRealname()) {
$user->setRealname($user->getBuddyname());
}
$user->save();
}
if (!$user->hasOpenIDIdentity($openid->identity)) {
tables\OpenIdAccounts::getTable()->addIdentity($openid->identity, $user->getID());
}
framework\Context::getResponse()->setCookie('tbg3_password', $user->getPassword());
framework\Context::getResponse()->setCookie('tbg3_username', $user->getUsername());
$user->setOnline();
$user->save();
if ($this->checkScopeMembership($user)) {
return true;
}
return $this->forward(framework\Context::getRouting()->generate(framework\Settings::get('returnfromlogin')));
} else {
$this->error = framework\Context::getI18n()->__("Didn't recognize this OpenID. Please log in using your username and password, associate it with your user account in your account settings and try again.");
}
} else {
$this->error = framework\Context::getI18n()->__("Could not validate against the OpenID provider");
}
} catch (\Exception $e) {
$this->error = framework\Context::getI18n()->__("Could not validate against the OpenID provider: %message", array('%message' => htmlentities($e->getMessage(), ENT_COMPAT, framework\Context::getI18n()->getCharset())));
}
} elseif ($request->getMethod() == framework\Request::POST) {
try {
if ($request->hasParameter('tbg3_username') && $request->hasParameter('tbg3_password') && $request['tbg3_username'] != '' && $request['tbg3_password'] != '') {
$user = entities\User::loginCheck($request, $this);
$user->setOnline();
$user->save();
framework\Context::setUser($user);
if ($this->checkScopeMembership($user)) {
return true;
}
if ($request->hasParameter('return_to')) {
$forward_url = $request['return_to'];
} else {
if (framework\Settings::get('returnfromlogin') == 'referer') {
$forward_url = $request->getParameter('tbg3_referer', framework\Context::getRouting()->generate('dashboard'));
} else {
$forward_url = framework\Context::getRouting()->generate(framework\Settings::get('returnfromlogin'));
}
}
$forward_url = htmlentities($forward_url, ENT_COMPAT, framework\Context::getI18n()->getCharset());
} else {
throw new \Exception('Please enter a username and password');
}
} catch (\Exception $e) {
if ($request->isAjaxCall()) {
$this->getResponse()->setHttpStatus(401);
framework\Logging::log($e->getMessage(), 'openid', framework\Logging::LEVEL_WARNING_RISK);
return $this->renderJSON(array("error" => $i18n->__("Invalid login details")));
} else {
$this->forward403($e->getMessage());
}
}
} else {
if ($request->isAjaxCall()) {
$this->getResponse()->setHttpStatus(401);
return $this->renderJSON(array("error" => $i18n->__('Please enter a username and password')));
} else {
$this->forward403($i18n->__('Please enter a username and password'));
}
}
if (!isset($user)) {
$this->forward403($i18n->__("Invalid login details"));
}
if ($this->checkScopeMembership($user)) {
return true;
}
$user->setOnline();
$user->save();
if ($request->isAjaxCall()) {
return $this->renderJSON(array('forward' => $forward_url));
} else {
$this->forward($this->getRouting()->generate('account'));
}
}
<?php
\thebuggenie\core\framework\Context::getResponse()->addHeader('Content-Disposition: attachment; filename="' . $searchtitle . '.csv"');
include_component('search/results_normal_csv', compact('search_object'));
<?php
/**
* Configuration for theme
*/
\thebuggenie\core\framework\Context::getResponse()->addStylesheet('firehouse/firehouse.css');
\thebuggenie\core\framework\Settings::setIconsetName('oxygen');
