function admin_files_create() { // Require admin login if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin')) redirect_to('/'); $this->load_outer_template('admin'); $m_files = instance_model('files'); if(isset($_POST['Submit'])) { $file_name = $_FILES['file']['name']; $file_mime = $_FILES['file']['type']; $error = false; if(!in_array(strtolower(pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION)), $GLOBALS['allowed_ext_files'])) { $error = true; new_flash('File type is not allowed',1); } else { $is_image = false; $unique_id = sha1(time()); $tmppath = TMPFILES . '/' . $unique_id . '_' . $_FILES['file']['name']; if(isset($_FILES['file']) && move_uploaded_file($_FILES['file']['tmp_name'], $tmppath)) { // preprocess images try { $is_image = true; $im = new Imagick($tmppath); $im->adaptiveResizeImage('620','620', true); $im->writeImage($tmppath); $im->destroy(); } // Handle outher file types catch(exception $e){ $is_image = false; } } else { $error = true; new_flash('File failed to upload',1); } } if($error == false) { $newloc = 'res/files/'; // Check name is unique $hard_file_name = $file_name; $ctr = 0; for(;;) { if($ctr > 200) throw new exception('Could not create unique file name'); if(file_exists($newloc . $hard_file_name)) { $ctr += 1; // add number to file name $split_name = explode('.', $file_name); $base = array_shift($split_name); $ext = implode('.', $split_name); $hard_file_name = $base . '_' . $ctr . '.' . $ext; } else break; } $file_name = $hard_file_name; // move image file rename($tmppath, $newloc . $file_name); $size = filesize($newloc . $file_name); if($is_image) { // generate thumbnail $im = new Imagick($newloc . $file_name); $im->cropThumbnailImage('130','98'); $im->writeImage($newloc . 'thumbs/' . $file_name); $im->destroy(); } $m_files->create($file_name, $size, $file_mime, $is_image); redirect_to(make_url('files', 'admin_files')); } } $view = instance_view('files/admin/upload'); $view = $view->parse_to_variable(array( 'form_url' => make_url('files', 'admin_files_create'), 'back_url' => make_url('files', 'admin_files'), 'title' => 'Upload file' )); $this->set_template_paramiters(array( 'content' => $view )); }
function avatar() { if(!isset($_SESSION['active_user'])) redirect_to(make_url("users")); $usr = instance_model('users'); $user = $usr->get_user_by_id($_SESSION['active_user']['id']); if($user == array()) throw new no_such_user_exception(); if(!isset($_POST['Submit'])) { // Display main $view = instance_view('settings_avatar'); $view = $view->parse_to_variable(array( 'user' => $user)); } else { // Validate file type $type = array_pop(preg_split('/\./', $_FILES['file']['name'])); $valid_extensions = array('png', 'jpg', 'jpeg', 'JPG', 'JPEG'); for($found_type = 0; $found_type < count($valid_extensions); $found_type ++) if($type == $valid_extensions[$found_type]) { $found_type = -1; break; } if($found_type != -1) { new_flash('Invalid file type', 1); redirect_to(make_url('settings', 'avatar')); } $tmpname = 'media/' . sha1(time()) . '.' . $type; if (@move_uploaded_file($_FILES['file']['tmp_name'], $tmpname)) { // Load the image if($type == 'png') $img = @imagecreatefrompng($tmpname); else $img = @imagecreatefromjpeg($tmpname); if($img == false) { new_flash('Problem with image', 1); redirect_to(make_url('settings', 'avatar')); } // Resize $oldsize = getimagesize($tmpname); $img_n = imagecreatetruecolor(100, 100); imagecopyresampled($img_n, $img, 0, 0, 0, 0, 100, 100, $oldsize[0], $oldsize[1]); $avatar = 'media/' . $_SESSION['active_user']['name'] . '.jpg'; $result = imagejpeg($img_n, $avatar , 90); unlink($tmpname); if($result == false) { new_flash('Problem with image', 1); redirect_to(make_url('settings', 'avatar')); } print make_ext_url($avatar); $usr->update_avatar($user[0]['ID'], make_ext_url($avatar)); // Delete the old avatar as long as it is not the default $old_avatar = basename($user[0]['Avatar']); if(preg_match('/.+default_avatar\.jpg/', $old_avatar)) unlink('media/' . $old_avatar); redirect_to(make_url('settings', 'avatar')); } else { new_flash("File failed to upload"); redirect_to(make_url('settings', 'avatar')); } } // Display sidebar $sb_view = instance_view("settings_sidebar"); $sb_view = $sb_view->parse_to_variable(array( 'uid' => $_SESSION['active_user']['id'], 'uname' => $_SESSION['active_user']['name'])); $this->set_template_paramiters( array('main_content' => $view, 'sidebar' => $sb_view)); }
function admin_navi_edit() { // Require admin login if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin')) redirect_to('/'); $this->load_outer_template('admin'); if(!isset($this->params[2]) || (!is_numeric($this->params[2]))) throw new exception("No link specified"); $item = $this->params[2]; $m_navi = instance_model('navigation'); $navi = $m_navi->get_by_id($item); if($navi == array()) throw new exception("Link does not exist"); if(isset($_POST['Submit'])) { $title = $_POST['title']; $type = $_POST['type']; $data = $_POST['data']; $error = false; if($title == '') { $error = true; new_flash('Please enter a title', 1); } if($type == 'page') { $m_page = instance_model('page'); $page = $m_page->get_by_id($data); if($page == array()) { $error = true; new_flash('Page does not exist', 1); } } else if($type == 'url') { if($data == '') { $error = true; new_flash('Please enter a URL', 1); } } else { $error = true; new_flash('Unknown type', 1); } if($error == false) { $navi[0]['Title'] = $title; $navi[0]['Type'] = $type; $navi[0]['Data'] = $data; $m_navi->update_table('navigation', 'ID', $navi[0]); redirect_to(make_url('navi', 'admin_navi')); } } else { $title = $navi[0]['Title']; $type = $navi[0]['Type']; $data = $navi[0]['Data']; } $view = instance_view('navi/admin/edit_main'); $view = $view->parse_to_variable(array( 'ajax_url' => make_url('navi', 'ajax_admin_navi_edit'), 'form_url' => make_url('navi', 'admin_navi_edit', $item), 'back_url' => make_url('navi', 'admin_navi'), 'page_title' => 'Edit navi link', 'title' => $title, 'type' => $type, 'data' => $data, 'types' => array('url' => 'URL', 'page' => 'Static Page') )); $this->set_template_paramiters(array( 'content' => $view )); }
function destroy($rmt = false) { $this->outer_template = null; if(!isset($_SESSION['active_user'])) redirect_to(make_url('users', 'login')); if(!isset($_POST['Submit'])) redirect_to(make_url('messages')); $local_id = $_SESSION['active_user']['id']; $rel = instance_model('relations'); $usr = instance_model('users'); if($rmt == false) $rmt = instance_model('remotes'); // Get local user $user = $usr->get_user_by_id($local_id); if($user == array()) throw new no_such_user_exception(); // get user being followed $flw_user = $rel->get_following_by_id($local_id, $_POST['id']); if($flw_user == array()) throw new no_such_user_exception(); // Send remove ping $response = $rmt->send_ping($flw_user[0]['Relation_pingback'], 'remove', $flw_user[0]['Remote_name'], $user[0]['Pub_key'], $user[0]['Priv_key'], make_follow_url($user[0]['User_name'])); $response = $rmt->decode_ping_response($response); // If ping failed, display error message if($response->state == 'fail') { new_flash('User not found on remote', 1); redirect_to(make_url('messages')); } // remove from local db if successful $rel->remove_following_by_id($local_id, $_POST['id']); redirect_to(make_url('messages')); }
function profile() { $flash = 'The specified user does not exist, here are the users on this node'; if(!isset($this->params[2])) { new_flash($flash, 1); redirect_to(make_url('users')); } $user_name = $this->params[2]; $usr = instance_model('users'); $user = $usr->get_user_by_name($user_name); if($user == array()) { new_flash($flash, 1); redirect_to(make_url('users')); } $msg = instance_model('messages'); $messages = $msg->get_by_user_id($user[0]['ID']); $view = instance_view('profile'); $view = $view->parse_to_variable(array( 'messages' => $messages, 'user' => $user, 'form_message' => 'Delete', 'form_target' => make_url('messages', 'destroy'))); $sb_view = instance_view('profile_sidebar'); $sb_view = $sb_view->parse_to_variable(array( 'uid' => $user[0]['ID'], 'uname' => $user[0]['User_name'], 'fname' => $user[0]['Full_name'], 'location' => $user[0]['Location'], 'web' => $user[0]['Web'], 'bio' => $user[0]['Bio'])); // Display $this->set_template_paramiters( array('main_content' => $view, 'sidebar' => $sb_view)); }
function destroy_public() { if(!isset($_SESSION['active_user'])) redirect_to(make_url('users', 'login')); if(!isset($_POST['Submit'])) redirect_to(make_url('dmessages', 'public_msg')); $user_id = $_SESSION['active_user']['id']; // get message $dm = instance_model('direct_message'); $message = $dm->get_by_id($user_id, $_POST['id']); if($message == array()) { new_flash('Message does not exist', 1); redirect_to(make_url('dmessages', 'public_msg')); } // Delete $dm->delete_by_id($user_id, $_POST['id']); redirect_to(make_url('dmessages', 'public_msg')); }
function admin_gallery_create() { // Require admin login if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin')) redirect_to('/'); $this->load_outer_template('admin'); if(!isset($this->params[2]) || (!is_numeric($this->params[2]))) throw new exception("No set specified"); $item = $this->params[2]; //$m_gallery = instance_model('gallery'); $m_member = instance_model('members'); $m_set = instance_model('gallery_set'); //$gallery = $m_gallery->get_in_set($item); $set = $m_set->get_by_id($item); if($set == array()) throw new exception('Set does not exist'); $member = $m_member->get_by_id($set[0]['Owner']); if($member == array()) throw new exception('Owning member does not exist'); $title = ''; if(isset($_POST['Submit'])) { $file_name = $_FILES['file']['name']; $file_mime = $_FILES['file']['type']; $error = false; if(!in_array(strtolower(pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION)), $GLOBALS['allowed_ext'])) { $error = true; new_flash('File type is not allowed',1); } $is_image = false; $unique_id = sha1(time()); $tmppath = TMPFILES . '/' . $unique_id . '_' . $_FILES['file']['name']; if(isset($_FILES['file']) && move_uploaded_file($_FILES['file']['tmp_name'], $tmppath)) { // preprocess images try { $is_image = true; $im = new Imagick($tmppath); $im->adaptiveResizeImage('620','620', true); $im->writeImage($tmppath); $im->destroy(); } // Handle outher file types catch(exception $e){ $error = true; new_flash('Could not read file',1); } } else { $error = true; new_flash('File failed to upload',1); } if($error == false) { if(!file_exists('res/gallery/' . $member[0]['Clean_title'])) mkdir('res/gallery/' . $member[0]['Clean_title']); if(!file_exists('res/gallery/' . $member[0]['Clean_title'] . '/thumbs')) mkdir('res/gallery/' . $member[0]['Clean_title'] . '/thumbs'); // move image file $newloc = 'res/gallery/' . $member[0]['Clean_title']; $hard_file_name = $file_name; $ctr = 0; for(;;) { if($ctr > 200) throw new exception('Could not create unique file name'); if(file_exists($newloc . '/' . $hard_file_name)) { $ctr += 1; // add number to file name $split_name = explode('.', $file_name); $base = array_shift($split_name); $ext = implode('.', $split_name); $hard_file_name = $base . '_' . $ctr . '.' . $ext; } else break; } $file_name = $hard_file_name; // move file rename($tmppath, $newloc . '/' . $file_name); // generate thumbnail $im = new Imagick($newloc . '/' . $file_name); $im->cropThumbnailImage('130','98'); $im->writeImage($newloc . '/thumbs/' . $file_name); $im->destroy(); $m_gallery = instance_model('gallery'); $m_gallery->create($item, $file_name); redirect_to(make_url('members', 'admin_gallery', $item)); } } $view = instance_view('files/admin/upload'); $view = $view->parse_to_variable(array( 'form_url' => make_url('members', 'admin_gallery_create', $item), 'back_url' => make_url('members', 'admin_gallery', $item), 'title' => 'Upload image' )); $this->set_template_paramiters(array( 'content' => $view )); }
function destroy($rmt = false) { $this->outer_template = null; if(!isset($_SESSION['active_user'])) redirect_to(make_url('users', 'login')); if(!isset($_POST['Submit'])) redirect_to(make_profile_url($_SESSION['active_user']['name'])); $local_id = $_SESSION['active_user']['id']; // Instance models $rel = instance_model('relations'); $usr = instance_model('users'); $msg = instance_model('messages'); if($rmt == false) $rmt = instance_model('remotes'); // Get local user $user = $usr->get_user_by_id($local_id); if($user == array()) throw new no_such_user_exception(); // Get the message $message = $msg->get_by_id($local_id, $_POST['id']); if($message == array()) { new_flash('Message does not exist', 1); redirect_to(make_profile_url($_SESSION['active_user']['name'])); } // Delete $msg->delete_by_id($local_id, $_POST['id']); // Send pings to update remote caches $remote_users = $rel->get_followers($local_id); foreach($remote_users as $rmt_user) $rmt->send_ping($rmt_user['Message_pingback'], "update", 'null', $user[0]['Pub_key'], $user[0]['Priv_key'], make_follow_url($_SESSION['active_user']['name'])); // Redirect redirect_to(make_profile_url($_SESSION['active_user']['name'])); }
function test_get_errors() { new_flash('Something went wrong', 1); $this->assertEquals(get_errors(), $_SESSION['flash']); }
function admin_pages_edit() { // Require admin login if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin')) redirect_to('/'); $this->load_outer_template('admin'); if(!isset($this->params[2]) || (!is_numeric($this->params[2]))) throw new exception("No page specified"); $item = $this->params[2]; $m_page = instance_model('page'); $page = $m_page->get_by_id($item); if($page == array()) throw new exception("Page does not exist"); if(isset($_POST['Submit'])) { $title = $_POST['title']; $old_title = $_POST['old_title']; $content = $_POST['content']; $error = false; if($title == '') { $error = true; new_flash('Please enter a title',1); } if($title != $old_title) { $t_page = $m_page->get_page_by_title($title); if($t_page != array()) { $error = true; new_flash('A page with that name already exsits',1); } } /* if($content == '') { $error = true; new_flash('Please enter some content',1); } */ if($error == false) { $page = $m_page->get_by_id($item); $page[0]['Title'] = $title; // Maintain naming on internal pages to prevent unfound page errors. if($page[0]['Internal'] == 0) { $clean_title = clean_title($title); $page[0]['Clean_title'] = $clean_title; } $page[0]['Content'] = $content; $m_page->update_table('pages', 'ID', $page[0]); redirect_to(make_url('page', 'admin_pages')); } } { $title = $page[0]['Title']; $content = $page[0]['Content']; } $view = instance_view('page/admin/edit_page'); $view = $view->parse_to_variable(array( 'form_url' => make_url('page', 'admin_pages_edit', $item), 'back_url' => make_url('page', 'admin_pages'), 'title' => $title, 'content' => $content )); $this->set_template_paramiters(array( 'content' => $view )); }
function edit() { if(!(isset($_SESSION['active_user']) && $_SESSION['active_user']['type'] == 'admin')) redirect_to('/'); $this->load_outer_template('admin'); $usr = instance_model('users'); if(!isset($_POST['Submit'])) { $user = $usr->get_user_by_id($_SESSION['active_user']['id']); if($user == array()) throw new exception("User does not exist"); $form_vals = make_reg_vals_array('', $user[0]['Ppal_email'], '', ''); // display user edit form $view = instance_view('users/edit'); $view = $view->parse_to_variable(array( 'form_vals' => $form_vals)); $this->set_template_paramiters(array( 'content' => $view )); } else { // reed the form $form_vals = array( 'errs' => array(), 'ppal_email' => $_POST['ppal_email'], 'oldpass' => $_POST['oldpass'], 'pass' => $_POST['pass'], 'pass_v' => $_POST['pass_v']); // Instance users model $test_exists = array(); // Validate email try { validate_email($form_vals['ppal_email']); $test_exists = $usr->get_user_by_email($form_vals['ppal_email']); if($test_exists != array() && $test_exists[0]['ID'] != $_SESSION['active_user']['id']) { new_flash('Email address is already in use', 1); $form_vals['ppal_email'] = ''; } } catch(exception $e) { new_flash('Email address is invalid', 1); } // Validate passwords if($form_vals['oldpass'] != '') { try { $selected_user = $usr->verify_user($_SESSION['active_user']['name'], $form_vals['oldpass']); if($selected_user == false) throw new exception(); if(mb_strlen($form_vals['pass'], 'utf8') < 6) new_flash('Password too short, min 6 charicters', 1); else if(sha1($form_vals['pass']) != sha1($form_vals['pass_v'])) new_flash('Passwords do not match', 1); } catch(redirecting_to $e) { throw $e; } catch(exception $e) { new_flash('Username or password is incorrect', 1); } } if(count(get_errors()) == 0) { // Everything was valid, save, login and redirect $usr->update_user_email($_SESSION['active_user']['id'], $form_vals['ppal_email']); if($form_vals['oldpass']) { $usr->update_password($_SESSION['active_user']['id'], $form_vals['pass']); } new_flash("Settings updated", 1); } // else re-display the register form and show errors //else //{ $view = instance_view("users/edit"); $view = $view->parse_to_variable(array( 'form_vals' => $form_vals)); $this->set_template_paramiters(array( 'content' => $view )); //} } }