/** * Show inbox */ public function inboxAction() { $current_user = Zend_Auth::getInstance()->getIdentity(); $Messages = new Application_Model_Messages(); $Profiles = new Application_Model_Profiles(); $ProfilesMeta = new Application_Model_ProfilesMeta(); $Connections = new Application_Model_Connections(); $request = $this->getRequest(); $user_name = $request->getParam('user', false); $messages = $user = $offset = false; if ($user_name) { $user = $Profiles->getProfile($user_name); if (!$user || $user->type != 'user') { $this->redirect('messages/inbox'); } $users_meta = $ProfilesMeta->getMetaValues($user->id); // check private message privacy if ($current_user->role != 'admin' && $current_user->role != 'reviewer' && isset($users_meta['contact_privacy']) && $users_meta['contact_privacy'] == 'f' && !$Connections->areFriends($current_user->id, $user->id)) { Application_Plugin_Alerts::error($this->view->translate('Private profile (friends only)')); $user = false; } $messages = $Messages->getMessages($user->id); $Messages->markAsRead($user->id); // send last visible message $last = end($messages); $offset = $last['message_id']; } $this->buildMenu($user_name); $this->view->user = $user; $this->view->messages = $messages; $this->view->offset = $offset; $message_form = new Application_Form_Message(); $this->view->message_form = $message_form; }
public function init() { $request = $this->getRequest(); // action name based category $action = $request->getActionName(); $this->page = (int) $request->getParam('page'); if ($this->page < 1) { $this->page = 1; } $url_search_term = trim($this->getRequest()->getParam('term', false)); if ($url_search_term !== false) { // filter search input $filter_st = new Zend_Filter_StripTags(); $url_search_term = $filter_st->filter($url_search_term); $this->search_term = $url_search_term; } // minimum search string $min = 3; if ($url_search_term && strlen($this->search_term) < $min) { $this->search_term = ''; Application_Plugin_Alerts::error($this->view->translate('Search query to short'), 'off'); } // set global search form action & value $this->view->search_category = $action; $this->view->search_term = $this->search_term; // now that we have search_term we can build a menu $this->buildMenu(); }
function loginWithFacebook() { $fb_appid = Zend_Registry::get('config')->get('facebook_appid'); $fb_secret = Zend_Registry::get('config')->get('facebook_secret'); $fb = new Facebook\Facebook(['app_id' => $fb_appid, 'app_secret' => $fb_secret, 'default_graph_version' => 'v2.4']); $helper = $fb->getRedirectLoginHelper(); try { $accessToken = $helper->getAccessToken(); $_SESSION['fb_access_token'] = $accessToken; } catch (Facebook\Exceptions\FacebookResponseException $e) { // When Graph returns an error echo 'Graph returned an error: ' . $e->getMessage(); exit; } catch (Facebook\Exceptions\FacebookSDKException $e) { // When validation fails or other local issues echo 'Facebook SDK returned an error: ' . $e->getMessage(); exit; } if (!isset($accessToken)) { if ($helper->getError()) { header('HTTP/1.0 401 Unauthorized'); echo "Error: " . $helper->getError() . "\n"; echo "Error Code: " . $helper->getErrorCode() . "\n"; echo "Error Reason: " . $helper->getErrorReason() . "\n"; echo "Error Description: " . $helper->getErrorDescription() . "\n"; } else { header('HTTP/1.0 400 Bad Request'); echo 'Bad request'; } exit; } try { // Get the Facebook\GraphNodes\GraphUser object for the current user. // If you provided a 'default_access_token', the '{access-token}' is optional. $response = $fb->get('/me?fields=id,name,email', $accessToken->getValue()); } catch (Facebook\Exceptions\FacebookResponseException $e) { // When Graph returns an error echo 'Graph returned an error: ' . $e->getMessage(); exit; } catch (Facebook\Exceptions\FacebookSDKException $e) { // When validation fails or other local issues echo 'Facebook SDK returned an error: ' . $e->getMessage(); exit; } $fb_user = $response->getGraphUser(); $fb_user_email = $fb_user['email']; $fb_user_display_name = mb_strtolower(preg_replace("/[^A-Za-z0-9]/", '', $fb_user['name']), 'UTF-8'); $defaultres = 64; $bigres = Zend_Registry::get('config')->get('avatar_size') ? Zend_Registry::get('config')->get('avatar_size') : $defaultres; $fb_avatar = 'https://graph.facebook.com/v2.0/' . $fb_user['id'] . '/picture?width=' . $bigres . '&height=' . $bigres; if (!$fb_user_email) { Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('/'); return; } $emailAuthAdapter = Application_Plugin_Common::getEmailAuthAdapter($fb_user_email); $auth = Zend_Auth::getInstance(); $authStorage = $auth->getStorage(); $result = $auth->authenticate($emailAuthAdapter); if ($result->isValid()) { $Profiles = new Application_Model_Profiles(); $user_db_data = $Profiles->getProfileByField('email', $fb_user_email); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); // check if account is activated if (!$Profiles->isActivated($user_db_data->name)) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Please activate your account first'), 'on'); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); } elseif ($user_db_data->is_hidden) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('This account has been deleted or suspended'), 'off'); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); } else { // everything ok, login user $user_data = $emailAuthAdapter->getResultRowObject(); Application_Plugin_Common::loginUser($user_data, $emailAuthAdapter, $authStorage); // trigger hooks $profile_id = $user_data->id; Zend_Registry::get('hooks')->trigger('hook_login', $profile_id); // flush url Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl(''); } } else { // User must create account first... // save tmp facebook data to session $session = new Zend_Session_Namespace('Default'); $session->fb_user_email = $fb_user_email; $session->fb_user_display_name = $fb_user_display_name; $session->fb_avatar = $fb_avatar; // go to register with facebook Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('addons/' . basename(__DIR__) . '/?fb-register'); } }
/** * Register submit */ public function submitRegisterForm($form) { if ($form->isValid($_POST)) { $Profiles = new Application_Model_Profiles(); $name = $form->getValue('regname'); $email = $form->getValue('regemail'); $hash = new Application_Plugin_Phpass(); $password = $hash->HashPassword($form->getValue('regpassword')); $user = $Profiles->createRow(); $user->name = $name; $user->email = $email; $user->password = $password; if (Zend_Registry::get('config')->get('user_activation_disabled')) { // create new user withot activation & login $user->activationkey = 'activated'; $new_profile = $Profiles->createNewUser($user); // auto-login user and store identity $authAdapter = Application_Plugin_Common::getAuthAdapter(); $authAdapter->setIdentity($new_profile->email)->setCredential('whatever')->setCredentialTreatment('autologin'); $auth = Zend_Auth::getInstance(); $auth->authenticate($authAdapter); $identity = $authAdapter->getResultRowObject(); $authStorage = $auth->getStorage(); $authStorage->write($identity); // update last login date $ProfilesMeta = new Application_Model_ProfilesMeta(); $ProfilesMeta->metaUpdate('last_login', Application_Plugin_Common::now(), $identity->id); // show welcome message Application_Plugin_Alerts::success($this->view->translate('Welcome to the network.'), 'on'); } else { // create activation key and sent it to user email $key = $Profiles->generateActivationKey($email); $user->activationkey = $key; $ret = Application_Plugin_Common::sendActivationEmail($email, $name, $key); // email has been sent, proceed if ($ret) { // show success message Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off'); // build url $base_url = Application_Plugin_Common::getFullBaseUrl(); $resendactivation_link = $base_url . '/index/activate/resend/' . $user->name; Application_Plugin_Alerts::info('<a href="' . $resendactivation_link . '">' . Zend_Registry::get('Zend_Translate')->translate('Click here to resend the activation email') . '</a>', 'off', false); // create new user $new_profile = $Profiles->createNewUser($user); } else { // show error message Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Something went wrong, email was not sent.'), 'off'); Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl(''); return; } } // flush url Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl(''); } return $form; }
/** */ public function setImage() { // Form Submitted... if ($this->request->isPost() && $this->form->isValid($_POST)) { // file uploaded? if ($this->form->{$this->file_element}->isUploaded()) { $this->form->{$this->file_element}->receive(); // must have $receive_path = $this->form->{$this->file_element}->getFileName(); $filename = $this->form->{$this->file_element}->getValue(); $extension = strtolower(pathinfo($receive_path, PATHINFO_EXTENSION)); if ($this->profile_name) { // delete old tmp image files $Storage = new Application_Model_Storage(); $StorageAdapter = $Storage->getAdapter(); $StorageAdapter->deleteOldTmpFiles(0, 'profileimage_' . $this->profile_name); $tmp_filename = 'profileimage_' . $this->profile_name . '.' . $extension; // move new file to tmp folder rename($receive_path, TMP_PATH . '/' . $tmp_filename); // check if valid image if (!Application_Plugin_ImageLib::isValidImage(TMP_PATH . '/' . $tmp_filename)) { unlink(TMP_PATH . '/' . $tmp_filename); Application_Plugin_Alerts::error($this->translator->translate('Server-side error'), 'off'); $this->redirector->gotoUrl(); return; } Application_Plugin_Alerts::success($this->translator->translate('You can adjust the picture here'), 'off'); // go back to current page after editing $base_url = Application_Plugin_Common::getFullBaseUrl(false); $callback_url = $base_url . $this->request->getRequestUri() . '/edit_done/1'; // save params to session and redirect to edit page $session = new Zend_Session_Namespace('Default'); $pass_params = array('tmp_image' => $tmp_filename, 'image_type' => $this->image_type, 'callback' => $callback_url, 'profile_name' => $this->profile_name); $session->pass_params = $pass_params; $this->redirector->gotoUrl('images/edit'); } else { // here we store site settings images // i.e. network background image $this->form->{$this->file_element}->receive(); // must have $receive_path = $this->form->{$this->file_element}->getFileName(); $filename = $this->form->{$this->file_element}->getValue(); $extension = strtolower(pathinfo($receive_path, PATHINFO_EXTENSION)); $file_name = $this->image_type . '.' . $extension; // move new file to public image folder rename($receive_path, PUBLIC_PATH . '/images/' . $file_name); // store to app settings & refresh $app_option_key = $this->image_type; $AppOptions = new Application_Model_AppOptions(); $AppOptions->updateOption($app_option_key, $file_name); $current_config = Zend_Registry::get('config'); $current_config->{$app_option_key} = $file_name; Zend_Registry::set('config', $current_config); Application_Plugin_Alerts::success($this->translator->translate('Image uploaded'), 'off'); $base_url = Application_Plugin_Common::getFullBaseUrl(false); $callback_url = $base_url . $this->request->getRequestUri(); // flush url $this->redirector->gotoUrl($callback_url); } } else { if ($this->is_requiered) { // nothing to upload Application_Plugin_Alerts::error($this->translator->translate('Please choose a picture'), 'off'); } } } // somethig went wrong, image too big? if ($this->request->isPost() && !$this->form->isValid($_POST)) { Application_Plugin_Alerts::error($this->translator->translate('File not allowed or too big'), 'off'); } }
/** * Activation link lands here to activate user account */ public function activateAction() { $this->_helper->_layout->setLayout('layout_wide'); // flush if already logged in Zend_Auth::getInstance()->clearIdentity(); $activateaccount_form = new Application_Form_ActivateAccount(); $this->view->activateaccount_form = $activateaccount_form; $key = $this->getRequest()->getParam('key', false); $resend_username = $this->getRequest()->getParam('resend', false); $Profiles = new Application_Model_Profiles(); $ProfilesMeta = new Application_Model_ProfilesMeta(); $userData = $Profiles->getProfileByField('activationkey', $key); if (!$userData || $key == 'activated') { // try if this is a resend $userData = $Profiles->getProfile($resend_username); if (!$userData || $userData->activationkey == 'activated') { $this->redirect(''); } else { $resend_lock = $ProfilesMeta->getMetaValue('resend_activation_lock', $userData->id); $hour_lock = date('H'); // prevent too many attempts if ($resend_lock && $resend_lock == $hour_lock) { Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off'); $this->redirect(''); } $ret = Application_Plugin_Common::sendActivationEmail($userData->email, $userData->name, $userData->activationkey); // email has been sent, show success message if ($ret) { Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off'); // once per day $ProfilesMeta->metaUpdate('resend_activation_lock', $hour_lock, $userData->id); } else { // show error message Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Something went wrong, email was not sent.'), 'off'); } $this->redirect(''); } } $request = $this->getRequest(); if ($request->isPost() && isset($_POST['identifier']) && $_POST['identifier'] == 'ActivateAccount') { if ($activateaccount_form->isValid($_POST)) { if ($Profiles->activateAccount($key)) { // auto-login user and store identity $authAdapter = Application_Plugin_Common::getAuthAdapter(); $authAdapter->setIdentity($userData->email)->setCredential('whatever')->setCredentialTreatment('autologin'); $auth = Zend_Auth::getInstance(); $auth->authenticate($authAdapter); $identity = $authAdapter->getResultRowObject(); $authStorage = $auth->getStorage(); $authStorage->write($identity); // update last login date $ProfilesMeta = new Application_Model_ProfilesMeta(); $ProfilesMeta->metaUpdate('last_login', Application_Plugin_Common::now(), $identity->id); // show welcome message Application_Plugin_Alerts::success($this->view->translate('Welcome to the network.'), 'on'); $this->redirect(''); } } } }
/** * Get user/group data */ public function getProfile($name = null, $get_hidden = false, $check_ownership = false) { if ($name == null && Zend_Auth::getInstance()->hasIdentity()) { $name = Zend_Auth::getInstance()->getIdentity()->name; } $name = $this->getDefaultAdapter()->quote($name); $sql = "\r\n\t\tSELECT\r\n\t\t*\r\n\t\tFROM profiles p\r\n\t\tWHERE name = {$name}\r\n\t\t"; // show hidden users for admin if (Zend_Auth::getInstance()->hasIdentity() && Zend_Auth::getInstance()->getIdentity()->role === 'admin') { $get_hidden = true; } if (!$get_hidden) { $sql .= " AND is_hidden = 0 "; } $result = $this->getDefaultAdapter()->fetchRow($sql, array(), Zend_Db::FETCH_OBJ); // profile does not exitst if (!$result) { return false; } // check ownership if ($check_ownership && !Zend_Auth::getInstance()->hasIdentity() || $check_ownership && Zend_Auth::getInstance()->getIdentity()->id != $result->owner && $check_ownership && Zend_Auth::getInstance()->getIdentity()->id != $result->id && $check_ownership && Zend_Auth::getInstance()->getIdentity()->role !== 'admin') { $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Error - not permitted'), 'off'); $redirector->gotoSimple('index', 'index'); return false; } if ($result->type === 'page') { $Likes = new Application_Model_Likes(); $result->is_liked = $Likes->isLiked($result->id, 'page'); $result->likes_count = $Likes->getLikesCount($result->id, 'page'); } return $result; }
/** * Disable editing of demo accounts */ public static function redirectOnDemoAccount() { $demo_account_name = 'user1'; if (Zend_Auth::getInstance()->hasIdentity() && Zend_Auth::getInstance()->getIdentity()->name == $demo_account_name) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Cannot edit demo user')); $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector'); $redirector->gotoUrl(''); } }
/** * Custom background */ public function setbackgroundpictureAction() { $Profiles = new Application_Model_Profiles(); $ProfilesMeta = new Application_Model_ProfilesMeta(); $request = $this->getRequest(); $request_profile_id = $request->getParam('id', false); $profile = $Profiles->getProfileByField('id', $request_profile_id); if (Zend_Auth::getInstance()->getIdentity()->role == 'admin' && $request_profile_id) { // admin edit $profile_id = $request_profile_id; $this->view->sidebar_editprofile = $profile; // attach sidebar box Zend_Registry::get('hooks')->attach('hook_view_sidebar', 5, function () { echo Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer')->view->render('/_sidebar/editprofile.phtml'); }); } elseif ($request_profile_id && $Profiles->getProfile($profile->name, false, true)) { // users pages & groups $this->buildMenu(true); $profile_id = $request_profile_id; } else { // user profile $this->buildMenu(); $profile_id = Zend_Auth::getInstance()->getIdentity()->id; } $profile_name = Zend_Auth::getInstance()->getIdentity()->name; $form = new Application_Form_CustomBackground(); $current_background_file = $ProfilesMeta->getMetaValue('background_file', $profile_id); $Storage = new Application_Model_Storage(); $StorageAdapter = $Storage->getAdapter(); if ($request->isPost() && $form->isValid($_POST)) { // file uploaded? if ($form->background->isUploaded()) { $form->background->receive(); // must have $receive_path = $form->background->getFileName(); $filename = $form->background->getValue(); $extension = strtolower(pathinfo($receive_path, PATHINFO_EXTENSION)); $tmp_filename = 'profileimage_' . $profile_name . '.' . $extension; // delete old tmp image files $StorageAdapter->deleteOldTmpFiles(0, 'profileimage_' . $profile_name); // move new file to tmp folder rename($receive_path, TMP_PATH . '/' . $tmp_filename); // check if valid image if (!Application_Plugin_ImageLib::isValidImage(TMP_PATH . '/' . $tmp_filename)) { unlink(TMP_PATH . '/' . $tmp_filename); Application_Plugin_Alerts::error($this->view->translate('Server-side error'), 'off'); $this->redirect(); return; } // delete old file $StorageAdapter->deleteFileFromStorage($current_background_file, 'cover'); // move uploaded file to permanent location $current_background_file = $StorageAdapter->moveFileToStorage($tmp_filename, 'cover'); // update db $ProfilesMeta->metaUpdate('background_file', $current_background_file, $profile_id); } $ProfilesMeta->metaUpdate('background_repeat', $form->getValue('background_repeat'), $profile_id); $ProfilesMeta->metaUpdate('background_scroll', $form->getValue('background_scroll'), $profile_id); $ProfilesMeta->metaUpdate('background_stretch', $form->getValue('background_stretch'), $profile_id); $ProfilesMeta->metaUpdate('background_noimage', $form->getValue('background_noimage'), $profile_id); Application_Plugin_Alerts::success($this->view->translate('Settings updated, please clear your browser cache'), 'off'); } $this->view->image = $current_background_file ? $StorageAdapter->getStoragePath('cover') . $current_background_file : false; $this->view->form = $form; $this->view->load_colorpicker = true; }
/** * Show single post on profile's wall */ public function showpostAction() { $post_id = $this->getRequest()->getParam('post'); // important, flush if profile not found if (!$this->profile) { $this->redirect(''); } $this->prepareProfile($this->profile); // load addPost form if ($this->profile->type === 'user') { $show_privacy_btn = true; } else { $show_privacy_btn = false; } $this->_helper->addPostFormLoader($this->profile->name, $show_privacy_btn); // load single post $Posts = new Application_Model_Posts(); // Add coment form $add_comment_form = new Application_Form_AddComment(); $this->view->add_comment_form = $add_comment_form; $Posts->show_hidden_comments = true; $data = $Posts->getPosts(null, $post_id); if (!$data) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('This post is private or does not exists'), 'off'); } $this->view->posts_data = $data; $this->view->profile_type = $this->profile->type; // render classic profile view $this->render('show'); }