static function buildNavbar()
{
$html = '';
$role = AuthHandler::getRole();
$acl = $GLOBALS['acl'];
$logged = $role !== ROLE_GUEST;
// Put branding bar if we want one
if (getConfiguration('branding.enable')) {
$html .= ViewRenderer::renderToString('views/branding.php');
}
$html .= '<div id="navbar">';
if ($logged) {
$pages =& self::$pagesMember;
// Put the right ref on the logout link
$pages[4]['params'] = array('ref' => Utils::getRunningScript());
// If we have no ride yet, the name of join.php is still "Join"
if (!AuthHandler::isRideRegistered()) {
$pages[1]['name'] = 'Join';
}
} else {
$pages =& self::$pagesGuest;
}
$str = '<ol>';
foreach ($pages as $page) {
if ($acl->isAllowed($role, $page['href'])) {
$str .= '<li><a href="' . Utils::buildLocalUrl($page['href'], isset($page['params']) ? $page['params'] : null) . '" ';
if ($page['href'] == Utils::getRunningScript()) {
$str .= 'class="selected"';
}
$str .= '>' . _($page['name']) . '</a></li>';
}
}
$str .= '</ol>';
$html .= $str;
$html .= self::buildLanguageSelector();
$html .= self::buildRegionSelector();
$html .= '<div class="clearFloat"></div></div>';
return $html;
}
$acl->addResource(ROLE_GUEST, array('webres.php', 'test.php'));
}
$acl->addResource(ROLE_GUEST, array('auth.php', 'optout.php'));
if (getConfiguration('auth.mode') == AuthHandler::AUTH_MODE_PASS) {
$acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'AddRideAll.php', 'GetRegionConfiguration.php'));
} else {
if (AuthHandler::getAuthMode() == AuthHandler::AUTH_MODE_TOKEN) {
$acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'index.php', 'AddRideAll.php', 'feedback.php', 'SearchRides.php', 'GetRegionConfiguration.php'));
}
}
$acl->addResource(ROLE_IDENTIFIED, array('join.php', 'help.php', 'index.php', 'feedback.php', 'logout.php', 'thanks.php', 'SearchRides.php', 'AddRideAll.php', 'GetRegionConfiguration.php'));
$acl->addResource(ROLE_IDENTIFIED_REGISTERED, array('ActivateToggle.php', 'DeleteRide.php', 'ShowInterest.php'));
// Content management
$acl->addResource(ROLE_ADMINISTRATOR, array('translations.php'));
// Enfore access control
$role = AuthHandler::getRole();
$resource = Utils::getRunningScript();
if (!$acl->isAllowed($role, $resource)) {
if ($role == ROLE_GUEST && $acl->isAllowed($role, 'auth.php')) {
// Not allowed: if not logged in and allowed to - redirect to login page
GlobalMessage::setGlobalMessage(_('Please login to access this page'), GlobalMessage::ERROR);
Utils::redirect('auth.php', array('ref' => $resource));
} else {
if ($acl->isAllowed($role, 'auth.php')) {
// User is logged in but not permitted to use this page
header("HTTP/1.1 401 Unauthorized");
die('<p>' . _('Access Denied') . '</p>');
} else {
// User is not logged-in and not allowed to do that - totally forbidden
header("HTTP/1.1 403 Forbidden");
die('<p>' . _('Sorry, you are not allowed to use this application.') . '</p>');
throw new Exception("Could not insert city {$destCity}");
}
} else {
$srcCityId = $destCityId;
}
}
// Update the region
if (!RegionManager::getInstance()->setRegion($region)) {
throw new Exception("Failed to update region");
}
try {
if ($isUpdateContact) {
$updateParams = array('name' => $name, 'phone' => $phone);
// In some scenarios, contact might exist before having a ride -
// we need to set their role now
$currentRole = AuthHandler::getRole();
if ($currentRole == ROLE_IDENTIFIED) {
$updateParams['role'] = ROLE_IDENTIFIED_REGISTERED;
AuthHandler::setRole(ROLE_IDENTIFIED_REGISTERED);
}
$updateParams['email'] = $canUpdateEmail ? $email : null;
$db->updateContact($updateParams, $contactId);
} else {
// If it is a new ride - register this contact
$contactId = $db->addContact($name, $phone, $email, ROLE_IDENTIFIED_REGISTERED, $password);
AuthHandler::authByContactId($contactId);
AuthHandler::setRole(ROLE_IDENTIFIED_REGISTERED);
}
} catch (PDOException $e) {
if ($e->getCode() == 23000) {
$messages[] = _("This email address is already in use");
