public function setCanDo($inValue = false)
{
if (!is_bool($inValue)) {
return false;
}
$user = CurrentUser::getUserSession();
$permissionEngine = PermissionEngine::getInstance();
return $permissionEngine->toggleCanDo($this, $user->getRoleID(), $inValue);
}
public function __construct(Request $request)
{
if (count($request->getParameters(true)) > 1) {
$this->response = Response::fourOhFour();
return;
}
$user = CurrentUser::getUserSession();
if (!$user->isLoggedIn()) {
$this->response = new Response(200, "@home/notLoggedIn.twig", "Welcome", "home");
return;
}
$this->response = new Response(200, "@home/main.twig", "Hi {$user->getFirstName()}", "home", $user);
}
private function doLogIn()
{
if (!AntiForgeryToken::getInstance()->validate()) {
return Response::fiveHundred();
}
if (!Honeypot::getInstance()->validate()) {
return Response::fiveHundred();
}
$hookEngine = HookEngine::getInstance();
$hookEngine->runAction('userIsLoggingIn');
$user = CurrentUser::getUserSession();
if ($user->isLoggedIn()) {
return Response::redirect(new Link(""));
}
$username = Request::getPostParameter("username");
$password = Request::getPostParameter("password");
if (!$username) {
return $this->showErrorMessage();
}
if (!$password) {
return $this->showErrorMessage();
}
$lockoutEngine = LockoutEngine::getInstance();
if ($lockoutEngine->isLockedOut($_SERVER['REMOTE_ADDR'])) {
return Response::redirect(new Link("users/login"));
}
$logger = Logger::getInstance();
$username = preg_replace('/\\s+/', '', strip_tags($username));
if (!$user->logIn($username, $password)) {
$logger->logIt(new LogEntry(0, logEntryType::warning, 'Someone failed to log into ' . $username . '\'s account from IP:' . $_SERVER['REMOTE_ADDR'], 0, new DateTime()));
return $this->showErrorMessage();
}
$user = CurrentUser::getUserSession();
$logger->logIt(new LogEntry(0, logEntryType::info, 'A new session was opened for ' . $user->getFullName() . ', who has an IP of ' . $_SERVER['REMOTE_ADDR'] . '.', $user->getUserID(), new DateTime()));
$hookEngine->runAction('userLoggedIn');
return Response::redirect(new Link(""));
}
public function getCurrentUserValue($optionName)
{
$userID = intval(CurrentUser::getUserSession()->getID());
return $this->getUserValue($optionName, $userID);
}
public function toggleCurrentUserSupportForStatus(Status $toSupport)
{
$permissionEngine = PermissionEngine::getInstance();
if (!$permissionEngine->currentUserCanDo("canSupportStatuses")) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$user = CurrentUser::getUserSession();
$userID = $database->escapeString($user->getUserID());
$statusID = $database->escapeString($toSupport->getID());
$results = $database->getData("supporterID", "statusSupporter", "supporterID={$userID} AND statusID={$statusID}");
if ($results === false) {
return false;
}
if ($results != null) {
return $this->removeSupport($statusID, $userID);
}
return $this->addSupport($statusID, $userID);
}
public function generateNewForgotPassword($userID)
{
if (CurrentUser::getUserSession()->isLoggedIn()) {
return false;
}
if (!is_numeric($userID)) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$randomString = new generateRandomString(50, true, 37, 136);
$existingTokens = $database->getData('token', 'forgotPassword');
if ($existingTokens === false) {
return false;
}
if ($existingTokens === null) {
$existingTokens = array();
}
do {
$token = $randomString->run();
} while (in_array(array('token' => $token), $existingTokens));
$date = new DateTime();
$date = $date->format('Y-m-d H:i:s');
$token = $database->escapeString($token);
$date = $database->escapeString($date);
$userID = $database->escapeString($userID);
$result = $database->insertData('forgotPassword', 'token, requestDate, userID', "'{$token}', '{$date}', {$userID}");
if ($result === false) {
return false;
}
return $this->getForgotPasswordByToken($token);
}
public function currentUserCanDo($inPermissionName)
{
$perm = $this->getPermission($inPermissionName);
if (!$perm) {
return false;
}
if (!$this->checkPermission($perm, CurrentUser::getUserSession()->getRoleID())) {
return false;
}
return true;
}
private static function getVariables()
{
ObjectCache::getInstance();
$site = Site::getInstance();
define('GUEST_ROLE_ID', (int) $site->getGuestRoleID()->getValue());
define('SITE_EMAIL', $site->getEmail());
define('SITE_TITLE', $site->getTitle());
date_default_timezone_set($site->getTimeZone());
if ($site->isInMaintenanceMode()) {
if (!PermissionEngine::getInstance()->currentUserCanDo('bypasssMaintenanceMode')) {
return;
}
}
$blockEngine = BlockEngine::getInstance();
$user = CurrentUser::getUserSession();
$hookEngine = HookEngine::getInstance();
$router = Router::getInstance();
$hookEngine->runAction('addStaticRoutes');
$moduleInCharge = $router->whichModuleHandlesRequest();
$response = self::getResponse($moduleInCharge);
http_response_code($response->getResponseCode());
$headers = $response->getHeaders();
foreach ($headers as $header => $value) {
header($header . ": " . $value, true);
}
define('PAGE_TYPE', $response->getPageType());
$blocks = $blockEngine->getBlocks($site->getTheme(), PAGE_TYPE, $user->getRoleID());
if ($blocks === null) {
$blocks = array();
}
self::render($site, $response, $blocks);
}
private function getMenuItemChildren($inID)
{
if (!is_numeric($inID)) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$inID = $database->escapeString($inID);
$results = $database->getData('*', 'menuItem', "parent = {$inID}");
if ($results === false) {
return false;
}
if ($results === null) {
return false;
}
$children = array();
foreach ($results as $row) {
$itemID = $row['menuItemID'];
if (!$this->menuItemIsVisible($itemID, PAGE_TYPE, CurrentUser::getUserSession()->getRoleID())) {
continue;
}
$children[] = $this->getMenuItem($itemID);
}
return $children;
}
public function __construct(Request $request)
{
if (count($request->getParameters(true)) > 2) {
$this->response = Response::fourOhFour();
return;
}
$currentUser = CurrentUser::getUserSession();
if (!$currentUser->isLoggedIn()) {
$this->response = Response::fourOhFour();
return;
}
$hookEngine = HookEngine::getInstance();
$hookEngine->runAction('userIsLoggingOut');
$currentUser->logOut();
session_regenerate_id(true);
$hookEngine->runAction('userLoggedOut');
NoticeEngine::getInstance()->addNotice(new Notice("neutral", "You're now logged out."));
$this->response = Response::redirect(new Link(""));
}