public function Base_Render_Before(&$Sender) { // Add menu items. $Session = Gdn::Session(); if ($Sender->Menu) { $Sender->Menu->AddLink('Dashboard', 'Dashboard', '/garden/settings', array('Garden.Settings.Manage')); $Sender->Menu->AddLink('Dashboard', 'Users', '/user/browse', array('Garden.Users.Add', 'Garden.Users.Edit', 'Garden.Users.Delete')); $Sender->Menu->AddLink('Activity', 'Activity', '/activity'); $Authenticator = Gdn::Authenticator(); if ($Session->IsValid()) { $Sender->Menu->AddLink('SignOut', 'Sign Out', '/entry/leave/{Session_TransientKey}', FALSE, array('class' => 'NonTab')); $Notifications = Gdn::Translate('Notifications'); $CountNotifications = $Session->User->CountNotifications; if (is_numeric($CountNotifications) && $CountNotifications > 0) { $Notifications .= '<span>' . $CountNotifications . '</span>'; } $Sender->Menu->AddLink('User', '{Username}', '/profile/{Username}', array('Garden.SignIn.Allow')); $Sender->Menu->AddLink('User', '\\' . $Notifications, 'profile/notifications/{Username}'); } else { $Sender->Menu->AddLink('Entry', 'Sign In', $Authenticator->SignInUrl()); } } // Enable theme previewing if ($Session->IsValid()) { $PreviewTheme = $Session->GetPreference('PreviewTheme', ''); if ($PreviewTheme != '') { $Sender->Theme = $PreviewTheme; } } }
/** * Emulate a call to index.php?p=$vanilla_module_path * Much of this ripped out of Vanilla's index.php */ public function view($segments) { // if a static asset, return it outright $asset = $this->is_static_asset($segments); if ($asset) { return \Response::make(\File::get($asset))->header('Content-Type', $this->get_content_type($asset)); } // otherwise, dispatch into vanilla $user = $this->user; $bootstrap = new VanillaBootstrap(); $bootstrap->call(function () use($user, $segments) { // Create the session and stuff the user in \Gdn::Authenticator()->SetIdentity($user->getKey(), false); \Gdn::Session()->Start(false, false); \Gdn::Session()->SetPreference('Authenticator', 'Gdn_Authenticator'); // Create and configure the dispatcher. $Dispatcher = \Gdn::Dispatcher(); $EnabledApplications = \Gdn::ApplicationManager()->EnabledApplicationFolders(); $Dispatcher->EnabledApplicationFolders($EnabledApplications); $Dispatcher->PassProperty('EnabledApplications', $EnabledApplications); // Process the request. $Dispatcher->Start(); $Dispatcher->Dispatch(implode('/', $segments)); }); }
/** * Takes a route and prepends the web root (expects "/controller/action/params" as $Path). * * @param array The parameters passed into the function. * The parameters that can be passed to this function are as follows. * - <b>path</b>: The relative path for the url. There are some special paths that can be used to return "intelligent" links: * - <b>signinout</b>: This will return a signin/signout url that will toggle depending on whether or not the user is already signed in. When this path is given the text is automaticall set. * - <b>withdomain</b>: Whether or not to add the domain to the url. * - <b>text</b>: Html text to be put inside an anchor. If this value is set then an html <a></a> is returned rather than just a url. * - <b>id, class, etc.></b>: When an anchor is generated then any other attributes are passed through and will be written in the resulting tag. * @param Smarty The smarty object rendering the template. * @return The url. */ function smarty_function_link($Params, &$Smarty) { $Path = GetValue('path', $Params, '', TRUE); $WithDomain = GetValue('withdomain', $Params, FALSE, TRUE); $RemoveSyndication = GetValue('removeSyndication', $Params, FALSE, TRUE); $Text = GetValue('text', $Params, '', TRUE); $NoTag = GetValue('notag', $Params, FALSE, TRUE); $Class = GetValue('class', $Params, '', TRUE); $Session = Gdn::Session(); $Authenticator = Gdn::Authenticator(); // Use some logic to expan special urls. switch (strtolower($Path)) { case "signinout": // The destination is the signin/signout toggle link. if ($Session->IsValid()) { if (!$Text && !$NoTag) { $Text = T('Sign Out'); } $Path = $Authenticator->SignOutUrl(); $Class = ConcatSep(' ', $Class, 'SignOut'); } else { if (!$Text && !$NoTag) { $Text = T('Sign In'); } $Attribs = array(); $Path = $Authenticator->SignInUrl(''); if (Gdn::Config('Garden.SignIn.Popup')) { $Class = ConcatSep(' ', $Class, 'SignInPopup'); } } break; } $Url = Url($Path, $WithDomain, $RemoveSyndication); $Url = str_replace('{Session_TransientKey}', $Session->TransientKey(), $Url); if (!$Text) { $NoTag = TRUE; } if ($NoTag) { $Result = $Url; } else { $Result = '<a'; // Add the standard attrbutes to the anchor. $ID = GetValue('id', $Params, '', TRUE); if ($ID) { $Result .= ' id="' . urlencode($ID) . '"'; } $Result .= ' href="' . $Url . '"'; if ($Class) { $Result .= ' class="' . urlencode($Class) . '"'; } // Add anything that's left over. foreach ($Params as $Key => $Value) { $Result .= ' ' . $Key . '="' . urlencode($Value) . '"'; } // Add the link text. $Result .= '>' . $Text . '</a>'; } return $Result; }
public function ActivityController_Render_Before(&$Sender) { $Session = Gdn::Session(); if (!$Session->CheckPermission('Plugins.Privacy.Activity')) { if (!$Session->IsValid()) { Redirect(Gdn::Authenticator()->SignInUrl(Gdn_Url::Request())); } else { Redirect(Gdn::Config('Routes.DefaultPermission')); } } }
public function EntryController_RegisterBasic_Create($Sender) { // print_r($Values); // die('ok'); Gdn::UserModel()->AddPasswordStrength($Sender); if ($Sender->Form->IsPostBack() === TRUE) { // Add validation rules that are not enforced by the model $Sender->UserModel->DefineSchema(); $Sender->UserModel->Validation->ApplyRule('Name', 'Username', $Sender->UsernameError); $Sender->UserModel->Validation->ApplyRule('TermsOfService', 'Required', T('You must agree to the terms of service.')); $Sender->UserModel->Validation->ApplyRule('Password', 'Required'); $Sender->UserModel->Validation->ApplyRule('Password', 'Strength'); $Sender->UserModel->Validation->ApplyRule('Password', 'Match'); // $Sender->UserModel->Validation->ApplyRule('DateOfBirth', 'MinimumAge'); $Sender->FireEvent('RegisterValidation'); try { $Values = $Sender->Form->FormValues(); unset($Values['Roles']); $AuthUserID = $Sender->UserModel->Register($Values); if ($AuthUserID == UserModel::REDIRECT_APPROVE) { $Sender->Form->SetFormValue('Target', '/entry/registerthanks'); $Sender->_SetRedirect(); return; } elseif (!$AuthUserID) { $Sender->Form->SetValidationResults($Sender->UserModel->ValidationResults()); } else { // The user has been created successfully, so sign in now. Gdn::Session()->Start($AuthUserID); if ($Sender->Form->GetFormValue('RememberMe')) { Gdn::Authenticator()->SetIdentity($AuthUserID, TRUE); } try { $Sender->UserModel->SendWelcomeEmail($AuthUserID, '', 'Register'); } catch (Exception $Ex) { } $Sender->FireEvent('RegistrationSuccessful'); // ... and redirect them appropriately $Route = $Sender->RedirectTo(); if ($this->_DeliveryType != DELIVERY_TYPE_ALL) { $Sender->RedirectUrl = Url($Route); } else { if ($Route !== FALSE) { Redirect($Route); } } } } catch (Exception $Ex) { $Sender->Form->AddError($Ex); } } $Sender->Render(); }
public function StartAuthenticator() { // Start the 'session' Gdn::Session()->Start(); // Get list of enabled authenticators $AuthenticationSchemes = Gdn::Config('Garden.Authenticator.EnabledSchemes', array()); // Bring all enabled authenticator classes into the defined scope to allow them to be picked up by the plugin manager foreach ($AuthenticationSchemes as $AuthenticationSchemeAlias) { $Registered = $this->RegisterAuthenticator($AuthenticationSchemeAlias); } $this->_Started = TRUE; $this->WakeUpAuthenticators(); if (Gdn::Session()->IsValid() && !Gdn::Session()->CheckPermission('Garden.SignIn.Allow')) { return Gdn::Authenticator()->AuthenticateWith('user')->DeAuthenticate(); } }
/** * Return the unique id assigned to the user in the database. * * This method returns 0 if the username/password combination were not found, or -1 if the user does not * have permission to sign in. * * @param string $Email The email address (or unique username) assigned to the user in the database. * @param string $Password The password assigned to the user in the database. * @return int The UserID of the authenticated user or 0 if one isn't found. */ public function authenticate($Email = '', $Password = '') { if (!$Email || !$Password) { // We werent given parameters, check if they exist in our DataSource if ($this->currentStep() != Gdn_Authenticator::MODE_VALIDATE) { return Gdn_Authenticator::AUTH_INSUFFICIENT; } // Get the values from the DataSource $Email = $this->GetValue('Email'); $Password = $this->GetValue('Password'); $PersistentSession = $this->GetValue('RememberMe'); $ClientHour = $this->GetValue('ClientHour'); } else { $PersistentSession = false; $ClientHour = 0; } $UserID = 0; // Retrieve matching username/password values $UserModel = Gdn::Authenticator()->GetUserModel(); $UserData = $UserModel->ValidateCredentials($Email, 0, $Password); if ($UserData !== false) { // Get ID $UserID = $UserData->UserID; // Get Sign-in permission $SignInPermission = $UserData->Admin ? true : false; if ($SignInPermission === false && !$UserData->Banned) { $PermissionModel = Gdn::Authenticator()->GetPermissionModel(); foreach ($PermissionModel->GetUserPermissions($UserID) as $Permissions) { $SignInPermission |= val('Garden.SignIn.Allow', $Permissions, false); } } // Update users Information $UserID = $SignInPermission ? $UserID : -1; if ($UserID > 0) { // Create the session cookie $this->setIdentity($UserID, $PersistentSession); // Update some information about the user... $UserModel->UpdateVisit($UserID, $ClientHour); Gdn::Authenticator()->Trigger(Gdn_Authenticator::AUTH_SUCCESS); $this->FireEvent('Authenticated'); } else { Gdn::Authenticator()->Trigger(Gdn_Authenticator::AUTH_DENIED); } } return $UserID; }
public function Configure($AuthenticationSchemeAlias = NULL) { $Message = T("Please choose an authenticator to configure."); if (!is_null($AuthenticationSchemeAlias)) { $AuthenticatorInfo = Gdn::Authenticator()->GetAuthenticatorInfo($AuthenticationSchemeAlias); if ($AuthenticatorInfo !== FALSE) { $this->AuthenticatorChoice = $AuthenticationSchemeAlias; if (array_key_exists($AuthenticationSchemeAlias, $this->ConfigureList) && $this->ConfigureList[$AuthenticationSchemeAlias] !== FALSE) { echo Gdn::Slice($this->ConfigureList[$AuthenticationSchemeAlias]); return; } else { $Message = sprintf(T("The %s Authenticator does not have any custom configuration options."), $AuthenticatorInfo['Name']); } } } $this->SetData('ConfigureMessage', $Message); $this->Render(); }
/** * Returns the unique id assigned to the user in the database, 0 if the * username/password combination weren't found, or -1 if the user does not * have permission to sign in. * * @param string $Email The email address (or unique username) assigned to the user in the database. * @param string $Password The password assigned to the user in the database. * @param boolean $PersistentSession Should the user's session remain persistent across visits? * @param int $ClientHour The current hour (24 hour format) of the client. */ public function Authenticate($Email = '', $Password = '') { if (!$Email || !$Password) { if ($this->CurrentStep() != Gdn_Authenticator::MODE_VALIDATE) { return Gdn_Authenticator::AUTH_INSUFFICIENT; } $Email = $this->GetValue('Email'); $Password = $this->GetValue('Password'); $PersistentSession = $this->GetValue('RememberMe'); $ClientHour = $this->GetValue('ClientHour'); } else { $PersistentSession = FALSE; $ClientHour = 0; } $UserID = 0; // Retrieve matching username/password values $UserModel = Gdn::Authenticator()->GetUserModel(); $UserData = $UserModel->ValidateCredentials($Email, 0, $Password); if ($UserData !== FALSE) { // Get ID $UserID = $UserData->UserID; // Get Sign-in permission $SignInPermission = $UserData->Admin == '1' ? TRUE : FALSE; if ($SignInPermission === FALSE) { $PermissionModel = Gdn::Authenticator()->GetPermissionModel(); foreach ($PermissionModel->GetUserPermissions($UserID) as $Permissions) { $SignInPermission |= ArrayValue('Garden.SignIn.Allow', $Permissions, FALSE); } } // Update users Information $UserID = $SignInPermission ? $UserID : -1; if ($UserID > 0) { // Create the session cookie $this->SetIdentity($UserID, $PersistentSession); // Update some information about the user... $UserModel->UpdateLastVisit($UserID, $UserData->Attributes, $ClientHour); $this->FireEvent('Authenticated'); } } return $UserID; }
public function Base_Render_Before(&$Sender) { // Add menu items. $Session = Gdn::Session(); if ($Sender->Menu) { $Sender->Menu->AddLink('Dashboard', 'Dashboard', '/garden/settings', array('Garden.Settings.Manage')); $Sender->Menu->AddLink('Dashboard', 'Users', '/user/browse', array('Garden.Users.Add', 'Garden.Users.Edit', 'Garden.Users.Delete')); $Sender->Menu->AddLink('Activity', 'Activity', '/activity'); $Authenticator = Gdn::Authenticator(); if ($Session->IsValid()) { $Sender->Menu->AddLink('SignOut', 'Sign Out', '/entry/leave/{Session_TransientKey}', FALSE, array('class' => 'NonTab')); $Notifications = Gdn::Translate('Notifications'); $CountNotifications = $Session->User->CountNotifications; if (is_numeric($CountNotifications) && $CountNotifications > 0) { $Notifications .= '<span>' . $CountNotifications . '</span>'; } $Sender->Menu->AddLink('User', '{Username}', '/profile/{Username}', array('Garden.SignIn.Allow')); $Sender->Menu->AddLink('User', '\\' . $Notifications, 'profile/notifications/{Username}'); } else { $Sender->Menu->AddLink('Entry', 'Sign In', $Authenticator->SignInUrl()); } } // Enable theme previewing if ($Session->IsValid()) { $PreviewTheme = $Session->GetPreference('PreviewTheme', ''); if ($PreviewTheme != '') { $Sender->Theme = $PreviewTheme; } } // Add Message Modules (if necessary) $MessageCache = Gdn::Config('Garden.Messages.Cache', array()); $Location = $Sender->Application . '/' . substr($Sender->ControllerName, 0, -10) . '/' . $Sender->RequestMethod; if (in_array('Base', $MessageCache) || InArrayI($Location, $MessageCache)) { $MessageModel = new Gdn_MessageModel(); $MessageData = $MessageModel->GetMessagesForLocation($Location); foreach ($MessageData as $Message) { $MessageModule = new Gdn_MessageModule($Sender, $Message); $Sender->AddModule($MessageModule); } } }
public static function Pagename() { $Application = Gdn::Dispatcher()->Application(); $Controller = Gdn::Dispatcher()->Controller(); switch ($Controller) { case 'discussions': case 'discussion': case 'post': return 'discussions'; case 'inbox': return 'inbox'; case 'activity': return 'activity'; case 'profile': $Args = Gdn::Dispatcher()->ControllerArguments(); if (!sizeof($Args) || sizeof($Args) && $Args[0] == Gdn::Authenticator()->GetIdentity()) { return 'profile'; } break; } return 'unknown'; }
echo Wrap($this->Form->TextBox('Body', array('MultiLine' => TRUE)), 'div', array('class' => 'TextBoxWrapper')); echo "<div class=\"Buttons\">\n"; if ($Session->IsValid()) { $AuthenticationUrl = Gdn::Authenticator()->SignOutUrl(Gdn::Request()->PathAndQuery()); echo Wrap( sprintf( T('Commenting as %1$s (%2$s)'), Gdn_Format::Text($Session->User->Name), Anchor(T('Sign Out'), $AuthenticationUrl, 'SignOut') ), 'div', array('class' => 'Author') ); echo $this->Form->Button('Post Comment', array('class' => 'Button CommentButton')); } else { $AuthenticationUrl = Gdn::Authenticator()->SignInUrl(Gdn::Request()->PathAndQuery()); echo Anchor(T('Comment As ...'), $AuthenticationUrl, 'SignInPopup Button Stash'); } echo "</div>\n"; echo $this->Form->Close(); ?> </div> <?php } ?> <ul class="MessageList Discussion"> <?php $this->FireEvent('BeforeCommentsRender'); $CurrentOffset = $this->Offset; $CommentData = $this->CommentData->Result(); foreach ($CommentData as $Comment) { ++$CurrentOffset; $this->CurrentComment = $Comment;
public function Index($Step = 0) { $this->Permission('Garden.Data.Import'); // This permission doesn't exist, so only users with Admin == '1' will succeed. $this->AddJsFile('upgrade.js', 'vanilla'); $Step = is_numeric($Step) && $Step >= 0 && $Step < 20 ? $Step : ''; $Database = Gdn::Database(); $PDO = $Database->Connection(); $Construct = $Database->Structure(); $SQL = $Database->SQL(); $SourcePrefix = Gdn::Config('Import.SourcePrefix', 'LUM_'); $DestPrefix = Gdn::Config('Database.DatabasePrefix', ''); if ($Step == 0) { $this->View = 'import'; if ($this->Form->AuthenticatedPostBack()) { // Make sure that all of the destination tables exist (assuming that // columns are there if tables are there since they were likely just // installed moments ago). $DbTables = $Database->SQL()->FetchTables(); $DestTables = explode(',', 'Role,User,UserRole,Conversation,ConversationMessage,UserConversation,Category,Discussion,Comment,UserDiscussion'); for ($i = 0; $i < count($DestTables); ++$i) { $Table = $DestPrefix . $DestTables[$i]; if (!InArrayI($Table, $DbTables)) { $this->Form->AddError('The "' . $Table . '" table is required for import.'); break; } } if ($this->Form->ErrorCount() == 0) { // Make sure that all of the source tables & columns exist. $SourcePrefix = $this->Form->GetFormValue('SourcePrefix'); $SourceTables = explode(',', 'Role,User,UserRoleHistory,UserDiscussionWatch,UserBookmark,Category,Discussion,Comment'); for ($i = 0; $i < count($SourceTables); ++$i) { $Table = $SourcePrefix . $SourceTables[$i]; if (!InArrayI($Table, $DbTables)) { $this->Form->AddError('The "' . $Table . '" source table was not found. Are you sure "' . $SourcePrefix . '" is the correct table prefix for your Vanilla 1 tables?'); break; } $Columns = $Database->SQL()->FetchColumns($Table); switch ($SourceTables[$i]) { case 'Role': $RequiredColumns = explode(',', 'RoleID,Name,Description'); break; case 'User': $RequiredColumns = explode(',', 'UserID,RoleID,Name,Email,UtilizeEmail,CountVisit,Discovery,DateFirstVisit,DateLastActive,DateFirstVisit,DateLastActive,CountDiscussions,CountComments'); break; case 'UserRoleHistory': $RequiredColumns = explode(',', 'UserID,RoleID,AdminUserID,Notes,Date'); break; case 'UserDiscussionWatch': $RequiredColumns = explode(',', 'UserID,DiscussionID,CountComments,LastViewed'); break; case 'UserBookmark': $RequiredColumns = explode(',', 'UserID,DiscussionID'); break; case 'Category': $RequiredColumns = explode(',', 'CategoryID,Name,Description,Priority'); break; case 'Discussion': $RequiredColumns = explode(',', 'DiscussionID,CategoryID,AuthUserID,LastUserID,WhisperUserID,Active,Name,CountComments,Closed,Sticky,Sink,DateCreated,DateLastActive'); break; case 'Comment': $RequiredColumns = explode(',', 'CommentID,DiscussionID,AuthUserID,EditUserID,WhisperUserID,Deleted,Body,FormatType,DateCreated,DateEdited'); break; default: $RequiredColumns = array(); break; } if (is_array($RequiredColumns)) { for ($j = 0; $j < count($RequiredColumns); ++$j) { if (!InArrayI($RequiredColumns[$j], $Columns)) { $this->Form->AddError('The "' . $Table . '" source table does not have the "' . $RequiredColumns[$j] . '" column.'); break; } } } } } // If there were no errors... if ($this->Form->ErrorCount() == 0) { // Save the sourceprefix SaveToConfig('Garden.Import.SourcePrefix', $SourcePrefix); // Proceed with the next step $this->Message = T('<strong>1/19</strong> Checking source & destination tables.'); $this->View = 'index'; $this->RedirectUrl = Url('/upgrade/1'); if ($this->DeliveryType() == DELIVERY_TYPE_ALL) { Redirect('/upgrade/1'); } } } else { $this->Form->SetFormValue('SourcePrefix', $SourcePrefix); } } else { if ($Step == 1) { // 1. Add Import IDs to various tables where necessary $Construct->Table('Role')->Column('ImportID', 'int', 11, FALSE, NULL, 'key')->Set(); $Construct->DatabasePrefix($SourcePrefix); $Construct->Table('Comment')->Column('ConversationID', 'int', 11, FALSE, NULL, 'key')->Set(); $Construct->DatabasePrefix($DestPrefix); $this->Message = T('<strong>2/19</strong> Importing roles.'); $this->RedirectUrl = Url('/upgrade/2'); } else { if ($Step == 2) { // 2. Move roles from old database into new one. $RoleModel = new Gdn_RoleModel(); // Get the old roles $OldRoles = $Database->Query('select * from ' . $SourcePrefix . 'Role'); // Loop through each, inserting if it doesn't exist and updating ImportID if it does foreach ($OldRoles->Result() as $OldRole) { $RoleData = $Database->Query("select * from " . $DestPrefix . "Role where Name = " . $PDO->quote($OldRole->Name)); if ($RoleData->NumRows() == 0) { $Role = array(); $Role['ImportID'] = $OldRole->RoleID; $Role['Name'] = $OldRole->Name; $Role['Description'] = $OldRole->Description; $RoleModel->Save($Role); } else { $Database->Query("update " . $DestPrefix . "Role set ImportID = '" . $OldRole->RoleID . "' where RoleID = " . $RoleData->FirstRow()->RoleID); } } $this->Message = T('<strong>3/19</strong> Importing users.'); $this->RedirectUrl = Url('/upgrade/3'); } else { if ($Step == 3) { // 3. Import users // Grab the current admin user. $AdminUser = $SQL->GetWhere('User', array('Admin' => 1))->FirstRow('', DATASET_TYPE_ARRAY); // Delete the users. $SQL->Delete('User', array('UserID <>' => 0)); // where kludge $Database->Query("insert into " . $DestPrefix . "User\n (UserID, Name, Password, Email, ShowEmail, Gender, CountVisits, CountInvitations, InviteUserID, DiscoveryText, Preferences, Permissions, Attributes, DateSetInvitations, DateOfBirth, DateFirstVisit, DateLastActive, DateInserted, DateUpdated, HourOffset, About, CountNotifications, CountUnreadConversations, CountDiscussions, CountUnreadDiscussions, CountComments, CountDrafts, CountBookmarks) select\n UserID, Name, Password, Email, UtilizeEmail, 'm', CountVisit, 0, null, Discovery, null, null, null, null, null, DateFirstVisit, DateLastActive, DateFirstVisit, DateLastActive, 0, null, 0, 0, CountDiscussions, 0, CountComments, 0, 0\n from " . $SourcePrefix . "User"); // Check to see if there is an existing user in the database that should now be root. $User = $SQL->GetWhere('User', array('Name' => $AdminUser['Name']))->FirstRow('', DATASET_TYPE_ARRAY); if (is_array($User)) { $NewUserID = $User['UserID']; $SQL->Put('User', array('Password' => $AdminUser['Password'], 'Admin' => 1), array('UserID' => $User['UserID'])); } else { unset($AdminUser['UserID']); $NewUserID = $SQL->Insert('User', $AdminUser); } Gdn::Session()->UserID = $NewUserID; Gdn::Session()->User->UserID = $NewUserID; Gdn::Authenticator()->SetIdentity($NewUserID); $this->Message = T('<strong>4/19</strong> Importing role histories.'); $this->RedirectUrl = Url('/upgrade/4'); } else { if ($Step == 4) { // 4. Import user role relationships $SQL->Delete('UserRole', array('UserID <>' => 0)); $Database->Query("insert into " . $DestPrefix . "UserRole\n (UserID, RoleID)\n select u.UserID, r.RoleID\n from " . $SourcePrefix . "User u\n inner join " . $DestPrefix . "Role r\n on u.RoleID = r.ImportID"); $this->Message = T('<strong>5/19</strong> Importing user/role relationships.'); $this->RedirectUrl = Url('/upgrade/5'); } else { if ($Step == 5) { // 5. Import user role history into activity table $Database->Query("insert into " . $DestPrefix . "Activity\n (ActivityTypeID, ActivityUserID, RegardingUserID, Story, InsertUserID, DateInserted)\n select 8, rh.AdminUserID, rh.UserID, concat('Assigned to ', r.Name, ' Role <blockquote>', rh.Notes, '</blockquote>'), rh.AdminUserID, rh.Date\n from " . $SourcePrefix . "UserRoleHistory rh\n inner join " . $DestPrefix . "Role r\n on rh.RoleID = r.ImportID\n order by rh.Date asc"); $this->Message = T('<strong>6/19</strong> Preparing whispers.'); $this->RedirectUrl = Url('/upgrade/6'); } else { if ($Step == 6) { // 6. Update the WhisperUserID on all comments that are within whispered discussions $Database->Query("update " . $SourcePrefix . "Comment c\n join " . $SourcePrefix . "Discussion d\n on c.DiscussionID = d.DiscussionID\n set c.WhisperUserID = d.WhisperUserID\n where d.WhisperUserID > 0\n and c.AuthUserID <> d.WhisperUserID"); $Database->Query("update " . $SourcePrefix . "Comment c\n join " . $SourcePrefix . "Discussion d\n on c.DiscussionID = d.DiscussionID\n set c.WhisperUserID = d.AuthUserID\n where d.WhisperUserID > 0\n and c.AuthUserID <> d.AuthUserID"); $this->Message = T('<strong>7/19</strong> Creating conversations.'); $this->RedirectUrl = Url('/upgrade/7'); } else { if ($Step == 7) { // 7. Create conversations $Database->Query("insert into " . $DestPrefix . "Conversation\n (InsertUserID, DateInserted, UpdateUserID, DateUpdated, Contributors)\n select AuthUserID, now(), WhisperUserID, now(), ''\n from " . $SourcePrefix . "Comment\n where WhisperUserID > 0\n group by AuthUserID, WhisperUserID"); // 7b. Remove duplicate combinations $Database->Query("delete " . $DestPrefix . "Conversation c\n from " . $DestPrefix . "Conversation c\n join " . $DestPrefix . "Conversation c2\n on c.InsertUserID = c2.UpdateUserID\n and c.UpdateUserID = c2.InsertUserID\n where c.ConversationID > c2.ConversationID"); $this->Message = T('<strong>8/19</strong> Preparing conversations messages.'); $this->RedirectUrl = Url('/upgrade/8'); } else { if ($Step == 8) { // 8. Update old comment table with conversation ids $Database->Query("update " . $SourcePrefix . "Comment cm\n inner join " . $DestPrefix . "Conversation cn\n on cm.AuthUserID = cn.InsertUserID\n and cm.WhisperUserID = cn.UpdateUserID\n set cm.ConversationID = cn.ConversationID"); $Database->Query("update " . $SourcePrefix . "Comment cm\n inner join " . $DestPrefix . "Conversation cn\n on cm.WhisperUserID = cn.InsertUserID\n and cm.AuthUserID = cn.UpdateUserID\n set cm.ConversationID = cn.ConversationID"); $this->Message = T('<strong>9/19</strong> Transforming whispers into conversations.'); $this->RedirectUrl = Url('/upgrade/9'); } else { if ($Step == 9) { // 9. Insert whispers as conversation messages $Database->Query("insert into " . $DestPrefix . "ConversationMessage\n (ConversationID, Body, InsertUserID, DateInserted)\n select ConversationID, Body, AuthUserID, DateCreated\n from " . $SourcePrefix . "Comment\n where ConversationID > 0"); $this->Message = T('<strong>10/19</strong> Finalizing conversations.'); $this->RedirectUrl = Url('/upgrade/10'); } else { if ($Step == 10) { // 10. Insert the userconversation records so that messages are linked to conversations $Database->Query("insert into " . $DestPrefix . "UserConversation\n (UserID, ConversationID, CountNewMessages, CountMessages, LastMessageID, DateLastViewed)\n select InsertUserID, ConversationID, 0, 0, max(MessageID), null\n from " . $DestPrefix . "ConversationMessage\n group by InsertUserID, ConversationID"); $this->Message = T('<strong>11/19</strong> Finalizing whisper messages.'); $this->RedirectUrl = Url('/upgrade/11'); } else { if ($Step == 11) { // 11. Update the conversation record fields $Database->Query("update " . $DestPrefix . "Conversation c\n join (\n select ConversationID, min(MessageID) as FirstMessageID, min(DateInserted) as DateInserted\n from " . $DestPrefix . "ConversationMessage\n group by ConversationID\n ) cm\n on c.ConversationID = cm.ConversationID\n set c.FirstMessageID = cm.FirstMessageID,\n c.DateInserted = cm.DateInserted"); $Database->Query("update " . $DestPrefix . "Conversation c\n join (\n select ConversationID, max(MessageID) as LastMessageID\n from " . $DestPrefix . "ConversationMessage\n group by ConversationID\n ) cm\n on c.ConversationID = cm.ConversationID\n join " . $DestPrefix . "ConversationMessage lm\n on cm.LastMessageID = lm.MessageID\n set c.UpdateUserID = lm.InsertUserID,\n c.DateUpdated = lm.DateInserted"); // Fudge your way back from the messages $Database->Query("update " . $DestPrefix . "Conversation c\n join " . $DestPrefix . "ConversationMessage m\n on c.FirstMessageID = m.MessageID\n set c.InsertUserID = m.InsertUserID"); // Update the UserConversation.LastMessageID records // (ie. the last message in a conversation by someone other than the userconversation.userid person) $Database->Query("update " . $DestPrefix . "UserConversation uc\n join (\n select ConversationID, InsertUserID, max(MessageID) as LastMessageID\n from " . $DestPrefix . "ConversationMessage\n group by ConversationID, InsertUserID\n ) m\n on uc.ConversationId = m.ConversationID\n and uc.UserID <> m.InsertUserID\n set uc.LastMessageID = m.LastMessageID"); // Update the message count for all users and all conversations $Database->Query("update " . $DestPrefix . "UserConversation uc\n join (\n select ConversationID, count(MessageID) as CountMessages\n from " . $DestPrefix . "ConversationMessage\n group by ConversationID\n ) m\n on uc.ConversationID = m.ConversationID\n set uc.CountMessages = m.CountMessages"); $this->Message = T('<strong>12/19</strong> Importing discussion categories.'); $this->RedirectUrl = Url('/upgrade/12'); } else { if ($Step == 12) { // Delete old categories. $SQL->Delete('Category', array('CategoryID <>' => 0)); // 12. Import Categories $Database->Query("insert into " . $DestPrefix . "Category\n (CategoryID, Name, Description, Sort, InsertUserID, UpdateUserID, DateInserted, DateUpdated)\n select CategoryID, left(Name,30), Description, Priority, 1, 1, now(), now()\n from " . $SourcePrefix . "Category"); $this->Message = T('<strong>13/19</strong> Importing discussions.'); $this->RedirectUrl = Url('/upgrade/13'); } else { if ($Step == 13) { // 13. Import Discussions //$Database->Query('alter table '.$SourcePrefix.'Discussion CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci'); //$Database->Query('alter table '.$SourcePrefix.'Comment CONVERT TO CHARACTER SET utf8 COLLATE utf8_general_ci'); $Database->Query("insert into " . $DestPrefix . "Discussion\n (DiscussionID, CategoryID, InsertUserID, UpdateUserID, Name, CountComments, Closed, Announce, Sink, DateInserted, DateUpdated, DateLastComment)\n select DiscussionID, CategoryID, AuthUserID, LastUserID, Name, CountComments, Closed, Sticky, Sink, DateCreated, DateLastActive, DateLastActive\n from " . $SourcePrefix . "Discussion\n where WhisperUserID = 0\n and Active = '1'"); $this->Message = T('<strong>14/19</strong> Importing comments.'); $this->RedirectUrl = Url('/upgrade/14'); } else { if ($Step == 14) { // 14. Import Comments $Database->Query("insert into " . $DestPrefix . "Comment\n (CommentID, DiscussionID, InsertUserID, UpdateUserID, Body, Format, DateInserted, DateUpdated)\n select CommentID, DiscussionID, AuthUserID, EditUserID, Body, case FormatType when 'Text' then 'Display' else FormatType end, DateCreated, DateEdited\n from " . $SourcePrefix . "Comment\n where (WhisperUserID is null or WhisperUserID = 0)\n and Deleted = '0'"); $this->Message = T('<strong>15/19</strong> Finalizing discussions.'); $this->RedirectUrl = Url('/upgrade/15'); } else { if ($Step == 15) { // 15. Update Discussions with first & last comment ids $Database->Query("update " . $DestPrefix . "Discussion d\n join (\n select DiscussionID, min(CommentID) as FirstCommentID\n from " . $DestPrefix . "Comment\n group by DiscussionID\n ) c\n on d.DiscussionID = c.DiscussionID\n set d.FirstCommentID = c.FirstCommentID"); $Database->Query("update " . $DestPrefix . "Discussion d\n join (\n select DiscussionID, max(CommentID) as LastCommentID\n from " . $DestPrefix . "Comment\n group by DiscussionID\n ) c\n on d.DiscussionID = c.DiscussionID\n set d.LastCommentID = c.LastCommentID"); // Update the CountDiscussions column on the category table $Database->Query("update " . $DestPrefix . "Category c\n join (\n select CategoryID, count(DiscussionID) as CountDiscussions\n from " . $DestPrefix . "Discussion\n group by CategoryID\n ) cc\n on c.CategoryID = cc.CategoryID\n set c.CountDiscussions = cc.CountDiscussions"); $this->Message = T('<strong>16/19</strong> Importing bookmarks & watch data.'); $this->RedirectUrl = Url('/upgrade/16'); } else { if ($Step == 16) { // 16. Import UserDiscussion (watch & bookmark data) $Database->Query("insert into " . $DestPrefix . "UserDiscussion\n (UserID, DiscussionID, CountComments, DateLastViewed, Bookmarked)\n select ow.UserID, ow.DiscussionID, ow.CountComments, ow.LastViewed, if(isnull(ob.DiscussionID), '0', '1') as Bookmarked\n from " . $SourcePrefix . "UserDiscussionWatch ow\n left join " . $SourcePrefix . "UserBookmark ob\n on ow.DiscussionID = ob.DiscussionID\n and ow.UserID = ob.UserID\n left join " . $SourcePrefix . "Discussion od\n on od.DiscussionID = ow.DiscussionID\n where od.Active = '1'"); $this->Message = T('<strong>17/19</strong> Removing import structure.'); $this->RedirectUrl = Url('/upgrade/17'); } else { if ($Step == 17) { // 17. Remove temp columns $Construct->Table('Role')->DropColumn('ImportID'); $Construct->DatabasePrefix($SourcePrefix); $Construct->Table('Comment')->DropColumn('ConversationID'); $Construct->DatabasePrefix($DestPrefix); $this->Message = T('<strong>18/19</strong> Restoring original comment structure.'); $this->RedirectUrl = Url('/upgrade/18'); } else { if ($Step == 18) { // 18. remove whisperuserids from old comment table where the entire discussion is whispered $Database->Query("update " . $SourcePrefix . "Comment c\n inner join " . $SourcePrefix . "Discussion d\n on c.DiscussionID = d.DiscussionID\n set c.WhisperUserID = null\n where d.WhisperUserID > 0"); $this->Message = T('<strong>19/19</strong> Finished.'); $this->RedirectUrl = Url('/upgrade/19'); } else { if ($Step == 19) { // Finished! $this->RedirectUrl = 'Finished'; $this->View = 'finished'; } } } } } } } } } } } } } } } } } } } } $this->SetJson('NextUrl', $this->RedirectUrl); $this->RedirectUrl = ''; $this->MasterView = 'setup'; $this->Render(); }
public function Leave($AuthenticationSchemeAlias = 'default', $TransientKey = '') { try { $Authenticator = Gdn::Authenticator()->AuthenticateWith($AuthenticationSchemeAlias); } catch (Exception $e) { $Authenticator = Gdn::Authenticator()->AuthenticateWith('default'); } // Only sign the user out if this is an authenticated postback! $Session = Gdn::Session(); $this->Leaving = FALSE; $Result = Gdn_Authenticator::REACT_RENDER; $AuthenticatedPostbackRequired = $Authenticator->RequireLogoutTransientKey(); if (!$AuthenticatedPostbackRequired || $Session->ValidateTransientKey($TransientKey)) { $Result = $Authenticator->DeAuthenticate(); $this->Leaving = TRUE; } if ($Result == Gdn_Authenticator::AUTH_SUCCESS) { $this->View = 'auth/' . $Authenticator->GetAuthenticationSchemeAlias(); if ($Target = GetIncomingValue('Target', '')) { $Reaction = $Target; } else { $Reaction = $Authenticator->SuccessResponse(); } } else { $Reaction = $Authenticator->LoginResponse(); } if (is_string($Reaction)) { $Route = $Reaction; if ($this->_DeliveryType != DELIVERY_TYPE_ALL) { $this->RedirectUrl = Url($Route); } else { if ($Route !== FALSE) { Redirect($Route); } else { Redirect(Gdn::Router()->GetDestination('DefaultController')); } } } else { switch ($Reaction) { case Gdn_Authenticator::REACT_RENDER: break; case Gdn_Authenticator::REACT_EXIT: exit; break; case Gdn_Authenticator::REACT_REMOTE: // Render the view, but set the delivery type to VIEW $this->_DeliveryType = DELIVERY_TYPE_VIEW; break; case Gdn_Authenticator::REACT_REDIRECT: default: $Route = '/entry'; if ($this->_DeliveryType != DELIVERY_TYPE_ALL) { $this->RedirectUrl = Url($Route); } else { if ($Route !== FALSE) { Redirect($Route); } else { Redirect(Gdn::Router()->GetDestination('DefaultController')); } } break; } } $this->Render(); }
public function SetIdentity($UserID, $Persist = TRUE) { $AuthenticationSchemeAlias = $this->GetAuthenticationSchemeAlias(); Gdn::Authenticator()->SetIdentity($UserID, $Persist); Gdn::Session()->Start(); if ($UserID > 0) { Gdn::Session()->SetPreference('Authenticator', $AuthenticationSchemeAlias); } else { Gdn::Session()->SetPreference('Authenticator', ''); } }
function WriteEmbedCommentForm() { $Session = Gdn::Session(); $Controller = Gdn::Controller(); $Discussion = $Controller->Data('Discussion'); if ($Discussion && $Discussion->Closed == '1') { ?> <div class="Foot Closed"> <div class="Note Closed"><?php echo T('This discussion has been closed.'); ?> </div> </div> <?php } else { ?> <h2><?php echo T('Leave a comment'); ?> </h2> <div class="MessageForm CommentForm EmbedCommentForm"> <?php echo $Controller->Form->Open(); echo $Controller->Form->Errors(); echo Wrap($Controller->Form->TextBox('Body', array('MultiLine' => TRUE)), 'div', array('class' => 'TextBoxWrapper')); echo "<div class=\"Buttons\">\n"; $AllowSigninPopup = C('Garden.SignIn.Popup'); $Attributes = array('tabindex' => '-1'); $ReturnUrl = Gdn::Request()->PathAndQuery(); if ($Session->IsValid()) { $AuthenticationUrl = Gdn::Authenticator()->SignOutUrl($ReturnUrl); echo Wrap(sprintf(T('Commenting as %1$s (%2$s)', 'Commenting as %1$s <span class="SignOutWrap">(%2$s)</span>'), Gdn_Format::Text($Session->User->Name), Anchor(T('Sign Out'), $AuthenticationUrl, 'SignOut', $Attributes)), 'div', array('class' => 'Author')); echo $Controller->Form->Button('Post Comment', array('class' => 'Button CommentButton')); } else { $AuthenticationUrl = SignInUrl($ReturnUrl); if ($AllowSigninPopup) { $CssClass = 'SignInPopup Button Stash'; } else { $CssClass = 'Button Stash'; } echo Anchor(T('Comment As ...'), $AuthenticationUrl, $CssClass, $Attributes); } echo "</div>\n"; echo $Controller->Form->Close(); ?> </div> <?php } }
/** * Approve a membership applicant. */ public function Approve($UserID, $Email) { $ApplicantRoleID = C('Garden.Registration.ApplicantRoleID', 0); // Make sure the $UserID is an applicant $RoleData = $this->GetRoles($UserID); if ($RoleData->NumRows() == 0) { throw new Exception(T('ErrorRecordNotFound')); } else { $ApplicantFound = FALSE; foreach ($RoleData->Result() as $Role) { if ($Role->RoleID == $ApplicantRoleID) { $ApplicantFound = TRUE; } } } if ($ApplicantFound) { // Retrieve the default role(s) for new users $RoleIDs = Gdn::Config('Garden.Registration.DefaultRoles', array(8)); // Wipe out old & insert new roles for this user $this->SaveRoles($UserID, $RoleIDs, FALSE); // Send out a notification to the user $User = $this->Get($UserID); if ($User) { $Email->Subject(sprintf(T('[%1$s] Membership Approved'), C('Garden.Title'))); $Email->Message(sprintf(T('EmailMembershipApproved'), $User->Name, Url(Gdn::Authenticator()->SignInUrl(), TRUE))); $Email->To($User->Email); //$Email->From(C('Garden.SupportEmail'), C('Garden.SupportName')); $Email->Send(); } // Report that the user was approved $Session = Gdn::Session(); AddActivity($Session->UserID, 'JoinApproved', T('Welcome Aboard!'), $UserID, '', FALSE); } return TRUE; }
/* Copyright 2008, 2009 Mark O'Sullivan This file is part of Garden. Garden is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. Garden is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with Garden. If not, see <http://www.gnu.org/licenses/>. Contact Mark O'Sullivan at mark [at] lussumo [dot] com */ // Report and track all errors. error_reporting(E_ALL); ini_set('display_errors', 'on'); ini_set('track_errors', 1); ob_start(); // 1. Define the constants we need to get going. define('APPLICATION', 'Garden'); define('APPLICATION_VERSION', '1.0'); define('DS', DIRECTORY_SEPARATOR); define('PATH_ROOT', dirname(__FILE__)); // 2. Include the header. require_once PATH_ROOT . DS . 'bootstrap.php'; // 3. Start the application. if (strpos(Gdn_Url::Request(), 'gardensetup') === FALSE) { Gdn::Session()->Start(Gdn::Authenticator()); } $Dispatcher = Gdn::Dispatcher(); $EnabledApplications = Gdn::Config('EnabledApplications'); $Dispatcher->EnabledApplicationFolders($EnabledApplications); $Dispatcher->PassProperty('EnabledApplications', $EnabledApplications); $Dispatcher->Routes = Gdn::Config('Routes'); // Process the request. $Dispatcher->Dispatch();
/** * Checks that the user has the specified permissions. If the user does not, they are redirected to the DefaultPermission route. * @param mixed $Permission A permission or array of permission names required to access this resource. * @param bool $FullMatch If $Permission is an array, $FullMatch indicates if all permissions specified are required. If false, the user only needs one of the specified permissions. * @param string $JunctionTable The name of the junction table for a junction permission. * @param in $JunctionID The ID of the junction permission. */ public function Permission($Permission, $FullMatch = TRUE, $JunctionTable = '', $JunctionID = '') { $Session = Gdn::Session(); // TODO: Make this work with different delivery types. if (!$Session->CheckPermission($Permission, $FullMatch, $JunctionTable, $JunctionID)) { if (!$Session->IsValid()) { Redirect(Gdn::Authenticator()->SignInUrl($this->SelfUrl)); } else { Redirect(Gdn::Router()->GetDestination('DefaultPermission')); } } }
public function WakeUp() { // Allow the entry/handshake method to function Gdn::Authenticator()->AllowHandshake(); if (Gdn::Request()->Path() == 'entry/auth/proxy') return; if (Gdn::Request()->Path() == 'entry/handshake/proxy') return; // Shortcircuit the wakeup if we're already awake // // If we're already back on Vanilla and working with the handshake form, don't // try to re-wakeup. $HaveHandshake = $this->CheckCookie(); if ($HaveHandshake) return; $CurrentStep = $this->CurrentStep(); // Shortcircuit to prevent pointless work when the access token has already been handled and we already have a session if ($CurrentStep == Gdn_Authenticator::MODE_REPEAT) return; // Don't try to wakeup when we've already tried once this session if ($CurrentStep == Gdn_Authenticator::MODE_NOAUTH) return; try { // Passed all shortcircuits. Try to log in via proxy. $AuthResponse = $this->Authenticate(); $UserInfo = array(); $UserEventData = array_merge(array( 'UserID' => Gdn::Session()->UserID, 'Payload' => GetValue('HandshakeResponse', $this, FALSE) ),$UserInfo); Gdn::Authenticator()->Trigger($AuthResponse,$UserEventData); if ($AuthResponse == Gdn_Authenticator::AUTH_PARTIAL) { return Redirect(Url('/entry/handshake/proxy',TRUE),302); } } catch (Exception $e) { // Fallback to defer checking until the next session if (substr(Gdn::Request()->Path(),0,6) != 'entry/') $this->SetIdentity(-1, FALSE); } }
public function Leave($TransientKey = '') { // Only sign the user out if this is an authenticated postback! $Session = Gdn::Session(); $this->Leaving = FALSE; if ($Session->ValidateTransientKey($TransientKey)) { $Authenticator = Gdn::Authenticator(); $Authenticator->DeAuthenticate(); $this->Leaving = TRUE; $this->RedirectUrl = Url('/entry'); } $this->Render(); }
public function InsertUserTable() { // Delete the current user table. $this->Query('truncate table :_User'); // Load the new user table. $UserTableInfo =& $this->Data['Tables']['User']; $this->_InsertTable('User', array('HashMethod' => $this->GetPasswordHashMethod())); $UserTableInfo['Inserted'] = TRUE; // Set the admin user flag. $AdminEmail = GetValue('OverwriteEmail', $this->Data); $this->Query('update :_User set Admin = 1 where Email = :Email', array(':Email' => $AdminEmail)); // Authenticate the admin user as the current user. $PasswordAuth = Gdn::Authenticator()->AuthenticateWith('password'); //$PasswordAuth->FetchData($PasswordAuth, array('Email' => GetValue('OverwriteEmail', $this->Data), 'Password' => GetValue('OverwritePassword', $this->Data))); $PasswordAuth->Authenticate(GetValue('OverwriteEmail', $this->Data), GetValue('OverwritePassword', $this->Data)); Gdn::Session()->Start(); return TRUE; }
<div id="Head"> <div class="Menu"> <!--<h1><a class="Title" href="<?php echo Url('/'); ?> "><span><?php echo Gdn_Theme::Logo(); ?> </span></a></h1>--> <?php $Session = Gdn::Session(); if ($this->Menu) { $this->Menu->AddLink('Dashboard', T('Dashboard'), '/dashboard/settings', array('Garden.Settings.Manage')); // $this->Menu->AddLink('Dashboard', T('Users'), '/user/browse', array('Garden.Users.Add', 'Garden.Users.Edit', 'Garden.Users.Delete')); //$this->Menu->AddLink('Activity', T('Activity'), '/activity'); $Authenticator = Gdn::Authenticator(); if ($Session->IsValid()) { $Name = $Session->User->Name; $CountNotifications = $Session->User->CountNotifications; if (is_numeric($CountNotifications) && $CountNotifications > 0) { $Name .= ' <span>' . $CountNotifications . '</span>'; } //$this->Menu->AddLink('User', $Name, '/profile/{UserID}/{Username}', array('Garden.SignIn.Allow'), array('class' => 'UserNotifications')); //$this->Menu->AddLink('SignOut', T('Sign Out'), Gdn::Authenticator()->SignOutUrl(), FALSE, array('class' => 'NonTab SignOut')); } else { $Attribs = array(); if (SignInPopup() && strpos(Gdn::Request()->Url(), 'entry') === FALSE) { $Attribs['class'] = 'SignInPopup'; } //$this->Menu->AddLink('Entry', T('Sign In'), Gdn::Authenticator()->SignInUrl(), FALSE, array('class' => 'NonTab'), $Attribs); }
/** * Returns the transient key for the authenticated user. * * @return string * @todo check return type */ public function TransientKey($NewKey = NULL) { if (!is_null($NewKey)) { $this->_TransientKey = Gdn::Authenticator()->GetUserModel()->SetTransientKey($this->UserID, $NewKey); } if ($this->_TransientKey !== FALSE) { return $this->_TransientKey; } else { return RandomString(12); } // Postbacks will never be authenticated if transientkey is not defined. }
/** * Allows the configuration of basic setup information in Garden. This * should not be functional after the application has been set up. */ public function Configure($RedirectUrl = '') { $Config = Gdn::Factory(Gdn::AliasConfig); // Create a model to save configuration settings $Validation = new Gdn_Validation(); $ConfigurationModel = new Gdn_ConfigurationModel($Validation); $ConfigurationModel->SetField(array('Garden.Locale', 'Garden.Title', 'Garden.RewriteUrls', 'Garden.WebRoot', 'Garden.Cookie.Salt', 'Garden.Cookie.Domain', 'Database.Name', 'Database.Host', 'Database.User', 'Database.Password')); // Set the models on the forms. $this->Form->SetModel($ConfigurationModel); // Load the locales for the locale dropdown // $Locale = Gdn::Locale(); // $AvailableLocales = $Locale->GetAvailableLocaleSources(); // $this->LocaleData = array_combine($AvailableLocales, $AvailableLocales); // If seeing the form for the first time... if (!$this->Form->IsPostback()) { // Force the webroot using our best guesstimates $ConfigurationModel->Data['Database.Host'] = 'localhost'; $this->Form->SetData($ConfigurationModel->Data); } else { // Define some validation rules for the fields being saved $ConfigurationModel->Validation->ApplyRule('Database.Name', 'Required', 'You must specify the name of the database in which you want to set up Vanilla.'); // Let's make some user-friendly custom errors for database problems $DatabaseHost = $this->Form->GetFormValue('Database.Host', '~~Invalid~~'); $DatabaseName = $this->Form->GetFormValue('Database.Name', '~~Invalid~~'); $DatabaseUser = $this->Form->GetFormValue('Database.User', '~~Invalid~~'); $DatabasePassword = $this->Form->GetFormValue('Database.Password', '~~Invalid~~'); $ConnectionString = GetConnectionString($DatabaseName, $DatabaseHost); try { $Connection = new PDO($ConnectionString, $DatabaseUser, $DatabasePassword); } catch (PDOException $Exception) { switch ($Exception->getCode()) { case 1044: $this->Form->AddError(T('The database user you specified does not have permission to access the database. Have you created the database yet? The database reported: <code>%s</code>'), strip_tags($Exception->getMessage())); break; case 1045: $this->Form->AddError(T('Failed to connect to the database with the username and password you entered. Did you mistype them? The database reported: <code>%s</code>'), strip_tags($Exception->getMessage())); break; case 1049: $this->Form->AddError(T('It appears as though the database you specified does not exist yet. Have you created it yet? Did you mistype the name? The database reported: <code>%s</code>'), strip_tags($Exception->getMessage())); break; case 2005: $this->Form->AddError(T("Are you sure you've entered the correct database host name? Maybe you mistyped it? The database reported: <code>%s</code>"), strip_tags($Exception->getMessage())); break; default: $this->Form->AddError(sprintf(T('ValidateConnection'), strip_tags($Exception->getMessage()))); break; } } $ConfigurationModel->Validation->ApplyRule('Garden.Title', 'Required'); $ConfigurationFormValues = $this->Form->FormValues(); if ($ConfigurationModel->Validate($ConfigurationFormValues) !== TRUE || $this->Form->ErrorCount() > 0) { // Apply the validation results to the form(s) $this->Form->SetValidationResults($ConfigurationModel->ValidationResults()); } else { $Host = array_shift(explode(':', Gdn::Request()->RequestHost())); $Domain = Gdn::Request()->Domain(); // Set up cookies now so that the user can be signed in. $ConfigurationFormValues['Garden.Cookie.Salt'] = RandomString(10); $ConfigurationFormValues['Garden.Cookie.Domain'] = strpos($Host, '.') === FALSE ? '' : $Host; // Don't assign the domain if it is a non .com domain as that will break cookies. $ConfigurationModel->Save($ConfigurationFormValues); // If changing locale, redefine locale sources: $NewLocale = 'en-CA'; // $this->Form->GetFormValue('Garden.Locale', FALSE); if ($NewLocale !== FALSE && Gdn::Config('Garden.Locale') != $NewLocale) { $ApplicationManager = new Gdn_ApplicationManager(); $PluginManager = Gdn::Factory('PluginManager'); $Locale = Gdn::Locale(); $Locale->Set($NewLocale, $ApplicationManager->EnabledApplicationFolders(), $PluginManager->EnabledPluginFolders(), TRUE); } // Set the instantiated config object's db params and make the database use them (otherwise it will use the default values from conf/config-defaults.php). $Config->Set('Database.Host', $ConfigurationFormValues['Database.Host']); $Config->Set('Database.Name', $ConfigurationFormValues['Database.Name']); $Config->Set('Database.User', $ConfigurationFormValues['Database.User']); $Config->Set('Database.Password', $ConfigurationFormValues['Database.Password']); $Config->ClearSaveData(); Gdn::FactoryInstall(Gdn::AliasDatabase, 'Gdn_Database', PATH_LIBRARY . DS . 'database' . DS . 'class.database.php', Gdn::FactorySingleton, array(Gdn::Config('Database'))); // Install db structure & basic data. $Database = Gdn::Database(); $Drop = FALSE; // Gdn::Config('Garden.Version') === FALSE ? TRUE : FALSE; $Explicit = FALSE; try { include PATH_APPLICATIONS . DS . 'dashboard' . DS . 'settings' . DS . 'structure.php'; } catch (Exception $ex) { $this->Form->AddError($ex); } if ($this->Form->ErrorCount() > 0) { return FALSE; } // Create the administrative user $UserModel = Gdn::UserModel(); $UserModel->DefineSchema(); $UserModel->Validation->ApplyRule('Name', 'Username', self::UsernameError); $UserModel->Validation->ApplyRule('Name', 'Required', T('You must specify an admin username.')); $UserModel->Validation->ApplyRule('Password', 'Required', T('You must specify an admin password.')); $UserModel->Validation->ApplyRule('Password', 'Match'); $UserModel->Validation->ApplyRule('Email', 'Email'); if (!$UserModel->SaveAdminUser($ConfigurationFormValues)) { $this->Form->SetValidationResults($UserModel->ValidationResults()); } else { // The user has been created successfully, so sign in now $Authenticator = Gdn::Authenticator()->AuthenticateWith('password'); $Authenticator->FetchData($this->Form); $AuthUserID = $Authenticator->Authenticate(); } if ($this->Form->ErrorCount() > 0) { return FALSE; } // Assign some extra settings to the configuration file if everything succeeded. $ApplicationInfo = array(); include CombinePaths(array(PATH_APPLICATIONS . DS . 'dashboard' . DS . 'settings' . DS . 'about.php')); // Detect rewrite abilities try { $Query = Gdn::Request()->Url("entry", TRUE); $Results = ProxyHead($Query, array(), 1); $CanRewrite = FALSE; if (in_array(ArrayValue('StatusCode', $Results, 404), array(200, 302)) && ArrayValue('X-Garden-Version', $Results, 'None') != 'None') { $CanRewrite = TRUE; } } catch (Exception $e) { // cURL and fsockopen arent supported... guess? $CanRewrite = function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules()) ? TRUE : FALSE; } SaveToConfig(array('Garden.Version' => ArrayValue('Version', GetValue('Dashboard', $ApplicationInfo, array()), 'Undefined'), 'Garden.RewriteUrls' => $CanRewrite, 'Garden.CanProcessImages' => function_exists('gd_info'), 'EnabledPlugins.GettingStarted' => 'GettingStarted', 'EnabledPlugins.HTMLPurifier' => 'HtmlPurifier')); } } return $this->Form->ErrorCount() == 0 ? TRUE : FALSE; }
include_once $Gdn_Path; } // Include the application's hooks. $Hooks_Path = PATH_APPLICATIONS . DS . $ApplicationFolder . DS . 'settings' . DS . 'class.hooks.php'; if (file_exists($Hooks_Path)) { include_once $Hooks_Path; } } unset($Gdn_EnabledApplications); unset($Gdn_Path); unset($Hooks_Path); // If there is a hooks file in the theme folder, include it. $ThemeName = C('Garden.Theme', 'default'); $ThemeHooks = PATH_THEMES . DS . $ThemeName . DS . 'class.' . strtolower($ThemeName) . 'themehooks.php'; if (file_exists($ThemeHooks)) { include_once $ThemeHooks; } // Set up the plugin manager (doing this early so it has fewer classes to // examine to determine if they are plugins). Gdn::FactoryInstall(Gdn::AliasPluginManager, 'Gdn_PluginManager', PATH_LIBRARY . DS . 'core' . DS . 'class.pluginmanager.php', Gdn::FactorySingleton); Gdn::PluginManager()->IncludePlugins(); Gdn::PluginManager()->RegisterPlugins(); Gdn::FactoryOverwrite($FactoryOverwriteBak); unset($FactoryOverwriteBak); Gdn::Authenticator()->StartAuthenticator(); /// Include a user-defined bootstrap. if (file_exists(PATH_ROOT . DS . 'conf' . DS . 'bootstrap.after.php')) { require_once PATH_ROOT . DS . 'conf' . DS . 'bootstrap.after.php'; } // Include "Render" functions now - this way pluggables and custom confs can override them. require_once PATH_LIBRARY_CORE . DS . 'functions.render.php';
public function Leave($AuthenticationSchemeAlias = 'default', $TransientKey = '') { $this->EventArguments['AuthenticationSchemeAlias'] = $AuthenticationSchemeAlias; $this->FireEvent('BeforeLeave'); // Allow hijacking deauth type $AuthenticationSchemeAlias = $this->EventArguments['AuthenticationSchemeAlias']; try { $Authenticator = Gdn::Authenticator()->AuthenticateWith($AuthenticationSchemeAlias); } catch (Exception $e) { $Authenticator = Gdn::Authenticator()->AuthenticateWith('default'); } // Only sign the user out if this is an authenticated postback! Start off pessimistic $this->Leaving = FALSE; $Result = Gdn_Authenticator::REACT_RENDER; // Build these before doing anything desctructive as they are supposed to have user context $LogoutResponse = $Authenticator->LogoutResponse(); $LoginResponse = $Authenticator->LoginResponse(); $AuthenticatedPostbackRequired = $Authenticator->RequireLogoutTransientKey(); if (!$AuthenticatedPostbackRequired || Gdn::Session()->ValidateTransientKey($TransientKey)) { $Result = $Authenticator->DeAuthenticate(); $this->Leaving = TRUE; } if ($Result == Gdn_Authenticator::AUTH_SUCCESS) { $this->View = 'leave'; $Reaction = $LogoutResponse; } else { $this->View = 'auth/' . $Authenticator->GetAuthenticationSchemeAlias(); $Reaction = $LoginResponse; } switch ($Reaction) { case Gdn_Authenticator::REACT_RENDER: break; case Gdn_Authenticator::REACT_EXIT: exit; break; case Gdn_Authenticator::REACT_REMOTE: // Render the view, but set the delivery type to VIEW $this->_DeliveryType = DELIVERY_TYPE_VIEW; break; case Gdn_Authenticator::REACT_REDIRECT: default: // If we're just told to redirect, but not where... try to figure out somewhere that makes sense. if ($Reaction == Gdn_Authenticator::REACT_REDIRECT) { $Route = '/'; $Target = GetIncomingValue('Target', NULL); if (!is_null($Target)) { $Route = $Target; } } else { $Route = $Reaction; } if ($this->_DeliveryType != DELIVERY_TYPE_ALL) { $this->RedirectUrl = Url($Route); } else { if ($Route !== FALSE) { Redirect($Route); } else { Redirect(Gdn::Router()->GetDestination('DefaultController')); } } break; } $this->Render(); }
/** * Analyzes the supplied query string and decides how to dispatch the request. */ public function Dispatch($ImportRequest = NULL, $Permanent = TRUE) { if ($ImportRequest && is_string($ImportRequest)) { $ImportRequest = Gdn_Request::Create()->FromEnvironment()->WithURI($ImportRequest); } if (is_a($ImportRequest, 'Gdn_Request') && $Permanent) { Gdn::Request($ImportRequest); } $Request = is_a($ImportRequest, 'Gdn_Request') ? $ImportRequest : Gdn::Request(); if (Gdn::Config('Garden.UpdateMode', FALSE)) { if (!Gdn::Session()->CheckPermission('Garden.Settings.GlobalPrivs')) { // Updatemode, and this user is not root admin $Request->WithURI(Gdn::Router()->GetDestination('UpdateMode')); } } $this->FireEvent('BeforeDispatch'); $this->_AnalyzeRequest($Request); // Send user to login page if this is a private community if (C('Garden.PrivateCommunity') && $this->ControllerName() != 'EntryController' && !Gdn::Session()->IsValid()) { Redirect(Gdn::Authenticator()->SignInUrl($this->Request)); exit; } /* echo "<br />Gdn::Request thinks: ".Gdn::Request()->Path(); echo "<br />Gdn::Request also suggests: output=".Gdn::Request()->OutputFormat().", filename=".Gdn::Request()->Filename(); echo '<br />Request: '.$this->Request; echo '<br />App folder: '.$this->_ApplicationFolder; echo '<br />Controller folder: '.$this->_ControllerFolder; echo '<br />ControllerName: '.$this->_ControllerName; echo '<br />ControllerMethod: '.$this->_ControllerMethod; */ $ControllerName = $this->ControllerName(); if ($ControllerName != '' && class_exists($ControllerName)) { // Create it and call the appropriate method/action $Controller = new $ControllerName(); // Pass along any assets if (is_array($this->_AssetCollection)) { foreach ($this->_AssetCollection as $AssetName => $Assets) { foreach ($Assets as $Asset) { $Controller->AddAsset($AssetName, $Asset); } } } // Instantiate Imported & Uses classes $Controller->GetImports(); // Pass in the syndication method $Controller->SyndicationMethod = $this->_SyndicationMethod; // Pass along the request $Controller->SelfUrl = $this->Request; // Pass along any objects foreach ($this->_PropertyCollection as $Name => $Mixed) { $Controller->{$Name} = $Mixed; } // Set up a default controller method in case one isn't defined. $ControllerMethod = str_replace('_', '', $this->_ControllerMethod); $Controller->OriginalRequestMethod = $ControllerMethod; // Take enabled plugins into account, as well $PluginManagerHasReplacementMethod = Gdn::PluginManager()->HasNewMethod($this->ControllerName(), $this->_ControllerMethod); if (!$PluginManagerHasReplacementMethod && ($this->_ControllerMethod == '' || !method_exists($Controller, $ControllerMethod))) { // Check to see if there is an 'x' version of the method. if (method_exists($Controller, 'x' . $ControllerMethod)) { // $PluginManagerHasReplacementMethod = TRUE; $ControllerMethod = 'x' . $ControllerMethod; } else { if ($this->_ControllerMethod != '') { array_unshift($this->_ControllerMethodArgs, $this->_ControllerMethod); } $this->_ControllerMethod = 'Index'; $ControllerMethod = 'Index'; $PluginManagerHasReplacementMethod = Gdn::PluginManager()->HasNewMethod($this->ControllerName(), $this->_ControllerMethod); } } // Pass in the querystring values $Controller->ApplicationFolder = $this->_ApplicationFolder; $Controller->Application = $this->EnabledApplication(); $Controller->ControllerFolder = $this->_ControllerFolder; $Controller->RequestMethod = $this->_ControllerMethod; $Controller->RequestArgs = $this->_ControllerMethodArgs; $Controller->Request = $Request; $Controller->DeliveryType($Request->GetValue('DeliveryType', '')); $Controller->DeliveryMethod($Request->GetValue('DeliveryMethod', '')); $Controller->Initialize(); // Call the requested method on the controller - error out if not defined. if ($PluginManagerHasReplacementMethod || method_exists($Controller, $ControllerMethod)) { // call_user_func_array is too slow!! //call_user_func_array(array($Controller, $ControllerMethod), $this->_ControllerMethodArgs); if ($PluginManagerHasReplacementMethod) { Gdn::PluginManager()->CallNewMethod($Controller, $Controller->ControllerName, $ControllerMethod); } else { $Args = $this->_ControllerMethodArgs; $Count = count($Args); if ($Count == 0) { $Controller->{$ControllerMethod}(); } else { if ($Count == 1) { $Controller->{$ControllerMethod}($Args[0]); } else { if ($Count == 2) { $Controller->{$ControllerMethod}($Args[0], $Args[1]); } else { if ($Count == 3) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2]); } else { if ($Count == 4) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3]); } else { if ($Count == 5) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3], $Args[4]); } else { if ($Count == 6) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3], $Args[4], $Args[5]); } else { if ($Count == 7) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3], $Args[4], $Args[5], $Args[6]); } else { if ($Count == 8) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3], $Args[4], $Args[5], $Args[6], $Args[7]); } else { if ($Count == 9) { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3], $Args[4], $Args[5], $Args[6], $Args[7], $Args[8]); } else { $Controller->{$ControllerMethod}($Args[0], $Args[1], $Args[2], $Args[3], $Args[4], $Args[5], $Args[6], $Args[7], $Args[8], $Args[9]); } } } } } } } } } } } } else { Gdn::Request()->WithRoute('Default404'); return $this->Dispatch(); } } }
<?php if (!defined('APPLICATION')) { exit; } ?> <div class="Box GuestBox"> <h4><?php echo Gdn::Translate('Howdy, Stranger!'); ?> </h4> <p><?php echo Translate($this->MessageCode); ?> </p> <p> <?php echo Anchor(Gdn::Translate('Sign In'), Gdn::Authenticator()->SignInUrl($this->_Sender->SelfUrl), 'Button' . (Gdn::Config('Garden.SignIn.Popup') ? ' SignInPopup' : '')); ?> <?php $Url = Gdn::Authenticator()->RegisterUrl($this->_Sender->SelfUrl); if (!empty($Url)) { echo Anchor(Gdn::Translate('Apply for Membership'), $Url, 'Button'); } ?> </p> </div>
} $this->AddDefinition('Vanilla_Comments_AutoRefresh', Gdn::Config('Vanilla.Comments.AutoRefresh', 0)); } echo $this->Pager->ToString('more'); // Write out the comment form if ($this->Discussion->Closed == '1') { ?> <div class="Foot Closed"> <div class="Note Closed"><?php echo T('This discussion has been closed.'); ?> </div> <?php echo Anchor(T('← All Discussions'), 'discussions', 'TabLink'); ?> </div> <?php } else { if ($Session->IsValid()) { echo $this->FetchView('comment', 'post'); } else { ?> <div class="Foot"> <?php echo Anchor(T('Add a Comment'), Gdn::Authenticator()->SignInUrl($this->SelfUrl), 'TabLink' . (C('Garden.SignIn.Popup') ? ' SignInPopup' : '')); ?> </div> <?php } }