public function RemoveAddon($Type, $Name, $TransientKey = '')
{
$RequiredPermission = 'Undefined';
switch ($Type) {
case SettingsModule::TYPE_APPLICATION:
$Manager = Gdn::Factory('ApplicationManager');
$Enabled = 'EnabledApplications';
$Remove = 'RemoveApplication';
$RequiredPermission = 'Garden.Applications.Manage';
break;
case SettingsModule::TYPE_PLUGIN:
$Manager = Gdn::Factory('PluginManager');
$Enabled = 'EnabledPlugins';
$Remove = 'RemovePlugin';
$RequiredPermission = 'Garden.Plugins.Manage';
break;
}
$Session = Gdn::Session();
if ($Session->ValidateTransientKey($TransientKey) && $Session->CheckPermission($RequiredPermission)) {
try {
if (array_key_exists($Name, $Manager->{$Enabled}) === FALSE) {
$Manager->{$Remove}($Name);
}
} catch (Exception $e) {
$this->Form->AddError(strip_tags($e->getMessage()));
}
}
if ($this->Form->ErrorCount() == 0) {
Redirect('/settings/plugins');
}
}
/**
* Do password reset.
*
* @access public
* @since 2.0.0
*
* @param int $UserID Unique.
* @param string $PasswordResetKey Authenticate with unique, 1-time code sent via email.
*/
public function PasswordReset($UserID = '', $PasswordResetKey = '')
{
if (!is_numeric($UserID) || $PasswordResetKey == '' || $this->UserModel->GetAttribute($UserID, 'PasswordResetKey', '') != $PasswordResetKey) {
$this->Form->AddError('Failed to authenticate your password reset request. Try using the reset request form again.');
}
if ($this->Form->ErrorCount() == 0) {
$User = $this->UserModel->GetID($UserID, DATASET_TYPE_ARRAY);
if ($User) {
$User = ArrayTranslate($User, array('UserID', 'Name', 'Email'));
$this->SetData('User', $User);
}
}
if ($this->Form->ErrorCount() == 0 && $this->Form->IsPostBack() === TRUE) {
$Password = $this->Form->GetFormValue('Password', '');
$Confirm = $this->Form->GetFormValue('Confirm', '');
if ($Password == '') {
$this->Form->AddError('Your new password is invalid');
} else {
if ($Password != $Confirm) {
$this->Form->AddError('Your passwords did not match.');
}
}
if ($this->Form->ErrorCount() == 0) {
$User = $this->UserModel->PasswordReset($UserID, $Password);
Gdn::Session()->Start($User->UserID, TRUE);
// $Authenticator = Gdn::Authenticator()->AuthenticateWith('password');
// $Authenticator->FetchData($Authenticator, array('Email' => $User->Email, 'Password' => $Password, 'RememberMe' => FALSE));
// $AuthUserID = $Authenticator->Authenticate();
Redirect('/');
}
}
$this->Render();
}
/**
* Prompts new admins how to get started using new install.
*
* @since 2.0.0
* @access public
*/
public function GettingStarted()
{
$this->Permission('Garden.Settings.Manage');
$this->SetData('Title', T('Getting Started'));
$this->AddSideMenu('dashboard/settings/gettingstarted');
$this->TextEnterEmails = T('TextEnterEmails', 'Type email addresses separated by commas here');
if ($this->Form->AuthenticatedPostBack()) {
// Do invitations to new members.
$Message = $this->Form->GetFormValue('InvitationMessage');
$Message .= "\n\n" . Gdn::Request()->Url('/', TRUE);
$Message = trim($Message);
$Recipients = $this->Form->GetFormValue('Recipients');
if ($Recipients == $this->TextEnterEmails) {
$Recipients = '';
}
$Recipients = explode(',', $Recipients);
$CountRecipients = 0;
foreach ($Recipients as $Recipient) {
if (trim($Recipient) != '') {
$CountRecipients++;
if (!ValidateEmail($Recipient)) {
$this->Form->AddError(sprintf(T('%s is not a valid email address'), $Recipient));
}
}
}
if ($CountRecipients == 0) {
$this->Form->AddError(T('You must provide at least one recipient'));
}
if ($this->Form->ErrorCount() == 0) {
$Email = new Gdn_Email();
$Email->Subject(T('Check out my new community!'));
$Email->Message($Message);
foreach ($Recipients as $Recipient) {
if (trim($Recipient) != '') {
$Email->To($Recipient);
try {
$Email->Send();
} catch (Exception $ex) {
$this->Form->AddError($ex);
}
}
}
}
if ($this->Form->ErrorCount() == 0) {
$this->InformMessage(T('Your invitations were sent successfully.'));
}
}
$this->Render();
}
/**
* Do password reset.
*
* @access public
* @since 2.0.0
*
* @param int $UserID Unique.
* @param string $PasswordResetKey Authenticate with unique, 1-time code sent via email.
*/
public function PasswordReset($UserID = '', $PasswordResetKey = '')
{
$PasswordResetKey = trim($PasswordResetKey);
if (!is_numeric($UserID) || $PasswordResetKey == '' || $this->UserModel->GetAttribute($UserID, 'PasswordResetKey', '') != $PasswordResetKey) {
$this->Form->AddError('Failed to authenticate your password reset request. Try using the reset request form again.');
Logger::event('password_reset_failure', Logger::NOTICE, '{username} failed to authenticate password reset request.');
}
$Expires = $this->UserModel->GetAttribute($UserID, 'PasswordResetExpires');
if ($this->Form->ErrorCount() === 0 && $Expires < time()) {
$this->Form->AddError('@' . T('Your password reset token has expired.', 'Your password reset token has expired. Try using the reset request form again.'));
Logger::event('password_reset_failure', Logger::NOTICE, '{username} has an expired reset token.');
}
if ($this->Form->ErrorCount() == 0) {
$User = $this->UserModel->GetID($UserID, DATASET_TYPE_ARRAY);
if ($User) {
$User = ArrayTranslate($User, array('UserID', 'Name', 'Email'));
$this->SetData('User', $User);
}
} else {
$this->SetData('Fatal', TRUE);
}
if ($this->Form->ErrorCount() == 0 && $this->Form->IsPostBack() === TRUE) {
$Password = $this->Form->GetFormValue('Password', '');
$Confirm = $this->Form->GetFormValue('Confirm', '');
if ($Password == '') {
$this->Form->AddError('Your new password is invalid');
Logger::event('password_reset_failure', Logger::NOTICE, 'Failed to reset the password for {username}. Password is invalid.');
} else {
if ($Password != $Confirm) {
$this->Form->AddError('Your passwords did not match.');
}
}
Logger::event('password_reset_failure', Logger::NOTICE, 'Failed to reset the password for {username}. Passwords did not match.');
if ($this->Form->ErrorCount() == 0) {
$User = $this->UserModel->PasswordReset($UserID, $Password);
Logger::event('password_reset', Logger::NOTICE, '{username} has reset their password.', array('UserName', $User->Name));
Gdn::Session()->Start($User->UserID, TRUE);
// $Authenticator = Gdn::Authenticator()->AuthenticateWith('password');
// $Authenticator->FetchData($Authenticator, array('Email' => $User->Email, 'Password' => $Password, 'RememberMe' => FALSE));
// $AuthUserID = $Authenticator->Authenticate();
Redirect('/');
}
}
$this->Render();
}
/**
* Revoke an invitation.
*
* @since 2.0.0
* @param int $InvitationID Unique identifier.
* @throws Exception Throws an exception when the invitation isn't found or the user doesn't have permission to delete it.
*/
public function UnInvite($InvitationID)
{
$this->Permission('Garden.SignIn.Allow');
if (!$this->Form->AuthenticatedPostBack()) {
throw ForbiddenException('GET');
}
$InvitationModel = new InvitationModel();
$Session = Gdn::Session();
try {
$Valid = $InvitationModel->Delete($InvitationID, $this->UserModel);
if ($Valid) {
$this->InformMessage(T('The invitation was removed successfully.'));
$this->JsonTarget(".js-invitation[data-id=\"{$InvitationID}\"]", '', 'SlideUp');
}
} catch (Exception $ex) {
$this->Form->AddError(strip_tags($ex->getMessage()));
}
if ($this->Form->ErrorCount() == 0) {
$this->Render('Blank', 'Utility');
}
}
/**
* Create or update a comment.
*
* @since 2.0.0
* @access public
*
* @param int $DiscussionID Unique ID to add the comment to. If blank, this method will throw an error.
*/
public function Comment($DiscussionID = '')
{
// Get $DiscussionID from RequestArgs if valid
if ($DiscussionID == '' && count($this->RequestArgs)) {
if (is_numeric($this->RequestArgs[0])) {
$DiscussionID = $this->RequestArgs[0];
}
}
// If invalid $DiscussionID, get from form.
$this->Form->SetModel($this->CommentModel);
$DiscussionID = is_numeric($DiscussionID) ? $DiscussionID : $this->Form->GetFormValue('DiscussionID', 0);
// Set discussion data
$this->DiscussionID = $DiscussionID;
$this->Discussion = $Discussion = $this->DiscussionModel->GetID($DiscussionID);
// Is this an embedded comment being posted to a discussion that doesn't exist yet?
$vanilla_type = $this->Form->GetFormValue('vanilla_type', '');
$vanilla_url = $this->Form->GetFormValue('vanilla_url', '');
$vanilla_category_id = $this->Form->GetFormValue('vanilla_category_id', '');
$Attributes = array('ForeignUrl' => $vanilla_url);
$vanilla_identifier = $this->Form->GetFormValue('vanilla_identifier', '');
// Only allow vanilla identifiers of 32 chars or less - md5 if larger
if (strlen($vanilla_identifier) > 32) {
$Attributes['vanilla_identifier'] = $vanilla_identifier;
$vanilla_identifier = md5($vanilla_identifier);
}
if (!$Discussion && $vanilla_url != '' && $vanilla_identifier != '') {
$Discussion = $Discussion = $this->DiscussionModel->GetForeignID($vanilla_identifier, $vanilla_type);
if ($Discussion) {
$this->DiscussionID = $DiscussionID = $Discussion->DiscussionID;
$this->Form->SetValue('DiscussionID', $DiscussionID);
}
}
// If so, create it!
if (!$Discussion && $vanilla_url != '' && $vanilla_identifier != '') {
// Add these values back to the form if they exist!
$this->Form->AddHidden('vanilla_identifier', $vanilla_identifier);
$this->Form->AddHidden('vanilla_type', $vanilla_type);
$this->Form->AddHidden('vanilla_url', $vanilla_url);
$this->Form->AddHidden('vanilla_category_id', $vanilla_category_id);
$PageInfo = FetchPageInfo($vanilla_url);
if (!($Title = $this->Form->GetFormValue('Name'))) {
$Title = GetValue('Title', $PageInfo, '');
if ($Title == '') {
$Title = T('Undefined discussion subject.');
}
}
$Description = GetValue('Description', $PageInfo, '');
$Images = GetValue('Images', $PageInfo, array());
$LinkText = T('EmbededDiscussionLinkText', 'Read the full story here');
if (!$Description && count($Images) == 0) {
$Body = FormatString('<p><a href="{Url}">{LinkText}</a></p>', array('Url' => $vanilla_url, 'LinkText' => $LinkText));
} else {
$Body = FormatString('
<div class="EmbeddedContent">{Image}<strong>{Title}</strong>
<p>{Excerpt}</p>
<p><a href="{Url}">{LinkText}</a></p>
<div class="ClearFix"></div>
</div>', array('Title' => $Title, 'Excerpt' => $Description, 'Image' => count($Images) > 0 ? Img(GetValue(0, $Images), array('class' => 'LeftAlign')) : '', 'Url' => $vanilla_url, 'LinkText' => $LinkText));
}
if ($Body == '') {
$Body = $vanilla_url;
}
if ($Body == '') {
$Body = T('Undefined discussion body.');
}
// Validate the CategoryID for inserting.
$Category = CategoryModel::Categories($vanilla_category_id);
if (!$Category) {
$vanilla_category_id = C('Vanilla.Embed.DefaultCategoryID', 0);
if ($vanilla_category_id <= 0) {
// No default category defined, so grab the first non-root category and use that.
$vanilla_category_id = $this->DiscussionModel->SQL->Select('CategoryID')->From('Category')->Where('CategoryID >', 0)->Get()->FirstRow()->CategoryID;
// No categories in the db? default to 0
if (!$vanilla_category_id) {
$vanilla_category_id = 0;
}
}
} else {
$vanilla_category_id = $Category['CategoryID'];
}
$EmbedUserID = C('Garden.Embed.UserID');
if ($EmbedUserID) {
$EmbedUser = Gdn::UserModel()->GetID($EmbedUserID);
}
if (!$EmbedUserID || !$EmbedUser) {
$EmbedUserID = Gdn::UserModel()->GetSystemUserID();
}
$EmbeddedDiscussionData = array('InsertUserID' => $EmbedUserID, 'DateInserted' => Gdn_Format::ToDateTime(), 'DateUpdated' => Gdn_Format::ToDateTime(), 'CategoryID' => $vanilla_category_id, 'ForeignID' => $vanilla_identifier, 'Type' => $vanilla_type, 'Name' => $Title, 'Body' => $Body, 'Format' => 'Html', 'Attributes' => serialize($Attributes));
$this->EventArguments['Discussion'] = $EmbeddedDiscussionData;
$this->FireEvent('BeforeEmbedDiscussion');
$DiscussionID = $this->DiscussionModel->SQL->Insert('Discussion', $EmbeddedDiscussionData);
$ValidationResults = $this->DiscussionModel->ValidationResults();
if (count($ValidationResults) == 0 && $DiscussionID > 0) {
$this->Form->AddHidden('DiscussionID', $DiscussionID);
// Put this in the form so reposts won't cause new discussions.
$this->Form->SetFormValue('DiscussionID', $DiscussionID);
// Put this in the form values so it is used when saving comments.
$this->SetJson('DiscussionID', $DiscussionID);
$this->Discussion = $Discussion = $this->DiscussionModel->GetID($DiscussionID, DATASET_TYPE_OBJECT, array('Slave' => FALSE));
// Update the category discussion count
if ($vanilla_category_id > 0) {
$this->DiscussionModel->UpdateDiscussionCount($vanilla_category_id, $DiscussionID);
}
}
}
// If no discussion was found, error out
if (!$Discussion) {
$this->Form->AddError(T('Failed to find discussion for commenting.'));
}
$PermissionCategoryID = GetValue('PermissionCategoryID', $Discussion);
// Setup head
$this->AddJsFile('jquery.autosize.min.js');
$this->AddJsFile('post.js');
$this->AddJsFile('autosave.js');
// Setup comment model, $CommentID, $DraftID
$Session = Gdn::Session();
$CommentID = isset($this->Comment) && property_exists($this->Comment, 'CommentID') ? $this->Comment->CommentID : '';
$DraftID = isset($this->Comment) && property_exists($this->Comment, 'DraftID') ? $this->Comment->DraftID : '';
$this->EventArguments['CommentID'] = $CommentID;
$this->EventArguments['DraftID'] = $DraftID;
// Determine whether we are editing
$Editing = $CommentID > 0 || $DraftID > 0;
$this->EventArguments['Editing'] = $Editing;
// If closed, cancel & go to discussion
if ($Discussion && $Discussion->Closed == 1 && !$Editing && !$Session->CheckPermission('Vanilla.Discussions.Close', TRUE, 'Category', $PermissionCategoryID)) {
Redirect(DiscussionUrl($Discussion));
}
// Add hidden IDs to form
$this->Form->AddHidden('DiscussionID', $DiscussionID);
$this->Form->AddHidden('CommentID', $CommentID);
$this->Form->AddHidden('DraftID', $DraftID, TRUE);
// Check permissions
if ($Discussion && $Editing) {
// Permisssion to edit
if ($this->Comment->InsertUserID != $Session->UserID) {
$this->Permission('Vanilla.Comments.Edit', TRUE, 'Category', $Discussion->PermissionCategoryID);
}
// Make sure that content can (still) be edited.
$EditContentTimeout = C('Garden.EditContentTimeout', -1);
$CanEdit = $EditContentTimeout == -1 || strtotime($this->Comment->DateInserted) + $EditContentTimeout > time();
if (!$CanEdit) {
$this->Permission('Vanilla.Comments.Edit', TRUE, 'Category', $Discussion->PermissionCategoryID);
}
// Make sure only moderators can edit closed things
if ($Discussion->Closed) {
$this->Permission('Vanilla.Comments.Edit', TRUE, 'Category', $Discussion->PermissionCategoryID);
}
$this->Form->SetFormValue('CommentID', $CommentID);
} else {
if ($Discussion) {
// Permission to add
$this->Permission('Vanilla.Comments.Add', TRUE, 'Category', $Discussion->PermissionCategoryID);
}
}
if (!$this->Form->IsPostBack()) {
// Form was validly submitted
if (isset($this->Comment)) {
$this->Form->SetData((array) $this->Comment);
}
} else {
// Save as a draft?
$FormValues = $this->Form->FormValues();
$FormValues = $this->CommentModel->FilterForm($FormValues);
if ($DraftID == 0) {
$DraftID = $this->Form->GetFormValue('DraftID', 0);
}
$Type = GetIncomingValue('Type');
$Draft = $Type == 'Draft';
$this->EventArguments['Draft'] = $Draft;
$Preview = $Type == 'Preview';
if ($Draft) {
$DraftID = $this->DraftModel->Save($FormValues);
$this->Form->AddHidden('DraftID', $DraftID, TRUE);
$this->Form->SetValidationResults($this->DraftModel->ValidationResults());
} else {
if (!$Preview) {
// Fix an undefined title if we can.
if ($this->Form->GetFormValue('Name') && GetValue('Name', $Discussion) == T('Undefined discussion subject.')) {
$Set = array('Name' => $this->Form->GetFormValue('Name'));
if (isset($vanilla_url) && $vanilla_url && strpos(GetValue('Body', $Discussion), T('Undefined discussion subject.')) !== FALSE) {
$LinkText = T('EmbededDiscussionLinkText', 'Read the full story here');
$Set['Body'] = FormatString('<p><a href="{Url}">{LinkText}</a></p>', array('Url' => $vanilla_url, 'LinkText' => $LinkText));
}
$this->DiscussionModel->SetField(GetValue('DiscussionID', $Discussion), $Set);
}
$Inserted = !$CommentID;
$CommentID = $this->CommentModel->Save($FormValues);
// The comment is now half-saved.
if (is_numeric($CommentID) && $CommentID > 0) {
if ($this->_DeliveryType == DELIVERY_TYPE_ALL) {
$this->CommentModel->Save2($CommentID, $Inserted, TRUE, TRUE);
} else {
$this->JsonTarget('', Url("/vanilla/post/comment2.json?commentid={$CommentID}&inserted={$Inserted}"), 'Ajax');
}
// $Discussion = $this->DiscussionModel->GetID($DiscussionID);
$Comment = $this->CommentModel->GetID($CommentID, DATASET_TYPE_OBJECT, array('Slave' => FALSE));
$this->EventArguments['Discussion'] = $Discussion;
$this->EventArguments['Comment'] = $Comment;
$this->FireEvent('AfterCommentSave');
} elseif ($CommentID === SPAM || $CommentID === UNAPPROVED) {
$this->StatusMessage = T('CommentRequiresApprovalStatus', 'Your comment will appear after it is approved.');
}
$this->Form->SetValidationResults($this->CommentModel->ValidationResults());
if ($CommentID > 0 && $DraftID > 0) {
$this->DraftModel->Delete($DraftID);
}
}
}
// Handle non-ajax requests first:
if ($this->_DeliveryType == DELIVERY_TYPE_ALL) {
if ($this->Form->ErrorCount() == 0) {
// Make sure that this form knows what comment we are editing.
if ($CommentID > 0) {
$this->Form->AddHidden('CommentID', $CommentID);
}
// If the comment was not a draft
if (!$Draft) {
// Redirect to the new comment.
if ($CommentID > 0) {
Redirect("discussion/comment/{$CommentID}/#Comment_{$CommentID}");
} elseif ($CommentID == SPAM) {
$this->SetData('DiscussionUrl', DiscussionUrl($Discussion));
$this->View = 'Spam';
}
} elseif ($Preview) {
// If this was a preview click, create a comment shell with the values for this comment
$this->Comment = new stdClass();
$this->Comment->InsertUserID = $Session->User->UserID;
$this->Comment->InsertName = $Session->User->Name;
$this->Comment->InsertPhoto = $Session->User->Photo;
$this->Comment->DateInserted = Gdn_Format::Date();
$this->Comment->Body = ArrayValue('Body', $FormValues, '');
$this->Comment->Format = GetValue('Format', $FormValues, C('Garden.InputFormatter'));
$this->AddAsset('Content', $this->FetchView('preview'));
} else {
// If this was a draft save, notify the user about the save
$this->InformMessage(sprintf(T('Draft saved at %s'), Gdn_Format::Date()));
}
}
} else {
// Handle ajax-based requests
if ($this->Form->ErrorCount() > 0) {
// Return the form errors
$this->ErrorMessage($this->Form->Errors());
} else {
// Make sure that the ajax request form knows about the newly created comment or draft id
$this->SetJson('CommentID', $CommentID);
$this->SetJson('DraftID', $DraftID);
if ($Preview) {
// If this was a preview click, create a comment shell with the values for this comment
$this->Comment = new stdClass();
$this->Comment->InsertUserID = $Session->User->UserID;
$this->Comment->InsertName = $Session->User->Name;
$this->Comment->InsertPhoto = $Session->User->Photo;
$this->Comment->DateInserted = Gdn_Format::Date();
$this->Comment->Body = ArrayValue('Body', $FormValues, '');
$this->View = 'preview';
} elseif (!$Draft) {
// If the comment was not a draft
// If Editing a comment
if ($Editing) {
// Just reload the comment in question
$this->Offset = 1;
$Comments = $this->CommentModel->GetIDData($CommentID, array('Slave' => FALSE));
$this->SetData('Comments', $Comments);
$this->SetData('Discussion', $Discussion);
// Load the discussion
$this->ControllerName = 'discussion';
$this->View = 'comments';
// Also define the discussion url in case this request came from the post screen and needs to be redirected to the discussion
$this->SetJson('DiscussionUrl', DiscussionUrl($this->Discussion) . '#Comment_' . $CommentID);
} else {
// If the comment model isn't sorted by DateInserted or CommentID then we can't do any fancy loading of comments.
$OrderBy = GetValueR('0.0', $this->CommentModel->OrderBy());
// $Redirect = !in_array($OrderBy, array('c.DateInserted', 'c.CommentID'));
// $DisplayNewCommentOnly = $this->Form->GetFormValue('DisplayNewCommentOnly');
// if (!$Redirect) {
// // Otherwise load all new comments that the user hasn't seen yet
// $LastCommentID = $this->Form->GetFormValue('LastCommentID');
// if (!is_numeric($LastCommentID))
// $LastCommentID = $CommentID - 1; // Failsafe back to this new comment if the lastcommentid was not defined properly
//
// // Don't reload the first comment if this new comment is the first one.
// $this->Offset = $LastCommentID == 0 ? 1 : $this->CommentModel->GetOffset($LastCommentID);
// // Do not load more than a single page of data...
// $Limit = C('Vanilla.Comments.PerPage', 30);
//
// // Redirect if the new new comment isn't on the same page.
// $Redirect |= !$DisplayNewCommentOnly && PageNumber($this->Offset, $Limit) != PageNumber($Discussion->CountComments - 1, $Limit);
// }
// if ($Redirect) {
// // The user posted a comment on a page other than the last one, so just redirect to the last page.
// $this->RedirectUrl = Gdn::Request()->Url("discussion/comment/$CommentID/#Comment_$CommentID", TRUE);
// } else {
// // Make sure to load all new comments since the page was last loaded by this user
// if ($DisplayNewCommentOnly)
$this->Offset = $this->CommentModel->GetOffset($CommentID);
$Comments = $this->CommentModel->GetIDData($CommentID, array('Slave' => FALSE));
$this->SetData('Comments', $Comments);
$this->SetData('NewComments', TRUE);
$this->ClassName = 'DiscussionController';
$this->ControllerName = 'discussion';
$this->View = 'comments';
// }
// Make sure to set the user's discussion watch records
$CountComments = $this->CommentModel->GetCount($DiscussionID);
$Limit = is_object($this->Data('Comments')) ? $this->Data('Comments')->NumRows() : $Discussion->CountComments;
$Offset = $CountComments - $Limit;
$this->CommentModel->SetWatch($this->Discussion, $Limit, $Offset, $CountComments);
}
} else {
// If this was a draft save, notify the user about the save
$this->InformMessage(sprintf(T('Draft saved at %s'), Gdn_Format::Date()));
}
// And update the draft count
$UserModel = Gdn::UserModel();
$CountDrafts = $UserModel->GetAttribute($Session->UserID, 'CountDrafts', 0);
$this->SetJson('MyDrafts', T('My Drafts'));
$this->SetJson('CountDrafts', $CountDrafts);
}
}
}
// Include data for FireEvent
if (property_exists($this, 'Discussion')) {
$this->EventArguments['Discussion'] = $this->Discussion;
}
if (property_exists($this, 'Comment')) {
$this->EventArguments['Comment'] = $this->Comment;
}
$this->FireEvent('BeforeCommentRender');
if ($this->DeliveryType() == DELIVERY_TYPE_DATA) {
$Comment = $this->Data('Comments')->FirstRow(DATASET_TYPE_ARRAY);
if ($Comment) {
$Photo = $Comment['InsertPhoto'];
if (strpos($Photo, '//') === FALSE) {
$Photo = Gdn_Upload::Url(ChangeBasename($Photo, 'n%s'));
}
$Comment['InsertPhoto'] = $Photo;
}
$this->Data = array('Comment' => $Comment);
$this->RenderData($this->Data);
} else {
require_once $this->FetchViewLocation('helper_functions', 'Discussion');
// Render default view.
$this->Render();
}
}
/**
* Deleting a category.
*
* @since 2.0.0
* @access public
*
* @param int $CategoryID Unique ID of the category to be deleted.
*/
public function DeleteCategory($CategoryID = FALSE)
{
// Check permission
$this->Permission('Garden.Settings.Manage');
// Set up head
$this->AddJsFile('categories.js');
$this->Title(T('Delete Category'));
$this->AddSideMenu('vanilla/settings/managecategories');
// Get category data
$this->Category = $this->CategoryModel->GetID($CategoryID);
if (!$this->Category) {
$this->Form->AddError('The specified category could not be found.');
} else {
// Make sure the form knows which item we are deleting.
$this->Form->AddHidden('CategoryID', $CategoryID);
// Get a list of categories other than this one that can act as a replacement
$this->OtherCategories = $this->CategoryModel->GetWhere(array('CategoryID <>' => $CategoryID, 'AllowDiscussions' => $this->Category->AllowDiscussions, 'CategoryID >' => 0), 'Sort');
if (!$this->Form->AuthenticatedPostBack()) {
$this->Form->SetFormValue('DeleteDiscussions', '1');
// Checked by default
} else {
$ReplacementCategoryID = $this->Form->GetValue('ReplacementCategoryID');
$ReplacementCategory = $this->CategoryModel->GetID($ReplacementCategoryID);
// Error if:
// 1. The category being deleted is the last remaining category that
// allows discussions.
if ($this->Category->AllowDiscussions == '1' && $this->OtherCategories->NumRows() == 0) {
$this->Form->AddError('You cannot remove the only remaining category that allows discussions');
}
/*
// 2. The category being deleted allows discussions, and it contains
// discussions, and there is no replacement category specified.
if ($this->Form->ErrorCount() == 0
&& $this->Category->AllowDiscussions == '1'
&& $this->Category->CountDiscussions > 0
&& ($ReplacementCategory == FALSE || $ReplacementCategory->AllowDiscussions != '1'))
$this->Form->AddError('You must select a replacement category in order to remove this category.');
*/
// 3. The category being deleted does not allow discussions, and it
// does contain other categories, and there are replacement parent
// categories available, and one is not selected.
/*
if ($this->Category->AllowDiscussions == '0'
&& $this->OtherCategories->NumRows() > 0
&& !$ReplacementCategory) {
if ($this->CategoryModel->GetWhere(array('ParentCategoryID' => $CategoryID))->NumRows() > 0)
$this->Form->AddError('You must select a replacement category in order to remove this category.');
}
*/
if ($this->Form->ErrorCount() == 0) {
// Go ahead and delete the category
try {
$this->CategoryModel->Delete($this->Category, $this->Form->GetValue('ReplacementCategoryID'));
} catch (Exception $ex) {
$this->Form->AddError($ex);
}
if ($this->Form->ErrorCount() == 0) {
$this->RedirectUrl = Url('vanilla/settings/managecategories');
$this->InformMessage(T('Deleting category...'));
}
}
}
}
// Render default view
$this->Render();
}
public function SSO($UserID = FALSE)
{
$this->Permission('Garden.Users.Edit');
$ProviderModel = new Gdn_AuthenticationProviderModel();
$Form = new Gdn_Form();
if ($this->Request->IsPostBack()) {
// Make sure everything has been posted.
$Form->ValidateRule('ClientID', 'ValidateRequired');
$Form->ValidateRule('UniqueID', 'ValidateRequired');
if (!ValidateRequired($Form->GetFormValue('Username')) && !ValidateRequired($Form->GetFormValue('Email'))) {
$Form->AddError('Username or Email is required.');
}
$Provider = $ProviderModel->GetProviderByKey($Form->GetFormValue('ClientID'));
if (!$Provider) {
$Form->AddError(sprintf('%1$s "%2$s" not found.', T('Provider'), $Form->GetFormValue('ClientID')));
}
if ($Form->ErrorCount() > 0) {
throw new Gdn_UserException($Form->ErrorString());
}
// Grab the user.
$User = FALSE;
if ($Email = $Form->GetFormValue('Email')) {
$User = Gdn::UserModel()->GetByEmail($Email);
}
if (!$User && ($Username = $Form->GetFormValue('Username'))) {
$User = Gdn::UserModel()->GetByUsername($Username);
}
if (!$User) {
throw new Gdn_UserException(sprintf(T('User not found.'), strtolower(T(UserModel::SigninLabelCode()))), 404);
}
// Validate the user's password.
$PasswordHash = new Gdn_PasswordHash();
$Password = $this->Form->GetFormValue('Password', NULL);
if ($Password !== NULL && !$PasswordHash->CheckPassword($Password, GetValue('Password', $User), GetValue('HashMethod', $User))) {
throw new Gdn_UserException(T('Invalid password.'), 401);
}
// Okay. We've gotten this far. Let's save the authentication.
$User = (array) $User;
Gdn::UserModel()->SaveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->GetFormValue('ClientID'), 'UniqueID' => $Form->GetFormValue('UniqueID')));
$Row = Gdn::UserModel()->GetAuthentication($Form->GetFormValue('UniqueID'), $Form->GetFormValue('ClientID'));
if ($Row) {
$this->SetData('Result', $Row);
} else {
throw new Gdn_UserException(T('There was an error saving the data.'));
}
} else {
$User = Gdn::UserModel()->GetID($UserID);
if (!$User) {
throw NotFoundException('User');
}
$Result = Gdn::SQL()->Select('ua.ProviderKey', '', 'ClientID')->Select('ua.ForeignUserKey', '', 'UniqueID')->Select('ua.UserID')->Select('p.Name')->Select('p.AuthenticationSchemeAlias', '', 'Type')->From('UserAuthentication ua')->Join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->Where('UserID', $UserID)->Get()->ResultArray();
$this->SetData('Result', $Result);
}
$this->Render('Blank', 'Utility', 'Dashboard');
}
/**
* @param Gdn_Controller $Sender
* @param array $Args
*/
protected function Settings_AddEdit($Sender, $Args)
{
$client_id = $Sender->Request->Get('client_id');
Gdn::Locale()->SetTranslation('AuthenticationKey', 'Client ID');
Gdn::Locale()->SetTranslation('AssociationSecret', 'Secret');
Gdn::Locale()->SetTranslation('AuthenticateUrl', 'Authentication Url');
$Form = new Gdn_Form();
$Sender->Form = $Form;
if ($Form->AuthenticatedPostBack()) {
if ($Form->GetFormValue('Generate') || $Sender->Request->Post('Generate')) {
$Form->SetFormValue('AuthenticationKey', mt_rand());
$Form->SetFormValue('AssociationSecret', md5(mt_rand()));
$Sender->SetFormSaved(FALSE);
} else {
$Form->ValidateRule('AuthenticationKey', 'ValidateRequired');
// $Form->ValidateRule('AuthenticationKey', 'regex:`^[a-z0-9_-]+$`i', T('The client id must contain only letters, numbers and dashes.'));
$Form->ValidateRule('AssociationSecret', 'ValidateRequired');
$Form->ValidateRule('AuthenticateUrl', 'ValidateRequired');
$Values = $Form->FormValues();
// $Values = ArrayTranslate($Values, array('Name', 'AuthenticationKey', 'URL', 'AssociationSecret', 'AuthenticateUrl', 'SignInUrl', 'RegisterUrl', 'SignOutUrl', 'IsDefault'));
$Values['AuthenticationSchemeAlias'] = 'jsconnect';
$Values['AssociationHashMethod'] = 'md5';
$Values['Attributes'] = serialize(array('HashType' => $Form->GetFormValue('HashType'), 'TestMode' => $Form->GetFormValue('TestMode'), 'Trusted' => $Form->GetFormValue('Trusted', 0)));
if ($Form->ErrorCount() == 0) {
if ($client_id) {
Gdn::SQL()->Put('UserAuthenticationProvider', $Values, array('AuthenticationKey' => $client_id));
} else {
Gdn::SQL()->Options('Ignore', TRUE)->Insert('UserAuthenticationProvider', $Values);
}
$Sender->RedirectUrl = Url('/settings/jsconnect');
}
}
} else {
if ($client_id) {
$Provider = self::GetProvider($client_id);
TouchValue('Trusted', $Provider, 1);
} else {
$Provider = array();
}
$Form->SetData($Provider);
}
$Sender->SetData('Title', sprintf(T($client_id ? 'Edit %s' : 'Add %s'), T('Connection')));
$Sender->Render('Settings_AddEdit', '', 'plugins/jsconnect');
}
/**
* Create or update a comment.
*
* @since 2.0.0
* @access public
*
* @param int $DiscussionID Unique ID to add the comment to. If blank, this method will throw an error.
*/
public function Comment($DiscussionID = '') {
// Get $DiscussionID from RequestArgs if valid
if ($DiscussionID == '' && count($this->RequestArgs))
if (is_numeric($this->RequestArgs[0]))
$DiscussionID = $this->RequestArgs[0];
// If invalid $DiscussionID, get from form.
$this->Form->SetModel($this->CommentModel);
$DiscussionID = is_numeric($DiscussionID) ? $DiscussionID : $this->Form->GetFormValue('DiscussionID', 0);
// Set discussion data
$this->DiscussionID = $DiscussionID;
$this->Discussion = $Discussion = $this->DiscussionModel->GetID($DiscussionID);
// If closed, cancel & go to discussion
if ($Discussion->Closed == 1)
Redirect('discussion/'.$DiscussionID.'/'.Gdn_Format::Url($Discussion->Name));
// Setup head
$this->AddJsFile('jquery.autogrow.js');
$this->AddJsFile('post.js');
$this->AddJsFile('autosave.js');
// Setup comment model, $CommentID, $DraftID
$Session = Gdn::Session();
$CommentID = isset($this->Comment) && property_exists($this->Comment, 'CommentID') ? $this->Comment->CommentID : '';
$DraftID = isset($this->Comment) && property_exists($this->Comment, 'DraftID') ? $this->Comment->DraftID : '';
$this->EventArguments['CommentID'] = $CommentID;
$this->EventArguments['DraftID'] = $DraftID;
// Determine whether we are editing
$Editing = $CommentID > 0 || $DraftID > 0;
$this->EventArguments['Editing'] = $Editing;
// Add hidden IDs to form
$this->Form->AddHidden('DiscussionID', $DiscussionID);
$this->Form->AddHidden('CommentID', $CommentID);
$this->Form->AddHidden('DraftID', $DraftID, TRUE);
// Check permissions
if ($Editing) {
// Permisssion to edit
if ($this->Comment->InsertUserID != $Session->UserID)
$this->Permission('Vanilla.Comments.Edit', TRUE, 'Category', $Discussion->PermissionCategoryID);
// Make sure that content can (still) be edited.
$EditContentTimeout = C('Garden.EditContentTimeout', -1);
$CanEdit = $EditContentTimeout == -1 || strtotime($this->Comment->DateInserted) + $EditContentTimeout > time();
if (!$CanEdit)
$this->Permission('Vanilla.Comments.Edit', TRUE, 'Category', $Discussion->PermissionCategoryID);
} else {
// Permission to add
$this->Permission('Vanilla.Comments.Add', TRUE, 'Category', $Discussion->PermissionCategoryID);
}
if ($this->Form->AuthenticatedPostBack() === FALSE) {
// Form was validly submitted
if (isset($this->Comment))
$this->Form->SetData($this->Comment);
} else {
// Save as a draft?
$FormValues = $this->Form->FormValues();
if ($DraftID == 0)
$DraftID = $this->Form->GetFormValue('DraftID', 0);
$Type = GetIncomingValue('Type');
$Draft = $Type == 'Draft';
$this->EventArguments['Draft'] = $Draft;
$Preview = $Type == 'Preview';
if ($Draft) {
$DraftID = $this->DraftModel->Save($FormValues);
$this->Form->AddHidden('DraftID', $DraftID, TRUE);
$this->Form->SetValidationResults($this->DraftModel->ValidationResults());
} else if (!$Preview) {
$Inserted = !$CommentID;
$CommentID = $this->CommentModel->Save($FormValues);
// The comment is now half-saved.
if (is_numeric($CommentID) && $CommentID > 0) {
if ($this->_DeliveryType == DELIVERY_TYPE_ALL) {
$this->CommentModel->Save2($CommentID, $Inserted, TRUE, TRUE);
} else {
$this->JsonTarget('', Url("/vanilla/post/comment2/$CommentID/$Inserted"), 'Ajax');
}
// $Discussion = $this->DiscussionModel->GetID($DiscussionID);
$Comment = $this->CommentModel->GetID($CommentID);
$this->EventArguments['Discussion'] = $Discussion;
$this->EventArguments['Comment'] = $Comment;
$this->FireEvent('AfterCommentSave');
} elseif ($CommentID === SPAM) {
$this->StatusMessage = T('Your post has been flagged for moderation.');
}
$this->Form->SetValidationResults($this->CommentModel->ValidationResults());
if ($CommentID > 0 && $DraftID > 0)
$this->DraftModel->Delete($DraftID);
}
// Handle non-ajax requests first:
if ($this->_DeliveryType == DELIVERY_TYPE_ALL) {
if ($this->Form->ErrorCount() == 0) {
// Make sure that this form knows what comment we are editing.
if ($CommentID > 0)
$this->Form->AddHidden('CommentID', $CommentID);
// If the comment was not a draft
if (!$Draft) {
// Redirect to the new comment.
if ($CommentID > 0)
Redirect("discussion/comment/$CommentID/#Comment_$CommentID");
elseif ($CommentID == SPAM) {
$this->SetData('DiscussionUrl', '/discussion/'.$DiscussionID.'/'.Gdn_Format::Url($Discussion->Name));
$this->View = 'Spam';
}
} elseif ($Preview) {
// If this was a preview click, create a comment shell with the values for this comment
$this->Comment = new stdClass();
$this->Comment->InsertUserID = $Session->User->UserID;
$this->Comment->InsertName = $Session->User->Name;
$this->Comment->InsertPhoto = $Session->User->Photo;
$this->Comment->DateInserted = Gdn_Format::Date();
$this->Comment->Body = ArrayValue('Body', $FormValues, '');
$this->AddAsset('Content', $this->FetchView('preview'));
} else {
// If this was a draft save, notify the user about the save
$this->InformMessage(sprintf(T('Draft saved at %s'), Gdn_Format::Date()));
}
}
} else {
// Handle ajax-based requests
if ($this->Form->ErrorCount() > 0) {
// Return the form errors
$this->ErrorMessage($this->Form->Errors());
} else {
// Make sure that the ajax request form knows about the newly created comment or draft id
$this->SetJson('CommentID', $CommentID);
$this->SetJson('DraftID', $DraftID);
if ($Preview) {
// If this was a preview click, create a comment shell with the values for this comment
$this->Comment = new stdClass();
$this->Comment->InsertUserID = $Session->User->UserID;
$this->Comment->InsertName = $Session->User->Name;
$this->Comment->InsertPhoto = $Session->User->Photo;
$this->Comment->DateInserted = Gdn_Format::Date();
$this->Comment->Body = ArrayValue('Body', $FormValues, '');
$this->View = 'preview';
} elseif (!$Draft) { // If the comment was not a draft
// If Editing a comment
if ($Editing) {
// Just reload the comment in question
$this->Offset = 1;
$this->SetData('CommentData', $this->CommentModel->GetIDData($CommentID), TRUE);
// Load the discussion
$this->ControllerName = 'discussion';
$this->View = 'comments';
// Also define the discussion url in case this request came from the post screen and needs to be redirected to the discussion
$this->SetJson('DiscussionUrl', Url('/discussion/'.$DiscussionID.'/'.Gdn_Format::Url($this->Discussion->Name).'/#Comment_'.$CommentID));
} else {
// If the comment model isn't sorted by DateInserted or CommentID then we can't do any fancy loading of comments.
$OrderBy = GetValueR('0.0', $this->CommentModel->OrderBy());
$Redirect = !in_array($OrderBy, array('c.DateInserted', 'c.CommentID'));
$DisplayNewCommentOnly = $this->Form->GetFormValue('DisplayNewCommentOnly');
if (!$Redirect) {
// Otherwise load all new comments that the user hasn't seen yet
$LastCommentID = $this->Form->GetFormValue('LastCommentID');
if (!is_numeric($LastCommentID))
$LastCommentID = $CommentID - 1; // Failsafe back to this new comment if the lastcommentid was not defined properly
// Don't reload the first comment if this new comment is the first one.
$this->Offset = $LastCommentID == 0 ? 1 : $this->CommentModel->GetOffset($LastCommentID);
// Do not load more than a single page of data...
$Limit = C('Vanilla.Comments.PerPage', 50);
// Redirect if the new new comment isn't on the same page.
$Redirect |= !$DisplayNewCommentOnly && PageNumber($this->Offset, $Limit) != PageNumber($Discussion->CountComments - 1, $Limit);
}
if ($Redirect) {
// The user posted a comment on a page other than the last one, so just redirect to the last page.
$this->RedirectUrl = Gdn::Request()->Url("discussion/comment/$CommentID/#Comment_$CommentID", TRUE);
$this->CommentData = NULL;
} else {
// Make sure to load all new comments since the page was last loaded by this user
if ($DisplayNewCommentOnly)
$this->SetData('CommentData', $this->CommentModel->GetIDData($CommentID), TRUE);
else
$this->SetData('CommentData', $this->CommentModel->GetNew($DiscussionID, $LastCommentID), TRUE);
$this->SetData('NewComments', TRUE);
$this->ControllerName = 'discussion';
$this->View = 'comments';
}
// Make sure to set the user's discussion watch records
$CountComments = $this->CommentModel->GetCount($DiscussionID);
$Limit = is_object($this->CommentData) ? $this->CommentData->NumRows() : $Discussion->CountComments;
$Offset = $CountComments - $Limit;
$this->CommentModel->SetWatch($this->Discussion, $Limit, $Offset, $CountComments);
}
} else {
// If this was a draft save, notify the user about the save
$this->InformMessage(sprintf(T('Draft saved at %s'), Gdn_Format::Date()));
}
// And update the draft count
$UserModel = Gdn::UserModel();
$CountDrafts = $UserModel->GetAttribute($Session->UserID, 'CountDrafts', 0);
$this->SetJson('MyDrafts', T('My Drafts'));
$this->SetJson('CountDrafts', $CountDrafts);
}
}
}
// Include data for FireEvent
if (property_exists($this,'Discussion'))
$this->EventArguments['Discussion'] = $this->Discussion;
if (property_exists($this,'Comment'))
$this->EventArguments['Comment'] = $this->Comment;
$this->FireEvent('BeforeCommentRender');
// Render default view
$this->Render();
}
