/**
* Application initialization
* - Loads the plugins
* - Sets the cookie configuration
*/
public static function init()
{
// Set defaule cache configuration
Cache::$default = Kohana::$config->load('site')->get('default_cache');
try {
$cache = Cache::instance()->get('dummy' . rand(0, 99));
} catch (Exception $e) {
// Use the dummy driver
Cache::$default = 'dummy';
}
// Load the plugins
Swiftriver_Plugins::load();
// Add the current default theme to the list of modules
$theme = Model_Setting::get_setting('site_theme');
if ($theme != "default") {
Kohana::modules(array_merge(array('themes/' . $theme->value => THEMEPATH . $theme->value), Kohana::modules()));
}
// Clean up
unset($active_plugins, $theme);
// Load the cookie configuration
$cookie_config = Kohana::$config->load('cookie');
Cookie::$httponly = TRUE;
Cookie::$salt = $cookie_config->get('salt', Swiftriver::DEFAULT_COOKIE_SALT);
Cookie::$domain = $cookie_config->get('domain') or '';
Cookie::$secure = $cookie_config->get('secure') or FALSE;
Cookie::$expiration = $cookie_config->get('expiration') or 0;
// Set the default site locale
I18n::$lang = Model_Setting::get_setting('site_locale');
}
public function action_index()
{
$this->template->header->css = Html::style("themes/default/media/css/home.css");
$this->template->header->title = __('Welcome');
$this->template->content = View::factory('pages/welcome/main');
$this->template->content->set(array('public_registration_enabled' => (bool) Model_Setting::get_setting('public_registration_enabled'), 'anonymous' => $this->anonymous));
}
/**
* The before() method is called before main controller action.
* In our template controller we override this method so that we can
* set up default values. These variables are then available to our
* controllers if they need to be modified.
*
* @return void
*/
public function before()
{
// Execute parent::before first
parent::before();
if (strtolower(Kohana::$config->load('auth.driver')) == 'riverid') {
$this->riverid_auth = TRUE;
}
$this->template->content = View::factory('pages/login/layout');
$this->template->content->public_registration_enabled = Model_Setting::get_setting('public_registration_enabled');
}
/**
* Logs a user in.
*
* @param string email
* @param string password
* @param boolean enable autologin
* @return boolean
*/
protected function _login($email, $password, $remember)
{
$riverid_api = RiverID_API::instance();
// Fallback to local auth if user is in the exemption list
if (in_array($email, Kohana::$config->load('auth.exempt'))) {
return parent::_login($email, $password, $remember);
}
// Check if the email is registered on RiverID
if ($riverid_api->is_registered($email)) {
// Success! Proceed to sign in into RiverID
$login_response = $riverid_api->signin($email, $password);
if ($login_response and $login_response['status']) {
// Get the user object that matches the provided email and RiverID
$user = ORM::factory('user')->where('email', '=', $email)->where('riverid', '=', $login_response['user_id'])->find();
// User does not exist locally but authenticates via RiverID, create user
if (!$user->loaded()) {
// Check if the email is already registered locally
// If so, this will simply append a riverid
$user = ORM::factory('user')->where('email', '=', $email)->find();
// Only auto register if the site allows it
if (!(bool) Model_Setting::get_setting('public_registration_enabled') and !$user->loaded()) {
return FALSE;
}
$user->username = $user->email = $email;
$user->riverid = $login_response['user_id'];
$user->save();
// Allow the user be able to login immediately
$login_role = ORM::factory('role', array('name' => 'login'));
if (!$user->has('roles', $login_role)) {
$user->add('roles', $login_role);
}
}
// User exists locally and authenticates via RiverID so complete the login
if ($user->has('roles', ORM::factory('role', array('name' => 'login')))) {
if ($remember === TRUE) {
// Token data
$data = array('user_id' => $user->id, 'expires' => time() + $this->_config['lifetime'], 'user_agent' => sha1(Request::$user_agent));
// Create a new autologin token
$token = ORM::factory('user_token')->values($data)->create();
// Set the autologin cookie
Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
}
// Finish the login
$this->complete_login($user);
return TRUE;
}
}
}
return FALSE;
}
/**
* Extends the lifetime of the river by pushing forward the expiry date
* of the river - by the no. of days that a river is active. This SHOULD only
* be triggered by an owner of the river. The extension counter is incremented
* each time the expiry date is incremented
*
* @param bool $reactivate_channels When TRUE, reactivates the channels for the
* current river so that the crawlers can resume fetching content from them
*/
public function extend_lifetime($reactivate_channels = TRUE)
{
$lifetime = Model_Setting::get_setting('river_active_duration');
$expiry_start_date = strtotime($this->river_date_expiry);
if ($this->get_days_to_expiry() == 0) {
$expiry_start_date = time();
}
$expiry_date = strtotime(sprintf("+%s day", $lifetime), $expiry_start_date);
$this->river_expired = 0;
$this->expiry_extension_token = NULL;
$this->river_date_expiry = date("Y-m-d H:i:s", $expiry_date);
$this->extension_count += 1;
$this->expiry_candidate = 0;
parent::save();
if ($reactivate_channels) {
// Disable the channel filters for the river
DB::update('channel_filters')->set(array('filter_enabled' => 1))->where('river_id', '=', $this->id)->execute();
$this->_toggle_channel_option_status(TRUE);
}
}
/**
* Password reset for ORM auth.
*
*/
private static function password_reset_orm($email)
{
$ret = array();
$auth_token = Model_Auth_Token::create_token('password_reset', array('email' => $email));
if ($auth_token->loaded()) {
//Send an email with a secret token URL
$mail_body = View::factory('emails/resetpassword')->bind('secret_url', $secret_url);
$secret_url = url::site('login/reset/' . urlencode($email) . '/' . $auth_token->token, TRUE, TRUE);
$mail_subject = __(':sitename: Password Reset', array(':sitename' => Model_Setting::get_setting('site_name')));
Swiftriver_Mail::send($email, $mail_subject, $mail_body);
$ret['messages'] = array(__('An email has been sent with instructions to complete the password reset process.'));
} else {
$ret['errors'] = array(__('Error'));
}
return $ret;
}
window.logged_in_user = <?php
echo $user->id;
?>
;
<?php
} else {
?>
window.logged_in_account = null;
window.logged_in_account_path = null;
window.logged_in_user = null;
<?php
}
?>
window.public_registration_enabled = <?php
echo Model_Setting::get_setting('public_registration_enabled');
?>
;
window.site_url = "<?php
echo URL::base(TRUE, FALSE);
?>
";
</script>
<?php
echo Html::script("themes/default/media/js/jquery-1.7.2.min.js");
// Outside events plugin
echo Html::script("themes/default/media/js/jquery.outside.js");
// Masonry plugin
echo Html::script("themes/default/media/js/jquery.masonry.min.js");
echo Html::script("themes/default/media/js/jquery.imagesloaded.min.js");
/**
* @return void
*/
public function action_index()
{
// Get the id of the current river
$river_id = $this->river->id;
// Cookies to help determine the search options to display
Cookie::set(Swiftriver::COOKIE_SEARCH_SCOPE, 'river');
Cookie::set(Swiftriver::COOKIE_SEARCH_ITEM_ID, $river_id);
// The maximum droplet id for pagination and polling
$max_droplet_id = 0;
if (!($max_droplet_id = $this->cache->get('river_max_id_' . $river_id, FALSE))) {
$max_droplet_id = Model_River::get_max_droplet_id($river_id);
// Cache for 90s
$this->cache->set('river_max_id_' . $river_id, $max_droplet_id, 90);
}
// River filters
$filters = $this->_get_filters();
//Get Droplets
$droplets_array = Model_River::get_droplets($this->user->id, $river_id, 0, 1, $max_droplet_id, NULL, $filters, $this->photos);
// Bootstrap the droplet list
$this->template->header->js .= Html::script("themes/default/media/js/drops.js");
$droplet_js = View::factory('pages/drop/js/drops');
$droplet_js->fetch_base_url = $this->river_base_url;
$droplet_js->default_view = $this->river->default_layout;
$droplet_js->photos = $this->photos ? 1 : 0;
// Check if any filters exist and modify the fetch urls
$droplet_js->filters = NULL;
if (!empty($filters)) {
$droplet_js->filters = json_encode($filters);
}
$droplet_js->droplet_list = json_encode($droplets_array['droplets']);
$droplet_js->max_droplet_id = $max_droplet_id;
$droplet_js->channels = json_encode($this->river->get_channels());
// Select droplet list view with drops view as the default if list not specified
$this->droplets_view = View::factory('pages/drop/drops')->bind('droplet_js', $droplet_js)->bind('user', $this->user)->bind('owner', $this->owner)->bind('anonymous', $this->anonymous);
// Show expiry notice to owners only
if ($this->owner and $this->river->is_expired($this->owner)) {
$this->droplets_view->nothing_to_display = "";
$expiry_notice = View::factory('pages/river/expiry_notice');
$expiry_notice->river_base_url = $this->river_base_url;
$expiry_notice->expiry_extension_token = $this->river->expiry_extension_token;
$expiry_notice->extension_period = Model_Setting::get_setting('river_active_duration');
$this->droplets_view->expiry_notice = $expiry_notice;
} else {
$this->droplets_view->expiry_notice = '';
$this->droplets_view->nothing_to_display = View::factory('pages/river/nothing_to_display')->bind('anonymous', $this->anonymous);
$this->droplets_view->nothing_to_display->river_url = $this->request->url(TRUE);
}
}
/**
* The before() method is called before main controller action.
* In our template controller we override this method so that we can
* set up default values. These variables are then available to our
* controllers if they need to be modified.
*
* @return void
*/
public function before()
{
// Execute parent::before first
parent::before();
try {
$this->session = Session::instance();
} catch (ErrorException $e) {
session_destroy();
}
// Load the default Cache engine
$this->cache = Cache::instance();
// Open session
$this->session = Session::instance();
// If an api key has been provided, login that user
$api_key = $this->request->query('api_key');
if ($api_key) {
$user_orm = ORM::factory('user', array('api_key' => $api_key));
if ($user_orm->loaded() and $user_orm->username != 'public') {
Auth::instance()->force_login($user_orm);
} else {
// api_keys used by apps. Instead of giving the login page
// tell them something went wrong.
throw new HTTP_Exception_403();
}
}
// In case anonymous setting changed and user had a session,
// log out
if (Auth::instance()->logged_in() and Auth::instance()->get_user()->username == 'public' and !(bool) Model_Setting::get_setting('anonymous_access_enabled')) {
Auth::instance()->logout();
}
// Anonymous logged in and login controller requested, logout
if (Auth::instance()->logged_in() and Auth::instance()->get_user()->username == 'public' and $this->request->controller() == 'login') {
Auth::instance()->logout();
}
// If we're not logged in, gives us chance to auto login
$supports_auto_login = new ReflectionClass(get_class(Auth::instance()));
$supports_auto_login = $supports_auto_login->hasMethod('auto_login');
if (!Auth::instance()->logged_in() and $supports_auto_login) {
// Controller exempt from auth check
$exempt_controllers = Kohana::$config->load('auth.ignore_controllers');
Auth::instance()->auto_login();
if (!Auth::instance()->get_user() and !in_array($this->request->controller(), $exempt_controllers)) {
$this->login_required();
}
}
if ($this->auth_required !== FALSE and Auth::instance()->logged_in($this->auth_required) === FALSE) {
if (Auth::instance()->logged_in()) {
// User is logged in but not on the secure_actions list
$this->access_required();
} else {
$this->login_required();
}
}
// Get the logged In User
$this->user = Auth::instance()->get_user();
if ($this->user) {
// Is anonymous logged in?
if ($this->user->username == 'public') {
$this->anonymous = TRUE;
}
// Is this user an admin?
$this->admin = $this->user->is_admin();
if (strtolower(Kohana::$config->load('auth.driver')) == 'riverid' and !in_array($this->user->username, Kohana::$config->load('auth.exempt'))) {
$this->riverid_auth = TRUE;
}
// Does this user have an account space?
if (!($this->account = $this->cache->get('user_account_' . $this->user->id, FALSE))) {
$this->account = ORM::factory('account')->where('user_id', '=', $this->user->id)->find();
$this->cache->set('user_account_' . $this->user->id, $this->account, 3600 + rand(0, 3600));
}
if (!$this->account->loaded() and $this->request->uri() != 'register') {
// Make the user create an account
Request::current()->redirect('register');
}
// Logged in user's dashboard url
if ($this->anonymous) {
$this->dashboard_url = URL::site('welcome');
} else {
$this->dashboard_url = URL::site() . $this->account->account_path;
}
// Build the base URL
$visited_account_path = $this->request->param('account');
if ($visited_account_path and $visited_account_path != $this->account->account_path) {
$this->base_url = URL::site() . $visited_account_path . '/' . $this->request->controller();
$this->visited_account = ORM::factory('account', array('account_path' => $visited_account_path));
// Visited account doesn't exist?
if (!$this->visited_account->loaded()) {
$this->request->redirect($this->dashboard_url);
}
} else {
$this->base_url = URL::site() . $this->account->account_path . '/' . $this->request->controller();
$this->visited_account = $this->account;
}
}
// Load Header & Footer & variables
if ($this->auto_render) {
$this->template->header = View::factory('template/header')->bind('user', $this->user)->bind('site_name', $site_name)->bind('dashboard_url', $this->dashboard_url);
$this->template->header->js = '';
// Dynamic Javascript
$this->template->header->css = '';
// Dynamic CSS
$this->template->header->meta = '';
$this->template->header->show_nav = TRUE;
$site_name = Model_Setting::get_setting('site_name');
// Header Nav
$this->template->header->nav_header = View::factory('template/nav/header')->bind('user', $this->user)->bind('admin', $this->admin)->bind('account', $this->account)->bind('anonymous', $this->anonymous);
$this->template->header->nav_header->controller = $this->request->controller();
if ($this->user) {
$this->template->header->nav_header->num_notifications = Model_User_Action::count_notifications($this->user->id);
if (!($buckets = Cache::instance()->get('user_buckets_' . $this->user->id, FALSE))) {
$buckets = json_encode($this->user->get_buckets_array($this->user));
Cache::instance()->set('user_buckets_' . $this->user->id, $buckets, 3600 + rand(0, 3600));
}
$this->template->header->bucket_list = $buckets;
if (!($rivers = Cache::instance()->get('user_rivers_' . $this->user->id, FALSE))) {
$rivers = json_encode($this->user->get_rivers_array($this->user));
Cache::instance()->set('user_rivers_' . $this->user->id, $rivers, 3600 + rand(0, 3600));
}
$this->template->header->river_list = $rivers;
}
$this->template->content = '';
$this->template->footer = View::factory('template/footer');
if (!in_array($this->request->controller(), array('river', 'bucket', 'search'))) {
// Reset cookies
Cookie::set(Swiftriver::COOKIE_SEARCH_SCOPE, 'all');
}
}
}
<?php
}
?>
</div>
</article>
<?php
if ($anonymous) {
?>
<h3 class="push-up"><span><?php
echo __('In the mean time...');
?>
</h3>
<?php
if ((bool) Model_Setting::get_setting('public_registration_enabled')) {
?>
<div class="panel-left">
<div class="login" id="nothing_to_display_login_form">
<div class="loading center"></div>
<div class="system_error" style="display:none"></div>
<div class="system_success" style="display:none"></div>
<div class="form">
<h3><?php
echo __('Create An Account');
?>
</h3>
<p>
<strong><label><?php
echo __('Your email address');
?>
private function _update_settings()
{
// Validate current password
$validated = FALSE;
$current_password = $_POST['current_password'];
if ($this->riverid_auth) {
$response = RiverID_API::instance()->signin($this->user->email, $_POST['current_password']);
$validated = ($response and $response['status']);
} else {
$validated = Auth::instance()->hash($current_password) == $this->user->password;
}
if (!$validated) {
$this->errors = __('Current password is incorrect');
return;
}
$messages = array();
// Password is changing and we are using RiverID authentication
if (!empty($_POST['password']) or !empty($_POST['password_confirm'])) {
$post = Model_Auth_User::get_password_validation($_POST);
if (!$post->check()) {
$this->errors = $post->errors('user');
return;
}
// Are we using RiverID?
if ($this->riverid_auth) {
$resp = RiverID_API::instance()->change_password($this->user->email, $_POST['current_password'], $_POST['password']);
if (!$resp['status']) {
$this->errors = $resp['error'];
return;
}
// For API calls below, use this new password
$current_password = $_POST['password'];
unset($_POST['password'], $_POST['password_confirm']);
}
}
// Email address is changing
if ($_POST['email'] != $this->user->email) {
$new_email = $_POST['email'];
if (!Valid::email($new_email)) {
$this->errors = __('Invalid email address');
return;
}
if ($this->riverid_auth) {
// RiverID email change process
$mail_body = View::factory('emails/changeemail')->bind('secret_url', $secret_url);
$secret_url = url::site('login/changeemail/' . urlencode($this->user->email) . '/' . urlencode($new_email) . '/%token%', TRUE, TRUE);
$site_email = Kohana::$config->load('useradmin.email_address');
$mail_subject = __(':sitename: Email Change', array(':sitename' => Model_Setting::get_setting('site_name')));
$resp = RiverID_API::instance()->change_email($this->user->email, $new_email, $current_password, $mail_body, $mail_subject, $site_email);
if (!$resp['status']) {
$this->errors = $resp['error'];
return;
}
} else {
// Make sure the new email address is not yet registered
$user = ORM::factory('user', array('email' => $new_email));
if ($user->loaded()) {
$this->errors = __('The new email address has already been registered');
return;
}
$auth_token = Model_Auth_Token::create_token('change_email', array('new_email' => $new_email, 'old_email' => $this->user->email));
if ($auth_token->loaded()) {
// Send an email with a secret token URL
$mail_body = View::factory('emails/changeemail')->bind('secret_url', $secret_url);
$secret_url = URL::site('login/changeemail/' . urlencode($this->user->email) . '/' . urlencode($new_email) . '/' . $auth_token->token, TRUE, TRUE);
// Send email to the user using the new address
$mail_subject = __(':sitename: Email Change', array(':sitename' => Model_Setting::get_setting('site_name')));
Swiftriver_Mail::send($new_email, $mail_subject, $mail_body);
} else {
$this->errors = __('Error');
return;
}
$messages[] = __("A confirmation email has been sent to :email", array(':email' => $new_email));
}
// Don't change email address immediately.
// Only do so after the tokens sent above are validated
unset($_POST['email']);
}
// END if - email address change
// Nickname is changing
if ($_POST['nickname'] != $this->user->account->account_path) {
$nickname = $_POST['nickname'];
// Make sure the account path is not already taken
$account = ORM::factory('account', array('account_path' => $nickname));
if ($account->loaded()) {
$this->errors = __('Nickname is already taken');
return;
}
// Update
$this->user->account->account_path = $nickname;
$this->user->account->save();
}
$this->user->update_user($_POST, array('name', 'password', 'email'));
$messages[] = __("Account settings were saved successfully.");
Session::instance()->set("messages", $messages);
$this->request->redirect(URL::site($this->user->account->account_path . '/settings'));
}
