public function main() { $auth = Current_User::getAuthorization(); if (!Current_User::isLogged() || !$auth->local_user) { PHPWS_Core::errorPage('403'); } $result = $this->init(); if (PHPWS_Error::isError($result)) { PHPWS_Error::log($result); Layout::add(PHPWS_ControlPanel::display(dgettext('users', 'The is a problem with My Page.'))); return; } elseif (!$result) { Layout::add(PHPWS_ControlPanel::display(dgettext('users', 'No modules are registered to My Page.'))); return; } $panel = My_Page::cpanel(); $module = $panel->getCurrentTab(); if (!$this->moduleIsRegistered($module)) { Layout::add(dgettext('users', 'This module is not registered with My Page')); return; } $content = My_Page::userOption($module); if (PHPWS_Error::isError($content)) { $content = $content->getMessage(); } Layout::add(PHPWS_ControlPanel::display($content)); }
public static function loadTabs() { $tabs = PHPWS_ControlPanel::getAllTabs(); if (PHPWS_Error::isError($tabs)) { PHPWS_Error::log($tabs); PHPWS_Core::errorPage(); } return $tabs; }
public function admin() { if (!Current_User::allow('pagesmith')) { Current_User::disallow(); } $this->loadPanel(); $javascript = false; switch ($_REQUEST['aop']) { case 'block_info': $this->getTextBlockData($_GET['bid'], $_GET['pid'], $_GET['section_id']); exit; case 'save_block': $this->saveBlockData($_POST['pid'], $_POST['bid'], $_POST['section_id'], $_POST['content']); PHPWS_Cache::clearCache(); exit; case 'get_undo': $this->getLastUndo($_GET['pid'], $_GET['bid'], $_GET['section_id']); exit; case 'menu': $this->loadForms(); if (!isset($_GET['tab'])) { $tab = $this->panel->getCurrentTab(); } else { $tab =& $_GET['tab']; } switch ($tab) { case 'new': $this->resetUndoSession(0); $this->clearPageSession(); $this->loadPage(); $this->forms->editPage(); break; case 'list': $this->forms->pageList(); break; case 'settings': if (!Current_User::allow('pagesmith', null, null, null, true)) { Current_User::disallow(); } $this->forms->settings(); break; } break; case 'edit_page': $this->resetUndoSession(0); $this->loadPage(); if (!$this->page->id) { $this->title = dgettext('pagesmith', 'Sorry'); $this->content = dgettext('pagesmith', 'Page not found'); break; } $this->loadForms(); if (!Current_User::allow('pagesmith', 'edit_page', $this->page->id)) { Current_User::disallow(); } $this->page->loadSections(true); $this->forms->pageLayout(); break; case 'pick_template': $this->resetUndoSession(0); $this->loadForms(); $this->loadPage(); $this->page->loadTemplate(); $this->page->loadSections(true); $this->killSaved($this->page->id); $this->forms->editPage(); break; case 'delete_page': if (!Current_User::authorized('pagesmith', 'delete_page')) { Current_User::disallow(); } $this->loadPage(); $this->page->delete(); PHPWS_Cache::clearCache(); $this->loadForms(); $this->forms->pageList(); break; case 'edit_page_header': $this->loadPage(); $this->loadForms(); $this->forms->editPageHeader(); $javascript = true; break; case 'delete_section': $this->deleteSection($_GET['sec_id']); exit; break; case 'post_header': $this->postHeader(); break; case 'post_text': $this->postText(); break; case 'post_page': $result = $this->postPage(); switch ($result) { case -1: $this->loadForms(); $this->page->loadSections(true); $this->forms->editPage(); break; case 0: $this->message = dgettext('pagesmith', 'Not enough content to create a page.'); $this->loadForms(); $this->page->loadSections(true); $this->forms->editPage(); break; case 1: $this->killSaved($this->page->id); PHPWS_Cache::clearCache(); PHPWS_Core::reroute($this->page->url()); break; } break; case 'front_page_toggle': $db = \Database::newDB(); $db->addTable('ps_page')->addValue('front_page', 0); $db->update(); $this->loadPage(); $this->page->front_page = (bool) $_GET['fp']; $this->page->save(); PHPWS_Cache::clearCache(); $this->removeFromMenu(); $this->loadForms(); $this->forms->pageList(); break; case 'shorten_links': if (!Current_User::authorized('pagesmith', 'settings', null, null, true)) { Current_User::disallow(); } $this->shortenLinks(); PHPWS_Core::goBack(); break; case 'lengthen_links': if (!Current_User::authorized('pagesmith', 'settings', null, null, true)) { Current_User::disallow(); } $this->lengthenLinks(); PHPWS_Core::goBack(); break; case 'post_settings': if (!Current_User::authorized('pagesmith', 'settings', null, null, true)) { Current_User::disallow(); } $this->postSettings(); $this->message = dgettext('pagesmith', 'Settings saved'); $this->loadForms(); $this->forms->settings(); break; default: PHPWS_Core::errorPage('404'); break; } if ($javascript) { $tpl['TITLE'] = $this->title; $tpl['CONTENT'] = $this->content; $tpl['MESSAGE'] = $this->message; Layout::nakedDisplay(PHPWS_Template::process($tpl, 'pagesmith', 'admin_main.tpl')); } else { Layout::add(PHPWS_ControlPanel::display($this->panel->display($this->content, $this->title, $this->message))); } }
/** * Displays the blog entry * * @param boolean edit If true, show edit link * @param boolean summarized If true, this is a summarized entry */ public function view($edit = true, $summarized = true) { if (!$this->id) { PHPWS_Core::errorPage(404); } $key = new Key($this->key_id); if (!$key->allowView() || !Blog_User::allowView()) { Current_User::requireLogin(); return dgettext('blog', 'You do not have permission to view this entry.'); } $template['TITLE'] = sprintf('<a href="%s" rel="bookmark">%s</a>', $this->getViewLink(true), $this->title); $template['TITLE_NO_LINK'] = $this->title; if ($this->publish_date > time()) { $template['UNPUBLISHED'] = dgettext('blog', 'Unpublished'); } elseif ($this->expire_date && $this->expire_date < time()) { $template['UNPUBLISHED'] = dgettext('blog', 'Expired'); } $template['LOCAL_DATE'] = $this->getPublishDate(); $summary = $this->getSummary(true); $entry = $this->getEntry(true); if ($summarized) { if (empty($summary)) { $template['SUMMARY'] = PHPWS_Text::parseTag($entry); } else { if (!empty($entry)) { $template['READ_MORE'] = PHPWS_Text::rewriteLink(Icon::get('chevron-circle-down') . ' ' . dgettext('blog', 'Read more'), 'blog', array('id' => $this->id), null, 'Read more of this entry', 'btn btn-default'); } $template['SUMMARY'] = PHPWS_Text::parseTag($summary); } } else { $template['SUMMARY'] = PHPWS_Text::parseTag($summary); $template['ENTRY'] = PHPWS_Text::parseTag($entry); } $template['IMAGE'] = $this->getFile($this->thumbnail && $summarized); if ($edit && (Current_User::allow('blog', 'edit_blog', $this->id, 'entry') || Current_User::allow('blog', 'edit_blog') && $this->author_id == Current_User::getId())) { $vars['blog_id'] = $this->id; $vars['action'] = 'admin'; $vars['command'] = 'edit'; $template['EDIT_LINK'] = PHPWS_Text::secureLink(dgettext('blog', 'Edit'), 'blog', $vars); $template['EDIT_URI'] = PHPWS_Text::linkAddress('blog', $vars, true); if (!$summarized) { MiniAdmin::add('blog', array(PHPWS_Text::secureLink(dgettext('blog', 'Edit blog'), 'blog', $vars))); } } // Check setting for showing when the entry was posted if (PHPWS_Settings::get('blog', 'show_posted_by')) { $template['POSTED_BY'] = dgettext('blog', 'By'); $template['AUTHOR'] = $this->author; } // Check settings for showing the author of the entry if (PHPWS_Settings::get('blog', 'show_posted_date')) { $template['PUBLISHED'] = dgettext('blog', 'Published'); $template['POSTED_ON'] = dgettext('blog', 'Posted on'); $template['PUBLISHED_DATE'] = $this->getPublishDateShort(); } if ($summarized) { $view_tpl = 'view_list.tpl'; } else { $template['COMMENT_SCRIPT'] = PHPWS_Settings::get('blog', 'comment_script'); $key->flag(); $view_tpl = 'view_full.tpl'; } return PHPWS_Template::process($template, 'blog', $view_tpl); }
/** * Inserts the content data into the current theme */ public static function loadTheme($theme, $template) { $tpl = new PHPWS_Template(); $tpl->setRoot(PHPWS_SOURCE_DIR); $themeDir = Layout::getThemeDir(); if (PHPWS_Error::isError($themeDir)) { PHPWS_Error::log($themeDir); PHPWS_Core::errorPage(); } $result = $tpl->setFile($themeDir . 'theme.tpl', TRUE); if (PHPWS_Error::isError($result)) { return $result; } if (!empty($GLOBALS['Layout_Collapse'])) { $template['COLLAPSE'] = 'id="layout-collapse"'; } $template['THEME_DIRECTORY'] = Layout::getThemeDirRoot() . $theme . '/'; $template['THEME_HTTP'] = Layout::getThemeHttpRoot() . $theme . '/'; $template['SOURCE_THEME_HTTP'] = PHPWS_SOURCE_HTTP . 'themes/'; $template['SOURCE_THEME_DIR'] = PHPWS_SOURCE_DIR . 'themes/'; $tpl->setData($template); return $tpl; }
/** * Pathing for which view to display */ public function view() { require_once PHPWS_SOURCE_DIR . 'mod/calendar/class/Event.php'; $key = new Key($this->calendar->schedule->key_id); if (!$key->allowView()) { $this->calendar->loadDefaultSchedule(); } $schedule_key = $this->calendar->schedule->getKey(); if (!$this->calendar->schedule->public && !$schedule_key->allowView()) { PHPWS_Core::errorPage('403'); } \Layout::disableRobots(); $current_date = $this->calendar->current_date * 1000; switch ($this->current_view) { case 'day': $this->content = $this->day(); break; case 'grid': if (ALLOW_CACHE_LITE && Current_User::allow('calendar')) { if (strftime('%Y%m', $this->calendar->today) == strftime('%Y%m', $this->calendar->current_date)) { $current_date = $this->calendar->today * 1000; } $this->resetCacheLink('grid', $this->calendar->int_month, $this->calendar->int_year, $this->calendar->schedule->id); } $this->content = $this->month_grid(); break; case 'list': if (ALLOW_CACHE_LITE && Current_User::allow('calendar')) { $this->resetCacheLink('list', $this->calendar->int_month, $this->calendar->int_year, $this->calendar->schedule->id); } $this->content = $this->month_list(); break; case 'week': $this->content = $this->week(); break; case 'event': if (isset($_REQUEST['page'])) { $event_id = (int) $_REQUEST['page']; } elseif (isset($_REQUEST['event_id'])) { $event_id = $_REQUEST['event_id']; } else { $this->content = $this->day(); } if (!$this->loadEvent($event_id) || !$this->event->id) { $this->content = $this->day(); break; } if (isset($_REQUEST['js'])) { $this->content = $this->event(true); Layout::nakedDisplay($this->content); return; } else { $this->content = $this->event(); } break; default: $this->content = dgettext('calendar', 'Incorrect option'); break; } if ($this->calendar->schedule->checkPermissions()) { if ($this->calendar->schedule->id) { require_once PHPWS_SOURCE_DIR . 'mod/calendar/class/Admin.php'; $event = new Calendar_Event(0, $this->calendar->schedule); Layout::add(\Calendar_Admin::eventModal($event)); \Calendar_Admin::includeEventJS(); $link = '<a style="cursor:pointer" class="add-event" data-schedule-id="' . $this->calendar->schedule->id . '" data-date="' . $current_date * 1000 . '">Add event</a>'; MiniAdmin::add('calendar', $link); MiniAdmin::add('calendar', $this->calendar->schedule->uploadEventsLink()); } } if ($this->current_view == 'event') { $this->event->flagKey(); } else { $schedule_key->flag(); } }
/** * Called when a user tries to access functionality he/she has no permission to access * * @access private */ function _accessDenied() { PHPWS_Core::errorPage('400'); }
<?php /** * Description * @author Jeff Tickle <jtickle at tux dot appstate dot edu> */ // If no one else has set $_REQUEST['module'] by this point and Core wants us to // forward, 404. if (isset($GLOBALS['Forward']) && !array_key_exists('module', $_REQUEST)) { PHPWS_Core::errorPage(404); }
/** * Loads a connection * * @param string $dsn * @param string $tbl_prefix * @param boolean $force_reconnect * @param boolean $show_error * @return boolean */ public static function loadDB($dsn = null, $tbl_prefix = null, $force_reconnect = false, $show_error = true) { if (!isset($dsn)) { if (!defined('PHPWS_DSN')) { exit(_('Cannot load database. DSN not defined.')); } $dsn = PHPWS_DSN; if (defined('PHPWS_TABLE_PREFIX')) { $tbl_prefix = PHPWS_TABLE_PREFIX; } } /** * if $dsn is already set and force_reconnect is false, don't bother on a reconnect */ if (isset($GLOBALS['PHPWS_DB']['dsn']) && $GLOBALS['PHPWS_DB']['dsn'] == $dsn && !$force_reconnect) { return; } if (isset($GLOBALS['PHPWS_DB']['connection'])) { $GLOBALS['PHPWS_DB']['connection']->disconnect(); } $dbname = PHPWS_DB::getDbName($dsn); $pear_db = new MDB2(); $connect = $pear_db->connect($dsn, array('persistent' => false)); if (PHPWS_Error::isError($connect)) { if (CLEAR_DSN) { $connect->userinfo = str_replace($dsn, '-- DSN removed --', $connect->userinfo); } PHPWS_Error::log($connect); if ($show_error) { PHPWS_Core::errorPage(); } else { return $connect; } } PHPWS_DB::logDB(sprintf(_('Connected to database "%s"'), $dbname)); // Load the factory files $type = $connect->dbsyntax; $result = PHPWS_Core::initCoreClass('DB/' . $type . '.php'); if ($result == false) { PHPWS_DB::logDB(_('Failed to connect.')); PHPWS_Error::log(PHPWS_FILE_NOT_FOUND, 'core', 'PHPWS_DB::loadDB', PHPWS_SOURCE_DIR . 'core/class/DB/' . $type . '.php'); PHPWS_Core::errorPage(); } $class_name = $type . '_PHPWS_SQL'; $dblib = new $class_name(); if (!empty($dblib->portability)) { $connect->setOption('portability', $dblib->portability); } $connect->setOption('seqcol_name', 'id'); $GLOBALS['PHPWS_DB']['lib'] = $dblib; $GLOBALS['PHPWS_DB']['dsn'] = $dsn; $GLOBALS['PHPWS_DB']['connection'] = $connect; $GLOBALS['PHPWS_DB']['tbl_prefix'] = $tbl_prefix; $GLOBALS['PHPWS_DB']['type'] = $type; return true; }
public function post() { \PHPWS_Core::errorPage('404'); }
public static function main() { if (isset($_REQUEST['blog_id'])) { $blog = new Blog((int) $_REQUEST['blog_id']); } elseif (isset($_REQUEST['id'])) { $blog = new Blog((int) $_REQUEST['id']); } else { $blog = new Blog(); } if (!isset($_REQUEST['action'])) { if ($blog->id) { $action = 'view_comments'; } else { $action = 'view'; } } else { $action = $_REQUEST['action']; } switch ($action) { case 'view_comments': Layout::addStyle('blog'); Layout::addPageTitle($blog->title); if (Current_User::allow('blog', 'edit_blog')) { Blog_User::miniAdminList(); } if ($blog->publish_date > time() && !Current_User::allow('blog')) { PHPWS_Core::errorPage('404'); } else { $content = $blog->view(true, false); } break; case 'view': if (isset($_GET['y'])) { $day = 1; $month = 1; $year = $_GET['y']; if (isset($_GET['m'])) { $month = $_GET['m']; if (isset($_GET['d'])) { $day = $_GET['d']; $start_date = mktime(0, 0, 0, $month, $day, $year); $end_date = mktime(23, 59, 59, $month, $day, $year); } else { $start_day = 1; $end_day = (int) date('t', mktime(0, 0, 0, $month, 1, $year)); $start_date = mktime(0, 0, 0, $month, 1, $year); $end_date = mktime(0, 0, 0, $month, $end_day, $year); } } else { $start_date = mktime(0, 0, 0, 1, 1, $year); $end_date = mktime(0, 0, 0, 12, 31, $year); } } else { $start_date = null; $end_date = null; } $content = Blog_User::show($start_date, $end_date); Layout::add($content, 'blog', 'view', true); return; break; case 'submit': if (Current_User::allow('blog', 'edit_blog')) { PHPWS_Core::reroute(PHPWS_Text::linkAddress('blog', array('action' => 'admin', 'tab' => 'new'), 1)); } else { PHPWS_Core::errorPage(403); } break; default: PHPWS_Core::errorPage(404); break; } Layout::add($content); }
public static function disallow($message = null) { if (!isset($message)) { $message = dgettext('users', 'Improper permission level for action requested.'); } Security::log($message); PHPWS_Core::errorPage('403'); }
public function confirmUser() { $hash = $_GET['hash']; if (preg_match('/\\W/', $hash)) { Security::log(sprintf(dgettext('users', 'User tried to send bad hash (%s) to confirm user.'), $hash)); PHPWS_Core::errorPage('400'); } $db = new PHPWS_DB('users_signup'); $db->addWhere('authkey', $hash); $row = $db->select('row'); if (PHPWS_Error::logIfError($row)) { return false; } elseif (empty($row)) { return false; } else { $user_id =& $row['user_id']; $user = new PHPWS_User($user_id); // If the deadline has not yet passed, approve the user, save, and return true if ($row['deadline'] > time()) { $db->delete(); $user->approved = 1; if (PHPWS_Error::logIfError($user->save())) { return false; } else { User_Action::assignDefaultGroup($user); return true; } } else { // If the deadline has passed, delete the user and return false. $user->delete(); return false; } } }
public function process() { if (!Current_User::allow('checkin')) { Current_User::disallow(); } if (isset($_REQUEST['aop'])) { if ($_REQUEST['aop'] == 'switch') { if (Current_User::allow('checkin', 'settings')) { $cmd = 'settings'; } elseif (Current_User::allow('checkin', 'assign_visitors')) { $cmd = 'assign'; } else { $cmd = 'waiting'; } } else { $cmd = $_REQUEST['aop']; } } elseif ($_REQUEST['tab']) { $cmd = $_REQUEST['tab']; } else { PHPWS_Core::errorPage('404'); } $js = false; $js = isset($_GET['print']); switch ($cmd) { case 'finish_meeting': $this->finishMeeting(); PHPWS_Core::goBack(); break; case 'start_meeting': $this->startMeeting(); PHPWS_Core::goBack(); break; case 'sendback': $this->sendBack(); PHPWS_Core::goBack(); break; case 'unavailable': $this->unavailable(); PHPWS_Core::goBack(); break; case 'available': $this->available(); PHPWS_Core::goBack(); break; case 'report': if (!PHPWS_Settings::get('checkin', 'staff_see_reports') && !Current_User::allow('checkin', 'assign_visitors')) { Current_User::disallow(); } if (isset($_GET['daily_report'])) { $this->dailyReport(isset($_GET['print'])); } elseif (isset($_GET['summary_report'])) { $this->summaryReport(); } else { $this->report(); } //$this->report2(); break; case 'daily_report': if (!PHPWS_Settings::get('checkin', 'staff_see_reports') && !Current_User::allow('checkin', 'assign_visitors')) { Current_User::disallow(); } break; case 'month_report': if (!Current_User::allow('checkin', 'assign_visitors')) { Current_User::disallow(); } $this->monthReport(isset($_GET['print'])); break; case 'visitor_report': if (!Current_User::allow('checkin', 'assign_visitors')) { Current_User::disallow(); } $this->visitorReport(isset($_GET['print'])); break; case 'reassign': // Called via ajax if (Current_User::authorized('checkin', 'assign_visitors')) { if (isset($_GET['staff_id']) && $_GET['staff_id'] >= 0 && isset($_GET['visitor_id'])) { $this->loadVisitor($_GET['visitor_id']); $staff_id = $this->visitor->assigned; $db = new PHPWS_DB('checkin_visitor'); $db->addValue('assigned', (int) $_GET['staff_id']); $db->addWhere('id', (int) $_GET['visitor_id']); PHPWS_Error::logIfError($db->update()); printf('staff_id %s, visitor_id %s', $_GET['staff_id'], $_GET['visitor_id']); $this->loadStaff($staff_id); /* if ($this->staff->status == 3) { $this->staff->status = 0; $this->staff->save(); } */ } } exit; break; case 'move_up': if (Current_User::allow('checkin', 'assign_visitors')) { $db = new PHPWS_DB('checkin_staff'); $db->moveRow('view_order', 'id', $_GET['staff_id'], 'up'); } PHPWS_Core::goBack(); break; case 'move_down': if (Current_User::allow('checkin', 'assign_visitors')) { $db = new PHPWS_DB('checkin_staff'); $db->moveRow('view_order', 'id', $_GET['staff_id'], 'down'); } PHPWS_Core::goBack(); break; case 'assign': if (Current_User::allow('checkin', 'assign_visitors')) { $this->panel->setCurrentTab('assign'); $this->assign(); } break; case 'post_note': $this->loadVisitor(); $this->saveNote(); PHPWS_Core::goBack(); break; case 'hide_panel': PHPWS_Cookie::write('checkin_hide_panel', 1); PHPWS_Core::goBack(); break; case 'show_panel': PHPWS_Cookie::delete('checkin_hide_panel'); PHPWS_Core::goBack(); $this->panel->setCurrentTab('assign'); $this->assign(); break; case 'hide_sidebar': PHPWS_Cookie::write('checkin_hide_sidebar', 1); PHPWS_Core::goBack(); $this->panel->setCurrentTab('assign'); $this->use_sidebar = false; $this->assign(); break; case 'show_sidebar': PHPWS_Cookie::delete('checkin_hide_sidebar'); PHPWS_Core::goBack(); $this->panel->setCurrentTab('assign'); $this->assign(); break; case 'waiting': $this->panel->setCurrentTab('waiting'); $this->loadCurrentStaff(); $this->waiting(); break; case 'repeats': $this->repeats(); break; case 'small_wait': $this->loadCurrentStaff(); $this->waiting(true); $js = true; break; case 'remove_visitor': if (Current_User::allow('checkin', 'remove_visitors')) { $this->removeVisitor(); } PHPWS_Core::goBack(); break; case 'settings': if (Current_User::allow('checkin', 'settings')) { $this->panel->setCurrentTab('settings'); $this->settings(); } break; case 'reasons': if (Current_User::allow('checkin', 'settings')) { $this->panel->setCurrentTab('reasons'); $this->reasons(); } break; case 'post_reason': if (Current_User::allow('checkin', 'settings')) { $this->loadReason(); if ($this->postReason()) { $this->reason->save(); PHPWS_Core::reroute('index.php?module=checkin&tab=reasons'); } else { $this->editReason(); } } break; case 'staff': $this->panel->setCurrentTab('staff'); $this->staff(); break; case 'edit_staff': if (Current_User::allow('checkin', 'settings')) { $this->loadStaff(null, true); $this->editStaff(); } break; case 'search_users': $this->searchUsers(); break; case 'update_reason': if (Current_User::allow('checkin', 'settings')) { if (Current_User::authorized('checkin', 'settings')) { $this->updateReason(); } $this->panel->setCurrentTab('settings'); $this->settings(); } break; case 'post_staff': if (!Current_User::authorized('checkin', 'settings')) { Current_User::disallow(); } if ($this->postStaff()) { // save post $this->staff->save(); $this->staff->saveReasons(); PHPWS_Core::reroute('index.php?module=checkin&tab=staff'); } else { // post failed $this->loadStaff(); $this->editStaff(); } break; case 'post_settings': // from Checkin_Admin::settings if (Current_User::authorized('checkin', 'settings')) { $this->postSettings(); } PHPWS_Core::reroute('index.php?module=checkin&tab=settings'); break; case 'edit_reason': $this->loadReason(); $this->editReason(); break; case 'delete_reason': $this->loadReason(); $this->reason->delete(); PHPWS_Core::goBack(); break; case 'deactivate_staff': PHPWS_Core::initModClass('checkin', 'Staff.php'); $staff = new Checkin_Staff($_GET['id']); $staff->active = 0; $staff->save(); PHPWS_Core::goBack(); break; case 'activate_staff': PHPWS_Core::initModClass('checkin', 'Staff.php'); $staff = new Checkin_Staff($_GET['id']); $staff->active = 1; $staff->save(); PHPWS_Core::goBack(); break; // This is for testing purposes and never happens in actual use // This is for testing purposes and never happens in actual use case 'unassignAll': $this->unassignAll(); break; // This is for testing purposes and never happens in actual use // This is for testing purposes and never happens in actual use case 'auto_assign': $this->autoAssign(); break; } if (empty($this->content)) { $this->content = dgettext('checkin', 'Command not recognized.'); } if ($js) { $tpl['TITLE'] =& $this->title; $tpl['CONTENT'] =& $this->content; $tpl['MESSAGE'] =& $this->message; $content = PHPWS_Template::process($tpl, 'checkin', 'main.tpl'); Layout::nakedDisplay($content, $this->title); } else { if (is_array($this->message)) { $this->message = implode('<br />', $this->message); } if (!$this->use_sidebar) { Layout::collapse(); } if ($this->use_panel) { Layout::add(PHPWS_ControlPanel::display($this->panel->display($this->content, $this->title, $this->message))); } else { $tpl['TITLE'] =& $this->title; $tpl['CONTENT'] =& $this->content; $tpl['MESSAGE'] =& $this->message; Layout::add(PHPWS_Template::process($tpl, 'checkin', 'main.tpl')); } } }
public function userMenu($action = null) { $javascript = false; if (empty($action)) { if (!isset($_REQUEST['uop'])) { PHPWS_Core::errorPage('404'); } $action = $_REQUEST['uop']; } switch ($action) { case 'message': $this->loadMessage(); if (empty($this->message)) { PHPWS_Core::home(); } $this->title = dgettext('signup', 'Signup'); break; case 'signup_sheet': $this->loadPeep(); $this->loadForm('user_signup'); break; case 'slot_signup': if ($this->postPeep()) { if ($this->saveUnregistered()) { $this->forwardMessage(dgettext('signup', 'You should receive an email allowing you to verify your application.<br />You have one hour to confirm your application.'), dgettext('signup', 'Thank you')); $this->sendMessage(); } else { $this->loadForm('user_signup'); } } else { $this->loadForm('user_signup'); } break; case 'confirm': $this->confirmPeep(); $this->purgeOverdue(); break; } $tpl['TITLE'] = $this->title; $tpl['MESSAGE'] = $this->message; $tpl['CONTENT'] = $this->content; if ($javascript) { Layout::nakedDisplay(PHPWS_Template::process($tpl, 'signup', 'usermain.tpl')); } else { Layout::add(PHPWS_Template::process($tpl, 'signup', 'usermain.tpl')); } }
public function get() { $this->loadCarryMessage(); switch ($_GET['rop']) { case 'edit': $this->loadUserRoommate(); if ($this->roommate->id != \Current_User::getId()) { \PHPWS_Core::errorPage('You may not edit this roommate'); } $this->editRoommate(); break; case 'delete_message': $this->deleteMessage($_GET['id']); \PHPWS_Core::goBack(); break; case 'contact': if (isset($_GET['id'])) { $this->contactRenter((int) $_GET['id']); $this->loadCarryMessage('Message sent!'); exit; } else { \PHPWS_Core::errorPage('404'); } break; case 'report': if (isset($_GET['id'])) { $this->reportRenter((int) $_GET['id']); $this->loadCarryMessage('Report made'); exit; } else { \PHPWS_Core::errorPage('404'); } exit; case 'view': if (isset($_GET['id'])) { $this->loadCurrentRoommate(); $this->content = $this->roommate->view(); } else { $this->listRoommates(); } break; case 'clear': $this->loadUserRoommate(); if (!$this->roommate->delete()) { Layout::add('Could not clear your roommate request. Please contact the site owner.'); return; } \PHPWS_Core::goBack(); break; case 'search': $this->listRoommates(); break; case 'remove': $this->removeSearch($_GET['s']); $this->listRoommates(); break; case 'timeout': $this->loadUserRoommate(); $this->roommate->update(); \PHPWS_Core::goBack(); break; case 'read_messages': $this->title = 'Roommate messages'; $this->readMessages(); break; default: $this->listRoommates(); break; } $this->display(); }
/** * If a file is posted beyond php's posting limits, it will drop the * POST without an error message. checkOverPost sends the user to an * overpost error page. */ public static function checkOverPost() { if (!isset($_GET['check_overpost'])) { return true; } elseif (empty($_POST) && isset($_SERVER['CONTENT_LENGTH'])) { Security::log(_('User tried to post a file beyond server limits.')); PHPWS_Core::errorPage('overpost'); } return true; }
public static function sendToAlternate($alternate, $search_phrase) { $file = PHPWS_Core::getConfigFile('search', 'alternate.php'); if (!$file) { PHPWS_Core::errorPage(); exit; } include $file; if (!isset($alternate_search_engine) || !is_array($alternate_search_engine) || !isset($alternate_search_engine[$alternate])) { PHPWS_Core::errorPage(); exit; } $gosite =& $alternate_search_engine[$alternate]; $query_string = str_replace(' ', '+', $search_phrase); $site = urlencode(PHPWS_Core::getHomeHttp(FALSE, FALSE, FALSE)); $url = sprintf($gosite['url'], $query_string, $site); header('location: ' . $url); exit; }
public function userSignup() { if (!$this->signup->sheet->id) { PHPWS_Core::errorPage('404'); } $sheet = $this->signup->sheet; $peep = $this->signup->peep; if (Current_User::isLogged() && empty($peep->email)) { $peep->email = Current_User::getEmail(); } if ($sheet->end_time < time()) { $this->signup->title = dgettext('signup', 'Sorry'); $this->signup->content = dgettext('signup', 'We are no longer accepting applications.'); return; } $slots = $sheet->getAllSlots(); $slots_filled = $sheet->totalSlotsFilled(); if (empty($slots)) { $this->signup->title = dgettext('signup', 'Sorry'); $this->signup->content = dgettext('signup', 'There is a problem with this signup sheet. Please check back later.'); return; } $this->signup->title =& $sheet->title; foreach ($slots as $slot) { // if the slots are filled, don't offer it if ($slots_filled && isset($slots_filled[$slot->id])) { $filled =& $slots_filled[$slot->id]; if ($filled >= $slot->openings) { continue; } else { $openings_left = $slot->openings - $filled; } } else { $openings_left =& $slot->openings; } $options[$slot->id] = sprintf(dngettext('signup', '%s (%s opening)', '%s (%s openings)', $openings_left), $slot->title, $openings_left); } if (!isset($options)) { $this->signup->content = dgettext('signup', 'Sorry, but all available slots are full. Please check back later for possible cancellations.'); return; } else { $form = new PHPWS_Form('slots'); $form->useFieldset(); $form->setLegend(dgettext('signup', 'Signup form')); $form->addHidden('module', 'signup'); $form->addHidden('uop', 'slot_signup'); $form->addHidden('sheet_id', $this->signup->sheet->id); $form->addSelect('slot_id', $options); $form->setLabel('slot_id', dgettext('signup', 'Available slots')); $form->setMatch('slot_id', $peep->slot_id); $form->addText('first_name', $peep->first_name); $form->setLabel('first_name', dgettext('signup', 'First name')); $form->addText('last_name', $peep->last_name); $form->setLabel('last_name', dgettext('signup', 'Last name')); $form->addText('email', $peep->email); $form->setSize('email', 30); $form->setLabel('email', dgettext('signup', 'Email address')); $form->addText('phone', $peep->getPhone()); $form->setSize('phone', 15); $form->setLabel('phone', dgettext('signup', 'Phone number')); if (!empty($this->signup->sheet->extra1)) { $form->addText('extra1', $peep->extra1); $form->setLabel('extra1', $this->signup->sheet->extra1); } if (!empty($this->signup->sheet->extra2)) { $form->addText('extra2', $peep->extra2); $form->setLabel('extra2', $this->signup->sheet->extra2); } if (!empty($this->signup->sheet->extra3)) { $form->addText('extra3', $peep->extra3); $form->setLabel('extra3', $this->signup->sheet->extra3); } $form->addSubmit(dgettext('signup', 'Submit')); $tpl = $form->getTemplate(); } $tpl['DESCRIPTION'] = $sheet->getDescription(); $this->signup->content = PHPWS_Template::process($tpl, 'signup', 'signup_form.tpl'); $this->signup->sheet->flag(); }
public function loadSettings($theme = null) { $db = new PHPWS_DB('layout_config'); $result = $db->loadObject($this, false); if (PHPWS_Error::isError($result)) { PHPWS_Error::log($result); PHPWS_Core::errorPage(); } if ($theme && is_dir(Layout::getThemeDirRoot() . $theme)) { $this->default_theme = $theme; } if (empty($this->current_theme)) { $this->current_theme = $this->default_theme; } $themeInit = Layout::getThemeDirRoot() . $this->current_theme . '/theme.ini'; if (is_file($themeInit)) { $themeVars = parse_ini_file($themeInit, true); $this->loadBoxSettings($themeVars); $this->loadStyleSheets($themeVars); } else { PHPWS_Error::log(LAYOUT_INI_FILE, 'layout', 'Layout_Settings::loadSettings', $themeInit); //PHPWS_Core::errorPage(); } if (Current_User::isDeity()) { $this->deity_reload = true; } }
/** * routes administrative commands */ public function main() { if (!Current_User::allow('calendar')) { Current_User::disallow(); return; } $panel = $this->getPanel(); if (isset($_REQUEST['aop'])) { $command = $_REQUEST['aop']; } elseif (isset($_REQUEST['tab'])) { $command = $_REQUEST['tab']; } else { $command = $panel->getCurrentTab(); } switch ($command) { case 'get_event_json': $this->getEventJson(); break; case 'post_event': if (!$this->calendar->schedule->checkPermissions(true)) { Current_User::disallow(); } $this->postEvent(); break; case 'schedule_json': $this->scheduleJSON(filter_input(INPUT_GET, 'sch_id', FILTER_SANITIZE_NUMBER_INT)); exit; break; case 'approval': $this->approval(); break; case 'approve_suggestion': $this->approveSuggestion($_GET['suggestion_id']); PHPWS_Core::goBack(); break; case 'create_event': $panel->setCurrentTab('schedules'); $event = $this->calendar->schedule->loadEvent(); if ($this->calendar->current_date) { $event->start_time = mktime(12, 0, 0, $this->calendar->int_month, $this->calendar->int_day, $this->calendar->int_year); $event->end_time = mktime(12, 0, 0, $this->calendar->int_month, $this->calendar->int_day, $this->calendar->int_year); } $this->editEvent($event); break; case 'create_schedule': if (!Current_User::allow('calendar') || !Current_User::allow('calendar', 'edit_public') && !PHPWS_Settings::get('calendar', 'personal_schedules')) { Current_User::disallow(); } $this->calendar->schedule = new Calendar_Schedule(); $panel->setCurrentTab('schedules'); $this->editSchedule(); break; case 'blog_event': if (PHPWS_Core::moduleExists('blog') && Current_User::allow('blog', 'edit_blog') && $this->calendar->schedule->checkPermissions(true)) { $event = $this->calendar->schedule->loadEvent(); $this->blogEvent(); } break; case 'post_blog': if (PHPWS_Core::moduleExists('blog') && Current_User::allow('blog', 'edit_blog') && $this->calendar->schedule->checkPermissions(true)) { $this->postBlog(); } javascript('close_refresh'); Layout::nakedDisplay(); break; case 'edit_event': $panel->setCurrentTab('schedules'); if (!$this->calendar->schedule->checkPermissions()) { Current_User::disallow(); } $event = $this->calendar->schedule->loadEvent(); $this->editEvent($event); break; case 'delete_event': if ($this->calendar->schedule->checkPermissions(true)) { $event = $this->calendar->schedule->loadEvent(); $result = $event->delete(); if (PHPWS_Error::isError($result)) { PHPWS_Error::log($result); } } PHPWS_Core::goBack(); break; case 'delete_schedule': if (Current_User::authorized('calendar', 'delete_schedule') && Current_User::isUnrestricted('calendar')) { $this->calendar->schedule->delete(); $this->sendMessage(dgettext('calendar', 'Schedule deleted.'), 'aop=schedules'); } else { Current_User::disallow(); } break; case 'disapprove_suggestion': $this->disapproveSuggestion($_GET['suggestion_id']); PHPWS_Core::goBack(); break; case 'edit_schedule': if (empty($_REQUEST['sch_id'])) { PHPWS_Core::errorPage('404'); } if (!$this->calendar->schedule->checkPermissions()) { Current_User::disallow(); } $panel->setCurrentTab('schedules'); $this->editSchedule(); break; case 'make_default_public': if (Current_User::isUnrestricted('calendar')) { PHPWS_Settings::set('calendar', 'public_schedule', (int) $_REQUEST['sch_id']); PHPWS_Settings::save('calendar'); $this->message = dgettext('calendar', 'Default public schedule set.'); } $this->scheduleListing(); break; case 'post_schedule': $this->postSchedule(); break; case 'post_settings': if (!Current_User::authorized('calendar', 'settings')) { Current_User::disallow(); } $this->postSettings(); $this->message = dgettext('calendar', 'Settings saved'); $this->settings(); break; case 'repeat_event': $panel->setCurrentTab('schedules'); $event = $this->calendar->schedule->loadEvent(); $this->repeatEvent($event); break; case 'reset_cache': if (!Current_User::allow('calendar')) { Current_User::disallow(); } PHPWS_Cache::remove($_REQUEST['key']); PHPWS_Core::goBack(); break; case 'schedules': $panel->setCurrentTab('schedules'); $this->scheduleListing(); break; case 'settings': $this->settings(); break; case 'upload_event': if (!$this->calendar->schedule->checkPermissions()) { Current_User::disallow(); } $this->uploadEvent(); break; case 'post_upload': if (!$this->calendar->schedule->checkPermissions(true)) { Current_User::disallow(); } $this->postUpload(); break; } $tpl['CONTENT'] = $this->content; $tpl['TITLE'] = $this->title; if (is_array($this->message)) { $tpl['MESSAGE'] = implode('<br />', $this->message); } else { $tpl['MESSAGE'] = $this->message; } // Clears in case of js window opening $this->content = $this->title = $this->message = null; $final = PHPWS_Template::process($tpl, 'calendar', 'admin/main.tpl'); if (PHPWS_Calendar::isJS()) { Layout::nakedDisplay($final); } else { $panel->setContent($final); Layout::add(PHPWS_ControlPanel::display($panel->display())); } }
/** * @modified Verdon Vaillancourt */ public static function siteMap() { if (!isset($_GET['site_map'])) { PHPWS_Core::errorPage('404'); } PHPWS_Core::initModClass('menu', 'Menu_Item.php'); if ($_GET['site_map'] == 'all') { $db = new PHPWS_DB('menus'); $result = $db->getObjects('Menu_Item'); if ($result) { foreach ($result as $menu) { if (empty($menu->title)) { PHPWS_Core::errorPage('404'); } $result = $menu->getLinks(); if (PHPWS_Error::logIfError($result)) { PHPWS_Core::errorPage(); } $content = array(); if (!empty($result)) { Menu::walkLinks($result, $content); } $site['TITLE'] = $menu->getTitle() . ' - ' . dgettext('menu', 'Site map'); $site['CONTENT'] = implode('', $content); $tpl['site-map'][] = $site; } } else { $tpl['TITLE'] = $menu->getTitle() . ' - ' . dgettext('menu', 'Site map'); $tpl['CONTENT'] = dgettext('menu', 'Sorry, no menus have been created'); } } else { $menu = new Menu_Item((int) $_GET['site_map']); if (empty($menu->title)) { PHPWS_Core::errorPage('404'); } $result = $menu->getLinks(); if (PHPWS_Error::isError($result)) { PHPWS_Error::log($result); PHPWS_Core::errorPage(); } $content = array(); if (!empty($result)) { Menu::walkLinks($result, $content); } $tpl['TITLE'] = $menu->getTitle() . ' - ' . dgettext('menu', 'Site map'); $tpl['CONTENT'] = implode('', $content); } Layout::add(PHPWS_Template::process($tpl, 'menu', 'site_map.tpl')); }
public function viewFolder() { $this->loadFolder(); if (!$this->folder->id) { PHPWS_Core::errorPage('404'); } $this->title = sprintf('%s - %s', $this->folder->title, $this->folder->getPublic()); $this->loadForms(); $this->forms->folderContents($this->folder); }
function userMenu($action = null) { $javascript = false; if (empty($action)) { if (!isset($_REQUEST['uop'])) { PHPWS_Core::errorPage('404'); } $action = $_REQUEST['uop']; } $this->loadMessage(); switch ($action) { case 'view': $this->title = PHPWS_Settings::get('whatsnew', 'title'); $this->content = $this->whatsnewBlock(); break; } $tpl['TITLE'] = $this->title; $tpl['CONTENT'] = $this->content; $tpl['MESSAGE'] = $this->message; if ($javascript) { Layout::nakedDisplay(PHPWS_Template::process($tpl, 'whatsnew', 'main_user.tpl')); } else { Layout::add(PHPWS_Template::process($tpl, 'whatsnew', 'main_user.tpl')); } }
<?php /** * @author Matthew McNaney <mcnaney at gmail dot com> */ if (isset($_GET['id']) && isset($_GET['size'])) { $qr = new QR($_GET['id'], $_GET['size']); echo $qr->get(); exit; } else { PHPWS_Core::errorPage('404'); }
public function loadSections($form_mode = false, $filler = true) { PHPWS_Core::initModClass('pagesmith', 'PS_Text.php'); PHPWS_Core::initModClass('pagesmith', 'PS_Block.php'); if (empty($this->_tpl)) { $this->loadTemplate(); } if (empty($this->_tpl->structure)) { PHPWS_Error::log(PS_PG_TPL_ERROR, 'pagesmith', 'PS_Page::loadSections', $this->_tpl->file); PHPWS_Core::errorPage(); } foreach ($this->_tpl->structure as $section_xml) { switch ($section_xml['TYPE']) { case 'image': case 'document': case 'media': case 'block': $section = new PS_Block(); $section->pid = $this->id; break; default: $section = new PS_Text(); $section->pid = $this->id; } $section->plugSection($section_xml, $this->id); if ($form_mode && $filler) { $section->loadFiller(); } $this->_sections[$section->secname] = $section; } if ($this->id) { // load sections from database // load sections should handle template $text_db = new PHPWS_DB('ps_text'); $block_db = new PHPWS_DB('ps_block'); $text_db->addWhere('pid', $this->id); $block_db->addWhere('pid', $this->id); $text_db->setIndexBy('secname'); $block_db->setIndexBy('secname'); $text_sections = $text_db->select(); $block_sections = $block_db->select(); if (!empty($text_sections)) { foreach ($text_sections as $secname => $section) { if (isset($this->_sections[$secname])) { PHPWS_Core::plugObject($this->_sections[$secname], $section); // we don't want smarttags parsed $this->_content[$secname] = $this->_sections[$secname]->getContent(!$form_mode); } elseif (!empty($section['content'])) { $this->_orphans[$secname] = $section; } else { $db = \Database::newDB(); $db->setConditional($db->addTable('ps_text')->getFieldConditional('id', $section['id'])); $db->delete(); } } } if (!empty($block_sections)) { foreach ($block_sections as $secname => $section) { if (isset($this->_sections[$secname])) { if ($this->_sections[$secname]->width) { $default_w = $this->_sections[$secname]->width; } if ($this->_sections[$secname]->height) { $default_h = $this->_sections[$secname]->height; } PHPWS_Core::plugObject($this->_sections[$secname], $section); if ($this->_sections[$secname]->width && !empty($default_w)) { $this->_sections[$secname]->width = $default_w; } if ($this->_sections[$secname]->height && !empty($default_h)) { $this->_sections[$secname]->height = $default_h; } if ($form_mode && $this->_sections[$secname]->type_id) { //reload the image form if the image is set $this->_sections[$secname]->loadFiller(); } $this->_content[$secname] = $this->_sections[$secname]->getContent(); } elseif ($section['type_id'] > 0) { $this->_orphans[$secname] = $section; } else { $db = \Database::newDB(); $db->setConditional($db->addTable('ps_block')->getFieldConditional('id', $section['id'])); $db->delete(); } } } } }
public static function main() { $tpl['MESSAGE'] = NULL; $message = RSS_Admin::getMessage(); PHPWS_Core::initModClass('rss', 'Feed.php'); PHPWS_Core::initModClass('rss', 'Channel.php'); if (!Current_User::allow('rss')) { Current_User::disallow(); } $panel = RSS_Admin::adminPanel(); if (isset($_REQUEST['command'])) { $command = $_REQUEST['command']; } elseif (isset($_REQUEST['tab'])) { $command = $_REQUEST['tab']; } else { $command = $panel->getCurrentTab(); } if (isset($_REQUEST['channel_id'])) { $channel = new RSS_Channel($_REQUEST['channel_id']); } else { $channel = new RSS_Channel(); } if (isset($_REQUEST['feed_id'])) { $feed = new RSS_Feed($_REQUEST['feed_id']); } else { $feed = new RSS_Feed(); } switch ($command) { case 'channels': $tpl = RSS_Admin::channels(); break; case 'settings': $tpl = RSS_Admin::settings(); break; case 'save_settings': $result = RSS_Admin::save_settings(); if (!$result) { PHPWS_Settings::save('rss'); $result = dgettext('rss', 'Settings saved successfully.'); } $tpl = RSS_Admin::settings(); $tpl['MESSAGE'] =& $result; break; case 'feedInfo': $feed = new RSS_Feed(filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT)); echo json_encode($feed); exit; break; case 'save_feed': $result = $feed->post(); if (is_array($result)) { $tpl['CONTENT'] = RSS_Admin::editFeed($feed, true); $tpl['MESSAGE'] = implode('<br />', $result); } else { $result = $feed->save(); PHPWS_Core::reroute('index.php?module=rss&tab=import'); } break; case 'edit_channel': $tpl = RSS_Admin::editChannel($channel); break; case 'post_channel': $result = $channel->post(); if (is_array($result)) { $message = implode('<br />', $result); $tpl = RSS_Admin::editChannel($channel); } else { $result = $channel->save(); if (PHPWS_Error::isError($result)) { RSS_Admin::sendMessage(dgettext('rss', 'An error occurred when saving your channel.'), 'channels'); } else { RSS_Admin::sendMessage(dgettext('rss', 'Channel saved.'), 'channels'); } } break; case 'reset_feed': $feed->reset(); case 'import': $tpl = RSS_Admin::import(); break; case 'turn_on_display': $feed->display = 1; $feed->save(); $tpl = RSS_Admin::import(); break; case 'turn_off_display': $feed->display = 0; $feed->save(); $tpl = RSS_Admin::import(); break; case 'add_feed': $tpl = RSS_Admin::editFeed($feed); Layout::nakedDisplay(PHPWS_Template::process($tpl, 'rss', 'main.tpl')); exit; break; case 'edit_feed': $tpl = RSS_Admin::editFeed($feed); Layout::nakedDisplay(PHPWS_Template::process($tpl, 'rss', 'main.tpl')); exit; break; case 'delete_feed': $feed->delete(); $tpl = RSS_Admin::import(); break; default: PHPWS_Core::errorPage('404'); break; } if (!empty($message)) { $tpl['MESSAGE'] = $message; } $content = PHPWS_Template::process($tpl, 'rss', 'main.tpl'); $panel->setContent($content); $content = $panel->display(); Layout::add(PHPWS_ControlPanel::display($content)); }
public function process($command = null) { if (empty($command)) { @($command = $_REQUEST['uop']); } switch ($command) { case 'checkin_form': $this->checkinForm(); break; case 'error': $this->title = dgettext('checkin', 'Sorry'); $this->content = dgettext('checkin', 'An error is preventing your account to save. Please alert the office.'); Layout::metaRoute('index.php', 5); break; case 'thank': $this->title = dgettext('checkin', 'Thank you'); $this->loadReason(); $this->content = $this->reason->message; Layout::metaRoute('index.php', 5); break; case 'post_checkin': if ($this->postCheckin()) { if (PHPWS_Error::logIfError($this->visitor->save())) { PHPWS_Core::reroute('index.php?module=checkin&uop=error'); } else { PHPWS_Core::reroute('index.php?module=checkin&uop=thank&reason_id=' . $_POST['reason_id']); } } else { $this->checkinForm(); } break; default: PHPWS_Core::errorPage('404'); } Layout::add($this->main()); }