public function postSuggestion()
{
$this->loadSuggestion();
if ($this->event->post()) {
if (PHPWS_Core::isPosted()) {
$this->title = dgettext('calendar', 'Duplicate suggestion.');
$this->content = dgettext('calendar', 'You may try to suggest a different event.');
return true;
}
if (!isset($_SESSION['Calendar_Total_Suggestions'])) {
$_SESSION['Calendar_Total_Suggestions'] = 0;
}
if (!$this->allowSuggestion()) {
$this->title = dgettext('calendar', 'Sorry');
$this->content = dgettext('calendar', 'You have exceeded your allowed event submissions.');
return true;
}
$result = $this->event->save();
$_SESSION['Calendar_Total_Suggestions']++;
if (PHPWS_Error::isError($result)) {
PHPWS_Error::log($result);
if (PHPWS_Calendar::isJS()) {
javascript('close_refresh', array('timeout' => 5, 'refresh' => 0));
Layout::nakedDisplay('Event suggestion failed to save. Try again later.');
exit;
} else {
$this->title = dgettext('calendar', 'Sorry');
$this->content = dgettext('calendar', 'Unable to save your event suggestion.');
return true;
}
} else {
if (PHPWS_Calendar::isJS()) {
javascript('alert', array('content' => dgettext('calendar', 'Event submitted for approval.')));
javascript('close_refresh', array('timeout' => 1, 'refresh' => 0));
Layout::nakedDisplay();
exit;
} else {
$this->title = dgettext('calendar', 'Event saved');
$this->content = dgettext('calendar', 'An administrator will review your submission. Thank you.');
return true;
}
}
} else {
return false;
}
}
/**
* Sets the last form post made to the website.
* Works with isPosted
* @deprecate
*/
public static function setLastPost()
{
$key = PHPWS_Core::_getPostKey();
if (!PHPWS_Core::isPosted()) {
$_SESSION['PHPWS_LastPost'][] = $key;
if (count($_SESSION['PHPWS_LastPost']) > MAX_POST_TRACK) {
array_shift($_SESSION['PHPWS_LastPost']);
}
} elseif (isset($_SESSION['PHPWS_Post_Count'][$key])) {
if (isset($_SESSION['PHPWS_Post_Count'][$key])) {
$_SESSION['PHPWS_Post_Count'][$key]++;
} else {
$_SESSION['PHPWS_Post_Count'][$key] = 1;
}
}
}
public function adminMenu()
{
if (!Current_User::allow('signup')) {
Current_User::disallow();
}
$this->loadPanel();
$javascript = false;
$this->loadMessage();
$command = $_REQUEST['aop'];
switch ($command) {
case 'add_slot_peep':
$javascript = true;
$this->loadPeep();
$this->loadForm('edit_peep');
break;
case 'menu':
if (!isset($_GET['tab'])) {
$this->loadForm('list');
} else {
$this->loadForm($_GET['tab']);
}
break;
case 'delete_sheet':
$this->loadSheet();
$this->sheet->delete();
$this->message = dgettext('signup', 'Signup sheet deleted.');
$this->loadForm('list');
break;
case 'edit_sheet':
$this->loadForm('edit_sheet');
break;
case 'edit_slot_peep':
$javascript = true;
$this->loadPeep();
$this->loadForm('edit_peep');
break;
case 'edit_slot_popup':
$javascript = true;
$this->loadSlot();
$this->loadForm('edit_slot_popup');
break;
case 'edit_peep_popup':
$javascript = true;
$this->loadSlot();
$this->loadForm('edit_peep_popup');
break;
case 'print_applicants':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadSheet();
$this->printApplicants();
exit;
break;
case 'email_applicants':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadEmail();
$this->loadSheet();
$this->loadForm('email_applicants');
break;
case 'post_email':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadEmail();
$this->loadSheet();
if ($this->postEmail()) {
$this->sendEmail();
} else {
$this->loadForm('email_applicants');
}
break;
case 'slot_listing':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadSheet();
$this->slotListing();
exit;
break;
case 'csv_applicants':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadSheet();
$this->csvExport();
exit;
break;
case 'send_email':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->sendEmail();
break;
case 'edit_slots':
$this->loadSheet();
$this->loadForm('edit_slots');
break;
case 'search_slot':
$this->searchSlots();
break;
case 'post_peep':
$javascript = true;
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
if ($this->postPeep()) {
// Since added by an admin, automatically registered
$this->peep->registered = 1;
if (PHPWS_Error::logIfError($this->peep->save())) {
$this->forwardMessage(dgettext('signup', 'Error occurred when saving applicant.'));
} else {
$this->forwardMessage(dgettext('signup', 'Applicant saved successfully.'));
}
javascript('close_refresh');
Layout::nakedDisplay();
} else {
$this->loadForm('edit_peep');
}
break;
case 'post_sheet':
$this->loadSheet();
if (!Current_User::authorized('signup', 'edit_sheet', $this->sheet->id, 'sheet')) {
Current_User::disallow();
}
if ($this->postSheet()) {
if (!$this->sheet->id && PHPWS_Core::isPosted()) {
$this->message = dgettext('signup', 'Sheet previously posted.');
$this->loadForm('edit_sheet');
} else {
$new_sheet = !$this->sheet->id;
if (PHPWS_Error::logIfError($this->sheet->save())) {
$this->forwardMessage(dgettext('signup', 'Error occurred when saving sheet.'));
PHPWS_Core::reroute('index.php?module=signup&aop=list');
} else {
$this->forwardMessage(dgettext('signup', 'Sheet saved successfully.'));
if ($new_sheet) {
PHPWS_Core::reroute('index.php?module=signup&aop=edit_slots&sheet_id=' . $this->sheet->id);
} else {
$this->loadForm('list');
}
}
}
} else {
$this->loadForm('edit_sheet');
}
break;
case 'post_slot':
$javascript = true;
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
if ($this->postSlot()) {
if (PHPWS_Error::logIfError($this->slot->save())) {
$this->forwardMessage(dgettext('signup', 'Error occurred when saving slot.'));
} else {
$this->forwardMessage(dgettext('signup', 'Slot saved successfully.'));
}
javascript('close_refresh');
Layout::nakedDisplay();
} else {
$this->loadForm('edit_slot_popup');
}
break;
case 'move_peep':
$this->loadPeep();
$result = $this->movePeep();
if (PHPWS_Error::logIfError($result) || !$result) {
$this->forwardMessage(dgettext('signup', 'Error occurred when moving applicant. Slot may be full.'));
}
PHPWS_Core::goBack();
break;
case 'move_top':
$this->loadSlot();
$this->slot->moveTop();
PHPWS_Core::goBack();
break;
case 'move_up':
$this->loadSlot();
$this->slot->moveUp();
PHPWS_Core::goBack();
break;
case 'move_down':
$this->loadSlot();
$this->slot->moveDown();
PHPWS_Core::goBack();
break;
case 'move_bottom':
$this->loadSlot();
$this->slot->moveBottom();
PHPWS_Core::goBack();
break;
case 'delete_slot':
$this->loadSlot();
$this->deleteSlot();
break;
case 'delete_slot_peep':
$this->loadPeep();
$this->peep->delete();
PHPWS_Core::goBack();
break;
case 'report':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadSheet();
$this->loadForm('report');
break;
case 'alpha_order':
case 'reset_slot_order':
if (!Current_User::authorized('signup')) {
Current_User::disallow();
}
$this->loadSheet();
$this->resetSlots($command);
$this->forwardMessage(dgettext('signup', 'Slot order reset.'));
PHPWS_Core::reroute('index.php?module=signup&sheet_id=' . $this->sheet->id . '&aop=edit_slots&authkey=' . Current_User::getAuthKey());
break;
}
$tpl['TITLE'] = $this->title;
$tpl['CONTENT'] = $this->content;
$tpl['MESSAGE'] = $this->message;
if ($javascript) {
$fonts = '<link rel="stylesheet" type="text/css" href="' . PHPWS_SOURCE_HTTP . 'themes/bootstrap/font-awesome/css/font-awesome.min.css" />
<link rel="stylesheet" type="text/css" href="' . PHPWS_SOURCE_HTTP . 'themes/bootstrap/css/bootstrap.min.css" />';
\Layout::addJSHeader($fonts);
Layout::nakedDisplay(PHPWS_Template::process($tpl, 'signup', 'main.tpl'));
} else {
$this->panel->setContent(PHPWS_Template::process($tpl, 'signup', 'main.tpl'));
Layout::add(PHPWS_ControlPanel::display($this->panel->display()));
}
}
public function postForgot(&$content)
{
if (empty($_POST['fg_username']) && empty($_POST['fg_email'])) {
$content = dgettext('users', 'You must enter either a username or email address.');
return false;
}
if (!empty($_POST['fg_username'])) {
$username = $_POST['fg_username'];
if (preg_match('/\'|"/', html_entity_decode(strip_tags($username), ENT_QUOTES))) {
$content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.');
return false;
}
$db = new PHPWS_DB('users');
$db->addWhere('username', strtolower($username));
$db->addColumn('email');
$db->addColumn('id');
$db->addColumn('deity');
$db->addColumn('authorize');
$user_search = $db->select('row');
if (PHPWS_Error::logIfError($user_search)) {
$content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.');
return false;
} elseif (empty($user_search)) {
$content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.');
return false;
} else {
if ($user_search['deity'] && !ALLOW_DEITY_FORGET) {
Security::log(dgettext('users', 'Forgotten password attempt made on a deity account.'));
$content = dgettext('users', 'User name not found. Check your spelling or enter an email address instead.');
return false;
}
if ($user_search['authorize'] != 1) {
$content = sprintf(dgettext('users', 'Sorry but your authorization is not checked on this site. Please contact %s for information on reseting your password.'), PHPWS_User::getUserSetting('site_contact'));
return false;
}
if (PHPWS_Core::isPosted()) {
$content = dgettext('users', 'Please check your email for a response.');
return true;
}
if (empty($user_search['email'])) {
$content = dgettext('users', 'Your email address is missing from your account. Please contact the site administrators.');
PHPWS_Error::log(USER_ERR_NO_EMAIL, 'users', 'User_Action::postForgot');
return true;
}
if (User_Action::emailPasswordReset($user_search['id'], $user_search['email'])) {
$content = dgettext('users', 'We have sent you an email to reset your password.');
return true;
} else {
$content = dgettext('users', 'We are currently unable to send out email reminders. Try again later.');
return true;
}
}
} elseif (!empty($_POST['fg_email'])) {
$email = $_POST['fg_email'];
if (preg_match('/\'|"/', html_entity_decode(strip_tags($email), ENT_QUOTES))) {
$content = dgettext('users', 'Email address not found. Please try again.');
return false;
}
if (!PHPWS_Text::isValidInput($email, 'email')) {
$content = dgettext('users', 'Email address not found. Please try again.');
return false;
}
$db = new PHPWS_DB('users');
$db->addWhere('email', $email);
$db->addColumn('username');
$user_search = $db->select('row');
if (PHPWS_Error::logIfError($user_search)) {
$content = dgettext('users', 'Email address not found. Please try again.');
return false;
} elseif (empty($user_search)) {
$content = dgettext('users', 'Email address not found. Please try again.');
return false;
} else {
if (PHPWS_Core::isPosted()) {
$content = dgettext('users', 'Please check your email for a response.');
return true;
}
if (User_Action::emailUsernameReminder($user_search['username'], $email)) {
$content = dgettext('users', 'We have sent you an user name reminder. Please check your email and return to log in.');
return true;
} else {
$content = dgettext('users', 'We are currently unable to send out email reminders. Try again later.');
return true;
}
}
}
}
public static function main()
{
if (!Current_User::authorized('blog')) {
Current_User::disallow(dgettext('blog', 'User attempted access to Blog administration.'));
return;
}
$title = $content = NULL;
$message = Blog_Admin::getForward();
$panel = Blog_Admin::cpanel();
$panel->enableSecure();
if (isset($_REQUEST['command'])) {
$command = $_REQUEST['command'];
} else {
$command = $panel->getCurrentTab();
}
if (isset($_REQUEST['blog_id'])) {
$blog = new Blog((int) $_REQUEST['blog_id']);
} else {
$blog = new Blog();
}
switch ($command) {
case 'edit':
$panel->setCurrentTab('list');
if (!Current_User::isUser($blog->author_id) && !Current_User::authorized('blog', 'edit_blog', $_REQUEST['blog_id'], 'entry')) {
Current_User::disallow(dgettext('blog', 'User tried to edit a blog.'));
return;
}
$title = dgettext('blog', 'Update Blog Entry');
$content = Blog_Form::edit($blog);
break;
case 'new':
$title = dgettext('blog', 'New Blog Entry');
$content = Blog_Form::edit($blog);
break;
case 'delete':
//Blog_Admin::resetCache();
$result = $blog->delete();
Blog_Admin::setForward(dgettext('blog', 'Blog entry deleted.'), 'list');
break;
case 'list':
$title = dgettext('blog', 'Blog Entries');
$content = Blog_Admin::entry_list();
break;
case 'menu_submit_link':
Menu::pinLink(dgettext('blog', 'Submit entry'), 'index.php?module=blog&action=user&action=submit');
PHPWS_Core::reroute('index.php?module=blog&action=admin&tab=settings&authkey=' . Current_User::getAuthKey());
break;
case 'sticky':
if (!Current_User::isUnrestricted('blog')) {
Current_User::disallow();
}
Blog_Admin::sticky($blog);
PHPWS_Core::goBack();
break;
case 'unsticky':
if (!Current_User::isUnrestricted('blog')) {
Current_User::disallow();
}
Blog_Admin::unsticky($blog);
PHPWS_Core::goBack();
break;
case 'post_entry':
$title = dgettext('blog', 'Blog Archive');
$panel->setCurrentTab('list');
$blog->post_entry();
$link_back = PHPWS_Text::linkAddress('blog', array('action' => 'admin', 'tab' => 'list'), TRUE);
if ($blog->_error) {
if (empty($blog->id)) {
$panel->setCurrentTab('new');
}
$content = Blog_Form::edit($blog);
} else {
if (!isset($_POST['blog_id']) && PHPWS_Core::isPosted()) {
Blog_Admin::setForward(dgettext('blog', 'Entry saved successfully.'), 'list');
}
$result = $blog->save();
//Blog_Admin::resetCache();
if (PHPWS_Error::isError($result)) {
$message = dgettext('blog', 'An error occurred when trying to save your entry. Please check your logs.');
PHPWS_Error::log($result);
Blog_Admin::setForward($message, 'list');
}
if (!$blog->approved) {
Blog_Admin::setForward(dgettext('blog', 'Your entry is being held for approval.'), 'list');
} else {
PHPWS_Core::reroute($blog->getViewLink(true));
}
}
break;
case 'reset_cache':
Blog_Admin::resetCache();
PHPWS_Core::goBack();
break;
case 'post_settings':
if (!Current_User::authorized('blog', 'settings')) {
Current_User::disallow();
return;
}
if (Current_User::isDeity() && isset($_POST['purge_confirm'])) {
$title = dgettext('blog', 'Purge Blog Entries');
$content = Blog_Admin::confirmPurge($_POST['purge_date']);
break;
}
Blog_Admin::postSettings();
$message = dgettext('blog', 'Blog settings saved.');
case 'settings':
if (!Current_User::allow('blog', 'settings')) {
Current_User::disallow();
return;
}
$panel->setCurrentTab('settings');
$title = dgettext('blog', 'Blog Settings');
$content = Blog_Form::settings();
break;
case 'purge_entries':
if (Current_User::authorized('blog') && Current_User::isDeity()) {
Blog_Admin::purgeEntries($_GET['pd']);
$message = dgettext('blog', 'Blog entries purged.');
}
$content = Blog_Form::settings();
}
Layout::add(PHPWS_ControlPanel::display($panel->display($content, $title, $message)));
}
