/**
  * Run method with main page logic
  * 
  * Read in list of the latest published articles. Pagination enabled.
  * Populate template and display results in the page.
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     /*
     if ($user == null || !$user->validUser ()) {
         header ("Location: " . BASE_URL);
         return;
     }
     */
     $articleDAO = ArticleDAO::getInstance();
     $tagDAO = ArticleTagDAO::getInstance();
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     if ($page < 1) {
         $page = 1;
     }
     $count = $paginator = $paginator_page = null;
     $article = $articletags_array = null;
     $title = "";
     $count = $articleDAO->countPublished(true);
     $paginator = new Paginator($count, $PAGINATION_LIMIT);
     $paginator_page = $paginator->getPage($page);
     $article_array = $articleDAO->allPublished(true, array("order" => "{$articleDAO->getTableName()}.postDate DESC, {$articleDAO->getTableName()}.id DESC", "limit" => $paginator_page, "joins" => true));
     foreach ($article_array as $article) {
         $articletags_array[] = $tagDAO->allArticleTags($article, array("order" => "name"));
     }
     $this->template->render(array("title" => "Latests Articles", "main_page" => "article_list_tpl.php", "session" => $session, "article_array" => $article_array, "articletags_array" => $articletags_array, "paginator_page" => $paginator_page));
 }
 /**
  * Run method with main page logic
  * 
  * Read in the specified article from the database.
  * Populate template and display article in the page
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     /*
     if ($user == null || !$user->validUser ()) {
         header ("Location: " . BASE_URL);
         return;
     }
     */
     $articleDAO = ArticleDAO::getInstance();
     $tagDAO = ArticleTagDAO::getInstance();
     $article = $articletags = null;
     $title = "";
     if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
         $article_id = intval($_GET["id"]);
         $article = $articleDAO->load($article_id, array("joins" => true));
         if ($article) {
             $title .= "{$article->getTitle()}";
             $articletags = $tagDAO->allArticleTags($article, array("order" => "name"));
         }
     }
     //print_r ($articletags);
     $this->template->render(array("title" => "Article - " . $title, "main_page" => "view_article_tpl.php", "session" => $session, "article" => $article, "articletags" => $articletags));
 }
 /**
  * Run method with main page logic
  * 
  * Read in album information and photos associated with an album from the database.
  * Populate template and display results in the page. Pagination possible
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     $albumDAO = AlbumDAO::getInstance();
     $photoDAO = PhotoDAO::getInstance();
     $album = $photo_array = $photo_count = $paginator_page = $queryVars = null;
     $title = "";
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     if ($page < 1) {
         $page = 1;
     }
     $id = isset($_GET["id"]) && is_numeric($_GET["id"]) ? intval($_GET["id"]) : 0;
     if ($id <= 0) {
         header("Location: " . BASE_URL);
         return;
     }
     $album = $albumDAO->load($id, array("joins" => true));
     if ($album) {
         $title = $album->getTitle();
         $count = $photoDAO->countByAlbum($album);
         $paginator = new Paginator($count, $PAGINATION_LIMIT);
         $paginator_page = $paginator->getPage($page);
         $photo_array = $photoDAO->allByAlbum($album, array("limit" => $paginator_page));
         $queryVars = array("id" => $id);
     }
     $this->template->render(array("title" => "View Album - {$title}", "session" => $session, "album" => $album, "photo_array" => $photo_array, "paginator_page" => $paginator_page, "queryVars" => $queryVars, "main_page" => "view_album_tpl.php"));
 }
 /**
  * Run method with main page logic
  * 
  * Read in the specified event from the database.
  * Populate template and display event details in the page. Allow admin preview of un-approved event
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     $eventDAO = EventDAO::getInstance();
     $attendDAO = AttendanceDAO::getInstance();
     $title = "";
     $event = $attending = $attend_array = null;
     $attend_count = null;
     if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
         $id = intval($_GET["id"]);
         $event = $eventDAO->load($id, array("joins" => true));
         // Check if event is approved
         if ($event && $event->status == Event::APPROVED_STATUS) {
             $title .= " - {$event->title}";
             if ($user) {
                 $attending = $attendDAO->loadExists($event, $user);
             }
             $attend_count = $attendDAO->countByEvent($event);
             $attend_array = $attendDAO->allByEvent($event, array("joins" => true, "order" => "id DESC"));
         } else {
             if ($event && $session->getUser() && $session->getUser()->isAdmin()) {
                 $title .= " - {$event->title}";
                 $attending = $attendDAO->loadExists($event, $user);
                 $attend_count = $attendDAO->countByEvent($event);
                 $attend_array = $attendDAO->allByEvent($event, array("joins" => true, "order" => "id DESC"));
             } else {
                 $event = null;
             }
         }
     }
     $this->template->render(array("title" => "Event Details" . $title, "main_page" => "view_event_tpl.php", "session" => $session, "event" => $event, "attending" => $attending, "attend_array" => $attend_array, "attend_count" => $attend_count));
 }
 /**
  * Run method with main page logic
  * 
  * Read in list of albums and the latest photos for each album. Pagination enabled.
  * Populate template with data and display results in the page.
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     $albumDAO = AlbumDAO::getInstance();
     $photoDAO = PhotoDAO::getInstance();
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     if ($page < 1) {
         $page = 1;
     }
     $count = $paginator = $paginator_page = null;
     $album = $photo_info_array = null;
     $title = "";
     $count = $albumDAO->count();
     $paginator = new Paginator($count, $PAGINATION_LIMIT);
     $paginator_page = $paginator->getPage($page);
     $album_array = $albumDAO->all(array("limit" => $paginator_page));
     $photo_info_array = array();
     foreach ($album_array as $album) {
         $count = $photoDAO->countByAlbum($album);
         if ($count > 0) {
             $tmp_paginator = new Paginator($count, 1);
             $tmp_paginator_page = $paginator->getPage($page);
             // Only get latest item
             list($latest_photo) = $photoDAO->allByAlbum($album, array("order" => "id DESC", "limit" => $tmp_paginator_page));
             $photo_info_array[] = array($count, $latest_photo);
         }
     }
     $this->template->render(array("title" => "Album List", "main_page" => "album_list_tpl.php", "session" => $session, "album_array" => $album_array, "photo_info_array" => $photo_info_array, "paginator_page" => $paginator_page));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for creating a new album entry. For POST request,
  * validate form data and save information to database. Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $albumDAO = AlbumDAO::getInstance();
     $album = null;
     $form_errors = array();
     $form_values = array("title" => "");
     if (!empty($_POST)) {
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_errors)) {
             $album = new Album();
             $album->setTitle($form_values["title"]);
             if ($albumDAO->insert($album)) {
                 $session->setMessage("Album saved");
                 header("Location: edit_album.php?id={$album->id}");
                 return;
             } else {
                 $session->setMessage("Album not saved");
             }
         }
     }
     $this->template->render(array("title" => "Create Album", "session" => $session, "main_page" => "create_album_tpl.php", "album" => $album, "form_values" => $form_values, "form_errors" => $form_errors));
 }
 /**
  * Run method with main page logic
  * 
  * Read in list of the latest published events and populate template with results.
  * Display results in the page. Pagination enabled
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     $eventDAO = EventDAO::getInstance();
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     $platform_id = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
     if ($page < 1) {
         $page = 1;
     }
     $count = $paginator = $paginator_page = $queryVars = $current_platform = null;
     if ($platform_id <= 0) {
         $count = $eventDAO->countStatus(Event::APPROVED_STATUS);
         $paginator = new Paginator($count, $PAGINATION_LIMIT);
         $paginator_page = $paginator->getPage($page);
         $event_array = $eventDAO->allByStatus(Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
     } else {
         $count = $eventDAO->countPlatformStatus($platform_id, Event::APPROVED_STATUS);
         $paginator = new Paginator($count, $PAGINATION_LIMIT);
         $paginator_page = $paginator->getPage($page);
         $event_array = $eventDAO->allByPlatformStatus($platform_id, Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
         $queryVars = array("platform" => $platform_id);
     }
     $platformDAO = PlatformDAO::getInstance();
     $platform_array = $platformDAO->all();
     //print_r ($event_array);
     if ($platform_id > 0) {
         $current_platform = $platformDAO->load($platform_id);
     }
     $this->template->render(array("title" => "Event List", "main_page" => "event_list_tpl.php", "event_array" => $event_array, "session" => $session, "paginator_page" => $paginator_page, "sidebar_extra" => joinPath("fragments", "event_sidebar_tpl.php"), "platform_array" => $platform_array, "queryVars" => $queryVars, "current_platform" => $current_platform));
 }
 /**
  * Run method with main page logic
  * 
  * If a user has a valid session, kill old session data and start new anonymous session.
  * Populate template and display logout status in page.
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if ($user == null) {
         $session->setMessage("Not currently logged in", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $session->kill();
     $user = $session->getUser();
     $this->template->render(array("main_page" => "logout_tpl.php", "title" => "Logged out", "user" => $user));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for editing an album entry. For POST requests,
  * check user credentials, check if album exists and then update entry in database.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $albumDAO = AlbumDAO::getInstance();
     $album = null;
     $form_errors = array();
     $form_values = array("id" => "", "title" => "");
     if (!empty($_POST)) {
         $form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         if (empty($form_values["id"])) {
             $form_errors["id"] = "No id specified";
         }
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_errors)) {
             $album = $albumDAO->load($form_values["id"]);
             if ($album) {
                 $album->setTitle($form_values["title"]);
                 if ($albumDAO->save($album)) {
                     $session->setMessage("Album saved");
                     header("Location: edit_album.php?id={$album->id}");
                     return;
                 } else {
                     $session->setMessage("Album not saved");
                 }
             }
         } else {
             if (empty($form_errors["id"])) {
                 $album = $albumDAO->load($form_values["id"]);
             }
         }
     } else {
         if (!empty($_GET)) {
             $form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
             if (empty($form_values["id"])) {
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 $album = $albumDAO->load($form_values["id"]);
                 // Album does not exist. Pass null to template
                 if (!$album) {
                 } else {
                     $form_values["id"] = $album->getId();
                     $form_values["title"] = $album->getTitle();
                 }
             }
         }
     }
     $this->template->render(array("title" => "Edit Album", "session" => $session, "main_page" => "edit_album_tpl.php", "album" => $album, "form_values" => $form_values, "form_errors" => $form_errors));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display confirmation for photo deletion. For POST requests,
  * check user credentials, check if photo exists and then delete entry from database.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if ($user == null || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $photoDAO = PhotoDAO::getInstance();
     $delete_photo = null;
     $form_errors = array();
     $form_values = array("id" => "");
     if (!empty($_POST)) {
         $id = isset($_POST["id"]) ? trim($_POST["id"]) : "";
         if (empty($id)) {
             header("Location: " . BASE_URL);
             return;
         } else {
             if (is_numeric($id)) {
                 $delete_photo = $photoDAO->load($id);
                 if ($delete_photo) {
                     if ($photoDAO->delete($delete_photo)) {
                         unlink($delete_photo->getFileLoc());
                         if ($delete_photo->getThumbLoc()) {
                             unlink($delete_photo->getThumbLoc());
                         }
                         $session->setMessage("Photo deleted");
                         header("Location: " . BASE_URL);
                         return;
                     } else {
                         $session->setMessage("Could not delete photo", Session::MESSAGE_ERROR);
                     }
                 }
             }
         }
     } else {
         if (!empty($_GET)) {
             $id = isset($_GET["id"]) ? trim($_GET["id"]) : "";
             if (empty($id)) {
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 if (is_numeric($id)) {
                     $delete_photo = $photoDAO->load($id);
                     if ($delete_photo) {
                         $form_values["id"] = $delete_photo->getId();
                     }
                 }
             }
         } else {
             header("Location: " . BASE_URL);
             return;
         }
     }
     $this->template->render(array("title" => "Delete Profile", "main_page" => "delete_photo_tpl.php", "session" => $session, "delete_photo" => $delete_photo, "form_errors" => $form_errors, "form_values" => $form_values));
 }
 /**
  * Run method with main page logic
  * 
  * Reads in events for a given month or current month if no parameters are passed.
  * Allow filtering by platform id. Populate template and display event data in a calendar view on the page.
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     $eventDAO = EventDAO::getInstance();
     $platformDAO = PlatformDAO::getInstance();
     //$page = (isset ($_GET["page"]) && is_numeric ($_GET["page"])) ? intval ($_GET["page"]) : 1;
     $platform_id = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
     $month = isset($_GET["month"]) && is_numeric($_GET["month"]) ? intval($_GET["month"]) : 0;
     $year = isset($_GET["year"]) && is_numeric($_GET["year"]) ? intval($_GET["year"]) : 0;
     //if ($page < 1) {
     //    $page = 1;
     //}
     $count = $paginator = $paginator_page = $event_array = $next_eventday = $prev_eventday = $current_platform = null;
     if ($platform_id > 0 && checkdate($month, 1, $year)) {
         $start = mktime(0, 0, 0, $month, 1, $year);
         $end = strtotime("+1 month", $start) - 1;
         //$count = $eventDAO->countPlatformStatusAndRange ($platform, Event::APPROVED_STATUS, $start, $end);
         //$paginator = new Paginator ($count, 3);
         //$paginator_page = $paginator->getPage ($page);
         $event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
     } else {
         if ($platform_id > 0) {
             $start = mktime(0, 0, 0, idate("m"), 1, idate("Y"));
             $end = strtotime("+1 month", $start) - 1;
             //$count = $eventDAO->countPlatformStatusAndRange ($platform, Event::APPROVED_STATUS, $start, $end);
             //$paginator = new Paginator ($count, 3);
             //$paginator_page = $paginator->getPage ($page);
             $event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
         } else {
             if (checkdate($month, 1, $year)) {
                 $start = mktime(0, 0, 0, $month, 1, $year);
                 $end = strtotime("+1 month", $start) - 1;
                 //$count = $eventDAO->countStatus (Event::APPROVED_STATUS);
                 //$paginator = new Paginator ($count, 3);
                 //$paginator_page = $paginator->getPage ($page);
                 $event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
             } else {
                 $start = mktime(0, 0, 0, idate("m"), 1, idate("Y"));
                 $end = strtotime("+1 month", $start) - 1;
                 //$count = $eventDAO->countStatus (Event::APPROVED_STATUS);
                 //$paginator = new Paginator ($count, 3);
                 //$paginator_page = $paginator->getPage ($page);
                 $event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
             }
         }
     }
     $next_eventday = $eventDAO->loadByNextDay($end, Event::APPROVED_STATUS);
     $prev_eventday = $eventDAO->loadByPreviousDay($start, Event::APPROVED_STATUS);
     if ($platform_id > 0) {
         $current_platform = $platformDAO->load($platform_id);
     }
     $platform_array = $platformDAO->all();
     //print_r ($event_array);
     $this->template->render(array("title" => "Event Month Calendar - " . date("F", $start) . " " . date("Y", $start), "main_page" => "events_month_tpl.php", "event_array" => $event_array, "session" => $session, "start" => $start, "end" => $end, "next_eventday" => $next_eventday, "prev_eventday" => $prev_eventday, "sidebar_extra" => joinPath("fragments", "event_sidebar_tpl.php"), "platform_array" => $platform_array, "current_platform" => $current_platform));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display confirmation for event deletion. For POST request,
  * check user credentials, check if event exists and then delete entry from database.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     // Check if user is an admin
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $eventDAO = EventDAO::getInstance();
     $delete_event = null;
     $form_errors = array();
     $form_values = array("id" => "");
     if (!empty($_POST)) {
         // Check if a number was passed for the id
         $id = isset($_POST["id"]) ? trim($_POST["id"]) : "";
         if (empty($id)) {
             header("Location: " . BASE_URL);
             return;
         } else {
             if (is_numeric($id)) {
                 $delete_event = $eventDAO->load($id);
                 // Event exists. Delete
                 if ($delete_event) {
                     if ($eventDAO->delete($delete_event)) {
                         $session->setMessage("Event deleted");
                         header("Location: " . BASE_URL);
                         return;
                     } else {
                         $session->setMessage("Could not delete event", Session::MESSAGE_ERROR);
                     }
                 }
             }
         }
     } else {
         if (!empty($_GET)) {
             $id = isset($_GET["id"]) ? trim($_GET["id"]) : "";
             if (empty($id)) {
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 if (is_numeric($id)) {
                     $delete_event = $eventDAO->load($id);
                     if ($delete_event) {
                         $form_values["id"] = $delete_event->getId();
                     }
                 }
             }
         } else {
             header("Location: " . BASE_URL);
             return;
         }
     }
     $this->template->render(array("title" => "Delete Event", "main_page" => "delete_event_tpl.php", "session" => $session, "delete_event" => $delete_event, "form_errors" => $form_errors, "form_values" => $form_values));
 }
 /**
  * Run method with main page logic
  * 
  * Read in the specified photo from the database. Read in album data as well.
  * Populate template and display photo in the page.
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     $photoDAO = PhotoDAO::getInstance();
     $photo = $next_photo = $prev_photo = $photo_index = $photo_count = null;
     $title = "";
     if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
         $photo_id = intval($_GET["id"]);
         $photo = $photoDAO->load($photo_id, array("joins" => true));
         if ($photo) {
             $title .= " - {$photo->getTitle()}";
             // Load next and previous photos as well as position of current photo in album
             $next_photo = $photoDAO->loadNext($photo);
             $prev_photo = $photoDAO->loadPrevious($photo);
             $photo_index = $photoDAO->countPosition($photo, $photo->getAlbum());
             $photo_count = $photoDAO->countByAlbum($photo->getAlbum());
         }
     }
     $this->template->render(array("title" => "View Photo" . $title, "main_page" => "view_photo_tpl.php", "session" => $session, "photo" => $photo, "next_photo" => $next_photo, "prev_photo" => $prev_photo, "photo_index" => $photo_index, "photo_count" => $photo_count));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for creating a new page entry. For POST request,
  * validate form data and save information to database. Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $pageDAO = PageDAO::getInstance();
     $page = null;
     $form_errors = array();
     $form_values = array("id" => "", "title" => "", "content" => "", "published" => false, "template" => "");
     if (!empty($_POST)) {
         $form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         $form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : "";
         $form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : "";
         $form_values["template"] = isset($_POST["template"]) ? trim($_POST["template"]) : "";
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_values["content"])) {
             $form_errors["content"] = "No content specified";
         }
         if (empty($form_values["published"])) {
             $form_errors["published"] = "Published status not specified";
         } else {
             if (strcmp($form_values["published"], "true") != 0 && strcmp($form_values["published"], "false") != 0) {
                 $form_errors["published"] = "Published must be a boolean value";
             }
         }
         if (empty($form_errors)) {
             $page = new PageModel();
             $page->setTitle($form_values["title"]);
             $page->setContent($form_values["content"]);
             $page->setUserId($user->id);
             $pub_value = strcmp($form_values["published"], "true") == 0 ? true : false;
             $page->setPublished($pub_value);
             if (!empty($form_values["template"])) {
                 $page->setTemplate($form_values["template"]);
             }
             if ($pageDAO->insert($page)) {
                 $session->setMessage("Page saved");
                 header("Location: edit_page.php?id={$page->id}");
                 return;
             } else {
                 $session->setMessage("Page not saved");
             }
         }
     }
     $this->template->render(array("title" => "Create Page", "session" => $session, "main_page" => "create_page_tpl.php", "page" => $page, "form_values" => $form_values, "form_errors" => $form_errors));
 }
 /**
  * Run method with main page logic
  * 
  * Read in the specified profile from the database. Check if the current visitor is a valid user
  * and redirect if the user is not. If the user is valid,
  * populate template and display profile details in the page. Available to members only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     // Check for a valid user
     if ($user == null || !$user->validUser()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $userDAO = UserDAO::getInstance();
     $user = null;
     $title = "";
     if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
         $user_id = intval($_GET["id"]);
         $user = $userDAO->load($user_id);
         if ($user) {
             $title .= " - {$user->getUserName()}";
         }
     }
     $this->template->render(array("title" => "View Profile" . $title, "main_page" => "view_profile_tpl.php", "user" => $user, "session" => $session));
 }
 /**
  * Run method with main page logic
  * 
  * Read in albums from the database. Displays an interface to administer album data
  * for allowing bulk deletion of albums, deletion of a single
  * album and links to edit and view each album entry. Pagination enabled.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? $_GET["page"] : 1;
     if ($page < 1) {
         $page = 1;
     }
     $action = isset($_GET["action"]) ? trim($_GET["action"]) : "";
     $albumDAO = AlbumDAO::getInstance();
     $album_array = $paginator_page = null;
     $content_title = "";
     // Check for POST request and necessary data for deletion
     if (!empty($_POST) && !empty($_POST["ids"]) && !empty($_POST["action"])) {
         $action = isset($_POST["action"]) ? trim($_POST["action"]) : "";
         if (!strcmp($action, "delete") == 0) {
             header("Location: " . BASE_URL);
             return;
         }
         $status = $albumDAO->deleteByIds($_POST["ids"]);
         if ($status) {
             $session->setMessage("Selected pages deleted");
             header("Location: {$_SERVER["PHP_SELF"]}");
             return;
         } else {
             $session->setMessage("Deletion failed", Session::MESSAGE_ERROR);
             header("Location: {$_SERVER["PHP_SELF"]}");
             return;
         }
     } else {
         if (strcmp($action, "delete") == 0 && !empty($_GET["ids"])) {
             $content_title = "Delete Album";
             $album_array = $albumDAO->allByIds($_GET["ids"]);
         } else {
             if (strcmp($action, "delete") == 0) {
             } else {
                 $count = $albumDAO->count();
                 $paginator = new Paginator($count, $PAGINATION_LIMIT);
                 $paginator_page = $paginator->getPage($page);
                 $album_array = $albumDAO->all(array("limit" => $paginator_page));
             }
         }
     }
     $this->template->render(array("title" => "Admin - Album Options", "main_page" => "album_options_tpl.php", "session" => $session, "album_array" => $album_array, "paginator_page" => $paginator_page, "action" => $action, "content_title" => $content_title));
 }
 /**
  * Run method with main page logic
  * 
  * Read latest approved event data from database. Alter output header so
  * client interprets sent text as RSS/XML. Send feed text
  * to client
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 20;
     $eventDAO = EventDAO::getInstance();
     $platform = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
     $count = $paginator = $paginator_page = null;
     // Platform choice was made. Retrieve only events with platform id
     if ($platform <= 0) {
         $count = $eventDAO->countStatus(Event::APPROVED_STATUS);
         $paginator = new Paginator($count, $PAGINATION_LIMIT);
         $paginator_page = $paginator->getPage(1);
         $event_array = $eventDAO->allByStatus(Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
     } else {
         $count = $eventDAO->countPlatformStatus($platform, Event::APPROVED_STATUS);
         $paginator = new Paginator($count, $PAGINATION_LIMIT);
         $paginator_page = $paginator->getPage(1);
         $event_array = $eventDAO->allByPlatformStatus($platform, Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
     }
     //print_r ($event_array);
     // Alter header so client does not interpret output as HTML
     header("Content-Type: text/xml");
     $this->template->render(array("title" => "Latest Events Feed", "event_array" => $event_array, "paginator_page" => $paginator_page));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display login form. For POST requests,
  * check if a user exists with the specified password, and enter user id into session if login is valid.
  * @access public
  */
 public function run()
 {
     $form_errors = array();
     $form_values = array("username" => "", "password" => "");
     $session = Session::getInstance();
     $user = $session->getUser();
     if ($user != null) {
         $session->setMessage("You are already logged in", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     // Check if form data is being passed
     if (!empty($_POST)) {
         $form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
         $form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
         $password = sha1($form_values["password"]);
         if (empty($form_values["username"])) {
             $form_errors["username"] = "******";
         }
         if (empty($form_values["password"])) {
             $form_errors["password"] = "******";
         }
         if (empty($form_errors["username"])) {
             $userDAO = UserDAO::getInstance();
             $user = $userDAO->loadByUsername($form_values["username"]);
             if ($user && $user->getStatus() == User::STATUS_OK) {
                 if (strcmp($user->getPasshash(), $password) != 0) {
                     $form_errors["username"] = "******";
                 }
             } else {
                 if ($user && $user->getStatus() == User::STATUS_NEEDADMIN) {
                     $form_errors["username"] = "******";
                 } else {
                     $form_errors["username"] = "******";
                 }
             }
         }
         if (empty($form_errors)) {
             $session->setUser($user);
             $session->setMessage("Welcome, {$user->getUsername()}");
             header("Location: " . BASE_URL);
             return;
         }
     }
     $user = $session->getUser();
     $this->template->render(array("main_page" => "login_tpl.php", "title" => "Login", "user" => $user, "form_values" => $form_values, "form_errors" => $form_errors));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and read in list of users in the database. Allow filtering by online identity
  * and by the first letter of a user name. Display list in the page.
  * Available to members only
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->validUser()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     if ($page < 1) {
         $page = 1;
     }
     $userDAO = UserDAO::getInstance();
     $user_array = $paginator_page = null;
     $form_values = array("identity" => "", "startswith" => "");
     $form_values["identity"] = $identity = isset($_GET["identity"]) ? trim($_GET["identity"]) : "";
     $form_values["startswith"] = isset($_GET["startswith"]) ? trim($_GET["startswith"]) : "";
     $identity_array = array("steam", "xbox", "psn", "wii");
     $queryVars = array();
     if ($identity) {
         $found = false;
         for ($i = 0; $i < count($identity_array) && !$found; $i++) {
             if (strcmp($identity, $identity_array[$i]) == 0) {
                 $paginator = new Paginator($userDAO->countIdentity($identity), $PAGINATION_LIMIT);
                 $paginator_page = $paginator->getPage($page);
                 $user_array = $userDAO->allByIdentity($identity, array("limit" => $paginator_page, "order" => "userName ASC"));
                 $found = true;
             }
         }
         $queryVars["identity"] = $form_values["identity"];
     } else {
         if (!empty($form_values["startswith"]) && preg_match("/^[a-z]/", $form_values["startswith"])) {
             $paginator = new Paginator($userDAO->countLetter($form_values["startswith"]), $PAGINATION_LIMIT);
             $paginator_page = $paginator->getPage($page);
             $user_array = $userDAO->allByLetter($form_values["startswith"], array("limit" => $paginator_page, "order" => "userName ASC"));
             $queryVars["startswith"] = $form_values["startswith"];
         } else {
             $paginator = new Paginator($userDAO->count(), $PAGINATION_LIMIT);
             $paginator_page = $paginator->getPage($page);
             $user_array = $userDAO->all(array("limit" => $paginator_page, "order" => "userName ASC"));
         }
     }
     $this->template->render(array("title" => "View Userlist", "main_page" => "user_list_tpl.php", "user_array" => $user_array, "session" => $session, "paginator_page" => $paginator_page, "form_values" => $form_values, "queryVars" => $queryVars));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and Display form for editing an event entry. For POST requests,
  * check user credentials, check if event exists and then update entry in database.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     //if (!$user || !$user->isAdmin ()) {
     if (!$user || !$user->validUser()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $form_errors = array();
     $form_values = array("id" => "", "title" => "", "description" => "", "sanctioned" => "", "status" => "", "date" => "", "platform" => "");
     $eventDAO = EventDAO::getInstance();
     $event = null;
     if (!empty($_POST)) {
         $form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         $form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
         $form_values["platform"] = isset($_POST["platform"]) ? trim($_POST["platform"]) : "";
         $form_values["sanctioned"] = isset($_POST["sanctioned"]) ? trim($_POST["sanctioned"]) : "";
         $form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : "";
         $form_values["date"] = isset($_POST["date"]) ? trim($_POST["date"]) : "";
         if (empty($form_values["id"])) {
             $form_errors["id"] = "No id specified";
         }
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_values["description"])) {
             $form_errors["description"] = "No description specified";
         }
         if (empty($form_values["platform"])) {
             $form_errors["platform"] = "No platform specified";
         } else {
             if (!is_numeric($form_values["platform"])) {
                 $form_errors["platform"] = "Platform choice must be an integer value";
             } else {
                 $platformDAO = PlatformDAO::getInstance();
                 $platform = $platformDAO->load($form_values["platform"]);
                 if (!$platform) {
                     $form_errors["platform"] = "Invalid platform specified";
                 }
             }
         }
         if ($user->isAdmin() && empty($form_values["sanctioned"])) {
             $form_errors["sanctioned"] = "No sanctioned flag specified";
         } else {
             if ($user->isAdmin() && strcmp($form_values["sanctioned"], "true") != 0 && strcmp($form_values["sanctioned"], "false") != 0) {
                 $form_errors["sanctioned"] = "sanctioned flag must be a boolean value";
             }
         }
         if ($user->isAdmin() && empty($form_values["status"])) {
             $form_errors["status"] = "No status flag specified";
         } else {
             if ($user->isAdmin() && !is_numeric($form_values["status"])) {
                 $form_errors["status"] = "Status flag must be an integer value";
             } else {
                 if ($user->isAdmin()) {
                     $status = intval($form_values["status"]);
                     $tmp = new Event();
                     try {
                         $tmp->setStatus($status);
                     } catch (Exception $e) {
                         $form_errors["status"] = "Invalid value for status";
                     }
                 }
             }
         }
         if (empty($form_values["date"])) {
             $form_errors["date"] = "No date specified";
         } else {
             if (strtotime($_POST["date"]) == 0) {
                 $form_errors["date"] = "An invalid date was specified";
                 $form_values["date"] = "";
             }
         }
         if (empty($form_errors)) {
             $event = $eventDAO->load($form_values["id"]);
             if ($event && ($user->isAdmin() || $event->getUserId() == $user->getId())) {
                 $event->setTitle($form_values["title"]);
                 $event->setDescription($form_values["description"]);
                 $event->setPlatformId(intval($form_values["platform"]));
                 if ($user->isAdmin() || $user->validUser() && $user->getUserType() == User::TRUSTED_TYPE) {
                     $sanctioned_value = strcmp($form_values["sanctioned"], "true") == 0 ? true : false;
                     $event->setSanctioned($sanctioned_value);
                     $event->setStatus($form_values["status"]);
                 }
                 $pubtimestamp = strtotime($_POST["date"]);
                 $event->setDate($pubtimestamp);
                 $event->setUserId($user->id);
                 //print_r ($event);
                 if ($eventDAO->save($event)) {
                     // Attempt to ignore for regular admin edits
                     if ($event->getUserId() == $user->getId()) {
                         require_once joinPath(INCLUDES_DIR, "models", "Attendance.php");
                         Attendance::emailAttendees($event, $user);
                     }
                     $session->setMessage("Event details saved");
                     header("Location: edit_event.php?id={$event->getId()}");
                     return;
                 } else {
                     $session->setMessage("Event details could not be saved", Session::MESSAGE_ERROR);
                 }
             }
         } else {
             if (empty($form_errors["id"])) {
                 $event = $eventDAO->load($form_values["id"]);
             }
         }
     } else {
         if (!empty($_GET)) {
             $form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
             if (empty($form_values["id"])) {
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 $event = $eventDAO->load($form_values["id"]);
                 // Event does not exist. Pass null to template
                 if (!$event) {
                 } else {
                     if (!$user->isAdmin() && $event->userId != $user->id) {
                         $session->setMessage("Do not have permission to edit page", Session::MESSAGE_ERROR);
                         header("Location: " . BASE_URL);
                         return;
                     } else {
                         $form_values["id"] = $event->getId();
                         $form_values["title"] = $event->getTitle();
                         $form_values["description"] = $event->getDescription();
                         $form_values["sanctioned"] = $event->getSanctioned() == true ? "true" : "false";
                         $form_values["status"] = $event->getStatus();
                         $form_values["date"] = strftime("%d %B %Y", $event->getDate());
                         $form_values["platform"] = $event->getPlatformId();
                     }
                 }
             }
         }
     }
     $platformDAO = PlatformDAO::getInstance();
     $platform_array = $platformDAO->all();
     $this->template->render(array("title" => "Edit Event", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "edit_event_tpl.php", "session" => $session, "event" => $event, "form_values" => $form_values, "form_errors" => $form_errors, "platform_array" => $platform_array));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for editing an photo entry. For POST requests,
  * check user credentials, check if photo exists and then update entry in database.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $photoDAO = PhotoDAO::getInstance();
     $albumDAO = AlbumDAO::getInstance();
     $photo = null;
     $form_errors = array();
     $form_values = array("id" => "", "albumid" => "", "title" => "", "description" => "");
     if (!empty($_POST)) {
         $form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
         $form_values["albumid"] = isset($_POST["albumid"]) && is_numeric($_POST["albumid"]) ? intval($_POST["albumid"]) : "";
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         $form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
         if (empty($form_values["id"])) {
             $form_errors["id"] = "No id specified";
         }
         $photo = $photoDAO->load($form_values["id"]);
         if (!$photo) {
             $form_errors["id"] = "Photo does not exist";
         }
         if (empty($form_values["albumid"])) {
             $form_errors["albumid"] = "No albumid specified";
         } else {
             if (!$albumDAO->load($form_values["albumid"])) {
                 $form_errors["albumid"] = "Album does not exist";
             }
         }
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_values["description"])) {
             $form_errors["description"] = "No description specified";
         }
         // Check if image will be changed
         $upload_path = "";
         if (!empty($_FILES["imagefile"]) && $_FILES["imagefile"]["error"] != UPLOAD_ERR_NO_FILE) {
             if ($_FILES["imagefile"]["error"] != UPLOAD_ERR_OK) {
                 $form_errors["imagefile"] = "File upload failed";
             } else {
                 $info = getimagesize($_FILES["imagefile"]["tmp_name"]);
                 $path = pathinfo($_FILES["imagefile"]["name"]);
                 $upload_path = joinPath(Photo::UPLOAD_DIR, strftime("%Y_%m"), basename($_FILES['imagefile']['name']));
                 $thumbLoc = joinPath(Photo::THUMBNAIL_DIR, strftime("%Y_%m"), $path["filename"] . "_thumb.jpg");
                 $smallThumbLoc = joinPath(Photo::THUMBNAIL_DIR, strftime("%Y_%m"), $path["filename"] . "_thumb_small.jpg");
                 if (!$info || !(strtolower($path["extension"]) != ".png" && strtolower($path["extension"]) != ".jpg" && strtolower($path["extension"]) != ".jpeg")) {
                     $form_errors["imagefile"] = "An invalid file was uploaded";
                 } else {
                     if (file_exists($upload_path)) {
                         unlink($upload_path);
                         if (file_exists($thumbLoc)) {
                             unlink($thumbLoc);
                         }
                         if (file_exists($smallThumbLoc)) {
                             unlink($smallThumbLoc);
                         }
                         //$form_errors["imagefile"] = "Filename already exists.  Please choose different name or delete file first";
                     }
                 }
             }
         }
         if (empty($form_errors)) {
             $photo->setAlbumId($form_values["albumid"]);
             $photo->setTitle($form_values["title"]);
             $photo->setDescription($form_values["description"]);
             // New image has been uploaded
             if (!empty($_FILES["imagefile"]) && $_FILES["imagefile"]["error"] != UPLOAD_ERR_NO_FILE) {
                 if (!file_exists(dirname($upload_path))) {
                     mkdir(dirname($upload_path));
                 }
                 if (move_uploaded_file($_FILES["imagefile"]["tmp_name"], $upload_path)) {
                     $photo->setFileLoc($upload_path);
                     // Reset thumbnail location in case new image does not need a thumbnail
                     $photo->setThumbLoc("");
                     // Create thumbnail
                     if ($info[0] > Photo::MAX_WIDTH) {
                         $phpThumb = new phpThumb();
                         $phpThumb->setSourceFilename($photo->getFileLoc());
                         $phpThumb->setParameter('w', Photo::MAX_WIDTH);
                         $phpThumb->setParameter('config_output_format', 'jpeg');
                         if (!file_exists(dirname($thumbLoc))) {
                             mkdir(dirname($thumbLoc));
                         }
                         if ($phpThumb->GenerateThumbnail() && $phpThumb->RenderToFile($thumbLoc)) {
                             $photo->setThumbLoc($thumbLoc);
                             $phpThumb = new phpThumb();
                             $phpThumb->setSourceFilename($photo->getFileLoc());
                             $phpThumb->setParameter('h', Photo::SMALL_THUMB_HEIGHT);
                             $phpThumb->setParameter('config_output_format', 'jpeg');
                             $phpThumb->GenerateThumbnail();
                         } else {
                             if (file_exists($photo->getFileLoc())) {
                                 unlink($photo->getFileLoc());
                             }
                             $form_errors["imagefile"] = "Image larger than " . Photo::MAX_WIDTH . "x" . Photo::MAX_HEIGHT . " and thumbnail generation failed";
                         }
                     }
                 } else {
                     $form_errors["imagefile"] = "File could not be moved";
                 }
             }
             if (empty($form_errors["imagefile"])) {
                 if ($photoDAO->save($photo)) {
                     $session->setMessage("Photo saved");
                     header("Location: edit_photo.php?id={$photo->getId()}");
                     return;
                 } else {
                     $session->setMessage("Photo not saved");
                 }
             }
         } else {
             if (empty($form_errors["id"])) {
                 $photo = $photoDAO->load($form_values["id"]);
             }
         }
     } else {
         if (!empty($_GET)) {
             $form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
             if (empty($form_values["id"])) {
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 $photo = $photoDAO->load($form_values["id"]);
                 if ($photo) {
                     $form_values["id"] = $photo->getId();
                     $form_values["albumid"] = $photo->getAlbumId();
                     $form_values["title"] = $photo->getTitle();
                     $form_values["description"] = $photo->getDescription();
                 }
             }
         }
     }
     $album_array = $albumDAO->all();
     $this->template->render(array("title" => "Edit Photo", "session" => $session, "main_page" => "edit_photo_tpl.php", "photo" => $photo, "form_values" => $form_values, "form_errors" => $form_errors, "album_array" => $album_array));
 }
 /**
  * Run method with main page logic
  * 
  * Read in events from the database. Populate template and display an interface to administer event data
  * for allowing bulk deletion of events, deletion of a single
  * event, links to editing and viewing each event entry.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     // Check for admin user
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     if ($page < 1) {
         $page = 1;
     }
     $action = isset($_GET["action"]) ? trim($_GET["action"]) : "";
     $eventDAO = EventDAO::getInstance();
     $event_array = $paginator_page = null;
     $content_title = "";
     // Check for POST request and necessary variable for deletion
     if (!empty($_POST) && !empty($_POST["ids"]) && !empty($_POST["action"]) && empty($_POST["domodstatus"])) {
         $action = isset($_POST["action"]) ? trim($_POST["action"]) : "";
         if (!strcmp($action, "delete") == 0) {
             header("Location: " . BASE_URL);
             return;
         }
         $status = $eventDAO->deleteByIds($_POST["ids"]);
         if ($status) {
             $session->setMessage("Selected events deleted");
             header("Location: {$_SERVER["PHP_SELF"]}");
             return;
         } else {
             $session->setMessage("Deletion failed", Session::MESSAGE_ERROR);
             header("Location: {$_SERVER["PHP_SELF"]}");
             return;
         }
     } else {
         if (!empty($_GET) && !empty($_GET["ids"]) && !empty($_GET["domodstatus"])) {
             $status = isset($_GET["status"]) ? trim($_GET["status"]) : "";
             if (!empty($status)) {
                 $status = intval($status);
                 $tmp = new Event();
                 try {
                     $tmp->setStatus($status);
                 } catch (Exception $e) {
                     $session->setMessage("Invalid status choice");
                     header("Location: {$_SERVER["PHP_SELF"]}");
                     return;
                 }
             }
             $status = $eventDAO->saveStatusByIds($status, $_GET["ids"]);
             if ($status) {
                 $session->setMessage("Selected events updated");
                 header("Location: {$_SERVER["PHP_SELF"]}");
                 return;
             } else {
                 $session->setMessage("Update failed", Session::MESSAGE_ERROR);
                 header("Location: {$_SERVER["PHP_SELF"]}");
                 return;
             }
         } else {
             if (strcmp($action, "delete") == 0 && !empty($_GET["ids"])) {
                 $content_title = "Delete Events";
                 $event_array = $eventDAO->allByIds($_GET["ids"]);
             } else {
                 if (strcmp($action, "delete") == 0) {
                 } else {
                     $count = $eventDAO->count();
                     $paginator = new Paginator($count, $PAGINATION_LIMIT);
                     $paginator_page = $paginator->getPage($page);
                     $event_array = $eventDAO->all(array("limit" => $paginator_page, "joins" => true));
                 }
             }
         }
     }
     $this->template->render(array("title" => "Admin - Event Options", "main_page" => "event_options_tpl.php", "session" => $session, "event_array" => $event_array, "paginator_page" => $paginator_page, "action" => $action, "content_title" => $content_title));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for registration. For POST requests, check if the user
  * already exists. If not, create new User and AuthToken entries and send an email notification to the user
  * @access public
  */
 public function run()
 {
     $form_errors = array();
     $form_values = array("username" => "", "password" => "", "password2" => "", "ulid" => "");
     $session = Session::getInstance();
     $user = $session->getUser();
     // Session should not have a defined user
     if ($user != null) {
         $session->setMessage("You are already a user", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     if (!empty($_POST)) {
         $form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
         $form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
         $form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : "";
         $form_values["ulid"] = isset($_POST["ulid"]) ? trim($_POST["ulid"]) : "";
         if (empty($form_values["username"])) {
             $form_errors["username"] = "******";
         }
         if (empty($form_values["password"])) {
             $form_errors["password"] = "******";
         }
         if (empty($form_values["password2"])) {
             $form_errors["password"] = "******";
         }
         if (empty($form_values["ulid"])) {
             $form_errors["ulid"] = "No ulid specified";
         } else {
             if (!preg_match("/[a-z]{5,7}/", $form_values["ulid"])) {
                 $form_errors["ulid"] = "Ulid is not in the proper format.";
             }
         }
         $userDAO = UserDAO::getInstance();
         $user = $userDAO->loadByUsername($form_values["username"]);
         // User already exists
         if ($user != null) {
             $form_errors["username"] = "******";
         }
         if (strcmp($form_values["password"], $form_values["password2"]) != 0) {
             $form_errors["password"] = "******";
         }
         $user = $userDAO->loadByUlid($form_values["ulid"]);
         // User already exists
         if ($user != null) {
             $form_errors["ulid"] = "Ulid is already registered";
         }
         if (empty($form_errors)) {
             $user = new User();
             $user->setUsername($form_values["username"]);
             $user->setPassHash(sha1($form_values["password"]));
             $user->setUlid($form_values["ulid"]);
             $status = $userDAO->insert($user);
             if ($status) {
                 $token = new AuthToken();
                 $token->setUser($user);
                 $tokenDAO = AuthTokenDAO::getInstance();
                 $status = $tokenDAO->insert($token);
                 if ($status) {
                     $session->setMessage("Registration started. Check your email for a message to continue");
                     if (defined("SMTP_HOST") && strcmp(SMTP_HOST, "") != 0) {
                         $from_addr = EMAIL_ADDRESS;
                         //$to = "*****@*****.**";
                         $to = "{$form_values["ulid"]}@" . User::ISU_EMAIL_DOMAIN;
                         $subject = "Verify registration with " . SITE_NAME;
                         $body = "To start the next step of the registration process, click the verify link below and enter the requested information. If the URL does not appear as a link, copy the URL, paste it into your browser's address bar and proceed to the web page.\n\n" . joinPath(BASE_URL, "verify.php") . "?token={$token->getToken()}\n";
                         $headers = array("From" => $from_addr, "To" => $to, "Subject" => $subject);
                         $stmp = Mail::factory("smtp", array("host" => SMTP_HOST, "auth" => true, "username" => SMTP_USERNAME, "password" => SMTP_PASSWORD));
                         $mail = $stmp->send($to, $headers, $body);
                     }
                     header("Location: " . BASE_URL);
                     return;
                 }
             }
         }
     }
     $user = $session->getUser();
     $this->template->render(array("title" => "Register", "main_page" => "register_tpl.php", "user" => $user, "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values));
 }
 /**
  * Run method with main page logic
  * 
  * Reads in events for a given day or current day if no parameters are passed.
  * Allow filtering by platform id. Populate template and display event data on page.
  * @access public
  */
 public function run()
 {
     $PAGINATION_LIMIT = 10;
     $session = Session::getInstance();
     $user = $session->getUser();
     $eventDAO = EventDAO::getInstance();
     $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
     $platform_id = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
     $month = isset($_GET["month"]) && is_numeric($_GET["month"]) ? intval($_GET["month"]) : 0;
     $day = isset($_GET["day"]) && is_numeric($_GET["day"]) ? intval($_GET["day"]) : 0;
     $year = isset($_GET["year"]) && is_numeric($_GET["year"]) ? intval($_GET["year"]) : 0;
     if ($page < 1) {
         $page = 1;
     }
     $count = $paginator = $paginator_page = $event_array = $next_eventday = $prev_eventday = $queryVars = $current_platform = null;
     if ($platform_id > 0 && checkdate($month, $day, $year)) {
         $start = mktime(0, 0, 0, $month, $day, $year);
         $end = strtotime("+1 day", $start) - 1;
         $count = $eventDAO->countPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end);
         $paginator = new Paginator($count, $PAGINATION_LIMIT);
         $paginator_page = $paginator->getPage($page);
         $event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
         $queryVars = array("platform" => $platform_id);
     } else {
         if ($platform_id > 0) {
             $start = mktime(0, 0, 0);
             $end = strtotime("+1 day", $start) - 1;
             $count = $eventDAO->countPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end);
             $paginator = new Paginator($count, $PAGINATION_LIMIT);
             $paginator_page = $paginator->getPage($page);
             $event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
             $queryVars = array("platform" => $platform_id);
         } else {
             if (checkdate($month, $day, $year)) {
                 $start = mktime(0, 0, 0, $month, $day, $year);
                 $end = strtotime("+1 day", $start) - 1;
                 $count = $eventDAO->countStatusAndRange(Event::APPROVED_STATUS, $start, $end);
                 $paginator = new Paginator($count, $PAGINATION_LIMIT);
                 $paginator_page = $paginator->getPage($page);
                 $event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
             } else {
                 $start = mktime(0, 0, 0);
                 $end = strtotime("+1 day", $start) - 1;
                 $count = $eventDAO->countStatusAndRange(Event::APPROVED_STATUS, $start, $end);
                 $paginator = new Paginator($count, $PAGINATION_LIMIT);
                 $paginator_page = $paginator->getPage($page);
                 $event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
             }
         }
     }
     $platformDAO = PlatformDAO::getInstance();
     $platform_array = $platformDAO->all();
     if ($platform_id > 0) {
         $current_platform = $platformDAO->load($platform_id);
         $next_eventday = $eventDAO->loadByNextDayPlatform($platform_id, $end, Event::APPROVED_STATUS);
         $prev_eventday = $eventDAO->loadByPreviousDayPlatform($platform_id, $start, Event::APPROVED_STATUS);
     } else {
         $next_eventday = $eventDAO->loadByNextDay($end, Event::APPROVED_STATUS);
         $prev_eventday = $eventDAO->loadByPreviousDay($start, Event::APPROVED_STATUS);
     }
     $this->template->render(array("title" => "Event List for day " . strftime(strftime("%B %d, %Y", $start)), "main_page" => "events_day_tpl.php", "event_array" => $event_array, "session" => $session, "paginator_page" => $paginator_page, "start" => $start, "end" => $end, "next_eventday" => $next_eventday, "prev_eventday" => $prev_eventday, "sidebar_extra" => joinPath("fragments", "event_sidebar_tpl.php"), "platform_array" => $platform_array, "queryVars" => $queryVars, "current_platform" => $current_platform));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for editing an article entry. For POST requests,
  * check user credentials, check if article exists and then update entry in database.
  * Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $form_errors = array();
     $form_values = array("id" => "", "title" => "", "content" => "", "postDate" => "", "updateDate" => "", "published" => "", "tags" => "");
     $articleDAO = ArticleDAO::getInstance();
     $tagDAO = ArticleTagDAO::getInstance();
     $article = null;
     if (!empty($_POST)) {
         $form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         $form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : "";
         $form_values["postDate"] = isset($_POST["postDate"]) ? trim($_POST["postDate"]) : "";
         $form_values["updateDate"] = isset($_POST["updateDate"]) ? trim($_POST["updateDate"]) : "";
         $form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : "";
         $form_values["tags"] = isset($_POST["tags"]) ? trim($_POST["tags"]) : "";
         if (empty($form_values["id"])) {
             $form_errors["id"] = "No id specified";
         }
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_values["content"])) {
             $form_errors["content"] = "No content specified";
         }
         if (empty($form_values["postDate"])) {
             $form_errors["postDate"] = "No post date specified";
         } else {
             if (strtotime($form_values["postDate"]) == 0) {
                 $form_errors["postDate"] = "An invalid post date was specified";
                 $form_values["postDate"] = "";
             }
         }
         if (!empty($form_values["updateDate"]) && strtotime($form_values["updateDate"]) == 0) {
             $form_errors["updateDate"] = "An invalid update date was specified";
             $form_values["updateDate"] = "";
         }
         if ($form_values["published"] != "true" && $form_values["published"] != "false") {
             $form_errors["published"] = "Invalid published choice";
         }
         if (empty($form_errors)) {
             $article = $articleDAO->load($form_values["id"]);
             if ($article && ($user->isAdmin() || $article->userId == $user->id)) {
                 $article->setTitle($form_values["title"]);
                 $article->setContent($form_values["content"]);
                 $article->setPostDate(strtotime($form_values["postDate"]));
                 if (!empty($form_values["updateDate"])) {
                     $article->setUpdateDate(strtotime($form_values["updateDate"]));
                 }
                 //$article->setUpdateDate (time ());
                 $published = $form_values["published"] == "true" ? 1 : 0;
                 $article->setPublished($published);
                 $article->setUserId($user->id);
                 $sorted_tag_array = ArticleTag::tagsFromString($form_values["tags"]);
                 $sorted_tags = implode(" ", $sorted_tag_array);
                 $article->setTags($sorted_tags);
                 //print_r ($article);
                 if ($articleDAO->save($article)) {
                     $tagDAO->updateTags($article);
                     $session->setMessage("Article details saved");
                     header("Location: edit_article.php?id={$article->id}");
                     return;
                 } else {
                     $session->setMessage("Article details could not be saved", Session::MESSAGE_ERROR);
                 }
             } else {
                 $session->setMessage("Do not have permission to edit the article", Session::MESSAGE_ERROR);
                 header("Location: " . BASE_URL);
                 return;
             }
         } else {
             if (empty($form_errors["id"])) {
                 $article = $articleDAO->load($form_values["id"]);
             }
         }
     } else {
         if (!empty($_GET)) {
             $form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
             if (empty($form_values["id"])) {
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 $article = $articleDAO->load($form_values["id"]);
                 // Article does not exist. Pass null to template
                 if (!$article) {
                 } else {
                     if (!$user->isAdmin() && $article->userId != $user->id) {
                         $session->setMessage("Do not have permission to edit article", Session::MESSAGE_ERROR);
                         header("Location: " . BASE_URL);
                         return;
                     } else {
                         $form_values["id"] = $article->getId();
                         $form_values["title"] = $article->getTitle();
                         $form_values["content"] = $article->getContent();
                         $form_values["published"] = $article->getPublished() == true ? "true" : "false";
                         $form_values["postDate"] = strftime("%d %B %Y", $article->getPostDate());
                         $form_values["updateDate"] = $article->getUpdateDate() > 0 ? strftime("%d %B %Y", $article->getUpdateDate()) : "";
                         $form_values["tags"] = $article->getTags();
                     }
                 }
             }
         }
     }
     $this->template->render(array("title" => "Edit Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "edit_article_tpl.php", "session" => $session, "article" => $article, "form_errors" => $form_errors, "form_values" => $form_values));
 }
 /**
  * Run method with main page logic
  * 
  * Display a form for a user to confirm his/her user identity that was previously stored in the
  * database. For POST requests, check that an AuthToken exists and that the user credentials entered in
  * the form match the credentials of the user stored in the database. If true,
  * alter the user's status to NEEDADMIN and make a session message indicating the next step in the process.
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     // Session should not have a defined user
     if ($session->getUser() != null) {
         $session->setMessage("You are already a user", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $form_errors = array();
     $form_values = array("username" => "", "password" => "", "token" => "");
     $tokenDAO = AuthTokenDAO::getInstance();
     // Do garbage collection on token table
     //$tokenDAO->garbageCollect ();
     //return;
     // Register form
     if (!empty($_POST)) {
         $form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
         $form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
         $form_values["token"] = isset($_POST["token"]) ? trim($_POST["token"]) : "";
         if (empty($form_values["username"])) {
             $form_errors["username"] = "******";
         }
         if (empty($form_values["password"])) {
             $form_errors["password"] = "******";
         }
         if (empty($form_values["token"])) {
             $tokenDAO->garbageCollect();
             header("Location: " . BASE_URL);
             return;
         }
         $token = $tokenDAO->loadByToken($form_values["token"], array("joins" => true));
         // No corresponding token exists
         if ($token == null) {
             $tokenDAO->garbageCollect();
             header("Location: " . BASE_URL);
             return;
         } else {
             if ($token->getExpireTime() < time() - AuthToken::MAX_EXPIRE) {
                 $userDAO->delete($token->getUser());
                 $tokenDAO->delete($token);
                 $session->setMessage("Token has expired. Profile has been deleted");
                 $tokenDAO->garbageCollect();
                 header("Location: " . BASE_URL);
                 return;
             }
         }
         // Check password and status of pending user
         $user = $token->getUser();
         $pass_hash = sha1($form_values["password"]);
         if (strcmp($user->getUsername(), $form_values["username"]) != 0) {
             $form_errors["username"] = "******";
         } else {
             if (strcmp($user->getPasshash(), $pass_hash) != 0) {
                 $tokenDAO->garbageCollect();
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 if ($user->getStatus() == User::STATUS_OK) {
                     $tokenDAO->garbageCollect();
                     header("Location: " . BASE_URL);
                     return;
                 }
             }
         }
         // Form and token are valid. Change user status
         if (empty($form_errors)) {
             $user->setStatus(User::STATUS_NEEDADMIN);
             $user->setUserType(User::REGUSER_TYPE);
             $userDAO = UserDAO::getInstance();
             if (!$userDAO->save($user)) {
                 $session->setMessage("Could not alter profile");
             } else {
                 //$session->setUser ($user);
                 $session->setMessage("Now awaiting admin approval");
                 $tokenDAO->delete($token);
             }
             $tokenDAO->garbageCollect();
             header("Location: " . BASE_URL);
             return;
         }
     } else {
         if (!empty($_GET)) {
             $token_string = isset($_GET["token"]) ? trim($_GET["token"]) : "";
             $form_values["token"] = $token_string;
             if (empty($token_string)) {
                 $tokenDAO->garbageCollect();
                 header("Location: " . BASE_URL);
                 return;
             } else {
                 $token = $tokenDAO->loadByToken($token_string, array("joins" => true));
                 // Token does not exist. Redirect
                 if ($token == null) {
                     $tokenDAO->garbageCollect();
                     header("Location: " . BASE_URL);
                     return;
                 } else {
                     if ($token->getUser()->getStatus() != User::STATUS_PENDING) {
                         $tokenDAO->garbageCollect();
                         header("Location: " . BASE_URL);
                         return;
                     } else {
                         if ($token->getExpireTime() < time() - AuthToken::MAX_EXPIRE) {
                             $userDAO->delete($token->getUser());
                             $tokenDAO->delete($token);
                             $session->setMessage("Token has expired. Profile has been deleted", Session::MESSAGE_ERROR);
                             $tokenDAO->garbageCollect();
                             header("Location: " . BASE_URL);
                             return;
                         }
                     }
                 }
             }
         } else {
             header("Location: " . BASE_URL);
             return;
         }
     }
     // Do garbage collection on token table
     $tokenDAO->garbageCollect();
     $this->template->render(array("title" => "Verify Account", "main_page" => "verify_tpl.php", "form_values" => $form_values, "form_errors" => $form_errors));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for editing an profile entry. For POST requests,
  * check user credentials, check if profile exists and then update entry in database.
  * Available to members only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if ($user == null || !$user->validUser()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $userDAO = UserDAO::getInstance();
     $alter_user = null;
     $form_errors = array();
     $form_values = array("id" => "", "password" => "", "password2" => "", "status" => "", "usertype" => "", "steamId" => "", "xboxId" => "", "psnId" => "", "wiiId" => "");
     // Check form
     if (!empty($_POST)) {
         $form_values["id"] = isset($_POST["id"]) ? trim($_POST["id"]) : "";
         $form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
         $form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : "";
         $form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : "";
         $form_values["usertype"] = isset($_POST["usertype"]) ? trim($_POST["usertype"]) : "";
         $form_values["steamId"] = isset($_POST["steamId"]) ? trim($_POST["steamId"]) : "";
         $form_values["xboxId"] = isset($_POST["xboxId"]) ? trim($_POST["xboxId"]) : "";
         $form_values["psnId"] = isset($_POST["psnId"]) ? trim($_POST["psnId"]) : "";
         $form_values["wiiId"] = isset($_POST["wiiId"]) ? trim($_POST["wiiId"]) : "";
         if (empty($form_values["id"])) {
             $form_errors["id"] = "User id not set";
         }
         if (empty($form_values["password"]) && empty($form_values["password2"])) {
         } else {
             if (empty($form_values["password"])) {
                 $form_errors["password"] = "******";
             } else {
                 if (empty($form_values["password2"])) {
                     $form_errors["password"] = "******";
                 } else {
                     if (strcmp($form_values["password"], $form_values["password2"]) != 0) {
                         $form_errors["password"] = "******";
                         $form_values["password2"] = "";
                     }
                 }
             }
         }
         if ($user->isAdmin() && !empty($form_values["status"])) {
             if (!is_numeric($form_values["status"])) {
                 $form_errors["status"] = "Status must be a number";
             } else {
                 $status = intval($form_values["status"]);
                 $tmp = new User();
                 try {
                     $tmp->setUserType($status);
                 } catch (InvalidUserTypeException $e) {
                     $form_errors["status"] = "Invalid value for status";
                 }
             }
         } else {
             if ($user->isAdmin() && empty($form_values["status"])) {
                 $form_errors["status"] = "Status not defined";
             }
         }
         if ($user->isAdmin() && !empty($form_values["usertype"])) {
             if (!is_numeric($form_values["usertype"])) {
                 $form_errors["usertype"] = "Status must be a number";
             }
             $tmp = new User();
             try {
                 $tmp->setUserType($status);
             } catch (InvalidStatusException $e) {
                 $form_errors["usertype"] = "Invalid value for status";
             }
         } else {
             if ($user->isAdmin() && !empty($form_values["usertype"])) {
                 $form_errors["usertype"] = "Type not defined";
             }
         }
         // Regular expression check for identities
         if (!empty($form_values["steamId"])) {
             if (strlen($form_values["steamId"]) > 20) {
                 $form_errors["steamId"] = "Steam ID too long";
             } else {
                 if (!preg_match("/^([A-Za-z0-9_]{3,20})\$/", $form_values["steamId"])) {
                     $form_errors["steamId"] = "Steam ID is not valid";
                 }
             }
         }
         if (!empty($form_values["xboxId"])) {
             if (strlen($form_values["xboxId"]) > 15) {
                 $form_errors["xboxId"] = "Xbox gamertag too long";
             } else {
                 if (!preg_match("/^[A-Za-z0-9 ]{3,15}\$/", $form_values["xboxId"])) {
                     $form_errors["xboxId"] = "Xbox gamertag is not valid";
                 }
             }
         }
         if (!empty($form_values["psnId"])) {
             if (strlen($form_values["psnId"]) > 16) {
                 $form_errors["psnId"] = "PSN ID too long";
             } else {
                 if (!preg_match("/^([A-Za-z0-9-_]+){3,16}\$/", $form_values["psnId"])) {
                     $form_errors["psnId"] = "PSN ID is not valid";
                 }
             }
         }
         if (!empty($form_values["wiiId"])) {
             if (strlen($form_values["wiiId"]) > 20) {
                 $form_errors["wiiId"] = "Steam Id too long";
             } else {
                 if (!preg_match("/^([0-9]{4}[- ][0-9]{4}[- ][0-9]{4}[- ][0-9]{4})\$/", $form_values["wiiId"])) {
                     $form_errors["wiiId"] = "Wii Friend Code is not valid";
                 }
             }
         }
         // No errors found
         if (empty($form_errors)) {
             // Status call not done
             $alter_user = $userDAO->load($form_values["id"]);
             if ($alter_user != null) {
                 if ($session->getUser()->isAdmin() || $alter_user->getId() == $session->getUser()->id) {
                     if (!empty($form_values["password"])) {
                         $alter_user->setPassHash(sha1($form_values["password"]));
                     }
                     if (!empty($form_values["status"])) {
                         $alter_user->setStatus(intval($form_values["status"]));
                     }
                     if (!empty($form_values["usertype"])) {
                         $alter_user->setUserType(intval($form_values["usertype"]));
                     }
                     if (!empty($form_values["steamId"])) {
                         $alter_user->setSteamId($form_values["steamId"]);
                     }
                     if (!empty($form_values["xboxId"])) {
                         $alter_user->setXboxId($form_values["xboxId"]);
                     }
                     if (!empty($form_values["psnId"])) {
                         $alter_user->setPsnId($form_values["psnId"]);
                     }
                     if (!empty($form_values["wiiId"])) {
                         $alter_user->setWiiId($form_values["wiiId"]);
                     }
                     // Save profile
                     if ($userDAO->save($alter_user)) {
                         $session->setMessage("User profile altered");
                         header("Location: {$_SERVER["PHP_SELF"]}?id={$alter_user->id}");
                         return;
                     } else {
                         $session->setMessage("User profile not altered", Session::MESSAGE_ERROR);
                     }
                 } else {
                     header("Location: " . BASE_URL);
                     return;
                 }
             }
         } else {
             if (empty($form_errors["id"])) {
                 $alter_user = $userDAO->load($form_values["id"]);
             }
         }
     } else {
         if (!empty($_GET)) {
             $form_values["id"] = isset($_GET["id"]) ? trim($_GET["id"]) : "";
             if (empty($form_values["id"])) {
                 $form_errors["id"] = "User id not set";
             }
             if (empty($form_errors)) {
                 $alter_user = $userDAO->load($form_values["id"]);
                 // Value is null so user does not exist. Allow null to be passed to template
                 if (!$alter_user) {
                 } else {
                     if ($session->getUser()->isAdmin()) {
                         $form_values["steamId"] = $alter_user->getSteamId();
                         $form_values["xboxId"] = $alter_user->getXboxId();
                         $form_values["psnId"] = $alter_user->getPsnId();
                         $form_values["wiiId"] = $alter_user->getWiiId();
                     } else {
                         if (!$session->getUser()->isAdmin() && $alter_user->getId() != $session->getUser()->getId()) {
                             $session->setMessage("Do not have permission", Session::MESSAGE_ERROR);
                             header("Location: " . BASE_URL);
                             return;
                         } else {
                             $form_values["steamId"] = $alter_user->getSteamId();
                             $form_values["xboxId"] = $alter_user->getXboxId();
                             $form_values["psnId"] = $alter_user->getPsnId();
                             $form_values["wiiId"] = $alter_user->getWiiId();
                         }
                     }
                 }
             }
         } else {
             header("Location: " . BASE_URL);
             return;
         }
     }
     $this->template->render(array("title" => "Edit Profile", "main_page" => "edit_profile_tpl.php", "session" => $session, "alter_user" => $alter_user, "form_errors" => $form_errors, "form_values" => $form_values));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for creating a new event entry. Regular users are allowed to create events but an
  * admin must approve them before they are visible on the site. Trusted users are allowed to create
  * events that will immediately be visible on the event calendar. For POST request,
  * validate form data and save information to database. Available to members only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     //if (!$user || !$user->isAdmin ()) {
     if (!$user || !$user->validUser()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $form_errors = array();
     $form_values = array("title" => "", "description" => "", "sanctioned" => "", "status" => "", "date" => "", "platform" => "");
     $eventDAO = EventDAO::getInstance();
     //$event_array = $eventDAO->all ();
     if (!empty($_POST)) {
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         $form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
         $form_values["platform"] = isset($_POST["platform"]) ? trim($_POST["platform"]) : "";
         $form_values["sanctioned"] = isset($_POST["sanctioned"]) ? trim($_POST["sanctioned"]) : "";
         $form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : "";
         $form_values["date"] = isset($_POST["date"]) ? trim($_POST["date"]) : "";
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_values["description"])) {
             $form_errors["description"] = "No description specified";
         }
         if (empty($form_values["platform"])) {
             $form_errors["platform"] = "No platform specified";
         } else {
             if (!is_numeric($form_values["platform"])) {
                 $form_errors["platform"] = "Platform choice must be an integer value";
             } else {
                 $platform = intval($form_values["platform"]);
                 $tmp = new Event();
                 try {
                     $tmp->setPlatformId($platform);
                 } catch (Exception $e) {
                     $form_errors["platform"] = "Invalid value for platform";
                 }
             }
         }
         if ($user->isAdmin() && empty($form_values["sanctioned"])) {
             $form_errors["sanctioned"] = "No sanctioned flag specified";
         } else {
             if ($user->isAdmin() && strcmp($form_values["sanctioned"], "true") != 0 && strcmp($form_values["sanctioned"], "false") != 0) {
                 $form_errors["sanctioned"] = "sanctioned flag must be a boolean value";
             }
         }
         if ($user->isAdmin() && empty($form_values["status"])) {
             $form_errors["status"] = "No status flag specified";
         } else {
             if ($user->isAdmin() && !is_numeric($form_values["status"])) {
                 $form_errors["status"] = "Status flag must be an integer value";
             } else {
                 if ($user->isAdmin()) {
                     $status = intval($form_values["status"]);
                     $tmp = new Event();
                     try {
                         $tmp->setStatus($status);
                     } catch (Exception $e) {
                         $form_errors["status"] = "Invalid value for status";
                     }
                 }
             }
         }
         if (empty($form_values["date"])) {
             $form_errors["date"] = "No date specified";
         } else {
             if (strtotime($_POST["date"]) == 0) {
                 $form_errors["date"] = "An invalid date was specified";
                 $form_values["date"] = "";
             }
         }
         if (empty($form_errors)) {
             $event = new Event();
             $event->setTitle($form_values["title"]);
             $event->setDescription($form_values["description"]);
             $event->setPlatformId(intval($form_values["platform"]));
             if ($user->isAdmin() || $user->validUser() && $user->getUserType() == User::TRUSTED_TYPE) {
                 $sanctioned_value = strcmp($form_values["sanctioned"], "true") == 0 ? true : false;
                 $event->setSanctioned($sanctioned_value);
                 $event->setStatus($form_values["status"]);
             } else {
                 if ($user->validUser()) {
                     $event->setSanctioned(false);
                     $event->setStatus(Event::PENDING_STATUS);
                 }
             }
             $pubtimestamp = strtotime($_POST["date"]);
             $event->setDate($pubtimestamp);
             $event->setUserId($user->id);
             //print_r ($event);
             if ($eventDAO->insert($event)) {
                 $session->setMessage("Event details saved");
                 header("Location: edit_event.php?id={$event->id}");
                 return;
             } else {
                 $session->setMessage("Event details could not be saved", Session::MESSAGE_ERROR);
             }
         }
     }
     $platformDAO = PlatformDAO::getInstance();
     $platform_array = $platformDAO->all();
     $this->template->render(array("title" => "Create Event", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "create_event_tpl.php", "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values, "platform_array" => $platform_array));
 }
 /**
  * Run method with main page logic
  * 
  * Only read in session data. Populate template and display index page.
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     $this->template->render(array("title" => "Index", "user" => $user, "session" => $session));
 }
 /**
  * Run method with main page logic
  * 
  * Populate template and display form for creating a new article entry. For POST requests,
  * validate form data and save information to database. Available to admins only
  * @access public
  */
 public function run()
 {
     $session = Session::getInstance();
     $user = $session->getUser();
     if (!$user || !$user->isAdmin()) {
         $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
         header("Location: " . BASE_URL);
         return;
     }
     $form_errors = array();
     $form_values = array("title" => "", "content" => "", "postDate" => "", "published" => "", "tags" => "");
     $articleDAO = ArticleDAO::getInstance();
     $tagDAO = ArticleTagDAO::getInstance();
     if (!empty($_POST)) {
         $form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
         $form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : "";
         $form_values["postDate"] = isset($_POST["postDate"]) ? trim($_POST["postDate"]) : "";
         $form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : "";
         $form_values["tags"] = isset($_POST["tags"]) ? trim($_POST["tags"]) : "";
         if (empty($form_values["title"])) {
             $form_errors["title"] = "No title specified";
         }
         if (empty($form_values["content"])) {
             $form_errors["content"] = "No content specified";
         }
         if (empty($form_values["postDate"])) {
             $form_errors["postDate"] = "No post date specified";
         } else {
             if (strtotime($_POST["postDate"]) == 0) {
                 $form_errors["postDate"] = "An invalid post date was specified";
                 $form_values["postDate"] = "";
             }
         }
         if ($form_values["published"] != "true" && $form_values["published"] != "false") {
             $form_errors["published"] = "Invalid published choice";
         }
         if (empty($form_errors)) {
             $article = new Article();
             $article->setTitle($form_values["title"]);
             $article->setContent($form_values["content"]);
             $article->setPostDate(strtotime($form_values["postDate"]));
             $article->setUpdateDate(0);
             $published = $form_values["published"] == "true" ? 1 : 0;
             $article->setPublished($published);
             $article->setUserId($user->id);
             //$article->setTags ($form_values["tags"]);
             $sorted_tag_array = ArticleTag::tagsFromString($form_values["tags"]);
             $sorted_tags = implode(" ", $sorted_tag_array);
             $article->setTags($sorted_tags);
             if ($articleDAO->insert($article)) {
                 $tagDAO->updateTags($article);
                 $session->setMessage("Article details saved");
                 header("Location: edit_article.php?id={$article->id}");
                 return;
             } else {
                 $session->setMessage("Article details could not be saved", Session::MESSAGE_ERROR);
             }
         }
     }
     $this->template->render(array("title" => "Create Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "create_article_tpl.php", "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values));
 }