public function view() { $u = new User(); $ui = UserInfo::getByID($u->getUserID()); Loader::model("page_statistics"); Loader::model("user_statistics"); $timeStr = ''; if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $timeStr = '%x ' . t('at') . ' %I:%M %p'; } else { $timeStr = '%x ' . t('at') . ' %l:%M %p'; } if (is_object($ui)) { $this->set('uLastLogin', strftime($timeStr, $ui->getLastLogin('user'))); $this->set('uName', $ui->getUserName()); $this->set('lastEditSite', strftime($timeStr, strtotime(PageStatistics::getSiteLastEdit('user')))); $llu = UserStatistics::getLastLoggedInUser(); if ($llu->getUserID() == $u->getUserID()) { $this->set('lastLoginSite', t('Your login is the most recent.')); } else { $this->set('lastLoginSite', strftime($timeStr, $llu->getLastLogin())); } Loader::block('form'); } $this->set('totalFormSubmissions', FormBlockStatistics::getTotalSubmissions()); $this->set('totalFormSubmissionsToday', FormBlockStatistics::getTotalSubmissions(date('Y-m-d'))); }
protected function setUser(User $user) { $this->user = $user; $_SESSION['userID'] = $user->getUserID(); $_SESSION['auth_userID'] = $user->getUserID(); $_SESSION['auth'] = $user->getAuthenticationAuthorityIndex(); $_SESSION['ping'] = time(); }
/** * Gets total page views for everyone but the passed user object. * * @param \User $u * @param date $date * * @return int */ public static function getTotalPageViewsForOthers($u, $date = null) { $db = Loader::db(); if ($date != null) { $v = array($u->getUserID(), $date); return $db->GetOne("select count(pstID) from PageStatistics where uID <> ? and date = ?", $v); } $v = array($u->getUserID()); return $db->GetOne("select count(pstID) from PageStatistics where uID <> ?", $v); }
public function check($content, $type, $additionalArgs = array()) { if ($this->controller) { $args['ip_address'] = Loader::helper('validation/ip')->getRequestIP(); $args['user_agent'] = $_SERVER['HTTP_USER_AGENT']; $args['content'] = $content; foreach ($additionalArgs as $key => $value) { $args[$key] = $value; } if (isset($args['user']) && is_object($args['user'])) { $u = $args['user']; } else { $u = new User(); } if (!isset($args['email']) && $u->isRegistered()) { $ui = UserInfo::getByID($u->getUserID()); $args['email'] = $ui->getUserEmail(); } $r = $this->controller->check($args); if ($r) { return true; } else { $c = Page::getCurrentPage(); if (is_object($c)) { $logText .= t('URL: %s', Loader::helper('navigation')->getLinkToCollection($c, true)); $logText .= "\n"; } if ($u->isRegistered()) { $logText .= t('User: %s (ID %s)', $u->getUserName(), $u->getUserID()); $logText .= "\n"; } $logText .= t('Type: %s', Loader::helper('text')->unhandle($type)); $logText .= "\n"; foreach ($args as $key => $value) { $logText .= Loader::helper('text')->unhandle($key) . ': ' . $value . "\n"; } if (Config::get('ANTISPAM_LOG_SPAM')) { Log::addEntry($logText, t('spam')); } if (Config::get('ANTISPAM_NOTIFY_EMAIL') != '') { $mh = Loader::helper('mail'); $mh->to(Config::get('ANTISPAM_NOTIFY_EMAIL')); $mh->addParameter('content', $logText); $mh->load('spam_detected'); $mh->sendMail(); } return false; } } else { return true; // return true if it passes the test } }
public function delete($cID = false, $token = false) { if (Loader::helper('validation/token')->validate('delete', $token)) { $s = Stack::getByID($cID); if (is_object($s)) { $sps = new Permissions($s); if ($sps->canDeletePage()) { $u = new User(); $pkr = new DeletePagePageWorkflowRequest(); $pkr->setRequestedPage($s); $pkr->setRequesterUserID($u->getUserID()); $response = $pkr->trigger(); if ($response instanceof WorkflowProgressResponse) { // we only get this response if we have skipped workflows and jumped straight in to an approve() step. $this->redirect('/dashboard/blocks/stacks', 'stack_deleted'); } else { $this->redirect('/dashboard/blocks/stacks', 'view_details', $cID, 'delete_saved'); } } else { $this->error->add(t('You do not have access to delete this stack.')); } } else { $this->error->add(t('Invalid stack')); } } else { $this->error->add(Loader::helper('validation/token')->getErrorMessage()); } }
/** * Adds a key to the database. * * @static * @param int $keyID * @param string $vCode * @param null|string $label * @return string */ public static function addKey($keyID, $vCode, $label = null) { $userID = User::getUserID(); if ($userID == null) { $userID = 0; } $exists = Db::queryRow("SELECT userID, keyID, vCode FROM zz_api WHERE keyID = :keyID AND vCode = :vCode", array(":keyID" => $keyID, ":vCode" => $vCode), 0); if ($exists == null) { // Insert the api key Db::execute("replace into zz_api (userID, keyID, vCode, label) VALUES (:userID, :keyID, :vCode, :label)", array(":userID" => $userID, ":keyID" => $keyID, ":vCode" => $vCode, ":label" => $label)); } else { if ($exists["userID"] == 0) { // Someone already gave us this key anonymously, give it to this user Db::execute("UPDATE zz_api SET userID = :userID, label = :label WHERE keyID = :keyID", array(":userID" => $userID, ":label" => $label, ":keyID" => $keyID)); return "keyID {$keyID} previously existed in our database but has now been assigned to you."; } else { return "keyID {$keyID} is already in the database..."; } } $pheal = Util::getPheal($keyID, $vCode); $result = $pheal->accountScope->APIKeyInfo(); $key = $result->key; $keyType = $key->type; if ($keyType == "Account") { $keyType = "Character"; } $ip = IP::get(); Log::log("API: {$keyID} has been added. Type: {$keyType} ({$ip})"); return "Success, your {$keyType} key has been added."; }
public function __construct() { Loader::model('user_statistics'); Loader::model('page_statistics'); $u = new User(); $ui = UserInfo::getByID($u->getUserID()); $us = new UserStatistics($ui); $this->set('uLastActivity', $us->getPreviousSessionPageViews()); $timeStr = ''; if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $timeStr = '%x ' . t('at') . ' %I:%M %p'; } else { $timeStr = '%x ' . t('at') . ' %l:%M %p'; } $this->set('uLastLogin', strftime($timeStr, $ui->getLastLogin('user'))); $this->set('uName', $ui->getUserName()); $this->set('totalViews', PageStatistics::getTotalPageViewsForOthers($u)); $this->set('totalVersions', PageStatistics::getTotalPageVersions()); $this->set('lastEditSite', strftime($timeStr, strtotime(PageStatistics::getSiteLastEdit('user')))); $llu = UserStatistics::getLastLoggedInUser(); if ($llu->getUserID() == $u->getUserID()) { $this->set('lastLoginSite', t('Your login is the most recent.')); } else { $this->set('lastLoginSite', strftime($timeStr, $llu->getLastLogin())); } $this->set('totalEditMode', PageStatistics::getTotalPagesCheckedOut()); Loader::block('form'); $this->set('totalFormSubmissions', FormBlockStatistics::getTotalSubmissions()); $this->set('totalFormSubmissionsToday', FormBlockStatistics::getTotalSubmissions(date('Y-m-d'))); }
public function view($userID = 0) { if (!ENABLE_USER_PROFILES) { $this->render("/page_not_found"); } $html = Loader::helper('html'); $canEdit = false; $u = new User(); if ($userID > 0) { $profile = UserInfo::getByID($userID); if (!is_object($profile)) { throw new Exception('Invalid User ID.'); } } else { if ($u->isRegistered()) { $profile = UserInfo::getByID($u->getUserID()); $canEdit = true; } else { $this->set('intro_msg', t('You must sign in order to access this page!')); $this->render('/login'); } } $this->set('profile', $profile); $this->set('av', Loader::helper('concrete/avatar')); $this->set('t', Loader::helper('text')); $this->set('canEdit', $canEdit); }
public function file_sets_add() { extract($this->getHelperObjects()); Loader::model('file_set'); if (!$validation_token->validate("file_sets_add")) { $this->set('error', array($validation_token->getErrorMessage())); $this->view(); return; } if (!$this->post('file_set_name')) { $this->set('error', array(t('Please Enter a Name'))); $this->view(); return; } //print('<pre>');print_r(get_included_files());print('</pre>'); $u = new User(); $file_set = new FileSet(); //AS: Adodb Active record is complaining a ?/value array mismatch unless //we explicatly set the primary key ID field to null $file_set->fsID = null; $file_set->fsName = $this->post('file_set_name'); $file_set->fsType = FileSet::TYPE_PUBLIC; $file_set->uID = $u->getUserID(); $file_set->fsOverrideGlobalPermissions = $this->post('fsOverrideGlobalPermissions') == 1 ? 1 : 0; $file_set->save(); $this->redirect('/dashboard/files/sets', 'file_set_added'); }
/** Return an User instance given its id (or null if it's not found) * @param int $uID The id of the user * @param boolean $login = false Set to true to make the user the current one * @param boolean $cacheItemsOnLogin = false Set to true to cache some items when $login is true * @return User|null */ public static function getByUserID($uID, $login = false, $cacheItemsOnLogin = true) { $db = Loader::db(); $v = array($uID); $q = "SELECT uID, uName, uIsActive, uLastOnline, uTimezone, uDefaultLanguage FROM Users WHERE uID = ? LIMIT 1"; $r = $db->query($q, $v); $row = $r ? $r->FetchRow() : null; $nu = null; if ($row) { $nu = new User(); $nu->uID = $row['uID']; $nu->uName = $row['uName']; $nu->uIsActive = $row['uIsActive']; $nu->uDefaultLanguage = $row['uDefaultLanguage']; $nu->uLastLogin = $row['uLastLogin']; $nu->uTimezone = $row['uTimezone']; $nu->uGroups = $nu->_getUserGroups(true); $nu->superUser = $nu->getUserID() == USER_SUPER_ID; if ($login) { User::regenerateSession(); $_SESSION['uID'] = $row['uID']; $_SESSION['uName'] = $row['uName']; $_SESSION['uBlockTypesSet'] = false; $_SESSION['uGroups'] = $nu->uGroups; $_SESSION['uLastOnline'] = $row['uLastOnline']; $_SESSION['uTimezone'] = $row['uTimezone']; $_SESSION['uDefaultLanguage'] = $row['uDefaultLanguage']; if ($cacheItemsOnLogin) { Loader::helper('concrete/interface')->cacheInterfaceItems(); } $nu->recordLogin(); } } return $nu; }
public function close() { $u = new User(); $v = array($this->log, htmlentities($this->sessionText, ENT_COMPAT, APP_CHARSET), $this->isInternal, $u->getUserID()); $db = Loader::db(); $db->Execute("insert into Logs (logType, logText, logIsInternal, logUserID) values (?, ?, ?, ?)", $v); $this->sessionText = ''; }
public function canDeleteFileSet() { $fs = $this->getPermissionObject(); $u = new User(); if ($fs->getFileSetType() == FileSet::TYPE_PRIVATE && $fs->getFileSetUserID() == $u->getUserID()) { return true; } return $this->validate('delete_file_set'); }
public function package() { Loader::model('file_set'); $pl = new MootoolsPluginList(); $package = $this->post("package"); $fs = Fileset::getByName($package); $u = new User(); $ui = UserInfo::getByID($u->getUserID()); $username = $ui->getAttribute(MOOTOOLS_GITHUB_USER); $pkgHandle = FRONTEND_DEVELOPER_PACKAGE_HANDLE; $uID = $u->getUserID(); $files = $pl->getMootoolsPluginFiles($fs); $filesets[$fs->getFileSetName()] = $files; $package = Package::getByHandle($pkgHandle); $path = $package->getPackagePath(); include $path . "/elements/plugin_files.php"; exit; }
public function validate(PermissionAccess $pae) { $users = $this->getAccessEntityUsers($pae); if (count($users) == 0) { return false; } else if (is_object($users[0])) { $u = new User(); return $users[0]->getUserID() == $u->getUserID(); } }
public function on_start() { $u = new \User(); if (!$u->isRegistered()) { $this->render('/login'); } $this->error = Loader::helper('validation/error'); $this->set('valt', Loader::helper('validation/token')); $this->set('av', Loader::helper('concrete/avatar')); $this->set('profile', \UserInfo::getByID($u->getUserID())); }
public function view() { $u = new User(); $ui = UserInfo::getByID($u->getUserID()); Loader::model("page_statistics"); Loader::model("user_statistics"); Loader::block('form'); $dh = Loader::helper('date'); if (is_object($ui)) { $this->set('uLastLogin', $dh->date(DATE_APP_GENERIC_MDYT, $ui->getLastLogin('user'))); $this->set('uName', $ui->getUserName()); $this->set('lastEditSite', $dh->date(DATE_APP_GENERIC_MDYT, strtotime(PageStatistics::getSiteLastEdit('user')))); $llu = UserStatistics::getLastLoggedInUser(); if ($llu->getUserID() == $u->getUserID()) { $this->set('lastLoginSite', t('Your login is the most recent.')); } else { $this->set('lastLoginSite', $dh->date(DATE_APP_GENERIC_MDYT, $llu->getLastLogin())); } } $this->set('totalFormSubmissions', FormBlockStatistics::getTotalSubmissions()); $this->set('totalFormSubmissionsToday', FormBlockStatistics::getTotalSubmissions(date('Y-m-d'))); }
public function save($data) { $db = Loader::db(); $db->query("DELETE FROM btBuilderPackage WHERE bID = ?", array(intval($this->bID))); $fsIDs = $this->post("fsID"); foreach ($fsIDs as $key => $fsID) { $db->query("INSERT INTO btBuilderPackage VALUES (?, ?, ?)", array($this->bID, $fsID, $key)); } $u = new User(); $data["uID"] = $u->getUserID(); parent::save($data); }
public function __construct() { $html = Loader::helper('html'); parent::__construct(); $u = new User(); if (!$u->isRegistered()) { $this->set('intro_msg', t('You must sign in order to access this page!')); Loader::controller('/login'); $this->render('/login'); } $this->set('ui', UserInfo::getByID($u->getUserID())); $this->set('av', Loader::helper('concrete/avatar')); }
/** * Generates a unique token for a given action. This is a token in the form of * time:hash, where hash is md5(time:userID:action:salt) * @param string table * @param string key * @param int length */ public function generate($action = '', $time = null) { $u = new User(); $uID = $u->getUserID(); if (!$uID) { $uID = 0; } if ($time == null) { $time = time(); } $hash = $time . ':' . md5($time . ':' . $uID . ':' . $action . ':' . PASSWORD_SALT); return $hash; }
/** * Generates a unique token for a given action. This is a token in the form of * time:hash, where hash is md5(time:userID:action:pepper) * @param string table * @param string key * @param int length */ public function generate($action = '', $time = null) { $u = new User(); $uID = $u->getUserID(); if (!$uID) { $uID = 0; } if ($time == null) { $time = time(); } $hash = $time . ':' . md5($time . ':' . $uID . ':' . $action . ':' . Config::get('SECURITY_TOKEN_VALIDATION')); return $hash; }
public static function set($key, $value) { global $redis; if (!User::isLoggedIn()) { throw new Exception('User is not logged in.'); } $id = User::getUserID(); if (is_null($value) || is_string($value) && strlen(trim($value)) == 0) { $redis->hDel("user:{$id}", $key); return true; } $redis->hSet("user:{$id}", $key, json_encode($value)); return true; }
public static function set($key, $value) { if (!User::isLoggedIn()) { throw new Exception("User is not logged in."); } $id = User::getUserID(); self::$userConfig = null; if (is_null($value) || is_string($value) && strlen(trim($value)) == 0) { // Just remove the row and let the defaults take over return Db::execute("delete from zz_users_config where id = :id and locker = :key", array(":id" => $id, ":key" => $key)); } $value = json_encode($value); return Db::execute("insert into zz_users_config (id, locker, content) values (:id, :key, :value)\n on duplicate key update content = :value", array(":id" => $id, ":key" => $key, ":value" => $value)); }
public function __construct() { $u = new User(); $this->uc = Collection::getByHandle("uID=" . $u->getUserID()); $myNotes = ""; $bl = $this->uc->getBlocks('dashboard_notes'); if (is_object($bl[0])) { $bo = $bl[0]; $this->notesBlock = $bo; $bc = $bl[0]->getInstance(); $myNotes = $bc->content; } $this->set('myNotes', $myNotes); }
public function validate(PermissionAccess $pae) { if ($pae instanceof FileSetPermissionAccess) { return true; } if ($pae instanceof FilePermissionAccess) { $f = $pae->getPermissionObject(); } if (is_object($f)) { $u = new User(); return $u->getUserID() == $f->getUserID(); } return false; }
public function archive() { $id = intval($this->request->request->get('naID')); if ($this->token->validate() && $id > 0) { $u = new \User(); if ($u->isRegistered()) { $r = $this->entityManager->getRepository('Concrete\\Core\\Entity\\Notification\\NotificationAlert'); $alert = $r->findOneById($id); if (is_object($alert) && is_object($alert->getUser()) && $alert->getUser()->getUserID() == $u->getUserID()) { $alert->setNotificationIsArchived(true); $this->entityManager->persist($alert); $this->entityManager->flush(); } } } $this->app->shutdown(); }
public function getMySets($u = false) { if ($u == false) { $u = new User(); } $db = Loader::db(); $sets = array(); $r = $db->Execute('select * from FileSets where fsType = ? or (fsType in (?, ?) and uID = ?) order by fsName asc', array(FileSet::TYPE_PUBLIC, FileSet::TYPE_STARRED, FileSet::TYPE_PRIVATE, $u->getUserID())); while ($row = $r->FetchRow()) { $fs = new FileSet(); $fs->Set($row); $fsp = new Permissions($fs); if ($fsp->canSearchFiles()) { $sets[] = $fs; } } return $sets; }
public function getMootoolsPluginPackage() { Loader::model('file_set'); Loader::model('file_list'); $u = new User(); $fl = new FileList(); $fl->filterByMootoolsPlugin(true); $fl->filterByExtension("js"); $fl->filter('u.uID', $u->getUserID(), '='); $files = $fl->get(); $ufsets = array(); foreach ($files as $file) { $fsets = $file->getFileSets(); foreach ($fsets as $fset) { $ufsets[$fset->getFileSetID()] = $fset; } } return $ufsets; }
public static function addKey($keyID, $vCode, $label = null) { global $mdb; $keyID = (int) $keyID; $userID = User::getUserID(); if ($userID == null) { $userID = 0; } $exists = $mdb->exists('apis', ['keyID' => $keyID, 'vCode' => $vCode]); if ($exists) { if ($userID > 0) { $mdb->set('apis', ['keyID' => $keyID, 'vCode' => $vCode], ['userID' => $userID]); return 'We have assigned this API key to your account.'; } return 'We already have this API in our database.'; } $mdb->save('apis', ['keyID' => $keyID, 'vCode' => $vCode, 'label' => $label, 'lastApiUpdate' => new MongoDate(2), 'userID' => $userID]); return 'Success, your API has been added.'; }
public function on_start() { $u = new \User(); if (!$u->isRegistered()) { return $this->replace('/login'); } $dh = \Core::make('helper/concrete/dashboard'); $desktop = DesktopList::getMyDesktop(); if ($dh->inDashboard($desktop) && $this->getPageObject()->getCollectionPath() != '/account/welcome') { $this->theme = 'dashboard'; $this->set('pageTitle', t('My Account')); } $this->setThemeViewTemplate('account.php'); $this->error = Loader::helper('validation/error'); $this->token = Loader::helper('validation/token'); $this->set('valt', $this->token); $this->set('av', Loader::helper('concrete/avatar')); $this->set('profile', \UserInfo::getByID($u->getUserID())); $nav = new AccountMenu($this->getPageObject()); $this->set('nav', $nav); }
/** * Sets up a list to only return items the proper user can access */ public function setupPermissions() { $u = new User(); if ($u->isSuperUser() || $this->ignorePermissions) { return; // super user always sees everything. no need to limit } $groups = $u->getUserGroups(); $groupIDs = array(); foreach ($groups as $key => $value) { $groupIDs[] = $key; } $uID = -1; if ($u->isRegistered()) { $uID = $u->getUserID(); } $date = Loader::helper('date')->getLocalDateTime(); if ($this->includeAliases) { $cInheritPermissionsFromCID = 'if(p2.cID is null, p1.cInheritPermissionsFromCID, p2.cInheritPermissionsFromCID)'; } else { $cInheritPermissionsFromCID = 'p1.cInheritPermissionsFromCID'; } if (PERMISSIONS_MODEL != 'simple') { // support timed release $this->filter(false, "((select count(cID) from PagePermissions pp1 where pp1.cID = {$cInheritPermissionsFromCID} and\n\t\t\t\t((pp1.cgPermissions like 'r%' and cv.cvIsApproved = 1) or (pp1.cgPermissions like '%rv%')) and (\n\t\t\t\t\t(pp1.gID in (" . implode(',', $groupIDs) . ") or pp1.uID = {$uID})\n\t\t\t\t\tand \n\t\t\t\t\t\t(pp1.cgStartDate is null or pp1.cgStartDate <= '{$date}')\n\t\t\t\t\tand \n\t\t\t\t\t\t(pp1.cgEndDate is null or pp1.cgEndDate >= '{$date}')\n\t\t\t\t)) > 0 or (p1.cPointerExternalLink !='' AND p1.cPointerExternalLink IS NOT NULL ))"); } else { $this->filter(false, "(((select count(cID) from PagePermissions pp1 where pp1.cID = {$cInheritPermissionsFromCID} and pp1.cgPermissions like 'r%' and (pp1.gID in (" . implode(',', $groupIDs) . ") or pp1.uID = {$uID}))) > 0 or (p1.cPointerExternalLink !='' AND p1.cPointerExternalLink IS NOT NULL))"); } }