Exemple #1
0
 /**
  * Handle profile viewing which will handle posting to a publication /
  *
  * @param object    $context    The context object for the site
  *
  * @return void
  */
 public function handle($context)
 {
     # Get the publication corresponding to this RESTful call.
     $pub = R::load('publication', $context->rest()[0]);
     # Redbean generates a bean with id 0 if it doesn't exist
     if ($pub->id == 0) {
         # Ensure to not post to imaginary publication
         (new Web())->bad();
     }
     # Dispense a Post.
     $post = R::dispense('post');
     # Set which staff is making the post.
     $post->poster = $context->user()->id;
     # Must post content, silently strip to a maximum of 8000 characters.
     $post->content = substr(strip_tags($context->mustpostpar('content')), 0, 8000);
     # Associate it to the publication, one->many relation with cascade.
     $pub->xownPosts[] = $post;
     # Persist the data.
     R::store($pub);
     # Divert back to the viewer.
     $context->divert("/viewpub/" . $pub->id);
 }
Exemple #2
0
 /**
  * Handle an action
  *
  * @param object	$context	The context object for the site
  *
  * @return mixed	A template name or an array [template name, mimetype, HTTP code]
  */
 public function handle($context)
 {
     # should never get called really
     $context->divert('/');
     /* NOT REACHED */
 }
Exemple #3
0
 /**
  * Handle things to do with email address confirmation
  *
  * @param object	$context	The context object for the site
  *
  * @return string	A template name
  */
 public function confirm($context)
 {
     if ($context->hasuser()) {
         # logged in, so this stupid....
         $context->divert('/');
     }
     $local = $context->local();
     $tpl = 'index.twig';
     $rest = $context->rest();
     if ($rest[0] === '' || $rest[0] == 'resend') {
         # asking for resend
         $lg = $context->formdata()->post('eorl', '');
         if ($lg === '') {
             # show the form
             $tpl = 'resend.twig';
         } else {
             # handle the form
             $user = $this->eorl($lg);
             if (!is_object($user)) {
                 $local->message(Local::ERROR, 'Sorry, there is no user with that name or email address.');
             } elseif ($user->confirm) {
                 $local->message(Local::WARNING, 'Your email address has already been confirmed.');
             } else {
                 $this->sendconfirm($context, $user);
                 $local->message(Local::MESSAGE, 'A new confirmation link has been sent to your email address.');
             }
         }
     } else {
         # confirming the email
         $x = R::findOne('confirm', 'code=? and kind=?', array($rest[0], 'C'));
         if (is_object($x)) {
             $interval = (new DateTime($context->utcnow()))->diff(new DateTime($x->issued));
             if ($interval->days <= 3) {
                 $x->user->doconfirm();
                 R::trash($x);
                 $local->message(Local::MESSAGE, 'Thank you for confirming your email address. You can now login.');
             } else {
                 $local->message(Local::ERROR, 'Sorry, that code has expired!');
             }
         }
     }
     return $tpl;
 }
 /**
  * Handle things to do with password reset
  *
  * @param object	$context	The context object for the site
  *
  * @return string	A template name
  */
 public function forgot($context)
 {
     if ($context->hasuser()) {
         # logged in, so this stupid....
         $context->divert('/');
     }
     $local = $context->local();
     $tpl = 'index.twig';
     $rest = $context->rest();
     if ($rest[0] === '') {
         $lg = $context->postpar('eorl', '');
         $tpl = 'reset.twig';
         if ($lg != '') {
             $user = $this->eorl($lg);
             if (is_object($user)) {
                 $this->sendreset($context, $user);
                 $local->message('message', 'A password reset link has been sent to your email address.');
                 $tpl = 'index.twig';
             } else {
                 $local->message('errmessage', 'Sorry, there is no user with that name or email address.');
                 $tpl = 'reset.twig';
             }
         }
     } elseif ($rest[0] === 'reset') {
         $tpl = 'pwreset.twig';
         $user = $context->load('user', $context->mustpostpar('uid'));
         $code = $context->mustpostpar('code');
         $xc = R::findOne('confirm', 'code=? and kind=?', array($code, 'P'));
         if (is_object($xc) && $xc->user_id == $user->getID()) {
             $interval = (new DateTime($context->utcnow()))->diff(new DateTime($xc->issued));
             if ($interval->days <= 1) {
                 $pw = $context->mustpostpar('password');
                 if ($pw === $context->mustpostpar('repeat')) {
                     $xc->user->setpw($pw);
                     R::trash($xc);
                     $local->message('message', 'You have reset your password. You can now login.');
                     $tpl = 'index.twig';
                 } else {
                     $local->message('errmessage', 'Sorry, the passwords do not match!');
                 }
             } else {
                 $local->message('errmessage', 'Sorry, that code has expired!');
             }
         } else {
             $context->divert('/');
         }
     } else {
         $x = R::findOne('confirm', 'code=? and kind=?', array($rest[0], 'P'));
         if (is_object($x)) {
             $interval = (new DateTime($context->utcnow()))->diff(new DateTime($x->issued));
             if ($interval->days <= 1) {
                 $local->addval('pwuser', $x->user);
                 $local->addval('code', $x->code);
                 $tpl = 'pwreset.twig';
             } else {
                 $local->message('errmessage', 'Sorry, that code has expired!');
             }
         }
     }
     return $tpl;
 }