/**
* Return tag cloud
*
* @param array $tags key = tag, val = (quantity, id, size)
* @return string html
*/
function tagcloud($tags)
{
$html = '';
if ($tags) {
foreach ($tags as $key => $val) {
$url = suxFunct::makeURL('/blog/tag/' . $val['id']);
$html .= "<a href='{$url}' style='font-size: {$val['size']}%;' class='tag' >{$key}</a> <span class='quantity' >({$val['quantity']})</span> ";
}
}
return $html;
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
$photoalbum = array();
// Editing a photoalbum
$tmp = $this->photo->getAlbumByID($this->id);
if (!$tmp) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
}
// Invalid id
$photoalbum['id'] = $tmp['id'];
$photoalbum['cover'] = $tmp['thumbnail'];
// Don't allow spoofing
unset($dirty['id']);
$this->tpl->assign($photoalbum);
// --------------------------------------------------------------------
// Form logic
// --------------------------------------------------------------------
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
suxValidate::register_validator('integrity', 'integrity:id', 'hasIntegrity');
}
// --------------------------------------------------------------------
// Templating
// --------------------------------------------------------------------
// Start pager
$this->pager->limit = $this->per_page;
$this->pager->setStart();
$this->pager->setPages($this->photo->countPhotos($this->id));
$this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/photos/album/annotate/{$this->id}"));
$this->r->arr['photos'] = $this->photo->getPhotos($this->pager->limit, $this->pager->start, $this->id);
$this->r->text['form_url'] = suxFunct::makeUrl('/photos/album/annotate/' . $this->id, array('page' => $_GET['page']));
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['annotate_2']}";
$this->tpl->display('annotate.tpl');
}
/**
* Constructor
*
* @param int $id message id
*/
function __construct($id = null)
{
// Declare objects
$this->nb = new suxUserNaiveBayesian();
$this->msg = new suxThreadedMessages();
$this->r = new blogRenderer($this->module);
// Renderer
suxValidate::register_object('this', $this);
// Register self to validator
parent::__construct();
// Let the parent do the rest
// Declare properties
$this->msg->setPublished(null);
if ($id) {
if (!filter_var($id, FILTER_VALIDATE_INT) || $id < 1) {
suxFunct::redirect(suxFunct::makeURL('/blog'));
}
// Invalid id
}
// Redirect if not logged in
if (empty($_SESSION['users_id'])) {
suxFunct::redirect(suxFunct::makeUrl('/user/register'));
}
// Security check
if (!$this->user->isRoot()) {
$access = $this->user->getAccess($this->module);
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['admin']) {
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['publisher']) {
suxFunct::redirect(suxFunct::makeUrl('/blog'));
}
// Verfiy that we are allowed to edit this
if (filter_var($id, FILTER_VALIDATE_INT)) {
$tmp = $this->msg->getByID($id);
if ($tmp['users_id'] != $_SESSION['users_id']) {
suxFunct::redirect(suxFunct::makeUrl('/blog'));
}
}
}
}
// Assign id:
$this->id = $id;
}
/**
* Constructor
*
* @param int $id message id
*/
function __construct($id = null)
{
// Declare objects
$this->bm = new suxBookmarks();
$this->r = new bookmarksRenderer($this->module);
// Renderer
suxValidate::register_object('this', $this);
// Register self to validator
parent::__construct();
// Let the parent do the rest
// Declare properties
$this->bm->setPublished(null);
if ($id) {
if (!filter_var($id, FILTER_VALIDATE_INT) || $id < 1) {
suxFunct::redirect(suxFunct::makeURL('/bookmarks'));
}
// Invalid id
}
// Redirect if not logged in
if (empty($_SESSION['users_id'])) {
suxFunct::redirect(suxFunct::makeUrl('/user/register'));
}
// Check that the user is allowed to be here
if (!$this->user->isRoot()) {
$access = $this->user->getAccess($this->module);
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['admin']) {
suxFunct::redirect(suxFunct::makeUrl('/bookmarks'));
}
}
// This module can fallback on approve module
foreach ($GLOBALS['CONFIG']['PREV_SKIP'] as $val) {
if (mb_strpos($val, 'bookmarks/approve') === false) {
$this->prev_skip[] = $val;
}
}
// Assign id:
$this->id = $id;
}
/**
* Constructor
*
* @param int $id album id
*/
function __construct($id = null)
{
if ($id) {
if (!filter_var($id, FILTER_VALIDATE_INT) || $id < 1) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
}
// Invalid id
}
// Declare objects
$this->photo = new suxPhoto();
// Photos
$this->r = new photosRenderer($this->module);
// Renderer
suxValidate::register_object('this', $this);
// Register self to validator
parent::__construct();
// Let the parent do the rest
// Declare properties
$this->photo->setPublished(null);
$this->id = $id;
// Redirect if not logged in
if (empty($_SESSION['users_id'])) {
suxFunct::redirect(suxFunct::makeUrl('/user/register'));
}
// Security check
if (!$this->user->isRoot()) {
$access = $this->user->getAccess($this->module);
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['admin']) {
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['publisher']) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
} elseif ($id) {
if (!$this->photo->isAlbumOwner($id, $_SESSION['users_id'])) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
}
}
}
}
}
/**
* Handle a consumer's request to see if the end user is logged in
* @param bool $wait
*/
private function checkid($wait)
{
$this->debug("checkid: wait? {$wait}");
/* Get the OpenID Request Parameters */
$identity = $_GET['openid_identity'];
if (empty($identity)) {
$this->errorGet('Missing identity');
}
$assoc_handle = null;
if (!empty($_GET['openid_assoc_handle'])) {
$assoc_handle = $_GET['openid_assoc_handle'];
}
$return_to = $_GET['openid_return_to'];
if (empty($return_to)) {
$this->error400('Missing return_to');
}
$trust_root = $return_to;
if (!empty($_GET['openid_trust_root'])) {
$trust_root = $_GET['openid_trust_root'];
}
$sreg_required = '';
if (!empty($_GET['openid_sreg_required'])) {
$sreg_required = $_GET['openid_sreg_required'];
}
$sreg_optional = '';
if (!empty($_GET['openid_sreg_optional'])) {
$sreg_optional = $_GET['openid_sreg_optional'];
}
// concatenate required and optional, if they want it we give it
$sreg_requested = $sreg_required . ',' . $sreg_optional;
// do the trust_root analysis
if ($trust_root != $return_to) {
// the urls are not the same, be sure return decends from trust
if (!$this->urlDescends($return_to, $trust_root)) {
$this->error500('Invalid trust_root: "' . $trust_root . '"');
}
}
// Make sure i am this identifier
if (!mb_strpos($identity, 'user/profile') || !$this->urlDescends(suxFunct::canonicalizeUrl($identity), suxFunct::canonicalizeUrl(suxFunct::makeURL('/', null, true)))) {
$this->debug("Invalid identity: {$identity}");
$this->debug("IdP URL: " . $this->profile['my_url']);
$this->errorGet($return_to, "Invalid identity: '{$identity}'");
}
// Establish trust
if ($this->user->loginCheck() && $this->checkTrusted($_SESSION['users_id'], $trust_root)) {
// The user trusts this URL
$_SESSION['openid_accepted_url'] = $trust_root;
} else {
if ($wait && (!session_is_registered('openid_accepted_url') || $_SESSION['openid_accepted_url'] != $trust_root)) {
// checkid_setup_mode()
$_SESSION['openid_cancel_accept_url'] = $return_to;
$_SESSION['openid_post_accept_url'] = $this->profile['req_url'];
$_SESSION['openid_unaccepted_url'] = $trust_root;
$this->debug('Transferring to acceptance mode.');
$this->debug('Cancel URL: ' . $_SESSION['openid_cancel_accept_url']);
$this->debug('Post URL: ' . $_SESSION['openid_post_accept_url']);
$q = mb_strpos($this->profile['my_url'], '?') ? '&' : '?';
$this->wrapRefresh($this->profile['my_url'] . $q . 'openid.mode=accept');
}
}
// begin setting up return keys
$keys = array('mode' => 'id_res');
// if the user is not logged in, transfer to the authorization mode
if ($this->user->loginCheck() === false) {
if ($wait) {
unset($_SESSION['openid_uniqid']);
$_SESSION['openid_cancel_auth_url'] = $return_to;
$_SESSION['openid_post_auth_url'] = $this->profile['req_url'];
$this->debug('Transferring to authorization mode.');
$this->debug('Cancel URL: ' . $_SESSION['openid_cancel_auth_url']);
$this->debug('Post URL: ' . $_SESSION['openid_post_auth_url']);
$q = mb_strpos($this->profile['my_url'], '?') ? '&' : '?';
$this->wrapRefresh($this->profile['my_url'] . $q . 'openid.mode=authorize');
} else {
$keys['user_setup_url'] = $this->profile['my_url'];
}
} else {
// Trust URL
if (isset($_SESSION['openid_always_trust']) && $_SESSION['openid_always_trust'] == 'yes') {
$this->trustUrl($_SESSION['users_id'], $_SESSION['openid_accepted_url']);
}
// the user is logged in
// remove the refresh URLs if set
unset($_SESSION['openid_cancel_auth_url']);
unset($_SESSION['openid_post_auth_url']);
// check the assoc handle
list($shared_secret, $expires) = $this->secret($assoc_handle);
// if I can't verify the assoc_handle, or if it's expired
if (!$shared_secret || is_numeric($expires) && $expires < time()) {
$this->debug("Session expired or missing key: {$expires} < " . time());
if ($assoc_handle != null) {
$keys['invalidate_handle'] = $assoc_handle;
$this->destroyAssocHandle($assoc_handle);
}
$lifetime = time() + $this->profile['lifetime'];
list($assoc_handle, $shared_secret) = $this->newAssoc($lifetime);
}
// $keys['identity'] = $this->profile['my_url'];
$keys['identity'] = suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname'], null, true);
$keys['assoc_handle'] = $assoc_handle;
$keys['return_to'] = $return_to;
$fields = array_keys($keys);
$tokens = '';
foreach ($fields as $key) {
$tokens .= sprintf("%s:%s\n", $key, $keys[$key]);
}
// add sreg keys
if ($this->user->loginCheck()) {
$u = $this->user->getByID($_SESSION['users_id'], true);
$sreg = @array('nickname' => $u['nickname'], 'email' => $u['email'], 'fullname' => "{$u['given_name']} {$u['family_name']}", 'dob' => $u['dob'], 'gender' => $u['gender'], 'postcode' => $u['postcode'], 'country' => $u['country'], 'language' => $u['language'], 'timezone' => $u['timezone']);
// Unset empties
foreach ($sreg as $key => $val) {
$val = trim($val);
if (empty($val)) {
unset($sreg[$key]);
}
}
// Sign keys
foreach (explode(',', $sreg_requested) as $key) {
$skey = 'sreg.' . $key;
if (!empty($sreg[$key])) {
$tokens .= sprintf("%s:%s\n", $skey, $sreg[$key]);
$keys[$skey] = $sreg[$key];
$fields[] = $skey;
}
}
}
$keys['signed'] = implode(',', $fields);
$keys['sig'] = base64_encode(hash_hmac('sha1', $tokens, $shared_secret, true));
}
$this->wrapLocation($return_to, $keys);
}
/**
* Process the form
*
* @param array $clean reference to validated $_POST
*/
function formProcess(&$clean)
{
if (!isset($_FILES['image']) || !is_uploaded_file($_FILES['image']['tmp_name'])) {
throw new Exception('No file uploaded?');
}
// Check that the user is allowed to upload photos / Security check #2
if (!$this->user->isRoot()) {
$access = $this->user->getAccess($this->module);
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['admin']) {
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['publisher']) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
} elseif (!$this->photo->isAlbumOwner($clean['album'], $_SESSION['users_id'])) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
}
}
}
// Commence collecting $photo array
$photo['photoalbums_id'] = $clean['album'];
// Get extension
$format = explode('.', $_FILES['image']['name']);
$format = strtolower(end($format));
// Set the data dir
$data_dir = suxFunct::dataDir($this->module);
if ($format != 'zip') {
// ----------------------------------------------------------------
// Image file
// ----------------------------------------------------------------
list($resize, $fullsize) = suxPhoto::renameImage($_FILES['image']['name']);
$photo['image'] = $resize;
// Add image to $photo array
$resize = $data_dir . "/{$resize}";
$fullsize = $data_dir . "/{$fullsize}";
$md5 = md5_file($_FILES['image']['tmp_name']);
if (!$this->photo->isDupe($md5, $_SESSION['users_id'], $photo['photoalbums_id'])) {
suxPhoto::resizeImage($format, $_FILES['image']['tmp_name'], $resize, $this->tpl->getConfigVars('thumbnailWidth'), $this->tpl->getConfigVars('thumbnailHeight'));
move_uploaded_file($_FILES['image']['tmp_name'], $fullsize);
// Insert $photo into database
$photo['md5'] = $md5;
$this->photo->savePhoto($_SESSION['users_id'], $photo);
}
} else {
// ----------------------------------------------------------------
// Zip file
// ----------------------------------------------------------------
$tmp_dir = $GLOBALS['CONFIG']['PATH'] . '/temporary/' . md5(uniqid(mt_rand(), true));
if (!is_dir($tmp_dir) && !mkdir($tmp_dir, 0777, true)) {
throw new Exception('Can\'t create temp dir ' . $tmp_dir);
}
if (suxFunct::unzip($_FILES['image']['tmp_name'], $tmp_dir)) {
$valid_formats = array('jpg', 'jpeg', 'png', 'gif');
$files = array();
foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($tmp_dir)) as $file) {
if (!$file->isFile()) {
continue;
}
if (mb_strpos($file->getPathname(), '__MACOSX') !== false) {
continue;
}
$files[$file->getPathname()] = $file->getFilename();
}
foreach ($files as $filepath => $file) {
$format = explode('.', $file);
$format = strtolower(end($format));
if (!in_array($format, $valid_formats)) {
continue;
}
// Skip
list($resize, $fullsize) = suxPhoto::renameImage($file);
$photo['image'] = $resize;
// Add image to $photo array
$resize = $data_dir . "/{$resize}";
$fullsize = $data_dir . "/{$fullsize}";
$md5 = md5_file($filepath);
if (!$this->photo->isDupe($md5, $_SESSION['users_id'], $photo['photoalbums_id'])) {
suxPhoto::resizeImage($format, $filepath, $resize, $this->tpl->getConfigVars('thumbnailWidth'), $this->tpl->getConfigVars('thumbnailHeight'));
copy($filepath, $fullsize);
// Insert $photo into database
$photo['md5'] = $md5;
$this->photo->savePhoto($_SESSION['users_id'], $photo);
}
}
}
suxFunct::obliterateDir($tmp_dir);
}
$this->log->write($_SESSION['users_id'], "sux0r::photosUpload() photoalbums_id: {$photo['photoalbums_id']}", 1);
// Private
$this->photo->setPublished(true);
$tmp = $this->photo->getAlbumByID($photo['photoalbums_id']);
// Is actually published?
$this->photo->setPublished(null);
// Revert
if ($tmp) {
// Clear all caches, cheap and easy
$this->tpl->clearAllCache();
// Log message
$log = '';
$url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true);
$log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> ";
$log .= mb_strtolower($this->r->gtext['uploaded_images']);
$url = suxFunct::makeUrl("/photos/album/{$tmp['id']}", null, true);
$log .= " <a href='{$url}'>{$tmp['title']}</a>";
// Log
$this->log->write($_SESSION['users_id'], $log);
// Clear caches, cheap and easy
$tpl = new suxTemplate('user');
$tpl->clearCache(null, $_SESSION['nickname']);
}
}
