/**
* To be used for basic registration, and captcha registration
*/
public function InsertForBasic($FormPostValues)
{
$UserID = FALSE;
// Define the primary key in this model's table.
$this->DefineSchema();
// Add & apply any extra validation rules:
$this->Validation->ApplyRule('Email', 'Email');
// TODO: DO I NEED THIS?!
// Make sure that the checkbox val for email is saved as the appropriate enum
if (array_key_exists('ShowEmail', $FormPostValues)) {
$FormPostValues['ShowEmail'] = ForceBool($FormPostValues['ShowEmail'], '0', '1', '0');
}
$this->AddInsertFields($FormPostValues);
if ($this->Validate($FormPostValues, TRUE) === TRUE) {
$Fields = $this->Validation->ValidationFields();
// All fields on the form that need to be validated (including non-schema field rules defined above)
$Username = ArrayValue('Name', $Fields);
$Email = ArrayValue('Email', $Fields);
$Fields = $this->Validation->SchemaValidationFields();
// Only fields that are present in the schema
$Fields = RemoveKeyFromArray($Fields, $this->PrimaryKey);
$Fields['Password'] = array('md5' => $Fields['Password']);
// If in Captcha registration mode, check the captcha value
if (Gdn::Config('Garden.Registration.Method') == 'Captcha') {
$CaptchaPublicKey = ArrayValue('Garden.Registration.CaptchaPublicKey', $FormPostValues, '');
$CaptchaValid = ValidateCaptcha($CaptchaPublicKey);
if ($CaptchaValid !== TRUE) {
$this->Validation->AddValidationResult('Garden.Registration.CaptchaPublicKey', 'The reCAPTCHA value was not entered correctly. Please try again.');
return FALSE;
}
}
if (!$this->ValidateUniqueFields($Username, $Email)) {
return FALSE;
}
// Define the other required fields:
$Fields['Email'] = $Email;
// And insert the new user
$UserID = $this->_Insert($Fields);
AddActivity($UserID, 'Join', T('Welcome Aboard!'));
// Now update the role settings if necessary
$RoleIDs = Gdn::Config('Garden.Registration.DefaultRoles', array(8));
$this->SaveRoles($UserID, $RoleIDs, FALSE);
}
return $UserID;
}
function DefineCollection($Collection, $ParameterPrefix = "", $IncludeByPrefix = "0", $ExcludeByPrefix = "0")
{
$ParameterPrefix = ForceString($ParameterPrefix, "");
$IncludeByPrefix = ForceBool($IncludeByPrefix, 0);
$ExcludeByPrefix = ForceBool($ExcludeByPrefix, 0);
$Add = 1;
while (list($key, $value) = each($Collection)) {
$Add = 1;
if ($ParameterPrefix != "") {
$PrefixMatchLocation = strstr($key, $ParameterPrefix);
// If the prefix isn't found or the location is anywhere other than 0 (the start of the variable name)
if ($PrefixMatchLocation === false || $PrefixMatchLocation != 0) {
if ($IncludeByPrefix) {
$Add = 0;
}
} else {
if ($ExcludeByPrefix) {
$Add = 0;
}
}
}
if ($Add) {
$this->Add($key, $value);
}
}
}
function GetWhosOnline()
{
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder");
$s->SetMainTable("User", "u");
$s->AddSelect(array("Name", "UserID", "DateLastActive", "Preferences"), "u");
$s->AddWhere("u", "DateLastActive", "", "DATE_SUB(NOW(), INTERVAL 5 MINUTE)", ">=", NULL, NULL, 0);
$result = $this->Context->Database->Select($s, $this->Name, "GetRecentUsers", "An error occurred while attempting to retrieve the requested information.");
if ($this->Context->Database->RowCount($result) == 0) {
return NULL;
} else {
$my_array = array();
while ($rows = $this->Context->Database->GetRow($result)) {
if ($rows["Preferences"]) {
$settings = unserialize($rows["Preferences"]);
if (array_key_exists("Phantom", $settings)) {
$phantom = ForceBool($settings["Phantom"], 0);
} else {
$phantom = false;
}
} else {
$phantom = false;
}
array_push($my_array, array("Name" => $rows["Name"], "UserID" => $rows["UserID"], "DateLastActive" => $rows["DateLastActive"], "Phantom" => $phantom));
}
return $my_array;
}
}
function AddOptionsFromDataSet(&$Database, $DataSet, $IdField, $DisplayField, $CheckedField, $FlipCheckedValue, $Attributes = '')
{
$FlipCheckedValue = ForceBool($FlipCheckedValue, 0);
while ($rows = $Database->GetRow($DataSet)) {
$this->AddOption($rows[$IdField], $rows[$DisplayField], $rows[$CheckedField], $FlipCheckedValue, $Attributes);
}
}
function FormatPropertiesForDisplay($IncludeContents = "0")
{
$IncludeContents = ForceBool($IncludeContents, 0);
$this->Label = FormatStringForDisplay($this->Label);
if ($IncludeContents) {
$this->Contents = htmlspecialchars($this->Contents);
}
}
function GetPropertiesFromDataSet($DataSet)
{
$this->CategoryID = ForceInt(@$DataSet['CategoryID'], 0);
$this->Name = ForceString(@$DataSet['Name'], '');
$this->Description = ForceString(@$DataSet['Description'], '');
$this->DiscussionCount = ForceInt(@$DataSet['DiscussionCount'], 0);
$this->Blocked = ForceBool(@$DataSet['Blocked'], 0);
$this->RoleBlocked = ForceBool(@$DataSet['RoleBlocked'], 0);
}
function GetVariable($Name, $DataType = 'bool')
{
if ($DataType == 'int') {
return ForceInt(@$_SESSION[$Name], 0);
} elseif ($DataType == 'bool') {
return ForceBool(@$_SESSION[$Name], 0);
} else {
return ForceString(@$_SESSION[$Name], '');
}
}
function GetPropertiesFromDataSet($DataSet, $ParseKeywords = '0')
{
$ParseKeywords = ForceBool($ParseKeywords, 0);
$this->SearchID = ForceInt(@$DataSet['SearchID'], 0);
$this->Label = ForceString(@$DataSet['Label'], '');
$this->Type = $this->DefineType(ForceString(@$DataSet['Type'], ''));
$this->Keywords = urldecode(ForceString(@$DataSet['Keywords'], ''));
if ($ParseKeywords) {
$this->ParseKeywords($this->Type, $this->Keywords);
}
}
function GetPropertiesFromDataSet($DataSet, $ParseKeywords = "0")
{
$ParseKeywords = ForceBool($ParseKeywords, 0);
$this->SearchID = ForceInt(@$DataSet["SearchID"], 0);
$this->Label = ForceString(@$DataSet["Label"], "");
$this->Type = $this->DefineType(ForceString(@$DataSet["Type"], ""));
$this->Keywords = urldecode(ForceString(@$DataSet["Keywords"], ""));
if ($ParseKeywords) {
$this->ParseKeywords($this->Type, $this->Keywords);
}
}
function GetVariable($Name, $DataType = "bool")
{
if ($DataType == "int") {
return ForceInt(@$_SESSION[$Name], 0);
} elseif ($DataType == "bool") {
return ForceBool(@$_SESSION[$Name], 0);
} elseif ($DataType == "Array") {
return ForceArray(@$_SESSION[$Name], array());
} else {
return ForceString(@$_SESSION[$Name], "");
}
}
function GetPropertiesFromDataSet($DataSet)
{
$this->RoleID = ForceInt(@$DataSet["RoleID"], 0);
$this->Name = ForceString(@$DataSet["Name"], "");
$this->Icon = ForceString(@$DataSet["Icon"], "");
$this->Description = ForceString(@$DataSet["Description"], "");
$this->CanLogin = ForceBool(@$DataSet["CanLogin"], 0);
$this->CanPostDiscussion = ForceBool(@$DataSet["CanPostDiscussion"], 0);
$this->CanPostComment = ForceBool(@$DataSet["CanPostComment"], 0);
$this->CanPostHTML = ForceBool(@$DataSet["CanPostHTML"], 0);
$this->CanViewIps = ForceBool(@$DataSet["CanViewIps"], 0);
$this->AdminUsers = ForceBool(@$DataSet["AdminUsers"], 0);
$this->AdminCategories = ForceBool(@$DataSet["AdminCategories"], 0);
$this->MasterAdmin = ForceBool(@$DataSet["MasterAdmin"], 0);
$this->ShowAllWhispers = ForceBool(@$DataSet["ShowAllWhispers"], 0);
}
function InsertItemAt(&$Collection, $Item, $Position, $ForcePosition = '0')
{
$ForcePosition = ForceBool($ForcePosition, 0);
if (array_key_exists($Position, $Collection)) {
if ($ForcePosition) {
// Move the item currently in that position ahead (forced ahead)
$this->InsertItemAt($Collection, $Collection[$Position], $Position + 1, 1);
// Place this item at the desired position
$Collection[$Position] = $Item;
} else {
$this->InsertItemAt($Collection, $Item, $Position + 1);
}
} else {
$Collection[$Position] = $Item;
}
}
function GetCategoryBuilder($IncludeCount = '0', $ForceRoleBlock = '1')
{
$IncludeCount = ForceBool($IncludeCount, 0);
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('Category', 'c');
if ($IncludeCount) {
if ($this->Context->Session->User->Permission('PERMISSION_REMOVE_CATEGORIES') && $this->Context->Session->User->Preference('ShowDeletedDiscussions')) {
$s->AddJoin('Discussion', 'd', 'CategoryID', 'c', 'CategoryID', 'left join');
} else {
$s->AddJoin('Discussion', 'd', 'CategoryID', 'c', 'CategoryID', 'left join', " and d." . $this->Context->DatabaseColumns['Discussion']['Active'] . " = 1");
}
$s->AddSelect('DiscussionID', 'd', 'DiscussionCount', 'count');
}
$s->AddSelect(array('CategoryID', 'Name', 'Description'), 'c', '', '', '', 1);
$BlockCategoriesByRole = 1;
if ($this->Context->Session->User->Permission('PERMISSION_ADD_CATEGORIES') || $this->Context->Session->User->Permission('PERMISSION_EDIT_CATEGORIES') || $this->Context->Session->User->Permission('PERMISSION_REMOVE_CATEGORIES')) {
$BlockCategoriesByRole = 0;
}
if ($ForceRoleBlock) {
$BlockCategoriesByRole = 1;
}
if ($this->Context->Session->UserID > 0) {
$s->AddJoin('CategoryRoleBlock', 'crb', 'CategoryID', 'c', 'CategoryID', 'left join', ' and crb.' . $this->Context->DatabaseColumns['CategoryRoleBlock']['RoleID'] . ' = ' . $this->Context->Session->User->RoleID);
$s->AddJoin('CategoryBlock', 'b', 'CategoryID', 'c', 'CategoryID', 'left join', ' and b.' . $this->Context->DatabaseColumns['CategoryBlock']['UserID'] . ' = ' . $this->Context->Session->UserID);
$s->AddSelect('Blocked', 'b', 'Blocked', 'coalesce', '0');
} else {
$s->AddJoin('CategoryRoleBlock', 'crb', 'CategoryID', 'c', 'CategoryID', 'left join', ' and crb.' . $this->Context->DatabaseColumns['CategoryRoleBlock']['RoleID'] . ' = 1');
}
// Limit to categories that this user is allowed to see.
if ($BlockCategoriesByRole) {
$s->AddWhere('crb', 'Blocked', '', 0, '=', 'and', '', 1, 1);
$s->AddWhere('crb', 'Blocked', '', 0, '=', 'or', '', 0);
$s->AddWhere('crb', 'Blocked', '', 'null', 'is', 'or', '', 0);
$s->EndWhereGroup();
} else {
// Identify which of these categories is blocked by role
// (so administrators can easily see what they do and don't have access to)
$s->AddSelect('Blocked', 'crb', 'RoleBlocked', 'coalesce', '0');
}
$this->DelegateParameters['IncludeCount'] = $IncludeCount;
$this->DelegateParameters['ForceRoleBlock'] = $ForceRoleBlock;
$this->DelegateParameters['SqlBuilder'] =& $s;
$this->CallDelegate('PostGetCategoryBuilder');
return $s;
}
function Authenticate($Username, $Password, $PersistentSession)
{
// Validate the username and password that have been set
$Username = FormatStringForDatabaseInput($Username);
$Password = FormatStringForDatabaseInput($Password);
$UserID = 0;
// Retrieve matching username/password values
$s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder');
$s->SetMainTable('User', 'u');
$s->AddJoin('Role', 'r', 'RoleID', 'u', 'RoleID', 'left join');
$s->AddSelect(array('UserID', 'VerificationKey'), 'u');
$s->AddSelect('PERMISSION_SIGN_IN', 'r');
$s->AddWhere('u', 'Name', '', $Username, '=');
$s->AddWhere('u', 'Password', '', $Password, '=', 'and', 'md5', 1, 1);
$s->AddWhere('u', 'Password', '', $Password, '=', 'or');
$s->EndWhereGroup();
$UserResult = $this->Context->Database->Select($s, 'Authenticator', 'Authenticate', 'An error occurred while attempting to validate your credentials');
if (!$UserResult) {
$UserID = -2;
} elseif ($this->Context->Database->RowCount($UserResult) > 0) {
$CanSignIn = 0;
$VerificationKey = '';
while ($rows = $this->Context->Database->GetRow($UserResult)) {
$VerificationKey = ForceString($rows['VerificationKey'], '');
if ($VerificationKey == '') {
$VerificationKey = DefineVerificationKey();
}
$UserID = ForceInt($rows['UserID'], 0);
$CanSignIn = ForceBool($rows['PERMISSION_SIGN_IN'], 0);
}
if (!$CanSignIn) {
$UserID = -1;
} else {
// Update the user's information
$this->UpdateLastVisit($UserID, $VerificationKey);
// Assign the session value
$this->AssignSessionUserID($UserID);
// Set the 'remember me' cookies
if ($PersistentSession) {
$this->SetCookieCredentials($UserID, $VerificationKey);
}
}
}
return $UserID;
}
function CommentLinks_AddLink(&$CommentGrid)
{
$Context =& $CommentGrid->Context;
$UnCounted =& $Context->PassThruVars['CommentLinks_UnCounted'];
$Page = ForceIncomingInt('page', 1) - 1;
$Comment =& $CommentGrid->DelegateParameters['Comment'];
$RowNumber =& $CommentGrid->DelegateParameters['RowNumber'];
// count the whispers & deleted comments on prior page(s), if any
if (1 == $RowNumber && 1 <= $Page && !$Comment->DiscussionWhisperUserID) {
$cm = $Context->ObjectFactory->NewContextObject($Context, 'CommentManager');
$DiscussionID = ForceIncomingString('DiscussionID', 0);
$PriorPages = $Page;
while (1 <= $PriorPages) {
$CommentData = $cm->GetCommentList($Context->Configuration['COMMENTS_PER_PAGE'], $PriorPages--, $DiscussionID);
while ($Row = $Context->Database->GetRow($CommentData)) {
if (ForceInt($Row['WhisperUserID'], 0) || ForceBool($Row['Deleted'], 0)) {
$UnCounted++;
}
}
}
}
if (!CommentLinks_WHISPERS && ($Comment->WhisperUserID || $Comment->DiscussionWhisperUserID)) {
$UnCounted++;
} else {
$Number = $RowNumber - $UnCounted + $Page * $Context->Configuration['COMMENTS_PER_PAGE'];
// Uncounted comments should not be numbered, but may still be linkable
if ($Comment->WhisperUserID || $Comment->DiscussionWhisperUserID || $Comment->Deleted) {
$UnCounted++;
$Number = $Comment->Deleted ? $Context->GetDefinition('CommentLinks_Deleted') : $Context->GetDefinition('CommentLinks_Whispered');
}
// This results in a shorter permalink URL that will persist if FriendlyURLs is later turned off.
$Url = $Context->Configuration['BASE_URL'] . '?CommentID=' . $Comment->CommentID;
$Link = '<a href="' . $Url . '" id="CommentID_' . $Comment->CommentID . '" rel="nofollow" Title="';
if (CommentLinks_CLIPBOARD) {
$Default = $Context->PassThruVars['CommentLinks_DefaultFormat'];
$Link .= str_replace('//1', $Default, $Context->GetDefinition('CommentLinks_DblClk')) . '" onclick="ShowMenu(' . $Comment->CommentID . ',\'' . $Number . '\');return false;" ondblclick="CopyDefault(' . $Comment->CommentID . ',\'' . $Number . '\');return false;';
} else {
$Link .= $Context->GetDefinition('CommentLinks_Permalink');
}
$CommentList =& $CommentGrid->DelegateParameters['CommentList'];
$CommentList .= $Link . '"># ' . $Number . '</a>';
}
}
public function Visible($PageID)
{
$Page = $this->PageModel->GetID($PageID);
if ($this->Form->IsPostBack()) {
$Visible = ForceBool($Page->Visible, 0, 0, 1);
// Invert Visible property.
$this->PageModel->SetProperty($Page->PageID, 'Visible', $Visible);
$Page = $this->PageModel->GetID($PageID);
// Get just updated content.
if ($this->DeliveryType() == DELIVERY_TYPE_ALL) {
$Target = GetIncomingValue('Target', '/candy/page/browse');
Redirect($Target);
}
$this->SetData('Content', $Page);
$PageInfoModule = new PageInfoModule($this);
$this->JsonTarget('#PageInfoModule', $PageInfoModule->ToString(), 'Html');
} else {
$this->Form->SetData($Page);
}
$this->Render();
}
function GetPropertiesFromDataSet($DataSet)
{
$this->RoleID = ForceInt(@$DataSet['RoleID'], 0);
$this->RoleName = ForceString(@$DataSet['Name'], '');
$this->Icon = ForceString(@$DataSet['Icon'], '');
$this->Description = ForceString(@$DataSet['Description'], '');
$this->PERMISSION_SIGN_IN = ForceBool(@$DataSet['PERMISSION_SIGN_IN'], 0);
$this->PERMISSION_HTML_ALLOWED = ForceBool(@$DataSet['PERMISSION_HTML_ALLOWED'], 0);
$this->PERMISSION_RECEIVE_APPLICATION_NOTIFICATION = ForceBool(@$DataSet['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION'], 0);
$this->Unauthenticated = ForceBool(@$DataSet['Unauthenticated'], 0);
$TempPermissions = '';
$TempPermissions = ForceString(@$DataSet['Permissions'], '');
$TempPermissions = UnserializeAssociativeArray($TempPermissions);
$this->Permissions['PERMISSION_SIGN_IN'] = $this->PERMISSION_SIGN_IN;
$this->Permissions['PERMISSION_HTML_ALLOWED'] = $this->PERMISSION_HTML_ALLOWED;
$this->Permissions['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION'] = $this->PERMISSION_RECEIVE_APPLICATION_NOTIFICATION;
while (list($TempKey, $TempValue) = each($TempPermissions)) {
$this->Permissions[$TempKey] = $TempValue;
}
unset($TempPermissions);
}
function Authenticate($Username, $Password, $PersistentSession)
{
// Validate the username and password that have been set
$Username = FormatStringForDatabaseInput($Username);
$Password = FormatStringForDatabaseInput($Password);
$UserID = 0;
// Retrieve matching username/password values
$Query = "select u.UserID, r.PERMISSION_SIGN_IN\n\t\t\tfrom " . $this->Context->Configuration['DATABASE_TABLE_PREFIX'] . "User u\n\t\t\tinner join " . $this->Context->Configuration['DATABASE_TABLE_PREFIX'] . "Role r\n\t\t\t\ton u.RoleID = r.RoleID\n\t\t\twhere u.Name = '" . $Username . "'\n\t\t\t\tand u.Password = '******'";
$UserResult = $this->Context->Database->Execute($Query, 'Authenticator', 'Authenticate', 'An error occurred while attempting to validate your credentials');
if (!$UserResult) {
$UserID = -2;
} elseif ($this->Context->Database->RowCount($UserResult) > 0) {
$CanSignIn = 0;
$EncryptedUserID = '';
$VerificationKey = '';
while ($rows = $this->Context->Database->GetRow($UserResult)) {
$EncryptedUserID = md5($rows['UserID']);
$VerificationKey = DefineVerificationKey();
$UserID = ForceInt($rows['UserID'], 0);
$CanSignIn = ForceBool($rows['PERMISSION_SIGN_IN'], 0);
}
if (!$CanSignIn) {
$UserID = -1;
} else {
// Update the user's information
$this->UpdateLastVisit($UserID, $VerificationKey);
// Assign the session value
$this->AssignSessionUserID($UserID);
// Set the 'remember me' cookies
if ($PersistentSession) {
$this->SetCookieCredentials($EncryptedUserID, $VerificationKey);
}
}
}
return $UserID;
}
function AddWhere($Parameter1, $Parameter2, $ComparisonOperator, $AppendMethod = "and", $Function = "", $QuoteParameter2 = "1", $StartWhereGroup = "0")
{
$StartWhereGroup = ForceBool($StartWhereGroup, 0);
// Add the append method if there is an existing clause
if ($this->Wheres != "" && substr($this->Wheres, strlen($this->Wheres) - 1) != "(") {
$this->Wheres .= $AppendMethod . " ";
}
if ($StartWhereGroup) {
$this->Wheres .= "(";
}
if ($QuoteParameter2 == '1') {
$Parameter2 = "'" . $Parameter2 . "'";
}
if ($Function != "") {
$Parameter2 = $Function . "(" . $Parameter2 . ")";
}
// Do the comparison operation
$this->Wheres .= $Parameter1 . " " . $ComparisonOperator . " " . $Parameter2 . " ";
}
/**
* Searches through the /cache/controller_mappings.php file for the requested
* controller. If it doesn't find it, it searches through the entire
* application's folders for the requested controller. If it finds the
* controller, it adds the mapping to /cache/controller_mappings.php so it
* won't need to search again. If it doesn't find the controller file
* anywhere, it throws a fatal error.
*
* @param boolean $ThrowErrorOnFailure
* @todo $ThrowErrorOnFailure needs a description.
*/
private function _FetchController($ThrowErrorOnFailure = FALSE)
{
$ControllerWhiteList = $this->EnabledApplicationFolders();
// Don't include it if it's already been included
if (!class_exists($this->ControllerName())) {
$PathParts = array('controllers');
if ($this->_ControllerFolder != '') {
$PathParts[] = $this->_ControllerFolder;
}
$PathParts[] = strtolower($this->_ControllerName) . '.php';
$ControllerFileName = CombinePaths($PathParts);
// Force the mapping to search in the app folder if it was in the request
if ($this->_ApplicationFolder != '' && InArrayI($this->_ApplicationFolder, $ControllerWhiteList)) {
// Limit the white list to the specified application folder
$ControllerWhiteList = array($this->_ApplicationFolder);
}
$ControllerPath = Gdn_FileSystem::FindByMapping('controller_mappings.php', 'Controller', PATH_APPLICATIONS, $ControllerWhiteList, $ControllerFileName);
if ($ControllerPath !== FALSE) {
// Strip the "Application Folder" from the controller path (this is
// used by the controller for various purposes. ie. knowing which
// application to search in for a view file).
$this->_ApplicationFolder = explode(DS, str_replace(PATH_APPLICATIONS . DS, '', $ControllerPath));
$this->_ApplicationFolder = $this->_ApplicationFolder[0];
// Load the application's master controller
if (!class_exists($this->_ApplicationFolder . 'Controller')) {
include CombinePaths(array(PATH_APPLICATIONS, $this->_ApplicationFolder, 'controllers', 'appcontroller.php'));
}
// Now load the library (no need to check for existence - couldn't
// have made it here if it didn't exist).
include $ControllerPath;
}
}
if (!class_exists($this->ControllerName())) {
if ($ThrowErrorOnFailure === TRUE) {
if (ForceBool(Gdn::Config('Garden.Debug'))) {
trigger_error(ErrorMessage('Controller not found: ' . $this->ControllerName(), 'Dispatcher', '_FetchController'), E_USER_ERROR);
} else {
// Return a 404 message
list($this->_ApplicationFolder, $this->_ControllerName, $this->_ControllerMethod) = explode('/', $this->Routes['Default404']);
$ControllerFileName = CombinePaths(array('controllers', strtolower($this->_ControllerName) . '.php'));
$ControllerPath = Gdn_FileSystem::FindByMapping('controller_mappings.php', 'Controller', PATH_APPLICATIONS, $ControllerWhiteList, $ControllerFileName);
include CombinePaths(array(PATH_APPLICATIONS, $this->_ApplicationFolder, 'controllers', 'appcontroller.php'));
include $ControllerPath;
}
}
return FALSE;
} else {
return TRUE;
}
}
/**
* To be used for basic registration, and captcha registration.
*
* @param $FormPostValues
* @param bool $CheckCaptcha
* @param array $Options
* @return bool|int|string
* @throws Exception
*/
public function insertForBasic($FormPostValues, $CheckCaptcha = true, $Options = array())
{
$RoleIDs = RoleModel::getDefaultRoles(RoleModel::TYPE_MEMBER);
if (!is_array($RoleIDs) || count($RoleIDs) == 0) {
throw new Exception(t('The default role has not been configured.'), 400);
}
if (val('SaveRoles', $Options)) {
$RoleIDs = val('RoleID', $FormPostValues);
}
$UserID = false;
// Define the primary key in this model's table.
$this->defineSchema();
// Add & apply any extra validation rules.
if (val('ValidateEmail', $Options, true)) {
$this->Validation->applyRule('Email', 'Email');
}
// TODO: DO I NEED THIS?!
// Make sure that the checkbox val for email is saved as the appropriate enum
if (array_key_exists('ShowEmail', $FormPostValues)) {
$FormPostValues['ShowEmail'] = ForceBool($FormPostValues['ShowEmail'], '0', '1', '0');
}
if (array_key_exists('Banned', $FormPostValues)) {
$FormPostValues['Banned'] = ForceBool($FormPostValues['Banned'], '0', '1', '0');
}
$this->addInsertFields($FormPostValues);
if ($this->validate($FormPostValues, true) === true) {
$Fields = $this->Validation->validationFields();
// All fields on the form that need to be validated (including non-schema field rules defined above)
$Username = val('Name', $Fields);
$Email = val('Email', $Fields);
$Fields = $this->Validation->schemaValidationFields();
// Only fields that are present in the schema
$Fields['Roles'] = $RoleIDs;
unset($Fields[$this->PrimaryKey]);
// If in Captcha registration mode, check the captcha value
if ($CheckCaptcha && Gdn::config('Garden.Registration.Method') == 'Captcha') {
$CaptchaPublicKey = val('Garden.Registration.CaptchaPublicKey', $FormPostValues, '');
$CaptchaValid = validateCaptcha($CaptchaPublicKey);
if ($CaptchaValid !== true) {
$this->Validation->addValidationResult('Garden.Registration.CaptchaPublicKey', 'The reCAPTCHA value was not entered correctly. Please try again.');
return false;
}
}
if (!$this->validateUniqueFields($Username, $Email)) {
return false;
}
// Check for spam.
if (val('ValidateSpam', $Options, true)) {
$ValidateSpam = $this->validateSpamRegistration($FormPostValues);
if ($ValidateSpam !== true) {
return $ValidateSpam;
}
}
// Define the other required fields:
$Fields['Email'] = $Email;
// And insert the new user
$UserID = $this->_insert($Fields, $Options);
if ($UserID && !val('NoActivity', $Options)) {
$ActivityModel = new ActivityModel();
$ActivityModel->save(array('ActivityUserID' => $UserID, 'ActivityType' => 'Registration', 'HeadlineFormat' => t('HeadlineFormat.Registration', '{ActivityUserID,You} joined.'), 'Story' => t('Welcome Aboard!')), false, array('GroupBy' => 'ActivityTypeID'));
}
}
return $UserID;
}
function ValidateComment(&$Comment, $DiscussionIDRequired = '1')
{
$DiscussionIDRequired = ForceBool($DiscussionIDRequired, 0);
if ($DiscussionIDRequired) {
$Comment->DiscussionID = ForceInt($Comment->DiscussionID, 0);
if ($Comment->DiscussionID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrDiscussionID'));
}
}
// First update the values so they are safe for db input
$Body = FormatStringForDatabaseInput($Comment->Body);
// Instantiate a new validator for each field
Validate($this->Context->GetDefinition('CommentsLower'), 1, $Body, $this->Context->Configuration['MAX_COMMENT_LENGTH'], '', $this->Context);
return $this->Context->WarningCollector->Iif();
}
$Permissions['PERMISSION_CHANGE_USER_ROLE'] = ForceBool(@$Row['AdminUsers'], 0);
$Permissions['PERMISSION_EDIT_USERS'] = ForceBool(@$Row['AdminUsers'], 0);
$Permissions['PERMISSION_IP_ADDRESSES_VISIBLE'] = ForceBool(@$Row['CanViewIps'], 0);
$Permissions['PERMISSION_MANAGE_REGISTRATION'] = ForceBool(@$Row['AdminUsers'], 0);
$Permissions['PERMISSION_SORT_ROLES'] = ForceBool(@$Row['AdminUsers'], 0);
$Permissions['PERMISSION_ADD_ROLES'] = ForceBool(@$Row['AdminUsers'], 0);
$Permissions['PERMISSION_EDIT_ROLES'] = ForceBool(@$Row['AdminUsers'], 0);
$Permissions['PERMISSION_REMOVE_ROLES'] = ForceBool(@$Row['AdminUsers'], 0);
// Administrative Permissions
$Permissions['PERMISSION_CHECK_FOR_UPDATES'] = ForceBool(@$Row['MasterAdmin'], 0);
$Permissions['PERMISSION_CHANGE_APPLICATION_SETTINGS'] = ForceBool(@$Row['MasterAdmin'], 0);
$Permissions['PERMISSION_MANAGE_EXTENSIONS'] = ForceBool(@$Row['MasterAdmin'], 0);
$Permissions['PERMISSION_MANAGE_LANGUAGE'] = ForceBool(@$Row['MasterAdmin'], 0);
$Permissions['PERMISSION_MANAGE_THEMES'] = ForceBool(@$Row['MasterAdmin'], 0);
$Permissions['PERMISSION_MANAGE_STYLES'] = ForceBool(@$Row['MasterAdmin'], 0);
$Permissions['PERMISSION_ALLOW_DEBUG_INFO'] = ForceBool(@$Row['MasterAdmin'], 0);
$UpdateSQL = "update " . $DatabaseTables['Role'] . " set Permissions = '" . SerializeArray($Permissions) . "' where RoleID = " . $RoleID;
if (!@mysql_query($UpdateSQL, $Connection)) {
$Context->WarningCollector->Add("An error occurred while updating LUM_Role data. MySQL reported the following error: <code>" . mysql_error($Connection) . '</code>');
break;
}
// Clear out the permissions array
$Permissions = array();
}
}
}
// 1d. Remove old permission columns
if ($Context->WarningCollector->Count() == 0) {
// Silently drop these columns. If any errors occur, it doesn't
// really slow anything down to leave them behind. It's just clutter.
if (in_array('CanPostDiscussion', $RoleColumns)) {
function GetPageDetails($Context, $IncludeTotal = "1")
{
$IncludeTotal = ForceBool($IncludeTotal, 0);
$this->DefineProperties();
$sReturn = "";
if ($this->TotalRecords > 0) {
$sReturn = $this->FirstRecord . $Context->GetDefinition("To") . $this->LastRecord;
if ($IncludeTotal) {
$sReturn .= $Context->GetDefinition("Of") . $this->TotalRecords;
}
} else {
$sReturn = 0;
}
return $sReturn;
}
function GetPropertiesFromDataSet($DataSet, $UserID)
{
$this->CommentID = ForceInt(@$DataSet["CommentID"], 0);
$this->DiscussionID = ForceInt(@$DataSet["DiscussionID"], 0);
$this->DiscussionWhisperUserID = ForceInt(@$DataSet["DiscussionWhisperUserID"], 0);
$this->Discussion = ForceString(@$DataSet["Discussion"], "");
$this->CategoryID = ForceInt(@$DataSet["CategoryID"], 0);
$this->Category = ForceString(@$DataSet["Category"], "");
$this->AuthUserID = ForceInt(@$DataSet["AuthUserID"], 0);
$this->AuthFullName = ForceString(@$DataSet["AuthFullName"], "");
$this->AuthUsername = ForceString(@$DataSet["AuthUsername"], "");
$this->AuthIcon = ForceString(@$DataSet["AuthIcon"], "");
$this->AuthRoleID = ForceInt(@$DataSet["AuthRoleID"], 0);
$this->AuthRole = ForceString(@$DataSet["AuthRole"], "");
$this->AuthRoleIcon = ForceString(@$DataSet["AuthRoleIcon"], "");
$this->AuthRoleDesc = ForceString(@$DataSet["AuthRoleDesc"], "");
$this->AuthCanPostHtml = ForceBool(@$DataSet["AuthCanPostHtml"], 0);
$this->AuthBlocked = ForceBool(@$DataSet["AuthBlocked"], 0);
$this->CommentBlocked = ForceBool(@$DataSet["CommentBlocked"], 0);
$this->EditUserID = ForceInt(@$DataSet["EditUserID"], 0);
$this->EditFullName = ForceString(@$DataSet["EditFullName"], "");
$this->EditUsername = ForceString(@$DataSet["EditUsername"], "");
$this->DateCreated = UnixTimestamp(@$DataSet["DateCreated"]);
$this->DateEdited = UnixTimestamp(@$DataSet["DateEdited"]);
$this->WhisperUserID = ForceInt(@$DataSet["WhisperUserID"], 0);
$this->WhisperUsername = ForceString(@$DataSet["WhisperUsername"], "");
$this->Body = ForceString(@$DataSet["Body"], "");
$this->FormatType = ForceString(@$DataSet["FormatType"], "Text");
$this->Deleted = ForceBool(@$DataSet["Deleted"], 0);
$this->DateDeleted = UnixTimestamp(@$DataSet["DateDeleted"]);
$this->DeleteUserID = ForceInt(@$DataSet["DeleteUserID"], 0);
$this->DeleteFullName = ForceString(@$DataSet["DeleteFullName"], "");
$this->DeleteUsername = ForceString(@$DataSet["DeleteUsername"], "");
$this->RemoteIp = ForceString(@$DataSet["RemoteIp"], "");
$this->Status = $this->GetStatus($UserID);
if ($this->AuthRoleIcon != "") {
$this->AuthIcon = $this->AuthRoleIcon;
}
}
function Url($Destination = '', $WithDomain = FALSE, $RemoveSyndication = FALSE)
{
// Cache the rewrite urls config setting in this object.
static $RewriteUrls = NULL;
if (is_null($RewriteUrls)) {
$RewriteUrls = ForceBool(Gdn::Config('Garden.RewriteUrls', FALSE));
}
$Prefix = substr($Destination, 0, 7);
if (in_array($Prefix, array('http://', 'https:/'))) {
return $Destination;
} else {
if ($Destination == '#' || $Destination == '') {
if ($WithDomain) {
return Gdn_Url::Request(TRUE, TRUE, $RemoveSyndication) . $Destination;
} else {
return '/' . Gdn_Url::Request(TRUE, FALSE, $RemoveSyndication) . $Destination;
}
} else {
$Paths = array();
if (!$WithDomain) {
$Paths[] = '/';
}
$Paths[] = Gdn_Url::WebRoot($WithDomain);
if (!$RewriteUrls) {
$Paths[] = 'index.php';
}
$Paths[] = $Destination;
return CombinePaths($Paths, '/');
}
}
}
function RetrieveConfigurationPropertiesFromXml($Path)
{
$FauxContext = "0";
if ($this->ConfigFile == "") {
$this->ErrorManager->AddError($FauxContext, $this->Name, "RetrieveConfigurationPropertiesFromXml", "You must supply a path to the configuration file");
}
// Retrieve config file contents
$File = new File();
$File->Name = $this->ConfigFile;
$File->Path = $Path;
$FileManager = new FileManager();
$FileManager->ErrorManager =& $this->ErrorManager;
$File = $FileManager->Get($File);
// If there were errors retrieving the config file and we're in the CWD, report an error
if ($this->ErrorManager->ErrorCount > 0 && $Path == $this->CurrentWorkingDirectory) {
$this->ErrorManager->Clear();
$this->ErrorManager->AddError($FauxContext, $this->Name, "RetrieveConfigurationPropertiesFromXml", "The root configuration file could not be found/read (_config.xml).");
// If failed to retrieve the file from a non-root directory,
// just accept the root file
} elseif ($this->ErrorManager->ErrorCount > 0) {
$this->ErrorManager->Clear();
// If no errors occurred, continue to retrieve new configuration settings
} else {
// Create an XML Parser to retrieve configuration settings
$XMan = new XmlManager();
$XMan->ErrorManager =& $this->ErrorManager;
$MyConfig = $XMan->ParseNode($File->Body);
if ($MyConfig && $this->ErrorManager->ErrorCount == 0) {
$this->StyleUrl = $XMan->GetNodeValueByName($MyConfig, "StyleUrl");
$this->PageTitle = $XMan->GetNodeValueByName($MyConfig, "PageTitle");
$this->PageIntroduction = $XMan->GetNodeValueByName($MyConfig, "PageIntroduction");
$this->PageIntroduction = str_replace("[", "<", $this->PageIntroduction);
$this->PageIntroduction = str_replace("]", ">", $this->PageIntroduction);
$this->PageIntroduction = str_replace("\n", "<br />", $this->PageIntroduction);
$this->DisplayHiddenFiles = $XMan->GetNodeValueByName($MyConfig, "DisplayHiddenFiles");
$this->BrowseSubFolders = $XMan->GetNodeValueByName($MyConfig, "BrowseSubFolders");
$this->SortBy = $XMan->GetNodeValueByName($MyConfig, "SortBy");
$this->SortDirection = $XMan->GetNodeValueByName($MyConfig, "SortDirection");
$this->DateFormat = $XMan->GetNodeValueByName($MyConfig, "DateFormat");
$this->UsePageIntroductionInSubFolders = ForceBool($XMan->GetNodeValueByName($MyConfig, "UsePageIntroductionInSubFolders"), false);
$this->PluginHeight = ForceInt($XMan->GetNodeValueByName($MyConfig, "PluginHeight"), $this->PluginHeight);
$this->PluginWidth = ForceInt($XMan->GetNodeValueByName($MyConfig, "PluginWidth"), $this->PluginWidth);
$this->FilesPerPage = ForceIncomingInt("fpp", ForceInt($XMan->GetNodeValueByName($MyConfig, "FilesPerPage"), $this->FilesPerPage));
$this->MaxFilesPerPage = ForceInt($XMan->GetNodeValueByName($MyConfig, "MaxFilesPerPage"), $this->MaxFilesPerPage);
$this->FitImagesToPage = ForceBool($XMan->GetNodeValueByName($MyConfig, "FitImagesToPage"), $this->FitImagesToPage);
$this->UseThumbnails = ForceBool($XMan->GetNodeValueByName($MyConfig, "UseThumbnails"), $this->UseThumbnails);
$this->HideFiles = explode(",", $XMan->GetNodeValueByName($MyConfig, "HideFiles"));
for ($i = 0; $i < count($this->HideFiles); $i++) {
$this->FullyQualifiedHideFiles[] = $this->CurrentBrowsingDirectory . "/" . $this->HideFiles[$i];
}
}
}
return $this->ErrorManager->Iif();
}
function SaveAsDialogue($FolderPath, $FileName, $DeleteFile = '0')
{
$DeleteFile = ForceBool($DeleteFile, 0);
if ($FolderPath != '') {
if (substr($FolderPath, strlen($FolderPath) - 1) != '/') {
$FolderPath = $FolderPath . '/';
}
}
$FolderPath = $FolderPath . $FileName;
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Content-Type: application/force-download');
header('Content-Type: application/octet-stream');
header('Content-Type: application/download');
header('Content-Disposition: attachment; filename="' . $FileName . '"');
header('Content-Transfer-Encoding: binary');
readfile($FolderPath);
if ($DeleteFile) {
unlink($FolderPath);
}
die;
}
function SwitchUserPreference($PreferenceName, $Switch)
{
$Switch = ForceBool($Switch, 0);
if ($this->Context->Session->UserID == 0) {
$this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrUserID'));
}
if ($this->Context->WarningCollector->Count() == 0) {
// Set the value for the user
$this->Context->Session->User->Preferences[$PreferenceName] = $Switch;
$this->SaveUserPreferences($this->Context->Session->User);
}
return $this->Context->WarningCollector->Iif();
}
function Update($SqlBuilder, $SenderObject, $SenderMethod, $ErrorMessage, $KillOnFail = '1')
{
$KillOnFail = ForceBool($KillOnFail, 0);
$Connection = $this->GetFarmConnection();
if (!sqlite_exec($Connection, $SqlBuilder->GetUpdate())) {
$this->Context->ErrorManager->AddError($SqlBuilder->Context, $SenderObject, $SenderMethod, $ErrorMessage, sqlite_error_string(sqlite_last_error($this->Connection)), $KillOnFail);
return false;
} else {
return sqlite_changes($Connection);
}
}
