function onEndShowScripts($action) { if (common_logged_in()) { $action->element('span', array('id' => 'autocomplete-api', 'data-url' => common_local_url('autocomplete'))); $action->script($this->path('js/autocomplete.go.js')); } }
/** * Class handler. * * @param array $args query arguments * * @return void */ function handle($args) { parent::handle($args); if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return; } $user = common_current_user(); if ($_SERVER['REQUEST_METHOD'] != 'POST') { common_redirect(common_local_url('all', array('nickname' => $user->nickname))); return; } $idGroup = $this->trimmed('idGroup'); $token = $this->trimmed('token-' . $idGroup); if (!$token || $token != common_session_token()) { $this->clientError(_('There was a problem with your session token. Try again, please.')); return; } if ($this->trimmed('submit-auto') != null) { $groupids = NotesPDF::getNoticeIDsInAGroupModeAuto($idGroup); $notices = Notice::multiGet('id', $groupids)->fetchAll(); GenerarPDF::content($idGroup, $notices, 'Automáticos'); } else { if ($this->trimmed('submit-custom') != null) { $tag = $this->trimmed('combo-tag') == 'Todos' ? '%' : $this->trimmed('combo-tag'); $nick = $this->trimmed('combo-user') == 'Todos' ? '%' : $this->trimmed('combo-user'); $grade = $this->trimmed('combo-grade') == 'Todos' ? '%' : $this->trimmed('combo-grade'); $noticeIds = NotesPDF::getNoticesInModeCustom(array('idGroup' => $idGroup, 'tag' => $tag, 'nick' => $nick, 'grade' => $grade)); $notices = Notice::multiGet('id', $noticeIds)->fetchAll(); GenerarPDF::content($idGroup, $notices, 'Personalizados'); } else { $this->showForm('Error al generar los apuntes. Inténtelo de nuevo en unos minutos.'); } } }
function showResults($q, $page) { $user_group = new User_group(); $user_group->limit(($page - 1) * GROUPS_PER_PAGE, GROUPS_PER_PAGE + 1); $wheres = array('nickname', 'fullname', 'homepage', 'description', 'location'); foreach ($wheres as $where) { $where_q = "{$where} like '%" . trim($user_group->escape($q), '\'') . '%\''; $user_group->whereAdd($where_q, 'OR'); } $cnt = $user_group->find(); if ($cnt > 0) { $terms = preg_split('/[\\s,]+/', $q); $results = new GroupSearchResults($user_group, $terms, $this); $results->show(); $user_group->free(); $this->pagination($page > 1, $cnt > GROUPS_PER_PAGE, $page, 'groupsearch', array('q' => $q)); } else { // TRANS: Text on page where groups can be searched if no results were found for a query. $this->element('p', 'error', _('No results.')); $this->searchSuggestions($q); if (common_logged_in()) { // TRANS: Additional text on page where groups can be searched if no results were found for a query for a logged in user. // TRANS: This message contains Markdown links in the form [link text](link). $message = _('If you cannot find the group you\'re looking for, you can [create it](%%action.newgroup%%) yourself.'); } else { // TRANS: Additional text on page where groups can be searched if no results were found for a query for a not logged in user. // TRANS: This message contains Markdown links in the form [link text](link). $message = _('Why not [register an account](%%action.register%%) and [create the group](%%action.newgroup%%) yourself!'); } $this->elementStart('div', 'guide'); $this->raw(common_markup_to_html($message)); $this->elementEnd('div'); $user_group->free(); } }
function handle($args) { parent::handle($args); if (common_logged_in()) { // TRANS: Client error displayed trying to recover password while already logged in. $this->clientError(_('You are already logged in!')); return; } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('recover')) { $this->recoverPassword(); } else { if ($this->arg('reset')) { $this->resetPassword(); } else { // TRANS: Client error displayed when unexpected data is posted in the password recovery form. $this->clientError(_('Unexpected form submission.')); } } } else { if ($this->trimmed('code')) { $this->checkCode(); } else { $this->showForm(); } } } }
/** * Handle request * * This is the main method for handling a request. Note that * most preparation should be done in the prepare() method; * by the time handle() is called the action should be * more or less ready to go. * * @param array $args $_REQUEST args; handled in prepare() * * @return void */ function handle($args) { parent::handle($args); if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return; } if (!$this->user->hasRole('grader')) { $this->clientError(_('Usted no tiene privilegios para visitar esta página.')); return; } $groupid = $this->trimmed('groupid'); $delimiter = $this->trimmed('grade-export-delimiter'); $separator = $this->trimmed('grade-export-separator'); $arrayReport = Grades::getGradedNoticesAndUsersWithinGroup($groupid); $nicksMembers = Grades::getMembersNicksExcludeGradersAndAdmin($groupid); foreach ($nicksMembers as $nick) { if (!array_key_exists($nick, $arrayReport)) { $arrayReport[$nick] = 0; } } $arrayFinal = array(); foreach ($arrayReport as $alumno => $puntuacion) { $arrayFinal[] = array($alumno, number_format($puntuacion, 2)); } $this->generarInformeCSV($arrayFinal, 'report_group_' . $groupid . '.csv', $separator, $delimiter); }
/** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { if (!parent::prepare($args)) { return false; } if (!common_logged_in()) { // TRANS: Client error displayed trying to delete an application while not logged in. $this->clientError(_('You must be logged in to delete an application.')); return false; } $id = (int) $this->arg('id'); $this->app = Oauth_application::staticGet('id', $id); if (empty($this->app)) { // TRANS: Client error displayed trying to delete an application that does not exist. $this->clientError(_('Application not found.')); return false; } $cur = common_current_user(); if ($cur->id != $this->app->owner) { // TRANS: Client error displayed trying to delete an application the current user does not own. $this->clientError(_('You are not the owner of this application.'), 401); return false; } return true; }
/** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { parent::prepare($args); $this->checkSessionToken(); if (!common_logged_in()) { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->clientError(_('Not logged in.')); } else { // Redirect to login. common_set_returnto($this->selfUrl()); $user = common_current_user(); if (Event::handle('RedirectToLogin', array($this, $user))) { common_redirect(common_local_url('login'), 303); } } return false; } $id = $this->trimmed('profileid'); if (!$id) { $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (!$this->profile) { $this->clientError(_('No profile with that ID.')); return false; } return true; }
/** * Prepare for the action * * We check to see that the user is logged in, has * authenticated in this session, and has the right * to configure the site. * * @param array $args Array of arguments from Web driver * * @return boolean success flag */ function prepare($args) { parent::prepare($args); // User must be logged in. if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); } $user = common_current_user(); // ...because they're logged in assert(!empty($user)); // It must be a "real" login, not saved cookie login if (!common_is_real_login()) { // Cookie theft is too easy; we require automatic // logins to re-authenticate before admining the site common_set_returnto($this->selfUrl()); if (Event::handle('RedirectToLogin', array($this, $user))) { common_redirect(common_local_url('login'), 303); } } // User must have the right to change admin settings if (!$user->hasRight(Right::CONFIGURESITE)) { // TRANS: Client error message thrown when a user tries to change admin settings but has no access rights. $this->clientError(_('You cannot make changes to this site.')); } // This panel must be enabled $name = $this->trimmed('action'); $name = mb_substr($name, 0, -10); if (!self::canAdmin($name)) { // TRANS: Client error message throw when a certain panel's settings cannot be changed. $this->clientError(_('Changes to that panel are not allowed.'), 403); } return true; }
function prepare($args) { parent::prepare($args); if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return false; } $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->clientError(_('网页错误,请返回重试 ')); return false; } $id = $this->trimmed('profile'); if (!$id) { $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (!$this->profile) { $this->clientError(_('No profile with that ID.')); return false; } return true; }
function handle($args) { parent::handle($args); if (common_logged_in()) { $this->clientError(_('You are already logged in!')); return; } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('recover')) { $this->recoverPassword(); } else { if ($this->arg('reset')) { $this->resetPassword(); } else { $this->clientError(_('Unexpected form submission.')); } } } else { if ($this->trimmed('code')) { $this->checkCode(); } else { $this->showForm(); } } } }
/** * Handle input, produce output * * Switches based on GET or POST method. On GET, shows a form * for posting a notice. On POST, saves the results of that form. * * Results may be a full page, or just a single notice list item, * depending on whether AJAX was requested. * * @param array $args $_REQUEST contents * * @return void */ function handle($args) { if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { // check for this before token since all POST and FILES data // is losts when size is exceeded if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) { // TRANS: Client error displayed when the number of bytes in a POST request exceeds a limit. // TRANS: %s is the number of bytes of the CONTENT_LENGTH. $msg = _m('The server was unable to handle that much POST data (%s byte) due to its current configuration.', 'The server was unable to handle that much POST data (%s bytes) due to its current configuration.', intval($_SERVER['CONTENT_LENGTH'])); $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); } parent::handle($args); $user = common_current_user(); $group = User_group::staticGet('id', $this->trimmed('groupid')); $taskid = $this->trimmed('taskid'); try { $this->saveNewNotice(); Task::completeTask($user->id, $taskid); } catch (Exception $e) { $this->ajaxErrorMsg($e->getMessage(), $taskid, $group); return; } } } }
/** * Take arguments for running * * This method is called first, and it lets the action class get * all its arguments and validate them. It's also the time * to fetch any relevant data from the database. * * Action classes should run parent::prepare($args) as the first * line of this method to make sure the default argument-processing * happens. * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); return; } else { if (!common_is_real_login()) { // Cookie theft means that automatic logins can't // change important settings or see private info, and // _all_ our settings are important common_set_returnto($this->selfUrl()); $user = common_current_user(); if (Event::handle('RedirectToLogin', array($this, $user))) { common_redirect(common_local_url('login'), 303); } } else { $this->user = common_current_user(); $sdate = !isset($_REQUEST['sdate']) ? new DateTime('first day of this month') : new DateTime($_REQUEST['sdate']); $edate = !isset($_REQUEST['edate']) ? new DateTime('last day of this month') : new DateTime($_REQUEST['edate']); // Custom date range $this->sa = Social_analytics::init($this->user->id, $sdate, $edate); } } return true; }
function prepare($args) { parent::prepare($args); if (!common_logged_in()) { common_set_returnto($_SERVER['REQUEST_URI']); if (Event::handle('RedirectToLogin', array($this, null))) { common_redirect(common_local_url('login'), 303); } } $id = $this->trimmed('id'); if (!$id) { $this->profile = false; } else { $this->profile = Profile::staticGet('id', $id); if (!$this->profile) { // TRANS: Client error displayed when referring to non-existing profile ID. $this->clientError(_('No profile with that ID.')); return false; } } $current = common_current_user()->getProfile(); if ($this->profile && !$current->canTag($this->profile)) { // TRANS: Client error displayed when trying to tag a user that cannot be tagged. $this->clientError(_('You cannot tag this user.')); } return true; }
/** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { parent::prepare($args); $this->checkSessionToken(); if (!common_logged_in()) { if ($_SERVER['REQUEST_METHOD'] == 'POST') { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); } else { // Redirect to login. common_set_returnto($this->selfUrl()); $user = common_current_user(); if (Event::handle('RedirectToLogin', array($this, $user))) { common_redirect(common_local_url('login'), 303); } } return false; } $id = $this->trimmed('profileid'); if (!$id) { // TRANS: Client error displayed when trying to change user options without specifying a user to work on. $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (!$this->profile) { // TRANS: Client error displayed when trying to change user options without specifying an existing user to work on. $this->clientError(_('No profile with that ID.')); return false; } return true; }
/** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { parent::prepare($args); $user = common_current_user(); // User must be logged in. if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return; } $user = common_current_user(); // ...because they're logged in assert(!empty($user)); // It must be a "real" login, not saved cookie login if (!common_is_real_login()) { // Cookie theft is too easy; we require automatic // logins to re-authenticate before admining the site common_set_returnto($this->selfUrl()); if (Event::handle('RedirectToLogin', array($this, $user))) { common_redirect(common_local_url('login'), 303); } } // User must have the right to review flags if (!$user->hasRight(UserFlagPlugin::REVIEWFLAGS)) { $this->clientError(_('You cannot review profile flags.')); return false; } $this->page = $this->trimmed('page'); if (empty($this->page)) { $this->page = 1; } $this->profiles = $this->getProfiles(); return true; }
/** * Prepare to run */ function prepare($args) { parent::prepare($args); if (!common_config('inboxes', 'enabled')) { $this->serverError(_('Inboxes must be enabled for groups to work.')); return false; } if (!common_logged_in()) { $this->clientError(_('You must be logged in to leave a group.')); return false; } $nickname_arg = $this->trimmed('nickname'); $nickname = common_canonical_nickname($nickname_arg); // Permanent redirect on non-canonical nickname if ($nickname_arg != $nickname) { $args = array('nickname' => $nickname); common_redirect(common_local_url('leavegroup', $args), 301); return false; } if (!$nickname) { $this->clientError(_('No nickname.'), 404); return false; } $this->group = User_group::staticGet('nickname', $nickname); if (!$this->group) { $this->clientError(_('No such group.'), 404); return false; } $cur = common_current_user(); if (!$cur->isMember($this->group)) { $this->clientError(_('You are not a member of that group.'), 403); return false; } return true; }
/** * Handle input, produce output * * Switches based on GET or POST method. On GET, shows a form * for posting a notice. On POST, saves the results of that form. * * Results may be a full page, or just a single notice list item, * depending on whether AJAX was requested. * * @param array $args $_REQUEST contents * * @return void */ function handle($args) { if (!common_logged_in()) { $this->clientError(_('Not logged in.')); } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { // check for this before token since all POST and FILES data // is losts when size is exceeded if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) { $this->clientError(sprintf(_('The server was unable to handle ' . 'that much POST data (%s bytes) due to its current configuration.'), $_SERVER['CONTENT_LENGTH'])); } parent::handle($args); // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->clientError(_('There was a problem with your session token. ' . 'Try again, please.')); } try { $this->saveNewNotice(); } catch (Exception $e) { $this->showForm($e->getMessage()); return; } } else { $this->showForm(); } } }
/** * Prepare to run */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { // TRANS: Client error displayed when trying to perform an action while not logged in. $this->clientError(_('You must be logged in to unsubscribe from a list.')); } // Only allow POST requests if ($_SERVER['REQUEST_METHOD'] != 'POST') { // TRANS: Client error displayed when trying to use another method than POST. $this->clientError(_('This action only accepts POST requests.')); } // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Client error displayed when the session token does not match or is not given. $this->clientError(_('There was a problem with your session token.' . ' Try again, please.')); } $tagger_arg = $this->trimmed('tagger'); $tag_arg = $this->trimmed('tag'); $id = intval($this->arg('id')); if ($id) { $this->peopletag = Profile_list::getKV('id', $id); } else { // TRANS: Client error displayed when trying to perform an action without providing an ID. $this->clientError(_('No ID given.'), 404); } if (!$this->peopletag || $this->peopletag->private) { // TRANS: Client error displayed trying to reference a non-existing list. $this->clientError(_('No such list.'), 404); } $this->tagger = Profile::getKV('id', $this->peopletag->tagger); return true; }
/** * Handle input, produce output * * Switches based on GET or POST method. On GET, shows a form * for posting a notice. On POST, saves the results of that form. * * Results may be a full page, or just a single notice list item, * depending on whether AJAX was requested. * * @param array $args $_REQUEST contents * * @return void */ function handle($args) { if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { // check for this before token since all POST and FILES data // is losts when size is exceeded if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) { // TRANS: Client error displayed when the number of bytes in a POST request exceeds a limit. // TRANS: %s is the number of bytes of the CONTENT_LENGTH. $msg = _m('The server was unable to handle that much POST data (%s byte) due to its current configuration.', 'The server was unable to handle that much POST data (%s bytes) due to its current configuration.', intval($_SERVER['CONTENT_LENGTH'])); $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); } parent::handle($args); // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Client error displayed when the session token does not match or is not given. $this->clientError(_('There was a problem with your session token. ' . 'Try again, please.')); } try { $this->saveNewNotice(); } catch (Exception $e) { $this->showForm($e->getMessage()); return; } } else { $this->showForm(); } } }
function prepare($args) { parent::prepare($args); if (!common_logged_in()) { // TRANS: Client error displayed trying a change a subscription while not logged in. $this->clientError(_('Not logged in.')); return false; } $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->clientError(_('There was a problem with your session token. ' . 'Try again, please.')); return false; } $id = $this->trimmed('profile'); if (!$id) { // TRANS: Client error displayed trying a change a subscription without providing a profile. $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (!$this->profile) { // TRANS: Client error displayed trying a change a subscription for a non-existant profile ID. $this->clientError(_('No profile with that ID.')); return false; } return true; }
/** * Handle input and output a page * * @param array $args $_REQUEST arguments * * @return void */ function handle($args) { parent::handle($args); if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return; } else { if (!common_is_real_login()) { // Cookie theft means that automatic logins can't // change important settings or see private info, and // _all_ our settings are important common_set_returnto($this->selfUrl()); $user = common_current_user(); if (Event::handle('RedirectToLogin', array($this, $user))) { common_redirect(common_local_url('login'), 303); } } else { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); } else { $this->showForm(); } } } }
/** * Accept a confirmation code * * Checks the code and confirms the address in the * user record * * @param args $args $_REQUEST array * * @return void */ function handle($args) { parent::handle($args); if (!common_logged_in()) { common_set_returnto($this->selfUrl()); common_redirect(common_local_url('login')); return; } $code = $this->trimmed('code'); if (!$code) { $this->clientError(_('No confirmation code.')); return; } $confirm = Confirm_address::staticGet('code', $code); if (!$confirm) { $this->clientError(_('Confirmation code not found.')); return; } $cur = common_current_user(); if ($cur->id != $confirm->user_id) { $this->clientError(_('That confirmation code is not for you!')); return; } $type = $confirm->address_type; if (!in_array($type, array('email', 'jabber', 'sms'))) { $this->serverError(sprintf(_('Unrecognized address type %s'), $type)); return; } if ($cur->{$type} == $confirm->address) { $this->clientError(_('That address has already been confirmed.')); return; } $cur->query('BEGIN'); $orig_user = clone $cur; $cur->{$type} = $confirm->address; if ($type == 'sms') { $cur->carrier = $confirm->address_extra + 0; $carrier = Sms_carrier::staticGet($cur->carrier); $cur->smsemail = $carrier->toEmailAddress($cur->sms); } $result = $cur->updateKeys($orig_user); if (!$result) { common_log_db_error($cur, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t update user.')); return; } if ($type == 'email') { $cur->emailChanged(); } $result = $confirm->delete(); if (!$result) { common_log_db_error($confirm, 'DELETE', __FILE__); $this->serverError(_('Couldn\'t delete email confirmation.')); return; } $cur->query('COMMIT'); $this->type = $type; $this->showPage(); }
function onEndShowScripts($action) { if (common_logged_in() && $this->isAllowedRichEdit()) { $action->script(common_path('plugins/TinyMCE/js/jquery.tinymce.js')); $action->inlineScript($this->_inlineScript()); } return true; }
/** * Prepare to run */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); return false; } $id = $this->arg('id'); if (common_config('singleuser', 'enabled')) { $tagger_arg = User::singleUserNickname(); } else { $tagger_arg = $this->arg('tagger'); } $tag_arg = $this->arg('tag'); $tagger = common_canonical_nickname($tagger_arg); $tag = common_canonical_tag($tag_arg); $current = common_current_user(); // Permanent redirect on non-canonical tag if ($tagger_arg != $tagger || $tag_arg != $tag) { $args = array('tagger' => $tagger, 'tag' => $tag); common_redirect(common_local_url('editpeopletag', $args), 301); return false; } $user = null; if ($id) { $this->peopletag = Profile_list::staticGet('id', $id); if (!empty($this->peopletag)) { $user = User::staticGet('id', $this->peopletag->tagger); } } else { if (!$tagger) { // TRANS: Error message displayed when trying to perform an action that requires a tagging user or ID. $this->clientError(_('No tagger or ID.'), 404); return false; } $user = User::staticGet('nickname', $tagger); $this->peopletag = Profile_list::pkeyGet(array('tagger' => $user->id, 'tag' => $tag)); } if (!$this->peopletag) { // TRANS: Client error displayed when referring to a non-existing list. $this->clientError(_('No such list.'), 404); return false; } if (!$user) { // This should not be happening // TRANS: Client error displayed when referring to non-local user. $this->clientError(_('Not a local user.'), 404); return false; } if ($current->id != $user->id) { // TRANS: Client error displayed when reting to edit a tag that was not self-created. $this->clientError(_('You must be the creator of the tag to edit it.'), 404); return false; } $this->tagger = $user->getProfile(); return true; }
/** * Prepare to run */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { // TRANS: Client error displayed when trying to leave a group while not logged in. $this->clientError(_('You must be logged in to leave a group.')); } $nickname_arg = $this->trimmed('nickname'); $id = intval($this->arg('id')); if ($id) { $this->group = User_group::getKV('id', $id); } else { if ($nickname_arg) { $nickname = common_canonical_nickname($nickname_arg); // Permanent redirect on non-canonical nickname if ($nickname_arg != $nickname) { $args = array('nickname' => $nickname); common_redirect(common_local_url('leavegroup', $args), 301); } $local = Local_group::getKV('nickname', $nickname); if (!$local) { // TRANS: Client error displayed when trying to leave a non-local group. $this->clientError(_('No such group.'), 404); } $this->group = User_group::getKV('id', $local->group_id); } else { // TRANS: Client error displayed when trying to leave a group without providing a group name or group ID. $this->clientError(_('No nickname or ID.'), 404); } } if (!$this->group) { // TRANS: Client error displayed when trying to leave a non-existing group. $this->clientError(_('No such group.'), 404); } $cur = common_current_user(); if (empty($cur)) { // TRANS: Client error displayed when trying to leave a group while not logged in. $this->clientError(_('Must be logged in.'), 403); } if ($this->arg('profile_id')) { if ($cur->isAdmin($this->group)) { $this->profile = Profile::getKV('id', $this->arg('profile_id')); } else { // TRANS: Client error displayed when trying to approve or cancel a group join request without // TRANS: being a group administrator. $this->clientError(_('Only group admin can approve or cancel join requests.'), 403); } } else { $this->profile = $cur->getProfile(); } $this->request = Group_join_queue::pkeyGet(array('profile_id' => $this->profile->id, 'group_id' => $this->group->id)); if (empty($this->request)) { // TRANS: Client error displayed when trying to approve a non-existing group join request. // TRANS: %s is a user nickname. $this->clientError(sprintf(_('%s is not in the moderation queue for this group.'), $this->profile->nickname), 403); } return true; }
/** * Handle the redirect back from OpenID confirmation * * Check to see if the user's logged in, and then try * to use the OpenID login system. * * @param array $args $_REQUEST arguments * * @return void */ function handle($args) { parent::handle($args); if (!common_logged_in()) { $this->clientError(_m('Not logged in.')); } else { $this->tryLogin(); } }
/** * Handle request * * This is the main method for handling a request. Note that * most preparation should be done in the prepare() method; * by the time handle() is called the action should be * more or less ready to go. * * @param array $args $_REQUEST args; handled in prepare() * * @return void */ function handle($args) { parent::handle($args); if (!common_logged_in()) { $this->clientError(_('Not logged in.')); return; } $this->showPage(); }
function handle($args) { parent::handle($args); if ($this->boolean('ajax')) { StatusNet::setApi(true); } if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); return; } $user = common_current_user(); if ($_SERVER['REQUEST_METHOD'] != 'POST') { common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); return; } /* Use a session token for CSRF protection. */ $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Client error displayed when the session token does not match or is not given. $this->clientError(_('There was a problem with your session token. ' . 'Try again, please.')); return; } $other_id = $this->arg('unsubscribeto'); if (!$other_id) { // TRANS: Client error displayed when trying to leave a group without specifying an ID. $this->clientError(_('No profile ID in request.')); return; } $other = Profile::staticGet('id', $other_id); if (!$other) { // TRANS: Client error displayed when trying to leave a non-existing group. $this->clientError(_('No profile with that ID.')); return; } $this->request = Subscription_queue::pkeyGet(array('subscriber' => $user->id, 'subscribed' => $other->id)); if (empty($this->request)) { // TRANS: Client error displayed when trying to approve a non-existing group join request. // TRANS: %s is a user nickname. $this->clientError(sprintf(_('%s is not in the moderation queue for this group.'), $this->profile->nickname), 403); } $this->request->abort(); if ($this->boolean('ajax')) { $this->startHTML('text/xml;charset=utf-8'); $this->elementStart('head'); // TRANS: Title after unsubscribing from a group. $this->element('title', null, _m('TITLE', 'Unsubscribed')); $this->elementEnd('head'); $this->elementStart('body'); $subscribe = new SubscribeForm($this, $other); $subscribe->show(); $this->elementEnd('body'); $this->elementEnd('html'); } else { common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)), 303); } }
/** * Take arguments for running * * @param array $args $_REQUEST args * * @return boolean success flag */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); return false; } $token = $this->trimmed('token'); if (empty($token) || $token != common_session_token()) { // TRANS: Client error displayed when the session token does not match or is not given. $this->clientError(_('There was a problem with your session token. Try again, please.')); return; } $id = $this->trimmed('blockto'); if (empty($id)) { // TRANS: Client error displayed trying to block a user from a group while not specifying a to be blocked user profile. $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (empty($this->profile)) { // TRANS: Client error displayed trying to block a user from a group while specifying a non-existing profile. $this->clientError(_('No profile with that ID.')); return false; } $group_id = $this->trimmed('blockgroup'); if (empty($group_id)) { // TRANS: Client error displayed trying to block a user from a group while not specifying a group to block a profile from. $this->clientError(_('No group specified.')); return false; } $this->group = User_group::staticGet('id', $group_id); if (empty($this->group)) { // TRANS: Client error displayed trying to block a user from a group while specifying a non-existing group. $this->clientError(_('No such group.')); return false; } $user = common_current_user(); if (!$user->isAdmin($this->group)) { // TRANS: Client error displayed trying to block a user from a group while not being an admin user. $this->clientError(_('Only an admin can block group members.'), 401); return false; } if (Group_block::isBlocked($this->group, $this->profile)) { // TRANS: Client error displayed trying to block a user from a group while user is already blocked from the given group. $this->clientError(_('User is already blocked from group.')); return false; } // XXX: could have proactive blocks, but we don't have UI for it. if (!$this->profile->isMember($this->group)) { // TRANS: Client error displayed trying to block a user from a group while user is not a member of given group. $this->clientError(_('User is not a member of group.')); return false; } return true; }
/** * Prepare to run */ function prepare($args) { parent::prepare($args); if (!common_logged_in()) { $this->clientError(_('You must be logged in to create a group.')); return false; } return true; }