public function build($runData)
{
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$userId = $pl->getParameterValue("userId");
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId);
if (!$user) {
throw new ProcessException(_("Invalid user."));
}
$c = new Criteria();
$c->add("user_id", $userId);
$c->add("site_id", $site->getSiteId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
throw new ProcessException(_("The user is not a Member of this Wiki."));
}
$link = DB_MembershipLinkPeer::instance()->selectByUserId($site->getSiteId(), $userId);
if (!$link) {
$runData->contextAdd("noData", true);
} else {
$chain = array();
$chain[] = array('user' => $user, 'link' => $link);
if ($link->getByUserId()) {
do {
// get "parent"
// get link for the user
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($link->getByUserId());
$link = DB_MembershipLinkPeer::instance()->selectByUserId($site->getSiteId(), $user->getUserId());
$chain[] = array('user' => $user, 'link' => $link);
} while ($user && $link && $link->getByUserId());
}
$runData->contextAdd("chain", array_reverse($chain));
}
}
public function build($runData)
{
$pl = $runData->getParameterList();
$userId = $pl->getParameterValue("user_id");
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId);
$avatarUri = '/common--images/avatars/' . floor($userId / 1000) . '/' . $userId . '/a48.png';
$runData->contextAdd("user", $user);
$runData->contextAdd("avatarUri", $avatarUri);
// find the possible role in this site
$site = $runData->getTemp("site");
$siteId = $site->getSiteId();
$c = new Criteria();
$c->add("user_id", $userId);
$c->add("site_id", $siteId);
$mem = DB_MemberPeer::instance()->selectOne($c);
if ($mem != null) {
$runData->contextAdd("member", $mem);
// also check for other roles: admin & moderator
if (DB_AdminPeer::instance()->selectOne($c) != null) {
$runData->contextAdd("role", "admin");
} elseif (DB_AdminPeer::instance()->selectOne($c) != null) {
$runData->contextAdd("role", "moderator");
}
}
$runData->contextAdd("uu", $runData->getUser());
$runData->contextAdd('karmaLevel', $user->getKarmaLevel());
}
public function build($runData)
{
$site = $runData->getTemp("site");
// get
$q = "SELECT target_user_id, count(*) AS rank " . "FROM user_abuse_flag " . "WHERE site_id='" . $site->getSiteId() . "' " . "AND site_valid = TRUE GROUP BY target_user_id ORDER BY rank DESC, target_user_id";
$db = Database::connection();
$res = $db->query($q);
$all = $res->fetchAll();
$r2 = array();
if ($all) {
foreach ($all as &$r) {
// get user
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($r['target_user_id']);
if ($user) {
$r['user'] = $user;
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if ($mem) {
$r['member'] = $mem;
}
$r2[] = $r;
}
}
}
$runData->contextAdd("reps", $r2);
}
public function build($runData)
{
$c = new Criteria();
$c->add("site_id", $runData->getTemp("site")->getSiteId());
$c->addJoin("user_id", "ozone_user.user_id");
$pl = $runData->getParameterList();
$from = $pl->getParameterValue("group", "MODULE");
$showSince = $pl->getParameterValue("showSince", "MODULE");
if ($showSince == "no" || $showSince == "false" || $showSince == "get lost") {
$showSince = false;
} else {
$showSince = true;
}
if ($pl->getParameterType("from") == "MODULE") {
$from = $pl->getParameterValue("from");
}
if ($from !== "admins" && $from !== "moderators") {
$from = null;
}
if ($from === "admins") {
$mems = DB_AdminPeer::instance()->select($c);
} elseif ($from === "moderators") {
$mems = DB_ModeratorPeer::instance()->select($c);
} else {
$mems = DB_MemberPeer::instance()->select($c);
}
if (count($mems) > 0) {
$runData->contextAdd("from", $from);
$runData->contextAdd("memberships", $mems);
$runData->contextAdd("showSince", $showSince);
}
}
public function build($runData)
{
$site = $runData->getTemp("site");
$userId = $runData->getUserId();
$settings = $site->getSettings();
if (!$settings->getAllowMembershipByPassword() || $settings->getMembershipPassword() == null || $settings->getMembershipPassword() == '') {
$reason = "not_enabled";
$runData->contextAdd("reason", $reason);
return;
}
$reason = null;
if (!$runData->isUserAuthenticated()) {
$reason = "not_logged";
$runData->contextAdd("reason", $reason);
return;
}
// check if not a member already
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $userId);
$a = DB_MemberPeer::instance()->selectOne($c);
if ($a != null) {
$reason = "already_member";
$runData->contextAdd("reason", $reason);
return;
}
if ($reason !== null) {
$runData->contextAdd("reason", $reason);
}
}
public function build($runData)
{
$site = $runData->getTemp("site");
$fsettings = $site->getForumSettings();
$tips = array();
if (!$fsettings) {
$tips['forum'] = true;
}
// site tags
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$t = DB_SiteTagPeer::instance()->selectOne($c);
if (!$t) {
$tips['tags'] = true;
}
// count members... ???
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$co = DB_MemberPeer::instance()->selectCount($c);
if ($co < 4) {
$tips['invite'] = true;
}
if (count($tips) > 0) {
$runData->contextAdd("tips", $tips);
}
$runData->contextAdd('site', $site);
}
public function build($runData)
{
$userId = $runData->getUserId();
// get all membership - criteria with join ;-) wooo!
$c = new Criteria();
$c->add("user_id", $userId);
$c->addJoin("site_id", "site.site_id");
$c->add("site.deleted", false);
$mems = DB_MemberPeer::instance()->select($c);
if (count($mems) > 0) {
$runData->contextAdd("memberships", $mems);
}
}
/**
* Get sites of a user. This is a fake one!
*
* @param struct $args
* @return struct
*/
public function sites($args)
{
$this->parseArgs($args, array("performer", "user"));
if ($this->performer->getUserId() != $this->user->getUserId()) {
throw new WDPermissionException("One can only list their own sites");
}
$c = new Criteria();
$c->add("user_id", $this->user->getUserId());
$memberships = DB_MemberPeer::instance()->selectByCriteria($c);
$sites = array();
foreach ($memberships as $membership) {
$site = DB_SitePeer::instance()->selectByPrimaryKey($membership->getSiteId());
if (!$site->getDeleted()) {
$sites[] = $site;
}
}
return $this->repr($sites);
}
public function blockUserEvent($runData)
{
$pl = $runData->getParameterList();
$site = $runData->getTemp("site");
$userId = $pl->getParameterValue("userId");
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId);
if ($user == null) {
$runData->ajaxResponseAdd("status", "no_user");
$runData->ajaxResponseAdd("message", "No such user.");
return;
}
// check if user is a member or so.
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $userId);
$mem = DB_MemberPeer::instance()->selectOne($c);
if ($mem) {
$runData->ajaxResponseAdd("status", "user_member");
$runData->ajaxResponseAdd("message", _("The user you want to block is a member of this site. Please first remove him/her from the site members list."));
return;
}
// check if not already blocked
$bl = DB_UserBlockPeer::instance()->selectOne($c);
if ($bl) {
$runData->ajaxResponseAdd("status", "already_blocked");
$runData->ajaxResponseAdd("message", _("This user is already blocked."));
return;
}
// ok, now block!
$db = Database::connection();
$db->begin();
$reason = $pl->getParameterValue("reason", "AMODULE");
$block = new DB_UserBlock();
$block->setSiteId($site->getSiteId());
$block->setUserId($userId);
$block->setDateBlocked(new ODate());
if ($reason && $reason !== '') {
$block->setReason(substr($reason, 0, 500));
}
$block->save();
$db->commit();
}
public function build($runData)
{
// get all the members
/*
$c = new Criteria();
$c->setExplicitFrom("ozone_user, member");
$c->add("member.site_id", $runData->getTemp("site")->getSiteId());
$c->add("member.user_id", "ozone_user.user_id", "=", false);
$c->addOrderAscending("nick_name");
$members = DB_OzoneUserPeer::instance()->select($c);
$runData->contextAdd("members", $members);
*/
$c = new Criteria();
$c->add("site_id", $runData->getTemp("site")->getSiteId());
$c->addJoin("user_id", "ozone_user.user_id");
$mems = DB_MemberPeer::instance()->select($c);
if (count($mems) > 0) {
$runData->contextAdd("memberships", $mems);
}
}
public function acceptEmailInvitationEvent($runData)
{
$pl = $runData->getParameterList();
$user = $runData->getUser();
$hash = $pl->getParameterValue("hash");
// get the invitation entry (if any)
$c = new Criteria();
$c->add("hash", $hash);
$c->add("accepted", false);
$inv = DB_EmailInvitationPeer::instance()->selectOne($c);
$runData->contextAdd("user", $user);
if (!$inv) {
throw new ProcessException(_("Sorry, no invitation can be found."));
}
$site = DB_SitePeer::instance()->selectByPrimaryKey($inv->getSiteId());
// check if not a member already
$c = new Criteria();
$c->add("user_id", $user->getUserId());
$c->add("site_id", $site->getSiteId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if ($mem) {
throw new ProcessException(_("It seems you already are a member of this site! Congratulations anyway ;-)"));
}
// check if not > max _members
if ($site->getPrivate()) {
$settings = $site->getSettings();
$maxMembers = $settings->getMaxPrivateMembers();
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$cmem = DB_MemberPeer::instance()->selectCount($c);
if ($cmem >= $maxMembers) {
throw new ProcessException(sprintf(_('Sorry, at the moment max %d member limit apply for private Wikis. The Site would have to be upgraded to allow more members.'), $maxMembers));
}
}
// all should be fine at this point - add to members
$db = Database::connection();
$db->begin();
$mem = new DB_Member();
$mem->setDateJoined(new ODate());
$mem->setSiteId($site->getSiteId());
$mem->setUserId($user->getUserId());
$mem->save();
$ml = new DB_MembershipLink();
$ml->setUserId($user->getUserId());
$ml->setSiteId($site->getSiteId());
$ml->setDate(new ODate());
$ml->setType('EMAIL_INVITATION');
$ml->setByUserId($inv->getUserId());
$ml->save();
// add to contacts?
$sender = DB_OzoneUserPeer::instance()->selectByPrimaryKey($inv->getUserId());
if ($inv->getToContacts() && $sender->getUserId() != $user->getUserId()) {
try {
// check if contact already exists
$c = new Criteria();
$c->add("user_id", $user->getUserId());
$c->add("target_user_id", $sender->getUserId());
$con0 = DB_ContactPeer::instance()->selectOne($c);
if (!$con0) {
$con = new DB_Contact();
$con->setUserId($user->getUserId());
$con->setTargetUserId($sender->getUserId());
$con->save();
}
} catch (Exception $e) {
}
try {
// check if contact already exists
$c = new Criteria();
$c->add("user_id", $sender->getUserId());
$c->add("target_user_id", $user->getUserId());
$con0 = DB_ContactPeer::instance()->selectOne($c);
if (!$con0) {
$con = new DB_Contact();
$con->setUserId($sender->getUserId());
$con->setTargetUserId($user->getUserId());
$con->save();
}
} catch (Exception $e) {
}
}
// set accepted
$inv->setAccepted(true);
$inv->save();
// create a notification
AdminNotificationMaker::instance()->acceptedEmailInvitation($inv, $user);
$db->commit();
$runData->contextAdd("site", $site);
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "ok");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
try {
// check security token
if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) {
throw new ProcessException("no", "wrong_token7");
}
//remove token from parameter list!!!
$runData->getParameterList()->delParameter('wikidot_token7');
$callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex');
$runData->getParameterList()->delParameter('callbackIndex');
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
throw new ProcessException(_('The requested site does not exist.'));
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
// PRIVATE SITES: check if the site is private and if the user is its member
if ($site->getPrivate()) {
// check if not allow anyway
$template = $runData->getModuleTemplate();
$actionClass = $runData->getAction();
$proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template));
if (!$proceed) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
throw new ProcessException(_('This Site is private and accessible only to its members.'));
}
}
}
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
throw new WDPermissionException(_("Not allowed."));
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
$runData->setTemp("jsInclude", array());
$runData->setTemp("cssInclude", array());
if ($actionClass) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
throw new WDPermissionException("Not allowed.");
}
$actionEvent = $runData->getActionEvent();
/*try{*/
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate()) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$jsInclude = $runData->getTemp("jsInclude");
$jsInclude = array_merge($jsInclude, $module->getExtraJs());
$runData->setTemp("jsInclude", $jsInclude);
$cssInclude = $runData->getTemp("cssInclude");
$cssInclude = array_merge($cssInclude, $module->getExtraCss());
$runData->setTemp("cssInclude", $cssInclude);
} catch (ProcessException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", $e->getStatus());
$runData->setModuleTemplate(null);
$template = null;
} catch (WDPermissionException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", "no_permission");
$runData->setModuleTemplate(null);
$template = null;
} catch (Exception $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage());
$runData->ajaxResponseAdd("status", "not_ok");
$runData->setModuleTemplate(null);
$template = null;
// LOG ERROR TOO!!!
$logger = OzoneLogger::instance();
$logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString());
}
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
// check the javascript files for inclusion
}
if ($template != null && $template != "Empty") {
$jsInclude = $runData->getTemp("jsInclude");
if ($module->getIncludeDefaultJs()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js';
$incl = $url;
$jsInclude[] = $incl;
}
}
$rVars['jsInclude'] = $jsInclude;
$cssInclude = $runData->getTemp("cssInclude");
if ($module->getIncludeDefaultCss()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css';
$incl = $url;
$cssInclude[] = $incl;
}
}
$rVars['cssInclude'] = $cssInclude;
}
// specify (copy) jscallback. ugly, right? ;-)
$rVars['callbackIndex'] = $callbackIndex;
$json = new JSONService();
$out = $json->encode($rVars);
$runData->handleSessionEnd();
echo $out;
}
public function process()
{
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("Feed request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if ($site == null) {
$content = file_get_contents(WIKIDOT_ROOT . "/files/site_not_exists.html");
echo $content;
return $content;
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$lang = $site->getLanguage();
$runData->setLanguage($lang);
$GLOBALS['lang'] = $lang;
// and for gettext too:
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, redirect to http:
echo _("Secure access is not enabled for this Wiki.");
exit;
}
}
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// check if requires authentication
if ($screen->getRequiresAuthentication() || $site->getPrivate()) {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$user = null;
if ($username !== null && $password !== null) {
$user = SecurityManager::getUserByName($username);
if ($user) {
$upass = md5("feed_hashed_password_" . $user->getPassword());
$upass = substr($upass, 0, 15);
if ($upass !== $password) {
$user = null;
}
}
}
if ($site->getPrivate()) {
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
}
if ($user == null) {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
header('Content-type: text/plain; charset=utf-8');
echo _("This is a private feed. User authentication required via Basic HTTP Authentication. You can not access it. Please go to 'Account settings' -> 'Notifications' to get the password if you believe you should be allowed.");
exit;
}
$runData->setTemp("user", $user);
}
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
$rendered = $screen->render($runData);
echo str_replace("%%%CURRENT_TIMESTAMP%%%", time(), $rendered);
return $rendered;
}
public function signOffEvent($runData)
{
// remove the membership AND adminship AND moderatorship
$siteId = $runData->getParameterList()->getParameterValue("site_id");
$userId = $runData->getUserId();
$user = $runData->getUser();
$c = new Criteria();
$c->add("user_id", $userId);
$c->add("site_id", $siteId);
$db = Database::connection();
$db->begin();
// check if admin
$admin = DB_AdminPeer::instance()->selectOne($c);
if ($admin && $admin->getFounder()) {
throw new ProcessException(_("You have founded this site - sorry, you can not resign."), "founder_nonremovable");
}
if ($admin) {
// check if not the last admin!!!
$c2 = new Criteria();
$c2->add("site_id", $siteId);
$acount = DB_AdminPeer::instance()->selectCount($c2);
if ($acount == 1) {
$runData->ajaxResponseAdd("status", "last_admin");
$runData->ajaxResponseAdd("message", _("You can not simply resign - you are the last admin of this site!"));
$db->commit();
return;
}
}
DB_MemberPeer::instance()->delete($c);
DB_ModeratorPeer::instance()->delete($c);
DB_AdminPeer::instance()->delete($c);
$site = DB_SitePeer::instance()->selectByPrimaryKey($siteId);
AdminNotificationMaker::instance()->memberResigned($site, $user);
$db->commit();
}
private function canRatePage($user, $page)
{
if (!$user) {
$this->message = _("You should be at least logged in to try rating...");
return false;
}
$category = $page->getCategory();
if ($category->getRatingEnabledEff()) {
$ps = $category->getRatingBy();
if ($ps == 'r') {
return true;
}
if ($ps == 'm') {
$c = new Criteria();
$c->add("site_id", $category->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_MemberPeer::instance()->selectOne($c);
if ($rel) {
return true;
} else {
$this->message = _("Voting is enabled only for Site Members.");
}
}
} else {
$this->message = _("Rating is disabled for this page.");
}
return false;
}
public function savePrivateSettingsEvent($runData)
{
$pl = $runData->getParameterList();
$site = $runData->getTemp("site");
$private = (bool) $pl->getParameterValue("private");
$landing = trim($pl->getParameterValue("landingPage"));
$hideNav = (bool) $pl->getParameterValue("hideNav");
$viewers = $pl->getParameterValue("viewers");
$viewers = explode(',', $viewers);
$settings = $site->getSettings();
$maxMembers = $settings->getMaxPrivateMembers();
$maxViewers = $settings->getMaxPrivateViewers();
// check if not >=10 members
if ($private) {
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$cmem = DB_MemberPeer::instance()->selectCount($c);
if ($cmem > $maxMembers) {
throw new ProcessException(sprintf(_('Sorry, at the moment max %d member limit apply for private Wikis. The Site would have to be upgraded to allow more members.'), $maxMembers));
}
}
if (count($viewers) >= $maxViewers) {
throw new ProcessException(sprintf(_('Sorry, at the moment max %d viewer limit apply.'), $maxViewers));
}
// check landing
if ($landing == "" || strlen($landing) > 80) {
throw new ProcessException(_('Landing page is not valid'));
}
$db = Database::connection();
$db->begin();
if ($site->getPrivate() != $private) {
$site->setPrivate($private);
$site->save();
// change file flag too
$flagDir = $site->getLocalFilesPath() . '/flags';
$flagFile = $flagDir . '/private';
if ($private) {
mkdirfull($flagDir);
//just to make sure
if (!file_exists($flagFile)) {
file_put_contents($flagFile, "private");
}
} else {
if (file_exists($flagFile)) {
unlink($flagFile);
}
}
}
$settings = $site->getSettings();
if ($settings->getPrivateLandingPage() != $landing) {
$settings->setPrivateLandingPage($landing);
$settings->save();
}
if ($settings->getHideNavigationUnauthorized() != $hideNav) {
$settings->setHideNavigationUnauthorized($hideNav);
$settings->save();
}
// handle viewers
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$dbViewers = DB_SiteViewerPeer::instance()->select($c);
$viewers = array_unique($viewers);
foreach ($dbViewers as $dbViewer) {
if (in_array($dbViewer->getUserId(), $viewers)) {
unset($viewers[array_search($dbViewer->getUserId(), $viewers)]);
} else {
DB_SiteViewerPeer::instance()->deleteByPrimaryKey($dbViewer->getViewerId());
}
}
// insert all other
foreach ($viewers as $viewer) {
if (trim($viewer) != '') {
$dbViewer = new DB_SiteViewer();
$dbViewer->setSiteId($site->getSiteId());
$dbViewer->setUserId($viewer);
$dbViewer->save();
}
}
$db->commit();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
/**
* Shecks if a site is public or user is a member of the site
*
* @param $user DB_OzoneUser
* @param $site DB_Site
* @return boolean
* @throws WDPermissionException
*/
public function canAccessSite($user, $site)
{
// public or user is super
if (!$site->getPrivate() || $user->getSuperAdmin() || $user->getSuperModerator()) {
return true;
}
// check if user is a member of the site
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
if (DB_MemberPeer::instance()->selectOne($c)) {
// user is a member of the wiki
return true;
}
throw new WDPermissionException("User not allowed to access site");
}
public function render($runData)
{
// get site
$site = $runData->getTemp("site");
$runData->contextAdd("site", $site);
$this->handleNotifications($runData);
$pl = $runData->getParameterList();
$wikiPage = $pl->getParameterValue("wiki_page");
$privateAccessGranted = true;
// check if the site is private
if ($site->getPrivate()) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
$wikiPage = $site->getSettings()->getPrivateLandingPage();
$privateAccessGranted = false;
}
}
if ($wikiPage == "") {
$wikiPage = $site->getDefaultPage();
}
$wikiPage = WDStringUtils::toUnixName($wikiPage);
$runData->setTemp("pageUnixName", $wikiPage);
$memcache = Ozone::$memcache;
if ($runData->getAction() == null && $runData->getRequestMethod() == "GET" && $privateAccessGranted) {
// try to get content from the memorycache server
$mcKey = 'page..' . $site->getUnixName() . '..' . $wikiPage;
if (strpos($wikiPage, ":") != false) {
$tmp0 = explode(':', $wikiPage);
$categoryName = $tmp0[0];
} else {
$categoryName = "_default";
}
$aKey = 'category_lc..' . $site->getUnixName() . '..' . $categoryName;
$changeTime = $memcache->get($aKey);
$cachedPage = $memcache->get($mcKey);
if ($cachedPage !== false && $changeTime && $changeTime <= $cachedPage['timestamp']) {
$runData->setTemp("page", $cachedPage['page']);
$GLOBALS['page'] = $cachedPage['page'];
$out = $cachedPage['content'];
if ($this->vars['notificationsDialog']) {
$out = preg_replace(';<div id="account-notifications-dummy" style="display:none"></div>;', '<div id="notifications-dialog" style="display:none">' . $this->vars['notificationsDialog'] . '</div>', $out, 1);
}
return $out;
} else {
$storeLater = true;
}
}
$runData->contextAdd("wikiPageName", $wikiPage);
$settings = $site->getSettings();
// get wiki page from the database
$page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $wikiPage);
if ($page == null) {
$runData->contextAdd("pageNotExists", true);
// get category based on suggested page name
if (strpos($wikiPage, ":") != false) {
$tmp0 = explode(':', $wikiPage);
$categoryName = $tmp0[0];
} else {
$categoryName = "_default";
}
$category = DB_CategoryPeer::instance()->selectByName($categoryName, $site->getSiteId());
if ($category == null) {
$category = DB_CategoryPeer::instance()->selectByName('_default', $site->getSiteId());
}
$runData->setTemp("category", $category);
} else {
// page exists!!! wooo!!!
$runData->setTemp("page", $page);
$GLOBALS['page'] = $page;
$compiled = $page->getCompiled();
$runData->contextAdd("wikiPage", $page);
$runData->contextAdd("pageContent", $compiled->getText());
$category = $page->getCategory();
$runData->setTemp("category", $category);
// show options?
$showPageOptions = true;
$runData->contextAdd("showPageoptions", $showPageOptions);
// get the tags
$c = new Criteria();
$c->add("page_id", $page->getPageId());
$c->addOrderAscending("tag");
$tags = DB_PageTagPeer::instance()->select($c);
$t2 = array();
foreach ($tags as $t) {
$t2[] = $t->getTag();
}
$runData->contextAdd("tags", $t2);
// has discussion?
if ($page->getThreadId() !== null) {
$thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($page->getThreadId());
if ($thread == null) {
$page->setThreadId(null);
$page->save();
} else {
$page->setTemp("numberPosts", $thread->getNumberPosts());
}
}
// look for parent pages (and prepare breadcrumbs)
if ($page->getParentPageId()) {
$breadcrumbs = array();
$ppage = DB_PagePeer::instance()->selectByPrimaryKey($page->getParentPageId());
array_unshift($breadcrumbs, $ppage);
$bcount = 0;
while ($ppage->getParentPageId() && $bcount <= 4) {
$ppage = DB_PagePeer::instance()->selectByPrimaryKey($ppage->getParentPageId());
array_unshift($breadcrumbs, $ppage);
$bcount++;
}
$runData->contextAdd("breadcrumbs", $breadcrumbs);
}
}
$runData->contextAdd("category", $category);
// GET THEME for the category
$theme = $category->getTheme();
$runData->contextAdd("theme", $theme);
// GET LICENSE for the category
$licenseText = $category->getLicenseText();
$runData->contextAdd("licenseText", $licenseText);
// show nav elements?
if ($privateAccessGranted || !$settings->getHideNavigationUnauthorized()) {
if ($theme->getUseSideBar()) {
$sideBar1 = $category->getSidePage();
if ($sideBar1 !== null) {
$sideBar1Compiled = $sideBar1->getCompiled();
$ccc = $sideBar1Compiled->getText();
$ccc = preg_replace('/id="[^"]*"/', '', $ccc);
$runData->contextAdd("sideBar1Content", $ccc);
}
}
if ($theme->getUseTopBar()) {
$topBar = $category->getTopPage();
if ($topBar !== null) {
$topBarCompiled = $topBar->getCompiled();
$ccc = $topBarCompiled->getText();
$ccc = preg_replace('/id="[^"]*"/', '', $ccc);
$runData->contextAdd("topBarContent", $ccc);
}
}
}
// OpenID stuff now !!!
if ($settings->getOpenidEnabled() && $page) {
// find a page
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
if ($_SERVER['REQUEST_URI'] == "/") {
$c->add("page_id", null);
} else {
$c->add("page_id", $page->getPageId());
}
$oentry = DB_OpenidEntryPeer::instance()->selectOne($c);
if ($oentry) {
$openId = array();
$openId['enabled'] = true;
$openId['identity'] = $oentry->getUrl();
$openId['server'] = $oentry->getServerUrl();
$runData->contextAdd("openId", $openId);
}
}
// check wether to include a special JS file for custom domains or a special JS file for private files
//if (preg_match('/^([a-zA-Z0-9\-]+)\.' . GlobalProperties::$URL_DOMAIN_PREG . '$/',$_SERVER["HTTP_HOST"], $matches) !==1) {
// $runData->contextAdd("useCustomDomainScript", true);
//}
$smarty = Ozone::getSmarty();
// put context into context
$context = $runData->getContext();
if ($context !== null) {
foreach ($context as $key => $value) {
$smarty->assign($key, $value);
}
}
$templateFile = PathManager::screenTemplate("wiki/WikiScreen");
$screenContent = $smarty->fetch($templateFile);
$smarty->assign("screen_placeholder", $screenContent);
$layoutFile = PathManager::layoutTemplate("WikiLayout");
$out = $smarty->fetch($layoutFile);
if ($storeLater) {
$now = time();
if (!$changeTime) {
$memcache->set($aKey, $now, 0, 864000);
}
$memcache->set($mcKey, array("page" => $page, "content" => $out, "timestamp" => $now), 0, 864000);
}
if ($this->vars['notificationsDialog']) {
$out = preg_replace(';<div id="account-notifications-dummy" style="display:none"></div>;', '<div id="notifications-dialog" style="display:none">' . $this->vars['notificationsDialog'] . '</div>', $out, 1);
}
return $out;
}
/**
* checks if the user is a member of a site
*
* @param DB_OzoneUser $user
* @param DB_Site $site
* @return boolean
*/
protected function member($user, $site)
{
if (!$site || !$user) {
return false;
}
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
if (DB_MemberPeer::instance()->selectOne($c)) {
// user is a member of the wiki
return true;
}
return false;
}
public function sendEmailInvitationsEvent($runData)
{
$pl = $runData->getParameterList();
$user = $runData->getUser();
$site = $runData->getTemp("site");
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$addresses = $json->decode($pl->getParameterValue("addresses"));
$message = $pl->getParameterValue("message");
// check if data is valid
if (count($addresses) > 200) {
throw new ProcessException(_("You should not send more than 200 invitations at once."));
}
foreach ($addresses as $address) {
$email = trim($address[0]);
$name = trim($address[1]);
if (!preg_match("/^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)+\$/", $email) || strlen($email) > 70 || strlen($email) == 0) {
throw new ProcessException(sprintf(_('Email "%s" is not valid.'), htmlspecialchars($email)), "bad_email");
}
if (preg_match(';://;', $name) || preg_match(';\\.www;i', $name) || strlen8($name) > 50 || strlen8($name) == 0) {
throw new ProcessException(sprintf(_('Recipient\'s name "%s" is not valid.'), htmlspecialchars($name)), "bad_name");
}
//check if "email" is not already a member of this site...
$q = " SELECT * FROM member, ozone_user WHERE member.site_id='" . $site->getSiteId() . "' AND ozone_user.name='" . db_escape_string($email) . "' AND member.user_id = ozone_user.user_id LIMIT 1";
$c = new Criteria();
$c->setExplicitQuery($q);
$m = DB_MemberPeer::instance()->selectOne($c);
if ($m) {
throw new ProcessException(sprintf(_('User with the email address "%s" is already a member of this Site. Remove him from the list and send invitations again.'), htmlspecialchars($email)), 'aleady_member');
}
// check if not sent already to this address.
$c = new Criteria();
$c->add("email", $email);
$c->add("site_id", $site->getSiteId());
$ii = DB_EmailInvitationPeer::instance()->selectOne($c);
if ($ii) {
throw new ProcessException(sprintf(_('User with the email address "%s" has been already invited to this Site. Remove him from the list and send invitations again. If you want to resend an invitation please rather look at the history of sent invitations.'), htmlspecialchars($email)), 'aleady_member');
}
}
if (preg_match(';://;', $message) || preg_match(';www\\.;i', $message)) {
throw new ProcessException(_('The message should not contain any links to websites.'), "bad_message");
}
if ($message != "" && strlen($message) > 1000) {
throw new ProcessException(_('The message seems to be too long. Max 1000 characters are allowed.'), "bad_message");
}
// now prepare invitation and send!
$db = Database::connection();
foreach ($addresses as $address) {
$email = trim($address[0]);
$name = trim($address[1]);
$db->begin();
// each invitation makes a separate transaction
$hash = substr(md5($name . $email) . time(), 0, 20);
$inv = new DB_EmailInvitation();
$inv->setHash($hash);
$inv->setEmail($email);
$inv->setName($name);
$inv->setUserId($user->getUserId());
$inv->setSiteId($site->getSiteId());
$inv->setMessage($message);
$inv->setDate(new ODate());
if ($address[2]) {
$inv->setToContacts(true);
}
// prepare and send email
$profile = $user->getProfile();
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject(sprintf(_("[%s] %s invites you to join!"), GlobalProperties::$SERVICE_NAME, $user->getNickName()));
$oe->contextAdd('user', $user);
$oe->contextAdd('profile', $profile);
$oe->contextAdd('hash', $hash);
$oe->contextAdd("site", $site);
$oe->contextAdd("message", $message);
$oe->contextAdd('name', $name);
$oe->setBodyTemplate('MembershipEmailInvitation');
if (!$oe->Send()) {
$inv->setDelivered(false);
} else {
$inv->setDelivered(true);
}
$inv->save();
$db->commit();
}
}
public function render($runData)
{
try {
// get site
$site = $runData->getTemp("site");
$runData->contextAdd("site", $site);
$pl = $runData->getParameterList();
$wikiPage = $pl->getParameterValue("wiki_page");
if ($site->getPrivate()) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
throw new ProcessException("This is a private wiki. Access is limited to selected users.");
}
}
$wikiPage = WDStringUtils::toUnixName($wikiPage);
$runData->setTemp("pageUnixName", $wikiPage);
if ($wikiPage === "") {
$wikiPage = $site->getDefaultPage();
}
$runData->contextAdd("wikiPageName", $wikiPage);
// get wiki page from the database
$page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $wikiPage);
if ($page == null) {
throw new ProcessException("No such page");
} else {
// page exists!!! wooo!!!
$runData->setTemp("page", $page);
$GLOBALS['page'] = $page;
$compiled = $page->getCompiled();
$runData->contextAdd("wikiPage", $page);
$runData->contextAdd("screen_placeholder", $compiled->getText());
$category = $page->getCategory();
$runData->setTemp("category", $category);
}
$runData->contextAdd("category", $category);
// GET THEME for the category
$theme = $category->getTheme();
$runData->contextAdd("theme", $theme);
// GET LICENSE for the category
$licenseText = $category->getLicenseText();
$runData->contextAdd("licenseText", $licenseText);
$smarty = Ozone::getSmarty();
// put context into context
$context = $runData->getContext();
if ($context !== null) {
foreach ($context as $key => $value) {
$smarty->assign($key, $value);
}
}
$layoutFile = PathManager::layoutTemplate("PrintLayout");
$out = $smarty->fetch($layoutFile);
return $out;
} catch (Exception $e) {
$out = $e->getMessage();
return $out;
}
}
