public function createAction() { $this->view->options = array(); $this->view->form = $form = new Ynfeedback_Form_Admin_Polls_Create(); $viewer = Engine_Api::_()->user()->getViewer(); if (!$this->getRequest()->isPost()) { return; } if (!$form->isValid($this->getRequest()->getPost())) { return; } // Check options $options = (array) $this->_getParam('optionsArray'); $options = array_filter(array_map('trim', $options)); $options = array_slice($options, 0, $max_options); $this->view->options = $options; if (empty($options) || !is_array($options) || count($options) < 2) { return $form->addError('You must provide at least two possible answers.'); } foreach ($options as $index => $option) { if (strlen($option) > 80) { $options[$index] = Engine_String::substr($option, 0, 80); } } // Process $pollTable = Engine_Api::_()->getItemTable('ynfeedback_poll'); $pollOptionsTable = Engine_Api::_()->getDbtable('options', 'ynfeedback'); $db = $pollTable->getAdapter(); $db->beginTransaction(); try { $values = $form->getValues(); $values['user_id'] = $viewer->getIdentity(); // Create poll $poll = $pollTable->createRow(); $poll->setFromArray($values); $poll->save(); // Create options $censor = new Engine_Filter_Censor(); $html = new Engine_Filter_Html(array('AllowedTags' => array('a'))); foreach ($options as $option) { $option = $censor->filter($html->filter($option)); $pollOptionsTable->insert(array('poll_id' => $poll->getIdentity(), 'poll_option' => $option)); } $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } $this->_forward('success', 'utility', 'core', array('smoothboxClose' => 10, 'parentRefresh' => 10, 'messages' => array(''))); }
public function createAction() { if (!$this->_helper->requireUser()->isValid()) { return; } if (!$this->_helper->requireAuth()->setAuthParams('poll', null, 'create')->isValid()) { return; } // Get navigation $this->view->navigation = $navigation = Engine_Api::_()->getApi('menus', 'core')->getNavigation('poll_main'); $this->view->options = array(); $this->view->maxOptions = $max_options = Engine_Api::_()->getApi('settings', 'core')->getSetting('poll.maxoptions', 15); $this->view->form = $form = new Poll_Form_Create(); $viewer = Engine_Api::_()->user()->getViewer(); if (!$this->getRequest()->isPost()) { return; } if (!$form->isValid($this->getRequest()->getPost())) { return; } // Check options $options = (array) $this->_getParam('optionsArray'); $options = array_filter(array_map('trim', $options)); $options = array_slice($options, 0, $max_options); $this->view->options = $options; if (empty($options) || !is_array($options) || count($options) < 2) { return $form->addError('You must provide at least two possible answers.'); } foreach ($options as $index => $option) { if (strlen($option) > 80) { $options[$index] = Engine_String::substr($option, 0, 80); } } // Process $pollTable = Engine_Api::_()->getItemTable('poll'); $pollOptionsTable = Engine_Api::_()->poll()->api()->getDbtable('options', 'poll'); $db = $pollTable->getAdapter(); $db->beginTransaction(); try { $values = $form->getValues(); $values['user_id'] = $viewer->getIdentity(); // Create poll $poll = $pollTable->createRow(); $poll->setFromArray($values); $poll->save(); // Create options $censor = new Engine_Filter_Censor(); foreach ($options as $option) { $pollOptionsTable->insert(array('poll_id' => $poll->getIdentity(), 'poll_option' => $censor->filter($option))); } // Privacy $auth = Engine_Api::_()->authorization()->context; $roles = array('owner', 'owner_member', 'owner_member_member', 'owner_network', 'registered', 'everyone'); if (empty($values['auth_view'])) { $values['auth_view'] = array('everyone'); } if (empty($values['auth_comment'])) { $values['auth_comment'] = array('everyone'); } $viewMax = array_search($values['auth_view'], $roles); $commentMax = array_search($values['auth_comment'], $roles); foreach ($roles as $i => $role) { $auth->setAllowed($poll, $role, 'view', $i <= $viewMax); $auth->setAllowed($poll, $role, 'comment', $i <= $commentMax); } $auth->setAllowed($poll, 'registered', 'vote', true); $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } // Process activity $db = Engine_Api::_()->getDbTable('polls', 'poll')->getAdapter(); $db->beginTransaction(); try { $action = Engine_Api::_()->getDbtable('actions', 'activity')->addActivity(Engine_Api::_()->user()->getViewer(), $poll, 'poll_new'); if ($action) { Engine_Api::_()->getDbtable('actions', 'activity')->attachActivity($action, $poll); } $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } // Redirect return $this->_helper->redirector->gotoUrl($poll->getHref(), array('prependBase' => false)); }
public function createPopupAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(true); // Check authorization to create feedback. if (!$this->_helper->requireAuth()->setAuthParams('ynfeedback_idea', null, 'create')->isValid()) { return; } $viewer = Engine_Api::_()->user()->getViewer(); //get values $values = $this->_getAllParams(); if (empty($values['title']) || $values['title'] == "") { return; } //user_id & status $values['user_id'] = $viewer->getIdentity(); $values['status_id'] = 1; $db = Engine_Db_Table::getDefaultAdapter(); $db->beginTransaction(); try { $class = new Engine_Filter_HtmlSpecialChars(); $values['description'] = $class->filter($values['description']); $class = new Engine_Filter_Censor(); $values['description'] = $class->filter($values['description']); $class = new Engine_Filter_EnableLinks(); $values['description'] = $class->filter($values['description']); //save feedback $ideaTable = Engine_Api::_()->getItemTable('ynfeedback_idea'); $idea = $ideaTable->createRow(); $idea->setFromArray($values); $idea->save(); // Set auth $auth = Engine_Api::_()->authorization()->context; $roles = array('owner', 'owner_member', 'owner_member_member', 'owner_network', 'everyone'); if (empty($values['auth_view'])) { $values['auth_view'] = 'everyone'; } if (empty($values['auth_comment'])) { $values['auth_comment'] = 'everyone'; } $viewMax = array_search($values['auth_view'], $roles); $commentMax = array_search($values['auth_comment'], $roles); foreach ($roles as $i => $role) { $auth->setAllowed($idea, $role, 'view', $i <= $viewMax); $auth->setAllowed($idea, $role, 'comment', $i <= $commentMax); } if ($viewer->getIdentity()) { //add activity $activityApi = Engine_Api::_()->getDbtable('actions', 'activity'); $action = $activityApi->addActivity($idea->getOwner(), $idea, 'ynfeedback_feedback_create'); if ($action) { $activityApi->attachActivity($action, $idea); } } if (Engine_Api::_()->hasModuleBootstrap("yncredit")) { if ($viewer->getIdentity()) { $user = $idea->getOwner(); if ($user->getIdentity()) { Engine_Api::_()->yncredit()->hookCustomEarnCredits($user, $user->getTitle(), 'ynfeedback_new', $user); } } } $db->commit(); echo Zend_Json::encode(array('message' => 'Feedback successfully!')); } catch (Exception $e) { $db->rollBack(); echo Zend_Json::encode(array('message' => 'Feedback failure!')); } }
protected function _initCensor() { $bannedWords = null; // caching $cache = $this->getContainer()->cache; if ($cache instanceof Zend_Cache_Core && ($data = $cache->load('bannedwords')) && is_string($data)) { $bannedWords = $data; } else { $bannedWords = Engine_Api::_()->getApi('settings', 'core')->core_spam_censor; $db = $this->getContainer()->db; if ($db instanceof Zend_Db_Adapter_Abstract) { $dbBannedWords = $db->select()->from('engine4_core_bannedwords', 'word')->query()->fetchAll(Zend_Db::FETCH_COLUMN); $bannedWords .= ',' . join(',', $dbBannedWords); } $bannedWords = trim($bannedWords, ' ,'); // save $cache->save($bannedWords, 'bannedwords'); } Engine_Filter_Censor::setDefaultForbiddenWords($bannedWords); }
protected function _initCensor() { // inject filtered words into the filter censor Engine_Filter_Censor::setDefaultForbiddenWords(Engine_Api::_()->getApi('settings', 'core')->core_spam_censor); }
public function whisperAction() { $userTable = Engine_Api::_()->getDbtable('users', 'chat'); // Check viewer $viewer = Engine_Api::_()->user()->getViewer(); if (!$viewer->getIdentity()) { $this->view->status = false; $this->view->error = true; $this->view->message = 'AUTH_FAIL'; return; } // Check for chat user $userTable->check($viewer); // Check for target user $targetUserId = (int) $this->_getParam('user_id'); $targetUser = $userTable->find($targetUserId)->current(); if (null === $targetUser) { $this->view->status = false; $this->view->error = true; $this->view->message = 'NOT_ONLINE'; return; } // Rate limiting $session = $this->getSession(); // Clear out old if (!isset($session->whisperRate) || !is_array($session->whisperRate)) { $session->whisperRate = array(); } foreach ($session->whisperRate as $index => $time) { if (time() > $time + 5) { unset($session->whisperRate[$index]); } } // Check count $rate = count($session->whisperRate); if ($rate > 10) { $this->view->status = false; $this->view->error = true; $this->view->message = 'RATE_LIMIT_EXCEEDED'; return; } // Do it! $censor = new Engine_Filter_Censor(); $message = $censor->filter($this->_getParam('message')); $message = html_entity_decode($message, ENT_QUOTES, 'UTF-8'); $message = html_entity_decode($message, ENT_QUOTES, 'UTF-8'); $message = htmlspecialchars($message, ENT_NOQUOTES, 'UTF-8'); if (Engine_String::strlen($message) > 1023) { $message = Engine_String::substr($message, 0, 1023); } // Start transaction $db = $userTable->getAdapter(); $db->beginTransaction(); try { // Send message $whisperObject = $targetUser->whisper($viewer, $message); $session->whisperRate[] = time(); $db->commit(); $this->view->status = true; $this->view->error = false; $this->view->whisper_id = $whisperObject->whisper_id; } catch (Exception $e) { $db->rollBack(); $this->view->status = false; $this->view->error = true; $this->view->message = 'ERROR'; if (APPLICATION_ENV === 'development') { $this->view->error_message = $e->__toString(); } } }
public function editAction() { // Return if guest try to access to create link. $this->_helper->content->setEnabled(); $viewer = Engine_Api::_()->user()->getViewer(); $view = Zend_Registry::get('Zend_View'); $idea = Engine_Api::_()->getItem('ynfeedback_idea', $this->_getParam('idea_id')); if (empty($idea)) { return $this->_helper->requireSubject()->forward(); } if (!$idea->isEditable()) { return $this->_helper->requireAuth()->forward(); } //get category $tableCategory = Engine_Api::_()->getItemTable('ynfeedback_category'); $categories = $tableCategory->getCategories(); $category_id = $this->_getParam('category_id', $idea->category_id); // Create Form //get current category $category = Engine_Api::_()->getItem('ynfeedback_category', $category_id); //get profile question $topStructure = Engine_Api::_()->fields()->getFieldStructureTop('ynfeedback_idea'); if (count($topStructure) == 1 && $topStructure[0]->getChild()->type == 'profile_type') { $profileTypeField = $topStructure[0]->getChild(); $formArgs = array('topLevelId' => $profileTypeField->field_id, 'topLevelValue' => $category->option_id); } $this->view->form = $form = new Ynfeedback_Form_Feedback_Edit(array('formArgs' => $formArgs, 'item' => $idea)); //populate all data $idea->description = htmlspecialchars_decode($idea->description); $idea->description = strip_tags($idea->description); $form->populate($idea->toArray()); // Populate auth $auth = Engine_Api::_()->authorization()->context; $roles = array('owner', 'owner_member', 'owner_member_member', 'owner_network', 'everyone'); foreach ($roles as $role) { if (isset($form->auth_view->options[$role]) && $auth->isAllowed($idea, $role, 'view')) { $form->auth_view->setValue($role); } if (isset($form->auth_comment->options[$role]) && $auth->isAllowed($idea, $role, 'comment')) { $form->auth_comment->setValue($role); } } // Populate category list. $categories = $tableCategory->getCategories(); unset($categories[0]); foreach ($categories as $item) { $form->category_id->addMultiOption($item['category_id'], str_repeat("-- ", $item['level'] - 1) . $view->translate($item['title'])); } //repopulate category if ($category_id) { $form->category_id->setValue($category_id); } else { $form->addError('Create feedback require at least one category. Please contact admin for more details.'); } //populate data $posts = $this->getRequest()->getPost(); $form->populate($posts); //populate co-authors if (!$posts) { $authorTable = Engine_Api::_()->getDbTable('authors', 'ynfeedback'); $this->view->authors = $authors = $authorTable->getAuthorsByIdeaId($idea->getIdentity()); } if (!isset($posts['submit_button'])) { $this->view->posts = $posts; return; } // Check method and data validity. if (!$this->getRequest()->isPost()) { return; } if (!$form->isValid($posts)) { $this->view->posts = $posts; return; } //get values $params = $this->_getAllParams(); $values = $form->getValues(); //check email if (!empty($values['guest_email'])) { $regexp = "/^[A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}\$/"; if (!preg_match($regexp, $values['guest_email'])) { $form->addError('Please enter valid email!'); return; } } $db = Engine_Db_Table::getDefaultAdapter(); $db->beginTransaction(); try { $class = new Engine_Filter_HtmlSpecialChars(); $values['description'] = $class->filter($values['description']); $class = new Engine_Filter_Censor(); $values['description'] = $class->filter($values['description']); $class = new Engine_Filter_EnableLinks(); $values['description'] = $class->filter($values['description']); //save feedback $idea->setFromArray($values); $idea->save(); //Set Co-authors $tableAuthor = Engine_Api::_()->getDbTable('authors', 'ynfeedback'); $tableAuthor->deleteAllAuthorsByIdeaId($idea->getIdentity()); $toValues = $this->_getParam('toValues'); if (!empty($toValues)) { $authors = explode(",", $toValues); foreach ($authors as $authorID) { if (is_numeric($authorID)) { $user = Engine_Api::_()->getItem('user', $authorID); if ($user->getIdentity()) { $authorRow = $tableAuthor->createRow(); $authorRow->idea_id = $idea->getIdentity(); $authorRow->user_id = $authorID; $authorRow->save(); } else { $authorRow = $tableAuthor->createRow(); $authorRow->idea_id = $idea->getIdentity(); $authorRow->name = $authorID; $authorRow->save(); } } else { $authorRow = $tableAuthor->createRow(); $authorRow->idea_id = $idea->getIdentity(); $authorRow->name = $authorID; $authorRow->save(); } } } //save custom field $customfieldform = $form->getSubForm('fields'); $customfieldform->setItem($idea); $customfieldform->saveValues(); // Set auth $auth = Engine_Api::_()->authorization()->context; $roles = array('owner', 'owner_member', 'owner_member_member', 'owner_network', 'everyone'); if (empty($values['auth_view'])) { $values['auth_view'] = 'everyone'; } if (empty($values['auth_comment'])) { $values['auth_comment'] = 'everyone'; } $viewMax = array_search($values['auth_view'], $roles); $commentMax = array_search($values['auth_comment'], $roles); foreach ($roles as $i => $role) { $auth->setAllowed($idea, $role, 'view', $i <= $viewMax); $auth->setAllowed($idea, $role, 'comment', $i <= $commentMax); } $db->commit(); } catch (Exception $e) { $db->rollBack(); throw $e; } //send to follower Engine_Api::_()->ynfeedback()->sendNotificationToFollower($idea, 'ynfeedback_idea_edit', $idea, $idea); return $this->_forward('success', 'utility', 'core', array('parentRedirect' => Zend_Controller_Front::getInstance()->getRouter()->assemble(array('action' => 'view', 'idea_id' => $idea->getIdentity()), 'ynfeedback_specific', true), 'messages' => array(Zend_Registry::get('Zend_Translate')->_('Please wait...')))); }
public static function setDefaultForbiddenWords($words) { self::$_defaultForbiddenWords = $words; }
public function createAction() { if (!$this->_helper->requireUser()->isValid()) { return; } if (!$this->_helper->requireSubject('group')->isValid()) { return; } $this->view->group = $group = Engine_Api::_()->core()->getSubject('group'); $this->view->viewer = $viewer = Engine_Api::_()->user()->getViewer(); // if ($group -> is_subgroup) { // $parent_group = $group -> getParentGroup(); // if (!$parent_group -> authorization() -> isAllowed(null, 'poll')) { // return $this -> _helper -> requireAuth -> forwards(); // } else if (!$group -> authorization() -> isAllowed(null, 'poll')) { // return $this -> _helper -> requireAuth -> forwards(); // } // } else if (!$group->authorization()->isAllowed(null, 'poll')) { return $this->_helper->requireAuth->forwards(); } // Make form $this->view->form = $form = new Advgroup_Form_Poll_Create(); $this->view->options = array(); $this->view->maxOptions = $max_options = Engine_Api::_()->getApi('settings', 'core')->getSetting('advgroup.pollmaxoptions', 15); $this->view->form = $form = new Advgroup_Form_Poll_Create(); if (!$this->getRequest()->isPost()) { return; } if (!$form->isValid($this->getRequest()->getPost())) { return; } // Check options $options = (array) $this->_getParam('optionsArray'); $options = array_filter(array_map('trim', $options)); $options = array_slice($options, 0, $max_options); $this->view->options = $options; if (empty($options) || !is_array($options) || count($options) < 2) { return $form->addError('You must provide at least two possible answers.'); } foreach ($options as $index => $option) { if (strlen($option) > 80) { $options[$index] = Engine_String::substr($option, 0, 80); } } // Process $pollTable = Engine_Api::_()->getItemTable('advgroup_poll'); $pollOptionsTable = Engine_Api::_()->getDbtable('pollOptions', 'advgroup'); $db = $pollTable->getAdapter(); $db->beginTransaction(); try { $values = $form->getValues(); $values['user_id'] = $viewer->getIdentity(); $values['group_id'] = $group->group_id; // Create poll $poll = $pollTable->createRow(); $poll->setFromArray($values); $poll->save(); // Create options $censor = new Engine_Filter_Censor(); $html = new Engine_Filter_HtmlSpecialChars(); foreach ($options as $option) { $option = $censor->filter($html->filter($option)); $pollOptionsTable->insert(array('poll_id' => $poll->getIdentity(), 'poll_option' => $option)); } $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } // Process privacy $auth = Engine_Api::_()->authorization()->context; $roles = array('officer', 'member', 'registered', 'everyone'); if (empty($values['auth_comment'])) { $values['auth_comment'] = 'registered'; } $commentMax = array_search($values['auth_comment'], $roles); $officerList = $group->getOfficerList(); foreach ($roles as $i => $role) { if ($role === 'officer') { $role = $officerList; } $auth->setAllowed($poll, $role, 'comment', $i <= $commentMax); } // Process activity $db = Engine_Api::_()->getDbTable('polls', 'advgroup')->getAdapter(); $db->beginTransaction(); try { $action = Engine_Api::_()->getDbtable('actions', 'activity')->addActivity(Engine_Api::_()->user()->getViewer(), $group, 'advgroup_poll_new', $poll); if ($action) { Engine_Api::_()->getDbtable('actions', 'activity')->attachActivity($action, $poll); } $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } $this->_helper->redirector->gotoRoute(array('controller' => 'poll', 'action' => 'manage', 'subject' => $group->getGuid()), 'group_extended', true); }