public function member__reset_password()
 {
     $site_root = Config::getSiteRoot();
     $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
     $password_confirm = filter_input(INPUT_POST, 'password_confirmation', FILTER_SANITIZE_STRING);
     $token = filter_input(INPUT_POST, 'token', FILTER_SANITIZE_STRING);
     $hash = filter_input(INPUT_POST, 'hash', FILTER_SANITIZE_STRING);
     $referrer = $_SERVER['HTTP_REFERER'];
     // validate form token
     if (!$this->tokens->validate($token)) {
         $this->flash->set('reset_password_error', 'Invalid token.');
         URL::redirect($referrer);
     }
     // bail if cache doesnt exist or if its too old.
     // this should have been caught on the page itself,
     // but if it got submitted somehow, just redirect and the error logic will be in the plugin.
     if (!$this->cache->exists($hash) || $this->cache->getAge($hash) > $this->fetchConfig('reset_password_age_limit', 20, 'is_numeric') * 60) {
         URL::redirect($referrer);
     }
     // password check
     if (is_null($password) || $password == '') {
         $this->flash->set('reset_password_error', 'Password cannot be blank.');
         URL::redirect($referrer);
     }
     // password confirmation check
     if (!is_null($password_confirm) && $password !== $password_confirm) {
         $this->flash->set('reset_password_error', 'Passwords did not match.');
         URL::redirect($referrer);
     }
     // get username
     $cache = $this->cache->getYAML($hash);
     $username = $cache['username'];
     // change password
     $member = Member::load($username);
     $member->set('password', $password);
     $member->save();
     // delete used cache
     $this->cache->delete($hash);
     // redirect
     URL::redirect(array_get($cache, 'return', $this->fetchConfig('member_home', $site_root, null, false, false)));
 }
<?php

require_once 'includes/header.php';
require_once 'includes/form.php';
require_once 'includes/categories.php';
if (isset($_SESSION["MemberID"]) == false) {
    header("Location:index.php");
}
$oMember = new Member();
$oMember->load($_SESSION["MemberID"]);
if ($oMember->MemberLevel != 2) {
    header("Location:index.php");
}
$oForm = new Form();
if (isset($_POST["submit"])) {
    $oForm->data = $_POST;
    $oForm->checkRequired("CategoryName");
    $oForm->checkRequired("CategoryDesc");
    if ($oForm->valid == true) {
        $oNewCategory = new Category();
        $oNewCategory->CategoryName = $_POST["CategoryName"];
        $oNewCategory->CategoryDesc = $_POST["CategoryDesc"];
        $oNewCategory->save();
        header("Location:viewCategories.php?CategoryID=6");
        exit;
    }
}
$oForm->makeTextInput("Category Name", "CategoryName");
$oForm->makeTextInput("Category Description", "CategoryDesc");
$oForm->makeSubmit("Post");
?>
 /**
  * Gets a list of registered users
  * 
  * @param boolean  $protected  Are we displaying information in a protected area?
  * @return array
  */
 public static function getList($protected = true)
 {
     // start a place to put users
     $users = array();
     // grab a list of files that should be users
     $list = glob(Config::getConfigPath() . '/users/*.yaml');
     // did we find anything?
     if ($list) {
         // loop through what we found, grabbing Member data along the way
         foreach ($list as $name) {
             // get delimiters surrounding the username
             $slash = strrpos($name, '/') + 1;
             $dot = strrpos($name, '.');
             // parse username
             $username = substr($name, $slash, $dot - $slash);
             // protected?
             $users[$username] = $protected ? Member::load($username) : Member::getProfile($username);
         }
     }
     // return whatever we found
     return $users;
 }
Esempio n. 4
0
 }
 // check that username doesn't already exist
 if (!isset($errors['username']) && $username !== $original_username && Member::exists($username)) {
     $errors['username'] = Localization::fetch('username_already_exists');
 }
 // if no errors, make the member object, renaming if necessary
 $member = null;
 if (empty($errors)) {
     if ($is_new) {
         $member = new Member(array());
         $member->set('username', $username);
     } else {
         try {
             $member = Member::load($original_username);
             $member->rename($username);
             $member = Member::load($username);
         } catch (Exception $e) {
             $errors['username'] = $e->getMessage();
         }
     }
 }
 if ($errors) {
     // something isn't valid, no saving needed
     $admin_app->flash('error', Localization::fetch('error_form_submission'));
     Session::setFlash('member_old_values', $submission);
     Session::setFlash('member_errors', $errors);
     $admin_app->redirect($admin_app->request()->getReferrer());
     return;
 }
 // set variables
 foreach ($submission as $key => $value) {
Esempio n. 5
0
 /**
  * Gets the Member object for a given $username
  * 
  * @param string  $username  Username to look up
  * @return Member|null
  */
 public static function getMember($username)
 {
     return Member::load($username);
 }
<?php

require_once 'includes/header.php';
require_once 'includes/member.php';
require_once 'includes/view.php';
if (isset($_SESSION["MemberID"]) == false) {
    //no one logged in
    header("Location:index.php");
} else {
    //photo
    //all member details must go here
    //can we also get post and topic details?
    $oMember = new Member();
    $iMemberID = $_SESSION["MemberID"];
    $oMember->load($iMemberID);
    //echo view::renderMember($oMember);
}
?>
    <div class="profilePhoto">
        <img src="images/placeHolder.png" alt="" class="profilePicture"/>
        <a href="changePicture">Change Profile Picture</a>
    </div>
    <div>
        <?php 
echo view::renderMember($oMember);
?>
    </div>
    <div class="profileLinks">
        <a href="viewCategories.php?CategoryID=6" class="profilePage">Browse Forums</a>
        <a href="editDetails.php" class="profilePage">Edit Details</a>
    </div>
Esempio n. 7
0
 /**
  * Target for the member:profile_form form
  * 
  * @return void
  */
 public function member__update_profile()
 {
     $site_root = Config::getSiteRoot();
     $referrer = Request::getReferrer();
     $return = filter_input(INPUT_POST, 'return', FILTER_SANITIZE_URL);
     // is user logged in?
     if (!Auth::isLoggedIn()) {
         URL::redirect($this->fetchConfig('login_url', $site_root, null, false, false));
     }
     // get current user
     $member = Auth::getCurrentMember();
     // get configurations
     $allowed_fields = array_get($this->loadConfigFile('fields'), 'fields', array());
     $role_definitions = $this->fetchConfig('role_definitions');
     // who are we editing?
     $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
     $username = !$username ? $member->get('username') : $username;
     // if the user isn't the current user, ensure that's allowed
     if ($username !== $member->get('username')) {
         // username is different from current user
         if (!array_get($role_definitions, 'edit_other_users', null) || !$member->hasRole($role_definitions['edit_other_users'])) {
             // this user does not have permission to do this
             $this->flash->set('update_profile_error', 'You are not allowed to edit another member’s profile.');
             URL::redirect($referrer);
         } else {
             // all set, update member
             $member = Member::load($username);
         }
     }
     // get old values
     $old_values = $member->export();
     // set up iterators and flags
     $submission = array();
     // loop through allowed fields, validating and updating
     foreach ($allowed_fields as $field => $options) {
         if (!isset($_POST[$field])) {
             // was this username? that can be included separately
             if ($field === 'username') {
                 $value = $username;
             } else {
                 // field wasn't set, skip it
                 continue;
             }
         } else {
             // set value
             $value = filter_input(INPUT_POST, $field, FILTER_SANITIZE_STRING);
         }
         // set value
         $old_values[$field] = $value;
         // don't store this value if `save_value` is set to `false`
         if (array_get($options, 'save_value', true)) {
             $member->set($field, $value);
         }
         // add to submissions, including non-save_value fields because this
         // is the list that will be validated
         $submission[$field] = $value;
     }
     // validate
     $errors = $this->tasks->validate($submission);
     if (count($errors)) {
         // errors were found, set a flash message and redirect
         $this->flash->set('update_profile_error', 'Member profile not updated.');
         $this->flash->set('update_profile_field_errors', $errors);
         $this->flash->set('update_profile_old_values', $old_values);
         URL::redirect($referrer);
     } else {
         // save member
         $member->save();
         // trigger a hook
         $this->runHook('profile_update', 'call', null, $member);
         // user saved
         $this->flash->set('update_profile_success', 'Member profile updated.');
         if ($return) {
             URL::redirect($return);
         } else {
             URL::redirect($referrer);
         }
     }
 }
<?php

require_once 'includes/header.php';
require_once 'includes/form.php';
require_once 'includes/member.php';
$iMemberID = $_SESSION["MemberID"];
$oExisitingMember = new Member();
$oExisitingMember->load($iMemberID);
$aExisitingData = [];
$aExisitingData["MemberName"] = $oExisitingMember->MemberName;
//photo should go in here too to edit photo.
$oForm = new Form();
$oForm->data = $aExisitingData;
if (isset($_POST["submit"])) {
    $oForm->data = $_POST;
    $oForm->checkRequired("MemberName");
    //photo should go in here too to edit photo.
    if ($oForm->valid) {
        $oExisitingMember->MemberName = $_POST["MemberName"];
        $oExisitingMember->save();
        header("Location:profile.php");
    }
}
$oForm->makeTextInput("Member Name", "MemberName");
$oForm->makeSubmit("Update Details");
?>
<div class="mainBackground">
	<h3>Edit Details</h3>

	<?php 
echo $oForm->html;