/** */ public function __construct() { parent::__construct(); $this->_model = new Searchmembers(); $this->_view = new SearchmembersView($this->_model); // if a stylesheet is requested (in subdir style), pipe it through $request = PRequest::get()->request; if (isset($request[0]) && $request[0] == 'styles') { $req = implode('/', $request); if (isset($_SESSION['lastRequest'])) { PRequest::ignoreCurrentRequest(); } $this->_view->passthroughCSS($req); } }
/** * index is called when http request = ./forums * or during a new topic/edit of a group */ public function index($subforum = false) { if (PPostHandler::isHandling()) { return; } // Determine the search callback and tell the view about it $searchCallbackId = $this->searchProcess(); $view = $this->_view; $view->searchCallbackId = $searchCallbackId; $page = $view->page = new RoxGenericPage(); $request = $this->request; if (isset($request[0]) && $request[0] != 'forums') { // if this is a ./groups url get the group number if any if ($request[0] == "groups" && isset($request[1])) { $IdGroup = intval($request[1]); } $new_request = array(); $push = false; foreach ($request as $r) { if ($r == 'forums' or $r == 'forum') { $push = true; } if ($push == true) { array_push($new_request, $r); } } $request = $new_request; $page = $view->page = new PageWithHTMLpart(); } // First check if the feature is closed if ($_SESSION["Param"]->FeatureForumClosed != 'No' and !$this->BW_Right->HasRight("Admin")) { $this->_view->showFeatureIsClosed(); PPHP::PExit(); } // end of test "if feature is closed" if (APP_User::isBWLoggedIn()) { $User = APP_User::login(); } else { $User = false; } $showSticky = true; $this->parseRequest(); // set uri for correct links in group pages etc. $view->uri = $this->uri; $page->uri = $this->uri; $view->BW_Right = $this->BW_Right; $page->BW_Right = $this->BW_Right; $this->_model->prepareForum($showSticky); // first include the col2-stylesheet $page->addStyles .= $view->customStyles(); $page->currentTab = 'forums'; // then the userBar $page->newBar .= $view->getAsString('userBar'); // we can't replace this ob_start() if ($this->action == self::ACTION_NOT_LOGGED_IN) { $this->_redirectNotLoggedIn(); } ob_start(); if ($this->action == self::ACTION_VOTE_POST) { if (!isset($request[2])) { die("Need to have a IdPost"); } $IdPost = $request[2]; if (!isset($request[3])) { die("Need to have a vote value"); } $Value = $request[3]; $this->_model->VoteForPost($IdPost, $Value); $this->_model->setThreadId($this->_model->GetIdThread($IdPost)); $this->isTopLevel = false; $this->_model->prepareTopic(true); $this->_view->showTopic(); } elseif ($this->action == self::ACTION_DELETEVOTE_POST) { if (!isset($request[2])) { die("Need to have a IdPost"); } $IdPost = $request[2]; $this->_model->DeleteVoteForPost($IdPost); $this->_model->setThreadId($this->_model->GetIdThread($IdPost)); $this->isTopLevel = false; $this->_model->prepareTopic(true); $this->_view->showTopic(); } elseif ($this->action == self::ACTION_MODERATOR_FULLEDITPOST) { if (!isset($request[2])) { die("Need to have a IdPost"); } $IdPost = $request[2]; if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) { MOD_log::get()->write("Trying to edit post #" . $IdPost . " without proper right", "ForumModerator"); die("You miss right ForumModerator"); } $callbackId = $this->ModeratorEditPostProcess(); $DataPost = $this->_model->prepareModeratorEditPost($IdPost); $this->_view->showModeratorEditPost($callbackId, $DataPost); PPostHandler::clearVars($callbackId); } elseif ($this->action == self::ACTION_MODERATOR_EDITTAG) { if (!isset($request[2])) { die("Need to have a IdTag"); } $IdTag = $request[2]; if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) { MOD_log::get()->write("Trying to edit Tag #" . $IdTag . " without proper right", "ForumModerator"); die("You miss right ForumModerator"); } $callbackId = $this->ModeratorEditTagProcess(); $DataTag = $this->_model->prepareModeratorEditTag($IdTag); $this->_view->showModeratorEditTag($callbackId, $DataTag); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_VIEW) { if ($this->_model->isTopic()) { $this->_model->prepareTopic(true); $this->_view->showTopic(); } else { if ($this->isTopLevel) { $this->_model->setTopMode(Forums::CV_TOPMODE_LANDING); $this->_model->prepareForum(); $onlymygroupscallbackId = $this->mygroupsonlyProcess(); $morelessthreadscallbackid = $this->morelessthreadsProcess(); $this->_view->showTopLevelLandingPage($onlymygroupscallbackId, $morelessthreadscallbackid); PPostHandler::clearVars($onlymygroupscallbackId); PPostHandler::clearVars($morelessthreadscallbackid); } else { $this->_model->prepareForum(); $this->_view->showForum(); } } } else { if ($this->action == self::ACTION_VIEW_CATEGORY) { $this->_view->showTopLevelCategories(); } else { if ($this->action == self::ACTION_VIEW_LASTPOSTS) { $callbackId = $this->mygroupsonlyProcess(); $this->_view->showTopLevelRecentPosts($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_VIEW_LANDING) { $callbackId = $this->mygroupsonlyProcess(); $this->_view->showTopLevelLandingPage($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_VIEW_FORUM) { $groupsCallback = false; $member = $this->_model->getLoggedInMember(); if ($member && $member->Status != 'ChoiceInactive') { $noForumNewTopicButton = false; } else { // Don't offer the new topic button to 'silent' members $noForumNewTopicButton = true; } $this->_view->showTopLevelRecentPosts($groupsCallback, $noForumNewTopicButton); } else { if ($this->action == self::ACTION_VIEW_GROUPS) { $callbackId = $this->mygroupsonlyProcess(); $this->_view->showTopLevelRecentPosts($callbackId, true); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_RULES) { $this->_view->rules(); } else { if ($this->action == self::ACTION_NEW) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } if (isset($request[2]) and $request[2][0] == 'u') { $IdGroup = substr($request[2], 1); } else { if (!isset($IdGroup)) { $IdGroup = 0; } } $this->_model->prepareForum(); $callbackId = $this->createProcess(); $this->_view->createTopic($callbackId, $IdGroup); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_REPORT_TO_MOD) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $callbackId = $this->reportpostProcess(); if (isset($request[2])) { if ($request[2] == 'AllMyReport') { $DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], ""); // This retrieve all the reports for the current member $this->_view->showReportList($callbackId, $DataPost); } elseif ($request[2] == 'MyReportActive') { $DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], "('Open','OnDiscussion')"); // This retrieve the Active current pending report for the current member $this->_view->showReportList($callbackId, $DataPost); } elseif ($request[2] == 'AllActiveReports') { if (!$this->BW_Right->HasRight("ForumModerator")) { // if a non forum moderator tries to access this just pull the brakes PPHP::PExit(); } $DataPost = $this->_model->prepareReportList(0, "('Open','OnDiscussion')"); // This retrieve all the current Active pending report $this->_view->showReportList($callbackId, $DataPost); } else { $IdPost = $request[2]; $IdWriter = $_SESSION["IdMember"]; if (!empty($request[3]) and $this->BW_Right->HasRight("ForumModerator")) { $IdWriter = $request[3]; } $DataPost = $this->_model->prepareModeratorEditPost($IdPost, $this->BW_Right->HasRight('ForumModerator')); // We will use the same data as the one used for Moderator edit if ($DataPost->Error == 'NoGroupMember') { // if someone who isn't a member of the associated group // tries to access this just pull the brakes PPHP::PExit(); } $DataPost->Report = $this->_model->prepareReportPost($IdPost, $IdWriter); $this->_view->showReportPost($callbackId, $DataPost); } PPostHandler::clearVars($callbackId); } } else { if ($this->action == self::ACTION_REPLY) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if teh user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $this->_model->prepareForum(); $this->_model->prepareTopic(); $this->_model->initLastPosts(); $callbackId = $this->replyProcess(); $this->_view->replyTopic($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_SUGGEST) { // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { PPHP::PExit(); } $new_tags = $this->_model->suggestTags($request[2]); echo $this->_view->generateClickableTagSuggestions($new_tags); PPHP::PExit(); } else { if ($this->action == self::ACTION_LOCATIONDROPDOWNS) { // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { PPHP::PExit(); } echo $this->_view->getLocationDropdowns(); PPHP::PExit(); } else { if ($this->action == self::ACTION_DELETE) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User || !$this->BW_Right->HasRight("ForumModerator", "Delete")) { PRequest::home(); } $this->delProcess(); } else { if ($this->action == self::ACTION_EDIT) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $callbackId = $this->editProcess(); $this->_model->prepareForum(); $this->_model->getEditData($callbackId); $this->_view->editPost($callbackId, false); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_TRANSLATE) { if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) { // Test if the user has right for this, if not rough exit MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent"); $words = new MOD_Words(); die($words->get('NotAllowedToPostInForum')); } if (!$User) { PRequest::home(); } $callbackId = $this->editProcess(); $this->_model->prepareForum(); $this->_model->getEditData($callbackId); $this->_view->editPost($callbackId, true); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_MODEDIT) { if (!$User) { PRequest::home(); } $callbackId = $this->editProcess(); $this->_model->prepareForum(); $this->_model->getEditData($callbackId); $this->_view->ModeditPost($callbackId); PPostHandler::clearVars($callbackId); } else { if ($this->action == self::ACTION_SEARCH_FORUMS) { $this->_view->keyword = $request[2]; $this->_view->showSearchResultPage($request[2]); PPostHandler::clearVars($searchCallbackId); } else { if ($this->action == self::ACTION_SEARCH_USERPOSTS) { if (!isset($request[2])) { PPHP::PExit(); } $this->searchUserposts($request[2]); } else { if ($this->action == self::ACTION_SUBSCRIBE) { if (!isset($request[2])) { PPHP::PExit(); } if ($request[2] == "thread") { $this->SubscribeThread($request[3]); } if ($request[2] == "tag") { $this->SubscribeTag($request[3]); } } else { if ($this->action == self::ACTION_SEARCH_SUBSCRIPTION) { /* * Here the following syntax can be used : * forums/subscriptions : allow current user to see his subscribtions * forums/subscriptions/unsubscribe/thread/xxx/yyy : allow current user to unsubscribe from members_threads_subscribed.id xxx with key yyy * forums/subscriptions/member/xxx : allow a forum moderator to see all subscribtions of member xxx * forums/subscriptions/thread/xxx : allow a forum moderator to see all subscribers and subscribtions for thread xxx * forums/subscribe/thread/xxx : subscribe to thread xxx */ $operation = ""; if (isset($request[2])) { $operation = $request[2]; } switch ($operation) { case "enable": if (isset($request[3])) { switch ($request[3]) { case 'thread': $this->EnableThread($request[4]); break; case 'tag': $this->EnableTag($request[4]); break; case 'group': $this->EnableGroup($request[4]); break; } } else { $this->enableSubscriptions(); } break; case "disable": if (isset($request[3])) { switch ($request[3]) { case 'tag': $this->DisableTag($request[4]); break; case 'thread': $this->DisableThread($request[4]); break; case 'group': $this->DisableGroup($request[4]); break; } } else { $this->disableSubscriptions(); } break; case "subscribe": if (isset($request[3]) and $request[3] == 'group') { $this->SubscribeGroup($request[4]); } break; case "unsubscribe": switch ($request[3]) { case 'thread': $this->UnsubscribeThread($request[4], $request[5]); break; case 'tag': $this->UnsubscribeTag($request[4], $request[5]); break; case 'group': $this->UnsubscribeGroup($request[4]); break; } break; default: $this->searchSubscriptions(); } } else { if (PVars::get()->debug) { throw new PException('unexpected forum action!'); } else { PRequest::home(); } } } } } } } } } } } } } } } } } } } } } } $page->content .= ob_get_contents(); ob_end_clean(); $page->newBar .= $view->getAsString('showCategoriesContinentsTagcloud'); $page->teaserBar .= $view->getAsString('teaser'); $page->render(); }
private function ajaxPost() { PRequest::ignoreCurrentRequest(); if (!($member = $this->_model->getLoggedInMember())) { return false; } // Modifying a blog post using an ajax-request if (isset($_GET['item'])) { $id = $_GET['item']; if ($this->_model->isUserPost($member->id, $id)) { if (isset($_GET['title'])) { $str = htmlentities($_GET['title'], ENT_QUOTES, "UTF-8"); if (!empty($str)) { $this->_model->ajaxEditPost($id, $str, ''); $str2 = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str)))); echo $str2; } else { echo 'Can`t be empty! Click to edit!'; } } if (isset($_GET['text'])) { $str = htmlentities($_GET['text'], ENT_QUOTES, "UTF-8"); $this->_model->ajaxEditPost($id, '', $str); $str = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str)))); echo $str; } if (isset($_GET['geoid'])) { $str = (int) $_GET['geoid']; $result = $this->_model->ajaxEditPost($id, '', '', $str); echo $result ? 'OK' : 'NO'; } PPHP::PExit(); } } echo 'Error!'; PPHP::PExit(); }
/** * Index function * * Currently the index consists of following possible requests: * register - registration form to page content * confirm - confirmation redirect to signup * * @param void */ public function index($args = false) { // In case Signup is closed if (isset($_SESSION['Param']->FeatureSignupClose) && $_SESSION['Param']->FeatureSignupClose == "Yes") { return new SignupClosedPage(); } /* * Enable to check against DNS Blocklists if (MOD_dnsblock::get()->checkRemoteIp()) { return new SignupDNSBlockPage(); } */ $request = $args->request; $model = new SignupModel(); if (isset($_SESSION['IdMember']) && !MOD_right::get()->hasRight('words')) { if (!isset($_SESSION['Username'])) { unset($_SESSION['IdMember']); $page = new SignupProblemPage(); } else { $this->redirect('members/' . $_SESSION['Username']); } } else { switch (isset($request[1]) ? $request[1] : '') { // copied from TB: // checks e-mail address for validity and availability case 'checkemail': // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($_GET['email'])) { echo '0'; PPHP::PExit(); } if (!PFunctions::isEmailAddress($_GET['email'])) { echo '0'; PPHP::PExit(); } $users = $model->takeCareForNonUniqueEmailAddress($_GET['email']); if ($users == '') { echo "1"; } else { echo "0"; } PPHP::PExit(); break; // copied from TB: rewiewed by JeanYves // checks Username for validity and availability // copied from TB: rewiewed by JeanYves // checks Username for validity and availability case 'checkhandle': // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { echo '0'; PPHP::PExit(); } if (!preg_match(User::HANDLE_PREGEXP, $request[2])) { echo '0'; PPHP::PExit(); } if (strpos($request[2], 'xn--') !== false) { // Don't allow IDN-Prefixes echo '0'; PPHP::PExit(); } echo (bool) (!$model->UsernameInUse($request[2])); PPHP::PExit(); break; case 'getRegions': // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { PPHP::PExit(); } case 'terms': MOD_log::get()->write("Viewing terms", "Signup"); // the termsandconditions popup $page = new SignupTermsPopup(); break; case 'privacy': MOD_log::get()->write("Viewing privacy", "Signup"); $page = new SignupPrivacyPopup(); break; case 'confirm': // or give it a different name? // this happens when you click the link in the confirmation email if (!isset($request[2]) || !isset($request[3]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !$model->UsernameInUse($request[2]) || !preg_match('/^[a-f0-9]{16}$/', $request[3])) { $error = 'InvalidLink'; } else { $error = $model->confirmSignup($request[2], $request[3]); } $page = new SignupMailConfirmPage(); $page->error = $error; break; case 'resendmail': // shown when clicking on the link in the MailToConfirm error message $error = ''; if (!isset($request[2])) { $error = 'InvalidLink'; } else { $resent = $model->resendConfirmationMail($request[2]); if ($resent !== true) { $error = $resent; } } $page = new SignupResentMailPage(); $page->error = $error; break; case 'finish': $page = new SignupFinishPage(); break; default: $page = new SignupPage(); $page->step = isset($request[1]) && $request[1] ? $request[1] : '1'; $StrLog = "Entering Signup step: #" . $page->step; MOD_log::get()->write($StrLog, "Signup"); $page->model = $model; } } return $page; }
protected function index_loggedIn($args, $member_self) { $request = $args->request; $myself = true; $adminMember = false; $rights_self = $member_self->getOldRights(); if (in_array("SafetyTeam", array_keys($rights_self)) || in_array("Admin", array_keys($rights_self)) || in_array("Profile", array_keys($rights_self))) { $adminMember = true; } switch (isset($request[0]) ? $request[0] : false) { case 'setlocation': $page = new SetLocationPage(); break; case 'mypreferences': $page = new MyPreferencesPage(); break; case 'deleteprofile': $page = new DeleteProfilePage(); break; case 'editmyprofile': $page = new EditMyProfilePage(); // $member->edit_mode = true; if (isset($request[1])) { $this->model->set_profile_language($request[1]); } if (isset($request[2]) && $request[2] == 'delete') { $page = new DeleteTranslationPage(); } if (in_array('finish', $request)) { $page->status = "finish"; } break; case 'myvisitors': $member = $this->model->getLoggedInMember(); $showVisits = $member->getPreference('PreferenceShowProfileVisits', 'Yes'); if ($showVisits == 'Yes') { $page = new MyVisitorsPage(); } else { $this->redirect("members/" . $member->Username); } break; case 'self': case 'myself': $page = new ProfilePage(); break; case 'my': switch (isset($request[1]) ? $request[1] : false) { case 'preferences': $page = new MyPreferencesPage(); break; case 'visitors': $page = new MyVisitorsPage(); return; case 'messages': $this->redirect("messages/received"); return; case 'profile': default: $page = new ProfilePage(); } break; case 'flagcomment': if (isset($request[1]) && isset($request[2])) { $username = $request[1]; $commentId = $request[2]; if (isset($request[3])) { $commentPage = $request[3]; } else { $commentPage = $username; } $reportResult = $this->model->reportBadComment($username, $commentId); if ($reportResult) { $member = $this->model->getLoggedInMember(); $this->logWrite("{$member->Username} has reported" . " comment ID: {$commentId} on user {$username}" . " as problematic", 'comments'); $this->redirect('members/' . $commentPage . '/comments'); $notice = $this->getWords()->CommentReported; $this->setFlashNotice($notice); } else { $this->redirect(''); } } else { $this->redirect(''); } break; case 'people': case 'members': default: if (!isset($request[1])) { // no member specified $this->redirect("places"); } elseif ($request[1] == 'reportcomment') { if (isset($request[2]) && isset($request[3]) && $this->model->getLoggedInMember()) { $username = $request[2]; $commentId = $request[3]; $redirect = 'flagcomment/' . $username . '/' . $commentId; // Use profile the comment was left on if available // (needed to redirect user back to correct page) if (isset($request[4])) { $redirect .= '/' . $request[4]; } // Prepare feedback data $baseUri = PVars::getObj('env')->baseuri; $data = array(); $data['Admin comment'] = $baseUri . 'bw/admin/admincomments.php?IdComment=' . $commentId . '&action=All'; $data['Member comment page'] = $baseUri . 'members/' . $username . '/comments'; $dataEncoded = urlencode(serialize($data)); // Redirect $url = 'feedback?IdCategory=2&redirect=' . urlencode($redirect) . '&data=' . $dataEncoded; $this->redirect($url); } else { $this->redirect(''); } } else { if ($request[1] == 'avatar') { if (!isset($request[2]) || !($member = $this->getMember($request[2]))) { PPHP::PExit(); } PRequest::ignoreCurrentRequest(); $this->model->showAvatar($member->id); break; } else { if (!($member = $this->getMember($request[1]))) { // did not find such a member $page = new MembersMembernotfoundPage(); } else { //check if member can browse that profile if (!$member->isBrowsable() && !$adminMember) { $page = new MembersMembernotfoundPage(); break; } // found a member with given id or username $myself = false; if ($member->id == $member_self->id) { // user is watching her own profile $myself = true; } else { if ($logged_member = $this->model->getLoggedInMember() and $logged_member->isNotActiveHidden()) { $member->recordVisit($logged_member); } } switch (isset($request[2]) ? $request[2] : false) { case 'relations': if (isset($request[3])) { if ($request[3] == 'add') { if (!$myself) { $page = new AddRelationPage(); if (isset($request[4]) && $request[4] == 'finish') { $page->relation_wait = true; } } } elseif ($request[3] == 'delete') { // Make sure user is deleting their own relation and that ID is set if ($myself && isset($request[4])) { $id = intval($request[4]); if ($id > 0) { $deleteResult = $this->model->deleteRelation($id); if ($deleteResult) { $this->setFlashNotice($this->getWords()->Relation_deleted); } else { $this->setFlashError($this->getWords()->Relation_delete_error); } } else { $this->setFlashError($this->getWords()->Relation_delete_error); } } // Define redirect target // TODO: if there is a nicer way than using $_GET, please change this if ($_GET['redirect']) { $redirect = $_GET['redirect']; } else { // Redirect to relations page or homepage if (isset($_SESSION['Username'])) { $redirect = 'members/' . $_SESSION['Username'] . '/relations/'; } else { $redirect = ''; } } $this->redirect($redirect); return; } } // Default relations page if (!isset($page)) { $page = new RelationsPage(); } break; case 'comments': if (!$myself && isset($request[3]) && $request[3] == 'adminedit') { $page = new AddCommentPage(); $page->adminedit; } elseif (!$myself && isset($request[3]) && ($request[3] == 'add' || $request[3] == 'edit')) { $page = new AddCommentPage(); $page->commentGuidelinesRead = $this->model->getCommentGuidelinesRead(); } else { $page = new CommentsPage(); } break; case 'groups': $my_groups = $member->getGroups(); $params = new stdClass(); $params->strategy = new HalfPagePager('left'); $params->items = $my_groups; $params->items_per_page = 10; $pager = new PagerWidget($params); $page = new MemberGroupsPage(); $page->my_groups = $my_groups; $page->pager = $pager; break; case 'redesign': $page = new ProfileRedesignPage(); break; case 'adminedit': $rights = new MOD_right(); if ($rights->hasRight('Admin') || $rights->hasRight('SafetyTeam')) { $page = new EditMyProfilePage(); $page->adminedit = true; $page->statuses = $this->model->getStatuses(); // $member->edit_mode = true; if (isset($request[3]) && $request[3] == 'delete') { $page = new DeleteTranslationPage(); } if (in_array('finish', $request)) { $page->status = "finish"; } } else { $page = new MembersMembernotfoundPage(); } break; case 'profile': case '': case false: $hideProfile = !$myself && $member->Status == 'ChoiceInactive' && !$adminMember; if ($hideProfile) { $page = new InactiveProfilePage(); } else { $page = new ProfilePage(); $page->statuses = $this->model->getStatuses(); } break; default: $hideProfile = !$myself && $member->Status == 'ChoiceInactive' && !$adminMember; if ($hideProfile) { $page = new InactiveProfilePage(); } else { $page = new ProfilePage(); $this->model->set_profile_language($request[2]); $page->statuses = $this->model->getStatuses(); } break; } } } } } if (!isset($member)) { $page->member = $member_self; } else { if (is_object($member)) { $page->member = $member; } } if (!empty($myself)) { $page->myself = true; } $page->loggedInMember = $this->model->getLoggedInMember(); $page->model = $this->model; if ($page->member && $page->member->Status == 'PassedAway') { $page->passedAway = true; } else { $page->passedAway = false; } return $page; }
/** * Index function * * Currently the index consists of following possible requests: * checkemail - prints either "0" or "1" depending on e-mail validity * checkhandle - like "checkemail" with user handle * register - registration form to page content * * @param void */ public function index() { // index is called when http request = ./user $request = PRequest::get()->request; if (!isset($request[1])) { $request[1] = ''; } switch ($request[1]) { case 'avatar': PRequest::ignoreCurrentRequest(); if (!isset($request[2]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !($userId = $this->_model->handleInUse($request[2]))) { PPHP::PExit(); } $this->_view->avatar($userId); break; // checks e-mail address for validity and availability // checks e-mail address for validity and availability case 'checkemail': // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($_GET['e'])) { echo '0'; PPHP::PExit(); } if (!PFunctions::isEmailAddress($_GET['e'])) { echo '0'; PPHP::PExit(); } echo (bool) (!$this->_model->emailInUse($_GET['e'])); PPHP::PExit(); break; // checks handle for validity and availability // checks handle for validity and availability case 'checkhandle': // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (!isset($request[2])) { echo '0'; PPHP::PExit(); } if (!preg_match(User::HANDLE_PREGEXP, $request[2])) { echo '0'; PPHP::PExit(); } if (strpos($request[2], 'xn--') !== false) { // Don't allow IDN-Prefixes echo '0'; PPHP::PExit(); } echo (bool) (!$this->_model->handleInUse($request[2])); PPHP::PExit(); break; // confirms a registration // confirms a registration case 'confirm': if (!isset($request[2]) || !isset($request[3]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !$this->_model->handleInUse($request[2]) || !preg_match('/^[a-f0-9]{16}$/', $request[3])) { $error = true; } else { if ($this->_model->confirmRegister($request[2], $request[3])) { $error = false; } else { $error = true; } } ob_start(); $this->_view->registerConfirm($error); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; break; case 'find': $res = $this->_model->find($_GET['q']); ob_start(); $this->_view->searchResult($res); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; break; case 'friends': if (!($User = APP_User::login())) { return false; } $friends = $this->_model->getFriends($User->getId()); ob_start(); $this->_view->friends($friends); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; break; case 'logout': $this->_model->logout(); header("Location: " . PVars::getObj('env')->baseuri); break; // waiting approval message // waiting approval message case 'waitingapproval': // now the teaser content ob_start(); $this->_view->ShowInfoMessage('', ''); $str = ob_get_contents(); $Page = PVars::getObj('page'); $Page->teaserBar .= $str; ob_end_clean(); // now the message content ob_start(); $this->_view->ShowInfoMessage('WaitingForApprovalText', 'WaitingForApprovalTitle'); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; break; case 'settings': ob_start(); $this->_view->settingsForm(); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; break; case 'password': ob_start(); $this->_view->customStyles(); $str = ob_get_contents(); $Page = PVars::getObj('page'); $Page->addStyles .= $str; ob_end_clean(); // now the teaser content ob_start(); $this->_view->teaser(); $str = ob_get_contents(); $Page = PVars::getObj('page'); $Page->teaserBar .= $str; ob_end_clean(); // now the content on the right ob_start(); $this->_view->rightContent(); $str = ob_get_contents(); $Page = PVars::getObj('page'); $Page->rContent .= $str; ob_end_clean(); // main content ob_start(); $this->_view->passwordForm(); $str = ob_get_contents(); $P = PVars::getObj('page'); $P->content .= $str; ob_end_clean(); break; default: if (preg_match(User::HANDLE_PREGEXP, $request[1])) { if (!isset($request[2])) { $request[2] = ''; } switch ($request[2]) { case 'pic': if (!($User = APP_User::login())) { return false; } ob_start(); $picture = $this->_model->getPicture($request[1]); $this->_view->picture($picture); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; break; default: // redirects to the old bw-based profile header("Location: " . PVars::getObj('env')->baseuri . "bw/member.php?cid=" . $request[1]); // disabled TB-based userpage for now /* ob_start(); $this->_view->userPage($request[1]); $str = ob_get_contents(); ob_end_clean(); $P = PVars::getObj('page'); $P->content .= $str; */ break; } } } }
/** * The index function is called by /htdocs/index.php, * if your URL looks like this: http://[fqdn]/geo/... * ... and by this is the entry point to your application. * * @param void */ public function index() { $request = PRequest::get()->request; if (!isset($request[1])) { $request[1] = ''; } $matches = array(); switch ($request[1]) { case 'countries': // if your URL looks like this: http://[fqdn]/geo/countries ob_start(); $this->_view->displayCountries(); // delegates output to viewer class $Page = PVars::getObj('page'); $Page->content .= ob_get_contents(); ob_end_clean(); break; case 'selector': // for use as an alternative to the javascript geo-selection (popup) $page = new GeoPopupPage($request[1]); return $page; break; case 'displaylocation': // The purpose of this request is to display the content of a specific geoplace ob_start(); $this->_view->GeoDisplayLocation($request[2]); // delegates output to viewer class $Page = PVars::getObj('page'); $Page->content .= ob_get_contents(); ob_end_clean(); break; case 'suggestLocation': // ignore current request, so we can use the last request PRequest::ignoreCurrentRequest(); if (isset($_GET['s'])) { $request[2] = $_GET['s']; } if (!isset($request[3])) { PPHP::PExit(); } $type = false; //set the features that should be suggested (only cities or mountains and stuff as well) -- to be improved switch ($request[3]) { case 'blog': $fcode = $this->fcode_blog; break; case 'city': $fcode = $this->fcode_city; break; default: $fcode = $this->fcode_default; } $activities = false; if (isset($request[4]) && $request[4] == 'activities') { $activities = true; } // get locations from geonames. suggestLocation returns empty array // if nothing is found. if ($activities) { $locations = $this->_model->suggestLocation($request[2], 45, $fcode); } else { $locations = $this->_model->suggestLocation($request[2], 40, $fcode); } echo $this->_view->generateLocationOverview($locations, $activities); PPHP::PExit(); break; case 'refreshgeo': if ($_SERVER['REMOTE_ADDR'] !== '127.0.0.1') { header("Location: http://www.bewelcome.org"); exit(0); } ob_start(); if (MOD_geonames::get()->getUpdate() && MOD_geonames::get()->getAltnamesUpdate()) { ob_end_clean(); echo "success"; } else { ob_end_clean(); echo "failure"; } exit(0); case 'admin': $R = MOD_right::get(); if ($R->hasRight('Debug')) { $usageUpdate = $this->_model->updateGeoCounters(); $page = new GeoAdminPage($request[1]); return $page; } break; } }
/** * Handles edits to titles and descriptions of galleries and galleryitems * * that the user makes through Ajaxrequests * * @access private * @param string $type Indicator for Gallery ('set') or Image ('image') **/ private function ajaxImageGallery($type) { $words = $this->getWords(); PRequest::ignoreCurrentRequest(); if (!($member = $this->loggedInMember)) { return false; } // Modifying an IMAGE using an ajax-request if (isset($_GET['item'])) { $id = $_GET['item']; if ($member->get_userId() == $this->_model->imageGalleryOwner($type, $id)) { if (isset($_GET['title'])) { $str = htmlentities($_GET['title'], ENT_QUOTES, "UTF-8"); if ($str === '') { echo $words->get('GalleryCannotBeEmpty'); } else { $this->_model->ajaxModImageGallery($type, $id, $str, ''); $str = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str)))); echo $str; } } if (isset($_GET['text'])) { $str = htmlentities($_GET['text'], ENT_QUOTES, "UTF-8"); $this->_model->ajaxModImageGallery($type, $id, '', $str); $str = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str)))); if ($str === '') { echo $words->get('GalleryAddDescription'); } else { echo $str; } } PPHP::PExit(); } } echo 'Error!'; PPHP::PExit(); }
/** * sets the proper header for outputting a binary image and sends the image * shows a proper sized image * * @access public * @return void */ public function realImg() { PRequest::ignoreCurrentRequest(); $vars = $this->route_vars; if (empty($vars['group_id'])) { PPHP::PExit(); } $this->_model->realImg($vars['group_id']); exit; }