/**
*/
public function __construct()
{
parent::__construct();
$this->_model = new Searchmembers();
$this->_view = new SearchmembersView($this->_model);
// if a stylesheet is requested (in subdir style), pipe it through
$request = PRequest::get()->request;
if (isset($request[0]) && $request[0] == 'styles') {
$req = implode('/', $request);
if (isset($_SESSION['lastRequest'])) {
PRequest::ignoreCurrentRequest();
}
$this->_view->passthroughCSS($req);
}
}
/**
* index is called when http request = ./forums
* or during a new topic/edit of a group
*/
public function index($subforum = false)
{
if (PPostHandler::isHandling()) {
return;
}
// Determine the search callback and tell the view about it
$searchCallbackId = $this->searchProcess();
$view = $this->_view;
$view->searchCallbackId = $searchCallbackId;
$page = $view->page = new RoxGenericPage();
$request = $this->request;
if (isset($request[0]) && $request[0] != 'forums') {
// if this is a ./groups url get the group number if any
if ($request[0] == "groups" && isset($request[1])) {
$IdGroup = intval($request[1]);
}
$new_request = array();
$push = false;
foreach ($request as $r) {
if ($r == 'forums' or $r == 'forum') {
$push = true;
}
if ($push == true) {
array_push($new_request, $r);
}
}
$request = $new_request;
$page = $view->page = new PageWithHTMLpart();
}
// First check if the feature is closed
if ($_SESSION["Param"]->FeatureForumClosed != 'No' and !$this->BW_Right->HasRight("Admin")) {
$this->_view->showFeatureIsClosed();
PPHP::PExit();
}
// end of test "if feature is closed"
if (APP_User::isBWLoggedIn()) {
$User = APP_User::login();
} else {
$User = false;
}
$showSticky = true;
$this->parseRequest();
// set uri for correct links in group pages etc.
$view->uri = $this->uri;
$page->uri = $this->uri;
$view->BW_Right = $this->BW_Right;
$page->BW_Right = $this->BW_Right;
$this->_model->prepareForum($showSticky);
// first include the col2-stylesheet
$page->addStyles .= $view->customStyles();
$page->currentTab = 'forums';
// then the userBar
$page->newBar .= $view->getAsString('userBar');
// we can't replace this ob_start()
if ($this->action == self::ACTION_NOT_LOGGED_IN) {
$this->_redirectNotLoggedIn();
}
ob_start();
if ($this->action == self::ACTION_VOTE_POST) {
if (!isset($request[2])) {
die("Need to have a IdPost");
}
$IdPost = $request[2];
if (!isset($request[3])) {
die("Need to have a vote value");
}
$Value = $request[3];
$this->_model->VoteForPost($IdPost, $Value);
$this->_model->setThreadId($this->_model->GetIdThread($IdPost));
$this->isTopLevel = false;
$this->_model->prepareTopic(true);
$this->_view->showTopic();
} elseif ($this->action == self::ACTION_DELETEVOTE_POST) {
if (!isset($request[2])) {
die("Need to have a IdPost");
}
$IdPost = $request[2];
$this->_model->DeleteVoteForPost($IdPost);
$this->_model->setThreadId($this->_model->GetIdThread($IdPost));
$this->isTopLevel = false;
$this->_model->prepareTopic(true);
$this->_view->showTopic();
} elseif ($this->action == self::ACTION_MODERATOR_FULLEDITPOST) {
if (!isset($request[2])) {
die("Need to have a IdPost");
}
$IdPost = $request[2];
if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) {
MOD_log::get()->write("Trying to edit post #" . $IdPost . " without proper right", "ForumModerator");
die("You miss right ForumModerator");
}
$callbackId = $this->ModeratorEditPostProcess();
$DataPost = $this->_model->prepareModeratorEditPost($IdPost);
$this->_view->showModeratorEditPost($callbackId, $DataPost);
PPostHandler::clearVars($callbackId);
} elseif ($this->action == self::ACTION_MODERATOR_EDITTAG) {
if (!isset($request[2])) {
die("Need to have a IdTag");
}
$IdTag = $request[2];
if (!$this->BW_Right->HasRight("ForumModerator", "Edit")) {
MOD_log::get()->write("Trying to edit Tag #" . $IdTag . " without proper right", "ForumModerator");
die("You miss right ForumModerator");
}
$callbackId = $this->ModeratorEditTagProcess();
$DataTag = $this->_model->prepareModeratorEditTag($IdTag);
$this->_view->showModeratorEditTag($callbackId, $DataTag);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_VIEW) {
if ($this->_model->isTopic()) {
$this->_model->prepareTopic(true);
$this->_view->showTopic();
} else {
if ($this->isTopLevel) {
$this->_model->setTopMode(Forums::CV_TOPMODE_LANDING);
$this->_model->prepareForum();
$onlymygroupscallbackId = $this->mygroupsonlyProcess();
$morelessthreadscallbackid = $this->morelessthreadsProcess();
$this->_view->showTopLevelLandingPage($onlymygroupscallbackId, $morelessthreadscallbackid);
PPostHandler::clearVars($onlymygroupscallbackId);
PPostHandler::clearVars($morelessthreadscallbackid);
} else {
$this->_model->prepareForum();
$this->_view->showForum();
}
}
} else {
if ($this->action == self::ACTION_VIEW_CATEGORY) {
$this->_view->showTopLevelCategories();
} else {
if ($this->action == self::ACTION_VIEW_LASTPOSTS) {
$callbackId = $this->mygroupsonlyProcess();
$this->_view->showTopLevelRecentPosts($callbackId);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_VIEW_LANDING) {
$callbackId = $this->mygroupsonlyProcess();
$this->_view->showTopLevelLandingPage($callbackId);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_VIEW_FORUM) {
$groupsCallback = false;
$member = $this->_model->getLoggedInMember();
if ($member && $member->Status != 'ChoiceInactive') {
$noForumNewTopicButton = false;
} else {
// Don't offer the new topic button to 'silent' members
$noForumNewTopicButton = true;
}
$this->_view->showTopLevelRecentPosts($groupsCallback, $noForumNewTopicButton);
} else {
if ($this->action == self::ACTION_VIEW_GROUPS) {
$callbackId = $this->mygroupsonlyProcess();
$this->_view->showTopLevelRecentPosts($callbackId, true);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_RULES) {
$this->_view->rules();
} else {
if ($this->action == self::ACTION_NEW) {
if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
// Test if the user has right for this, if not rough exit
MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
$words = new MOD_Words();
die($words->get('NotAllowedToPostInForum'));
}
if (!$User) {
PRequest::home();
}
if (isset($request[2]) and $request[2][0] == 'u') {
$IdGroup = substr($request[2], 1);
} else {
if (!isset($IdGroup)) {
$IdGroup = 0;
}
}
$this->_model->prepareForum();
$callbackId = $this->createProcess();
$this->_view->createTopic($callbackId, $IdGroup);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_REPORT_TO_MOD) {
if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
// Test if the user has right for this, if not rough exit
MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
$words = new MOD_Words();
die($words->get('NotAllowedToPostInForum'));
}
if (!$User) {
PRequest::home();
}
$callbackId = $this->reportpostProcess();
if (isset($request[2])) {
if ($request[2] == 'AllMyReport') {
$DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], "");
// This retrieve all the reports for the current member
$this->_view->showReportList($callbackId, $DataPost);
} elseif ($request[2] == 'MyReportActive') {
$DataPost = $this->_model->prepareReportList($_SESSION["IdMember"], "('Open','OnDiscussion')");
// This retrieve the Active current pending report for the current member
$this->_view->showReportList($callbackId, $DataPost);
} elseif ($request[2] == 'AllActiveReports') {
if (!$this->BW_Right->HasRight("ForumModerator")) {
// if a non forum moderator tries to access this just pull the brakes
PPHP::PExit();
}
$DataPost = $this->_model->prepareReportList(0, "('Open','OnDiscussion')");
// This retrieve all the current Active pending report
$this->_view->showReportList($callbackId, $DataPost);
} else {
$IdPost = $request[2];
$IdWriter = $_SESSION["IdMember"];
if (!empty($request[3]) and $this->BW_Right->HasRight("ForumModerator")) {
$IdWriter = $request[3];
}
$DataPost = $this->_model->prepareModeratorEditPost($IdPost, $this->BW_Right->HasRight('ForumModerator'));
// We will use the same data as the one used for Moderator edit
if ($DataPost->Error == 'NoGroupMember') {
// if someone who isn't a member of the associated group
// tries to access this just pull the brakes
PPHP::PExit();
}
$DataPost->Report = $this->_model->prepareReportPost($IdPost, $IdWriter);
$this->_view->showReportPost($callbackId, $DataPost);
}
PPostHandler::clearVars($callbackId);
}
} else {
if ($this->action == self::ACTION_REPLY) {
if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
// Test if teh user has right for this, if not rough exit
MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
$words = new MOD_Words();
die($words->get('NotAllowedToPostInForum'));
}
if (!$User) {
PRequest::home();
}
$this->_model->prepareForum();
$this->_model->prepareTopic();
$this->_model->initLastPosts();
$callbackId = $this->replyProcess();
$this->_view->replyTopic($callbackId);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_SUGGEST) {
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
PPHP::PExit();
}
$new_tags = $this->_model->suggestTags($request[2]);
echo $this->_view->generateClickableTagSuggestions($new_tags);
PPHP::PExit();
} else {
if ($this->action == self::ACTION_LOCATIONDROPDOWNS) {
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
PPHP::PExit();
}
echo $this->_view->getLocationDropdowns();
PPHP::PExit();
} else {
if ($this->action == self::ACTION_DELETE) {
if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
// Test if the user has right for this, if not rough exit
MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
$words = new MOD_Words();
die($words->get('NotAllowedToPostInForum'));
}
if (!$User || !$this->BW_Right->HasRight("ForumModerator", "Delete")) {
PRequest::home();
}
$this->delProcess();
} else {
if ($this->action == self::ACTION_EDIT) {
if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
// Test if the user has right for this, if not rough exit
MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
$words = new MOD_Words();
die($words->get('NotAllowedToPostInForum'));
}
if (!$User) {
PRequest::home();
}
$callbackId = $this->editProcess();
$this->_model->prepareForum();
$this->_model->getEditData($callbackId);
$this->_view->editPost($callbackId, false);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_TRANSLATE) {
if ($this->BW_Flag->hasFlag("NotAllowedToPostInForum")) {
// Test if the user has right for this, if not rough exit
MOD_log::get()->write("Forums.ctrl : Forbid to do action [" . $this->action . "] because of Flag " . "NotAllowedToPostInForum", "FlagEvent");
$words = new MOD_Words();
die($words->get('NotAllowedToPostInForum'));
}
if (!$User) {
PRequest::home();
}
$callbackId = $this->editProcess();
$this->_model->prepareForum();
$this->_model->getEditData($callbackId);
$this->_view->editPost($callbackId, true);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_MODEDIT) {
if (!$User) {
PRequest::home();
}
$callbackId = $this->editProcess();
$this->_model->prepareForum();
$this->_model->getEditData($callbackId);
$this->_view->ModeditPost($callbackId);
PPostHandler::clearVars($callbackId);
} else {
if ($this->action == self::ACTION_SEARCH_FORUMS) {
$this->_view->keyword = $request[2];
$this->_view->showSearchResultPage($request[2]);
PPostHandler::clearVars($searchCallbackId);
} else {
if ($this->action == self::ACTION_SEARCH_USERPOSTS) {
if (!isset($request[2])) {
PPHP::PExit();
}
$this->searchUserposts($request[2]);
} else {
if ($this->action == self::ACTION_SUBSCRIBE) {
if (!isset($request[2])) {
PPHP::PExit();
}
if ($request[2] == "thread") {
$this->SubscribeThread($request[3]);
}
if ($request[2] == "tag") {
$this->SubscribeTag($request[3]);
}
} else {
if ($this->action == self::ACTION_SEARCH_SUBSCRIPTION) {
/*
* Here the following syntax can be used :
* forums/subscriptions : allow current user to see his subscribtions
* forums/subscriptions/unsubscribe/thread/xxx/yyy : allow current user to unsubscribe from members_threads_subscribed.id xxx with key yyy
* forums/subscriptions/member/xxx : allow a forum moderator to see all subscribtions of member xxx
* forums/subscriptions/thread/xxx : allow a forum moderator to see all subscribers and subscribtions for thread xxx
* forums/subscribe/thread/xxx : subscribe to thread xxx
*/
$operation = "";
if (isset($request[2])) {
$operation = $request[2];
}
switch ($operation) {
case "enable":
if (isset($request[3])) {
switch ($request[3]) {
case 'thread':
$this->EnableThread($request[4]);
break;
case 'tag':
$this->EnableTag($request[4]);
break;
case 'group':
$this->EnableGroup($request[4]);
break;
}
} else {
$this->enableSubscriptions();
}
break;
case "disable":
if (isset($request[3])) {
switch ($request[3]) {
case 'tag':
$this->DisableTag($request[4]);
break;
case 'thread':
$this->DisableThread($request[4]);
break;
case 'group':
$this->DisableGroup($request[4]);
break;
}
} else {
$this->disableSubscriptions();
}
break;
case "subscribe":
if (isset($request[3]) and $request[3] == 'group') {
$this->SubscribeGroup($request[4]);
}
break;
case "unsubscribe":
switch ($request[3]) {
case 'thread':
$this->UnsubscribeThread($request[4], $request[5]);
break;
case 'tag':
$this->UnsubscribeTag($request[4], $request[5]);
break;
case 'group':
$this->UnsubscribeGroup($request[4]);
break;
}
break;
default:
$this->searchSubscriptions();
}
} else {
if (PVars::get()->debug) {
throw new PException('unexpected forum action!');
} else {
PRequest::home();
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
$page->content .= ob_get_contents();
ob_end_clean();
$page->newBar .= $view->getAsString('showCategoriesContinentsTagcloud');
$page->teaserBar .= $view->getAsString('teaser');
$page->render();
}
private function ajaxPost()
{
PRequest::ignoreCurrentRequest();
if (!($member = $this->_model->getLoggedInMember())) {
return false;
}
// Modifying a blog post using an ajax-request
if (isset($_GET['item'])) {
$id = $_GET['item'];
if ($this->_model->isUserPost($member->id, $id)) {
if (isset($_GET['title'])) {
$str = htmlentities($_GET['title'], ENT_QUOTES, "UTF-8");
if (!empty($str)) {
$this->_model->ajaxEditPost($id, $str, '');
$str2 = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str))));
echo $str2;
} else {
echo 'Can`t be empty! Click to edit!';
}
}
if (isset($_GET['text'])) {
$str = htmlentities($_GET['text'], ENT_QUOTES, "UTF-8");
$this->_model->ajaxEditPost($id, '', $str);
$str = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str))));
echo $str;
}
if (isset($_GET['geoid'])) {
$str = (int) $_GET['geoid'];
$result = $this->_model->ajaxEditPost($id, '', '', $str);
echo $result ? 'OK' : 'NO';
}
PPHP::PExit();
}
}
echo 'Error!';
PPHP::PExit();
}
/**
* Index function
*
* Currently the index consists of following possible requests:
* register - registration form to page content
* confirm - confirmation redirect to signup
*
* @param void
*/
public function index($args = false)
{
// In case Signup is closed
if (isset($_SESSION['Param']->FeatureSignupClose) && $_SESSION['Param']->FeatureSignupClose == "Yes") {
return new SignupClosedPage();
}
/*
* Enable to check against DNS Blocklists
if (MOD_dnsblock::get()->checkRemoteIp()) {
return new SignupDNSBlockPage();
}
*/
$request = $args->request;
$model = new SignupModel();
if (isset($_SESSION['IdMember']) && !MOD_right::get()->hasRight('words')) {
if (!isset($_SESSION['Username'])) {
unset($_SESSION['IdMember']);
$page = new SignupProblemPage();
} else {
$this->redirect('members/' . $_SESSION['Username']);
}
} else {
switch (isset($request[1]) ? $request[1] : '') {
// copied from TB:
// checks e-mail address for validity and availability
case 'checkemail':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($_GET['email'])) {
echo '0';
PPHP::PExit();
}
if (!PFunctions::isEmailAddress($_GET['email'])) {
echo '0';
PPHP::PExit();
}
$users = $model->takeCareForNonUniqueEmailAddress($_GET['email']);
if ($users == '') {
echo "1";
} else {
echo "0";
}
PPHP::PExit();
break;
// copied from TB: rewiewed by JeanYves
// checks Username for validity and availability
// copied from TB: rewiewed by JeanYves
// checks Username for validity and availability
case 'checkhandle':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
echo '0';
PPHP::PExit();
}
if (!preg_match(User::HANDLE_PREGEXP, $request[2])) {
echo '0';
PPHP::PExit();
}
if (strpos($request[2], 'xn--') !== false) {
// Don't allow IDN-Prefixes
echo '0';
PPHP::PExit();
}
echo (bool) (!$model->UsernameInUse($request[2]));
PPHP::PExit();
break;
case 'getRegions':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
PPHP::PExit();
}
case 'terms':
MOD_log::get()->write("Viewing terms", "Signup");
// the termsandconditions popup
$page = new SignupTermsPopup();
break;
case 'privacy':
MOD_log::get()->write("Viewing privacy", "Signup");
$page = new SignupPrivacyPopup();
break;
case 'confirm':
// or give it a different name?
// this happens when you click the link in the confirmation email
if (!isset($request[2]) || !isset($request[3]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !$model->UsernameInUse($request[2]) || !preg_match('/^[a-f0-9]{16}$/', $request[3])) {
$error = 'InvalidLink';
} else {
$error = $model->confirmSignup($request[2], $request[3]);
}
$page = new SignupMailConfirmPage();
$page->error = $error;
break;
case 'resendmail':
// shown when clicking on the link in the MailToConfirm error message
$error = '';
if (!isset($request[2])) {
$error = 'InvalidLink';
} else {
$resent = $model->resendConfirmationMail($request[2]);
if ($resent !== true) {
$error = $resent;
}
}
$page = new SignupResentMailPage();
$page->error = $error;
break;
case 'finish':
$page = new SignupFinishPage();
break;
default:
$page = new SignupPage();
$page->step = isset($request[1]) && $request[1] ? $request[1] : '1';
$StrLog = "Entering Signup step: #" . $page->step;
MOD_log::get()->write($StrLog, "Signup");
$page->model = $model;
}
}
return $page;
}
protected function index_loggedIn($args, $member_self)
{
$request = $args->request;
$myself = true;
$adminMember = false;
$rights_self = $member_self->getOldRights();
if (in_array("SafetyTeam", array_keys($rights_self)) || in_array("Admin", array_keys($rights_self)) || in_array("Profile", array_keys($rights_self))) {
$adminMember = true;
}
switch (isset($request[0]) ? $request[0] : false) {
case 'setlocation':
$page = new SetLocationPage();
break;
case 'mypreferences':
$page = new MyPreferencesPage();
break;
case 'deleteprofile':
$page = new DeleteProfilePage();
break;
case 'editmyprofile':
$page = new EditMyProfilePage();
// $member->edit_mode = true;
if (isset($request[1])) {
$this->model->set_profile_language($request[1]);
}
if (isset($request[2]) && $request[2] == 'delete') {
$page = new DeleteTranslationPage();
}
if (in_array('finish', $request)) {
$page->status = "finish";
}
break;
case 'myvisitors':
$member = $this->model->getLoggedInMember();
$showVisits = $member->getPreference('PreferenceShowProfileVisits', 'Yes');
if ($showVisits == 'Yes') {
$page = new MyVisitorsPage();
} else {
$this->redirect("members/" . $member->Username);
}
break;
case 'self':
case 'myself':
$page = new ProfilePage();
break;
case 'my':
switch (isset($request[1]) ? $request[1] : false) {
case 'preferences':
$page = new MyPreferencesPage();
break;
case 'visitors':
$page = new MyVisitorsPage();
return;
case 'messages':
$this->redirect("messages/received");
return;
case 'profile':
default:
$page = new ProfilePage();
}
break;
case 'flagcomment':
if (isset($request[1]) && isset($request[2])) {
$username = $request[1];
$commentId = $request[2];
if (isset($request[3])) {
$commentPage = $request[3];
} else {
$commentPage = $username;
}
$reportResult = $this->model->reportBadComment($username, $commentId);
if ($reportResult) {
$member = $this->model->getLoggedInMember();
$this->logWrite("{$member->Username} has reported" . " comment ID: {$commentId} on user {$username}" . " as problematic", 'comments');
$this->redirect('members/' . $commentPage . '/comments');
$notice = $this->getWords()->CommentReported;
$this->setFlashNotice($notice);
} else {
$this->redirect('');
}
} else {
$this->redirect('');
}
break;
case 'people':
case 'members':
default:
if (!isset($request[1])) {
// no member specified
$this->redirect("places");
} elseif ($request[1] == 'reportcomment') {
if (isset($request[2]) && isset($request[3]) && $this->model->getLoggedInMember()) {
$username = $request[2];
$commentId = $request[3];
$redirect = 'flagcomment/' . $username . '/' . $commentId;
// Use profile the comment was left on if available
// (needed to redirect user back to correct page)
if (isset($request[4])) {
$redirect .= '/' . $request[4];
}
// Prepare feedback data
$baseUri = PVars::getObj('env')->baseuri;
$data = array();
$data['Admin comment'] = $baseUri . 'bw/admin/admincomments.php?IdComment=' . $commentId . '&action=All';
$data['Member comment page'] = $baseUri . 'members/' . $username . '/comments';
$dataEncoded = urlencode(serialize($data));
// Redirect
$url = 'feedback?IdCategory=2&redirect=' . urlencode($redirect) . '&data=' . $dataEncoded;
$this->redirect($url);
} else {
$this->redirect('');
}
} else {
if ($request[1] == 'avatar') {
if (!isset($request[2]) || !($member = $this->getMember($request[2]))) {
PPHP::PExit();
}
PRequest::ignoreCurrentRequest();
$this->model->showAvatar($member->id);
break;
} else {
if (!($member = $this->getMember($request[1]))) {
// did not find such a member
$page = new MembersMembernotfoundPage();
} else {
//check if member can browse that profile
if (!$member->isBrowsable() && !$adminMember) {
$page = new MembersMembernotfoundPage();
break;
}
// found a member with given id or username
$myself = false;
if ($member->id == $member_self->id) {
// user is watching her own profile
$myself = true;
} else {
if ($logged_member = $this->model->getLoggedInMember() and $logged_member->isNotActiveHidden()) {
$member->recordVisit($logged_member);
}
}
switch (isset($request[2]) ? $request[2] : false) {
case 'relations':
if (isset($request[3])) {
if ($request[3] == 'add') {
if (!$myself) {
$page = new AddRelationPage();
if (isset($request[4]) && $request[4] == 'finish') {
$page->relation_wait = true;
}
}
} elseif ($request[3] == 'delete') {
// Make sure user is deleting their own relation and that ID is set
if ($myself && isset($request[4])) {
$id = intval($request[4]);
if ($id > 0) {
$deleteResult = $this->model->deleteRelation($id);
if ($deleteResult) {
$this->setFlashNotice($this->getWords()->Relation_deleted);
} else {
$this->setFlashError($this->getWords()->Relation_delete_error);
}
} else {
$this->setFlashError($this->getWords()->Relation_delete_error);
}
}
// Define redirect target
// TODO: if there is a nicer way than using $_GET, please change this
if ($_GET['redirect']) {
$redirect = $_GET['redirect'];
} else {
// Redirect to relations page or homepage
if (isset($_SESSION['Username'])) {
$redirect = 'members/' . $_SESSION['Username'] . '/relations/';
} else {
$redirect = '';
}
}
$this->redirect($redirect);
return;
}
}
// Default relations page
if (!isset($page)) {
$page = new RelationsPage();
}
break;
case 'comments':
if (!$myself && isset($request[3]) && $request[3] == 'adminedit') {
$page = new AddCommentPage();
$page->adminedit;
} elseif (!$myself && isset($request[3]) && ($request[3] == 'add' || $request[3] == 'edit')) {
$page = new AddCommentPage();
$page->commentGuidelinesRead = $this->model->getCommentGuidelinesRead();
} else {
$page = new CommentsPage();
}
break;
case 'groups':
$my_groups = $member->getGroups();
$params = new stdClass();
$params->strategy = new HalfPagePager('left');
$params->items = $my_groups;
$params->items_per_page = 10;
$pager = new PagerWidget($params);
$page = new MemberGroupsPage();
$page->my_groups = $my_groups;
$page->pager = $pager;
break;
case 'redesign':
$page = new ProfileRedesignPage();
break;
case 'adminedit':
$rights = new MOD_right();
if ($rights->hasRight('Admin') || $rights->hasRight('SafetyTeam')) {
$page = new EditMyProfilePage();
$page->adminedit = true;
$page->statuses = $this->model->getStatuses();
// $member->edit_mode = true;
if (isset($request[3]) && $request[3] == 'delete') {
$page = new DeleteTranslationPage();
}
if (in_array('finish', $request)) {
$page->status = "finish";
}
} else {
$page = new MembersMembernotfoundPage();
}
break;
case 'profile':
case '':
case false:
$hideProfile = !$myself && $member->Status == 'ChoiceInactive' && !$adminMember;
if ($hideProfile) {
$page = new InactiveProfilePage();
} else {
$page = new ProfilePage();
$page->statuses = $this->model->getStatuses();
}
break;
default:
$hideProfile = !$myself && $member->Status == 'ChoiceInactive' && !$adminMember;
if ($hideProfile) {
$page = new InactiveProfilePage();
} else {
$page = new ProfilePage();
$this->model->set_profile_language($request[2]);
$page->statuses = $this->model->getStatuses();
}
break;
}
}
}
}
}
if (!isset($member)) {
$page->member = $member_self;
} else {
if (is_object($member)) {
$page->member = $member;
}
}
if (!empty($myself)) {
$page->myself = true;
}
$page->loggedInMember = $this->model->getLoggedInMember();
$page->model = $this->model;
if ($page->member && $page->member->Status == 'PassedAway') {
$page->passedAway = true;
} else {
$page->passedAway = false;
}
return $page;
}
/**
* Index function
*
* Currently the index consists of following possible requests:
* checkemail - prints either "0" or "1" depending on e-mail validity
* checkhandle - like "checkemail" with user handle
* register - registration form to page content
*
* @param void
*/
public function index()
{
// index is called when http request = ./user
$request = PRequest::get()->request;
if (!isset($request[1])) {
$request[1] = '';
}
switch ($request[1]) {
case 'avatar':
PRequest::ignoreCurrentRequest();
if (!isset($request[2]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !($userId = $this->_model->handleInUse($request[2]))) {
PPHP::PExit();
}
$this->_view->avatar($userId);
break;
// checks e-mail address for validity and availability
// checks e-mail address for validity and availability
case 'checkemail':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($_GET['e'])) {
echo '0';
PPHP::PExit();
}
if (!PFunctions::isEmailAddress($_GET['e'])) {
echo '0';
PPHP::PExit();
}
echo (bool) (!$this->_model->emailInUse($_GET['e']));
PPHP::PExit();
break;
// checks handle for validity and availability
// checks handle for validity and availability
case 'checkhandle':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
echo '0';
PPHP::PExit();
}
if (!preg_match(User::HANDLE_PREGEXP, $request[2])) {
echo '0';
PPHP::PExit();
}
if (strpos($request[2], 'xn--') !== false) {
// Don't allow IDN-Prefixes
echo '0';
PPHP::PExit();
}
echo (bool) (!$this->_model->handleInUse($request[2]));
PPHP::PExit();
break;
// confirms a registration
// confirms a registration
case 'confirm':
if (!isset($request[2]) || !isset($request[3]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !$this->_model->handleInUse($request[2]) || !preg_match('/^[a-f0-9]{16}$/', $request[3])) {
$error = true;
} else {
if ($this->_model->confirmRegister($request[2], $request[3])) {
$error = false;
} else {
$error = true;
}
}
ob_start();
$this->_view->registerConfirm($error);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'find':
$res = $this->_model->find($_GET['q']);
ob_start();
$this->_view->searchResult($res);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'friends':
if (!($User = APP_User::login())) {
return false;
}
$friends = $this->_model->getFriends($User->getId());
ob_start();
$this->_view->friends($friends);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'logout':
$this->_model->logout();
header("Location: " . PVars::getObj('env')->baseuri);
break;
// waiting approval message
// waiting approval message
case 'waitingapproval':
// now the teaser content
ob_start();
$this->_view->ShowInfoMessage('', '');
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->teaserBar .= $str;
ob_end_clean();
// now the message content
ob_start();
$this->_view->ShowInfoMessage('WaitingForApprovalText', 'WaitingForApprovalTitle');
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'settings':
ob_start();
$this->_view->settingsForm();
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'password':
ob_start();
$this->_view->customStyles();
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->addStyles .= $str;
ob_end_clean();
// now the teaser content
ob_start();
$this->_view->teaser();
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->teaserBar .= $str;
ob_end_clean();
// now the content on the right
ob_start();
$this->_view->rightContent();
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->rContent .= $str;
ob_end_clean();
// main content
ob_start();
$this->_view->passwordForm();
$str = ob_get_contents();
$P = PVars::getObj('page');
$P->content .= $str;
ob_end_clean();
break;
default:
if (preg_match(User::HANDLE_PREGEXP, $request[1])) {
if (!isset($request[2])) {
$request[2] = '';
}
switch ($request[2]) {
case 'pic':
if (!($User = APP_User::login())) {
return false;
}
ob_start();
$picture = $this->_model->getPicture($request[1]);
$this->_view->picture($picture);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
default:
// redirects to the old bw-based profile
header("Location: " . PVars::getObj('env')->baseuri . "bw/member.php?cid=" . $request[1]);
// disabled TB-based userpage for now
/* ob_start();
$this->_view->userPage($request[1]);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str; */
break;
}
}
}
}
/**
* The index function is called by /htdocs/index.php,
* if your URL looks like this: http://[fqdn]/geo/...
* ... and by this is the entry point to your application.
*
* @param void
*/
public function index()
{
$request = PRequest::get()->request;
if (!isset($request[1])) {
$request[1] = '';
}
$matches = array();
switch ($request[1]) {
case 'countries':
// if your URL looks like this: http://[fqdn]/geo/countries
ob_start();
$this->_view->displayCountries();
// delegates output to viewer class
$Page = PVars::getObj('page');
$Page->content .= ob_get_contents();
ob_end_clean();
break;
case 'selector':
// for use as an alternative to the javascript geo-selection (popup)
$page = new GeoPopupPage($request[1]);
return $page;
break;
case 'displaylocation':
// The purpose of this request is to display the content of a specific geoplace
ob_start();
$this->_view->GeoDisplayLocation($request[2]);
// delegates output to viewer class
$Page = PVars::getObj('page');
$Page->content .= ob_get_contents();
ob_end_clean();
break;
case 'suggestLocation':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (isset($_GET['s'])) {
$request[2] = $_GET['s'];
}
if (!isset($request[3])) {
PPHP::PExit();
}
$type = false;
//set the features that should be suggested (only cities or mountains and stuff as well) -- to be improved
switch ($request[3]) {
case 'blog':
$fcode = $this->fcode_blog;
break;
case 'city':
$fcode = $this->fcode_city;
break;
default:
$fcode = $this->fcode_default;
}
$activities = false;
if (isset($request[4]) && $request[4] == 'activities') {
$activities = true;
}
// get locations from geonames. suggestLocation returns empty array
// if nothing is found.
if ($activities) {
$locations = $this->_model->suggestLocation($request[2], 45, $fcode);
} else {
$locations = $this->_model->suggestLocation($request[2], 40, $fcode);
}
echo $this->_view->generateLocationOverview($locations, $activities);
PPHP::PExit();
break;
case 'refreshgeo':
if ($_SERVER['REMOTE_ADDR'] !== '127.0.0.1') {
header("Location: http://www.bewelcome.org");
exit(0);
}
ob_start();
if (MOD_geonames::get()->getUpdate() && MOD_geonames::get()->getAltnamesUpdate()) {
ob_end_clean();
echo "success";
} else {
ob_end_clean();
echo "failure";
}
exit(0);
case 'admin':
$R = MOD_right::get();
if ($R->hasRight('Debug')) {
$usageUpdate = $this->_model->updateGeoCounters();
$page = new GeoAdminPage($request[1]);
return $page;
}
break;
}
}
/**
* Handles edits to titles and descriptions of galleries and galleryitems
*
* that the user makes through Ajaxrequests
*
* @access private
* @param string $type Indicator for Gallery ('set') or Image ('image')
**/
private function ajaxImageGallery($type)
{
$words = $this->getWords();
PRequest::ignoreCurrentRequest();
if (!($member = $this->loggedInMember)) {
return false;
}
// Modifying an IMAGE using an ajax-request
if (isset($_GET['item'])) {
$id = $_GET['item'];
if ($member->get_userId() == $this->_model->imageGalleryOwner($type, $id)) {
if (isset($_GET['title'])) {
$str = htmlentities($_GET['title'], ENT_QUOTES, "UTF-8");
if ($str === '') {
echo $words->get('GalleryCannotBeEmpty');
} else {
$this->_model->ajaxModImageGallery($type, $id, $str, '');
$str = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str))));
echo $str;
}
}
if (isset($_GET['text'])) {
$str = htmlentities($_GET['text'], ENT_QUOTES, "UTF-8");
$this->_model->ajaxModImageGallery($type, $id, '', $str);
$str = utf8_decode(addslashes(preg_replace("/\r|\n/s", "", nl2br($str))));
if ($str === '') {
echo $words->get('GalleryAddDescription');
} else {
echo $str;
}
}
PPHP::PExit();
}
}
echo 'Error!';
PPHP::PExit();
}
/**
* sets the proper header for outputting a binary image and sends the image
* shows a proper sized image
*
* @access public
* @return void
*/
public function realImg()
{
PRequest::ignoreCurrentRequest();
$vars = $this->route_vars;
if (empty($vars['group_id'])) {
PPHP::PExit();
}
$this->_model->realImg($vars['group_id']);
exit;
}
