public function login() { RoutingEngine::setPage("runnDAILY Login", "PV__400"); if (RoutingEngine::getInstance()->requirePermission("PV__300")) { Notification::add("You are already logged in."); Page::redirect("/"); } }
public function action_delete() { RoutingEngine::setPage("runnDAILY", "PV__300"); if (!isset($_POST["go_id"])) { Page::redirect("/goals"); } Goal::deleteGoal($_POST["go_id"]); Page::redirect("/goals"); }
public function action_elevation_add_packed() { if ($_FILES["packed_hdr"]) { move_uploaded_file($_FILES["packed_hdr"]["tmp_name"], SYSTEM_ROOT . "/elev_packed.hdr"); } if ($_FILES["packed_flt"]) { move_uploaded_file($_FILES["packed_flt"]["tmp_name"], SYSTEM_ROOT . "/elev_packed.flt"); } $region = array_safe($_POST, "region_name", "Elevation data"); Elevation::addElevationToDatabase(SYSTEM_ROOT . "/elev_packed", 1, $region); unlink(SYSTEM_ROOT . "/elev_packed.hdr"); unlink(SYSTEM_ROOT . "/elev_packed.flt"); Notification::add("Elevation data has been added"); Page::redirect("/admin/elevation"); }
function delete() { //check permissions if (!isset($_POST["e_eid"])) { Notification::add("Could not delete the event."); Page::redirect("/events"); } $event = new Event($_POST); if ($event->delete()) { Notification::add("Event was deleted."); Page::redirect("/events"); } Notification::add("Error deleting."); Page::redirect("/events"); }
public function action_create() { $group = new Group($_POST); if ($group->createGroup()) { if (isset($_FILES['img_up'])) { $updir = PUBLIC_ROOT . "/img/group/"; $path_part = pathinfo($_FILES['img_up']['name']); $upfile = $group->gid % 100 . "/" . $group->gid . "." . $path_part["extension"]; if (move_uploaded_file($_FILES['img_up']['tmp_name'], $updir . $upfile)) { if ($group->updateImage($upfile)) { Page::redirect("/group/view?gid=" . $group->gid); } } } } }
public function view_user() { RoutingEngine::setPage("runnDAILY", "PV__300"); RoutingEngine::getInstance()->registerParams("uid"); if (!isset($_GET["uid"])) { Page::redirect("/community"); } $uid = $_GET["uid"]; //$routes = Route::getRoutesForUserInArray($uid, 50); $routes = Route::sql()->select("r_id, r_name, r_distance, r_creation, r_description")->where_eq("r_uid", $uid)->orderby("r_creation")->limit(50)->execute(false, true, "r_id"); //$routes_js = json_encode_null($routes); RoutingEngine::getSmarty()->assign("routes", $routes); //RoutingEngine::getSmarty()->assign("routes_js", $routes_js); //$index_items = TrainingLog::getIndexItemsForUser($uid); $index_items = TrainingLog::sql()->select("r_name, t_rid, t_tid, t_time, t_distance, t_pace, t_date, t_comment")->leftjoin("routes", "r_id", "t_rid", false)->where_eq("t_uid", $uid)->orderby("t_date")->orderby("t_distance")->limit(50)->execute(false, true); //$json_data = TrainingLog::buildChartData($index_items); RoutingEngine::getSmarty()->assign("training_index_items", $index_items); //RoutingEngine::getSmarty()->assign("JSON_Chart_Data", $json_data); //var_dump(User::$current_user); RoutingEngine::getSmarty()->assign("user", User::fromUid($uid)); }
protected function redirect() { Page::redirect('/'); }
public function actionDelete() { RoutingEngine::setPage("Messages | runnDAILY", "PV__300"); if (!isset($_POST["msg_convo_id"])) { Page::redirect("/messages"); } $message = new Message($_POST); $read_count = Message::markConvoRead($message->convo_id); if ($read_count > 0) { Message::updateCount(User::$current_user->uid, -$read_count); User::$current_user->msg_new -= $read_count; RoutingEngine::getInstance()->persistUserData(); } $message->delete(); Page::redirect("/messages"); }
public function checkPermissions($min_perm, $redirect = true) { if (isset($this->type) && $this->type > $min_perm) { if (!$redirect) { return false; } $_SESSION["login_redirect"] = $_SERVER["REQUEST_URI"]; Page::redirect("/login"); } return true; }
public function action_copy_view() { RoutingEngine::setPage("runnDAILY Routes", "PV__300"); $route = new Route($_POST); if ($route->copy()) { Notification::add("Your route - {$route->name} - was copied."); Page::redirect("/routes/view/{$route->id}"); } Notification::add("There was an error copying the route. Try again."); Page::redirect("/routes/view/{$route->id}"); }
<?php $page = new Page("Log In"); if (isset($_POST["submit"])) { $email = $_POST["email"]; $password = $_POST["password"]; $Session->remove("error"); if ($SessionPerson->login($email, $password)) { $page->changeQuery("page", LANDING_PAGE); $page->redirect(); exit; } else { $Session->add("error", "Incorrect Username or password."); $page->redirect($page->currentURL()); } } else { $page->showHeader(); ?> <div> <?php echo $Session->get("error"); ?> </div> <form class="form-horizontal" role="form" method="post" action="<?php echo $page->currentURL(); ?> "> <div class="form-group"> </div>
function edit() { RoutingEngine::setPage("runnDAILY Edit Training Entry", "PV__300"); if (!isset($_GET["tid"])) { Notification::add("That training entry does not exist."); Page::redirect("/training"); } $tid = $_GET["tid"]; $training = TrainingLog::getItem($tid); if ($training->uid != User::$current_user->uid) { Notification::add("You are not allowed to edit that entry"); Page::redirect("/training"); } $stmt = Database::getDB()->prepare("\r\n\t\t\tSELECT t_type_id, t_type_name\r\n\t\t\tFROM training_types\r\n\t\t"); $stmt->execute(); $stmt->store_result(); $types = array(); while ($row = $stmt->fetch_assoc()) { $types[$row["t_type_id"]] = $row["t_type_name"]; } $stmt->close(); RoutingEngine::getSmarty()->assign("t_types", $types); RoutingEngine::getSmarty()->assign("t_item", $training); RoutingEngine::getSmarty()->display("training/edit.tpl"); exit; }
static function showNewPostForm($data = null, $error = null) { $user = Session::getUser(); require_once 'manager/AuthorizationManager.php'; if (!isset($_GET["type"])) { $_GET["type"] = Post::NEWS; } if (!AuthorizationManager::canUserDo(AuthorizationManager::CREATE, $_GET["type"])) { return; } //TODO redirect verso pagina di errore. $logger = Logger::getLogger(); $logger->debug("ResourceDao", $_GET["type"]); if (isset($_GET["phase"]) && $_GET["phase"] == 3) { if ($_GET["type"] == "photoreportage" && isset($_POST["numResources"])) { $data = array(); for ($i = 0; $i < $_POST["numResources"]; $i++) { $resourceID = $_POST["resourceID" . $i]; if (isset($_POST[$resourceID]) && $_POST[$resourceID] != '') { //$_POST[$resourceID] is the description $data['description'] = $_POST[$resourceID]; $rsUpdated = ResourceManager::editResource($resourceID, $data); } } Page::redirect("Edit"); } } else { if (is_null($error) && count($_POST) > 0) { $data = array(); if (isset($_POST["title"]) && trim($_POST["title"]) != "") { $data["title"] = $_POST["title"]; } else { $error = array("Inserire un titolo."); } if (isset($_POST["type"])) { $data["type"] = $_POST["type"]; } else { $error[] = "Scegliere il tipo di post da pubblicare."; } if ($data["type"] == "news") { //carico il testo del post if (isset($_POST["content"]) && trim($_POST["content"]) != "") { $data["content"] = $_POST["content"]; } else { $error[] = "Inserire un contenuto."; } //check if ther's not valid files $notvalid = 0; if (trim($_FILES["upfile"]["name"]) != "") { if ($_FILES["upfile"]["type"] == "image/gif" || $_FILES["upfile"]["type"] == "image/jpeg" || $_FILES["upfile"]["type"] == "image/png") { } else { $notvalid++; } } if ($notvalid == 0) { if (trim($_FILES["upfile"]["name"]) != "") { if ($_FILES["upfile"]["type"] == "image/gif" || $_FILES["upfile"]["type"] == "image/jpeg" || $_FILES["upfile"]["type"] == "image/png") { $fname = ResourceManager::editFileName($_FILES["upfile"]["name"]); $newsPhoto = ResourceManager::uploadPhoto($fname, $user->getNickname(), $user->getID(), $_FILES["upfile"]["tmp_name"], $_FILES["upfile"]["type"]); //prelevo l'id della risorsa appena salvata $data["photo"] = $newsPhoto->getID(); } } } else { $error[] = "Devi inserire un formato valido: .jpeg .jpg .gif oppure .png"; } } else { if ($data["type"] == "photoreportage") { $photo = array(); //check if ther's not valid files for ($i = 0, $notvalid = 0; $i < 10; $i++) { if (trim($_FILES["upfile{$i}"]["name"]) != "") { if ($_FILES["upfile{$i}"]["type"] == "image/gif" || $_FILES["upfile{$i}"]["type"] == "image/jpeg" || $_FILES["upfile{$i}"]["type"] == "image/png") { } else { $notvalid++; } } } if ($notvalid == 0) { for ($i = 0, $numphoto = 0; $i < 10; $i++) { if (trim($_FILES["upfile{$i}"]["name"]) != "") { if ($_FILES["upfile{$i}"]["type"] == "image/gif" || $_FILES["upfile{$i}"]["type"] == "image/jpeg" || $_FILES["upfile{$i}"]["type"] == "image/png") { $fname = ResourceManager::editFileName($_FILES["upfile{$i}"]["name"]); $photo[] = ResourceManager::uploadPhoto($fname, $user->getNickname(), $user->getID(), $_FILES["upfile{$i}"]["tmp_name"], $_FILES["upfile{$i}"]["type"]); $numphoto++; } } } if ($numphoto > 0) { $data["content"] = $photo; } else { $error[] = "Devi inserire almeno un'immagine"; } } else { $error[] = "Devi inserire un formato valido: .jpeg .jpg .gif oppure .png"; } } else { if ($data["type"] == "videoreportage") { if (isset($_POST["userUrl"]) && $_POST["userUrl"] != '') { $rs = ResourceManager::createResource($user->getID(), youtubeManager::getVideoID($_POST["userUrl"]), 'video'); $data['content'] = youtubeManager::getVideoID($_POST["userUrl"]); } } } } if (isset($_POST["cat"]) && is_array($_POST["cat"]) && count($_POST["cat"]) > 0) { $cat = ""; $first = true; foreach ($_POST["cat"] as $k => $c) { if ($first) { $first = false; } else { $cat .= ", "; } $cat .= $c; } $data["categories"] = $cat; } if (isset($_POST["place"]) && trim($_POST["place"]) != "") { $data["place"] = $_POST["place"]; } //if(isset($_POST["headline"]) && trim($_POST["headline"]) != "") // $data["headline"] = $_POST["headline"]; if (isset($_POST["subtitle"]) && trim($_POST["subtitle"]) != "") { $data["subtitle"] = $_POST["subtitle"]; } if (isset($_POST["tags"]) && trim($_POST["tags"]) != "") { $data["tags"] = $_POST["tags"]; } if (is_null($error) || is_array($error) && count($error) == 0) { $data["author"] = $user->getID(); //se photoreportage creo una collection if ($data["type"] == "news") { $post = PostManager::createPost($data); //se vi è una foto aggiorno la tabella PostResource if (isset($data['photo']) && $data['photo'] != "") { PostManager::setPostResource($post->getID(), $data['photo']); } } else { if ($data["type"] == "videoreportage") { $post = PostManager::createPost($data); } else { if ($data["type"] == "photoreportage" && $_GET["phase"] == 2) { //save only the resource ID not the whole object foreach ($data["content"] as &$resource) { $resource = $resource->getID(); } $post = CollectionManager::createCollection($data); } else { $post = false; } } } if ($post !== false) { echo ' <div class="message"> Notizia salvata: <a href="' . FileManager::appendToRootPath($post->getPermalink()) . '">Visualizza</a> </div>'; } } else { self::showNewPostForm($data, $error); return; } } } //echo serialize(isset($_GET["type"])) . "<br/>"; //DEBUG switch ($_GET["type"]) { case Post::COLLECTION: case Post::PHOTOREP: case Post::VIDEOREP: case Post::ALBUM: case Post::MAGAZINE: case Post::PLAYLIST: call_user_func(array("PostPage", "showNew" . $_GET["type"] . "Form"), $data, $error); break; case "videoreportage3": break; case Post::NEWS: default: self::showNewNewsForm($data, $error); } }
public function action_settings() { RoutingEngine::setPage("runnDAILY User Settings", "PV__300"); User::$current_user->refreshDetails($_POST); if (isset($_POST["u_password"])) { User::$current_user->password = md5(User::$current_user->password); } if (User::$current_user->updateUserDetails() || User::$current_user->saveAllSettings()) { Notification::add("Your settings have been updated."); } else { Notification::add("There was an error. Please try again."); } Page::redirect("/settings"); }
protected function redirect() { Page::redirect('/list/' . lcfirst($this->class)); }
$lastName = $u["last_name"]; $points = $u["points"]; $email = $u["email"]; } else { //Use Session Person :) $id = $SessionPerson->id(); $firstName = $SessionPerson->first_name(); $lastName = $SessionPerson->last_name(); $points = $SessionPerson->points(); $email = $SessionPerson->email(); } if (isset($_POST["submit"]) && $page->getQuery("sent")) { $fileName = $id . ".png"; move_uploaded_file($_FILES['avatar']['tmp_name'], ICONS_DIR . $fileName); $page->removeQuery("sent"); $page->redirect(); } else { $page->showHeader(); ?> <div class="container col-md-8"> <div class="panel-body text-center"> <?php $ua = new UserAvatar($id); echo $ua->getImage(140, 140); ?> <br/> <?php if ($id == $SessionPerson->id()) { ?>
/** * Function checks whether or not a user has the requested permission. * * @param string $perm_code Permission code * @param int $gid Group id if applicable * @param bool $redir Whether or not to redirect on a failed permission * @return bool Whether or not the user has the required permission */ public function requirePermission($perm_code = "PV__300", $gid = null, $redir = false) { if (!isset($perm_code)) { $allow = false; } else { $code = explode("__", $perm_code); $group = isset($gid) ? $gid : "site"; if (isset(User::$current_user->permissions[$group][$code[0]])) { $allow = User::$current_user->permissions[$group][$code[0]] <= $code[1]; } else { $allow = false; } } if (!$allow && $redir) { $_SESSION["login_redirect"] = $this->_request_path; Notification::add("You do not have the authentication level to view that page."); Notification::add("Once you login, you will be returned to:" . $this->_request_path); Page::redirect("/home/login"); } return $allow; }