function Websites_seo_post()
{
if (empty($_REQUEST['streamName'])) {
throw new Q_Exception_RequiredField(array('field' => 'streamName'));
}
$prefix = "Websites/seo/";
if (substr($_REQUEST['streamName'], 0, strlen($prefix)) !== $prefix) {
throw new Q_Exception_WrongValue(array('field' => 'streamName', 'range' => "string beginning with {$prefix}"));
}
$user = Users::loggedInUser(true);
$publisherId = Users::communityId();
$type = "Websites/seo";
if (!Streams::isAuthorizedToCreate($user->id, $publisherId, $type)) {
throw new Users_Exception_NotAuthorized();
}
$stream = new Streams_Stream($publisherId);
$stream->publisherId = $publisherId;
$stream->name = $_REQUEST['streamName'];
$stream->type = $type;
if (isset($_REQUEST['uri'])) {
$stream->setAttribute('uri', $_REQUEST['uri']);
}
$stream->save();
$stream->post($user->id, array('type' => 'Streams/created', 'content' => '', 'instructions' => Q::json_encode($stream->toArray())), true);
$stream->subscribe();
// autosubscribe to streams you yourself create, using templates
Q_Response::setSlot('stream', $stream->exportArray());
}
function Users_activate_response()
{
$content = Q::event('Users/activate/response/content');
Q_Response::setSlot('content', $content);
Q_Response::setSlot('column0', $content);
// for SmartApp
}
/**
* Adds a label to the system. Fills the "label" (and possibly "icon") slot.
* @param {array} $_REQUEST
* @param {string} $_REQUEST.title The title of the label
* @param {string} [$_REQUEST.label] You can override the label to use
* @param {string} [$_REQUEST.icon] Optional path to an icon
* @param {string} [$_REQUEST.userId=Users::loggedInUser(true)->id] You can override the user id, if another plugin adds a hook that allows you to do this
*/
function Users_label_post($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Request::requireFields(array('title'), $req, true);
$loggedInUserId = Users::loggedInUser(true)->id;
$userId = Q::ifset($req, 'userId', $loggedInUserId);
$icon = Q::ifset($req, 'icon', null);
$title = $req['title'];
$l = Q::ifset($req, 'label', 'Users/' . Q_Utils::normalize($title));
Users::canManageLabels($loggedInUserId, $userId, $l, true);
$label = new Users_Label();
$label->userId = $userId;
$label->label = $l;
if ($label->retrieve()) {
throw new Users_Exception_LabelExists();
}
$label->title = $title;
if (is_array($icon)) {
// Process any icon that was posted
$icon['path'] = 'uploads/Users';
$icon['subpath'] = "{$userId}/label/{$label}/icon";
$data = Q::event("Q/image/post", $icon);
Q_Response::setSlot('icon', $data);
$label->icon = Q_Request::baseUrl() . '/' . $data[''];
} else {
$label->icon = 'default';
}
$label->save();
Q_Response::setSlot('label', $label->exportArray());
}
/**
* Used to create a new stream
*
* @param {array} $_REQUEST
* @param {String} [$_REQUEST.title] Required. The title of the interest.
* @param {String} [$_REQUEST.publisherId] Optional. Defaults to the app name.
* @return {void}
*/
function Streams_interest_delete()
{
$user = Users::loggedInUser(true);
$title = Q::ifset($_REQUEST, 'title', null);
if (!isset($title)) {
throw new Q_Exception_RequiredField(array('field' => 'title'));
}
$app = Q_Config::expect('Q', 'app');
$publisherId = Q::ifset($_REQUEST, 'publisherId', $app);
$name = 'Streams/interest/' . Q_Utils::normalize($title);
$stream = Streams::fetchOne(null, $publisherId, $name);
if (!$stream) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => Q::json_encode(compact('publisherId', 'name'))));
}
$miPublisherId = $user->id;
$miName = 'Streams/user/interests';
$myInterests = Streams::fetchOne($user->id, $miPublisherId, $miName);
if (!$myInterests) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => Q::json_encode(array('publisherId' => $miPublisherId, 'name' => $miName))));
}
$stream->leave();
Streams::unrelate($user->id, $user->id, 'Streams/user/interests', 'Streams/interest', $publisherId, $name, array('adjustWeights' => true));
Q_Response::setSlot('publisherId', $publisherId);
Q_Response::setSlot('streamName', $name);
/**
* Occurs when the logged-in user has successfully removed an interest via HTTP
* @event Streams/interest/delete {after}
* @param {string} publisherId The publisher of the interest stream
* @param {string} title The title of the interest
* @param {Users_User} user The logged-in user
* @param {Streams_Stream} stream The interest stream
* @param {Streams_Stream} myInterests The user's "Streams/user/interests" stream
*/
Q::event("Streams/interest/remove", compact('publisherId', 'title', 'subscribe', 'user', 'stream', 'myInterests'), 'after');
}
/**
* Edits a label in the system. Fills the "label" (and possibly "icon") slot.
* @param {array} $_REQUEST
* @param {string} $_REQUEST.label The label
* @param {string} [$_REQUEST.title] The title of the label
* @param {string} [$_REQUEST.icon] Optional path to an icon
* @param {string} [$_REQUEST.userId=Users::loggedInUser(true)->id] You can override the user id, if another plugin adds a hook that allows you to do this
*/
function Users_label_put($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Request::requireFields(array('label'), $req, true);
$loggedInUserId = Users::loggedInUser(true)->id;
$userId = Q::ifset($req, 'userId', $loggedInUserId);
$l = $req['label'];
$icon = Q::ifset($req, 'icon', null);
$title = Q::ifset($req, 'title', null);
Users::canManageLabels($loggedInUserId, $userId, $l, true);
$label = new Users_Label();
$label->userId = $userId;
$label->label = $l;
if (!$label->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'Label', 'criteria' => json_encode($label->fields)));
}
if (isset($title)) {
$label->title = $title;
}
if (is_array($icon)) {
// Process any icon data
$icon['path'] = 'uploads/Users';
$icon['subpath'] = "{$userId}/label/{$label}/icon";
$data = Q::event("Q/image/post", $icon);
Q_Response::setSlot('icon', $data);
$label->icon = Q_Request::baseUrl() . '/' . $data[''];
}
$label->save();
Q_Response::setSlot('label', $label->exportArray());
}
/**
* Used to create a new relation
*
* @param array $_REQUEST
* toPublisherId, toStreamName, type
* fromPublisherId, fromStreamName, weight
* @return {void}
*/
function Streams_related_post($params)
{
$user = Users::loggedInUser(true);
$asUserId = $user->id;
$toPublisherId = $_REQUEST['toPublisherId'];
$toStreamName = $_REQUEST['toStreamName'];
$type = $_REQUEST['type'];
$fromPublisherId = $_REQUEST['fromPublisherId'];
$fromStreamName = $_REQUEST['fromStreamName'];
// TODO: When we start supporting multiple hosts, this will have to be rewritten
// to make servers communicate with one another when establishing relations between streams
if (!($stream = Streams::fetch($asUserId, $toPublisherId, $toStreamName))) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => 'with those fields'), array('publisherId', 'name'));
}
if (!($stream = Streams::fetch($asUserId, $fromPublisherId, $fromStreamName))) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => 'with those fields'), array('fromPublisherId', 'from_name'));
}
$weight = "+1";
if (isset($_REQUEST['weight'])) {
if (!$stream->testWriteLevel('relations')) {
throw new Users_Exception_NotAuthorized();
}
$weight = $_REQUEST['weight'];
}
$result = Streams::relate($asUserId, $toPublisherId, $toStreamName, $type, $fromPublisherId, $fromStreamName, compact('weight'));
Q_Response::setSlot('result', $result);
}
/**
* Used by HTTP clients to upload a new file to the server
* @class Q/file
* @method post
* @param {array} [$params] Parameters that can come from the request
* @param {string} [$params.data] Required if $_FILES is empty. Base64-encoded image data URI - see RFC 2397
* @param {string} [$params.path="uploads"] parent path under web dir (see subpath)
* @param {string} [$params.subpath=""] subpath that should follow the path, to save the image under
* @param {string} [$params.name] override the name of the file, after the subpath
*/
function Q_file_post($params = null)
{
$p = $params ? $params : Q::take($_REQUEST, array('data', 'path', 'subpath'));
if (!empty($_FILES)) {
$file = reset($_FILES);
if ($tmp = $file['tmp_name']) {
if (empty($p['data'])) {
$p['data'] = file_get_contents($tmp);
$p['name'] = $file['name'];
}
unlink($tmp);
}
} else {
if (empty($p['data'])) {
throw new Q_Exception_RequiredField(array('field' => 'data'), 'data');
}
$p['data'] = base64_decode(chunk_split(substr($p['data'], strpos($p['data'], ',') + 1)));
}
$timeLimit = Q_Config::get('Q', 'uploads', 'limits', 'file', 'time', 5 * 60 * 60);
set_time_limit($timeLimit);
// default is 5 min
$data = Q_File::save($p);
if (empty($params)) {
Q_Response::setSlot('data', $data);
}
return $data;
}
/**
* Adds a device to the current user id and session.
* See Users_Device::add method for more details.
* @param {string} $deviceId
* @return {void}
*/
function Users_device_post()
{
Q_Request::requireFields(array('deviceId'));
$deviceId = $_REQUEST['deviceId'];
$user = Users::loggedInUser(true);
$device = Users_Device::add(array_merge($_REQUEST, array('userId' => $user->id)));
Q_Response::setSlot('data', $device);
}
function Streams_participating_response()
{
if (!Q_Request::isAjax()) {
return;
}
$max_limit = Q_Config::expect('Streams', 'db', 'limits', 'participating');
$user = Users::loggedInUser(true);
$type = Streams::requestedType();
$limit = Streams::requestedField('limit', false, $max_limit);
if ($limit > $max_limit) {
throw new Q_Exception("limit is too large, must be <= {$max_limit}");
}
$offset = Streams::requestedField('offset', false, 0);
$order = Streams::requestedField('order', false, true);
$participating = array();
$q = Streams_Participating::select('*')->where(array('userId' => $user->id));
if ($type) {
$q = $q->where(array('streamName' => new Db_Range($type . '/', true, false, true)));
}
if ($limit) {
$q = $q->limit($limit, $offset);
}
if ($order) {
$q = $q->orderBy('updatedTime', false);
}
$res_participating = $q->fetchDbRows();
foreach ($res_participating as $part) {
$part_safe = $part->exportArray();
if (isset($part_safe)) {
$participating[] = $part_safe;
}
}
Q_Response::setSlot('participating', $participating);
if (!Q_Request::slotName('streams')) {
return;
}
$res_streams = array();
$streamNames = array();
foreach ($res_participating as $p) {
$streamNames[$p->publisherId][] = $p->streamName;
}
foreach ($streamNames as $p_id => $names) {
$res_streams[$p_id] = Streams::fetch($user->id, $p_id, $names);
}
$streams = array();
$o = array('asUserId' => $user->id);
foreach ($res_streams as $publisherId => $streams_array) {
if (!empty($streams_array)) {
$streams[$publisherId] = array();
foreach ($streams_array as $streamName => $stream) {
$streams[$publisherId][$streamName] = $stream->exportArray($o);
}
}
}
Q_Response::setSlot('streams', $streams);
}
/**
* We are going to implement a subset of the OAuth 1.0a functionality for now,
* and later we can expand it to match the full OAuth specification.
*/
function Users_authorize_response()
{
if (Q_Response::getErrors()) {
Q_Dispatcher::showErrors();
}
$response_type = 'token';
$token_type = 'bearer';
$client_id = $_REQUEST['client_id'];
$state = $_REQUEST['state'];
$skip = Q::ifset($_REQUEST, 'skip', false);
$scope = Users_OAuth::requestedScope(true, $scopes);
$client = Users_User::fetch($client_id, true);
if (!$client) {
throw new Q_Exception_MissingRow(array('table' => 'client user', 'criteria' => "id = '{$client_id}'"), 'client_id');
}
if (empty($client->url)) {
throw new Q_Exception("Client app needs to register url", 'client_id');
}
$redirect_uri = Q::ifset($_REQUEST, 'redirect_uri', $client->url);
$user = Users::loggedInUser();
$oa = null;
if (isset(Users::$cache['oAuth'])) {
$oa = Users::$cache['oAuth'];
} else {
if ($user) {
$oa = new Users_OAuth();
$oa->client_id = $client_id;
$oa->userId = $user->id;
$oa->state = $state;
$oa = $oa->retrieve();
}
}
$remaining = $scope;
if ($oa and $oa->wasRetrieved()) {
// User is logged in and already has a token for this client_id and state
$paths = Q_Config::get('Users', 'authorize', 'clients', Q::app(), 'redirectPaths', false);
$path = substr($redirect_uri, strlen($client->url) + 1);
$p = array('response_type' => $response_type, 'token_type' => $token_type, 'access_token' => $oa->access_token, 'expires_in' => $oa->token_expires_seconds, 'scope' => implode(' ', $scope), 'state' => $oa->state);
$p = Q_Utils::sign($p, 'Q.Users.oAuth');
// the redirect uri could be a native app url scheme
$s = strpos($redirect_uri, '#') === false ? '#' : '&';
$redirect_uri = Q_Uri::from($redirect_uri . $s . http_build_query($p), false)->toUrl();
if (!Q::startsWith($redirect_uri, $client->url) or is_array($paths) and !in_array($path, $paths)) {
throw new Users_Exception_Redirect(array('uri' => $redirect_uri));
}
Q_Response::redirect($redirect_uri);
return false;
}
$terms_label = Users::termsLabel('authorize');
Q_Response::setScriptData('Q.Users.authorize', compact('client_id', 'redirect_uri', 'scope', 'scopes', 'remaining', 'state', 'response_type', 'skip'));
$content = Q::view('Users/content/authorize.php', compact('client', 'user', 'redirect_uri', 'scope', 'scopes', 'remaining', 'state', 'terms_label', 'response_type', 'skip'));
Q_Response::setSlot('content', $content);
Q_Response::setSlot('column0', $content);
return true;
}
/**
* Adds contacts to the system. Fills the "contacts" slot.
* @param {array} $_REQUEST
* @param {string} $_REQUEST.label The label of the contact
* @param {string} $_REQUEST.contactUserId The contactUserId of the contact
* @param {string} [$_REQUEST.nickname] The nickname of the contact
* @param {string} [$_REQUEST.userId=Users::loggedInUser(true)->id] You can override the user id, if another plugin adds a hook that allows you to do this
*/
function Users_contact_post($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Request::requireFields(array('label', 'contactUserId'), $req, true);
$loggedInUserId = Users::loggedInUser(true)->id;
$userId = Q::ifset($req, 'userId', $loggedInUserId);
$contactUserId = $req['contactUserId'];
$nickname = Q::ifset($req, 'nickname', null);
$contacts = Users_Contact::addContact($userId, $req['label'], $contactUserId, $nickname);
Q_Response::setSlot('contacts', Db::exportArray($contacts));
}
function Users_user_response_users($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Valid::requireFields(array('userIds'), $req, true);
$userIds = $req['userIds'];
if (is_string($userIds)) {
$userIds = explode(",", $userIds);
}
$fields = Q_Config::expect('Users', 'avatarFields');
$users = Users_User::select($fields)->where(array('id' => $userIds))->fetchDbRows(null, null, 'id');
return Q_Response::setSlot('users', Db::exportArray($users, array('asAvatar' => true)));
}
/**
* Adds a label to the system. Fills the "label" (and possibly "icon") slot.
* @param {array} $_REQUEST
* @param {string} $_REQUEST.title The title of the label
* @param {string} [$_REQUEST.label] You can override the label to use
* @param {string} [$_REQUEST.icon] Optional path to an icon
* @param {string} [$_REQUEST.userId=Users::loggedInUser(true)->id] You can override the user id, if another plugin adds a hook that allows you to do this
*/
function Users_label_post($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Request::requireFields(array('title'), $req, true);
$loggedInUserId = Users::loggedInUser(true)->id;
$userId = Q::ifset($req, 'userId', $loggedInUserId);
$icon = Q::ifset($req, 'icon', null);
$title = Q::ifset($req, 'title', null);
$l = Q::ifset($req, 'label', 'Users/' . Q_Utils::normalize($title));
$label = Users_Label::addLabel($l, $userId, $title, $icon);
Q_Response::setSlot('label', $label->exportArray());
}
/**
* Edits a label in the system. Fills the "label" (and possibly "icon") slot.
* @param {array} $_REQUEST
* @param {string} $_REQUEST.label The label
* @param {string} [$_REQUEST.title] The title of the label
* @param {string} [$_REQUEST.icon] Optional path to an icon
* @param {string} [$_REQUEST.userId=Users::loggedInUser(true)->id] You can override the user id, if another plugin adds a hook that allows you to do this
*/
function Users_label_put($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Request::requireFields(array('label'), $req, true);
$loggedInUserId = Users::loggedInUser(true)->id;
$userId = Q::ifset($req, 'userId', $loggedInUserId);
$l = $req['label'];
$icon = Q::ifset($req, 'icon', null);
$title = Q::ifset($req, 'title', null);
$label = Users_Label::updateLabel($userId, $l, compact('icon', 'title'));
Q_Response::setSlot('label', $label->exportArray());
}
/**
* Edits a contact in the system. Fills the "contact" slot.
* @param {array} $_REQUEST
* @param {string} $_REQUEST.label The label of the contact
* @param {string} $_REQUEST.contactUserId The contactUserId of the contact
* @param {string} [$_REQUEST.nickname] The nickname of the contact
* @param {string} [$_REQUEST.userId=Users::loggedInUser(true)->id] You can override the user id, if another plugin adds a hook that allows you to do this
*/
function Users_contact_put($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Request::requireFields(array('label', 'contactUserId'), $req, true);
$loggedInUserId = Users::loggedInUser(true)->id;
$userId = Q::ifset($req, 'userId', $loggedInUserId);
$label = $req['label'];
$contactUserId = $req['contactUserId'];
$nickname = Q::ifset($req, 'nickname', null);
$contact = Users_Contact::updateContact($userId, $label, $contactUserId, compact('nickname'));
Q_Response::setSlot('contact', $contact->exportArray());
}
/**
* Used by HTTP clients to start a subscription
* @class HTTP Assets subscription
* @method post
* @param {array} $_REQUEST
* @param {string} $_REQUEST.payments Required. Should be either "authnet" or "stripe"
* @param {String} $_REQUEST.planStreamName the name of the subscription plan's stream
* @param {String} [$_REQUEST.planPublisherId=Users::communityId()] the publisher of the subscription plan's stream
* @param {String} [$_REQUEST.token=null] if using stripe, pass the token here
*/
function Assets_subscription_post($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Valid::requireFields(array('payments'), $req, true);
// to be safe, we only start subscriptions from existing plans
$planPublisherId = Q::ifset($req, 'planPublisherId', Users::communityId());
$plan = Streams::fetchOne($planPublisherId, $planPublisherId, $req['planStreamName'], true);
// the currency will always be assumed to be "USD" for now
// and the amount will always be assumed to be in dollars, for now
$token = Q::ifset($req, 'token', null);
$subscription = Assets::startSubscription($plan, $req['payments'], compact('token'));
Q_Response::setSlot('subscription', $subscription);
}
function Streams_leave_post()
{
$user = Users::loggedInUser(true);
$publisherId = Streams::requestedPublisherId();
$streamName = Streams::requestedName(true);
$streams = Streams::fetch($user->id, $publisherId, $streamName);
if (empty($streams)) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => "{publisherId: '{$publisherId}', name: '{$streamName}'}"));
}
$stream = reset($streams);
$stream->leave(array(), $participant);
Q_Response::setSlot('participant', $participant->exportArray());
}
/**
* Used to update relations
*
* @param array $_REQUEST
* toPublisherId, toStreamName, type, fromPublisherId, fromStreamName
* weight, adjustWeights
* @return {void}
*/
function Streams_related_put($params)
{
$user = Users::loggedInUser(true);
$userId = $user ? $user->id : '';
$toPublisherId = $_REQUEST['toPublisherId'];
$toStreamName = $_REQUEST['toStreamName'];
$type = $_REQUEST['type'];
$fromPublisherId = $_REQUEST['fromPublisherId'];
$fromStreamName = $_REQUEST['fromStreamName'];
$weight = $_REQUEST['weight'];
$adjustWeights = isset($_REQUEST['adjustWeights']) ? $_REQUEST['adjustWeights'] : null;
$result = Streams::updateRelation($userId, $toPublisherId, $toStreamName, $type, $fromPublisherId, $fromStreamName, $weight, $adjustWeights);
Q_Response::setSlot('result', $result);
}
/**
* Used to close an existing stream. A cron job may delete this stream later.
*
* @module Streams
* @class Streams_stream
* @method delete
* @static
* @param {array} $_REQUEST
* @param {string} $_REQUEST.publisherId The id of the stream publisher
* @param {string} $_REQUEST.streamName The name of the stream the user will be invited to
*/
function Streams_stream_delete()
{
$user = Users::loggedInUser(true);
$publisherId = Streams::requestedPublisherId(true);
$streamName = Streams::requestedName(true);
Streams::$cache['result'] = Streams::close($user->id, $publisherId, $streamName);
// NOTE: we did not delete the stream. That will have to be done in a cron job like this:
// // Clean up access
// $stream->delete();
// Streams_Access::delete()->where(array(
// 'publisherId' => $stream->publisherId,
// 'streamName' => $stream->name
// ))->execute();
Q_Response::setSlot('result', Streams::$cache['result']);
}
function Streams_join_post()
{
$user = Users::loggedInUser(true);
$publisherId = Streams::requestedPublisherId();
$streamName = Streams::requestedName(true);
$streams = Streams::fetch($user->id, $publisherId, $streamName);
if (empty($streams)) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => "{publisherId: '{$publisherId}', name: '{$streamName}'}"));
}
$stream = reset($streams);
$options = array();
if (isset($_REQUEST['extra'])) {
$options['extra'] = json_decode($_REQUEST['extra'], true);
}
$stream->join($options, $participant);
Q_Response::setSlot('participant', $participant->exportArray());
}
function Websites_article_put()
{
// only a logged-in user can do this
$user = Users::loggedInUser(true);
$publisherId = Streams::requestedPublisherId();
if (empty($publisherId)) {
$publisherId = $_REQUEST['publisherId'] = $user->id;
}
$name = Streams::requestedName(true);
$article = Streams::fetchOne($user->id, $publisherId, $name);
if (!$article) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => "{publisherId: '{$publisherId}', name: '{$name}'}"));
}
$article->getintouch = isset($_REQUEST['getintouch']) ? $_REQUEST['getintouch'] : '';
$article->save();
Q_Response::setSlot('form', '');
}
function Users_device_post()
{
$user = Users::loggedInUser(true);
$token = isset($_REQUEST['token']) ? $_REQUEST['token'] : null;
$platform = Q_Request::platform();
$version = Q_Request::OSVersion();
$formFactor = Q_Request::isMobile() ? 'mobile' : (Q_Request::isTablet() ? 'tablet' : null);
$device = new Users_Device();
$device->userId = $user->id;
$device->deviceId = $token;
$device->platform = $platform;
$device->version = $version;
$device->formFactor = $formFactor;
$device->sessionId = Q_Session::id();
$_SESSION['Users']['deviceId'] = $token;
Q_Response::setSlot('data', !!$device->save(true));
Q_Utils::sendToNode(array("Q/method" => "Users/device", "userId" => $user->id, "deviceId" => $token));
}
function Users_user_response_batch($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Valid::requireFields(array('batch'), $req, true);
$batch = $req['batch'];
$batch = json_decode($batch, true);
if (!isset($batch)) {
throw new Q_Exception_WrongValue(array('field' => 'batch', 'range' => '{userIds: [userId1, userId2, ...]}'));
}
Q_Valid::requireFields(array('userIds'), $batch, true);
$userIds = $batch['userIds'];
$users = Q::event('Users/user/response/users', compact('userIds'));
$result = array();
foreach ($userIds as $userId) {
$result[] = array('slots' => array('user' => isset($users[$userId]) ? $users[$userId] : null));
}
Q_Response::setSlot('batch', $result);
}
/**
* We are going to implement a subset of the OAuth 1.0a functionality for now,
* and later we can expand it to match the full OAuth specification.
*/
function Users_authorize_response()
{
if (Q_Response::getErrors()) {
Q_Dispatcher::showErrors();
}
$client_id = $_REQUEST['client_id'];
$redirect_url = $_REQUEST['redirect_uri'];
$state = $_REQUEST['state'];
$client = Users_User::fetch($client_id);
if (!$client) {
throw new Q_Exception_MissingRow(array('table' => 'user', 'criteria' => "id = '{$client_id}'"), 'client_id');
}
if (empty($client->url)) {
throw new Q_Exception("Client app needs to register url", 'client_id');
}
if (substr($redirect_url, 0, strlen($client->url)) !== $client->url) {
throw new Q_Exception_WrongValue(array('field' => 'redirect_uri', 'range' => "a url prefixed by client user's url"));
}
$user = Users::loggedInUser();
$oa = null;
if (isset(Users::$cache['oAuth'])) {
$oa = Users::$cache['oAuth'];
} else {
if ($user) {
$oa = new Users_OAuth();
$oa->client_id = $client_id;
$oa->userId = $user->id;
$oa->state = $state;
$oa->retrieve();
}
}
if ($oa and $oa->wasRetrieved()) {
// User is logged in and already has a token for this client_id and state
$separator = strpos($redirect_url, '?') === false ? '?' : '&';
$url = $redirect_url . $separator . http_build_query(array('access_token' => $oa->access_token, 'token_type' => 'bearer', 'expires_in' => $oa->token_expires_seconds, 'scope' => 'user', 'state' => $oa->state));
Q_Response::redirect(Q_Uri::from($url, false));
return false;
}
$terms_label = Users::termsLabel('authorize');
$content = Q::view('Users/content/authorize.php', compact('client', 'redirect_url', 'user', 'state', 'terms_label'));
Q_Response::setSlot('content', $content);
Q_Response::setSlot('column0', $content);
return true;
}
function Streams_access_response_content($options)
{
$ajax = true;
$user = Users::loggedInUser(true);
$streamName = Streams::requestedName(true);
$publisherId = Streams::requestedPublisherId();
if (empty($publisherId)) {
$publisherId = $user->id;
}
$stream = new Streams_Stream();
$stream->publisherId = $publisherId;
$stream->name = $streamName;
if (!$stream->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => 'with that name'), 'name');
}
$controls = !empty($options['controls']);
Q_Response::setSlot('title', "Access to: " . $stream->title);
return Q::tool('Streams/access', compact('publisherId', 'streamName', 'ajax', 'controls'), $controls ? array('tag' => null) : array());
}
function Websites_before_Q_responseExtras()
{
$user = Users::loggedInUser(false, false);
$userId = $user ? $user->id : "";
$websitesUserId = Users::communityId();
$sha1 = sha1(Q_Dispatcher::uri());
$seoStreamName = "Websites/seo/{$sha1}";
$stream = Streams::fetchOne($userId, $websitesUserId, $seoStreamName);
if ($stream) {
$fields = Q::take($stream->getAllAttributes(), array('keywords', 'description'));
foreach ($fields as $k => $v) {
Q_Response::setMeta($k, $v);
}
Q_Response::setSlot('title', $stream->getAttribute('title'));
}
Q_Response::setScriptData('Q.plugins.Websites.seoStreamName', $seoStreamName);
Q_Response::setScriptData('Q.plugins.Websites.userId', Users::communityId());
Q_Response::setScriptData('Q.plugins.Websites.seoReload', Q_Config::expect('Websites', 'seoReload'));
}
function Places_zipcode_response()
{
if (Q_Request::method() !== 'GET') {
return null;
}
$zip = array();
if (isset($_REQUEST['zipcodes'])) {
$zip = $_REQUEST['zipcodes'];
} else {
if (isset($_REQUEST['zipcode'])) {
$zip = $_REQUEST['zipcode'];
}
}
if (is_string($zip)) {
$zip = explode(',', $zip);
}
$zipcodes = Places_Zipcode::select('*')->where(array('zipcode' => $zip))->fetchDbRows();
Q_Response::setSlot('zipcodes', $zipcodes);
}
function Streams_related_delete($params)
{
$user = Users::loggedInUser(true);
$asUserId = $user->id;
$toPublisherId = $_REQUEST['toPublisherId'];
$toStreamName = $_REQUEST['toStreamName'];
$type = $_REQUEST['type'];
$fromPublisherId = $_REQUEST['fromPublisherId'];
$fromStreamName = $_REQUEST['fromStreamName'];
// TODO: When we start supporting multiple hosts, this will have to be rewritten
// to make servers communicate with one another when establishing relations between streams
if (!($stream = Streams::fetch($asUserId, $toPublisherId, $toStreamName))) {
Q_Response::setSlot('result', false);
}
if (!($stream = Streams::fetch($asUserId, $fromPublisherId, $fromStreamName))) {
Q_Response::setSlot('result', false);
}
Streams::unrelate($asUserId, $toPublisherId, $toStreamName, $type, $fromPublisherId, $fromStreamName);
Q_Response::setSlot('result', true);
}
function Users_contact_response_batch($params = array())
{
$req = array_merge($_REQUEST, $params);
Q_Valid::requireFields(array('batch'), $req, true);
$batch = $req['batch'];
$batch = json_decode($batch, true);
if (!isset($batch)) {
throw new Q_Exception_WrongValue(array('field' => 'batch', 'range' => '{userIds: [...], labels: [...], contactUserIds: [...]}'));
}
Q_Valid::requireFields(array('userIds', 'labels', 'contactUserIds'), $batch, true);
$userIds = $batch['userIds'];
$labels = $batch['labels'];
$contactUserIds = $batch['contactUserIds'];
$contacts = Q::event('Users/contact/response/contacts', compact('userIds', 'labels', 'contactUserIds'));
$result = array();
foreach ($contacts as $contact) {
$result[] = array('slots' => array('contact' => $contact));
}
Q_Response::setSlot('batch', $result);
}
function Streams_avatar_response()
{
$prefix = $limit = $userIds = $batch = $public = null;
extract($_REQUEST, EXTR_IF_EXISTS);
$user = Users::loggedInUser();
$asUserId = $user ? $user->id : "";
if (isset($prefix)) {
$avatars = Streams_Avatar::fetchByPrefix($asUserId, $prefix, compact('limit', 'public'));
} else {
if (isset($batch)) {
$batch = json_decode($batch, true);
if (!isset($batch)) {
throw new Q_Exception_WrongValue(array('field' => 'batch', 'range' => '{userIds: [userId1, userId2, ...]}'));
}
if (!isset($batch['userIds'])) {
throw new Q_Exception_RequiredField(array('field' => 'userIds'));
}
$userIds = $batch['userIds'];
}
if (!isset($userIds)) {
throw new Q_Exception_RequiredField(array('field' => 'userIds'));
}
if (is_string($userIds)) {
$userIds = explode(",", $userIds);
}
$avatars = Streams_Avatar::fetch($asUserId, $userIds);
}
$avatars = Db::exportArray($avatars);
if (isset($batch)) {
$result = array();
foreach ($userIds as $userId) {
$result[] = array('slots' => array('avatar' => isset($avatars[$userId]) ? $avatars[$userId] : null));
}
Q_Response::setSlot('batch', $result);
} else {
Q_Response::setSlot('avatars', $avatars);
}
return $avatars;
}
