function render()
{
$result = new Dto_FormResult('notsubmitted');
# Check the users' permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_report_spam, '');
# Create the default report a spot structure
$report = array('body' => 'This message has been reported as spam', 'inreplyto' => $this->_inReplyTo, 'newmessageid' => '', 'randomstr' => '');
# set the page title
$this->_pageTitle = "report: report spot";
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_reportForm['action'];
if ($formAction == 'post') {
# Initialize the notification system
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $this->_currentSession);
# Make sure we always have a fully valid form
$report = array_merge($report, $this->_reportForm);
# can we report this spot as spam?
$svcPostReport = new Services_Posting_Report($this->_daoFactory, $this->_settings);
$svcUserRecord = new Services_User_Record($this->_daoFactory, $this->_settings);
$result = $svcPostReport->postSpamReport($svcUserRecord, $this->_currentSession['user'], $report);
if ($result->isSuccess()) {
# send a notification
$spotsNotifications->sendReportPosted($report['inreplyto']);
}
# if
}
# if
#- display stuff -#
$this->template('jsonresult', array('postreportform' => $report, 'result' => $result));
}
function render()
{
SpotTiming::start(__FUNCTION__);
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_view_spots_index, '');
# als een zoekopdracht is meegegevne, moeten er ook rechten zijn om te mogen zoeken
if (!empty($this->_params['search'])) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_perform_search, '');
}
# if
$spotsOverview = new SpotsOverview($this->_db, $this->_settings);
# Zet the query parameters om naar een lijst met filters, velden,
# en sorteringen etc
$spotUserSystem = new SpotUserSystem($this->_db, $this->_settings);
$parsedSearch = $spotsOverview->filterToQuery($this->_params['search'], array('field' => $this->_params['sortby'], 'direction' => $this->_params['sortdir']), $this->_currentSession, $spotUserSystem->getIndexFilter($this->_currentSession['user']['userid']));
# Haal de offset uit de URL en zet deze als startid voor de volgende zoektocht
# Als de offset niet in de url staat, zet de waarde als 0, het is de eerste keer
# dat de index pagina wordt aangeroepen
$pageNr = $this->_params['pagenr'];
$nextPage = $pageNr + 1;
if ($nextPage == 1) {
$prevPage = -1;
} else {
$prevPage = max($pageNr - 1, 0);
}
# else
# afhankelijk van wat er gekozen is, voer het uit
if (isset($parsedSearch['filterValueList'][0]['fieldname']) && $parsedSearch['filterValueList'][0]['fieldname'] == "Watch") {
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_keep_own_watchlist, '');
switch ($this->_action) {
case 'remove':
$this->_db->removeFromSpotStateList(SpotDb::spotstate_Watch, $this->_params['messageid'], $this->_currentSession['user']['userid']);
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
$spotsNotifications->sendWatchlistHandled($this->_action, $this->_params['messageid']);
break;
case 'add':
$this->_db->addToSpotStateList(SpotDb::spotstate_Watch, $this->_params['messageid'], $this->_currentSession['user']['userid'], '');
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
$spotsNotifications->sendWatchlistHandled($this->_action, $this->_params['messageid']);
break;
default:
}
# switch
}
# if
# laad de spots
$spotsTmp = $spotsOverview->loadSpots($this->_currentSession['user']['userid'], $pageNr, $this->_currentSession['user']['prefs']['perpage'], $parsedSearch);
# als er geen volgende pagina is, ook niet tonen
if (!$spotsTmp['hasmore']) {
$nextPage = -1;
}
# if
# zet de page title
$this->_pageTitle = "overzicht";
#- display stuff -#
$this->template('spots', array('spots' => $spotsTmp['list'], 'quicklinks' => $this->_settings->get('quicklinks'), 'filters' => $this->_db->getFilterList($this->_currentSession['user']['userid'], 'filter'), 'nextPage' => $nextPage, 'prevPage' => $prevPage, 'parsedsearch' => $parsedSearch, 'data' => $this->_params['data']));
SpotTiming::stop(__FUNCTION__);
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_report_spam, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = Services_Signing_Base::newServiceSigning();
# creeer een default report
$report = array('body' => 'This is SPAM!', 'inreplyto' => $this->_inReplyTo, 'newmessageid' => '', 'randomstr' => '');
# reportpost verzoek was standaard niet geprobeerd
$postResult = array();
# zet de page title
$this->_pageTitle = "report: report spot";
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_reportForm['action'];
# Make sure the anonymous user and reserved usernames cannot post content
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->allowedToPost($this->_currentSession['user'])) {
$postResult = array('result' => 'notloggedin');
$formAction = '';
}
# if
if ($formAction == 'post') {
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# zorg er voor dat alle variables ingevuld zijn
$report = array_merge($report, $this->_reportForm);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $this->_db->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$report['newmessageid'] = substr($report['newmessageid'], 1, -1);
# valideer of we dit report kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->reportSpotAsSpam($this->_currentSession['user'], $report);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success');
# en verstuur een notificatie
$spotsNotifications->sendReportPosted($report['inreplyto']);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('spamreport', array('postreportform' => $report, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function handleNzbAction($messageIds, array $currentSession, $action, Services_Providers_FullSpot $svcProvSpot, Services_Providers_Nzb $svcProvNzb)
{
if (!is_array($messageIds)) {
$messageIds = array($messageIds);
}
# if
# Make sure the user has the appropriate permissions
$currentSession['security']->fatalPermCheck(SpotSecurity::spotsec_retrieve_nzb, '');
if ($action != 'display') {
$currentSession['security']->fatalPermCheck(SpotSecurity::spotsec_download_integration, $action);
}
# if
/*
* Get all the full spots for all of the specified NZB files
*/
$nzbList = array();
$fullSpot = array();
foreach ($messageIds as $thisMsgId) {
$fullSpot = $svcProvSpot->fetchFullSpot($thisMsgId, $currentSession['user']['userid']);
if (!empty($fullSpot['nzb'])) {
$nzbList[] = array('spot' => $fullSpot, 'nzb' => $svcProvNzb->fetchNzb($fullSpot));
}
# if
}
# foreach
/*
* send nzblist to NzbHandler plugin
*/
$nzbHandlerFactory = new Services_NzbHandler_Factory();
$nzbHandler = $nzbHandlerFactory->build($this->_settings, $action, $currentSession['user']['prefs']['nzbhandling']);
$nzbHandler->processNzb($fullSpot, $nzbList);
/*
* and mark the spot as downloaded
*/
if ($currentSession['user']['prefs']['keep_downloadlist']) {
if ($currentSession['security']->allowed(SpotSecurity::spotsec_keep_own_downloadlist, '')) {
$spotStateListDao = $this->_daoFactory->getSpotStateListDao();
foreach ($messageIds as $thisMsgId) {
$spotStateListDao->addToDownloadList($thisMsgId, $currentSession['user']['userid']);
}
# foreach
}
# if
}
# if
# and send notifications
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $currentSession);
$spotsNotifications->sendNzbHandled($action, $fullSpot);
}
function handleNzbAction($messageids, $userSession, $action, $hdr_spotnntp, $nzb_spotnntp) {
if (!is_array($messageids)) {
$messageids = array($messageids);
} # if
# Controleer de security
$userSession['security']->fatalPermCheck(SpotSecurity::spotsec_retrieve_nzb, '');
if ($action != 'display') {
$userSession['security']->fatalPermCheck(SpotSecurity::spotsec_download_integration, $action);
} # if
# Haal de volledige spot op en gebruik de informatie daarin om de NZB file op te halen
$spotsOverview = new SpotsOverview($this->_db, $this->_settings);
$nzbList = array();
foreach($messageids as $thisMsgId) {
$fullSpot = $spotsOverview->getFullSpot($thisMsgId, $userSession['user']['userid'], $hdr_spotnntp);
if (!empty($fullSpot['nzb'])) {
$nzbList[] = array('spot' => $fullSpot,
'nzb' => $spotsOverview->getNzb($fullSpot['nzb'], $nzb_spotnntp));
} # if
} # foreach
# send nzblist to NzbHandler plugin
$nzbHandlerFactory = new NzbHandler_Factory();
$nzbHandler = $nzbHandlerFactory->build($this->_settings, $action, $userSession['user']['prefs']['nzbhandling']);
$nzbHandler->processNzb($fullSpot, $nzbList);
# en voeg hem toe aan de lijst met downloads
if ($userSession['user']['prefs']['keep_downloadlist']) {
if ($userSession['security']->allowed(SpotSecurity::spotsec_keep_own_downloadlist, '')) {
foreach($messageids as $thisMsgId) {
$this->_db->addToSpotStateList(SpotDb::spotstate_Down, $thisMsgId, $userSession['user']['userid']);
} # foreach
} # if
} # if
# en verstuur een notificatie
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $userSession);
$spotsNotifications->sendNzbHandled($action, $fullSpot);
} # handleNzbAction
public function createNewUser(array $spotUser, array $spotSession)
{
$result = $this->_svcUserRecord->createUserRecord($spotUser);
if ($result->isSuccess()) {
$spotUser = $result->getData('userrecord');
/**
* We do not want the complete user record to be passed as JSON, so
* we remove it again
*/
$result->removeData('userrecord');
# Initialize notification system
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $spotSession);
# Send a mail to the new user if the user asked for this
$sendMail = isset($spotUser['sendmail']);
if ($sendMail || $this->_settings->get('sendwelcomemail')) {
$spotsNotifications->sendNewUserMail($spotUser);
}
# if
# send a notification that a new user was added to the system
$spotsNotifications->sendUserAdded($result->getData('username'), $result->getData('password'));
}
# if
return $result;
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_create_new_user, '');
# creeer een default spotuser zodat het form altijd
# de waardes van het form kan renderen
$spotUser = array('username' => '', 'firstname' => '', 'lastname' => '', 'mail' => '');
# createuser resultaat is standaard niet geprobeerd
$createResult = array();
# Instantieer het Spot user system
$spotUserSystem = new SpotUserSystem($this->_db, $this->_settings);
# zet de page title
$this->_pageTitle = "spot: create user";
# Is dit een submit van een form, of nog maar de aanroep?
if (isset($this->_createUserForm['submit'])) {
# submit unsetten we altijd
unset($this->_createUserForm['submit']);
# userid zetten we altijd op false voor het maken van een
# nieuwe user, omdat validateUserRecord() anders denkt
# dat we een bestaande user aan het bewerken zijn en we bv.
# het mailaddress niet controleren op dubbelen behalve 'zichzelf'
$this->_createUserForm['userid'] = false;
# creeer een random password voor deze user
$spotUser['newpassword1'] = substr($spotUserSystem->generateUniqueId(), 1, 9);
$spotUser['newpassword2'] = $spotUser['newpassword1'];
# valideer de user
$spotUser = array_merge($spotUser, $this->_createUserForm);
$formMessages['errors'] = $spotUserSystem->validateUserRecord($spotUser, false);
# Is er geen andere user met dezelfde username?
if ($this->_db->usernameExists($spotUser['username'])) {
$formMessages['errors'][] = array('validateuser_usernameexists', array($spotUser['username']));
}
# if
if (empty($formMessages['errors'])) {
# Creer een private en public key paar voor deze user
$spotSigning = new SpotSigning();
$userKey = $spotSigning->createPrivateKey($this->_settings->get('openssl_cnf_path'));
$spotUser['publickey'] = $userKey['public'];
$spotUser['privatekey'] = $userKey['private'];
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# voeg de user toe
$spotUserSystem->addUser($spotUser);
# als het toevoegen van de user gelukt is, laat het weten
$createResult = array('result' => 'success', 'user' => $spotUser['username'], 'password' => $spotUser['newpassword1']);
# verstuur een e-mail naar de nieuwe gebruiker als daar om is gevraagd
if ($this->_createUserForm['sendmail'] == "true" || $this->_createUserForm['sendmail'] == "on" || $this->_settings->get('sendwelcomemail')) {
$spotsNotifications->sendNewUserMail($spotUser);
}
# if
# en verstuur een notificatie
$spotsNotifications->sendUserAdded($spotUser['username'], $spotUser['newpassword1']);
} else {
$createResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('createuser', array('createuserform' => $spotUser, 'formmessages' => $formMessages, 'createresult' => $createResult));
}
function getNzb()
{
if ($this->_params['del'] == "1" && $this->_spotSec->allowed(SpotSecurity::spotsec_keep_own_watchlist, '')) {
$spot = $this->_db->getFullSpot($this->_params['messageid'], $this->_currentSession['user']['userid']);
if ($spot['watchstamp'] !== NULL) {
$this->_db->removeFromWatchList($this->_params['messageid'], $this->_currentSession['user']['userid']);
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
$spotsNotifications->sendWatchlistHandled('remove', $this->_params['messageid']);
}
# if
}
# if
header('Location: ' . $this->_tplHelper->makeBaseUrl("full") . '?page=getnzb&action=display&messageid=' . $this->_params['messageid'] . html_entity_decode($this->_tplHelper->makeApiRequestString()));
}
set_time_limit(60);
foreach ($settings->get('system_languages') as $language => $name) {
foreach ($spotImage->getValidStatisticsGraphs() as $graphValue => $graphName) {
$spotsOverview->getStatisticsImage($graphValue, $limitValue, $settings_nntp_hdr, $language);
}
# foreach graph
}
# foreach language
echo "Finished creating statistics " . $limitName . PHP_EOL;
}
# foreach limit
echo PHP_EOL;
}
# if
# Verstuur notificaties
$spotsNotifications = new SpotNotifications($db, $settings, $userSession);
if (!empty($notifyNewArray)) {
foreach ($notifyNewArray as $userId => $newSpotInfo) {
foreach ($newSpotInfo as $filterInfo) {
if ($filterInfo['newcount'] > 0 && $filterInfo['enablenotify']) {
$spotsNotifications->sendNewSpotsForFilter($userId, $filterInfo['title'], $filterInfo['newcount']);
}
# if
}
# foreach
}
# foreach
}
# if
$spotsNotifications->sendRetrieverFinished($newSpotCount, $newCommentCount, $newReportCount);
if ($req->getDef('output', '') == 'xml') {
echo "Fatal error occured while cleaning up lists:" . PHP_EOL;
echo " " . $x->getMessage() . PHP_EOL;
echo PHP_EOL . PHP_EOL;
echo $x->getTraceAsString();
echo PHP_EOL . PHP_EOL;
die;
}
# catch
## Retention cleanup
try {
if ($settings->get('retention') > 0) {
$db->deleteSpotsRetention($settings->get('retention'));
}
# if
} catch (Exception $x) {
echo PHP_EOL . PHP_EOL;
echo "Fatal error occured while cleaning up messages due to retention:" . PHP_EOL;
echo " " . $x->getMessage() . PHP_EOL;
echo PHP_EOL . PHP_EOL;
echo $x->getTraceAsString();
echo PHP_EOL . PHP_EOL;
die;
}
# catch
# Verstuur notificaties
$spotsNotifications = new SpotNotifications($db, $settings, $userSession);
$spotsNotifications->sendRetrieverFinished($newSpotCount, $newCommentCount, $newReportCount);
if ($req->getDef('output', '') == 'xml') {
echo "</xml>";
}
# if
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Validate proper permissions
if ($this->_userIdToEdit == $this->_currentSession['user']['userid']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_edit_own_userprefs, '');
} else {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_edit_other_users, '');
}
# if
# Make sure the editresult is set to 'not comitted' per default
$editResult = array();
# Instantiat the user system as necessary for the management of user preferences
$spotUserSystem = new SpotUserSystem($this->_db, $this->_settings);
# zet de page title
$this->_pageTitle = "spot: edit user preferences";
# retrieve the to-edit user
$spotUser = $this->_db->getUser($this->_userIdToEdit);
if ($spotUser === false) {
$formMessages['errors'][] = sprintf(_('User %d can not be found'), $this->_userIdToEdit);
$editResult = array('result' => 'failure');
}
# if
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_editUserPrefsForm['action'];
/*
* We want the annymous' users account so we can use this users' preferences as a
* template. This makes sure all properties are atleast set.
*/
$anonUser = $this->_db->getUser(SPOTWEB_ANONYMOUS_USERID);
# Are we trying to submit this form, or only rendering it?
if (!empty($formAction) && empty($formMessages['errors'])) {
switch ($formAction) {
case 'edit':
/*
* We have a few dummy preferenes -- these are submitted like a checkbox for example
* but in reality do something completely different.
*
* Because we use cleanseUserPreferences() those dummies will not end up in the database
*/
if (isset($this->_editUserPrefsForm['_dummy_prevent_porn'])) {
$spotUserSystem->setIndexFilter($spotUser['userid'], array('valuelist' => array(), 'title' => 'Index filter', 'torder' => 999, 'tparent' => 0, 'children' => array(), 'filtertype' => 'index_filter', 'sorton' => '', 'sortorder' => '', 'enablenotify' => false, 'icon' => 'spotweb.png', 'tree' => '~cat0_z3'));
} else {
$spotUserSystem->removeIndexFilter($spotUser['userid']);
}
# if
# Save the current' user preferences because we need them before cleansing
$savePrefs = $spotUser['prefs'];
$spotUser['prefs'] = $spotUserSystem->cleanseUserPreferences($this->_editUserPrefsForm, $anonUser['prefs'], $this->_tplHelper->getTemplatePreferences());
# Validate all preferences
list($formMessages['errors'], $spotUser['prefs']) = $spotUserSystem->validateUserPreferences($spotUser['prefs'], $savePrefs);
# Make sure user has permission to select this template
if ($spotUser['prefs']['normal_template'] != $savePrefs['normal_template']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_select_template, $spotUser['prefs']['normal_template']);
}
# if
if ($spotUser['prefs']['mobile_template'] != $savePrefs['mobile_template']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_select_template, $spotUser['prefs']['mobile_template']);
}
# if
if ($spotUser['prefs']['tablet_template'] != $savePrefs['tablet_template']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_select_template, $spotUser['prefs']['tablet_template']);
}
# if
if (empty($formMessages['errors'])) {
# Make sure an NZB file was provided
if (isset($_FILES['edituserprefsform'])) {
$uploadError = $_FILES['edituserprefsform']['error']['avatar'];
/**
* Give a proper error if the file is too large, because changeAvatar() wont see
* these errors so they cannot provide the error
*/
if ($uploadError == UPLOAD_ERR_FORM_SIZE || $uploadError == UPLOAD_ERR_INI_SIZE) {
$formMessages['errors'][] = _("Uploaded file is too large");
}
# if
if ($uploadError == UPLOAD_ERR_OK) {
$formMessages['errors'] = $spotUserSystem->changeAvatar($spotUser['userid'], file_get_contents($_FILES['edituserprefsform']['tmp_name']['avatar']));
}
# if
}
# if
}
# if
if (empty($formMessages['errors'])) {
# and actually update the user in the database
$spotUserSystem->setUser($spotUser);
# if we didnt get an exception, it automatically succeeded
$editResult = array('result' => 'success');
} else {
$editResult = array('result' => 'failure');
}
# else
/*
* We have the register Spotweb with the notification providers (growl, prowl, etc) atleast once.
* The safes option is to just do this wih each preferences submit. But first we create a fake
* session for this user.
*/
$fakeSession = $spotUserSystem->createNewSession($spotUser['userid']);
$fakeSession['security'] = new SpotSecurity($this->_db, $this->_settings, $fakeSession['user'], '');
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $fakeSession);
$spotsNotifications->register();
break;
# case 'edit'
# case 'edit'
case 'cancel':
$editResult = array('result' => 'success');
# case 'cancel'
}
# switch
}
# if
#- display stuff -#
$this->template('edituserprefs', array('edituserprefsform' => $spotUser['prefs'], 'formmessages' => $formMessages, 'spotuser' => $spotUser, 'dialogembedded' => $this->_dialogembedded, 'http_referer' => $this->_editUserPrefsForm['http_referer'], 'edituserprefsresult' => $editResult));
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = new SpotSigning();
# creeer een default spot zodat het form altijd
# de waardes van het form kan renderen
$spot = array('title' => '', 'body' => '', 'category' => 0, 'subcatz' => '', 'subcatlist' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => '');
# postspot verzoek was standaard niet geprobeerd
$postResult = array();
# zet de page title
$this->_pageTitle = "spot: post";
# Als de user niet ingelogged is, dan heeft dit geen zin
if ($this->_currentSession['user']['userid'] == SPOTWEB_ANONYMOUS_USERID) {
$postResult = array('result' => 'notloggedin');
unset($this->_spotForm['submit']);
}
# if
# Zorg er voor dat reserved usernames geen spots kunnen posten
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->validUsername($this->_currentSession['user']['username'])) {
$postResult = array('result' => 'notloggedin');
unset($this->_spotForm['submit']);
}
# if
# If user tried to submit, validate the file uploads
if (isset($this->_spotForm['submit'])) {
# Make sure an NZB file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['nzbfile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = array('postspot_invalidnzb', '(none given)');
$postResult = array('result' => 'failure');
// $xml = file_get_contents($_FILES['filterimport']['tmp_name']);
unset($this->_spotForm['submit']);
}
# if
# Make sure an imgae file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['imagefile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = array('postspot_imageinvalid', '(none given)');
$postResult = array('result' => 'failure');
// $xml = file_get_contents($_FILES['filterimport']['tmp_name']);
unset($this->_spotForm['submit']);
}
# if
}
# if
if (isset($this->_spotForm['submit'])) {
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# submit unsetten we altijd
unset($this->_spotForm['submit']);
# De subcatz wordt per hoofdcategory doorgegeven, merge die naar 1
# subcatz
$spot['subcatz'] = isset($this->_spotForm['subcatz' . $this->_spotForm['category']]) ? $this->_spotForm['subcatz' . $this->_spotForm['category']] : '';
# zorg er voor dat alle variables ingevuld zijn
$spot = array_merge($spot, $this->_spotForm);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $spotUser->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$spot['newmessageid'] = substr($spot['newmessageid'], 1, -1);
# valideer of we deze spot kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->postSpot($this->_currentSession['user'], $spot, $_FILES['newspotform']['tmp_name']['imagefile'], $_FILES['newspotform']['tmp_name']['nzbfile']);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success', 'user' => $this->_currentSession['user']['username'], 'userid' => $spotSigning->calculateUserid($this->_currentSession['user']['publickey']), 'body' => $spot['body']);
# en verstuur een notificatie
$spotsNotifications->sendSpotPosted($spot);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('newspot', array('postspotform' => $spot, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function editUserPref(array $editUserPrefsForm, array $userPrefTemplate, array $spotUser, $avatarFileName)
{
/*
* We want the anonymous' users account so we can use this users' preferences as a
* template. This makes sure all properties are at least set.
*/
$anonUser = $this->_svcUserRecord->getUser(SPOTWEB_ANONYMOUS_USERID);
/*
* We have a few dummy preferenes -- these are submitted like a checkbox for example
* but in reality do something completely different.
*
* Because we use cleanseUserPreferences() those dummies will not end up in the database
*/
if (isset($editUserPrefsForm['_dummy_prevent_porn'])) {
$this->_svcUserFilter->setEroticIndexFilter($spotUser['userid']);
} else {
$this->_svcUserFilter->removeIndexFilter($spotUser['userid']);
}
# if
# Save the current' user preferences because we need them before cleansing
$savePrefs = $spotUser['prefs'];
$spotUser['prefs'] = $this->_svcUserRecord->cleanseUserPreferences($editUserPrefsForm, $anonUser['prefs'], $userPrefTemplate);
# Validate all preferences
$result = $this->_svcUserRecord->validateUserPreferences($spotUser['prefs'], $savePrefs);
$spotUser['prefs'] = $result->getData('prefs');
# Make sure user has permission to select this template
if ($spotUser['prefs']['normal_template'] != $savePrefs['normal_template']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_select_template, $spotUser['prefs']['normal_template']);
}
# if
if ($spotUser['prefs']['mobile_template'] != $savePrefs['mobile_template']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_select_template, $spotUser['prefs']['mobile_template']);
}
# if
if ($spotUser['prefs']['tablet_template'] != $savePrefs['tablet_template']) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_select_template, $spotUser['prefs']['tablet_template']);
}
# if
if ($result->isSuccess()) {
# Test to see if a new avatar was provided
if (!empty($avatarFileName)) {
$avatarResult = $this->_svcUserRecord->changeAvatar($spotUser['userid'], file_get_contents($avatarFileName));
/*
* Merge the result of the avatar update to our
* total result
*/
$result->mergeResult($avatarResult);
}
# if
}
# if
if ($result->isSuccess()) {
# and actually update the user in the database
$this->_svcUserRecord->setUser($spotUser);
}
# if
/*
* We have the register Spotweb with the notification providers (growl, prowl, etc) atleast once.
* The safes option is to just do this wih each preferences submit. But first we create a fake
* session for this user.
*/
$fakeSession = $this->_svcUserAuth->createNewSession($spotUser['userid']);
$fakeSession['security'] = new SpotSecurity($this->_daoFactory->getUserDao(), $this->_daoFactory->getAuditDao(), $this->_settings, $fakeSession['user'], '');
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $fakeSession);
$spotsNotifications->register();
return $result;
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Validate proper permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, '');
# Sportparser is nodig voor het escapen van de random string
$spotParser = new SpotParser();
# spot signing is nodig voor het RSA signen van de spot en dergelijke
$spotSigning = Services_Signing_Base::newServiceSigning();
# creeer een default spot zodat het form altijd
# de waardes van het form kan renderen
$spot = array('title' => '', 'body' => '', 'category' => 0, 'subcata' => '', 'subcatb' => array(), 'subcatc' => array(), 'subcatd' => array(), 'subcatz' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => '');
# postspot verzoek was standaard niet geprobeerd
$postResult = array();
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_spotForm['action'];
# zet de page title
$this->_pageTitle = "spot: post";
# Make sure the anonymous user and reserved usernames cannot post content
$spotUser = new SpotUserSystem($this->_db, $this->_settings);
if (!$spotUser->allowedToPost($this->_currentSession['user'])) {
$postResult = array('result' => 'notloggedin');
$formAction = '';
}
# if
# zorg er voor dat alle variables ingevuld zijn
$spot = array_merge($spot, $this->_spotForm);
# If user tried to submit, validate the file uploads
if ($formAction == 'post') {
# Make sure an NZB file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['nzbfile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = _('Please select NZB file');
$postResult = array('result' => 'failure');
$formAction = '';
}
# if
# Make sure an imgae file was provided
if (!isset($_FILES['newspotform']) || $_FILES['newspotform']['error']['imagefile'] != UPLOAD_ERR_OK) {
$formMessages['errors'][] = _('Please select a picture');
$postResult = array('result' => 'failure');
$formAction = '';
}
# if
# Make sure the subcategorie are in the proper format
if (is_array($spot['subcata']) || is_array($spot['subcatz']) || !is_array($spot['subcatb']) || !is_array($spot['subcatc']) || !is_array($spot['subcatd'])) {
$formMessages['errors'][] = _('Invalid subcategories given ');
$postResult = array('result' => 'failure');
$formAction = '';
}
# if
}
# if
if ($formAction == 'post') {
# Notificatiesysteem initialiseren
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
# en creer een grote lijst met spots
$spot['subcatlist'] = array_merge(array($spot['subcata']), $spot['subcatb'], $spot['subcatc'], $spot['subcatd']);
# vraag de users' privatekey op
$this->_currentSession['user']['privatekey'] = $spotUser->getUserPrivateRsaKey($this->_currentSession['user']['userid']);
# het messageid krijgen we met <>'s, maar we werken
# in spotweb altijd zonder, dus die strippen we
$spot['newmessageid'] = substr($spot['newmessageid'], 1, -1);
# valideer of we deze spot kunnen posten, en zo ja, doe dat dan
$spotPosting = new SpotPosting($this->_db, $this->_settings);
$formMessages['errors'] = $spotPosting->postSpot($this->_currentSession['user'], $spot, $_FILES['newspotform']['tmp_name']['imagefile'], $_FILES['newspotform']['tmp_name']['nzbfile']);
if (empty($formMessages['errors'])) {
$postResult = array('result' => 'success', 'user' => $this->_currentSession['user']['username'], 'spotterid' => $spotSigning->calculateSpotterId($this->_currentSession['user']['publickey']), 'body' => $spot['body']);
$formMessages['info'][] = _('Spot has been successfully uploaded. It can take some time before it is shown');
# en verstuur een notificatie
$spotsNotifications->sendSpotPosted($spot);
} else {
$postResult = array('result' => 'failure');
}
# else
}
# if
#- display stuff -#
$this->template('newspot', array('postspotform' => $spot, 'formmessages' => $formMessages, 'postresult' => $postResult));
}
function render()
{
$formMessages = array('errors' => array(), 'info' => array());
# Controleer de users' rechten
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_edit_own_userprefs, '');
# edituserprefs resultaat is standaard niet geprobeerd
$editResult = array();
# Instantieer het Spot user system
$spotUserSystem = new SpotUserSystem($this->_db, $this->_settings);
# zet de page title
$this->_pageTitle = "spot: edit user preferences";
# haal de te editten user op
$spotUser = $this->_db->getUser($this->_currentSession['user']['userid']);
if ($spotUser === false) {
$formMessages['errors'][] = array('edituser_usernotfound', array($spotUser['username']));
$editResult = array('result' => 'failure');
}
# if
# Bepaal welke actie er gekozen was (welke knop ingedrukt was)
$formAction = '';
if (isset($this->_editUserPrefsForm['submitedit'])) {
$formAction = 'edit';
unset($this->_editUserPrefsForm['submitedit']);
} elseif (isset($this->_editUserPrefsForm['submitcancel'])) {
$formAction = 'cancel';
unset($this->_editUserPrefsForm['submitcancel']);
}
# if
# We vragen de anonymous user account op, omdat die z'n preferences gebruikt worden
# als basis.
$anonUser = $this->_db->getUser(SPOTWEB_ANONYMOUS_USERID);
# Is dit een submit van een form, of nog maar de aanroep?
if (!empty($formAction) && empty($formMessages['errors'])) {
switch ($formAction) {
case 'edit':
# We hebben een aantal dummy preferences welke een speciale actie heeft voor ons, we nemen er hier
# actie over. In de functie cleanseUserPreferences() worden ze automatisch gestripped.
if (isset($this->_editUserPrefsForm['_dummy_prevent_porn'])) {
$spotUserSystem->setIndexFilter($spotUser['userid'], array('valuelist' => array(), 'title' => 'Index filter', 'torder' => 999, 'tparent' => 0, 'children' => array(), 'filtertype' => 'index_filter', 'sorton' => '', 'sortorder' => '', 'icon' => 'spotweb.png', 'tree' => '~cat0_z3'));
} else {
$spotUserSystem->removeIndexFilter($spotUser['userid']);
}
# if
# Er mogen geen user preferences doorgegeven worden, welke niet in de anonuser preferences staan,
# een merge met de anonuser preferences kan niet, omdat dat niet opgegeven checkboxes (die komen gewoon
# niet door), op true of false zou zetten naar gelang de default parameter en dus het formulier zou
# negeren.
$spotUser['prefs'] = $spotUserSystem->cleanseUserPreferences($this->_editUserPrefsForm, $anonUser['prefs']);
# controleer en repareer alle preferences
list($formMessages['errors'], $spotUser['prefs']) = $spotUserSystem->validateUserPreferences($spotUser['prefs'], $this->_currentSession['user']['prefs']);
if (empty($formMessages['errors'])) {
# bewerkt de user
$spotUserSystem->setUser($spotUser);
# als het toevoegen van de user gelukt is, laat het weten
$editResult = array('result' => 'success');
} else {
$editResult = array('result' => 'failure');
}
# else
# Spotweb registreren bij de notificatie-providers. Dit moet mininmaal 1 keer, dus de veiligste optie is om dit
# elke keer te doen als de voorkeuren worden opgeslagen
$spotsNotifications = new SpotNotifications($this->_db, $this->_settings, $this->_currentSession);
$spotsNotifications->register();
break;
# case 'edit'
# case 'edit'
case 'cancel':
$editResult = array('result' => 'success');
# case 'cancel'
}
# switch
}
# if
#- display stuff -#
$this->template('edituserprefs', array('edituserprefsform' => $spotUser['prefs'], 'formmessages' => $formMessages, 'spotuser' => $spotUser, 'http_referer' => $this->_editUserPrefsForm['http_referer'], 'edituserprefsresult' => $editResult));
}
function render()
{
SpotTiming::start(__CLASS__ . '::' . __FUNCTION__);
# Give an page title
$this->_pageTitle = _("overview");
/*
* Make sure the user has the appropriate permissions
*/
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_view_spots_index, '');
/*
* When the user wants to perform a search, it needs specific search rights
* as well
*/
if (!empty($this->_params['search'])) {
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_perform_search, '');
}
# if
/*
* We get a bunch of query parameters, so now change this to the actual
* search query the user requested including the required sorting
*/
$svcUserFilter = new Services_User_Filters($this->_daoFactory, $this->_settings);
$svcSearchQp = new Services_Search_QueryParser($this->_daoFactory->getConnection());
$parsedSearch = $svcSearchQp->filterToQuery($this->_params['search'], array('field' => $this->_params['sortby'], 'direction' => $this->_params['sortdir']), $this->_currentSession, $svcUserFilter->getIndexFilter($this->_currentSession['user']['userid']));
/*
* If any specific action was chosen, we perform that as well
*/
if (isset($parsedSearch['filterValueList'][0]['fieldname']) && $parsedSearch['filterValueList'][0]['fieldname'] == "Watch") {
# Make sure the appropriate permissions are set
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_keep_own_watchlist, '');
$svcSpotStateListDao = new Services_Actions_SpotStateList($this->_daoFactory->getSpotStateListDao());
switch ($this->_action) {
case 'remove':
$svcSpotStateListDao->removeFromWatchList($this->_params['messageid'], $this->_currentSession['user']['userid']);
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $this->_currentSession);
$spotsNotifications->sendWatchlistHandled($this->_action, $this->_params['messageid']);
break;
case 'add':
$svcSpotStateListDao->addToWatchList($this->_params['messageid'], $this->_currentSession['user']['userid']);
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $this->_currentSession);
$spotsNotifications->sendWatchlistHandled($this->_action, $this->_params['messageid']);
break;
default:
}
# switch
}
# if
/*
* Get the offset from the URL, if none given, we default to zero
*/
$pageNr = $this->_params['pagenr'];
/*
* Actually fetch the spots, we always perform
* this action even when the watchlist is editted
*/
$svcProvSpotList = new Services_Providers_SpotList($this->_daoFactory->getSpotDao());
$spotsTmp = $svcProvSpotList->fetchSpotList($this->_currentSession['user']['userid'], $pageNr, $this->_currentSession['user']['prefs']['perpage'], $parsedSearch);
/*
* If we are on the first page, we want to pass '-1' as the previous page,
* so the templates can deduce we are on the first page.
*
* If there are no more spots, make sure we don't show
* the nextpage link
*/
if ($spotsTmp['hasmore']) {
$nextPage = $pageNr + 1;
} else {
$nextPage = -1;
}
# else
$prevPage = max($pageNr - 1, -1);
#- display stuff -#
$this->template('spots', array('spots' => $spotsTmp['list'], 'quicklinks' => $this->_settings->get('quicklinks'), 'filters' => $svcUserFilter->getFilterList($this->_currentSession['user']['userid'], 'filter'), 'nextPage' => $nextPage, 'prevPage' => $prevPage, 'parsedsearch' => $parsedSearch, 'data' => $this->_params['data']));
SpotTiming::stop(__CLASS__ . '::' . __FUNCTION__);
}
function render()
{
# Make sure the result is set to 'not comited' per default
$result = new Dto_FormResult('notsubmitted');
# Validate proper permissions
$this->_spotSec->fatalPermCheck(SpotSecurity::spotsec_post_spot, '');
# Sportparser is nodig voor het escapen van de random string
$spotParseUtil = new Services_Format_Util();
# we need the spotuser system
$svcUserRecord = new Services_User_Record($this->_daoFactory, $this->_settings);
/*
* Create a default form so we can be sure to always be able
* to render the form without notices or whatever
*/
$spot = array('title' => '', 'body' => '', 'category' => 0, 'subcata' => '', 'subcatb' => array(), 'subcatc' => array(), 'subcatd' => array(), 'subcatz' => '', 'tag' => '', 'website' => '', 'newmessageid' => '', 'randomstr' => '');
/*
* bring the forms' action into the local scope for
* easier access
*/
$formAction = $this->_spotForm['action'];
# set the page title
$this->_pageTitle = "spot: post";
# Make sure all variables are merged with the default form
$spot = array_merge($spot, $this->_spotForm);
# If user tried to submit, validate the file uploads
$nzbFilename = '';
$imgFilename = '';
if ($formAction == 'post') {
$result->setResult('success');
# Make sure an NZB file was provided
$uploadHandler = new Services_Providers_FileUpload('newspotform', 'nzbfile');
if (!$uploadHandler->isUploaded()) {
$result->addError(_('Please select NZB file'));
} elseif (!$uploadHandler->success()) {
$result->addError(_('Invalid NZB file') . ' (' . $uploadHandler->errorText() . ')');
} else {
$nzbFilename = $uploadHandler->getTempName();
}
# if
# Make sure an picture was provided
$uploadHandler = new Services_Providers_FileUpload('newspotform', 'imagefile');
if (!$uploadHandler->isUploaded()) {
$result->addError(_('Please select a picture'));
} elseif (!$uploadHandler->success()) {
$result->addError(_('Invalid picture') . ' (' . $uploadHandler->errorText() . ')');
} else {
$imgFilename = $uploadHandler->getTempName();
}
# if
}
# if
if ($formAction == 'post' && $result->isSuccess()) {
# Initialize notificatiesystem
$spotsNotifications = new SpotNotifications($this->_daoFactory, $this->_settings, $this->_currentSession);
# Make sure we can post this spot, if so, make it happen
$svcPostSpot = new Services_Posting_Spot($this->_daoFactory, $this->_settings);
$result = $svcPostSpot->postSpot($svcUserRecord, $this->_currentSession['user'], $spot, $imgFilename, $nzbFilename);
if ($result->isSuccess()) {
$result->addData('user', $this->_currentSession['user']['username']);
$result->addData('spotterid', $spotParseUtil->calculateSpotterId($this->_currentSession['user']['publickey']['modulo']));
# en send a notification
$spotsNotifications->sendSpotPosted($spot);
}
# if
}
# if
#- display stuff -#
$this->template('newspot', array('postspotform' => $spot, 'result' => $result));
}
