private function loadHomePage($gpage)
{
$pageSize = Config::getInstance()->get_value("main.page.items");
$postDao = new \com\indigloo\sc\dao\Post();
$fp_size = $pageSize - 14;
$fp_size = $fp_size <= 4 ? 4 : $fp_size;
$featuredDBRows = $this->getFeaturedPosts($postDao, $fp_size);
$userDBRows = array();
// Do we have a login session? 4 user posts
$loginId = Login::tryLoginIdInSession();
if ($loginId != null) {
$userDBRows = $postDao->getOnLoginId($loginId, 4);
}
$short = $pageSize - (sizeof($featuredDBRows) + sizeof($userDBRows));
// if page size is less than feature + user DB rows
// even then we need to fetch few latest DB rows to make the
// pagination right.
$short = $short <= 4 ? 4 : $short;
// atleast 4 latest items, at max page size of latest items
$latestDBRows = $postDao->getLatest($short);
$bucket = array_merge($userDBRows, $featuredDBRows);
shuffle($bucket);
$count = sizeof($bucket);
for ($i = 0; $i < $count; $i++) {
$this->combine($bucket[$i]);
}
for ($i = $count; $i < sizeof($latestDBRows); $i++) {
$this->combine($latestDBRows[$i]);
}
$endId = NULL;
if (sizeof($latestDBRows) > 0) {
$endId = $latestDBRows[sizeof($latestDBRows) - 1]['id'];
}
$endId = base_convert($endId, 10, 36);
$nparams = array('gpa' => $endId, 'gpage' => 2);
$nextPageUrl = Url::addQueryParameters("/", $nparams);
$pageTitle = SeoData::getHomePageTitleWithNumber($gpage);
$metaKeywords = SeoData::getHomeMetaKeywords();
$metaDescription = SeoData::getHomeMetaDescriptionWithNumber($gpage);
$file = APP_WEB_DIR . '/home.php';
include $file;
}
static function getPubWidget($row)
{
$view = new \stdClass();
$template = NULL;
$userId = $row["login_id"];
$pubUserId = PseudoId::encode($userId);
$pubUserUrl = Url::base() . "/pub/user/" . $pubUserId;
$view->pubUserUrl = $pubUserUrl;
$view->name = $row["name"];
$view->srcImage = $row["photo_url"];
$view->hasImage = !Util::tryEmpty($view->srcImage);
// whoever is browsing this widget will become the follower
// and follow the user of this widget
$loginIdInSession = Login::tryLoginIdInSession();
$view->followerId = empty($loginIdInSession) ? "{loginId}" : $loginIdInSession;
$view->followingId = $userId;
//template depends on image availabality
$template = $view->hasImage ? "/fragments/graph/pub/widget/image.tmpl" : "/fragments/graph/pub/widget/noimage.tmpl";
$html = Template::render($template, $view);
return $html;
}
try {
$fhandler = new Form\Handler('web-form-1', $_POST);
$fhandler->addRule('comment', 'Comment', array('required' => 1));
$fhandler->addRule('post_id', 'post id', array('required' => 1));
$fhandler->addRule('owner_id', 'owner id', array('required' => 1));
$fhandler->addRule('post_title', 'post title', array('required' => 1));
$fvalues = $fhandler->getValues();
// UI checks
if ($fhandler->hasErrors()) {
throw new UIException($fhandler->getErrors());
}
//trim comments to 512 chars
$fvalues["comment"] = substr($fvalues["comment"], 0, 512);
//use login is required for comments
if (Login::hasSession()) {
$gSessionLogin = \com\indigloo\sc\auth\Login::getLoginInSession();
$commentDao = new com\indigloo\sc\dao\Comment();
$commentDao->create($gSessionLogin->id, $gSessionLogin->name, $fvalues['owner_id'], $fvalues['post_id'], $fvalues['post_title'], $fvalues['comment']);
// go back to comment form
header("Location: " . $fUrl);
} else {
//create data object representing pending session action
$actionObj = new \stdClass();
$actionObj->endPoint = "/qa/form/comment.php";
$params = new \stdClass();
$params->ownerId = $fvalues['owner_id'];
$params->postId = $fvalues['post_id'];
$params->title = $fvalues['post_title'];
$params->comment = $fvalues['comment'];
$params->action = UIConstants::ADD_COMMENT;
$actionObj->params = $params;
<?php
include 'sc-app.inc';
include APP_WEB_DIR . '/inc/header.inc';
use com\indigloo\Util;
use com\indigloo\Url;
use com\indigloo\ui\form\Sticky;
use com\indigloo\Constants;
use com\indigloo\Configuration as Config;
use com\indigloo\ui\form\Message as FormMessage;
$gWeb = \com\indigloo\core\Web::getInstance();
//do we already have a login?
if (\com\indigloo\sc\auth\Login::hasSession()) {
header("Location: / ");
}
$qUrl = Url::tryBase64QueryParam("q", "/user/dashboard/index.php");
$fUrl = Url::current();
// should login do some action?
$gSessionAction = Url::tryQueryParam("g_session_action");
if (!empty($gSessionAction)) {
$gWeb->store("global.session.action", $gSessionAction);
}
$fUrl = Url::current();
$sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true));
$stoken = Util::getMD5GUID();
$gWeb->store("mik_state_token", $stoken);
//Facebook OAuth2
$fbAppId = Config::getInstance()->get_value("facebook.app.id");
$host = Url::base();
$fbCallback = $host . "/callback/fb2.php";
$fbDialogUrl = "https://www.facebook.com/dialog/oauth?client_id=" . $fbAppId;
static function getTile($postDBRow)
{
$html = NULL;
$template = NULL;
$voptions = array("abbreviate" => true, "group" => true);
$view = self::createPostView($postDBRow, $voptions);
if ($view->hasImage) {
$template = '/fragments/tile/image.tmpl';
//Add thumbnail width and height
$td = Util::foldX($view->width, $view->height, 190);
$view->twidth = $td["width"];
$view->theight = $td["height"];
} else {
$template = '/fragments/tile/text.tmpl';
}
$loginIdInSession = \com\indigloo\sc\auth\Login::tryLoginIdInSession();
$view->hasLoginInSession = is_null($loginIdInSession) ? false : true;
if (!$view->hasLoginInSession) {
$params = array("item_id" => $view->itemId);
$listUrl = "/user/dashboard/list/select.php";
$listUrl = Url::createUrl($listUrl, $params);
$view->saveUrl = "/user/login.php?q=" . base64_encode($listUrl);
}
$html = Template::render($template, $view);
return $html;
}
use com\indigloo\Url;
use com\indigloo\Logger;
use com\indigloo\sc\auth\Login;
use com\indigloo\Constants;
use com\indigloo\ui\form\Sticky;
use com\indigloo\ui\form\Message as FormMessage;
use com\indigloo\sc\util\PseudoId;
$sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true));
//q is part of URL and base64 encoded
$qUrl = Url::tryBase64QueryParam("q", "/");
$fUrl = Url::current();
$itemId = Url::getQueryParam("id");
$postId = PseudoId::decode($itemId);
$postDao = new \com\indigloo\sc\dao\Post();
$postDBRow = $postDao->getOnId($postId);
if (!(Login::isOwner($postDBRow['login_id']) || Login::isAdmin())) {
header("Location: /site/error/403.html");
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>3mik.com - Delete a post</title>
<?php
include APP_WEB_DIR . '/inc/meta.inc';
?>
<?php
echo \com\indigloo\sc\util\Asset::version("/css/bundle.css");
include APP_WEB_DIR . '/user/dashboard/inc/menu.inc';
?>
</div>
</div>
<div class="row">
<div class="span11 offset1">
<div class="page-header">
<span style="padding-left:20px;padding-right:20px;">Mail preferences</span>
<span>
<a class="btn-flat" href="/user/dashboard/profile.php">Edit profile</a>
</span>
<span>
<?php
if (\com\indigloo\sc\auth\Login::hasMikLogin()) {
echo '<a class="btn-flat" href="/user/account/change-password.php">Change password</a>';
}
?>
</span>
</div>
</div>
</div>
<div class="row">
<div class="span6 offset1">
<?php
FormMessage::render();
function delete($postId)
{
$loginId = NULL;
if (\com\indigloo\sc\auth\Login::isAdmin()) {
//inject right loginId for admins
$postDBRow = $this->getOnId($postId);
$loginId = $postDBRow["login_id"];
} else {
$loginId = \com\indigloo\sc\auth\Login::getLoginIdInSession();
}
mysql\Post::delete($postId, $loginId);
}
static function getPubHeader($userDBRow)
{
$html = NULL;
$view = new \stdClass();
$template = '/fragments/user/pub/header.tmpl';
$view = self::createUserView($userDBRow);
$view->followingId = $userDBRow["login_id"];
//userId in session is follower
$loginId = Login::tryLoginIdInSession();
$view->followerId = empty($loginId) ? "{loginId}" : $loginId;
$html = Template::render($template, $view);
return $html;
}
function processUser($connection)
{
$user_info = $connection->get('account/verify_credentials');
if (isset($user_info->error)) {
$message = "Error retrieving twitter user information";
Logger::getInstance()->error($message);
raiseUIError();
} else {
// get screenName, profile Pic
// exisitng record ? find on twitter_id
// New record - create login + twitter record
// start login session
$id = $user_info->id;
if (empty($id)) {
trigger_error("Could not retrieve twitter id : please try again.", E_USER_ERROR);
}
$image = $user_info->profile_image_url;
$screenName = $user_info->screen_name;
$name = $user_info->name;
$location = $user_info->location;
// do not know what twitter will return
// we consider auth to be good enough for a user
if (empty($name) && empty($screenName)) {
$name = "Anonymous";
}
$message = sprintf("Login:Twitter :: id %d ,name %s ", $id, $name);
Logger::getInstance()->info($message);
$twitterDao = new \com\indigloo\sc\dao\Twitter();
$loginId = $twitterDao->getOrCreate($id, $name, $screenName, $location, $image);
if (empty($loginId)) {
$message = "Not able to create 3mik login for twitter user";
Logger::getInstance()->error($message);
raiseUIError();
}
//success - update login record
// start 3mik session
$remoteIp = \com\indigloo\Url::getRemoteIp();
mysql\Login::updateIp(session_id(), $loginId, $remoteIp);
$code = Login::startOAuth2Session($loginId, Login::TWITTER);
$location = $code == Login::FORBIDDEN_CODE ? AppConstants::ERROR_403_URL : AppConstants::DASHBOARD_URL;
header("Location: " . $location);
}
}
<?php
header('Content-type: application/json');
include 'sc-app.inc';
include APP_WEB_DIR . '/inc/header.inc';
use com\indigloo\Util;
use com\indigloo\sc\auth\Login;
use com\indigloo\Logger;
set_exception_handler('webgloo_ajax_exception_handler');
$message = NULL;
//use login is required for image extraction
if (!Login::hasSession()) {
$message = array("code" => 401, "message" => "Authentication failure: You need to login!");
$html = json_encode($message);
echo $html;
exit;
}
$target = $_POST["target"];
$parser = new \com\indigloo\text\UrlParser();
$response = $parser->extractUsingDom($target);
if (empty($response)) {
$response = new \stdClass();
$response->code = 500;
$response->message = "Error retrieving images. Please try again.";
} else {
$response->code = 200;
$count = count($response->images);
if ($count == 0) {
$response->message = "success: No image found on target URL";
} else {
$response->message = sprintf("success : retrieved %d images.", $count);
$panelId = $sticky->get("panel_id");
$qparams = Url::getRequestQueryParams();
$gSessionLogin = \com\indigloo\sc\auth\Login::getLoginInSession();
$loginId = $gSessionLogin->id;
$loginName = $gSessionLogin->name;
if (is_null($loginId)) {
trigger_error("Error : NULL or invalid login_id", E_USER_ERROR);
}
$plistId = Url::getQueryParam("list_id");
$listId = PseudoId::decode($plistId);
settype($listId, "int");
$listDao = new \com\indigloo\sc\dao\Lists();
$listDBRow = $listDao->getOnId($listId);
$listName = $listDBRow["name"];
//list owner check
if (!Login::isOwner($listDBRow["login_id"])) {
header("Location: /site/error/403.html");
exit;
}
$listPubUrl = sprintf("%s/pub/list/%d/%s", Url::base(), $plistId, $listDBRow["seo_name"]);
//get items from sc_list_item table
$model = new \com\indigloo\sc\model\ListItem();
$filter = new Filter($model);
$filter->add($model::LIST_ID, Filter::EQ, $listId);
$pageSize = Config::getInstance()->get_value("user.page.items");
$filters = array();
array_push($filters, $filter);
$paginator = new \com\indigloo\ui\Pagination($qparams, $pageSize);
$itemDBRows = $listDao->getPagedItems($paginator, $filters);
$baseURI = "/user/dashboard/list/detail.php";
$fUrl = Url::current();
/**
*
* @param access_token - access token returned by facebook for offline use
* @param expires - time in seconds till the access_token expiry
*
*
*/
function processUser($user, $access_token, $expires)
{
// exisitng record ? find on facebook_id
// New record - create login + facebook record
// start login session
$id = $user->id;
if (empty($id)) {
trigger_error("Could not retrieve facebook id : please try again.", E_USER_ERROR);
}
//rest of the properties may be missing
$email = property_exists($user, 'email') ? $user->email : '';
$name = property_exists($user, 'name') ? $user->name : '';
$firstName = property_exists($user, 'first_name') ? $user->first_name : '';
$lastName = property_exists($user, 'last_name') ? $user->last_name : '';
$link = property_exists($user, 'link') ? $user->link : '';
$gender = property_exists($user, 'gender') ? $user->gender : '';
// do not know what facebook will return
// we consider auth to be good enough for a user
if (empty($name) && empty($firstName)) {
$name = "Anonymous";
}
$message = sprintf("Login:Facebook :: id %d ,email %s ", $id, $email);
Logger::getInstance()->info($message);
$facebookDao = new \com\indigloo\sc\dao\Facebook();
$loginId = $facebookDao->getOrCreate($id, $name, $firstName, $lastName, $link, $gender, $email, $access_token, $expires);
if (empty($loginId)) {
$message = "Not able to create 3mik login for facebook user";
Logger::getInstance()->error($message);
raiseUIError();
}
//success - update login record
// start 3mik session
$remoteIp = \com\indigloo\Url::getRemoteIp();
mysql\Login::updateTokenIp(session_id(), $loginId, $access_token, $expires, $remoteIp);
$code = Login::startOAuth2Session($loginId, Login::FACEBOOK);
$location = $code == Login::FORBIDDEN_CODE ? AppConstants::ERROR_403_URL : AppConstants::DASHBOARD_URL;
header("Location: " . $location);
}
function process($params, $options)
{
if (is_null($params) || empty($params)) {
$controller = new \com\indigloo\sc\controller\Http400();
$controller->process();
exit;
}
$itemId = Util::getArrayKey($params, "item_id");
if ($itemId < 1200) {
//@todo remove permanent redirect
$redirectUrl = "/item/" . PseudoId::encode($itemId);
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . $redirectUrl);
exit;
}
$postDao = new \com\indigloo\sc\dao\Post();
$postId = PseudoId::decode($itemId);
$postDBRow = $postDao->getOnId($postId);
if (empty($postDBRow)) {
//not found
$controller = new \com\indigloo\sc\controller\Http404();
$controller->process();
exit;
}
$options = array();
$options["group"] = true;
$postView = \com\indigloo\sc\html\Post::createPostView($postDBRow, $options);
// links is separate from postView for historical reasons
$linksJson = $postDBRow['links_json'];
$dblinks = json_decode($linksJson);
$links = array();
foreach ($dblinks as $link) {
$link = Url::addHttp($link);
array_push($links, $link);
}
/* data for facebook/google+ dialogs */
$itemObj = new \stdClass();
$itemObj->appId = Config::getInstance()->get_value("facebook.app.id");
$itemObj->host = Url::base();
/* google+ cannot redirect to local box */
$itemObj->netHost = "http://www.3mik.com";
$itemObj->callback = $itemObj->host . "/callback/fb-share.php";
if ($postView->hasImage) {
/* use original image for og snippets, smaller images may be ignored */
/* facebook and google+ dialogs need absolute URL */
$itemObj->picture = $postView->srcImage;
} else {
$itemObj->picture = $itemObj->host . "/css/asset/sc/logo.png";
}
//do not urlencode - as we use this value as canonical url
$itemObj->link = $itemObj->host . "/item/" . $itemId;
$itemObj->netLink = $itemObj->netHost . "/item/" . $itemId;
// title in DB is 128 chars long.
// here on page we want to use a 70 char title.
// also used in item images alt text
// item description should be 160 chars.
$itemObj->title = Util::abbreviate($postView->title, 70);
$itemObj->title = sprintf("item %s - %s", $itemId, $itemObj->title);
$itemObj->description = Util::abbreviate($postView->description, 160);
$itemObj->description = sprintf("item %s - %s by user %s", $itemId, $itemObj->description, $postView->userName);
$strItemObj = json_encode($itemObj);
//make the item json string form safe
$strItemObj = Util::formSafeJson($strItemObj);
/* likes data */
$bookmarkDao = new \com\indigloo\sc\dao\Bookmark();
$likeDBRows = $bookmarkDao->getLikeOnItemId($itemId);
$gWeb = \com\indigloo\core\Web::getInstance();
/* sticky is used by comment form */
$sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true));
$gRegistrationPopup = false;
$loginIdInSession = \com\indigloo\sc\auth\Login::tryLoginIdInSession();
//show registration popup
if (is_null($loginIdInSession)) {
$register_popup = $gWeb->find("sc:browser:registration:popup");
$register_popup = is_null($register_popup) ? false : $register_popup;
if (!$register_popup) {
$gRegistrationPopup = true;
$gWeb->store("sc:browser:registration:popup", true);
}
}
$group_slug = $postDBRow["group_slug"];
$groupDao = new \com\indigloo\sc\dao\Group();
$group_names = $groupDao->tokenizeSlug($group_slug, ",", true);
$pageTitle = $itemObj->title;
$metaKeywords = SeoData::getMetaKeywords($group_names);
$pageUrl = Url::base() . Url::current();
$file = APP_WEB_DIR . '/view/item.php';
include $file;
}
$code = $ex->getCode();
switch ($code) {
case 401:
$message = "Wrong login or password. Please try again!";
throw new UIException(array($message));
break;
default:
$message = "Error during login. Please try after some time!";
throw new UIException(array($message));
}
}
//success - update login record
// start 3mik session
$remoteIp = \com\indigloo\Url::getRemoteIp();
mysql\Login::updateIp(session_id(), $loginId, $remoteIp);
Login::startOAuth2Session($loginId, Login::MIK);
//add overlay message
$message = "success! Thanks for joining " . $fvalues['first_name'];
$gWeb->store("global.overlay.message", $message);
header("Location: " . AppConstants::DASHBOARD_URL);
exit;
} catch (UIException $ex) {
$gWeb->store(Constants::STICKY_MAP, $fvalues);
$gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
header("Location: " . $fUrl);
exit(1);
} catch (DBException $ex) {
$gWeb->store(Constants::STICKY_MAP, $fvalues);
// @imp: this is mysql error code
// @todo need to define this as a constant
if ($ex->getCode() == 1062) {
include APP_WEB_DIR . '/inc/role/user.inc';
use com\indigloo\Util;
use com\indigloo\Url;
use com\indigloo\ui\form\Sticky;
use com\indigloo\Constants;
use com\indigloo\ui\form\Message as FormMessage;
use com\indigloo\sc\auth\Login;
use com\indigloo\sc\util\PseudoId;
$sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true));
$encodedId = Url::getQueryParam("id");
$commentId = PseudoId::decode($encodedId);
$qUrl = Url::tryBase64QueryParam("q", "/");
$fUrl = Url::current();
$commentDao = new com\indigloo\sc\dao\Comment();
$commentDBRow = $commentDao->getOnId($commentId);
if (!(Login::isOwner($commentDBRow['login_id']) || Login::isAdmin())) {
header("Location: /site/error/403.html");
exit;
}
$sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true));
$itemId = PseudoId::encode($commentDBRow['post_id']);
?>
<!DOCTYPE html>
<html>
<head>
<title> Edit Comment</title>
<?php
include APP_WEB_DIR . '/inc/meta.inc';
?>
use com\indigloo\Constants;
use com\indigloo\exception\UIException;
use com\indigloo\sc\auth\Login;
if (isset($_POST['save']) && $_POST['save'] == 'Save') {
$gWeb = \com\indigloo\core\Web::getInstance();
$fvalues = array();
$fUrl = \com\indigloo\Url::tryFormUrl("fUrl");
try {
$fhandler = new Form\Handler('web-form-1', $_POST);
$fhandler->addRule('first_name', 'First Name', array('required' => 1, 'maxlength' => 32));
$fhandler->addRule('last_name', 'Last Name', array('required' => 1, 'maxlength' => 32));
$fhandler->addRule('email', 'Email', array('required' => 1, 'maxlength' => 64));
$fhandler->addRule('qUrl', 'qUrl', array('required' => 1, 'rawData' => 1));
$fvalues = $fhandler->getValues();
//decode q param to use in redirect
$qUrl = base64_decode($fvalues['qUrl']);
if ($fhandler->hasErrors()) {
throw new UIException($fhandler->getErrors());
}
$loginId = Login::getLoginIdInSession();
$userDao = new \com\indigloo\sc\dao\User();
$userDao->update($loginId, $fvalues['first_name'], $fvalues['last_name'], $fvalues['nick_name'], $fvalues['email'], $fvalues['website'], $fvalues['blog'], $fvalues['location'], $fvalues['age'], $fvalues['photo_url'], $fvalues['about_me']);
//success
header("Location: " . $qUrl);
} catch (UIException $ex) {
$gWeb->store(Constants::STICKY_MAP, $fvalues);
$gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
header("Location: " . $fUrl);
exit(1);
}
}
function processUser($user)
{
$id = $user->id;
if (empty($id)) {
trigger_error("Could not retrieve google id : please try again.", E_USER_ERROR);
}
//rest of the properties may be missing
$email = property_exists($user, 'email') ? $user->email : '';
$name = property_exists($user, 'name') ? $user->name : '';
$firstName = property_exists($user, 'given_name') ? $user->given_name : '';
$lastName = property_exists($user, 'family_name') ? $user->family_name : '';
$photo = property_exists($user, 'picture') ? $user->picture : '';
// we consider id + auth to be good enough for a user
if (empty($name) && empty($firstName)) {
$name = "Anonymous";
}
$message = sprintf("Login:Google :: id %d ,email %s ", $id, $email);
Logger::getInstance()->info($message);
$googleDao = new \com\indigloo\sc\dao\Google();
$loginId = $googleDao->getOrCreate($id, $email, $name, $firstName, $lastName, $photo);
if (empty($loginId)) {
$message = "Not able to create 3mik login for google user";
Logger::getInstance()->error($message);
raiseUIError();
}
//success - update login record
// start 3mik session
$remoteIp = \com\indigloo\Url::getRemoteIp();
mysql\Login::updateIp(session_id(), $loginId, $remoteIp);
$code = Login::startOAuth2Session($loginId, Login::GOOGLE);
$location = $code == Login::FORBIDDEN_CODE ? AppConstants::ERROR_403_URL : AppConstants::DASHBOARD_URL;
header("Location: " . $location);
}
<?php
//sc/user/invite.php
include 'sc-app.inc';
include APP_WEB_DIR . '/inc/header.inc';
use com\indigloo\Util;
use com\indigloo\Url;
use com\indigloo\ui\form\Sticky;
use com\indigloo\Constants;
use com\indigloo\ui\form\Message as FormMessage;
use com\indigloo\sc\auth\Login;
$gWeb = \com\indigloo\core\Web::getInstance();
$sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true));
$qUrl = Url::tryBase64QueryParam("q", "/");
$fUrl = Url::current();
$loginId = Login::tryLoginIdInSession();
//add security token to form
$formToken = Util::getBase36GUID();
$gWeb->store("form.token", $formToken);
$defaultMessage = \com\indigloo\sc\html\Site::getInvitationMessage();
?>
<!DOCTYPE html>
<html>
<head>
<title> 3mik.com - invite your friends</title>
<?php
include APP_WEB_DIR . '/inc/meta.inc';
?>
<?php
<?php
header('Content-type: application/json');
include 'sc-app.inc';
include APP_WEB_DIR . '/inc/header.inc';
use com\indigloo\Util;
use com\indigloo\sc\auth\Login;
use com\indigloo\sc\ui\Constants as UIConstants;
use com\indigloo\sc\util\Nest;
use com\indigloo\sc\Constants as AppConstants;
use com\indigloo\exception\DBException;
set_exception_handler("webgloo_ajax_exception_handler");
//Admin login is required
if (!Login::isAdmin()) {
$message = array("code" => 401, "message" => "Authentication failure! Admin credentials missing.");
$html = json_encode($message);
echo $html;
exit;
}
$postId = Util::getArrayKey($_POST, "postId");
// Action from UI is ADD | REMOVE
// see com\indigloo\sc\ui\Constants file
$action = Util::getArrayKey($_POST, "action");
$postDao = new \com\indigloo\sc\dao\Post();
$message = NULL;
try {
switch ($action) {
case UIConstants::FEATURE_POST:
$postDao->feature($postId);
$message = sprintf("success! item %s added to featured posts", $postId);
break;
<?php
//sc/user/account/change-password.php
include 'sc-app.inc';
include APP_WEB_DIR . '/inc/header.inc';
include APP_WEB_DIR . '/inc/role/user.inc';
use com\indigloo\Util;
use com\indigloo\Url;
use com\indigloo\ui\form\Sticky;
use com\indigloo\Constants;
use com\indigloo\ui\form\Message as FormMessage;
use com\indigloo\sc\auth\Login;
use com\indigloo\exception\UIException;
$gSessionLogin = Login::getLoginInSession();
$loginId = $gSessionLogin->id;
if (strcmp($gSessionLogin->provider, Login::MIK) != 0) {
$message = "change password only works for 3mik logins!";
throw new UIException(array($message));
}
$userDao = new \com\indigloo\sc\dao\User();
$userDBRow = $userDao->getonLoginId($loginId);
//tokens for use in next screen
$ftoken = Util::getMD5GUID();
$email = $userDBRow["email"];
$femail = Util::encrypt($email);
$gWeb = \com\indigloo\core\Web::getInstance();
$gWeb->store("change.password.email", $femail);
$gWeb->store("change.password.token", $ftoken);
$title = $userDBRow["email"];
$qUrl = base64_encode(Url::current());
$fUrl = Url::current();
function delete($commentId)
{
$loginId = \com\indigloo\sc\auth\Login::tryLoginIdInSession();
mysql\Comment::delete($commentId, $loginId);
}
