/**
* Set user preference for sorting discussions.
*/
public function Sort($Target = '')
{
if (!Gdn::Session()->IsValid()) {
throw PermissionException();
}
if (!$this->Request->IsAuthenticatedPostBack()) {
throw ForbiddenException('GET');
}
// Get param
$SortField = Gdn::Request()->Post('DiscussionSort');
$SortField = 'd.' . StringBeginsWith($SortField, 'd.', TRUE, TRUE);
// Use whitelist here too to keep database clean
if (!in_array($SortField, DiscussionModel::AllowedSortFields())) {
throw new Gdn_UserException("Unknown sort {$SortField}.");
}
// Set user pref
Gdn::UserModel()->SavePreference(Gdn::Session()->UserID, 'Discussions.SortField', $SortField);
if ($Target) {
Redirect($Target);
}
// Send sorted discussions.
$this->DeliveryMethod(DELIVERY_METHOD_JSON);
$this->Render();
}
public function NotifyNewDiscussion($DiscussionID)
{
if (!C('Vanilla.QueueNotifications')) {
throw ForbiddenException('NotifyNewDiscussion');
}
if (!$this->Request->IsPostBack()) {
throw ForbiddenException('GET');
}
// Grab the discussion.
$Discussion = $this->DiscussionModel->GetID($DiscussionID);
if (!$Discussion) {
throw NotFoundException('Discussion');
}
if (GetValue('Notified', $Discussion) != ActivityModel::SENT_PENDING) {
die('Not pending');
}
// Mark the notification as in progress.
$this->DiscussionModel->SetField($DiscussionID, 'Notified', ActivityModel::SENT_INPROGRESS);
$HeadlineFormat = T($Code, '{ActivityUserID,user} started a new discussion: <a href="{Url,html}">{Data.Name,text}</a>');
$Category = CategoryModel::Categories(GetValue('CategoryID', $Discussion));
$Activity = array('ActivityType' => 'Discussion', 'ActivityUserID' => $Discussion->InsertUserID, 'HeadlineFormat' => $HeadlineFormat, 'RecordType' => 'Discussion', 'RecordID' => $DiscussionID, 'Route' => DiscussionUrl($Discussion), 'Data' => array('Name' => $Discussion->Name, 'Category' => GetValue('Name', $Category)));
$ActivityModel = new ActivityModel();
$this->DiscussionModel->NotifyNewDiscussion($Discussion, $ActivityModel, $Activity);
$ActivityModel->SaveQueue();
$this->DiscussionModel->SetField($DiscussionID, 'Notified', ActivityModel::SENT_OK);
die('OK');
}
public function SetHourOffset()
{
$Form = new Gdn_Form();
if ($Form->AuthenticatedPostBack()) {
if (!Gdn::Session()->IsValid()) {
throw PermissionException('Garden.SignIn.Allow');
}
$HourOffset = $Form->GetFormValue('HourOffset');
Gdn::UserModel()->SetField(Gdn::Session()->UserID, 'HourOffset', $HourOffset);
$this->SetData('Result', TRUE);
$this->SetData('HourOffset', $HourOffset);
$time = time();
$this->SetData('UTCDateTime', gmdate('r', $time));
$this->SetData('UserDateTime', gmdate('r', $time + $HourOffset * 3600));
} else {
throw ForbiddenException('GET');
}
$this->Render('Blank');
}
/**
* Set user's thumbnail (crop & center photo).
*
* @since 2.0.0
* @access public
* @param mixed $UserReference Unique identifier, possible username or ID.
* @param string $Username.
*/
public function Thumbnail($UserReference = '', $Username = '')
{
if (!C('Garden.Profile.EditPhotos', TRUE)) {
throw ForbiddenException('@Editing user photos has been disabled.');
}
// Initial permission checks (valid user)
$this->Permission('Garden.SignIn.Allow');
$Session = Gdn::Session();
if (!$Session->IsValid()) {
$this->Form->AddError('You must be authenticated in order to use this form.');
}
// Need some extra JS
// jcrop update jan28, 2014 as jQuery upgrade to 1.10.2 no longer
// supported browser()
$this->AddJsFile('jquery.jcrop.min.js');
$this->AddJsFile('profile.js');
$this->GetUserInfo($UserReference, $Username, '', TRUE);
// Permission check (correct user)
if ($this->User->UserID != $Session->UserID && !CheckPermission('Garden.Users.Edit') && !CheckPermission('Moderation.Profiles.Edit')) {
throw new Exception(T('You cannot edit the thumbnail of another member.'));
}
// Form prep
$this->Form->SetModel($this->UserModel);
$this->Form->AddHidden('UserID', $this->User->UserID);
// Confirm we have a photo to manipulate
if (!$this->User->Photo) {
$this->Form->AddError('You must first upload a picture before you can create a thumbnail.');
}
// Define the thumbnail size
$this->ThumbSize = Gdn::Config('Garden.Thumbnail.Size', 40);
// Define the source (profile sized) picture & dimensions.
$Basename = ChangeBasename($this->User->Photo, 'p%s');
$Upload = new Gdn_UploadImage();
$PhotoParsed = Gdn_Upload::Parse($Basename);
$Source = $Upload->CopyLocal($Basename);
if (!$Source) {
$this->Form->AddError('You cannot edit the thumbnail of an externally linked profile picture.');
} else {
$this->SourceSize = getimagesize($Source);
}
// We actually need to upload a new file to help with cdb ttls.
$NewPhoto = $Upload->GenerateTargetName('userpics', trim(pathinfo($this->User->Photo, PATHINFO_EXTENSION), '.'), TRUE);
// Add some more hidden form fields for jcrop
$this->Form->AddHidden('x', '0');
$this->Form->AddHidden('y', '0');
$this->Form->AddHidden('w', $this->ThumbSize);
$this->Form->AddHidden('h', $this->ThumbSize);
$this->Form->AddHidden('HeightSource', $this->SourceSize[1]);
$this->Form->AddHidden('WidthSource', $this->SourceSize[0]);
$this->Form->AddHidden('ThumbSize', $this->ThumbSize);
if ($this->Form->AuthenticatedPostBack() === TRUE) {
try {
// Get the dimensions from the form.
Gdn_UploadImage::SaveImageAs($Source, ChangeBasename($NewPhoto, 'n%s'), $this->ThumbSize, $this->ThumbSize, array('Crop' => TRUE, 'SourceX' => $this->Form->GetValue('x'), 'SourceY' => $this->Form->GetValue('y'), 'SourceWidth' => $this->Form->GetValue('w'), 'SourceHeight' => $this->Form->GetValue('h')));
// Save new profile picture.
$Parsed = $Upload->SaveAs($Source, ChangeBasename($NewPhoto, 'p%s'));
$UserPhoto = sprintf($Parsed['SaveFormat'], $NewPhoto);
// Save the new photo info.
Gdn::UserModel()->SetField($this->User->UserID, 'Photo', $UserPhoto);
// Remove the old profile picture.
@$Upload->Delete($Basename);
} catch (Exception $Ex) {
$this->Form->AddError($Ex);
}
// If there were no problems, redirect back to the user account
if ($this->Form->ErrorCount() == 0) {
Redirect(UserUrl($this->User, '', 'picture'));
$this->InformMessage(Sprite('Check', 'InformSprite') . T('Your changes have been saved.'), 'Dismissable AutoDismiss HasSprite');
}
}
// Delete the source image if it is externally hosted.
if ($PhotoParsed['Type']) {
@unlink($Source);
}
$this->Title(T('Edit My Thumbnail'));
$this->_SetBreadcrumbs(T('Edit My Thumbnail'), '/profile/thumbnail');
$this->Render();
}
/**
* Form to ask for the destination of the move, confirmation and permission check.
*/
public function ConfirmDiscussionMoves($DiscussionID = NULL)
{
$Session = Gdn::Session();
$this->Form = new Gdn_Form();
$DiscussionModel = new DiscussionModel();
$this->Title(T('Confirm'));
if ($DiscussionID) {
$CheckedDiscussions = (array) $DiscussionID;
$ClearSelection = FALSE;
} else {
$CheckedDiscussions = Gdn::UserModel()->GetAttribute($Session->User->UserID, 'CheckedDiscussions', array());
if (!is_array($CheckedDiscussions)) {
$CheckedDiscussions = array();
}
$ClearSelection = TRUE;
}
$DiscussionIDs = $CheckedDiscussions;
$CountCheckedDiscussions = count($DiscussionIDs);
$this->SetData('CountCheckedDiscussions', $CountCheckedDiscussions);
// Check for edit permissions on each discussion
$AllowedDiscussions = array();
$DiscussionData = $DiscussionModel->SQL->Select('DiscussionID, Name, DateLastComment, CategoryID')->From('Discussion')->WhereIn('DiscussionID', $DiscussionIDs)->Get();
$DiscussionData = Gdn_DataSet::Index($DiscussionData->ResultArray(), array('DiscussionID'));
foreach ($DiscussionData as $DiscussionID => $Discussion) {
$Category = CategoryModel::Categories($Discussion['CategoryID']);
if ($Category && $Category['PermsDiscussionsEdit']) {
$AllowedDiscussions[] = $DiscussionID;
}
}
$this->SetData('CountAllowed', count($AllowedDiscussions));
$CountNotAllowed = $CountCheckedDiscussions - count($AllowedDiscussions);
$this->SetData('CountNotAllowed', $CountNotAllowed);
if ($this->Form->AuthenticatedPostBack()) {
// Retrieve the category id
$CategoryID = $this->Form->GetFormValue('CategoryID');
$Category = CategoryModel::Categories($CategoryID);
$RedirectLink = $this->Form->GetFormValue('RedirectLink');
// User must have add permission on the target category
if (!$Category['PermsDiscussionsAdd']) {
throw ForbiddenException('@' . T('You do not have permission to add discussions to this category.'));
}
// Iterate and move.
foreach ($AllowedDiscussions as $DiscussionID) {
// Create the shadow redirect.
if ($RedirectLink) {
$Discussion = GetValue($DiscussionID, $DiscussionData);
$DiscussionModel->DefineSchema();
$MaxNameLength = GetValue('Length', $DiscussionModel->Schema->GetField('Name'));
$RedirectDiscussion = array('Name' => SliceString(sprintf(T('Moved: %s'), $Discussion['Name']), $MaxNameLength), 'DateInserted' => $Discussion['DateLastComment'], 'Type' => 'redirect', 'CategoryID' => $Discussion['CategoryID'], 'Body' => FormatString(T('This discussion has been <a href="{url,html}">moved</a>.'), array('url' => DiscussionUrl($Discussion))), 'Format' => 'Html', 'Closed' => TRUE);
$RedirectID = $DiscussionModel->Save($RedirectDiscussion);
if (!$RedirectID) {
$this->Form->SetValidationResults($DiscussionModel->ValidationResults());
break;
}
}
$DiscussionModel->SetField($DiscussionID, 'CategoryID', $CategoryID);
}
// Clear selections.
if ($ClearSelection) {
Gdn::UserModel()->SaveAttribute($Session->UserID, 'CheckedDiscussions', FALSE);
ModerationController::InformCheckedDiscussions($this);
}
if ($this->Form->ErrorCount() == 0) {
$this->JsonTarget('', '', 'Refresh');
}
}
$this->Render();
}
public function Merge()
{
$this->Permission('Garden.Settings.Manage');
// This must be a postback.
if (!$this->Request->IsAuthenticatedPostBack()) {
throw ForbiddenException('GET');
}
$Validation = new Gdn_Validation();
$Validation->ApplyRule('OldUserID', 'ValidateRequired');
$Validation->ApplyRule('NewUserID', 'ValidateRequired');
if ($Validation->Validate($this->Request->Post())) {
$Result = Gdn::UserModel()->Merge($this->Request->Post('OldUserID'), $this->Request->Post('NewUserID'));
$this->SetData($Result);
} else {
$this->Form->SetValidationResults($Validation->Results());
}
$this->Render('Blank', 'Utility');
}
/**
* Revoke an invitation.
*
* @since 2.0.0
* @param int $InvitationID Unique identifier.
* @throws Exception Throws an exception when the invitation isn't found or the user doesn't have permission to delete it.
*/
public function UnInvite($InvitationID)
{
$this->Permission('Garden.SignIn.Allow');
if (!$this->Form->AuthenticatedPostBack()) {
throw ForbiddenException('GET');
}
$InvitationModel = new InvitationModel();
$Session = Gdn::Session();
try {
$Valid = $InvitationModel->Delete($InvitationID, $this->UserModel);
if ($Valid) {
$this->InformMessage(T('The invitation was removed successfully.'));
$this->JsonTarget(".js-invitation[data-id=\"{$InvitationID}\"]", '', 'SlideUp');
}
} catch (Exception $ex) {
$this->Form->AddError(strip_tags($ex->getMessage()));
}
if ($this->Form->ErrorCount() == 0) {
$this->Render('Blank', 'Utility');
}
}
/**
* Form to ask for the destination of the move, confirmation and permission check.
*/
public function ConfirmDiscussionMoves()
{
$Session = Gdn::Session();
$this->Form = new Gdn_Form();
$DiscussionModel = new DiscussionModel();
$this->Title(T('Confirm'));
$CheckedDiscussions = Gdn::UserModel()->GetAttribute($Session->User->UserID, 'CheckedDiscussions', array());
if (!is_array($CheckedDiscussions)) {
$CheckedDiscussions = array();
}
$DiscussionIDs = $CheckedDiscussions;
$CountCheckedDiscussions = count($DiscussionIDs);
$this->SetData('CountCheckedDiscussions', $CountCheckedDiscussions);
// Check for edit permissions on each discussion
$AllowedDiscussions = array();
$DiscussionData = $DiscussionModel->SQL->Select('DiscussionID, CategoryID')->From('Discussion')->WhereIn('DiscussionID', $DiscussionIDs)->Get();
foreach ($DiscussionData->Result() as $Discussion) {
$Category = CategoryModel::Categories($Discussion->CategoryID);
if ($Category && $Category['PermsDiscussionsEdit']) {
$AllowedDiscussions[] = $Discussion->DiscussionID;
}
}
$this->SetData('CountAllowed', count($AllowedDiscussions));
$CountNotAllowed = $CountCheckedDiscussions - count($AllowedDiscussions);
$this->SetData('CountNotAllowed', $CountNotAllowed);
if ($this->Form->AuthenticatedPostBack()) {
// Retrieve the category id
$CategoryID = $this->Form->GetFormValue('CategoryID');
$Category = CategoryModel::Categories($CategoryID);
// User must have add permission on the target category
if (!$Category['PermsDiscussionsAdd']) {
throw ForbiddenException('@' . T('You do not have permission to add discussions to this category.'));
}
// Iterate and move.
foreach ($AllowedDiscussions as $DiscussionID) {
$DiscussionModel->SetField($DiscussionID, 'CategoryID', $CategoryID);
}
// Clear selections
Gdn::UserModel()->SaveAttribute($Session->UserID, 'CheckedDiscussions', FALSE);
ModerationController::InformCheckedDiscussions($this);
$this->JsonTarget('', '', 'Refresh');
}
$this->Render();
}
