/** * Set user preference for sorting discussions. */ public function Sort($Target = '') { if (!Gdn::Session()->IsValid()) { throw PermissionException(); } if (!$this->Request->IsAuthenticatedPostBack()) { throw ForbiddenException('GET'); } // Get param $SortField = Gdn::Request()->Post('DiscussionSort'); $SortField = 'd.' . StringBeginsWith($SortField, 'd.', TRUE, TRUE); // Use whitelist here too to keep database clean if (!in_array($SortField, DiscussionModel::AllowedSortFields())) { throw new Gdn_UserException("Unknown sort {$SortField}."); } // Set user pref Gdn::UserModel()->SavePreference(Gdn::Session()->UserID, 'Discussions.SortField', $SortField); if ($Target) { Redirect($Target); } // Send sorted discussions. $this->DeliveryMethod(DELIVERY_METHOD_JSON); $this->Render(); }
public function NotifyNewDiscussion($DiscussionID) { if (!C('Vanilla.QueueNotifications')) { throw ForbiddenException('NotifyNewDiscussion'); } if (!$this->Request->IsPostBack()) { throw ForbiddenException('GET'); } // Grab the discussion. $Discussion = $this->DiscussionModel->GetID($DiscussionID); if (!$Discussion) { throw NotFoundException('Discussion'); } if (GetValue('Notified', $Discussion) != ActivityModel::SENT_PENDING) { die('Not pending'); } // Mark the notification as in progress. $this->DiscussionModel->SetField($DiscussionID, 'Notified', ActivityModel::SENT_INPROGRESS); $HeadlineFormat = T($Code, '{ActivityUserID,user} started a new discussion: <a href="{Url,html}">{Data.Name,text}</a>'); $Category = CategoryModel::Categories(GetValue('CategoryID', $Discussion)); $Activity = array('ActivityType' => 'Discussion', 'ActivityUserID' => $Discussion->InsertUserID, 'HeadlineFormat' => $HeadlineFormat, 'RecordType' => 'Discussion', 'RecordID' => $DiscussionID, 'Route' => DiscussionUrl($Discussion), 'Data' => array('Name' => $Discussion->Name, 'Category' => GetValue('Name', $Category))); $ActivityModel = new ActivityModel(); $this->DiscussionModel->NotifyNewDiscussion($Discussion, $ActivityModel, $Activity); $ActivityModel->SaveQueue(); $this->DiscussionModel->SetField($DiscussionID, 'Notified', ActivityModel::SENT_OK); die('OK'); }
public function SetHourOffset() { $Form = new Gdn_Form(); if ($Form->AuthenticatedPostBack()) { if (!Gdn::Session()->IsValid()) { throw PermissionException('Garden.SignIn.Allow'); } $HourOffset = $Form->GetFormValue('HourOffset'); Gdn::UserModel()->SetField(Gdn::Session()->UserID, 'HourOffset', $HourOffset); $this->SetData('Result', TRUE); $this->SetData('HourOffset', $HourOffset); $time = time(); $this->SetData('UTCDateTime', gmdate('r', $time)); $this->SetData('UserDateTime', gmdate('r', $time + $HourOffset * 3600)); } else { throw ForbiddenException('GET'); } $this->Render('Blank'); }
/** * Set user's thumbnail (crop & center photo). * * @since 2.0.0 * @access public * @param mixed $UserReference Unique identifier, possible username or ID. * @param string $Username. */ public function Thumbnail($UserReference = '', $Username = '') { if (!C('Garden.Profile.EditPhotos', TRUE)) { throw ForbiddenException('@Editing user photos has been disabled.'); } // Initial permission checks (valid user) $this->Permission('Garden.SignIn.Allow'); $Session = Gdn::Session(); if (!$Session->IsValid()) { $this->Form->AddError('You must be authenticated in order to use this form.'); } // Need some extra JS // jcrop update jan28, 2014 as jQuery upgrade to 1.10.2 no longer // supported browser() $this->AddJsFile('jquery.jcrop.min.js'); $this->AddJsFile('profile.js'); $this->GetUserInfo($UserReference, $Username, '', TRUE); // Permission check (correct user) if ($this->User->UserID != $Session->UserID && !CheckPermission('Garden.Users.Edit') && !CheckPermission('Moderation.Profiles.Edit')) { throw new Exception(T('You cannot edit the thumbnail of another member.')); } // Form prep $this->Form->SetModel($this->UserModel); $this->Form->AddHidden('UserID', $this->User->UserID); // Confirm we have a photo to manipulate if (!$this->User->Photo) { $this->Form->AddError('You must first upload a picture before you can create a thumbnail.'); } // Define the thumbnail size $this->ThumbSize = Gdn::Config('Garden.Thumbnail.Size', 40); // Define the source (profile sized) picture & dimensions. $Basename = ChangeBasename($this->User->Photo, 'p%s'); $Upload = new Gdn_UploadImage(); $PhotoParsed = Gdn_Upload::Parse($Basename); $Source = $Upload->CopyLocal($Basename); if (!$Source) { $this->Form->AddError('You cannot edit the thumbnail of an externally linked profile picture.'); } else { $this->SourceSize = getimagesize($Source); } // We actually need to upload a new file to help with cdb ttls. $NewPhoto = $Upload->GenerateTargetName('userpics', trim(pathinfo($this->User->Photo, PATHINFO_EXTENSION), '.'), TRUE); // Add some more hidden form fields for jcrop $this->Form->AddHidden('x', '0'); $this->Form->AddHidden('y', '0'); $this->Form->AddHidden('w', $this->ThumbSize); $this->Form->AddHidden('h', $this->ThumbSize); $this->Form->AddHidden('HeightSource', $this->SourceSize[1]); $this->Form->AddHidden('WidthSource', $this->SourceSize[0]); $this->Form->AddHidden('ThumbSize', $this->ThumbSize); if ($this->Form->AuthenticatedPostBack() === TRUE) { try { // Get the dimensions from the form. Gdn_UploadImage::SaveImageAs($Source, ChangeBasename($NewPhoto, 'n%s'), $this->ThumbSize, $this->ThumbSize, array('Crop' => TRUE, 'SourceX' => $this->Form->GetValue('x'), 'SourceY' => $this->Form->GetValue('y'), 'SourceWidth' => $this->Form->GetValue('w'), 'SourceHeight' => $this->Form->GetValue('h'))); // Save new profile picture. $Parsed = $Upload->SaveAs($Source, ChangeBasename($NewPhoto, 'p%s')); $UserPhoto = sprintf($Parsed['SaveFormat'], $NewPhoto); // Save the new photo info. Gdn::UserModel()->SetField($this->User->UserID, 'Photo', $UserPhoto); // Remove the old profile picture. @$Upload->Delete($Basename); } catch (Exception $Ex) { $this->Form->AddError($Ex); } // If there were no problems, redirect back to the user account if ($this->Form->ErrorCount() == 0) { Redirect(UserUrl($this->User, '', 'picture')); $this->InformMessage(Sprite('Check', 'InformSprite') . T('Your changes have been saved.'), 'Dismissable AutoDismiss HasSprite'); } } // Delete the source image if it is externally hosted. if ($PhotoParsed['Type']) { @unlink($Source); } $this->Title(T('Edit My Thumbnail')); $this->_SetBreadcrumbs(T('Edit My Thumbnail'), '/profile/thumbnail'); $this->Render(); }
/** * Form to ask for the destination of the move, confirmation and permission check. */ public function ConfirmDiscussionMoves($DiscussionID = NULL) { $Session = Gdn::Session(); $this->Form = new Gdn_Form(); $DiscussionModel = new DiscussionModel(); $this->Title(T('Confirm')); if ($DiscussionID) { $CheckedDiscussions = (array) $DiscussionID; $ClearSelection = FALSE; } else { $CheckedDiscussions = Gdn::UserModel()->GetAttribute($Session->User->UserID, 'CheckedDiscussions', array()); if (!is_array($CheckedDiscussions)) { $CheckedDiscussions = array(); } $ClearSelection = TRUE; } $DiscussionIDs = $CheckedDiscussions; $CountCheckedDiscussions = count($DiscussionIDs); $this->SetData('CountCheckedDiscussions', $CountCheckedDiscussions); // Check for edit permissions on each discussion $AllowedDiscussions = array(); $DiscussionData = $DiscussionModel->SQL->Select('DiscussionID, Name, DateLastComment, CategoryID')->From('Discussion')->WhereIn('DiscussionID', $DiscussionIDs)->Get(); $DiscussionData = Gdn_DataSet::Index($DiscussionData->ResultArray(), array('DiscussionID')); foreach ($DiscussionData as $DiscussionID => $Discussion) { $Category = CategoryModel::Categories($Discussion['CategoryID']); if ($Category && $Category['PermsDiscussionsEdit']) { $AllowedDiscussions[] = $DiscussionID; } } $this->SetData('CountAllowed', count($AllowedDiscussions)); $CountNotAllowed = $CountCheckedDiscussions - count($AllowedDiscussions); $this->SetData('CountNotAllowed', $CountNotAllowed); if ($this->Form->AuthenticatedPostBack()) { // Retrieve the category id $CategoryID = $this->Form->GetFormValue('CategoryID'); $Category = CategoryModel::Categories($CategoryID); $RedirectLink = $this->Form->GetFormValue('RedirectLink'); // User must have add permission on the target category if (!$Category['PermsDiscussionsAdd']) { throw ForbiddenException('@' . T('You do not have permission to add discussions to this category.')); } // Iterate and move. foreach ($AllowedDiscussions as $DiscussionID) { // Create the shadow redirect. if ($RedirectLink) { $Discussion = GetValue($DiscussionID, $DiscussionData); $DiscussionModel->DefineSchema(); $MaxNameLength = GetValue('Length', $DiscussionModel->Schema->GetField('Name')); $RedirectDiscussion = array('Name' => SliceString(sprintf(T('Moved: %s'), $Discussion['Name']), $MaxNameLength), 'DateInserted' => $Discussion['DateLastComment'], 'Type' => 'redirect', 'CategoryID' => $Discussion['CategoryID'], 'Body' => FormatString(T('This discussion has been <a href="{url,html}">moved</a>.'), array('url' => DiscussionUrl($Discussion))), 'Format' => 'Html', 'Closed' => TRUE); $RedirectID = $DiscussionModel->Save($RedirectDiscussion); if (!$RedirectID) { $this->Form->SetValidationResults($DiscussionModel->ValidationResults()); break; } } $DiscussionModel->SetField($DiscussionID, 'CategoryID', $CategoryID); } // Clear selections. if ($ClearSelection) { Gdn::UserModel()->SaveAttribute($Session->UserID, 'CheckedDiscussions', FALSE); ModerationController::InformCheckedDiscussions($this); } if ($this->Form->ErrorCount() == 0) { $this->JsonTarget('', '', 'Refresh'); } } $this->Render(); }
public function Merge() { $this->Permission('Garden.Settings.Manage'); // This must be a postback. if (!$this->Request->IsAuthenticatedPostBack()) { throw ForbiddenException('GET'); } $Validation = new Gdn_Validation(); $Validation->ApplyRule('OldUserID', 'ValidateRequired'); $Validation->ApplyRule('NewUserID', 'ValidateRequired'); if ($Validation->Validate($this->Request->Post())) { $Result = Gdn::UserModel()->Merge($this->Request->Post('OldUserID'), $this->Request->Post('NewUserID')); $this->SetData($Result); } else { $this->Form->SetValidationResults($Validation->Results()); } $this->Render('Blank', 'Utility'); }
/** * Revoke an invitation. * * @since 2.0.0 * @param int $InvitationID Unique identifier. * @throws Exception Throws an exception when the invitation isn't found or the user doesn't have permission to delete it. */ public function UnInvite($InvitationID) { $this->Permission('Garden.SignIn.Allow'); if (!$this->Form->AuthenticatedPostBack()) { throw ForbiddenException('GET'); } $InvitationModel = new InvitationModel(); $Session = Gdn::Session(); try { $Valid = $InvitationModel->Delete($InvitationID, $this->UserModel); if ($Valid) { $this->InformMessage(T('The invitation was removed successfully.')); $this->JsonTarget(".js-invitation[data-id=\"{$InvitationID}\"]", '', 'SlideUp'); } } catch (Exception $ex) { $this->Form->AddError(strip_tags($ex->getMessage())); } if ($this->Form->ErrorCount() == 0) { $this->Render('Blank', 'Utility'); } }
/** * Form to ask for the destination of the move, confirmation and permission check. */ public function ConfirmDiscussionMoves() { $Session = Gdn::Session(); $this->Form = new Gdn_Form(); $DiscussionModel = new DiscussionModel(); $this->Title(T('Confirm')); $CheckedDiscussions = Gdn::UserModel()->GetAttribute($Session->User->UserID, 'CheckedDiscussions', array()); if (!is_array($CheckedDiscussions)) { $CheckedDiscussions = array(); } $DiscussionIDs = $CheckedDiscussions; $CountCheckedDiscussions = count($DiscussionIDs); $this->SetData('CountCheckedDiscussions', $CountCheckedDiscussions); // Check for edit permissions on each discussion $AllowedDiscussions = array(); $DiscussionData = $DiscussionModel->SQL->Select('DiscussionID, CategoryID')->From('Discussion')->WhereIn('DiscussionID', $DiscussionIDs)->Get(); foreach ($DiscussionData->Result() as $Discussion) { $Category = CategoryModel::Categories($Discussion->CategoryID); if ($Category && $Category['PermsDiscussionsEdit']) { $AllowedDiscussions[] = $Discussion->DiscussionID; } } $this->SetData('CountAllowed', count($AllowedDiscussions)); $CountNotAllowed = $CountCheckedDiscussions - count($AllowedDiscussions); $this->SetData('CountNotAllowed', $CountNotAllowed); if ($this->Form->AuthenticatedPostBack()) { // Retrieve the category id $CategoryID = $this->Form->GetFormValue('CategoryID'); $Category = CategoryModel::Categories($CategoryID); // User must have add permission on the target category if (!$Category['PermsDiscussionsAdd']) { throw ForbiddenException('@' . T('You do not have permission to add discussions to this category.')); } // Iterate and move. foreach ($AllowedDiscussions as $DiscussionID) { $DiscussionModel->SetField($DiscussionID, 'CategoryID', $CategoryID); } // Clear selections Gdn::UserModel()->SaveAttribute($Session->UserID, 'CheckedDiscussions', FALSE); ModerationController::InformCheckedDiscussions($this); $this->JsonTarget('', '', 'Refresh'); } $this->Render(); }