function likeEvent($like = 1)
{
global $current_user;
$current_user = new CurrentUser();
if (!$current_user->id) {
return;
}
$id = $_POST['id'];
if ($like) {
$res = MongoDatabase::eventLike($id, $current_user->id);
} else {
$res = MongoDatabase::eventUnlike($id, $current_user->id);
}
$this->data['result'] = $res;
$event_owner = $res['event_owner'];
if ($res && $like && $id && $event_owner != $current_user->id) {
// перетаскиваем запись к себе на стену
$followerIds = $current_user->getFollowers();
$followerIds[$current_user->id] = $current_user->id;
MongoDatabase::pushEvents($current_user->id, $followerIds, $id, time(), $event_owner);
}
if (!$like && $id && $event_owner != $current_user->id) {
// разонравилась. удаляем эту запись с моей стены
$followerIds = $current_user->getFollowers();
$followerIds[$current_user->id] = $current_user->id;
MongoDatabase::removeWallItem(array_keys($followerIds), $id, $event_owner);
}
}
function __construct($id = NULL)
{
$fields = array('label' => new Type\CharField(), 'cat' => new Type\CharField(), 'active' => new Type\BooleanField(), 'parent' => new Type\ForeignKey('FelixOnline\\Core\\Category'), 'email' => new Type\CharField(), 'twitter' => new Type\CharField(), 'description' => new Type\TextField(), 'order' => new Type\IntegerField(), 'hidden' => new Type\BooleanField(), 'secret' => new Type\BooleanField());
parent::__construct($fields, $id);
$currentuser = new CurrentUser();
if ($this->getSecret() && !$currentuser->isLoggedIn() && !Utility::isInCollege()) {
throw new \FelixOnline\Exceptions\ModelNotFoundException("This is a secret category and you don't have permission to access it", "Category", $id);
}
}
function get($count = 50, $id = "", $info = "all")
{
//Connect
$sql = new DataBase();
$sql->connect();
$query = "\r\n\t\tSELECT DISTINCT acc.*\r\n\t\tFROM accounts acc\r\n\t\tWHERE acc.profile_id = '" . CurrentUser::getId() . "'";
if (!empty($id)) {
$query .= " AND acc.id = '" . $id . "'";
}
$query .= " ORDER BY acc.account_type_id, acc.name LIMIT " . $count;
//Execute
$sql->query($query);
//Objects
$json = array();
//Data
while ($data = mysql_fetch_array($sql->result)) {
if ($info == "all") {
$array = array("id" => $data["id"], "name" => $data["name"], "profile_id" => $data["profile_id"], "initial_balance" => $data["initial_balance"], "account_type_id" => $data["account_type_id"], "balance" => $data["balance"], "status" => $data["status"]);
array_push($json, $array);
} else {
$json = $data[$info];
}
}
//Return
return $json;
$sql->close();
}
function removeFriend()
{
$id = max(0, (int) $_POST['id']);
$current_user = new CurrentUser();
if ($current_user->authorized) {
if ($current_user->id != $id) {
$user_following = $current_user->getFollowing();
$friend = Users::getById($id);
/* @var $friend User */
$friend_followers = $friend->getFollowers();
if (isset($user_following[$id])) {
unset($user_following[$id]);
}
if (isset($friend_followers[$current_user->id])) {
unset($friend_followers[$current_user->id]);
}
$current_user->setFollowing($user_following);
$friend->setFollowers($friend_followers);
$friend->onDeletedFromFriend($current_user->id);
$current_user->onDeleteFriend($id);
$friend->save();
$current_user->save();
}
}
}
public static function getInstance()
{
if (!self::$instance) {
self::$instance = new CurrentUser();
}
return self::$instance;
}
public function setCanDo($inValue = false)
{
if (!is_bool($inValue)) {
return false;
}
$user = CurrentUser::getUserSession();
$permissionEngine = PermissionEngine::getInstance();
return $permissionEngine->toggleCanDo($this, $user->getRoleID(), $inValue);
}
public function setLike()
{
$user = new CurrentUser();
if ($user->isLoggedIn()) {
$alreadyLiked = false;
while ($row = mysqli_fetch_array($this->result)) {
if ($row['UserID'] == $user->getCookieID()) {
$alreadyLiked = true;
}
}
if ($alreadyLiked) {
return;
} else {
self::DBConnect("likes", $this->ID, $user->getCookieID());
}
} else {
echo "not logged in";
}
}
public function __construct(Request $request)
{
if (count($request->getParameters(true)) > 1) {
$this->response = Response::fourOhFour();
return;
}
$user = CurrentUser::getUserSession();
if (!$user->isLoggedIn()) {
$this->response = new Response(200, "@home/notLoggedIn.twig", "Welcome", "home");
return;
}
$this->response = new Response(200, "@home/main.twig", "Hi {$user->getFirstName()}", "home", $user);
}
/**
* Test login & logout
* @test
*/
public function test_login_logout()
{
CurrentUser::login("testuser", "testpassword");
$this->assertEquals("testuser", $_SESSION['login']);
$this->assertNull($_SESSION['token']);
$this->assertNotNull(CurrentUser::$account);
$this->assertEquals("testuser", CurrentUser::$account->login);
$this->assertFalse(CurrentUser::$admin);
CurrentUser::logout();
//TODO: Failure because I do require_once. Autoload may solve the issue
$this->assertNull($_SESSION['login']);
$this->assertNull(CurrentUser::$account);
$this->assertNull($_SESSION['token']);
$this->assertFalse(CurrentUser::$admin);
}
function __construct()
{
CurrentUser::authorize_cookie();
// разбираем запрос
Log::timing('request');
$this->processRequest();
Log::timing('request');
// пишем модулями записи
Log::timing('write');
$this->processWrite();
Log::timing('write');
// ищем конфигурацию страницы для выдачи юзеру
Log::timing('prepare config');
$this->preparePageConfiguration();
Log::timing('prepare config');
// тянем данные
$this->executeModules();
// подключаем шаблонизатор
$this->applyTemplates();
}
public static function authorize_cookie()
{
$cookie_key = Config::need('COOKIE_KEY', 'u');
$hash_coookie_key = $cookie_key . '_sh';
$uid_coookie_key = $cookie_key . '_id';
if (isset($_COOKIE[$uid_coookie_key]) && isset($_COOKIE[$hash_coookie_key])) {
$user_id = $_COOKIE[$uid_coookie_key];
$user = Users::getByIdLoaded($user_id);
if (!$user) {
return false;
}
if ($user->data['session'] == $_COOKIE[$hash_coookie_key]) {
self::$id = $user_id;
Database::query('UPDATE `user` SET `lastAccessTime`=' . time() . ' WHERE `id`=' . $user_id);
self::$authorized = true;
return true;
}
} else {
return false;
}
}
function get($count = 10, $from = "", $to = "", $account = "", $id = "")
{
//Connect
$sql = new DataBase();
$sql->connect();
//Query
$query = "\r\n\t\t\tSELECT DISTINCT transaction.*\r\n\t\t\tFROM transactions transaction\r\n\t\t\tWHERE transaction.profile_id = " . CurrentUser::getId() . " ";
if (!empty($from)) {
$query .= "AND transaction.date >= '" . $from . "' ";
}
if (!empty($to)) {
$query .= "AND transaction.date <= '" . $to . "' ";
}
if (!empty($account)) {
$query .= "AND (transaction.account_from_id = '" . $account . "' || transaction.account_to_id = '" . $account . "') ";
}
if (!empty($id)) {
$query .= "AND transaction.id = '" . $id . "' ";
}
$query .= "ORDER BY transaction.date DESC ";
if ($count != "all") {
$query .= "LIMIT " . $count;
}
$sql->query($query);
//Objects
$json = array();
//Instances
$tags = new Tags();
$accounts = new Accounts();
//Data
while ($data = mysql_fetch_array($sql->result)) {
$array = array("id" => $data["id"], "description" => $data["description"], "amount" => $data['transaction_type_id'] == 3 && $data["account_from_id"] != $account ? $data["amount"] * -1 : $data["amount"], "type" => $data["transaction_type_id"], "date" => $data["date"], "account_from" => $data["account_from_id"], "account_to" => $data["account_to_id"], "account_type" => $accounts->get(1, $data["account_from_id"], "account_type_id"), "profile_id" => $data["profile_id"], 'tags' => $tags->getTransactionTags(1000, $data["id"]));
array_push($json, $array);
}
//Close connection
//$sql->close();
//Return
return $json;
}
private function doLogIn()
{
if (!AntiForgeryToken::getInstance()->validate()) {
return Response::fiveHundred();
}
if (!Honeypot::getInstance()->validate()) {
return Response::fiveHundred();
}
$hookEngine = HookEngine::getInstance();
$hookEngine->runAction('userIsLoggingIn');
$user = CurrentUser::getUserSession();
if ($user->isLoggedIn()) {
return Response::redirect(new Link(""));
}
$username = Request::getPostParameter("username");
$password = Request::getPostParameter("password");
if (!$username) {
return $this->showErrorMessage();
}
if (!$password) {
return $this->showErrorMessage();
}
$lockoutEngine = LockoutEngine::getInstance();
if ($lockoutEngine->isLockedOut($_SERVER['REMOTE_ADDR'])) {
return Response::redirect(new Link("users/login"));
}
$logger = Logger::getInstance();
$username = preg_replace('/\\s+/', '', strip_tags($username));
if (!$user->logIn($username, $password)) {
$logger->logIt(new LogEntry(0, logEntryType::warning, 'Someone failed to log into ' . $username . '\'s account from IP:' . $_SERVER['REMOTE_ADDR'], 0, new DateTime()));
return $this->showErrorMessage();
}
$user = CurrentUser::getUserSession();
$logger->logIt(new LogEntry(0, logEntryType::info, 'A new session was opened for ' . $user->getFullName() . ', who has an IP of ' . $_SERVER['REMOTE_ADDR'] . '.', $user->getUserID(), new DateTime()));
$hookEngine->runAction('userLoggedIn');
return Response::redirect(new Link(""));
}
public function __construct()
{
CurrentUser::$user = isset($_SESSION['id']) ? UsersManager::getById($_SESSION['id']) : null;
}
/**
* Create admin page
*
* @author Thibaud Rohmer
*/
public function __construct()
{
/// Check that current user is an admin or an uploader
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
/// Get actions available for Uploaders too
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Abo":
$this->page = new AdminAbout();
break;
case "Upl":
if (isset($_POST['path'])) {
AdminUpload::upload();
CurrentUser::$path = File::r2a(stripslashes($_POST['path']));
}
break;
case "Mov":
if (isset($_POST['pathFrom'])) {
try {
CurrentUser::$path = File::r2a(dirname(stripslashes($_POST['pathFrom'])));
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
Admin::move();
if (isset($_POST['move']) && $_POST['move'] == "rename") {
try {
if (is_dir(File::r2a(stripslashes($_POST['pathFrom'])))) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['pathFrom']))) . "/" . stripslashes($_POST['pathTo']);
}
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
break;
case "Del":
if (isset($_POST['del'])) {
if (!is_array($_POST['del'])) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'])));
} else {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'][0])));
}
Admin::delete();
}
break;
}
}
/// Check that current user is an admin
if (!CurrentUser::$admin) {
return;
}
/// Get action
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Sta":
$this->page = new AdminStats();
break;
case "VTk":
$this->page = new GuestToken();
break;
case "DTk":
if (isset($_POST['tokenkey'])) {
GuestToken::delete($_POST['tokenkey']);
}
$this->page = new GuestToken();
break;
case "Acc":
if (isset($_POST['edit'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email'], NULL, $_POST['language']);
}
if (isset($_POST['login'])) {
$this->page = new Account($_POST['login']);
} else {
$this->page = CurrentUser::$account;
}
break;
case "GC":
Group::create($_POST['group']);
$this->page = new Group();
break;
case "AAc":
Account::create($_POST['login'], $_POST['password'], $_POST['verif']);
$this->page = new Group();
break;
case "AGA":
$a = new Account($_POST['acc']);
$a->add_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "AGR":
$a = new Account($_POST['acc']);
$a->remove_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "ADe":
Account::delete($_POST['name']);
$this->page = new Group();
break;
case "GEd":
Group::edit($_POST);
$this->page = new Group();
break;
case "GDe":
Group::delete($_GET['g']);
$this->page = new Group();
break;
case "CDe":
CurrentUser::$path = File::r2a($_POST['image']);
Comments::delete($_POST['id']);
$this->page = new MainPage();
break;
case "JS":
break;
case "EdA":
$this->page = new Group();
break;
case "GAl":
if (isset($_POST['path'])) {
Settings::gener_all(File::r2a(stripslashes($_POST['path'])));
}
case "Set":
if (isset($_POST['name'])) {
Settings::set();
}
$this->page = new Settings();
break;
}
}
if (!isset($this->page)) {
$this->page = new AdminAbout();
}
/// Create menu
$this->menu = new AdminMenu();
}
public function toggleCurrentUserSupportForStatus(Status $toSupport)
{
$permissionEngine = PermissionEngine::getInstance();
if (!$permissionEngine->currentUserCanDo("canSupportStatuses")) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$user = CurrentUser::getUserSession();
$userID = $database->escapeString($user->getUserID());
$statusID = $database->escapeString($toSupport->getID());
$results = $database->getData("supporterID", "statusSupporter", "supporterID={$userID} AND statusID={$statusID}");
if ($results === false) {
return false;
}
if ($results != null) {
return $this->removeSupport($statusID, $userID);
}
return $this->addSupport($statusID, $userID);
}
<?php
ini_set('display_errors', 1);
$end = array_pop(explode('/', $_SERVER['REQUEST_URI']));
list($image_id, $size) = explode('-', $end);
$image_id = (int) $image_id;
$size = (int) $size;
if ($image_id) {
$core_path = 'core/';
require_once $core_path . 'config.php';
require_once $core_path . 'include.php';
$authorized = CurrentUser::authorize_cookie();
if ($authorized) {
$owner = Database::sql2single('SELECT `creator_id` FROM `album_events` WHERE `picture`=' . $image_id);
if ($owner == CurrentUser::$id) {
header('Content-type: image/jpeg');
header('Content-Disposition: inline; filename=protected_' . $image_id . '-' . $size . '.jpg');
header('X-Accel-Redirect: /images_private/' . str_replace(ImgStore::ROOT_PRIVATE_FOLDER, '', ImgStore::getFileLocalPath($image_id, $size, $private = true)));
exit(0);
} else {
die('Изображение является приватным и доступно только владельцу');
}
} else {
die('Изображение является приватным и доступно только владельцу');
}
}
public function generateNewForgotPassword($userID)
{
if (CurrentUser::getUserSession()->isLoggedIn()) {
return false;
}
if (!is_numeric($userID)) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$randomString = new generateRandomString(50, true, 37, 136);
$existingTokens = $database->getData('token', 'forgotPassword');
if ($existingTokens === false) {
return false;
}
if ($existingTokens === null) {
$existingTokens = array();
}
do {
$token = $randomString->run();
} while (in_array(array('token' => $token), $existingTokens));
$date = new DateTime();
$date = $date->format('Y-m-d H:i:s');
$token = $database->escapeString($token);
$date = $database->escapeString($date);
$userID = $database->escapeString($userID);
$result = $database->insertData('forgotPassword', 'token, requestDate, userID', "'{$token}', '{$date}', {$userID}");
if ($result === false) {
return false;
}
return $this->getForgotPasswordByToken($token);
}
public function getCurrentUserValue($optionName)
{
$userID = intval(CurrentUser::getUserSession()->getID());
return $this->getUserValue($optionName, $userID);
}
private static function getVariables()
{
ObjectCache::getInstance();
$site = Site::getInstance();
define('GUEST_ROLE_ID', (int) $site->getGuestRoleID()->getValue());
define('SITE_EMAIL', $site->getEmail());
define('SITE_TITLE', $site->getTitle());
date_default_timezone_set($site->getTimeZone());
if ($site->isInMaintenanceMode()) {
if (!PermissionEngine::getInstance()->currentUserCanDo('bypasssMaintenanceMode')) {
return;
}
}
$blockEngine = BlockEngine::getInstance();
$user = CurrentUser::getUserSession();
$hookEngine = HookEngine::getInstance();
$router = Router::getInstance();
$hookEngine->runAction('addStaticRoutes');
$moduleInCharge = $router->whichModuleHandlesRequest();
$response = self::getResponse($moduleInCharge);
http_response_code($response->getResponseCode());
$headers = $response->getHeaders();
foreach ($headers as $header => $value) {
header($header . ": " . $value, true);
}
define('PAGE_TYPE', $response->getPageType());
$blocks = $blockEngine->getBlocks($site->getTheme(), PAGE_TYPE, $user->getRoleID());
if ($blocks === null) {
$blocks = array();
}
self::render($site, $response, $blocks);
}
function __construct()
{
/// Initialize variables
Settings::init();
/// Initialize CurrentUser
try {
CurrentUser::init();
} catch (Exception $e) {
$page = new RegisterPage(true);
$page->toHTML();
return;
}
/// Check what to do
switch (CurrentUser::$action) {
case "Judge":
// Same as page
// Same as page
case "Page":
$page = new MainPage();
$page->toHTML();
break;
case "Log":
$page = new LoginPage();
$page->toHTML();
break;
case "Reg":
$page = new RegisterPage();
$page->toHTML();
break;
case "JS":
$page = new JS();
break;
case "Img":
Provider::Image(CurrentUser::$path);
break;
case "BDl":
Provider::Image(CurrentUser::$path, false, true, true, true);
break;
case "Big":
Provider::Image(CurrentUser::$path, false, true);
break;
case "Thb":
Provider::Image(CurrentUser::$path, true);
break;
case "Zip":
Provider::Zip(CurrentUser::$path);
break;
case "Acc":
if (CurrentUser::$admin && isset($_POST['login'])) {
$acc = new Account($_POST['login']);
} else {
$acc = CurrentUser::$account;
}
$acc->toHTML();
break;
case "Adm":
$page = new Admin();
$page->toHTML();
break;
}
}
public function currentUserCanDo($inPermissionName)
{
$perm = $this->getPermission($inPermissionName);
if (!$perm) {
return false;
}
if (!$this->checkPermission($perm, CurrentUser::getUserSession()->getRoleID())) {
return false;
}
return true;
}
function register()
{
$error = array();
if (!valid_email_address($_POST['email'])) {
$error['email'] = 'неправильный E-mail';
}
if (!trim($_POST['password'])) {
$error['password'] = '******';
}
if (!isset($_POST['agree'])) {
$error['agree'] = 'Примите условия пользовательского соглашения';
}
if (count($error)) {
Site::passWrite('error_register', $error);
return;
} else {
try {
$fields = array();
$data['email'] = strtolower(trim($_POST['email']));
$data['nickname'] = $this->getUniqueNickname(strtolower(trim($_POST['nickname'])), $_POST['email']);
$data['password'] = md5(trim($_POST['password']));
$data['registerTime'] = $data['lastAccessTime'] = time();
$data['role'] = User::ROLE_UNVERIFIED;
$data['hash'] = md5(time() . '-' . rand(1, 10));
foreach ($data as $f => $v) {
$fields[] = '`' . $f . '`=' . Database::escape($v);
}
Database::query('INSERT INTO `user` SET ' . implode(',', $fields));
$uid = Database::lastInsertId();
try {
Site::passWrite('success', true);
} catch (Exception $e) {
$error['email'] = $e->getMessage();
Site::passWrite('error_register', $error);
return;
}
$this->sendRegisterEmail($data['email'], '', $uid . '-' . $data['hash']);
Badges::progressAction($uid, Badges::ACTION_TYPE_REGISTER);
} catch (Exception $e) {
$error['email'] = 'E-mail уже используется, укажите другой';
Site::passWrite('error_register', $error);
return;
}
CurrentUser::set_cookie($uid);
}
}
private function authenticate(AuthenticationMethod $authentication, $autoconnect)
{
$user_id = AuthenticationService::authenticate($authentication, $autoconnect);
$current_user = CurrentUser::from_session();
if ($user_id && $this->maintain_config->is_under_maintenance() && !$current_user->check_auth($this->maintain_config->get_auth(), MaintenanceConfig::ACCESS_WHEN_MAINTAIN_ENABLED_AUTHORIZATIONS)) {
$session = AppContext::get_session();
Session::delete($session);
$this->view->put('ERROR_MESSAGE', MessageHelper::display(LangLoader::get_message('user.not_authorized_during_maintain', 'status-messages-common'), MessageHelper::NOTICE));
$this->has_error = true;
} else {
if ($user_id) {
AppContext::get_response()->redirect($this->get_redirect_url());
}
if ($authentication->has_error()) {
$this->view->put('ERROR_MESSAGE', MessageHelper::display($authentication->get_error_msg(), MessageHelper::NOTICE));
$this->has_error = true;
}
}
}
/////////////////////////////////////DELETE
case 'delete':
//Instances and Variables
$ID = $_GET['id'];
//$transactions = new Transactions;
$accounts = new Accounts();
//Connect
$sql = new DataBase();
$sql->connect();
//Verify if exists
$tr = $transactions->get('all', '', '', '', $ID);
$data = $tr;
if (count($tr) == 0) {
RestUtils::sendResponse('406', array('data' => 'transactionId', 'message' => 'Essa transação não existe.'));
}
if ($tr[0]['profile_id'] != CurrentUser::getId()) {
RestUtils::sendResponse('406', array('data' => 'transactionId', 'message' => 'Essa transação não pertence ao perfil.'));
}
//Remove
$sql->query("DELETE FROM transactions_has_tags WHERE transaction_id = '" . $ID . "'");
$sql->query("DELETE FROM transactions WHERE id = '" . $ID . "'");
//Remove in Ammount
if ($data[0]['account_to'] != '') {
$balance = $accounts->get(1, $data[0]['account_from'], 'balance');
$balance += $data[0]['amount'];
$sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_from'] . "'");
$balance = $accounts->get(1, $data[0]['account_to'], 'balance');
$balance -= $data[0]['amount'];
$sql->query("UPDATE accounts SET balance='" . $balance . "' WHERE id = '" . $data[0]['account_to'] . "'");
} else {
$balance = $accounts->get(1, $data[0]['account_from'], 'balance');
//Set the cookies based on rememberme
if (!$rememberme) {
setcookie('token', $new_token, time() + 6912000, "/");
setcookie('user_id', $user_id, time() + 6912000, "/");
}
else {
setcookie('token', $new_token, time() + 6912000, "/");
setcookie('user_id', $user_id, time() + 6912000, "/");
}
$_COOKIE['user_id'] = $user_id;
$_COOKIE['token'] = $new_token;
$_SESSION['user_id'] = $user_id;
$user = new CurrentUser(array(
'user_id' => $user_id)
);
$user->log_login();
http_response_code(200); ///Success
echo json_encode($user, JSON_PRETTY_PRINT);
/*echo 'succes';*/
}
else {
/* echo 'bad';*/
throw new OutOfBoundsException('OutOfBoundsException raised on request');
}
}
else {
throw new OutOfRangeException('OutOfRangeException occured on request');
/**
* test view function
* @test
* @depends test_generate_key
*/
public function test_view()
{
//prepare
self::login_as_admin();
self::delete_tokens_file();
$paths = array();
$keys = array();
$paths[1] = Settings::$photos_dir . "/tokenfolder";
$paths[2] = Settings::$photos_dir . "/tokenfolder2";
$paths[3] = Settings::$photos_dir . "/tokenfolder/subfolder";
for ($i = 1; $i <= 3; $i++) {
if (!file_exists($paths[$i])) {
mkdir($paths[$i]);
}
$keys[$i] = Guesttoken::generate_key();
GuestToken::create($paths[$i], $keys[$i]);
}
CurrentUser::logout();
//test
for ($i = 1; $i <= 3; $i++) {
$this->assertTrue(GuestToken::view($keys[$i], $paths[$i]));
}
$this->assertFalse(GuestToken::view($keys[3], $paths[1]));
$this->assertFalse(GuestToken::view($keys[3], $paths[2]));
$this->assertFalse(GuestToken::view($keys[2], $paths[1]));
$this->assertTrue(GuestToken::view($keys[1], $paths[3]));
}
/**
* Log the user out
*
* @return void
* @author Thibaud Rohmer
*/
public static function logout()
{
CurrentUser::$account = NULL;
CurrentUser::$admin = false;
CurrentUser::$uploader = false;
session_unset();
}
/**
* The current (logged in) user.
* @return CurrentUser The current user instance
*/
public function user()
{
static $result = null;
if (empty($result)) {
$result = CurrentUser::instance();
}
return $result;
}
public function __construct(Request $request)
{
if (count($request->getParameters(true)) > 2) {
$this->response = Response::fourOhFour();
return;
}
$currentUser = CurrentUser::getUserSession();
if (!$currentUser->isLoggedIn()) {
$this->response = Response::fourOhFour();
return;
}
$hookEngine = HookEngine::getInstance();
$hookEngine->runAction('userIsLoggingOut');
$currentUser->logOut();
session_regenerate_id(true);
$hookEngine->runAction('userLoggedOut');
NoticeEngine::getInstance()->addNotice(new Notice("neutral", "You're now logged out."));
$this->response = Response::redirect(new Link(""));
}
