/**
* The index action is the default action of this Wall Module. It prepares the widget
* wall of the user and render the view according to its preferences.
*
* If the current user is not authenticated, it will be redirected to the users/index
* action that will allows you to acces the login form of the application.
*
*/
public function index($continuePurchase = false, $langage = null, $forcebrowser = false)
{
# Try to force users to use firefox
// if(isset($_SESSION['forcebrowser']) && $_SESSION['forcebrowser'] == true){
// $forcebrowser = true;
// }
// if(!ereg("Firefox/",$_SERVER['HTTP_USER_AGENT']) && !$forcebrowser){
// require(DefaultFC::getView('compatibility.tpl'));
// die();
// }else{
// $_SESSION['forcebrowser'] = true;
// }
if (Auth::isAuth()) {
// Determine if the 'category widget' is installed.
if (Widgets::isInstalled('categoryList')) {
$widgetCategory = array('id' => 'categoryList', 'name' => 'Widget Categories');
}
// Determine if the 'tag cloud widget' is installed.
if (Widgets::isInstalled('tagCloud')) {
$widgetCloud = array('id' => 'tagCloud', 'name' => 'Widget Tag Cloud');
}
// Determine if the view must allow the user to manage widgets.
$widgetManagement = false;
if (Auth::isAdmin() || Auth::isGod()) {
$widgetManagement = true;
}
// Determine if the view must show the list of installed widgets or
// a link to the PALETTE Service Browser.
$useServiceBrowser = USE_SERVICE_BROWSER;
$serviceBrowserURI = USE_SERVICE_BROWSER ? SERVICE_BROWSER_URI . 'index.php/Services/Widgets?num=1' : null;
require DefaultFC::getView('index.tpl');
} else {
DefaultFC::redirection('users/index?ref=wall');
}
}
private function getAllPaths()
{
# filter Vendors dir
parent::getAllPaths();
$filteredPaths = array();
foreach ($this->allPaths as $p) {
if (!ereg('vendors/$', $p)) {
$filteredPaths[] = $p;
}
}
$this->allPaths = $filteredPaths;
}
public function editOrganizationName($organizationName)
{
try {
Miscellaneous::editOrganizationName($organizationName);
$_SESSION['isError'] = false;
$_SESSION['message'] = __("The organization name was successfuly changed.");
} catch (Exception $e) {
$_SESSION['isError'] = true;
$_SESSION['message'] = __("An error occured when changing the organization name.");
}
DefaultFC::redirection('adminMisc/index');
}
public function index()
{
// Globals are evil !
$lg = $GLOBALS['lang'];
if (!file_exists(dirname(__FILE__) . "/../views/common/onlinehelp/{$lg}.tpl")) {
$lg = 'en';
}
// Determine if the view must allow the user to manage widgets.
$widgetManagement = false;
if (Auth::isAdmin() || Auth::isGod()) {
$widgetManagement = true;
}
// Help file to include in the view.
$helpInclusion = dirname(__FILE__) . "/../views/common/onlinehelp/{$lg}.tpl";
# Get Avaliable Langue
$availableLanguages = Util::getAvailableLanguages();
$userLanguage = Auth::getLanguage();
require_once DefaultFC::getView("help.tpl");
}
public function __construct(HttpRequest $request)
{
parent::__construct($request);
}
public function resetPassword($login = null, $lostKey = null, $lostTime = null)
{
$r = Auth::userCanChangeHisPassword($login, $lostKey, $lostTime);
$passwordIsChanged = false;
if ($r === true) {
$urlForm = "../../index.php/Users/resetPassword?login="******"&lostKey=" . urlencode($lostKey) . "&lostTime=" . urlencode($lostTime);
# Save the new password
if (!empty($_POST)) {
# Test params
isset($_POST['login']) ? $login = $_POST['login'] : ($login = null);
isset($_POST['new_password']) ? $newPassword = $_POST['new_password'] : ($newPassword = null);
isset($_POST['new_password']) ? $new_password_confirm = $_POST['new_password_confirm'] : ($new_password_confirm = null);
# Get user id
$userId = UsersManagement::getUserIdByLogin($login);
# test if it is ok
if ($userId !== null && $newPassword !== null && $newPassword == $new_password_confirm && Util::checkPasswordLength($newPassword)) {
$db = DbUtil::accessFactory();
if (!$db->execute("UPDATE users SET password = '******' WHERE id = '" . $userId . "'")) {
$message = __('Please reconfirm your password');
$isError = true;
} else {
$message = __('Your password have been changed');
$isError = false;
$passwordIsChanged = true;
Auth::removeForgotPasswordState($login);
# Now reset the lostKey (for security)
}
} else {
$message = __('Please reconfirm your password');
$isError = true;
}
//var_dump($_POST);
} else {
# Display the form to change password
# Get Avaliable Langue
//$availableLanguages = Util::getAvailableLanguages();
//$userLanguage = Auth::getLanguage();
}
require_once DefaultFC::getView('changepassword.tpl');
} else {
if ($r == -1) {
die(__('Authorized time to change your password has expired, please restart the "forgot your password" process from the portal UI.'));
} else {
die(__('You are not authorized to view this page.'));
}
}
}
public function subscribe()
{
$keys = array_keys($_GET);
$widgetId = $keys[0];
if (!isset($widgetId)) {
throw new BadArgumentException(MwwException::CONTROLLER, 'You must provide a widget identifier to subscribe to a widget.');
}
if (!Auth::isAuth()) {
// forward to the login script.
DefaultFC::redirection('users/index?ref=subscribe');
exit;
}
// No failure for authentication and parameters. We just carry on !
UserInterface::subscribe(Auth::getUserId(), $widgetId);
DefaultFC::redirection('wall/index');
}
/**
* The delete action is triggered through a POST HTTP request when a user wants to delete
* a specific category.
*/
public function delete($categoryId)
{
Categories::delete($categoryId);
$_SESSION['isError'] = false;
$_SESSION['message'] = sprintf(__("The category has been successfuly deleted."));
DefaultFC::redirection('adminCategories/index');
}
public function finish_auth()
{
$always_trust = false;
if (isset($_GET['pal_trust'])) {
$always_trust = true;
// we hide this parameter from the openid library
unset($_GET['pal_trust']);
$_SERVER['QUERY_STRING'] = str_replace('&pal_trust=true', '', $_SERVER['QUERY_STRING']);
}
$db = DbUtil::accessFactory();
$store = new WMySqlStore($db);
$store->createTables();
$consumer =& new Auth_OpenID_Consumer($store);
$url = HttpRequest::getPathUrl();
$nb = strlen($url);
$base_url = '';
if ($nb == 0 || $url[$nb - 1] != "/") {
$base_url = "http://" . $_SERVER['HTTP_HOST'] . $url . "/";
} else {
$base_url = "http://" . $_SERVER['HTTP_HOST'] . $url;
}
$return_url = $base_url . 'index.php/openid/finish_auth';
// Complete the authentication process using the server's
// response.
$response = $consumer->complete($return_url);
$success = false;
// Check the response status.
if ($response->status == Auth_OpenID_CANCEL) {
// This means the authentication was cancelled.
$msg = __('Verification cancelled.');
} else {
if ($response->status == Auth_OpenID_FAILURE) {
// Authentication failed; display the error message.
$msg = __("OpenID authentication failed: ") . $response->message;
} else {
if ($response->status == Auth_OpenID_SUCCESS) {
$success = true;
// This means the authentication succeeded; extract the
// identity URL and Simple Registration data (if it was
// returned).
$openid = $response->getDisplayIdentifier();
Auth::loginByOpenid($openid);
if (!Auth::isAuth()) {
$success = false;
$msg = __('Account not found.');
}
}
}
}
if ($success) {
// for openid sso
if (OPENID_SSO_MODE) {
if ($always_trust) {
setcookie('default_openid', $openid, time() + 60 * 60 * 24 * 30 * 12, HttpRequest::getPathUrl());
}
}
// Authentication process succeeded.
// FIXME: log this connection
// Redirection in the portal.
DefaultFC::redirection('wall/index');
exit;
} else {
$_SESSION['isError'] = true;
$_SESSION['message'] = $msg;
DefaultFC::redirection('users/index');
exit;
}
}
/**
* The Delete action of the Admin module should be triggered through an HTTP POST request in order to
* uninstall a widget that was installed in the widget repository.
*
* @param string $widget The identifier of the widget that must uninstalled from the widget repository.
*/
public function delete($widget)
{
// Security check.
if (!Auth::isAuth() && (Auth::isAdmin() || Auth::isGod())) {
DefaultFC::redirection('users/index?ref=admin');
}
// Action
Widgets::uninstall($widget);
$_SESSION['isError'] = false;
$_SESSION['message'] = __("The widget has been deleted successfully.");
DefaultFC::redirection('admin/index');
}
public function deleteAction($userId)
{
if (Auth::isAuth() && (Auth::isAdmin() || Auth::isGod())) {
UsersManagement::deleteUser($userId);
$_SESSION['isError'] = false;
$_SESSION['message'] = __('The user has been successfuly removed from the portal.');
DefaultFC::redirection('adminUsers/index');
} else {
redirect('users/index');
}
}
