public function build($runData)
{
$userId = $runData->getUserId();
// get all membership - criteria with join ;-) wooo!
$c = new Criteria();
$c->add("user_id", $userId);
$c->addJoin("site_id", "site.site_id");
$c->add("site.deleted", true);
$mems = DB_AdminPeer::instance()->select($c);
if (count($mems) > 0) {
$runData->contextAdd("admins", $mems);
}
// get the sites
$sites = array();
foreach ($mems as $m) {
$s = $m->getSite();
$sites[$s->getSiteId()] = $s->getFieldValuesArray();
// original unix name...
$un = $s->getUnixName();
$un = explode('..del..', $un);
$un = $un[0];
$sites[$s->getSiteId()]['unix_name'] = $un;
}
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$runData->contextAdd('sitesData', $json->encode($sites));
}
public function saveEvent($runData)
{
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$pageId = $pl->getParameterValue("pageId");
if (!is_numeric($pageId)) {
throw new ProcessException(_("Page does not exist."));
}
$page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
if (!$page) {
throw new ProcessException(_("Page does not exist."));
}
// check permissions
$category = $page->getCategory();
WDPermissionManager::instance()->hasPagePermission('edit', $runData->getUser(), $category, $page);
$data = $pl->getParameterValue("data");
$json = new JSONService();
$listData = $json->decode($data);
//it's time to do some checking
$listData->label = trim($listData->label);
if (!$listData->label) {
throw new ProcessException(_('The SimpleTodo module must have an id (e.g. id="list1").'));
}
$dataArray['label'] = $listData->label;
$listData->title = trim($listData->title);
if (!$listData->title) {
throw new ProcessException(_('Your title field is empty, please correct that.'));
}
$dataArray['title'] = $listData->title;
for ($i = 0; $i < count($listData->data); $i++) {
$listData->data[$i]->text = trim($listData->data[$i]->text);
$listData->data[$i]->link = trim($listData->data[$i]->link);
if (!is_bool($listData->data[$i]->checked)) {
throw new ProcessException(_('Something is wrong witch checkbox (it is not a boolean value).'));
}
if (empty($listData->data[$i]->text)) {
throw new ProcessException(_('One of your text fields is empty, please correct that.'));
}
$dataArray['data'][$i]['text'] = $listData->data[$i]->text;
$dataArray['data'][$i]['link'] = $listData->data[$i]->link;
$dataArray['data'][$i]['checked'] = $listData->data[$i]->checked;
}
$c = new Criteria();
$c->add('label', $listData->label);
$c->add('site_id', $site->getSiteId());
$list = DB_SimpletodoListPeer::instance()->selectOne($c);
if (!$list) {
$list = new DB_SimpletodoList();
$list->setSiteId($site->getSiteId());
$list->setLabel($dataArray['label']);
}
$list->setTitle($dataArray['title']);
$itemData = $json->encode($dataArray['data']);
$list->setData($itemData);
$list->save();
}
public function build($runData)
{
$user = $runData->getUser();
if (self::$_counter == 0) {
// check permissions
$page = $runData->getTemp("page");
if ($page) {
$category = $page->getCategory();
//s$runData->getTemp("category");
try {
WDPermissionManager::instance()->hasPagePermission('create', $user, $category);
self::$_canEdit = true;
} catch (Exception $e) {
}
}
}
$runData->contextAdd('canEdit', self::$_canEdit);
$runData->contextAdd('listCounter', self::$_counter);
self::$_counter++;
$pl = $runData->getParameterList();
$label = $pl->getParameterValue("id");
$label = trim($label);
if (!$label) {
throw new ProcessException(_('The SimpleTodo module must have an id.'));
}
if (!in_array($label, self::$_labelArray)) {
array_push(self::$_labelArray, $label);
} else {
throw new ProcessException(_('The id attribute sholud be unique.'));
}
$runData->contextAdd("label", $label);
$site = $runData->getTemp("site");
$c = new Criteria();
$c->add('label', $label);
$c->add('site_id', $site->getSiteId());
$list = DB_SimpletodoListPeer::instance()->selectOne($c);
if ($list) {
$json = new JSONService();
$listData = $json->decode($list->getData());
$runData->contextAdd("title", $list->getTitle());
$runData->contextAdd("data", $listData);
}
}
public function build($runData)
{
$site = $runData->getTemp("site");
$settings = $site->getSettings();
$runData->contextAdd("siteDomain", $site->getDomain());
$openIdServices = array(array('pattern' => '^[a-z0-9\\.\\-]+\\.myopenid\\.com\\/?$', 'server' => 'http://www.myopenid.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.getopenid\\.com\\/?$', 'server' => 'https://getopenid.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.livejournal\\.com\\/?$', 'server' => 'http://www.livejournal.com/openid/server.bml'), array('pattern' => '^[a-z0-9\\.\\-]+\\.vox\\.com\\/?$', 'server' => 'http://www.vox.com/openid/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.verisignlabs\\.com\\/?$', 'server' => 'https://pip.verisignlabs.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.openid\\.pl\\/?$', 'server' => 'http://openid.pl/server'), array('pattern' => '^myid\\.pl\\/id\\/', 'server' => 'http://myid.pl/auth'));
$json = new JSONService();
$os = $json->encode($openIdServices);
$runData->contextAdd("openIdServices", $os);
// current settings
$runData->contextAdd("enabled", $settings->getOpenidEnabled());
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("page_id", null);
$ooroot = DB_OpenidEntryPeer::instance()->selectOne($c);
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("page_id", null, "!=");
$oos = DB_OpenidEntryPeer::instance()->select($c);
$runData->contextAdd("openIdRoot", $ooroot);
$runData->contextAdd("openIds", $oos);
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "OK");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
} else {
// $module->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure module to render!
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
$runData->setAction(null);
}
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
Ozone::initServices();
$logger->debug("Smarty template services loaded");
Ozone::parseMacros();
$logger->debug("Smarty macros parsed");
Ozone::updateSmartyPlain();
$logger->debug("plain version of Smarty created");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
// action security check
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
}
$json = new JSONService();
$out = $json->encode($rVars);
echo $out;
$runData->handleSessionEnd();
}
public function build($runData)
{
// select recent revisions...
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
// get options
$pageNumber = $pl->getParameterValue("page");
$op = $pl->getParameterValue("options");
if ($pageNumber === null) {
$pageNumber = 1;
}
if ($op) {
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$o = $json->decode($op);
}
if (count($o) == 0) {
$o['all'] == true;
}
$perPage = $pl->getParameterValue("perpage");
if ($perPage == null) {
$perPage = 20;
}
$offset = ($pageNumber - 1) * $perPage;
$count = $perPage * 2 + 1;
$c = new Criteria();
$c->add("page_revision.site_id", $site->getSiteId());
if (!$o['all'] && count($o) > 0) {
$c2 = new Criteria();
if ($o['new']) {
$c2->addOr("flag_new", true);
}
if ($o['source']) {
$c2->addOr("flag_text", true);
}
if ($o['title']) {
$c2->addOr("flag_title", true);
}
if ($o['move']) {
$c2->addOr("flag_rename", true);
}
if ($o['meta']) {
$c2->addOr("flag_meta", true);
}
if ($o['files']) {
$c2->addOr("flag_file", true);
}
$c->addCriteriaAnd($c2);
}
$categoryId = $pl->getParameterValue("categoryId");
if ($categoryId && is_numeric($categoryId)) {
$c->add("page.category_id", $categoryId);
}
$c->addJoin("page_id", "page.page_id");
$c->addJoin("user_id", "ozone_user.user_id");
$c->addOrderDescending("page_revision.revision_id");
$c->setLimit($count, $offset);
$revisions = DB_PageRevisionPeer::instance()->select($c);
$counted = count($revisions);
$pagerData = array();
$pagerData['currentPage'] = $pageNumber;
if ($counted > $perPage * 2) {
$knownPages = $pageNumber + 2;
$pagerData['knownPages'] = $knownPages;
} elseif ($counted > $perPage) {
$knownPages = $pageNumber + 1;
$pagerData['totalPages'] = $knownPages;
} else {
$totalPages = $pageNumber;
$pagerData['totalPages'] = $totalPages;
}
$revisions = array_slice($revisions, 0, $perPage);
$runData->contextAdd("pagerData", $pagerData);
$runData->contextAdd("revisions", $revisions);
$runData->contextAdd("revisionsCount", count($revisions));
}
public function build($runData)
{
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$pageId = $pl->getParameterValue("page_id");
$pageNumber = $pl->getParameterValue("page");
$perPage = $pl->getParameterValue("perpage");
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$o = $json->decode($pl->getParameterValue("options"));
$offset = ($pageNumber - 1) * $perPage;
$count = $perPage * 2 + 1;
// get the page
$page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
if ($page == null || $page->getSiteId() !== $site->getSiteId()) {
throw new ProcessException(_("Error selecting the page."), "no_page");
}
$c = new Criteria();
$c->add('page_id', $pageId);
// check options
if (!$o['all'] && count($o) > 0) {
$c2 = new Criteria();
if ($o['new']) {
$c2->addOr("flag_new", true);
}
if ($o['source']) {
$c2->addOr("flag_text", true);
}
if ($o['title']) {
$c2->addOr("flag_title", true);
}
if ($o['move']) {
$c2->addOr("flag_rename", true);
}
if ($o['meta']) {
$c2->addOr("flag_meta", true);
}
if ($o['files']) {
$c2->addOr("flag_file", true);
}
$c->addCriteriaAnd($c2);
}
$c->addJoin("user_id", "ozone_user.user_id");
$c->addOrderDescending('revision_id');
$c->setLimit($count, $offset);
$pr = DB_PageRevisionPeer::instance()->select($c);
// now see if number of selected is equal $perPage + 1. If so -
// there is at least 1 more page to show...
$counted = count($pr);
$pagerData = array();
$pagerData['current_page'] = $pageNumber;
if ($counted > $perPage * 2) {
$knownPages = $pageNumber + 2;
$pagerData['known_pages'] = $knownPages;
} elseif ($counted > $perPage) {
$knownPages = $pageNumber + 1;
$pagerData['total_pages'] = $knownPages;
} else {
$totalPages = $pageNumber;
$pagerData['total_pages'] = $totalPages;
}
$pr = array_slice($pr, 0, $perPage);
$runData->contextAdd("pagerData", $pagerData);
$runData->contextAdd("page", $page);
$runData->contextAdd("currentRevision", $page->getCurrentRevision());
$runData->contextAdd("revisions", $pr);
}
<?php
/*******************************************************************************
*******************************************************************************/
if (!defined('CONFIG')) {
require_once "../svcutil.php";
} else {
require_once DIR_SERVICE . 'svcutil.php';
$DONOTWEBSERVICE = true;
}
define("SEARCH_SERVICE", "Search");
$server = new JSONService();
require_once DIR_SERVICE . 'Common.definitions.php';
require_once SEARCH_SERVICE . "Service.registration.php";
if (!isset($DONOTWEBSERVICE)) {
$server->Service();
exit;
}
public function saveOpenIDEvent($runData)
{
$pl = $runData->getParameterList();
$site = $runData->getTemp("site");
$settings = $site->getSettings();
$openIdEnabled = $pl->getParameterValue("enableOpenID") == "true";
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$vals = $json->decode($pl->getParameterValue("vals"));
$affectedPages = array();
$outdater = new Outdater();
$db = Database::connection();
$db->begin();
$settings->setOpenidEnabled($openIdEnabled);
$settings->save();
// get the already assigned openids
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$oldOpenIDs = DB_OpenidEntryPeer::instance()->select($c);
$rootProcessed = false;
$oldOpenIDs2 = $oldOpenIDs;
foreach ($vals as $val) {
$pageId = null;
$page = null;
if ($val['page']) {
// not a root page
$page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $val['page']);
if (!$page) {
throw new ProcessException(sprintf(_("The page %s can not be found"), $vals['page']));
}
$pageId = $page->getPageId();
} elseif (!$rootProcessed) {
$rootProcessed = true;
} elseif ($rootProcessed) {
continue;
}
// validate the data
$url = $val['identityUrl'];
$serverUrl = $val['serverUrl'];
if (!$url) {
continue;
}
if (!preg_match(';^[a-z0-9\\-\\./#]+$;i', $url)) {
throw new ProcessException(sprintf("Identity URL %s is not valid.", $url));
}
if (!preg_match(';^https?://[a-z0-9\\-\\./#]+$;i', $serverUrl)) {
throw new ProcessException(sprintf("Server URL %s is not valid.", $serverUrl));
}
// check if the entry already exists
$entry = null;
foreach ($oldOpenIDs as $oo) {
if ($oo->getPageId() === $pageId) {
$entry = $oo;
foreach ($oldOpenIDs2 as $oo2key => &$oo2) {
if ($oo2->getPageId() === $pageId) {
$ookey = $oo2key;
break;
}
}
unset($oldOpenIDs2[$ookey]);
break;
}
}
if (!$entry) {
$entry = new DB_OpenidEntry();
$entry->setSiteId($site->getSiteId());
$entry->setPageId($pageId);
}
$entry->setUrl('http://' . $url);
$entry->setServerUrl($serverUrl);
// save the entry
$entry->save();
// outdate caches
if ($page) {
$outdater->outdatePageCache($page);
} else {
$outdater->outdatePageCache($site->getDefaultPage());
}
}
// remove unused entries
foreach ($oldOpenIDs2 as $oo) {
DB_OpenidEntryPeer::instance()->deleteByPrimaryKey($oo->getOpenidId());
// outdate caches
$pageId = $oo->getPageId();
if ($pageId) {
$page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
} else {
$page = $site->getDefaultPage();
}
$outdater->outdatePageCache($page);
}
$db->commit();
}
public function removeSelectedDraftsEvent($runData)
{
$userId = $runData->getUserId();
$c = new Criteria();
$c->add("from_user_id", $userId);
$c->add("flag", 2);
$selected = $runData->getParameterList()->getParameterValue("selected");
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$selected = $json->decode($selected);
$db = Database::connection();
$db->begin();
$c2 = new Criteria();
foreach ($selected as $s) {
$c2->addOr("message_id", $s);
}
$c->addCriteriaAnd($c2);
DB_PrivateMessagePeer::instance()->delete($c);
$db->commit();
}
public function sendFormEvent($runData)
{
$pl = $runData->getParameterList();
$values = $pl->getParameterValue("formdata");
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$values = $json->decode($values);
$site = $runData->getTemp("site");
$fkey = trim($pl->getParameterValue("formdef"));
$data = DatabaseStorage::instance()->get($fkey);
if (!$data) {
throw new ProcessException(_("No form definition found."));
}
$fields = $data['fields'];
$email = $data['email'];
$title = $data['title'];
$format = strtolower(trim($data['format']));
if (!in_array($format, array('csv'))) {
$format = null;
}
// parse and validate!
$errors = array();
foreach ($fields as &$field) {
$name = $field['name'];
$value = $values[$field['name']];
$field['value'] = $value;
// check if need to validate. any rules?
// first, if select, can not be empty
if ($field['type'] == "select") {
if (!$value) {
$errors[$name] = _('Please select an option');
continue;
}
}
if ($field['rules'] && is_array($field['rules'])) {
foreach ($field['rules'] as $ruleName => $ruleValue) {
switch ($ruleName) {
case 'required':
if ($value == "") {
$errors[$name] = _('Please enter this information');
break 2;
}
break;
case 'minLength':
if (strlen8($value) < $ruleValue) {
$errors[$name] = _('Value is too short');
break 2;
}
break;
case 'maxLength':
if (strlen8($value) > $ruleValue) {
$errors[$name] = _('Value is too long');
break 2;
}
break;
case 'match':
if (!preg_match($ruleValue, $value)) {
$errors[$name] = _('Value is not valid');
break 2;
}
break;
case 'number':
if (!is_numeric($value)) {
$errors[$name] = _('Value is not numeric');
break 2;
}
break;
case 'minValue':
if (!is_numeric($value) || 1 * $value < 1 * $ruleValue) {
$errors[$name] = _('Value is too small');
break 2;
}
break;
case 'maxValue':
if (!is_numeric($value) || 1 * $value > 1 * $ruleValue) {
$errors[$name] = _('Value is too large');
break 2;
}
break;
}
}
}
// fix checkboxes
if ($field['type'] == "checkbox") {
if (!$value) {
$field['value'] = _('No');
} else {
$field['value'] = _('Yes');
}
}
}
if (count($errors)) {
// "sir, we have some errors here. shit."
$runData->ajaxResponseAdd("errors", $errors);
throw new ProcessException("Form errors.", "form_errors");
}
$title = $title ? $title : sprintf(_("[%s] MailForm form data"), GlobalProperties::$SERVICE_NAME);
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject($title);
$oe->contextAdd('fields', $fields);
$oe->contextAdd('values', $values);
switch ($format) {
case 'csv':
$emailTemplate = 'wiki/mailform/MailFormCSV';
// fix the values (escape)
foreach ($fields as &$field) {
$value = $field['value'];
if (preg_match("/[,\"\n]/", $value)) {
$value = str_replace('"', '""', $value);
$value = '"' . $value . '"';
$field['value'] = $value;
}
}
break;
default:
$emailTemplate = 'wiki/mailform/MailForm';
break;
}
$oe->setBodyTemplate($emailTemplate);
if (!$oe->Send()) {
throw new ProcessException(_("The form data could not be sent to the specified email address."), "email_failed");
}
// ok, is there any success page?
$successPage = $data['successPage'];
if ($successPage) {
$successPage = WDStringUtils::toUnixName($successPage);
$page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $successPage);
if ($page) {
$runData->ajaxResponseAdd("successPage", $successPage);
}
}
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function sendEmailInvitationsEvent($runData)
{
$pl = $runData->getParameterList();
$user = $runData->getUser();
$site = $runData->getTemp("site");
// is user allowed to send invitations?
$siteSettings = $site->getSettings();
$sendingEnabled = $siteSettings->getAllowMembersInvite();
if (!$sendingEnabled) {
throw new ProcessException(_("Users are not allowed to send invitations to this Wiki."));
}
if (!$user) {
throw new ProcessException(_("You are not logged in."));
}
// check if a member
$c = new Criteria();
$c->add("user_id", $user->getUserId());
$c->add("site_id", $site->getSiteId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
throw new ProcessException(_("Only members of this Wiki are allowed to send invitations."));
}
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$addresses = $json->decode($pl->getParameterValue("addresses"));
$message = $pl->getParameterValue("message");
// check if data is valid
if (count($addresses) > 20) {
throw new ProcessException(_("You should not send more than 20 invitations at once."));
}
foreach ($addresses as $address) {
$email = trim($address[0]);
$name = trim($address[1]);
if (!preg_match("/^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)+\$/", $email) || strlen8($email) > 70 || strlen($email) == 0) {
throw new ProcessException(sprintf(_('Email "%s" is not valid.'), htmlspecialchars($email)), "bad_email");
}
if (preg_match(';://;', $name) || preg_match(';\\.www;i', $name) || strlen($name) > 50 || strlen($name) == 0) {
throw new ProcessException(sprintf(_('Recipient\'s name "%s" is not valid.'), htmlspecialchars($name)), "bad_name");
}
//check if "email" is not already a member of this site...
$q = " SELECT * FROM member, ozone_user WHERE member.site_id='" . $site->getSiteId() . "' AND ozone_user.name='" . db_escape_string($email) . "' AND member.user_id = ozone_user.user_id LIMIT 1";
$c = new Criteria();
$c->setExplicitQuery($q);
$m = DB_MemberPeer::instance()->selectOne($c);
if ($m) {
throw new ProcessException(sprintf(_('User with the email address "%s" is already a member of this Site. Remove him from the list and send invitations again.'), htmlspecialchars($email)), 'aleady_member');
}
// check if not sent already to this address.
$c = new Criteria();
$c->add("email", $email);
$c->add("site_id", $site->getSiteId());
$ii = DB_EmailInvitationPeer::instance()->selectOne($c);
if ($ii) {
throw new ProcessException(sprintf(_('User with the email address "%s" has been already invited to this Site. Remove him from the list and send invitations again. If you want to resend an invitation please rather look at the history of sent invitations.'), htmlspecialchars($email)), 'aleady_member');
}
}
if (preg_match(';://;', $message) || preg_match(';www\\.;i', $message)) {
throw new ProcessException(_('The message should not contain any links to websites.'), "bad_message");
}
if ($message != "" && strlen($message) > 1000) {
throw new ProcessException(_('The message seems to be too long. Max 1000 characters are allowed.'), "bad_message");
}
// now prepare invitation and send!
$db = Database::connection();
foreach ($addresses as $address) {
$email = trim($address[0]);
$name = trim($address[1]);
$db->begin();
// each invitation makes a separate transaction
$hash = substr(md5($name . $email) . time(), 0, 20);
$inv = new DB_EmailInvitation();
$inv->setHash($hash);
$inv->setEmail($email);
$inv->setName($name);
$inv->setUserId($user->getUserId());
$inv->setSiteId($site->getSiteId());
$inv->setMessage($message);
$inv->setDate(new ODate());
if ($address[2]) {
$inv->setToContacts(true);
}
// prepare and send email
$profile = $user->getProfile();
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject(sprintf(_("[%s] %s invites you to join!"), GlobalProperties::$SERVICE_NAME, $user->getNickName()));
$oe->contextAdd('user', $user);
$oe->contextAdd('profile', $profile);
$oe->contextAdd('hash', $hash);
$oe->contextAdd("site", $site);
$oe->contextAdd("message", $message);
$oe->contextAdd('name', $name);
$oe->setBodyTemplate('MembershipEmailInvitation');
if (!$oe->Send()) {
$inv->setDelivered(false);
} else {
$inv->setDelivered(true);
}
$inv->save();
$db->commit();
}
}
public function savePageRateSettingsEvent($runData)
{
$pl = $runData->getParameterList();
$site = $runData->getTemp("site");
$siteId = $site->getSiteId();
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$cats0 = $json->decode($pl->getParameterValue("categories"));
$db = Database::connection();
$db->begin();
$outdater = new Outdater();
foreach ($cats0 as $category) {
$categoryId = $category['category_id'];
$c = new Criteria();
$c->add("category_id", $categoryId);
$c->add("site_id", $siteId);
// for sure ;-)
$dCategory = DB_CategoryPeer::instance()->selectOne($c);
// now compare
$changed = false;
if ($category['rating'] !== $dCategory->getRating()) {
$dCategory->setRating($category['rating']);
$changed = true;
}
if ($changed) {
$dCategory->save();
// outdate category too
$outdater->categoryEvent("category_save", $dCategory);
}
}
$db->commit();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function build($runData)
{
// select recent revisions...
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$userId = $pl->getParameterValue("userId");
if ($runData->getUser() && $userId == $runData->getUser()->getUserId()) {
$own = true;
}
// get user
//if($userId
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId);
if ($user == null) {
throw new ProcessException(_("Error selecting user."), "no_user");
}
// get options
$pageNumber = $pl->getParameterValue("page");
$op = $pl->getParameterValue("options");
if ($pageNumber === null) {
$pageNumber = 1;
}
if ($op) {
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$o = $json->decode($op);
}
if (count($o) == 0) {
$o['all'] == true;
}
$perPage = $pl->getParameterValue("perpage");
if ($perPage == null) {
$perPage = 20;
}
$offset = ($pageNumber - 1) * $perPage;
$count = $perPage * 2 + 1;
$c = new Criteria();
$c->add("page_revision.user_id", $user->getUserId());
if (!$own) {
$c->add("site.private", false);
}
if (!$o['all'] && count($o) > 0) {
$c2 = new Criteria();
if ($o['new']) {
$c2->addOr("flag_new", true);
}
if ($o['source']) {
$c2->addOr("flag_text", true);
}
if ($o['title']) {
$c2->addOr("flag_title", true);
}
if ($o['move']) {
$c2->addOr("flag_rename", true);
}
if ($o['meta']) {
$c2->addOr("flag_meta", true);
}
if ($o['files']) {
$c2->addOr("flag_file", true);
}
$c->addCriteriaAnd($c2);
}
$c->addJoin("page_revision.page_id", "page.page_id");
$c->addJoin("page.site_id", "site.site_id");
$c->add("site.deleted", false);
$c->addOrderDescending("page_revision.revision_id");
$c->setLimit($count, $offset);
$revisions = DB_PageRevisionPeer::instance()->select($c);
$counted = count($revisions);
$pagerData = array();
$pagerData['currentPage'] = $pageNumber;
if ($counted > $perPage * 2) {
$knownPages = $pageNumber + 2;
$pagerData['knownPages'] = $knownPages;
} elseif ($counted > $perPage) {
$knownPages = $pageNumber + 1;
$pagerData['totalPages'] = $knownPages;
} else {
$totalPages = $pageNumber;
$pagerData['totalPages'] = $totalPages;
}
$revisions = array_slice($revisions, 0, $perPage);
$runData->contextAdd("pagerData", $pagerData);
$runData->contextAdd("revisions", $revisions);
$runData->contextAdd("revisionsCount", count($revisions));
}
public function uploadContactsForInvitationsEvent($runData)
{
$status = "ok";
// status variable that will be passed to template
$pl = $runData->getParameterList();
$file = $_FILES['contactfile'];
if ($file['size'] == 0) {
$status = "zero_size";
$runData->contextAdd("status", $status);
return;
}
if ($file['error'] != 0) {
$status = "other error";
$runData->contextAdd("status", $file['error']);
return;
}
if (!is_uploaded_file($file['tmp_name'])) {
$status = "invalid_file";
$runData->contextAdd("status", $status);
return;
}
// read the file, convert encoding...?
$cont = file_get_contents($file['tmp_name']);
$enc = mb_detect_encoding($cont, "UTF-8, UTF-16BE, UTF-16LE, UCS-2, UCS-2BE, UCS-2LE, UTF-16, ASCII");
if (!$enc) {
$enc = $this->getUnicode($cont);
}
if ($enc != "UTF-8") {
$cont = mb_convert_encoding($cont, "UTF-8", $enc);
}
//save to a tmp file
$tmpfile = tmpfile();
fwrite($tmpfile, $cont);
fseek($tmpfile, 0);
// access as a CSV
$header = fgetcsv($tmpfile);
// look for name and email
$namePos = 0;
for ($i = 0; $i < count($header); $i++) {
if (preg_match(";name;i", $header[$i])) {
$namePos = $i;
break;
}
}
$emailPos = 0;
for ($i = 0; $i < count($header); $i++) {
if (preg_match(";e\\-?mail;i", $header[$i])) {
$emailPos = $i;
break;
}
}
// read all the rows and get name + email
$adrs = array();
while (($data = fgetcsv($tmpfile)) !== false) {
$name = $data[$namePos];
$email = $data[$emailPos];
$adrs[] = array('name' => $name, 'email' => $email);
}
fclose($tmpfile);
//encode adresses
$json = new JSONService();
$adrs = $json->encode($adrs);
$runData->contextAdd("status", $status);
$runData->contextAdd("adrs", $adrs);
}
// Date in the past
// all the parameters are stored in the POST body.
$data = file_get_contents('php://input');
if ($data != null && $data !== '') {
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$parsedData = $json->decode($data);
}
// find quickmodule name
$moduleName = $_GET['module'];
// check if exists
$modulePath = WIKIDOT_ROOT . "/php/quickmodules/" . $moduleName . ".php";
if (file_exists($modulePath)) {
require_once $modulePath;
$module = new $moduleName();
$response = $module->process($parsedData);
if ($parsedData['callbackIndex'] !== null) {
$response['callbackIndex'] = $parsedData['callbackIndex'];
}
if ($response != null) {
if (!$json) {
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
}
echo $json->encode($response);
}
} else {
return;
}
/*
* example query:
* http://www.example.com/quickmodule.php?module=PageLookupQModule&q=howto&s=1
*/
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "ok");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
try {
// check security token
if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) {
throw new ProcessException("no", "wrong_token7");
}
//remove token from parameter list!!!
$runData->getParameterList()->delParameter('wikidot_token7');
$callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex');
$runData->getParameterList()->delParameter('callbackIndex');
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
throw new ProcessException(_('The requested site does not exist.'));
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
// PRIVATE SITES: check if the site is private and if the user is its member
if ($site->getPrivate()) {
// check if not allow anyway
$template = $runData->getModuleTemplate();
$actionClass = $runData->getAction();
$proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template));
if (!$proceed) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
throw new ProcessException(_('This Site is private and accessible only to its members.'));
}
}
}
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
throw new WDPermissionException(_("Not allowed."));
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
$runData->setTemp("jsInclude", array());
$runData->setTemp("cssInclude", array());
if ($actionClass) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
throw new WDPermissionException("Not allowed.");
}
$actionEvent = $runData->getActionEvent();
/*try{*/
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate()) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$jsInclude = $runData->getTemp("jsInclude");
$jsInclude = array_merge($jsInclude, $module->getExtraJs());
$runData->setTemp("jsInclude", $jsInclude);
$cssInclude = $runData->getTemp("cssInclude");
$cssInclude = array_merge($cssInclude, $module->getExtraCss());
$runData->setTemp("cssInclude", $cssInclude);
} catch (ProcessException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", $e->getStatus());
$runData->setModuleTemplate(null);
$template = null;
} catch (WDPermissionException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", "no_permission");
$runData->setModuleTemplate(null);
$template = null;
} catch (Exception $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage());
$runData->ajaxResponseAdd("status", "not_ok");
$runData->setModuleTemplate(null);
$template = null;
// LOG ERROR TOO!!!
$logger = OzoneLogger::instance();
$logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString());
}
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
// check the javascript files for inclusion
}
if ($template != null && $template != "Empty") {
$jsInclude = $runData->getTemp("jsInclude");
if ($module->getIncludeDefaultJs()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js';
$incl = $url;
$jsInclude[] = $incl;
}
}
$rVars['jsInclude'] = $jsInclude;
$cssInclude = $runData->getTemp("cssInclude");
if ($module->getIncludeDefaultCss()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css';
$incl = $url;
$cssInclude[] = $incl;
}
}
$rVars['cssInclude'] = $cssInclude;
}
// specify (copy) jscallback. ugly, right? ;-)
$rVars['callbackIndex'] = $callbackIndex;
$json = new JSONService();
$out = $json->encode($rVars);
$runData->handleSessionEnd();
echo $out;
}
