public function build($runData)
{
$userId = $runData->getUserId();
// get all membership - criteria with join ;-) wooo!
$c = new Criteria();
$c->add("user_id", $userId);
$c->addJoin("site_id", "site.site_id");
$c->add("site.deleted", true);
$mems = DB_AdminPeer::instance()->select($c);
if (count($mems) > 0) {
$runData->contextAdd("admins", $mems);
}
// get the sites
$sites = array();
foreach ($mems as $m) {
$s = $m->getSite();
$sites[$s->getSiteId()] = $s->getFieldValuesArray();
// original unix name...
$un = $s->getUnixName();
$un = explode('..del..', $un);
$un = $un[0];
$sites[$s->getSiteId()]['unix_name'] = $un;
}
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$runData->contextAdd('sitesData', $json->encode($sites));
}
public function saveEvent($runData)
{
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$pageId = $pl->getParameterValue("pageId");
if (!is_numeric($pageId)) {
throw new ProcessException(_("Page does not exist."));
}
$page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
if (!$page) {
throw new ProcessException(_("Page does not exist."));
}
// check permissions
$category = $page->getCategory();
WDPermissionManager::instance()->hasPagePermission('edit', $runData->getUser(), $category, $page);
$data = $pl->getParameterValue("data");
$json = new JSONService();
$listData = $json->decode($data);
//it's time to do some checking
$listData->label = trim($listData->label);
if (!$listData->label) {
throw new ProcessException(_('The SimpleTodo module must have an id (e.g. id="list1").'));
}
$dataArray['label'] = $listData->label;
$listData->title = trim($listData->title);
if (!$listData->title) {
throw new ProcessException(_('Your title field is empty, please correct that.'));
}
$dataArray['title'] = $listData->title;
for ($i = 0; $i < count($listData->data); $i++) {
$listData->data[$i]->text = trim($listData->data[$i]->text);
$listData->data[$i]->link = trim($listData->data[$i]->link);
if (!is_bool($listData->data[$i]->checked)) {
throw new ProcessException(_('Something is wrong witch checkbox (it is not a boolean value).'));
}
if (empty($listData->data[$i]->text)) {
throw new ProcessException(_('One of your text fields is empty, please correct that.'));
}
$dataArray['data'][$i]['text'] = $listData->data[$i]->text;
$dataArray['data'][$i]['link'] = $listData->data[$i]->link;
$dataArray['data'][$i]['checked'] = $listData->data[$i]->checked;
}
$c = new Criteria();
$c->add('label', $listData->label);
$c->add('site_id', $site->getSiteId());
$list = DB_SimpletodoListPeer::instance()->selectOne($c);
if (!$list) {
$list = new DB_SimpletodoList();
$list->setSiteId($site->getSiteId());
$list->setLabel($dataArray['label']);
}
$list->setTitle($dataArray['title']);
$itemData = $json->encode($dataArray['data']);
$list->setData($itemData);
$list->save();
}
public function build($runData)
{
$site = $runData->getTemp("site");
$settings = $site->getSettings();
$runData->contextAdd("siteDomain", $site->getDomain());
$openIdServices = array(array('pattern' => '^[a-z0-9\\.\\-]+\\.myopenid\\.com\\/?$', 'server' => 'http://www.myopenid.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.getopenid\\.com\\/?$', 'server' => 'https://getopenid.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.livejournal\\.com\\/?$', 'server' => 'http://www.livejournal.com/openid/server.bml'), array('pattern' => '^[a-z0-9\\.\\-]+\\.vox\\.com\\/?$', 'server' => 'http://www.vox.com/openid/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.verisignlabs\\.com\\/?$', 'server' => 'https://pip.verisignlabs.com/server'), array('pattern' => '^[a-z0-9\\.\\-]+\\.openid\\.pl\\/?$', 'server' => 'http://openid.pl/server'), array('pattern' => '^myid\\.pl\\/id\\/', 'server' => 'http://myid.pl/auth'));
$json = new JSONService();
$os = $json->encode($openIdServices);
$runData->contextAdd("openIdServices", $os);
// current settings
$runData->contextAdd("enabled", $settings->getOpenidEnabled());
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("page_id", null);
$ooroot = DB_OpenidEntryPeer::instance()->selectOne($c);
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("page_id", null, "!=");
$oos = DB_OpenidEntryPeer::instance()->select($c);
$runData->contextAdd("openIdRoot", $ooroot);
$runData->contextAdd("openIds", $oos);
}
// Date in the past
// all the parameters are stored in the POST body.
$data = file_get_contents('php://input');
if ($data != null && $data !== '') {
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$parsedData = $json->decode($data);
}
// find quickmodule name
$moduleName = $_GET['module'];
// check if exists
$modulePath = WIKIDOT_ROOT . "/php/quickmodules/" . $moduleName . ".php";
if (file_exists($modulePath)) {
require_once $modulePath;
$module = new $moduleName();
$response = $module->process($parsedData);
if ($parsedData['callbackIndex'] !== null) {
$response['callbackIndex'] = $parsedData['callbackIndex'];
}
if ($response != null) {
if (!$json) {
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
}
echo $json->encode($response);
}
} else {
return;
}
/*
* example query:
* http://www.example.com/quickmodule.php?module=PageLookupQModule&q=howto&s=1
*/
public function uploadContactsForInvitationsEvent($runData)
{
$status = "ok";
// status variable that will be passed to template
$pl = $runData->getParameterList();
$file = $_FILES['contactfile'];
if ($file['size'] == 0) {
$status = "zero_size";
$runData->contextAdd("status", $status);
return;
}
if ($file['error'] != 0) {
$status = "other error";
$runData->contextAdd("status", $file['error']);
return;
}
if (!is_uploaded_file($file['tmp_name'])) {
$status = "invalid_file";
$runData->contextAdd("status", $status);
return;
}
// read the file, convert encoding...?
$cont = file_get_contents($file['tmp_name']);
$enc = mb_detect_encoding($cont, "UTF-8, UTF-16BE, UTF-16LE, UCS-2, UCS-2BE, UCS-2LE, UTF-16, ASCII");
if (!$enc) {
$enc = $this->getUnicode($cont);
}
if ($enc != "UTF-8") {
$cont = mb_convert_encoding($cont, "UTF-8", $enc);
}
//save to a tmp file
$tmpfile = tmpfile();
fwrite($tmpfile, $cont);
fseek($tmpfile, 0);
// access as a CSV
$header = fgetcsv($tmpfile);
// look for name and email
$namePos = 0;
for ($i = 0; $i < count($header); $i++) {
if (preg_match(";name;i", $header[$i])) {
$namePos = $i;
break;
}
}
$emailPos = 0;
for ($i = 0; $i < count($header); $i++) {
if (preg_match(";e\\-?mail;i", $header[$i])) {
$emailPos = $i;
break;
}
}
// read all the rows and get name + email
$adrs = array();
while (($data = fgetcsv($tmpfile)) !== false) {
$name = $data[$namePos];
$email = $data[$emailPos];
$adrs[] = array('name' => $name, 'email' => $email);
}
fclose($tmpfile);
//encode adresses
$json = new JSONService();
$adrs = $json->encode($adrs);
$runData->contextAdd("status", $status);
$runData->contextAdd("adrs", $adrs);
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "OK");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
} else {
// $module->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure module to render!
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
$runData->setAction(null);
}
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
Ozone::initServices();
$logger->debug("Smarty template services loaded");
Ozone::parseMacros();
$logger->debug("Smarty macros parsed");
Ozone::updateSmartyPlain();
$logger->debug("plain version of Smarty created");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
// action security check
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
}
$json = new JSONService();
$out = $json->encode($rVars);
echo $out;
$runData->handleSessionEnd();
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "ok");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
try {
// check security token
if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) {
throw new ProcessException("no", "wrong_token7");
}
//remove token from parameter list!!!
$runData->getParameterList()->delParameter('wikidot_token7');
$callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex');
$runData->getParameterList()->delParameter('callbackIndex');
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
throw new ProcessException(_('The requested site does not exist.'));
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
// PRIVATE SITES: check if the site is private and if the user is its member
if ($site->getPrivate()) {
// check if not allow anyway
$template = $runData->getModuleTemplate();
$actionClass = $runData->getAction();
$proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template));
if (!$proceed) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
throw new ProcessException(_('This Site is private and accessible only to its members.'));
}
}
}
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
throw new WDPermissionException(_("Not allowed."));
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
$runData->setTemp("jsInclude", array());
$runData->setTemp("cssInclude", array());
if ($actionClass) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
throw new WDPermissionException("Not allowed.");
}
$actionEvent = $runData->getActionEvent();
/*try{*/
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate()) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$jsInclude = $runData->getTemp("jsInclude");
$jsInclude = array_merge($jsInclude, $module->getExtraJs());
$runData->setTemp("jsInclude", $jsInclude);
$cssInclude = $runData->getTemp("cssInclude");
$cssInclude = array_merge($cssInclude, $module->getExtraCss());
$runData->setTemp("cssInclude", $cssInclude);
} catch (ProcessException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", $e->getStatus());
$runData->setModuleTemplate(null);
$template = null;
} catch (WDPermissionException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", "no_permission");
$runData->setModuleTemplate(null);
$template = null;
} catch (Exception $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage());
$runData->ajaxResponseAdd("status", "not_ok");
$runData->setModuleTemplate(null);
$template = null;
// LOG ERROR TOO!!!
$logger = OzoneLogger::instance();
$logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString());
}
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
// check the javascript files for inclusion
}
if ($template != null && $template != "Empty") {
$jsInclude = $runData->getTemp("jsInclude");
if ($module->getIncludeDefaultJs()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js';
$incl = $url;
$jsInclude[] = $incl;
}
}
$rVars['jsInclude'] = $jsInclude;
$cssInclude = $runData->getTemp("cssInclude");
if ($module->getIncludeDefaultCss()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css';
$incl = $url;
$cssInclude[] = $incl;
}
}
$rVars['cssInclude'] = $cssInclude;
}
// specify (copy) jscallback. ugly, right? ;-)
$rVars['callbackIndex'] = $callbackIndex;
$json = new JSONService();
$out = $json->encode($rVars);
$runData->handleSessionEnd();
echo $out;
}
