public function editProcess($actionurl = false)
{
global $callbackId;
if (PPostHandler::isHandling()) {
$vars =& PPostHandler::getVars();
if ($vars) {
// Populate the _REQUEST array with the Post-Vars, so the wiki can use them :-/
foreach ($vars as $key => $value) {
$_REQUEST[$key] = $value;
}
}
$url = $this->parseRequest();
$this->no_output = true;
ob_start();
$this->getWiki($url);
ob_end_clean();
PPostHandler::clearVars();
$url = str_replace('edit/', '', $url);
if ($actionurl) {
header('Location: ' . PVars::getObj('env')->baseuri . $actionurl);
PPHP::PExit();
}
header('Location: ' . PVars::getObj('env')->baseuri . 'wiki/' . $url);
PPHP::PExit();
//return PVars::getObj('env')->baseuri.'wiki';
} else {
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
return $callbackId;
}
}
public static function strftime_utf8($format, $t = false)
{
if (!$t) {
$t = time();
}
$t = strftime($format, $t);
if (PFunctions::isUTF8($t)) {
return $t;
} else {
return utf8_encode($t);
}
}
public function displayTrips($trips, $trip_data, $page = 1)
{
$pages = PFunctions::paginate($trips, $page);
$trips = $pages[0];
$maxPage = $pages[2];
$pages = $pages[1];
$currentPage = $page;
require 'templates/alltrips.php';
$request = PRequest::get()->request;
$requestStr = implode('/', $request);
$requestStr = str_replace('/page' . $page, '', $requestStr);
$this->pages($pages, $currentPage, $maxPage, $requestStr . '/page%d');
}
/**
*
*/
public function activitylogs($level)
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
$vars =& PPostHandler::getVars();
} else {
$vars = $this->_gainGetParams();
}
$result = $this->_model->procActivitylogs($vars, $level);
$tData = current($result);
$totalNumber = key($result);
PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
require 'templates/activitylogs.php';
}
/**
* Processing creation of a comment
*
* This is a POST callback function.
*
* Sets following errors in POST vars:
* title - invalid(empty) title.
* textlen - too short or long text.
* inserror - db error while inserting.
*/
public function shoutProcess($table = false, $table_id = false)
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
if (!$_SESSION['IdMember']) {
return false;
}
$vars =& PPostHandler::getVars();
$request = PRequest::get()->request;
if (!$table) {
$table = $vars['table'];
}
if (!$table_id) {
$table_id = $vars['table_id'];
}
// validate
if (!isset($vars['ctxt']) || strlen($vars['ctxt']) == 0 || strlen($vars['ctxt']) > 5000) {
$vars['errors'] = array('textlen');
return false;
}
$shoutId = $this->dao->nextId('shouts');
$query = '
INSERT INTO `shouts`
SET
`id`=' . $shoutId . ',
`table`=\'' . $table . '\',
`table_id`=\'' . $table_id . '\',
`member_id_foreign`=' . $_SESSION['IdMember'] . ',
`title`=\'' . (isset($vars['ctit']) ? $this->dao->escape($vars['ctit']) : '') . '\',
`text`=\'' . $this->dao->escape($vars['ctxt']) . '\',
`created`=NOW()';
$s = $this->dao->query($query);
if (!$s) {
$vars['errors'] = array('inserror');
return false;
}
PPostHandler::clearVars();
return PVars::getObj('env')->baseuri . implode('/', $request) . '#c' . $shoutId;
} else {
PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
return $callbackId;
}
}
/**
* Check form values of Mandatory form,
* should always be analog to /build/signup/signup.model.php !!
*
* @param unknown_type $vars
* @return unknown
*/
public function checkProfileForm(&$vars)
{
$errors = array();
if ($vars['BirthYear'] == 0 || $vars['BirthMonth'] == 0 || $vars['BirthDay'] == 0) {
$errors[] = 'SignupErrorInvalidBirthDate';
} else {
$res = $this->validateBirthdate($vars['BirthYear'] . '-' . $vars['BirthMonth'] . '-' . $vars['BirthDay']);
if ($res === self::DATE_INVALID) {
$errors[] = 'SignupErrorInvalidBirthDate';
}
if ($res === self::TOO_YOUNG) {
$errors[] = 'MembersErrorTooYoung';
}
}
if (empty($vars['gender']) || !in_array($vars['gender'], array('male', 'female', 'other'))) {
$errors[] = 'SignupErrorInvalidGender';
}
if (empty($vars['FirstName'])) {
$errors[] = 'SignupErrorInvalidFirstName';
}
if (empty($vars['LastName'])) {
$errors[] = 'SignupErrorInvalidLastName';
}
if ((empty($vars['Email']) || !PFunctions::isEmailAddress($vars['Email'])) && $vars['Email'] != 'cryptedhidden') {
$errors[] = 'SignupErrorInvalidEmail';
}
if (!empty($_FILES['profile_picture']['name']) && $_FILES['profile_picture']['error'] != UPLOAD_ERR_OK) {
switch ($_FILES['profile_picture']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
$errors[] = 'UploadedProfileImageTooBig';
break;
default:
$errors[] = 'ProfileImageUploadFailed';
break;
}
}
return $errors;
}
/**
* Index function
*
* Currently the index consists of following possible requests:
* register - registration form to page content
* confirm - confirmation redirect to signup
*
* @param void
*/
public function index($args = false)
{
// In case Signup is closed
if (isset($_SESSION['Param']->FeatureSignupClose) && $_SESSION['Param']->FeatureSignupClose == "Yes") {
return new SignupClosedPage();
}
/*
* Enable to check against DNS Blocklists
if (MOD_dnsblock::get()->checkRemoteIp()) {
return new SignupDNSBlockPage();
}
*/
$request = $args->request;
$model = new SignupModel();
if (isset($_SESSION['IdMember']) && !MOD_right::get()->hasRight('words')) {
if (!isset($_SESSION['Username'])) {
unset($_SESSION['IdMember']);
$page = new SignupProblemPage();
} else {
$this->redirect('members/' . $_SESSION['Username']);
}
} else {
switch (isset($request[1]) ? $request[1] : '') {
// copied from TB:
// checks e-mail address for validity and availability
case 'checkemail':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($_GET['email'])) {
echo '0';
PPHP::PExit();
}
if (!PFunctions::isEmailAddress($_GET['email'])) {
echo '0';
PPHP::PExit();
}
$users = $model->takeCareForNonUniqueEmailAddress($_GET['email']);
if ($users == '') {
echo "1";
} else {
echo "0";
}
PPHP::PExit();
break;
// copied from TB: rewiewed by JeanYves
// checks Username for validity and availability
// copied from TB: rewiewed by JeanYves
// checks Username for validity and availability
case 'checkhandle':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
echo '0';
PPHP::PExit();
}
if (!preg_match(User::HANDLE_PREGEXP, $request[2])) {
echo '0';
PPHP::PExit();
}
if (strpos($request[2], 'xn--') !== false) {
// Don't allow IDN-Prefixes
echo '0';
PPHP::PExit();
}
echo (bool) (!$model->UsernameInUse($request[2]));
PPHP::PExit();
break;
case 'getRegions':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
PPHP::PExit();
}
case 'terms':
MOD_log::get()->write("Viewing terms", "Signup");
// the termsandconditions popup
$page = new SignupTermsPopup();
break;
case 'privacy':
MOD_log::get()->write("Viewing privacy", "Signup");
$page = new SignupPrivacyPopup();
break;
case 'confirm':
// or give it a different name?
// this happens when you click the link in the confirmation email
if (!isset($request[2]) || !isset($request[3]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !$model->UsernameInUse($request[2]) || !preg_match('/^[a-f0-9]{16}$/', $request[3])) {
$error = 'InvalidLink';
} else {
$error = $model->confirmSignup($request[2], $request[3]);
}
$page = new SignupMailConfirmPage();
$page->error = $error;
break;
case 'resendmail':
// shown when clicking on the link in the MailToConfirm error message
$error = '';
if (!isset($request[2])) {
$error = 'InvalidLink';
} else {
$resent = $model->resendConfirmationMail($request[2]);
if ($resent !== true) {
$error = $resent;
}
}
$page = new SignupResentMailPage();
$page->error = $error;
break;
case 'finish':
$page = new SignupFinishPage();
break;
default:
$page = new SignupPage();
$page->step = isset($request[1]) && $request[1] ? $request[1] : '1';
$StrLog = "Entering Signup step: #" . $page->step;
MOD_log::get()->write($StrLog, "Signup");
$page->model = $model;
}
}
return $page;
}
</tr>
<tr align="left" >
<td class="label" ><?php
echo $words->get('ProfilePicture');
?>
:<br/><img src="members/avatar/<?php
echo $member->Username;
?>
?xs" title="Current picture" alt="Current picture" style="padding: 1em"/></td>
<td colspan="3" >
<label for="profile_picture"><?php
echo $words->get('uploadselectpicture');
?>
</label><br />
<span class="small"><?php
echo $words->get('Profile_UploadWarning', sprintf("%.1f MB", PFunctions::returnBytes(ini_get('upload_max_filesize')) / 1048576));
?>
</span><br /><br />
<input id="profile_picture" name="profile_picture" type="file" />
</td>
</tr>
<tr align="left" >
<td class="label" ><?php
echo $words->get('ProfileSummary');
?>
:</td>
<td colspan="3" >
<textarea name="ProfileSummary" id="ProfileSummary" class="long" cols="50" rows="6" ><?php
echo htmlentities($vars['ProfileSummary'], ENT_COMPAT, 'UTF-8');
?>
</textarea>
public function uploadProcess()
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
$vars =& PPostHandler::getVars($callbackId);
if (PPostHandler::isHandling()) {
$this->_model->uploadProcess($vars);
} else {
PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
return $callbackId;
}
}
public function editProcess()
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
return $this->_model->editProcess($callbackId);
} else {
PPostHandler::setCallback($callbackId, __CLASS__, __METHOD__);
return $callbackId;
}
}
$User = new APP_User();
$words = new MOD_words();
// This was quicly duplicated from the memberslist.php template, this imply om redudancies
if (!$volunteers) {
return $text['no_volunteers_yet'];
} else {
$request = PRequest::get()->request;
$requestStr = implode('/', $request);
$matches = array();
if (preg_match('%/=page(\\d+)%', $requestStr, $matches)) {
$page = $matches[1];
$requestStr = preg_replace('%/=page(\\d+)%', '', $requestStr);
} else {
$page = 1;
}
$p = PFunctions::paginate($volunteers, $page, $itemsPerPage = 15);
$volunteers = $p[0];
?>
<ul class="floatbox">
<?php
foreach ($volunteers as $member) {
$image = new MOD_images_Image('', $member->username);
echo '<a href="#"><li class="userpicbox float_left" style="cursor:pointer;" onclick="javascript: window.location.href = \'bw/member.php?cid=' . $member->username . '\'; return false"><a href="bw/member.php?cid=' . $member->username . '">' . MOD_layoutbits::PIC_50_50($member->username, '', $style = 'float_left framed') . '</a><p><a href="bw/member.php?cid=' . $member->username . '">' . $member->username . '</a>';
echo '<br /><span class="small">' . $member->city . '</span>';
echo $words->mTrad($member->VolComment, true);
echo "</p></li></a>";
}
?>
</ul>
<?php
$pages = $p[1];
$Gallery = new GalleryModel();
// Show the galleries/photosets
if ($galleries) {
$request = PRequest::get()->request;
$requestStr = implode('/', $request);
$matches = array();
if (preg_match('%/=page(\\d+)%', $requestStr, $matches)) {
$page = $matches[1];
$requestStr = preg_replace('%/=page(\\d+)%', '', $requestStr);
} else {
$page = 1;
}
if (!isset($itemsPerPage)) {
$itemsPerPage = 6;
}
$p = PFunctions::paginate($galleries, $page, $itemsPerPage);
$galleriesonpage = $p[0];
echo '<div class="floatbox">';
foreach ($galleriesonpage as $g) {
static $ii = 0;
$d = $Gallery->getLatestGalleryItem($g->id);
$s = $Gallery->getGalleryItems($g->id, 1);
$username = MOD_member::getUserHandle($g->user_id_foreign);
$this->myself = $this->loggedInMember && $username == $this->loggedInMember->Username;
$num_rows = $s ? $s : 0;
// Only show the galleries with pictures. The belonging user might see them anyway.
if ($d || $this->myself) {
?>
<div class="gallery_container float_left">
<a href="gallery/show/sets/<?php
echo $g->id;
echo $words->get('posts_tagged_with');
?>
: <em><?php
echo htmlentities($tag, ENT_COMPAT, 'utf-8');
?>
</em></h3>
<?php
$request = PRequest::get()->request;
$requestStr = implode('/', $request);
$matches = array();
if (preg_match('%/page(\\d+)%', $requestStr, $matches)) {
$page = $matches[1];
} else {
$page = 1;
}
$requestStr = preg_replace('%[/]page\\d+%', '', $requestStr);
// display matching tags and matching posts.
$postIt = $Blog->getTaggedPostsIt($tag, true);
$pages = PFunctions::paginate($postIt, $page);
$postIt = $pages[0];
$maxPage = $pages[2];
$pages = $pages[1];
$currentPage = $page;
foreach ($postIt as $blog) {
require 'blogitem.php';
}
$BlogView->pages($pages, $currentPage, $maxPage, $requestStr . '/page%d');
}
?>
</div>
/**
* Handles the post request of the forums search box
*/
public function searchProcess()
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
$this->parseRequest();
return $this->_model->searchProcess();
} else {
PPostHandler::setCallback($callbackId, __CLASS__, __METHOD__);
return $callbackId;
}
}
echo $postURL;
?>
" class="def-form" id="gallery-img-upload" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php
echo PFunctions::returnBytes(ini_get('upload_max_filesize'));
?>
"/>
<h4><?php
echo $words->getFormatted('Gallery_UploadInstruction');
?>
</h4>
<div class="notify"><?php
echo $words->getFormatted('Gallery_UploadWarning');
?>
<?php
printf("%.1f MB", PFunctions::returnBytes(ini_get('upload_max_filesize')) / 1048576);
?>
</div>
<div id="gallery-img-upload-files">
<div class="row">
<input type="file" name="gallery-file[]"/>
</div>
<div class="row">
<input type="file" name="gallery-file[]"/>
</div>
<div class="row">
<input type="file" name="gallery-file[]"/>
</div>
<div class="row">
<input type="file" name="gallery-file[]"/>
</div>
$layoutbits = new MOD_layoutbits();
$thumbsize = $this->thumbsize;
if ($statement) {
$request = PRequest::get()->request;
$requestStr = implode('/', $request);
$matches = array();
if (preg_match('%/=page(\\d+)%', $requestStr, $matches)) {
$page = $matches[1];
$requestStr = preg_replace('%/=page(\\d+)%', '', $requestStr);
} else {
$page = 1;
}
if (!isset($itemsPerPage)) {
$itemsPerPage = 12;
}
$p = PFunctions::paginate($statement, $page, $itemsPerPage);
$statement = $p[0];
echo '<div class="floatbox thumb_wrapper">';
foreach ($statement as $d) {
echo '
<div class="img thumb float_left size' . $thumbsize . '">
<a href="gallery/show/image/' . $d->id . '" id="image_link_' . $d->id . '"><img class="framed" src="gallery/thumbimg?id=' . $d->id . ($thumbsize ? '&t=' . $thumbsize : '') . '" alt="image" style="margin: 5px 0; float:none;" /></a>';
echo '<h4>';
$loggedmember = isset($this->model) ? $this->model->getLoggedInMember : $this->loggedInMember;
if ($loggedmember && $loggedmember->Username == $d->user_handle) {
echo '<input type="checkbox" class="input_check" name="imageId[]" onchange="highlightMe($(\'image_link_' . $d->id . '\'),this.checked);" value="' . $d->id . '"> ';
}
?>
<a href="gallery/show/image/<?php
echo $d->id;
?>
/**
* Displays blog posts in a given category.
*/
public function PostsByCategory($categoryId, $page = 1)
{
$catIt = $this->_model->getCategoryFromUserIt(false, $categoryId);
$cat = $catIt->fetch(PDB::FETCH_OBJ);
if (!$cat) {
echo '<p class="error">Category doesn`t exist</p>';
return false;
}
$title = $cat->name;
$blogIt = $this->_model->getRecentPostIt('', $categoryId);
$pages = PFunctions::paginate($blogIt, $page);
$blogIt = $pages[0];
$maxPage = $pages[2];
$pages = $pages[1];
$currentPage = $page;
require 'templates/allblogs.php';
$this->pages($pages, $currentPage, $maxPage, 'blog/page%d');
}
private function save()
{
if ($this->_callback && is_array($this->_callback)) {
foreach ($this->_callback as $key => $callback) {
if (!array_key_exists($key, $_POST)) {
continue;
}
foreach ($_POST as $k => $v) {
if (is_string($v)) {
$v = trim($v);
$v = stripslashes($v);
}
$this->_vars[$key][$k] = $v;
}
$this->_activeKey = $key;
$callback = $this->_callback[$key];
unset($this->_callback[$key]);
break;
}
$ret = false;
$db = PVars::getObj('config_rdbms');
$dao = PDB::get($db->dsn, $db->user, $db->password);
$c = new $callback[0]($dao);
$cbRet = call_user_func(array(&$c, $callback[1]));
if ($cbRet) {
$ret = $cbRet;
}
$_SESSION['PostHandler'] = serialize($this);
if ($ret) {
$ret = parse_url($ret);
$query = array();
if (isset($ret['query'])) {
parse_str($ret['query'], $query);
}
if (is_array($query) && array_key_exists(session_name(), $query)) {
continue;
}
$query[session_name()] = session_id();
$queries = array();
foreach ($query as $k => $q) {
$queries[] = $k . '=' . $q;
}
$ret['query'] = implode('&', $queries);
$ret = PFunctions::glueParsedUrl($ret);
session_write_close();
header('Location: ' . $ret);
PPHP::PExit();
}
return TRUE;
}
}
public function registerCallbackMethod($classname, $methodname, $mem_resend)
{
do {
$random_string = PFunctions::randomString(42);
$key_on_page = PFunctions::hex2base64(sha1($classname . $random_string . $methodname));
$key_in_table = PFunctions::hex2base64(sha1($key_on_page));
} while (isset($this->_registered_callbacks[$key_in_table]));
$this->_registered_callbacks[$key_in_table] = array('classname' => $classname, 'methodname' => $methodname, 'count' => 0, 'mem_resend' => new ReadWriteObject($mem_resend));
$secret_word = $this->getSecretWord();
$classname_crypt = PFunctions::hex2base64(sha1($classname . $secret_word));
$methodname_crypt = PFunctions::hex2base64(sha1($methodname . $secret_word));
return '
<input type="hidden" name="posthandler_callback_id" value="' . $key_on_page . '"/>
<input type="hidden" name="posthandler_callback_classname" value="' . $classname_crypt . '"/>
<input type="hidden" name="posthandler_callback_methodname" value="' . $methodname_crypt . '"/>';
}
/**
* Trying to parse all possible request types
*/
public static function parseRequest()
{
$c = PVars::getObj('config_request');
if (!$c) {
throw new PException('Config error!');
}
$req = @parse_url($_SERVER['REQUEST_URI']);
if (isset($req['query'])) {
unset($req['query']);
}
if (isset($req['fragment'])) {
unset($req['fragment']);
}
$req = PFunctions::glueParsedUrl($req);
$d = $_SERVER['SCRIPT_NAME'];
$d = dirname($d);
$p = strpos($req, $d);
if ($p !== false) {
$req = substr($req, $p + strlen($d));
}
if ($c->prefix) {
$p = strpos($req, $c->prefix);
if ($p !== false) {
$req = substr($req, $p + strlen($c->prefix));
}
}
if (substr($req, 0, 1) == '/') {
$req = substr($req, 1);
}
$req = explode('/', $req);
$newReq = array();
foreach ($req as $r) {
$r = rawurldecode($r);
// Ignore words with too low charactercodes (control characters etc)
$len = strlen($r);
for ($i = 0; $i < $len; $i++) {
$c = ord($r[$i]);
if ($c < 32) {
continue 2;
}
}
if (trim($r) != '') {
$newReq[] = $r;
}
}
return $newReq;
}
public function groupChangeProcess()
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
if (!($User = APP_User::login())) {
throw new PException('Access should not have been possible');
}
if ($User->hasRight('groupchange@user')) {
$vars =& PPostHandler::getVars();
$query = sprintf("UPDATE `user` SET `auth_id` = '%d' WHERE `id` = '%d'", $vars['newgroup'], $vars['userid']);
$this->dao->query($query);
} else {
throw new PException('Access should not have been possible');
}
} else {
PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
return $callbackId;
}
}
/**
* Index function
*
* Currently the index consists of following possible requests:
* checkemail - prints either "0" or "1" depending on e-mail validity
* checkhandle - like "checkemail" with user handle
* register - registration form to page content
*
* @param void
*/
public function index()
{
// index is called when http request = ./user
$request = PRequest::get()->request;
if (!isset($request[1])) {
$request[1] = '';
}
switch ($request[1]) {
case 'avatar':
PRequest::ignoreCurrentRequest();
if (!isset($request[2]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !($userId = $this->_model->handleInUse($request[2]))) {
PPHP::PExit();
}
$this->_view->avatar($userId);
break;
// checks e-mail address for validity and availability
// checks e-mail address for validity and availability
case 'checkemail':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($_GET['e'])) {
echo '0';
PPHP::PExit();
}
if (!PFunctions::isEmailAddress($_GET['e'])) {
echo '0';
PPHP::PExit();
}
echo (bool) (!$this->_model->emailInUse($_GET['e']));
PPHP::PExit();
break;
// checks handle for validity and availability
// checks handle for validity and availability
case 'checkhandle':
// ignore current request, so we can use the last request
PRequest::ignoreCurrentRequest();
if (!isset($request[2])) {
echo '0';
PPHP::PExit();
}
if (!preg_match(User::HANDLE_PREGEXP, $request[2])) {
echo '0';
PPHP::PExit();
}
if (strpos($request[2], 'xn--') !== false) {
// Don't allow IDN-Prefixes
echo '0';
PPHP::PExit();
}
echo (bool) (!$this->_model->handleInUse($request[2]));
PPHP::PExit();
break;
// confirms a registration
// confirms a registration
case 'confirm':
if (!isset($request[2]) || !isset($request[3]) || !preg_match(User::HANDLE_PREGEXP, $request[2]) || !$this->_model->handleInUse($request[2]) || !preg_match('/^[a-f0-9]{16}$/', $request[3])) {
$error = true;
} else {
if ($this->_model->confirmRegister($request[2], $request[3])) {
$error = false;
} else {
$error = true;
}
}
ob_start();
$this->_view->registerConfirm($error);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'find':
$res = $this->_model->find($_GET['q']);
ob_start();
$this->_view->searchResult($res);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'friends':
if (!($User = APP_User::login())) {
return false;
}
$friends = $this->_model->getFriends($User->getId());
ob_start();
$this->_view->friends($friends);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'logout':
$this->_model->logout();
header("Location: " . PVars::getObj('env')->baseuri);
break;
// waiting approval message
// waiting approval message
case 'waitingapproval':
// now the teaser content
ob_start();
$this->_view->ShowInfoMessage('', '');
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->teaserBar .= $str;
ob_end_clean();
// now the message content
ob_start();
$this->_view->ShowInfoMessage('WaitingForApprovalText', 'WaitingForApprovalTitle');
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'settings':
ob_start();
$this->_view->settingsForm();
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
case 'password':
ob_start();
$this->_view->customStyles();
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->addStyles .= $str;
ob_end_clean();
// now the teaser content
ob_start();
$this->_view->teaser();
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->teaserBar .= $str;
ob_end_clean();
// now the content on the right
ob_start();
$this->_view->rightContent();
$str = ob_get_contents();
$Page = PVars::getObj('page');
$Page->rContent .= $str;
ob_end_clean();
// main content
ob_start();
$this->_view->passwordForm();
$str = ob_get_contents();
$P = PVars::getObj('page');
$P->content .= $str;
ob_end_clean();
break;
default:
if (preg_match(User::HANDLE_PREGEXP, $request[1])) {
if (!isset($request[2])) {
$request[2] = '';
}
switch ($request[2]) {
case 'pic':
if (!($User = APP_User::login())) {
return false;
}
ob_start();
$picture = $this->_model->getPicture($request[1]);
$this->_view->picture($picture);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str;
break;
default:
// redirects to the old bw-based profile
header("Location: " . PVars::getObj('env')->baseuri . "bw/member.php?cid=" . $request[1]);
// disabled TB-based userpage for now
/* ob_start();
$this->_view->userPage($request[1]);
$str = ob_get_contents();
ob_end_clean();
$P = PVars::getObj('page');
$P->content .= $str; */
break;
}
}
}
}
/**
* Check form values of registration form,
* do some cautious corrections
*
* @param unknown_type $vars
* @return unknown
*/
public function checkRegistrationForm(&$vars)
{
$errors = array();
// geonameid
if (empty($vars['geonameid']) || empty($vars['countryname'])) {
$errors[] = 'SignupErrorProvideLocation';
unset($vars['geonameid']);
}
// username
if (!isset($vars['username']) || !preg_match(self::HANDLE_PREGEXP, $vars['username']) || strpos($vars['username'], 'xn--') !== false) {
$errors[] = 'SignupErrorWrongUsername';
} elseif ($this->UsernameInUse($vars['username'])) {
$errors[] = 'SignupErrorUsernameAlreadyTaken';
}
// email (e-mail duplicates in BW database *not* allowed (as of 1st May 2013, ticket ))
if (!isset($vars['email']) || !PFunctions::isEmailAddress($vars['email'])) {
$errors[] = 'SignupErrorInvalidEmail';
}
if (!isset($vars['emailcheck']) || strcmp($vars['email'], $vars['emailcheck']) != 0) {
$errors[] = 'SignupErrorEmailCheck';
}
$users = $this->takeCareForNonUniqueEmailAddress($vars['email']);
if ($users != '') {
$errors[] = 'SignupErrorEmailAddressAlreadyInUse';
}
// password
if (!isset($vars['password']) || !isset($vars['passwordcheck']) || strlen($vars['password']) < 6 || strcmp($vars['password'], $vars['passwordcheck']) != 0) {
$errors[] = 'SignupErrorPasswordCheck';
}
// accommodation
if (empty($vars['accommodation']) || $vars['accommodation'] != 'anytime' && $vars['accommodation'] != 'dependonrequest' && $vars['accommodation'] != 'neverask') {
$errors[] = 'SignupErrorProvideAccommodation';
}
if (!empty($vars['sweet'])) {
$errors[] = 'SignupErrorSomethingWentWrong';
}
// firstname, lastname
if (empty($vars['firstname']) || empty($vars['lastname'])) {
$errors[] = 'SignupErrorFullNameRequired';
}
// (skipped:) secondname
if (!isset($vars['mothertongue']) || $vars['mothertongue'] == -1) {
$errors[] = 'SignupErrorNoMotherTongue';
}
// gender
if (empty($vars['gender']) || $vars['gender'] != 'female' && $vars['gender'] != 'male' && $vars['gender'] != 'other') {
$errors[] = 'SignupErrorProvideGender';
}
// birthyear
$birthmonth = 12;
if (!empty($vars['birthmonth'])) {
$birthmonth = $vars['birthmonth'];
}
$birthday = 28;
// TODO: could sometimes be 29, 30, 31
if (!empty($vars['birthday'])) {
$birthday = $vars['birthday'];
}
if (empty($vars['birthyear']) || !checkdate($birthmonth, $birthday, $vars['birthyear'])) {
$errors[] = 'SignupErrorBirthDate';
} else {
$vars['iso_date'] = $vars['birthyear'] . "-" . $birthmonth . "-" . $birthday;
if ($this->ageValue($vars['iso_date']) < self::YOUNGEST_MEMBER) {
$errors[] = 'SignupErrorBirthDateToLow';
}
}
// (skipped:) birthmonth
// (skipped:) birthday
// (skipped:) age hidden
// terms
if (empty($vars['terms']) || !$vars['terms']) {
$errors[] = 'SignupMustacceptTerms';
// TODO: looks like a wrong case in "Accept"
}
return $errors;
}
<span class="float_right profile-edit-link">
<a href="/gallery/manage"><?php
echo $words->get('Edit');
?>
</a>
</span>
<?php
}
?>
<h3><?php
echo $words->get('GalleryTitleLatest');
?>
</h3>
<?php
// if the gallery is NOT empty, go show it
$p = PFunctions::paginate($statement, 1, $itemsPerPage = 8);
$statement = $p[0];
echo '<div class="floatbox">';
foreach ($statement as $d) {
echo '<a href="gallery/show/image/' . $d->id . '">' . '<img src="gallery/thumbimg?id=' . $d->id . '"' . ' alt="image"' . ' style="height: 50px; width: 50px; padding:2px;"/>' . '</a>';
}
echo '</div>';
?>
<p class="float_right">
<a href="gallery/show/user/<?php
echo $member->Username;
?>
/images" title="<?php
echo $words->getSilent('GalleryTitleLatest');
?>
">
