static function editContest($contest, $data)
{
$data = Filter::filterArray($data);
$contest->edit($data);
$contestdao = new ContestDao();
return $contestdao->update($contest, Session::getUser());
}
static function editResource($resourceID, $data)
{
$resource = self::loadResource($resourceID);
$resource->edit($data);
$resourcedao = new ResourceDao();
return $resourcedao->update($resource, Session::getUser());
}
public function process()
{
global $db;
$sql = 'UPDATE users SET `group` = :group, email = :email, organization = :organizer, usernameSteam = :usernameSteam WHERE id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $this->getElementValue('uid'));
$stmt->bindValue(':email', $this->getElementValue('email'));
$stmt->bindValue(':usernameSteam', $this->getElementValue('usernameSteam'));
if (Session::getUser()->hasPriv('EDIT_USER')) {
$stmt->bindValue(':organizer', $this->getElementValue('organizer'));
$stmt->bindValue(':group', $this->getElementValue('group'));
$stmt->execute();
$newPassword = $this->getElementValue('password');
if (!empty($newPassword)) {
$this->changePassword($newPassword);
}
redirect('viewUser.php?id=' . $this->getElementValue('uid'), 'User edited.');
} else {
$user = $this->getUser();
$stmt->bindValue(':organizer', $user['organization']);
$stmt->bindValue(':group', $user['group']);
$stmt->execute();
Session::getUser()->getData('username', false);
redirect('account.php?', 'Updated profile');
}
}
public function process()
{
if (Session::isLoggedIn()) {
Session::getUser()->setData('location', $this->getElementValue('location'));
}
setcookie('mylocation', $this->getElementValue('location'));
}
public function process()
{
global $db;
$sql = 'INSERT INTO organizers (title, websiteUrl, published, blurb, created) VALUES (:title, :websiteUrl, :published, :blurb, :created) ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':title', $this->getElementValue('title'));
$stmt->bindValue(':websiteUrl', $this->getElementValue('websiteUrl'));
$stmt->bindValue(':blurb', $this->getElementValue('blurb'));
$stmt->bindValue(':created', date(DATE_ATOM));
if (Session::getUser()->hasPriv('CREATE_ORGANIZERS')) {
$stmt->bindValue(':published', 1);
$stmt->execute();
redirect('account.php', 'Organizer created.');
} else {
$stmt->bindValue(':published', 0);
$stmt->execute();
$sql = 'UPDATE users SET organization = :organization WHERE id = :userId LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':organization', $db->lastInsertId());
$stmt->bindValue(':userId', Session::getUser()->getId());
$stmt->execute();
// Refresh the cached organizer.
Session::getUser()->getData('organization', false);
redirect('account.php', 'Organizer assigned to you.');
}
}
function widget()
{
$user = Session::getUser();
if ($user) {
$this->data->user = $user;
$this->data->is_logged_in = true;
}
}
public static function INSERT()
{
$row = parent::INSERT();
$row->setContent(Document::INSERT());
$row->setComments(Comment::INSERT());
$row->setTimeCreation(time());
$row->setTimePublished(time() + 60 * 60 * 24 * 30);
$row->setAuthor(Session::getUser());
return $row;
}
public static function INSERT()
{
$row = parent::INSERT();
$row->setAuthor(Session::getUser());
$row->setTitle(Label::INSERT());
$row->setContent(SimpleText::INSERT());
$row->setCreation(time());
$row->setPublication(time() + 365 * 24 * 3600 * 3);
return $row;
}
public static function INSERT()
{
$row = parent::INSERT();
$row->setTimeCreation(time());
$row->setAuthor(Session::getUser());
// Insert a demo post:
$post = $row->newPost();
$post->setTitle('Demo');
return $row;
}
/**
* Modifica un post "semplice".
*
* @param data: array associativo contenente i dati.
* Le chiavi ricercate dal sistema per questo array sono:
* title: titolo del post (string filtrata)
* subtitle: sottotitolo del post (string filtrata)
* headline: occhiello del post (string filtrata)
* tags: array di oggetti Tag
* categories: array di oggetti Category
* content: il testo di un articolo (filtrato), l'indirizzo del videoreportage o l'elenco di indirizzi di foto di un fotoreportage
* visibile: indica la visibilità dell'articolo se non visibile è da considerare come una bozza (boolean)
*
* @return: l'articolo modificato.
*/
static function editPost($post, $data)
{
if (isset($data["ID"])) {
unset($data["ID"]);
}
$data = Filter::filterArray($data);
$p->edit($data);
$postdao = new PostDao();
$post = $postdao->update($p, Session::getUser());
return $post;
}
public function process()
{
global $db;
$sql = 'INSERT INTO organization_join_requests (user, organizer, comments) VALUES (:user, :organization, :comments) ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':user', Session::getUser()->getId());
$stmt->bindValue(':organization', $this->getElementValue('organization'));
$stmt->bindValue(':comments', $this->getElementValue('comments'));
$stmt->execute();
redirect('account.php', 'Thanks, your request to join will be approved or denied as quickly as possible!');
}
public static function logout()
{
if (!Session::getUser()) {
Session::deleteSessionCookie();
return;
}
$token = Session::getSessionCookie();
$session = UserSession::findByToken($token);
$session->expired = 1;
$session->save();
Session::deleteSessionCookie();
}
function onOpen() {
$role = $this->getAttribute('role');
if($u = Session::getUser()) {
if($role) {
return $u->isRole($role) ? HTMLTag::PROCESS_BODY : HTMLTag::SKIP_BODY;
} else {
return HTMLTag::PROCESS_BODY;
}
} else {
return HTMLTag::SKIP_BODY;
}
}
function mostrarTodos()
{
$sesion = new Session();
$user = $sesion->getUser();
$arra2 = unserialize(file_get_contents("canciones/archivo.txt"));
foreach ($arra2 as $key => $valor) {
if ($arra2[$key]["privado"] == "ON" && $user != $arra2[$key]["user"]) {
//No muestra los videos privados de otros users.
} else {
echo '<img src="canciones/' . $key . '/' . $arra2[$key]["imagen"] . '"/>';
$cancion = new Cancion($arra2[$key]["user"], $key, $arra2[$key]["genero"], $arra2[$key]["audio"], $arra2[$key]["imagen"], $arra2[$key]["privado"]);
$sesion->set($key, $cancion);
echo "<a href=\"escuchar.php?c={$key}\">Escuchar</a>";
}
}
}
function applicationLayout()
{
$r = getRenderer();
$form = new Form(array('controller' => 'Company', 'action' => 'show', 'method' => 'get', 'title' => 'getName', 'auto_submit' => array('id')));
$f = $r->classSelect('Company', array('title' => 'Jump to Client', 'id' => 'client_quicksearch', 'name' => 'id'));
$form->content = $f;
$client_search_form = $form->html;
$bookmark_widget = $r->view('bookmarkWidget', array());
$hour_widget = $r->view('hourWidget', array());
if (Session::sessionExists()) {
$bookmarks = Session::getUser()->getBookmarks();
$bookmark_list = $r->view('bookmarkTable', $bookmarks);
} else {
$bookmark_list = '';
}
return array('client_quicksearch' => $client_search_form, 'bookmark' => $bookmark_widget, 'bookmark_list' => $bookmark_list, 'hour_widget' => $hour_widget);
}
public function process()
{
global $db;
$sql = 'INSERT INTO venues (title, lat, lng, organizer, country) VALUES (:title, :lat, :lng, :organizer, :country) ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':title', $this->getElementValue('title'));
$stmt->bindValue(':lat', $this->getElementValue('lat'));
$stmt->bindValue(':lng', $this->getElementValue('lng'));
$stmt->bindValue(':country', $this->getElementValue('country'));
if (Session::hasPriv('NEW_VENUE')) {
$stmt->bindValue(':organizer', $this->getElementValue('organizer'));
} else {
$stmt->bindValue('organizer', Session::getUser()->getData('organization'));
}
$stmt->execute();
Logger::messageDebug('Venue ' . $this->getElementValue('title') . ' created by: ' . Session::getUser()->getUsername(), LocalEventType::CREATE_VENUE);
redirect('account.php', 'Venue created.');
}
public function __construct()
{
parent::__construct('formEditVenue', 'Edit Venue');
$venue = $this->getVenue();
if (Session::getUser()->getData('organization') != $venue['organizer']) {
Session::requirePriv('EDIT_VENUE');
}
$this->addElement(Element::factory('hidden', 'id', null, $venue['id']));
$this->addElement(Element::factory('text', 'title', 'Title', $venue['title']));
$this->addElement(Element::factory('text', 'lat', 'Lat', $venue['lat']));
$this->getElement('lat')->setMinMaxLengths(1, 10);
$this->addElement(Element::factory('text', 'lng', 'Lng', $venue['lng']));
$this->getElement('lng')->setMinMaxLengths(1, 10);
$this->addElement(FormHelpers::getElementCountry($venue['country']));
$this->addElement(FormHelpers::getOrganizerList());
$this->getElement('organizer')->setValue($venue['organizer']);
$this->addButtons(Form::BTN_SUBMIT);
}
function fetchEventsFromOrganizerId($id)
{
global $db;
if (Session::isLoggedIn() && (Session::getUser()->hasPriv('SUPERUSER') || Session::getUser()->getData('organization') == $id)) {
$sql = 'SELECT e.id, e.title, e.dateStart, e.dateFinish, e.published FROM events e WHERE e.organizer = :id ORDER BY e.dateStart';
} else {
$sql = 'SELECT e.id, e.title, e.dateStart, e.dateFinish, e.published FROM events e WHERE e.organizer = :id AND e.published = 1 ORDER BY e.dateStart';
}
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $id);
$stmt->execute();
$events = array();
foreach ($stmt->fetchAll() as $event) {
$event['dtStart'] = date('Y-m-d', strtotime($event['dateStart']));
$event['dtFinish'] = date('Y-m-d', strtotime($event['dateFinish']));
$events[] = $event;
}
return $events;
}
private static function doLogin()
{
$bd = new BaseDatos();
$email = Request::req("email");
$clave = Request::req("clave");
$template = new Template();
$sesion = new Session();
$modelo = new ManageUser($bd);
$usuario = $modelo->get($email);
$sesion->setUser($usuario);
$error = $template->getContents("../_plantilla1/_error.html");
$datos = array("tipo" => "BAD LOGIN", "detalles" => "No se logueo correctamente");
if (isset($usuario) && $clave == $sesion->getUser()->getClave()) {
header("Location: ../artista/index.php");
} else {
$sesion->destroy();
$bd->close();
echo $error = $template->insertTemplate($error, $datos);
}
}
/**
* Para insertar un nuevo registro, debo pasar la ruta de
* un archivo (puede ser de un archivo local o uno remoto con http://...)
*/
public static function INSERT($file_path, $mime)
{
$hash = md5_file($file_path);
$list = File::SELECT("Hash='" . Database::escape($hash) . "'");
if (count($list)) {
$file = $list[0];
$file->_setCounter($file->getCounter() + 1);
} else {
$file = parent::INSERT();
$file->_setMime($mime);
$file->_setHash($hash);
$file->_setSize(filesize($file_path));
$file->_setCounter(1);
$file->setUser(Session::getUser());
$file->setTimestamp(time());
Rack::Write('file', md5($file->ID()), $file_path);
$file->updateSearchIndex();
}
return $file;
}
public function process()
{
global $db;
$sql = 'INSERT INTO events (title, dateStart, dateFinish, organizer, venue, published, website, createdDate, createdBy) VALUES (:title, :dateStart, :dateFinish, :organizer, :venue, :published, :website, :createdDate, :createdBy)';
$stmt = $db->prepare($sql);
$stmt->bindValue(':title', $this->getElementValue('title'));
$stmt->bindValue(':dateStart', $this->getElementValue('dateStart'));
$stmt->bindValue(':dateFinish', $this->getElementValue('dateFinish'));
$stmt->bindValue(':website', $this->getElementValue('eventWebsite'));
$stmt->bindValue(':createdDate', date(DATE_ATOM));
$stmt->bindValue(':createdBy', Session::getUser()->getId());
if (Session::getUser()->hasPriv('CREATE_EVENTS')) {
$this->addElement(Element::factory('html', 'msg', null, 'Hi superuser.'));
$stmt->bindValue(':organizer', $this->getElementValue('organizer'));
$stmt->bindValue(':published', 1);
$stmt->bindValue(':venue', $this->getElementValue('venue'));
} else {
if (Session::getUser()->getData('organization') != null) {
$stmt->bindValue(':venue', $this->getElementValue('venue'));
$organizer = fetchOrganizer(Session::getUser()->getData('organization'));
if ($organizer['published']) {
$this->addElement(Element::factory('html', 'msg', null, 'You are authorized to create public events for your organization.'));
$stmt->bindValue(':organizer', $organizer['id']);
$stmt->bindValue(':published', 1);
} else {
$this->addElement(Element::factory('html', 'msg', null, 'Your event will be linked to your organization, but will not be public until your organization has been approved.'));
$stmt->bindValue(':organizer', $organizer['id']);
$stmt->bindValue(':published', 0);
}
} else {
$this->addElement(Element::factory('html', 'msg', null, 'You can create events, but they will not appear in public lists until approved.'));
$stmt->bindValue(':organizer', '');
$stmt->bindValue(':published', 0);
$stmt->bindValue(':venue', '');
}
}
$stmt->execute();
$eventId = $db->lastInsertId();
Logger::messageDebug('Event ' . $this->getElementValue('title') . ' created by: ' . Session::getUser()->getUsername(), LocalEventType::CREATE_EVENT);
redirect('viewEvent.php?id=' . $eventId, 'Event created.');
}
public function process()
{
global $db;
$sql = 'UPDATE organizers SET published = :published, title = :title, websiteUrl = :websiteUrl, assumedStale = :assumedStale, steamGroupUrl = :steamGroupUrl, blurb = :blurb WHERE id = :id LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $this->getElementValue('id'));
$stmt->bindValue(':title', $this->getElementValue('title'));
$stmt->bindValue(':websiteUrl', $this->getElementValue('websiteUrl'));
$stmt->bindValue(':assumedStale', $this->getElementValue('assumedStale'));
$stmt->bindValue(':steamGroupUrl', $this->getElementValue('steamGroupUrl'));
$stmt->bindValue(':blurb', $this->getElementValue('blurb'));
if (Session::getUser()->hasPriv('PUBLISH_ORGANIZERS')) {
$stmt->bindValue(':published', $this->getElementValue('published'));
} else {
$stmt->bindValue(':published', 0);
}
$stmt->execute();
$this->getElement('banner')->savePng();
Logger::messageDebug('Organizer ' . $this->getElementValue('title') . ' (' . $this->getElementValue('id') . ') edited by: ' . Session::getUser()->getUsername(), LocalEventType::EDIT_ORGANIZER);
redirect('viewOrganizer.php?id=' . $this->getElementValue('id'), 'Organizer updated.');
}
/**
* @test
*/
public function shouldGetLoggedOnUser()
{
// given
if (Session::getInstance()->isSignedIn()) {
Session::getInstance()->signOut();
}
$username = '******';
$password = '******';
$this->createUser($username, $password);
// when
$login = new Session();
$login->signIn(array('username' => $username, 'password' => md5($password)));
$this->mockCookie($login->getKey());
$user = $login->getUser();
// then
$this->assertNotNull($user);
$this->assertEquals(2, $user->getId());
$this->assertEquals("username", $user->getUsername());
$player = new CurrentPlayer();
$this->assertEquals($user->getValues(), $player->getValues());
}
private function createFromDBRow($row)
{
$r = new Resource($row[DB::RESOURCE_OWNER], $row[DB::RESOURCE_PATH], $row[DB::RESOURCE_TYPE]);
$r->setID($row[DB::RESOURCE_ID]);
$r->setDescription($row[DB::RESOURCE_DESCRIPTION])->setCreationDate($row[DB::RESOURCE_CREATION_DATE])->setTags($row[DB::RESOURCE_TAGS]);
if (!is_null($row[DB::RESOURCE_MODIFICATION_DATE])) {
$mod = $row[DB::RESOURCE_MODIFICATION_DATE];
} else {
$mod = $row[DB::RESOURCE_CREATION_DATE];
}
$r->setModificationDate(date_timestamp_get(date_create_from_format("Y-m-d G:i:s", $mod)));
//setto lo stato
$r->setEditable($row[DB::EDITABLE])->setRemovable($row[DB::REMOVABLE]);
$r->setBlackContent($row[DB::BLACK_CONTENT])->setRedContent($row[DB::RED_CONTENT])->setYellowContent($row[DB::YELLOW_CONTENT])->setAutoBlackContent($row[DB::AUTO_BLACK_CONTENT]);
$user = Session::getUser();
if ($this->loadReports && AuthorizationManager::canUserDo(AuthorizationManager::READ_REPORTS, $r)) {
require_once 'dao/ReportDao.php';
$reportDao = new ReportDao();
$reportDao->loadAll($r);
}
//$r->setAccessCount($this->getAccessCount($r));
return $r;
}
public function drawAnswers()
{
$classname = 'foro-elem';
if (Session::isLoggedIn() && $this->getUser()->getId() == Session::getUser()->getId()) {
$classname .= ' foro-elem-user';
}
echo '<div class="' . $classname . '" id="q' . $this->getId() . '">';
$date = $this->getTimestamp();
echo '<div class="fecha" title="Hora: ' . date('H', $date) . ':' . date('i', $date) . '">';
echo '<div class="dia">' . date('d', $date) . '</div>';
echo '<div class="mes">' . date('M', $date) . '</div>';
echo '<div class="ano">' . date('Y', $date) . '</div>';
echo '</div>';
echo '<div class="botones margen">';
echo '<button id="answer-button1-' . $this->getId() . '" class="shadow-button shadow-button-blue" onclick="botonResponderClick(\'' . $this->getId() . '\'); this.style.display=\'none\'">Responder</button>';
echo '</div>';
echo '<div class="margen texto">';
echo '<div class="pie">';
$autor = $this->getUser();
if ($autor != null) {
echo '<div class="autor">por <em>' . htmlentities($this->getUser()->getName(), ENT_COMPAT, 'utf-8') . '</em></div>';
}
// TODO: Contar y escribir comentarios:
echo '<div class="comentarios">' . $this->getNumResponses() . ' respuestas</div>';
echo '</div>';
echo Lib::colorizeHTML($this->getText());
echo '</div>';
echo '<div id="answer' . $this->getId() . '" class="margen" style="background-color:silver; display:none;">fasdfasfdffdfdfdfafsd';
echo '</div>';
echo '</div>';
echo '<div id="hijos' . $this->getId() . '" class="foro-hijos">';
$hijos = $this->getResponses();
foreach ($hijos as $h) {
$h->drawAnswers();
}
echo '</div>';
}
}
//include all helper functions
$folder = $includesDir . "/helpers";
$files = scandir($folder);
foreach ($files as $filename) {
if ($filename != "." && $filename != "..") {
if (strpos($filename, '.php') !== false) {
require $folder . "/" . $filename;
}
}
}
/* initialize the session object */
$session = new Session();
/* then initialize the user object if we have a user token */
if ($script != '/pages/user/logout.php' && $script != '/index.php') {
if ($session->getUser() || $session->logged_in == 1) {
$userToken = $session->getUser();
$user = new User($userToken, $db);
}
}
// before we do anything, if the user isn't logged in, let's redirect them to the index page (if they are NOT actually trying to log in at this moment
if (!$post && !$ajax) {
if ($script == '/index.php') {
//do nothing
} elseif ($session->logged_in != 1) {
redirect("/index.php");
} elseif ($session->logged_in == 1) {
//do nothing, we're logged in and on the page
}
}
/* initialize some variables */
<?php
require '../classes/AutoLoad.php';
$db = new DataBase();
$userManager = new ManageUser($db);
$sesion = new Session();
$email = Request::post("email");
$usuario = $userManager->get($sesion->getUser());
$oldmail = $usuario->getEmail();
$usuario->setEmail($email);
$usuario->setAlias(explode("@", $email)[0]);
$usuario->setAlive(0);
$userManager->setEmail($usuario, $oldmail);
$sesion->destroy();
$sesion->sendRedirect("../emailactivation.php?email=" . $email);
<script src="../js/custom.js"></script>
<!-- Graph JavaScript -->
<script src="../js/d3.v3.js"></script>
<script src="../js/rickshaw.js"></script>
</head>
<body>
<div id="wrapper">
<?php
include '../paginas/nav.php';
?>
<div id="page-wrapper">
<div class="graphs">
<div class="col_3">
<div class="col-md-3 widget widget1">
<span><h3><i class="fa fa-user"> </i>Usuario: <?php
echo $sesion->getUser()->getAlias();
?>
</h3></span>
</div>
<div class="tab-pane active" id="horizontal-form">
<form class="form-horizontal" method="post" action="phppassword.php">
<div class="form-group"></div>
<div class="form-group">
<label for="inputPassword" class="col-sm-2 control-label">Clave</label>
<div class="col-sm-8">
<input type="password" name="clave1" value="<?php
echo $sesion->getUser()->getClave();
?>
" class="form-control1" id="inputPassword" placeholder="Password">
</div>
</div>
static function showProfile($user)
{
$my_profile = false;
if (is_a($u = Session::getUser(), "User")) {
$my_profile = $u->getID() == $user->getID();
}
?>
<div class="userProfile" id="<?php
echo $user->getID();
?>
">
<div class="user_avatar">Avatar: <?php
echo Filter::decodeFilteredText($user->getAvatar());
?>
</div>
<div class="user_nickname">Nickname: <?php
echo Filter::decodeFilteredText($user->getNickname());
?>
</div>
<div class="user_name">Name: <?php
echo Filter::decodeFilteredText($user->getName());
?>
</div>
<div class="user_surname">Surname: <?php
echo Filter::decodeFilteredText($user->getSurname());
?>
</div>
<div class="user_birthday">Birthday: <?php
echo date('d-m-Y', $user->getBirthday());
?>
</div>
<div class="user_birthplace">Birthplace: <?php
echo Filter::decodeFilteredText($user->getBirthplace());
?>
<!-- TODO: geolocate --></div>
<div class="user_email">Email: <?php
echo Filter::decodeFilteredText($user->getEMail());
?>
</div>
<div class="user_gender">Gender: <?php
if ($user->getGender() == "m") {
echo 'Male';
} else {
echo 'Female';
}
?>
</div>
<div class="user_hobbies">Hobbies: <?php
echo $user->getHobbies();
?>
</div>
<div class="user_job">Job: <?php
echo Filter::decodeFilteredText($user->getJob());
?>
</div>
<div class="user_livingPlace">Living Place: <?php
echo Filter::decodeFilteredText($user->getLivingPlace());
?>
<!-- TODO: geolocate --></div>
</div>
<?php
}
<?php
require '../clases/AutoCarga.php';
$bd = new DataBase();
$gestor = new ManageUsuario($bd);
$sesion = new Session();
/*
* Comprobación del tipo de usuario que sea para llevarlo a su página
*/
$usuario = $sesion->getUser();
$admin = $usuario->getAdministrador();
$personal = $usuario->getPersonal();
$activo = $usuario->getActivo();
if ($admin == 1 && $personal == 0 && $activo == 1 || $admin == 1 && $personal == 1 && $activo == 1) {
$sesion->sendRedirect("adminProfile.php");
} else {
if ($admin == 0 && $personal == 1 && $activo == 1) {
$sesion->sendRedirect("personalProfile.php");
} else {
if ($admin == 0 && $personal == 0 && $activo == 1) {
$sesion->sendRedirect("userProfile.php");
} else {
if ($activo == 0) {
$sesion->sendRedirect("noActivated.html");
}
}
}
}
