public function getAction($request, $db) { $talk_id = $this->getItemId($request); // verbosity $verbose = $this->getVerbosity($request); // pagination settings $start = $this->getStart($request); $resultsperpage = $this->getResultsPerPage($request); if (isset($request->url_elements[4])) { // sub elements if ($request->url_elements[4] == "comments") { $comment_mapper = new TalkCommentMapper($db, $request); $list = $comment_mapper->getCommentsByTalkId($talk_id, $resultsperpage, $start, $verbose); } } else { if ($talk_id) { $mapper = new TalkMapper($db, $request); $list = $mapper->getTalkById($talk_id, $verbose); } else { // listing makes no sense return false; } } return $list; }
/** * Create a talk * * This method creates a new talk after being called via the URL * "/events/[eventId]/talks" * * @param Request $request * @param PDO $db * * @throws Exception * @return array|bool */ public function createTalkAction(Request $request, PDO $db) { if (!isset($request->user_id)) { throw new Exception("You must be logged in to create data", 400); } $talk['event_id'] = $this->getItemId($request); if (empty($talk['event_id'])) { throw new Exception("POST expects a talk representation sent to a specific event URL", 400); } $event_mapper = new EventMapper($db, $request); $talk_mapper = new TalkMapper($db, $request); $talk_type_mapper = new TalkTypeMapper($db, $request); $is_admin = $event_mapper->thisUserHasAdminOn($talk['event_id']); if (!$is_admin) { throw new Exception("You do not have permission to add talks to this event", 400); } // get the event so we can get the timezone info $list = $event_mapper->getEventById($talk['event_id'], true); if (count($list['events']) == 0) { throw new Exception('Event not found', 404); } $event = $list['events'][0]; $talk['title'] = filter_var($request->getParameter('talk_title'), FILTER_SANITIZE_STRING); if (empty($talk['title'])) { throw new Exception("The talk title field is required", 400); } $talk['description'] = filter_var($request->getParameter('talk_description'), FILTER_SANITIZE_STRING); if (empty($talk['description'])) { throw new Exception("The talk description field is required", 400); } $talk['type'] = filter_var($request->getParameter('type', 'Talk'), FILTER_SANITIZE_STRING); $talk_types = $talk_type_mapper->getTalkTypesLookupList(); if (!array_key_exists($talk['type'], $talk_types)) { throw new Exception("The type '{$talk['type']}' is unknown", 400); } $talk['type_id'] = $talk_types[$talk['type']]; $start_date = filter_var($request->getParameter('start_date'), FILTER_SANITIZE_STRING); if (empty($start_date)) { throw new Exception("Please give the date and time of the talk", 400); } $tz = new DateTimeZone($event['tz_continent'] . '/' . $event['tz_place']); $talk['date'] = (new DateTime($start_date, $tz))->format('U'); $talk['language'] = filter_var($request->getParameter('language'), FILTER_SANITIZE_STRING); if (empty($talk['language'])) { // default to UK English $talk['language'] = 'English - UK'; } // When the language doesn't exist, the talk will not be found $language_mapper = new LanguageMapper($db, $request); if (!$language_mapper->isLanguageValid($talk['language'])) { throw new Exception("The language '{$talk['type']}' is unknown", 400); } $talk['duration'] = filter_var($request->getParameter('duration'), FILTER_SANITIZE_NUMBER_INT); if (empty($talk['duration'])) { $talk['duration'] = 60; } $talk['slides_link'] = filter_var($request->getParameter('slides_link'), FILTER_SANITIZE_URL); $talk['speakers'] = array_map(function ($speaker) { $speaker = filter_var($speaker, FILTER_SANITIZE_STRING); $speaker = trim($speaker); return $speaker; }, (array) $request->getParameter('speakers')); $new_id = $talk_mapper->createTalk($talk); // Update the cache count for the number of talks at this event $event_mapper->cacheTalkCount($talk['event_id']); $uri = $request->base . '/' . $request->version . '/talks/' . $new_id; header("Location: " . $uri, true, 201); $new_talk = $talk_mapper->getTalkById($new_id); return $new_talk; }
protected function getTalkById($db, $request, $talk_id, $verbose = false) { $mapper = new TalkMapper($db, $request); $list = $mapper->getTalkById($talk_id, $verbose); if (false === $list) { throw new Exception('Talk not found', 404); } return $list; }
public function postAction($request, $db) { if (!isset($request->user_id)) { throw new Exception("You must be logged in to create data", 400); } if (isset($request->url_elements[4])) { switch ($request->url_elements[4]) { case 'attending': // the body of this request is completely irrelevant // The logged in user *is* attending the event. Use DELETE to unattend $event_id = $this->getItemId($request); $event_mapper = new EventMapper($db, $request); $event_mapper->setUserAttendance($event_id, $request->user_id); header("Location: " . $request->base . $request->path_info, NULL, 201); return; case 'talks': $talk['event_id'] = $this->getItemId($request); if (empty($talk['event_id'])) { throw new Exception("POST expects a talk representation sent to a specific event URL", 400); } $event_mapper = new EventMapper($db, $request); $is_admin = $event_mapper->thisUserHasAdminOn($talk['event_id']); if (!$is_admin) { throw new Exception("You do not have permission to add talks to this event", 400); } // get the event so we can get the timezone info $list = $event_mapper->getEventById($talk['event_id'], true); if (count($list['events']) == 0) { throw new Exception('Event not found', 404); } $event = $list['events'][0]; $talk['title'] = filter_var($request->getParameter('talk_title'), FILTER_SANITIZE_STRING); if (empty($talk['title'])) { throw new Exception("The talk title field is required", 400); } $talk['description'] = filter_var($request->getParameter('talk_description'), FILTER_SANITIZE_STRING); if (empty($talk['description'])) { throw new Exception("The talk description field is required", 400); } $talk_types = array("Talk", "Social event", "Keynote", "Workshop", "Event related"); if ($request->getParameter("talk_type") && in_array($request->getParameter("talk_type"), $talk_types)) { $talk['talk_type'] = $request->getParameter("talk_type"); } else { $talk['talk_type'] = "Talk"; } $talk['language'] = filter_var($request->getParameter('language'), FILTER_SANITIZE_STRING); if (empty($talk['language'])) { // default to UK English $talk['language'] = 'English - UK'; } $start_date = $request->getParameter('start_date'); if (empty($start_date)) { throw new Exception("Please give the date and time of the talk", 400); } $tz = new DateTimeZone($event['tz_continent'] . '/' . $event['tz_place']); $start_date = new DateTime($request->getParameter("start_date"), $tz); $talk['date'] = $start_date->format('U'); $speakers = $request->getParameter('speakers'); if (is_array($speakers)) { foreach ($speakers as $speaker) { $talk['speakers'][] = filter_var($speaker, FILTER_SANITIZE_STRING); } } $talk_mapper = new TalkMapper($db, $request); $new_id = $talk_mapper->save($talk); // Update the cache count for the number of talks at this event $event_mapper->cacheTalkCount($talk['event_id']); header("Location: " . $request->base . $request->path_info . '/' . $new_id, NULL, 201); $new_talk = $talk_mapper->getTalkById($new_id); return $new_talk; default: throw new Exception("Operation not supported, sorry", 404); } } else { // Create a new event, pending unless user has privs // incoming data $event = array(); $errors = array(); $event['name'] = filter_var($request->getParameter("name"), FILTER_SANITIZE_STRING); if (empty($event['name'])) { $errors[] = "'name' is a required field"; } $event['description'] = filter_var($request->getParameter("description"), FILTER_SANITIZE_STRING); if (empty($event['description'])) { $errors[] = "'description' is a required field"; } $event['location'] = filter_var($request->getParameter("location"), FILTER_SANITIZE_STRING); if (empty($event['location'])) { $errors[] = "'location' is a required field (for virtual events, 'online' works)"; } $start_date = strtotime($request->getParameter("start_date")); $end_date = strtotime($request->getParameter("end_date")); if (!$start_date || !$end_date) { $errors[] = "Both 'start_date' and 'end_date' must be supplied in a recognised format"; } else { // if the dates are okay, sort out timezones $event['tz_continent'] = filter_var($request->getParameter("tz_continent"), FILTER_SANITIZE_STRING); $event['tz_place'] = filter_var($request->getParameter("tz_place"), FILTER_SANITIZE_STRING); try { // make the timezone, and read in times with respect to that $tz = new DateTimeZone($event['tz_continent'] . '/' . $event['tz_place']); $start_date = new DateTime($request->getParameter("start_date"), $tz); $end_date = new DateTime($request->getParameter("end_date"), $tz); $event['start_date'] = $start_date->format('U'); $event['end_date'] = $end_date->format('U'); } catch (Exception $e) { // the time zone isn't right $errors[] = "The fields 'tz_continent' and 'tz_place' must be supplied and valid (e.g. Europe and London)"; } } // optional fields - only check if we have no errors as we may need // access to $tz. if (!$errors) { $href = filter_var($request->getParameter("href"), FILTER_VALIDATE_URL); if ($href) { $event['href'] = $href; } $cfp_url = filter_var($request->getParameter("cfp_url"), FILTER_VALIDATE_URL); if ($cfp_url) { $event['cfp_url'] = $cfp_url; } $cfp_start_date = strtotime($request->getParameter("cfp_start_date")); if ($cfp_start_date) { $cfp_start_date = new DateTime($request->getParameter("cfp_start_date"), $tz); $event['cfp_start_date'] = $cfp_start_date->format('U'); } $cfp_end_date = strtotime($request->getParameter("cfp_end_date")); if ($cfp_end_date) { $cfp_end_date = new DateTime($request->getParameter("cfp_end_date"), $tz); $event['cfp_end_date'] = $cfp_end_date->format('U'); } $latitude = filter_var($request->getParameter("latitude"), FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION); if ($latitude) { $event['latitude'] = $latitude; } $longitude = filter_var($request->getParameter("longitude"), FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION); if ($longitude) { $event['longitude'] = $longitude; } $incoming_tag_list = $request->getParameter('tags'); if (is_array($incoming_tag_list)) { $tags = array_map(function ($tag) { $tag = filter_var($tag, FILTER_SANITIZE_STRING); $tag = trim($tag); $tag = strtolower($tag); return $tag; }, $incoming_tag_list); } } // How does it look? With no errors, we can proceed if ($errors) { throw new Exception(implode(". ", $errors), 400); } else { $user_mapper = new UserMapper($db, $request); $event_mapper = new EventMapper($db, $request); $event_owner = $user_mapper->getUserById($request->user_id); $event['contact_name'] = $event_owner['users'][0]['full_name']; // When a site admin creates an event, we want to approve it immediately $approveEventOnCreation = $user_mapper->isSiteAdmin($request->user_id); // Do we want to automatically approve when testing? if (isset($this->config['features']['allow_auto_approve_events']) && $this->config['features']['allow_auto_approve_events']) { if ($request->getParameter("auto_approve_event") == "true") { // The test suite sends this extra field, if we got // this far then this platform supports this $approveEventOnCreation = true; } } if ($approveEventOnCreation) { $event_id = $event_mapper->createEvent($event, true); // redirect to event listing header("Location: " . $request->base . $request->path_info . '/' . $event_id, NULL, 201); } else { $event_id = $event_mapper->createEvent($event); // set status to accepted; a pending event won't be visible header("Location: " . $request->base . $request->path_info, NULL, 202); } // now set the current user as host and attending $event_mapper->addUserAsHost($event_id, $request->user_id); $event_mapper->setUserAttendance($event_id, $request->user_id); if (isset($tags)) { $event_mapper->setTags($event_id, $tags); } // Send an email if we didn't auto-approve if (!$user_mapper->isSiteAdmin($request->user_id)) { $event = $event_mapper->getPendingEventById($event_id, true); $count = $event_mapper->getPendingEventsCount(); $recipients = $user_mapper->getSiteAdminEmails(); $emailService = new EventSubmissionEmailService($this->config, $recipients, $event, $count); $emailService->sendEmail(); } exit; } } }
/** * Edit a talk * * Edit talk after being called via the URL "/talks/[talkId]" * * @param Request $request * @param PDO $db * * @throws Exception * @return void */ public function editTalk(Request $request, PDO $db) { if (!isset($request->user_id)) { throw new Exception("You must be logged in to create data", 400); } $talk_id = $this->getItemId($request); $talk_mapper = new TalkMapper($db, $request); $talk = $talk_mapper->getTalkById($talk_id); if (!$talk) { throw new Exception("Talk not found", 404); } $is_admin = $talk_mapper->thisUserHasAdminOn($talk_id); $is_speaker = $talk_mapper->isUserASpeakerOnTalk($talk_id, $request->user_id); if (!($is_admin || $is_speaker)) { throw new Exception("You do not have permission to update this talk", 403); } // retrieve the talk data from the request $data = $this->getTalkDataFromRequest($db, $request, $talk->event_id); // edit the talk $talk_mapper->editTalk($data, $talk_id); header("Location: " . $request->base . $request->path_info, null, 204); exit; }
/** * Get a single talk * * @param PDO $db * @param Request $request * @param integer $talk_id * @param boolean $verbose * * @throws Exception if the talk is not found * * @return TalkModelCollection */ protected function getTalkById($db, $request, $talk_id) { $mapper = new TalkMapper($db, $request); $talk = $mapper->getTalkById($talk_id); if (false === $talk) { throw new Exception('Talk not found', 404); } return $talk; }
/** * Create a talk * * @param Request $request * @param PDO $db * * @throws Exception * @return array|bool */ public function createTalkAction(Request $request, PDO $db) { if (!isset($request->user_id)) { throw new Exception("You must be logged in to create data", 400); } $talk['event_id'] = $this->getItemId($request); if (empty($talk['event_id'])) { throw new Exception("POST expects a talk representation sent to a specific event URL", 400); } $event_mapper = new EventMapper($db, $request); $is_admin = $event_mapper->thisUserHasAdminOn($talk['event_id']); if (!$is_admin) { throw new Exception("You do not have permission to add talks to this event", 400); } // get the event so we can get the timezone info $list = $event_mapper->getEventById($talk['event_id'], true); if (count($list['events']) == 0) { throw new Exception('Event not found', 404); } $event = $list['events'][0]; $talk['title'] = filter_var($request->getParameter('talk_title'), FILTER_SANITIZE_STRING); if (empty($talk['title'])) { throw new Exception("The talk title field is required", 400); } $talk['description'] = filter_var($request->getParameter('talk_description'), FILTER_SANITIZE_STRING); if (empty($talk['description'])) { throw new Exception("The talk description field is required", 400); } $talk_types = array("Talk", "Social event", "Keynote", "Workshop", "Event related"); if ($request->getParameter("talk_type") && in_array($request->getParameter("talk_type"), $talk_types)) { $talk['talk_type'] = $request->getParameter("talk_type"); } else { $talk['talk_type'] = "Talk"; } $talk['language'] = filter_var($request->getParameter('language'), FILTER_SANITIZE_STRING); if (empty($talk['language'])) { // default to UK English $talk['language'] = 'English - UK'; } $start_date = $request->getParameter('start_date'); if (empty($start_date)) { throw new Exception("Please give the date and time of the talk", 400); } $tz = new DateTimeZone($event['tz_continent'] . '/' . $event['tz_place']); $start_date = new DateTime($request->getParameter("start_date"), $tz); $talk['date'] = $start_date->format('U'); $speakers = $request->getParameter('speakers'); if (is_array($speakers)) { foreach ($speakers as $speaker) { $talk['speakers'][] = filter_var($speaker, FILTER_SANITIZE_STRING); } } $talk_mapper = new TalkMapper($db, $request); $new_id = $talk_mapper->save($talk); // Update the cache count for the number of talks at this event $event_mapper->cacheTalkCount($talk['event_id']); header("Location: " . $request->base . $request->path_info . '/' . $new_id, null, 201); $new_talk = $talk_mapper->getTalkById($new_id); return $new_talk; }
public function postAction($request, $db) { if (!isset($request->user_id)) { throw new Exception("You must be logged in to create data", 400); } if (isset($request->url_elements[4])) { switch ($request->url_elements[4]) { case 'talks': $talk['event_id'] = $this->getItemId($request); if (empty($talk['event_id'])) { throw new Exception("POST expects a talk representation sent to a specific event URL", 400); } $event_mapper = new EventMapper($db, $request); $is_admin = $event_mapper->thisUserHasAdminOn($talk['event_id']); if (!$is_admin) { throw new Exception("You do not have permission to add talks to this event", 400); } $talk['title'] = filter_var($request->getParameter('talk_title'), FILTER_SANITIZE_STRING); if (empty($talk['title'])) { throw new Exception("The talk title field is required", 400); } $talk['description'] = filter_var($request->getParameter('talk_description'), FILTER_SANITIZE_STRING); if (empty($talk['description'])) { throw new Exception("The talk description field is required", 400); } $talk['language'] = filter_var($request->getParameter('language'), FILTER_SANITIZE_STRING); if (empty($talk['language'])) { // default to UK English $talk['language'] = 'English - UK'; } $talk['date'] = new DateTime($request->getParameter('start_date')); $speakers = $request->getParameter('speakers'); if (is_array($speakers)) { foreach ($speakers as $speaker) { $talk['speakers'][] = filter_var($speaker, FILTER_SANITIZE_STRING); } } $talk_mapper = new TalkMapper($db, $request); $new_id = $talk_mapper->save($talk); header("Location: " . $request->base . $request->path_info . '/' . $new_id, NULL, 201); $new_talk = $talk_mapper->getTalkById($new_id); return $new_talk; default: throw new Exception("Operation not supported, sorry", 404); } } else { throw new Exception("Operation not supported, sorry", 404); } }