function execute($params) { $action = $params->action; // intval() returns the integer value of var // on success, or 0 on failure $followerId = intval($params->followerId); $followingId = intval($params->followingId); if (empty($followerId) || empty($followingId) || empty($action)) { $message = "Bad input: missing required parameters."; $response = array("code" => 500, "message" => $message); return $response; } $userDao = new \com\indigloo\sc\dao\User(); $followingDBRow = $userDao->getOnLoginId($followingId); $followingName = $followingDBRow['name']; $followerDBRow = $userDao->getOnLoginId($followerId); $followerName = $followerDBRow['name']; $socialGraphDao = new \com\indigloo\sc\dao\SocialGraph(); $message = ""; $code = 200; switch ($action) { case UIConstants::FOLLOW_USER: $socialGraphDao->follow($followerId, $followerName, $followingId, $followingName); $message = sprintf("Success! You are following %s ", $followingName); break; case UIConstants::UNFOLLOW_USER: $socialGraphDao->unfollow($followerId, $followingId); $message = sprintf("Success! You are no longer following %s ", $followingName); break; default: break; } $response = array("code" => $code, "message" => $message); return $response; }
function process($params, $options) { if (is_null($params) || empty($params)) { $controller = new \com\indigloo\sc\controller\Http400(); $controller->process(); exit; } $plistId = Util::getArrayKey($params, "list_id"); $listId = PseudoId::decode($plistId); $qparams = Url::getRequestQueryParams(); $gpage = Url::tryQueryParam("gpage"); $gpage = empty($gpage) ? "1" : $gpage; //@todo input check // people can type all sort of input garbage settype($listId, "int"); $listDao = new \com\indigloo\sc\dao\Lists(); $listDBRow = $listDao->getOnId($listId); if (empty($listDBRow)) { //not found $controller = new \com\indigloo\sc\controller\Http404(); $controller->process(); exit; } $listName = $listDBRow["name"]; $listPubUrl = sprintf("%s/pub/list/%d/%s", Url::base(), $plistId, $listDBRow["seo_name"]); //get items from sc_list_item table $model = new \com\indigloo\sc\model\ListItem(); $filter = new Filter($model); $filter->add($model::LIST_ID, Filter::EQ, $listId); $pageSize = Config::getInstance()->get_value("user.page.items"); $filters = array(); array_push($filters, $filter); $paginator = new \com\indigloo\ui\Pagination($qparams, $pageSize); $itemDBRows = $listDao->getPagedItems($paginator, $filters); $loginId = $listDBRow["login_id"]; $userDao = new \com\indigloo\sc\dao\User(); $userDBRow = $userDao->getOnLoginId($loginId); $template = APP_WEB_DIR . '/view/list/pub.php'; //page variables $pageBaseUrl = $listPubUrl; $pageTitle = sprintf("page %d of %s", $gpage, $listDBRow["name"]); $description = Util::abbreviate($listDBRow["description"], 160); $metaDescription = SeoData::thisOrHomeDescription($description); $metaKeywords = SeoData::getHomeMetaKeywords(); include $template; }
static function startOAuth2Session($loginId, $provider) { // get denorm data on login from $userDao // the data in sc_user is for first time creation only // and denorm columns like name etc. can be stale in sc_user $userDao = new \com\indigloo\sc\dao\User(); $userDBRow = $userDao->getOnLoginId($loginId); // is banned? $ban_bit = $userDBRow["bu_bit"]; settype($ban_bit, "integer"); if ($ban_bit == 1) { //donot start session return self::FORBIDDEN_CODE; } //start session $_SESSION[self::LOGIN_ID] = $loginId; $_SESSION[self::NAME] = $userDBRow["name"]; $_SESSION[self::PROVIDER] = $provider; $_SESSION[self::TOKEN] = Util::getBase36GUID(); // complete any pending session action. self::completeSessionAction($loginId, $userDBRow["name"], $provider); return self::OK_CODE; }
include APP_WEB_DIR . '/inc/header.inc'; include APP_WEB_DIR . '/inc/role/user.inc'; use com\indigloo\Util; use com\indigloo\Url; use com\indigloo\ui\form\Sticky; use com\indigloo\Constants; use com\indigloo\ui\form\Message as FormMessage; use com\indigloo\sc\auth\Login; use com\indigloo\exception\UIException; $gSessionLogin = Login::getLoginInSession(); $loginId = $gSessionLogin->id; if (strcmp($gSessionLogin->provider, Login::MIK) != 0) { $message = "change password only works for 3mik logins!"; throw new UIException(array($message)); } $userDao = new \com\indigloo\sc\dao\User(); $userDBRow = $userDao->getonLoginId($loginId); //tokens for use in next screen $ftoken = Util::getMD5GUID(); $email = $userDBRow["email"]; $femail = Util::encrypt($email); $gWeb = \com\indigloo\core\Web::getInstance(); $gWeb->store("change.password.email", $femail); $gWeb->store("change.password.token", $ftoken); $title = $userDBRow["email"]; $qUrl = base64_encode(Url::current()); $fUrl = Url::current(); $submitUrl = "/user/account/form/change-password.php"; ?> <!DOCTYPE html>
use com\indigloo\Util; use com\indigloo\Url; use com\indigloo\Configuration as Config; use com\indigloo\ui\Filter; use com\indigloo\sc\redis; use com\indigloo\sc\util\Nest; use com\indigloo\sc\util\PseudoId; $qparams = Url::getRequestQueryParams(); $redis = new redis\Activity(); $tab = isset($qparams["tab"]) ? $qparams["tab"] : 1; settype($tab, "integer"); $sortVariable = "followers"; $pageSize = 25; $paginator = new \com\indigloo\ui\Pagination($qparams, $pageSize); $baseURI = "/monitor/analytic/users.php"; $userDao = new \com\indigloo\sc\dao\User(); switch ($tab) { case 1: $sortVariable = "followers"; break; case 2: $sortVariable = "likes"; break; case 3: $sortVariable = "comments"; break; case 4: $sortVariable = "posts"; break; case 5: $sortVariable = "followings";
use com\indigloo\Constants; use com\indigloo\exception\UIException; use com\indigloo\sc\auth\Login; if (isset($_POST['save']) && $_POST['save'] == 'Save') { $gWeb = \com\indigloo\core\Web::getInstance(); $fvalues = array(); $fUrl = \com\indigloo\Url::tryFormUrl("fUrl"); try { $fhandler = new Form\Handler('web-form-1', $_POST); $fhandler->addRule('first_name', 'First Name', array('required' => 1, 'maxlength' => 32)); $fhandler->addRule('last_name', 'Last Name', array('required' => 1, 'maxlength' => 32)); $fhandler->addRule('email', 'Email', array('required' => 1, 'maxlength' => 64)); $fhandler->addRule('qUrl', 'qUrl', array('required' => 1, 'rawData' => 1)); $fvalues = $fhandler->getValues(); //decode q param to use in redirect $qUrl = base64_decode($fvalues['qUrl']); if ($fhandler->hasErrors()) { throw new UIException($fhandler->getErrors()); } $loginId = Login::getLoginIdInSession(); $userDao = new \com\indigloo\sc\dao\User(); $userDao->update($loginId, $fvalues['first_name'], $fvalues['last_name'], $fvalues['nick_name'], $fvalues['email'], $fvalues['website'], $fvalues['blog'], $fvalues['location'], $fvalues['age'], $fvalues['photo_url'], $fvalues['about_me']); //success header("Location: " . $qUrl); } catch (UIException $ex) { $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_ERRORS, $ex->getMessages()); header("Location: " . $fUrl); exit(1); } }
function sendMail($row, $feed) { // determine if we want to send mail for this feed // #1 - who is the target for this mail? // the guy who is the "owner", e.g when I create a post // and you LIKE it, I should get a notification. // so "owner of entity" is the target of our mails. // if X created a post and Y liked it then X gets a mail // if Z likes the same post then also only X gets a mail // Y will not receive a mail. $verb = $row["verb"]; $ownerId = $row["owner_id"]; if ($verb == AppConstants::FOLLOW_VERB) { //mail target is the guy you are following $ownerId = $row["object_id"]; } // #2 : I am not interested in receiving mails where // I am the subject or doer of deed! if (!empty($ownerId) && $ownerId != $row["subject_id"]) { // #3 - get my preference for this feed $preferenceDao = new \com\indigloo\sc\dao\Preference(); $preferenceObj = $preferenceDao->get($ownerId); $flag = $this->getMailflag($preferenceObj, $verb); if ($flag) { $activityHtml = new \com\indigloo\sc\html\Activity(); $emailData = $activityHtml->getEmailData($feed); if (empty($emailData)) { $message = sprintf("ACTIVITY_ERROR : getting email data :id %d ", $row["id"]); throw new \Exception($message); } $text = $emailData["text"]; $html = $emailData["html"]; $userDao = new \com\indigloo\sc\dao\User(); $row = $userDao->getOnLoginId($ownerId); $name = $row["name"]; $email = $row["email"]; if (!empty($email)) { $code = WebMail::sendActivityMail($name, $email, $text, $html); if ($code > 0) { $message = sprintf("ACTIVITY_ERROR : sending mail : id %d ", $row["id"]); throw new \Exception($message); } } } //condition:mail_flag } //condition:owner }
private function processLists($params, $options) { $pubUserId = Util::getArrayKey($params, "login_id"); $loginId = PseudoId::decode($pubUserId); $qparams = Url::getRequestQueryParams(); $userDao = new \com\indigloo\sc\dao\User(); $userDBRow = $userDao->getOnLoginId($loginId); $this->isValidUser($userDBRow); $gpage = Url::tryQueryParam("gpage"); $gpage = empty($gpage) ? "1" : $gpage; $listDao = new \com\indigloo\sc\dao\Lists(); $qparams = Url::getRequestQueryParams(); $pageSize = Config::getInstance()->get_value("user.page.items"); $paginator = new \com\indigloo\ui\Pagination($qparams, $pageSize); $listDBRows = $listDao->getPagedOnLoginId($paginator, $loginId); $template = APP_WEB_DIR . '/view/user/lists.php'; //page variables $pageBaseUrl = "/pub/user/" . $pubUserId; $pageTitle = sprintf("page %d of lists by %s", $gpage, $userDBRow["name"]); $metaKeywords = SeoData::getHomeMetaKeywords(); $metaDescription = SeoData::getHomeMetaDescription(); include $template; }
array_push($filters, $filter); $ftname = "name:" . $gtoken; break; case "user": $filter = new Filter($model); $loginId = PseudoId::decode($userId); $filter->add($model::LOGIN_ID, Filter::EQ, $loginId); array_push($filters, $filter); $ftname = "user:"******"user.page.items"); $total = $userDao->getTotal($filters); $paginator = new \com\indigloo\ui\Pagination($qparams, $pageSize); $userDBRows = $userDao->getPaged($paginator, $filters); $gtoken = ""; $baseURI = "/monitor/users.php"; ?> <!DOCTYPE html> <html> <head> <title> 3mik.com - users in system</title> <?php
<?php include 'sc-app.inc'; include APP_CLASS_LOADER; use com\indigloo\sc\util\PseudoId; if ($argc < 3) { printf("Usage : {$php} change.php <pseudo_id> <password> \n"); exit; } $pseudoId = $argv[1]; $pseudoId = trim($pseudoId); $password = $argv[2]; $loginId = PseudoId::decode($pseudoId); //get email lookup on loginId $userDao = new \com\indigloo\sc\dao\User(); $row = $userDao->getOnLoginId($loginId); $email = $row["email"]; printf("change for login_id = %s, email = %s \n ", $loginId, $email); $data = \com\indigloo\auth\User::changePassword("sc_user", $loginId, $email, $password);
use com\indigloo\Constants; use com\indigloo\Util; use com\indigloo\Url; use com\indigloo\exception\UIException; if (isset($_POST['save']) && $_POST['save'] == 'Save') { $gWeb = \com\indigloo\core\Web::getInstance(); $fvalues = array(); $fUrl = \com\indigloo\Url::tryFormUrl("fUrl"); try { $fhandler = new Form\Handler('web-form-1', $_POST); $fhandler->addRule('email', 'Email', array('maxlength' => 64, 'required' => 1)); $fvalues = $fhandler->getValues(); if ($fhandler->hasErrors()) { throw new UIException($fhandler->getErrors()); } $userDao = new \com\indigloo\sc\dao\User(); $user = $userDao->getOnEmail($fvalues['email']); if (empty($user)) { $message = "Error: We did not find any account with this email!"; throw new UIException(array($message)); } $mailDao = new \com\indigloo\sc\dao\Mail(); $mailDao->addResetPassword($user['name'], $fvalues['email']); $message = "Success! You will receive an email soon!"; $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_MESSAGES, array($message)); header("Location: " . $fUrl); exit; } catch (UIException $ex) { $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_ERRORS, $ex->getMessages());
$fvalues = $fhandler->getValues(); //decode q param for redirect $qUrl = base64_decode($fvalues['qUrl']); if ($fhandler->hasErrors()) { throw new UIException($fhandler->getErrors()); } //form token $session_token = $gWeb->find("change.password.token", true); if ($fvalues['ftoken'] != $session_token) { $message = "form token does not match the value stored in session"; throw new UIException(array($message)); } //decrypt email $email = $gWeb->find("change.password.email", true); $email = Util::decrypt($email); $userDao = new \com\indigloo\sc\dao\User(); //@test with email that can cause issues with encoding! $userDBRow = $userDao->getOnEmail($email); //send raw password $email = strtolower(trim($email)); $password = trim($_POST['password']); WebglooUser::changePassword('sc_user', $userDBRow['login_id'], $email, $password); //success $gWeb->store(Constants::FORM_MESSAGES, array("password changed successfully!")); header("Location: " . $qUrl); exit(1); } catch (UIException $ex) { $gWeb->store(Constants::STICKY_MAP, $fvalues); $gWeb->store(Constants::FORM_ERRORS, $ex->getMessages()); header("Location: " . $fUrl); exit(1);
use com\indigloo\Util; use com\indigloo\sc\auth\Login; use com\indigloo\sc\ui\Constants as UIConstants; use com\indigloo\sc\util\Nest; use com\indigloo\sc\Constants as AppConstants; use com\indigloo\exception\DBException; set_exception_handler("webgloo_ajax_exception_handler"); //Admin login is required if (!Login::isAdmin()) { $message = array("code" => 401, "message" => "Authentication failure! Admin credentials missing."); $html = json_encode($message); echo $html; exit; } $action = Util::getArrayKey($_POST, "action"); $userDao = new \com\indigloo\sc\dao\User(); $message = NULL; try { switch ($action) { case UIConstants::BAN_USER: $loginId = Util::getArrayKey($_POST, "loginId"); $userDao->ban($loginId); $message = sprintf("success! user %s has been banned!", $loginId); break; case UIConstants::TAINT_USER: $userId = Util::getArrayKey($_POST, "userId"); $userDao->taint($userId); $message = sprintf("success! user %s has been tainted!", $userId); break; case UIConstants::UNBAN_USER: $loginId = Util::getArrayKey($_POST, "loginId");
function post_to_activity($mysqli) { $sql = "select max(id) as total from sc_post"; $row = MySQL\Helper::fetchRow($mysqli, $sql); $total = $row["total"]; $pageSize = 50; $pages = ceil($total / $pageSize); $count = 0; $userDao = new \com\indigloo\sc\dao\User(); $activityDao = new \com\indigloo\sc\dao\Activity(); while ($count <= $pages) { $start = $count * $pageSize + 1; $end = $start + ($pageSize - 1); $sql = " select * from sc_post where (id <= {end}) and (id >= {start} ) "; $sql = str_replace(array("{end}", "{start}"), array(0 => $end, 1 => $start), $sql); $rows = MySQL\Helper::fetchRows($mysqli, $sql); foreach ($rows as $row) { $subjectId = $row['login_id']; $ownerId = $row['login_id']; $postId = $row['id']; $objectId = PseudoId::encode($postId); $userDBRow = $userDao->getOnLoginId($subjectId); $subject = $userDBRow['name']; $object = $row['title']; $object = Util::filterBadUtf8($object); $verb = \com\indigloo\sc\Constants::POST_VERB; $activityDao->addRow($ownerId, $subjectId, $objectId, $subject, $object, $verb); } flush(); sleep(1); $count++; } }