public function __construct()
{
parent::__construct();
$this->template->links = array('Home' => 'home', 'Browse' => 'folders', 'Search' => 'search', 'About' => 'about', 'Contact' => 'contact');
$this->db = Database::instance();
// makes database object available to all controllers
$this->session = Session::instance();
$authentic = new Auth();
if ($authentic->logged_in() || $authentic->auto_login()) {
$this->user = $authentic->get_user();
} else {
$this->session->set("requested_url", "/" . url::current());
// this will redirect from the login page back to this page
url::redirect('/auth/login');
}
// if ($authentic->auto_login()) {
// $this->user = $authentic->get_user();
// url::redirect('/document/view/1');
// }
// if (!$authentic->logged_in()) {
//
// $this->session->set("requested_url","/".url::current()); // this will redirect from the login page back to this page
// url::redirect('/auth/login');
// } else {
// $this->user = $authentic->get_user(); //now you have access to user information stored in the database
// }
}
/**
* Show shouts or shout
*/
public function index()
{
$shout = new Shout_Model();
$form_values = $shout->as_array();
$form_errors = array();
// Check post
if (csrf::valid() && ($post = $this->input->post())) {
$shout->author_id = $this->user->id;
$shout->shout = $post['shout'];
try {
$shout->save();
if (!request::is_ajax()) {
url::redirect(url::current());
}
} catch (ORM_Validation_Exception $e) {
$form_errors = $e->validation->errors();
$form_values = arr::overwrite($form_values, $post);
}
}
$shouts = ORM::factory('shout')->find_all(10);
$view = View_Mod::factory('generic/shout', array('mod_title' => __('Shouts'), 'shouts' => $shouts, 'can_shout' => ORM::factory('shout')->has_access(Shout_Model::ACCESS_WRITE, $this->user), 'errors' => $form_errors, 'values' => $form_values));
if (request::is_ajax()) {
echo $view;
return;
}
widget::add('main', $view);
}
/**
* Shows a themed error page.
* @see Kohana_Exception::handle
*/
private static function _show_themed_error_page(Exception $e)
{
// Create a text version of the exception
$error = Kohana_Exception::text($e);
// Add this exception to the log
Kohana_Log::add('error', $error);
// Manually save logs after exceptions
Kohana_Log::save();
if (!headers_sent()) {
if ($e instanceof Kohana_Exception) {
$e->sendHeaders();
} else {
header("HTTP/1.1 500 Internal Server Error");
}
}
$view = new Theme_View("page.html", "other", "error");
if ($e instanceof Kohana_404_Exception) {
$view->page_title = t("Dang... Page not found!");
$view->content = new View("error_404.html");
$user = identity::active_user();
$view->content->is_guest = $user && $user->guest;
if ($view->content->is_guest) {
$view->content->login_form = new View("login_ajax.html");
$view->content->login_form->form = auth::get_login_form("login/auth_html");
// Avoid anti-phishing protection by passing the url as session variable.
Session::instance()->set("continue_url", url::current(true));
}
} else {
$view->page_title = t("Dang... Something went wrong!");
$view->content = new View("error.html");
}
print $view;
}
public function index()
{
$news = Mynews::instance();
$per_page = controller_tool::per_page();
$orderby_arr = array(0 => array('id' => 'DESC'), 1 => array('id' => 'ASC'), 2 => array('order' => 'ASC'), 3 => array('order' => 'DESC'));
$orderby = controller_tool::orderby($orderby_arr);
$query_struct = array('where' => array(), 'orderby' => $orderby, 'limit' => array('per_page' => $per_page, 'offset' => 0));
$total = $news->count_site_news();
$this->pagination = new Pagination(array('base_url' => url::current(), 'uri_segment' => 'page', 'total_items' => $total, 'items_per_page' => $per_page, 'style' => 'digg'));
$query_struct['limit']['offset'] = $this->pagination->sql_offset;
$news = Mynews::instance()->lists($query_struct);
$categorys = array();
foreach ($news as $row) {
$categorys[$row['classid']] = $row['classid'];
}
foreach ($categorys as $v) {
$str = '';
$aa = array('where' => array('id' => $v), 'like' => array(), 'limit' => array());
$categories = Mynews_category::instance()->list_news_categories($aa);
if (count($categories)) {
$str = $categories[0]['category_name'];
if ($categories[0]['parent_id'] > 0) {
$aa = array('where' => array('id' => $categories[0]['parent_id']), 'like' => array(), 'limit' => array());
$cate = Mynews_category::instance()->list_news_categories($aa);
$str = $cate[0]['category_name'] . ' > ' . $str;
}
}
$categorys[$v] = $str;
}
$this->template->content = new View("site/news_list");
$this->template->content->data = $news;
$this->template->content->categorys = $categorys;
$this->template->content->title = "site news list";
}
public static function header($form = array())
{
if (isset($form['template'])) {
form::$template = arr::take('template', $form);
}
$attrs['class'] = isset($form['class']) ? $form['class'] : 'form';
$attrs['method'] = isset($form['method']) ? $form['method'] : 'post';
$attrs['action'] = isset($form['action']) ? $form['action'] : url::current();
//加载表头
$html[] = '';
$html[] = '<form' . html::attributes($attrs) . '>';
$html[] = field::hidden(array('name' => '_REFERER', 'value' => request::referer()));
$html[] = field::hidden(array('name' => '_FORMHASH', 'value' => form::hash()));
//加载常用js
$html[] = html::script(url::common() . '/js/jquery.validate.js');
$html[] = html::script(url::common() . '/js/jquery.validate.additional.js');
$html[] = html::script(url::common() . '/js/jquery.form.js');
//表单头部
if (isset($form['title']) || isset($form['description'])) {
$html[] = '<div class="form-header clearfix">';
$html[] = isset($form['icon']) ? ' <div class="form-icon"></div>' : '';
$html[] = isset($form['title']) ? ' <div class="form-title">' . $form['title'] . '</div>' : '';
$html[] = isset($form['description']) ? ' <div class="form-description">' . $form['description'] . '</div>' : '';
$html[] = '</div>';
}
//表单body部分开始
$html[] = '<div class="form-body">';
echo implode("\n", $html);
}
public function render()
{
if (!$this->links) {
throw new Kohana_User_Exception("Navbar not implemented correctly", "Links have not been set. Please call <code>$navbar->set_links({$links})</code>");
} else {
if ($this->view) {
return $this->render_to_view($this->view);
} else {
$html = "";
$i = 0;
foreach ($this->links as $link) {
$class = "";
if (str_replace("site", "", url::current()) == $link->seoURL || url::current() == $link->seoURL || uri::segment(1) == $link->seoURL) {
$class .= "selected";
}
if ($i == 0) {
$class .= " first";
}
if ($i == count($this->links) - 1) {
$class .= " last";
}
$html .= '<li class="' . $class . '" id="menu0' . ($i + 1) . '"><a href="' . url::site() . $link->seoURL . '" class="' . $class . '">' . $link->title . '</a></li>';
$i++;
}
# $html .= "</ul>";
return $html;
}
}
}
public function login()
{
if (User_Model::logged_in()) {
url::redirect(url::current());
return;
}
$this->template->content = new View('customers/login');
$this->template->content->email = '';
$this->template->content->password = '';
$this->template->content->errors = '';
if (request::method() == 'post') {
$post = new Validation($_POST);
$post->add_rules('email', 'email');
$post->add_rules('password', 'required');
if ($post->validate()) {
if (ORM::factory('user')->login($post->email, $post->password)) {
if (isset($post->redirect)) {
url::redirect($post->redirect);
}
url::redirect($_SERVER['HTTP_REFERER']);
} else {
$this->template->content->email = $post->email;
$this->template->content->errors = 'Invalid email and/or password.';
}
} else {
$this->template->content->errors = 'Email and password are required.';
}
}
$this->template->metaDescription = $this->description;
$this->template->metaKeywords = $this->keywords;
$this->template->metaTitle = $this->title;
$this->template->title = $this->title;
}
public function actionPassword()
{
$user = zotop::model('system.user');
$user->id = (int) zotop::user('id');
$user->username = (string) zotop::user('username');
if (form::isPostBack()) {
$user->read();
$password = zotop::post('password');
$newpassword = zotop::post('newpassword');
if ($user->password($password) != $user->password) {
msg::error(zotop::t('您输入的原密码:<b>{$password}</b>错误,请确认', array('password' => $password)));
}
if ($newpassword != request::post('newpassword2')) {
msg::error(zotop::t('两次输入的新密码不一致,请确认'));
}
if ($newpassword != $password) {
$update = $user->update(array('id' => $user->id, 'password' => $user->password($newpassword)));
}
msg::success(zotop::t('密码修改成功,请记住您的新密码'), url::current());
}
$page = new page();
$page->title = zotop::t('个人中心');
$page->set('user', $user);
$page->set('navbar', $this->navbar());
$page->display();
}
public function xss_in_current_url_test()
{
Router::$current_uri = "foo/<xss>/bar";
Router::$complete_uri = "foo/<xss>/bar?foo=bar";
$this->assert_same("foo/<xss>/bar", url::current());
$this->assert_same("foo/<xss>/bar?foo=bar", url::current(true));
}
/**
* Template loading and setup routine.
*/
public function __construct()
{
parent::__construct();
// checke request is ajax
$this->ajax_request = request::is_ajax();
// Load the template
$this->template = new View($this->template);
if ($this->auto_render == TRUE) {
Event::add('system.post_controller', array($this, '_render'));
}
/**
* 判断用户登录情况
*/
if (isset($_REQUEST['session_id'])) {
$session = Session::instance($_REQUEST['session_id']);
$manager = role::get_manager($_REQUEST['session_id']);
} else {
$session = Session::instance();
$manager = role::get_manager();
}
/* 当前请求的URL */
$current_url = urlencode(url::current(TRUE));
//当前用户管理的站点的ID
$this->site_id = site::id();
}
/**
* Adds all the events to the main Ushahidi application
*/
public function add()
{
$session = Session::instance();
// Has user switched to Full Website?
if (isset($_GET['full']) and $_GET['full'] == 1) {
// Create the Full website session
$session->set('full', 1);
}
if (!$session->get('full')) {
//error_log($_GET['full']);
// If Mobile Configure Mobile Settings
if (isset($_SERVER['HTTP_USER_AGENT']) and !$this->_is_keitai() and $this->_is_mobile() and strrpos(url::current(), "mobile") === FALSE and strrpos(url::current(), "page/index/9") === FALSE and strrpos(url::current(), "contact") === FALSE and strrpos(url::current(), "alerts/verify") === FALSE and Router::$controller != 'api') {
// Only add the events if we are on that controller
$request_url = "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
$replace_url1 = "http://" . $_SERVER["HTTP_HOST"] . "/ushahidi/mobile/";
$replace_url2 = "http://" . $_SERVER["HTTP_HOST"] . "/mobile/";
if (strpos($request_url, "ushahidi") === false) {
$url = str_replace("http://" . $_SERVER["HTTP_HOST"] . "/", $replace_url2, $request_url);
} else {
$url = str_replace(url::base(), $replace_url1, $request_url);
}
//url::redirect(url::base()."mobile");
url::redirect($url);
}
}
}
/**
* Show latest PER_PAGE news on page
* @return void
*/
public function index($module = NULL, $page = 1)
{
$this->set_title(Kohana::lang('search.search'));
if ($page == 1) {
$this->add_breadcrumb(Kohana::lang('search.the_best_results'), url::current());
} else {
$this->add_breadcrumb(Kohana::lang('search.page_no') . ' ' . $page, url::current());
}
// Default values
$form = array('value' => '');
$errors = array();
if ($_POST) {
$post = new Validation($_POST);
// Some filters
$post->pre_filter('trim', TRUE);
// Rules
$post->add_rules('value', 'required');
if ($post->validate()) {
$form = arr::overwrite($form, $post->as_array());
} else {
// Repopulate form with error and original values
$form = arr::overwrite($form, $post->as_array());
$errors = $post->errors('search_errors');
}
}
$this->template->content = new View('search');
$data = $this->products->search($post['value']);
$data2 = $this->page->search($post['value']);
$data3 = $this->news->search($post['value']);
$this->template->content->data = $data;
$this->template->content->data2 = $data2;
$this->template->content->data3 = $data3;
$this->template->content->form = $form;
$this->template->content->errors = $errors;
}
public function index()
{
$site_id = 1;
$theme_id = 2;
$server = Storage_server::instance();
$filename = $this->input->get('filename');
$theme_views = $server->get_site_themes($site_id, $theme_id, 'views');
$theme_js = $server->get_site_themes($site_id, $theme_id, 'js');
$theme_css = $server->get_site_themes($site_id, $theme_id, 'css');
if (in_array($filename, $theme_views)) {
$type = 'views';
} else {
if (in_array($filename, $theme_js)) {
$type = 'js';
} else {
if (in_array($filename, $theme_css)) {
$type = 'css';
} else {
$type = 'views';
$filename = 'index.php';
}
}
}
if ($_POST) {
$file = $_POST['file'];
$server->cache_site_theme($site_id, $theme_id, $type, $filename, $file);
remind::set('add ' . $_POST['file'], url::current(TRUE));
}
$code = $server->get_site_theme($site_id, $theme_id, $type, $filename);
$this->template->content = new View("site/theme_edit");
$this->template->content->theme_files = array_merge($theme_views, $theme_js, $theme_css);
$this->template->content->data = $code;
$this->template->content->filename = $filename;
}
public function message()
{
if ($message = s::get('message') and is_array($message)) {
$text = a::get($message, 'text');
$type = a::get($message, 'type', 'notification');
$element = new Brick('div');
$element->addClass('message');
if ($type == 'error') {
$element->addClass('message-is-alert');
} else {
$element->addClass('message-is-notice');
}
$element->append(function () use($text) {
$content = new Brick('span');
$content->addClass('message-content');
$content->text($text);
return $content;
});
$element->append(function () {
$toggle = new Brick('a');
$toggle->attr('href', url::current());
$toggle->addClass('message-toggle');
$toggle->html('<i>×</i>');
return $toggle;
});
s::remove('message');
return $element;
}
}
/**
* Require the user to log in if they are not yet logged in
* @Developer Brandon Hansen
* @Date April 06, 2010
* @Return void
*/
public static function require_login()
{
if (!self::logged_in()) {
Session::instance()->set('redirect', url::current(true));
url::redirect('login');
}
}
/**
* Delete image
* @return void
* @param integer id of item
* @param integer id of picture
* @param string dir with images
*/
public function delete_image($id, $image, $dir)
{
// Check for user permission
if (user::is_got()) {
// Page settings
$this->set_title(Kohana::lang('gallery.delete_image'));
$this->add_breadcrumb(Kohana::lang('gallery.delete_image'), url::current());
// Set redirect URL
if (isset($_POST['redirect'])) {
$redirect = $_POST['redirect'];
} else {
$redirect = request::referrer();
}
$form = array('redirect' => $redirect);
if ($_POST) {
if (isset($_POST['yes'])) {
// Clicked on yes = delete image
unlink('./data/' . $dir . '/' . $id . '_' . $image . '.jpg');
unlink('./data/' . $dir . '/' . $id . '_' . $image . '_m.jpg');
url::redirect($form['redirect']);
} else {
url::redirect($form['redirect']);
}
}
// View
$this->template->content = new View('admin/delete_image');
$this->template->content->form = $form;
}
}
/**
* Permission denied page
* @return void
*/
public function index()
{
// Page settings
$this->add_breadcrumb(Kohana::lang('denied.denied'), url::current());
$this->set_title(Kohana::lang('denied.denied'));
// View
$this->template->content = new View('denied');
}
private static function _prompt_for_reauth($controller_name, $args)
{
if (request::method() == "get" && !request::is_ajax()) {
// Avoid anti-phishing protection by passing the url as session variable.
Session::instance()->set("continue_url", url::current(true));
}
url::redirect("reauthenticate");
}
private final function _removeSSL()
{
if ($this->_removeSSL && $_SERVER['SERVER_PORT'] != 80 && $_SERVER['REQUEST_METHOD'] == 'GET') {
$url = "http://{$_SERVER['SERVER_NAME']}/" . url::current(TRUE);
header("Location: {$url}");
exit;
}
}
private static function _reset_form()
{
$form = new Forge(url::current(true), "", "post", array("id" => "g-reset-form"));
$group = $form->group("reset")->label(t("Reset Password"));
$group->input("name")->label(t("Username"))->id("g-name")->class(null)->rules("required")->error_messages("required", t("You must enter a user name"));
$group->submit("")->value(t("Reset"));
return $form;
}
public function __construct()
{
parent::__construct();
$this->profiler = new Profiler();
$request_parts = pathinfo(url::current());
$this->url_extension = isset($request_parts['extension']) ? $request_parts['extension'] : null;
$this->json_callback = $this->input->get('callback');
}
/**
* 根据用户权限得到用户可查看的菜单
*
* @reture Arrat
*/
public static function user_menus()
{
$menu_flags = array();
$current_url = url::current();
$menus = self::get_avalible_menu();
foreach ($menus as $menus_key => $menus_value) {
//子项中无菜单把主项也不显示
$sub_menu = $menus_value['children'];
if (count($sub_menu) < 1) {
unset($menus[$menus_key]);
}
foreach ($sub_menu as $key => $value) {
$url_arr = explode('/', $value['url']);
if (count($url_arr) > 0) {
$menu_flags[$url_arr[0]] = array('key' => $menus_key, 'subkey' => $key);
}
if (count($url_arr) > 1) {
$menu_flags[$url_arr[0] . $url_arr[1]] = array('key' => $menus_key, 'subkey' => $key);
}
if (count($url_arr) > 2) {
$menu_flags[$url_arr[0] . $url_arr[1] . $url_arr[2]] = array('key' => $menus_key, 'subkey' => $key);
}
$value['aliases'] = explode('|', $value['alias']);
if (count($value['aliases']) > 0) {
foreach ($value['aliases'] as $k => $v) {
$alias_url_arr = explode('/', $v);
if (count($alias_url_arr) > 0) {
$menu_flags[$alias_url_arr[0]] = array('key' => $menus_key, 'subkey' => $key);
}
if (count($alias_url_arr) > 1) {
$menu_flags[$alias_url_arr[0] . $alias_url_arr[1]] = array('key' => $menus_key, 'subkey' => $key);
}
if (count($alias_url_arr) > 2) {
$menu_flags[$alias_url_arr[0] . $alias_url_arr[1] . $alias_url_arr[2]] = array('key' => $menus_key, 'subkey' => $key);
}
}
}
}
}
$current_url_arr = explode('/', $current_url);
if (count($current_url_arr) > 2) {
$key = $current_url_arr[0] . $current_url_arr[1] . $current_url_arr[2];
if (isset($menu_flags[$key])) {
$menus[$menu_flags[$key]['key']]['active'] = 10;
$menus[$menu_flags[$key]['key']]['children'][$menu_flags[$key]['subkey']]['active'] = 10;
return $menus;
}
}
if (count($current_url_arr) > 1) {
$key = $current_url_arr[0] . $current_url_arr[1];
if (isset($menu_flags[$key])) {
$menus[$menu_flags[$key]['key']]['active'] = 10;
$menus[$menu_flags[$key]['key']]['children'][$menu_flags[$key]['subkey']]['active'] = 10;
return $menus;
}
}
return $menus;
}
/**
* Detects XDEBUG_PROFILE shortcut as specified in config.
*/
public function detect_shortcut()
{
$shortcut = Kohana::config('webgrind.shortcut');
// search url for shortcut
if (preg_match("/(\\?|&){$shortcut}(&|=|\$)/", Router::$query_string)) {
$url = str_replace($shortcut, 'XDEBUG_PROFILE', url::current(TRUE));
url::redirect($url, 307);
}
}
/**
* Rewrites the URL depending on whether HTTPS is enabled/disabled
*
* NOTES: - Emmanuel Kala, 18th Feb 2011
* This may bring issues with accessing the API (querying or posting) via mobile and/or external applications
* as they may not support querying information via HTTPS
*
*/
public function rewrite_url()
{
if ($this->https_enabled == 'HTTPS') {
$is_https_request = (array_key_exists('HTTPS', $_SERVER) and $_SERVER['HTTPS'] == 'on') ? TRUE : FALSE;
if ($this->https_enabled and !$is_https_request or !$this->https_enabled and $is_https_request) {
url::redirect(url::base() . url::current() . Router::$query_string);
}
}
}
private function _reset_form()
{
$form = new Forge(url::current(true), "", "post", array("id" => "g-reset-form"));
$group = $form->group("reset")->label(t("Reset Password"));
$group->input("name")->label(t("Username"))->id("g-name")->class(null)->rules("required");
$group->inputs["name"]->error_messages("no_email", t("No email, unable to reset password"));
$group->submit("")->value(t("Reset"));
return $form;
}
private function _login_form()
{
$form = new Forge(url::current(true), "", "post", array("id" => "gLoginForm"));
$group = $form->group("login")->label(t("Login"));
$group->input("name")->label(t("Name"))->id("gName")->class(null);
$group->password("password")->label(t("Password"))->id("gPassword")->class(null);
$group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password"));
$group->submit("")->value(t("Login"));
return $form;
}
function validLastChunk()
{
$chunks = explode('/', url::current());
$chunk = end($chunks);
if (!empty($chunk)) {
if (preg_match('#^[a-z0-9-]*$#', $chunk) === 1) {
return true;
}
}
}
/**
* Main page
* @return void
*/
public function index()
{
// Page settings
$this->set_title(Kohana::lang('index.recycleshop'));
$this->add_breadcrumb(Kohana::lang('index.home'), url::current());
// View
$this->template->content = new View('index');
// Adding extra css file
$this->add_css('/modules/eshop/css/eshop.css');
}
public function __construct()
{
parent::__construct();
$this->auth = new Auth();
$this->cache = Cache::instance();
$this->session = Session::instance();
if (!$this->auth->logged_in()) {
$this->session->set("requested_url", "/" . url::current());
url::redirect('/auth');
}
}
/**
* Disqus plugin
*
* @author Bastian Allgeier <*****@*****.**>
* @version 2.0.0
*/
function disqus($shortname, $params = array())
{
$defaults = array('shortname' => $shortname, 'title' => page()->title(), 'identifier' => page()->disqussId()->or(page()->uri()), 'developer' => false, 'url' => url::current());
$options = array_merge($defaults, $params);
if (empty($options['shortname'])) {
throw new Exception('Please provide a disqus shortname');
}
$options['title'] = addcslashes($options['title'], "'");
$options['developer'] = $options['developer'] ? 'true' : 'false';
return tpl::load(__DIR__ . DS . 'template.php', $options);
}