public function change_password($tmp_code = null) { $tmp_check = false; if (!Auth::check()) { $code_created = new Carbon($this->tmp_code_created); $tmp_check = !empty($this->tmp_code) && $this->tmp_code == $tmp_code && $code_created->diff(new Carbon())->days <= 7; if (!$tmp_check) { FormMessage::add('tmp_code', 'The code was incorrect'); return false; } } $details = Request::all(); $rules = array('new_password' => 'required|confirmed|min:4'); if (!($tmp_check || Auth::check() && Auth::action('user.edit') && Auth::user()->id != $this->id)) { $rules['current_password'] = '******'; } $v = Validator::make($details, $rules); if ($v->passes()) { // check password if (!empty($rules['current_password']) && !Hash::check($details['current_password'], $this->password)) { FormMessage::add('current_password', 'The current password was incorrect'); return false; } // if user can change his password then change it if (Auth::action('account.password', ['user_id' => $this->id]) || Auth::check() && Auth::action('user.edit')) { $this->password = Hash::make($details['new_password']); $this->tmp_code = ''; $this->save(); return true; } } else { FormMessage::set($v->messages()); } return false; }
public static function make($type, $options = []) { if (!($view = self::getView($type))) { return null; } if (!empty($options['name'])) { $options['submitted_data'] = Request::input($options['name']); $options['field_class'] = FormMessage::getErrorClass($options['name']); $options['field_message'] = FormMessage::getErrorMessage($options['name']); } if (isset($options['disabled']) && $options['disabled']) { $options['disabled'] = ['disabled' => 'disabled']; } else { $options['disabled'] = []; } $options = array_merge(['class' => '', 'content' => '', 'name' => '', 'note' => '', 'label' => 'None set', 'submitted_data' => '', 'field_class' => '', 'field_message' => ''], $options); if (!empty($options['value']) && is_string($options['content']) && $options['content'] === '') { $options['content'] = $options['value']; } return View::make($view, $options)->render(); }
public function login() { if (Request::input()) { $userData = ['username' => Request::input('username'), 'password' => Request::input('password')]; $rememberMe = Request::input('remember') == 'yes'; if ($e = Auth::attempt($userData, $rememberMe)) { $login_path = Request::input('login_path') ?: Cookie::get('login_path'); if (empty($login_path)) { return \redirect()->route('coaster.admin.home'); } else { $cookie = Cookie::forget('login_path'); return \redirect($login_path)->withCookie($cookie); } } else { FormMessage::add('username', 'Username or password incorrect'); FormMessage::add('password', ' '); } } $this->layoutData['content'] = View::make('coaster::pages.login'); $this->layoutData['title'] = 'Login'; return null; }
public function forgottenPassword() { $view_data = array(); $rules = array('email' => 'required|email'); $validation = Validator::make(Request::all(), $rules); if ($_POST && $validation->fails()) { FormMessage::set($validation->messages()); } elseif ($_POST) { $email_addr = Request::input('email'); $user = User::where('email', '=', $email_addr)->first(); if ($user !== null) { if (!Auth::action('account.password', ['user_id' => $user->id])) { FormMessage::add('email', 'You can\'t change the password for this account'); } else { $code = urlencode(str_random(32) . microtime()); $user->tmp_code = $code; $user->tmp_code_created = new Carbon(); $user->save(); Mail::send('coaster::emails.forgotten_password', array('code' => $code), function ($message) use($email_addr) { $message->from(config('coaster::site.email')); $message->to($email_addr); $message->subject(config('coaster::site.name') . ': Forgotten Password'); }); $failures = Mail::failures(); if (empty($failures)) { $view_data['success'] = 'We have sent an email to you with a link to change your password.'; } else { FormMessage::add('email', 'There was an error sending mail, please contact <a href="mailto:support@web-feet.co.uk?Subject=' . config('coaster::site.name') . ': Forgotten Password">support</a>.'); } } } else { FormMessage::add('email', 'We couldn\'t find your records.'); } } $this->layoutData['title'] = 'Forgotten Password'; $this->layoutData['content'] = View::make('coaster::pages.forgotten_password', $view_data); }
/** * Save form data and send email * @param array $formData * @return bool|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector */ public function submission($formData) { if ($form_settings = $this->_block->getContent(true)) { $form_settings = $this->_defaultData($form_settings); $form_rules = BlockFormRule::get_rules($form_settings->template); $v = Validator::make($formData, $form_rules); $captcha = Securimage::captchaCheck(); // check form rules if ($v->passes() && !($form_settings->captcha == true && !$captcha)) { // delete blank and system fields unset($formData['captcha_code']); // Save data function (override this function to save data differently) $form_submission = $this->submissionSaveData($formData); if (!$form_submission->id) { FormMessage::add('submission_save_error', 'Unable to save the form.'); } // Send email if ($this->submissionSendEmail($formData, $form_settings)) { $form_submission->sent = 1; $form_submission->save(); } Session::set('form_data', $form_submission); return \redirect(PageBuilder::pageUrl($form_settings->page_to)); } else { FormMessage::set($v->messages()); if (!$captcha) { FormMessage::add('captcha_code', 'Invalid Captcha Code, try again.'); } } } return false; }
/** * Saves page data * @param PageVersion $pageVersion * @param array $pagePost * @param array $pageLangPost * @param array $pageGroupsPost * @param array $pageInfoOther * @return bool */ public function savePostData($pageVersion, $pagePost, $pageLangPost, $pageGroupsPost, $pageInfoOther = []) { /* * Post data fixes */ foreach ($pagePost as $k => $pagePostField) { if (is_array($pagePostField) && array_key_exists('exists', $pagePostField)) { $pagePost[$k] = array_key_exists('select', $pagePostField) ? $pagePostField['select'] : 0; } } if (array_key_exists('live_start', $pagePost)) { $pagePost['live_start'] = DateTimeHelper::jQueryToMysql($pagePost['live_start']) ?: null; } if (array_key_exists('live_end', $pagePost)) { $pagePost['live_end'] = DateTimeHelper::jQueryToMysql($pagePost['live_end']) ?: null; } foreach ($pageInfoOther as $k => $pageInfoOtherField) { if (is_array($pageInfoOtherField) && array_key_exists('exists', $pageInfoOtherField) && array_key_exists('select', $pageInfoOtherField)) { $pageInfoOther[$k] = $pageInfoOtherField['select']; } } /* * Overwrite default/existing data with posted data */ $pageDefaults = array_merge(['template' => 0, 'parent' => 0, 'child_template' => 0, 'order' => 0, 'group_container' => 0, 'group_container_url_priority' => 0, 'canonical_parent' => 0, 'link' => 0, 'live' => 0, 'sitemap' => 1, 'live_start' => null, 'live_end' => null], $this->getAttributes()); foreach ($pageDefaults as $pageAttribute => $pageDefault) { $this->{$pageAttribute} = $pageDefault; switch ($pageAttribute) { case 'template': $pageVersion->{$pageAttribute} = $pagePost[$pageAttribute]; break; default: $this->{$pageAttribute} = array_key_exists($pageAttribute, $pagePost) ? $pagePost[$pageAttribute] : $this->{$pageAttribute}; } } if (!$this->pageCurrentLang) { $this->setRelation('pageCurrentLang', ($d = $this->pageDefaultLang) ? $d->replicate() : new PageLang()); unset($this->pageCurrentLang->language_id); } $pageLang = $this->pageLang(); $pageLangDefaults = array_merge(['language_id' => Language::current(), 'url' => '', 'name' => '', 'live_version' => 1], $pageLang->getAttributes()); foreach ($pageLangDefaults as $pageLangAttribute => $pageLangDefault) { $pageLang->{$pageLangAttribute} = array_key_exists($pageLangAttribute, $pageLangPost) ? $pageLangPost[$pageLangAttribute] : $pageLangDefault; } /* * Check page parent exists if set and page limit is not hit */ $parent = static::find($this->parent); if ($this->parent > 0 && !$parent) { return false; } if (!$this->id && !$this->link && static::at_limit($this->parent == -1)) { return false; } /* * Check page name/url set and does not conflict */ $pageLang->url = trim($pageLang->url); if (!$this->link) { $pageLang->url = strtolower(str_replace(['/', ' '], '-', $pageLang->url)); if (preg_match('#^[-]+$#', $pageLang->url)) { $pageLang->url = ''; } if ($pageLang->url == '' && !$this->parent) { $pageLang->url = '/'; } $siblings = []; foreach ($pageGroupsPost as $pageGroupId => $checkedVal) { $pageGroup = PageGroup::preload($pageGroupId); $siblings = array_merge($pageGroup->exists ? $pageGroup->itemPageIds() : [], $siblings); } if ($this->parent >= 0) { $siblings = array_merge(static::getChildPageIds($this->parent), $siblings); } $siblings = array_unique($siblings); } if (!$pageLang->name) { FormMessage::add('page_info_lang[name]', 'page name required'); } if (!$pageLang->url) { FormMessage::add('page_info_lang[url]', 'page url required'); } if (!empty($siblings)) { $same_level = PageLang::where('url', '=', $pageLang->url)->whereIn('page_id', $siblings); $same_level = $this->id ? $same_level->where('page_id', '!=', $this->id) : $same_level; if (!$same_level->get()->isEmpty()) { FormMessage::add('page_info_lang[url]', 'url in use by another page!'); $pageLang->url = ''; } } if (!$pageLang->name || !$pageLang->url) { return false; } /* * If adding a page as a group container, create container / check exists */ if ($this->group_container == -1) { $groupContainer = new PageGroup(); $groupContainer->name = $pageLang->name; $groupContainer->item_name = 'Page'; $groupContainer->default_template = 0; $groupContainer->save(); $this->group_container = $groupContainer->id; } elseif ($this->group_container) { $groupContainer = PageGroup::preload($this->group_container); if (!$groupContainer->exists || $pageDefaults['group_container'] != $this->group_container && !$groupContainer->canEditItems()) { $this->group_container = 0; } } /* * Check if page info can be updated (based on publishing auth action, or allowed if new page) */ $authPageIdCheck = $this->id ?: ($this->parent > 0 ? $this->parent : 0); $canPublish = config('coaster::admin.publishing') > 0 && Auth::action('pages.version-publish', ['page_id' => $authPageIdCheck]) || config('coaster::admin.publishing') == 0 && Auth::action('pages.edit', ['page_id' => $authPageIdCheck]); $canPublish = $canPublish || isset($groupContainer) && (config('coaster::admin.publishing') > 0 && $groupContainer->canPublishItems() || config('coaster::admin.publishing') == 0 && $groupContainer->canEditItems()); $willPublish = !$this->id || $canPublish; /* * Check and save page changes */ if ($willPublish) { // if new page set as last ordered page if ($this->parent >= 0 && !$this->id) { $lastSibling = static::where('parent', '=', $this->parent)->orderBy('order', 'desc')->first(); $this->order = $lastSibling ? $lastSibling->order + 1 : 1; } // if new page publish template $this->template = $this->id ? $this->template : $pageVersion->template; // if link remove live template $this->template = $this->link ? 0 : $this->template; // set page live between but no dates set set as hidden, or if can't publish set as hidden $this->live = $this->live == 2 && is_null($this->live_end) && is_null($this->live_start) ? 0 : $this->live; $this->live = $canPublish ? $this->live : 0; // save page data $this->save(); $pageLang->page_id = $this->id; $pageLang->save(); } $pageVersion->page_id = $this->id; $pageVersion->save(); /* * Update title block to the page name is new page */ if (!$this->id && ($titleBlock = Block::where('name', '=', config('coaster::admin.title_block'))->first())) { $titleBlock->setVersionId($pageVersion->version_id)->setPageId($this->id)->getTypeObject()->save($pageLang->name); PageSearchData::updateText(strip_tags($pageLang->name), 0, $this->id); } /* * Save Page Groups */ $currentGroupIds = $this->groupIds(); $newGroupIds = array_keys($pageGroupsPost); PageGroupPage::where('page_id', '=', $this->id)->whereIn('group_id', array_diff($currentGroupIds, $newGroupIds))->delete(); foreach (array_diff($newGroupIds, $currentGroupIds) as $addGroupId) { $this->groups()->attach($addGroupId); } /* * Save other page info */ if ($willPublish && Auth::action('menus')) { MenuItem::set_page_menus($this->id, array_key_exists('menus', $pageInfoOther) ? $pageInfoOther['menus'] : []); } if ($canPublish && array_key_exists('beacons', $pageInfoOther) && Auth::action('themes.beacons-update')) { BlockBeacon::updatePage($this->id, $pageInfoOther['beacons']); } return true; }
public function installTheme() { $details = Request::all(); $error = false; if (!empty($details['theme'])) { if (!($error = Theme::unzip($details['theme'] . '.zip', false))) { $withPageData = !empty($details['page-data']) ? 1 : 0; $result = Theme::install($details['theme'], ['withPageData' => $withPageData]); if ($result['error']) { $error = $result['response']; } if (($usedThemeSetting = Setting::where('name', '=', 'frontend.theme')->first()) && ($theme = Theme::where('theme', '=', $details['theme'])->first())) { $usedThemeSetting->value = $theme->id; $usedThemeSetting->save(); } } } if ($error) { FormMessage::add('theme', $error); $this->setupTheme(); } else { include __DIR__ . '/../../Http/routes/admin.php'; Install::setInstallState('complete-welcome'); $this->layoutData['title'] = 'Install Complete'; $this->layoutData['content'] = View::make('coaster::pages.install', ['stage' => 'complete']); } }
/** * Repeater form submission * @param array $formData * @return null|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector */ public function submission($formData) { $formRules = BlockFormRule::get_rules($this->_block->name . '-form'); $v = Validator::make($formData, $formRules); if ($v->passes()) { foreach ($formData as $blockName => $content) { $fieldBlock = Block::preload($blockName); if ($fieldBlock->exists) { if ($fieldBlock->type == 'datetime' && empty($content)) { $content = new Carbon(); } $formData[$blockName] = $content; } } $this->insertRow($formData); Email::sendFromFormData([$this->_block->name . '-form'], $formData, config('coaster::site.name') . ': New Form Submission - ' . $this->_block->label); return \redirect(Request::url()); } else { FormMessage::set($v->messages()); } return null; }
public static function updateUrl($uniqueId, $pageId) { $beacon = self::where('unique_id', '=', $uniqueId)->first(); if (empty($beacon)) { FormMessage::add('page_info_other[beacons]', 'A selected beacon was not found'); } else { $beaconUrl = URL::to('/'); $beaconUrlParts = parse_url($beaconUrl); $beaconUrlEncoded = '02' . bin2hex($beaconUrlParts['host']); if ($pageId) { $pageUrl = Path::getFullUrl($pageId); $pageUrl = URL::to($pageUrl); try { $bitlyResponse = json_decode(self::_bitly()->request('GET', 'v3/shorten', ['query' => ['access_token' => config('coaster::key.bitly'), 'longUrl' => $pageUrl . '?beacon_id=' . $uniqueId]])->getBody()); if ($bitlyResponse->status_code == 200) { $beaconUrl = 'http://bit.ly/' . $bitlyResponse->data->hash; $beaconUrlEncoded = '02' . bin2hex('bit.ly/' . $bitlyResponse->data->hash); } else { FormMessage::add('page_info_other[beacons]', 'Error generating bit.ly url (response: ' . $bitlyResponse->status_txt . ')'); return 0; } } catch (RequestException $e) { FormMessage::add('page_info_other[beacons]', 'Error generating bit.ly url (response: ' . $e->getCode() . ')'); return 0; } } if ($beacon->url == $beaconUrl && $beacon->page_id == $pageId) { return 1; } try { self::_client()->request('POST', 'config/delete', ['query' => ['uniqueId' => $uniqueId]]); self::_client()->request('POST', 'config/create', ['query' => ['uniqueId' => $uniqueId, 'deviceType' => 'beacon', 'url' => $beaconUrlEncoded]])->getBody(); $beacon->page_id = $pageId; $beacon->url = $beaconUrl; $beacon->save(); return 1; } catch (RequestException $e) { $error = json_decode($e->getResponse()->getBody()); FormMessage::add('page_info_other[beacons]', 'Error updating device config with new URL (' . $error->status . ': ' . $error->message . ')'); } } return 0; }
public function postAdd() { $authUser = Auth::user(); $v = Validator::make(Request::all(), array('email' => 'required|email', 'role' => 'required|integer')); $perm_issue = true; $role = UserRole::find(Request::input('role')); if (!empty($role) && $role->admin <= $authUser->role->admin) { $perm_issue = false; } if ($v->passes() && !$perm_issue) { $password = str_random(8); $new_user = new User(); $new_user->email = Request::input('email'); $new_user->role_id = Request::input('role'); $new_user->password = Hash::make($password); $new_user->save(); AdminLog::new_log('User \'' . $new_user->email . '\' added'); Mail::send('coaster::emails.new_account', array('email' => $new_user->email, 'password' => $password), function ($message) use($new_user) { $message->from(config('coaster::site.email')); $message->to($new_user->email); $message->subject(config('coaster::site.name') . ': New Account Details'); }); $failures = Mail::failures(); if (empty($failures)) { $email_message = 'An email has been sent to the new user with their login details.'; $email_status = 'success'; } else { $email_message = 'There was an error sending the login details to the new user.'; $email_status = 'warning'; } $this->layoutData['content'] = View::make('coaster::pages.users.add', array('success' => true, 'password' => $password, 'email_message' => $email_message, 'email_status' => $email_status)); } else { FormMessage::set($v->messages()); if ($perm_issue) { FormMessage::add('role', 'Don\'t have permission to create user with this role, or doesn\'t exist'); } $this->getAdd(); } }