/**
* Check comment add conditions. On bad conditions will be throw'd exception.
* @throws JsonException
* @return boolean
*/
public function check()
{
// check if user is auth'd or guest name is defined
if (!App::$User->isAuth() && ((int) $this->_configs['guestAdd'] !== 1 || Str::length($this->guestName) < 2)) {
throw new JsonException(__('Guest name is not defined'));
}
// check if pathway is empty
if (Str::likeEmpty($this->pathway)) {
throw new JsonException(__('Wrong target pathway'));
}
// check if message length is correct
if (Str::length($this->message) < (int) $this->_configs['minLength'] || Str::length($this->message) > (int) $this->_configs['maxLength']) {
throw new JsonException(__('Message length is incorrect. Current: %cur%, min - %min%, max - %max%', ['cur' => Str::length($this->message), 'min' => $this->_configs['minLength'], 'max' => $this->_configs['maxLength']]));
}
// guest moderation
if (!App::$User->isAuth() && (bool) $this->_configs['guestModerate']) {
$captcha = App::$Request->request->get('captcha');
if (!App::$Captcha->validate($captcha)) {
throw new JsonException(__('Captcha is incorrect! Click on image to refresh and try again'));
}
}
// check delay between 2 comments from 1 user or 1 ip
$query = CommentPost::where('user_id', '=', $this->_userId)->orWhere('ip', '=', $this->ip)->orderBy('created_at', 'DESC')->first();
// check if latest post time for this user is founded
if ($query !== null) {
$postTime = Date::convertToTimestamp($query->created_at);
$delay = $postTime + $this->_configs['delay'] - time();
if ($delay > 0) {
throw new JsonException(__('Spam protection: please, wait %sec% seconds', ['sec' => $delay]));
}
}
return true;
}
/**
* Make post to user wall from $viewer to $target instance of iUser interface objects
* @param iUser $target
* @param iUser $viewer
* @param int $delay
* @return bool
*/
public function makePost(iUser $target, iUser $viewer, $delay = 60)
{
if ($target === null || $viewer === null) {
return false;
}
$find = WallRecords::where('sender_id', '=', $viewer->id)->orderBy('updated_at', 'desc')->first();
if ($find !== null) {
$lastPostTime = Date::convertToTimestamp($find->updated_at);
if (time() - $lastPostTime < static::POST_GLOBAL_DELAY) {
// past time was less then default delay
return false;
}
}
// save new post to db
$record = new WallRecords();
$record->target_id = $target->id;
$record->sender_id = $viewer->id;
$record->message = $this->message;
$record->save();
// add user notification
if ($target->id !== $viewer->id) {
$notify = new EntityAddNotification($target->id);
$notify->add('profile/show/' . $target->id . '#wall-post-' . $record->id, EntityAddNotification::MSG_ADD_WALLPOST, ['snippet' => Text::snippet($this->message, 50)]);
}
// cleanup message
$this->message = null;
return true;
}
/**
* After validation generate new pwd, recovery token and send email
* @throws SyntaxException
* @throws \Ffcms\Core\Exception\NativeException
*/
public function make()
{
$user = App::$User->getIdentityViaEmail($this->email);
if ($user === null) {
throw new SyntaxException('Email not found');
}
if ($user->approve_token !== '0' && Str::length($user->approve_token) > 0) {
throw new SyntaxException('You must approve your account');
}
$rows = UserRecovery::where('user_id', '=', $user->getId())->orderBy('id', 'DESC')->first();
if ($rows !== null && $rows !== false) {
// prevent spam of recovery messages
if (Date::convertToTimestamp($rows->created_at) > time() - self::DELAY) {
return;
}
}
// generate pwd, token and pwdCrypt
$newPwd = Str::randomLatinNumeric(mt_rand(8, 16));
$pwdCrypt = App::$Security->password_hash($newPwd);
$token = Str::randomLatinNumeric(mt_rand(64, 128));
// write new data to recovery table
$rObject = new UserRecovery();
$rObject->user_id = $user->id;
$rObject->password = $pwdCrypt;
$rObject->token = $token;
$rObject->save();
// write logs data
$log = new UserLog();
$log->user_id = $user->id;
$log->type = 'RECOVERY';
$log->message = __('Password recovery is initialized from: %ip%', ['ip' => App::$Request->getClientIp()]);
$log->save();
// generate mail template
$mailTemplate = App::$View->render('user/mail/recovery', ['login' => $user->login, 'email' => $this->email, 'password' => $newPwd, 'token' => $token, 'id' => $rObject->id]);
$sender = App::$Properties->get('adminEmail');
// format SWIFTMailer format
$mailMessage = \Swift_Message::newInstance(App::$Translate->get('Profile', 'Account recovery on %site%', ['site' => App::$Request->getHost()]))->setFrom([$sender])->setTo([$this->email])->setBody($mailTemplate, 'text/html');
// send message
App::$Mailer->send($mailMessage);
}
/**
* Check if comment answer conditions is ok. Will throw exception if not.
* @return bool
* @throws JsonException
*/
public function check()
{
// check if user is auth'd or guest name is defined
if (!App::$User->isAuth() && ((int) $this->_configs['guestAdd'] !== 1 || Str::length($this->guestName) < 2)) {
throw new JsonException(__('Guest name is not defined'));
}
// guest moderation
if (!App::$User->isAuth() && (bool) $this->_configs['guestModerate']) {
$captcha = App::$Request->request->get('captcha');
if (!App::$Captcha->validate($captcha)) {
throw new JsonException(__('Captcha is incorrect! Click on image to refresh and try again'));
}
}
// check if replayTo is defined
if ($this->replayTo < 1) {
throw new JsonException(__('Comment post thread is not founded'));
}
// check if message length is correct
if (Str::length($this->message) < (int) $this->_configs['minLength'] || Str::length($this->message) > (int) $this->_configs['maxLength']) {
throw new JsonException(__('Message length is incorrect. Current: %cur%, min - %min%, max - %max%', ['cur' => Str::length($this->message), 'min' => $this->_configs['minLength'], 'max' => $this->_configs['maxLength']]));
}
$count = CommentPost::where('id', '=', $this->replayTo)->count();
if ($count !== 1) {
throw new JsonException(__('Comment post thread is not founded'));
}
// check to prevent spam
$query = CommentAnswer::where('user_id', '=', $this->_userId)->orWhere('ip', '=', $this->ip)->orderBy('created_at', 'DESC')->first();
// something is founded :D
if ($query !== null) {
$answerTime = Date::convertToTimestamp($query->created_at);
$delay = $answerTime + $this->_configs['delay'] - time();
if ($delay > 0) {
// sounds like config time is not passed now
throw new JsonException(__('Spam protection: please, wait %sec% seconds', ['sec' => $delay]));
}
}
return true;
}
if ($catConfigs['showCategory'] === true) {
?>
<span class="spaced"><i class="fa fa-list"></i>
<?php
echo Url::link(['content/list', $item['category']->path], \App::$Translate->getLocaleText($item['category']->title), ['itemprop' => 'genre']);
?>
</span>
<?php
}
?>
<?php
if ($catConfigs['showDate'] === true) {
?>
<span class="spaced"><i class="fa fa-calendar"></i>
<time datetime="<?php
echo date('c', Date::convertToTimestamp($item['date']));
?>
" itemprop="datePublished">
<?php
echo $item['date'];
?>
</time>
</span>
<?php
}
?>
<?php
if ($catConfigs['showAuthor'] === true) {
?>
<span class="spaced"><i class="fa fa-user"></i>
<?php
/**
* Change user rating action
* @throws ForbiddenException
* @throws NativeException
* @throws NotFoundException
* @return string
*/
public function actionChangerating()
{
if (!App::$User->isAuth()) {
throw new ForbiddenException('Auth required');
}
$this->setJsonHeader();
// get operation type and target user id
$target_id = (int) $this->request->get('target');
$type = $this->request->get('type');
// check type of query
if ($type !== '+' && $type !== '-') {
throw new NativeException('Wrong data');
}
// check if passed user id is exist
if (!Obj::isLikeInt($target_id) || $target_id < 1 || !App::$User->isExist($target_id)) {
throw new NotFoundException('Wrong user info');
}
$cfg = \Apps\ActiveRecord\App::getConfigs('app', 'Profile');
// check if rating is enabled for website
if ((int) $cfg['rating'] !== 1) {
throw new NativeException('Rating is disabled');
}
// get target and sender objects
$target = App::$User->identity($target_id);
$sender = App::$User->identity();
// disable self-based changes ;)
if ($target->getId() === $sender->getId()) {
throw new ForbiddenException('Self change prevented');
}
// check delay
$diff = Date::convertToTimestamp(time() - $cfg['ratingDelay'], Date::FORMAT_SQL_TIMESTAMP);
$query = ProfileRating::where('target_id', '=', $target->getId())->where('sender_id', '=', $sender->getId())->where('created_at', '>=', $diff)->orderBy('id', 'DESC');
if ($query !== null && $query->count() > 0) {
throw new ForbiddenException('Delay required');
}
// delay is ok, lets insert a row
$record = new ProfileRating();
$record->target_id = $target->getId();
$record->sender_id = $sender->getId();
$record->type = $type;
$record->save();
// update target profile
$profile = $target->getProfile();
if ($type === '+') {
$profile->rating += 1;
} else {
$profile->rating -= 1;
}
$profile->save();
return json_encode(['status' => 1, 'data' => 'ok']);
}
