public function action_user($id = null)
{
if (intval($id) < 1) {
throw new NotFoundHttpException();
}
$data = [];
$form = [];
try {
/** @var \Foolz\FoolFrame\Model\Users $users */
$users = $this->getContext()->getService('users');
$data['object'] = $users->getUserBy('id', $id);
$data['object']->password = '';
} catch (\Foolz\FoolFrame\Model\UsersWrongIdException $e) {
throw new NotFoundHttpException();
}
$form['open'] = array('type' => 'open');
$form['paragraph'] = array('type' => 'paragraph', 'help' => _i('You can customize your account here.'));
$form['paragraph-2'] = array('type' => 'paragraph', 'help' => '<img src="' . Gravatar::image($data['object']->email) . '" width="80" height="80" style="padding:2px; border: 1px solid #ccc;"/> ' . _i('The avatar is automatically fetched from %s, based on the user\'s registration email.', '<a href="http://gravatar.com" target="_blank">Gravatar</a>'));
if ($this->getAuth()->hasAccess('users.change_credentials')) {
$form['username'] = array('type' => 'input', 'database' => true, 'label' => _i('Username'), 'class' => 'span3', 'help' => _i('Change the username'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]);
$form['email'] = array('type' => 'input', 'database' => true, 'label' => _i('Email'), 'class' => 'span3', 'help' => _i('Change the email'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]);
$form['password'] = array('type' => 'password', 'database' => true, 'label' => _i('Password'), 'class' => 'span3', 'help' => _i('Change the password (leave empty to not change it)'));
}
$form['bio'] = array('type' => 'textarea', 'database' => true, 'label' => 'Bio', 'style' => 'height:150px;', 'class' => 'span5', 'help' => _i('Some details about you'), 'validation' => [new Trim(), new Assert\Length(['max' => 360])]);
$form['twitter'] = array('type' => 'input', 'database' => true, 'label' => 'Twitter', 'class' => 'span3', 'help' => _i('Your twitter nickname'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]);
$form['display_name'] = array('type' => 'input', 'database' => true, 'label' => 'Display name', 'class' => 'span3', 'help' => _i('Alternative name in place of login username'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]);
if ($this->getAuth()->hasAccess('users.change_group')) {
$groups = $this->config->get('foolz/foolframe', 'foolauth', 'groups');
$group_ids = [];
foreach ($groups as $level => $group) {
$group_ids[$level] = $group['name'];
}
$form['group_id'] = array('type' => 'radio', 'database' => true, 'label' => 'Display name', 'help' => _i('Change the group of the user'), 'radio_values' => $group_ids);
}
$form['submit'] = array('type' => 'submit', 'class' => 'btn btn-primary', 'value' => _i('Submit'));
$form['close'] = array('type' => 'close');
$data['form'] = $form;
if ($this->getPost() && !$this->checkCsrfToken()) {
$this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.'));
} elseif ($this->getPost()) {
$result = Validator::formValidate($form, $this->getPost());
if (isset($result['error'])) {
$this->notices->set('warning', $result['error']);
} else {
if (isset($result['warning'])) {
$this->notices->set('warning', $result['warning']);
}
$this->notices->set('success', _i('Preferences updated.'));
$user = $users->getUserBy('id', $id);
$user->save($result['success']);
$data['object'] = $user;
$data['object']->password = '';
}
}
// create a form
$this->param_manager->setParam('method_title', [_i('Manage'), _i('Edit'), $data['object']->username]);
$this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data);
return new Response($this->builder->build());
}
function action_add()
{
$data['form'] = $this->radix_coll->structure();
if ($this->getPost() && !$this->checkCsrfToken()) {
$this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.'));
} elseif ($this->getPost()) {
$result = Validator::formValidate($data['form'], $this->getPost());
if (isset($result['error'])) {
$this->notices->set('warning', $result['error']);
} else {
// it's actually fully checked, we just have to throw it in DB
$this->radix_coll->save($result['success']);
$this->notices->setFlash('success', _i('New board created!'));
return $this->redirect('admin/boards/board/' . $result['success']['shortname']);
}
}
// the actual POST is in the board() function
$data['form']['open']['action'] = $this->uri->create('admin/boards/add_new');
// panel for creating a new board
$this->param_manager->setParam('method_title', [_i('Manage'), _i('Add')]);
$this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data);
return new Response($this->builder->build());
}
public function submit($data, $media)
{
// some beginners' validation, while through validation will happen in the Comment model
$validator = new Validator();
$validator->add('thread_num', _i('Thread Number'), [new Assert\NotBlank()])->add('name', _i('Name'), [new Assert\Length(['max' => 64])])->add('email', _i('Email'), [new Assert\Length(['max' => 64])])->add('title', _i('Title'), [new Assert\Length(['max' => 64])])->add('delpass', _i('Deletion pass'), [new Assert\Length(['min' => 3, 'max' => 32])]);
// no empty posts without images
if ($media === null) {
$validator->add('comment', _i('Comment'), [new Assert\NotBlank(), new Assert\Length(['min' => 3])]);
}
// this is for redirecting, not for the database
$limit = false;
if (isset($data['last_limit'])) {
$limit = intval($data['last_limit']);
unset($data['last_limit']);
}
$validator->validate($data);
if (!$validator->getViolations()->count()) {
try {
$data['poster_ip'] = Inet::ptod($this->getRequest()->getClientIp());
$bulk = new CommentBulk();
$bulk->import($data, $this->radix);
$comment = new CommentInsert($this->getContext(), $bulk);
$comment->insert($media, $data);
} catch (\Foolz\Foolfuuka\Model\CommentSendingRequestCaptchaException $e) {
if ($this->getRequest()->isXmlHttpRequest()) {
return $this->response->setData(['captcha' => true]);
} else {
return $this->error(_i('Your message looked like spam. Make sure you have JavaScript enabled to display the reCAPTCHA to submit the comment.'));
}
} catch (\Foolz\Foolfuuka\Model\CommentSendingException $e) {
if ($this->getRequest()->isXmlHttpRequest()) {
return $this->response->setData(['error' => $e->getMessage()]);
} else {
return $this->error($e->getMessage());
}
}
} else {
if ($this->getRequest()->isXmlHttpRequest()) {
return $this->response->setData(['error' => $validator->getViolations()->getText()]);
} else {
return $this->error($validator->getViolations()->getHtml());
}
}
if ($this->request->isXmlHttpRequest()) {
$latest_doc_id = $this->getPost('latest_doc_id');
if ($latest_doc_id && ctype_digit((string) $latest_doc_id)) {
try {
$board = Board::forge($this->getContext())->getThread($comment->comment->thread_num)->setRadix($this->radix)->setOptions(['type' => 'from_doc_id', 'latest_doc_id' => $latest_doc_id]);
$comments = $board->getComments();
} catch (\Foolz\Foolfuuka\Model\BoardThreadNotFoundException $e) {
return $this->error(_i('Thread not found.'));
} catch (\Foolz\Foolfuuka\Model\BoardException $e) {
return $this->error(_i('Unknown error.'));
}
$comment_obj = new Comment($this->getContext());
$comment_obj->setControllerMethod($limit ? 'last/' . $limit : 'thread');
$media_obj = new Media($this->getContext());
$m = null;
foreach ($board->getCommentsUnsorted() as $bulk) {
$comment_obj->setBulk($bulk, $this->radix);
if ($bulk->media) {
$media_obj->setBulk($bulk, $this->radix);
$m = $media_obj;
} else {
$m = null;
}
if ($this->builder) {
$this->param_manager->setParam('controller_method', $limit ? 'last/' . $limit : 'thread');
$partial = $this->builder->createPartial('board_comment', 'board_comment');
$partial->getParamManager()->setParam('p', $comment_obj)->setParam('p_media', $m);
$bulk->comment->formatted = $partial->build();
$partial->clearBuilt();
}
}
$this->response->setData(['success' => _i('Message sent.')] + $comments);
} else {
if ($this->builder) {
$this->param_manager->setParam('controller_method', $limit ? 'last/' . $limit : 'thread');
$partial = $this->builder->createPartial('board_comment', 'board_comment');
$partial->getParamManager()->setParam('p', new Comment($this->getContext(), $comment->bulk))->setParam('p_media', new Media($this->getContext(), $comment->bulk));
$bulk->comment->formatted = $partial->build();
$partial->clearBuilt();
}
$this->response->setData(['success' => _i('Message sent.'), 'thread_num' => $comment->comment->thread_num, $comment->comment->thread_num => ['posts' => [$comment->bulk]]]);
}
} else {
$this->builder->createLayout('redirect')->getParamManager()->setParam('url', $this->uri->create([$this->radix->shortname, !$limit ? 'thread' : 'last/' . $limit, $comment->comment->thread_num]) . '#' . $comment->comment->num);
$this->builder->getProps()->addTitle(_i('Redirecting'));
$this->response->setContent($this->builder->build());
}
return $this->response;
}
public function action_profile()
{
if (!$this->getAuth()->hasAccess('maccess.user')) {
return $this->redirectToLogin();
}
$data = [];
$form = [];
$form['open'] = array('type' => 'open');
$form['paragraph'] = array('type' => 'paragraph', 'help' => _i('You can customize your account here.'));
$form['paragraph-2'] = array('type' => 'paragraph', 'help' => '<img src="' . Gravatar::image($this->getAuth()->getUser()->getEmail()) . '" width="80" height="80" style="padding:2px; border: 1px solid #ccc;"/> ' . _i('Your avatar is automatically fetched from %s, based on your registration email.', '<a href="http://gravatar.com" target="_blank">Gravatar</a>'));
$form['display_name'] = array('type' => 'input', 'database' => true, 'label' => _i('Display Name'), 'class' => 'span3', 'help' => _i('Alternative name in place of login username'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]);
$form['bio'] = array('type' => 'textarea', 'database' => true, 'label' => 'Bio', 'style' => 'height:150px;', 'class' => 'span5', 'help' => _i('Some details about you'), 'validation' => [new Trim(), new Assert\Length(['max' => 360])]);
$form['twitter'] = array('type' => 'input', 'database' => true, 'label' => 'Twitter', 'class' => 'span3', 'help' => _i('Your twitter nickname'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]);
$form['submit'] = array('type' => 'submit', 'class' => 'btn btn-primary', 'value' => _i('Submit'));
$form['close'] = array('type' => 'close');
$data['form'] = $form;
if ($this->getPost() && !$this->security->checkCsrfToken($this->getRequest())) {
$this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.'));
} elseif ($this->getPost()) {
$result = Validator::formValidate($form, $this->getPost());
if (isset($result['error'])) {
$this->notices->set('warning', $result['error']);
} else {
if (isset($result['warning'])) {
$this->notices->set('warning', $result['warning']);
}
$this->notices->set('success', _i('Your profile has been updated.'));
$user = $this->getAuth()->getUser();
$user->save($result['success']);
}
}
$data['object'] = (object) $this->getAuth()->getUser();
// generate profile form
$this->param_manager->setParam('method_title', _i('Profile'));
$this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data);
return new Response($this->builder->build());
}
/**
* A lazy way to submit the preference panel input, saves some code in controller
*
* This function runs the custom validation function that uses the $form array
* to first run the original FuelPHP validation and then the anonymous
* functions included in the $form array. It sets a proper notice for the
* admin interface on conclusion.
*
* @param Request $request
* @param array $form
* @param bool|array $input If it evaluates to false, content won't be submitted
*/
public function submit_auto(Request $request, $form, $input = false)
{
if ($input) {
$this->notices = $this->getContext()->getService('notices');
if (!$this->security->checkCsrfToken($request)) {
$this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.'));
return;
}
$post = [];
foreach ($input as $key => $item) {
// PHP doesn't allow periods in POST array
$post[str_replace(',', '.', $key)] = $item;
}
$result = Validator::formValidate($form, $post);
if (isset($result['error'])) {
$this->notices->set('warning', $result['error']);
} else {
if (isset($result['warning'])) {
$this->notices->set('warning', $result['warning']);
}
$this->notices->set('success', _i('Preferences updated.'));
$this->submit($result['success']);
}
}
}
public function action_edit_release($id = 0)
{
if (!$id || !ctype_digit((string) $id)) {
throw new NotFoundHttpException();
}
try {
$release_bulk = $this->release_factory->getById($id);
} catch (SeriesNotFoundException $e) {
throw new NotFoundHttpException();
}
$data['object'] = $release_bulk->release;
$data['form'] = $this->release_factory->getStructure();
if ($this->getPost() && !$this->checkCsrfToken()) {
$this->notices->set('warning', _i('The security token was not found. Please try again.'));
} elseif ($this->getPost()) {
$result = Validator::formValidate($data['form'], $this->getPost());
if (isset($result['error'])) {
$this->notices->set('warning', $result['error']);
} else {
// it's actually fully checked, we just have to throw it in DB
$id = $this->release_factory->save($result['success']);
return $this->redirect('admin/reader/edit_release/' . $id);
}
}
$this->param_manager->setParam('method_title', _i('Edit series'));
$this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data);
return new Response($this->builder->build());
}
public function action_create_admin()
{
// if an admin account exists, lock down this step and redirect to the next step instead
/** @var Users $users */
$users = $this->getContext()->getService('users');
$check_users = $users->getAll();
if ($check_users['count'] > 0) {
return new RedirectResponse($this->uri->create('install/modules'));
}
if ($this->getPost()) {
$validator = new Validator();
$validator->add('username', _i('Username'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 4, 'max' => 32])])->add('email', _i('Email'), [new Trim(), new Assert\NotBlank(), new Assert\Email()])->add('password', _i('Password'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 4, 'max' => 64])])->add('confirm_password', _i('Confirm Password'), [new EqualsField(['field' => _i('Password'), 'value' => $this->getPost('password')])]);
$validator->validate($this->getPost());
if (!$validator->getViolations()->count()) {
$input = $validator->getFinalValues();
$auth = new Auth($this->getContext());
list($id, $activation_key) = $auth->createUser($input['username'], $input['password'], $input['email']);
$auth->activateUser($id, $activation_key);
$auth->authenticateWithId($id);
$user = $auth->getUser();
$user->save(['group_id' => 100]);
// leave the module installation later in case we must do something with users
$this->install->install_modules();
return new RedirectResponse($this->uri->create('install/complete'));
} else {
$this->notices->set('warning', $validator->getViolations()->getText());
}
}
$this->process('create_admin');
$this->param_manager->setParam('method_title', _i('Admin Account'));
$this->builder->createPartial('body', 'install/create_admin');
return new Response($this->builder->build());
}
