/**
* Show inbox
*/
public function inboxAction()
{
$current_user = Zend_Auth::getInstance()->getIdentity();
$Messages = new Application_Model_Messages();
$Profiles = new Application_Model_Profiles();
$ProfilesMeta = new Application_Model_ProfilesMeta();
$Connections = new Application_Model_Connections();
$request = $this->getRequest();
$user_name = $request->getParam('user', false);
$messages = $user = $offset = false;
if ($user_name) {
$user = $Profiles->getProfile($user_name);
if (!$user || $user->type != 'user') {
$this->redirect('messages/inbox');
}
$users_meta = $ProfilesMeta->getMetaValues($user->id);
// check private message privacy
if ($current_user->role != 'admin' && $current_user->role != 'reviewer' && isset($users_meta['contact_privacy']) && $users_meta['contact_privacy'] == 'f' && !$Connections->areFriends($current_user->id, $user->id)) {
Application_Plugin_Alerts::error($this->view->translate('Private profile (friends only)'));
$user = false;
}
$messages = $Messages->getMessages($user->id);
$Messages->markAsRead($user->id);
// send last visible message
$last = end($messages);
$offset = $last['message_id'];
}
$this->buildMenu($user_name);
$this->view->user = $user;
$this->view->messages = $messages;
$this->view->offset = $offset;
$message_form = new Application_Form_Message();
$this->view->message_form = $message_form;
}
public function init()
{
$request = $this->getRequest();
// action name based category
$action = $request->getActionName();
$this->page = (int) $request->getParam('page');
if ($this->page < 1) {
$this->page = 1;
}
$url_search_term = trim($this->getRequest()->getParam('term', false));
if ($url_search_term !== false) {
// filter search input
$filter_st = new Zend_Filter_StripTags();
$url_search_term = $filter_st->filter($url_search_term);
$this->search_term = $url_search_term;
}
// minimum search string
$min = 3;
if ($url_search_term && strlen($this->search_term) < $min) {
$this->search_term = '';
Application_Plugin_Alerts::error($this->view->translate('Search query to short'), 'off');
}
// set global search form action & value
$this->view->search_category = $action;
$this->view->search_term = $this->search_term;
// now that we have search_term we can build a menu
$this->buildMenu();
}
function loginWithFacebook()
{
$fb_appid = Zend_Registry::get('config')->get('facebook_appid');
$fb_secret = Zend_Registry::get('config')->get('facebook_secret');
$fb = new Facebook\Facebook(['app_id' => $fb_appid, 'app_secret' => $fb_secret, 'default_graph_version' => 'v2.4']);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
$_SESSION['fb_access_token'] = $accessToken;
} catch (Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch (Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (!isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "\n";
echo "Error Code: " . $helper->getErrorCode() . "\n";
echo "Error Reason: " . $helper->getErrorReason() . "\n";
echo "Error Description: " . $helper->getErrorDescription() . "\n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
try {
// Get the Facebook\GraphNodes\GraphUser object for the current user.
// If you provided a 'default_access_token', the '{access-token}' is optional.
$response = $fb->get('/me?fields=id,name,email', $accessToken->getValue());
} catch (Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch (Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
$fb_user = $response->getGraphUser();
$fb_user_email = $fb_user['email'];
$fb_user_display_name = mb_strtolower(preg_replace("/[^A-Za-z0-9]/", '', $fb_user['name']), 'UTF-8');
$defaultres = 64;
$bigres = Zend_Registry::get('config')->get('avatar_size') ? Zend_Registry::get('config')->get('avatar_size') : $defaultres;
$fb_avatar = 'https://graph.facebook.com/v2.0/' . $fb_user['id'] . '/picture?width=' . $bigres . '&height=' . $bigres;
if (!$fb_user_email) {
Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('/');
return;
}
$emailAuthAdapter = Application_Plugin_Common::getEmailAuthAdapter($fb_user_email);
$auth = Zend_Auth::getInstance();
$authStorage = $auth->getStorage();
$result = $auth->authenticate($emailAuthAdapter);
if ($result->isValid()) {
$Profiles = new Application_Model_Profiles();
$user_db_data = $Profiles->getProfileByField('email', $fb_user_email);
// clear identity - force logout
Zend_Auth::getInstance()->clearIdentity();
// check if account is activated
if (!$Profiles->isActivated($user_db_data->name)) {
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Please activate your account first'), 'on');
// clear identity - force logout
Zend_Auth::getInstance()->clearIdentity();
} elseif ($user_db_data->is_hidden) {
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('This account has been deleted or suspended'), 'off');
// clear identity - force logout
Zend_Auth::getInstance()->clearIdentity();
} else {
// everything ok, login user
$user_data = $emailAuthAdapter->getResultRowObject();
Application_Plugin_Common::loginUser($user_data, $emailAuthAdapter, $authStorage);
// trigger hooks
$profile_id = $user_data->id;
Zend_Registry::get('hooks')->trigger('hook_login', $profile_id);
// flush url
Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('');
}
} else {
// User must create account first...
// save tmp facebook data to session
$session = new Zend_Session_Namespace('Default');
$session->fb_user_email = $fb_user_email;
$session->fb_user_display_name = $fb_user_display_name;
$session->fb_avatar = $fb_avatar;
// go to register with facebook
Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('addons/' . basename(__DIR__) . '/?fb-register');
}
}
/**
* Register submit
*/
public function submitRegisterForm($form)
{
if ($form->isValid($_POST)) {
$Profiles = new Application_Model_Profiles();
$name = $form->getValue('regname');
$email = $form->getValue('regemail');
$hash = new Application_Plugin_Phpass();
$password = $hash->HashPassword($form->getValue('regpassword'));
$user = $Profiles->createRow();
$user->name = $name;
$user->email = $email;
$user->password = $password;
if (Zend_Registry::get('config')->get('user_activation_disabled')) {
// create new user withot activation & login
$user->activationkey = 'activated';
$new_profile = $Profiles->createNewUser($user);
// auto-login user and store identity
$authAdapter = Application_Plugin_Common::getAuthAdapter();
$authAdapter->setIdentity($new_profile->email)->setCredential('whatever')->setCredentialTreatment('autologin');
$auth = Zend_Auth::getInstance();
$auth->authenticate($authAdapter);
$identity = $authAdapter->getResultRowObject();
$authStorage = $auth->getStorage();
$authStorage->write($identity);
// update last login date
$ProfilesMeta = new Application_Model_ProfilesMeta();
$ProfilesMeta->metaUpdate('last_login', Application_Plugin_Common::now(), $identity->id);
// show welcome message
Application_Plugin_Alerts::success($this->view->translate('Welcome to the network.'), 'on');
} else {
// create activation key and sent it to user email
$key = $Profiles->generateActivationKey($email);
$user->activationkey = $key;
$ret = Application_Plugin_Common::sendActivationEmail($email, $name, $key);
// email has been sent, proceed
if ($ret) {
// show success message
Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off');
// build url
$base_url = Application_Plugin_Common::getFullBaseUrl();
$resendactivation_link = $base_url . '/index/activate/resend/' . $user->name;
Application_Plugin_Alerts::info('<a href="' . $resendactivation_link . '">' . Zend_Registry::get('Zend_Translate')->translate('Click here to resend the activation email') . '</a>', 'off', false);
// create new user
$new_profile = $Profiles->createNewUser($user);
} else {
// show error message
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Something went wrong, email was not sent.'), 'off');
Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('');
return;
}
}
// flush url
Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('');
}
return $form;
}
/**
*/
public function setImage()
{
// Form Submitted...
if ($this->request->isPost() && $this->form->isValid($_POST)) {
// file uploaded?
if ($this->form->{$this->file_element}->isUploaded()) {
$this->form->{$this->file_element}->receive();
// must have
$receive_path = $this->form->{$this->file_element}->getFileName();
$filename = $this->form->{$this->file_element}->getValue();
$extension = strtolower(pathinfo($receive_path, PATHINFO_EXTENSION));
if ($this->profile_name) {
// delete old tmp image files
$Storage = new Application_Model_Storage();
$StorageAdapter = $Storage->getAdapter();
$StorageAdapter->deleteOldTmpFiles(0, 'profileimage_' . $this->profile_name);
$tmp_filename = 'profileimage_' . $this->profile_name . '.' . $extension;
// move new file to tmp folder
rename($receive_path, TMP_PATH . '/' . $tmp_filename);
// check if valid image
if (!Application_Plugin_ImageLib::isValidImage(TMP_PATH . '/' . $tmp_filename)) {
unlink(TMP_PATH . '/' . $tmp_filename);
Application_Plugin_Alerts::error($this->translator->translate('Server-side error'), 'off');
$this->redirector->gotoUrl();
return;
}
Application_Plugin_Alerts::success($this->translator->translate('You can adjust the picture here'), 'off');
// go back to current page after editing
$base_url = Application_Plugin_Common::getFullBaseUrl(false);
$callback_url = $base_url . $this->request->getRequestUri() . '/edit_done/1';
// save params to session and redirect to edit page
$session = new Zend_Session_Namespace('Default');
$pass_params = array('tmp_image' => $tmp_filename, 'image_type' => $this->image_type, 'callback' => $callback_url, 'profile_name' => $this->profile_name);
$session->pass_params = $pass_params;
$this->redirector->gotoUrl('images/edit');
} else {
// here we store site settings images
// i.e. network background image
$this->form->{$this->file_element}->receive();
// must have
$receive_path = $this->form->{$this->file_element}->getFileName();
$filename = $this->form->{$this->file_element}->getValue();
$extension = strtolower(pathinfo($receive_path, PATHINFO_EXTENSION));
$file_name = $this->image_type . '.' . $extension;
// move new file to public image folder
rename($receive_path, PUBLIC_PATH . '/images/' . $file_name);
// store to app settings & refresh
$app_option_key = $this->image_type;
$AppOptions = new Application_Model_AppOptions();
$AppOptions->updateOption($app_option_key, $file_name);
$current_config = Zend_Registry::get('config');
$current_config->{$app_option_key} = $file_name;
Zend_Registry::set('config', $current_config);
Application_Plugin_Alerts::success($this->translator->translate('Image uploaded'), 'off');
$base_url = Application_Plugin_Common::getFullBaseUrl(false);
$callback_url = $base_url . $this->request->getRequestUri();
// flush url
$this->redirector->gotoUrl($callback_url);
}
} else {
if ($this->is_requiered) {
// nothing to upload
Application_Plugin_Alerts::error($this->translator->translate('Please choose a picture'), 'off');
}
}
}
// somethig went wrong, image too big?
if ($this->request->isPost() && !$this->form->isValid($_POST)) {
Application_Plugin_Alerts::error($this->translator->translate('File not allowed or too big'), 'off');
}
}
/**
* Activation link lands here to activate user account
*/
public function activateAction()
{
$this->_helper->_layout->setLayout('layout_wide');
// flush if already logged in
Zend_Auth::getInstance()->clearIdentity();
$activateaccount_form = new Application_Form_ActivateAccount();
$this->view->activateaccount_form = $activateaccount_form;
$key = $this->getRequest()->getParam('key', false);
$resend_username = $this->getRequest()->getParam('resend', false);
$Profiles = new Application_Model_Profiles();
$ProfilesMeta = new Application_Model_ProfilesMeta();
$userData = $Profiles->getProfileByField('activationkey', $key);
if (!$userData || $key == 'activated') {
// try if this is a resend
$userData = $Profiles->getProfile($resend_username);
if (!$userData || $userData->activationkey == 'activated') {
$this->redirect('');
} else {
$resend_lock = $ProfilesMeta->getMetaValue('resend_activation_lock', $userData->id);
$hour_lock = date('H');
// prevent too many attempts
if ($resend_lock && $resend_lock == $hour_lock) {
Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off');
$this->redirect('');
}
$ret = Application_Plugin_Common::sendActivationEmail($userData->email, $userData->name, $userData->activationkey);
// email has been sent, show success message
if ($ret) {
Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off');
// once per day
$ProfilesMeta->metaUpdate('resend_activation_lock', $hour_lock, $userData->id);
} else {
// show error message
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Something went wrong, email was not sent.'), 'off');
}
$this->redirect('');
}
}
$request = $this->getRequest();
if ($request->isPost() && isset($_POST['identifier']) && $_POST['identifier'] == 'ActivateAccount') {
if ($activateaccount_form->isValid($_POST)) {
if ($Profiles->activateAccount($key)) {
// auto-login user and store identity
$authAdapter = Application_Plugin_Common::getAuthAdapter();
$authAdapter->setIdentity($userData->email)->setCredential('whatever')->setCredentialTreatment('autologin');
$auth = Zend_Auth::getInstance();
$auth->authenticate($authAdapter);
$identity = $authAdapter->getResultRowObject();
$authStorage = $auth->getStorage();
$authStorage->write($identity);
// update last login date
$ProfilesMeta = new Application_Model_ProfilesMeta();
$ProfilesMeta->metaUpdate('last_login', Application_Plugin_Common::now(), $identity->id);
// show welcome message
Application_Plugin_Alerts::success($this->view->translate('Welcome to the network.'), 'on');
$this->redirect('');
}
}
}
}
/**
* Get user/group data
*/
public function getProfile($name = null, $get_hidden = false, $check_ownership = false)
{
if ($name == null && Zend_Auth::getInstance()->hasIdentity()) {
$name = Zend_Auth::getInstance()->getIdentity()->name;
}
$name = $this->getDefaultAdapter()->quote($name);
$sql = "\r\n\t\tSELECT\r\n\t\t*\r\n\t\tFROM profiles p\r\n\t\tWHERE name = {$name}\r\n\t\t";
// show hidden users for admin
if (Zend_Auth::getInstance()->hasIdentity() && Zend_Auth::getInstance()->getIdentity()->role === 'admin') {
$get_hidden = true;
}
if (!$get_hidden) {
$sql .= " AND is_hidden = 0 ";
}
$result = $this->getDefaultAdapter()->fetchRow($sql, array(), Zend_Db::FETCH_OBJ);
// profile does not exitst
if (!$result) {
return false;
}
// check ownership
if ($check_ownership && !Zend_Auth::getInstance()->hasIdentity() || $check_ownership && Zend_Auth::getInstance()->getIdentity()->id != $result->owner && $check_ownership && Zend_Auth::getInstance()->getIdentity()->id != $result->id && $check_ownership && Zend_Auth::getInstance()->getIdentity()->role !== 'admin') {
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Error - not permitted'), 'off');
$redirector->gotoSimple('index', 'index');
return false;
}
if ($result->type === 'page') {
$Likes = new Application_Model_Likes();
$result->is_liked = $Likes->isLiked($result->id, 'page');
$result->likes_count = $Likes->getLikesCount($result->id, 'page');
}
return $result;
}
/**
* Disable editing of demo accounts
*/
public static function redirectOnDemoAccount()
{
$demo_account_name = 'user1';
if (Zend_Auth::getInstance()->hasIdentity() && Zend_Auth::getInstance()->getIdentity()->name == $demo_account_name) {
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Cannot edit demo user'));
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$redirector->gotoUrl('');
}
}
/**
* Custom background
*/
public function setbackgroundpictureAction()
{
$Profiles = new Application_Model_Profiles();
$ProfilesMeta = new Application_Model_ProfilesMeta();
$request = $this->getRequest();
$request_profile_id = $request->getParam('id', false);
$profile = $Profiles->getProfileByField('id', $request_profile_id);
if (Zend_Auth::getInstance()->getIdentity()->role == 'admin' && $request_profile_id) {
// admin edit
$profile_id = $request_profile_id;
$this->view->sidebar_editprofile = $profile;
// attach sidebar box
Zend_Registry::get('hooks')->attach('hook_view_sidebar', 5, function () {
echo Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer')->view->render('/_sidebar/editprofile.phtml');
});
} elseif ($request_profile_id && $Profiles->getProfile($profile->name, false, true)) {
// users pages & groups
$this->buildMenu(true);
$profile_id = $request_profile_id;
} else {
// user profile
$this->buildMenu();
$profile_id = Zend_Auth::getInstance()->getIdentity()->id;
}
$profile_name = Zend_Auth::getInstance()->getIdentity()->name;
$form = new Application_Form_CustomBackground();
$current_background_file = $ProfilesMeta->getMetaValue('background_file', $profile_id);
$Storage = new Application_Model_Storage();
$StorageAdapter = $Storage->getAdapter();
if ($request->isPost() && $form->isValid($_POST)) {
// file uploaded?
if ($form->background->isUploaded()) {
$form->background->receive();
// must have
$receive_path = $form->background->getFileName();
$filename = $form->background->getValue();
$extension = strtolower(pathinfo($receive_path, PATHINFO_EXTENSION));
$tmp_filename = 'profileimage_' . $profile_name . '.' . $extension;
// delete old tmp image files
$StorageAdapter->deleteOldTmpFiles(0, 'profileimage_' . $profile_name);
// move new file to tmp folder
rename($receive_path, TMP_PATH . '/' . $tmp_filename);
// check if valid image
if (!Application_Plugin_ImageLib::isValidImage(TMP_PATH . '/' . $tmp_filename)) {
unlink(TMP_PATH . '/' . $tmp_filename);
Application_Plugin_Alerts::error($this->view->translate('Server-side error'), 'off');
$this->redirect();
return;
}
// delete old file
$StorageAdapter->deleteFileFromStorage($current_background_file, 'cover');
// move uploaded file to permanent location
$current_background_file = $StorageAdapter->moveFileToStorage($tmp_filename, 'cover');
// update db
$ProfilesMeta->metaUpdate('background_file', $current_background_file, $profile_id);
}
$ProfilesMeta->metaUpdate('background_repeat', $form->getValue('background_repeat'), $profile_id);
$ProfilesMeta->metaUpdate('background_scroll', $form->getValue('background_scroll'), $profile_id);
$ProfilesMeta->metaUpdate('background_stretch', $form->getValue('background_stretch'), $profile_id);
$ProfilesMeta->metaUpdate('background_noimage', $form->getValue('background_noimage'), $profile_id);
Application_Plugin_Alerts::success($this->view->translate('Settings updated, please clear your browser cache'), 'off');
}
$this->view->image = $current_background_file ? $StorageAdapter->getStoragePath('cover') . $current_background_file : false;
$this->view->form = $form;
$this->view->load_colorpicker = true;
}
/**
* Show single post on profile's wall
*/
public function showpostAction()
{
$post_id = $this->getRequest()->getParam('post');
// important, flush if profile not found
if (!$this->profile) {
$this->redirect('');
}
$this->prepareProfile($this->profile);
// load addPost form
if ($this->profile->type === 'user') {
$show_privacy_btn = true;
} else {
$show_privacy_btn = false;
}
$this->_helper->addPostFormLoader($this->profile->name, $show_privacy_btn);
// load single post
$Posts = new Application_Model_Posts();
// Add coment form
$add_comment_form = new Application_Form_AddComment();
$this->view->add_comment_form = $add_comment_form;
$Posts->show_hidden_comments = true;
$data = $Posts->getPosts(null, $post_id);
if (!$data) {
Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('This post is private or does not exists'), 'off');
}
$this->view->posts_data = $data;
$this->view->profile_type = $this->profile->type;
// render classic profile view
$this->render('show');
}
