public function newPost($request, $response)
{
/*{{{*/
$verifyOk = Captcha::verify($request->verifyStr, XIpLocation::getIp(), 'article', $request->article_id, $request->token);
DBC::requireTrue($verifyOk, "您输入的验证码有误!");
//禁用词检查
$title = $request->title;
$result = DoctorClient::getInstance()->getProfanityCheck($title);
DBC::requireFalse($result['CODE'] < 0, "文章 评论添加失败");
DBC::requireFalse($result['CODE'] == 2, "文章 评论添加成功");
$title = $result['CONTENT'];
$content = htmlspecialchars($request->getRequest('content'), ENT_COMPAT | ENT_HTML401, 'ISO-8859-1');
$result = DoctorClient::getInstance()->getProfanityCheck($content);
DBC::requireFalse($result['CODE'] < 0, "文章 评论添加失败");
DBC::requireFalse($result['CODE'] == 2, "文章 评论添加成功");
$content = $result['CONTENT'];
$article = DAL::get()->find('article', $request->article_id);
$feilds = array();
$feilds['ip'] = XIpLocation::getIp();
$feilds['ipLocation'] = XIpLocation::getLocationArea();
$userId = $this->user->isNull() == false ? $this->user->id : '';
$comment = ArticleClient::getInstance()->addComment($article, $userId, $title, $content, $feilds);
squid::clean($article->getUrl(), true);
$this->message('您发表的评论已经提交,待网站审核通过后即可展示。', $response);
}
/**
* Kontrolliert das Formular auf Standarteinträge, richtige Mailmuster und Captcha-Wort.
* Ist alles ordnungsgemäss, wird true zurückgegeben, sonst false. Bei false finden sich die Mängel
* in $answer.
*
* @param array[reference] $answer Antowrt
* @return boolean Erfolg
*/
private function _check_form(&$answer)
{
$mail_vars = $this->_configvars['Mail'];
$error_vars = $this->_configvars['Error'];
/* Formularcheck vorbereiten */
$formcheck = new Formularcheck();
$val = array($this->_gpc['POST']['title'], $this->_gpc['POST']['content'], $this->_gpc['POST']['name'], $this->_gpc['POST']['email']);
$std = array($mail_vars['entry_title'], $mail_vars['entry_content'], $mail_vars['entry_name'], $mail_vars['entry_email']);
$err = array($error_vars['title_error'], $error_vars['content_error'], $error_vars['name_error'], $error_vars['email_error']);
$rtn_arr = $formcheck->field_check_arr($val, $std);
//Fehlerarray durchgehen
foreach ($rtn_arr as $key => $value) {
if ($value == false) {
$answer[] = $err[$key];
}
}
//Email-Adresse auf Gültigkeit prüfen
if ($this->_gpc['POST']['email'] != "" && $formcheck->mailcheck($this->_gpc['POST']['email']) > 0) {
$answer[] = $error_vars['email_checkfailed'];
}
//Captcha-Image prüfen
if (!$this->_captcha->verify($this->_gpc['POST']['captcha_word'])) {
$answer[] = $error_vars['captcha_error'] . "<br />";
}
if (empty($answer)) {
return true;
} else {
return false;
}
}
public function execute(CommandContext $context)
{
PHPWS_Core::initModClass('hms', 'HMS_Lottery.php');
$requestId = $context->get('requestId');
$errorCmd = CommandFactory::getCommand('LotteryShowDenyRoommateRequest');
$errorCmd->setRequestId($requestId);
# Confirm the captcha
PHPWS_Core::initCoreClass('Captcha.php');
$captcha = Captcha::verify(TRUE);
if ($captcha === FALSE) {
NQ::simple('hms', hms\NotificationView::ERROR, 'The words you entered were incorrect. Please try again.');
$errorCmd->redirect();
}
# Get the roommate request
$request = HMS_Lottery::get_lottery_roommate_invite_by_id($context->get('requestId'));
# Make sure that the logged in user is the same as the confirming the request
if (UserStatus::getUsername() != $request['asu_username']) {
NQ::simple('hms', hms\NotificationView::ERROR, 'Invalid roommate request. You can not confirm that roommate request.');
$errorCmd->redirect();
}
# Deny the roommate requst
try {
HMS_Lottery::denyRoommateRequest($requestId);
} catch (Exception $e) {
NQ::simple('hms', hms\NotificationView::ERROR, 'There was an error denying the roommate request. Please contact University Housing.');
$errorCmd->redirect();
}
# Log that it happened
PHPWS_Core::initModClass('hms', 'HMS_Activity_Log.php');
HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_LOTTERY_ROOMMATE_DENIED, UserStatus::getUsername(), 'Captcha words: ' . $captcha);
# Success
NQ::simple('hms', hms\NotificationView::SUCCESS, 'The roommate request was successfully declined.');
$successCmd = CommandFactory::getCommand('ShowStudentMenu');
$successCmd->redirect();
}
/**
* Kontrolliert das Formular auf Standarteinträge, richtige Mailmuster und Captcha-Wort.
* Ist alles ordnungsgemäss, wird true zurückgegeben, sonst false. Bei false finden sich die Mängel
* in $answer.
*
* @param array[reference] $answer Antwort
* @param array $blacklist Array der Schlüssel, die nicht geprüft werden sollen
* @return boolean Erfolg
*/
private function _check_form(&$answer, $blacklist = array())
{
$gbook_vars = $this->_configvars['Gbook'];
$error_vars = $this->_configvars['Error'];
/* Formularcheck vorbereiten */
//$formcheck = new Formularcheck();
/*Formulardaten */
if (!in_array('title', $blacklist)) {
/* Titel z.B. bei Kommentar nicht vorhanden */
$val['title'] = $this->_gpc['POST']['title'];
}
$val = array('content' => $this->_gpc['POST']['content'], 'name' => $this->_gpc['POST']['name'], 'email' => $this->_gpc['POST']['email'], 'hp' => $this->_gpc['POST']['hp']);
/* Standart-Strings*/
$std = array('title' => $gbook_vars['entry_title'], 'content' => $gbook_vars['entry_content'], 'name' => $gbook_vars['entry_name'], 'email' => $gbook_vars['entry_email'], 'hp' => $gbook_vars['entry_hp']);
/* Error-Strings */
$err = array('title' => $error_vars['title_error'], 'content' => $error_vars['content_error'], 'name' => $error_vars['name_error'], 'email' => $error_vars['email_error']);
/* Unerwünschte Schlüssel nicht kontrollieren und speichern */
if (!empty($blacklist) && is_array($blacklist)) {
foreach ($blacklist as $value) {
/* Nur löschen, wenn Variable existiert */
if (isset($val[$value])) {
unset($val[$value]);
}
if (isset($std[$value])) {
unset($std[$value]);
}
if (isset($err[$value])) {
unset($err[$value]);
}
}
}
$rtn_arr = $this->_msbox->formCheck($val, $std);
/* Fehlerarray durchgehen */
foreach ($rtn_arr as $key => $value) {
if ($value == MSGBOX_FORMCHECK_NONE) {
$answer[] = $err[$key];
}
if ($value == MSGBOX_FORMCHECK_INVALID && ($key = 'email')) {
$answer[] = $error_vars['email_checkfailed'];
} elseif ($key == 'hp') {
/* Wenn die hp falsch ist, gibt es kein Fehler */
$val[$key] = $rtn_arr[$key];
}
}
/* Captcha-Image prüfen */
if (!$this->_captcha->verify($this->_gpc['POST']['captcha_word'])) {
$answer[] = $error_vars['captcha_error'] . "<br />";
}
if (empty($answer)) {
if (!in_array('title', $blacklist)) {
$answer['title'] = $this->_gpc['POST']['title'];
}
/*Wenn keine Fehler aufgetaucht sind, werden die Einträge zurückgegeben*/
$answer += array('content' => $val['content'], 'name' => $val['name'], 'time' => 'gbook_time', 'email' => $val['email'], 'hp' => $val['hp']);
return true;
} else {
return false;
}
}
public function execute(CommandContext $context)
{
PHPWS_Core::initModClass('hms', 'HousingApplication.php');
PHPWS_Core::initModClass('hms', 'StudentFactory.php');
PHPWS_Core::initModClass('hms', 'RlcMembershipFactory.php');
PHPWS_Core::initModClass('hms', 'RlcAssignmentSelfAssignedState.php');
$requestId = $context->get('requestId');
$mealPlan = $context->get('mealPlan');
$errorCmd = CommandFactory::getCommand('LotteryShowConfirmRoommateRequest');
$errorCmd->setRequestId($requestId);
$errorCmd->setMealPlan($mealPlan);
// Confirm the captcha
PHPWS_Core::initCoreClass('Captcha.php');
$captcha = Captcha::verify(TRUE);
if ($captcha === FALSE) {
NQ::simple('hms', hms\NotificationView::ERROR, 'The words you entered were incorrect. Please try again.');
$errorCmd->redirect();
}
// Check for a meal plan
if (!isset($mealPlan) || $mealPlan == '') {
NQ::simple('hms', hms\NotificationView::ERROR, 'Please choose a meal plan.');
$errorCmd->redirect();
}
$term = PHPWS_Settings::get('hms', 'lottery_term');
$student = StudentFactory::getStudentByUsername(UserStatus::getUsername(), $term);
// Update the meal plan field on the application
$app = HousingApplication::getApplicationByUser(UserStatus::getUsername(), $term);
$app->setMealPlan($mealPlan);
try {
$app->save();
} catch (Exception $e) {
PHPWS_Error::log('hms', $e->getMessage());
NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, there was an error confirming your roommate invitation. Please contact University Housing.');
$errorCmd->redirect();
}
// Try to actually make the assignment
PHPWS_Core::initModClass('hms', 'HMS_Lottery.php');
try {
HMS_Lottery::confirm_roommate_request(UserStatus::getUsername(), $requestId, $mealPlan);
} catch (Exception $e) {
PHPWS_Error::log('hms', $e->getMessage());
NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, there was an error confirming your roommate invitation. Please contact University Housing.');
$errorCmd->redirect();
}
# Log the fact that the roommate was accepted and successfully assigned
HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_LOTTERY_CONFIRMED_ROOMMATE, UserStatus::getUsername(), "Captcha: \"{$captcha}\"");
// Check for an RLC membership and update status if necessary
// If this student was an RLC self-select, update the RLC memberhsip state
$rlcAssignment = RlcMembershipFactory::getMembership($student, $term);
if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') {
$rlcAssignment->changeState(new RlcAssignmentSelfAssignedState($rlcAssignment));
}
$invite = HMS_Lottery::get_lottery_roommate_invite_by_id($requestId);
$successCmd = CommandFactory::getCommand('LotteryShowConfirmedRoommateThanks');
$successCmd->setRequestId($requestId);
$successCmd->redirect();
}
public function execute(&$value, &$error)
{
$g = new Captcha(sfContext::getInstance()->getUser()->getAttribute('captcha'));
if ($g->verify($value)) {
return true;
}
$error = $this->getParameter('error', sfConfig::get('app_captcha_error', 'You should specify valid Turing number'));
return false;
}
public function execute(&$value, &$error)
{
$user = sfContext::getInstance()->getUser();
$g = new Captcha($user->getAttribute('captcha'));
if ($g->verify($value)) {
return true;
}
// captcha validation failure => we generate another one
$g = new Captcha();
$user->setAttribute('captcha', $g->generate());
$error = $this->getParameter('error');
return false;
}
function forgotProcess()
{
$valid = Validator::make(array('send.email' => 'email|slashes'));
if (!$valid) {
throw new Exception("Error Processing Request");
}
if (!Captcha::verify()) {
throw new Exception("Wrong captcha characters.");
}
$email = Request::get('send.email');
try {
Users::forgotPassword($email);
} catch (Exception $e) {
throw new Exception($e->getMessage());
}
}
public function execute(CommandContext $context)
{
$id = $context->get('roommateId');
if (is_null($id)) {
throw new InvalidArgumentException('Must set roommateId');
}
PHPWS_Core::initModClass('hms', 'HMS_Roommate.php');
$roommate = new HMS_Roommate($id);
if ($roommate->id == 0) {
throw new InvalidArgumentException('Invalid roommateId ' . $id);
}
$username = UserStatus::getUsername();
if ($username != $roommate->requestee) {
PHPWS_Core::initModClass('hms', 'exception/PermissionException.php');
throw new PermissionException("{$username} tried to confirm roommate pairing {$roommate->id}");
}
$err = CommandFactory::getCommand('ShowRoommateConfirmAccept');
$err->setRoommateId($id);
PHPWS_Core::initCoreClass('Captcha.php');
$verified = Captcha::verify(TRUE);
if ($verified === FALSE || is_null($verified)) {
NQ::Simple('hms', hms\NotificationView::ERROR, 'Sorry, please try again.');
$err->redirect();
}
try {
$roommate->confirm();
} catch (RoommateCompatibilityException $rce) {
NQ::simple('hms', hms\NotificationView::WARNING, $rce->getMessage());
$err->redirect();
}
$roommate->save();
HMS_Activity_Log::log_activity($roommate->requestor, ACTIVITY_ACCEPTED_AS_ROOMMATE, $roommate->requestee, "{$roommate->requestee} accepted request, CAPTCHA: {$verified}");
HMS_Activity_Log::log_activity($roommate->requestee, ACTIVITY_ACCEPTED_AS_ROOMMATE, $roommate->requestor, "{$roommate->requestee} accepted request, CAPTCHA: {$verified}");
// Email both parties
PHPWS_Core::initModClass('hms', 'HMS_Email.php');
HMS_Email::send_confirm_emails($roommate);
// Remove any other requests for the requestor
HMS_Roommate::removeOutstandingRequests($roommate->requestor, $roommate->term);
// Remove any other requests for the requestee
HMS_Roommate::removeOutstandingRequests($roommate->requestee, $roommate->term);
$requestor = StudentFactory::getStudentByUsername($roommate->requestor, $roommate->term);
$name = $requestor->getFullName();
NQ::Simple('hms', hms\NotificationView::SUCCESS, "You and {$name} are confirmed as roommates.");
$cmd = CommandFactory::getCommand('ShowStudentMenu');
$cmd->redirect();
}
public function newPost($request, $response){
$verifyStr = $request->verifystr;
$verifyOk = Captcha::verify($verifyStr, XIpLocation::getIp(), 'article', $request->article_id, $request->token);
if($verifyOk == false)
{
$this->message('您输入的验证码有误!', $response);
return false;
}
//禁用词检查
$title = $request->title;
$result = DoctorClient::getInstance()->getProfanityCheck($request->title);
if ($result['CODE'] < 0) {
$this->message('文章 评论添加失败', $response);
return false;
}
if ($result['CODE'] == 2) {
//提示发表成功,但是数据没有入库
$this->message('文章 评论添加成功', $response);
return true;
}
$title = $result['CONTENT'];
$content = htmlspecialchars($request->getRequest('content'), ENT_COMPAT | ENT_HTML401, 'ISO-8859-1');
$result = DoctorClient::getInstance()->getProfanityCheck($content);
if ($result['CODE'] < 0) {
$this->message('文章 评论添加失败', $response);
return false;
}
if ($result['CODE'] == 2) {
//提示发表成功,但是数据没有入库
$this->message('文章 评论添加成功', $response);
return true;
}
$content = $result['CONTENT'];
$article = DAL::get()->find('article', $request->article_id);
$feilds = array();
$feilds['ip'] = XIpLocation::getIp();
$feilds['ipLocation'] = XIpLocation::getLocationArea();
$userId = ($this->_newUser->isNull() == false) ? $this->_newUser->id : '';
$comment = ArticleClient::getInstance()->addComment($article, $userId, $title, $content, $feilds);
squid::clean($article->getUrl(), true);
$this->message('您发表的评论已经提交,待网站审核通过后即可展示。', $response);
}
public function execute(CommandContext $context)
{
// Get input
$requestId = $context->get('requestId');
$participantId = $context->get('participantId');
// Command for showing the request, redirected to on success/error
$cmd = CommandFactory::getCommand('ShowManageRoomChange');
$cmd->setRequestId($requestId);
// Load the request
$request = RoomChangeRequestFactory::getRequestById($requestId);
// Load the participant
$participant = RoomChangeParticipantFactory::getParticipantById($participantId);
// Load the Student
$student = StudentFactory::getStudentByBannerId($participant->getBannerId(), $request->getTerm());
// Check permissions. Must be the participant or an admin
if (UserStatus::getUsername() != $student->getUsername() && !Current_User::allow('hms', 'admin_approve_room_change')) {
throw new PermissionException('You do not have permission to appove this room change.');
}
// Check for CAPTCHA if this is the student; admins don't need a CAPTCHA
$captchaResult = Captcha::verify(true);
if (UserStatus::getUsername() == $student->getUsername() && $captchaResult === false) {
// Failed the captcha
NQ::simple('hms', hms\NotificationView::ERROR, "You didn't type the magic words correctly. Please try again.");
$cmd = CommandFactory::getCommand('ShowRoomChangeRequestApproval');
$cmd->redirect();
}
// If there was a captcha, then log the activity
if ($captchaResult !== false) {
HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_ROOM_CHANGE_AGREED, UserStatus::getUsername(FALSE), 'Request id: ' . $requestId . ' Captcha: ' . $captchaResult);
}
// Transition to StudentApproved state
$participant->transitionTo(new ParticipantStateStudentApproved($participant, time(), null, UserStatus::getUsername()));
// If all students have approved, notify RDs
if ($request->isApprovedByAllParticipants()) {
HMS_Email::sendRoomChangeCurrRDNotice($request);
}
// If the student is logged in, redirect to the main menu, other wise go back to the room change management view
if (UserStatus::getUsername() == $student->getUsername()) {
NQ::simple('hms', hms\NotificationView::SUCCESS, 'You have agreed to the room change request. You will be notified by email when the reqeust is approved or denied.');
$menuCmd = CommandFactory::getCommand('ShowStudentMenu');
$menuCmd->redirect();
} else {
$cmd->redirect();
}
}
function loginProcess()
{
$valid = Validator::make(array('send.username' => 'min:3|slashes', 'send.password' => 'min:3|slashes'));
if (!$valid) {
throw new Exception("Error Processing Request");
}
if (!Captcha::verify()) {
throw new Exception("Wrong captcha characters.");
}
$username = Request::get('send.username');
$password = Request::get('send.password');
try {
Users::makeLogin($username, $password);
} catch (Exception $e) {
throw new Exception($e->getMessage());
}
Redirect::to(ADMINCP_URL);
}
public function registerAction()
{
Request::ajax();
$message = ErMessenger::getInstance();
$request = new Request();
$request->initRequest();
$post = $request->getPost();
if (isset($post)) {
if (!empty($post['email']) && !empty($post['password']) && !empty($post['pass_confirm']) && !empty($post['captcha'])) {
$userMapper = new UserMapper();
$user = $userMapper->getUserByEmail($post["email"]);
if (!$user) {
if (Captcha::verify()) {
$givenEmail = $this->clearStr($post['email']);
$givenPassword = $this->clearStr($post["password"]);
if (filter_var($givenEmail, FILTER_VALIDATE_EMAIL)) {
$user = new User();
$userMapper = new UserMapper();
$user->email = $givenEmail;
$user->crdate = date("Y-m-d");
$user->access = 'ps';
$user->userstatus = 1;
$user->userpassword = hash("md5", $givenPassword);
if ($userMapper->insertNewUser($user)) {
$message->setSucceedMessage('201', 'index/index');
ErSession::saveToSession('user', $user->email);
if ($user->username != null) {
ErSession::saveToSession('username', $user->username);
}
} else {
$message->setErrMessage('101', 'user/signup');
}
} else {
$message->setErrMessage('103', 'user/signup');
}
} else {
$message->setErrMessage('104', 'user/signup');
}
} else {
$message->setErrMessage('102', 'user/signup');
}
}
}
}
public function execute(CommandContext $context)
{
// Get input
$requestId = $context->get('requestId');
$participantId = $context->get('participantId');
// Load the request
$request = RoomChangeRequestFactory::getRequestById($requestId);
// Load the participant
$participant = RoomChangeParticipantFactory::getParticipantById($participantId);
// Load the Student
$student = StudentFactory::getStudentByBannerId($participant->getBannerId(), $request->getTerm());
// Check permissions. Must be the participant or an admin
if (UserStatus::getUsername() != $student->getUsername() && !Current_User::allow('hms', 'admin_approve_room_change')) {
throw new PermissionException('You do not have permission to decline this room change.');
}
// Check for CAPTCHA if this is the student; admins don't need a CAPTCHA
$captchaResult = Captcha::verify(true);
if ($captchaResult === false) {
// Failed the captcha
NQ::simple('hms', hms\NotificationView::ERROR, "You didn't type the magic words correctly. Please try again.");
$cmd = CommandFactory::getCommand('ShowRoomChangeRequestApproval');
$cmd->redirect();
}
HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_ROOM_CHANGE_DECLINE, UserStatus::getUsername(FALSE), 'Request id: ' . $requestId . ' Captcha: ' . $captchaResult);
// Transition request to cancelled status
$request->transitionTo(new RoomChangeStateCancelled($request, time(), null, UserStatus::getUsername()));
// Transition all participants to cancelled
// TODO... Do this in the cancelled transition?
$participants = $request->getParticipants();
foreach ($participants as $p) {
$p->transitionTo(new ParticipantStateCancelled($p, time(), null, UserStatus::getUsername()));
}
// TODO Notify everyone that the request was cancelled
NQ::simple('hms', hms\NotificationView::SUCCESS, 'You have declined the room change request.');
$menuCmd = CommandFactory::getCommand('ShowStudentMenu');
$menuCmd->redirect();
}
public function execute(CommandContext $context)
{
$id = $context->get('roommateId');
if (is_null($id)) {
throw new InvalidArgumentException('Must set roommateId');
}
PHPWS_Core::initModClass('hms', 'HMS_Roommate.php');
$roommate = new HMS_Roommate($id);
if ($roommate->id == 0) {
throw new InvalidArgumentException('Invalid roommateId ' . $id);
}
$username = UserStatus::getUsername();
if ($username != $roommate->requestor && $username != $roommate->requestee) {
PHPWS_Core::initModClass('hms', 'exception/PermissionException.php');
throw new PermissionException("{$username} tried to break roommate pairing {$roommate->id}");
}
$err = CommandFactory::getCommand('ShowRoommateBreak');
$err->setRoommateId($id);
PHPWS_Core::initCoreClass('Captcha.php');
$verified = Captcha::verify(TRUE);
if ($verified === FALSE || is_null($verified)) {
NQ::Simple('hms', hms\NotificationView::ERROR, 'Sorry, please try again.');
$err->redirect();
}
$roommate->delete();
$other = StudentFactory::getStudentByUsername($roommate->get_other_guy($username), $roommate->term);
HMS_Activity_Log::log_activity($other->getUsername(), ACTIVITY_STUDENT_BROKE_ROOMMATE, $username, "{$username} broke pairing, CAPTCHA: {$verified}");
HMS_Activity_Log::log_activity($username, ACTIVITY_STUDENT_BROKE_ROOMMATE, $other->getUsername(), "{$username} broke pairing, CAPTCHA: {$verified}");
// Email both parties
PHPWS_Core::initModClass('hms', 'HMS_Email.php');
HMS_Email::send_break_emails($roommate, $username);
$name = $other->getFullName();
NQ::Simple('hms', hms\NotificationView::SUCCESS, "You have removed your roommate request for {$name}.");
$cmd = CommandFactory::getCommand('ShowStudentMenu');
$cmd->redirect();
}
public function domobileBindUser($request, $response)
{/*{{{*/
if (Captcha::verify($request->key, XIpLocation::getIp(), 'password', $request->mobile, $request->token))
{
$newToken = Captcha::generate('password', $request->mobile, ContentFactory::TYPE_NUM, 4, XIpLocation::getIp(), 10);
$cacher = Cacher::get()->getCache(Cacher::CACHETYPE_CAPTCHA);
$captchaInfos = $cacher->get($newToken);
$newKey = strtolower($captchaInfos['question']);
$bindRes = WeixClient::getInstance()->bindUser($this->weixSpaceUser->id,$request->spaceId, WeixUser::WEIXINTYPE_SPACE);
if($bindRes == true )
{
$user = UserClient::getInstance()->login4Weix($request->spaceId);
$res = "success";
$forward = (empty($forward)) ? $response->router->urlfor('weixindoctor/bindsuccess') : $forward;
}
else
{
$res = "hasbind"; //该用户已绑定
}
$results = array('res' => $res, 'msg' => '');
}
else
{
$results = array('res' => 'failure', 'msg' => mb_convert_encoding('验证码输入有误', 'UTF-8', 'GBK'), 'next' => '');
}
echo json_encode($results);
return self::DIRECT_OUTPUT;
}/*}}}*/
function _formAction()
{
if (PHATFORM_CAPTCHA) {
PHPWS_Core::initCoreClass('Captcha.php');
}
if (isset($_REQUEST['PHAT_Next'])) {
if ($this->isSaved()) {
$error = $this->_saveFormData();
if (PHPWS_Error::isError($error)) {
javascript('alert', array('content' => PHPWS_Error::printError($error)));
}
} else {
$this->_position += $this->_pageLimit;
}
if (Current_User::allow('phatform')) {
$content = $_SESSION['PHAT_FormManager']->menu() . $this->view();
} else {
$content = $this->view();
}
return $content;
} elseif (isset($_REQUEST['PHAT_Back'])) {
$this->_position = $this->_position - $this->_pageLimit;
if (Current_User::allow('phatform')) {
$content = $_SESSION['PHAT_FormManager']->menu() . $this->view();
} else {
$content = $this->view();
}
return $content;
} elseif ($_REQUEST['PHAT_Submit']) {
if (PHATFORM_CAPTCHA && $this->_anonymous && !Current_User::isLogged() && !Captcha::verify()) {
javascript('alert', array('content' => dgettext('phatform', 'CAPTCHA word was not correct.')));
return $this->view(false);
}
if ($this->isSaved()) {
$error = $this->_saveFormData();
if (PHPWS_Error::isError($error)) {
javascript('alert', array('content' => PHPWS_Error::printError($error)));
if (Current_User::allow('phatform')) {
$content = $_SESSION['PHAT_FormManager']->menu() . $this->view(false, $error);
} else {
$content = $this->view(false, $error);
}
return $content;
} else {
if (Current_User::allow('phatform')) {
$content = $_SESSION['PHAT_FormManager']->menu() . $this->_thanks();
} else {
$content = $this->_thanks();
}
$this->_emailData();
return $content;
}
} else {
$_SESSION['PHAT_FormManager']->_list();
return NULL;
}
}
}
public function sendDocotrAppDownSMS($request, $response)
{/*{{{*/
$mobile = $request->mobile;
if(false == XString::isMobileNew($mobile))
{
$result = '{"code":"error_mobile"}';
}
else if(Captcha::verify($request->door, XIpLocation::getIp(), $request->kind, 0, $request->token) == false)
{
$result = '{"code":"error_door"}';
}
else
{
$content = "全新的医生专用版客户端下载地址:http://m.haodf.com/sd ,建议在Wi-Fi环境下下载。如您在使用过程中遇到问题,请与医生助理联系010-56707226";
SMSClient::getInstance()->sendSMSNoSignature(array($mobile) , $content);
$result = '{"code":"success"}';
}
$callback = $request->callback;
if ($callback) {
$result = $callback.'('.$result.');';
header('Content-Type: text/javascript;');
} else {
header('Content-Type: application/json;');
}
header("Content-Type: text/html; charset=GBK");
echo $result;
return parent::DIRECT_OUTPUT;
}/*}}}*/
public function doFindPwd($request, $response)
{/*{{{*/
if ($request->password1 != $request->password2)
{
$results = array('res' => 'failure', 'msg' => mb_convert_encoding('输入的密码不一致,请重新输入', 'UTF-8', 'GBK'), 'next' => '');
echo json_encode($results);
return self::DIRECT_OUTPUT;
}
if (Captcha::verify($request->key, XIpLocation::getIp(), 'password', $request->mobile, $request->token))
{
$user = Dal::get()->find('user', $request->userId);
UserClient::getInstance()->updatePassword($user->id, $request->password1);
$results = array('res' => 'success', 'msg' => '', 'next' => $response->router->urlfor('user/login', array('userId' => $request->userId, 'forward' => $request->forward)));
}
else
{
$results = array('res' => 'failure', 'msg' => mb_convert_encoding('验证码过期,请重新获取', 'UTF-8', 'GBK'), 'next' => '');
}
echo json_encode($results);
return self::DIRECT_OUTPUT;
}/*}}}*/
public function execute(CommandContext $context)
{
PHPWS_Core::initModClass('hms', 'StudentFactory.php');
$roomId = $context->get('roomId');
$roommates = $context->get('roommates');
$mealPlan = $context->get('mealPlan');
$term = PHPWS_Settings::get('hms', 'lottery_term');
$student = StudentFactory::getStudentByUsername(UserStatus::getUsername(), $term);
$errorCmd = CommandFactory::getCommand('LotteryShowConfirm');
$errorCmd->setRoomId($roomId);
$errorCmd->setRoommates($roommates);
$errorCmd->setMealPlan($mealPlan);
$successCmd = CommandFactory::getCommand('LotteryShowConfirmed');
$successCmd->setRoomId($roomId);
PHPWS_Core::initCoreClass('Captcha.php');
$captcha = Captcha::verify(TRUE);
// returns the words entered if correct, FALSE otherwise
//$captcha = TRUE;
if ($captcha === FALSE) {
NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, the words you eneted were incorrect. Please try again.');
$errorCmd->redirect();
}
PHPWS_Core::initModClass('hms', 'HousingApplication.php');
PHPWS_Core::initModClass('hms', 'HMS_Room.php');
PHPWS_Core::initModClass('hms', 'HMS_Bed.php');
PHPWS_Core::initModClass('hms', 'HMS_Assignment.php');
PHPWS_Core::initModClass('hms', 'HMS_Lottery.php');
PHPWS_Core::initModClass('hms', 'StudentFactory.php');
PHPWS_Core::initModClass('hms', 'HMS_Email.php');
PHPWS_Core::initModClass('hms', 'HMS_Activity_Log.php');
PHPWS_Core::initModClass('hms', 'HMS_Util.php');
PHPWS_Core::initModClass('hms', 'RlcMembershipFactory.php');
PHPWS_Core::initModClass('hms', 'RlcAssignmentSelfAssignedState.php');
$room = new HMS_Room($roomId);
// Check for an RLC assignment in the self-select status
$rlcAssignment = RlcMembershipFactory::getMembership($student, $term);
// Check roommates for validity
foreach ($roommates as $bed_id => $username) {
// Double check the student is valid
try {
$roommate = StudentFactory::getStudentByUsername($username, $term);
} catch (StudentNotFoundException $e) {
NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is not a valid student. Please choose a different roommate.");
$errorCmd->redirect();
}
// Make sure the bed is still empty
$bed = new HMS_Bed($bed_id);
if ($bed->has_vacancy() != TRUE) {
NQ::simple('hms', hms\NotificationView::ERROR, 'One or more of the beds in the room you selected is no longer available. Please try again.');
$errorCmd->redirect();
}
// Make sure none of the needed beds are reserved
if ($bed->is_lottery_reserved()) {
NQ::simple('hms', hms\NotificationView::ERROR, 'One or more of the beds in the room you selected is no longer available. Please try again.');
$errorCmd->redirect();
}
// Double check the genders are all the same as the person logged in
if ($student->getGender() != $roommate->getGender()) {
NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is a different gender. Please choose a roommate of the same gender.");
$errorCmd->redirect();
}
// Double check the genders are the same as the room (as long as the room isn't AUTO)
if ($room->gender_type != AUTO && $roommate->getGender() != $room->gender_type) {
NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is a different gender. Please choose a roommate of the same gender.");
$errorCmd->redirect();
}
// If this student is an RLC-self-selection, then each roommate must be in the same RLC and in the selfselect-invite state too
if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') {
// This student is an RLC-self-select, so check the roommate's RLC status
$roommateRlcAssign = RlcMembershipFactory::getMembership($roommate, $term);
// Make sure the roommate is a member of the same RLC and is eligible for self-selection
if ($roommateRlcAssign == null || $roommateRlcAssign->getStateName() != 'selfselect-invite' || $rlcAssignment->getRlc()->getId() != $roommateRlcAssign->getRlc()->getId()) {
NQ::simple('hms', hms\NotificationView::ERROR, "{$roommate} must be a member of the same learning community as you, and must also be eligible for self-selction.");
$errorCmd->redirect();
}
// Otherwise (if not RLC members), make sure each roommate is eligible
} else {
if (HMS_Lottery::determineEligibility($username) !== TRUE) {
NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is not eligible for assignment.");
$errorCmd->redirect();
}
}
// If this student is a self-select RLC member, then this student must also be a self-select RLC member of the same RLC
if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') {
$roommateRlcAssign = RlcMembershipFactory::getMembership($roommate, $term);
if ($roommateRlcAssign == null || $roommateRlcAssign->getStateName() != 'selfselect-invite' || $rlcAssignment->getRlc()->getId() != $roommateRlcAssign->getRlc()->getId()) {
NQ::simple('hms', hms\NotificationView::ERROR, "{$username} must be a member of the same learning community as you, and must also be eligible for self-selction.");
$errorCmd->redirect();
}
}
}
// If the room's gender is 'AUTO' and no one is assigned to it yet, switch it to the student's gender
if ($room->gender_type == AUTO && $room->get_number_of_assignees() == 0) {
$room->gender_type = $student->getGender();
$room->save();
}
// Assign the student to the requested bed
$bed_id = array_search(UserStatus::getUsername(), $roommates);
// Find the bed id of the student who's logged in
try {
$result = HMS_Assignment::assignStudent($student, PHPWS_Settings::get('hms', 'lottery_term'), NULL, $bed_id, $mealPlan, 'Confirmed lottery invite', TRUE, ASSIGN_LOTTERY);
} catch (Exception $e) {
NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, there was an error creating your room assignment. Please try again or contact University Housing.');
$errorCmd->redirect();
}
// Log the assignment
HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_LOTTERY_ROOM_CHOSEN, UserStatus::getUsername(), 'Captcha: ' . $captcha);
// Update the student's meal plan in the housing application, just for future reference
$app = HousingApplication::getApplicationByUser($student->getUsername(), $term);
$app->setMealPlan($mealPlan);
$app->save();
// If this student was an RLC self-select, update the RLC memberhsip state
if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') {
$rlcAssignment->changeState(new RlcAssignmentSelfAssignedState($rlcAssignment));
}
foreach ($roommates as $bed_id => $username) {
// Skip the current user
if ($username == $student->getUsername()) {
continue;
}
# Reserve the bed for the roommate
$expires_on = time() + INVITE_TTL_HRS * 3600;
$bed = new HMS_Bed($bed_id);
if (!$bed->lottery_reserve($username, $student->getUsername(), $expires_on)) {
NQ::smiple('hms', hms\NotificationView::WARNING, "You were assigned, but there was a problem reserving space for your roommates. Please contact University Housing.");
$successCmd->redirect();
}
HMS_Activity_Log::log_activity($username, ACTIVITY_LOTTERY_REQUESTED_AS_ROOMMATE, $student->getUsername(), 'Expires: ' . HMS_Util::get_long_date_time($expires_on));
# Invite the selected roommates
$roomie = StudentFactory::getStudentByUsername($username, $term);
$term = PHPWS_Settings::get('hms', 'lottery_term');
$year = Term::toString($term) . ' - ' . Term::toString(Term::getNextTerm($term));
HMS_Email::send_lottery_roommate_invite($roomie, $student, $expires_on, $room->where_am_i(), $year);
}
HMS_Email::send_lottery_assignment_confirmation($student, $room->where_am_i(), $term);
$successCmd->redirect();
}
public function ajaxCheckSum($request, $response)
{/*{{{*/
$verifyOk = Captcha::verify($request->door, XIpLocation::getIp(), 'suggestion', $request->userid, $request->token);
echo $verifyOk ? 0 : 1;
exit;
}/*}}}*/
/**
* Controller of user requests. Based on the command request variable
* defaults to my_page
*/
public static function userAction()
{
$auth = Current_User::getAuthorization();
$content = $title = null;
if (isset($_REQUEST['command'])) {
$command = $_REQUEST['command'];
} else {
$command = 'my_page';
}
switch ($command) {
case 'login':
if (!Current_User::isLogged() && isset($_POST['phpws_username']) && isset($_POST['phpws_password'])) {
$result = Current_User::loginUser($_POST['phpws_username'], $_POST['phpws_password']);
// here
if (!$result) {
$title = dgettext('users', 'Login page');
$message = dgettext('users', 'Username and password combination not found.');
$content = User_Form::loginPage();
} elseif (PHPWS_Error::isError($result)) {
if (preg_match('/L\\d/', $result->code)) {
$title = dgettext('users', 'Sorry');
$content = $result->getMessage();
$content .= ' ' . sprintf('<a href="mailto:%s">%s</a>', PHPWS_User::getUserSetting('site_contact'), dgettext('users', 'Contact the site administrator'));
} else {
PHPWS_Error::log($result);
$message = dgettext('users', 'A problem occurred when accessing user information. Please try again later.');
}
} else {
Current_User::getLogin();
PHPWS_Core::returnToBookmark();
}
} else {
PHPWS_Core::errorPage('403');
}
break;
// This is used by auth scripts if they need to return the user to
// where they left off after redirection to another site for SSO
// This is used by auth scripts if they need to return the user to
// where they left off after redirection to another site for SSO
case 'return_bookmark':
PHPWS_Core::popUrlHistory();
break;
// reset user password
// reset user password
case 'rp':
$user_id = User_Action::checkResetPassword();
if ($user_id) {
$title = dgettext('users', 'Reset my password');
$content = User_Form::resetPassword($user_id, $_GET['auth']);
} else {
$title = dgettext('users', 'Sorry');
$content = dgettext('users', 'Your password request was not found or timed out. Please apply again.');
}
break;
case 'my_page':
if ($auth->local_user) {
PHPWS_Core::initModClass('users', 'My_Page.php');
$my_page = new My_Page();
$my_page->main();
} else {
Layout::add(PHPWS_ControlPanel::display(dgettext('users', 'My Page unavailable to remote users.'), 'my_page'));
}
break;
case 'signup_user':
$title = dgettext('users', 'New Account Sign-up');
if (Current_User::isLogged()) {
$content = dgettext('users', 'You already have an account.');
break;
}
$user = new PHPWS_User();
if (PHPWS_User::getUserSetting('new_user_method') == 0) {
$content = dgettext('users', 'Sorry, we are not accepting new users at this time.');
break;
}
$content = User_Form::signup_form($user);
break;
case 'submit_new_user':
$title = dgettext('users', 'New Account Sign-up');
$user_method = PHPWS_User::getUserSetting('new_user_method');
if ($user_method == 0) {
Current_User::disallow(dgettext('users', 'New user signup not allowed.'));
return;
}
$user = new PHPWS_User();
$result = User_Action::postNewUser($user);
if (is_array($result)) {
$content = User_Form::signup_form($user, $result);
} else {
$content = User_Action::successfulSignup($user);
}
break;
case 'logout':
$auth = Current_User::getAuthorization();
$auth->logout();
PHPWS_Core::killAllSessions();
PHPWS_Core::reroute('index.php?module=users&action=reset');
break;
case 'login_page':
if (Current_User::isLogged()) {
PHPWS_Core::home();
}
$title = dgettext('users', 'Login Page');
$content = User_Form::loginPage();
break;
case 'confirm_user':
if (Current_User::isLogged()) {
PHPWS_Core::home();
}
if (User_Action::confirmUser()) {
$title = dgettext('users', 'Welcome!');
$content = dgettext('users', 'Your account has been successfully activated. Please log in.');
} else {
$title = dgettext('users', 'Sorry');
$content = dgettext('users', 'This authentication does not exist.<br />
If you did not log in within the time frame specified in your email, please apply for another account.');
}
User_Action::cleanUpConfirm();
break;
case 'forgot_password':
if (Current_User::isLogged()) {
PHPWS_Core::home();
}
$title = dgettext('users', 'Forgot Password');
$content = User_Form::forgotForm();
break;
case 'post_forgot':
$title = dgettext('users', 'Forgot Password');
if (ALLOW_CAPTCHA) {
PHPWS_Core::initCoreClass('Captcha.php');
if (!Captcha::verify()) {
$content = dgettext('users', 'Captcha information was incorrect.');
$content .= User_Form::forgotForm();
} else {
if (!User_Action::postForgot($content)) {
$content .= User_Form::forgotForm();
}
}
} elseif (!User_Action::postForgot($content)) {
$content .= User_Form::forgotForm();
}
break;
case 'reset_pw':
$pw_result = User_Action::finishResetPW();
switch ($pw_result) {
case PHPWS_Error::isError($pw_result):
$title = dgettext('users', 'Reset my password');
$content = dgettext('users', 'Passwords were not acceptable for the following reason:');
$content .= '<br />' . $pw_result->getmessage() . '<br />';
$content .= User_Form::resetPassword($_POST['user_id'], $_POST['authhash']);
break;
case 0:
$title = dgettext('users', 'Sorry');
$content = dgettext('users', 'A problem occurred when trying to update your password. Please try again later.');
break;
case 1:
PHPWS_Core::home();
break;
}
break;
default:
PHPWS_Core::errorPage('404');
break;
}
if (isset($message)) {
$tag['MESSAGE'] = $message;
}
if (isset($title)) {
$tag['TITLE'] = $title;
}
if (isset($content)) {
$tag['CONTENT'] = $content;
}
if (isset($tag)) {
$final = PHPWS_Template::process($tag, 'users', 'user_main.tpl');
Layout::add($final);
}
}
private function doRegister($request, $response)
{/*{{{*/
$result = array('err' => array(), 'user' => new NullEntity());
$name = mb_strtolower($request->username, 'GB2312');
$pass1 = $request->password;
$pass2 = $request->password2;
$phone = $request->phone;
$mobile = $request->mobile;
$email = $request->email;
$city = $request->city;
$question = $request->pwdQ;
$answer = $request->pwdA;
$isDoctor = $request->is_doctor;
$patientCardNO = $request->patientCardNO;
$verifyOk = Captcha::verify($request->verifyStr, XIpLocation::getIp(), 'login', $request->captchaId, $request->token);
//username
$utf8name = mb_convert_encoding($name, 'utf8', 'gbk');
$result['err'] = $this->checkUsername(self::ERROR_RESULT_ARRAY, $name, $utf8name);
//verifycode
if($verifyOk == false)
{
$result['err'][] = "验证码错误";
}
//password
if (!preg_match("/^[0-9a-zA-Z]{4,16}$/", $pass1)) $result['err'][] = "密码格式错误, 只能为4-16位数字或字母";
if ($pass1 != $pass2) $result['err'][] = "密码校验错误";
//others
if ($phone && false == XString::isPhone($phone)) { $result['err'][] = "电话格式错误"; }
if ($mobile && false == XString::isMobile($mobile)) { $result['err'][] = "您填写的手机号码不合要求,请修改后重新提交";}
if ($email && false == XString::isEmail($email)) { $result['err'][] = "邮件格式错误"; }
//patient card
if(empty($patientCardNO) == false && $this->checkPatientCardNO($patientCardNO) == false)
{
$result['err'][] = "您输入的随访码不正确,请核对医生发放的随访码";
}
if (false == empty($result['err']))
{
return $result;
}
$data = array(
'realName' => '',
'sex' => 1,
'phone' => $phone,
'mobile' => $mobile,
'email' => $email,
'birthday' => '0',
'idcard' => '',
'province' => '',
'city' => $city,
'district' => '',
'question' => $question,
'answer' => $answer,
'ip' => UserClient::getInstance()->getIp(),
);
if (!$data['email']) unset($data['email']);
if (!$data['mobile']) unset($data['mobile']);
$user = UserClient::getInstance()->register($name, $pass1, $data);
if ($user->isNull())
{
$result['err'][] = "请稍后重新注册";
}
else
{
$result['user'] = $user;
}
return $result;
}/*}}}*/
function isValid() {
$cid = (string)request::get($this->getKey().'_cid', null);
$cval = (string)request::get($this->getKey(), null);
if ($cid) {
if (Captcha::verify($cval,$cid)) return true;
}
return false;
}
}
if( '' == $mobtel )
{
MsgHtml::msg('请填写您的手机,以便与您联系。', '', array('button'=>'back'));
}
if( '' == $email )
{
MsgHtml::msg('请填写您的邮箱,以便与您联系。', '', array('button'=>'back'));
}
elseif (!Xstring::isEmail($email))
{
MsgHtml::msg('邮件格式错误,请正确填写您的邮箱。', '', array('button'=>'back'));
}
$verifyOk = Captcha::verify($request->door, XIpLocation::getIp(), 'dcapply', $user->id, $request->token);
if($verifyOk != 1)
{
MsgHtml::msg('验证码输入错误', '', array('button'=>'back'));
}
$recipients = "*****@*****.**";
$title = "医生基本信息 (".date("y-m-d H:i").")";
$content = "";
$content .= "来自 ".$_SERVER['REMOTE_ADDR']." 的用户发送了一条医生信息, 内容如下:\n";
if ($from == 'search') $content .= "从搜索来的\n";
$content .= "所提交的医院科室: <a href='".$hospitalFaculty->getUrl()."' target=\"_blank\">".$hospitalFaculty->hospital->name.$hospitalFaculty->name."</a>\n";
$content .= "----------------------------------------------------------------------------\n";
$content .= "姓名: ".$name."\n";
$content .= "性别: ".(($sex) ? '男' : '女')."\n";
if ($birthday) $content .= "出生日期: ".$birthday."\n";
if ($duty) $content .= "行政职务: ".$duty."\n";
