function doRegister($data, $form) { // Check for existing member emial address if ($member = DataObject::get_one("Member", "'Email' = '" . Convert::raw2sql($data['Email']) . "'")) { // Set error message $form->AddErrorMessage('Email', "Sorry, that email address already exists. Please choose another.", 'bad'); // Set form data from submitted values Session::set("FormInfo.Form_RegistrationForm.data", $data); // Return back to form return Director::redirectBack(); } // Otherwise create new member and log them in $Member = new Member(); $form->saveInto($Member); $Member->write(); $Member->login(); // Find or create the 'user' group if (!($userGroup = DataObject::get_one('Group', "Code = 'users'"))) { $userGroup = new Group(); $userGroup->Code = "users"; $userGroup->Title = "Users"; $userGroup->Write(); $userGroup->Members()->add($Member); } // Add member to user group $userGroup->Members()->add($Member); // Get Profile page if ($ProfilePage = DataObject::get_one('EditProfilePage')) { return Director::redirect($ProfilePage->Link('?success=1')); } }
function submit($data, $form) { // if rewards added and get it button clicked then validate and save to order object if (isset($data['action_submit']) && isset($data['Quantity'])) { Session::clear($this->controller->RewardsSessionKey()); foreach ($data['Quantity'] as $ProductID => $quantity) { $item = $this->controller->newReward($ProductID, $quantity); Session::set($this->controller->RewardsSessionKey($ProductID), serialize($item)); } if ($this->controller->RewardsTotalPoints() > Page_Controller::MemberPointsBalance()) { $this->sessionMessage('You do not have enough points to purchase these rewards.', 'error'); Director::redirectBack(); return; } $new_items = $this->controller->RewardItems(); } //delete all existing reward items for this order $order_items = $this->controller->Order()->RewardItems(); foreach ($order_items as $o_item) { $o_item->delete(); } // then flush rewards from session Session::clear($this->controller->RewardsSessionKey()); //then link the reward items to the order if (isset($new_items)) { foreach ($new_items as $item) { $item->write(); } } // then redirect to next step Director::redirect($this->controller->Link() . 'checkoutstep/orderconfirmationandpayment/'); }
/** * Very ugly copy of the same method in ComplexTableField, but need a way to inject the extra data into created * objects prior to writing them. */ function saveComplexTableField($data, $form, $params) { $className = $this->sourceClass(); $childData = new $className(); $form->saveInto($childData); // Populate in the defaults as well. foreach ($this->defaultValues as $key => $value) { $childData->{$key} = $value; } $childData->write(); // Save the many many relationship if it's available if (isset($data['ctf']['manyManyRelation'])) { $parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']); $relationName = $data['ctf']['manyManyRelation']; $componentSet = $parentRecord->getManyManyComponents($relationName); $componentSet->add($childData); } if (isset($data['ctf']['hasManyRelation'])) { $parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']); $relationName = $data['ctf']['hasManyRelation']; $componentSet = $parentRecord->getComponents($relationName); $componentSet->add($childData); } $referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; $closeLink = sprintf('<small><a href="%s" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', $referrer, _t('ComplexTableField.CLOSEPOPUP', 'Close Popup')); $message = sprintf(_t('ComplexTableField.SUCCESSADD', 'Added %s %s %s'), $childData->singular_name(), '<a href="' . $this->Link() . '/item/' . $childData->ID . '/edit">' . $childData->Title . '</a>', $closeLink); $form->sessionMessage($message, 'good'); Director::redirectBack(); }
function addMember($data, $form) { $member = new Member(); $form->saveInto($member); $member->write(); Director::redirectBack(); }
public function Delete($data, $item) { if (!$item->canDelete()) { $this->httpError(403); } $this->parent->{$this->name . 'ID'} = null; $this->parent->write(); $item->delete(); return Director::is_ajax() ? $this->FieldHolder() : Director::redirectBack(); }
public function removeFromWishList($data, $form) { if (($member = Member::currentUser()) && ($wishListItems = $member->WishListItems("PageID = " . $data['PageID'])) && $wishListItems->exists()) { foreach ($wishListItems as $wishListItem) { $member->WishListItems()->remove($wishListItem); } } //$page = DataObject::get_by_id("Page", $data['PageID']); Director::redirectBack("?removed_wishlist=1"); }
protected function fontAction($change) { $currentSize = $this->currentFontSize(); $currentSize = floatval($currentSize) + $change; Session::set("fontsize", $currentSize); if (Director::is_ajax()) { return $this->CurrentFontSizeInPercentages($currentSize); } else { Director::redirectBack(); } return array(); }
/** * Save the changes to the form */ function submit($data, $form, $request) { $member = Member::currentUser(); if (!$member) { return false; } $form->saveInto($member); $member->write(); $form->sessionMessage(_t("MemberForm.DETAILSSAVED", 'Your details have been saved'), 'good'); Director::redirectBack(); return true; }
function activate($data, $form, $request) { //Check if there's a temp member with a Verification Code equal to this //if there is, register the new member and log him in //if not, tell him the code is wrong //Check if this member already exists $tempMember = TempMember::codeExists($data); if (!$tempMember) { $form->sessionMessage(_t("Register.REGISTRATION ERROR", "There's no account waiting for activation with this code.\n\t\t\t\t\t\t\t\t\t If you already have an account log in here <a href=\"my-events/\">here</a>"), 'bad'); Director::redirectBack(); return; } // Create a new Member object $member = new Member(); $member->FirstName = $tempMember->FirstName; $member->Surname = $tempMember->Surname; $member->Phone = $tempMember->Phone; $member->Email = $tempMember->Email; $member->Password = $tempMember->Password; $member->ReceiveMail = $tempMember->ReceiveMail; $member->ReceiveMail = $tempMember->ReceiveMail; $member->RequestListedAsPresenter = $tempMember->RequestListedAsPresenter; $member->LocationAddress = $tempMember->LocationAddress; $member->LocationLatitude = $tempMember->LocationLatitude; $member->LocationLongitude = $tempMember->LocationLongitude; $member->Description = $tempMember->Description; // Write to db. // This needs to happen before we add it to a group $member->write(); if ($tempMember->RequestListedAsPresenter) { $presentorApproval = new PresentorApproval(); $presentorApproval->MemberID = $member->ID; $presentorApproval->MemberName = $tempMember->FirstName . ' ' . $tempMember->Surname; $presentorApproval->Message = $tempMember->Description; $presentorApproval->Email = $tempMember->Email; $presentorApproval->Confirmation = 'Pending'; $presentorApproval->IsDone = false; $presentorApproval->write(); } $tempMember->delete(); $member->logIn(); // Add the member to User Group // Check if it exists first if ($group = DataObject::get_one('Group', 'ID = 3')) { $member->Groups()->add($group); // Redirect based on URL // TO EDIT Director::redirect('SuccessVerification'); } else { $form->sessionMessage(_t("Register.REGISTRATION ERROR", "Your registration wasn't successful please try again"), 'bad'); Director::redirectBack(); } }
public function doProcess($data, $form, $request) { $order = new Order(); $items = $order->Items(); $member = Member::currentUserID() ? Member::currentUser() : new Member(); $paymentClass = isset($data['PaymentMethod']) ? $data['PaymentMethod'] : null; $payment = class_exists($paymentClass) ? new $paymentClass() : null; $requirePayment = $order->Subtotal() > 0 ? true : false; if (!($items && $items->Count() > 0)) { $form->sessionMessage(_t('OrderForm.NOITEMS', 'Error placing order: You have no items in your cart.'), 'bad'); return Director::redirectBack(); } if ($requirePayment) { if (!($payment && $payment instanceof Payment)) { user_error("OrderForm::doProcess(): '{$paymentClass}' is not a valid payment class!", E_USER_ERROR); } } // Ensure existing members don't get their record hijacked (IMPORTANT!) if (!$member->checkUniqueFieldValue($data)) { $uniqueField = Member::get_unique_identifier_field(); $uniqueValue = $data[$uniqueField]; $uniqueError = "Error placing order: The %s \"%d\" is\n\t\t\t\talready taken by another member. If this belongs to you, please\n\t\t\t\tlog in first before placing your order."; $form->sessionMessage(_t('EcommerceMemberExtension.ALREADYEXISTS', printf($uniqueError, strtolower($uniqueField), $uniqueValue), PR_MEDIUM, 'Let the user know that member already exists (e.g. %s could be "Email", %d could be "joe@somewhere.com)'), 'bad'); return Director::redirectBack(); } $form->saveInto($member); if (!$member->Password) { $member->setField('Password', Member::create_new_password()); } $member->write(); $form->saveInto($order); try { $result = $order->process($member->ID); } catch (Exception $e) { $form->sessionMessage(_t('OrderForm.PROCESSERROR', "An error occurred while placing your order: {$e->getMessage()}.<br>\n\t\t\t\t\tPlease contact the website administrator."), 'bad'); // Send an email to site admin with $e->getMessage() error return Director::redirectBack(); } if ($requirePayment) { $form->saveInto($payment); $payment->write(); $result = $payment->processPayment($data, $form); if ($result->isSuccess()) { $order->sendReceipt(); } // Long payment process. e.g. user goes to external site to pay (PayPal, WorldPay) if ($result->isProcessing()) { return $result->getValue(); } } Director::redirect($order->Link()); }
/** * Handles validating the final step and writing the tickets data to the * registration object. */ public function finish($data, $form) { parent::finish($data, $form); $step = $this->getCurrentStep(); $datetime = $this->getController()->getDateTime(); $registration = $this->session->getRegistration(); $ticketsStep = $this->getSavedStepByClass('EventRegisterTicketsStep'); $tickets = $ticketsStep->loadData(); // Check that the requested tickets are still available. if (!$this->validateTickets($tickets['Tickets'], $form)) { Session::set("FormInfo.{$form->FormName()}.data", $form->getData()); Director::redirectBack(); return false; } // Validate the final step. if (!$step->validateStep($data, $form)) { Session::set("FormInfo.{$form->FormName()}.data", $form->getData()); Director::redirectBack(); return false; } // Reload the first step fields into a form, then save it into the // registration object. $ticketsStep->setForm($form); $fields = $ticketsStep->getFields(); $form = new Form($this, '', $fields, new FieldSet()); $form->loadDataFrom($tickets); $form->saveInto($registration); if ($member = Member::currentUser()) { $registration->Name = $member->getName(); $registration->Email = $member->Email; } $registration->TimeID = $datetime->ID; $registration->MemberID = Member::currentUserID(); $total = $ticketsStep->getTotal(); $registration->Total->setCurrency($total->getCurrency()); $registration->Total->setAmount($total->getAmount()); foreach ($tickets['Tickets'] as $id => $quantity) { if ($quantity) { $registration->Tickets()->add($id, array('Quantity' => $quantity)); } } $registration->write(); $this->session->delete(); // If the registrations is already valid, then send a details email. if ($registration->Status == 'Valid') { EventRegistrationDetailsEmail::factory($registration)->send(); } $this->extend('onRegistrationComplete', $registration); return Director::redirect(Controller::join_links($datetime->Event()->Link(), 'registration', $registration->ID, '?token=' . $registration->Token)); }
/** * Process payment form and return next step in the payment process. * Steps taken are: * 1. create new payment * 2. save form into payment * 3. return payment result * * @param Order $order - the order that is being paid * @param Form $form - the form that is being submitted * @param Array $data - Array of data that is submittted * @return Boolean - if successful, this method will return TRUE */ public static function process_payment_form_and_return_next_step($order, $form, $data) { if (!$order) { $form->sessionMessage(_t('EcommercePayment.NOORDER', 'Order not found.'), 'bad'); Director::redirectBack(); return false; } $paidBy = $order->Member(); if (!$paidBy) { $paidBy = Member::currentUser(); } $paymentClass = !empty($data['PaymentMethod']) ? $data['PaymentMethod'] : null; $payment = class_exists($paymentClass) ? new $paymentClass() : null; if (!($payment && $payment instanceof Payment)) { $form->sessionMessage(_t('EcommercePayment.NOPAYMENTOPTION', 'No Payment option selected.'), 'bad'); Director::redirectBack(); return false; } // Save payment data from form and process payment $form->saveInto($payment); $payment->OrderID = $order->ID; if (is_object($paidBy)) { $payment->PaidByID = $paidBy->ID; } $payment->Amount = $order->TotalOutstandingAsMoneyObject(); $payment->write(); // Process payment, get the result back $result = $payment->processPayment($data, $form); if (!$result instanceof Payment_Result) { return false; } else { if ($result->isProcessing()) { //IMPORTANT!!! // isProcessing(): Long payment process redirected to another website (PayPal, Worldpay) //redirection is taken care of by payment processor return $result->getValue(); } else { //payment is done, redirect to either returntolink //OR to the link of the order .... if (isset($data["returntolink"])) { Director::redirect($data["returntolink"]); } else { Director::redirect($order->Link()); } } return true; } }
function submit($data, $form) { if ($order = ShoppingCart::singleton()->current()) { $package = $order->createShippingPackage(); $address = new Address(); $form->saveInto($address); $estimator = new ShippingEstimator($package, $address); $estimates = $estimator->getEstimates(); Session::set("ShippingEstimates", $estimates); if (Director::is_ajax()) { return json_encode($estimates->toArray()); //TODO: replace with an AJAXResponse class that can output to different formats } } Director::redirectBack(); }
function handleAction($request) { // This method can't be called without ajax. if (!Director::is_ajax()) { Director::redirectBack(); return; } // Protect against CSRF on destructive action if (!SecurityToken::inst()->checkRequest($request)) { return $this->httpError(400); } $actions = Object::get_static($this->class, 'batch_actions'); $actionClass = $actions[$request->param('BatchAction')]; $actionHandler = new $actionClass(); // Sanitise ID list and query the database for apges $ids = split(' *, *', trim($request->requestVar('csvIDs'))); foreach ($ids as $k => $v) { if (!is_numeric($v)) { unset($ids[$k]); } } if ($ids) { $pages = DataObject::get('SiteTree', "\"SiteTree\".\"ID\" IN (" . implode(", ", $ids) . ")"); // If we didn't query all the pages, then find the rest on the live site if (!$pages || $pages->Count() < sizeof($ids)) { foreach ($ids as $id) { $idsFromLive[$id] = true; } if ($pages) { foreach ($pages as $page) { unset($idsFromLive[$page->ID]); } } $idsFromLive = array_keys($idsFromLive); // Debug::message("\"SiteTree\".\"ID\" IN (" . implode(", ", $idsFromLive) . ")"); $livePages = Versioned::get_by_stage('SiteTree', 'Live', "\"SiteTree\".\"ID\" IN (" . implode(", ", $idsFromLive) . ")"); if ($pages) { $pages->merge($livePages); } else { $pages = $livePages; } } } else { $pages = new DataObjectSet(); } return $actionHandler->run($pages); }
/** * @param $data * @param $form * @return SS_HTTPResponse */ function SaveProfile($data, $form) { // Check for a logged in member if ($CurrentMember = Member::currentUser()) { // Check for another member with the same email address if ($member = DataObject::get_one("Member", "Email = '" . Convert::raw2sql($data['Email']) . "' AND ID != " . $CurrentMember->ID)) { $form->addErrorMessage("Name", 'Sorry, that name already exists.', "bad"); Session::set("FormInfo.Form_EditProfileForm.data", $data); return Director::redirectBack(); } else { $form->saveInto($CurrentMember); $CurrentMember->write(); return $this->redirect($this->Link('?saved=1')); } } else { return Security::PermissionFailure($this->controller, 'you must be logged in to edit your profile'); } }
/** * Change the password * * @param array $data The user submitted data */ function doChangePassword(array $data) { if ($member = Member::currentUser()) { // The user was logged in, check the current password if (isset($data['OldPassword']) && $member->checkPassword($data['OldPassword']) == false) { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), "bad"); Director::redirectBack(); return; } } if (!$member) { if (Session::get('AutoLoginHash')) { $member = Member::member_from_autologinhash(Session::get('AutoLoginHash')); } // The user is not logged in and no valid auto login hash is available if (!$member) { Session::clear('AutoLoginHash'); Director::redirect('loginpage'); return; } } // Check the new password if ($data['NewPassword1'] == $data['NewPassword2']) { $isValid = $member->changePassword($data['NewPassword1']); if ($isValid->valid()) { $this->clearMessage(); $this->sessionMessage(_t('Member.PASSWORDCHANGED', "Your password has been changed, and a copy emailed to you."), "good"); Session::clear('AutoLoginHash'); $redirectURL = HTTP::setGetVar('BackURL', urlencode(Director::absoluteBaseURL()), Security::Link('login')); Director::redirect($redirectURL); } else { $this->clearMessage(); $this->sessionMessage(nl2br("We couldn't accept that password:\n" . $isValid->starredList()), "bad"); Director::redirectBack(); } } else { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "Your have entered your new password differently, try again"), "bad"); Director::redirectBack(); } }
function doImport($data, $form) { $loader = new GroupCsvBulkLoader(); // load file $result = $loader->load($data['CsvFile']['tmp_name']); // result message $msgArr = array(); if ($result->CreatedCount()) { $msgArr[] = sprintf(_t('GroupImportForm.ResultCreated', 'Created %d groups'), $result->CreatedCount()); } if ($result->UpdatedCount()) { $msgArr[] = sprintf(_t('GroupImportForm.ResultUpdated', 'Updated %d groups'), $result->UpdatedCount()); } if ($result->DeletedCount()) { $msgArr[] = sprintf(_t('GroupImportForm.ResultDeleted', 'Deleted %d groups'), $result->DeletedCount()); } $msg = $msgArr ? implode(',', $msgArr) : _t('MemberImportForm.ResultNone', 'No changes'); $this->sessionMessage($msg, 'good'); Director::redirectBack(); }
protected function processInvites($data, $form, $request) { //Decide who to send this message to $cleanupid = $_REQUEST['CleanupID']; if (!$cleanupid) { Director::redirect('my-events/Error/'); } $cleanup = DataObject::get_one('CleanUpGroup', "CleanUpGroup.ID = '{$cleanupid}'"); $creator = Member::currentUser(); $creatorid = Member::currentUserID(); //CASE: Send Email to Recipients list! $emailmsg = EventEmail::save_current_msg(); $form->saveInto($emailmsg); $emailmsg->MemberID = $creatorid; $emailmsg->SenderEmail = $_REQUEST['Email']; $emailmsg->Recipients = $_REQUEST['Recipients']; $emailmsg->CleanUpGroupID = $cleanupid; $emailmsg->write(); $emailmsg->invitePeeps(); Director::redirectBack(); //PROCESS ENDS }
/** * Get all content as a javascript-compatible string (only if there is an Ajax-Request present). * Falls back to {non_ajax_content}, {redirect_url} or Director::redirectBack() (in this order). * * @return string */ static function respond() { // we don't want non-ajax calls to receive javascript if (isset($_REQUEST['forcehtml'])) { return self::$non_ajax_content; } else { if (isset($_REQUEST['forceajax']) || Director::is_ajax()) { ContentNegotiator::disable(); // TODO figure out a way to stay backwards-compatible with Ajax.Evaluator and still use the automatic evaluating of Prototype //header("Content-type: text/javascript"); return self::get_javascript(); } elseif (!empty(self::$non_ajax_content)) { return self::$non_ajax_content; } elseif (!empty(self::$redirect_url)) { Director::redirect(self::$redirect_url); return null; } else { Director::redirectBack(); return null; } } }
/** * Save the cleanup and redirect */ function uploadimages($data, $form) { //Check there is a member! IF not return false $member = Member::currentUser(); if (!$member) { $form->sessionMessage(_t("Create.CLEANUPCREATTIONERROR", "You Need to be logged in to Edit An Event"), 'bad'); Director::redirectBack(); } else { //$fri = (!empty($_REQUEST['Friday'])) ? $_REQUEST['Friday'] : null; //CLEANUP EVENT WE ARE ADDING IMAGES FO $cleanupID = !empty($_REQUEST['CleanUpID']) ? $_REQUEST['CleanUpID'] : null; $cleanupgroup = DataObject::get_one('CleanUpGroup', "CleanUpGroup.ID = '{$cleanupID}'"); if (!$cleanupgroup) { $form->sessionMessage(_t("Create.CLEANUPIMAGEUPLOADERROR", "You Need to have a Clean Up Event to add images "), 'bad'); Director::redirectBack(); } else { $form->saveInto($cleanupgroup); $cleanupgroup->write(); Director::redirect($cleanupgroup->Link()); } } }
/** * Get all content as a javascript-compatible string (only if there is an Ajax-Request present). * Falls back to {non_ajax_content}, {redirect_url} or Director::redirectBack() (in this order). * * @return string */ static function respond() { // we don't want non-ajax calls to receive javascript if (isset($_REQUEST['forcehtml'])) { return self::$non_ajax_content; } else { if (isset($_REQUEST['forceajax']) || Director::is_ajax()) { $response = Controller::curr()->getResponse(); $response->addHeader('Content-Type', 'text/javascript'); return self::get_javascript(); } elseif (!empty(self::$non_ajax_content)) { return self::$non_ajax_content; } elseif (!empty(self::$redirect_url)) { Director::redirect(self::$redirect_url); return null; } elseif (!Director::redirected_to()) { Director::redirectBack(); return null; } else { return null; } } }
function saveComplexTableField($data, $form, $params) { $className = $this->sourceClass(); $childData = new $className(); $form->saveInto($childData); try { $childData->write(); } catch (ValidationException $e) { $form->sessionMessage($e->getResult()->message(), 'bad'); return Director::redirectBack(); } // Save the many many relationship if it's available if (isset($data['ctf']['manyManyRelation'])) { $parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']); $relationName = $data['ctf']['manyManyRelation']; $componentSet = $parentRecord ? $parentRecord->getManyManyComponents($relationName) : null; if ($componentSet) { $componentSet->add($childData); } } if (isset($data['ctf']['hasManyRelation'])) { $parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']); $relationName = $data['ctf']['hasManyRelation']; $componentSet = $parentRecord ? $parentRecord->getComponents($relationName) : null; if ($componentSet) { $componentSet->add($childData); } } $referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; $closeLink = sprintf('<small><a href="%s" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', $referrer, _t('ComplexTableField.CLOSEPOPUP', 'Close Popup')); $editLink = Controller::join_links($this->Link(), 'item/' . $childData->ID . '/edit'); $message = sprintf(_t('ComplexTableField.SUCCESSADD', 'Added %s %s %s'), $childData->singular_name(), '<a href="' . $editLink . '">' . $childData->Title . '</a>', $closeLink); $form->sessionMessage($message, 'good'); // **PATCH //Director::redirectBack(); Director::redirect($editLink); }
/** * Change the password * * @param array $data The user submitted data */ function doChangePassword(array $data) { if ($member = Member::currentUser()) { // The user was logged in, check the current password if ($member->checkPassword($data['OldPassword']) == false) { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORPASSWORDNOTMATCH', "Your current password does not match, please try again"), "bad"); Director::redirectBack(); } } if (!$member) { if (Session::get('AutoLoginHash')) { $member = Member::autoLoginHash(Session::get('AutoLoginHash')); } // The user is not logged in and no valid auto login hash is available if (!$member) { Session::clear('AutoLoginHash'); Director::redirect('loginpage'); } } // Check the new password if ($data['NewPassword1'] == $data['NewPassword2']) { $member->Password = $data['NewPassword1']; $member->AutoLoginHash = null; $member->write(); $member->sendinfo('changePassword', array('CleartextPassword' => $data['NewPassword1'])); $this->clearMessage(); $this->sessionMessage(_t('Member.PASSWORDCHANGED', "Your password has been changed, and a copy emailed to you."), "good"); Session::clear('AutoLoginHash'); Director::redirect(Security::Link('login')); } else { $this->clearMessage(); $this->sessionMessage(_t('Member.ERRORNEWPASSWORD', "Your have entered your new password differently, try again"), "bad"); Director::redirectBack(); } }
function dosave($data, $form) { // don't allow ommitting or changing the ID if (!isset($data['ID']) || $data['ID'] != Member::currentUserID()) { return Director::redirectBack(); } $SQL_data = Convert::raw2sql($data); $member = DataObject::get_by_id("Member", $SQL_data['ID']); if ($SQL_data['Locale'] != $member->Locale) { $form->addErrorMessage("Generic", _t('Member.REFRESHLANG'), "good"); } $form->saveInto($member); $member->write(); $closeLink = sprintf('<small><a href="' . $_SERVER['HTTP_REFERER'] . '" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', _t('ComplexTableField.CLOSEPOPUP', 'Close Popup')); $message = _t('Member.PROFILESAVESUCCESS', 'Successfully saved.') . ' ' . $closeLink; $form->sessionMessage($message, 'good'); Director::redirectBack(); }
/** * Delete the current record */ public function doDelete($data, $form, $request) { if ($this->currentRecord->canDelete(Member::currentUser())) { $this->currentRecord->delete(); Director::redirect($this->parentController->Link('SearchForm?action=search')); } else { Director::redirectBack(); } return; }
/** * Removes all of a specific item AND return back *@return Mixed - if the request is AJAX, it returns JSON - CartResponse::ReturnCartData(); If it is not AJAX it redirects back to requesting page. */ public function removeallitemandedit($request) { $buyable = $this->buyable(); if ($buyable) { $link = $buyable->Link(); $this->cart->deleteBuyable($buyable, $this->parameters()); Director::redirect($link); } else { Director::redirectBack(); } }
public function removefile($request) { // Protect against CSRF on destructive action if (!SecurityToken::inst()->checkRequest($request)) { return $this->httpError(400); } if ($fileID = $this->urlParams['ID']) { $file = DataObject::get_by_id('File', $fileID); if (!$file) { return $this->httpError(400); } // Delete the temp verions of this file in assets/_resampled if ($file instanceof Image) { $file->deleteFormattedImages(); } $file->delete(); $file->destroy(); if (Director::is_ajax()) { $js = <<<JS \t\t\t\t\$('Form_EditForm_Files').removeFile({$fileID}); \t\t\t\tstatusMessage('removed file', 'good'); JS; FormResponse::add($js); return FormResponse::respond(); } else { Director::redirectBack(); } } else { user_error("AssetAdmin::removefile: Bad parameters: File={$fileID}", E_USER_ERROR); } }
/** * Use the URL-Parameter "action_saveComplexTableField" * to provide a clue to the main controller if the main form has to be rendered, * even if there is no action relevant for the main controller (to provide the instance of ComplexTableField * which in turn saves the record. * * This is for editing existing item records. {@link ComplexTableField::saveComplexTableField()} * * @see Form::ReferencedField */ function saveComplexTableField($data, $form, $request) { $dataObject = $this->dataObj(); try { $form->saveInto($dataObject); $dataObject->write(); //Loop through options and save those for this variation $parentRecord = $dataObject; $relationName = 'Options'; $componentSet = $parentRecord->getManyManyComponents($relationName); if ($componentSet) { foreach ($componentSet as $component) { $componentSet->remove($component); } if (isset($data['Options']) && is_array($data['Options'])) { foreach ($data['Options'] as $attributeID => $optionID) { $option = DataObject::get_by_id('Option', $optionID); $componentSet->add($option); } } } } catch (ValidationException $e) { $form->sessionMessage($e->getResult()->message(), 'bad'); return Director::redirectBack(); } // Save the many many relationship if it's available if (isset($data['ctf']['manyManyRelation'])) { $parentRecord = DataObject::get_by_id($data['ctf']['parentClass'], (int) $data['ctf']['sourceID']); $relationName = $data['ctf']['manyManyRelation']; $componentSet = $parentRecord->getManyManyComponents($relationName); $componentSet->add($dataObject); } $referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; $closeLink = sprintf('<small><a href="%s" onclick="javascript:window.top.GB_hide(); return false;">(%s)</a></small>', $referrer, _t('ComplexTableField.CLOSEPOPUP', 'Close Popup')); $message = sprintf(_t('ComplexTableField.SUCCESSEDIT', 'Saved %s %s %s'), $dataObject->singular_name(), '<a href="' . $this->Link() . '">"' . htmlspecialchars($dataObject->Title, ENT_QUOTES) . '"</a>', $closeLink); $form->sessionMessage($message, 'good'); Director::redirectBack(); }
/** * Log the currently logged in user out * * @param bool $redirect Redirect the user back to where they came. * - If it's false, the code calling logout() is * responsible for sending the user where-ever * they should go. */ public function logout($redirect = true) { if ($member = Member::currentUser()) { $member->logOut(); } if ($redirect) { Director::redirectBack(); } }
/** * Login form handler method * * This method is called when the user clicks on "Log in" * * @param array $data Submitted data */ public function dologin($data) { if ($this->performLogin($data)) { Session::clear('SessionForms.MemberLoginForm.Email'); Session::clear('SessionForms.MemberLoginForm.Remember'); if (Member::currentUser()->isPasswordExpired()) { if (isset($_REQUEST['BackURL']) && ($backURL = $_REQUEST['BackURL'])) { Session::set('BackURL', $backURL); } $cp = new ChangePasswordForm($this->controller, 'ChangePasswordForm'); $cp->sessionMessage('Your password has expired. Please choose a new one.', 'good'); Director::redirect('Security/changepassword'); } elseif (isset($_REQUEST['BackURL']) && $_REQUEST['BackURL'] && Director::is_site_url($_REQUEST['BackURL'])) { Director::redirect($_REQUEST['BackURL']); } elseif (Security::default_login_dest()) { Director::redirect(Director::absoluteBaseURL() . Security::default_login_dest()); } else { $member = Member::currentUser(); if ($member) { $firstname = Convert::raw2xml($member->FirstName); if (!empty($data['Remember'])) { Session::set('SessionForms.MemberLoginForm.Remember', '1'); $member->logIn(true); } else { $member->logIn(); } Session::set('Security.Message.message', sprintf(_t('Member.WELCOMEBACK', "Welcome Back, %s"), $firstname)); Session::set("Security.Message.type", "good"); } Director::redirectBack(); } } else { Session::set('SessionForms.MemberLoginForm.Email', $data['Email']); Session::set('SessionForms.MemberLoginForm.Remember', isset($data['Remember'])); if (isset($_REQUEST['BackURL'])) { $backURL = $_REQUEST['BackURL']; } else { $backURL = null; } if ($backURL) { Session::set('BackURL', $backURL); } if ($badLoginURL = Session::get("BadLoginURL")) { Director::redirect($badLoginURL); } else { // Show the right tab on failed login $loginLink = Director::absoluteURL(Security::Link("login")); if ($backURL) { $loginLink .= '?BackURL=' . urlencode($backURL); } Director::redirect($loginLink . '#' . $this->FormName() . '_tab'); } } }