function check() { //get user id from auth object $auth = Zend_Auth::getInstance(); $userRole = null; if ($auth->hasIdentity()) { $userId = $auth->getIdentity()->id; //fetch user role from ddbb $model = new Model_User(); $user = $model->fetchUser($userId); if ($user) { $userRole = $user->role; } } return $userRole; }
/** * Add message to an existent conversation */ public function replyAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); $request = $this->getRequest(); $id = $data['thread_id'] = $request->getParam('id'); $to = $data['user_to'] = $request->getParam('to'); $lang = $this->lang; //first we check if user is logged, if not redir to login $auth = Zend_Auth::getInstance(); if (!$auth->hasIdentity()) { //keep this url in zend session to redir after login $aNamespace = new Zend_Session_Namespace('Nolotiro'); $aNamespace->redir = $lang . '/message/reply/' . $id . '/to/' . $to; $this->_redirect($lang . '/auth/login'); } if ($request->isPost()) { $f_message_reply = new Form_MessageReply(); if ($f_message_reply->isValid($request->getPost())) { // collect data $f = new Zend_Filter_StripTags(); $data['body'] = $f->filter($request->getPost('body')); $data['user_from'] = $auth->getIdentity()->id; if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $data['ip'] = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['REMOTE_ADDR'])) { $data['ip'] = $_SERVER['REMOTE_ADDR']; } // Insert new message in database $m_message = new Model_Message(); $m_message->createMessage($data); // Send notification e-mail $mail = new Zend_Mail('utf-8'); $hostname = 'http://' . $this->getRequest()->getHttpHost(); $username_from = $auth->getIdentity()->username; $data['body'] = $data['subject'] . '<br/>' . $data['body'] . '<br/>'; $data['body'] .= $this->view->translate('Go to this url to reply this message:') . '<br/> <a href="' . $hostname . '/' . $this->lang . '/message/received">' . $hostname . '/' . $this->lang . '/message/received</a> <br>---------<br/>'; $data['body'] .= $this->view->translate('This is an automated notification. Please, don\'t reply at this email address.'); $mail->setBodyHtml($data['body']); $mail->setFrom('*****@*****.**', 'nolotiro.org'); $m_user = new Model_User(); $object_user = $m_user->fetchUser($data['user_to']); $mail->addTo($object_user->email); $mail->setSubject('[nolotiro.org] - ' . $this->view->translate('You have a new message from user') . ' ' . $username_from); $mail->send(); // Show flash success notification $this->_helper->_flashMessenger->addMessage($this->view->translate('Message sent successfully!')); } else { // Show flash failure notification $this->_helper->_flashMessenger->addMessage($this->view->translate('There was an error sending your message')); } /* Redirect back to message list. * XXX: Do this in a way validation errors are kept. Javascript I * guess */ $this->_redirect('/' . $this->lang . '/message/show/' . $id); } }
public function editAction() { //check if user logged in $auth = Zend_Auth::getInstance(); $user = new Model_User(); $ad = new Model_Ad(); $id = (int) $this->getRequest()->getParam('id'); $ad_user_owner = $ad->getAd($id); if ($auth->hasIdentity()) { $this->view->userRole = $this->_helper->checkUserRole->check(); //if user owner allow edit and show delete ad link , if not redir not allowed if ($this->view->userRole == 1) { //bazinga!! } elseif ($user->fetchUser($auth->getIdentity()->id)->id != $ad_user_owner['user_owner']) { $this->_helper->_flashMessenger->addMessage($this->view->translate('You are not allowed to view this page')); $this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give'); } } else { $this->_helper->_flashMessenger->addMessage($this->view->translate('You are not allowed to view this page')); $this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give'); return; } $this->view->deletead = '<img src="/images/delete_ad.png" /> <a href="/' . $this->view->lang . '/ad/delete/id/' . $this->_getParam('id') . ' ">' . $this->view->translate('delete this ad') . '</a>'; $request = $this->getRequest(); require_once APPLICATION_PATH . '/forms/AdEdit.php'; $form = new Form_AdEdit(); $form->addElement('select', 'status', array('order' => '1', 'label' => 'Status:', 'required' => true, 'multioptions' => array('available' => 'available', 'booked' => 'booked', 'delivered' => 'delivered'))); $this->view->page_title .= $this->view->translate('Edit your ad'); $this->view->form = $form; if ($this->getRequest()->isPost()) { $formData = $this->getRequest()->getPost(); if ($form->isValid($formData)) { $formulario = $form->getValues(); //anti HOYGAN to title //dont use strtolower because dont convert utf8 properly . ej: á é ó ... $formulario['title'] = ucfirst(mb_convert_case($formulario['title'], MB_CASE_LOWER, "UTF-8")); //anti hoygan to body $split = explode(". ", $formulario['body']); foreach ($split as $sentence) { $sentencegood = ucfirst(mb_convert_case($sentence, MB_CASE_LOWER, "UTF-8")); $formulario['body'] = str_replace($sentence, $sentencegood, $formulario['body']); } //var_dump($form); //set filter againts xss and nasty things $f = new Zend_Filter(); $f->addFilter(new Zend_Filter_StripTags()); $data['title'] = $f->filter($formulario['title']); $data['body'] = $f->filter($formulario['body']); $data['type'] = $f->filter($formulario['type']); //create thumbnail if image exists if ($formulario['photo']) { $photobrut = $formulario['photo']; $data['photo'] = $this->_createThumbnail($photobrut, '100', '90'); } $data['status'] = $formulario['status']; $data['comments_enabled'] = $formulario['comments_enabled']; $model = new Model_Ad(); $model->updateAd($data, (int) $id); //delete memcached ad if exists //check if the ad exists in memcached $oBackend = new Zend_Cache_Backend_Memcached(array('servers' => array(array('host' => '127.0.0.1', 'port' => '11211')), 'compression' => true)); // configure caching frontend strategy $oFrontend = new Zend_Cache_Core(array('lifetime' => 3600 * 24 * 7, 'caching' => true, 'cache_id_prefix' => 'singleAd', 'logging' => false, 'write_control' => true, 'automatic_serialization' => true, 'ignore_user_abort' => true)); // build a caching object $cacheAd = Zend_Cache::factory($oFrontend, $oBackend); $cacheAd->remove((int) $id); $this->_helper->_flashMessenger->addMessage($this->view->translate('Ad edited succesfully!')); $this->_redirect('/' . $this->lang . '/ad/' . $id); } else { $id = $this->_getParam('id'); $ad = new Model_Ad(); $advalues = $ad->getAd($id); // if photo not empty then show and let change it $current_photo = $advalues['photo']; if ($current_photo) { $this->view->current_photo = ' <img src="/images/uploads/ads/100/' . $current_photo . '" />'; } $form->populate($formData); } } else { $id = $this->_getParam('id'); if ($id > 0) { $ad = new Model_Ad(); $advalues = $ad->getAd($id); // if photo not empty then show and let change it $current_photo = $advalues['photo']; if ($current_photo) { $this->view->current_photo = ' <img src="/images/uploads/ads/100/' . $current_photo . '" />'; } $form->populate($ad->getAd($id)); } } }
public function lockAction() { $id = (int) $this->getRequest()->getParam('id'); $this->view->userRole = $this->_helper->checkUserRole->check(); //only admins have access to this action if ($this->view->userRole == 1) { $modelUser = new Model_User(); $this->view->userToLock = $modelUser->fetchUser($id)->username; if ($this->view->userToLock == null) { //the user does not exists $this->_helper->_flashMessenger->addMessage($this->view->translate('This user does not exists')); $this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give'); } if ($this->getRequest()->isPost()) { $lock = $this->getRequest()->getPost('lock'); if ($lock == 'Yes') { //bye bye troll $data['locked'] = 1; $data['id'] = $id; $modelUser->update($data); $this->_helper->_flashMessenger->addMessage($this->view->translate('User locked successfully.')); $this->_redirect('/' . $this->view->lang . '/woeid/' . $this->location . '/give'); return; } } } else { $this->_helper->_flashMessenger->addMessage($this->view->translate('You are not allowed to view this page')); $this->_redirect('/' . $this->lang . '/woeid/' . $this->location . '/give'); return; } }