/** * Handles view action * * @param sfWebRequest $request Web request object */ public function executeView($request) { $this->jotag = TagPeer::getFromField(TagPeer::JOTAG, $request->getParameter('jotag')); // check if active if (!$this->jotag || $this->jotag->getStatus() != TagPeer::ST_ACTIVE) { $this->forward404(); } if (!$this->jotag->haveContacts()) { return sfView::ERROR; } $nextOption = $this->getUser()->getAttribute('nextOption'); // check privacy settings $this->form = new PrivacyCheckForm($this->jotag, array('webservice' => $this->isWebserviceCall()), null, $nextOption); if (!TagPrivacyPeer::allowedToView($this->getUser(), $this->jotag)) { // user not allowed to view jotag, display security check form if ($request->isMethod('post')) { $this->form->bind($request->getParameter('privacy')); if ($this->form->isValid()) { if ($this->jotag->getTagPrivacy()->getPrivacyType() == TagPrivacyPeer::PRIVACY_AUTH || $nextOption == "fck editor") { if (!$this->getUser()->isAuthenticated()) { throw new sfException('User must be logged in to perform this action'); } if ($this->jotag->getAuthStatus($this->getUser()->getSubscriber()) != TagAuthPeer::STATUS_NONE) { throw new sfException('User already requested authorization'); } // add authorization request $this->jotag->addAuthRequest($this->getUser()->getSubscriber()); // change format back to html $sf_format = $request->getParameter("sf_format"); $request->setRequestFormat("html"); // notify owner Mailer::sendEmail($this->jotag->getUser()->getPrimaryEmail(), 'authRequest', array('jotag' => $this->jotag, 'user' => $this->getUser()->getSubscriber(), 'message' => $this->form->getValue('message')), $this->jotag->getUser()->getPreferedLanguage()); //$this->getUser()->getAttributeHolder()->remove('nextOption'); $this->redirect("jotag/view?jotag=" . $this->jotag->getJotag() . '&sf_format=' . $sf_format); } else { // user passed security check, allow him to view TagprivacyPeer::allowToView($this->getUser(), $this->jotag); $this->redirect("jotag/view?jotag=" . $this->jotag->getJotag() . '&sf_format=' . $request->getParameter('sf_format')); } } } // not authorized return sfView::ERROR; } $this->allowed = true; $this->show = $request->getParameter('show') ? true : false; }
<?php use_helper('Javascript'); if ($sf_user->isAuthenticated()) { if ($jotag->getAuthStatus($sf_user->getSubscriber()) == TagAuthPeer::STATUS_AUTHORIZED) { TagprivacyPeer::allowToView($sf_user, $jotag); //$this->redirect("@view_jotag?jotag=".$this->jotag->getJotag()); ?> <script> window.location='<?php echo $jotag->getJotag(); ?> '; </script> <?php die; //javascript_tag("window.location='/tag/".$jotag->getJotag()."'; alert('here');"); } } ?> <?php slot('captcha'); ?> <div class="captcha"> <?php if ($jotag->getTagPrivacy()->getPrivacyType() != TagPrivacyPeer::PRIVACY_CAPTCHA) { ?> <label><?php echo __("Enter the letters in the box below"); ?> :</label><br /><?php