public function p_signup()
{
# What data was submitted
//print_r($_POST);
# Encrypt password
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
$_POST['password2'] = sha1(PASSWORD_SALT . $_POST['password2']);
if ($_POST['password'] != $_POST['password2']) {
Router::redirect('/users/login/new/?error=oh+dip!+password+mismatch,+please+try+again.');
}
# delete confirmation password from post for nice easy insert into db
unset($_POST['password2']);
# Create and encrypt token
$_POST['token'] = sha1(TOKEN_SALT . $_POST['username'] . Utils::generate_random_string());
# Store current timestamp
$_POST['created'] = Time::now();
# This returns the current timestamp
$_POST['modified'] = Time::now();
# Insert
DB::instance(DB_NAME)->insert('users', $_POST);
# set token / cookie so user doesn't have to log in again
$token = $_POST['token'];
setcookie("token", $token, strtotime('+2 weeks'), '/');
Router::redirect('/');
}
/**
* Удаление куков
*
* @param string $name
* @param string $path
* @param string $domain
* @param boolean $secure
* @param boolean $httponly
* @return string|null
*/
public static function del($name, $path = '/', $domain = null, $secure = false, $httponly = false)
{
if (isset($_COOKIE[$name])) {
unset($_COOKIE[$name]);
}
return setcookie($name, null, Time::now() - Time::day(1), $path, $domain, $secure, $httponly);
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model = new Feedback();
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
$panel_ident = $_REQUEST['panel_ident'];
if (isset($_POST['Feedback'])) {
$model->attributes = $_POST['Feedback'];
$model->q_time = Time::now();
if ($model->save()) {
$model->addTags('tag1, tag2, tag3')->save();
if (isset($_GET['ajax'])) {
$str = Yii::t('cp', 'Create Success On ') . Time::now();
Yii::app()->user->setFlash('success', $str);
$this->renderPartial('create_next', array('model' => $model, 'panel_ident' => $panel_ident), false, true);
exit;
} else {
$this->redirect(array('view', 'id' => $model->id));
}
}
}
if (isset($_GET['ajax'])) {
$this->renderPartial('create', array('model' => $model, 'panel_ident' => $panel_ident), false, true);
} else {
$this->render('create', array('model' => $model));
}
}
public function p_signup()
{
# Check if data was entered
if ($_POST['first_name'] == "" || $_POST['last_name'] == "" || $_POST['password'] == "") {
# Send back to signup with appropriate error
Router::redirect("/users/signup/Please enter all requested information");
}
# Check if email address is of the right form
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
# Send back to signup with appropriate error
Router::redirect("/users/signup/Please enter a valid email address");
}
# Check if passwords match
if ($_POST['password'] != $_POST['password_check']) {
# Send back to signup with appropriate error
Router::redirect("/users/signup/Passwords do not match");
}
# Remove the password check from the array
unset($_POST['password_check']);
# Encrypt the password
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
# More data we want stored with the user
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
$_POST['token'] = sha1(TOKEN_SALT . $_POST['email'] . Utils::generate_random_string());
# Insert this user into the database
$user_id = DB::instance(DB_NAME)->insert("users", $_POST);
# Send the user to the signup success page
$this->template->content = View::instance('v_users_signup_success');
$this->template->title = "Success!";
echo $this->template;
}
public function p_signup()
{
# Dump out the results of POST to see what the form submitted
# print_r($_POST);
# Encrypt the password
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
# More data we want stored with the user
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
$_POST['token'] = sha1(TOKEN_SALT . $_POST['email'] . Utils::generate_random_string());
# Variables to store the first name & email of the user
$firstname = $_POST['first_name'];
$email = $_POST['email'];
# Variable which will store the email which is fetched from database
$email_verify = DB::instance(DB_NAME)->select_row("SELECT email FROM users WHERE email = '" . $_POST['email'] . "'");
# print_r($email_verify);
if ($email_verify == "") {
# Insert this user into the database
$user_id = DB::instance(DB_NAME)->insert("users", $_POST);
# Confirmation to the user on successfully signing up
echo "Congratulations {$firstname} !! You have successfully signed up</br></br>";
# Login again in order to follow users
echo "You need to login again in order to follow users </br>";
echo "<a href='/users/login'> Login </a>";
} else {
#To Display to the user that the email records exist in database.
echo " {$firstname}, Your email '{$email}' matches with our records in database.</br>\n \tYou will be redirected to the signup page in 10 seconds. </br></br>";
echo "<a href='/users/signup'> Signup </a> </br></br>";
echo "<a href='/users/login'> Login </a>";
#Refresh the page and redirect to signup page after 10 secs.
header('Refresh: 10; URL=/users/signup');
ob_end_flush();
}
}
public function p_ticket()
{
# Sanitize the user input
$_POST = DB::instance(DB_NAME)->sanitize($_POST);
# Backup validation in case of javascript failure
# Not recommended as the page looks terrible without js
# Check if data was entered
if ($_POST['name'] == "" || $_POST['phone'] == "" || $_POST['serial'] == "") {
# Send back to signup with appropriate error
Router::redirect("/tickets");
}
# Check if email address is of the right form
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
# Send back to signup with appropriate error
Router::redirect("/tickets");
}
# Unix timestamp of when this post was created / modified
$_POST['ticket_id'] = date('Ymd\\-his');
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
# Add the location
$_POST['location'] = 'Helpdesk';
# Create ticket and computer arrays
$ticket = $_POST;
$computer = $_POST;
# Add ticket status
$ticket['status'] = 'New';
# Remove the unneeded data before submit
unset($ticket['model'], $ticket['serial']);
unset($computer['email'], $computer['phone'], $computer['notes']);
# Insert
DB::instance(DB_NAME)->insert('tickets', $ticket);
DB::instance(DB_NAME)->insert('computers', $computer);
# Build a multi-dimension array of recipients of this email
$to[] = array("name" => $_POST["name"], "email" => $_POST["email"]);
# Build a single-dimension array of who this email is coming from
# note it's using the constants we set in the configuration above)
$from = array("name" => "HSPH Helpdesk", "email" => APP_EMAIL);
# Subject
$subject = "Helpdesk Computer Drop Off: " . $_POST["subject"];
# Generate Time
# You can set the body as just a string of text
$body = "This is confirmation that you have delivered your " . $_POST['model'] . " with the serial number " . $_POST['serial'] . " to the helpdesk at " . date('g\\:i a \\o\\n F d\\, Y') . " with the following notes: <br>" . $_POST['notes'] . "<br><br>Thank you and have a great day!" . "<br>The Helpdesk<br>(617) 432-4357<br>helpdesk@hsph.harvard.edu";
# OR, if your email is complex and involves HTML/CSS, you can build the body via a View just like we do in our controllers
# $body = View::instance('e_users_welcome');
# Why not send an email to the test account as well
# Build multi-dimension arrays of name / email pairs for cc / bcc if you want to
$cc = "";
$bcc = "*****@*****.**";
# With everything set, send the email
if (!($email = Email::send($to, $from, $subject, $body, true, $cc, $bcc))) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
# Load the success page
$this->template->content = View::instance('v_tickets_p_ticket_success');
$this->template->title = "Success!";
echo $this->template;
}
}
public function test_between_array()
{
Time::set(strtotime('2011-11-01 15:00:00'));
$this->assertEquals('2011-11-01 15:00:00', Time::now());
$this->assertTrue(Time::between(array('2011-11-01 15:00:00', '2011-11-01 16:00:00')));
$this->assertTrue(Time::between(array('2011-11-01 14:00:00', '2011-11-01 15:00:00')));
$this->assertFalse(Time::between(array('2011-11-01 14:00:00', '2011-11-01 14:59:59')));
$this->assertFalse(Time::between(array('2011-11-01 15:00:01', '2011-11-01 16:00:00')));
}
public function follow($user_id_followed)
{
# Prepare our data array to be inserted
$data = array("created" => Time::now(), "user_id" => $this->user->user_id, "user_id_followed" => $user_id_followed);
# Do the insert
DB::instance(DB_NAME)->insert('users_users', $data);
# Send them back
Router::redirect("/posts/users");
}
public static function set_visit_time($identifier = NULL)
{
$cookie_name = "visit_" . Router::$controller . "_" . Router::$method . "_" . $identifier;
$cookie_value = Time::now();
# Suppress notice for instances when cookie does not exist
$last_visit = @$_COOKIE[$cookie_name];
setcookie($cookie_name, $cookie_value, strtotime('+1 year'), '/');
return $last_visit;
}
public function return_pc($serial_number)
{
# Prepare our data array to be inserted
$data = array("modified" => Time::now(), "location" => "Returned");
# Match to serial number
$where_condition = "WHERE serial = \"" . $serial_number . "\"";
# Do the insert
DB::instance(DB_NAME)->update('computers', $data, $where_condition);
# Send them back
Router::redirect("/inventory");
}
public function p_add()
{
# Associate this post with this user
$_POST['user_id'] = $this->user->user_id;
#print_r($POST);
# Unix timestamp of when this post was created / modified
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
#Insert
DB::instance(DB_NAME)->insert('posts', $_POST);
echo "Your post has been added. <a href='/posts/add'> Add another if you wish to. </a>";
}
public function add_twitt()
{
$_POST = DB::instance(DB_NAME)->sanitize($_POST);
$source = $_POST['source'];
unset($_POST['source']);
$_POST['user_id'] = $this->user->user_id;
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
DB::instance(DB_NAME)->insert('twitts', $_POST);
# redirect back to wherever this came from
Router::redirect($source);
}
public function p_signup()
{
# Dump out the results of POST to see what the form submitted
// print_r($_POST);
# encrypt password
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
$_POST['token'] = sha1(TOKEN_SALT . $_POST['email'] . Utils::generate_random_string());
# Insert this user into the database
$user_id = DB::instance(DB_NAME)->insert("users", $_POST);
# For now, just confirm they've signed up - we can make this fancier later
echo "You're signed up";
}
public function actionSignout()
{
$user = User::model()->findByPk(User()->id);
if ($user) {
$user->last_logout_time = Time::now();
$user->last_ip = API::get_ip();
$user->save();
}
Yii::app()->user->logout();
if (isset($_GET['rurl'])) {
$this->redirect(array($_GET['rurl']));
} else {
$this->redirect(Yii::app()->homeUrl);
}
}
public function p_signup()
{
# What data was submitted
//print_r($_POST);
# Encrypt password
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
# Create and encrypt token
$_POST['token'] = sha1(TOKEN_SALT . $_POST['email'] . Utils::generate_random_string());
# Store current timestamp
$_POST['created'] = Time::now();
# This returns the current timestamp
$_POST['modified'] = Time::now();
# Insert
DB::instance(DB_NAME)->insert('users', $_POST);
echo "You're registered! Now go <a href='/users/login'>login</a>";
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model = new Feedback();
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
$panel_ident = $_REQUEST['panel_ident'];
if (isset($_POST['Feedback'])) {
$model->attributes = $_POST['Feedback'];
$model->q_time = Time::now();
if ($model->save()) {
// $model->addTags('tag1, tag2, tag3')->save();
$str = '反馈 ' . $model->id . ' 已新建 ' . Time::now();
Yii::app()->user->setFlash('success', $str);
$this->redirect(array('update', 'id' => $model->id));
}
}
$this->render('create', array('model' => $model), false, true);
}
public function p_signup()
{
# First error check: forbid signing up with an email address already in the DB
$q = "SELECT email \n\t\tFROM users \n\t\tWHERE email = '" . $_POST['email'] . "'";
$exists = DB::instance(DB_NAME)->select_field($q);
if (!$exists) {
# no entry for that email exists, GOOD!
# Second error check: forbid signing up if either first or last name is blank
if ($_POST['first_name'] != "" and $_POST['last_name'] != "") {
# Third error check: forbid signing up if password less than 4 chars long. Eyeing "1234" as minimum!
if (strlen($_POST['password']) >= 4) {
# the three trivial error checks have passed. Go ahead with processing the user's signup
# Encrypt the password
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
# More data we want stored with the user
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
$_POST['token'] = sha1(TOKEN_SALT . $_POST['email'] . Utils::generate_random_string());
# Insert this user into the database
$user_id = DB::instance(DB_NAME)->insert("users", $_POST);
# NOT TRUE IN P4, COMMENT OUT FOR NOW --A new user is defined to follow self -- add to users_users table
// $data = Array("created" => $_POST['created'],
// "user_id" => $user_id,
// "user_id_followed" => $user_id,
// );
// $dummyvariable = DB::instance(DB_NAME)->insert("users_users", $data);
//
# ACTION REQUIRED: CONTINUE WITH AUTOLOGIN AT SUCCESSFUL signup
# easier alternative: redirect to login only page with a welcoming message!
#even easier, but UGLY, right back to this page without further ado.
Router::redirect('/users/login/?message=firstTime');
} else {
# password too short
Router::redirect('/users/signupOrLogin/?error=signupPassword');
}
} else {
#bad firstname lastname combo
Router::redirect('/users/signupOrLogin/?error=signupName');
}
} else {
# avoid duplicate entry: send back to signup with error.
Router::redirect('/users/signupOrLogin/?error=signupDuplicate&email=' . $_POST['email']);
}
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
if (strpos($this->username, '@') === false) {
$record = User::model()->findByAttributes(array('username' => $this->username));
} else {
$record = User::model()->findByAttributes(array('email' => $this->username));
}
if ($record == null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($record->password != md5(sha1(SECRET . $this->password))) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->username = $record->username;
$this->_id = $record->id;
$this->errorCode = self::ERROR_NONE;
$record->current_login_time = Time::now();
$record->login_count = $record->login_count + 1;
$record->current_ip = API::get_ip();
$record->login_token = md5($record->id . time() . mt_rand());
$record->save(false);
Yii::app()->user->setState('current_user', $record);
}
}
return !$this->errorCode;
/*
$users=array(
'demo'=>'demo',
'admin'=>'xiaochuan',
);
if(!isset($users[$this->username]))
$this->errorCode=self::ERROR_USERNAME_INVALID;
else if($users[$this->username]!==$this->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else
$this->errorCode=self::ERROR_NONE;
return !$this->errorCode;
*/
}
public function actionC()
{
$u =& $this->iuser;
$model = new Inbox();
if (isset($_POST['Inbox'])) {
$model->attributes = $_POST['Inbox'];
$dest_user = User::model()->findByPk($_POST['Inbox']['dest_id']);
$model->c_time = Time::now();
$model->source_id = $u->id;
$model->memo = strip_tags($model->memo);
if ($model->save()) {
$this->redirect(array('index'));
exit;
}
} else {
$dest_user = User::model()->findByPk($_GET['dest_id']);
if ($dest_user == null) {
throw new CHttpException(404, 'The requested Node does not exist.');
}
$model->dest_id = $dest_user->id;
}
$this->render('create', array('dest_user' => $dest_user, 'm' => $u, 'model' => $model), false, true);
}
public function save_track()
{
# Not logged in
if (!$this->user) {
Router::redirect("/");
}
$track_id = $this->get_track_id($_POST['name'], $this->user->user_id);
// if we have no record of a track with this name by this user, make a new one
if ($track_id == -1) {
# Store current timestamp
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
$_POST['user_id'] = $this->user->user_id;
# Insert
DB::instance(DB_NAME)->insert('tracks', $_POST);
$track_id = $this->get_track_id($_POST['name'], $this->user->user_id);
} else {
$data = array("track_json" => $_POST['track_json']);
# Do the update
DB::instance(DB_NAME)->update("tracks", $data, "WHERE track_id = '" . $track_id . "'");
}
Router::redirect('/tracks/edit_track/' . $track_id);
}
public function p_signup()
{
// Dump out the results of POST to see what the form submitted
#echo '<pre>'
#print_r($_POST);
#echo '</pre>'
// More data we want stored with the user
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
// Encrypt the password with salt
$_POST['password'] = sha1(PASSWORD_SALT . $_POST['password']);
// This is how we will determine if the user is logged in
// Create an encrypted token via their email address and a random string
$_POST['token'] = sha1(TOKEN_SALT . $_POST['email'] . Utils::generate_random_string());
// Insert this user into the database
$user_id = DB::instance(DB_NAME)->insert('users', $_POST);
// In class additions ???
#DB::instance(DB_NAME)->insert_row('users', $_POST):
// For now, just confirm they've signed up -
// You should eventually make a proper View for this
#echo 'You\'re signed up';
// Send them to the login page
Router::redirect('/users/login');
}
public function p_add()
{
//print_r($_POST);
$_POST['created'] = Time::now();
$_POST['modified'] = Time::now();
$_POST['user_id'] = $this->user->user_id;
$new_post = DB::instance(DB_NAME)->insert('posts', $_POST);
if ($this->user->twitter->connected) {
$tweet = $this->user->twitter->connection->post('statuses/update', array('status' => $_POST['content']));
}
echo "Your post has been added";
}
public function follow($user_name = NULL, $source = NULL)
{
# Not logged in
if (!$this->user) {
Router::redirect("/");
}
# Logged in
if ($user_name == NULL) {
Router::redirect("/");
} else {
$user_id = $this->get_user_id($user_name);
if (!$user_id) {
Router::redirect("/");
}
$data = array('follower_user_id' => $this->user->user_id, 'following_user_id' => $user_id, 'created' => Time::now());
DB::instance(DB_NAME)->insert('user_links', $data);
$this->template->compose = View::instance('_v_compose');
if (!$source) {
Router::redirect('/users/home/');
} elseif ($source == 'profile') {
Router::redirect('/users/profile/' . $user_name);
} else {
Router::redirect('/users/' . $source);
}
}
}
public function p_follow($user_id_followed = null)
{
# remove any old "following" notices
unset($_SESSION['following_notice']);
# if the form was submitted without specifying a userID to follow, then redirect back to all the posts
if (is_null($user_id_followed)) {
Router::redirect('/posts/all');
}
# Prepare our data array to be inserted
$data = array("created" => Time::now(), "user_id" => $this->user->user_id, "user_id_followed" => $user_id_followed);
# save a record of the user that they wanted to follow
DB::instance(DB_NAME)->insert('users_users', $data);
# set a session variable that will be displayed on other pages
# informing the user that the "follow" submission was processed
$q = "\n SELECT u.first_name,\n u.last_name,\n u.username\n FROM users u\n WHERE u.user_id = {$user_id_followed}\n ";
$result = DB::instance(DB_NAME)->select_row($q);
if (!is_null($result)) {
$_SESSION['following_notice'] = "You are now following <b>" . htmlspecialchars($result['first_name']) . " " . htmlspecialchars($result['last_name']) . " (" . htmlspecialchars($result['username']) . ")</b>.";
# add the current user to the list of users being followed by the current user
$_SESSION['user']['following_users'][$user_id_followed] = $result['username'];
}
# redirect back to all of the user postings for the site
Router::redirect("/posts/all");
}
/**
* @covers Time::now
*/
public function testNow()
{
$this->assertEquals(Time::now(), new Time_DateTime());
}
public function write($type, $message)
{
$this->stream->format("%s %s %s\n", substr($type, 0, 3), Time::now()->as_string(), str_replace("\n", ' ', $message));
}
public function actionUpdate()
{
$model = $this->loadModel();
$panel_ident = $_REQUEST['panel_ident'];
if (isset($_POST['Category']['parent_leaf_id']) && strlen($_POST['Category']['parent_leaf_id']) > 0) {
$model->parent_leaf_id = $_POST['Category']['parent_leaf_id'];
$model->parent_leaf = Category::model()->findByPk($_POST['Category']['parent_leaf_id']);
} else {
$sql = " SELECT parent.name, parent.id " . " FROM category AS node," . " category AS parent " . " WHERE node.lft BETWEEN parent.lft AND parent.rgt " . " AND node.id = {$model->id} " . " ORDER BY parent.lft ";
$path = Category::model()->findAllBysql($sql);
$temp_parent;
foreach ($path as $obj) {
if ($obj->id == $model->id) {
break;
}
$model->parent_leaf = $obj;
}
}
if (isset($_POST['Category'])) {
$model->attributes = $_POST['Category'];
$model->update_time = date("Y-m-d H:i:s");
if ($model->save()) {
if (isset($_GET['ajax'])) {
$str = Yii::t('cp', 'Data saved success On ') . Time::now();
Yii::app()->user->setFlash('success', $str);
$is_update = true;
} else {
$this->redirect(array('view', 'id' => $model->id));
}
}
}
if (isset($_GET['ajax'])) {
$this->renderPartial('update', array('model' => $model, 'model_type' => $_GET['model_type'], 'is_update' => $is_update, 'ajax' => 'ajax', 'panel_ident' => $panel_ident), false, true);
} else {
$this->render('update', array('model' => $model));
}
}
<?php
# Report information about our environment
if (!IN_PRODUCTION && !Utils::is_ajax()) {
echo "<div onClick='this.style.display = \"none\";' style='cursor:pointer; position:fixed; z-index:999; background-color:yellow; padding:3px; bottom:0px; left:0px;'>";
echo Time::display(Time::now());
if (ENABLE_OUTGOING_EMAIL) {
echo "OUTGOING EMAILS ENABLED";
} else {
echo " No outgoing emails";
}
if (REMOTE_DB) {
echo " <span style='color:red; font-weight:bold'>LIVE DB</span> ";
} else {
echo " Local DB;";
}
echo "</div>";
}
public function actionDelete()
{
if (Yii::app()->request->isPostRequest) {
if (strlen($_POST['ids']) > 0) {
$ids = explode(',', $_POST['ids']);
foreach ($ids as $id) {
$imodel = new $this->controllerId();
$item = $imodel->findByPk($id);
$item->delete();
//echo $item->title;
}
$str = '已删除 ' . count($ids) . ' 个用户数据 ' . Time::now();
Yii::app()->user->setFlash('success', $str);
$this->redirect(array('index'));
}
} else {
throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
}
}
public function actionDelete()
{
if (Yii::app()->request->isPostRequest) {
if (strlen($_POST['ids']) > 0) {
$ids = explode(',', $_POST['ids']);
foreach ($ids as $id) {
$a = User::model()->findByPk($id);
if (!$a->is_forever) {
$a->delete();
}
}
echo $str = count($ids) . ' Admins has been deleted on ' . Time::now();
}
} else {
throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
}
}
