public function isValid($Validation_data)
{
$errors = [];
foreach ($Validation_data as $name => $value) {
if (isset($_REQUEST[$name])) {
$exploded = explode(':', $value);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::string()->length(3)->validate($_REQUEST[$name]) == false) {
$errors[] = "{$name} must be {$min} caracters long";
}
break;
case 'email':
if (Valid::email()->validate($_REQUEST[$name]) == false) {
$errors[] = $name . ' is not a valid email';
}
break;
case 'equalsTo':
$field = $exploded[1];
if (!Valid::equals($name)->validate($field)) {
$errors[] = $name . " must be equal to " . $field;
}
break;
}
}
}
return $errors;
}
/**
* CRUD controller: UPDATE
*/
public function action_update()
{
$this->template->title = __('Update') . ' ' . __($this->_orm_model) . ' ' . $this->request->param('id');
$form = new FormOrm($this->_orm_model, $this->request->param('id'));
if ($this->request->post()) {
if ($success = $form->submit()) {
if (Valid::email($form->object->email, TRUE)) {
//check we have this email in the DB
$user = new Model_User();
$user = $user->where('email', '=', Kohana::$_POST_ORIG['formorm']['email'])->where('id_user', '!=', $this->request->param('id'))->limit(1)->find();
if ($user->loaded()) {
Alert::set(Alert::ERROR, __('A user with the email you specified already exists'));
} else {
$form->save_object();
Alert::set(Alert::SUCCESS, __('Item updated') . '. ' . __('Please to see the changes delete the cache') . '<br><a class="btn btn-primary btn-mini ajax-load" href="' . Route::url('oc-panel', array('controller' => 'tools', 'action' => 'cache')) . '?force=1" title="' . __('Delete cache') . '">' . __('Delete cache') . '</a>');
$this->redirect(Route::get($this->_route_name)->uri(array('controller' => Request::current()->controller())));
}
} else {
Alert::set(Alert::ERROR, __('Invalid Email'));
}
} else {
Alert::set(Alert::ERROR, __('Check form for errors'));
}
}
return $this->render('oc-panel/pages/user/update', array('form' => $form));
}
private function _login()
{
$array = $this->request->post('login');
$array = Validation::factory($array)->label('username', 'Username')->label('password', 'Password')->label('email', 'Email')->rules('username', array(array('not_empty')))->rules('password', array(array('not_empty')));
$fieldname = Valid::email(Arr::get($array, 'username')) ? Auth::EMAIL : Auth::USERNAME;
// Get the remember login option
$remember = isset($array['remember']);
Observer::notify('admin_login_validation', $array);
if ($array->check()) {
Observer::notify('admin_login_before', $array);
if (Auth::instance()->login($array['username'], $array['password'], $remember)) {
Observer::notify('admin_login_success', $array['username']);
Session::instance()->delete('install_data');
Kohana::$log->add(Log::INFO, ':user login')->write();
if ($next_url = Flash::get('redirect')) {
$this->go($next_url);
}
// $this->go to defaut controller and action
$this->go_backend();
} else {
Observer::notify('admin_login_failed', $array);
Messages::errors(__('Login failed. Please check your login data and try again.'));
$array->error($fieldname, 'incorrect');
Kohana::$log->add(Log::ALERT, 'Try to login with :field: :value. Incorrect data', array(':field' => $fieldname, ':value' => $array['username']))->write();
}
} else {
Messages::errors($array->errors('validation'));
}
$this->go(Route::get('user')->uri(array('action' => 'login')));
}
public function on_page_load()
{
$email_ctx_id = $this->get('email_id_ctx', 'email');
$email = $this->_ctx->get($email_ctx_id);
$referrer_page = Request::current()->referrer();
$next_page = $this->get('next_url', Request::current()->referrer());
if (!Valid::email($email)) {
Messages::errors(__('Use a valid e-mail address.'));
HTTP::redirect($referrer_page);
}
$user = ORM::factory('user', array('email' => $email));
if (!$user->loaded()) {
Messages::errors(__('No user found!'));
HTTP::redirect($referrer_page);
}
$reflink = ORM::factory('user_reflink')->generate($user, 'forgot', array('next_url' => URL::site($this->next_url, TRUE)));
if (!$reflink) {
Messages::errors(__('Reflink generate error'));
HTTP::redirect($referrer_page);
}
Observer::notify('admin_login_forgot_before', $user);
try {
Email_Type::get('user_request_password')->send(array('username' => $user->username, 'email' => $user->email, 'reflink' => Route::url('reflink', array('code' => $reflink)), 'code' => $reflink));
Messages::success(__('Email with reflink send to address set in your profile'));
} catch (Exception $e) {
Messages::error(__('Something went wrong'));
}
HTTP::redirect($next_page);
}
public function action_create()
{
try {
if (!Valid::email(core::request('email'))) {
$this->_error(__('Invalid email'), 501);
} elseif (!is_numeric(core::request('id_product'))) {
$this->_error(__('Invalid product'), 501);
} else {
$product = new Model_Product(core::request('id_product'));
if ($product->loaded()) {
$user = Model_User::create_email(core::request('email'), core::request('name'));
$order = Model_Order::new_order($user, $product);
$order->confirm_payment(core::request('paymethod', 'API'), core::request('txn_id'), core::request('pay_date'), core::request('amount'), core::request('currency'), core::request('fee'));
//adding the notes
$order->notes = core::request('notes');
$order->save();
$this->rest_output(array('order' => self::get_order_array($order)));
} else {
$this->_error(__('Something went wrong'), 501);
}
}
} catch (Kohana_HTTP_Exception $khe) {
$this->_error($khe);
}
}
public function action_user_contact()
{
$ad = new Model_Ad($this->request->param('id'));
//message to user
if ($ad->loaded() and $this->request->post()) {
$user = new Model_User($ad->id_user);
//require login to contact
if ((core::config('advertisement.login_to_contact') == TRUE or core::config('general.messaging') == TRUE) and !Auth::instance()->logged_in()) {
Alert::set(Alert::INFO, __('Please, login before contacting'));
HTTP::redirect(Route::url('ad', array('category' => $ad->category->seoname, 'seotitle' => $ad->seotitle)));
}
if (captcha::check('contact')) {
//check if user is loged in
if (Auth::instance()->logged_in()) {
$email_from = $this->user->email;
$name_from = $this->user->name;
} else {
$email_from = core::post('email');
$name_from = core::post('name');
}
//akismet spam filter
if (!core::akismet($name_from, $email_from, core::post('message'))) {
if (core::config('general.messaging')) {
//price?
$price = (core::post('price') !== NULL and is_numeric(core::post('price'))) ? core::post('price') : NULL;
$ret = Model_Message::send_ad(core::post('message'), $this->user, $ad->id_ad, $price);
} else {
if (isset($_FILES['file'])) {
$file = $_FILES['file'];
} else {
$file = NULL;
}
//contact email is set use that one
if (isset($ad->cf_contactemail) and Valid::email($ad->cf_contactemail)) {
$to = $ad->cf_contactemail;
} else {
$to = NULL;
}
$ret = $user->email('user-contact', array('[EMAIL.BODY]' => core::post('message'), '[AD.NAME]' => $ad->title, '[EMAIL.SENDER]' => $name_from, '[EMAIL.FROM]' => $email_from, '[URL.AD]' => Route::url('ad', array('category' => $ad->category->seoname, 'seotitle' => $ad->seotitle))), $email_from, $name_from, $file, $to);
}
//if succesfully sent
if ($ret) {
Alert::set(Alert::SUCCESS, __('Your message has been sent'));
// we are updating field of visit table (contact)
Model_Visit::contact_ad($ad->id_ad);
} else {
Alert::set(Alert::ERROR, __('Message not sent'));
}
HTTP::redirect(Route::url('ad', array('category' => $ad->category->seoname, 'seotitle' => $ad->seotitle)));
} else {
Alert::set(Alert::SUCCESS, __('This email has been considered as spam! We are sorry but we can not send this email.'));
}
} else {
Alert::set(Alert::ERROR, __('Captcha is not correct'));
HTTP::redirect(Route::url('ad', array('category' => $ad->category->seoname, 'seotitle' => $ad->seotitle)));
}
}
}
public function on_page_load()
{
if (Request::current()->method() !== Request::POST) {
return;
}
$data = Request::current()->post();
$login_fieldname = Valid::email(Arr::get($data, $this->get('login_field'))) ? Auth::EMAIL : Auth::USERNAME;
$data = Validation::factory($data)->label($this->get('login_field'), 'Username')->label($this->get('password_field'), 'Password')->rules('username', array(array('not_empty')))->rules('password', array(array('not_empty')));
Observer::notify('login_validation', $data);
// Get the remember login option
$remember = isset($data[$this->get('remember_field')]) and $this->get('remember') === TRUE;
return Request::current()->is_ajax() ? $this->_ajax_login($data, $remember) : $this->_login($data, $remember);
}
public function action_index()
{
$email = Core::post('email_subscribe');
if (Valid::email($email, TRUE)) {
/* find user and compare emails */
$obj_user = new Model_User();
$user = $obj_user->where('email', '=', $email)->limit(1)->find();
// case when user is not logged in.
// We create new user if he doesn't exists in DB
// and send him mail for ad created + new profile created
if (!$user->loaded()) {
$user = Model_User::create_email($email);
}
/* save this user to data base as subscriber */
$arr_cat = Core::post('category_subscribe');
// string in this case is returned as "int,int" so we need to format min/max price
$price = Core::post('price_subscribe');
if ($price = Core::post('price_subscribe')) {
$min_price = substr($price, '0', stripos($price, ','));
$max_price = substr($price, strrpos($price, ',') + 1);
} else {
//in case of mobile version
// jquery mobile have different slider, so we need to get data differently
$min_price = Core::post('price_subscribe-1');
$max_price = Core::post('price_subscribe-2');
}
//if categry is not selected, subscribe them for al, set category to 0 thats all...
if ($arr_cat === NULL) {
$arr_cat[] = 0;
}
// create entry table subscriber for each category selected
foreach ($arr_cat as $c => $id_value) {
$obj_subscribe = new Model_Subscribe();
$obj_subscribe->id_user = $user->id_user;
$obj_subscribe->id_category = $id_value;
$obj_subscribe->id_location = Core::post('location_subscribe');
$obj_subscribe->min_price = $min_price;
$obj_subscribe->max_price = $max_price;
try {
$obj_subscribe->save();
} catch (Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
Alert::set(Alert::SUCCESS, __('Thank you for subscribing'));
$this->redirect(Route::url('default'));
} else {
Alert::set(Alert::ALERT, __('Invalid Email'));
$this->redirect(Route::url('default'));
}
}
public function multi_email($field, $value, $validation)
{
$emails = explode(',', $value);
$valid = TRUE;
foreach ($emails as $email) {
$email = trim($email);
if (Valid::email($email) === FALSE) {
$valid = FALSE;
}
}
if ($valid === FALSE) {
$validation->error($field, 'email');
}
}
/**
* Simple register for user
*
*/
public function action_register()
{
$this->template->content = View::factory('pages/auth/register');
$this->template->content->msg = '';
//if user loged in redirect home
if (Auth::instance()->logged_in()) {
$this->request->redirect(Route::get('oc-panel')->uri());
} elseif (core::post('email') and CSRF::valid('register')) {
$email = core::post('email');
if (Valid::email($email, TRUE)) {
if (core::post('password1') == core::post('password2')) {
//check we have this email in the DB
$user = new Model_User();
$user = $user->where('email', '=', $email)->limit(1)->find();
if ($user->loaded()) {
Form::set_errors(array(__('User already exists')));
} else {
//create user
$user->email = $email;
$user->name = core::post('name');
$user->status = Model_User::STATUS_ACTIVE;
$user->id_role = 1;
//normal user
$user->password = core::post('password1');
$user->seoname = $user->gen_seo_title(core::post('name'));
try {
$user->save();
} catch (ORM_Validation_Exception $e) {
//Form::errors($content->errors);
} catch (Exception $e) {
throw new HTTP_Exception_500($e->getMessage());
}
//login the user
Auth::instance()->login(core::post('email'), core::post('password1'));
//send email
$user->email('auth.register', array('[USER.PWD]' => core::post('password1'), '[URL.QL]' => $user->ql('default', NULL, TRUE)));
Alert::set(Alert::SUCCESS, __('Welcome!'));
//login the user
$this->request->redirect(Core::post('auth_redirect', Route::url('oc-panel')));
}
} else {
Form::set_errors(array(__('Passwords do not match')));
}
} else {
Form::set_errors(array(__('Invalid Email')));
}
}
//template header
$this->template->title = __('Register new user');
}
/**
* Validate Contact Against Contact Type
*
* @param array $validation
* @param string $field field name
* @param [type] [varname] [description]
* @return void
*/
public function valid_contact($contact, $data, $validation)
{
// Valid Email?
if (isset($data['type']) and $data['type'] == Contact::EMAIL and !Valid::email($contact)) {
return $validation->error('contact', 'invalid_email', [$contact]);
} else {
if (isset($data['type']) and $data['type'] == Contact::PHONE) {
// Remove all non-digit characters from the number
$number = preg_replace('/\\D+/', '', $contact);
if (strlen($number) == 0) {
$validation->error('contact', 'invalid_phone', [$contact]);
}
}
}
}
public function valid_contact($contact, $data, $validation)
{
// Valid Email?
if (isset($data['type']) and $data['type'] == Contact::EMAIL and !Valid::email($contact)) {
return $validation->error('contact', 'invalid_email', [$contact]);
} else {
if (isset($data['type']) and $data['type'] == Contact::PHONE) {
// Allow for alphanumeric sender
$number = preg_replace('/[^a-zA-Z0-9 ]/', '', $contact);
if (strlen($number) == 0) {
$validation->error('contact', 'invalid_phone', [$contact]);
}
}
}
}
/**
* Validate Contact Against Contact Type
*
* @param array $validation
* @param string $field field name
* @param [type] [varname] [description]
* @return void
*/
public function valid_contact($validation, $field)
{
// Valid Email?
if (isset($validation['type']) and $validation['type'] == self::EMAIL and !Valid::email($validation[$field])) {
$validation->error($field, 'invalid_email');
} else {
if (isset($validation['type']) and $validation['type'] == self::PHONE) {
// Remove all non-digit characters from the number
$number = preg_replace('/\\D+/', '', $validation[$field]);
if (strlen($number) < 9) {
$validation->error($field, 'invalid_phone');
}
} else {
if (!$validation[$field]) {
$validation->error($field, 'invalid_account');
}
}
}
}
/**
*
* Loads a basic list info
* @param string $view template to render
*/
public function action_index($view = NULL)
{
$this->template->title = __($this->_orm_model);
$this->template->scripts['footer'][] = 'js/oc-panel/crud/index.js';
$elements = ORM::Factory($this->_orm_model);
//->find_all();
//email search
if (Valid::email(core::get('email'))) {
$users = new Model_User();
$users->where('email', '=', core::get('email'))->limit(1)->find();
if ($users->loaded()) {
$elements->where('id_user', '=', $users->id_user);
}
}
$pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $elements->count_all()))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action()));
$pagination->title($this->template->title);
$elements = $elements->order_by('created', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all();
$pagination = $pagination->render();
$this->render('oc-panel/pages/download/index', array('elements' => $elements, 'pagination' => $pagination));
}
/**
* Controller default action
*/
public function action_index()
{
$this->view->title = __('Contact');
$section = $this->section_contact();
if (Visitor::$user) {
$section->name = Visitor::$user->username;
$section->email = Visitor::$user->email;
}
// Handle post
$errors = array();
if ($_POST && Security::csrf_valid()) {
$name = trim(Arr::get($_POST, 'name'));
$email = trim(Arr::get($_POST, 'email'));
$subject = trim(Arr::get($_POST, 'subject'));
$content = trim(Arr::get($_POST, 'content'));
if (!Valid::email($email)) {
$errors['email'] = __('Please check the email address');
}
if (!$content) {
$errors['content'] = __('Please say something');
}
// Send feedback
if (!$errors) {
$topic = __('Feedback') . ': ' . $subject;
$mail = $content . "\n\n" . Request::$client_ip . ' - ' . Request::host_name();
if (Anqh_Email::send(Kohana::$config->load('site.email_contact'), array($email, $name), $topic, $mail, false, array($email, $name))) {
$this->view->add(View_Page::COLUMN_CENTER, new View_Alert(__('Thank you! We will try to return back to you as soon as possible.'), true, View_Alert::SUCCESS));
} else {
$errors['content'] = __('Could not send feedback');
}
}
if ($errors) {
$section->errors = $errors;
$section->name = $name;
$section->email = $email;
$section->subject = $subject;
$section->content = $content;
}
}
$this->view->add(View_Page::COLUMN_CENTER, $section);
}
public function validate(Jam_Validated $model, $attribute, $value)
{
if ($this->regex !== NULL and !preg_match($this->regex, $value)) {
$model->errors()->add($attribute, 'format_regex', array(':regex' => $this->regex));
}
if ($this->filter !== NULL and !(filter_var($value, $this->filter, $this->flag) !== FALSE)) {
$model->errors()->add($attribute, 'format_filter', array(':filter' => $this->filter));
}
if ($this->ip === TRUE and !Valid::ip($value)) {
$model->errors()->add($attribute, 'format_ip');
}
if ($this->url === TRUE and !Valid::url($value)) {
$model->errors()->add($attribute, 'format_url');
}
if ($this->email === TRUE and !Valid::email($value)) {
$model->errors()->add($attribute, 'format_email');
}
if ($this->credit_card === TRUE and !Valid::credit_card($value)) {
$model->errors()->add($attribute, 'format_credit_card');
}
}
/**
* simple registration without password
* @return [type] [description]
*/
public function action_register()
{
$provider_name = $this->request->param('id');
$this->template->content = View::factory('pages/auth/register-social', array('provider' => $provider_name, 'uid' => core::get('uid'), 'name' => core::get('name')));
if (core::post('email') and CSRF::valid('register_social')) {
$email = core::post('email');
if (Valid::email($email, TRUE)) {
//register the user in DB
Model_User::create_social($email, core::post('name'), $provider_name, core::get('uid'));
//log him in
Auth::instance()->social_login($provider_name, core::get('uid'));
Alert::set(Alert::SUCCESS, __('Welcome!'));
//change the redirect
$this->redirect(Route::url('default'));
} else {
Form::set_errors(array(__('Invalid Email')));
}
}
//template header
$this->template->title = __('Register new user');
}
/**
* Action: Password lost
*/
public function action_password()
{
$this->history = false;
$email = $message = '';
// Handle request
if ($_POST && ($email = trim(Arr::get($_POST, 'email', '')))) {
$message = new View_Alert(__('We could not find any user or the user is missing email address, sorry.'), __('Uh oh,'));
// Find the user, accept only strings
$user = Valid::digit($email) ? false : Model_User::find_user(trim($email));
// Send email
if ($user && Valid::email($user->email)) {
$subject = __('Your new :site password', array(':site' => Kohana::$config->load('site.site_name')));
$mail = __("Forgot your password, :username?\n\nWe received a request to generate a new password for your :site account, please sign in and change your password. You should also delete this email.\n\nUsername: :username\nPassword: :password", array(':site' => Kohana::$config->load('site.site_name'), ':username' => Text::clean($user->username), ':password' => Visitor::generate_password($user->password)));
if (Email::send($user->email, Kohana::$config->load('site.email_invitation'), $subject, $mail)) {
$message = new View_Alert(__(':email should soon receive the generated password in their inbox.', array(':email' => $email)), __('Mission accomplished!'), View_Alert::SUCCESS);
$email = '';
}
}
}
// Build page
$this->view = View_Page::factory(__('Misplaced your password?'));
$this->view->add(View_Page::COLUMN_MAIN, $this->section_password($message, $email));
}
function checkPost($args)
{
global $Security;
global $Language;
global $dbUsers;
global $Site;
if ($Security->isBlocked()) {
Alert::set($Language->g('IP address has been blocked') . '<br>' . $Language->g('Try again in a few minutes'));
return false;
}
// Remove illegal characters from email
$email = Sanitize::email($args['email']);
if (Valid::email($email)) {
// Get username associated to an email.
$username = $dbUsers->getByEmail($email);
if ($username != false) {
// Generate the token and the token expiration date.
$token = $dbUsers->generateTokenEmail($username);
// ---- EMAIL ----
$link = $Site->url() . 'admin/login-email?tokenEmail=' . $token . '&username='******'BLUDIT Login access code');
$message = Text::replaceAssoc(array('{{WEBSITE_NAME}}' => $Site->title(), '{{LINK}}' => '<a href="' . $link . '">' . $link . '</a>'), $Language->g('email-notification-login-access-code'));
$sent = Email::send(array('from' => $Site->emailFrom(), 'to' => $email, 'subject' => $subject, 'message' => $message));
if ($sent) {
Alert::set($Language->g('check-your-inbox-for-your-login-access-code'));
return true;
} else {
Alert::set($Language->g('There was a problem sending the email'));
return false;
}
}
}
// Bruteforce protection, add IP to blacklist.
$Security->addLoginFail();
Alert::set($Language->g('check-your-inbox-for-your-login-access-code'));
return false;
}
/**
* returns the paypal account of the ad, used in controller paypal
* @return string email
*/
public function paypal_account()
{
if ($this->loaded()) {
//1st if paypal custom field set on the ad
if (isset($this->cf_paypalaccount) and Valid::email($this->cf_paypalaccount)) {
return $this->cf_paypalaccount;
} elseif (isset($this->user->cf_paypalaccount) and Valid::email($this->user->cf_paypalaccount)) {
return $this->user->cf_paypalaccount;
} else {
return $this->user->email;
}
}
return NULL;
}
/**
* Allow the user to login and register using a 3rd party provider.
*/
function action_provider_return()
{
$provider_name = $this->request->param('provider');
$provider = Provider::factory($provider_name);
if (!is_object($provider)) {
Message::add('error', 'Provider is not enabled; please select another provider or log in normally.');
$this->redirect('user/login');
return;
}
// verify the request
if ($provider->verify()) {
// check for previously connected user
$uid = $provider->user_id();
$user_identity = ORM::factory('User_Identity')->where('provider', '=', $provider_name)->and_where('identity', '=', $uid)->find();
if ($user_identity->loaded()) {
$user = $user_identity->user;
if ($user->loaded() && $user->id == $user_identity->user_id && is_numeric($user->id)) {
// found, log user in
Auth::instance()->force_login($user);
// redirect to the user account
$this->redirect('user/profile');
return;
}
}
// create new account
if (!Auth::instance()->logged_in()) {
// Instantiate a new user
$user = ORM::factory('User');
// fill in values
// generate long random password (maximum that passes validation is 42 characters)
$password = $user->generate_password(42);
$values = array('username' => $user->generate_username(str_replace(' ', '.', $provider->name())), 'password' => $password, 'password_confirm' => $password);
if (Valid::email($provider->email(), TRUE)) {
$values['email'] = $provider->email();
}
try {
// If the post data validates using the rules setup in the user model
$user->create_user($values, array('username', 'password', 'email'));
// Add the login role to the user (add a row to the db)
$login_role = new Model_Role(array('name' => 'login'));
$user->add('roles', $login_role);
// create user identity after we have the user id
$user_identity = ORM::factory('User_Identity');
$user_identity->user_id = $user->id;
$user_identity->provider = $provider_name;
$user_identity->identity = $provider->user_id();
$user_identity->save();
// sign the user in
Auth::instance()->login($values['username'], $password);
// redirect to the user account
$this->redirect('user/profile');
} catch (ORM_Validation_Exception $e) {
if ($provider_name == 'twitter') {
Message::add('error', 'The Twitter API does not support retrieving your email address; you will have to enter it manually.');
} else {
Message::add('error', 'We have successfully retrieved some of the data from your other account, but we were unable to get all the required fields. Please complete form below to register an account.');
}
// in case the data for some reason fails, the user will still see something sensible:
// the normal registration form.
$view = View::factory('user/register');
$errors = $e->errors('register');
// Move external errors to main array, for post helper compatibility
$errors = array_merge($errors, isset($errors['_external']) ? $errors['_external'] : array());
$view->set('errors', $errors);
// Pass on the old form values
$values['password'] = $values['password_confirm'] = '';
$view->set('defaults', $values);
if (Kohana::$config->load('useradmin')->captcha) {
// FIXME: Is this the best place to include and use recaptcha?
include Kohana::find_file('vendor', 'recaptcha/recaptchalib');
$recaptcha_config = Kohana::$config->load('recaptcha');
$recaptcha_error = null;
$view->set('captcha_enabled', true);
$view->set('recaptcha_html', recaptcha_get_html($recaptcha_config['publickey'], $recaptcha_error));
}
$this->template->content = $view;
}
} else {
Message::add('error', 'You are logged in, but the email received from the provider does not match the email associated with your account.');
$this->redirect('user/profile');
}
} else {
Message::add('error', 'Retrieving information from the provider failed. Please register below.');
$this->redirect('user/register');
}
}
if (Request::post('sitename') == '') {
$errors['sitename'] = __('Field "Site name" is empty', 'system');
}
if (Request::post('siteurl') == '') {
$errors['siteurl'] = __('Field "Site url" is empty', 'system');
}
if (Request::post('login') == '') {
$errors['login'] = __('Field "Username" is empty', 'system');
}
if (Request::post('password') == '') {
$errors['password'] = __('Field "Password" is empty', 'system');
}
if (Request::post('email') == '') {
$errors['email'] = __('Field "Email" is empty', 'system');
}
if (!Valid::email(Request::post('email'))) {
$errors['email_valid'] = __('Email not valid', 'system');
}
if (trim(Request::post('php') !== '')) {
$errors['php'] = true;
}
if (trim(Request::post('simplexml') !== '')) {
$errors['simplexml'] = true;
}
if (trim(Request::post('mod_rewrite') !== '')) {
$errors['mod_rewrite'] = true;
}
if (trim(Request::post('htaccess') !== '')) {
$errors['htaccess'] = true;
}
if (trim(Request::post('sitemap') !== '')) {
/**
* Allows a model use both email and username as unique identifiers for login
*
* @param string unique value
* @return string field name
*/
public function unique_key($value)
{
return Valid::email($value) ? 'email' : 'username';
}
function checkPOST($args)
{
global $Language;
// Check empty password
if (strlen($args['password']) < 6) {
return '<div>' . $Language->g('Password must be at least 6 characters long') . '</div>';
}
// Check invalid email
if (!Valid::email($args['email']) && $args['noCheckEmail'] == '0') {
return '<div>' . $Language->g('Your email address is invalid') . '</div><div id="jscompleteEmail">' . $Language->g('Proceed anyway') . '</div>';
}
// Sanitize email
$email = sanitize::email($args['email']);
// Install Bludit
install($args['password'], $email, $args['timezone']);
return true;
}
?>
<hr>
</div>
</div>
<!-- ./Ad-header -->
<!-- ./Ad-content-main -->
<?php
if ($is_preview != true) {
?>
<!-- Ad-apply -->
<div id="ad-apply">
<br/>
<a class="btn btn-success btn-large" href="<?php
if (Valid::url($ad->contact)) {
echo $ad->contact;
} elseif (Valid::email($ad->contact)) {
?>
mailto:<?php
echo HTML::email($ad->contact);
}
?>
" id="apply-link">Apply for this Job <i class="icon-circle-arrow-right icon-white"></i></a>
</div>
<!-- ./Ad-apply -->
<?php
}
?>
public function action_unsubscribe()
{
$email_encoded = $this->request->param('id');
$user = new Model_User();
//mail encoded
if ($email_encoded !== NULL) {
//decode emails
$email_encoded = Base64::fix_from_url($email_encoded);
$encrypt = new Encrypt(Core::config('auth.hash_key'), MCRYPT_MODE_NOFB, MCRYPT_RIJNDAEL_128);
$email = $encrypt->decode($email_encoded);
if (Valid::email($email, TRUE)) {
//check we have this email in the DB
$user = new Model_User();
$user = $user->where('email', '=', $email)->limit(1)->find();
} else {
Alert::set(Alert::INFO, __('Not valid email.'));
}
} elseif (Auth::instance()->logged_in()) {
$user = Auth::instance()->get_user();
}
//lets unsubscribe the user
if ($user->loaded()) {
$user->subscriber = 0;
$user->last_modified = Date::unix2mysql();
try {
$user->save();
Alert::set(Alert::SUCCESS, __('You have successfuly unsubscribed'));
} catch (Exception $e) {
//throw 500
throw HTTP_Exception::factory(500, $e->getMessage());
}
} else {
Alert::set(Alert::INFO, __('Pleae login to unsubscribe.'));
}
//smart redirect
if (Auth::instance()->logged_in()) {
$this->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'edit')));
} else {
$this->redirect(Route::url('default'));
}
}
public function action_password()
{
// user already logged in, redirect to dashboard
if (Auth::instance()->logged_in('participant')) {
$this->request->redirect('dashboard');
}
// try to match
if (isset($_GET['token']) && isset($_GET['email'])) {
if (strlen($_GET['token']) == 32 && Valid::email($_GET['email'])) {
// match $_GET with user
$user = ORM::factory('user')->where('email', '=', $_GET['email'])->where('reset_token', '=', $_GET['token'])->find();
if ($user->loaded()) {
$found = 1;
} else {
$found = 0;
}
} else {
$this->request->redirect();
}
} else {
$this->request->redirect();
}
// handle post
if (isset($_POST) && Valid::not_empty($_POST)) {
// validate the login form
$post = Validation::factory($_POST)->rule('username', 'not_empty')->rule('password', 'not_empty')->rule('password', 'min_length', array(':value', Kohana::$config->load('ko32example.account.create.password.min_length')))->rule('password', array($this, 'pwdneusr'), array(':validation', ':field', 'username'));
// if the form is valid and the username and password matches
if ($post->check()) {
// modify the password
$user->reset_token = NULL;
$user->password = $post['password'];
$user->save();
// log the user
if (Auth::instance()->login($post['username'], $post['password'])) {
Session::instance()->set('success_pwd', 1);
$this->request->redirect('dashboard');
}
} else {
$errors = $post->errors('user');
}
}
// display
$this->template->title = 'Reset password step 2';
$this->template->content = View::factory('account/password')->bind('post', $post)->bind('errors', $errors)->bind('found', $found)->bind('user', $user);
}
/**
* does the DB migration
* @param pointer $db
* @param string $pf db_prefix
*/
private function migrate($db, $pf)
{
set_time_limit(0);
$db_config = core::config('database.default');
$prefix = $db_config['table_prefix'];
//connect DB original/to where we migrate
$dbo = Database::instance('default');
//oc_accounts --> oc_users
$users_map = array();
$accounts = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'accounts`');
foreach ($accounts as $account) {
$user = new Model_User();
$user->where('email', '=', $account['email'])->limit(1)->find();
if (!$user->loaded()) {
$user->name = $account['name'];
$user->email = $account['email'];
$user->password = $account['password'];
$user->created = $account['createdDate'];
$user->last_modified = $account['lastModifiedDate'];
$user->last_login = $account['lastSigninDate'];
$user->status = $account['active'];
$user->id_role = 1;
$user->seoname = $user->gen_seo_title($user->name);
$user->save();
}
$users_map[$account['email']] = $user->id_user;
}
//categories --> categories
$categories_map = array(0 => 1);
$categories = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'categories` ORDER BY `idCategoryParent` ASC');
foreach ($categories as $category) {
$cat = new Model_Category();
$cat->name = $category['name'];
$cat->order = $category['order'];
$cat->created = $category['created'];
$cat->seoname = $category['friendlyName'];
$cat->price = $category['price'];
$cat->description = substr($category['description'], 0, 250);
$cat->parent_deep = $category['idCategoryParent'] > 0 ? 1 : 0;
//there's only 1 deep
$cat->id_category_parent = isset($categories_map[$category['idCategoryParent']]) ? $categories_map[$category['idCategoryParent']] : 1;
$cat->save();
//we save old_id stores the new ID, so later we know the category parent, and to changes the ADS category id
$categories_map[$category['idCategory']] = $cat->id_category;
}
//locations --> locations
$locations_map = array(0 => 1);
$locations = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'locations` ORDER BY `idLocationParent` ASC');
foreach ($locations as $location) {
$loc = new Model_Location();
$loc->name = $location['name'];
$loc->seoname = $location['friendlyName'];
$loc->parent_deep = $location['idLocationParent'] > 0 ? 1 : 0;
//there's only 1 deep
$loc->id_location_parent = isset($locations_map[$location['idLocationParent']]) ? $locations_map[$location['idLocationParent']] : 1;
$loc->save();
//we save old_id stores the new ID, so later we know the location parent, and to changes the ADS location id
$locations_map[$location['idLocation']] = $loc->id_location;
}
//posts --> ads
$ads_map = array();
$ads = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'posts`');
foreach ($ads as $a) {
if (Valid::email($a['email'])) {
//gettin the id_user
if (isset($users_map[$a['email']])) {
$id_user = $users_map[$a['email']];
} else {
$user = Model_User::create_email($a['email'], $a['name']);
$id_user = $user->id_user;
}
$ad = new Model_Ad();
$ad->id_ad = $a['idPost'];
//so images still work
$ad->id_user = $id_user;
$ad->id_category = isset($categories_map[$a['idCategory']]) ? $categories_map[$a['idCategory']] : 1;
$ad->id_location = isset($locations_map[$a['idLocation']]) ? $locations_map[$a['idLocation']] : 1;
$ad->title = $a['title'];
$ad->seotitle = $ad->gen_seo_title($a['title']);
$ad->description = !empty($a['description']) ? Text::html2bb($a['description']) : $a['title'];
$ad->address = $a['place'];
$ad->price = $a['price'];
$ad->phone = $a['phone'];
$ad->has_images = $a['hasImages'];
$ad->ip_address = ip2long($a['ip']);
$ad->created = $a['insertDate'];
$ad->published = $ad->created;
//Status migration...big mess!
if ($a['isAvailable'] == 0 and $a['isConfirmed'] == 0) {
$ad->status = Model_Ad::STATUS_NOPUBLISHED;
} elseif ($a['isAvailable'] == 1 and $a['isConfirmed'] == 0) {
$ad->status = Model_Ad::STATUS_NOPUBLISHED;
} elseif ($a['isAvailable'] == 1 and $a['isConfirmed'] == 1) {
$ad->status = Model_Ad::STATUS_PUBLISHED;
} elseif ($a['isAvailable'] == 0 and $a['isConfirmed'] == 1) {
$ad->status = Model_Ad::STATUS_UNAVAILABLE;
} elseif ($a['isAvailable'] == 2) {
$ad->status = Model_Ad::STATUS_SPAM;
} else {
$ad->status = Model_Ad::STATUS_UNAVAILABLE;
}
try {
$ad->save();
} catch (ORM_Validation_Exception $e) {
// d($e->errors(''));
}
$ads_map[$a['idPost']] = $ad->id_ad;
}
}
//posthits --> visits, mass migration
$insert = 'INSERT INTO `' . $prefix . 'visits` ( `id_ad`, `created`, `ip_address`) VALUES';
$step = 5000;
$total = $db->query(Database::SELECT, 'SELECT count(*) cont FROM `' . $pf . 'postshits`')->as_array();
$total = $total[0]['cont'];
for ($i = 0; $i < $total; $i += $step) {
$hits = $db->query(Database::SELECT, 'SELECT * FROM `' . $pf . 'postshits` LIMIT ' . $i . ', ' . $step);
$values = '';
foreach ($hits as $hit) {
//build insert query
$values .= '(' . $hit['idPost'] . ', \'' . $hit['hitTime'] . '\', \'' . ip2long($hit['ip']) . '\'),';
}
$dbo->query(Database::INSERT, $insert . substr($values, 0, -1));
}
//old way of migrating
// $hits = $db->query(Database::SELECT, 'SELECT * FROM `'.$pf.'postshits` ');
// foreach ($hits as $hit)
// {
// //build insert query
// $visit = new Model_Visit();
// $visit->id_ad = (isset($ads_map[$hit['idPost']]))?$ads_map[$hit['idPost']]:NULL;
// $visit->created = $hit['hitTime'];
// $visit->ip_address = ip2long($hit['ip']);
// $visit->save();
// }
}
/**
* Tests Valid::email()
*
* Check an email address for correct format.
*
* @test
* @dataProvider provider_email
* @param string $email Address to check
* @param boolean $strict Use strict settings
* @param boolean $correct Is $email address valid?
*/
public function test_email($email, $strict, $correct)
{
$this->assertSame($correct, Valid::email($email, $strict));
}
public function action_index()
{
$email = $this->request->post('email_subscribe');
if (Valid::email($email, TRUE)) {
/* find user and compare emails */
$obj_user = new Model_User();
$user = $obj_user->where('email', '=', $email)->limit(1)->find();
// case when user is not logged in.
// We create new user if he doesn't exists in DB
// and send him mail for ad created + new profile created
if (!$user->loaded()) {
$name = substr($email, '0', stripos($email, '@'));
$new_password_hash = Auth::instance()->hash_password('password');
$user->email = $email;
$user->name = $name;
$user->status = Model_User::STATUS_ACTIVE;
$user->id_role = Model_Role::ROLE_USER;
$user->password = $new_password_hash;
$user->seoname = $name;
try {
$user->save();
Alert::set(Alert::SUCCESS, __('New profile has been created. Welcome ') . $name . ' !');
//we get the QL, and force the regen of token for security
$url_pwch = $user->ql('oc-panel', array('controller' => 'profile', 'action' => 'edit'), TRUE);
$ret = $user->email('user.new', array('[URL.PWCH]' => $url_pwch, '[USER.PWD]' => $new_password_hash));
} catch (ORM_Validation_Exception $e) {
throw new HTTP_Exception_500($e->getMessage());
} catch (Exception $e) {
throw new HTTP_Exception_500($e->getMessage());
}
}
/* save this user to data base as subscriber */
$arr_cat = $this->request->post('category_subscribe');
// string in this case is returned as "int,int" so we need to format min/max price
$price = $this->request->post('price_subscribe');
if ($price = $this->request->post('price_subscribe')) {
$min_price = substr($price, '0', stripos($price, ','));
$max_price = substr($price, strrpos($price, ',') + 1);
} else {
//in case of mobile version
// jquery mobile have different slider, so we need to get data differently
$min_price = $this->request->post('price_subscribe-1');
$max_price = $this->request->post('price_subscribe-2');
}
//if categry is not selected, subscribe them for all
$obj_category = new Model_Category();
if ($arr_cat === NULL) {
$all_cats = $obj_category->get_all();
$arr_cat = array();
foreach ($all_cats as $ac) {
foreach ($ac as $key => $v) {
$arr_cat[] = $key;
}
}
}
// create entry table subscriber for each category selected
foreach ($arr_cat as $c => $id_value) {
$obj_subscribe = new Model_Subscribe();
$obj_subscribe->id_user = $user->id_user;
$obj_subscribe->id_category = $id_value;
$obj_subscribe->id_location = $this->request->post('location_subscribe');
$obj_subscribe->min_price = $min_price;
$obj_subscribe->max_price = $max_price;
try {
$obj_subscribe->save();
} catch (Exception $e) {
throw new HTTP_Exception_500($e->getMessage());
}
}
Alert::set(Alert::SUCCESS, __('Thank you for subscribing'));
$this->request->redirect(Route::url('default'));
} else {
Alert::set(Alert::ALERT, __('Invalid Email'));
$this->request->redirect(Route::url('default'));
}
}