public function authenticate()
{
//catch username an password inputs using the Request helper
//"auser";"12345";
$username = Request::post('username');
$password = Request::post('password');
$response = array();
if ($this->auth->login($username, $password)) {
if ($this->auth->errormsg) {
// already logged in
$response['status'] = 'already';
$response['message'] = $this->auth->errormsg[0];
echo json_encode($response);
} else {
//succesfully logged in
$response['status'] = 'success';
$response['message'] = $this->auth->successmsg[0];
echo json_encode($response);
}
} else {
// not authenticated
$response['status'] = 'fail';
$response['message'] = $this->auth->errormsg[0];
echo json_encode($response);
}
}
public function update($id)
{
$current_user = User::current();
if ($current_user->id != $id && !$current_user->isAdmin()) {
http_response_code(403);
echo "Not allowed";
return;
}
if (!Request::isPost()) {
http_response_code(400);
return;
}
$data = json_decode(file_get_contents('php://input'));
$update_data = array();
$valid_keys = array();
if ($current_user->isAdmin()) {
$valid_keys[] = "admin";
}
$user = $this->users->getById($id);
$vars = get_object_vars($user);
foreach ($vars as $k => $v) {
if (in_array($k, $valid_keys) && isset($data->{$k})) {
if ($data->{$k} != $v) {
$update_data[$k] = $data->{$k};
}
}
}
if (count($update_data) > 0) {
$this->users->update($user->id, $update_data);
Audit::log($current_user, 'update user ' . $user, $update_data);
}
}
public function create()
{
if (!Request::isPost()) {
http_response_code(400);
return;
}
$data = json_decode(file_get_contents('php://input'));
if (is_array($data)) {
$this->createMany($data);
return;
}
$current_user = User::current();
$user = User::instance()->findId($data->user_id);
if ($current_user->isAdmin()) {
if ($user == NULL) {
http_response_code(409);
echo 'Invalid user id';
return;
}
} else {
if ($current_user->id != $user->id) {
http_response_code(403);
echo 'User ID does not match current user';
return;
}
}
$data->user = $user->login;
$result = [];
if (!$this->validate_key($data, $result)) {
http_response_code($result['status']);
echo $result['message'];
return;
}
$this->sanitize_key($data);
$existing_key = $this->keys->getByUserHost($user, $data->host);
if ($existing_key != NULL) {
http_response_code(409);
echo 'Host already exists for that user';
return;
}
$key = $this->keys->create($user, $data->host, $data->hash);
Audit::log($current_user, 'create key ' . $key->id . ' for ' . $user, $key);
http_response_code(200);
echo json_encode($key, JSON_PRETTY_PRINT);
}
/**
* Dispatch
* @return bool
*/
public function dispatch()
{
// Detect the current URI.
$uri = Url::detectUri();
// First, we will supose that URI is associated with an Asset File.
if (Request::isGet() && $this->dispatchFile($uri)) {
return true;
}
// Not an Asset File URI? Routes the current request.
$method = Request::getMethod();
// Search the defined Routes for matches; invoke the associated Callback, if any.
foreach ($this->routes as $route) {
if ($route->match($uri, $method, false)) {
// Found a valid Route; process it.
$this->matchedRoute = $route;
$callback = $route->callback();
if (is_object($callback)) {
// Invoke the Route's Callback with the associated parameters.
call_user_func_array($callback, $route->params());
return true;
}
// Pattern based Route.
$regex = $route->regex();
// Prepare the URI used by autoDispatch, applying the REGEX if exists.
if (!empty($regex)) {
$uri = preg_replace('#^' . $regex . '$#', $callback, $uri);
} else {
$uri = $callback;
}
break;
}
}
// Auto-dispatch the processed URI; quit if the attempt finished successfully.
if ($this->autoDispatch($uri)) {
return true;
}
// The dispatching failed; invoke the Error Callback with the current URI as parameter.
$params = array(htmlspecialchars($uri, ENT_COMPAT, 'ISO-8859-1', true));
$this->invokeObject($this->callback(), $params);
return false;
}
public function newmessage($to_user = NULL)
{
// Check if user is logged in
if ($this->auth->isLoggedIn()) {
// Get Current User's ID
$u_id = $this->auth->user_info();
} else {
Url::redirect();
}
// Check to see if user is over quota
// Disable New Message Form is they are
if ($this->model->checkMessageQuota($u_id)) {
// user is over limit, disable new message form
$data['hide_form'] = "true";
$error[] = "<span class='glyphicon glyphicon-exclamation-sign' aria-hidden='true'></span>\n <b>Your Outbox is Full!</b> You Can NOT send any messages!";
}
// Check to make sure user is trying to send new message
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Get data from post
$to_username = Request::post('to_username');
$subject = Request::post('subject');
$content = Request::post('content');
$reply = Request::post('reply');
// Check to see if this is coming from a reply button
if ($reply != "true") {
// Check to make sure user completed all required fields in form
if (empty($to_username)) {
// Username field is empty
$error[] = 'Username Field is Blank!';
}
if (empty($subject)) {
// Subject field is empty
$error[] = 'Subject Field is Blank!';
}
if (empty($content)) {
// Username field is empty
$error[] = 'Message Content Field is Blank!';
}
// Check for errors before sending message
if (count($error) == 0) {
// Get the userID of to username
$to_userID = $this->model->getUserIDFromUsername($to_username);
// Check to make sure user exists in Database
if (isset($to_userID)) {
// Check to see if to user's inbox is not full
if ($this->model->checkMessageQuotaToUser($to_userID)) {
// Run the Activation script
if ($this->model->sendmessage($to_userID, $u_id, $subject, $content)) {
// Success
SuccessHelper::push('You Have Successfully Sent a Private Message', 'Messages');
$data['hide_form'] = "true";
} else {
// Fail
$error[] = 'Message Send Failed';
}
} else {
// To user's inbox is full. Let sender know message was not sent
$error[] = '<b>${to_username}'s Inbox is Full!</b> Sorry, Message was NOT sent!';
}
} else {
// User does not exist
$error[] = 'Message Send Failed - To User Does Not Exist';
}
}
// End Form Complete Check
} else {
// Get data from reply $_POST
$subject = Request::post('subject');
$content = Request::post('content');
$date_sent = Request::post('date_sent');
// Add Reply details to subject ex: RE:
$data['subject'] = "RE: " . $subject;
// Clean up content so it looks pretty
$content_reply = " ##########";
$content_reply .= " # PREVIOUS MESSAGE";
$content_reply .= " # From: {$to_username}";
$content_reply .= " # Sent: {$date_sent} ";
$content_reply .= " ########## ";
$content_reply .= $content;
$content_reply = str_replace("<br />", " ", $content_reply);
$data['content'] = $content_reply;
}
// End Reply Check
}
}
// Check to see if there were any errors, if so then auto load form data
if (count($error) > 0) {
// Auto Fill form to make things eaiser for user
$data['subject'] = Request::post('subject');
$data['content'] = Request::post('content');
}
// Collect Data for view
$data['title'] = "My Private Message";
$data['welcome_message'] = "Welcome to Your Private Message Creator";
$data['csrf_token'] = Csrf::makeToken();
// Check to see if username is in url or post
if (isset($to_user)) {
$data['to_username'] = $to_user;
} else {
$data['to_username'] = Request::post('to_username');
}
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n\t\t\t<li><a href='" . DIR . "'>Home</a></li>\n\t\t\t<li><a href='" . DIR . "Messages'>Private Messages</a></li>\n\t\t\t<li class='active'>" . $data['title'] . "</li>\n\t\t";
// Get requested message data
//$data['message'] = $this->model->getMessage($m_id);
// Check for new messages in inbox
$data['new_messages_inbox'] = $this->model->getUnreadMessages($u_id);
// Send data to view
View::renderTemplate('header', $data);
View::renderModule('Messages/views/messages_sidebar', $data);
View::renderModule('Messages/views/message_new', $data, $error, $success);
View::renderTemplate('footer', $data);
}
/**
* Resend activation for email
*/
public function resendActivation()
{
if ($this->auth->isLogged()) {
Url::redirect();
}
if (isset($_POST['submit']) && Csrf::isTokenValid()) {
$email = Request::post('email');
if ($this->auth->resendActivation($email)) {
$data['message'] = "An activation code has been sent to your email";
$data['type'] = "success";
} else {
$data['message'] = "No account is affiliated with the {$email} or it may have already been activated.";
$data['type'] = "error";
}
}
$data['csrf_token'] = Csrf::makeToken();
$data['title'] = 'Resend Activation Email';
$data['isLoggedIn'] = $this->auth->isLogged();
View::renderTemplate('header', $data);
View::renderTemplate('resend', $data);
View::renderTemplate('footer', $data);
}
public function editProfile()
{
$u_id = $this->auth->currentSessionInfo()['uid'];
$onlineUsers = new MembersModel();
$username = $onlineUsers->getUserName($u_id);
if (sizeof($username) > 0) {
if (isset($_POST['submit'])) {
if (Csrf::isTokenValid()) {
$firstName = strip_tags(Request::post('firstName'));
$gender = Request::post('gender') == 'male' ? 'Male' : 'Female';
$website = !filter_var(Request::post('website'), FILTER_VALIDATE_URL) === false ? Request::post('website') : DIR . 'profile/' . $username;
$aboutMe = nl2br(strip_tags(Request::post('aboutMe')));
$picture = file_exists($_FILES['profilePic']['tmp_name']) || is_uploaded_file($_FILES['profilePic']['tmp_name']) ? $_FILES['profilePic'] : array();
$userImage = Request::post('oldImg');
if (sizeof($picture) > 0) {
$check = getimagesize($picture['tmp_name']);
if ($picture['size'] < 1000000 && $check && $check['mime'] == "image/jpeg") {
if (!file_exists('images/profile-pics')) {
mkdir('images/profile-pics', 0777, true);
}
$image = new SimpleImage($picture['tmp_name']);
$dir = 'images/profile-pics/' . $username[0]->username . '.jpg';
$image->best_fit(400, 300)->save($dir);
$userImage = $dir;
}
}
$onlineUsers->updateProfile($u_id, $firstName, $gender, $website, $userImage, $aboutMe);
$data['message'] = "Successfully updated profile";
$data['type'] = "success";
} else {
$data['message'] = "Error Updating profile";
$data['type'] = "error";
}
}
$username = $username[0]->username;
$profile = $onlineUsers->getUserProfile($username);
$data['title'] = $username . "'s Profile";
$data['profile'] = $profile[0];
$data['isLoggedIn'] = $this->auth->isLogged();
$data['csrf_token'] = Csrf::makeToken();
View::renderTemplate('header', $data);
View::renderModule('Members/views/edit_profile', $data);
View::renderTemplate('footer', $data);
} else {
Error::error404();
}
}
public function create()
{
if (Request::isPost()) {
//Checkbox validation
if ($_POST['participeAvant'] == "Yes") {
$participe_avant = 'true';
} else {
$participe_avant = 'false';
}
//date validation
$_POST['dateD'] = $this->validate_date($_POST['dateD']);
$_POST['dateF'] = $this->validate_date($_POST['dateF']);
if ($_POST['dateD'] != null && $_POST['dateF'] != null) {
if (!$this->is_date_higher($_POST['dateD'], $_POST['dateF'])) {
$_POST['dateD'] = null;
$_POST['dateF'] = null;
}
}
GUMP::set_field_name("titre", "\"Titre\"");
GUMP::set_field_name("dateD", "\"Date de début\"");
GUMP::set_field_name("dateF", "\"Date de fin\"");
GUMP::set_field_name("participeAvant", "\"Participe avant\"");
GUMP::set_field_name("nbParticipantsMax", "\"Nombre de participant max\"");
GUMP::set_field_name("image_concours", "\"Image\"");
$is_valid = GUMP::is_valid(array_merge($_POST, $_FILES), array('titre' => 'required', 'dateD' => 'required', 'dateF' => 'required', 'participeAvant' => 'boolean', 'nbParticipantsMax' => 'required|integer', 'image_concours' => 'required', 'nb_votes_max' => 'required|integer'));
//A modifier
$id_client = 1;
$image_concours = "image_concours";
//save de contest
if ($is_valid === true) {
/*
$concour = array(
'titre' => $_POST['titre'],
'theme' => $_POST['theme'],
'reglement' => $_POST['reglement'],
'description' => $_POST['description'],
'lots' => $_POST['lots'],
'dateD' => $_POST['dateD'],
'dateF' => $_POST['dateF'],
'nbParticipantsMax' => intval($_POST['nbPaticipantsMax']),
'participeAvant' => $_POST['participeAvant'],
'image_concours' => $image_concours,
'fk_id_client' => $id_client,
'nb_votes_max' => intval($_POST['nb_votes_max'])
);
*/
$query = "INSERT INTO concours(titre, theme, reglement, description, lots, \"dateD\",\n \"dateF\", \"nbParticipantsMax\", image_concours,\n \"participeAvant\", fk_id_client, nb_votes_max)\n\n VALUES ('" . $_POST['titre'] . "',' " . $_POST['theme'] . "', '" . $_POST['reglement'] . "', '" . $_POST['description'] . "', '" . $_POST['lots'] . "', '" . $_POST['dateD'] . "', '" . $_POST['dateF'] . "', " . intval($_POST['nbPaticipantsMax']) . ", '" . $image_concours . "', '" . $participe_avant . "', " . $id_client . ", '" . $_POST['nb_votes_max'] . "')";
$bdd = pg_connect(DB_CONFIG);
//$res = pg_insert($bdd, "concours", $concour);
$res = pg_query($bdd, $query);
pg_close($bdd);
if ($res) {
$data['saved_correctly'] = true;
} else {
$data['is_error'] = true;
$data['is_valid'] = array('Une erreur s\'est produite au moment de la sauvegarde');
}
} else {
$data['post'] = $_POST;
$data['is_error'] = true;
$data['is_valid'] = $is_valid;
}
}
$this->validate_date("4/13/2017");
$data['title'] = $this->language->get('createContest');
//Adding specific JS files
$data['js-datePlaceholder'] = true;
View::renderTemplate('backoffice/header', $data);
View::renderTemplate('backoffice/main_header', $data);
View::render('backoffice/contest/create', $data);
View::renderTemplate('backoffice/footer', $data);
}
public function insert_post()
{
$name = Request::post('nome');
$email = Request::post('email');
$phone = Request::post('phone');
$resull = $this->contatos->insertPostName($name);
$resull = $this->contatos->insertPostEmail($email);
$resull = $this->contatos->insertPostPhone($phone);
}
public function newtopic($id)
{
// Check if user is logged in
if ($this->auth->isLoggedIn()) {
// Get Current User's ID
$u_id = $this->auth->user_info();
} else {
//Url::redirect();
}
// Output Current User's ID
$data['current_userID'] = $u_id;
// Get Requested Topic's Title and Description
$data['forum_cat'] = $this->model->forum_cat($id);
$data['forum_cat_des'] = $this->model->forum_cat_des($id);
$data['forum_topics'] = $this->model->forum_topics($id);
// Ouput Page Title
$data['title'] = "New Topic for " . $data['forum_cat'];
// Output Welcome Message
$data['welcome_message'] = "Welcome to the new topic page.";
// Check to see if current user is a new user
$data['is_new_user'] = $this->auth->checkIsNewUser($u_id);
// Check to see if user is submitting a new topic
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Get data from post
$data['forum_title'] = strip_tags(Request::post('forum_title'));
$data['forum_content'] = strip_tags(Request::post('forum_content'));
// Check to make sure user completed all required fields in form
if (empty($data['forum_title'])) {
// Username field is empty
$error[] = 'Topic Title Field is Blank!';
}
if (empty($data['forum_content'])) {
// Subject field is empty
$error[] = 'Topic Content Field is Blank!';
}
// Check for errors before sending message
if (count($error) == 0) {
// No Errors, lets submit the new topic to db
$new_topic = $this->model->sendTopic($u_id, $id, $data['forum_title'], $data['forum_content']);
if ($new_topic) {
// New Topic Successfully Created Now Check if User is Uploading Image
// Check for image upload with this topic
$picture = file_exists($_FILES['forumImage']['tmp_name']) || is_uploaded_file($_FILES['forumImage']['tmp_name']) ? $_FILES['forumImage'] : array();
// Make sure image is being uploaded before going further
if (sizeof($picture) > 0 && $data['is_new_user'] != true) {
// Get image size
$check = getimagesize($picture['tmp_name']);
// Get file size for db
$file_size = $picture['size'];
// Make sure image size is not too large
if ($picture['size'] < 5000000 && $check && ($check['mime'] == "image/jpeg" || $check['mime'] == "image/png" || $check['mime'] == "image/gif")) {
if (!file_exists('images/forum-pics')) {
mkdir('images/forum-pics', 0777, true);
}
// Upload the image to server
$image = new SimpleImage($picture['tmp_name']);
$new_image_name = "forum-image-topic-uid{$u_id}-fid{$id}-ftid{$new_topic}";
$dir = 'images/forum-pics/' . $new_image_name . '.gif';
$image->best_fit(400, 300)->save($dir);
$forumImage = $dir;
var_dump($forumImage);
// Make sure image was Successfull
if ($forumImage) {
// Add new image to database
if ($this->model->sendNewImage($u_id, $new_image_name, $dir, $file_size, $id, $new_topic)) {
$img_success = "<br> Image Successfully Uploaded";
} else {
$img_success = "<br> No Image Uploaded";
}
}
} else {
$img_success = "<br> Image was NOT uploaded because the file size was too large!";
}
}
// Success
SuccessHelper::push('You Have Successfully Created a New Topic' . $img_success, 'Topic/' . $new_topic);
$data['hide_form'] = "true";
} else {
// Fail
$error[] = 'New Topic Create Failed';
}
}
// End Form Complete Check
}
}
// Get Recent Posts List for Sidebar
$data['forum_recent_posts'] = $this->model->forum_recent_posts();
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n \t\t\t<li><a href='" . DIR . "'>Home</a></li>\n <li><a href='" . DIR . "Forum'>" . $this->forum_title . "</a></li>\n <li><a href='" . DIR . "Topics/{$id}'>" . $data['forum_cat'] . "</a>\n \t\t\t<li class='active'>" . $data['title'] . "</li>\n \t\t";
// Ready the token!
$data['csrf_token'] = Csrf::makeToken();
// Send data to view
View::renderTemplate('header', $data);
View::renderModule('Forum/views/newtopic', $data, $error, $success);
View::renderModule('Forum/views/forum_sidebar', $data);
View::renderTemplate('footer', $data);
}
public function profile_edit()
{
$data['csrf_token'] = Csrf::makeToken();
$data['title'] = "Edit Profile";
$data['profile_content'] = "Use the following fields to update your User Profile.";
$data['left_sidebar'] = $this->LeftLinks->AccountLinks();
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n\t\t\t<li><a href='" . DIR . "'>Home</a></li>\n\t\t\t<li><a href='" . DIR . "AccountSettings'>Account Settings</a></li>\n\t\t\t<li class='active'>" . $data['title'] . "</li>\n\t\t";
// Get Current User's userID
$u_id = $this->auth->user_info();
// Check to make sure user is trying to update profile
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Catch password inputs using the Request helper
$firstName = Request::post('firstName');
$gender = Request::post('gender');
$website = Request::post('website');
$userImage = Request::post('userImage');
$aboutme = Request::post('aboutme');
// Run the Activation script
if ($this->model->updateProfile($u_id, $firstName, $gender, $website, $userImage, $aboutme)) {
// Success
$success[] = "You Have Successfully Updated Your Profile";
} else {
// Fail
$error[] = "Profile Update Failed";
}
}
}
// Setup Current User data
// Get user data from user's database
$current_user_data = $this->model->user_data($u_id);
foreach ($current_user_data as $user_data) {
$data['u_username'] = $user_data->username;
$data['u_firstName'] = $user_data->firstName;
$data['u_gender'] = $user_data->gender;
$data['u_userImage'] = $user_data->userImage;
$data['u_aboutme'] = str_replace("<br />", "", $user_data->aboutme);
$data['u_website'] = $user_data->website;
}
View::renderTemplate('header', $data);
View::renderModule('Profile/views/profile_edit', $data, $error, $success);
View::renderTemplate('footer', $data);
}
/**
* displaySweetsButton
*
* display sweets button
* update/add sweets type
*
* @param int $sweet_id (ID of post where sweet is)
* @param string $sweet_location (Section of site where sweet is)
* @param int $sweet_owner_userid (ID of user sweeting)
* @param int $sweet_type (sweet/unsweet)
* @param int $sweet_sec_id (ID of secondary post)
* @param string $sweet_url (redirect url)
*
* @return string returns sweet button data
*/
public static function displaySweetsButton($sweet_id = null, $sweet_location = null, $sweet_owner_userid = null, $sweet_sec_id = null, $sweet_url = null)
{
// Make sure that there is a user logged in
if ($sweet_owner_userid != null) {
// Check to see if current user has already sweeted page
self::$db = Database::get();
// Check to see if this is main post
if ($sweet_sec_id == null) {
// Sweet is for main post
$sweet_data = self::$db->select("\n SELECT\n *\n FROM\n " . PREFIX . "sweets\n WHERE\n sweet_id = :sweet_id\n AND sweet_location = :sweet_location\n AND sweet_owner_userid = :sweet_owner_userid\n ", array(':sweet_id' => $sweet_id, ':sweet_location' => $sweet_location, ':sweet_owner_userid' => $sweet_owner_userid));
// Get count to see if user has already submitted a sweet
$sweet_count = count($sweet_data);
} else {
// Sweet is for secondary post
$sweet_data = self::$db->select("\n SELECT\n *\n FROM\n " . PREFIX . "sweets\n WHERE\n sweet_id = :sweet_id\n AND sweet_location = :sweet_location\n AND sweet_owner_userid = :sweet_owner_userid\n AND sweet_sec_id = :sweet_sec_id\n ", array(':sweet_id' => $sweet_id, ':sweet_location' => $sweet_location, ':sweet_owner_userid' => $sweet_owner_userid, ':sweet_sec_id' => $sweet_sec_id));
// Get count to see if user has already submitted a sweet
$sweet_count = count($sweet_data);
}
//echo " ($sweet_count) ";
// Setup Sweet Button Form
$sweet_button_display = Form::open(array('method' => 'post', 'style' => 'display:inline'));
// Check to see if user has alreadyed sweeted
if ($sweet_count > 0) {
// Display UnSweet button if user has already sweeted
$sweet_button_display .= " <input type='hidden' name='delete_sweet' value='true' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_id' value='{$sweet_id}' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_sec_id' value='{$sweet_sec_id}' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_location' value='{$sweet_location}' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_owner_userid' value='{$sweet_owner_userid}' /> ";
$sweet_button_display .= " <button type='submit' class='btn btn-warning btn-xs' value='Sweet' name='sweet'> Un" . SWEET_BUTTON_DISPLAY . " </button> ";
} else {
// Display Sweet Button if user has not yet sweeted
$sweet_button_display .= " <input type='hidden' name='submit_sweet' value='true' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_id' value='{$sweet_id}' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_sec_id' value='{$sweet_sec_id}' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_location' value='{$sweet_location}' /> ";
$sweet_button_display .= " <input type='hidden' name='sweet_owner_userid' value='{$sweet_owner_userid}' /> ";
$sweet_button_display .= " <button type='submit' class='btn btn-success btn-xs' value='Sweet' name='sweet'> " . SWEET_BUTTON_DISPLAY . " </button> ";
}
// Close the Sweet Button Form
$sweet_button_display .= Form::close();
// Check to see if user is submitting a new sweet
$submit_sweet = Request::post('submit_sweet');
$delete_sweet = Request::post('delete_sweet');
$post_sweet_id = Request::post('sweet_id');
$post_sweet_location = Request::post('sweet_location');
$post_sweet_owner_userid = Request::post('sweet_owner_userid');
$post_sweet_sec_id = Request::post('sweet_sec_id');
if ($submit_sweet == "true" && $post_sweet_sec_id == $sweet_sec_id) {
self::addSweet($post_sweet_id, $post_sweet_location, $post_sweet_owner_userid, $post_sweet_sec_id, $sweet_url);
} else {
if ($delete_sweet == "true" && $post_sweet_sec_id == $sweet_sec_id) {
self::removeSweet($post_sweet_id, $post_sweet_location, $post_sweet_owner_userid, $post_sweet_sec_id, $sweet_url);
}
}
// Ouput the sweet/unsweet button
return $sweet_button_display;
}
}
/**
* Dispatch route
* @return bool
*/
public function dispatch()
{
// Detect the current URI.
$uri = Url::detectUri();
// First, we will supose that URI is associated with an Asset File.
if (Request::isGet() && $this->dispatchFile($uri)) {
return true;
}
// Not an Asset File URI? Routes the current request.
$method = Request::getMethod();
// If there exists a Catch-All Route, firstly we add it to Routes list.
if ($this->defaultRoute !== null) {
array_push($this->routes, $this->defaultRoute);
}
foreach ($this->routes as $route) {
if ($route->match($uri, $method)) {
// Found a valid Route; process it.
$this->matchedRoute = $route;
$callback = $route->callback();
if ($callback !== null) {
// Invoke the Route's Callback with the associated parameters.
return $this->invokeObject($callback, $route->params());
}
return true;
}
}
// No valid Route found; invoke the Error Callback with the current URI as parameter.
$params = array(htmlspecialchars($uri, ENT_COMPAT, 'ISO-8859-1', true));
$this->invokeObject($this->callback(), $params);
return false;
}
public function ResendActivation()
{
// Check to make sure user is NOT logged in
if ($this->auth->isLoggedIn()) {
Url::redirect();
}
// Check to make sure user is trying to login
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Catch email input using the Request helper
$email = Request::post('email');
// Run the Activation script
if ($this->auth->resendActivation($email)) {
// Success
$success[] = Language::show('success_msg_resend_activation', 'Auth');
} else {
// Fail
$error[] = Language::show('error_msg_resend_activation', 'Auth');
}
}
} else {
// No GET information - Send User to index
//Url::redirect();
}
$data['title'] = Language::show('title_resend_activation', 'Auth');
$data['csrf_token'] = Csrf::makeToken();
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n\t\t\t<li><a href='" . DIR . "'>Home</a></li>\n\t\t\t<li class='active'>" . $data['title'] . "</li>\n\t\t";
View::rendertemplate('header', $data);
View::render('auth/ResendActivation', $data, $error, $success);
View::rendertemplate('footer', $data);
}
/**
* Check to see if the CSRF token in session is the same as submitted form.
*
* @access public
* @static static method
* @return bool
*/
public static function isTokenValid($name = 'csrfToken')
{
return Request::post($name) == Session::get($name);
}
/**
* forum_categories
*
* Function that handles all the Admin Functions for Forum Categories
*
* @param string $action - action to take within function
* @param int/string
* @param int/string
*
*/
public function forum_categories($action = null, $id = null, $id2 = null)
{
// Get data for users
$data['current_page'] = $_SERVER['REQUEST_URI'];
$data['title'] = "Forum Categories";
// Check to see if there is an action
if ($action != null && $id != null) {
// Check to see if action is edit
if ($action == 'CatMainEdit') {
// Check to make sure admin is trying to update
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
if ($_POST['action'] == "update_cat_main_title") {
// Catch password inputs using the Request helper
$new_forum_title = Request::post('forum_title');
$prev_forum_title = Request::post('prev_forum_title');
if ($this->forum->updateCatMainTitle($prev_forum_title, $new_forum_title)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Updated Forum Main Category Title to <b>' . $new_forum_title . '</b>', 'AdminPanel-Forum-Categories');
} else {
// Fail
$error[] = "Edit Forum Main Category Failed";
}
}
}
} else {
// Get data for CatMainEdit Form
$data['edit_cat_main'] = true;
$data['data_cat_main'] = $this->forum->getCatMain($id);
$data['welcome_message'] = "You are about to Edit Selected Forum Main Category.";
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='glyphicon glyphicon-cog'></i> Admin Panel</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories'><i class='glyphicon glyphicon-list'></i> " . $data['title'] . "</a></li>\n <li class='active'><i class='glyphicon glyphicon-pencil'></i> Edit Main Category</li>\n ";
}
} else {
if ($action == "CatMainUp") {
if ($this->forum->moveUpCatMain($id)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Moved Up Forum Main Category', 'AdminPanel-Forum-Categories');
} else {
// Fail
$error[] = "Move Up Forum Main Category Failed";
}
} else {
if ($action == "CatMainDown") {
if ($this->forum->moveDownCatMain($id)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Moved Down Forum Main Category', 'AdminPanel-Forum-Categories');
} else {
// Fail
$error[] = "Move Down Forum Main Category Failed";
}
} else {
if ($action == 'CatMainNew') {
// Check to make sure admin is trying to update
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Add new cate main title to database
if ($_POST['action'] == "new_cat_main_title") {
// Catch inputs using the Request helper
$forum_title = Request::post('forum_title');
// Get last order title number from db
$last_order_num = $this->forum->getLastCatMain();
// Attempt to add new Main Category Title to DB
if ($this->forum->newCatMainTitle($forum_title, 'forum', $last_order_num)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Created New Forum Main Category Title <b>' . $new_forum_title . '</b>', 'AdminPanel-Forum-Categories');
} else {
// Fail
$error[] = "New Forum Main Category Failed";
}
}
}
}
} else {
if ($action == "CatSubList") {
// Check to make sure admin is trying to update
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Add new cate main title to database
if ($_POST['action'] == "new_cat_sub") {
// Catch inputs using the Request helper
$forum_title = Request::post('forum_title');
$forum_cat = Request::post('forum_cat');
$forum_des = Request::post('forum_des');
// Check to see if we are adding to a new main cat
if ($this->forum->checkSubCat($forum_title)) {
// Get last cat sub order id
$last_cat_order_id = $this->forum->getLastCatSub($forum_title);
// Get forum order title id
$forum_order_title = $this->forum->getForumOrderTitle($forum_title);
// Run insert for new sub cat
$run_sub_cat = $this->forum->newSubCat($forum_title, $forum_cat, $forum_des, $last_cat_order_id, $forum_order_title);
} else {
// Run update for new main cat
$run_sub_cat = $this->forum->updateSubCat($id, $forum_cat, $forum_des);
}
// Attempt to update/insert sub cat in db
if ($run_sub_cat) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Created Forum Sub Category', 'AdminPanel-Forum-Categories/CatSubList/' . $id);
} else {
// Fail
$error[] = "Create Forum Sub Category Failed";
}
}
}
} else {
// Set goods for Forum Sub Categories Listing
$data['cat_sub_list'] = true;
$data['cat_main_title'] = $this->forum->getCatMain($id);
$data['cat_sub_titles'] = $this->forum->getCatSubs($data['cat_main_title']);
$data['fourm_cat_sub_last'] = $this->forum->getLastCatSub($data['cat_main_title']);
$data['welcome_message'] = "You are viewing a complete list of sub categories for requeted main category.";
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='glyphicon glyphicon-cog'></i> Admin Panel</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories'><i class='glyphicon glyphicon-list'></i> " . $data['title'] . "</a></li>\n <li class='active'><i class='glyphicon glyphicon-pencil'></i> Sub Categories List</li>\n ";
}
} else {
if ($action == "CatSubEdit") {
// Check to make sure admin is trying to update
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Add new cate main title to database
if ($_POST['action'] == "edit_cat_sub") {
// Catch inputs using the Request helper
$forum_cat = Request::post('forum_cat');
$forum_des = Request::post('forum_des');
// Attempt to update sub cat in db
if ($this->forum->updateSubCat($id, $forum_cat, $forum_des)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Updated Forum Sub Category', 'AdminPanel-Forum-Categories/CatSubList/' . $id);
} else {
// Fail
$error[] = "Update Forum Sub Category Failed";
}
}
}
} else {
// Display Edit Forum for Selected Sub Cat
$data['cat_sub_edit'] = true;
$data['cat_sub_data'] = $this->forum->getCatSubData($id);
$data['welcome_message'] = "You are about to edit requeted sub category.";
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='glyphicon glyphicon-cog'></i> Admin Panel</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories'><i class='glyphicon glyphicon-list'></i> " . $data['title'] . "</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories/CatSubList/{$id}'><i class='glyphicon glyphicon-list'></i> Sub Categories List</a></li>\n <li class='active'><i class='glyphicon glyphicon-pencil'></i> Edit Sub Category</li>\n ";
}
} else {
if ($action == "DeleteSubCat") {
// Check to make sure admin is trying to update
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Add new cate main title to database
if ($_POST['action'] == "delete_cat_sub") {
// Catch inputs using the Request helper
$delete_cat_sub_action = Request::post('delete_cat_sub_action');
// Get title basted on forum_id
$forum_title = $this->forum->getCatMain($id);
// Get title basted on forum_cat
$forum_cat = $this->forum->getCatSub($id);
// Check to see what delete function admin has selected
if ($delete_cat_sub_action == "delete_all") {
// Admin wants to delete Sub Cat and Everything Within it
// First we delete all related topic Replies
if ($this->forum->deleteTopicsForumID($id)) {
$success_count = $success_count + 1;
}
// Second we delete all topics
if ($this->forum->deleteTopicRepliesForumID($id)) {
$success_count = $success_count + 1;
}
// Finally we delete the main cat and all related sub cats
if ($this->forum->deleteCatForumID($id)) {
$success_count = $success_count + 1;
}
// Check to see if everything was deleted Successfully
if ($success_count > 0) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Deleted Sub Category: <b>' . $forum_title . ' > ' . $forum_cat . '</b> and Everything Within it!', 'AdminPanel-Forum-Categories');
}
} else {
// Extract forum_id from move_to_# string
$forum_id = str_replace("move_to_", "", $delete_cat_sub_action);
if (!empty($forum_id)) {
// First Update Topic Replies forum_id
if ($this->forum->updateTopicRepliesForumID($id, $forum_id)) {
$success_count = $success_count + 1;
}
// Second Update Topics forum_id
if ($this->forum->updateTopicsForumID($id, $forum_id)) {
$success_count = $success_count + 1;
}
// Last delete the sub Category
if ($this->forum->deleteCatForumID($id)) {
$success_count = $success_count + 1;
}
// Check to see if anything was done
if ($success_count > 0) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Moved Main Category From <b>' . $old_forum_title . '</b> to <b>' . $new_forum_title . '</b>', 'AdminPanel-Forum-Categories/CatSubList/' . $forum_id);
}
} else {
// User has not selected to delete or move main cat
\Helpers\ErrorHelper::push('No Action Selected. No actions executed.', 'AdminPanel-Forum-Categories/DeleteSubCat/' . $id);
}
}
}
}
} else {
// Display Delete Cat Sub Form
$data['delete_cat_sub'] = true;
// Get list of all sub cats except current
$data['list_all_cat_sub'] = $this->forum->catSubListExceptSel($id);
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='glyphicon glyphicon-cog'></i> Admin Panel</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories'><i class='glyphicon glyphicon-list'></i> " . $data['title'] . "</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories/CatSubList/" . $id . "'><i class='glyphicon glyphicon-list'></i> Sub Categories List</a></li>\n <li class='active'><i class='glyphicon glyphicon-pencil'></i> Delete Sub Category</li>\n ";
}
} else {
if ($action == "CatSubUp") {
// Get forum_title for cat
$data['cat_main_title'] = $this->forum->getCatMain($id);
// Try to move up
if ($this->forum->moveUpCatSub($data['cat_main_title'], $id2)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Moved Up Forum Sub Category', 'AdminPanel-Forum-Categories/CatSubList/' . $id);
} else {
// Fail
$error[] = "Move Up Forum Main Category Failed";
}
} else {
if ($action == "CatSubDown") {
// Get forum_title for cat
$data['cat_main_title'] = $this->forum->getCatMain($id);
// Try to move down
if ($this->forum->moveDownCatSub($data['cat_main_title'], $id2)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Moved Down Forum Sub Category', 'AdminPanel-Forum-Categories/CatSubList/' . $id);
} else {
// Fail
$error[] = "Move Down Forum Main Category Failed";
}
} else {
if ($action == "DeleteMainCat") {
// Check to make sure admin is trying to update
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Add new cate main title to database
if ($_POST['action'] == "delete_cat_main") {
// Catch inputs using the Request helper
$delete_cat_main_action = Request::post('delete_cat_main_action');
// Get title basted on forum_id
$forum_title = $this->forum->getCatMain($id);
// Check to see what delete function admin has selected
if ($delete_cat_main_action == "delete_all") {
// Admin wants to delete Main Cat and Everything Within it
// Get list of all forum_id's for this Main Cat
$forum_id_all = $this->forum->getAllForumTitleIDs($forum_title);
$success_count = "0";
if (isset($forum_id_all)) {
foreach ($forum_id_all as $row) {
// First we delete all related topic Replies
if ($this->forum->deleteTopicsForumID($row->forum_id)) {
$success_count = $success_count + 1;
}
// Second we delete all topics
if ($this->forum->deleteTopicRepliesForumID($row->forum_id)) {
$success_count = $success_count + 1;
}
// Finally we delete the main cat and all related sub cats
if ($this->forum->deleteCatForumID($row->forum_id)) {
$success_count = $success_count + 1;
}
}
}
if ($success_count > 0) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Deleted Main Category: <b>' . $forum_title . '</b> and Everything Within it!', 'AdminPanel-Forum-Categories');
}
} else {
// Extract forum_id from move_to_# string
$forum_id = str_replace("move_to_", "", $delete_cat_main_action);
if (!empty($forum_id)) {
// Get new and old forum titles
$new_forum_title = $this->forum->getCatMain($forum_id);
$old_forum_title = $this->forum->getCatMain($id);
// Get forum_order_title id for forum_title we are moving to
$new_forum_order_title = $this->forum->getForumOrderTitle($new_forum_title);
// Get last order id for new forum_title we are moving to
$new_forum_order_cat = $this->forum->getLastCatSub($new_forum_title);
// Update with the new forum title from the old one
if ($this->forum->moveForumSubCat($old_forum_title, $new_forum_title, $new_forum_order_title, $new_forum_order_cat)) {
// Success
\Helpers\SuccessHelper::push('You Have Successfully Moved Main Category From <b>' . $old_forum_title . '</b> to <b>' . $new_forum_title . '</b>', 'AdminPanel-Forum-Categories/CatSubList/' . $forum_id);
}
} else {
// User has not selected to delete or move main cat
\Helpers\ErrorHelper::push('No Action Selected. No actions executed.', 'AdminPanel-Forum-Categories/DeleteMainCat/' . $id);
}
}
}
}
} else {
// Show delete options for main cat
$data['delete_cat_main'] = true;
$data['welcome_message'] = "You are about to delete requested main category. Please proceed with caution.";
// Get title for main cat admin is about to delete
$data['delete_cat_main_title'] = $this->forum->getCatMain($id);
// Get all other main cat titles
$data['list_all_cat_main'] = $this->forum->catMainListExceptSel($data['delete_cat_main_title']);
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='glyphicon glyphicon-cog'></i> Admin Panel</a></li>\n <li><a href='" . DIR . "AdminPanel-Forum-Categories'><i class='glyphicon glyphicon-list'></i> " . $data['title'] . "</a></li>\n <li class='active'><i class='glyphicon glyphicon-pencil'></i> Delete Main Category</li>\n ";
}
}
}
}
}
}
}
}
}
}
}
} else {
// Get data for main categories
$data['cat_main'] = $this->forum->catMainList();
// Welcome message
$data['welcome_message'] = "You are viewing a complete list of main categories.";
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='glyphicon glyphicon-cog'></i> Admin Panel</a></li>\n <li class='active'><i class='glyphicon glyphicon-list'></i> " . $data['title'] . "</li>\n ";
}
// Get Last main cat order number
$data['fourm_cat_main_last'] = $this->forum->getLastCatMain();
// Setup CSRF token
$data['csrf_token'] = Csrf::makeToken();
View::renderModule('AdminPanel/views/header', $data);
View::renderModule('AdminPanel/views/forum_categories', $data, $error, $success);
View::renderModule('AdminPanel/views/footer', $data);
}
public function group($id)
{
// Check for orderby selection
$data['orderby'] = Request::post('orderby');
// Get data for users
$data['current_page'] = $_SERVER['REQUEST_URI'];
$data['title'] = "Group";
$data['welcome_message'] = "Welcome to the Group Admin Panel";
$data['csrf_token'] = Csrf::makeToken();
// Get user groups data
$data_groups = $this->model->getAllGroups();
// Get groups user is and is not member of
foreach ($data_groups as $value) {
$data_user_groups = $this->model->checkUserGroup($id, $value->groupID);
if ($data_user_groups) {
$group_member[] = $value->groupID;
} else {
$group_not_member[] = $value->groupID;
}
}
// Gether group data for group user is member of
if (isset($group_member)) {
foreach ($group_member as $value) {
$group_member_data[] = $this->model->getGroupData($value);
}
}
// Push group data to view
$data['user_member_groups'] = $group_member_data;
// Gether group data for group user is not member of
if (isset($group_not_member)) {
foreach ($group_not_member as $value) {
$group_notmember_data[] = $this->model->getGroupData($value);
}
}
// Push group data to view
$data['user_notmember_groups'] = $group_notmember_data;
// Check to make sure admin is trying to update group data
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Check for update group
if ($_POST['update_group'] == "true") {
// Catch password inputs using the Request helper
$ag_groupID = Request::post('ag_groupID');
$ag_groupName = Request::post('ag_groupName');
$ag_groupDescription = Request::post('ag_groupDescription');
$ag_groupFontColor = Request::post('ag_groupFontColor');
$ag_groupFontWeight = Request::post('ag_groupFontWeight');
// Run the update group script
if ($this->model->updateGroup($ag_groupID, $ag_groupName, $ag_groupDescription, $ag_groupFontColor, $ag_groupFontWeight)) {
// Success
$success[] = "You Have Successfully Updated Group";
} else {
// Fail
$error[] = "Group Update Failed";
}
}
//Check for delete group
if ($_POST['delete_group'] == "true") {
// Catch password inputs using the Request helper
$ag_groupID = Request::post('ag_groupID');
// Run the update group script
if ($this->model->deleteGroup($ag_groupID)) {
// Success
$success[] = "You Have Successfully Deleted Group";
\Helpers\Url::redirect('AdminPanel-Groups');
} else {
// Fail
$error[] = "Group Delete Failed";
}
}
}
}
// Setup Current User data
// Get user data from user's database
$current_group_data = $this->model->getGroup($id);
foreach ($current_group_data as $group_data) {
$data['g_groupID'] = $group_data->groupID;
$data['g_groupName'] = $group_data->groupName;
$data['g_groupDescription'] = $group_data->groupDescription;
$data['g_groupFontColor'] = $group_data->groupFontColor;
$data['g_groupFontWeight'] = $group_data->groupFontWeight;
}
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n <li><a href='" . DIR . "AdminPanel'><i class='fa fa-fw fa-cog'></i> Admin Panel</a></li>\n <li><a href='" . DIR . "AdminPanel-Groups'><i class='fa fa-fw fa-user'></i> Groups </a></li>\n <li class='active'><i class='fa fa-fw fa-user'></i>Group - " . $data['g_groupName'] . "</li>\n ";
View::renderModule('AdminPanel/views/header', $data);
View::renderModule('AdminPanel/views/group', $data, $error, $success);
View::renderModule('AdminPanel/views/footer', $data);
}
