private function deleteCategory(CategoryRepository $categoryRepo, ArticleRepository $articleRepo, Text $text)
{
$categoryRepo->deleteCategory($articleRepo, $this->category);
$viewAll = Link::of($text->getUrlPage("category_list"), $text->t("categories.view_all"));
$text->addMessage($text->t("main.category") . " " . $text->t("editor.is_deleted"), $viewAll);
$this->deleted = true;
}
private function deleteLink(LinkRepository $linkRepo, Text $text)
{
$linkRepo->deleteLink($this->link);
$text->addMessage($text->t("main.link") . " " . $text->t("editor.is_deleted"), Link::of($text->getUrlPage("edit_menu", $this->link->getMenuId()), $text->t("links.menu.go_back")));
$this->link = null;
// mark as deleted
}
private function updateCategory(CategoryRepository $categoryRepo, Request $request, Text $text)
{
$this->category->setName($request->getRequestString("category_name", ""));
$this->category->setDescriptionHtml($request->getRequestString("category_description", ""));
$valid = true;
if (!Validate::stringLength($this->category->getName(), CategoryRepository::NAME_MIN_LENGTH, CategoryRepository::NAME_MAX_LENGTH)) {
$text->addError($text->t("categories.name") . ' ' . Validate::getLastError($text));
$valid = false;
}
if (!Validate::stringLength($this->category->getDescriptionHtml(), CategoryRepository::DESCRIPTION_MIN_LENGTH, CategoryRepository::DESCRIPTION_MAX_LENGTH)) {
$text->addError($text->t("categories.description") . ' ' . Validate::getLastError($text));
$valid = false;
}
if ($valid) {
$newCategory = $this->category->getId() === 0;
$categoryRepo->saveCategory($this->category);
// Add a confirmation
$confirmation = $text->t("main.category") . " " . $text->t("editor.is_edited");
if ($newCategory) {
$confirmation = $text->t("main.category") . " " . $text->t("editor.is_created");
}
$viewCategory = Link::of($text->getUrlPage("category", $this->category->getId()), $text->t("categories.view_category"));
$viewCategories = Link::of($text->getUrlpage("category_list"), $text->t("categories.view_all_categories"));
$text->addMessage($confirmation, $viewCategory, $viewCategories);
}
}
private function trySaveMenu(MenuRepository $menuRepo, Text $text)
{
if (!Validate::stringLength($this->menu->getName(), 1, MenuRepository::NAME_MAX_LENGTH)) {
$text->addError($text->t("links.menu") . " " . Validate::getLastError($text));
return;
}
$menuRepo->saveMenu($this->menu);
$text->addMessage($text->t("links.menu") . " " . $text->t("editor.is_changed"), Link::of($text->getUrlPage("edit_menu", $this->menu->getId()), $text->t("links.menu.go_back")));
}
/**
* Gets an array of links to all categories.
* @param Text $text The text object, of URL structure.
* @return Link[] The array of links.
*/
public function getCategoryLinks(Text $text)
{
$categories = $this->getCategories();
$links = [];
foreach ($categories as $category) {
if ($category->isStandardCategory()) {
continue;
// Don't display "No categories"
}
$links[] = Link::of($text->getUrlPage("category", $category->getId()), $category->getName());
}
return $links;
}
private function addSaveMessage(PlacedWidget $placedWidget, Text $text)
{
$homeLink = Link::of($text->getUrlMain(), $text->t("main.home"));
$documentLink = Link::of($text->getUrlPage("edit_document", $placedWidget->getDocumentId()), $text->t("widgets.view_in_document"));
$message = "";
if ($placedWidget->getId() === 0) {
// New widget
$message = $text->t("main.widget") . " " . $text->t("editor.is_created");
} else {
// Updating existing widget
$message = $text->t("main.widget") . " " . $text->t("editor.is_edited");
}
$text->addMessage($message, $homeLink, $documentLink);
}
public function init(Website $website, Request $request)
{
$this->installedWidgets = $website->getWidgets();
$widgetId = $request->getParamInt(0, 0);
$widgetRepo = new WidgetRepository($website);
$this->placedWidget = $widgetRepo->getPlacedWidget($widgetId);
if (Validate::requestToken($request)) {
$widgetRepo->deletePlacedWidget($this->placedWidget);
$text = $website->getText();
$text->addMessage($text->t("main.widget") . ' ' . $text->t("editor.is_deleted"), Link::of($text->getUrlPage("edit_document", $this->placedWidget->getDocumentId()), $text->t("main.ok")));
} else {
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
}
private function handleRequest(Website $website, Request $request)
{
$text = $website->getText();
$menuId = $request->getRequestInt("main_menu_id", 0);
if ($menuId === 0) {
$this->menu = null;
$website->getConfig()->set($website->getDatabase(), Config::OPTION_MAIN_MENU_ID, 0);
$text->addMessage($text->t("links.main_menu.now_using_categories"), Link::of($text->getUrlPage("category_list"), $text->t("categories.edit_categories")), Link::of($text->getUrlMain(), $text->t("main.home")));
} else {
if (isset($this->menus[$menuId])) {
$this->menu = $this->menus[$menuId];
$website->getConfig()->set($website->getDatabase(), Config::OPTION_MAIN_MENU_ID, $this->menu->getId());
$text->addMessage($text->tReplaced("links.main_menu.now_using_this_menu", $this->menu->getName()), Link::of($text->getUrlPage("edit_menu", $this->menu->getId()), $text->t("links.menu.edit")), Link::of($text->getUrlMain(), $text->t("main.home")));
} else {
throw new NotFoundException();
}
}
}
private function handleUserRequest(Website $website, Request $request)
{
$username = $request->getRequestString("creating_username", "");
$displayName = $request->getRequestString("creating_display_name", "");
$password = $request->getRequestString("creating_password", "");
$email = $request->getRequestString("creating_email", "");
$rank = $request->getRequestInt("creating_rank", 0);
$newUser = User::createNewUser($username, $displayName, $password);
$newUser->setEmail($email);
$newUser->setRank($rank);
$text = $website->getText();
$userRepo = new UserRepository($website->getDatabase());
if (Validate::requestToken($request) && $this->validateInput($newUser, $password, $website->getAuth(), $userRepo, $text)) {
$userRepo->save($newUser);
$this->accountCreated = true;
$text->addMessage($text->t("users.create.other.done"), Link::of($text->getUrlPage("create_account_admin"), $text->t("users.create_another")), Link::of($text->getUrlPage("account_management"), $text->t("main.account_management")));
}
return $newUser;
}
public function init(Website $website, Request $request)
{
$commentId = $request->getParamInt(0, 0);
$repo = new CommentRepository($website->getDatabase());
$this->comment = $repo->getCommentOrFail($commentId);
$user = $website->getAuth()->getCurrentUser();
// Check if user is allowed to delete this comment
if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) {
throw new NotFoundException();
}
// Check if form was submitted
if (Validate::requestToken($request)) {
$repo->deleteComment($commentId);
$text = $website->getText();
$articleLink = $text->getUrlPage("article", $this->comment->getArticleId());
$text->addMessage($text->t("comments.comment") . ' ' . $text->t("editor.is_deleted"), Link::of($articleLink, $text->t("main.ok")));
} else {
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
}
private function handleRequest(Text $text, Request $request, LinkRepository $linkRepo)
{
$valid = true;
$linkText = $request->getRequestString("link_text", "");
$this->link->setText($linkText);
if (!Validate::nameOfLink($linkText)) {
$text->addError($this->t("links.text") . " " . Validate::getLastError($text));
$valid = false;
}
$url = $request->getRequestString("link_url", "");
if (Validate::url($url)) {
$this->link->setUrl(new Uri($url));
} else {
$text->addError($text->t("links.url") . " " . Validate::getLastError($text));
$valid = false;
}
if ($valid) {
$linkRepo->saveLink($this->link);
$text->addMessage($text->t("main.link") . ' ' . $text->t("editor.is_edited"), Link::of($text->getUrlPage("edit_menu", $this->link->getMenuId()), $text->t("links.menu.go_back")));
}
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$currentUser = $website->getAuth()->getCurrentUser();
$articleId = $request->getParamInt(0);
$articleRepository = new ArticleRepository($website);
$article = $this->getArticle($articleRepository, $currentUser, $articleId);
$articleEditor = new ArticleEditor($article);
$this->articleEditor = $articleEditor;
$categoryRepository = new CategoryRepository($website->getDatabase());
$this->allCategories = $categoryRepository->getCategories();
$this->richEditor = new CKEditor($website->getText(), $website->getConfig(), $website->getThemeManager());
// Validate token, then save new one to session
$validToken = Validate::requestToken($request);
$this->token = RequestToken::generateNew();
$this->token->saveToSession();
// Now check input
if (!$articleEditor->processInput($website->getText(), $request, $categoryRepository)) {
return;
}
if ($request->hasRequestValue("submit") && $validToken) {
// Try to save
$article = $articleEditor->getArticle();
if ($articleRepository->saveArticle($article)) {
$viewArticleLink = Link::of($website->getUrlPage("article", $article->getId()), $website->t("articles.view"));
if ($articleId == 0) {
// New article created
$text->addMessage($text->t("main.article") . " " . $text->t("editor.is_created"), $viewArticleLink);
} else {
// Article updated
$text->addMessage($text->t("main.article") . " " . $text->t("editor.is_edited"), $viewArticleLink);
}
// Check for redirect
if ($request->getRequestString("submit") == $website->t("editor.save_and_quit")) {
$this->redirectUrl = $website->getUrlPage("article", $article->getId());
}
}
}
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$widgetId = $request->getParamInt(0);
$moveUp = $request->getRequestString("direction", "up") === "up";
$widgetRepository = new WidgetRepository($website);
$this->placedWidget = $widgetRepository->getPlacedWidget($widgetId);
$this->installedWidgets = $website->getWidgets();
if (Validate::requestToken($request)) {
// move
$this->moveWidget($widgetRepository, $moveUp);
$this->redirectUrl = $text->getUrlPage("edit_document", $this->placedWidget->getDocumentId());
} else {
$text->addError(Validate::getLastError($text));
$linkText = $text->t("widgets.move_down");
if ($moveUp) {
$linkText = $text->t("widgets.move_up");
}
// Generate new request token, allowing user to perform action again
$newRequestToken = RequestToken::generateNew();
$this->moveLink = Link::of($text->getUrlPage("move_widget", $widgetId, ["direction" => $moveUp ? "up" : "down", RequestToken::FIELD_NAME => $newRequestToken->getTokenString()]), $linkText);
$newRequestToken->saveToSession();
}
}
public function writeTopMenu(StreamInterface $stream)
{
$website = $this->website;
$text = $website->getText();
$config = $website->getConfig();
$links = [];
$links[] = Link::of($text->getUrlMain(), $text->t("main.home"));
if ($config->isDatabaseUpToDate()) {
$menuId = (int) $config->get(Config::OPTION_MAIN_MENU_ID, 0);
if ($menuId === 0) {
$categoriesRepo = new CategoryRepository($website->getDatabase());
$links = array_merge($links, $categoriesRepo->getCategoryLinks($text));
} else {
$linkRepo = new LinkRepository($website->getDatabase());
$links = array_merge($links, $linkRepo->getLinksByMenu($menuId));
}
}
$menuTemplate = new MenuTemplate($website->getText(), $links);
$menuTemplate->writeText($stream);
}
private function saveLink(Website $website)
{
$text = $website->getText();
$valid = true;
if (!Validate::url($this->linkUrl)) {
$text->addError($text->t("links.url") . " " . Validate::getLastError($text));
$valid = false;
}
if (!Validate::stringLength($this->linkName, 1, LinkRepository::MAX_LINK_TEXT_LENGTH)) {
$text->addError($text->t("links.text") . " " . Validate::getLastError($text));
$valid = false;
}
if (!$valid) {
return;
}
$link = Link::createSaveable(0, $this->menu->getId(), new Uri($this->linkUrl), $this->linkName);
$linkRepo = new LinkRepository($website->getDatabase());
$linkRepo->saveLink($link);
$text->addMessage($text->t("main.link") . " " . $text->t("editor.is_created"), Link::of($text->getUrlPage("add_link", $this->menu->getId()), $text->t("links.create_another")));
$this->addedLink = true;
}
/**
* Call this when logging in an user. If password is correct, the last
* login date is updated. If the password storage method was outdated, the
* password is rehashed.
*
* @param User $user The user.
* @param string $password_unhashed The password entered by the user.
*/
protected function loginCheck(User $user, $password_unhashed)
{
if ($this->userRepo == null) {
// Unable to log in when userRepo is not present
return false;
}
$password_hashed = $user->getPasswordHashed();
$loggedIn = false;
if (strLen($password_hashed) == 32 && $password_hashed[0] != '$') {
// Still md5(sha1($pass)), update
if (md5(sha1($password_unhashed)) == $password_hashed) {
// Gets saved later on, when updating the last login
$user->setPassword($password_unhashed);
$loggedIn = true;
}
}
// Try to use modern password verification
if (!$loggedIn) {
$loggedIn = crypt($password_unhashed, $password_hashed) === $password_hashed;
}
if ($loggedIn) {
$status = $user->getStatus();
// Check whether the account is deleted
if ($status == Authentication::STATUS_DELETED) {
// Act like the account doesn't exist
return false;
}
// Check whether the account is banned
if ($status == Authentication::STATUS_BANNED) {
$text = $this->website->getText();
$text->addError($text->tReplaced("users.status.banned.your_account", $user->getStatusText()));
return false;
}
// Check password strength
if ($user->isWeakPassword($password_unhashed)) {
$text = $this->website->getText();
$text->addError($text->t("users.your_password_is_insecure"), Link::of($text->getUrlPage("edit_password"), $text->t("users.password.edit")));
}
// Update last login date (and possibly password hash, see above) if successfull
$user->setLastLogin(new DateTime());
$this->userRepo->save($user);
}
return $loggedIn;
}
private function respondToRequest(LinkRepository $linkRepo, MenuRepository $menuRepo, Text $text, Request $request)
{
if (!Validate::requestToken($request)) {
return;
}
$moveLinksToMenuId = $request->getRequestInt("move_option", 0);
if ($moveLinksToMenuId === 0) {
$linkRepo->deleteLinksInMenu($this->menu);
} else {
$linkRepo->moveLinks($this->menu, $this->allMenus[$moveLinksToMenuId]);
}
$menuRepo->deleteMenu($this->menu->getId());
$text->addMessage($text->t("links.menu") . " " . $text->t("editor.is_deleted"), Link::of($text->getUrlPage("links"), $text->t("links.overview")));
$this->deleted = true;
}