public function init(Website $website, Request $request)
{
$this->installedWidgets = $website->getWidgets();
$widgetRepo = new WidgetRepository($website);
$widgetId = $request->getParamInt(0);
if ($widgetId === 0) {
// New widget
$this->placedWidget = $this->getNewWidget($website, $request);
} else {
$this->placedWidget = $widgetRepo->getPlacedWidget($widgetId);
}
if ($request->hasRequestValue("submit") && Validate::requestToken($request)) {
// Use incoming data
$widgetDefinition = $this->installedWidgets->getDefinition($this->placedWidget);
$data = $widgetDefinition->parseData($website, $widgetId);
$this->placedWidget->setData($data);
if ($this->isValid($data)) {
// Save widget
$widgetRepo->savePlacedWidget($this->placedWidget);
$this->addSaveMessage($this->placedWidget, $website->getText());
}
}
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
private function saveData(Text $text, Request $request, Document $document, DocumentRepository $documentRepo)
{
if (!$request->hasRequestValue("intro") || !$request->hasRequestValue("title")) {
return;
}
if ($document->isForWidgetArea()) {
$text->addError($text->t("main.document") . ' ' . $text->t("errors.not_editable"));
return;
}
$document->setIntro($request->getRequestString("intro", ''));
$document->setTitle($request->getRequestString("title", ''));
$valid = true;
if (!Validate::requestToken($request)) {
$valid = false;
}
if (!Validate::stringLength($document->getIntro(), Document::INTRO_MIN_LENGTH, Document::INTRO_MAX_LENGTH)) {
$text->addError($text->t("documents.intro") . ' ' . Validate::getLastError($text));
$valid = false;
}
if (!Validate::stringLength($document->getTitle(), Document::TITLE_MIN_LENGTH, Document::TITLE_MAX_LENGTH)) {
$text->addError($text->t("documents.title") . ' ' . Validate::getLastError($text));
$valid = false;
}
if (!$valid) {
return;
}
$isNew = $document->getId() == 0;
$documentRepo->saveDocument($document);
if ($isNew) {
$text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_created"));
} else {
$text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_edited"));
}
}
private function updateCategory(CategoryRepository $categoryRepo, Request $request, Text $text)
{
$this->category->setName($request->getRequestString("category_name", ""));
$this->category->setDescriptionHtml($request->getRequestString("category_description", ""));
$valid = true;
if (!Validate::stringLength($this->category->getName(), CategoryRepository::NAME_MIN_LENGTH, CategoryRepository::NAME_MAX_LENGTH)) {
$text->addError($text->t("categories.name") . ' ' . Validate::getLastError($text));
$valid = false;
}
if (!Validate::stringLength($this->category->getDescriptionHtml(), CategoryRepository::DESCRIPTION_MIN_LENGTH, CategoryRepository::DESCRIPTION_MAX_LENGTH)) {
$text->addError($text->t("categories.description") . ' ' . Validate::getLastError($text));
$valid = false;
}
if ($valid) {
$newCategory = $this->category->getId() === 0;
$categoryRepo->saveCategory($this->category);
// Add a confirmation
$confirmation = $text->t("main.category") . " " . $text->t("editor.is_edited");
if ($newCategory) {
$confirmation = $text->t("main.category") . " " . $text->t("editor.is_created");
}
$viewCategory = Link::of($text->getUrlPage("category", $this->category->getId()), $text->t("categories.view_category"));
$viewCategories = Link::of($text->getUrlpage("category_list"), $text->t("categories.view_all_categories"));
$text->addMessage($confirmation, $viewCategory, $viewCategories);
}
}
private function validateInput(User $user, $password1, $password2, UserRepository $userRepo, Text $text)
{
$valid = true;
if (!Validate::username($user->getUsername())) {
$valid = false;
$text->addError($text->t("users.the_username") . " " . Validate::getLastError($text));
}
if (!Validate::displayName($user->getDisplayName())) {
$valid = false;
$text->addError($text->t("users.the_display_name") . " " . Validate::getLastError($text));
}
if (!Validate::password($password1, $password2)) {
$valid = false;
$text->addError($text->t("users.the_password") . " " . Validate::getLastError($text));
}
if (!Validate::email($user->getEmail())) {
$valid = false;
$text->addError($text->t("users.the_email") . " " . Validate::getLastError($text));
}
if ($userRepo->isUsernameInUse($user->getUsername())) {
// User with that name already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_username")));
}
if (!empty($user->getEmail()) && $userRepo->isEmailInUse($user->getEmail())) {
// User with that email already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_email")));
}
return $valid;
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$articleId = $request->getParamInt(0);
$showAdminPageLink = $website->isLoggedInAsStaff(true);
$oArticles = new ArticleRepository($website);
$article = $oArticles->getArticleOrFail($articleId);
$this->article = $article;
$formToken = RequestToken::generateNew();
$action = $request->getRequestString("action");
if ($action == "delete" && Validate::requestToken($request)) {
// Bye bye article
if ($oArticles->delete($article)) {
$this->view = new ArticleDeleteTemplate($text, $article, $formToken, $showAdminPageLink, ArticleDeleteTemplate::STATE_DELETED);
} else {
$this->view = new ArticleDeleteTemplate($text, $article, $formToken, $showAdminPageLink, ArticleDeleteTemplate::STATE_ERROR);
}
return;
} elseif ($action == "make_private" && Validate::requestToken($request)) {
// Hide article for visitors
$article->setHidden(true);
if ($oArticles->saveArticle($article)) {
$this->view = new ArticleDeleteTemplate($text, $article, $formToken, $showAdminPageLink, ArticleDeleteTemplate::STATE_HIDDEN);
} else {
$this->view = new ArticleDeleteTemplate($text, $article, $formToken, $showAdminPageLink, ArticleDeleteTemplate::STATE_ERROR);
}
return;
} else {
// Ask what to do
$this->view = new ArticleDeleteTemplate($text, $article, $formToken, $showAdminPageLink, ArticleDeleteTemplate::STATE_CONFIRMATION);
}
$formToken->saveToSession();
}
private function trySaveMenu(MenuRepository $menuRepo, Text $text)
{
if (!Validate::stringLength($this->menu->getName(), 1, MenuRepository::NAME_MAX_LENGTH)) {
$text->addError($text->t("links.menu") . " " . Validate::getLastError($text));
return;
}
$menuRepo->saveMenu($this->menu);
$text->addMessage($text->t("links.menu") . " " . $text->t("editor.is_changed"), Link::of($text->getUrlPage("edit_menu", $this->menu->getId()), $text->t("links.menu.go_back")));
}
public function init(Website $website, Request $request)
{
$linkId = $request->getParamInt(0, 0);
$linkRepo = new LinkRepository($website->getDatabase());
$this->link = $linkRepo->getLink($linkId);
if (Validate::requestToken($request)) {
$this->deleteLink($linkRepo, $website->getText());
}
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
public function init(Website $website, Request $request)
{
$menuId = (int) $website->getConfig()->get(Config::OPTION_MAIN_MENU_ID);
$menuRepo = new MenuRepository($website->getDatabase());
$this->menus = $menuRepo->getAllMenus();
$this->menu = isset($this->menus[$menuId]) ? $this->menus[$menuId] : null;
if (Validate::requestToken($request)) {
$this->handleRequest($website, $request);
}
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
private function handleSubmitedForm(Website $website, Request $request)
{
$text = $website->getText();
if (Validate::stringLength($this->menuName, 1, MenuRepository::NAME_MAX_LENGTH)) {
$menuRepo = new MenuRepository($website->getDatabase());
$this->menu = Menu::createNew($this->menuName);
$menuRepo->saveMenu($this->menu);
$text->addMessage($text->t("links.menu.created"));
} else {
$text->addError($text->t("links.menu.name") . ' ' . Validate::getLastError($text));
}
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if (isset($_REQUEST["display_name"])) {
// Sent
$display_name = $request->getRequestString("display_name");
if (Validate::displayName($display_name)) {
// Valid display_name
$this->user->setDisplayName($display_name);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.display_name") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid display_name
$website->addError($website->t("users.display_name") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.display_name", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->t("users.display_name.edit.explained") . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$display_name = isset($_POST['display_name']) ? htmlSpecialChars($_POST['display_name']) : $this->user->getDisplayName();
$textToDisplay .= <<<EOT
<p>{$website->t("main.fields_required")}</p>
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="display_name">{$website->t('users.display_name')}:</label><span class="required">*</span><br />
<input type="text" id="display_name" name="display_name" value="{$display_name}"/><br />
</p>
<p>
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="hidden" name="p" value="edit_display_name" />
<input type="submit" value="{$website->t('users.display_name.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function parseData(Website $website, $id)
{
$settingsArray = [];
// Title
$settingsArray["title"] = trim($website->getRequestString("title_" . $id, ""));
// Amount
$settingsArray["amount"] = $website->getRequestInt("amount_" . $id, 5);
$amount = $settingsArray["amount"];
if (!Validate::range($amount, self::MIN_COMMENTS, self::MAX_COMMENTS)) {
$settingsArray["valid"] = false;
$website->addError($website->t("comments.count") . " " . Validate::getLastError($website));
}
return $settingsArray;
}
public function init(Website $website, Request $request)
{
$this->installedWidgets = $website->getWidgets();
$widgetId = $request->getParamInt(0, 0);
$widgetRepo = new WidgetRepository($website);
$this->placedWidget = $widgetRepo->getPlacedWidget($widgetId);
if (Validate::requestToken($request)) {
$widgetRepo->deletePlacedWidget($this->placedWidget);
$text = $website->getText();
$text->addMessage($text->t("main.widget") . ' ' . $text->t("editor.is_deleted"), Link::of($text->getUrlPage("edit_document", $this->placedWidget->getDocumentId()), $text->t("main.ok")));
} else {
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
}
public function init(Website $website, Request $request)
{
$this->title = $website->getConfig()->get("title");
$this->copyright = $website->getConfig()->get("copyright");
$this->password = $website->getConfig()->get("password");
$this->language = $website->getConfig()->get("language");
$this->user_account_creation = $website->getConfig()->get("user_account_creation");
if (isset($_REQUEST["submit"]) && Validate::requestToken($request)) {
$this->save_values($website);
$this->saved = true;
}
// Refresh token
$this->token = RequestToken::generateNew();
$this->token->saveToSession();
}
private function respondToRequest(LinkRepository $linkRepo, MenuRepository $menuRepo, Text $text, Request $request)
{
if (!Validate::requestToken($request)) {
return;
}
$moveLinksToMenuId = $request->getRequestInt("move_option", 0);
if ($moveLinksToMenuId === 0) {
$linkRepo->deleteLinksInMenu($this->menu);
} else {
$linkRepo->moveLinks($this->menu, $this->allMenus[$moveLinksToMenuId]);
}
$menuRepo->deleteMenu($this->menu->getId());
$text->addMessage($text->t("links.menu") . " " . $text->t("editor.is_deleted"), Link::of($text->getUrlPage("links"), $text->t("links.overview")));
$this->deleted = true;
}
public function init(Website $website, Request $request)
{
$documentId = $request->getParamInt(0, 0);
$documentRepo = new DocumentRepository($website->getDatabase(), true);
$this->document = $documentRepo->getDocument($documentId);
if (Validate::requestToken($request)) {
$widgetRepo = new WidgetRepository($website);
$documentRepo->deleteDocument($this->document, $widgetRepo);
$text = $website->getText();
$text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_deleted"));
$this->deleted = true;
}
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
public function init(Website $website, Request $request)
{
parent::init($website, $request);
$themeManager = $website->getThemeManager();
if (!$themeManager->canSwitchThemes()) {
$this->sendThemeSwitchError($website->getText());
} else {
if (Validate::requestToken($request)) {
$this->trySwitchTheme($themeManager, $website->getText(), $request);
}
}
$this->availableThemes = $themeManager->getAllThemes();
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("email")) {
// Sent
$email = $request->getRequestString("email");
if (Validate::email($email)) {
// Valid email
$this->user->setEmail($email);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.email") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid email
$website->addError($website->t("users.email") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.email", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->t("users.email.edit.explained") . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$email = htmlSpecialChars($request->getRequestString("email", $this->user->getEmail()));
$textToDisplay .= <<<EOT
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="email">{$website->t('users.email')}:</label><br /><input type="text" id="email" name="email" value="{$email}"/><br />
</p>
<p>
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="hidden" name="p" value="edit_email" />
<input type="submit" value="{$website->t('users.email.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function init(Website $website, Request $request)
{
$categoriesRepo = new CategoryRepository($website->getDatabase());
$categoryId = $request->getParamInt(0, 0);
$this->category = $categoriesRepo->getCategory($categoryId);
if ($this->category->isStandardCategory()) {
$text = $website->getText();
$editCategory = Link::of($text->getUrlPage("edit_category", $this->category->getId()), $text->t("categories.edit"));
$viewAll = Link::of($text->getUrlPage("category_list"), $text->t("categories.view_all"));
$text->addError($text->t("categories.delete.cannot_remove_default"), $editCategory, $viewAll);
return;
}
if (Validate::requestToken($request)) {
$articlesRepo = new ArticleRepository($website);
$this->deleteCategory($categoriesRepo, $articlesRepo, $website->getText());
}
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
/**
* Validates a comment for saving to the database.
* @param Comment $comment The comment.
* @param Text $text Errors go here.
* @return boolean True if the comment is valid, false otherwise.
*/
public function validateComment(Comment $comment, Text $text)
{
$valid = true;
if (!Validate::stringLength($comment->getBodyRaw(), Comment::BODY_MIN_LENGTH, Comment::BODY_MAX_LENGTH)) {
$text->addError($text->t("comments.comment") . " " . Validate::getLastError($text));
$valid = false;
}
if ($comment->isByVisitor()) {
if (!Validate::email($comment->getUserEmail())) {
$text->addError($text->t("users.email") . " " . Validate::getLastError($text));
$valid = false;
}
if (!Validate::displayName($comment->getUserDisplayName())) {
$text->addError($text->t("users.name") . " " . Validate::getLastError($text));
$valid = false;
}
}
return $valid;
}
private function handleRequest(Text $text, Request $request, LinkRepository $linkRepo)
{
$valid = true;
$linkText = $request->getRequestString("link_text", "");
$this->link->setText($linkText);
if (!Validate::nameOfLink($linkText)) {
$text->addError($this->t("links.text") . " " . Validate::getLastError($text));
$valid = false;
}
$url = $request->getRequestString("link_url", "");
if (Validate::url($url)) {
$this->link->setUrl(new Uri($url));
} else {
$text->addError($text->t("links.url") . " " . Validate::getLastError($text));
$valid = false;
}
if ($valid) {
$linkRepo->saveLink($this->link);
$text->addMessage($text->t("main.link") . ' ' . $text->t("editor.is_edited"), Link::of($text->getUrlPage("edit_menu", $this->link->getMenuId()), $text->t("links.menu.go_back")));
}
}
private function saveLink(Website $website)
{
$text = $website->getText();
$valid = true;
if (!Validate::url($this->linkUrl)) {
$text->addError($text->t("links.url") . " " . Validate::getLastError($text));
$valid = false;
}
if (!Validate::stringLength($this->linkName, 1, LinkRepository::MAX_LINK_TEXT_LENGTH)) {
$text->addError($text->t("links.text") . " " . Validate::getLastError($text));
$valid = false;
}
if (!$valid) {
return;
}
$link = Link::createSaveable(0, $this->menu->getId(), new Uri($this->linkUrl), $this->linkName);
$linkRepo = new LinkRepository($website->getDatabase());
$linkRepo->saveLink($link);
$text->addMessage($text->t("main.link") . " " . $text->t("editor.is_created"), Link::of($text->getUrlPage("add_link", $this->menu->getId()), $text->t("links.create_another")));
$this->addedLink = true;
}
public function init(Website $website, Request $request)
{
$commentId = $request->getParamInt(0, 0);
$repo = new CommentRepository($website->getDatabase());
$this->comment = $repo->getCommentOrFail($commentId);
$user = $website->getAuth()->getCurrentUser();
// Check if user is allowed to delete this comment
if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) {
throw new NotFoundException();
}
// Check if form was submitted
if (Validate::requestToken($request)) {
$repo->deleteComment($commentId);
$text = $website->getText();
$articleLink = $text->getUrlPage("article", $this->comment->getArticleId());
$text->addMessage($text->t("comments.comment") . ' ' . $text->t("editor.is_deleted"), Link::of($articleLink, $text->t("main.ok")));
} else {
$this->requestToken = RequestToken::generateNew();
$this->requestToken->saveToSession();
}
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$currentUser = $website->getAuth()->getCurrentUser();
$articleId = $request->getParamInt(0);
$articleRepository = new ArticleRepository($website);
$article = $this->getArticle($articleRepository, $currentUser, $articleId);
$articleEditor = new ArticleEditor($article);
$this->articleEditor = $articleEditor;
$categoryRepository = new CategoryRepository($website->getDatabase());
$this->allCategories = $categoryRepository->getCategories();
$this->richEditor = new CKEditor($website->getText(), $website->getConfig(), $website->getThemeManager());
// Validate token, then save new one to session
$validToken = Validate::requestToken($request);
$this->token = RequestToken::generateNew();
$this->token->saveToSession();
// Now check input
if (!$articleEditor->processInput($website->getText(), $request, $categoryRepository)) {
return;
}
if ($request->hasRequestValue("submit") && $validToken) {
// Try to save
$article = $articleEditor->getArticle();
if ($articleRepository->saveArticle($article)) {
$viewArticleLink = Link::of($website->getUrlPage("article", $article->getId()), $website->t("articles.view"));
if ($articleId == 0) {
// New article created
$text->addMessage($text->t("main.article") . " " . $text->t("editor.is_created"), $viewArticleLink);
} else {
// Article updated
$text->addMessage($text->t("main.article") . " " . $text->t("editor.is_edited"), $viewArticleLink);
}
// Check for redirect
if ($request->getRequestString("submit") == $website->t("editor.save_and_quit")) {
$this->redirectUrl = $website->getUrlPage("article", $article->getId());
}
}
}
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$this->requestToken = RequestToken::generateNew();
$commentId = $request->getParamInt(0, 0);
$auth = $website->getAuth();
$user = $auth->getCurrentUser();
$repo = new CommentRepository($website->getDatabase());
$this->comment = $repo->getCommentOrFail($commentId);
if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) {
// Can only edit own comment unless moderator
throw new NotFoundException();
}
if ($request->hasRequestValue("submit") && Validate::requestToken($request)) {
// Validate and save comment
$this->updateCommentFromRequest($this->comment, $request);
if ($repo->validateComment($this->comment, $text)) {
$repo->saveComment($this->comment);
$this->redirectLink = $this->comment->getUrl($text);
}
}
$this->requestToken->saveToSession();
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$this->requestToken = RequestToken::generateNew();
$articleId = $request->getParamInt(0, 0);
$articleRepo = new ArticleRepository($website);
$article = $articleRepo->getArticleOrFail($articleId);
if (!$article->showComments) {
$text->addError($text->t("comments.commenting_not_allowed_on_article"));
return;
}
$user = $website->getAuth()->getCurrentUser();
$this->comment = $this->fetchComment($request, $article, $user);
if ($request->hasRequestValue("submit") && Validate::requestToken($request)) {
// Validate and save comment
$repo = new CommentRepository($website->getDatabase());
if ($repo->validateComment($this->comment, $text)) {
$repo->saveComment($this->comment);
$this->redirectLink = $this->comment->getUrl($text);
}
}
$this->requestToken->saveToSession();
}
private function validateInput(User $user, $password, Authentication $auth, UserRepository $userRepo, Text $text)
{
$valid = true;
if (!Validate::username($user->getUsername())) {
$valid = false;
$text->addError($text->t("users.the_username") . " " . Validate::getLastError($text));
}
if (!Validate::displayName($user->getDisplayName())) {
$valid = false;
$text->addError($text->t("users.the_display_name") . " " . Validate::getLastError($text));
}
if (!Validate::password($password, $password)) {
$valid = false;
$text->addError($text->t("users.the_password") . " " . Validate::getLastError($text));
}
if (!Validate::email($user->getEmail())) {
$valid = false;
$text->addError($text->t("users.the_email") . " " . Validate::getLastError($text));
}
if ($userRepo->isUsernameInUse($user->getUsername())) {
// User with that name already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_username")));
}
if (!empty($user->getEmail()) && $userRepo->isEmailInUse($user->getEmail())) {
// User with that email already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_email")));
}
if (!$auth->isValidRankForAccounts($user->getRank())) {
// Invlaid rank
$valid = false;
$text->addError($text->t("users.the_rank") . " " . $text->t("errors.is_invalid"));
}
return $valid;
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$widgetId = $request->getParamInt(0);
$moveUp = $request->getRequestString("direction", "up") === "up";
$widgetRepository = new WidgetRepository($website);
$this->placedWidget = $widgetRepository->getPlacedWidget($widgetId);
$this->installedWidgets = $website->getWidgets();
if (Validate::requestToken($request)) {
// move
$this->moveWidget($widgetRepository, $moveUp);
$this->redirectUrl = $text->getUrlPage("edit_document", $this->placedWidget->getDocumentId());
} else {
$text->addError(Validate::getLastError($text));
$linkText = $text->t("widgets.move_down");
if ($moveUp) {
$linkText = $text->t("widgets.move_up");
}
// Generate new request token, allowing user to perform action again
$newRequestToken = RequestToken::generateNew();
$this->moveLink = Link::of($text->getUrlPage("move_widget", $widgetId, ["direction" => $moveUp ? "up" : "down", RequestToken::FIELD_NAME => $newRequestToken->getTokenString()]), $linkText);
$newRequestToken->saveToSession();
}
}
public static function url($linkUrl)
{
try {
new Uri($linkUrl);
} catch (InvalidArgumentException $e) {
Validate::setError("not_a_valid_web_address");
return false;
}
return self::stringLength($linkUrl, 1, LinkRepository::MAX_URL_LENGTH);
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("password")) {
// Sent
$old_password = $request->getRequestString("old_password");
if ($this->editing_someone_else || $this->user->verifyPassword($old_password)) {
// Old password entered correctly
$password = $request->getRequestString("password");
$password2 = $request->getRequestString("password2");
if (Validate::password($password, $password2)) {
// Valid password
$this->user->setPassword($password);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.password") . ' ' . $website->t("editor.is_changed") . '</p>';
// Update login cookie (only when changing your own password)
if (!$this->editing_someone_else) {
$website->getAuth()->setLoginCookie();
}
// Don't show form
$show_form = false;
} else {
// Invalid new password
$website->addError($website->t("users.password") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.password", true) . '</em></p>';
}
} else {
// Invalid old password
$website->addError($website->t("users.old_password") . ' ' . $website->t("errors.not_correct"));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.password", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->tReplaced("users.password.edit.explained", Validate::$MIN_PASSWORD_LENGHT) . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$old_password_text = "";
if (!$this->editing_someone_else) {
// Add field to verify old password when editing yourself
$old_password_text = <<<EOT
<label for="old_password">{$website->t('users.old_password')}:</label><span class="required">*</span><br />
<input type="password" id="old_password" name="old_password" value=""/><br />
EOT;
}
$textToDisplay .= <<<EOT
<p>{$website->t("main.fields_required")}</p>
<form action="{$website->getUrlMain()}" method="post">
<p>
{$old_password_text}
<label for="password">{$website->t('users.password')}:</label><span class="required">*</span><br />
<input type="password" id="password" name="password" value=""/><br />
<label for="password2">{$website->t('users.password.repeat')}:</label><span class="required">*</span><br />
<input type="password" id="password2" name="password2" value=""/><br />
</p>
<p>
<input type="hidden" name="p" value="edit_password" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('users.password.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function getPageContent(Website $website, Request $request)
{
// Don't allow to edit your own status (why would admins want to downgrade
// themselves?)
if (!$this->editing_someone_else) {
$website->addError($website->t("users.account") . " " . $website->t("errors.not_editable"));
return "";
}
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("status")) {
// Sent
$status = $request->getRequestInt("status");
$status_text = $request->getRequestString("status_text");
$oAuth = $website->getAuth();
$valid = true;
// Check status id
if (!$oAuth->isValidStatus($status)) {
$website->addError($website->t("users.status") . ' ' . $website->t("errors.not_found"));
$valid = false;
}
// Check status text
if (!Validate::stringLength($status_text, 1, self::MAXIMUM_STATUS_TEXT_LENGTH)) {
$website->addError($website->t("users.status_text") . " " . Validate::getLastError($website));
$valid = false;
}
if ($valid) {
// Valid status
$this->user->setStatus($status);
$this->user->setStatusText($status_text);
$oAuth->getUserRepository()->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.status") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid status
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.status", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Variables
$status = $website->getRequestInt("status", $this->user->getStatus());
$statuses = array(Authentication::STATUS_NORMAL, Authentication::STATUS_BANNED, Authentication::STATUS_DELETED);
$status_text = htmlSpecialChars($request->getRequestString("status_text", $this->user->getStatusText()));
// Form itself
$textToDisplay .= <<<EOT
<p>
{$website->t("users.status.edit.explained")}
{$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")}
</p>
<p>
{$website->t("main.fields_required")}
</p>
<form action="{$website->getUrlMain()}" method="get">
<p>
<label for="status">{$website->t("users.status")}</label>:<span class="required">*</span><br />
{$this->get_statuses_box_html($website->getAuth(), $statuses, $status)}
</p>
<p>
<label for="status_text">{$website->t("users.status_text")}</label>:<span class="required">*</span><br />
<input type="text" name="status_text" id="status_text" size="80" value="{$status_text}" />
</p>
<p>
<input type="hidden" name="p" value="edit_account_status" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('editor.save')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}