/**
* Registers a user with the details within the HTTP Request object if no user currently exists
* with a matching username or email address.
*
* @param Request $request The HTTP Request object.
* @param Response $response The HTTP Response object.
* @param array $args The array containing arguments provided.
*
* @return string The message from the registration process.
*/
public function register(Request $request, Response $response, array $args)
{
//get post variables from request body
$post = $request->getParams();
//validate post variables (exist, and as expected)
/** @var Validator $v */
$v = new Validator($post);
$v->rule('required', ['username', 'password', 'email', 'first_name', 'last_name', 'date_of_birth']);
$v->rule('email', 'email');
$ret = array();
if ($v->validate()) {
if ($this->dbService->userExists($post['username'], $post['email'])) {
$ret['message'] = "User already exists.";
$ret['success'] = false;
} else {
if ($key = $this->dbService->addNewUser($post) ?: false) {
$this->emailService->sendVerificationEmail($post['email'], $post['first_name'], $post['last_name'], $key);
$ret['message'] = "You are now registered! A confirmation email has been sent to you. Please open it and follow\r\n the instructions provided.";
$ret['success'] = true;
} else {
$ret['message'] = "Something went wrong. Please try again later.";
$ret['success'] = false;
}
}
} else {
$ret['message'] = "Please complete all fields.";
$ret['success'] = false;
}
return json_encode($ret);
}
public function __invoke(Request $req, Response $res)
{
$school = $req->getAttribute('school', false);
if (!$school) {
return $res->withStatus(403, 'No school');
}
$teacherId = $req->getParam('teacher_id');
$teacher = $this->staffService->getTeacherById($teacherId);
if ($teacher['school_id'] !== $school->id) {
return $res->withStatus(403, 'No school');
}
if ($req->isPost()) {
$inputFilter = $this->inputFilter;
$result = $inputFilter($req->getParams());
if (!$result['is_valid']) {
$res = $res->withStatus(422);
$res = $res->withJson($result);
return $res;
}
$this->service->saveAnswers($teacherId, $result['values']);
}
$data = $this->service->getAnswers($teacherId);
$res = $res->withJson($data);
return $res;
}
public function __invoke(Request $req, Response $res, array $args = [])
{
$school = $req->getAttribute('school', false);
if (!$school) {
return $res->withStatus(403, 'No school');
}
$params = $req->getParams();
$id = $params['id'];
$params['school_id'] = $school->id;
if (isset($params['lessons']) && !is_array($params['lessons'])) {
$params['lessons'] = explode(',', $params['lessons']);
}
unset($params['id']);
try {
if ($id) {
$lab = $this->labservice->updateLab($params, $id);
$res = $res->withStatus(200);
} else {
$lab = $this->labservice->createLab($params);
$res = $res->withStatus(201);
}
$res = $res->withJson($lab);
} catch (Exception $ex) {
$res = $res->withStatus(500, $ex->getMessage());
}
return $res;
}
public function __invoke(Request $req, Response $res)
{
$school = $req->getAttribute('school');
if ($req->isPost()) {
$this->appFormInputFilter->setData(array_merge($req->getParams(), ['school_id' => $school->id, 'submitted_by' => $this->authService->getIdentity()->mail]));
$isValid = $this->appFormInputFilter->isValid();
if ($isValid) {
$data = $this->appFormInputFilter->getValues();
$appForm = $this->appFormService->submit($data);
$_SESSION['applicationForm']['appForm'] = $appForm;
$res = $res->withRedirect($this->successUrl);
return $res;
}
$this->view['form'] = ['is_valid' => $isValid, 'values' => $this->appFormInputFilter->getValues(), 'raw_values' => $this->appFormInputFilter->getRawValues(), 'messages' => $this->appFormInputFilter->getMessages()];
}
$loadForm = (bool) $req->getParam('load', false);
$this->view['choose'] = !$loadForm && !$req->isPost();
if (!$req->isPost() && $loadForm) {
if (null !== ($appForm = $this->appFormService->findSchoolApplicationForm($school->id))) {
$this->view['form'] = ['values' => $appForm];
}
}
$labs = $this->labService->getLabsBySchoolId($school->id);
$res = $this->view->render($res, 'application_form/form.twig', ['lab_choices' => array_map(function ($lab) {
return ['value' => $lab['id'], 'label' => $lab['name']];
}, $labs), 'type_choices' => array_map(function ($category) {
return ['value' => $category['id'], 'label' => $category['name']];
}, $this->assetsService->getAllItemCategories())]);
return $res;
}
/**
* @param Request $request
* @param Response $response
* @return Response
*/
public function saveAction(Request $request, Response $response) : Response
{
$service = new FieldService();
$entity = (new SampleEntity())->setOne((new Field())->setId(1)->setValue(8))->setTwo($service->getFieldGroup(2))->setThree($service->getFieldGroup(3))->setFour((new Field())->setId(4)->setValue(123));
$form = $this->formFactory->create(SampleType::class, $entity);
$form->submit($request->getParams())->isValid();
$bla = 0;
return $this->view->render($response, 'field/index.html.twig', ['form' => $form->createView()]);
}
public function actionCreate(Request $request)
{
if ($request->isXhr()) {
$model = Unit::find($request->getAttribute('id'));
return $this->renderAjax('image/ajax/modal', ['model' => $model]);
}
$this->uploadFiles($request->getUploadedFiles(), $request->getParams(), $request->getAttribute('id'));
return $this->goBack();
}
public function __invoke(Request $req, Response $res, callable $next)
{
$data = $req->getParams();
$inputFilter = $this->inputFilter;
$result = $inputFilter($data);
if (!$result['is_valid']) {
$res = $res->withStatus(422, 'validation error');
$res->withJson($result);
return $res;
}
$req = $req->withParsedBody($result['values']);
return $next($req, $res);
}
public function actionLogin(Request $request)
{
$model = Oauth::firstOrNew($request->getParams());
if (!$model->id) {
Alert::add('Wrong pin', Alert::ERROR);
return $this->render('oauth/index');
}
if (!$model->validateTime()) {
Alert::add('Pin is outdated', Alert::ERROR);
return $this->render('oauth/index');
}
$this->login();
return $this->goHome();
}
public function edit(Request $request, Response $response, array $args)
{
$uid = $args['uid'];
if (empty($uid)) {
$this->flash->addMessage('flash', 'No record specified');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('accounts'));
}
$id = $this->authenticator->getIdentity();
$user = R::load('users', $id['id']);
if ($uid != 'new') {
$account = R::load('accounts', $uid);
if ($account->id == 0) {
$this->flash->addMessage('flash', 'No record found');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('accounts'));
}
// restrict access to own profile or Admin role
if ($account->users->id != $id['id']) {
if (strtolower($id['role']) != 'admin') {
$this->flash->addMessage('flash', 'Access Denied');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('accounts'));
}
}
} else {
$account = R::dispense('accounts');
}
if ($request->isPost()) {
$data = $request->getParams();
$account->import($data, 'apikey,accountid,servertype');
$account->users = $user;
$account->lasttid = 0;
$oandaInfo = FALSE;
// verify and get account balance
try {
$oandaInfo = new Broker_Oanda($account['servertype'], $account['apikey'], $account['accountid'], 0);
} catch (\Exception $e) {
$viewData['flash'] = 'Account Details Invalid';
}
if ($oandaInfo != FALSE) {
$aid = R::store($account);
$oandaInfo->updateAccount();
$this->flash->addMessage('flash', "account updated");
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('editaccount', ['uid' => $aid]));
}
}
$viewData['account'] = $account;
$this->view->render($response, 'account.twig', $viewData);
return $response;
}
public function actionUpdate(Request $request)
{
if (!Oauth::isLogged()) {
return $this->goBack();
}
/* @var $model Unit */
$model = Unit::find($request->getAttribute('id'));
if ($request->isXhr()) {
return $this->renderAjax('unit/ajax/modal', ['model' => $model]);
}
$model->addTagsToUnit($request->getParam('tags'));
$model->fill($request->getParams());
if ($model->validate() && $model->save()) {
Alert::add("Successful update {$model->name}");
}
return $this->goBack();
}
public function dispatch(Request $request, Response $response, $args)
{
$meetupID = $request->getAttribute('meetup_id', null);
$eventInfo = $this->eventService->getInfoByMeetupID($meetupID);
if ($eventInfo->eventExists()) {
$this->flash->addMessage('event', 'Event already exists. Check its status.');
return $response->withStatus(302)->withHeader('Location', 'event-details/' . $meetupID);
}
if (!$eventInfo->isRegistered() && !is_null($meetupID)) {
$this->flash->addMessage('event', 'No event found for meetupID provided. Please create a new event.');
return $response->withStatus(302)->withHeader('Location', 'create-event');
}
$form = new CreateEventForm($this->eventManager, $this->eventService);
if ($eventInfo->isRegistered()) {
$form->setEventInfo($eventInfo);
}
$data = ['form' => $form, 'errors' => $this->flash->getMessage('event') ?? [], 'defaultTime' => $this->eventsConfig->defaultStartTime];
if ($request->isPost()) {
$form->populate($request->getParams());
if (!$form->isValid()) {
// return response
$data['errors'] = $form->getErrors();
$data = array_merge($data, $this->getCsrfValues($request));
$response->withStatus(304);
$this->view->render($response, 'admin/create-event.twig', $data);
return $response;
}
try {
$event = EventFactory::getEvent($form->getTalkTitle(), $form->getTalkDescription(), $form->getEventDate(), $form->getSpeaker(), $form->getVenue(), $form->getSupporter(), $this->eventsConfig->title, $this->eventsConfig->description);
$createEventInfo = $this->eventService->createMainEvents($event, $this->auth->getUserId(), $meetupID);
if (!is_null($createEventInfo['joindin_message'])) {
$this->flash->addMessage('event', $createEventInfo['joindin_message']);
}
return $response->withStatus(302)->withHeader('Location', 'event-details?meetup_id=' . $createEventInfo['meetup_id']);
} catch (\Exception $e) {
$this->logger->debug($e->getMessage());
$this->logger->debug(print_r($data['errors'], true));
$data['errors'] = array_merge($data['errors'], [$e->getMessage()]);
}
}
$data = array_merge($data, $this->getCsrfValues($request));
$this->view->render($response, 'admin/create-event.twig', $data);
return $response;
}
public function editUser(Request $request, Response $response, array $args)
{
$username = strtolower($args['username']);
if (empty($username)) {
$this->flash->addMessage('flash', 'No user specified');
return $response->withRedirect($this->router->pathFor('profile'));
}
$id = $this->authenticator->getIdentity();
// restrict access to own profile or Admin user
if ($username != strtolower($id['name'])) {
if (strtolower($id['name']) != 'admin') {
$this->flash->addMessage('flash', 'Access Denied');
return $response->withRedirect($this->router->pathFor('profile'));
}
}
if ($username != 'new') {
$user = R::findOrCreate('users', ['name' => $username]);
} else {
$user = R::dispense('users');
}
if ($request->isPost()) {
$data = $request->getParams();
//$username = $request->getParam('username');
$user->import($data, 'fullname,shortdial,longdial,colour,mobile,home');
$user->name = $request->getParam('username');
$password = $request->getParam('password');
if (!empty($password)) {
$pass = password_hash($password, PASSWORD_DEFAULT);
$user->hash = $pass;
}
$id = R::store($user);
$this->flash->addMessage('flash', "{$user->name} updated");
return $response->withRedirect($this->router->pathFor('edituser', ['username' => $username]));
// $member = 'INSERT INTO `users` (`name`, `fullname`, `password`, `hash`, `colour`, `shortdial`, `longdial`, `mobile`, `home`, `ins_mf`, `ins_win`, `health_mf`, `health_win`, `life_mf`, `life_win`, `wealth_mf`, `wealth_win`, `uk_shift`, `atss`) VALUES '
// . "($username, $fullname, :pass, '', 'FAD2F5', $shortdial, $longdial, '', '', '1', '0', '0', '1', '0', '0', '0', '1', '0', '0');
// ";
}
$this->view->render($response, 'user.twig', $user->export());
return $response;
}
public function __invoke(Request $req, Response $res, array $args = [])
{
$school = $req->getAttribute('school', false);
if (!$school) {
return $res->withStatus(403, 'No school');
}
$params = $req->getParams();
$id = $params['id'];
unset($params['id']);
try {
if ($id) {
$asset = $this->schoolAssetsService->updateAssetForSchool($school->id, $params, $id);
$res = $res->withStatus(200);
} else {
$asset = $this->schoolAssetsService->addAssetForSchool($school->id, $params);
$res = $res->withStatus(201);
}
$res = $res->withJson($asset);
} catch (Exception $ex) {
$res = $res->withStatus(500, $ex->getMessage());
}
return $res;
}
/**
* Authenticates a user if given the correct username and password.
*
* @param Request $request The HTTP Request object.
* @param Response $response The HTTP Response object.
* @param array $args The array containing arguments provided.
*
* @return string The message from the authentication process.
*/
public function authenticate(Request $request, Response $response, array $args)
{
//get post variables from request body
$post = $request->getParams();
//validate post variables (exist, and as expected)
/** @var Validator $v */
$v = new Validator($post);
$v->rule('required', ['username', 'password']);
$ret = array();
//if validation fails, exit, else authenticate
if ($v->validate()) {
if (password_verify($post['password'], $this->dbService->getPassword($post['username']))) {
$user = $this->dbService->getUser($post['username']);
if ($user) {
if ($this->dbService->hasVerified($post['username'])) {
$remember = $post['remember'];
$this->startSession($user, $remember);
$ret['success'] = true;
$ret['message'] = "authenticated";
} else {
$ret['success'] = false;
$ret['message'] = "This account has not yet been verified.";
}
} else {
$ret['success'] = false;
$ret['message'] = "Incorrect username and/or password";
}
} else {
$ret['success'] = false;
$ret['message'] = "Incorrect username and/or password";
}
} else {
$ret['success'] = true;
$ret['message'] = "Please enter your username and password.";
}
return json_encode($ret);
}
public function editUser(Request $request, Response $response, array $args)
{
$username = strtolower($args['username']);
if (empty($username)) {
$this->flash->addMessage('flash', 'No user specified');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('profile'));
}
$id = $this->authenticator->getIdentity();
// restrict access to own profile or Admin user
if ($username != strtolower($id['name'])) {
if (strtolower($id['name']) != 'admin') {
$this->flash->addMessage('flash', 'Access Denied');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('profile'));
}
}
if ($username != 'new') {
$user = R::findOrCreate('users', ['name' => $username]);
} else {
$user = R::dispense('users');
}
if ($request->isPost()) {
$data = $request->getParams();
//$username = $request->getParam('username');
$user->import($data, 'fullname,colour,mobile,home');
$user->name = $request->getParam('username');
$password = $request->getParam('password');
if (!empty($password)) {
$pass = password_hash($password, PASSWORD_DEFAULT);
$user->hash = $pass;
}
$id = R::store($user);
$this->flash->addMessage('flash', "{$user->name} updated");
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('edituser', ['username' => $username]));
}
$this->view->render($response, 'user.twig', $user->export());
return $response;
}
public function __invoke(Request $req, Response $res, array $args = [])
{
$school = $req->getAttribute('school', false);
if (!$school) {
return $res->withStatus(403, 'No school');
}
$params = $req->getParams();
$params['school_id'] = $school->id;
$id = $params['id'];
unset($params['id']);
try {
if ($id) {
$teacher = $this->staffService->updateTeacher($params, $id);
$res = $res->withStatus(200);
} else {
$teacher = $this->staffService->createTeacher($params);
$res = $res->withStatus(201);
}
$res = $res->withJson($teacher);
} catch (Exception $ex) {
$res = $res->withStatus(500, $ex->getMessage());
}
return $res;
}
public function options(Request $request, Response $response, array $args)
{
$uid = $args['uid'];
if (empty($uid)) {
$this->flash->addMessage('flash', 'No record specified');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('homepage'));
}
$id = $this->authenticator->getIdentity();
$user = R::load('users', $id['id']);
$strategy = R::load('strategies', $uid);
if ($strategy->id == 0) {
$this->flash->addMessage('flash', 'No record found');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('stratagies'));
}
// restrict access to own profile or Admin role
if (strtolower($id['role']) != 'admin') {
$this->flash->addMessage('flash', 'Access Denied');
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('stratagies'));
}
$params = $this->getParams($strategy);
if ($request->isPost()) {
$data = $request->getParams();
$options = [];
foreach ($data as $key => $value) {
if (!$params || $params && in_array($key, $params)) {
$options[$key] = $value;
}
}
$strategy->params = $options;
$aid = R::store($strategy);
$this->flash->addMessage('flash', "Strategy updated");
return $response->withRedirect($request->getUri()->getBaseUrl() . $this->router->pathFor('editstrategy', ['uid' => $aid]));
}
$viewData['strategy'] = $strategy;
$viewData['params'] = $params;
$this->view->render($response, 'strategyoptions.twig', $viewData);
return $response;
}
public function postDebug(Request $request, Response $response, $args)
{
$res = ["body" => $request->getBody(), "pa" => $request->getParsedBody(), "params" => $request->getParams(), "name" => $request->getParam('name')];
return $this->echoJson($response, $res);
}
public function __invoke(Request $req, Response $res)
{
$school = $req->getAttribute('school');
if ($req->isPost()) {
$reqParams = $req->getParams();
array_splice($reqParams['items'], 0, 0);
$this->appFormInputFilter->setData(array_merge($reqParams, ['school_id' => $school->id, 'submitted_by' => $this->authService->getIdentity()->mail]));
$isValid = $this->appFormInputFilter->isValid();
if ($isValid) {
$data = $this->appFormInputFilter->getValues();
$appForm = $this->appFormService->submit($data);
$_SESSION['applicationForm']['appForm'] = $appForm;
$res = $res->withRedirect($this->successUrl);
return $res;
}
$this->view['form'] = ['is_valid' => $isValid, 'values' => $this->appFormInputFilter->getValues(), 'raw_values' => $this->appFormInputFilter->getRawValues(), 'messages' => $this->appFormInputFilter->getMessages()];
}
$loadForm = (bool) $req->getParam('load', false);
$this->view['choose'] = !$loadForm && !$req->isPost();
if (!$req->isPost() && $loadForm) {
// take care of new options in applications and migrate existing ones
if (null !== ($appForm = $this->appFormService->findSchoolApplicationForm($school->id))) {
/**
* Do mapping of old items to new only if items do exist (old form)
* and the map is available at the app settings.
* TODO: Only one version migrations are supported. If the old items are
* two or more versions older, they will not be handled.
*/
// get the existing (db) application form version
$items_version = $this->version;
if (isset($appForm['items']) && \count($appForm['items']) > 0) {
$items_version = array_values($appForm['items'])[0]['version'];
}
if ($this->version != $items_version && isset($appForm['items']) && isset($this->container['settings']['application_form']['itemcategory']['map']) && $this->container['settings']['application_form']['itemcategory']['map']['fromversion'] == $items_version && $this->container['settings']['application_form']['itemcategory']['map']['toversion'] == $this->version && isset($this->container['settings']['application_form']['itemcategory']['map']['items'])) {
// if map exists for this version, use it
$items_map = $this->container['settings']['application_form']['itemcategory']['map']['items'];
$appForm['items'] = array_map(function ($item) use($items_map) {
$migrate_values = [];
if (isset($items_map[$item['itemcategory_id']]) && intval($items_map[$item['itemcategory_id']]) > 0) {
$migrate_values = ['itemcategory_prev' => $item['itemcategory_id'], 'itemcategory_id_prev' => $item['itemcategory_id'], 'itemcategory_id' => intval($items_map[$item['itemcategory_id']])];
} else {
$migrate_values = ['itemcategory_prev' => '', 'itemcategory_id_prev' => -1];
}
$migrate_values['prev_form_load'] = true;
return array_merge($item, $migrate_values);
}, $appForm['items']);
} elseif ($this->version != $items_version && isset($appForm['items']) && isset($this->container['settings']['application_form']['itemcategory']['map']) && ($this->container['settings']['application_form']['itemcategory']['map']['fromversion'] != $items_version || $this->container['settings']['application_form']['itemcategory']['map']['toversion'] != $this->version)) {
// if map does not exist for this version, notify user
$items_map = $this->container['settings']['application_form']['itemcategory']['map']['items'];
$appForm['items'] = array_map(function ($item) use($items_map) {
$migrate_values = ['itemcategory_prev' => '', 'itemcategory_id_prev' => -2, 'prev_form_load' => true];
return array_merge($item, $migrate_values);
}, $appForm['items']);
}
$this->view['form'] = ['values' => $appForm];
}
}
$labs = $this->labService->getLabsBySchoolId($school->id);
$res = $this->view->render($res, 'application_form/form.twig', ['lab_choices' => array_map(function ($lab) {
return ['value' => $lab['id'], 'label' => $lab['name']];
}, $labs), 'type_choices' => array_map(function ($category) {
return ['value' => $category['id'], 'label' => $category['name']];
}, $this->assetsService->getAllItemCategories($this->version))]);
return $res;
}
public function __construct(Request $request)
{
$this->setProperty($request->getParams());
}
public function editRota(Request $request, Response $response, array $args)
{
$id = $this->authenticator->getIdentity();
if (strtolower($id['name']) != 'admin') {
$this->flash->addMessage('flash', 'Access Denied');
return $response->withRedirect($this->router->pathFor('homepage'));
}
$name = $args['name'];
if (empty($name)) {
$this->flash->addMessage('flash', 'No rota specified');
return $response->withRedirect($this->router->pathFor('rotas'));
}
if ($name != 'new') {
$rota = R::findOrCreate('rotas', ['name' => $name]);
} else {
$rota = R::dispense('rotas');
}
if ($request->isPost()) {
$data = $request->getParams();
//$username = $request->getParam('username');
$rota->import($data, 'name,fullname,title,comment');
$rota->sharedUsersList = [];
foreach ($data['users'] as $checkUserID) {
$rotaUser = R::load('users', $checkUserID);
$rota->sharedUsersList[] = $rotaUser;
}
$id = R::store($rota);
try {
$fieldtest = R::inspect($rota->name);
} catch (\Exception $e) {
//thaw for creation
R::freeze(['users']);
$rotaUser = R::load('users', 1);
$rotaDay = R::findOrCreate($rota->name, ['day' => 29, 'month' => 2, 'year' => 2015]);
$rotaUser = R::load('users', 1);
$rotaDay->name = $rotaUser;
$rotaDay->who = $rotaUser;
$rotaDay->stamp = date("Y-m-d H:i:s");
R::store($rotaDay);
R::freeze(true);
}
$this->flash->addMessage('flash', "{$rota->name} updated");
return $response->withRedirect($this->router->pathFor('rotas'));
}
$userList = R::findAll('users');
$data = $rota->export();
$data['userList'] = $userList;
$users = [];
$userRota = $rota->sharedUsersList;
foreach ($userRota as $userCheck) {
$users[$userCheck->id] = 'checked';
}
$data['userCheck'] = $users;
$this->view->render($response, 'rota.twig', $data);
return $response;
}