private function tryProcessPostData($postData)
{
$reqfields = array('username', 'password', 'rptpassword', 'email');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please specify at least:
<ul>
<li>Administrator username, password and email</li>
</ul>';
return;
}
$fields = $reqfields;
extract($postData->filter($fields));
$usernamepattern = '/^[a-z][-a-z0-9_.]*$/i';
if (!preg_match($usernamepattern, $username)) {
$this->errorMessage = 'The submitted username is invalid.';
return;
}
if ($password !== $rptpassword) {
$this->errorMessage = 'The submitted passwords do not match.';
return;
}
$dbc = Application::dbConnection();
$dbc->installDatabase();
$dbc->setDefaultOptions();
$uid = $dbc->users()->addUser($username, $username, $email, $password);
$dbc->users()->setFlags($uid, \tniessen\tinyIt\Database\UsersTableAdapter::FLAG_ALMIGHTY);
Installer::completeInstallation();
$this->redirectTo('home');
exit;
}
private function tryProcessPostData($postData)
{
$reqfields = array('target_link');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please enter a target link.';
return;
}
$fields = $reqfields;
$fields[] = 'use_custom_path';
$fields[] = 'custom_path';
$fields[] = 'override_wildcards';
extract($postData->filter($fields));
if ($override_wildcards) {
if (!self::hasPermission('link.override_wildcards')) {
$this->errorMessage = 'You are not permitted to override wildcards.';
return;
}
}
$dbc = Application::dbConnection();
$opts = $dbc->options()->getOptions(array('linkgen_chars', 'linkgen_length', 'custom_links_regex'));
extract($opts);
if ($use_custom_path) {
if (!$custom_path) {
$this->errorMessage = 'Please enter a valid short path or uncheck the custom path option.';
return;
}
if (!self::hasPermission('link.custom_path')) {
$this->errorMessage = 'You are not permitted to use custom paths.';
return;
}
if (!preg_match("/{$custom_links_regex}/", $custom_path)) {
$this->errorMessage = 'The chosen short path is not allowed due to administrative restrictions.';
return;
}
$shortpath = $custom_path;
} else {
$linkgen_length = intval($linkgen_length);
$shortpath = $dbc->links()->findAvailablePath($linkgen_length, $linkgen_chars);
}
$conflict = $dbc->links()->checkConflictsStatic($shortpath);
$this->allowOverrideWildcards = !!$conflict && self::hasPermission('link.override_wildcards');
if ($conflict) {
if ($conflict->type === 'static') {
$this->errorMessage = 'Another link with the same path or a conflicting path already exists.';
return;
}
if ($conflict->type === 'regex' && !$override_wildcards) {
$url = self::getURL('links/details', array('link' => $conflict->id))->build();
$this->errorMessage = 'This path would override <a href="' . WebRenderer::escapeAttr($url) . '">a defined wildcard</a>.';
return;
}
}
$entry = $dbc->links()->addLink('static', $shortpath, $target_link, Authorization::user()->id);
if (!$entry) {
$this->errorMessage = 'An internal error occurred while creating the short URL. Please try again or ask an administrator for help.';
return;
}
self::redirectTo('links/details', array('link' => $entry->id));
exit;
}
private function tryProcessPostData($postData)
{
$reqfields = array('username', 'password', 'rptpassword', 'email');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please submit username, password and e-mail.';
return;
}
$fields = $reqfields;
extract($postData->filter($fields));
$usernamepattern = '/^[a-z][-a-z0-9_.]*$/i';
if (!preg_match($usernamepattern, $username)) {
$this->errorMessage = 'The submitted username is invalid.';
return;
}
if ($password !== $rptpassword) {
$this->errorMessage = 'The passwords do not match.';
return;
}
$dbc = Application::dbConnection();
$existing = $dbc->users()->getUserByName($username);
if ($existing) {
$this->errorMessage = 'This username is already taken.';
return;
}
$uid = $dbc->users()->addUser($username, $username, $email, $password);
$defGroup = $dbc->options()->getOption('registration_user_group');
if ($defGroup) {
$dbc->users()->setGroup($uid, $defGroup);
}
$this->redirectTo('login');
exit;
}
private function tryProcessPostData($postData)
{
$reqfields = array('display_name', 'email');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please fill out all required fields.';
return;
}
$fields = $reqfields;
$fields[] = 'username';
extract($postData->filter($fields));
$dbc = Application::dbConnection();
$uid = $this->userInfo->id;
if ($username && $this->userInfo->name !== $username) {
if (!$this->settings['allow_name_changes']) {
$this->errorMessage = 'Renaming users is currently forbidden.';
return;
}
if (!self::hasPermission('user.change_name')) {
$this->errorMessage = 'You are not permitted to change your user name.';
return;
}
$usernamepattern = '/^[a-z][-a-z0-9_.]*$/i';
if (!preg_match($usernamepattern, $username)) {
$this->errorMessage = 'The submitted username is invalid.';
return;
}
$conflict = $dbc->users()->getUserByName($username);
if ($conflict) {
$this->errorMessage = 'A user with this name already exists.';
return;
}
$success = $dbc->users()->renameUser($uid, $username);
if (!$success) {
$this->errorMessage = 'Error while renaming user.';
return;
}
}
if ($this->userInfo->display_name !== $display_name) {
if (!self::hasPermission('user.change_display_name')) {
$this->errorMessage = 'You are not permitted to change your public name.';
return;
}
$success = $dbc->users()->setDisplayName($uid, $display_name);
if (!$success) {
$this->errorMessage = 'Error while updating display name.';
return;
}
}
if ($this->userInfo->email !== $email) {
if (!self::hasPermission('user.change_email')) {
$this->errorMessage = 'You are not permitted to change your email.';
return;
}
$success = $dbc->users()->setEmail($uid, $email);
if (!$success) {
$this->errorMessage = 'Error while updating email.';
return;
}
}
}
public function init($params)
{
self::requireNonce();
self::requirePermission('session.switch_user');
if ($this->revert) {
if (Authorization::switched()) {
Authorization::switchBack();
}
self::redirectTo('home');
exit;
} else {
if ($this->uid === false) {
self::redirectTo('home');
exit;
}
$dbc = Application::dbConnection();
$this->userInfo = $dbc->users()->getUser($this->uid);
if ($this->userInfo) {
if ($this->confirmed) {
if (Authorization::switched()) {
Authorization::switchBack();
}
$s = Authorization::switchUser($this->userInfo);
if ($s) {
self::redirectTo('home');
exit;
}
$this->errorMessage = 'Switching failed.';
}
}
}
}
private function tryProcessPostData($postData)
{
$reqfields = array('link_path', 'link_target', 'link_priority');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please specify:
<ul>
<li>Path</li>
<li>Target</li>
<li>Priority</li>
</ul>';
return;
}
$fields = $reqfields;
extract($postData->filter($fields));
$link_priority = intval($link_priority);
if ($link_priority < 0 || $link_priority > 1000) {
$this->errorMessage = 'Priority must be between 0 and 1000';
return;
}
$dbc = Application::dbConnection();
$entry = $dbc->links()->addLink('regex', $link_path, $link_target, Authorization::user()->id);
if (!$entry) {
$this->errorMessage = 'An internal error occurred while creating the short URL. Please try again or ask an administrator for help.';
return;
}
$success = $dbc->links()->setPriority($entry->id, $link_priority);
if (!$success) {
$url = self::getURL('links/details', array('link' => $entry->id));
$this->errorMessage = 'The link was created, but the priority could not be set. Please <a href="' . WebRenderer::escapeAttr($url) . '">try again</a>';
return;
}
self::redirectTo('links/details', array('link' => $entry->id));
exit;
}
public function init($params)
{
Page::requireNonce();
Page::requirePermission('group.add_groups');
$dbc = Application::dbConnection();
$group_id = $dbc->groups()->addGroup('New Group');
self::redirectTo('groups/details', array('group' => $group_id, 'edit' => 1));
exit;
}
public function render()
{
$opts = array();
if ($this->errorMessage !== null) {
$opts['errorMessage'] = $this->errorMessage;
}
$dbc = Application::dbConnection();
$opts['allowRegistration'] = $dbc->options()->getOption('allow_registration');
$this->renderTemplate('login', $opts);
}
public function init($params)
{
self::requireLogin();
$dbc = Application::dbConnection();
$perPage = 20;
$offset = ($this->page - 1) * $perPage;
$all = $dbc->groups()->getGroups($offset, $perPage + 1);
$this->hasNextPage = count($all) > $perPage;
$this->hasPreviousPage = $this->page > 1;
$this->groups = array_slice($all, 0, $perPage);
}
/**
* Checks whether the members of a group have a permission.
*
* @param int $group
* @param string $what
* @return bool
*/
public static function groupCan($group, $what)
{
if (!isset(self::$permissions[$group])) {
$dbc = Application::dbConnection();
$perms = $dbc->permissions()->getPermissions($group);
self::$permissions[$group] = $perms;
} else {
$perms = self::$permissions[$group];
}
return in_array($what, $perms, true);
}
public function init($params)
{
$linkId = 0;
if (isset($params['path'])) {
$dbc = Application::dbConnection();
$link = $dbc->links()->resolvePath($params['path']);
if ($link) {
$linkId = $link->id;
}
}
self::redirectTo('links/details', array('link' => $linkId));
exit;
}
public function init($params)
{
self::requireLogin();
$dbc = Application::dbConnection();
if ($uid = $this->userId) {
$this->userInfo = $dbc->users()->getUser($uid);
if ($this->userInfo) {
if ($this->userId !== Authorization::user()->id) {
if (self::hasPermission('session.switch_user')) {
$this->canSwitchUser = true;
}
}
if ($this->deleteMode) {
self::requireNonce();
$allowed = self::hasPermission('user.delete_accounts');
$allowed |= $uid === Authorization::user()->id && self::hasPermission('user.delete_self');
if ($allowed) {
$dbc->links()->removeLinksByUser($uid);
if ($dbc->users()->removeUser($uid)) {
self::redirectTo('users/list');
exit;
} else {
$this->errorMessage = 'Internal error while deleting user';
}
} else {
$this->errorMessage = 'You are not permitted to delete this user account.';
}
} else {
if (isset($params['setGroup'])) {
$newgroup = intval($params['setGroup']);
$ok = true;
if ($newgroup) {
$g = $dbc->groups()->getGroup($newgroup);
if (!$g) {
$ok = false;
$this->errorMessage = 'The selected group was not found.';
}
}
if ($ok) {
$dbc->users()->setGroup($uid, $newgroup);
$this->userInfo = $dbc->users()->getUser($uid);
}
}
}
if ($this->userInfo->group_id) {
$this->groupInfo = $dbc->groups()->getGroup($this->userInfo->group_id);
}
$this->availableGroups = $dbc->groups()->getGroups(0, 100);
}
}
}
private function tryProcessPostData($postData)
{
$reqfields = array('home_action');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please fill out all required fields.';
return;
}
$fields = $reqfields;
$fields[] = 'home_target';
extract($postData->filter($fields));
if ($home_action === 'redirect' && !$home_target) {
$this->errorMessage = 'Please enter a valid target URL to use as the home page.';
return;
}
$dbc = Application::dbConnection();
$dbc->options()->setOptions(array('home_action' => $home_action, 'home_target' => $home_target));
$this->currentParams = null;
}
private function tryProcessPostData($postData)
{
$reqfields = array('linkgen_chars', 'linkgen_length', 'custom_links_regex');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please fill out all required fields.';
return;
}
$fields = $reqfields;
extract($postData->filter($fields));
$linkgen_length = intval($linkgen_length);
if ($linkgen_length < 3 || $linkgen_length > 10) {
$this->errorMessage = 'Generated path length should be between three and ten.';
return;
}
$dbc = Application::dbConnection();
$dbc->options()->setOptions(array('linkgen_chars' => $linkgen_chars, 'linkgen_length' => $linkgen_length, 'custom_links_regex' => $custom_links_regex));
$this->currentParams = null;
}
public function init($params)
{
self::requireLogin();
$dbc = Application::dbConnection();
$perPage = 20;
$offset = ($this->page - 1) * $perPage;
$all = $dbc->links()->getLinks($offset, $perPage + 1);
$this->hasNextPage = count($all) > $perPage;
$this->hasPreviousPage = $this->page > 1;
$this->links = array_slice($all, 0, $perPage);
$users = array();
foreach ($this->links as $link) {
$ak = strval($link->owner_id);
if (!isset($users[$ak])) {
$users[$ak] = $dbc->users()->getUser($link->owner_id);
}
$link->userInfo = $users[$ak];
}
}
private function tryProcessPostData($postData)
{
$reqfields = array();
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please fill out all required fields.';
return;
}
$fields = $reqfields;
$fields[] = 'allow_registration';
$fields[] = 'registration_user_group';
$fields[] = 'allow_name_changes';
extract($postData->filter($fields));
$allow_registration = !!$allow_registration;
$registration_user_group = intval($registration_user_group);
$allow_name_changes = !!$allow_name_changes;
$dbc = Application::dbConnection();
$dbc->options()->setOptions(array('allow_registration' => $allow_registration, 'registration_user_group' => $registration_user_group, 'allow_name_changes' => $allow_name_changes));
$this->currentParams = null;
}
private function tryProcessEditPostData($postData)
{
$reqfields = array('group_name');
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please fill out all required fields.';
return;
}
$fields = $reqfields;
extract($postData->filter($fields));
$dbc = Application::dbConnection();
$opts = $dbc->options()->getOptions();
extract($opts);
if ($this->groupInfo->name !== $group_name) {
$success = $dbc->groups()->renameGroup($this->groupInfo->id, $group_name);
if (!$success) {
$this->errorMessage = 'An internal error occurred while renaming the group. Please try again or ask an administrator for help.';
return;
}
}
self::redirectTo('groups/details', array('group' => $this->groupInfo->id));
exit;
}
/**
* Attempts to create an authorized session using given credentials.
*
* @param string $name
* @param string $password
*
* @see Database\UsersTableAdapter::getUserByName
* @see Cryptography::check
*/
public static function login($name, $password)
{
$dbc = Application::dbConnection();
$user = $dbc->users()->getUserByName($name);
if (!$user) {
return false;
}
$correctPassword = Cryptography::check($password, $user->password);
if ($correctPassword) {
$_SESSION['tiUserId'] = $user->id;
$_SESSION['tiNonce'] = sha1(microtime(true));
self::$userInfo = $user;
return $user->id;
} else {
self::clearSessionData();
self::$userInfo = null;
return false;
}
}
private function tryProcessEditPostData($postData)
{
$regex = $this->linkInfo->type === 'regex';
$reqfields = array('link_path', 'link_target');
if ($regex) {
$reqfields[] = 'link_priority';
}
if (!$postData->hasValues($reqfields)) {
$this->errorMessage = 'Please fill out all required fields.';
return;
}
$fields = $reqfields;
$fields[] = 'override_wildcards';
extract($postData->filter($fields));
if ($override_wildcards) {
if (!self::hasPermission('link.override_wildcards')) {
$this->errorMessage = 'You are not permitted to override wildcards.';
return;
}
}
$dbc = Application::dbConnection();
$opts = $dbc->options()->getOptions(array('custom_links_regex'));
extract($opts);
if (!$regex && $this->linkInfo->path !== $link_path) {
if (!preg_match("/{$custom_links_regex}/", $link_path)) {
$this->errorMessage = 'The chosen short path is not allowed due to administrative restrictions.';
return;
}
$conflict = $dbc->links()->checkConflictsStatic($link_path);
if ($conflict) {
if ($conflict->type === 'static') {
$this->errorMessage = 'Another link with the same path or a conflicting path already exists.';
return;
}
if ($conflict->type === 'regex') {
$this->allowOverrideWildcards = self::hasPermission('link.override_wildcards');
if (!$override_wildcards || !$this->allowOverrideWildcards) {
$url = self::getURL('links/details', array('link' => $conflict->id))->build();
$this->errorMessage = 'This path would override <a href="' . WebRenderer::escapeAttr($url) . '">a defined wildcard</a>.';
return;
}
}
}
}
if ($this->linkInfo->path !== $link_path || $this->linkInfo->target !== $link_target) {
if (!self::hasPermission('link.custom_path')) {
$this->errorMessage = 'You are not permitted to use custom paths.';
return;
}
$success = $dbc->links()->updateLink($this->linkInfo->id, $link_path, $link_target);
if (!$success) {
$this->errorMessage = 'An internal error occurred while saving the changes. Please try again or ask an administrator for help.';
return;
}
}
if ($regex && $this->linkInfo->priority !== $link_priority) {
$s = $dbc->links()->setPriority($this->linkInfo->id, $link_priority);
if (!$s) {
$this->errorMessage = 'The priority could not be changed.';
return;
}
}
self::redirectTo('links/details', array('link' => $this->linkInfo->id));
exit;
}