public function delete($arguments)
{
if (!CheckAcl::can('deleteNotices')) {
return Error::set('You are not allowed to delete notices!');
}
if (empty($arguments[0])) {
return Error::set('No notice id was found!');
}
$notices = new notices(ConnectionFactory::get('redis'));
$return = $notices->delete($arguments[0]);
if (is_string($return)) {
return Error::set($return);
}
header('Location: ' . Url::format('/notice/'));
}
public function vote($arguments)
{
if (!CheckAcl::can('voteOnNews')) {
return Error::set('You can not vote on news posts.');
}
if (empty($arguments[0]) || empty($arguments[1])) {
return Error::set('Vote or news id not found.');
}
$news = new news(ConnectionFactory::get('mongo'));
$result = $news->castVote($arguments[0], $arguments[1]);
$post = $news->get($arguments[0], false, true);
if (is_string($result)) {
return Error::set($result, false, array('Back' => Url::format('/news/view/' . Id::create($post, 'news'))));
}
Error::set('Vote cast!', true, array('Back' => Url::format('/news/view/' . Id::create($post, 'news'))));
}
public function index()
{
if (!CheckAcl::can('viewStats')) {
return Error::set('You are not allowed to view stats!');
}
$info = new APCIterator('user');
$redis = new redisInfo(ConnectionFactory::get('redis'));
$redisInfo = $redis->info();
$this->view['apcNoKeys'] = $info->getTotalCount();
$this->view['apcSize'] = $info->getTotalSize();
$this->view['redisVersion'] = $redisInfo['redis_version'];
$this->view['redisSIP'] = $redisInfo['bgsave_in_progress'];
$this->view['redisNoChans'] = $redisInfo['pubsub_channels'];
$this->view['redisMem'] = $redisInfo['used_memory'];
$this->view['redisLastSave'] = $redisInfo['last_save_time'];
$this->view['valid'] = true;
}
public function changeStatus($arguments)
{
if (!CheckAcl::can('editBugStatus')) {
return Error::set('You are not allowed to change bug statuses.');
}
if (empty($_POST['id'])) {
return Error::set('Invalid id.');
}
$bugs = new bugs(ConnectionFactory::get('mongo'));
$bug = $bugs->get($_POST['id'], false);
if (empty($bug)) {
return Error::set('Invalid id.');
}
$extra = array('public', 'private', 'delete');
$acceptable = array_merge(bugs::$status, $extra);
if (empty($_POST['status']) || !in_array($_POST['status'], $acceptable)) {
return Error::set('Invalid status.');
}
if (in_array($_POST['status'], $extra)) {
// Altering
switch ($_POST['status']) {
case 'public':
$diff = array('public' => true);
break;
case 'private':
$diff = array('public' => false);
break;
case 'delete':
$diff = array('ghosted' => true);
break;
default:
$diff = array();
break;
}
} else {
// Standard status change.
$diff = array('status' => array_search($_POST['status'], bugs::$status));
}
$bugs->alter($_POST['id'], $diff);
$this->view['valid'] = true;
Error::set('Status changed.', true);
apc_delete('bugs_' . Id::create(current($bug), 'bugs'));
}
public function authChange($type, $comment)
{
return CheckAcl::can($type . 'AllComment') || CheckAcl::can($type . 'Comment') && Session::getVar('username') == $comment['user']['username'];
}
<?php
if (!empty($valid) && $valid) {
?>
<?php
}
if (CheckAcl::can('haveConnections')) {
?>
<form class="form-horizontal well" action="<?php
echo Url::format('/user/connections');
?>
" method="post">
<legend>Manage Connections</legend>
<div class="control-group">
<label class="control-label">GitHub Username</label>
<div class="controls">
<input type="text" name="github"<?php
echo !empty($github) ? 'value="' . $github . '"' : '';
?>
/>
</div>
</div>
<input type="submit" value="Save" class="btn btn-primary" />
</form>
<?php
}
</td>
<td>
<?php
if (CheckAcl::can('editNotice')) {
?>
<a href="<?php
echo Url::format('/notice/edit/' . ($id + 1));
?>
" class="btn btn-warning">Edit</a><br />
<?php
}
?>
</td>
<td>
<?php
if (CheckAcl::can('deleteNotice')) {
?>
<a href="<?php
echo Url::format('/notice/delete/' . ($id + 1));
?>
" class="btn btn-danger">Delete</a>
<?php
}
?>
</td>
</tr>
<?php
}
?>
</tbody></table>
<?php
public function revisions($arguments)
{
if (!$this->hasRevisions) {
return Error::set('Revisions are not enabled for ' . $this->name . '.');
}
if (!CheckAcl::can('view' . $this->permission . 'Revisions')) {
return Error::set('You are not allowed to view ' . $this->name . ' revisions.');
}
if (empty($arguments[0])) {
return Error::set('No ' . $this->name . ' id found.');
}
$model = new $this->model(ConnectionFactory::get($this->db));
$current = $model->get($arguments[0], false, true);
$this->view['current'] = $current;
if (empty($current)) {
return Error::set('Invalid id.');
}
if (is_string($current)) {
return Error::set($current);
}
Layout::set('title', ucwords($this->name) . ' Revisions');
$revisions = new revisions(ConnectionFactory::get('mongo'));
// Start excerpt soley for reverting
$revert = $this->revert($arguments, $model, $revisions, $current);
// End excerpt
$revisions = $revisions->getForId($arguments[0]);
$this->view['revisions'] = array();
if (empty($revisions)) {
return Error::set('This entry has no revisions.');
}
$this->view['revisions'] = revisions::resolve($current, $revisions, $this->diffdFields);
}
public function validate($username, $password, $email, $hideEmail, $group, $lockToIp, $creating = true)
{
if (strpos($username, '\'') || strpos($username, '"')) {
return 'Invalid username.';
}
$passEmpty = false;
if (empty($password) && $creating) {
return 'Invalid password';
}
if (empty($password)) {
$passEmpty = true;
}
// Cleaning
$username = substr($this->clean($username), 0, 80);
$password = $this->hash($password, $username);
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
$hideEmail = (bool) $hideEmail;
// Error checking
if (empty($username) && $creating) {
return 'Invalid username.';
}
if (!preg_match('/^[A-Za-z0-9 _-]+$/', $username)) {
return 'Invalid username';
}
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
return 'Invalid email.';
}
if ($group != null && !in_array($group, acl::$acls)) {
return 'Invalid group.';
}
if ($creating) {
$user = $this->get($username);
if (!empty($user)) {
return 'Username taken.';
}
$user = $this->mongo->unimportedUsers->findOne(array('username' => $this->clean($username)));
if (!empty($user)) {
return 'Username is reserved. If this is you, try to
reclaim your account instead.';
}
}
$entry = array('username' => $username, 'password' => $password, 'email' => $email, 'status' => self::ACCT_OPEN, 'hideEmail' => $hideEmail, 'lockToIP' => (bool) $lockToIp, 'auths' => array('password'), 'notes' => array(), 'connections' => array('nil' => 'nil'), 'certs' => array(), 'bans' => array());
if ($creating) {
$entry['group'] = $group == null ? self::DEFAULT_GROUP : $group;
}
if (!$creating && !CheckAcl::can('changeUsername')) {
unset($entry['username']);
}
if (!$creating && !CheckAcl::can('changeAcctStatus')) {
unset($entry['status']);
}
if (!$creating && !CheckAcl::can('editAcl')) {
unset($entry['group']);
}
if (!$creating && $passEmpty) {
unset($entry['password']);
}
if (!$creating) {
unset($entry['auth']);
}
return $entry;
}
<div class="well">
<h1><?php
echo $title;
?>
</h1>
<small>By <?php
echo $lecturer;
$access = array();
if (CheckAcl::can('editLectures')) {
array_push($access, '<a href="' . Url::format('lecture/edit/' . $_id) . '">Edit</a>');
}
if (CheckAcl::can('deleteLectures')) {
array_push($access, '<a href="' . Url::format('lecture/delete/' . $_id) . '">Delete</a>');
}
if (!empty($access)) {
echo ' - ' . implode(' - ', $access);
}
?>
</small>
<p><?php
echo BBCode::parse($description);
?>
</p>
<em><?php
echo Date::minuteFormat($time);
?>
to
<?php
echo Date::minuteFormat($time + $duration);
?>
?>
<?php
if (CheckAcl::can('viewArticleRevisions')) {
?>
- <a href="<?php
echo Url::format('/article/revisions/' . $_id);
?>
">Revisions</a><?php
}
?>
<?php
}
} elseif (empty($preview)) {
?>
<?php
if (CheckAcl::can('revertArticles')) {
?>
- <a href="<?php
echo Url::format('/articles/revisions/' . $contentId . '/revert/' . $_id);
?>
">Revert</a><?php
}
?>
<?php
}
?>
</small>
<?php
if (!$published || !empty($revision) || !empty($preview)) {
?>
public static function canView($bug)
{
if ($bug['public'] == true) {
return true;
}
if (Session::isLoggedIn() && (string) $bug['reporter']['$id'] == (string) Session::getVar('_id') || CheckAcl::can('viewPrivateBug')) {
return true;
}
return false;
}
private static function _populate()
{
self::$acl = new acl(ConnectionFactory::get('redis'));
self::$populated = true;
}
}
?>
<?php
if (CheckAcl::can('viewNewsRevisions')) {
?>
- <a href="<?php
echo Url::format('/news/revisions/' . $_id);
?>
">Revisions</a><?php
}
?>
<?php
} elseif (empty($preview)) {
?>
<?php
if (CheckAcl::can('revertNews')) {
?>
- <a href="<?php
echo Url::format('/news/revisions/' . $contentId . '/revert/' . $_id);
?>
">Revert</a><?php
}
?>
<?php
}
?>
</small>
<p><?php
echo BBCode::parse($body);
?>
echo Url::format('/user/logs');
?>
">View Account Activity</a> -
<a href="<?php
echo Url::format('/user/connections');
?>
">Manage Your Connections</a>
</small>
<form class="well form-horizontal" action="<?php
echo Url::format('/user/settings/save');
?>
" method="post">
<fieldset>
<legend>Account Information</legend>
<?php
if (CheckAcl::can('changeUsername')) {
?>
<div class="control-group">
<label class="control-label">Username:</label>
<div class="controls">
<input type="text" name="username" value="<?php
echo htmlentities($user['username'], ENT_QUOTES, '', false);
?>
" />
</div>
</div>
<?php
}
?>
echo Url::format('/lecture/post');
?>
">Post Lecture</a></li><?php
}
?>
<?php
if (CheckAcl::can('manageNotice')) {
?>
<li><a href="<?php
echo Url::format('/notice');
?>
">Manage Notices</a></li><?php
}
?>
<?php
if (CheckAcl::can('viewStats')) {
?>
<li><a href="<?php
echo Url::format('/stats');
?>
">View Stats</a></li><?php
}
}
?>
<li class="nav-header">Search</li>
<li>
<form class="form-search" action="<?php
echo Url::format('search');
?>
" method="post">
<input type="text" name="query" placeholder="Search" class="input-medium search-query" />
<div class="page-header"><h1>Submitted Bugs</h1></div>
<div class="btn-toolbar">
<?php
if (CheckAcl::can('postBugs')) {
?>
<div class="btn-group">
<a href="<?php
echo Url::format('/bugs/post');
?>
" class="btn btn-primary">Submit Bug</a>
</div>
<?php
}
?>
<div class="btn-group">
<a href="<?php
echo Url::format('/bugs/index/all');
?>
" class="btn<?php
echo $filter == 'all' ? ' disabled' : '';
?>
">All</a>
<a href="<?php
echo Url::format('/bugs/index/open');
?>
" class="btn<?php
echo $filter == 'open' ? ' disabled' : '';
?>
">Open</a>
public function admin_note()
{
if (!CheckAcl::can('postNotes')) {
return Error::set('You are not allowed to post notes.');
}
if (empty($_POST['userId'])) {
return Error::set('No user id was found.');
}
if (empty($_POST['note'])) {
return Error::set('No note text was found.');
}
$users = new users(ConnectionFactory::get('mongo'));
$return = $users->addNote($_POST['userId'], $_POST['note']);
if (is_string($return)) {
return Error::set($return);
}
Error::set('Note posted.', true);
if (!empty($_SERVER['HTTP_REFERER'])) {
header('Location: ' . Url::format($_SERVER['HTTP_REFERER']));
}
}
}
if ($rating['dislikes'] != 0) {
$html[] = $rating['dislikes'] . ' dislike' . ($rating['dislikes'] == 1 ? '' : 's');
}
$html = implode(', ', $html);
if (empty($html)) {
$html = 'No votes!';
}
}
?>
<em><?php
echo $html;
?>
</em>
<?php
if (CheckAcl::can('voteOn' . $type)) {
?>
<a href="<?php
echo Url::format('/' . $where . '/vote/' . $_id . '/like');
?>
"
class="btn btn-small">
<i class="icon-plus"></i>
Like
</a>
<a href="<?php
echo Url::format('/' . $where . '/vote/' . $_id . '/dislike');
?>
"
class="btn btn-inverse btn-small">
<i class="icon-minus icon-white"></i>
?>
" method="post">
<input type="hidden" name="userId" value="<?php
echo $user['_id'];
?>
" />
<input class="span6" type="text" name="note" placeholder="Something here to help you keep track of who is who." />
<input type="submit" value="Save" class="btn btn-primary" />
</form>
<?php
}
?>
</div>
</div>
<?php
if (CheckAcl::can('banUsers')) {
?>
<hr />
<div class="row">
<div class="span4 offset5">
<form class="form-inline" style="float: right" action="<?php
echo Url::format('/user/admin/ban/');
?>
" method="post">
<input type="hidden" name="userId" value="<?php
echo $user['_id'];
?>
" />
<label class="checkbox">
<input type="checkbox" name="slowban" value="true"<?php
}
?>
</div>
<?php
echo nl2br($comment['text']);
?>
</p>
</td>
</tr>
</table>
<?php
}
if ($total != 0) {
echo $pagination;
}
if (CheckAcl::can('postComment')) {
?>
<legend>New Comment</legend>
<form class="well form-vertical" action="<?php
echo Url::format('/comment/post/save');
?>
" method="post">
<input type="hidden" name="contentId" value="<?php
echo $id;
?>
" />
<textarea name="text" rows="7" style="width: 100%"></textarea><br />
<input type="submit" class="btn btn-primary" value="Post Comment" />
</form>
<?php
}