Exemplo n.º 1
0
 public function postAction($request, $db)
 {
     if (!isset($request->user_id)) {
         throw new Exception("You must be logged in to create data", 400);
     }
     if (isset($request->url_elements[4])) {
         switch ($request->url_elements[4]) {
             case 'attending':
                 // the body of this request is completely irrelevant
                 // The logged in user *is* attending the event.  Use DELETE to unattend
                 $event_id = $this->getItemId($request);
                 $event_mapper = new EventMapper($db, $request);
                 $event_mapper->setUserAttendance($event_id, $request->user_id);
                 header("Location: " . $request->base . $request->path_info, null, 201);
                 return;
             default:
                 throw new Exception("Operation not supported, sorry", 404);
         }
     } else {
         // Create a new event, pending unless user has privs
         // incoming data
         $event = array();
         $errors = array();
         $event['name'] = filter_var($request->getParameter("name"), FILTER_SANITIZE_STRING);
         if (empty($event['name'])) {
             $errors[] = "'name' is a required field";
         }
         $event['description'] = filter_var($request->getParameter("description"), FILTER_SANITIZE_STRING);
         if (empty($event['description'])) {
             $errors[] = "'description' is a required field";
         }
         $event['location'] = filter_var($request->getParameter("location"), FILTER_SANITIZE_STRING);
         if (empty($event['location'])) {
             $errors[] = "'location' is a required field (for virtual events, 'online' works)";
         }
         $start_date = strtotime($request->getParameter("start_date"));
         $end_date = strtotime($request->getParameter("end_date"));
         if (!$start_date || !$end_date) {
             $errors[] = "Both 'start_date' and 'end_date' must be supplied in a recognised format";
         } else {
             // if the dates are okay, sort out timezones
             $event['tz_continent'] = filter_var($request->getParameter("tz_continent"), FILTER_SANITIZE_STRING);
             $event['tz_place'] = filter_var($request->getParameter("tz_place"), FILTER_SANITIZE_STRING);
             try {
                 // make the timezone, and read in times with respect to that
                 $tz = new DateTimeZone($event['tz_continent'] . '/' . $event['tz_place']);
                 $start_date = new DateTime($request->getParameter("start_date"), $tz);
                 $end_date = new DateTime($request->getParameter("end_date"), $tz);
                 $event['start_date'] = $start_date->format('U');
                 $event['end_date'] = $end_date->format('U');
             } catch (Exception $e) {
                 // the time zone isn't right
                 $errors[] = "The fields 'tz_continent' and 'tz_place' must be supplied and valid " . "(e.g. Europe and London)";
             }
         }
         // optional fields - only check if we have no errors as we may need
         // access to $tz.
         if (!$errors) {
             $href = filter_var($request->getParameter("href"), FILTER_VALIDATE_URL);
             if ($href) {
                 $event['href'] = $href;
             }
             $cfp_url = filter_var($request->getParameter("cfp_url"), FILTER_VALIDATE_URL);
             if ($cfp_url) {
                 $event['cfp_url'] = $cfp_url;
             }
             $cfp_start_date = strtotime($request->getParameter("cfp_start_date"));
             if ($cfp_start_date) {
                 $cfp_start_date = new DateTime($request->getParameter("cfp_start_date"), $tz);
                 $event['cfp_start_date'] = $cfp_start_date->format('U');
             }
             $cfp_end_date = strtotime($request->getParameter("cfp_end_date"));
             if ($cfp_end_date) {
                 $cfp_end_date = new DateTime($request->getParameter("cfp_end_date"), $tz);
                 $event['cfp_end_date'] = $cfp_end_date->format('U');
             }
             $latitude = filter_var($request->getParameter("latitude"), FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
             if ($latitude) {
                 $event['latitude'] = $latitude;
             }
             $longitude = filter_var($request->getParameter("longitude"), FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
             if ($longitude) {
                 $event['longitude'] = $longitude;
             }
             $incoming_tag_list = $request->getParameter('tags');
             if (is_array($incoming_tag_list)) {
                 $tags = array_map(function ($tag) {
                     $tag = filter_var($tag, FILTER_SANITIZE_STRING);
                     $tag = trim($tag);
                     $tag = strtolower($tag);
                     return $tag;
                 }, $incoming_tag_list);
             }
         }
         // How does it look?  With no errors, we can proceed
         if ($errors) {
             throw new Exception(implode(". ", $errors), 400);
         } else {
             $user_mapper = new UserMapper($db, $request);
             $event_mapper = new EventMapper($db, $request);
             $event_owner = $user_mapper->getUserById($request->user_id);
             $event['contact_name'] = $event_owner['users'][0]['full_name'];
             // When a site admin creates an event, we want to approve it immediately
             $approveEventOnCreation = $user_mapper->isSiteAdmin($request->user_id);
             // Do we want to automatically approve when testing?
             if (isset($this->config['features']['allow_auto_approve_events']) && $this->config['features']['allow_auto_approve_events']) {
                 if ($request->getParameter("auto_approve_event") == "true") {
                     // The test suite sends this extra field, if we got
                     // this far then this platform supports this
                     $approveEventOnCreation = true;
                 }
             }
             if ($approveEventOnCreation) {
                 $event_id = $event_mapper->createEvent($event, true);
                 // redirect to event listing
                 header("Location: " . $request->base . $request->path_info . '/' . $event_id, null, 201);
             } else {
                 $event_id = $event_mapper->createEvent($event);
                 // set status to accepted; a pending event won't be visible
                 header("Location: " . $request->base . $request->path_info, null, 202);
             }
             // now set the current user as host and attending
             $event_mapper->addUserAsHost($event_id, $request->user_id);
             $event_mapper->setUserAttendance($event_id, $request->user_id);
             if (isset($tags)) {
                 $event_mapper->setTags($event_id, $tags);
             }
             // Send an email if we didn't auto-approve
             if (!$user_mapper->isSiteAdmin($request->user_id)) {
                 $event = $event_mapper->getPendingEventById($event_id, true);
                 $count = $event_mapper->getPendingEventsCount();
                 $recipients = $user_mapper->getSiteAdminEmails();
                 $emailService = new EventSubmissionEmailService($this->config, $recipients, $event, $count);
                 $emailService->sendEmail();
             }
             exit;
         }
     }
 }