public function control()
 {
     if (isset($_POST['Submit']) && $_POST['Submit'] == 'Send Reset') {
         $this->disableCaching();
         $dao = DAOFactory::getDAO('OwnerDAO');
         $user = $dao->getByEmail($_POST['email']);
         if (isset($user)) {
             $token = $user->setPasswordRecoveryToken();
             $es = new SmartyThinkUp();
             $es->caching = false;
             $config = Config::getInstance();
             $es->assign('apptitle', $config->getValue('app_title'));
             $es->assign('recovery_url', "session/reset.php?token={$token}");
             $es->assign('server', isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost');
             $es->assign('site_root_path', $config->getValue('site_root_path'));
             $message = $es->fetch('_email.forgotpassword.tpl');
             Mailer::mail($_POST['email'], $config->getValue('app_title') . " Password Recovery", $message);
             $this->addSuccessMessage('Password recovery information has been sent to your email address.');
         } else {
             $this->addErrorMessage('Error: account does not exist.');
         }
     }
     $this->setViewTemplate('session.forgot.tpl');
     return $this->generateView();
 }
Exemplo n.º 2
0
 /**
  * Test assigned variables don't get saved when debug is false
  */
 public function testSmartyThinkUpAssignedValuesDebugOff()
 {
     $cfg = Config::getInstance();
     $cfg->setValue('debug', false);
     $smtt = new SmartyThinkUp();
     $smtt->assign('test_var_1', "Testing, testing, 123");
     $this->assertEqual($smtt->getTemplateDataItem('test_var_1'), null);
     $test_var_1 = $smtt->getTemplateDataItem('test_var_1');
     $this->assertTrue(!isset($test_var_1));
 }
 /**
  * Generates a one time upgrade token, and emails admins with the token info.
  */
 public function generateUpgradeToken()
 {
     $token_file = THINKUP_WEBAPP_PATH . self::CACHE_DIR . '/upgrade_token';
     $md5_token = '';
     if (!file_exists($token_file)) {
         $fp = fopen($token_file, 'w');
         if ($fp) {
             $token = self::TOKEN_KEY . rand(0, time());
             $md5_token = md5($token);
             if (!fwrite($fp, $md5_token)) {
                 throw new OpenFileException("Unable to write upgrade token file: " + $token_file);
             }
             fclose($fp);
         } else {
             throw new OpenFileException("Unable to create upgrade token file: " + $token_file);
         }
         // email our admin with this token.
         $owner_dao = DAOFactory::getDAO('OwnerDAO');
         $admins = $owner_dao->getAdmins();
         if ($admins) {
             $tos = array();
             foreach ($admins as $admin) {
                 $tos[] = $admin->email;
             }
             $to = join(',', $tos);
             $upgrade_email = new SmartyThinkUp();
             $upgrade_email->caching = false;
             $server = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
             //supress test weirdness
             $upgrade_email->assign('server', $server);
             $upgrade_email->assign('token', $md5_token);
             $message = $upgrade_email->fetch('_email.upgradetoken.tpl');
             $config = Config::getInstance();
             Mailer::mail($to, "Upgrade Your ThinkUp Database", $message);
         }
     }
 }
 /**
  * Generates plugin page options markup - Calls parent::generateView()
  *
  * @return str view markup
  */
 protected function generateView()
 {
     // if we have some p[lugin option elements defined
     // render them and add to the parent view...
     if (count($this->option_elements) > 0) {
         $this->setValues();
         $view_mgr = new SmartyThinkUp();
         $view_mgr->disableCaching();
         // assign data
         $view_mgr->assign('option_elements', $this->option_elements);
         $view_mgr->assign('option_elements_json', json_encode($this->option_elements));
         $view_mgr->assign('option_headers', $this->option_headers);
         $view_mgr->assign('option_not_required', $this->option_not_required);
         $view_mgr->assign('option_not_required_json', json_encode($this->option_not_required));
         $view_mgr->assign('option_required_message', $this->option_required_message);
         $view_mgr->assign('option_required_message_json', json_encode($this->option_required_message));
         $view_mgr->assign('option_select_multiple', $this->option_select_multiple);
         $view_mgr->assign('option_select_visible', $this->option_select_visible);
         $view_mgr->assign('plugin_id', $this->plugin_id);
         $view_mgr->assign('is_admin', $this->isAdmin());
         //$view_mgr->assign('is_admin', false);
         $options_markup = '';
         if ($this->profiler_enabled) {
             $view_start_time = microtime(true);
             $options_markup = $view_mgr->fetch(self::OPTIONS_TEMPLATE);
             $view_end_time = microtime(true);
             $total_time = $view_end_time - $view_start_time;
             $profiler = Profiler::getInstance();
             $profiler->add($total_time, "Rendered view (not cached)", false);
         } else {
             $options_markup = $view_mgr->fetch(self::OPTIONS_TEMPLATE);
         }
         $this->addToView('options_markup', $options_markup);
     }
     return parent::generateView();
 }
Exemplo n.º 5
0
 public function control()
 {
     if ($this->isLoggedIn()) {
         $controller = new DashboardController(true);
         return $controller->go();
     } else {
         $this->disableCaching();
         $config = Config::getInstance();
         if (!$config->getValue('is_registration_open')) {
             $this->addToView('closed', true);
             $this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://github.com/ginatrapani/thinkup/tree/master">Install ThinkUp on your own ' . 'server.</a></p>');
         } else {
             $owner_dao = DAOFactory::getDAO('OwnerDAO');
             $this->addToView('closed', false);
             $captcha = new Captcha();
             if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') {
                 foreach ($this->REQUIRED_PARAMS as $param) {
                     if (!isset($_POST[$param]) || $_POST[$param] == '') {
                         $this->addErrorMessage('Please fill out all required fields.');
                         $this->is_missing_param = true;
                     }
                 }
                 if (!$this->is_missing_param) {
                     if (!Utils::validateEmail($_POST['email'])) {
                         $this->addErrorMessage("Incorrect email. Please enter valid email address.");
                     } elseif (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) {
                         $this->addErrorMessage("Passwords do not match.");
                     } elseif (!$captcha->check()) {
                         // Captcha not valid, captcha handles message...
                     } else {
                         if ($owner_dao->doesOwnerExist($_POST['email'])) {
                             $this->addErrorMessage("User account already exists.");
                         } else {
                             $es = new SmartyThinkUp();
                             $es->caching = false;
                             $session = new Session();
                             $activ_code = rand(1000, 9999);
                             $cryptpass = $session->pwdcrypt($_POST['pass2']);
                             $server = $_SERVER['HTTP_HOST'];
                             $owner_dao->create($_POST['email'], $cryptpass, $activ_code, $_POST['full_name']);
                             $es->assign('server', $server);
                             $es->assign('email', urlencode($_POST['email']));
                             $es->assign('activ_code', $activ_code);
                             $message = $es->fetch('_email.registration.tpl');
                             Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message);
                             unset($_SESSION['ckey']);
                             $this->addSuccessMessage("Success! Check your email for an activation link.");
                         }
                     }
                 }
                 if (isset($_POST["full_name"])) {
                     $this->addToView('name', $_POST["full_name"]);
                 }
                 if (isset($_POST["email"])) {
                     $this->addToView('mail', $_POST["email"]);
                 }
             }
             $challenge = $captcha->generate();
             $this->addToView('captcha', $challenge);
         }
         return $this->generateView();
     }
 }
Exemplo n.º 6
0
 /**
  * Send user email alert about invalid OAuth tokens. In test mode, this will only write the message body to a file
  * in the application data directory.
  * @param str $email
  * @param str $username
  */
 private function sendInvalidOAuthEmailAlert($email, $username)
 {
     $mailer_view_mgr = new SmartyThinkUp();
     $mailer_view_mgr->caching = false;
     $server = $_SERVER['HTTP_HOST'];
     $mailer_view_mgr->assign('server', $server);
     $mailer_view_mgr->assign('email', $email);
     $mailer_view_mgr->assign('faceboook_user_name', $username);
     $message = $mailer_view_mgr->fetch(Utils::getPluginViewDirectory('facebook') . '_email.invalidtoken.tpl');
     Mailer::mail($email, "Please re-authorize ThinkUp to access " . $username . " on Facebook", $message);
 }
Exemplo n.º 7
0
 /**
  * @return str Object definition
  */
 public function makeModel()
 {
     //show full columns from table;
     $columns = array();
     try {
         $stmt = self::$pdo->query('SHOW FULL COLUMNS FROM ' . $this->table_name);
         while ($row = $stmt->fetch()) {
             $row['PHPType'] = $this->converMySQLTypeToPHP($row['Type']);
             $columns[$row['Field']] = $row;
         }
     } catch (Exception $e) {
         throw new Exception('Unable to show columns from "' . $this->table_name . '" - ' . $e->getMessage());
     }
     //instantiate Smarty, assign results to view
     $view_mgr = new SmartyThinkUp();
     $view_mgr->assign('fields', $columns);
     $view_mgr->assign('object_name', $this->object_name);
     $view_mgr->assign('parent_name', $this->parent_name);
     $tpl_file = THINKUP_ROOT_PATH . 'extras/dev/makemodel/view/model_object.tpl';
     //output results
     $results = $view_mgr->fetch($tpl_file);
     return $results;
 }
 /**
  * Add data to view template engine for rendering
  *
  * @param str $key
  * @param mixed $value
  */
 protected function addToView($key, $value)
 {
     $this->view_mgr->assign($key, $value);
 }
 /**
  * Step 3 - Populate database and finish
  */
 private function step3()
 {
     $this->setViewTemplate('install.step3.tpl');
     $config_file_exists = false;
     $config_file = THINKUP_WEBAPP_PATH . 'config.inc.php';
     // make sure we are here with posted data
     if (empty($_POST)) {
         $this->step1();
         return;
     }
     // check if we have made config.inc.php
     if (file_exists($config_file) && filesize($config_file) > 0) {
         // this is could be from step 2 is not able writing
         // to webapp dir
         $config_file_exists = true;
         require $config_file;
         $db_config['db_type'] = $THINKUP_CFG['db_type'];
         $db_config['db_name'] = $THINKUP_CFG['db_name'];
         $db_config['db_user'] = $THINKUP_CFG['db_user'];
         $db_config['db_password'] = $THINKUP_CFG['db_password'];
         $db_config['db_host'] = $THINKUP_CFG['db_host'];
         $db_config['db_socket'] = $THINKUP_CFG['db_socket'];
         $db_config['db_port'] = $THINKUP_CFG['db_port'];
         $db_config['table_prefix'] = $THINKUP_CFG['table_prefix'];
         $db_config['GMT_offset'] = $THINKUP_CFG['GMT_offset'];
         $db_config['timezone'] = $THINKUP_CFG['timezone'];
         $email = trim($_POST['site_email']);
     } else {
         // make sure we're not from error of couldn't write config.inc.php
         if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) {
             $this->addErrorMessage("Missing database credentials");
             $this->step2();
             return;
         }
         // trim each posted value
         $db_config['db_type'] = trim(@$_POST['db_type']);
         $db_config['db_name'] = trim($_POST['db_name']);
         $db_config['db_user'] = trim($_POST['db_user']);
         $db_config['db_password'] = trim($_POST['db_passwd']);
         $db_config['db_host'] = trim($_POST['db_host']);
         $db_config['db_socket'] = trim($_POST['db_socket']);
         $db_config['db_port'] = trim($_POST['db_port']);
         $db_config['table_prefix'] = trim($_POST['db_prefix']);
         $db_config['timezone'] = trim($_POST['timezone']);
         $email = trim($_POST['site_email']);
         // get GMT offset in hours
         $db_config['GMT_offset'] = timezone_offset_get(new DateTimeZone($_POST['timezone']), new DateTime('now')) / 3600;
     }
     $db_config['db_type'] = 'mysql';
     //default for now
     $password = $_POST['password'];
     $confirm_password = $_POST['confirm_password'];
     $full_name = $_POST['full_name'];
     $display_errors = false;
     // check email
     if (!Utils::validateEmail($email)) {
         $this->addErrorMessage("Please enter a valid email address.");
         $this->setViewTemplate('install.step2.tpl');
         $display_errors = true;
     } else {
         if ($password != $confirm_password || $password == '') {
             //check password
             if ($password != $confirm_password) {
                 $this->addErrorMessage("Your passwords did not match.");
             } else {
                 $this->addErrorMessage("Please choose a password.");
             }
             $this->setViewTemplate('install.step2.tpl');
             $display_errors = true;
         } elseif (($error = $this->installer->checkDb($db_config)) !== true) {
             //check db
             if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) {
                 $db_error = substr($error->getMessage(), $p);
             } else {
                 $db_error = $error->getMessage();
             }
             $this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again.");
             $this->setViewTemplate('install.step2.tpl');
             $display_errors = true;
         }
     }
     if ($display_errors) {
         $this->addToView('db_name', $db_config['db_name']);
         $this->addToView('db_user', $db_config['db_user']);
         $this->addToView('db_passwd', $db_config['db_password']);
         $this->addToView('db_host', $db_config['db_host']);
         $this->addToView('db_prefix', $db_config['table_prefix']);
         $this->addToView('db_socket', $db_config['db_socket']);
         $this->addToView('db_port', $db_config['db_port']);
         $this->addToView('db_type', $db_config['db_type']);
         $this->addToView('current_tz', $_POST['timezone']);
         $this->addToView('tz_list', $this->getTimeZoneList());
         $this->addToView('site_email', $email);
         $this->addToView('full_name', $full_name);
         return;
     }
     $admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password);
     // trying to create config file
     if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) {
         $config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user);
         $config_file_contents_str = '';
         foreach ($config_file_contents_arr as $line) {
             $config_file_contents_str .= htmlentities($line);
         }
         $whoami = exec('whoami');
         if (!empty($whoami)) {
             $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button below once you did either.");
         } else {
             $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button once this is done.");
         }
         $this->addToView('config_file_contents', $config_file_contents_str);
         $this->addToView('_POST', $_POST);
         $this->setViewTemplate('install.config.tpl');
         return;
     }
     unset($admin_user['confirm_password']);
     // check tables
     $this->installer->checkTable($db_config);
     // if empty, we're ready to populate the database with ThinkUp tables
     $this->installer->populateTables($db_config);
     $owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config);
     if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) {
         // create admin if not exists
         $session = new Session();
         $activation_code = rand(1000, 9999);
         $crypt_pass = $session->pwdcrypt($password);
         //$owner_dao->insertActivatedAdmin($email, $crypt_pass, $full_name);
         $owner_dao->createAdmin($email, $crypt_pass, $activation_code, $full_name);
         // view for email
         $cfg_array = array('site_root_path' => THINKUP_BASE_URL, 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title' => "ThinkUp", 'cache_pages' => false);
         $email_view = new SmartyThinkUp($cfg_array);
         $email_view->caching = false;
         $email_view->assign('server', $_SERVER['HTTP_HOST']);
         $email_view->assign('email', urlencode($email));
         $email_view->assign('activ_code', $activation_code);
         $message = $email_view->fetch('_email.registration.tpl');
         Mailer::mail($email, "Activate Your New ThinkUp  Account", $message);
     } else {
         $email = 'Use your old email admin';
         $password = '******';
     }
     unset($THINKUP_CFG);
     $this->addToView('errors', $this->installer->getErrorMessages());
     $this->addToView('username', $email);
     $this->addToView('password', $password);
     $this->addToView('login_url', THINKUP_BASE_URL . 'session/login.php');
 }
Exemplo n.º 10
0
 public function control()
 {
     if ($this->isLoggedIn()) {
         $controller = new DashboardController(true);
         return $controller->go();
     } else {
         $config = Config::getInstance();
         $is_registration_open = $config->getValue('is_registration_open');
         $this->disableCaching();
         $invite_dao = DAOFactory::getDAO('InviteDAO');
         if (isset($_GET['code'])) {
             $invite_code = $_GET['code'];
         } else {
             $invite_code = null;
         }
         $this->addToView('invite_code', $invite_code);
         $is_invite_code_valid = $invite_dao->isInviteValid($invite_code);
         if (!$is_registration_open && !$is_invite_code_valid) {
             $this->addToView('closed', true);
             $this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://thinkupapp.com">Install ThinkUp on your own server.</a></p>');
         } else {
             $owner_dao = DAOFactory::getDAO('OwnerDAO');
             $this->addToView('closed', false);
             $captcha = new Captcha();
             if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') {
                 foreach ($this->REQUIRED_PARAMS as $param) {
                     if (!isset($_POST[$param]) || $_POST[$param] == '') {
                         $this->addErrorMessage('Please fill out all required fields.');
                         $this->is_missing_param = true;
                     }
                 }
                 if (!$this->is_missing_param) {
                     $valid_input = true;
                     if (!Utils::validateEmail($_POST['email'])) {
                         $this->addErrorMessage("Incorrect email. Please enter valid email address.", 'email');
                         $valid_input = false;
                     }
                     if (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) {
                         $this->addErrorMessage("Passwords do not match.", 'password');
                         $valid_input = false;
                     } else {
                         if (strlen($_POST['pass1']) < 5) {
                             $this->addErrorMessage("Password must be at least 5 characters.", 'password');
                             $valid_input = false;
                         }
                     }
                     if (!$captcha->doesTextMatchImage()) {
                         $this->addErrorMessage("Entered text didn't match the image. Please try again.", 'captcha');
                         $valid_input = false;
                     }
                     if ($valid_input) {
                         if ($owner_dao->doesOwnerExist($_POST['email'])) {
                             $this->addErrorMessage("User account already exists.", 'email');
                         } else {
                             // Insert the details into the database
                             $activation_code = $owner_dao->create($_POST['email'], $_POST['pass2'], $_POST['full_name']);
                             if ($activation_code != false) {
                                 $es = new SmartyThinkUp();
                                 $es->caching = false;
                                 $server = $_SERVER['HTTP_HOST'];
                                 $es->assign('server', $server);
                                 $es->assign('email', urlencode($_POST['email']));
                                 $es->assign('activ_code', $activation_code);
                                 $message = $es->fetch('_email.registration.tpl');
                                 Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message);
                                 SessionCache::unsetKey('ckey');
                                 $this->addSuccessMessage("Success! Check your email for an activation link.");
                                 //delete invite code
                                 if ($is_invite_code_valid) {
                                     $invite_dao->deleteInviteCode($invite_code);
                                 }
                             } else {
                                 $this->addErrorMessage("Unable to register a new user. Please try again.");
                             }
                         }
                     }
                 }
                 if (isset($_POST["full_name"])) {
                     $this->addToView('name', $_POST["full_name"]);
                 }
                 if (isset($_POST["email"])) {
                     $this->addToView('mail', $_POST["email"]);
                 }
             }
             $challenge = $captcha->generate();
             $this->addToView('captcha', $challenge);
         }
         $this->view_mgr->addHelp('register', 'userguide/accounts/index');
         return $this->generateView();
     }
 }