$action = 'createform';
} elseif (User::findByIdentifier($emailaddress)) {
WT_FlashMessages::addMessage(WT_I18N::translate('Duplicate email address. A user with that email already exists.'));
$action = 'createform';
} elseif ($pass1 != $pass2) {
WT_FlashMessages::addMessage(WT_I18N::translate('Passwords do not match.'));
$action = 'createform';
} else {
$user = User::create($username, $realname, $emailaddress, $pass1);
$user->setSetting('reg_timestamp', date('U'))->setSetting('sessiontime', '0')->setSetting('theme', $user_theme)->setSetting('language', $user_language)->setSetting('contactmethod', $new_contact_method)->setSetting('comment', $new_comment)->setSetting('auto_accept', $new_auto_accept)->setSetting('canadmin', $canadmin)->setSetting('visibleonline', $visibleonline)->setSetting('editaccount', $editaccount)->setSetting('verified', $verified)->setSetting('verified_by_admin', $verified_by_admin);
foreach (WT_Tree::getAll() as $tree) {
$tree->userPreference($user->getUserId(), 'gedcomid', WT_Filter::post('gedcomid' . $tree->tree_id, WT_REGEX_XREF));
$tree->userPreference($user->getUserId(), 'rootid', WT_Filter::post('rootid' . $tree->tree_id, WT_REGEX_XREF));
$tree->userPreference($user->getUserId(), 'canedit', WT_Filter::post('canedit' . $tree->tree_id, implode('|', array_keys($ALL_EDIT_OPTIONS))));
if (WT_Filter::post('gedcomid' . $tree->tree_id, WT_REGEX_XREF)) {
$tree->userPreference($user->getUserId(), 'RELATIONSHIP_PATH_LENGTH', WT_Filter::postInteger('RELATIONSHIP_PATH_LENGTH' . $tree->tree_id, 0, 10, 0));
} else {
// Do not allow a path length to be set if the individual ID is not
$tree->userPreference($user->getUserId(), 'RELATIONSHIP_PATH_LENGTH', null);
}
}
Log::addAuthenticationLog("User ->{$username}<- created");
header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH . WT_SCRIPT_NAME);
WT_Session::writeClose();
exit;
}
}
$controller->pageHeader();
switch ($action) {
case 'createform':
$controller->addExternalJavascript(WT_STATIC_URL . 'js/autocomplete.js')->addInlineJavascript('autocomplete();');
public function configureBlock($block_id)
{
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
set_block_setting($block_id, 'days', WT_Filter::postInteger('days', 1, 30, 7));
set_block_setting($block_id, 'filter', WT_Filter::postBool('filter'));
set_block_setting($block_id, 'onlyBDM', WT_Filter::postBool('onlyBDM'));
set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|table', 'table'));
set_block_setting($block_id, 'sortStyle', WT_Filter::post('sortStyle', 'alpha|anniv', 'alpha'));
set_block_setting($block_id, 'block', WT_Filter::postBool('block'));
exit;
}
require_once WT_ROOT . 'includes/functions/functions_edit.php';
$days = get_block_setting($block_id, 'days', 7);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Number of days to show');
echo '</td><td class="optionbox">';
echo '<input type="text" name="days" size="2" value="', $days, '">';
echo ' <em>', WT_I18N::plural('maximum %d day', 'maximum %d days', 30, 30), '</em>';
echo '</td></tr>';
$filter = get_block_setting($block_id, 'filter', true);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Show only events of living individuals?');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('filter', $filter);
echo '</td></tr>';
$onlyBDM = get_block_setting($block_id, 'onlyBDM', false);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Show only births, deaths, and marriages?');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('onlyBDM', $onlyBDM);
echo '</td></tr>';
$infoStyle = get_block_setting($block_id, 'infoStyle', 'table');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Presentation style');
echo '</td><td class="optionbox">';
echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('list'), 'table' => WT_I18N::translate('table')), null, $infoStyle, '');
echo '</td></tr>';
$sortStyle = get_block_setting($block_id, 'sortStyle', 'alpha');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Sort order');
echo '</td><td class="optionbox">';
echo select_edit_control('sortStyle', array('alpha' => WT_I18N::translate('sort by name'), 'anniv' => WT_I18N::translate('sort by date')), null, $sortStyle, '');
echo '</td></tr>';
$block = get_block_setting($block_id, 'block', true);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Add a scrollbar when block contents grow');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('block', $block);
echo '</td></tr>';
}
public function configureBlock($block_id)
{
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
set_block_setting($block_id, 'days', WT_Filter::postInteger('days', 1, self::MAX_DAYS, self::DEFAULT_DAYS));
set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|table', 'table'));
set_block_setting($block_id, 'sortStyle', WT_Filter::post('sortStyle', 'name|date_asc|date_desc', 'date_desc'));
set_block_setting($block_id, 'hide_empty', WT_Filter::postBool('hide_empty'));
set_block_setting($block_id, 'block', WT_Filter::postBool('block'));
exit;
}
require_once WT_ROOT . 'includes/functions/functions_edit.php';
$days = get_block_setting($block_id, 'days', self::DEFAULT_DAYS);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Number of days to show');
echo '</td><td class="optionbox">';
echo '<input type="text" name="days" size="2" value="', $days, '">';
echo ' <em>', WT_I18N::plural('maximum %d day', 'maximum %d days', self::MAX_DAYS, self::MAX_DAYS), '</em>';
echo '</td></tr>';
$infoStyle = get_block_setting($block_id, 'infoStyle', 'table');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Presentation style');
echo '</td><td class="optionbox">';
echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('list'), 'table' => WT_I18N::translate('table')), null, $infoStyle, '');
echo '</td></tr>';
$sortStyle = get_block_setting($block_id, 'sortStyle', 'date');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Sort order');
echo '</td><td class="optionbox">';
echo select_edit_control('sortStyle', array('name' => WT_I18N::translate('sort by name'), 'date_asc' => WT_I18N::translate('sort by date, oldest first'), 'date_desc' => WT_I18N::translate('sort by date, newest first')), null, $sortStyle, '');
echo '</td></tr>';
$block = get_block_setting($block_id, 'block', true);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Add a scrollbar when block contents grow');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('block', $block);
echo '</td></tr>';
$hide_empty = get_block_setting($block_id, 'hide_empty', true);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Should this block be hidden when it is empty?');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('hide_empty', $hide_empty);
echo '</td></tr>';
echo '<tr><td colspan="2" class="optionbox wrap">';
echo '<span class="error">', WT_I18N::translate('If you hide an empty block, you will not be able to change its configuration until it becomes visible by no longer being empty.'), '</span>';
echo '</td></tr>';
}
$controller = new WT_Controller_Page();
$REQUIRE_ADMIN_AUTH_REGISTRATION = WT_Site::preference('REQUIRE_ADMIN_AUTH_REGISTRATION');
$action = WT_Filter::post('action');
$user_realname = WT_Filter::post('user_realname');
$user_name = WT_Filter::post('user_name', WT_REGEX_USERNAME);
$user_email = WT_Filter::postEmail('user_email');
$user_password01 = WT_Filter::post('user_password01', WT_REGEX_PASSWORD);
$user_password02 = WT_Filter::post('user_password02', WT_REGEX_PASSWORD);
$user_comments = WT_Filter::post('user_comments');
$user_password = WT_Filter::post('user_password');
$user_hashcode = WT_Filter::post('user_hashcode');
$url = WT_Filter::post('url');
// Not actually a URL - just a path
$username = WT_Filter::post('username');
$password = WT_Filter::post('password');
$timediff = WT_Filter::postInteger('timediff', -43200, 50400, 0);
// Same range as date('Z')
// These parameters may come from the URL which is emailed to users.
if (!$action) {
$action = WT_Filter::get('action');
}
if (!$user_name) {
$user_name = WT_Filter::get('user_name', WT_REGEX_USERNAME);
}
if (!$user_hashcode) {
$user_hashcode = WT_Filter::get('user_hashcode');
}
if (!$url) {
$url = WT_Filter::get('url');
}
// Not actually a URL - just a path
public function configureBlock($block_id)
{
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
set_block_setting($block_id, 'days', WT_Filter::postInteger('num', 1, 180, 7));
set_block_setting($block_id, 'sendmail', WT_Filter::postBool('sendmail'));
set_block_setting($block_id, 'block', WT_Filter::postBool('block'));
exit;
}
require_once WT_ROOT . 'includes/functions/functions_edit.php';
$sendmail = get_block_setting($block_id, 'sendmail', true);
$days = get_block_setting($block_id, 'days', 7);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Send out reminder emails?');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('sendmail', $sendmail);
echo '<br>';
echo WT_I18N::translate('Reminder email frequency (days)') . " <input type='text' name='days' value='" . $days . "' size='2'>";
echo '</td></tr>';
$block = get_block_setting($block_id, 'block', true);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Add a scrollbar when block contents grow');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('block', $block);
echo '</td></tr>';
}
public function configureBlock($block_id)
{
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
set_block_setting($block_id, 'num', WT_Filter::postInteger('num', 1, 10000, 10));
set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|array|table|tagcloud', 'table'));
set_block_setting($block_id, 'block', WT_Filter::postBool('block'));
exit;
}
require_once WT_ROOT . 'includes/functions/functions_edit.php';
$num = get_block_setting($block_id, 'num', 10);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Number of items to show');
echo '</td><td class="optionbox">';
echo '<input type="text" name="num" size="2" value="', $num, '">';
echo '</td></tr>';
$infoStyle = get_block_setting($block_id, 'infoStyle', 'table');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Presentation style');
echo '</td><td class="optionbox">';
echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('bullet list'), 'array' => WT_I18N::translate('compact list'), 'table' => WT_I18N::translate('table'), 'tagcloud' => WT_I18N::translate('tag cloud')), null, $infoStyle, '');
echo '</td></tr>';
$block = get_block_setting($block_id, 'block', false);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Add a scrollbar when block contents grow');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('block', $block);
echo '</td></tr>';
}
private function edit()
{
require_once WT_ROOT . 'includes/functions/functions_edit.php';
if (WT_USER_CAN_EDIT) {
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
$block_id = WT_Filter::postInteger('block_id');
if ($block_id) {
WT_DB::prepare("UPDATE `##block` SET gedcom_id=?, xref=? WHERE block_id=?")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::post('xref', WT_REGEX_XREF), $block_id));
} else {
WT_DB::prepare("INSERT INTO `##block` (gedcom_id, xref, module_name, block_order) VALUES (?, ?, ?, ?)")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::post('xref', WT_REGEX_XREF), $this->getName(), 0));
$block_id = WT_DB::getInstance()->lastInsertId();
}
set_block_setting($block_id, 'title', WT_Filter::post('title'));
set_block_setting($block_id, 'story_body', WT_Filter::post('story_body'));
$languages = array();
foreach (WT_I18N::installed_languages() as $code => $name) {
if (WT_Filter::postBool('lang_' . $code)) {
$languages[] = $code;
}
}
set_block_setting($block_id, 'languages', implode(',', $languages));
$this->config();
} else {
$block_id = WT_Filter::getInteger('block_id');
$controller = new WT_Controller_Page();
if ($block_id) {
$controller->setPageTitle(WT_I18N::translate('Edit story'));
$title = get_block_setting($block_id, 'title');
$story_body = get_block_setting($block_id, 'story_body');
$gedcom_id = WT_DB::prepare("SELECT gedcom_id FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne();
$xref = WT_DB::prepare("SELECT xref FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne();
} else {
$controller->setPageTitle(WT_I18N::translate('Add a story'));
$title = '';
$story_body = '';
$gedcom_id = WT_GED_ID;
$xref = WT_Filter::get('xref', WT_REGEX_XREF);
}
$controller->pageHeader()->addExternalJavascript(WT_STATIC_URL . 'js/autocomplete.js')->addInlineJavascript('autocomplete();');
if (array_key_exists('ckeditor', WT_Module::getActiveModules())) {
ckeditor_WT_Module::enableEditor($controller);
}
echo '<form name="story" method="post" action="module.php?mod=', $this->getName(), '&mod_action=admin_edit">';
echo WT_Filter::getCsrf();
echo '<input type="hidden" name="save" value="1">';
echo '<input type="hidden" name="block_id" value="', $block_id, '">';
echo '<input type="hidden" name="gedcom_id" value="', WT_GED_ID, '">';
echo '<table id="story_module">';
echo '<tr><th>';
echo WT_I18N::translate('Story title');
echo '</th></tr><tr><td><textarea name="title" rows="1" cols="90" tabindex="2">', WT_Filter::escapeHtml($title), '</textarea></td></tr>';
echo '<tr><th>';
echo WT_I18N::translate('Story');
echo '</th></tr><tr><td>';
echo '<textarea name="story_body" class="html-edit" rows="10" cols="90" tabindex="2">', WT_Filter::escapeHtml($story_body), '</textarea>';
echo '</td></tr>';
echo '</table><table id="story_module2">';
echo '<tr>';
echo '<th>', WT_I18N::translate('Individual'), '</th>';
echo '<th>', WT_I18N::translate('Show this block for which languages?'), '</th>';
echo '</tr>';
echo '<tr>';
echo '<td class="optionbox">';
echo '<input data-autocomplete-type="INDI" type="text" name="xref" id="pid" size="4" value="' . $xref . '">';
echo print_findindi_link('pid');
if ($xref) {
$person = WT_Individual::getInstance($xref);
if ($person) {
echo ' ', $person->format_list('span');
}
}
echo '</td>';
$languages = get_block_setting($block_id, 'languages');
echo '<td class="optionbox">';
echo edit_language_checkboxes('lang_', $languages);
echo '</td></tr></table>';
echo '<p><input type="submit" value="', WT_I18N::translate('save'), '" tabindex="5">';
echo '</p>';
echo '</form>';
exit;
}
} else {
header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH);
exit;
}
}
}
break;
case 'replace_upload':
$gedcom_id = WT_Filter::postInteger('gedcom_id');
// Make sure the gedcom still exists
if (WT_Filter::checkCsrf() && get_gedcom_from_id($gedcom_id)) {
foreach ($_FILES as $FILE) {
if ($FILE['error'] == 0 && is_readable($FILE['tmp_name'])) {
import_gedcom_file($gedcom_id, $FILE['tmp_name'], $FILE['name']);
}
}
}
header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH . WT_SCRIPT_NAME . '?keep_media' . $gedcom_id . '=' . WT_Filter::postBool('keep_media' . $gedcom_id));
exit;
case 'replace_import':
$gedcom_id = WT_Filter::postInteger('gedcom_id');
// Make sure the gedcom still exists
if (WT_Filter::checkCsrf() && get_gedcom_from_id($gedcom_id)) {
$ged_name = basename(WT_Filter::post('ged_name'));
import_gedcom_file($gedcom_id, WT_DATA_DIR . $ged_name, $ged_name);
}
header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH . WT_SCRIPT_NAME . '?keep_media' . $gedcom_id . '=' . WT_Filter::postBool('keep_media' . $gedcom_id));
exit;
}
$controller->pageHeader();
// Process GET actions
switch (WT_Filter::get('action')) {
case 'uploadform':
case 'importform':
$gedcom_id = WT_Filter::getInteger('gedcom_id');
$gedcom_name = get_gedcom_from_id($gedcom_id);
}
// Delete the record itself
$record->deleteRecord();
} else {
header('HTTP/1.0 406 Not Acceptable');
}
break;
case 'delete-user':
$user = User::find(WT_Filter::postInteger('user_id'));
if ($user && Auth::isAdmin() && Auth::user() !== $user) {
Log::addAuthenticationLog('Deleted user: '******'masquerade':
$user = User::find(WT_Filter::postInteger('user_id'));
if ($user && Auth::isAdmin() && Auth::user() !== $user) {
Log::addAuthenticationLog('Masquerade as user: '******'HTTP/1.0 406 Not Acceptable');
}
break;
case 'unlink-media':
// Remove links from an individual and their spouse-family records to a media object.
// Used by the "unlink" option on the album (lightbox) tab.
require WT_ROOT . 'includes/functions/functions_edit.php';
$source = WT_Individual::getInstance(WT_Filter::post('source', WT_REGEX_XREF));
$target = WT_Filter::post('target', WT_REGEX_XREF);
if ($source && $source->canShow() && $source->canEdit() && $target) {
// Consider the individual and their spouse-family records
public function configureBlock($block_id)
{
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
set_block_setting($block_id, 'days', WT_Filter::postInteger('days', 1, 30, 7));
set_block_setting($block_id, 'infoStyle', WT_Filter::post('infoStyle', 'list|table', 'table'));
set_block_setting($block_id, 'calendar', WT_Filter::post('calendar', 'jewish|gregorian', 'jewish'));
set_block_setting($block_id, 'block', WT_Filter::postBool('block'));
exit;
}
require_once WT_ROOT . 'includes/functions/functions_edit.php';
$days = get_block_setting($block_id, 'days', 7);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Number of days to show');
echo '</td><td class="optionbox">';
echo '<input type="text" name="days" size="2" value="' . $days . '">';
echo ' <em>', WT_I18N::plural('maximum %d day', 'maximum %d days', 30, 30), '</em>';
echo '</td></tr>';
$infoStyle = get_block_setting($block_id, 'infoStyle', 'table');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Presentation style');
echo '</td><td class="optionbox">';
echo select_edit_control('infoStyle', array('list' => WT_I18N::translate('list'), 'table' => WT_I18N::translate('table')), null, $infoStyle, '');
echo '</td></tr>';
$calendar = get_block_setting($block_id, 'calendar');
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Calendar');
echo '</td><td class="optionbox">';
echo select_edit_control('calendar', array('jewish' => WT_Date_Jewish::calendarName(), 'gregorian' => WT_Date_Gregorian::calendarName()), null, $calendar, '');
echo '</td></tr>';
$block = get_block_setting($block_id, 'block', true);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Add a scrollbar when block contents grow');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('block', $block);
echo '</td></tr>';
}
private function connect()
{
global $WT_SESSION;
$url = WT_Filter::post('url', NULL, WT_Filter::get('url', NULL, ''));
// If we’ve clicked login from the login page, we don’t want to go back there.
if (strpos($url, 'login.php') === 0 || strpos($url, 'mod=facebook') !== false && strpos($url, 'mod_action=connect') !== false) {
$url = '';
}
// Redirect to the homepage/$url if the user is already logged-in.
if ($WT_SESSION->wt_user) {
header('Location: ' . WT_SCRIPT_PATH . $url);
exit;
}
$app_id = $this->getSetting('app_id');
$app_secret = $this->getSetting('app_secret');
$connect_url = $this->getConnectURL($url);
if (!$app_id || !$app_secret) {
$this->error_page(WT_I18N::translate('Facebook logins have not been setup by the administrator.'));
return;
}
$code = @$_REQUEST["code"];
if (!empty($_REQUEST['error'])) {
Log::addErrorLog('Facebook Error: ' . WT_Filter::get('error') . '. Reason: ' . WT_Filter::get('error_reason'));
if ($_REQUEST['error_reason'] == 'user_denied') {
$this->error_page(WT_I18N::translate('You must allow access to your Facebook account in order to login with Facebook.'));
} else {
$this->error_page(WT_I18N::translate('An error occurred trying to log you in with Facebook.'));
}
} else {
if (empty($code) && empty($WT_SESSION->facebook_access_token)) {
if (!WT_Filter::checkCsrf()) {
echo WT_I18N::translate('This form has expired. Try again.');
return;
}
$WT_SESSION->timediff = WT_Filter::postInteger('timediff', -43200, 50400, 0);
// Same range as date('Z')
// FB Login flow has not begun so redirect to login dialog.
$WT_SESSION->facebook_state = md5(uniqid(rand(), TRUE));
// CSRF protection
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . urlencode($connect_url) . "&state=" . $WT_SESSION->facebook_state . "&scope=" . self::scope;
Zend_Session::writeClose();
echo "<script> window.location.href='" . $dialog_url . "'</script>";
} else {
if (!empty($WT_SESSION->facebook_access_token)) {
// User has already authorized the app and we have a token so get their info.
$graph_url = "https://graph.facebook.com/" . self::api_dir . "me?access_token=" . $WT_SESSION->facebook_access_token;
$response = $this->fetch_url($graph_url);
if ($response === FALSE) {
Log::addErrorLog("Facebook: Access token is no longer valid");
// Clear the state and try again with a new token.
try {
unset($WT_SESSION->facebook_access_token);
unset($WT_SESSION->facebook_state);
Zend_Session::writeClose();
} catch (Exception $e) {
}
header("Location: " . $this->getConnectURL($url));
exit;
}
$user = json_decode($response);
$this->login_or_register($user, $url);
} else {
if (!empty($WT_SESSION->facebook_state) && $WT_SESSION->facebook_state === $_REQUEST['state']) {
// User has already been redirected to login dialog.
// Exchange the code for an access token.
$token_url = "https://graph.facebook.com/" . self::api_dir . "oauth/access_token?" . "client_id=" . $app_id . "&redirect_uri=" . urlencode($connect_url) . "&client_secret=" . $app_secret . "&code=" . $code;
$response = $this->fetch_url($token_url);
if ($response === FALSE) {
Log::addErrorLog("Facebook: Couldn't exchange the code for an access token");
$this->error_page(WT_I18N::translate("Your Facebook code is invalid. This can happen if you hit back in your browser after login or if Facebook logins have been setup incorrectly by the administrator."));
}
$params = null;
parse_str($response, $params);
if (empty($params['access_token'])) {
Log::addErrorLog("Facebook: The access token was empty");
$this->error_page(WT_I18N::translate("Your Facebook code is invalid. This can happen if you hit back in your browser after login or if Facebook logins have been setup incorrectly by the administrator."));
}
$WT_SESSION->facebook_access_token = $params['access_token'];
$graph_url = "https://graph.facebook.com/" . self::api_dir . "me?access_token=" . $WT_SESSION->facebook_access_token;
$meResponse = $this->fetch_url($graph_url);
if ($meResponse === FALSE) {
$this->error_page(WT_I18N::translate("Could not fetch your information from Facebook. Please try again."));
}
$user = json_decode($meResponse);
$this->login_or_register($user, $url);
} else {
$this->error_page(WT_I18N::translate("The state does not match. You may been tricked to load this page."));
}
}
}
}
}
private function edit()
{
require_once WT_ROOT . 'includes/functions/functions_edit.php';
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
$block_id = WT_Filter::postInteger('block_id');
if ($block_id) {
WT_DB::prepare("UPDATE `##block` SET gedcom_id=NULLIF(?, '0'), block_order=? WHERE block_id=?")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::postInteger('block_order'), $block_id));
} else {
WT_DB::prepare("INSERT INTO `##block` (gedcom_id, module_name, block_order) VALUES (NULLIF(?, '0'), ?, ?)")->execute(array(WT_Filter::postInteger('gedcom_id'), $this->getName(), WT_Filter::postInteger('block_order')));
$block_id = WT_DB::getInstance()->lastInsertId();
}
set_block_setting($block_id, 'header', WT_Filter::post('header'));
set_block_setting($block_id, 'faqbody', WT_Filter::post('faqbody'));
$languages = array();
foreach (WT_I18N::installed_languages() as $code => $name) {
if (WT_Filter::postBool('lang_' . $code)) {
$languages[] = $code;
}
}
set_block_setting($block_id, 'languages', implode(',', $languages));
$this->config();
} else {
$block_id = WT_Filter::getInteger('block_id');
$controller = new WT_Controller_Page();
if ($block_id) {
$controller->setPageTitle(WT_I18N::translate('Edit FAQ item'));
$header = get_block_setting($block_id, 'header');
$faqbody = get_block_setting($block_id, 'faqbody');
$block_order = WT_DB::prepare("SELECT block_order FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne();
$gedcom_id = WT_DB::prepare("SELECT gedcom_id FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne();
} else {
$controller->setPageTitle(WT_I18N::translate('Add an FAQ item'));
$header = '';
$faqbody = '';
$block_order = WT_DB::prepare("SELECT IFNULL(MAX(block_order)+1, 0) FROM `##block` WHERE module_name=?")->execute(array($this->getName()))->fetchOne();
$gedcom_id = WT_GED_ID;
}
$controller->pageHeader();
if (array_key_exists('ckeditor', WT_Module::getActiveModules())) {
ckeditor_WT_Module::enableEditor($controller);
}
// "Help for this page" link
echo '<div id="page_help">', help_link('add_faq_item', $this->getName()), '</div>';
echo '<form name="faq" method="post" action="module.php?mod=', $this->getName(), '&mod_action=admin_edit">';
echo WT_Filter::getCsrf();
echo '<input type="hidden" name="save" value="1">';
echo '<input type="hidden" name="block_id" value="', $block_id, '">';
echo '<table id="faq_module">';
echo '<tr><th>';
echo WT_I18N::translate('Question');
echo '</th></tr><tr><td><input type="text" name="header" size="90" tabindex="1" value="' . WT_Filter::escapeHtml($header) . '"></td></tr>';
echo '<tr><th>';
echo WT_I18N::translate('Answer');
echo '</th></tr><tr><td>';
echo '<textarea name="faqbody" class="html-edit" rows="10" cols="90" tabindex="2">', WT_Filter::escapeHtml($faqbody), '</textarea>';
echo '</td></tr>';
echo '</table><table id="faq_module2">';
echo '<tr>';
echo '<th>', WT_I18N::translate('Show this block for which languages?'), '</th>';
echo '<th>', WT_I18N::translate('FAQ position'), help_link('add_faq_order', $this->getName()), '</th>';
echo '<th>', WT_I18N::translate('FAQ visibility'), help_link('add_faq_visibility', $this->getName()), '</th>';
echo '</tr><tr>';
echo '<td>';
$languages = get_block_setting($block_id, 'languages');
echo edit_language_checkboxes('lang_', $languages);
echo '</td><td>';
echo '<input type="text" name="block_order" size="3" tabindex="3" value="', $block_order, '"></td>';
echo '</td><td>';
echo select_edit_control('gedcom_id', WT_Tree::getIdList(), WT_I18N::translate('All'), $gedcom_id, 'tabindex="4"');
echo '</td></tr>';
echo '</table>';
echo '<p><input type="submit" value="', WT_I18N::translate('save'), '" tabindex="5">';
echo '</form>';
exit;
}
}
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
use WT\Auth;
define('WT_SCRIPT_NAME', 'editnews.php');
require './includes/session.php';
$controller = new WT_Controller_Simple();
$controller->setPageTitle(WT_I18N::translate('Add/edit a journal/news entry'))->restrictAccess(Auth::isMember())->pageHeader();
$action = WT_Filter::get('action', 'compose|save|delete', 'compose');
$news_id = WT_Filter::getInteger('news_id');
$user_id = WT_Filter::get('user_id', WT_REGEX_INTEGER, WT_Filter::post('user_id', WT_REGEX_INTEGER));
$gedcom_id = WT_Filter::get('gedcom_id', WT_REGEX_INTEGER, WT_Filter::post('gedcom_id', WT_REGEX_INTEGER));
$date = WT_Filter::postInteger('date', 0, PHP_INT_MAX, WT_TIMESTAMP);
$title = WT_Filter::post('title');
$text = WT_Filter::post('text');
switch ($action) {
case 'compose':
if (array_key_exists('ckeditor', WT_Module::getActiveModules())) {
ckeditor_WT_Module::enableEditor($controller);
}
echo '<h3>' . WT_I18N::translate('Add/edit a journal/news entry') . '</h3>';
echo '<form style="overflow: hidden;" name="messageform" method="post" action="editnews.php?action=save&news_id=' . $news_id . '">';
if ($news_id) {
$news = getNewsItem($news_id);
} else {
$news = array();
$news['user_id'] = $user_id;
$news['gedcom_id'] = $gedcom_id;
public function configureBlock($block_id)
{
if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) {
set_block_setting($block_id, 'num', WT_Filter::postInteger('num', 1, 10000, 10));
set_block_setting($block_id, 'count_placement', WT_Filter::post('count_placement', 'before|after', 'before'));
set_block_setting($block_id, 'block', WT_Filter::postBool('block'));
exit;
}
require_once WT_ROOT . 'includes/functions/functions_edit.php';
$num = get_block_setting($block_id, 'num', 10);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Number of items to show');
echo '</td><td class="optionbox">';
echo '<input type="text" name="num" size="2" value="', $num, '">';
echo '</td></tr>';
$count_placement = get_block_setting($block_id, 'count_placement', 'left');
echo "<tr><td class=\"descriptionbox wrap width33\">";
echo WT_I18N::translate('Place counts before or after name?');
echo "</td><td class=\"optionbox\">";
echo select_edit_control('count_placement', array('before' => WT_I18N::translate('before'), 'after' => WT_I18N::translate('after')), null, $count_placement, '');
echo '</td></tr>';
$block = get_block_setting($block_id, 'block', false);
echo '<tr><td class="descriptionbox wrap width33">';
echo WT_I18N::translate('Add a scrollbar when block contents grow');
echo '</td><td class="optionbox">';
echo edit_field_yes_no('block', $block);
echo '</td></tr>';
}
