/** * Show a simple and clear message page which contains no widget * * @param string $title Page title. HTML will be escaped. * @param string $msg Message to display. HTML is allowed and the caller must make sure it's valid. * @deprecated */ public function showMsgPage($title, $msg) { // This function basically duplicates the more common function in vB5_ApplicationAbstract. The latter // doesn't handle early flush, but frankly that's overkill for a simple message page. Better to get // everything running the same code. vB5_ApplicationAbstract::showMsgPage($title, $msg); }
public function actionKillActivation() { $data = array('u' => !empty($_GET['u']) ? intval($_GET['u']) : 0, 'i' => !empty($_GET['i']) ? trim($_GET['i']) : ''); $api = Api_InterfaceAbstract::instance(); $result = $api->callApi('user', 'killActivation', array('userid' => $data['u'], 'activateid' => $data['i'])); $phraseController = vB5_Template_Phrase::instance(); $phraseController->register('registration'); if (!empty($result['errors']) and is_array($result['errors'])) { $phraseArgs = is_array($result['errors'][0]) ? $result['errors'][0] : array($result['errors'][0]); } else { $phraseArgs = is_array($result) ? $result : array($result); } $messagevar = call_user_func_array(array($phraseController, 'getPhrase'), $phraseArgs); vB5_ApplicationAbstract::showMsgPage($phraseController->getPhrase('registration'), $messagevar); }
/** * Forgot password form action * Reset url = /auth/lostpw/?action=pwreset&userid=<n>&activationid=<xxxxx> */ public function actionLostpw() { $input = array('email' => isset($_POST['email']) ? trim(strval($_POST['email'])) : '', 'hvinput' => isset($_POST['humanverify']) ? (array) $_POST['humanverify'] : array(), 'action' => isset($_REQUEST['action']) ? trim($_REQUEST['action']) : '', 'userid' => isset($_REQUEST['userid']) ? trim(strval($_REQUEST['userid'])) : '', 'activationid' => isset($_REQUEST['activationid']) ? trim($_REQUEST['activationid']) : ''); if (isset($_POST['recaptcha_challenge_field']) and $_POST['recaptcha_challenge_field']) { $input['hvinput']['recaptcha_challenge_field'] = $_POST['recaptcha_challenge_field']; } if (isset($_POST['recaptcha_response_field']) and $_POST['recaptcha_response_field']) { $input['hvinput']['recaptcha_response_field'] = $_POST['recaptcha_response_field']; } $api = Api_InterfaceAbstract::instance(); if ($input['action'] == 'pwreset') { $response = $api->callApi('user', 'resetPassword', array('userid' => $input['userid'], 'activationid' => $input['activationid'])); if (isset($response['errors'])) { $phraseController = vB5_Template_Phrase::instance(); $phraseController->register('error'); //call message first so that we pull both phrases at the same time $message = call_user_func_array(array($phraseController, 'getPhrase'), $response['errors'][0]); $title = $phraseController->getPhrase('error'); } else { $title = $response['password_reset']; $message = $response['resetpw_message']; } vB5_ApplicationAbstract::showMsgPage($title, $message); } else { $response = $api->callApi('user', 'emailPassword', array('userid' => 0, 'email' => $input['email'], 'hvinput' => $input['hvinput'])); $this->sendAsJson(array('response' => $response)); } }
public function setRoutes() { $this->processQueryString(); //TODO: this is a very basic and straight forward way of parsing the URI, we need to improve it //$path = isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : ''; if (isset($_GET['routestring'])) { $path = $_GET['routestring']; // remove it from $_GET unset($_GET['routestring']); // remove it from $_SERVER parse_str($_SERVER['QUERY_STRING'], $queryStringParameters); unset($queryStringParameters['routestring']); $_SERVER['QUERY_STRING'] = http_build_query($queryStringParameters, '', '&'); // Additional parameters of http_build_query() is required. See VBV-6272. } else { if (isset($_SERVER['PATH_INFO'])) { $path = $_SERVER['PATH_INFO']; } else { $path = ''; } } if (strlen($path) and $path[0] == '/') { $path = substr($path, 1); } //If there is an invalid image, js, or css request we wind up here. We can't process any of them if (strlen($path) > 2) { $ext = strtolower(substr($path, -4)); if ($ext == '.gif' or $ext == '.png' or $ext == '.jpg' or $ext == '.css' or strtolower(substr($path, -3)) == '.js') { header("HTTP/1.0 404 Not Found"); die(''); } } try { $message = ''; // Start with no error. $route = Api_InterfaceAbstract::instance()->callApi('route', 'getRoute', array('pathInfo' => $path, 'queryString' => $_SERVER['QUERY_STRING'])); } catch (Exception $e) { $message = $e->getMessage(); if ($message != 'no_vb5_database') { /* Some other exception happened */ vB5_ApplicationAbstract::handleException($e, true); } } if (isset($route['errors'])) { $message = $route['errors'][0][1]; if ($message != 'no_vb5_database') { /* Some other exception happened */ throw new vB5_Exception($message); } } if ($message == 'no_vb5_database') { /* Seem we dont have a valid vB5 database */ // TODO: as we removed baseurl from config.php, we need to find a way redirecting user to installer correctly. header('Location: core/install/index.php'); exit; } if (!empty($route)) { if (isset($route['redirect'])) { header('Location: ' . vB5_Template_Options::instance()->get('options.frontendurl') . $route['redirect'], true, 301); exit; } else { if (isset($route['internal_error'])) { vB5_ApplicationAbstract::handleException($route['internal_error']); } else { if (isset($route['banned_info'])) { vB5_ApplicationAbstract::handleBannedUsers($route['banned_info']); } else { if (isset($route['no_permission'])) { vB5_ApplicationAbstract::handleNoPermission(); } else { if (isset($route['forum_closed'])) { vB5_ApplicationAbstract::showMsgPage('', $route['forum_closed'], 'bbclosedreason'); // Use 'bbclosedreason' as state param here to match the one specified in vB_Api_State::checkBeforeView() die; } else { $this->routeId = $route['routeid']; $this->routeGuid = $route['routeguid']; $this->controller = $route['controller']; $this->action = $route['action']; $this->template = $route['template']; $this->arguments = $route['arguments']; $this->queryParameters = $route['queryParameters']; $this->pageKey = $route['pageKey']; if (!empty($route['userAction']) and is_array($route['userAction'])) { $this->userAction['action'] = array_shift($route['userAction']); $this->userAction['params'] = $route['userAction']; } else { $this->userAction = false; } $this->breadcrumbs = $route['breadcrumbs']; $this->headlinks = $route['headlinks']; if (!in_array($this->action, $this->whitelist)) { vB5_ApplicationAbstract::checkState($route); } return; } } } } } } else { // if no route was matched, try to parse route as /controller/method $stripped_path = preg_replace('/[^a-z0-9\\/-]+/i', '', trim(strval($path), '/')); if (strpos($stripped_path, '/')) { list($controller, $method) = explode('/', strtolower($stripped_path), 2); } else { $controller = $stripped_path; $method = 'index'; } $controller = preg_replace_callback('#(?:^|-)(.)#', function ($matches) { return strtoupper($matches[1]); }, strtolower($controller)); $method = preg_replace_callback('#(?:^|-)(.)#', function ($matches) { return strtoupper($matches[1]); }, strtolower($method)); $controllerClass = 'vB5_Frontend_Controller_' . $controller; $controllerMethod = 'action' . $method; if (class_exists($controllerClass) and method_exists($controllerClass, $controllerMethod)) { $this->controller = strtolower($controller); $this->action = $controllerMethod; $this->template = ''; $this->arguments = array(); $this->queryParameters = array(); if (!in_array($this->action, $this->whitelist)) { vB5_ApplicationAbstract::checkState(array('controller' => $this->controller, 'action' => $this->action)); } return; } } //this could be a legacy file that we need to proxy. The relay controller will handle //cases where this is not a valid file. Only handle files in the "root directory". We'll //handle deeper paths via more standard routes. if (strpos($path, '/') === false) { $this->controller = 'relay'; $this->action = 'legacy'; $this->template = ''; $this->arguments = array($path); $this->queryParameters = array(); return; } vB5_ApplicationAbstract::checkState(); throw new vB5_Exception_404("invalid_page_url"); }