/** * Execute the extra. */ public function execute() { // get activation key $key = $this->URL->getParameter(0); // load template $this->loadTemplate(); // do we have an activation key? if (isset($key)) { // get profile id $profileId = FrontendProfilesModel::getIdBySetting('activation_key', $key); // have id? if ($profileId != null) { // update status FrontendProfilesModel::update($profileId, array('status' => 'active')); // delete activation key FrontendProfilesModel::deleteSetting($profileId, 'activation_key'); // login profile FrontendProfilesAuthentication::login($profileId); // trigger event FrontendModel::triggerEvent('Profiles', 'after_activate', array('id' => $profileId)); // show success message $this->tpl->assign('activationSuccess', true); } else { // failure $this->redirect(FrontendNavigation::getURL(404)); } } else { $this->redirect(FrontendNavigation::getURL(404)); } }
/** * Execute the extra. */ public function execute() { // logout if (FrontendProfilesAuthentication::isLoggedIn()) { FrontendProfilesAuthentication::logout(); } // trigger event FrontendModel::triggerEvent('Profiles', 'after_logout'); // redirect $this->redirect(SITE_URL); }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // validate required fields $email = $this->frm->getField('email'); // validate required fields if ($email->isEmail(FL::err('EmailIsInvalid'))) { if (FrontendMailmotorModel::isSubscribed($email->getValue())) { $email->addError(FL::err('AlreadySubscribed')); } } // no errors if ($this->frm->isCorrect()) { try { // subscribe the user to our default group if (!FrontendMailmotorCMHelper::subscribe($email->getValue())) { throw new FrontendException('Could not subscribe'); } // trigger event FrontendModel::triggerEvent('Mailmotor', 'after_subscribe', array('email' => $email->getValue())); // redirect $this->redirect(FrontendNavigation::getURLForBlock('Mailmotor', 'Subscribe') . '?sent=true#subscribeForm'); } catch (\Exception $e) { // make sure RedirectExceptions get thrown if ($e instanceof RedirectException) { throw $e; } // when debugging we need to see the exceptions if ($this->getContainer()->getParameter('kernel.debug')) { throw $e; } // show error $this->tpl->assign('subscribeHasError', true); } } else { $this->tpl->assign('subscribeHasFormError', true); } } }
/** * Validate the form. */ private function validateForm() { // submitted if ($this->frm->isSubmitted()) { // does the key exists? if (\SpoonSession::exists('formbuilder_' . $this->item['id'])) { // calculate difference $diff = time() - (int) \SpoonSession::get('formbuilder_' . $this->item['id']); // calculate difference, it it isn't 10 seconds the we tell the user to slow down if ($diff < 10 && $diff != 0) { $this->frm->addError(FL::err('FormTimeout')); } } // validate fields foreach ($this->item['fields'] as $field) { // field name $fieldName = 'field' . $field['id']; // skip if ($field['type'] == 'submit' || $field['type'] == 'paragraph' || $field['type'] == 'heading') { continue; } // loop other validations foreach ($field['validations'] as $rule => $settings) { // already has an error so skip if ($this->frm->getField($fieldName)->getErrors() !== null) { continue; } // required if ($rule == 'required') { $this->frm->getField($fieldName)->isFilled($settings['error_message']); } elseif ($rule == 'email') { // only check this if the field is filled, if the field is required it will be validated before if ($this->frm->getField($fieldName)->isFilled()) { $this->frm->getField($fieldName)->isEmail($settings['error_message']); } } elseif ($rule == 'numeric') { // only check this if the field is filled, if the field is required it will be validated before if ($this->frm->getField($fieldName)->isFilled()) { $this->frm->getField($fieldName)->isNumeric($settings['error_message']); } } elseif ($rule == 'time') { $regexTime = '/^(([0-1][0-9]|2[0-3]|[0-9])|([0-1][0-9]|2[0-3]|[0-9])(:|h)[0-5]?[0-9]?)$/'; if (!\SpoonFilter::isValidAgainstRegexp($regexTime, $this->frm->getField($fieldName)->getValue())) { $this->frm->getField($fieldName)->setError($settings['error_message']); } } } } // valid form if ($this->frm->isCorrect()) { // item $data['form_id'] = $this->item['id']; $data['session_id'] = \SpoonSession::getSessionId(); $data['sent_on'] = FrontendModel::getUTCDate(); $data['data'] = serialize(array('server' => $_SERVER)); // insert data $dataId = FrontendFormBuilderModel::insertData($data); // init fields array $fields = array(); // loop all fields foreach ($this->item['fields'] as $field) { // skip if ($field['type'] == 'submit' || $field['type'] == 'paragraph' || $field['type'] == 'heading') { continue; } // field data $fieldData['data_id'] = $dataId; $fieldData['label'] = $field['settings']['label']; $fieldData['value'] = $this->frm->getField('field' . $field['id'])->getValue(); if ($field['type'] == 'radiobutton') { $values = array(); foreach ($field['settings']['values'] as $value) { $values[$value['value']] = $value['label']; } $fieldData['value'] = $values[$fieldData['value']]; } // clean up if (is_array($fieldData['value']) && empty($fieldData['value'])) { $fieldData['value'] = null; } // serialize if ($fieldData['value'] !== null) { $fieldData['value'] = serialize($fieldData['value']); } // save fields data $fields[$field['id']] = $fieldData; // insert FrontendFormBuilderModel::insertDataField($fieldData); } $this->get('event_dispatcher')->dispatch(FormBuilderEvents::FORM_SUBMITTED, new FormBuilderSubmittedEvent($this->item, $fields, $dataId)); // trigger event FrontendModel::triggerEvent('FormBuilder', 'after_submission', array('form_id' => $this->item['id'], 'data_id' => $dataId, 'data' => $data, 'fields' => $fields, 'visitorId' => FrontendModel::getVisitorId())); // store timestamp in session so we can block excessive usage \SpoonSession::set('formbuilder_' . $this->item['id'], time()); // redirect $redirect = SITE_URL . $this->URL->getQueryString(); $redirect .= stripos($redirect, '?') === false ? '?' : '&'; $redirect .= 'identifier=' . $this->item['identifier']; $redirect .= '#' . $this->formName; throw new RedirectException('Redirect', new RedirectResponse($redirect)); } else { // not correct, show errors // global form errors set if ($this->frm->getErrors() != '') { $this->tpl->assign('formBuilderError', $this->frm->getErrors()); } else { // general error $this->tpl->assign('formBuilderError', FL::err('FormError')); } } } }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtDisplayName = $this->frm->getField('display_name'); $txtEmail = $this->frm->getField('email'); $txtPassword = $this->frm->getField('password'); // check email if ($txtEmail->isFilled(FL::getError('EmailIsRequired'))) { // valid email? if ($txtEmail->isEmail(FL::getError('EmailIsInvalid'))) { // email already exists? if (FrontendProfilesModel::existsByEmail($txtEmail->getValue())) { // set error $txtEmail->setError(FL::getError('EmailExists')); } } } // check password $txtPassword->isFilled(FL::getError('PasswordIsRequired')); // no errors if ($this->frm->isCorrect()) { // init values $settings = array(); $values = array(); // generate salt $settings['salt'] = FrontendProfilesModel::getRandomString(); $settings['language'] = FRONTEND_LANGUAGE; // values $values['email'] = $txtEmail->getValue(); $values['password'] = FrontendProfilesModel::getEncryptedString($txtPassword->getValue(), $settings['salt']); $values['status'] = 'inactive'; $values['display_name'] = $txtDisplayName->getValue(); $values['registered_on'] = FrontendModel::getUTCDate(); $values['last_login'] = FrontendModel::getUTCDate(null, 0); /* * Add a profile. * We use a try-catch statement to catch errors when more users sign up simultaneously. */ try { // insert profile $profileId = FrontendProfilesModel::insert($values); // use the profile id as url until we have an actual url FrontendProfilesModel::update($profileId, array('url' => FrontendProfilesModel::getUrl($values['display_name']))); // trigger event FrontendModel::triggerEvent('Profiles', 'after_register', array('id' => $profileId)); // generate activation key $settings['activation_key'] = FrontendProfilesModel::getEncryptedString($profileId . microtime(), $settings['salt']); // set settings FrontendProfilesModel::setSettings($profileId, $settings); // login FrontendProfilesAuthentication::login($profileId); // activation URL $mailValues['activationUrl'] = SITE_URL . FrontendNavigation::getURLForBlock('Profiles', 'Activate') . '/' . $settings['activation_key']; // send email $from = $this->get('fork.settings')->get('Core', 'mailer_from'); $replyTo = $this->get('fork.settings')->get('Core', 'mailer_reply_to'); $message = \Common\Mailer\Message::newInstance(FL::getMessage('RegisterSubject'))->setFrom(array($from['email'] => $from['name']))->setTo(array($txtEmail->getValue() => ''))->setReplyTo(array($replyTo['email'] => $replyTo['name']))->parseHtml(FRONTEND_MODULES_PATH . '/Profiles/Layout/Templates/Mails/Register.tpl', $mailValues, true); $this->get('mailer')->send($message); // redirect $this->redirect(SITE_URL . '/' . $this->URL->getQueryString() . '?sent=true'); } catch (\Exception $e) { // when debugging we need to see the exceptions if ($this->getContainer()->getParameter('kernel.debug')) { throw $e; } // show error $this->tpl->assign('registerHasFormError', true); } } else { $this->tpl->assign('registerHasFormError', true); } } }
/** * Validate the form */ private function validateForm() { // get settings $commentsAllowed = isset($this->settings['allow_comments']) && $this->settings['allow_comments']; // comments aren't allowed so we don't have to validate if (!$commentsAllowed) { return false; } // is the form submitted if ($this->frm->isSubmitted()) { // cleanup the submitted fields, ignore fields that were added by hackers $this->frm->cleanupFields(); // does the key exists? if (\SpoonSession::exists('blog_comment_' . $this->record['id'])) { // calculate difference $diff = time() - (int) \SpoonSession::get('blog_comment_' . $this->record['id']); // calculate difference, it it isn't 10 seconds the we tell the user to slow down if ($diff < 10 && $diff != 0) { $this->frm->getField('message')->addError(FL::err('CommentTimeout')); } } // validate required fields $this->frm->getField('author')->isFilled(FL::err('AuthorIsRequired')); $this->frm->getField('email')->isEmail(FL::err('EmailIsRequired')); $this->frm->getField('message')->isFilled(FL::err('MessageIsRequired')); // validate optional fields if ($this->frm->getField('website')->isFilled() && $this->frm->getField('website')->getValue() != 'http://') { $this->frm->getField('website')->isURL(FL::err('InvalidURL')); } // no errors? if ($this->frm->isCorrect()) { // get module setting $spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter']; $moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation']; // reformat data $author = $this->frm->getField('author')->getValue(); $email = $this->frm->getField('email')->getValue(); $website = $this->frm->getField('website')->getValue(); if (trim($website) == '' || $website == 'http://') { $website = null; } $text = $this->frm->getField('message')->getValue(); // build array $comment['post_id'] = $this->record['id']; $comment['language'] = FRONTEND_LANGUAGE; $comment['created_on'] = FrontendModel::getUTCDate(); $comment['author'] = $author; $comment['email'] = $email; $comment['website'] = $website; $comment['text'] = $text; $comment['status'] = 'published'; $comment['data'] = serialize(array('server' => $_SERVER)); // get URL for article $permaLink = $this->record['full_url']; $redirectLink = $permaLink; // is moderation enabled if ($moderationEnabled) { // if the commenter isn't moderated before alter the // comment status so it will appear in the moderation queue if (!FrontendBlogModel::isModerated($author, $email)) { $comment['status'] = 'moderation'; } } // should we check if the item is spam if ($spamFilterEnabled) { // check for spam $result = FrontendModel::isSpam($text, SITE_URL . $permaLink, $author, $email, $website); // if the comment is spam alter the comment status so it will appear in the spam queue if ($result) { $comment['status'] = 'spam'; } elseif ($result == 'unknown') { // if the status is unknown then we should moderate it manually $comment['status'] = 'moderation'; } } // insert comment $comment['id'] = FrontendBlogModel::insertComment($comment); // trigger event FrontendModel::triggerEvent('Blog', 'after_add_comment', array('comment' => $comment)); // append a parameter to the URL so we can show moderation if (strpos($redirectLink, '?') === false) { if ($comment['status'] == 'moderation') { $redirectLink .= '?comment=moderation#' . FL::act('Comment'); } if ($comment['status'] == 'spam') { $redirectLink .= '?comment=spam#' . FL::act('Comment'); } if ($comment['status'] == 'published') { $redirectLink .= '?comment=true#comment-' . $comment['id']; } } else { if ($comment['status'] == 'moderation') { $redirectLink .= '&comment=moderation#' . FL::act('Comment'); } if ($comment['status'] == 'spam') { $redirectLink .= '&comment=spam#' . FL::act('Comment'); } if ($comment['status'] == 'published') { $redirectLink .= '&comment=true#comment-' . $comment['id']; } } // set title $comment['post_title'] = $this->record['title']; $comment['post_url'] = $this->record['url']; // notify the admin FrontendBlogModel::notifyAdmin($comment); // store timestamp in session so we can block excessive usage \SpoonSession::set('blog_comment_' . $this->record['id'], time()); // store author-data in cookies try { CommonCookie::set('comment_author', $author); CommonCookie::set('comment_email', $email); CommonCookie::set('comment_website', $website); } catch (\Exception $e) { // settings cookies isn't allowed, but because this isn't a real problem we ignore the exception } // redirect $this->redirect($redirectLink); } } }
/** * Validate the form */ private function validateForm() { $feedbackAllowed = isset($this->settings['allow_feedback']) && $this->settings['allow_feedback']; if (!$feedbackAllowed) { return false; } if ($this->frm->isSubmitted()) { // reformat data $useful = $this->frm->getField('useful')->getValue() == 'Y'; // the form has been sent $this->tpl->assign('hideFeedbackNoInfo', $useful); // cleanup the submitted fields, ignore fields that were added by hackers $this->frm->cleanupFields(); // validate required fields if (!$useful) { $this->frm->getField('message')->isFilled(FL::err('FeedbackIsRequired')); } if ($this->frm->isCorrect()) { // reformat data $text = $this->frm->getField('message')->getValue(); // get feedback in session $previousFeedback = \SpoonSession::exists('faq_feedback_' . $this->record['id']) ? \SpoonSession::get('faq_feedback_' . $this->record['id']) : null; // update counters FrontendFaqModel::updateFeedback($this->record['id'], $useful, $previousFeedback); // save feedback in session \SpoonSession::set('faq_feedback_' . $this->record['id'], $useful); // answer is yes so there's no feedback if (!$useful) { // get module setting $spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter']; // build array $variables['question_id'] = $this->record['id']; $variables['sentOn'] = time(); $variables['text'] = $text; // should we check if the item is spam if ($spamFilterEnabled) { // the comment is spam if (FrontendModel::isSpam($text, $variables['question_link'])) { // set the status to spam $this->redirect($this->record['full_url'] . '/' . FL::getAction('Spam')); } } // save the feedback FrontendFaqModel::saveFeedback($variables); // send email on new feedback? if ($this->get('fork.settings')->get('Faq', 'send_email_on_new_feedback')) { // add the question $variables['question'] = $this->record['question']; $to = $this->get('fork.settings')->get('Core', 'mailer_to'); $from = $this->get('fork.settings')->get('Core', 'mailer_from'); $replyTo = $this->get('fork.settings')->get('Core', 'mailer_reply_to'); $message = Message::newInstance(sprintf(FL::getMessage('FaqFeedbackSubject'), $this->record['question']))->setFrom(array($from['email'] => $from['name']))->setTo(array($to['email'] => $to['name']))->setReplyTo(array($replyTo['email'] => $replyTo['name']))->parseHtml('/Faq/Layout/Templates/Mails/Feedback.html.twig', $variables, true); $this->get('mailer')->send($message); } } // trigger event FrontendModel::triggerEvent('Faq', 'after_add_feedback', array('comment' => $text)); // save status $this->redirect($this->record['full_url'] . '/' . FL::getAction('Success')); } } else { // form hasn't been sent $this->tpl->assign('hideFeedbackNoInfo', true); } }
/** * Validate the form */ private function validateForm() { // get settings $subscriptionsAllowed = isset($this->settings['allow_subscriptions']) && $this->settings['allow_subscriptions']; // subscriptions aren't allowed so we don't have to validate if (!$subscriptionsAllowed) { return false; } // is the form submitted if ($this->frm->isSubmitted()) { // cleanup the submitted fields, ignore fields that were added by hackers $this->frm->cleanupFields(); // does the key exists? if (\SpoonSession::exists('agenda_subscription_' . $this->record['id'])) { // calculate difference $diff = time() - (int) \SpoonSession::get('agenda_subscription_' . $this->record['id']); // calculate difference, it it isn't 10 seconds the we tell the user to slow down if ($diff < 10 && $diff != 0) { $this->frm->getField('message')->addError(FL::err('CommentTimeout')); } } // validate required fields $this->frm->getField('name')->isFilled(FL::err('NameIsRequired')); $this->frm->getField('email')->isEmail(FL::err('EmailIsRequired')); // no errors? if ($this->frm->isCorrect()) { // get module setting $moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation']; // reformat data $name = $this->frm->getField('name')->getValue(); $email = $this->frm->getField('email')->getValue(); // build array $subscription['agenda_id'] = $this->record['id']; $subscription['language'] = FRONTEND_LANGUAGE; $subscription['created_on'] = FrontendModel::getUTCDate(); $subscription['name'] = $name; $subscription['email'] = $email; $subscription['status'] = 'subscribed'; // get URL for article $permaLink = $this->record['full_url']; $redirectLink = $permaLink; // is moderation enabled if ($moderationEnabled) { // if the commenter isn't moderated before alter the subscription status so it will appear in the moderation queue if (!FrontendAgendaModel::isModerated($name, $email)) { $subscription['status'] = 'moderation'; } } // insert comment $subscription['id'] = FrontendAgendaModel::insertSubscription($subscription); // trigger event FrontendModel::triggerEvent('agenda', 'after_add_subscription', array('subscription' => $subscription)); // append a parameter to the URL so we can show moderation if (strpos($redirectLink, '?') === false) { if ($subscription['status'] == 'moderation') { $redirectLink .= '?subscription=moderation#' . FL::act('Subscribe'); } if ($subscription['status'] == 'subscribed') { $redirectLink .= '?subscription=true#subscription-' . $subscription['id']; } } else { if ($subscription['status'] == 'moderation') { $redirectLink .= '&subscription=moderation#' . FL::act('Subscribe'); } if ($subscription['status'] == 'subscribed') { $redirectLink .= '&subscription=true#comment-' . $subscription['id']; } } // set title $subscription['agenda_title'] = $this->record['title']; $subscription['agenda_url'] = $this->record['url']; // notify the admin FrontendAgendaModel::notifyAdmin($subscription); // store timestamp in session so we can block excessive usage \SpoonSession::set('agenda_subscription_' . $this->record['id'], time()); // store author-data in cookies try { Cookie::set('subscription_author', $name); Cookie::set('subscription_email', $email); } catch (Exception $e) { // settings cookies isn't allowed, but because this isn't a real problem we ignore the exception } // redirect $this->redirect($redirectLink); } } }
/** * Loads the actual components on the page */ public function load() { // set tracking cookie Model::getVisitorId(); // get pageId for requested URL $this->pageId = Navigation::getPageId(implode('/', $this->URL->getPages())); // set headers if this is a 404 page if ($this->pageId == 404) { $this->statusCode = 404; if (extension_loaded('newrelic')) { newrelic_name_transaction('404'); } } // create breadcrumb instance $this->breadcrumb = new Breadcrumb($this->getKernel()); // create header instance $this->header = new Header($this->getKernel()); // new footer instance $this->footer = new Footer($this->getKernel()); // get page content $this->getPageContent(); // process page $this->processPage(); // execute all extras linked to the page $this->processExtras(); // store statistics $this->storeStatistics(); // trigger event Model::triggerEvent('Core', 'after_page_processed', array('id' => $this->getId(), 'record' => $this->getRecord(), 'statusCode' => $this->getStatusCode(), 'sessionId' => \SpoonSession::getSessionId(), 'visitorId' => Model::getVisitorId(), 'SESSION' => $_SESSION, 'COOKIE' => $_COOKIE, 'GET' => $_GET, 'POST' => $_POST, 'SERVER' => $_SERVER)); }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get values $email = $this->frm->getField('email'); // validate required fields if ($email->isEmail(FL::err('EmailIsInvalid'))) { // email does not exist if (!FrontendMailmotorModel::exists($email->getValue())) { $email->addError(FL::err('EmailNotInDatabase')); } // user is already unsubscribed if (!FrontendMailmotorModel::isSubscribed($email->getValue(), $this->group)) { $email->addError(FL::err('AlreadyUnsubscribed')); } } // no errors and email address does not exist if ($this->frm->isCorrect()) { try { // unsubscribe the user from our default group if (!FrontendMailmotorCMHelper::unsubscribe($email->getValue(), $this->group)) { throw new FrontendException('Could not unsubscribe'); } // trigger event FrontendModel::triggerEvent('Mailmotor', 'after_unsubscribe', array('email' => $email->getValue())); // redirect $this->redirect(FrontendNavigation::getURLForBlock('Mailmotor', 'Unsubscribe') . '?sent=true#unsubscribeForm'); } catch (\Exception $e) { // when debugging we need to see the exceptions if ($this->getContainer()->getParameter('kernel.debug')) { throw $e; } // show error $this->tpl->assign('unsubscribeHasError', true); } } else { $this->tpl->assign('unsubscribeHasFormError', true); } } }
/** * Validate the form * * @return void */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // validate required fields $email = $this->frm->getField('email'); // validate required fields if ($email->isEmail(FL::err('EmailIsInvalid'))) { if (FrontendModel::get('mailmotor.member')->isSubscribed($email->getValue())) { $email->addError(FL::err('AlreadySubscribed')); } // we need to add this because the line below. // $this->frm->getErrors() only checks if form errors are set, not if an element in the form has errors. } else { $this->frm->addError(FL::err('AlreadySubscribed')); } // no errors? if ($this->frm->isCorrect()) { // build $mergeVars = array(); try { // subscribe the user to our default group FrontendModel::get('mailmotor.member')->subscribe($email->getValue(), null, $mergeVars); // trigger event FrontendModel::triggerEvent('MailMotor', 'after_subscribe', array('email' => $email->getValue())); // redirect $this->redirect(FrontendNavigation::getURLForBlock('MailMotor', 'Subscribe') . '?sent=true#mailMotorSubscribeForm'); } catch (Exception $e) { // when debugging we need to see the exceptions if (\SPOON_DEBUG) { throw $e; } // show error $this->tpl->assign('mailMotorSubscribeHasError', true); } // show errors } else { $this->tpl->assign('mailMotorSubscribeHasFormError', true); } } }
/** * Validate the form. */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtEmail = $this->frm->getField('email'); $txtPassword = $this->frm->getField('password'); $chkRemember = $this->frm->getField('remember'); // required fields $txtEmail->isFilled(FL::getError('EmailIsRequired')); $txtPassword->isFilled(FL::getError('PasswordIsRequired')); // both fields filled in if ($txtEmail->isFilled() && $txtPassword->isFilled()) { // valid email? if ($txtEmail->isEmail(FL::getError('EmailIsInvalid'))) { // get the status for the given login $loginStatus = FrontendProfilesAuthentication::getLoginStatus($txtEmail->getValue(), $txtPassword->getValue()); // valid login? if ($loginStatus !== FrontendProfilesAuthentication::LOGIN_ACTIVE) { // get the error string to use $errorString = sprintf(FL::getError('Profiles' . \SpoonFilter::toCamelCase($loginStatus) . 'Login'), FrontendNavigation::getURLForBlock('Profiles', 'ResendActivation')); // add the error to stack $this->frm->addError($errorString); // add the error to the template variables $this->tpl->assign('loginError', $errorString); } } } // valid login if ($this->frm->isCorrect()) { // get profile id $profileId = FrontendProfilesModel::getIdByEmail($txtEmail->getValue()); // login FrontendProfilesAuthentication::login($profileId, $chkRemember->getChecked()); // update salt and password for Dieter's security features FrontendProfilesAuthentication::updatePassword($profileId, $txtPassword->getValue()); // trigger event FrontendModel::triggerEvent('Profiles', 'after_logged_in', array('id' => $profileId)); // query string $queryString = urldecode(\SpoonFilter::getGetValue('queryString', null, SITE_URL)); // redirect $this->redirect($queryString); } } }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // cleanup the submitted fields, ignore fields that were added by hackers $this->frm->cleanupFields(); // validate required fields $this->frm->getField('email')->isEmail(FL::err('EmailIsRequired')); $this->frm->getField('fname')->isFilled(FL::err('MessageIsRequired')); $this->frm->getField('lname')->isFilled(FL::err('MessageIsRequired')); $this->frm->getField('address')->isFilled(FL::err('MessageIsRequired')); $this->frm->getField('hnumber')->isFilled(FL::err('MessageIsRequired')); $this->frm->getField('postal')->isFilled(FL::err('MessageIsRequired')); $this->frm->getField('hometown')->isFilled(FL::err('MessageIsRequired')); // correct? if ($this->frm->isCorrect()) { // build array $order['email'] = $this->frm->getField('email')->getValue(); $order['fname'] = $this->frm->getField('fname')->getValue(); $order['lname'] = $this->frm->getField('lname')->getValue(); $order['address'] = $this->frm->getField('address')->getValue(); $order['hnumber'] = $this->frm->getField('hnumber')->getValue(); $order['postal'] = $this->frm->getField('postal')->getValue(); $order['hometown'] = $this->frm->getField('hometown')->getValue(); $order['status'] = 'moderation'; // insert values in database FrontendCatalogModel::updateOrder($order, $this->cookieOrderId); // delete cookie $argument = 'order_id'; unset($_COOKIE[(string) $argument]); setcookie((string) $argument, null, 1, '/'); // set cookies person --> optional Cookie::set('email', $order['email']); Cookie::set('fname', $order['fname']); Cookie::set('lname', $order['lname']); Cookie::set('address', $order['address']); Cookie::set('hnumber', $order['hnumber']); Cookie::set('postal', $order['postal']); Cookie::set('hometown', $order['hometown']); Cookie::set('status', $order['status']); // trigger event FrontendModel::triggerEvent('Catalog', 'after_add_order', array('order' => $order)); $url = FrontendNavigation::getURLForBlock('Catalog', 'OrderReceived'); $this->redirect($url); } } }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get field $txtEmail = $this->frm->getField('email'); // field is filled in? if ($txtEmail->isFilled(FL::getError('EmailIsRequired'))) { // valid email? if ($txtEmail->isEmail(FL::getError('EmailIsInvalid'))) { // email exists? if (FrontendProfilesModel::existsByEmail($txtEmail->getValue())) { // get profile id using the filled in email $profileId = FrontendProfilesModel::getIdByEmail($txtEmail->getValue()); // get profile $profile = FrontendProfilesModel::get($profileId); // must be inactive if ($profile->getStatus() != FrontendProfilesAuthentication::LOGIN_INACTIVE) { $txtEmail->addError(FL::getError('ProfileIsActive')); } } else { // email don't exist $txtEmail->addError(FL::getError('EmailIsInvalid')); } } } // valid login if ($this->frm->isCorrect()) { // activation URL $mailValues['activationUrl'] = SITE_URL . FrontendNavigation::getURLForBlock('Profiles', 'Activate') . '/' . $profile->getSetting('activation_key'); // trigger event FrontendModel::triggerEvent('Profiles', 'after_resend_activation', array('id' => $profileId)); // send email $from = $this->get('fork.settings')->get('Core', 'mailer_from'); $replyTo = $this->get('fork.settings')->get('Core', 'mailer_reply_to'); $message = Message::newInstance(FL::getMessage('RegisterSubject'))->setFrom(array($from['email'] => $from['name']))->setTo(array($profile->getEmail() => ''))->setReplyTo(array($replyTo['email'] => $replyTo['name']))->parseHtml('/Profiles/Layout/Templates/Mails/Register.html.twig', $mailValues, true); $this->get('mailer')->send($message); // redirect $this->redirect(SITE_URL . $this->URL->getQueryString() . '?sent=true'); } else { $this->tpl->assign('resendActivationHasError', true); } } }
/** * Loads the actual components on the page */ public function load() { // set tracking cookie Model::getVisitorId(); // create header instance $this->header = new Header($this->getKernel()); // get page content from pageId of the requested URL $this->record = $this->getPageContent(Navigation::getPageId(implode('/', $this->URL->getPages()))); if (empty($this->record)) { $this->record = Model::getPage(404); } // authentication if (BackendModel::isModuleInstalled('Profiles') && isset($this->record['data']['auth_required'])) { $data = $this->record['data']; // is auth required and is profile logged in if ($data['auth_required']) { if (!FrontendAuthenticationModel::isLoggedIn()) { // redirect to login page $queryString = $this->URL->getQueryString(); throw new RedirectException('Redirect', new RedirectResponse(Navigation::getURLForBlock('Profiles', 'Login') . '?queryString=' . $queryString)); } // specific groups for auth? if (!empty($data['auth_groups'])) { $inGroup = false; foreach ($data['auth_groups'] as $group) { if (FrontendAuthenticationModel::getProfile()->isInGroup($group)) { $inGroup = true; } } if (!$inGroup) { $this->record = Model::getPage(404); } } } } // we need to set the correct id $this->pageId = (int) $this->record['id']; // set headers if this is a 404 page if ($this->pageId == 404) { $this->statusCode = 404; if (extension_loaded('newrelic')) { newrelic_name_transaction('404'); } } // create breadcrumb instance $this->breadcrumb = new Breadcrumb($this->getKernel()); // new footer instance $this->footer = new Footer($this->getKernel()); // process page $this->processPage(); // execute all extras linked to the page $this->processExtras(); // store statistics $this->storeStatistics(); // trigger event Model::triggerEvent('Core', 'after_page_processed', array('id' => $this->getId(), 'record' => $this->getRecord(), 'statusCode' => $this->getStatusCode(), 'sessionId' => \SpoonSession::getSessionId(), 'visitorId' => Model::getVisitorId(), 'SESSION' => $_SESSION, 'COOKIE' => $_COOKIE, 'GET' => $_GET, 'POST' => $_POST, 'SERVER' => $_SERVER)); }
/** * Validate the form * * @return void */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get values $email = $this->frm->getField('email'); // validate required fields if ($email->isEmail(FL::err('EmailIsInvalid'))) { // email does not exist if (!FrontendModel::get('mailmotor.member')->exists($email->getValue())) { $email->addError(FL::err('EmailNotInDatabase')); } // user is already unsubscribed if (FrontendModel::get('mailmotor.member')->isUnsubscribed($email->getValue())) { $email->addError(FL::err('AlreadyUnsubscribed')); } } // no errors and email address does not exist if ($this->frm->isCorrect()) { try { // unsubscribe the user FrontendModel::get('mailmotor.member')->unsubscribe($email->getValue()); // trigger event FrontendModel::triggerEvent('MailMotor', 'after_unsubscribe', array('email' => $email->getValue())); // redirect $this->redirect(FrontendNavigation::getURLForBlock('MailMotor', 'Unsubscribe') . '?sent=true#unsubscribeForm'); } catch (Exception $e) { // show error $this->tpl->assign('mailMotorUnsubscribeHasError', true); } // show errors } else { $this->tpl->assign('mailMotorUnsubscribeHasFormError', true); } } }
/** * Validate the form. */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtPassword = $this->frm->getField('password'); $txtEmail = $this->frm->getField('email'); // password filled in? if ($txtPassword->isFilled(FL::getError('PasswordIsRequired'))) { // password correct? if (FrontendProfilesAuthentication::getLoginStatus($this->profile->getEmail(), $txtPassword->getValue()) !== FrontendProfilesAuthentication::LOGIN_ACTIVE) { // set error $txtPassword->addError(FL::getError('InvalidPassword')); } // email filled in? if ($txtEmail->isFilled(FL::getError('EmailIsRequired'))) { // valid email? if ($txtEmail->isEmail(FL::getError('EmailIsInvalid'))) { // email already exists? if (FrontendProfilesModel::existsByEmail($txtEmail->getValue(), $this->profile->getId())) { // set error $txtEmail->setError(FL::getError('EmailExists')); } } } } // no errors if ($this->frm->isCorrect()) { // update email FrontendProfilesModel::update($this->profile->getId(), array('email' => $txtEmail->getValue())); // trigger event FrontendModel::triggerEvent('Profiles', 'after_change_email', array('id' => $this->profile->getId())); // redirect $this->redirect(SITE_URL . FrontendNavigation::getURLForBlock('Profiles', 'ChangeEmail') . '?sent=true'); } else { $this->tpl->assign('updateEmailHasFormError', true); } } }
/** * Login a profile. * * @param int $profileId Login the profile with this id in. * @param bool $remember Should we set a cookie for later? * @return bool */ public static function login($profileId, $remember = false) { // redefine vars $profileId = (int) $profileId; $remember = (bool) $remember; $secretKey = null; // cleanup old sessions self::cleanupOldSessions(); // set profile_logged_in to true \SpoonSession::set('frontend_profile_logged_in', true); // should we remember the user? if ($remember) { // generate secret key $secretKey = FrontendProfilesModel::getEncryptedString(\SpoonSession::getSessionId(), FrontendProfilesModel::getRandomString()); // set cookie CommonCookie::set('frontend_profile_secret_key', $secretKey); } // delete all records for this session to prevent duplicate keys (this should never happen) FrontendModel::getContainer()->get('database')->delete('profiles_sessions', 'session_id = ?', \SpoonSession::getSessionId()); // insert new session record FrontendModel::getContainer()->get('database')->insert('profiles_sessions', array('profile_id' => $profileId, 'session_id' => \SpoonSession::getSessionId(), 'secret_key' => $secretKey, 'date' => FrontendModel::getUTCDate())); // update last login FrontendProfilesModel::update($profileId, array('last_login' => FrontendModel::getUTCDate())); // trigger event FrontendModel::triggerEvent('Profiles', 'after_logged_in', array('profile_id' => $profileId)); // load the profile object self::$profile = new FrontendProfilesProfile($profileId); }
/** * Validate the form. */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtDisplayName = $this->frm->getField('display_name'); $txtFirstName = $this->frm->getField('first_name'); $txtLastName = $this->frm->getField('last_name'); $txtCity = $this->frm->getField('city'); $ddmCountry = $this->frm->getField('country'); $ddmGender = $this->frm->getField('gender'); $ddmDay = $this->frm->getField('day'); $ddmMonth = $this->frm->getField('month'); $ddmYear = $this->frm->getField('year'); // get number of display name changes $nameChanges = (int) FrontendProfilesModel::getSetting($this->profile->getId(), 'display_name_changes'); // has there been a valid display name change request? if ($this->profile->getDisplayName() !== $txtDisplayName->getValue() && $nameChanges <= FrontendProfilesModel::MAX_DISPLAY_NAME_CHANGES) { // display name filled in? if ($txtDisplayName->isFilled(FL::getError('FieldIsRequired'))) { // display name exists? if (FrontendProfilesModel::existsDisplayName($txtDisplayName->getValue(), $this->profile->getId())) { // set error $txtDisplayName->addError(FL::getError('DisplayNameExists')); } } } // birthdate is not required but if one is filled we need all if ($ddmMonth->isFilled() || $ddmDay->isFilled() || $ddmYear->isFilled()) { // valid birth date? if (!checkdate($ddmMonth->getValue(), $ddmDay->getValue(), $ddmYear->getValue())) { // set error $ddmYear->addError(FL::getError('DateIsInvalid')); } } // validate avatar when given $this->frm->getField('avatar')->isFilled(); // no errors if ($this->frm->isCorrect()) { // init $values = array(); $settings = array(); // has there been a valid display name change request? if ($this->profile->getDisplayName() !== $txtDisplayName->getValue() && $nameChanges <= FrontendProfilesModel::MAX_DISPLAY_NAME_CHANGES) { // get display name value $values['display_name'] = $txtDisplayName->getValue(); // update url based on the new display name $values['url'] = FrontendProfilesModel::getUrl($txtDisplayName->getValue(), $this->profile->getId()); // update display name count $settings['display_name_changes'] = $nameChanges + 1; } // update values if (!empty($values)) { FrontendProfilesModel::update($this->profile->getId(), $values); } // build settings $settings['first_name'] = $txtFirstName->getValue(); $settings['last_name'] = $txtLastName->getValue(); $settings['city'] = $txtCity->getValue(); $settings['country'] = $ddmCountry->getValue(); $settings['gender'] = $ddmGender->getValue(); // birthday is filled in if ($ddmYear->isFilled()) { // mysql format $settings['birth_date'] = $ddmYear->getValue() . '-'; $settings['birth_date'] .= str_pad($ddmMonth->getValue(), 2, '0', STR_PAD_LEFT) . '-'; $settings['birth_date'] .= str_pad($ddmDay->getValue(), 2, '0', STR_PAD_LEFT); } else { // not filled in $settings['birth_date'] = null; } // avatar $settings['avatar'] = $this->profile->getSetting('avatar'); // create new filename if ($this->frm->getField('avatar')->isFilled()) { // field value $settings['avatar'] = \SpoonFilter::urlise($this->profile->getDisplayName()) . '.' . $this->frm->getField('avatar')->getExtension(); // move the file $this->frm->getField('avatar')->generateThumbnails(FRONTEND_FILES_PATH . '/Profiles/Avatars/', $settings['avatar']); } // save settings $this->profile->setSettings($settings); // trigger event FrontendModel::triggerEvent('Profiles', 'after_saved_settings', array('id' => $this->profile->getId())); // redirect $this->redirect(SITE_URL . FrontendNavigation::getURLForBlock('Profiles', 'Settings') . '?sent=true'); } else { $this->tpl->assign('updateSettingsHasFormError', true); } } }
/** * Validate the form. */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtPassword = $this->frm->getField('password'); // field is filled in? $txtPassword->isFilled(FL::getError('PasswordIsRequired')); // valid if ($this->frm->isCorrect()) { // get profile id $profileId = FrontendProfilesModel::getIdBySetting('forgot_password_key', $this->URL->getParameter(0)); // remove key (we can only update the password once with this key) FrontendProfilesModel::deleteSetting($profileId, 'forgot_password_key'); // update password FrontendProfilesAuthentication::updatePassword($profileId, $txtPassword->getValue()); // login (check again because we might have logged in in the meanwhile) if (!FrontendProfilesAuthentication::isLoggedIn()) { FrontendProfilesAuthentication::login($profileId); } // trigger event FrontendModel::triggerEvent('Profiles', 'after_reset_password', array('id' => $profileId)); // redirect $this->redirect(FrontendNavigation::getURLForBlock('Profiles', 'ResetPassword') . '/' . $this->URL->getParameter(0) . '?sent=true'); } else { $this->tpl->assign('forgotPasswordHasError', true); } } }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get fields $txtOldPassword = $this->frm->getField('old_password'); $txtNewPassword = $this->frm->getField('new_password'); // old password filled in? if ($txtOldPassword->isFilled(FL::getError('PasswordIsRequired'))) { // old password correct? if (FrontendProfilesAuthentication::getLoginStatus($this->profile->getEmail(), $txtOldPassword->getValue()) !== FrontendProfilesAuthentication::LOGIN_ACTIVE) { // set error $txtOldPassword->addError(FL::getError('InvalidPassword')); } // new password filled in? $txtNewPassword->isFilled(FL::getError('PasswordIsRequired')); // passwords match? if ($this->frm->getField('new_password')->getValue() !== $this->frm->getField('verify_new_password')->getValue()) { $this->frm->getField('verify_new_password')->addError(FL::err('PasswordsDontMatch')); } } // no errors if ($this->frm->isCorrect()) { // update password FrontendProfilesAuthentication::updatePassword($this->profile->getId(), $txtNewPassword->getValue()); // trigger event FrontendModel::triggerEvent('Profiles', 'after_change_password', array('id' => $this->profile->getId())); // redirect $this->redirect(SITE_URL . FrontendNavigation::getURLForBlock('Profiles', 'ChangePassword') . '?sent=true'); } else { $this->tpl->assign('updatePasswordHasFormError', true); } } }
/** * Validate the form */ private function validateForm() { // is the form submitted if ($this->frm->isSubmitted()) { // get field $txtEmail = $this->frm->getField('email'); // field is filled in? if ($txtEmail->isFilled(FL::getError('EmailIsRequired'))) { // valid email? if ($txtEmail->isEmail(FL::getError('EmailIsInvalid'))) { // email exists? if (!FrontendProfilesModel::existsByEmail($txtEmail->getValue())) { $txtEmail->addError(FL::getError('EmailIsUnknown')); } } } // valid login if ($this->frm->isCorrect()) { // get profile id $profileId = FrontendProfilesModel::getIdByEmail($txtEmail->getValue()); // generate forgot password key $key = FrontendProfilesModel::getEncryptedString($profileId . microtime(), FrontendProfilesModel::getRandomString()); // insert forgot password key FrontendProfilesModel::setSetting($profileId, 'forgot_password_key', $key); // reset url $mailValues['resetUrl'] = SITE_URL . FrontendNavigation::getURLForBlock('Profiles', 'ResetPassword') . '/' . $key; $mailValues['firstName'] = FrontendProfilesModel::getSetting($profileId, 'first_name'); $mailValues['lastName'] = FrontendProfilesModel::getSetting($profileId, 'last_name'); // trigger event FrontendModel::triggerEvent('Profiles', 'after_forgot_password', array('id' => $profileId)); // send email $from = $this->get('fork.settings')->get('Core', 'mailer_from'); $replyTo = $this->get('fork.settings')->get('Core', 'mailer_reply_to'); $message = \Common\Mailer\Message::newInstance(FL::getMessage('ForgotPasswordSubject'))->setFrom(array($from['email'] => $from['name']))->setTo(array($txtEmail->getValue() => ''))->setReplyTo(array($replyTo['email'] => $replyTo['name']))->parseHtml(FRONTEND_MODULES_PATH . '/Profiles/Layout/Templates/Mails/ForgotPassword.tpl', $mailValues, true); $this->get('mailer')->send($message); // redirect $this->redirect(SITE_URL . '/' . $this->URL->getQueryString() . '?sent=true'); } else { $this->tpl->assign('forgotPasswordHasError', true); } } }