Exemplo n.º 1
0
 /**
  * Display whose online
  *
  * @return     void
  */
 public function displayTask()
 {
     // get all sessions
     $this->view->rows = SessionHelper::getAllSessions(array('guest' => 0, 'distinct' => 1));
     // Output the HTML
     $this->view->display();
 }
Exemplo n.º 2
0
 /**
  * Get project owners
  *
  * @param      integer $projectid
  * @param      array $filters
  * @return     object
  */
 public function getOwners($projectid = NULL, $filters = array())
 {
     if ($projectid === NULL) {
         return false;
     }
     $online = isset($filters['online']) ? $filters['online'] : 0;
     $status = isset($filters['status']) ? $filters['status'] : 'active';
     $sortby = isset($filters['sortby']) ? $filters['sortby'] : 'name';
     $sortdir = isset($filters['sortdir']) && strtoupper($filters['sortdir']) == 'DESC' ? 'DESC' : 'ASC';
     $limit = isset($filters['limit']) ? $filters['limit'] : 0;
     $limitstart = isset($filters['start']) ? $filters['start'] : 0;
     $select = isset($filters['select']) ? $filters['select'] : '';
     $native = isset($filters['native']) ? $filters['native'] : '-';
     $pub = isset($filters['pub_versionid']) && intval($filters['pub_versionid']) ? $filters['pub_versionid'] : '';
     $connected = isset($filters['connected']) ? $filters['connected'] : 0;
     $query = "SELECT DISTINCT ";
     if (!$select) {
         $query .= " o.*, x.name, x.username, x.organization, x.picture, g.cn as groupname, g.description as groupdesc, p.created_by_user ";
         $query .= ", if (o.userid = 0, o.invited_name, x.name) as fullname ";
         if ($pub) {
             $query .= " , pa.organization as a_organization, pa.name as a_name, pa.credit ";
         }
     } else {
         $query .= $select;
     }
     $query .= " FROM {$this->_tbl} AS o ";
     $query .= " JOIN #__projects as p ON o.projectid=p.id";
     if ($pub) {
         $query .= " LEFT JOIN #__publication_authors as pa ON o.id=pa.project_owner_id AND pa.publication_version_id=" . $this->_db->quote($pub);
     }
     $query .= " LEFT JOIN #__xprofiles as x ON o.userid=x.uidNumber ";
     $query .= " LEFT JOIN #__xgroups as g ON o.groupid=g.gidNumber ";
     if (is_numeric($projectid)) {
         $query .= " WHERE o.projectid=" . $this->_db->quote($projectid);
     } else {
         $query .= " WHERE p.alias=" . $this->_db->quote($projectid);
     }
     $query .= " AND (o.userid > 0 OR o.invited_email IS NOT NULL OR o.invited_name IS NOT NULL) ";
     if (is_numeric($status)) {
         $query .= " AND o.status=" . $this->_db->quote($status);
     } elseif ($status == 'active') {
         $query .= " AND o.status!=2 ";
     }
     if ($native != '-') {
         $query .= " AND o.native=" . $this->_db->quote($native);
     }
     if (isset($filters['role'])) {
         $query .= " AND o.role=" . intval($filters['role']);
     }
     if ($connected) {
         $query .= " AND o.userid > 0";
         $query .= " AND o.params LIKE '%google_token=%'";
     }
     if ($pub) {
         $query .= " GROUP BY o.id ";
     }
     $query .= " ORDER BY ";
     switch ($sortby) {
         case 'status':
         default:
             $query .= " o.status {$sortdir}, o.added DESC ";
             break;
         case 'group':
             $query .= " g.cn {$sortdir}, fullname ASC ";
             break;
         case 'added':
             $query .= " o.added DESC ";
             break;
         case 'date':
             $query .= " o.added {$sortdir}, fullname ASC ";
             break;
         case 'role':
             $query .= " o.role {$sortdir}, fullname ASC ";
             break;
     }
     if (isset($limit) && $limit != 0) {
         $query .= " LIMIT " . intval($limitstart) . ", " . intval($limit);
     }
     $this->_db->setQuery($query);
     $owners = $this->_db->loadObjectList();
     // if we want online owners
     // use session helper class
     if ($online) {
         foreach ($owners as $k => $owner) {
             $online = SessionHelper::getSessionWithUserId($owner->userid);
             $owners[$k]->online = count($online);
         }
     }
     return $owners;
 }
Exemplo n.º 3
0
 /**
  * Download a file
  * Runs through various permissions checks to ensure user has access
  *
  * @return     void
  */
 public function downloadTask()
 {
     // Incoming
     $id = Request::getInt('id', 0);
     $alias = Request::getVar('alias', '');
     $d = Request::getVar('d', 'inline');
     //make sure we have a proper disposition
     if ($d != "inline" && $d != "attachment") {
         $d = "inline";
     }
     // Load the resource
     $resource = new Resource($this->database);
     if ($alias && !$resource->loadAlias($alias)) {
         App::abort(404, Lang::txt('COM_RESOURCES_RESOURCE_NOT_FOUND'));
         return;
     } elseif (substr($id, 0, 4) == '9999') {
         $resource->id = $id;
         $resource->standalone = 1;
         $resource->path = null;
         $resource->created = Date::of('now')->format('Y-m-d 00:00:00');
     } elseif (!$resource->load($id)) {
         App::abort(404, Lang::txt('COM_RESOURCES_RESOURCE_NOT_FOUND'));
         return;
     }
     // Check if the resource is for logged-in users only and the user is logged-in
     if ($token = Request::getVar('token', '', 'get')) {
         $token = base64_decode($token);
         $key = App::hash(@$_SERVER['HTTP_USER_AGENT']);
         $crypter = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key));
         $session_id = $crypter->decrypt($token);
         $session = \Hubzero\Session\Helper::getSession($session_id);
         $user = User::getInstance($session->userid);
         $user->guest = 0;
         $user->id = $session->userid;
         $user->usertype = $session->usertype;
     } else {
         $user = User::getRoot();
     }
     if ($resource->access == 1 && $user->get('guest')) {
         App::abort(403, Lang::txt('COM_RESOURCES_ALERTNOTAUTH'));
         return;
     }
     // Check if the resource is "private" and the user is allowed to view it
     if ($resource->access == 4 || $resource->access == 3 || !$resource->standalone) {
         if ($this->checkGroupAccess($resource, $user)) {
             App::abort(403, Lang::txt('COM_RESOURCES_ALERTNOTAUTH'));
             return;
         }
     }
     if ($resource->standalone && !$resource->path) {
         $resource->path = DS . trim($this->config->get('uploadpath', '/site/resources'), DS) . Html::build_path($resource->created, $resource->id, '') . DS . 'media' . DS . Request::getVar('file');
     }
     $resource->path = trim($resource->path);
     // Ensure we have a path
     // Ensure resource is published - stemedhub #472
     if (empty($resource->path) && $resource->published != 1) {
         App::abort(404, Lang::txt('COM_RESOURCES_FILE_NOT_FOUND'));
         return;
     }
     // Get the configured upload path
     $base_path = $this->config->get('uploadpath', '/site/resources');
     if ($base_path) {
         $base_path = DS . trim($base_path, DS);
     }
     // Does the path start with a slash?
     if (substr($resource->path, 0, 1) != DS) {
         $resource->path = DS . $resource->path;
         // Does the beginning of the $resource->path match the config path?
         if (substr($resource->path, 0, strlen($base_path)) == $base_path) {
             // Yes - this means the full path got saved at some point
         } else {
             // No - append it
             $resource->path = $base_path . $resource->path;
         }
     }
     // Add root path
     $filename = PATH_APP . $resource->path;
     // Ensure the file exist
     if (!file_exists($filename)) {
         App::abort(404, Lang::txt('COM_RESOURCES_FILE_NOT_FOUND') . ' ' . $filename);
         return;
     }
     $ext = strtolower(\Filesystem::extension($filename));
     if (!in_array($ext, array('jpg', 'jpeg', 'jpe', 'gif', 'png', 'pdf', 'htm', 'html', 'txt', 'json', 'xml'))) {
         $d = 'attachment';
     }
     // Initiate a new content server and serve up the file
     $xserver = new \Hubzero\Content\Server();
     $xserver->filename($filename);
     $xserver->disposition($d);
     $xserver->acceptranges(false);
     // @TODO fix byte range support
     if (!$xserver->serve()) {
         // Should only get here on error
         throw new Exception(Lang::txt('COM_RESOURCES_SERVER_ERROR'), 500);
     } else {
         exit;
     }
     return;
 }
Exemplo n.º 4
0
 /**
  * Generate a Windows tool invoke URL to redirect to
  *
  * @param   string  $option  Name of the component
  * @return  void
  */
 public function invoke($option)
 {
     $no_html = Request::getInt('no_html', 0);
     $response = new StdClass();
     $response->success = false;
     $response->message = Lang::txt('No invoke URL found.');
     // Check for an imconing token.
     if ($token = Request::getVar('token', '', 'get')) {
         $dtoken = base64_decode($token);
         $key = App::hash(@$_SERVER['HTTP_USER_AGENT']);
         $crypter = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key));
         $session_id = $crypter->decrypt($dtoken);
         $session = \Hubzero\Session\Helper::getSession($session_id);
         $user = User::getInstance($session->userid);
         $user->set('guest', 0);
         $user->set('id', $session->userid);
         $user->set('username', $session->username);
         $ip = $session->ip;
     } else {
         $user = User::getInstance();
         $ip = Request::ip();
     }
     // Is the user validated?
     if ($user->isGuest()) {
         $response->message = Lang::txt('Login is required to perform this action.');
     } else {
         $appid = Request::getVar('appid');
         // Generate the URL
         $url = $this->generateInvokeUrl($option, $appid, $user, $ip);
         if ($url) {
             if (!$token) {
                 $session = App::get('session');
                 $session_id = $session->getId();
                 $key = App::hash(@$_SERVER['HTTP_USER_AGENT']);
                 $crypter = new \Hubzero\Encryption\Encrypter(new \Hubzero\Encryption\Cipher\Simple(), new \Hubzero\Encryption\Key('simple', $key, $key));
                 $token = base64_encode($crypter->encrypt($session_id));
             }
             $rurl = rtrim($this->params->get('invoke_url', 'http://wapps.hubzero.org'), '/') . '/v1?';
             //standaloneUrl=' . $url;
             $params = array();
             $params[] = 'token=' . $token;
             if ($appid) {
                 $params[] = 'appid=' . $appid;
             }
             $params[] = 'standaloneUrl=' . $url;
             $rurl .= implode('&', $params);
             $response->success = true;
             $response->message = $rurl;
             if (!$no_html) {
                 $this->view('invoke', 'display')->set('url', $rurl)->set('rurl', $_SERVER['HTTP_REFERER'])->display();
                 exit;
                 App::redirect($url);
             }
         }
     }
     if (!$no_html) {
         App::abort(404, Lang::txt('No invoke URL found.'));
     }
     $response = json_encode($response);
     if ($callback = Request::getVar('callback')) {
         $response = $callback . '(' . $response . ')';
     }
     echo $response;
     exit;
 }
Exemplo n.º 5
0
 /**
  * Display module contents for Admin
  *
  * @return  void
  */
 public function displayAdmin()
 {
     if (!\App::isAdmin()) {
         return;
     }
     // get active sessions (users online)
     $this->rows = SessionHelper::getAllSessions(array('guest' => 0, 'distinct' => 1));
     // Get the view
     require $this->getLayoutPath('default_admin');
 }
Exemplo n.º 6
0
 /**
  * Show the current user activity
  *
  * @return  void
  */
 public function activityTask()
 {
     // Set the page title
     Document::setTitle(Lang::txt(strtoupper($this->_option)) . ': ' . Lang::txt(strtoupper($this->_task)));
     // Set the pathway
     if (Pathway::count() <= 0) {
         Pathway::append(Lang::txt(strtoupper($this->_option)), 'index.php?option=' . $this->_option);
     }
     Pathway::append(Lang::txt(strtoupper($this->_task)), 'index.php?option=' . $this->_option . '&task=' . $this->_task);
     // Check if they're logged in
     if (User::isGuest()) {
         $rtrn = Request::getVar('REQUEST_URI', Route::url('index.php?option=' . $this->_controller . '&task=activity', false, true), 'server');
         App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode($rtrn), false));
     }
     // Check authorization
     if (!User::authorise('core.manage', $this->_option)) {
         App::redirect(Route::url('index.php?option=' . $this->_option));
     }
     // Get logged-in users
     $prevuser = '';
     $user = array();
     $users = array();
     $guests = array();
     // get sessions
     $result = SessionHelper::getAllSessions(array('guest' => 0));
     if ($result && count($result) > 0) {
         foreach ($result as $row) {
             $row->idle = time() - $row->time;
             if ($prevuser != $row->username) {
                 if ($user) {
                     $profile = Member::oneOrNew($prevuser);
                     $users[$prevuser] = $user;
                     $users[$prevuser]['uidNumber'] = $profile->get('id');
                     $users[$prevuser]['name'] = $profile->get('name');
                     $users[$prevuser]['org'] = $profile->get('organization');
                     $users[$prevuser]['orgtype'] = $profile->get('orgtype');
                     $users[$prevuser]['countryresident'] = $profile->get('countryresident');
                 }
                 $prevuser = $row->username;
                 $user = array();
             }
             array_push($user, array('ip' => $row->ip, 'idle' => $row->idle));
         }
         if ($user) {
             $profile = Member::oneOrNew($prevuser);
             $users[$prevuser] = $user;
             $users[$prevuser]['uidNumber'] = $profile->get('id');
             $users[$prevuser]['name'] = $profile->get('name');
             $users[$prevuser]['org'] = $profile->get('organization');
             $users[$prevuser]['orgtype'] = $profile->get('orgtype');
             $users[$prevuser]['countryresident'] = $profile->get('countryresident');
         }
     }
     // get sessions
     $result = SessionHelper::getAllSessions(array('guest' => 1));
     if (count($result) > 0) {
         foreach ($result as $row) {
             $row->idle = time() - $row->time;
             array_push($guests, array('ip' => $row->ip, 'idle' => $row->idle));
         }
     }
     // Output View
     $this->view->set('title', Lang::txt('Active Users and Guests'))->set('users', $users)->set('guests', $guests)->setErrors($this->getErrors())->display();
 }