/**
* Saves the content of a form editing new or existing records. It returns the same form + status messages rendered into the current view, inherited from ActionController
*
* @param array $pa_options Array of options passed through to _initView and saveBundlesForScreen()
*/
public function Save($pa_options = null)
{
list($vn_subject_id, $t_subject, $t_ui) = $this->_initView($pa_options);
if (!is_array($pa_options)) {
$pa_options = array();
}
$vs_message = '';
$vs_auth_table_name = $this->ops_table_name;
if (in_array($this->ops_table_name, array('ca_object_representations', 'ca_representation_annotations'))) {
$vs_auth_table_name = 'ca_objects';
}
if (!sizeof($_POST)) {
$this->notification->addNotification(_t("Cannot save using empty request. Are you using a bookmark?"), __NOTIFICATION_TYPE_ERROR__);
$this->render('screen_html.php');
return;
}
// set "context" id from those editors that need to restrict idno lookups to within the context of another field value (eg. idno's for ca_list_items are only unique within a given list_id)
$vn_context_id = null;
if ($vs_idno_context_field = $t_subject->getProperty('ID_NUMBERING_CONTEXT_FIELD')) {
if ($vn_subject_id > 0) {
$this->view->setVar('_context_id', $vn_context_id = $t_subject->get($vs_idno_context_field));
}
if ($vn_context_id) {
$t_subject->set($vs_idno_context_field, $vn_context_id);
}
}
if (!($vs_type_name = $t_subject->getTypeName())) {
$vs_type_name = $t_subject->getProperty('NAME_SINGULAR');
}
if ($vn_subject_id && !$t_subject->getPrimaryKey()) {
$this->notification->addNotification(_t("%1 does not exist", $vs_type_name), __NOTIFICATION_TYPE_ERROR__);
return;
}
# trigger "BeforeSaveItem" hook
$this->opo_app_plugin_manager->hookBeforeSaveItem(array('id' => $vn_subject_id, 'table_num' => $t_subject->tableNum(), 'table_name' => $t_subject->tableName(), 'instance' => $t_subject, 'is_insert' => $vb_is_insert));
$vb_is_insert = !$t_subject->getPrimaryKey();
// Set access and status
if (strlen($vn_access = ContributePlugin::getFormSetting('access'))) {
$t_subject->set("access", $vn_access);
}
if (strlen($vn_status = ContributePlugin::getFormSetting('status'))) {
$t_subject->set("status", $vn_status);
}
$vb_save_rc = $t_subject->saveBundlesForScreen($this->request->getActionExtra(), $this->request, array_merge($pa_options, array('ui_instance' => $t_ui)));
$this->view->setVar('t_ui', $t_ui);
if (!$vn_subject_id) {
$vn_subject_id = $t_subject->getPrimaryKey();
if (!$vb_save_rc) {
$vs_message = "";
} else {
if (isset($pa_options['setNotifictionOnSuccess']) && $pa_options['setNotifictionOnSuccess']) {
$vs_message = _t("Added %1", $vs_type_name);
}
$this->request->setParameter($t_subject->primaryKey(), $vn_subject_id, 'GET');
$this->view->setVar($t_subject->primaryKey(), $vn_subject_id);
$this->view->setVar('subject_id', $vn_subject_id);
$this->request->session->setVar($this->ops_table_name . '_browse_last_id', $vn_subject_id);
// set last edited
}
} else {
$vs_message = _t("Saved changes to %1", $vs_type_name);
}
$va_errors = $this->request->getActionErrors();
// all errors from all sources
$va_general_errors = $this->request->getActionErrors('general');
// just "general" errors - ones that are not attached to a specific part of the form
if (is_array($va_general_errors) && sizeof($va_general_errors) > 0) {
foreach ($va_general_errors as $o_e) {
$this->notification->addNotification($o_e->getErrorDescription(), __NOTIFICATION_TYPE_ERROR__);
}
}
if (sizeof($va_errors) + sizeof($va_general_errors) > 0) {
$va_error_list = array();
$vb_no_save_error = false;
foreach ($va_errors as $o_e) {
$va_error_list[$o_e->getErrorDescription()] = "<li>" . $o_e->getErrorDescription() . "</li>\n";
switch ($o_e->getErrorNumber()) {
case 1100:
// duplicate/invalid idno
if (!$vn_subject_id) {
// can't save new record if idno is not valid (when updating everything but idno is saved if it is invalid)
$vb_no_save_error = true;
}
break;
}
}
if ($vb_no_save_error) {
$this->notification->addNotification(_t("There are errors preventing <strong>ALL</strong> information from being saved. Correct the problems and click \"save\" again.\n<ul>") . join("\n", $va_error_list) . "</ul>", __NOTIFICATION_TYPE_ERROR__);
} else {
if ($vs_message) {
$this->notification->addNotification($vs_message, __NOTIFICATION_TYPE_INFO__);
}
$this->notification->addNotification(_t("There are errors preventing information in specific fields from being saved as noted below.\n<ul>") . join("\n", $va_error_list) . "</ul>", __NOTIFICATION_TYPE_ERROR__);
}
$this->render('screen_html.php');
} else {
if ($vs_message) {
$this->notification->addNotification($vs_message, __NOTIFICATION_TYPE_INFO__);
}
$this->opo_result_context->invalidateCache();
$this->opo_result_context->saveContext();
# trigger "SaveItem" hook
$this->opo_app_plugin_manager->hookSaveItem(array('id' => $vn_subject_id, 'table_num' => $t_subject->tableNum(), 'table_name' => $t_subject->tableName(), 'instance' => $t_subject, 'is_insert' => $vb_is_insert));
if ((bool) $this->opa_ui_info['set_post_submission_notification']) {
if ($t_subject->tableName() == 'ca_objects' && $t_subject->getRepresentationCount() > 0) {
$this->notification->addNotification($this->opa_ui_info['post_submission_notification_message_with_media'], __NOTIFICATION_TYPE_INFO__);
} else {
$this->notification->addNotification($this->opa_ui_info['post_submission_notification_message'], __NOTIFICATION_TYPE_INFO__);
}
}
# --- check if email notification should be sent to administrator
if ($this->opo_plugin_config->get('admin_email_notification') && $this->opo_plugin_config->get('admin_email_notification_address')) {
$vs_app_name = __CA_APP_DISPLAY_NAME__;
$vs_app_url = __CA_SITE_HOSTNAME__;
$vs_record_name = $t_subject->getLabelForDisplay();
# -- generate mail text from template - get both html and text versions
ob_start();
require __CA_APP_DIR__ . "/plugins/Contribute/themes/" . $this->ops_theme . "/views/mailTemplates/contribute_admin_notification_email_text.tpl";
$vs_mail_message_text = ob_get_contents();
ob_end_clean();
ob_start();
require __CA_APP_DIR__ . "/plugins/Contribute/themes/" . $this->ops_theme . "/views/mailTemplates/contribute_admin_notification_email_html.tpl";
$vs_mail_message_html = ob_get_contents();
ob_end_clean();
if (!caSendmail($this->opo_plugin_config->get('admin_email_notification_address'), $this->opo_plugin_config->get('admin_email_notification_address'), _t($vs_app_name . " Contribute notification"), $vs_mail_message_text, $vs_mail_message_html)) {
$this->notification->addNotification(_t("Admin notification email was not sent"), "message");
}
}
switch ($this->opa_ui_info['post_submission_destination']) {
case 'url':
$vs_url = caNavUrl($this->request, $this->opa_ui_info['post_submission_destination_url']['module'], $this->opa_ui_info['post_submission_destination_url']['controller'], $this->opa_ui_info['post_submission_destination_url']['action']);
$this->response->setRedirect($vs_url);
break;
case 'splash':
if ($vs_default_action = $this->request->config->get('default_action')) {
$va_tmp = explode('/', $vs_default_action);
$vs_action = array_pop($va_tmp);
if (sizeof($va_tmp)) {
$vs_controller = array_pop($va_tmp);
}
if (sizeof($va_tmp)) {
$vs_module_path = join('/', $va_tmp);
}
} else {
$vs_controller = 'Splash';
$vs_action = 'Index';
}
$vs_url = caNavUrl($this->request, $vs_module_path, $vs_controller, $vs_action);
$this->response->setRedirect($vs_url);
break;
case 'last_page':
if (!($vs_url = $this->request->session->getVar('pawtucket2_last_page'))) {
$vs_action = $vs_controller = $vs_module_path = '';
if ($vs_default_action = $this->request->config->get('default_action')) {
$va_tmp = explode('/', $vs_default_action);
$vs_action = array_pop($va_tmp);
if (sizeof($va_tmp)) {
$vs_controller = array_pop($va_tmp);
}
if (sizeof($va_tmp)) {
$vs_module_path = join('/', $va_tmp);
}
} else {
$vs_controller = 'Splash';
$vs_action = 'Index';
}
$vs_url = caNavUrl($this->request, $vs_module_path, $vs_controller, $vs_action);
}
$this->response->setRedirect($vs_url);
break;
case 'page':
default:
$this->render('result_html.php');
break;
}
}
}
public function saveCommentRanking()
{
if (!($t_item = $this->opo_datamodel->getInstanceByTableName($this->ops_tablename))) {
die("Invalid table name " . $this->ops_tablename . " for saving comment");
}
if (!($vn_item_id = $this->request->getParameter($t_item->primaryKey(), pInteger))) {
$this->notification->addNotification(_t("Invalid ID"), "message");
$this->response->setRedirect(caNavUrl($this->request, "", "", "", ""));
return;
}
if (!$t_item->load($vn_item_id)) {
$this->notification->addNotification(_t("ID does not exist"), "message");
$this->response->setRedirect(caNavUrl($this->request, "", "", "", ""));
return;
}
# --- get params from form
$ps_comment = $this->request->getParameter('comment', pString);
$pn_rank = $this->request->getParameter('rank', pInteger);
$ps_tags = $this->request->getParameter('tags', pString);
$ps_email = $this->request->getParameter('email', pString);
$ps_name = $this->request->getParameter('name', pString);
$ps_media1 = $_FILES['media1']['tmp_name'];
$ps_media1_original_name = $_FILES['media1']['name'];
if ($ps_comment || $pn_rank || $ps_tags || $ps_media1) {
if (!($pn_rank > 0 && $pn_rank <= 5)) {
$pn_rank = null;
}
if ($ps_comment || $pn_rank || $ps_media1) {
$t_item->addComment($ps_comment, $pn_rank, $this->request->getUserID(), null, $ps_name, $ps_email, $this->request->config->get("dont_moderate_comments") ? 1 : 0, null, array('media1_original_filename' => $ps_media1_original_name), $ps_media1);
}
if ($ps_tags) {
$va_tags = array();
$va_tags = explode(",", $ps_tags);
foreach ($va_tags as $vs_tag) {
$t_item->addTag(trim($vs_tag), $this->request->getUserID(), null, $this->request->config->get("dont_moderate_comments") ? 1 : 0, null);
}
}
if ($ps_comment || $ps_tags || $ps_media1) {
if ($this->request->config->get("dont_moderate_comments")) {
$this->notification->addNotification(_t("Thank you for contributing."), "message");
} else {
$this->notification->addNotification(_t("Thank you for contributing. Your comments will be posted on this page after review by site staff."), "message");
}
# --- check if email notification should be sent to admin
if (!$this->request->config->get("dont_email_notification_for_new_comments")) {
# --- send email confirmation
# -- generate mail subject line
ob_start();
require $this->request->getViewsDirectoryPath() . "/mailTemplates/admin_comment_notification_subject.tpl";
$vs_subject_line = ob_get_contents();
ob_end_clean();
# -- generate mail text from template - get both html and text versions
ob_start();
require $this->request->getViewsDirectoryPath() . "/mailTemplates/admin_comment_notification.tpl";
$vs_mail_message_text = ob_get_contents();
ob_end_clean();
ob_start();
require $this->request->getViewsDirectoryPath() . "/mailTemplates/admin_comment_notification_html.tpl";
$vs_mail_message_html = ob_get_contents();
ob_end_clean();
caSendmail($this->request->config->get("ca_admin_email"), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
}
} else {
$this->notification->addNotification(_t("Thank you for your contribution."), "message");
}
}
$this->Show();
}
/**
*
*/
public function SendShare()
{
$va_errors = array();
$ps_tablename = $this->request->getParameter('tablename', pString);
$pn_item_id = $this->request->getParameter('item_id', pInteger);
if (!($t_item = $this->opo_datamodel->getInstanceByTableName($ps_tablename, true))) {
die("Invalid table name " . $ps_tablename . " for detail");
// shouldn't happen
}
if (!$t_item->load($pn_item_id)) {
$this->view->setVar("message", _t("ID does not exist"));
$this->render("Form/reload_html.php");
return;
}
$o_purifier = new HTMLPurifier();
$ps_to_email = $o_purifier->purify($this->request->getParameter('to_email', pString));
$ps_from_email = $o_purifier->purify($this->request->getParameter('from_email', pString));
$ps_from_name = $o_purifier->purify($this->request->getParameter('from_name', pString));
$ps_subject = $o_purifier->purify($this->request->getParameter('subject', pString));
$ps_message = $o_purifier->purify($this->request->getParameter('message', pString));
$pn_security = $this->request->getParameter('security', pInteger);
$pn_sum = $this->request->getParameter('sum', pInteger);
# --- check vars are set and email addresses are valid
$va_to_email = array();
$va_to_email_process = array();
if (!$ps_to_email) {
$va_errors["to_email"] = _t("Please enter a valid email address or multiple addresses separated by commas");
} else {
# --- explode on commas to support multiple addresses - then check each one
$va_to_email_process = explode(",", $ps_to_email);
foreach ($va_to_email_process as $vs_email_to_verify) {
$vs_email_to_verify = trim($vs_email_to_verify);
if (caCheckEmailAddress($vs_email_to_verify)) {
$va_to_email[$vs_email_to_verify] = "";
} else {
$ps_to_email = "";
$va_errors["to_email"] = _t("Please enter a valid email address or multiple addresses separated by commas");
}
}
}
if (!$ps_from_email || !caCheckEmailAddress($ps_from_email)) {
$ps_from_email = "";
$va_errors["from_email"] = _t("Please enter a valid email address");
}
if (!$ps_from_name) {
$va_errors["from_name"] = _t("Please enter your name");
}
if (!$ps_subject) {
$va_errors["subject"] = _t("Please enter a subject");
}
if (!$ps_message) {
$va_errors["message"] = _t("Please enter a message");
}
if (!$this->request->isLoggedIn()) {
# --- check for security answer if not logged in
if (!$pn_security) {
$va_errors["security"] = _t("Please answer the security question.");
} else {
if ($pn_security != $pn_sum) {
$va_errors["security"] = _t("Your answer was incorrect, please try again");
}
}
}
$this->view->setVar('t_item', $t_item);
$this->view->setVar('item_id', $pn_item_id);
$this->view->setVar('tablename', $ps_tablename);
if (sizeof($va_errors) == 0) {
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
$o_view->setVar("item", $t_item);
$o_view->setVar("item_id", $pn_item_id);
$o_view->setVar("from_name", $ps_from_name);
$o_view->setVar("message", $ps_message);
$o_view->setVar("detailConfig", $this->config);
# -- generate mail text from template - get both html and text versions
if ($ps_tablename == "ca_objects") {
$vs_mail_message_text = $o_view->render("mailTemplates/share_object_email_text.tpl");
} else {
$vs_mail_message_text = $o_view->render("mailTemplates/share_email_text.tpl");
}
if ($ps_tablename == "ca_objects") {
$vs_mail_message_html = $o_view->render("/mailTemplates/share_object_email_html.tpl");
} else {
$vs_mail_message_html = $o_view->render("/mailTemplates/share_email_html.tpl");
}
$va_media = null;
if ($ps_tablename == "ca_objects") {
# --- get media for attachment
$vs_media_version = "";
# Media representation to email
# --- version is set in media_display.conf.
if (method_exists($t_item, 'getPrimaryRepresentationInstance')) {
if ($t_primary_rep = $t_item->getPrimaryRepresentationInstance()) {
if (!sizeof($this->opa_access_values) || in_array($t_primary_rep->get('access'), $this->opa_access_values)) {
// check rep access
$va_media = array();
$va_rep_display_info = caGetMediaDisplayInfo('email', $t_primary_rep->getMediaInfo('media', 'INPUT', 'MIMETYPE'));
$vs_media_version = $va_rep_display_info['display_version'];
$va_media['path'] = $t_primary_rep->getMediaPath('media', $vs_media_version);
$va_media_info = $t_primary_rep->getFileInfo('media', $vs_media_version);
if (!($va_media['name'] = $va_media_info['ORIGINAL_FILENAME'])) {
$va_media['name'] = $va_media_info[$vs_media_version]['FILENAME'];
}
# --- this is the mimetype of the version being downloaded
$va_media["mimetype"] = $va_media_info[$vs_media_version]['MIMETYPE'];
}
}
}
}
if (caSendmail($va_to_email, array($ps_from_email => $ps_from_name), $ps_subject, $vs_mail_message_text, $vs_mail_message_html, null, null, $va_media)) {
$this->view->setVar("message", _t("Your email was sent"));
$this->render("Form/reload_html.php");
return;
} else {
$va_errors["general"] = _t("Your email could not be sent");
}
}
if (sizeof($va_errors)) {
# --- there were errors in the form data, so reload form with errors displayed - pass params to preload form
$this->view->setVar('to_email', $ps_to_email);
$this->view->setVar('from_email', $ps_from_email);
$this->view->setVar('from_name', $ps_from_name);
$this->view->setVar('subject', $ps_subject);
$this->view->setVar('message', $ps_message);
$this->view->setVar('errors', $va_errors);
$va_errors["general"] = _t("There were errors in your form");
$this->ShareForm();
} else {
$this->view->setVar("message", _t("Your message was sent"));
$this->render("Form/reload_html.php");
return;
}
}
public function Save()
{
AssetLoadManager::register('tableList');
$t_user = $this->getUserObject();
$this->opo_app_plugin_manager->hookBeforeUserSaveData(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user));
$vb_send_activation_email = false;
if ($t_user->get("user_id") && $this->request->config->get("email_user_when_account_activated") && $_REQUEST["active"] != $t_user->get("active")) {
$vb_send_activation_email = true;
}
$t_user->setMode(ACCESS_WRITE);
foreach ($t_user->getFormFields() as $vs_f => $va_field_info) {
// dont get/set password if backend doesn't support it
if ($vs_f == 'password' && !AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_UPDATE_PASSWORDS__)) {
continue;
}
$t_user->set($vs_f, $_REQUEST[$vs_f]);
if ($t_user->numErrors()) {
$this->request->addActionErrors($t_user->errors(), 'field_' . $vs_f);
}
}
if ($this->request->getParameter('entity_id', pInteger) == 0) {
$t_user->set('entity_id', null);
}
if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_UPDATE_PASSWORDS__)) {
if ($this->request->getParameter('password', pString) != $this->request->getParameter('password_confirm', pString)) {
$this->request->addActionError(new ApplicationError(1050, _t("Password does not match confirmation. Please try again."), "administrate/UserController->Save()", '', false, false), 'field_password');
}
}
AppNavigation::clearMenuBarCache($this->request);
// clear menu bar cache since changes may affect content
if ($this->request->numActionErrors() == 0) {
if (!$t_user->getPrimaryKey()) {
$t_user->insert();
$vs_message = _t("Added user");
} else {
$t_user->update();
$vs_message = _t("Saved changes to user");
}
$this->opo_app_plugin_manager->hookAfterUserSaveData(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user));
if ($t_user->numErrors()) {
foreach ($t_user->errors() as $o_e) {
$this->request->addActionError($o_e, 'general');
$this->notification->addNotification($o_e->getErrorDescription(), __NOTIFICATION_TYPE_ERROR__);
}
} else {
// Save roles
$va_set_user_roles = $this->request->getParameter('roles', pArray);
if (!is_array($va_set_user_roles)) {
$va_set_user_roles = array();
}
$va_existing_user_roles = $t_user->getUserRoles();
$va_role_list = $t_user->getRoleList();
foreach ($va_role_list as $vn_role_id => $va_role_info) {
if ($va_existing_user_roles[$vn_role_id] && !in_array($vn_role_id, $va_set_user_roles)) {
// remove role
$t_user->removeRoles($vn_role_id);
continue;
}
if (!$va_existing_user_roles[$vn_role_id] && in_array($vn_role_id, $va_set_user_roles)) {
// add role
$t_user->addRoles($vn_role_id);
continue;
}
}
// Save groups
$va_set_user_groups = $this->request->getParameter('groups', pArray);
if (!is_array($va_set_user_groups)) {
$va_set_user_groups = array();
}
$va_existing_user_groups = $t_user->getUserGroups();
$va_group_list = $t_user->getGroupList();
foreach ($va_group_list as $vn_group_id => $va_group_info) {
if ($va_existing_user_groups[$vn_group_id] && !in_array($vn_group_id, $va_set_user_groups)) {
// remove group
$t_user->removeFromGroups($vn_group_id);
continue;
}
if (!$va_existing_user_groups[$vn_group_id] && in_array($vn_group_id, $va_set_user_groups)) {
// add group
$t_user->addToGroups($vn_group_id);
continue;
}
}
// Save profile prefs
$va_profile_prefs = $t_user->getValidPreferences('profile');
if (is_array($va_profile_prefs) && sizeof($va_profile_prefs)) {
$this->opo_app_plugin_manager->hookBeforeUserSavePrefs(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user));
$va_changed_prefs = array();
foreach ($va_profile_prefs as $vs_pref) {
if ($this->request->getParameter('pref_' . $vs_pref, pString) != $t_user->getPreference($vs_pref)) {
$va_changed_prefs[$vs_pref] = true;
}
$t_user->setPreference($vs_pref, $this->request->getParameter('pref_' . $vs_pref, pString));
}
$t_user->update();
$this->opo_app_plugin_manager->hookAfterUserSavePrefs(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user, 'modified_prefs' => $va_changed_prefs));
}
if ($vb_send_activation_email) {
# --- send email confirmation
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
# -- generate email subject line from template
$vs_subject_line = $o_view->render("mailTemplates/account_activation_subject.tpl");
# -- generate mail text from template - get both the text and the html versions
$vs_mail_message_text = $o_view->render("mailTemplates/account_activation.tpl");
$vs_mail_message_html = $o_view->render("mailTemplates/account_activation_html.tpl");
caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
}
$this->notification->addNotification($vs_message, __NOTIFICATION_TYPE_INFO__);
}
} else {
$this->notification->addNotification(_t("Your entry has errors. See below for details."), __NOTIFICATION_TYPE_ERROR__);
}
if ($this->request->numActionErrors()) {
$this->render('user_edit_html.php');
} else {
// success
// If we are editing the user record of the currently logged in user
// we have a problem: the request object flushes out changes to its own user object
// for the logged-in user at the end of the request overwriting any changes we've made.
//
// To avoid this we check here to see if we're editing the currently logged-in
// user and reload the request's copy if needed.
if ($t_user->getPrimaryKey() == $this->request->user->getPrimaryKey()) {
$this->request->user->load($t_user->getPrimaryKey());
}
$this->ListUsers();
}
}
function resetSave()
{
MetaTagManager::setWindowTitle($this->request->config->get("app_display_name") . ": " . _t("Reset Password"));
$ps_action = $this->request->getParameter('action', pString);
if (!$ps_action) {
$ps_action = "reset";
}
$ps_key = $this->request->getParameter('key', pString);
$ps_key = preg_replace("/[^A-Za-z0-9]+/", "", $ps_key);
$this->view->setVar("key", $ps_key);
$this->view->setVar("email", $this->request->config->get("ca_admin_email"));
$o_check_key = new Db();
$qr_check_key = $o_check_key->query("\n\t\t\t\tSELECT user_id \n\t\t\t\tFROM ca_users \n\t\t\t\tWHERE\n\t\t\t\t\tmd5(concat(concat(user_id, '/'), password)) = ?\n\t\t\t", $ps_key);
#
# Check reset key
#
if (!$qr_check_key->nextRow() || !($vs_user_id = $qr_check_key->get("user_id"))) {
$this->view->setVar("action", "reset_failure");
$this->view->setVar("message", _t("Your password could not be reset"));
$this->render('LoginReg/form_reset_html.php');
} else {
$ps_password = $this->request->getParameter('password', pString);
$ps_password_confirm = $this->request->getParameter('password_confirm', pString);
switch ($ps_action) {
case 'reset_save':
if (!$ps_password || !$ps_password_confirm) {
$this->view->setVar("message", _t("Please enter and re-type your password."));
$ps_action = "reset";
break;
}
if ($ps_password != $ps_password_confirm) {
$this->view->setVar("message", _t("Passwords do not match. Please try again."));
$ps_action = "reset";
break;
}
$t_user = new ca_users();
$t_user->purify(true);
$t_user->load($vs_user_id);
# verify user exists with this e-mail address
if ($t_user->getPrimaryKey()) {
# user with e-mail already exists...
$t_user->setMode(ACCESS_WRITE);
$t_user->set("password", $ps_password);
$t_user->update();
if ($t_user->numErrors()) {
$this->notification->addNotification(join("; ", $t_user->getErrors()), __NOTIFICATION_TYPE_INFO__);
$ps_action = "reset_failure";
} else {
$ps_action = "reset_success";
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
# -- generate email subject
$vs_subject_line = $o_view->render("mailTemplates/notification_subject.tpl");
# -- generate mail text from template - get both the html and text versions
$vs_mail_message_text = $o_view->render("mailTemplates/notification.tpl");
$vs_mail_message_html = $o_view->render("mailTemplates/notification_html.tpl");
caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
}
break;
} else {
$this->notification->addNotification(_t("Invalid user"), __NOTIFICATION_TYPE_INFO__);
$ps_action = "reset_failure";
}
}
$this->view->setVar("action", $ps_action);
$this->render('LoginReg/form_reset_html.php');
}
}
/**
* Sends mail message using specified view and variable to merge
*
* Parameters are:
*
* $pa_to: Email address(es) of message recipients. Can be a string containing a single email address or
* an associative array with keys set to multiple addresses and corresponding values optionally set to
* a human-readable recipient name.
* $pa_from: The email address of the message sender. Can be a string containing a single email address or
* an associative array with keys set to multiple addresses and corresponding values optionally set to
* a human-readable sender name.
* $ps_subject: The subject line of the message
* $ps_view: The name of a view in the 'mailTemplates' view directory
* $pa_values: An array of values
* $pa_cc: Email address(es) of cc'ed message recipients. Can be a string containing a single email address or
* an associative array with keys set to multiple addresses and corresponding values optionally set to
* a human-readable recipient name. (optional)
* $pa_bcc: Email address(es) of bcc'ed message recipients. Can be a string containing a single email address or
* an associative array with keys set to multiple addresses and corresponding values optionally set to
* a human-readable recipient name. (optional)
*
* @return string True if send, false if error
*/
function caSendMessageUsingView($po_request, $pa_to, $pa_from, $ps_subject, $ps_view, $pa_values, $pa_cc = null, $pa_bcc = null)
{
$vs_view_path = is_object($po_request) ? $po_request->getViewsDirectoryPath() : __CA_BASE_DIR__ . '/themes/default/views';
$o_view = new View(null, $vs_view_path . "/mailTemplates");
foreach ($pa_values as $vs_key => $vm_val) {
$o_view->setVar($vs_key, $vm_val);
}
return caSendmail($pa_to, $pa_from, $ps_subject, null, $o_view->render($ps_view), $pa_cc, $pa_bcc);
}
public function saveComment()
{
$va_errors = array();
$t_siteComments = new SiteComments();
# --- get params from form
$pn_rank = $this->request->getParameter('rank', pInteger);
$ps_tags = $this->request->getParameter('tags', pString);
$ps_comment = $this->request->getParameter('comment', pString);
if (!$ps_comment) {
$va_errors["comment"] = _t("Please enter your comment.");
}
if ($this->request->isLoggedIn()) {
$ps_email = $this->request->user->get("email");
} else {
$ps_email = $this->request->getParameter('email', pString);
if (!$ps_email) {
$va_errors["email"] = _t("Please enter your email address.");
}
$ps_name = $this->request->getParameter('name', pString);
if (!$ps_name) {
$va_errors["name"] = _t("Please enter your name.");
}
}
if (sizeof($va_errors) == 0) {
if (!($pn_rank > 0 && $pn_rank <= 5)) {
$pn_rank = null;
}
# --- if logged in grab the email address from the user record
if ($ps_comment || $pn_rank) {
$t_siteComments->addComment($ps_comment, $pn_rank, $this->request->getUserID(), null, $ps_name, $ps_email, $this->request->config->get("dont_moderate_comments") ? 1 : 0, null);
}
if ($ps_tags) {
$va_tags = array();
$va_tags = explode(",", $ps_tags);
foreach ($va_tags as $vs_tag) {
$t_siteComments->addTag(trim($vs_tag), $this->request->getUserID(), null, $this->request->config->get("dont_moderate_comments") ? 1 : 0, null);
}
}
if ($ps_comment || $ps_tags) {
if ($this->request->config->get("dont_moderate_comments")) {
$this->notification->addNotification(_t("Thank you for contributing."), "message");
} else {
$this->notification->addNotification(_t("Thank you for contributing. Your comments will be posted on this page after review by site staff."), "message");
}
# --- check if email notification should be sent to admin
if (!$this->request->config->get("dont_email_notification_for_new_comments")) {
# --- send email confirmation
# -- generate mail text from template
ob_start();
require $this->request->getViewsDirectoryPath() . "/mailTemplates/admin_comment_notification.tpl";
$vs_mail_message = ob_get_contents();
ob_end_clean();
caSendmail($this->request->config->get("ca_admin_email"), $this->request->config->get("ca_admin_email"), "[" . $this->request->config->get("app_display_name") . "] " . _t("New user comment/tag"), $vs_mail_message);
}
} else {
$this->notification->addNotification(_t("Thank you for your contribution."), "message");
}
} else {
$this->view->setVar('errors', $va_errors);
$this->view->setVar('name', $ps_name);
$this->view->setVar('email', $ps_email);
$this->view->setVar('comment', $ps_comment);
}
$this->Index();
}
function saveShareSet()
{
if (!$this->request->isLoggedIn()) {
$this->response->setRedirect(caNavUrl($this->request, '', 'LoginReg', 'loginForm'));
return;
}
$t_set = $this->_getSet(__CA_SET_EDIT_ACCESS__);
$o_purifier = new HTMLPurifier();
$ps_user = $o_purifier->purify($this->request->getParameter('user', pString));
# --- ps_user can be list of emails separated by comma
$va_users = explode(", ", $ps_user);
$pn_group_id = $this->request->getParameter('group_id', pInteger);
if (!$pn_group_id && !$ps_user) {
$va_errors["general"] = _t("Please select a user or group");
}
$pn_access = $this->request->getParameter('access', pInteger);
if (!$pn_access) {
$va_errors["access"] = _t("Please select an access level");
}
if (sizeof($va_errors) == 0) {
if ($pn_group_id) {
$t_sets_x_user_groups = new ca_sets_x_user_groups();
if ($t_sets_x_user_groups->load(array("set_id" => $t_set->get("set_id"), "group_id" => $pn_group_id))) {
$this->view->setVar("message", _t('Group already has access to the lightbox'));
$this->render("Form/reload_html.php");
} else {
$t_sets_x_user_groups->setMode(ACCESS_WRITE);
$t_sets_x_user_groups->set('access', $pn_access);
$t_sets_x_user_groups->set('group_id', $pn_group_id);
$t_sets_x_user_groups->set('set_id', $t_set->get("set_id"));
$t_sets_x_user_groups->insert();
if ($t_sets_x_user_groups->numErrors()) {
$va_errors["general"] = join("; ", $t_sets_x_user_groups->getErrors());
$this->view->setVar('errors', $va_errors);
$this->shareSetForm();
} else {
$t_group = new ca_user_groups($pn_group_id);
$va_group_users = $t_group->getGroupUsers();
if (sizeof($va_group_users)) {
# --- send email to each group user
# --- send email confirmation
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
$o_view->setVar("set", $t_set->getLabelForDisplay());
$o_view->setVar("from_name", trim($this->request->user->get("fname") . " " . $this->request->user->get("lname")));
# -- generate email subject line from template
$vs_subject_line = $o_view->render("mailTemplates/share_set_notification_subject.tpl");
# -- generate mail text from template - get both the text and the html versions
$vs_mail_message_text = $o_view->render("mailTemplates/share_set_notification.tpl");
$vs_mail_message_html = $o_view->render("mailTemplates/share_set_notification_html.tpl");
foreach ($va_group_users as $va_user_info) {
# --- don't send notification to self
if ($this->request->user->get("user_id") != $va_user_info["user_id"]) {
caSendmail($va_user_info["email"], array($this->request->user->get("email") => trim($this->request->user->get("fname") . " " . $this->request->user->get("lname"))), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
}
}
}
$this->view->setVar("message", _t('Shared lightbox with group'));
$this->render("Form/reload_html.php");
}
}
} else {
$va_error_emails = array();
$va_success_emails = array();
$va_error_emails_has_access = array();
$t_user = new ca_users();
foreach ($va_users as $vs_user) {
# --- lookup the user/users
$t_user->load(array("email" => $vs_user));
if ($vn_user_id = $t_user->get("user_id")) {
$t_sets_x_users = new ca_sets_x_users();
if ($vn_user_id == $t_set->get("user_id") || $t_sets_x_users->load(array("set_id" => $t_set->get("set_id"), "user_id" => $vn_user_id))) {
$va_error_emails_has_access[] = $vs_user;
} else {
$t_sets_x_users->setMode(ACCESS_WRITE);
$t_sets_x_users->set('access', $pn_access);
$t_sets_x_users->set('user_id', $vn_user_id);
$t_sets_x_users->set('set_id', $t_set->get("set_id"));
$t_sets_x_users->insert();
if ($t_sets_x_users->numErrors()) {
$va_errors["general"] = _t("There were errors while sharing this lightbox with %1", $vs_user) . join("; ", $t_sets_x_users->getErrors());
$this->view->setVar('errors', $va_errors);
$this->shareSetForm();
} else {
$va_success_emails[] = $vs_user;
$va_success_emails_info[] = array("email" => $vs_user, "name" => trim($t_user->get("fname") . " " . $t_user->get("lname")));
}
}
} else {
$va_error_emails[] = $vs_user;
}
}
if (sizeof($va_error_emails) || sizeof($va_error_emails_has_access)) {
$va_user_errors = array();
if (sizeof($va_error_emails)) {
$va_user_errors[] = _t("The following email(s) you entered do not belong to a registered user: "******", ", $va_error_emails));
}
if (sizeof($va_error_emails_has_access)) {
$va_user_errors[] = _t("The following email(s) you entered already have access to this lightbox: " . implode(", ", $va_error_emails_has_access));
}
if (sizeof($va_success_emails)) {
$this->view->setVar('message', _t('Shared lightbox with: ' . implode(", ", $va_success_emails)));
}
$va_errors["user"] = implode("<br/>", $va_user_errors);
$this->view->setVar('errors', $va_errors);
$this->shareSetForm();
} else {
$this->view->setVar("message", _t('Shared lightbox with: ' . implode(", ", $va_success_emails)));
$this->render("Form/reload_html.php");
}
if (is_array($va_success_emails_info) && sizeof($va_success_emails_info)) {
# --- send email to user
# --- send email confirmation
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
$o_view->setVar("set", $t_set->getLabelForDisplay());
$o_view->setVar("from_name", trim($this->request->user->get("fname") . " " . $this->request->user->get("lname")));
# -- generate email subject line from template
$vs_subject_line = $o_view->render("mailTemplates/share_set_notification_subject.tpl");
# -- generate mail text from template - get both the text and the html versions
$vs_mail_message_text = $o_view->render("mailTemplates/share_set_notification.tpl");
$vs_mail_message_html = $o_view->render("mailTemplates/share_set_notification_html.tpl");
foreach ($va_success_emails as $vs_email) {
caSendmail($vs_email, array($this->request->user->get("email") => trim($this->request->user->get("fname") . " " . $this->request->user->get("lname"))), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
}
}
}
} else {
$this->view->setVar('errors', $va_errors);
$this->shareSetForm();
}
}
public function emailSet()
{
if (!$this->request->isLoggedIn()) {
$this->response->setRedirect(caNavUrl($this->request, '', 'LoginReg', 'form'));
return;
}
global $g_ui_locale_id;
// current locale_id for user
$va_errors_email_set = array();
$t_set = new ca_sets();
$pn_set_id = $this->request->getParameter('set_id', pInteger);
$t_set->load($pn_set_id);
$ps_to_email = $this->request->getParameter('to_email', pString);
$ps_from_email = $this->request->getParameter('from_email', pString);
$ps_from_name = $this->request->getParameter('from_name', pString);
$ps_subject = $this->request->getParameter('subject', pString);
$ps_message = $this->request->getParameter('email_message', pString);
$o_purifier = new HTMLPurifier();
$ps_message = $o_purifier->purify($ps_message);
$ps_to_email = $o_purifier->purify($ps_to_email);
$ps_from_email = $o_purifier->purify($ps_from_email);
$ps_from_name = $o_purifier->purify($ps_from_name);
$ps_subject = $o_purifier->purify($ps_subject);
# --- check vars are set and email addresses are valid
$va_to_email = array();
$va_to_email_process = array();
if (!$ps_to_email) {
$va_errors_email_set["to_email"] = _t("Please enter a valid email address or multiple addresses separated by commas");
} else {
# --- explode on commas to support multiple addresses - then check each one
$va_to_email_process = explode(",", $ps_to_email);
foreach ($va_to_email_process as $vs_email_to_verify) {
$vs_email_to_verify = trim($vs_email_to_verify);
if (caCheckEmailAddress($vs_email_to_verify)) {
$va_to_email[$vs_email_to_verify] = "";
} else {
$ps_to_email = "";
$va_errors_email_set["to_email"] = _t("Please enter a valid email address or multiple addresses separated by commas");
}
}
}
if (!$ps_subject) {
$va_errors_email_set["subject"] = _t("Please enter a subject");
}
if (!$ps_from_email || !caCheckEmailAddress($ps_from_email)) {
$ps_from_email = "";
$va_errors_email_set["from_email"] = _t("Please enter a valid email address");
}
if (!$ps_from_name) {
$va_errors_email_set["from_name"] = _t("Please enter your name");
}
if (sizeof($va_errors_email_set) == 0) {
# -- generate mail text from template - get both html and text versions
ob_start();
require $this->request->getViewsDirectoryPath() . "/Sets/mailTemplates/share_email_text.tpl";
$vs_mail_message_text = ob_get_contents();
ob_end_clean();
ob_start();
require $this->request->getViewsDirectoryPath() . "/Sets/mailTemplates/share_email_html.tpl";
$vs_mail_message_html = ob_get_contents();
ob_end_clean();
if (caSendmail($va_to_email, array($ps_from_email => $ps_from_name), $ps_subject, $vs_mail_message_text, $vs_mail_message_html, null, null, $va_media)) {
$this->notification->addNotification(_t("Your email was sent"), "message");
} else {
$this->notification->addNotification(_t("Your email could not be sent"), "message");
$va_errors_email_set["email"] = 1;
}
}
if (sizeof($va_errors_email_set)) {
# --- there were errors in the form data, so reload form with errors displayed - pass params to preload form
$this->view->setVar('to_email', $ps_to_email);
$this->view->setVar('from_email', $ps_from_email);
$this->view->setVar('from_name', $ps_from_name);
$this->view->setVar('subject', $ps_subject);
$this->view->setVar('email_message', $ps_message);
$this->notification->addNotification(_t("There were errors in your form"), "message");
}
$this->view->setVar('errors_email_set', $va_errors_email_set);
$this->index();
}
public function Send()
{
$o_purifier = new HTMLPurifier();
# --- check for errors
$va_errors = array();
if ($this->config->get("check_security")) {
$ps_security = $this->request->getParameter("security", pString);
if (!$ps_security) {
$va_errors["security"] = true;
} else {
if ($ps_security != $_REQUEST["sum"]) {
$va_errors["security"] = true;
}
}
if ($va_errors["security"]) {
$va_errors["display_errors"]["security_error"] = _t("Please answer the security question");
}
}
$va_fields = $this->config->get("contact_form_elements");
$this->view->setVar("contact_form_elements", $va_fields);
if (is_array($va_fields) && sizeof($va_fields)) {
foreach ($va_fields as $vs_element_name => $va_options) {
$vs_element_value = $o_purifier->purify($this->request->getParameter($vs_element_name, pString));
if ($va_options["required"] && !$vs_element_value) {
$va_errors[$vs_element_name] = true;
$va_errors["display_errors"]["required_error"] = _t("Please enter the required information in the highlighted fields");
}
if ($va_options["email_address"]) {
# --- check if entered value is valid email address
if (!caCheckEmailAddress($vs_element_value)) {
$va_errors["display_errors"]["email_address_error"] = _t("Please enter a valid e-mail address");
$va_errors[$vs_element_name] = true;
}
}
$this->view->setVar($vs_element_name, $vs_element_value);
}
}
if (sizeof($va_errors) == 0) {
# --- send email
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
$o_view->setVar("contact_form_elements", $va_fields);
# -- generate email subject line from template
$vs_subject_line = $o_view->render("mailTemplates/contact_subject.tpl");
# -- generate mail text from template - get both the text and the html versions
$vs_mail_message_text = $o_view->render("mailTemplates/contact.tpl");
$vs_mail_message_html = $o_view->render("mailTemplates/contact_html.tpl");
if (caSendmail($this->config->get("contact_email"), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html)) {
$this->render("Contact/success_html.php");
} else {
$va_errors["display_errors"]["send_error"] = _t("Your email could not be sent");
$this->view->setVar("errors", $va_errors);
$this->form();
}
} else {
$this->view->setVar("errors", $va_errors);
$this->form();
}
}
function resetSave()
{
$ps_action = $this->request->getParameter('action', pString);
$ps_key = $this->request->getParameter('key', pString);
$ps_key = preg_replace("/[^A-Za-z0-9]+/", "", $ps_key);
$this->view->setVar("key", $ps_key);
$o_check_key = new Db();
$qr_check_key = $o_check_key->query("\n\t\t\t\tSELECT user_id \n\t\t\t\tFROM ca_users \n\t\t\t\tWHERE\n\t\t\t\t\tmd5(concat(concat(user_id, '/'), password)) = ?\n\t\t\t", $ps_key);
#
# Check reset key
#
if (!$qr_check_key->nextRow() || !($vs_user_id = $qr_check_key->get("user_id"))) {
$this->view->setVar("action", "reset_failure");
$this->render('LoginReg/resetpw_html.php');
} else {
$ps_password = $this->request->getParameter('password', pString);
$ps_password_confirm = $this->request->getParameter('password_confirm', pString);
switch ($ps_action) {
case 'reset_save':
if (!$ps_password || !$ps_password_confirm) {
$this->view->setVar("password_error", _t("Please enter and re-type your password."));
$ps_action = "reset";
break;
}
if ($ps_password != $ps_password_confirm) {
$this->view->setVar("password_error", _t("Passwords do not match. Please try again."));
$ps_action = "reset";
break;
}
$t_user = new ca_users();
$t_user->load($vs_user_id);
# verify user exists with this e-mail address
if ($t_user->getPrimaryKey()) {
# user with e-mail already exists...
$t_user->setMode(ACCESS_WRITE);
$t_user->set("password", $ps_password);
$t_user->update();
if ($t_user->numErrors()) {
$this->notification->addNotification(join("; ", $t_user->getErrors()), __NOTIFICATION_TYPE_INFO__);
$ps_action = "reset_failure";
} else {
$ps_action = "reset_success";
# -- generate mail text from template
ob_start();
require $this->request->getViewsDirectoryPath() . "/mailTemplates/notification.tpl";
$vs_mail_message = ob_get_contents();
ob_end_clean();
caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), "[" . $this->request->config->get("app_display_name") . "] " . _t("Your password has been reset"), $vs_mail_message);
}
break;
} else {
$this->notification->addNotification(_t("Invalid user"), __NOTIFICATION_TYPE_INFO__);
$ps_action = "reset_failure";
}
}
$this->view->setVar("action", $ps_action);
$this->render('LoginReg/resetpw_html.php');
}
}
