public function index()
{
if (!empty($_FILES) && !empty($_FILES['upload'])) {
$params = array('user_id' => $this->user_id);
$this->load->library('JSONImport', $params);
$uploadedFile = $_FILES['upload'];
$validationResult = $this->jsonimport->validateUpload($uploadedFile);
if ($validationResult !== true) {
$this->data['errors'] = $validationResult;
$data = array();
foreach ($validationResult as $k => $v) {
$data['validation_error_' . $k] = $v;
}
$this->exceptional->createTrace(E_ERROR, 'JSON Import Issue', __FILE__, __LINE__, $data);
} else {
$importResult = $this->jsonimport->importFile($uploadedFile['tmp_name']);
$this->data = $importResult;
}
} else {
$this->data['success'] = false;
$this->data['errors'] = formatErrors(100);
$this->exceptional->createTrace(E_ERROR, 'No JSON file uploaded for import.', __FILE__, __LINE__);
}
$this->view('import/index', array('no_header' => true, 'no_footer' => true));
}
public function create($options = array())
{
$valid = validate($options, $this->data_types, array('name'));
// Make sure all the options are valid
if ($valid === true) {
// See if this record already exists
$options['slug'] = generateSlug($options['name']);
$tag = $this->read("tags.slug = '" . $options['slug'] . "'", 1, 1);
// If not, add it
if (!isset($tag->tag_id)) {
$q = $this->db->insert_string($this->table, $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
// If good, return full label
if ($res === true) {
$tag_id = $this->db->insert_id();
return $this->read($tag_id);
}
// Else return error
return false;
}
// If already exists, just return it
return $tag;
}
return formatErrors($valid);
}
/**
* Creates new token
* @param array $options Token data
* @return Ambigous <boolean, mixed, array>
*/
public function create($options = array())
{
$required = array('token_type');
$valid = validate($options, $this->data_types, $required);
// Make sure all the options are valid
if ($valid === true) {
// If you made it this far, we need to add the record to the DB
$options['created_on'] = date("Y-m-d H:i:s");
$confExpireTime = $this->config->item('forgot_password_token_valid_seconds');
$options['valid_until'] = date("Y-m-d H:i:s", time() + (empty($confExpireTime) ? self::DEFAULT_TOKEN_VALID_TIME_SECONDS : $confExpireTime));
// Generate random token
$this->load->library('uuid');
do {
$options['token_value'] = $this->uuid->v4(true) . $this->uuid->v4(true);
$total = $this->count("token_value = '" . $options['token_value'] . "'");
} while ($total > 0);
// This should never happen according to UUID generation
// Add record
$q = $this->db->insert_string('tokens', $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
if ($res === true) {
$token_id = $this->db->insert_id();
return $this->read($token_id);
} else {
return formatErrors('Eek this is akward, sorry. Something went wrong. Please try again.');
}
}
return formatErrors($valid);
}
private function validateAndSave($options, $overwriteCreatedOn)
{
$valid = validate($options, $this->data_types, array('title', 'url'));
// Make sure all the options are valid
if ($valid === true) {
// Make sure url doesn't already exist
$md5 = md5($options['url']);
$mark = $this->read("url_key = '" . $md5 . "'", 1, 1);
// If not found, add it
if (!isset($mark->mark_id)) {
if ($overwriteCreatedOn || empty($options['created_on'])) {
$options['created_on'] = date('Y-m-d H:i:s');
}
$options['url_key'] = $md5;
$q = $this->db->insert_string('marks', $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
// Return mark_id
if ($res === true) {
$mark_id = $this->db->insert_id();
return $this->read($mark_id);
}
return false;
}
// If already exists, just return it
return $mark;
}
return formatErrors($valid);
}
public function updatePassword()
{
if (!isset($this->clean->password) || !isValid($this->clean->password, 'password')) {
$this->data['message'] = reset(array_values(formatErrors(602)));
} else {
// Check current password
$current_password = isset($this->clean->current_password) ? $this->clean->current_password : null;
$res = $this->user->read($this->user_id, 1, 1, 'email,password');
if (!isset($res->password)) {
$this->data['message'] = 'We could not verify your current password.';
} elseif (verifyHash($current_password, $res->password) != $res->password) {
$this->data['message'] = 'Your current password does not match what we have on record.';
} else {
$password = generateHash($this->clean->password);
$user = $this->user->update($this->user_id, array('password' => $password));
if (isset($user->password) && $user->password == $password) {
$this->data['success'] = true;
// Send email
$this->load->library('email');
$this->email->initialize();
$sent = $this->email->updatePassword($user->email);
} else {
$this->data['message'] = 'Your password could not be updated at this time. Please try again.';
}
}
}
$this->renderJSON();
}
public function create($options = array())
{
$smart_label = isset($options['domain']) ? true : false;
// If a smart label, set the required fields
if ($smart_label === true) {
$required = array('smart_label_id', 'domain', 'smart_key');
} else {
$required = array('name', 'slug');
}
$valid = validate($options, $this->data_types, $required);
// Make sure all the options are valid
if ($valid === true) {
// If not, add it
$options['created_on'] = date('Y-m-d H:i:s');
$q = $this->db->insert_string($this->table, $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
// If good, return full label
if ($res === true) {
$cache_key = isset($options['user_id']) ? $this->cache_id . $options['user_id'] . '-*' : $this->cache_id . 'labels-*';
$this->removeCacheKey($cache_key);
$label_id = $this->db->insert_id();
return self::readComplete($label_id);
}
// Else return error
return false;
}
return formatErrors($valid);
}
public function create($options = array())
{
$valid = validate($options, $this->data_types, array('tag_id', 'user_id', 'users_to_mark_id'));
// Make sure all the options are valid
if ($valid === true) {
// See if this record already exists
$tag = $this->read("tag_id = '" . $options['tag_id'] . "' AND user_id = '" . $options['user_id'] . "' AND users_to_mark_id = '" . $options['users_to_mark_id'] . "'", 1, 1, 'tag_id');
// If not, add it
if (!isset($tag->tag_id)) {
$q = $this->db->insert_string($this->table, $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
if ($res === true) {
$mark_to_tag_id = $this->db->insert_id();
return $this->read($mark_to_tag_id);
}
// Return true or false
return false;
}
// If already exists, just return it
return $tag;
}
return formatErrors($valid);
}
private function validateAndSave($options, $overwriteCreatedOn)
{
$valid = validate($options, $this->data_types, array('user_id', 'mark_id'));
// Make sure all the options are valid
if ($valid === true) {
if ($overwriteCreatedOn || empty($options['created_on'])) {
$options['created_on'] = date('Y-m-d H:i:s');
}
$q = $this->db->insert_string('users_to_marks', $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
// If good, return full record
if ($res === true) {
// Remove cache for this user
$this->removeCacheKey($this->cache_id . $options['user_id'] . '-*');
// Get info and return it
$user_mark_id = $this->db->insert_id();
return $this->readComplete($user_mark_id);
}
// Else return error
return false;
}
return formatErrors($valid);
}
public function add()
{
if (!isset($this->db_clean->name) || empty($this->db_clean->name)) {
$this->data['errors'] = formatErrors(61);
} else {
$tag = $this->tags->create(array('name' => $this->db_clean->name));
if (isset($tag->tag_id)) {
$this->data['tag'] = $tag;
} elseif ($tag === false) {
$this->data['errors'] = formatErrors(62);
} else {
$this->data['errors'] = $tag;
}
}
// Figure view
$this->figureView();
}
public function create($options = array())
{
if (!isValid($options['email'], 'email')) {
return formatErrors(604);
}
if (!isValid($options['password'], 'password')) {
return formatErrors(602);
}
// Make sure email does not exist already
$total = $this->count("email = '" . $options['email'] . "'");
if ($total > 0) {
return formatErrors(603);
}
// If you made it this far, we need to add the record to the DB
$options['password'] = generateHash($options['password']);
$options['created_on'] = date("Y-m-d H:i:s");
// Create user token
do {
$options['user_token'] = generateToken(30) . md5(time());
$total = $this->count("user_token = '" . $options['user_token'] . "'");
// If by some freak chance there is a collision
// Report it
if ($total > 0) {
log_message('debug', 'User token collision detected on key of `' . $options['user_token'] . '`');
}
} while ($total > 0);
// Add record
$q = $this->db->insert_string('users', $options);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
if ($res === true) {
$user_id = $this->db->insert_id();
return $this->read($user_id);
} else {
return formatErrors(500);
}
}
/**
* Reset users password
*/
public function resetPassword()
{
$this->data['success'] = false;
$token = isset($this->db_clean->token) ? $this->db_clean->token : null;
$password = isset($this->clean->password) ? $this->clean->password : null;
$validationResult = validate(array('token' => $token, 'password' => $password), array('token' => 'string', 'password' => 'password'), array('token', 'password'));
if ($validationResult === true) {
// Checking token
$this->load->model('tokens_model', 'token');
$tokenData = $this->token->read("token_value = '{$token}'");
if (!$this->token->isValid($tokenData)) {
$this->data['errors'] = formatErrors(91);
} else {
$hashedPassword = generateHash($this->clean->password);
$this->load->model('users_model', 'user');
$user = $this->user->update($tokenData->user_id, array('password' => $hashedPassword));
if (isset($user->password) && $user->password == $hashedPassword) {
// Mark token as used
if (!$this->token->useToken($token)) {
log_message('DEBUG', 'Failed to mark token ' . $token . ' as used in DB');
}
// Send email
$this->load->library('email');
$this->email->initialize();
$this->data['success'] = $this->email->updatePassword($user->email);
} else {
$this->data['errors'] = formatErrors(500);
}
}
} else {
$this->data['errors'] = $validationResult;
}
$this->figureView();
}
public function total($what = 'marks', $start = null, $finish = null)
{
parent::redirectIfWebView();
$method = 'total' . ucwords($what);
if (method_exists($this, $method)) {
$start = empty($start) ? 'today' : strtolower($start);
$finish = empty($finish) ? 'tomorrrow' : strtolower($finish);
$this->data['total'] = $this->{$method}($start, $finish);
parent::renderJSON();
} else {
$this->data['errors'] = formatErrors(404);
}
parent::renderJSON();
}
/**
* Import mark object into system
*
* @param stdObj $markObject
* Mark data imported from file
* @return array Result array
*/
public function importMark($markObject)
{
$result = array();
$this->CI->load->helper('data_helper');
// Run in transaction
$this->CI->db->trans_start();
if ($this->importData['meta']['export_version'] == 1) {
$this->CI->load->model('marks_model', 'mark');
$markArray = array('created_on' => $markObject->created_on, 'title' => empty($markObject->title) ? 'No title' : $markObject->title, 'url' => $markObject->url, 'embed' => $markObject->embed);
// Import mark object
$mark = $this->CI->mark->import($markArray);
// Succesfully created mark
if ($mark !== false && isset($mark->mark_id)) {
// Try to create user_mark and other related records
$this->CI->load->model('users_to_marks_model', 'user_marks');
$user_mark = $this->CI->user_marks->readComplete("users_to_marks.user_id = '" . $this->importData['user_id'] . "' AND users_to_marks.mark_id = '" . $mark->mark_id . "' AND users_to_marks.active = '1'");
// User mark does not exist - add one
if (!isset($user_mark->mark_id)) {
// Set default options
$options = array('user_id' => $this->importData['user_id'], 'mark_id' => $mark->mark_id, 'active' => $markObject->active, 'archived_on' => $markObject->archived_on, 'created_on' => $markObject->created_on);
// Label ID (not required)
if (isset($markObject->label_id) && is_numeric($markObject->label_id)) {
$this->CI->load->model('labels_model', 'labels');
$label = $this->CI->labels->readComplete("(labels.user_id IS NULL OR labels.user_id='" . $this->importData['user_id'] . "') AND labels.active='1' AND labels.name = " . $this->CI->db->escape($markObject->label_name), 1);
if (!empty($label) && isset($label->label_id)) {
$options['label_id'] = $label->label_id;
} else {
if (!empty($this->unlabeled_label_id)) {
$options['label_id'] = $this->unlabeled_label_id;
$result['warnings'][] = 'Label ' . $markObject->label_name . ' not found. Marked as Unlabeled.';
} else {
if ($this->unlabeled_label_id === false) {
$result['warnings'][] = 'Label ' . $markObject->label_name . ' not found. Stripped label info.';
} else {
// Label not found and no unlabeled cache - looking for unlabeled label id
$label = $this->CI->labels->readComplete("(labels.user_id IS NULL OR labels.user_id='" . $this->importData['user_id'] . "') AND labels.active='1' AND labels.name = " . $this->CI->db->escape('Unlabeled'), 1);
if (!empty($label) && isset($label->label_id)) {
$options['label_id'] = $label->label_id;
// Cache the id of unlabeled label id
$this->unlabeled_label_id = $label->label_id;
$result['warnings'][] = 'Label ' . $markObject->label_name . ' not found. Marked as Unlabeled.';
} else {
// There is no unlabeled label - cache invalid value to mark
$this->unlabeled_label_id = false;
$result['warnings'][] = 'Label ' . $markObject->label_name . ' not found. Stripped label info.';
}
}
}
}
}
// Notes (not required)
if (isset($markObject->notes) && !empty($markObject->notes)) {
$options['notes'] = $markObject->notes;
$tags = getTagsFromHash($options['notes']);
}
// Figure if any automatic labels should be applied
$smart_info = getSmartLabelInfo($markObject->url);
if (isset($smart_info['key']) && !empty($smart_info['key']) && !isset($options['label_id'])) {
// Load labels model
// Sort by user_id DESC (if user has same rule as system, use the user's rule)
// Try to extract label
$this->CI->load->model('labels_model', 'labels');
$this->CI->labels->sort = 'user_id DESC';
$label = $this->CI->labels->readComplete("(labels.user_id IS NULL OR labels.user_id = '" . $this->importData['user_id'] . "') AND labels.smart_key = '" . $smart_info['key'] . "' AND labels.active = '1'", 1);
// If a label id is found
// Set it to options to save
if (isset($label->settings->label->id)) {
$options['label_id'] = $label->settings->label->id;
}
}
// Create the mark
$user_mark = $this->CI->user_marks->import($options);
$result['result'] = 'added';
} else {
$result['result'] = 'skipped';
}
// Added user mark
if (isset($user_mark->mark_id)) {
// If tags are present, add them
// Get updated result
if (isset($tags)) {
self::addTags($tags, $user_mark->mark_id);
}
}
} else {
if ($mark !== false) {
foreach ($mark as $errorCode => $errorMessage) {
$result['errors'][] = array('error_code' => $errorCode, 'error_message' => $errorMessage);
}
} else {
$result['errors'][] = formatErrors(500);
}
}
} else {
$result['errors'][] = array('error_message' => 'Invalid data format ' . $this->importData['meta']['export_version']);
}
$this->CI->db->trans_complete();
// Check if DB operations succeeded
if ($this->CI->db->trans_status() === FALSE) {
// Internal error
$result['errors'][] = formatErrors(500);
}
if (!empty($result['errors'])) {
$result['result'] = 'failed';
}
return $result;
}
protected function generateCSRF()
{
// IF API call, CSRF is not used
// Set to true
// All calls will require a user_token to validate instead
if (self::isAPI() === true || self::isCommandLine() === true || self::isChromeExtension() === true) {
$this->csrf_valid = true;
} else {
$csrf_token = $this->session->userdata('csrf_token');
// If set, validate it
if (isset($this->clean->csrf_token)) {
if (!empty($csrf_token)) {
$this->csrf_valid = $csrf_token == $this->clean->csrf_token ? true : false;
}
// If false, set a flash message and data error
if ($this->csrf_valid === false) {
$this->setFlashMessage('We could not locate the correct security token. Please try again.');
$this->data['errors'] = formatErrors(600);
}
}
// If not set, set it
if (empty($csrf_token)) {
$this->session->set_userdata('csrf_token', generateCSRF());
}
}
}
/**
* Checks if passed file is valid
* @param array $uploadedFile Uploaded file POST information
* @return multitype:array|boolean True on success, array with error information otherwise
*/
public function validateUpload($uploadedFile)
{
if (empty($uploadedFile) || $uploadedFile['size'] <= 0 || $uploadedFile['error'] != 0) {
return formatErrors(100);
}
if ($uploadedFile['type'] !== self::TYPE_JSON) {
return formatErrors(101);
}
return true;
}
private function toggle($label_id = 0, $active = 0)
{
// Figure correct way to handle if no mark id
if (empty($label_id) || !is_numeric($label_id)) {
$this->data['errors'] = formatErrors(30);
} else {
$where = parent::isAdmin() === true ? "(labels.user_id IS NULL OR labels.user_id = '" . $this->user_id . "')" : "labels.user_id = '" . $this->user_id . "'";
$label = $this->labels->update($where . " AND labels.label_id= '" . $label_id . "'", array('active' => $active));
if ($label === false) {
$this->data['errors'] = formatErrors(39);
} else {
$this->data['label'] = $label;
}
}
// Figure view
$this->figureView();
}
public function index()
{
$this->data['errors'] = formatErrors(404);
$this->renderJSON();
}
public function update($where, $options = array())
{
$where = is_numeric($where) ? $this->id_column . " = '{$where}'" : trim($where);
$valid = validate($options, $this->data_types);
if ($valid === true) {
$q = $this->db->update_string($this->table, $options, $where);
$res = $this->db->query($q);
// Check for errors
$this->sendException();
if ($res) {
$cache_key = $this->getCacheKey($q);
$this->removeCacheKey($cache_key);
//$this->dont_cache = true;
$method = $this->read_method;
return $this->{$method}($where);
} else {
return formatErrors(500);
}
}
return formatErrors($valid);
}