public function changePasswordEvent($runData)
{
$pl = $runData->getParameterList();
$user = $runData->getUser();
$oldPassword = $pl->getParameterValue("old_password");
$newPassword1 = $pl->getParameterValue("new_password1");
$newPassword2 = $pl->getParameterValue("new_password2");
$oldPassword = trim(CryptUtils::rsaDecrypt($oldPassword));
$newPassword1 = trim(CryptUtils::rsaDecrypt($newPassword1));
$newPassword2 = trim(CryptUtils::rsaDecrypt($newPassword2));
$oldPassword = preg_replace("/^__/", '', $oldPassword);
$newPassword1 = preg_replace("/^__/", '', $newPassword1);
$newPassword2 = preg_replace("/^__/", '', $newPassword2);
if (md5($oldPassword) !== $user->getPassword()) {
throw new ProcessException(_("Can not change your password. The current password is invalid."), "form_error");
}
if ($newPassword1 !== $newPassword2) {
throw new ProcessException(_("Can not change your password. New passwords differ but should be identical to eliminate typos."), "form_error");
}
if (strlen8($newPassword1) < 6) {
throw new ProcessException(_("Can not change your password. The new password is too short. Min 6 characters please!"), "form_error");
}
if (strlen8($newPassword1) > 20) {
throw new ProcessException(_("Can not change your password. The new password is too long. Max 20 characters please!"), "form_error");
}
// ok, change the password!!!
$user->setPassword(md5($newPassword1));
$user->save();
}
public function build($runData)
{
$pl = $runData->getParameterList();
$email = $pl->getParameterValue("email", 'MODULE', 'AMODULE');
$format = $pl->getParameterValue("module_body", 'MODULE', 'AMODULE');
$title = $pl->getParameterValue("title", 'MODULE', 'AMODULE');
$successPage = $pl->getParameterValue("successPage", 'MODULE', 'AMODULE');
$outputFormat = $pl->getParameterValue("format", 'MODULE', 'AMODULE');
// check if email is ok
if (strlen($email) < 5 || strlen($email) > 50 || preg_match("/^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)+\$/", $email) == 0) {
throw new ProcessException(_('Please provide a valid email address via the email="*****@*****.**" parameter.'));
}
// check if title is valid
if ($title && strlen8($title) > 200) {
throw new ProcessException(_('The title="..." attribute is not valid.'));
}
// parse the format
$fields = MailFormUtils::parseFormat($format);
//stringify fields too...
$runData->contextAdd("fields", $fields);
$runData->contextAdd("rand", rand(1, 100000));
// save fields!
$parmArray = $pl->asArray();
$key = md5(serialize($parmArray)) . '_' . time();
DatabaseStorage::instance()->set($key, array('email' => $email, 'fields' => $fields, 'title' => $title, 'successPage' => $successPage, 'format' => $outputFormat), 3600);
$runData->contextAdd("fkey", $key);
}
public function cloneSiteEvent($runData)
{
$pl = $runData->getParameterList();
$site = $runData->getTemp("site");
$siteId = $site->getSiteId();
WDPermissionManager::instance()->canBecomeAdmin($runData->getUser());
$name = trim($pl->getParameterValue("name"));
$unixName = trim($pl->getParameterValue("unixname"));
$tagline = trim($pl->getParameterValue("tagline"));
$description = trim($pl->getParameterValue("description"));
$private = (bool) $pl->getParameterValue("private");
// validate form data:
$errors = array();
if (strlen($name) < 1) {
$errors['name'] = _("Site name must be present.");
} elseif (strlen8($name) > 30) {
$errors['name'] = _("Site name should not be longer than 30 characters.");
}
// site unix name *************
if ($unixName === null || strlen($unixName) < 3) {
$errors['unixname'] = _("Web address must be present and should be at least 3 characters long.");
} elseif (strlen($unixName) > 30) {
$errors['unixname'] = _("Web address name should not be longer than 30 characters.");
} elseif (preg_match("/^[a-z0-9\\-]+\$/", $unixName) == 0) {
$errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address.');
} elseif (preg_match("/\\-\\-/", $unixName) !== 0) {
$errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address. Double-dash (--) is not allowed.');
} else {
$unixName = WDStringUtils::toUnixName($unixName);
if (!$runData->getUser()->getSuperAdmin()) {
// handle forbidden names
$forbiddenUnixNames = explode("\n", file_get_contents(WIKIDOT_ROOT . '/conf/forbidden_site_names.conf'));
foreach ($forbiddenUnixNames as $f) {
if (preg_match($f, $unixName) > 0) {
$errors['unixname'] = _('For some reason this web address is not allowed or is reserved for future use.');
}
}
}
// check if the domain is not taken.
$c = new Criteria();
$c->add("unix_name", $unixName);
$ss = DB_SitePeer::instance()->selectOne($c);
if ($ss) {
$errors['unixname'] = _('Sorry, this web address is already used by another site.');
}
}
if (strlen8($tagline) > 50) {
$errors['tagline'] = _("Tagline should not be longer than 50 characters");
}
if (count($errors) > 0) {
$runData->ajaxResponseAdd("formErrors", $errors);
throw new ProcessException("Form errors", "form_errors");
}
// and now... CREATE THE SITE!!!!!!!!!!!!!!!!
$siteProps = array('name' => $name, 'subtitle' => $tagline, 'unixname' => $unixName, 'description' => $description, 'private' => $private);
$dup = new Duplicator();
$dup->cloneSite($site, $siteProps);
}
public function getPreview($length = 200)
{
$text = $this->getBody();
$stripped = strip_tags($text);
$substr = substr($stripped, 0, $length);
if (strlen8($substr) == $length) {
$substr = preg_replace('/\\w+$/', "", $substr) . '...';
}
return $substr;
}
public function createCampaignEvent($runData)
{
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$name = $pl->getParameterValue("name");
$id = $pl->getParameterValue("identifier");
//validate data
$name = trim($name);
$id = trim($id);
if ($name == "") {
throw new ProcessException(_("You must provide a name for this campaign."), "form_error");
}
if ($id == "") {
throw new ProcessException(_("You must provide an identifier for this campaign."), "form_error");
}
if (!preg_match(';^[a-z0-9]+$;i', $id)) {
throw new ProcessException(_("The identifier can contain only letters and digits."), "form_error");
}
if (strlen8($name) > 50) {
throw new ProcessException(_("Name of the campaign shoud not be longer than 50 characters."), "form_error");
}
if (strlen8(id) > 20) {
throw new ProcessException(_("Identifier of the campaign shoud not be longer than 20 characters."), "form_error");
}
$db = Database::connection();
$db->begin();
// check if camaign exists already!
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("deleted", false);
$c->add("name", $name);
$camp0 = DB_PetitionCampaignPeer::instance()->selectOne($c);
if ($camp0) {
throw new ProcessException(_("A campaign with this name already exists."), "form_error");
}
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("deleted", false);
$c->add("identifier", $id);
$camp0 = DB_PetitionCampaignPeer::instance()->selectOne($c);
if ($camp0) {
throw new ProcessException(_("A campaign with the same identifier already exists."), "form_error");
}
// ok, this seems to be all right!
$camp = new DB_PetitionCampaign();
$camp->setName($name);
$camp->setIdentifier($id);
$camp->setSiteId($site->getSiteId());
$camp->save();
$runData->ajaxResponseAdd("campaignId", $camp->getCampaignId());
$db->commit();
}
/**
* Converts a strig by replacing all alphanumeric characters that do not match
* [0-9a-z\-] to their ASCII equivalents (e.g. 'ą' -> 'a') and non-alphanumeric
* characters to '-'.
* @param string $text
* @param string $allowedSpecialChars
*
* @asserts('ąść')='asc'
*/
public static function unixify($text, $allowedSpecialChars = null)
{
$convertArray = null;
$asc = null;
$ascEscaped = null;
$text = trim($text);
if ($allowedSpecialChars) {
$asc = (array) $allowedSpecialChars;
if (array_intersect(array_keys(self::$UNIXIFY_CONVERT_ARRAY), $asc)) {
$convertArray = self::$UNIXIFY_CONVERT_ARRAY;
}
foreach ($asc as $sc) {
if (strlen8($sc) != 1) {
throw new InvalidArgumentException("Only single characters allowed in special characters. '{$sc}' is not a single character.");
}
if ($convertArray && isset($convertArray[$sc])) {
unset($convertArray[$sc]);
}
}
}
if ($convertArray) {
$text = strtr($text, $convertArray);
} else {
$text = strtr($text, self::$UNIXIFY_CONVERT_ARRAY);
}
// and absolutely purify the string removing all unwanted characters
$text = strtolower($text);
if ($asc) {
$ascEscaped = preg_quote(implode($asc));
}
$text = preg_replace('/[^a-z0-9\\-' . $ascEscaped . ']/', '-', $text);
$text = preg_replace('/^\\-*/', '', $text);
$text = preg_replace('/\\-*$/', '', $text);
$text = preg_replace('/[\\-]{2,}/', '-', $text);
return $text;
}
public function signEvent($runData)
{
require WIKIDOT_ROOT . '/php/unclassified/country_codes.php';
$site = $runData->getTemp("site");
$pl = $runData->getParameterList();
$campaignId = $pl->getParameterValue("campaignId");
$db = Database::connection();
$db->begin();
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("deleted", false);
$c->add("campaign_id", $campaignId);
$camp = DB_PetitionCampaignPeer::instance()->selectOne($c);
if (!$camp) {
throw new ProcessException(_("The campaign can not be found."));
}
if (!$camp->getActive()) {
throw new ProcessException(_("This petition campaign is paused."));
}
$errors = array();
// prepare the new signature at the same time
$pet = new DB_PetitionSignature();
// first and last name
$firstName = trim($pl->getParameterValue("firstName"));
if (strlen($firstName) == 0) {
$errors['firstName'] = _("Please enter your first name.");
} elseif (strlen8($firstName) > 64) {
$errors['firstName'] = _("First name seems to be too long.");
}
$lastName = trim($pl->getParameterValue("lastName"));
if (strlen($lastName) == 0) {
$errors['lastName'] = _("Please enter your last name.");
} elseif (strlen8($lastName) > 64) {
$errors['lastName'] = _("Last name seems to be too long.");
}
$pet->setFirstName($firstName);
$pet->setLastName($lastName);
// address
if ($camp->getCollectAddress()) {
$address1 = trim($pl->getParameterValue("address1"));
$address2 = trim($pl->getParameterValue("address2"));
if (strlen($address1) == 0) {
$errors['address'] = _("Please enter your address.");
} elseif (strlen8($address1) > 100) {
$errors['address'] = _("The address seems to be too long.");
}
if (strlen8($address2) > 100) {
$errors['address'] = _("The address seems to be too long.");
}
$pet->setAddress1($address1);
$pet->setAddress2($address2);
}
//city
if ($camp->getCollectCity()) {
$city = trim($pl->getParameterValue("city"));
if (strlen($city) == 0) {
$errors['city'] = _("Please enter the city of residence.");
} elseif (strlen8($city) > 64) {
$errors['city'] = _("The city name seems to be too long.");
}
$pet->setCity($city);
}
//state
if ($camp->getCollectState()) {
$state = trim($pl->getParameterValue("state"));
//}else
if (strlen8($state) > 64) {
$errors['state'] = _("The name of the state seems to be too long.");
}
$pet->setState($state);
}
//zip
if ($camp->getCollectZip()) {
$zip = trim($pl->getParameterValue("zip"));
if (strlen($zip) == 0) {
$errors['zip'] = _("Please enter your zip/postal code.");
} elseif (strlen8($zip) > 20) {
$errors['zip'] = _("The zip/postal code seems to be too long.");
}
$pet->setZip($zip);
}
//country
if ($camp->getCollectCountry()) {
$country = trim($pl->getParameterValue("country"));
if (strlen($country) == 0 || !isset($iso3166_country_codes[$country])) {
$errors['country'] = _("Please choose your country.");
}
$pet->setCountryCode($country);
$pet->setCountry($iso3166_country_codes[$country]);
/*
if(strlen($country) == 0){
$errors['country'] = _("Please enter your country.");
}elseif(strlen8($country) > 60){
$errors['country'] = _("The name of the country is too long.");
}
$pet->setCountry($country);
*/
}
//comments
if ($camp->getCollectComments()) {
$comments = trim($pl->getParameterValue("comments"));
if (strlen8($comments) > 300) {
$errors['comments'] = _("The comments should not be longer than 300 characters.");
}
$pet->setComments($comments);
}
//verify email
$email = trim($pl->getParameterValue("email"));
if (!preg_match('/^[_a-zA-Z0-9\\-\\+]+(\\.[_a-zA-Z0-9\\-\\+]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)+$/', $email)) {
$errors['email'] = _("Please provide a valid email address.");
}
// check if email is unique for this campaign!
if (!$errors['email']) {
$c = new Criteria();
$c->add("campaign_id", $camp->getCampaignId());
$c->add("email", $email);
$pet0 = DB_PetitionSignaturePeer::instance()->selectOne($c);
if ($pet0) {
if ($pet0->getConfirmed()) {
$errors['email'] = _("This email has been already used for signing the petition.");
} else {
DB_PetitionSignaturePeer::instance()->deleteByPrimaryKey($pet0->getSignatureId());
}
}
}
$pet->setEmail($email);
if (count($errors) > 0) {
// there are some errors!!!
$runData->ajaxResponseAdd("errors", $errors);
throw new ProcessException(_("The form contains some errors."), "form_errors");
}
// everything should be ok at this point - finish creating the signature,
// save the signature and send a verification email.
$pet->setCampaignId($camp->getCampaignId());
$pet->setDate(new ODate());
// generate hash.
$hash = substr(md5($email . time()), 0, 20);
$pageUnixName = $pl->getParameterValue("petitionUrl");
$pageUnixName = WDStringUtils::toUnixName($pageUnixName);
$url = $site->getDomain() . '/' . $pageUnixName;
$pet->setConfirmationUrl($url);
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject(_("Petition confirmation"));
$oe->contextAdd('firstName', $firstName);
$oe->contextAdd('lastName', $lastName);
$oe->contextAdd('hash', $hash);
$oe->contextAdd("site", $site);
$oe->contextAdd("siteName", $site->getName());
$oe->contextAdd("url", $url);
$oe->contextAdd("campaign", $camp);
$oe->contextAdd("campaignName", $camp->getName());
$oe->contextAdd("sig", $pet);
$oe->setBodyTemplate('wiki/petition/PetitionConfirmation');
if (!$oe->Send()) {
throw new ProcessException(_("Confirmation email can not be delivered to the specified address."));
}
$pet->setConfirmationHash($hash);
$pet->setConfirmationUrl('/' . $pageUnixName);
$pet->save();
$db->commit();
$runData->setModuleTemplate("extra/petition/ConfirmationSentModule");
$runData->sessionAdd("keep", true);
}
function sku_gen($title = '', $code = false)
{
$prefix = '';
foreach (explode(" ", $title) as $word) {
if (strlen8($word) < 3) {
continue;
}
if (!ctype_upper($word[0])) {
continue;
}
$prefix .= $word[0];
if (strlen($prefix) > 2) {
break;
}
}
if (!$code) {
$code = substr(abs(crc32(upcase($title))), -6);
}
if (strlen($prefix) > 1) {
$code = $prefix . '-' . $code;
}
return re($code);
}
public function getPreview($length = 200)
{
$text = $this->getText();
$text = preg_replace(';<table style=".*?id="toc".*?</table>;s', '', $text, 1);
$stripped = strip_tags($text);
$d = utf8_encode("þ");
$stripped = preg_replace("/" . $d . "module \"([a-zA-Z0-9\\/_]+?)\"(.+?)?" . $d . "/", '', $stripped);
$stripped = str_replace($d, '', $stripped);
// get last position of " "
if (strlen8($stripped) > $length) {
$substr = substr($stripped, 0, $length);
$length = strrpos($substr, " ");
$substr = trim(substr($substr, 0, $length));
$substr .= '...';
} else {
$substr = $stripped;
}
return $substr;
}
public function getPreview($length = 200)
{
if (is_array($this->prefetched)) {
if (in_array('page_compiled', $this->prefetched)) {
if (in_array('page_compiled', $this->prefetchedObjects)) {
$compiled = $this->prefetchedObjects['page_compiled'];
} else {
$obj = new DB_PageCompiled($this->sourceRow);
$obj->setNew(false);
$this->prefetchedObjects['page_compiled'] = $obj;
$compiled = $obj;
}
}
}
if ($compiled == null) {
$c = new Criteria();
$c->add("page_id", $this->getPageId());
$compiled = DB_PageCompiledPeer::instance()->selectOne($c);
}
$text = $compiled->getText();
$text = preg_replace(';<table style=".*?id="toc".*?</table>;s', '', $text, 1);
$stripped = strip_tags($text);
$d = utf8_encode("þ");
$stripped = preg_replace("/" . $d . "module \"([a-zA-Z0-9\\/_]+?)\"(.+?)?" . $d . "/", '', $stripped);
$stripped = str_replace($d, '', $stripped);
// get last position of " "
if (strlen8($stripped) > $length) {
$substr = substr($stripped, 0, $length);
$length = strrpos($substr, " ");
$substr = trim(substr($substr, 0, $length));
$substr .= '...';
} else {
$substr = $stripped;
}
return $substr;
}
public function sendFormEvent($runData)
{
$pl = $runData->getParameterList();
$values = $pl->getParameterValue("formdata");
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$values = $json->decode($values);
$site = $runData->getTemp("site");
$fkey = trim($pl->getParameterValue("formdef"));
$data = DatabaseStorage::instance()->get($fkey);
if (!$data) {
throw new ProcessException(_("No form definition found."));
}
$fields = $data['fields'];
$email = $data['email'];
$title = $data['title'];
$format = strtolower(trim($data['format']));
if (!in_array($format, array('csv'))) {
$format = null;
}
// parse and validate!
$errors = array();
foreach ($fields as &$field) {
$name = $field['name'];
$value = $values[$field['name']];
$field['value'] = $value;
// check if need to validate. any rules?
// first, if select, can not be empty
if ($field['type'] == "select") {
if (!$value) {
$errors[$name] = _('Please select an option');
continue;
}
}
if ($field['rules'] && is_array($field['rules'])) {
foreach ($field['rules'] as $ruleName => $ruleValue) {
switch ($ruleName) {
case 'required':
if ($value == "") {
$errors[$name] = _('Please enter this information');
break 2;
}
break;
case 'minLength':
if (strlen8($value) < $ruleValue) {
$errors[$name] = _('Value is too short');
break 2;
}
break;
case 'maxLength':
if (strlen8($value) > $ruleValue) {
$errors[$name] = _('Value is too long');
break 2;
}
break;
case 'match':
if (!preg_match($ruleValue, $value)) {
$errors[$name] = _('Value is not valid');
break 2;
}
break;
case 'number':
if (!is_numeric($value)) {
$errors[$name] = _('Value is not numeric');
break 2;
}
break;
case 'minValue':
if (!is_numeric($value) || 1 * $value < 1 * $ruleValue) {
$errors[$name] = _('Value is too small');
break 2;
}
break;
case 'maxValue':
if (!is_numeric($value) || 1 * $value > 1 * $ruleValue) {
$errors[$name] = _('Value is too large');
break 2;
}
break;
}
}
}
// fix checkboxes
if ($field['type'] == "checkbox") {
if (!$value) {
$field['value'] = _('No');
} else {
$field['value'] = _('Yes');
}
}
}
if (count($errors)) {
// "sir, we have some errors here. shit."
$runData->ajaxResponseAdd("errors", $errors);
throw new ProcessException("Form errors.", "form_errors");
}
$title = $title ? $title : sprintf(_("[%s] MailForm form data"), GlobalProperties::$SERVICE_NAME);
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject($title);
$oe->contextAdd('fields', $fields);
$oe->contextAdd('values', $values);
switch ($format) {
case 'csv':
$emailTemplate = 'wiki/mailform/MailFormCSV';
// fix the values (escape)
foreach ($fields as &$field) {
$value = $field['value'];
if (preg_match("/[,\"\n]/", $value)) {
$value = str_replace('"', '""', $value);
$value = '"' . $value . '"';
$field['value'] = $value;
}
}
break;
default:
$emailTemplate = 'wiki/mailform/MailForm';
break;
}
$oe->setBodyTemplate($emailTemplate);
if (!$oe->Send()) {
throw new ProcessException(_("The form data could not be sent to the specified email address."), "email_failed");
}
// ok, is there any success page?
$successPage = $data['successPage'];
if ($successPage) {
$successPage = WDStringUtils::toUnixName($successPage);
$page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $successPage);
if ($page) {
$runData->ajaxResponseAdd("successPage", $successPage);
}
}
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function saveGeneralEvent($runData)
{
$pl = $runData->getParameterList();
$name = trim($pl->getParameterValue("name"));
$subtitle = trim($pl->getParameterValue("subtitle"));
$description = trim($pl->getParameterValue("description"));
$tags = strtolower(trim($pl->getParameterValue("tags")));
$defaultPage = WDStringUtils::toUnixName($pl->getParameterValue("default_page"));
$errors = array();
if (strlen($name) < 1) {
$errors['name'] = _("Site name must be present.");
} elseif (strlen8($name) > 30) {
$errors['name'] = _("Site name should not be longer than 30 characters.");
}
if (strlen8($subtitle) > 50) {
$errors['subtitle'] = _("Subtitle should not be longer than 50 characters");
}
if (strlen8($description) > 300) {
$errors['description'] = _("Description should not be longer than 300 characters");
}
if (strlen8($tags) > 128) {
$errors['tags'] = _('"Tags" field too long.');
}
if ($defaultPage == "") {
$errors['defaultPage'] = _("Default landing page should be given and be somehow valid.");
}
if (strlen($defaultPage) > 80) {
$errors['defaultPage'] = _("Default landing page name is too long.");
}
if (count($errors) > 0) {
$runData->ajaxResponseAdd("formErrors", $errors);
throw new ProcessException("Form errors", "form_errors");
}
$site = $runData->getTemp("site");
$changed = false;
if ($site->getName() !== $name) {
$site->setName($name);
$changed = true;
}
if ($site->getSubtitle() !== $subtitle) {
$site->setSubtitle($subtitle);
$changed = true;
}
if ($site->getDescription() !== $description) {
$site->setDescription($description);
$changed = true;
}
if ($site->getDefaultPage() !== $defaultPage) {
$site->setDefaultPage($defaultPage);
$changed = true;
}
$db = Database::connection();
$db->begin();
if ($changed) {
$site->save();
// outdate cache for sure ;-)
$outdater = new Outdater();
$outdater->siteEvent("sitewide_change");
}
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$dbTags = DB_SiteTagPeer::instance()->select($c);
$tags = preg_split("/[ ,]+/", $tags);
$tags = array_unique($tags);
foreach ($dbTags as $dbTag) {
if (in_array($dbTag->getTag(), $tags)) {
unset($tags[array_search($dbTag->getTag(), $tags)]);
} else {
DB_SiteTagPeer::instance()->deleteByPrimaryKey($dbTag->getTagId());
}
}
// insert all other
foreach ($tags as $tag) {
if (trim($tag) != '') {
$dbTag = new DB_SiteTag();
$dbTag->setSiteId($site->getSiteId());
$dbTag->setTag($tag);
$dbTag->save();
}
}
$db->commit();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function changeScreenNameEvent($runData)
{
$user = $runData->getUser();
$userId = $user->getUserId();
$profile = $user->getProfile();
if ($profile->getChangeScreenNameCount() >= 2) {
throw new ProcessException('Your are allowed to change your screen name only 2 times.');
}
$pl = $runData->getParameterList();
$name = trim($pl->getParameterValue("screenName"));
if ($name == $user->getNickName()) {
throw new ProcessException("Your new and current screen names are the same.");
}
$db = Database::connection();
$db->begin();
$unixified = WDStringUtils::toUnixName($name);
if (strlen($name) < 2) {
throw new ProcessException(_("You really should provide the screen name you want to use."));
}
if (strlen8($name) > 20) {
throw new ProcessException(_("Your screen name should not be longer than 20 characters."));
}
if (preg_match('/^[ _a-zA-Z0-9-\\!#\\$%\\^\\*\\(\\)]+$/', $name) == 0) {
throw new ProcessException(_("Only alphanumeric characters (+a few special) can be used in the screen name."));
}
if (strlen($unixified) < 2) {
throw new ProcessException(_("It seems there are too less alphanumeric characters in your screen name"));
}
//handle forbidden names
$unixName = WDStringUtils::toUnixName($name);
$forbiddenUnixNames = explode("\n", file_get_contents(WIKIDOT_ROOT . '/conf/forbidden_user_names.conf'));
foreach ($forbiddenUnixNames as $f) {
if (preg_match($f, $unixName) > 0) {
throw new ProcessException(_('For some reason this name is not allowed or is reserved for future use.'));
}
}
// check if user does not exist
$c = new Criteria();
$c->add("unix_name", $unixified);
$u = DB_OzoneUserPeer::instance()->selectOne($c);
if ($u != null) {
throw new ProcessException(_("A user with this screen name (or very similar) already exists."));
}
// rename the profile page
$c = new Criteria();
$c->add("unix_name", "profiles");
$nsite = DB_SitePeer::instance()->selectOne($c);
$pageName = 'profile:' . $user->getUnixName();
$c = new Criteria();
$c->add('site_id', $nsite->getSiteId());
$c->add('unix_name', $pageName);
$page = DB_PagePeer::instance()->selectOne($c);
if (!$page) {
throw new ProcessException('Internal error');
}
$metadata = $page->getMetadata();
$metadata->setUnixName('profile:' . $unixified);
$page->setUnixName('profile:' . $unixified);
$metadata->save();
$page->save();
// outdate page cache
$outdater = new Outdater();
$outdater->pageEvent("rename", $page, $pageName);
// now, try to apply new name!!!
$user->setNickName($name);
$user->setUnixName($unixified);
$user->save();
$profile->setChangeScreenNameCount($profile->getChangeScreenNameCount() + 1);
$profile->save();
$db->commit();
}
public function saveThreadMetaEvent($runData)
{
$pl = $runData->getParameterList();
$threadId = $pl->getParameterValue("threadId");
$site = $runData->getTemp("site");
$title = $pl->getParameterValue("title");
$description = $pl->getParameterValue("description");
// validate
$errors = array();
if ($title == '') {
$errors['title'] = _("Thread title can not be empty.");
}
if (strlen8($title) > 128) {
$errors['title'] = _("Thread title should not be longer than 128 characters.");
}
if (strlen($description) > 1000) {
$errors['description'] = _("Thread description should not be longer than 1000 characters.");
}
if (count($errors) > 0) {
$runData->ajaxResponseAdd("formErrors", $errors);
throw new ProcessException("Form errors", "form_errors");
}
$db = Database::connection();
$db->begin();
$thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId);
if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) {
throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread");
}
if ($thread->getBlocked()) {
// check if moderator or admin
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$rel = DB_ModeratorPeer::instance()->selectOne($c);
if (!$rel || strpos($rel->getPermissions(), 'f') == false) {
$rel = DB_AdminPeer::instance()->selectOne($c);
if (!$rel) {
throw new WDPermissionException(_("Sorry, this thread is blocked. Meta information can not be edited."));
}
}
}
$category = $thread->getCategory();
WDPermissionManager::instance()->hasForumPermission('edit_thread', $runData->getUser(), $category, $thread);
$changed = false;
$title = trim($title);
$description = trim($description);
if ($title !== $thread->getTitle()) {
$changed = true;
$thread->setTitle($title);
}
if ($description !== $thread->getDescription()) {
$changed = true;
$thread->setDescription($description);
}
if ($changed) {
$thread->save();
EventLogger::instance()->logSaveThreadMeta($thread);
}
$o = new Outdater();
$o->forumEvent("thread_save", $thread);
// index thread
Indexer::instance()->indexThread($thread);
$db->commit();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function step2Event($runData)
{
$pl = $runData->getParameterList();
$evercode = $pl->getParameterValue("evercode");
if ($evercode != $runData->sessionGet("revcode")) {
throw new ProcessException(_("The verification codes do not match."), "form_error");
}
$password = $pl->getParameterValue("password");
$password2 = $pl->getParameterValue("password2");
$password = trim(CryptUtils::rsaDecrypt($password));
$password = preg_replace("/^__/", '', $password);
$password2 = trim(CryptUtils::rsaDecrypt($password2));
$password2 = preg_replace("/^__/", '', $password2);
// check password
if (strlen8($password) < 6) {
throw new ProcessException(_("Please provide a password min. 6 characters long."), "form_error");
} elseif (strlen8($password) > 20) {
throw new ProcessException(_("Password should not be longer than 20 characters."), "form_error");
} elseif ($password2 != $password) {
throw new ProcessException(_("Passwords are not identical."), "form_error");
}
// ok. seems fine.
$userId = $runData->sessionGet("prUserId");
$user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId);
if ($user == null) {
throw ProcessException("No such user.", "no_user");
}
$user->setPassword(md5($password));
$user->save();
}
public function createSiteEvent($runData)
{
WDPermissionManager::instance()->canBecomeAdmin($runData->getUser());
$pl = $runData->getParameterList();
$name = trim($pl->getParameterValue("name"));
$unixName = trim($pl->getParameterValue("unixname"));
$tagline = trim($pl->getParameterValue("tagline"));
$templateId = $pl->getParameterValue("template");
$private = (bool) $pl->getParameterValue("private");
// validate form data:
$errors = array();
if (strlen($name) < 1) {
$errors['name'] = _("Site name must be present.");
} elseif (strlen8($name) > 30) {
$errors['name'] = _("Site name should not be longer than 30 characters.");
}
// site unix name *************
if ($unixName === null || strlen($unixName) < 3) {
$errors['unixname'] = _("Web address must be present and should be at least 3 characters long.");
} elseif (strlen($unixName) > 30) {
$errors['unixname'] = _("Web address name should not be longer than 30 characters.");
} elseif (preg_match("/^[a-z0-9\\-]+\$/", $unixName) == 0) {
$errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address.');
} elseif (preg_match("/\\-\\-/", $unixName) !== 0) {
$errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address. Double-dash (--) is not allowed.');
} else {
$unixName = WDStringUtils::toUnixName($unixName);
if (!$runData->getUser()->getSuperAdmin()) {
// handle forbidden names
$forbiddenUnixNames = explode("\n", file_get_contents(WIKIDOT_ROOT . '/conf/forbidden_site_names.conf'));
foreach ($forbiddenUnixNames as $f) {
if (preg_match($f, $unixName) > 0) {
$errors['unixname'] = _('For some reason this web address is not allowed or is reserved for future use.');
}
}
}
// check if the domain is not taken.
$c = new Criteria();
$c->add("unix_name", $unixName);
$ss = DB_SitePeer::instance()->selectOne($c);
if ($ss) {
$errors['unixname'] = _('Sorry, this web address is already used by another site.');
}
}
// template
if (!$templateId) {
$errors['template'] = _('Please choose a template for your site');
}
if (strlen8($tagline) > 50) {
$errors['tagline'] = _("Tagline should not be longer than 50 characters");
}
// TOS
if (!$pl->getParameterValue("tos")) {
$errors['tos'] = _("Please read and agree to the Terms of Service.");
}
if (count($errors) > 0) {
$runData->ajaxResponseAdd("formErrors", $errors);
throw new ProcessException("Form errors", "form_errors");
}
// and now... CREATE THE SITE!!!!!!!!!!!!!!!!
$dup = new Duplicator();
$dup->setOwner($runData->getUser());
$db = Database::connection();
$db->begin();
$templateSite = DB_SitePeer::instance()->selectByPrimaryKey($templateId);
if (!preg_match(';^template\\-;', $templateSite->getUnixName())) {
throw new ProcessException('Error');
}
$site = new DB_Site();
$site->setName($name);
$site->setSubtitle($tagline);
$site->setUnixName($unixName);
$site->setLanguage($templateSite->getLanguage());
$site->setDateCreated(new ODate());
$site->setPrivate($private);
if ($private) {
// change file flag too
$flagDir = WIKIDOT_ROOT . '/web/files--sites/' . $site->getUnixName() . '/flags';
$flagFile = $flagDir . '/private';
mkdirfull($flagDir);
//just to make sure
if (!file_exists($flagFile)) {
file_put_contents($flagFile, "private");
}
}
$site->save();
$dup->addExcludedCategory("forum");
// should be initialized independently
$dup->addExcludedCategory("profile");
$dup->duplicateSite($templateSite, $site);
// index the site too
$ind = Indexer::instance();
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$pages = DB_PagePeer::instance()->select($c);
foreach ($pages as $p) {
$ind->indexPage($p);
}
$db->commit();
// clear captcha code
$runData->sessionDel("captchaCode");
$runData->ajaxResponseAdd("siteUnixName", $unixName);
}
public function saveTagsEvent($runData)
{
// do not create any new revision... :-(
// or create???
$user = $runData->getUser();
$pl = $runData->getParameterList();
$tags = strtolower(trim($pl->getParameterValue("tags")));
$pageId = $pl->getParameterValue("pageId");
$site = $runData->getTemp("site");
$page = DB_PagePeer::instance()->selectByPrimaryKey($pageId);
if ($page == null || $page->getSiteId() != $site->getSiteId()) {
throw new ProcessException(_("Error getting page information."), "no_page");
}
$category = $page->getCategory();
WDPermissionManager::instance()->hasPagePermission('edit', $user, $category, $page);
if (strlen8($tags) > 256) {
throw new ProcessException(_('"Tags" field too long.'), "form_error");
}
$db = Database::connection();
$db->begin();
$c = new Criteria();
$c->add("page_id", $pageId);
$dbTags = DB_PageTagPeer::instance()->select($c);
$tags = preg_split("/[ ,]+/", $tags);
$tagstmp = array();
foreach ($tags as $tag) {
$tagstmp[] = substr($tag, 0, 64);
}
$tags = $tagstmp;
$tags = array_unique($tags);
foreach ($dbTags as $dbTag) {
if (in_array($dbTag->getTag(), $tags)) {
unset($tags[array_search($dbTag->getTag(), $tags)]);
} else {
DB_PageTagPeer::instance()->deleteByPrimaryKey($dbTag->getTagId());
}
}
// insert all the other
foreach ($tags as $tag) {
if (trim($tag) != '') {
$dbTag = new DB_PageTag();
$dbTag->setSiteId($site->getSiteId());
$dbTag->setPageId($pageId);
$dbTag->setTag($tag);
$dbTag->save();
}
}
$od = new Outdater();
$od->pageEvent("tag_change", $page);
$db->commit();
if (GlobalProperties::$UI_SLEEP) {
sleep(1);
}
}
public function step0Event($runData)
{
// do it manually. change of rules.
$pl = $runData->getParameterList();
$name = $pl->getParameterValue("name");
$email = $pl->getParameterValue("email");
$password = $pl->getParameterValue("password");
$password2 = $pl->getParameterValue("password2");
$captcha = trim($pl->getParameterValue("captcha"));
// validate now.
$errors = array();
//name
$unixified = WDStringUtils::toUnixName($name);
if (strlen($name) < 2) {
$errors['name'] = _("You really should provide the screen name you want to use.");
} elseif (strlen8($name) > 20) {
$errors['name'] = _("Your screen name should not be longer than 20 characters.");
} elseif (preg_match('/^[ _a-zA-Z0-9-\\!#\\$%\\^\\*\\(\\)]+$/', $name) == 0) {
$errors['name'] = _("Only alphanumeric characters (+a few special) can be used in the screen name.");
} elseif (strlen($unixified) < 2) {
$errors['name'] = _("It seems there are too less alphanumeric characters in your screen name");
} else {
//handle forbidden names
$unixName = WDStringUtils::toUnixName($name);
$forbiddenUnixNames = explode("\n", file_get_contents(WIKIDOT_ROOT . '/conf/forbidden_user_names.conf'));
foreach ($forbiddenUnixNames as $f) {
if (preg_match($f, $unixName) > 0) {
$errors['name'] = _('For some reason this name is not allowed or is reserved for future use.');
}
}
// check if user does not exist
$c = new Criteria();
$c->add("unix_name", $unixified);
$u = DB_OzoneUserPeer::instance()->selectOne($c);
if ($u != null) {
$errors['name'] = _("A user with this screen name (or very similar) already exists.");
}
}
// now check email
if (strlen($email) < 5) {
$errors['email'] = _("Please provide a valid email address.");
} elseif (strlen($email) > 50) {
$errors['email'] = _("Please provide a valid email address - this one seems is to long.");
} elseif (preg_match("/^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)+\$/", $email) == 0) {
$errors['email'] = _("Please provide a valid email address.");
} else {
// check if email is unique
$c = new Criteria();
$c->add("lower(email)", strtolower($email));
$u = DB_OzoneUserPeer::instance()->selectOne($c);
if ($u != null) {
$errors['email'] = _("A user with this email already exists.");
}
}
// check password
if (strlen8($password) < 6) {
$errors['password'] = _("Please provide a password min. 6 characters long.");
} elseif (strlen8($password) > 20) {
$errors['password'] = _("Password should not be longer than 20 characters.");
} elseif ($password2 != $password) {
$errors['password2'] = _("Passwords are not identical.");
}
// check language
$lang = $pl->getParameterValue("language");
if ($lang !== "pl" && $lang !== "en") {
$errors['language'] = _("Please select your preferred language.");
}
// captcha
$captcha = str_replace('0', 'O', $captcha);
$captcha = strtoupper($captcha);
if ($captcha != strtoupper($runData->sessionGet("captchaCode"))) {
$errors['captcha'] = _("Human verification code is not valid.");
}
if (!$pl->getParameterValue("tos")) {
$errors['tos'] = _("Please read and agree to the Terms of Service.");
}
if (count($errors) > 0) {
$runData->ajaxResponseAdd("formErrors", $errors);
throw new ProcessException("Form errors", "form_errors");
}
// store data in the session
$data = array('name' => $name, 'email' => $email, 'password' => $password, 'language' => $lang);
$runData->sessionAdd("ca_data", $data);
// send email HERE:
$data = $runData->sessionGet("ca_data");
$email = $data['email'];
$name = $data['name'];
//generate the email verification code
$evcode = $runData->sessionGet('evcode');
if (!$evcode) {
srand((double) microtime() * 1000000);
$string = md5(rand(0, 9999));
$evcode = substr($string, 2, 9);
}
//send a confirmation email to the user.
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject(sprintf(_("%s - email verification"), GlobalProperties::$SERVICE_NAME));
$oe->contextAdd('name', $name);
$oe->contextAdd('email', $email);
$oe->contextAdd('evcode', $evcode);
$oe->contextAdd('sessionHash', md5($runData->getSession()->getSessionId() . self::$EVCODE_SEED));
$oe->setBodyTemplate('RegistrationEmailVerification');
if (!$oe->Send()) {
throw new ProcessException(_("The email can not be sent to this address."), "email_failed");
}
$runData->sessionAdd('evcode', $evcode);
}
public function sendEmailInvitationsEvent($runData)
{
$pl = $runData->getParameterList();
$user = $runData->getUser();
$site = $runData->getTemp("site");
$json = new JSONService(SERVICES_JSON_LOOSE_TYPE);
$addresses = $json->decode($pl->getParameterValue("addresses"));
$message = $pl->getParameterValue("message");
// check if data is valid
if (count($addresses) > 200) {
throw new ProcessException(_("You should not send more than 200 invitations at once."));
}
foreach ($addresses as $address) {
$email = trim($address[0]);
$name = trim($address[1]);
if (!preg_match("/^[_a-zA-Z0-9-]+(\\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\\.[a-zA-Z0-9-]+)+\$/", $email) || strlen($email) > 70 || strlen($email) == 0) {
throw new ProcessException(sprintf(_('Email "%s" is not valid.'), htmlspecialchars($email)), "bad_email");
}
if (preg_match(';://;', $name) || preg_match(';\\.www;i', $name) || strlen8($name) > 50 || strlen8($name) == 0) {
throw new ProcessException(sprintf(_('Recipient\'s name "%s" is not valid.'), htmlspecialchars($name)), "bad_name");
}
//check if "email" is not already a member of this site...
$q = " SELECT * FROM member, ozone_user WHERE member.site_id='" . $site->getSiteId() . "' AND ozone_user.name='" . db_escape_string($email) . "' AND member.user_id = ozone_user.user_id LIMIT 1";
$c = new Criteria();
$c->setExplicitQuery($q);
$m = DB_MemberPeer::instance()->selectOne($c);
if ($m) {
throw new ProcessException(sprintf(_('User with the email address "%s" is already a member of this Site. Remove him from the list and send invitations again.'), htmlspecialchars($email)), 'aleady_member');
}
// check if not sent already to this address.
$c = new Criteria();
$c->add("email", $email);
$c->add("site_id", $site->getSiteId());
$ii = DB_EmailInvitationPeer::instance()->selectOne($c);
if ($ii) {
throw new ProcessException(sprintf(_('User with the email address "%s" has been already invited to this Site. Remove him from the list and send invitations again. If you want to resend an invitation please rather look at the history of sent invitations.'), htmlspecialchars($email)), 'aleady_member');
}
}
if (preg_match(';://;', $message) || preg_match(';www\\.;i', $message)) {
throw new ProcessException(_('The message should not contain any links to websites.'), "bad_message");
}
if ($message != "" && strlen($message) > 1000) {
throw new ProcessException(_('The message seems to be too long. Max 1000 characters are allowed.'), "bad_message");
}
// now prepare invitation and send!
$db = Database::connection();
foreach ($addresses as $address) {
$email = trim($address[0]);
$name = trim($address[1]);
$db->begin();
// each invitation makes a separate transaction
$hash = substr(md5($name . $email) . time(), 0, 20);
$inv = new DB_EmailInvitation();
$inv->setHash($hash);
$inv->setEmail($email);
$inv->setName($name);
$inv->setUserId($user->getUserId());
$inv->setSiteId($site->getSiteId());
$inv->setMessage($message);
$inv->setDate(new ODate());
if ($address[2]) {
$inv->setToContacts(true);
}
// prepare and send email
$profile = $user->getProfile();
$oe = new OzoneEmail();
$oe->addAddress($email);
$oe->setSubject(sprintf(_("[%s] %s invites you to join!"), GlobalProperties::$SERVICE_NAME, $user->getNickName()));
$oe->contextAdd('user', $user);
$oe->contextAdd('profile', $profile);
$oe->contextAdd('hash', $hash);
$oe->contextAdd("site", $site);
$oe->contextAdd("message", $message);
$oe->contextAdd('name', $name);
$oe->setBodyTemplate('MembershipEmailInvitation');
if (!$oe->Send()) {
$inv->setDelivered(false);
} else {
$inv->setDelivered(true);
}
$inv->save();
$db->commit();
}
}
protected function _parseTags($tags, $max_tag_length = null, $max_total_length = null)
{
if (is_string($tags)) {
$tags = preg_split("/[ ,]+/", trim($tags));
}
if (!is_array($tags)) {
throw new Wikidot_Facade_Exception_WrongArguments("Invalid tags argument (it must be array or string)");
}
$tags = array_unique($tags);
$total_length = -1;
$tags_new = array();
foreach ($tag as $tags) {
$tag = $this->_parseString($tag, "tag", $max_tag_length);
$total_length += strlen8($tag) + 1;
$tags_new[] = strtolower($tag);
}
if ($total_length > $max_total_length) {
throw new Wikidot_Facade_Exception_WrongArguments("Tags are too long (> {$max_total_length})");
}
return $tags_new;
}
