public static function getSessionUser()
{
//echo Debug::vars($_COOKIE);
if (isset($_COOKIE["kidsessionid"])) {
$data = Helper_Mmdb::request("session", null, null, array("kidsessionid" => $_COOKIE["kidsessionid"]));
if (!empty($data->user)) {
return $data->user;
}
}
return false;
}
/**
* The before() method is called before your controller action.
* In our template controller we override this method so that we can
* set up default values. These variables are then available to our
* controllers if they need to be modified.
*/
public function before()
{
parent::before();
#Open session
$this->session = Session::instance();
//Check for logged in kids user if not logged in already
if (!Auth::instance()->logged_in()) {
$kidsLogin = Helper_Mmdb::getSessionUser();
if ($kidsLogin) {
$tmpUser = ORM::factory("user")->where("kids_id", "=", $kidsLogin->id)->find();
if ($tmpUser->loaded()) {
Auth::instance()->force_login($tmpUser);
} else {
if (empty($_SESSION["guest"]) && $this->request->uri != "account/merge" && $this->request->uri != "account/mergemyshot" && $this->request->uri != "account/adduser" && $this->request->uri != "account/setguest" && substr($this->request->uri, 0, 15) != substr("account/approve", 0, 15) && $this->request->uri != "account/delete") {
$_SESSION['kids_id'] = $kidsLogin->id;
$_SESSION['kidsData'] = $kidsLogin;
$_SESSION['returnUri'] = $this->request->uri;
Request::instance()->redirect('account/merge');
return;
}
}
}
}
#Check user auth and role
$action_name = Request::instance()->action;
if ($this->auth_required !== FALSE && Auth::instance()->logged_in($this->auth_required) === FALSE || is_array($this->secure_actions) && array_key_exists($action_name, $this->secure_actions) && Auth::instance()->logged_in($this->secure_actions[$action_name]) === FALSE) {
if (Auth::instance()->logged_in()) {
Message::set(Message::NOTICE, 'We couldn\'t find what you are looking for!');
Request::instance()->redirect('/');
// Logged in but not approved.
} else {
Request::instance()->redirect('account/signin');
}
}
$this->user = Auth::instance()->get_user();
// No user, use a fake one.
if (!$this->user) {
$this->user = Helper_Default::get_fake_user();
}
if ($this->auto_render) {
// Initialize empty values
$this->template->title = 'Share Your Photos - National Geographic Kids My Shot Community';
$this->template->top = "";
$this->template->content = '';
$this->template->sidebar = '';
$this->template->analytics = '';
$this->template->styles = array();
$this->template->scripts = array();
}
}
public function logged_in($role = NULL)
{
$settings = Kohana_Config::instance()->load("mmdb");
if (!empty($settings->localMachine)) {
return parent::logged_in($role);
}
if (parent::logged_in($role)) {
$user = $this->get_user();
if (!empty($user->kids_id)) {
$kidsUser = Helper_Mmdb::getSessionUser();
if (!$kidsUser || $kidsUser->id != $user->kids_id) {
$this->logout();
return false;
}
return true;
}
} else {
return false;
}
}
/**
* Sends confirmation email to guardian address.
*
* @return boolean
* @author Merrick Christensen
* @param ORM $user, ORM $approval
*/
private function send_confirmation_email($user)
{
//creative variable naming ftw!
$post_office = Library_Notification::factory();
$letter_body = View::factory('account/emails/confirmation');
$letter_body->user = $user;
$letter_body->username = $user->username;
if (substr($user->username, 0, 5) == "rand_") {
$userInfo = Helper_Mmdb::getUserData($user->kids_id);
$letter_body->username = $userInfo->username;
}
$letter = Library_Notification::new_message()->setSubject('NG Kids My Shot Confirmation Email')->setFrom(Kohana::config('email.from'))->setTo(array($user->email => 'Guardian of ' . $user->display_name))->setBody($letter_body->render(), 'text/html');
$post_office->add_message($letter);
return $post_office->send_messages();
}
