/**
* Send a fail response if an API call failed
* @param $data
* @param int $httpStatusCode
*/
public function sendFail($data, $httpStatusCode = 500)
{
$this->response->setStatusCode($httpStatusCode, HttpStatusCodes::getMessage($httpStatusCode))->sendHeaders();
$this->response->setJsonContent(['status' => 'fail', 'data' => $data]);
if (!$this->response->isSent()) {
$this->response->send();
}
}
$emails->post('/', 'addEmailAddress');
$emails->put('/{code}/{email}', 'updateEmailAddress');
$emails->get('/{code}/{email}', 'getEmailAddress');
$app->mount($emails);
/**
* Expose the /v1/orders end point
*/
$orders = new MicroCollection();
$orders->setHandler('OrderController', true);
$orders->setPrefix('/v1/orders');
$orders->post('/', 'addOrder');
$orders->post('/quote', 'getQuote');
$app->mount($orders);
/**
* CORS Headers to allow the web app to communicate with the web service
*/
$app->response->setHeader('Access-Control-Allow-Origin', '*');
/**
* Not found handler
*/
$app->notFound(function () use($app) {
$app->response->setStatusCode(404, HttpStatusCodes::getMessage(404))->sendHeaders();
$app->response->setContentType('application/json');
$app->response->setJsonContent(['status' => 'error', 'message' => ResponseMessages::METHOD_NOT_IMPLEMENTED, 'code' => 'METHOD_NOT_IMPLEMENTED']);
$app->response->send();
});
$app->handle();
} catch (\Exception $e) {
$app->response->setStatusCode(500, HttpStatusCodes::getMessage(500))->sendHeaders();
echo json_encode(['status' => 'error', 'message' => ResponseMessages::INTERNAL_SERVER_ERROR, 'code' => 'INTERNAL_SERVER_ERROR', 'ex' => $e->getMessage()]);
}
public function __construct($exceptionCode, $exceptionMessage)
{
parent::__construct($exceptionMessage, (int) $exceptionCode);
$this->code = $exceptionCode;
$this->message = $exceptionMessage;
try {
// Gets the matching HTTP Status code for the exception code
list($code_string, $httpStatusCode) = pa_get_error_name($this->code);
if (isset($httpStatusCode)) {
// set http header error code
header(HttpStatusCodes::httpHeaderFor($httpStatusCode));
// log the occrance in php error log
//user_error(print_r($httpStatusCode, true), E_USER_WARNING);
}
} catch (Exception $ex) {
// ignore this exception. No need to throw it since the HttpStatusCode is
// not important enough to throw over the real exception
}
try {
global $app;
$hoptoad_key = $app->configData['configuration']['api_keys']['value']['hoptoad_key']['value'];
$hoptoad_env = $app->configData['configuration']['api_keys']['value']['hoptoad_env']['value'];
if (isset($hoptoad_key) && !empty($hoptoad_key) && isset($hoptoad_env) && !empty($hoptoad_env)) {
$hoptoad = new Services_Hoptoad($hoptoad_key, $hoptoad_env, 'curl');
$hoptoad->exceptionHandler($this);
}
} catch (Exception $e) {
// ignore exception since posting to Hoptoad is not fatal
}
}
function api_err_from_exception($e)
{
list($code_string, $httpStatusCode) = pa_get_error_name($e->code);
$ret = api_err($code_string, $e->message);
if (isset($httpStatusCode)) {
// set http header error code
header(HttpStatusCodes::httpHeaderFor($httpStatusCode));
}
return $ret;
}
public function __construct($apiExceptionCode, $customMsg, $otherHeaders = null, $previous = null)
{
$customMessage = !empty($customMsg) ? "; {$customMsg}" : '';
$errorMessage = trim(InternalStatuses::$list[$apiExceptionCode]['message']);
$message = $errorMessage . $customMessage;
parent::__construct($message, $apiExceptionCode, $previous);
$httpStatusCode = trim(InternalStatuses::$list[$apiExceptionCode]['httpStatusCode']);
$this->httpStatusCode = $httpStatusCode;
$this->httpStatusCodeMessage = HttpStatusCodes::getStatusCodeMessage($httpStatusCode);
$this->customMessage = $customMsg;
$this->otherHeaders = InternalStatuses::$list[$apiExceptionCode]['otherHeaders'];
}
public function __construct($exceptionCode, $exceptionMessage)
{
parent::__construct($exceptionMessage, (int) $exceptionCode);
$this->code = $exceptionCode;
$this->message = $exceptionMessage;
try {
// Gets the matching HTTP Status code for the exception code
list($code_string, $httpStatusCode) = pa_get_error_name($this->code);
if (isset($httpStatusCode)) {
// set http header error code
header(HttpStatusCodes::httpHeaderFor($httpStatusCode));
// log the occrance in php error log
//user_error(print_r($httpStatusCode, true), E_USER_WARNING);
}
} catch (Exception $ex) {
// ignore this exception. No need to throw it since the HttpStatusCode is
// not important enough to throw over the real exception
}
}
function register($params, $network_info = NULL)
{
$core_id = null;
$picture = null;
$picture_dimensions = null;
$avatar = null;
$avatar_dimensions = null;
$avatar_small = null;
$avatar_small_dimensions = null;
$this->newuser = new User();
// set API call variable
$this->newuser->api_call = $this->api_call;
// filter input parameters (this is the same as filter_all_post())
$params = Validation::get_input_filter(FALSE)->process($params);
$this->error = false;
$mother_network_info = Network::get_mothership_info();
$mother_extra = unserialize($mother_network_info->extra);
if (@$mother_extra['captcha_required'] == NET_YES) {
// added by Z.Hron - if captcha is required
//Providing the capcha check
if (md5(strtoupper($_POST['txtNumber'])) != $_SESSION['image_random_value']) {
$_SESSION['image_is_logged_in'] = true;
$_SESSION['image_random_value'] = '';
$error_login = true;
$this->error = true;
$this->msg .= "\nPlease enter correct code";
}
}
if (!$this->error) {
$login_name = trim($params['login_name']);
$first_name = trim($params['first_name']);
$last_name = trim(@$params['last_name']);
// not mandatory
$email = trim($params['email']);
$password = trim($params['password']);
$confirm_password = trim($params['confirm_password']);
if ($this->api_call == true) {
$core_id = $params['core_id'];
// TODO: validate URL
$picture = trim($params['profile_picture_url']);
$picture_dimensions = $params['profile_picture_dimensions'];
$avatar = trim($params['profile_avatar_url']);
$avatar_dimensions = $params['profile_avatar_dimensions'];
$avatar_small = trim($params['profile_avatar_small_url']);
$avatar_small_dimensions = $params['profile_avatar_small_dimensions'];
}
$date_created = !empty($params['date_created']) ? $params['date_created'] : null;
$_years = PA::getYearsList();
$dob_day = !empty($params['dob_day']) ? trim($params['dob_day']) : null;
// General data (why? should be personal)
$dob_month = !empty($params['dob_month']) ? trim($params['dob_month']) : null;
// General data (why? should be personal)
$dob_year = !empty($params['dob_year']) ? $_years[(int) trim($params['dob_year'])] : null;
// General data (why? should be personal)
$homeAddress1 = !empty($params['homeAddress1']) ? trim($params['homeAddress1']) : null;
// General data
$homeAddress2 = !empty($params['homeAddress2']) ? trim($params['homeAddress2']) : null;
// General data
$city = !empty($params['city']) ? trim($params['city']) : null;
// General data
$state = null;
if ($params['state'] == -1) {
// State/Province: Other selected
$state = !empty($params['stateOther']) ? trim($params['stateOther']) : null;
// General data
} else {
if ($params['state'] > 0) {
// one of US States selected
$state = !empty($params['state']) ? $this->states[(int) $params['state']] : null;
// General data
}
}
$country = $params['country'] > 0 ? $this->countries[(int) $params['country']] : null;
// General data
$postal_code = !empty($params['postal_code']) ? trim($params['postal_code']) : null;
// General data
$phone = !empty($params['phone']) ? trim($params['phone']) : null;
// General data
$validate_array = array('login_name' => 'Login name', 'first_name' => 'First name', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'email' => 'Email');
$this->msg = '';
$this->error = FALSE;
foreach ($validate_array as $key => $value) {
if (empty($params[$key])) {
$this->msg .= "\n" . $value . " is mandatory";
$this->error = TRUE;
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED));
}
}
if (strlen($this->msg) > 0) {
$this->msg = "\n" . "Fields marked with * must not be left empty" . $this->msg;
}
}
//$error_login = FALSE;
if (!$this->error) {
if (empty($login_name)) {
$error_login = TRUE;
$this->error = TRUE;
}
if (is_numeric($login_name)) {
// Here we check the login name is numeric or not
if (strlen($this->msg) > 0) {
$this->msg .= "\n";
}
$this->msg .= "Login name must not be numeric";
$error_login = TRUE;
$this->error = TRUE;
}
if (is_numeric($first_name)) {
// Here we check the first name is numeric or not
if (strlen($this->msg) > 0) {
$this->msg .= "\n";
}
$this->msg .= "First name must not be numeric";
$error_login = TRUE;
$this->error = TRUE;
}
if (is_numeric($last_name)) {
// Here we check the last name is numeric or not
if (strlen($this->msg) > 0) {
$this->msg .= "\n";
}
$this->msg .= "Last name must not be numeric";
$error_login = TRUE;
$this->error = TRUE;
}
if ($this->error == TRUE) {
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED));
}
}
// if error occur than no need to check these errors
if (!$this->error) {
if (!Validation::validate_email($email)) {
$email_invalid = TRUE;
$this->array_of_errors['error_email'] = $email_invalid;
$this->error = TRUE;
$this->msg .= __('E-mail address is not valid.');
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED));
}
// Calculating Allowed Domains
if (file_exists(PA::$project_dir . "/config/domain_names.txt")) {
$domain_names_file = PA::$project_dir . "/config/domain_names.txt";
} elseif (file_exists(PA::$core_dir . "/config/domain_names.txt")) {
$domain_names_file = PA::$core_dir . "/config/domain_names.txt";
} else {
throw new Exception("Allowed Domains configuration file \"/config/domain_names.txt\" not found");
}
$allowed_domains = preg_split("/\\s+/", file_get_contents($domain_names_file));
// Calcutating user domain
$user_email = explode('@', $email);
$user_domain = strtolower($user_email[1]);
$found = 0;
foreach ($allowed_domains as $i => $d) {
if (!preg_match('/\\W/', $d)) {
continue;
}
// make proper regex
$rx = preg_replace('/\\*/', '[^\\.]*', $d);
if (preg_match("/{$rx}/", $user_domain)) {
$found++;
}
}
if (!$found) {
// show error
$email_invalid = TRUE;
$this->array_of_errors['error_email'] = $email_invalid;
$this->error = TRUE;
$this->msg .= __('The domain of your E-mail address is not in the list of allowed domains.');
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED));
}
if ($password != $confirm_password) {
$this->msg .= "\nPassword and Confirm Password do not match.";
$error_password_conf = TRUE;
$this->error = TRUE;
}
if ($this->api_call == true) {
// dont check maximum password length if this is an API call
// this is so that the API call can accept an encrypted password
} else {
// this is not an API request, so check password length normally
if (strlen($password) > PA::$password_max_length) {
$this->msg .= sprintf(__("\nThe password must be less than %d characters."), PA::$password_max_length);
$error_password_l = TRUE;
$this->error = TRUE;
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED));
}
}
if (strlen($password) < PA::$password_min_length) {
$this->msg .= sprintf(__("\nThe password must be longer than %d characters."), PA::$password_min_length);
$error_password_g = TRUE;
$this->error = TRUE;
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED));
}
}
if (!$this->error) {
if (User::user_exist($login_name)) {
$this->msg = "Login name {$login_name} is already taken";
$error_login = TRUE;
$this->error = TRUE;
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_CONFLICT));
} elseif (User::user_existed($login_name)) {
$this->msg = "Login name {$login_name} has been used in the past; it belongs to a deleted user.";
$error_login = $this->error = TRUE;
header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_CONFLICT));
}
$this->array_of_errors = array("error_login" => @$error_login, "error_first_name" => @$error_first_name, "error_email" => @$error_email, "error_password_conf" => @$error_password_conf, "error_password_l" => @$error_password_l, "error_password_g" => @$error_password_g);
}
if ($this->error != TRUE) {
$this->newuser->login_name = $login_name;
//TODO: change to md5
$this->newuser->password = $password;
$this->newuser->first_name = $first_name;
$this->newuser->last_name = $last_name;
$this->newuser->email = $email;
if ($date_created) {
// for users inserted via import accounts script!
$this->newuser->created = $date_created;
}
if ($this->api_call == true) {
$this->newuser->core_id = $core_id;
if ($picture != null && $picture != '') {
$this->newuser->picture = $picture;
$this->newuser->picture_dimensions = $picture_dimensions;
} else {
$this->newuser->picture_dimensions = User::image_dimensions_to_array(0, 0);
}
if ($avatar != null && $avatar != '') {
$this->newuser->avatar = $avatar;
$this->newuser->avatar_dimensions = $avatar_dimensions;
} else {
$this->newuser->avatar_dimensions = User::image_dimensions_to_array(0, 0);
}
if ($avatar_small != null && $avatar_small != '') {
$this->newuser->avatar_small = $avatar_small;
$this->newuser->avatar_small_dimensions = $avatar_small_dimensions;
} else {
$this->newuser->avatar_small_dimensions = User::image_dimensions_to_array(0, 0);
}
} else {
$this->newuser->picture = Storage::validateFileId(@$params['user_filename']);
}
}
if ($this->error != TRUE) {
try {
$save_error = FALSE;
$extra = unserialize($network_info->extra);
if ($mother_extra['email_validation'] == NET_NO || $this->api_call == true) {
// if email validation not required
$this->newuser->is_active = ACTIVE;
} else {
$this->newuser->is_active = UNVERIFIED;
}
$this->newuser->save();
if ($this->newuser->picture) {
Storage::link($this->newuser->picture, array("role" => "avatar", "user" => $this->newuser->user_id));
}
/* The following code should now be obsolete as this is done in User->save() */
// saving data in user profile data also -- for searching making more easier
$data_array = array(array('uid' => $this->newuser->user_id, 'name' => 'first_name', 'value' => $this->newuser->first_name, 'type' => BASIC, 'perm' => 1), array('uid' => $this->newuser->user_id, 'name' => 'last_name', 'value' => $this->newuser->last_name, 'type' => BASIC, 'perm' => 1));
$this->newuser->save_user_profile($data_array, BASIC);
// saving default notification for user from network notification setting
$user_notification = array();
$profile = array();
$user_notification = $extra['notify_members'];
$user_notification['msg_waiting_blink'] = $extra['msg_waiting_blink'];
$profile['settings']['name'] = 'settings';
$profile['settings']['value'] = serialize($user_notification);
$this->newuser->save_profile_section($profile, 'notifications');
// default notification for user ends
$desktop_images = User_Registration::get_default_desktopimage($this->newuser->user_id, $network_info);
// code for adding default desktop image for user
if ($desktop_images == "") {
$desktop_images = array('bay.jpg', 'everglade.jpg', 'bay_boat.jpg', 'delhi.jpg');
$rand_key = array_rand($desktop_images);
$desk_img = $desktop_images[$rand_key];
} else {
$desk_img = $desktop_images;
}
$data_array = array(0 => array('uid' => $this->newuser->user_id, 'name' => 'user_caption_image', 'value' => $desk_img, 'type' => GENERAL, 'perm' => NONE), 1 => array('uid' => $this->newuser->user_id, 'name' => 'dob_day', 'value' => $dob_day, 'type' => GENERAL, 'perm' => NONE), 2 => array('uid' => $this->newuser->user_id, 'name' => 'dob_month', 'value' => $dob_month, 'type' => GENERAL, 'perm' => NONE), 3 => array('uid' => $this->newuser->user_id, 'name' => 'dob_year', 'value' => $dob_year, 'type' => GENERAL, 'perm' => NONE), 4 => array('uid' => $this->newuser->user_id, 'name' => 'dob', 'value' => $dob_year . '-' . $dob_month . '-' . $dob_day, 'type' => GENERAL, 'perm' => NONE), 5 => array('uid' => $this->newuser->user_id, 'name' => 'homeAddress1', 'value' => $homeAddress1, 'type' => GENERAL, 'perm' => NONE), 6 => array('uid' => $this->newuser->user_id, 'name' => 'homeAddress2', 'value' => $homeAddress2, 'type' => GENERAL, 'perm' => NONE), 7 => array('uid' => $this->newuser->user_id, 'name' => 'city', 'value' => $city, 'type' => GENERAL, 'perm' => NONE), 8 => array('uid' => $this->newuser->user_id, 'name' => 'state', 'value' => $state, 'type' => GENERAL, 'perm' => NONE), 9 => array('uid' => $this->newuser->user_id, 'name' => 'country', 'value' => $country, 'type' => GENERAL, 'perm' => NONE), 10 => array('uid' => $this->newuser->user_id, 'name' => 'postal_code', 'value' => $postal_code, 'type' => GENERAL, 'perm' => NONE), 11 => array('uid' => $this->newuser->user_id, 'name' => 'phone', 'value' => $phone, 'type' => GENERAL, 'perm' => NONE));
//}
$this->newuser->save_user_profile($data_array, GENERAL);
if ($mother_extra['email_validation'] == NET_NO || $this->api_call == true) {
//if email validation is not required
// creating message basic folders
Message::create_basic_folders($this->newuser->user_id);
// adding default relation
if ($this->newuser->user_id != SUPER_USER_ID) {
User_Registration::add_default_relation($this->newuser->user_id, $network_info);
}
// adding default media as well as album
User_Registration::add_default_media($this->newuser->user_id, '', $network_info);
User_Registration::add_default_media($this->newuser->user_id, '_audio', $network_info);
User_Registration::add_default_media($this->newuser->user_id, '_video', $network_info);
User_Registration::add_default_blog($this->newuser->user_id);
//adding default link categories & links
User_Registration::add_default_links($this->newuser->user_id);
// adding header image
User_Registration::add_default_header($this->newuser->user_id);
// Making user member of a network if he is registering to PA from a network
if (!empty($network_info) && $network_info->type != PRIVATE_NETWORK_TYPE) {
$user_type = null;
$register_by_admin = false;
if ($this->api_call == true) {
// since this is an API call, default this member as a
// NETWORK_MEMBER since they already registered
$user_type = NETWORK_MEMBER;
// since this is an API call, act like it is registration by admin
$register_by_admin = true;
}
Network::join($network_info->network_id, $this->newuser->user_id, $user_type, $register_by_admin);
if ($this->api_call == false) {
// only send notification of network if this is NOT an API call
PANotify::send("network_join", $network_info, $this->newuser, array());
}
}
}
} catch (CNException $e) {
$this->msg = $e->message;
if ($e->code == USER_EMAIL_NOT_UNIQUE) {
$this->msg = "Email Address has already been taken, please enter other email address.";
}
$save_error = TRUE;
if ($e->message == "The email address is invalid.") {
$email_invalid = TRUE;
$this->array_of_errors['error_email'] = $email_invalid;
}
}
}
if ($this->error == TRUE || $save_error == TRUE) {
$this->msg = "Sorry! your registration failed. " . $this->msg;
return FALSE;
}
// success!
// give Login User permissions to new user is moved to Network::join() now!
/*
$this->newuser->set_user_role(array(LOGINUSER_ROLE));
*/
return TRUE;
}
function bit_display_error($pLogMessage, $pSubject, $pFatal = TRUE)
{
global $gBitSystem;
if ($pFatal) {
header($_SERVER["SERVER_PROTOCOL"] . ' ' . HttpStatusCodes::getMessageForCode(HttpStatusCodes::HTTP_INTERNAL_SERVER_ERROR));
}
error_log($pLogMessage);
if (!defined('IS_LIVE') || !IS_LIVE) {
print '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>bitweaver - White Screen of Death</title>
</head>
<body style="background:#fff; font-family:monospace;">';
// print "<h1>Upgrade Beta 1 to Beta 2</h1>If you are getting this error because you just upgraded your bitweaver from Beta 1 to Beta 2, please follow this link to the installer, which will guide you through the upgrade process: <a href='".BIT_ROOT_URL."install/install.php?step=4'>Upgrade Beta 1 to Beta 2</a>";
print "<h1 style=\"color:#900; font-weight:bold;\">You are running bitweaver in TEST mode</h1>\n";
print "\n\t\t\t<ul>\n\t\t\t\t<li><a href='http://sourceforge.net/tracker/?func=add&group_id=141358&atid=749176'>Click here to log a bug</a>, if this appears to be an error with the application.</li>\n\t\t\t\t<li><a href='" . BIT_ROOT_URL . "install/install.php'>Go here to begin the installation process</a>, if you haven't done so already.</li>\n\t\t\t\t<li>To hide this message, please <strong>set the IS_LIVE constant to TRUE</strong> in your config/kernel/config_inc.php file.</li>\n\t\t\t</ul>\n\t\t\t<hr />\n\t\t";
print "<pre>" . $pLogMessage . "</pre>";
print "<hr />";
print "</body></html>";
} else {
bit_error_email($pSubject, $pLogMessage);
if (defined('AUTO_BUG_SUBMIT') && AUTO_BUG_SUBMIT && !empty($gBitSystem) && $gBitSystem->isDatabaseValid()) {
mail('*****@*****.**', "{$pSubject}", $pLogMessage);
}
}
if ($pFatal) {
die;
}
}
public function outputHeader()
{
// see if we have a custom status other than 200 OK
header($_SERVER["SERVER_PROTOCOL"] . ' ' . HttpStatusCodes::getMessageForCode($this->mHttpStatus));
}
/**
* Redirect to another page or site
* @param string The url to redirect to
*/
function bit_redirect($pUrl, $pStatusCode = HttpStatusCodes::HTTP_FOUND)
{
// Handle non-3xx codes separately
if ($pStatusCode && isset($errors[$pStatusCode])) {
header(HttpStatusCodes::httpHeaderFor($pStatusCode));
$pStatusCode = NULL;
}
// clean up URL before executing it
while (strstr($pUrl, '&&')) {
$pUrl = str_replace('&&', '&', $pUrl);
}
while (strstr($pUrl, '&&')) {
$pUrl = str_replace('&&', '&', $pUrl);
}
// header locates should not have the & in the address it breaks things
while (strstr($pUrl, '&')) {
$pUrl = str_replace('&', '&', $pUrl);
}
if ($pStatusCode) {
header('Location: ' . $pUrl, TRUE, $pStatusCode);
} else {
header('Location: ' . $pUrl);
}
session_write_close();
exit;
}