public function authControl()
{
if (!$this->is_missing_param) {
$template = $_GET["t"];
$cache_key = $_GET["ck"];
$pid = $_GET["pid"];
$oid = $_GET["oid"];
$network = $_GET['n'];
$config = Config::getInstance();
$post_dao = DAOFactory::getDAO('PostDAO');
foreach ($oid as $o) {
if (isset($_GET["fp"])) {
$result = $post_dao->assignParent($pid, $o, $network, $_GET["fp"]);
} else {
$result = $post_dao->assignParent($pid, $o, $network);
}
}
$s = new SmartyThinkUp();
$s->clear_cache($template, $cache_key);
if ($result > 0) {
$this->addToView('result', 'Assignment successful.');
} else {
$this->addToView('result', 'No data was changed.');
}
}
return $this->generateView();
}
/**
* Test override config with passed-in array
*/
public function testSmartyThinkUpPassedInArray()
{
$cfg_array = array('debug' => true, 'site_root_path' => '/my/thinkup/folder/test', 'source_root_path' => '/Users/gina/Sites/thinkup', 'app_title' => "My ThinkUp", 'cache_pages' => true);
$smtt = new SmartyThinkUp($cfg_array);
$this->assertEqual($smtt->getTemplateDataItem('app_title'), 'My ThinkUp');
$this->assertEqual($smtt->getTemplateDataItem('logo_link'), 'index.php');
$this->assertEqual($smtt->getTemplateDataItem('site_root_path'), '/my/thinkup/folder/test');
}
/**
* Check if cache needs refreshing
* @return bool
*/
protected function shouldRefreshCache() {
if ($this->view_mgr->isViewCached()) {
return !$this->view_mgr->is_cached($this->view_template, $this->getCacheKeyString());
} else {
return true;
}
}
public function control()
{
if (isset($_POST['Submit']) && $_POST['Submit'] == 'Send Reset') {
$this->disableCaching();
$dao = DAOFactory::getDAO('OwnerDAO');
$user = $dao->getByEmail($_POST['email']);
if (isset($user)) {
$token = $user->setPasswordRecoveryToken();
$es = new SmartyThinkUp();
$es->caching = false;
$config = Config::getInstance();
$es->assign('apptitle', $config->getValue('app_title'));
$es->assign('recovery_url', "session/reset.php?token={$token}");
$es->assign('server', isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost');
$es->assign('site_root_path', $config->getValue('site_root_path'));
$message = $es->fetch('_email.forgotpassword.tpl');
Mailer::mail($_POST['email'], $config->getValue('app_title') . " Password Recovery", $message);
$this->addSuccessMessage('Password recovery information has been sent to your email address.');
} else {
$this->addErrorMessage('Error: account does not exist.');
}
}
$this->setViewTemplate('session.forgot.tpl');
return $this->generateView();
}
/**
* Generates a one time upgrade token, and emails admins with the token info.
*/
public function generateUpgradeToken()
{
$token_file = THINKUP_WEBAPP_PATH . self::CACHE_DIR . '/upgrade_token';
$md5_token = '';
if (!file_exists($token_file)) {
$fp = fopen($token_file, 'w');
if ($fp) {
$token = self::TOKEN_KEY . rand(0, time());
$md5_token = md5($token);
if (!fwrite($fp, $md5_token)) {
throw new OpenFileException("Unable to write upgrade token file: " + $token_file);
}
fclose($fp);
} else {
throw new OpenFileException("Unable to create upgrade token file: " + $token_file);
}
// email our admin with this token.
$owner_dao = DAOFactory::getDAO('OwnerDAO');
$admins = $owner_dao->getAdmins();
if ($admins) {
$tos = array();
foreach ($admins as $admin) {
$tos[] = $admin->email;
}
$to = join(',', $tos);
$upgrade_email = new SmartyThinkUp();
$upgrade_email->caching = false;
$server = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost';
//supress test weirdness
$upgrade_email->assign('server', $server);
$upgrade_email->assign('token', $md5_token);
$message = $upgrade_email->fetch('_email.upgradetoken.tpl');
$config = Config::getInstance();
Mailer::mail($to, "Upgrade Your ThinkUp Database", $message);
}
}
}
/**
* Generates plugin page options markup - Calls parent::generateView()
*
* @return str view markup
*/
protected function generateView()
{
// if we have some p[lugin option elements defined
// render them and add to the parent view...
if (count($this->option_elements) > 0) {
$this->setValues();
$view_mgr = new SmartyThinkUp();
$view_mgr->disableCaching();
// assign data
$view_mgr->assign('option_elements', $this->option_elements);
$view_mgr->assign('option_elements_json', json_encode($this->option_elements));
$view_mgr->assign('option_headers', $this->option_headers);
$view_mgr->assign('option_not_required', $this->option_not_required);
$view_mgr->assign('option_not_required_json', json_encode($this->option_not_required));
$view_mgr->assign('option_required_message', $this->option_required_message);
$view_mgr->assign('option_required_message_json', json_encode($this->option_required_message));
$view_mgr->assign('option_select_multiple', $this->option_select_multiple);
$view_mgr->assign('option_select_visible', $this->option_select_visible);
$view_mgr->assign('plugin_id', $this->plugin_id);
$view_mgr->assign('is_admin', $this->isAdmin());
//$view_mgr->assign('is_admin', false);
$options_markup = '';
if ($this->profiler_enabled) {
$view_start_time = microtime(true);
$options_markup = $view_mgr->fetch(self::OPTIONS_TEMPLATE);
$view_end_time = microtime(true);
$total_time = $view_end_time - $view_start_time;
$profiler = Profiler::getInstance();
$profiler->add($total_time, "Rendered view (not cached)", false);
} else {
$options_markup = $view_mgr->fetch(self::OPTIONS_TEMPLATE);
}
$this->addToView('options_markup', $options_markup);
}
return parent::generateView();
}
public function control()
{
if ($this->isLoggedIn()) {
$controller = new DashboardController(true);
return $controller->go();
} else {
$this->disableCaching();
$config = Config::getInstance();
if (!$config->getValue('is_registration_open')) {
$this->addToView('closed', true);
$this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://github.com/ginatrapani/thinkup/tree/master">Install ThinkUp on your own ' . 'server.</a></p>');
} else {
$owner_dao = DAOFactory::getDAO('OwnerDAO');
$this->addToView('closed', false);
$captcha = new Captcha();
if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') {
foreach ($this->REQUIRED_PARAMS as $param) {
if (!isset($_POST[$param]) || $_POST[$param] == '') {
$this->addErrorMessage('Please fill out all required fields.');
$this->is_missing_param = true;
}
}
if (!$this->is_missing_param) {
if (!Utils::validateEmail($_POST['email'])) {
$this->addErrorMessage("Incorrect email. Please enter valid email address.");
} elseif (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) {
$this->addErrorMessage("Passwords do not match.");
} elseif (!$captcha->check()) {
// Captcha not valid, captcha handles message...
} else {
if ($owner_dao->doesOwnerExist($_POST['email'])) {
$this->addErrorMessage("User account already exists.");
} else {
$es = new SmartyThinkUp();
$es->caching = false;
$session = new Session();
$activ_code = rand(1000, 9999);
$cryptpass = $session->pwdcrypt($_POST['pass2']);
$server = $_SERVER['HTTP_HOST'];
$owner_dao->create($_POST['email'], $cryptpass, $activ_code, $_POST['full_name']);
$es->assign('server', $server);
$es->assign('email', urlencode($_POST['email']));
$es->assign('activ_code', $activ_code);
$message = $es->fetch('_email.registration.tpl');
Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message);
unset($_SESSION['ckey']);
$this->addSuccessMessage("Success! Check your email for an activation link.");
}
}
}
if (isset($_POST["full_name"])) {
$this->addToView('name', $_POST["full_name"]);
}
if (isset($_POST["email"])) {
$this->addToView('mail', $_POST["email"]);
}
}
$challenge = $captcha->generate();
$this->addToView('captcha', $challenge);
}
return $this->generateView();
}
}
/**
* Send user email alert about invalid OAuth tokens. In test mode, this will only write the message body to a file
* in the application data directory.
* @param str $email
* @param str $username
*/
private function sendInvalidOAuthEmailAlert($email, $username)
{
$mailer_view_mgr = new SmartyThinkUp();
$mailer_view_mgr->caching = false;
$server = $_SERVER['HTTP_HOST'];
$mailer_view_mgr->assign('server', $server);
$mailer_view_mgr->assign('email', $email);
$mailer_view_mgr->assign('faceboook_user_name', $username);
$message = $mailer_view_mgr->fetch(Utils::getPluginViewDirectory('facebook') . '_email.invalidtoken.tpl');
Mailer::mail($email, "Please re-authorize ThinkUp to access " . $username . " on Facebook", $message);
}
/**
* @return str Object definition
*/
public function makeModel()
{
//show full columns from table;
$columns = array();
try {
$stmt = self::$pdo->query('SHOW FULL COLUMNS FROM ' . $this->table_name);
while ($row = $stmt->fetch()) {
$row['PHPType'] = $this->converMySQLTypeToPHP($row['Type']);
$columns[$row['Field']] = $row;
}
} catch (Exception $e) {
throw new Exception('Unable to show columns from "' . $this->table_name . '" - ' . $e->getMessage());
}
//instantiate Smarty, assign results to view
$view_mgr = new SmartyThinkUp();
$view_mgr->assign('fields', $columns);
$view_mgr->assign('object_name', $this->object_name);
$view_mgr->assign('parent_name', $this->parent_name);
$tpl_file = THINKUP_ROOT_PATH . 'extras/dev/makemodel/view/model_object.tpl';
//output results
$results = $view_mgr->fetch($tpl_file);
return $results;
}
/**
* Step 3 - Populate database and finish
*/
private function step3()
{
$this->setViewTemplate('install.step3.tpl');
$config_file_exists = false;
$config_file = THINKUP_WEBAPP_PATH . 'config.inc.php';
// make sure we are here with posted data
if (empty($_POST)) {
$this->step1();
return;
}
// check if we have made config.inc.php
if (file_exists($config_file) && filesize($config_file) > 0) {
// this is could be from step 2 is not able writing
// to webapp dir
$config_file_exists = true;
require $config_file;
$db_config['db_type'] = $THINKUP_CFG['db_type'];
$db_config['db_name'] = $THINKUP_CFG['db_name'];
$db_config['db_user'] = $THINKUP_CFG['db_user'];
$db_config['db_password'] = $THINKUP_CFG['db_password'];
$db_config['db_host'] = $THINKUP_CFG['db_host'];
$db_config['db_socket'] = $THINKUP_CFG['db_socket'];
$db_config['db_port'] = $THINKUP_CFG['db_port'];
$db_config['table_prefix'] = $THINKUP_CFG['table_prefix'];
$db_config['GMT_offset'] = $THINKUP_CFG['GMT_offset'];
$db_config['timezone'] = $THINKUP_CFG['timezone'];
$email = trim($_POST['site_email']);
} else {
// make sure we're not from error of couldn't write config.inc.php
if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) {
$this->addErrorMessage("Missing database credentials");
$this->step2();
return;
}
// trim each posted value
$db_config['db_type'] = trim(@$_POST['db_type']);
$db_config['db_name'] = trim($_POST['db_name']);
$db_config['db_user'] = trim($_POST['db_user']);
$db_config['db_password'] = trim($_POST['db_passwd']);
$db_config['db_host'] = trim($_POST['db_host']);
$db_config['db_socket'] = trim($_POST['db_socket']);
$db_config['db_port'] = trim($_POST['db_port']);
$db_config['table_prefix'] = trim($_POST['db_prefix']);
$db_config['timezone'] = trim($_POST['timezone']);
$email = trim($_POST['site_email']);
// get GMT offset in hours
$db_config['GMT_offset'] = timezone_offset_get(new DateTimeZone($_POST['timezone']), new DateTime('now')) / 3600;
}
$db_config['db_type'] = 'mysql';
//default for now
$password = $_POST['password'];
$confirm_password = $_POST['confirm_password'];
$full_name = $_POST['full_name'];
$display_errors = false;
// check email
if (!Utils::validateEmail($email)) {
$this->addErrorMessage("Please enter a valid email address.");
$this->setViewTemplate('install.step2.tpl');
$display_errors = true;
} else {
if ($password != $confirm_password || $password == '') {
//check password
if ($password != $confirm_password) {
$this->addErrorMessage("Your passwords did not match.");
} else {
$this->addErrorMessage("Please choose a password.");
}
$this->setViewTemplate('install.step2.tpl');
$display_errors = true;
} elseif (($error = $this->installer->checkDb($db_config)) !== true) {
//check db
if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) {
$db_error = substr($error->getMessage(), $p);
} else {
$db_error = $error->getMessage();
}
$this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again.");
$this->setViewTemplate('install.step2.tpl');
$display_errors = true;
}
}
if ($display_errors) {
$this->addToView('db_name', $db_config['db_name']);
$this->addToView('db_user', $db_config['db_user']);
$this->addToView('db_passwd', $db_config['db_password']);
$this->addToView('db_host', $db_config['db_host']);
$this->addToView('db_prefix', $db_config['table_prefix']);
$this->addToView('db_socket', $db_config['db_socket']);
$this->addToView('db_port', $db_config['db_port']);
$this->addToView('db_type', $db_config['db_type']);
$this->addToView('current_tz', $_POST['timezone']);
$this->addToView('tz_list', $this->getTimeZoneList());
$this->addToView('site_email', $email);
$this->addToView('full_name', $full_name);
return;
}
$admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password);
// trying to create config file
if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) {
$config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user);
$config_file_contents_str = '';
foreach ($config_file_contents_arr as $line) {
$config_file_contents_str .= htmlentities($line);
}
$whoami = exec('whoami');
if (!empty($whoami)) {
$this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button below once you did either.");
} else {
$this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button once this is done.");
}
$this->addToView('config_file_contents', $config_file_contents_str);
$this->addToView('_POST', $_POST);
$this->setViewTemplate('install.config.tpl');
return;
}
unset($admin_user['confirm_password']);
// check tables
$this->installer->checkTable($db_config);
// if empty, we're ready to populate the database with ThinkUp tables
$this->installer->populateTables($db_config);
$owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config);
if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) {
// create admin if not exists
$session = new Session();
$activation_code = rand(1000, 9999);
$crypt_pass = $session->pwdcrypt($password);
//$owner_dao->insertActivatedAdmin($email, $crypt_pass, $full_name);
$owner_dao->createAdmin($email, $crypt_pass, $activation_code, $full_name);
// view for email
$cfg_array = array('site_root_path' => THINKUP_BASE_URL, 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title' => "ThinkUp", 'cache_pages' => false);
$email_view = new SmartyThinkUp($cfg_array);
$email_view->caching = false;
$email_view->assign('server', $_SERVER['HTTP_HOST']);
$email_view->assign('email', urlencode($email));
$email_view->assign('activ_code', $activation_code);
$message = $email_view->fetch('_email.registration.tpl');
Mailer::mail($email, "Activate Your New ThinkUp Account", $message);
} else {
$email = 'Use your old email admin';
$password = '******';
}
unset($THINKUP_CFG);
$this->addToView('errors', $this->installer->getErrorMessages());
$this->addToView('username', $email);
$this->addToView('password', $password);
$this->addToView('login_url', THINKUP_BASE_URL . 'session/login.php');
}
/**
* Add informational message to view
* Include field if the message goes on a specific place on the page; otherwise leave it null for the message
* to be page-level.
* @param str $msg
* @param str $field Defaults to null for page-level messages.
* @param bool $disable_xss Disable HTML encoding tags, defaults to false
*/
public function addInfoMessage($msg, $field = null, $disable_xss = false)
{
$this->disableCaching();
$this->view_mgr->addInfoMessage($msg, $field, $disable_xss);
}
public function control()
{
if ($this->isLoggedIn()) {
$controller = new DashboardController(true);
return $controller->go();
} else {
$config = Config::getInstance();
$is_registration_open = $config->getValue('is_registration_open');
$this->disableCaching();
$invite_dao = DAOFactory::getDAO('InviteDAO');
if (isset($_GET['code'])) {
$invite_code = $_GET['code'];
} else {
$invite_code = null;
}
$this->addToView('invite_code', $invite_code);
$is_invite_code_valid = $invite_dao->isInviteValid($invite_code);
if (!$is_registration_open && !$is_invite_code_valid) {
$this->addToView('closed', true);
$this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://thinkupapp.com">Install ThinkUp on your own server.</a></p>');
} else {
$owner_dao = DAOFactory::getDAO('OwnerDAO');
$this->addToView('closed', false);
$captcha = new Captcha();
if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') {
foreach ($this->REQUIRED_PARAMS as $param) {
if (!isset($_POST[$param]) || $_POST[$param] == '') {
$this->addErrorMessage('Please fill out all required fields.');
$this->is_missing_param = true;
}
}
if (!$this->is_missing_param) {
$valid_input = true;
if (!Utils::validateEmail($_POST['email'])) {
$this->addErrorMessage("Incorrect email. Please enter valid email address.", 'email');
$valid_input = false;
}
if (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) {
$this->addErrorMessage("Passwords do not match.", 'password');
$valid_input = false;
} else {
if (strlen($_POST['pass1']) < 5) {
$this->addErrorMessage("Password must be at least 5 characters.", 'password');
$valid_input = false;
}
}
if (!$captcha->doesTextMatchImage()) {
$this->addErrorMessage("Entered text didn't match the image. Please try again.", 'captcha');
$valid_input = false;
}
if ($valid_input) {
if ($owner_dao->doesOwnerExist($_POST['email'])) {
$this->addErrorMessage("User account already exists.", 'email');
} else {
// Insert the details into the database
$activation_code = $owner_dao->create($_POST['email'], $_POST['pass2'], $_POST['full_name']);
if ($activation_code != false) {
$es = new SmartyThinkUp();
$es->caching = false;
$server = $_SERVER['HTTP_HOST'];
$es->assign('server', $server);
$es->assign('email', urlencode($_POST['email']));
$es->assign('activ_code', $activation_code);
$message = $es->fetch('_email.registration.tpl');
Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message);
SessionCache::unsetKey('ckey');
$this->addSuccessMessage("Success! Check your email for an activation link.");
//delete invite code
if ($is_invite_code_valid) {
$invite_dao->deleteInviteCode($invite_code);
}
} else {
$this->addErrorMessage("Unable to register a new user. Please try again.");
}
}
}
}
if (isset($_POST["full_name"])) {
$this->addToView('name', $_POST["full_name"]);
}
if (isset($_POST["email"])) {
$this->addToView('mail', $_POST["email"]);
}
}
$challenge = $captcha->generate();
$this->addToView('captcha', $challenge);
}
$this->view_mgr->addHelp('register', 'userguide/accounts/index');
return $this->generateView();
}
}
public function testAddSuccessMessage()
{
$cfg = Config::getInstance();
$cfg->setValue('debug', true);
$v_mgr = new SmartyThinkUp();
$v_mgr->addSuccessMessage('Field level info 1', 'fieldname1');
$v_mgr->addSuccessMessage('Page level info');
$v_mgr->addSuccessMessage('Field level info 2', 'fieldname2');
$this->assertEqual($v_mgr->getTemplateDataItem('success_msg'), 'Page level info');
$debug_arr = $v_mgr->getTemplateDataItem('success_msgs');
$this->assertEqual($debug_arr['fieldname1'], 'Field level info 1');
$this->assertEqual($debug_arr['fieldname2'], 'Field level info 2');
$this->debug(Utils::varDumpToString($debug_arr));
}
/**
* Add informational message to view
* Include field if the message goes on a specific place on the page; otherwise leave it null for the message
* to be page-level.
* @param str $msg
* @param str $field Defaults to null for page-level messages.
*/
public function addInfoMessage($msg, $field = null)
{
$this->disableCaching();
$this->view_mgr->addInfoMessage($msg, $field);
}
public function testAddHelp()
{
$cfg_array = array('debug' => true, 'site_root_path' => '/my/thinkup/folder/test', 'source_root_path' => '/Users/gina/Sites/thinkup', 'app_title' => "My ThinkUp", 'cache_pages' => true);
$v_mgr = new SmartyThinkUp($cfg_array);
$v_mgr->addHelp('api', 'userguide/api/posts/index');
$v_mgr->addHelp('user_guide', 'userguide/index');
$help_array = array('api' => 'userguide/api/posts/index', 'user_guide' => 'userguide/index');
$this->assertEqual($v_mgr->getTemplateDataItem('help'), $help_array);
$debug_arr = $v_mgr->getTemplateDataItem('help');
$this->debug(Utils::varDumpToString($debug_arr));
$this->debug($debug_arr['api']);
}
