get() публичный статический Метод

public static get ( $key, $data = null )
Пример #1
0
 public static function process($action = 'list', $id = null, $filters = array())
 {
     $groups = Model\Icon::groups();
     $errors = array();
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         // instancia
         $icon = new Model\Icon(array('id' => $_POST['id'], 'name' => $_POST['name'], 'description' => $_POST['description'], 'order' => $_POST['order'], 'group' => empty($_POST['group']) ? null : $_POST['group']));
         if ($icon->save($errors)) {
             switch ($_POST['action']) {
                 case 'add':
                     Message::Info(Text::get('admin-icons-info-add'));
                     break;
                 case 'edit':
                     Message::Info(Text::get('admin-icons-info-edit'));
                     // Evento Feed
                     $log = new Feed();
                     $log->populate('modificacion de tipo de retorno/recompensa (admin)', '/admin/icons', \vsprintf("El admin %s ha %s el tipo de retorno/recompensa %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Modificado'), Feed::item('project', $icon->name))));
                     $log->doAdmin('admin');
                     unset($log);
                     break;
             }
         } else {
             Message::Error(implode('<br />', $errors));
             return new View('view/admin/index.html.php', array('folder' => 'icons', 'file' => 'edit', 'action' => $_POST['action'], 'icon' => $icon, 'groups' => $groups));
         }
     }
     switch ($action) {
         case 'edit':
             $icon = Model\Icon::get($id);
             return new View('view/admin/index.html.php', array('folder' => 'icons', 'file' => 'edit', 'action' => 'edit', 'icon' => $icon, 'groups' => $groups));
             break;
     }
     $icons = Model\Icon::getAll($filters['group']);
     return new View('view/admin/index.html.php', array('folder' => 'icons', 'file' => 'list', 'icons' => $icons, 'groups' => $groups, 'filters' => $filters));
 }
Пример #2
0
 public static function process($action = 'list', $id = null, $filters = array())
 {
     $errors = array();
     // valores de filtro
     $groups = Template::groups();
     switch ($action) {
         case 'edit':
             // si estamos editando una plantilla
             $template = Template::get($id);
             // si llega post, vamos a guardar los cambios
             if ($_SERVER['REQUEST_METHOD'] == 'POST') {
                 $template->title = $_POST['title'];
                 $template->text = $_POST['text'];
                 if ($template->save($errors)) {
                     //Message::Info(Text::_('La plantilla se ha actualizado correctamente'));
                     throw new Redirection("/admin/templates");
                 } else {
                     Message::Error(Text::get('admin-templates-error-record-fail') . implode('<br />', $errors));
                 }
             }
             // sino, mostramos para editar
             return new View('view/admin/index.html.php', array('folder' => 'templates', 'file' => 'edit', 'template' => $template));
             break;
         case 'list':
             // si estamos en la lista de páginas
             $templates = Template::getAll($filters);
             return new View('view/admin/index.html.php', array('folder' => 'templates', 'file' => 'list', 'templates' => $templates, 'groups' => $groups, 'filters' => $filters));
             break;
     }
 }
Пример #3
0
 public static function process($action = 'list', $id = null)
 {
     $errors = array();
     if ($_SERVER['REQUEST_METHOD'] == 'POST' && $action == 'edit') {
         // instancia
         $data = array('id' => $_POST['id'], 'name' => $_POST['name'], 'amount' => $_POST['amount']);
         if (WorthLib::save($data, $errors)) {
             $action = 'list';
             Message::Info(Text::get('admin-worth-info-modified'));
             // Evento Feed
             $log = new Feed();
             $log->populate(Text::get('admin-worth-info-modified'), '/admin/worth', \vsprintf("El admin %s ha %s el nivel de meritocrácia %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Modificado'), Feed::item('project', $icon->name))));
             $log->doAdmin('admin');
             unset($log);
         } else {
             Message::Error(Text::get('admin-worth-error-save-fail') . implode('<br />', $errors));
             return new View('view/admin/index.html.php', array('folder' => 'worth', 'file' => 'edit', 'action' => 'edit', 'worth' => (object) $data));
         }
     }
     switch ($action) {
         case 'edit':
             $worth = WorthLib::getAdmin($id);
             return new View('view/admin/index.html.php', array('folder' => 'worth', 'file' => 'edit', 'action' => 'edit', 'worth' => $worth));
             break;
     }
     $worthcracy = WorthLib::getAll();
     return new View('view/admin/index.html.php', array('folder' => 'worth', 'file' => 'list', 'worthcracy' => $worthcracy));
 }
Пример #4
0
 public static function process($action = 'list', $id = null, $filters = array(), $type = 'main')
 {
     //@NODESYS
     $node = \GOTEO_NODE;
     $type = 'main';
     $errors = array();
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         // instancia
         $item = new Model\Home(array('item' => $_POST['item'], 'type' => $_POST['type'], 'node' => $node, 'order' => $_POST['order'], 'move' => 'down'));
         if ($item->save($errors)) {
         } else {
             Message::Error(implode('<br />', $errors));
         }
     }
     switch ($action) {
         case 'remove':
             Model\Home::delete($id, $node, $type);
             throw new Redirection('/admin/home');
             break;
         case 'up':
             Model\Home::up($id, $node, $type);
             throw new Redirection('/admin/home');
             break;
         case 'down':
             Model\Home::down($id, $node, $type);
             throw new Redirection('/admin/home');
             break;
         case 'add':
             $next = Model\Home::next($node, 'main');
             $availables = Model\Home::available($node);
             if (empty($availables)) {
                 Message::Info(Text::get('admin-home-info-frontpage_feature'));
                 throw new Redirection('/admin/home');
                 break;
             }
             return new View('view/admin/index.html.php', array('folder' => 'home', 'file' => 'add', 'action' => 'add', 'home' => (object) array('node' => $node, 'order' => $next, 'type' => 'main'), 'availables' => $availables));
             break;
         case 'addside':
             $next = Model\Home::next($node, 'side');
             $availables = Model\Home::availableSide($node);
             if (empty($availables)) {
                 Message::Info(Text::get('admin-home-info-frontpage_feature_get'));
                 throw new Redirection('/admin/home');
                 break;
             }
             return new View('view/admin/index.html.php', array('folder' => 'home', 'file' => 'add', 'action' => 'add', 'home' => (object) array('node' => $node, 'order' => $next, 'type' => 'side'), 'availables' => $availables));
             break;
     }
     $viewData = array('folder' => 'home', 'file' => 'list');
     $viewData['items'] = Model\Home::getAll($node);
     /* Para añadir nuevos desde la lista */
     $viewData['availables'] = Model\Home::available($node);
     $viewData['new'] = (object) array('node' => $node, 'order' => Model\Home::next($node, 'main'), 'type' => 'main');
     // laterales
     $viewData['side_items'] = Model\Home::getAllSide($node);
     $viewData['side_availables'] = Model\Home::availableSide($node);
     $viewData['side_new'] = (object) array('node' => $node, 'order' => Model\Home::next($node, 'side'), 'type' => 'side');
     return new View('view/admin/index.html.php', $viewData);
 }
Пример #5
0
 /**
  * Kicks the selected user out of the system instantly by resetting the user's session.
  * This means, the user will be "logged out".
  *
  * @param $userId
  * @return bool
  */
 private static function resetUserSession($userId)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     $query = $database->prepare("UPDATE users SET session_id = :session_id  WHERE user_id = :user_id LIMIT 1");
     $query->execute(array(':session_id' => null, ':user_id' => $userId));
     if ($query->rowCount() == 1) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_USER_SUCCESSFULLY_KICKED'));
         return true;
     }
 }
Пример #6
0
 /**
  * @function setRequestDetails
  * @public
  * @static
  * @returns NONE
  * @desc
  * @param {string} foo Use the 'foo' param for bar.
  * @example NONE
  */
 public static function setRequestDetails($recordID, $tableNo, $subj, $subSubj, $tutName)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     // to do = update according to the settings needed given func's params/args.
     $query = $database->prepare("UPDATE users SET user_deleted = :user_deleted  WHERE user_id = :user_id LIMIT 1");
     $query->execute(array(':user_deleted' => $delete, ':user_id' => $userId));
     // to do = determine if needed below if-statement
     if ($query->rowCount() == 1) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_SUSPENSION_DELETION_STATUS'));
         return true;
     }
 }
Пример #7
0
 public static function process($action = 'list', $id = null, $filters = array())
 {
     // agrupaciones de mas a menos abertas
     $groups = Model\License::groups();
     // tipos de retorno para asociar
     $icons = Model\Icon::getAll('social');
     $errors = array();
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         // objeto
         $license = new Model\License(array('id' => $_POST['id'], 'name' => $_POST['name'], 'description' => $_POST['description'], 'url' => $_POST['url'], 'group' => $_POST['group'], 'order' => $_POST['order'], 'icons' => $_POST['icons']));
         if ($license->save($errors)) {
             switch ($_POST['action']) {
                 case 'add':
                     Message::Info(Text::get('admin-licenses-info-add'));
                     break;
                 case 'edit':
                     Message::Info(Text::get('admin-licenses-info-edit'));
                     // Evento Feed
                     $log = new Feed();
                     $log->populate('modificacion de licencia (admin)', '/admin/licenses', \vsprintf("El admin %s ha %s la licencia %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Modificado'), Feed::item('project', $license->name))));
                     $log->doAdmin('admin');
                     unset($log);
                     break;
             }
         } else {
             Message::Error(implode('<br />', $errors));
             return new View('view/admin/index.html.php', array('folder' => 'licenses', 'file' => 'edit', 'action' => $_POST['action'], 'license' => $license, 'icons' => $icons, 'groups' => $groups));
         }
     }
     switch ($action) {
         case 'up':
             Model\License::up($id);
             break;
         case 'down':
             Model\License::down($id);
             break;
         case 'add':
             $next = Model\License::next();
             return new View('view/admin/index.html.php', array('folder' => 'licenses', 'file' => 'edit', 'action' => 'add', 'license' => (object) array('order' => $next, 'icons' => array()), 'icons' => $icons, 'groups' => $groups));
             break;
         case 'edit':
             $license = Model\License::get($id);
             return new View('view/admin/index.html.php', array('folder' => 'licenses', 'file' => 'edit', 'action' => 'edit', 'license' => $license, 'icons' => $icons, 'groups' => $groups));
             break;
         case 'remove':
             //                Model\License::delete($id);
             break;
     }
     $licenses = Model\License::getAll($filters['icon'], $filters['group']);
     return new View('view/admin/index.html.php', array('folder' => 'licenses', 'file' => 'list', 'licenses' => $licenses, 'filters' => $filters, 'groups' => $groups, 'icons' => $icons));
 }
Пример #8
0
 /**
  * Upgrades / downgrades the user's account. Currently it's just the field user_account_type in the database that
  * can be 1 or 2 (maybe "basic" or "premium"). Put some more complex stuff in here, maybe a pay-process or whatever
  * you like.
  *
  * @param $type
  *
  * @return bool
  */
 public static function changeUserRole($type)
 {
     if (!$type) {
         return false;
     }
     // save new role to database
     if (self::saveRoleToDatabase($type)) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_TYPE_CHANGE_SUCCESSFUL'));
         return true;
     } else {
         Session::add('feedback_negative', Text::get('FEEDBACK_ACCOUNT_TYPE_CHANGE_FAILED'));
         return false;
     }
 }
Пример #9
0
 public static function process($action = 'list', $id = null, $filters = array())
 {
     $sections = Model\Faq::sections();
     if (!isset($sections[$filters['section']])) {
         unset($filters['section']);
     }
     $errors = array();
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         // instancia
         $faq = new Model\Faq(array('id' => $_POST['id'], 'node' => \GOTEO_NODE, 'section' => $_POST['section'], 'title' => $_POST['title'], 'description' => $_POST['description'], 'order' => $_POST['order'], 'move' => $_POST['move']));
         if ($faq->save($errors)) {
             switch ($_POST['action']) {
                 case 'add':
                     Message::Info(Text::get('faq-info-add-question'));
                     break;
                 case 'edit':
                     Message::Info(Text::get('faq-info-edit-question'));
                     break;
             }
         } else {
             Message::Error(implode('<br />', $errors));
             return new View('view/admin/index.html.php', array('folder' => 'faq', 'file' => 'edit', 'action' => $_POST['action'], 'faq' => $faq, 'filter' => $filter, 'sections' => $sections));
         }
     }
     switch ($action) {
         case 'up':
             Model\Faq::up($id);
             throw new Redirection('/admin/faq');
             break;
         case 'down':
             Model\Faq::down($id);
             throw new Redirection('/admin/faq');
             break;
         case 'add':
             $next = Model\Faq::next($filters['section']);
             return new View('view/admin/index.html.php', array('folder' => 'faq', 'file' => 'edit', 'action' => 'add', 'faq' => (object) array('section' => $filters['section'], 'order' => $next, 'cuantos' => $next), 'sections' => $sections));
             break;
         case 'edit':
             $faq = Model\Faq::get($id);
             $cuantos = Model\Faq::next($faq->section);
             $faq->cuantos = $cuantos - 1;
             return new View('view/admin/index.html.php', array('folder' => 'faq', 'file' => 'edit', 'action' => 'edit', 'faq' => $faq, 'sections' => $sections));
             break;
         case 'remove':
             Model\Faq::delete($id);
             break;
     }
     $faqs = Model\Faq::getAll($filters['section']);
     return new View('view/admin/index.html.php', array('folder' => 'faq', 'file' => 'list', 'faqs' => $faqs, 'sections' => $sections, 'filters' => $filters));
 }
Пример #10
0
 /**
  * Delete a specific note
  * @param int $note_id id of the note
  * @return bool feedback (was the note deleted properly ?)
  */
 public static function deleteNote($note_id)
 {
     if (!$note_id) {
         return false;
     }
     $note = NoteQuery::create()->findPK($note_id);
     $note->delete();
     if ($note) {
         return true;
     }
     // default return
     Session::add('feedback_negative', Text::get('FEEDBACK_NOTE_DELETION_FAILED'));
     return false;
 }
Пример #11
0
 /**
  * @function getPublicProfileOfUser
  * @public
  * @static
  * @returns {array} A single user profile.
  * @desc Gets a user's profile data, according to the given $user_id.
  * @param {integer} $user_id The user's id.
  * @example NONE
  */
 public static function getPublicProfileOfUser($user_id)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     $sql = "SELECT user_id, user_name, user_email, user_active, user_deleted FROM users WHERE user_id = :user_id LIMIT 1";
     $query = $database->prepare($sql);
     $query->execute(array(':user_id' => $user_id));
     $user = $query->fetch();
     if ($query->rowCount() != 1) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USER_DOES_NOT_EXIST'));
     }
     // all elements of array passed to Filter::XSSFilter for XSS sanitation, have a look into
     // application/core/Filter.php for more info on how to use. Removes (possibly bad) JavaScript etc from
     // the user's values
     array_walk_recursive($user, 'Filter::XSSFilter');
     return $user;
 }
Пример #12
0
 /**
  * @function setAccountDeletionStatus
  * @public
  * @static
  * @returns NONE
  * @desc
  * @param {string} foo Use the 'foo' param for bar.
  * @example NONE
  */
 public static function setAccountDeletionStatus($softDelete, $userId)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     // FYI "on" is what a checkbox delivers by default when submitted.
     if ($softDelete == "on") {
         $delete = 1;
     } else {
         $delete = 0;
     }
     $query = $database->prepare("UPDATE users SET user_deleted = :user_deleted  WHERE user_id = :user_id LIMIT 1");
     $query->execute(array(':user_deleted' => $delete, ':user_id' => $userId));
     if ($query->rowCount() == 1) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_SUSPENSION_DELETION_STATUS'));
         return true;
     }
 }
Пример #13
0
 /**
  * @param $suspensionInDays
  * @param $softDelete
  * @param $userId
  * @return bool
  */
 public static function setAccountSuspensionAndDeletionStatus($suspensionInDays, $softDelete, $userId)
 {
     if ($suspensionInDays > 0) {
         $suspensionTime = time() + $suspensionInDays * 60 * 60 * 24;
     } else {
         $suspensionTime = null;
     }
     // FYI "on" is what a checkbox delivers by default when submitted. Didn't know that for a long time :)
     $delete = $softDelete == "on" ? 1 : 0;
     $user = UserQuery::create()->findPk($userId);
     $user->setUserSuspensionTimestamp($suspensionTime);
     $user->setUserDeleted($delete);
     $user->save();
     if ($user) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_SUSPENSION_DELETION_STATUS'));
         return true;
     }
     return true;
 }
 public static function setAccountSuspensionAndDeletionStatus($suspensionInDays, $softDelete, $userId)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     if ($suspensionInDays > 0) {
         $suspensionTime = time() + $suspensionInDays * 60 * 60 * 24;
     } else {
         $suspensionTime = null;
     }
     // FYI "on" is what a checkbox delivers by default when submitted. Didn't know that for a long time :)
     if ($softDelete == "on") {
         $delete = 1;
     } else {
         $delete = 0;
     }
     $query = $database->prepare("UPDATE users SET user_suspension_timestamp = :user_suspension_timestamp, user_deleted = :user_deleted  WHERE user_id = :user_id LIMIT 1");
     $query->execute(array(':user_suspension_timestamp' => $suspensionTime, ':user_deleted' => $delete, ':user_id' => $userId));
     if ($query->rowCount() == 1) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_SUSPENSION_DELETION_STATUS'));
         return true;
     }
 }
 /**
  * Validate the user against the DB, or increment the "failed-login-count" to prevent
  * bruteforce password/user attacks
  * @param string $userName
  * @param string $userPassword
  * @return mixed
  */
 private static function validateUser(string $userName, string $userPassword)
 {
     if (Session::get('failed-login-count') >= 3 && Session::get('last-failed-login') > time() - 30) {
         Session::push('feedback_negative', Text::get("LOGIN_FAILED_ATTEMPTS"));
         return false;
     }
     $result = UserModel::getUserByName($userName);
     if (!$result) {
         self::incrementUserFailedLoginCount();
         Session::push("feedback-negative", Text::get("USERNAME_OR_PASSWORD_WRONG"));
         return false;
     }
     if ($result->user_failed_logins >= 3 && $result->user_last_failed_login > time() - 30) {
         Session::push('feedback_negative', Text::get('PASSWORD_WRONG_ATTEMPTS'));
         return false;
     }
     if (!password_verify($userPassword, $result->user_password_hash)) {
         self::incrementUserFailedLoginCountInDb($result->user_name);
         Session::push('feedback_negative', Text::get('USERNAME_OR_PASSWORD_WRONG'));
         return false;
     }
     self::resetUserFailedLoginCount();
     return $result;
 }
 /**
  * Writes the new user's data to the database
  *
  * @param $user_name
  * @param $user_password_hash
  * @param $user_email
  * @param $user_creation_timestamp
  * @param $user_activation_hash
  *
  * @return bool
  */
 public static function writeNewEmployeeToDatabase($user_id, $user_name, $user_password_hash, $user_email, $user_activation_hash, $name, $user_surname1, $user_surname2, $user_address, $user_city, $user_province, $user_NIF, $user_phone, $user_contract_date)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     // write new users data into database
     $sql = "UPDATE users\n            SET user_name = :user_name, user_password_hash = :user_password_hash, user_email = :user_email,\n               user_activation_hash = :user_activation_hash,\n               user_provider_type = :user_provider_type, name = :name, user_surname1 = :user_surname1,\n               user_surname2 = :user_surname2, user_address = :user_address, user_city = :user_city, user_province = :user_province,\n                user_NIF = :user_NIF, user_phone = :user_phone, user_contract_date = :user_contract_date\n            WHERE user_id = :user_id LIMIT 1";
     $query = $database->prepare($sql);
     $query->execute(array(':user_name' => $user_name, ':user_password_hash' => $user_password_hash, ':user_email' => $user_email, ':user_activation_hash' => $user_activation_hash, ':user_provider_type' => 'DEFAULT', ':name' => $name, ':user_surname1' => $user_surname1, ':user_surname2' => $user_surname2, ':user_address' => $user_address, ':user_city' => $user_city, ':user_province' => $user_province, ':user_NIF' => $user_NIF, ':user_phone' => $user_phone, ':user_contract_date' => $user_contract_date, ':user_id' => $user_id));
     $count = $query->rowCount();
     if ($count == 1) {
         return true;
     }
     Session::add('feedback_negative', Text::get('FEEDBACK_EMPLOYEE_EDITING_FAILED'));
     return false;
 }
Пример #17
0
 /**
  * @function 
  * @public
  * @static
  * @returns NONE
  * @desc
  * @param {string} foo Use the 'foo' param for bar.
  * @example NONE
  */
 public static function verifyNewUser($user_id, $user_activation_verification_code)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     $sql = "UPDATE users SET user_active = 1, user_activation_hash = NULL\n            WHERE user_id = :user_id AND user_activation_hash = :user_activation_hash LIMIT 1";
     $query = $database->prepare($sql);
     $query->execute(array(':user_id' => $user_id, ':user_activation_hash' => $user_activation_verification_code));
     if ($query->rowCount() == 1) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_ACTIVATION_SUCCESSFUL'));
         return true;
     }
     Session::add('feedback_negative', Text::get('FEEDBACK_ACCOUNT_ACTIVATION_FAILED'));
     return false;
 }
Пример #18
0
 /**
  * Validate the password submission
  *
  * @param $user_name
  * @param $user_password_reset_hash
  * @param $user_password_new
  * @param $user_password_repeat
  *
  * @return bool
  */
 public static function validateNewPassword($user_name, $user_password_reset_hash, $user_password_new, $user_password_repeat)
 {
     if (empty($user_name)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USERNAME_FIELD_EMPTY'));
         return false;
     } else {
         if (empty($user_password_reset_hash)) {
             Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_RESET_TOKEN_MISSING'));
             return false;
         } else {
             if (empty($user_password_new) || empty($user_password_repeat)) {
                 Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_FIELD_EMPTY'));
                 return false;
             } else {
                 if ($user_password_new !== $user_password_repeat) {
                     Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_REPEAT_WRONG'));
                     return false;
                 } else {
                     if (strlen($user_password_new) < 6) {
                         Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_TOO_SHORT'));
                         return false;
                     }
                 }
             }
         }
     }
     return true;
 }
Пример #19
0
 /**
  * Edit the user's email
  *
  * @param $new_user_email
  *
  * @return bool success status
  */
 public static function editUserEmail($new_user_email)
 {
     // email provided ?
     if (empty($new_user_email)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_EMAIL_FIELD_EMPTY'));
         return false;
     }
     // check if new email is same like the old one
     if ($new_user_email == Session::get('user_email')) {
         Session::add('feedback_negative', Text::get('FEEDBACK_EMAIL_SAME_AS_OLD_ONE'));
         return false;
     }
     // user's email must be in valid email format, also checks the length
     // @see http://stackoverflow.com/questions/21631366/php-filter-validate-email-max-length
     // @see http://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address
     if (!filter_var($new_user_email, FILTER_VALIDATE_EMAIL)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_EMAIL_DOES_NOT_FIT_PATTERN'));
         return false;
     }
     // strip tags, just to be sure
     $new_user_email = substr(strip_tags($new_user_email), 0, 254);
     // check if user's email already exists
     if (UserModel::doesEmailAlreadyExist($new_user_email)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USER_EMAIL_ALREADY_TAKEN'));
         return false;
     }
     // write to database, if successful ...
     // ... then write new email to session, Gravatar too (as this relies to the user's email address)
     if (UserModel::saveNewEmailAddress(Session::get('user_id'), $new_user_email)) {
         Session::set('user_email', $new_user_email);
         Session::set('user_gravatar_image_url', AvatarModel::getGravatarLinkByEmail($new_user_email));
         Session::add('feedback_positive', Text::get('FEEDBACK_EMAIL_CHANGE_SUCCESSFUL'));
         return true;
     }
     Session::add('feedback_negative', Text::get('FEEDBACK_UNKNOWN_ERROR'));
     return false;
 }
Пример #20
0
 /**
  * checks the email/verification code combination and set the user's activation status to true in the database
  *
  * @param int $user_id user id
  * @param string $user_activation_verification_code verification token
  *
  * @return bool success status
  */
 public static function verifyNewUser($user_id, $user_activation_verification_code)
 {
     $user = UserQuery::create()->findPk($user_id);
     $user->setUserActive(1);
     $user->setUserActivationHash('NULL');
     if ($user) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_ACTIVATION_SUCCESSFUL'));
         return true;
     }
     Session::add('feedback_negative', Text::get('FEEDBACK_ACCOUNT_ACTIVATION_FAILED'));
     return false;
 }
 /**
  * Removes the photoMaterial image file from the filesystem
  *
  * @param integer $material_id
  * @return bool
  */
 public static function deletePhotoMaterialImageFile($material_id)
 {
     // Check if file exists
     if (!file_exists(Config::get('PATH_MATERIALS') . $material_id . ".jpg")) {
         Session::add("feedback_negative", Text::get("FEEDBACK_PHOTOMATERIAL_IMAGE_DELETE_NO_FILE"));
         return false;
     }
     // Delete photoMaterial file
     if (!unlink(Config::get('PATH_MATERIALS') . $material_id . ".jpg")) {
         Session::add("feedback_negative", Text::get("FEEDBACK_PHOTOMATERIAL_IMAGE_DELETE_FAILED"));
         return false;
     }
     return true;
 }
Пример #22
0
 /**
  * performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently)
  * TODO add throttling here ?
  *
  * @param $cookie string The cookie "remember_me"
  *
  * @return bool success state
  */
 public static function loginWithCookie($cookie)
 {
     if (!$cookie) {
         Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
         return false;
     }
     // check cookie's contents, check if cookie contents belong together or token is empty
     list($user_id, $token, $hash) = explode(':', $cookie);
     if ($hash !== hash('sha256', $user_id . ':' . $token) or empty($token)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
         return false;
     }
     // get data of user that has this id and this token
     $result = UserModel::getUserDataByUserIdAndToken($user_id, $token);
     if ($result) {
         // successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true
         self::setSuccessfulLoginIntoSession($result->user_id, $result->user_name, $result->user_email, $result->user_account_type);
         // save timestamp of this login in the database line of that user
         self::saveTimestampOfLoginOfUser($result->user_name);
         Session::add('feedback_positive', Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL'));
         return true;
     } else {
         Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
         return false;
     }
 }
Пример #23
0
 function build_autos($items, $data, $user)
 {
     foreach ($items as $index => &$item) {
         if (isset($item['auto'])) {
             if (isset($data['urls'][$item['auto']])) {
                 $item['path'] = $data['urls'][$item['auto']];
             } else {
                 if ($item['auto'] === 'set') {
                     $item['path'] = '';
                 }
             }
             if ($item['auto'] === 'profile') {
                 switch ($item['id']) {
                     case 'twitter':
                         $item['path'] = 'https://twitter.com/' . $user->twitter;
                         break;
                     default:
                         $item['path'] = $user->{$item['id']};
                         if (empty($item['path'])) {
                             unset($items[$index]);
                             continue;
                         }
                         break;
                 }
                 if (!isset($item['label']) || empty($item['label'])) {
                     $item['label'] = ucwords($item['id']) . ($item['id'] === 'google' ? '+' : '');
                 }
             } else {
                 if ($item['auto'] === 'rss') {
                     $item['path'] = '/feed/' . $item['id'] . ($item['id'] === 'essay' ? 's' : '') . '/recent.rss';
                     if (!isset($item['label'])) {
                         $item['label'] = $data['url_data'][$item['id']]['plural'] . ' RSS';
                     }
                 } else {
                     if (preg_match('/s$/', $item['auto']) || $item['auto'] === 'timeline') {
                         if ($item['auto'] === 'timeline' && isset($item['year'])) {
                             $item['path'] .= $item['year'] . '/';
                             if (isset($item['month']) && $item['month'] !== false && $item['month'] !== 'any') {
                                 $m = str_pad($item['month'], 2, '0', STR_PAD_LEFT);
                                 $item['path'] .= $m . '/';
                             }
                         }
                         if (strpos($item['auto'], '_') !== false) {
                             foreach (array('id', 'slug', 'month', 'year', 'day') as $id) {
                                 if ($id === 'month') {
                                     if (!isset($item['month']) || $item['month'] === 'any' || $item['month'] === false) {
                                         $item['month'] = '';
                                     } else {
                                         $item['month'] = str_pad($item['month'], 2, '0', STR_PAD_LEFT);
                                     }
                                 }
                                 if ($id === 'day' && !isset($item['day'])) {
                                     $item['day'] = '';
                                 }
                                 if ($id === 'slug' && !isset($item['slug']) && isset($item['id'])) {
                                     if (strpos($item['auto'], 'tag_') === 0) {
                                         $item['slug'] = $item['id'];
                                     } else {
                                         $c = new Category();
                                         if (is_numeric($item['id'])) {
                                             $c->select('slug')->get_by_id($item['id']);
                                             $item['slug'] = $c->slug;
                                         } else {
                                             $item['slug'] = $item['id'];
                                         }
                                     }
                                 }
                                 if (isset($item[$id])) {
                                     $item['path'] = str_replace(":{$id}", $item[$id], $item['path']);
                                 }
                             }
                         } else {
                             if (!isset($item['label'])) {
                                 $item['label'] = $data['url_data'][$item['auto'] === 'categories' ? 'category' : rtrim($item['auto'], 's')]['plural'];
                             }
                         }
                     } else {
                         if ($item['auto'] === 'home') {
                             if (!isset($item['label'])) {
                                 $item['label'] = $data['url_data']['home'];
                             }
                             $item['path'] = '/home/';
                         } else {
                             if ($item['auto'] === 'album' || $item['auto'] === 'set') {
                                 $a = new Album();
                                 $a->select('id,slug,created_on,title');
                                 if (is_numeric($item['id'])) {
                                     $a->where('id', $item['id']);
                                 } else {
                                     $a->where('slug', $item['id'])->or_where('internal_id', $item['id']);
                                 }
                                 $a->get();
                                 if (!$a->exists()) {
                                     unset($items[$index]);
                                     continue;
                                 }
                                 $item['path'] = str_replace(':id', $a->id, $item['path']);
                                 $item['path'] = str_replace(':slug', $a->slug, $item['path']);
                                 $item['path'] = str_replace(':year', date('Y', $a->created_on), $item['path']);
                                 $item['path'] = str_replace(':month', date('m', $a->created_on), $item['path']);
                                 $item['path'] = str_replace(':day', date('d', $a->created_on), $item['path']);
                                 if (!isset($item['label'])) {
                                     $item['label'] = $a->title;
                                 }
                             } else {
                                 if ($item['auto'] === 'page' || $item['auto'] === 'essay') {
                                     $t = new Text();
                                     $t->select('id,slug,published_on,title');
                                     if (is_numeric($item['id'])) {
                                         $t->where('id', $item['id']);
                                     } else {
                                         $t->where('slug', $item['id']);
                                     }
                                     $t->get();
                                     if (!$t->exists()) {
                                         unset($items[$index]);
                                         continue;
                                     }
                                     $item['path'] = str_replace(':id', $t->id, $item['path']);
                                     $item['path'] = str_replace(':slug', $t->slug, $item['path']);
                                     $item['path'] = str_replace(':year', date('Y', $t->published_on), $item['path']);
                                     $item['path'] = str_replace(':month', date('m', $t->published_on), $item['path']);
                                     $item['path'] = str_replace(':day', date('d', $t->published_on), $item['path']);
                                     if (!isset($item['label'])) {
                                         $item['label'] = $t->title;
                                     }
                                 } else {
                                     if ($item['auto'] === 'content') {
                                         $c = new Content();
                                         $c->select('id,slug,captured_on,title');
                                         if (isset($item['album_id'])) {
                                             $item['path'] = preg_replace('/:(id|slug)/', ':album_$1', $data['urls']['album']) . substr(str_replace(':year/:month/', '', $data['urls']['content']), 1);
                                             $a = new Album();
                                             $a->select('id,slug,created_on,title');
                                             if (is_numeric($item['album_id'])) {
                                                 $a->where('id', $item['album_id']);
                                             } else {
                                                 $a->where('slug', $item['album_id'])->or_where('internal_id', $item['album_id']);
                                             }
                                             $a->get();
                                             if (!$a->exists()) {
                                                 unset($items[$index]);
                                                 continue;
                                             }
                                             $item['path'] = str_replace(':album_id', $a->id, $item['path']);
                                             $item['path'] = str_replace(':album_slug', $a->slug, $item['path']);
                                             $date = $a->created_on;
                                         } else {
                                             $date = $c->captured_on;
                                         }
                                         if (is_numeric($item['id'])) {
                                             $c->where('id', $item['id']);
                                         } else {
                                             $c->where('slug', $item['id'])->or_where('internal_id', $item['id']);
                                         }
                                         $c->get();
                                         if (!$c->exists()) {
                                             unset($items[$index]);
                                             continue;
                                         }
                                         $item['path'] = str_replace(':id', $c->id, $item['path']);
                                         $item['path'] = str_replace(':slug', $c->slug, $item['path']);
                                         $item['path'] = str_replace(':year', date('Y', $date), $item['path']);
                                         $item['path'] = str_replace(':month', date('m', $date), $item['path']);
                                         $item['path'] = str_replace(':day', date('d', $date), $item['path']);
                                         if (!isset($item['label'])) {
                                             $item['label'] = $c->title;
                                         }
                                         if (isset($item['lightbox']) && $item['lightbox']) {
                                             $item['path'] .= 'lightbox/';
                                         }
                                     } else {
                                         if ($item['auto'] === 'tag') {
                                             $item['path'] = str_replace(':slug', $item['id'], $item['path']);
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
             if ($item['auto'] !== 'profile') {
                 $item['path'] = str_replace(array(':year', ':month'), '', $item['path']);
                 $item['path'] = preg_replace('/[\\(\\)\\?\\:]/', '', $item['path']);
                 $item['path'] = preg_replace('~[/]+~', '/', $item['path']);
             }
         }
     }
     return $items;
 }
Пример #24
0
 /**
  * Validates current and new passwords
  *
  * @param string $user_name
  * @param string $user_password_current
  * @param string $user_password_new
  * @param string $user_password_repeat
  *
  * @return bool
  */
 public static function validatePasswordChange($user_name, $user_password_current, $user_password_new, $user_password_repeat)
 {
     $database = DatabaseFactory::getFactory()->getConnection();
     $sql = "SELECT user_password_hash, user_failed_logins FROM users WHERE user_name = :user_name LIMIT 1;";
     $query = $database->prepare($sql);
     $query->execute(array(':user_name' => $user_name));
     $user = $query->fetch();
     if ($query->rowCount() == 1) {
         $user_password_hash = $user->user_password_hash;
     } else {
         Session::add('feedback_negative', Text::get('FEEDBACK_USER_DOES_NOT_EXIST'));
         return false;
     }
     if (!password_verify($user_password_current, $user_password_hash)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_CURRENT_INCORRECT'));
         return false;
     } else {
         if (empty($user_password_new) || empty($user_password_repeat)) {
             Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_FIELD_EMPTY'));
             return false;
         } else {
             if ($user_password_new !== $user_password_repeat) {
                 Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_REPEAT_WRONG'));
                 return false;
             } else {
                 if (strlen($user_password_new) < 6) {
                     Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_TOO_SHORT'));
                     return false;
                 } else {
                     if ($user_password_current == $user_password_new) {
                         Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_NEW_SAME_AS_CURRENT'));
                         return false;
                     }
                 }
             }
         }
     }
     return true;
 }
Пример #25
0
 /**
  * Removes the avatar image file from the filesystem
  *
  * @param $userId
  * @return bool
  */
 public static function deleteAvatarImageFile($userId)
 {
     // Check if file exists
     if (!file_exists(Config::get('PATH_AVATARS') . $userId . ".jpg")) {
         Session::add("feedback_negative", Text::get("FEEDBACK_AVATAR_IMAGE_DELETE_NO_FILE"));
         return false;
     }
     // Delete avatar file
     if (!unlink(Config::get('PATH_AVATARS') . $userId . ".jpg")) {
         Session::add("feedback_negative", Text::get("FEEDBACK_AVATAR_IMAGE_DELETE_FAILED"));
         return false;
     }
     return true;
 }
Пример #26
0
 /**
  * performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently)
  * TODO add throttling here ?
  *
  * @param $cookie string The cookie "remember_me"
  *
  * @return bool success state
  */
 public static function loginWithCookie($cookie)
 {
     // do we have a cookie ?
     if (!$cookie) {
         Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
         return false;
     }
     // check cookie's contents, check if cookie contents belong together or token is empty
     list($user_id, $token, $hash) = explode(':', $cookie);
     if ($hash !== hash('sha256', $user_id . ':' . $token) or empty($token)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
         return false;
     }
     // get data of user that has this id and this token
     $result = UserModel::getUserDataByUserIdAndToken($user_id, $token);
     // if user with that id and exactly that cookie token exists in database
     if ($result) {
         // successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true
         self::setSuccessfulLoginIntoSession($result->getUserId(), $result->getUserEmail(), $result->getUserAccountType());
         // save timestamp of this login in the database line of that user
         self::saveTimestampOfLoginOfUser($result->getUserEmail());
         // NOTE: we don't set another remember_me-cookie here as the current cookie should always
         // be invalid after a certain amount of time, so the user has to login with username/password
         // again from time to time. This is good and safe ! ;)
         Session::add('feedback_positive', Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL'));
         return true;
     } else {
         Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID'));
         return false;
     }
 }
Пример #27
0
 static function button_back_to_teacher_view_title($lang_id)
 {
     $text = new Text("Text appearing while hovering on the back_to_teacher_view button (title)", array(new Translation(Kielet::$ENGLANTI, "Back to the teacher view."), new Translation(Kielet::$SUOMI, "Takaisin opettajan perusnäkymään.")));
     return $text->get($lang_id);
 }
Пример #28
0
 public function save(&$errors = array())
 {
     if (!$this->validate($errors)) {
         return false;
     }
     // Primero la imagenImagen
     if (is_array($this->image) && !empty($this->image['name'])) {
         $image = new Image($this->image);
         if ($image->save($errors)) {
             $this->image = $image->id;
         } else {
             \Goteo\Library\Message::Error(Text::get('image-upload-fail') . implode(', ', $errors));
             $this->image = '';
         }
     }
     $fields = array('id', 'name', 'url', 'image', 'order');
     $set = '';
     $values = array();
     foreach ($fields as $field) {
         if ($set != '') {
             $set .= ", ";
         }
         $set .= "`{$field}` = :{$field} ";
         $values[":{$field}"] = $this->{$field};
     }
     try {
         $sql = "REPLACE INTO sponsor SET " . $set;
         self::query($sql, $values);
         if (empty($this->id)) {
             $this->id = self::insertId();
         }
         Check::reorder($this->id, 'up', 'sponsor');
         return true;
     } catch (\PDOException $e) {
         $errors[] = Text::_("No se ha guardado correctamente. ") . $e->getMessage();
         return false;
     }
 }
Пример #29
0
 /**
  * When key does not exist in text data file, should return null
  */
 public function testGetWithNonExistingKey()
 {
     $this->assertEquals(null, Text::get('XXX'));
 }
 private static function validateConference($confTitle, $venueName)
 {
     if (empty($confTitle) || empty($venueName)) {
         Session::push('feedback_negative', Text::get('CONFERENCE_FIELD_EMPTY'));
         return false;
     }
     // no conference by this title should exist
     if (ConferenceModel::getConferenceByTitle($confTitle)) {
         Session::push('feedback_negative', Text::get('CONFERENCE_ALREADY_EXISTS'));
         return false;
     }
     if (!VenueModel::venueExists($venueName)) {
         if (!VenueModel::createVenueInDb($venueName)) {
             Session::push('feedback_negative', Text::get('UNKNOWN_ERROR'));
             return false;
         }
     }
     return true;
 }