/** * Respond to the URL that was created * Determine the post that was supposed to be displayed, and show it in raw * @params array $handlervars An array of values passed in from the URL requested */ function action_plugin_act_plaintext($handlervars) { $activetheme = Themes::create(); $user_filters = array('fetch_fn' => 'get_row', 'limit' => 1); $page_key = array_search('page', $activetheme->valid_filters); unset($activetheme->valid_filters[$page_key]); $user_filters = Plugins::filter('template_user_filters', $user_filters); $user_filters = array_intersect_key($user_filters, array_flip($activetheme->valid_filters)); $where_filters = Controller::get_handler()->handler_vars->filter_keys($activetheme->valid_filters); $where_filters = $where_filters->merge($user_filters); $where_filters = Plugins::filter('template_where_filters', $where_filters); $post = Posts::get($where_filters); $current_url = URL::get(); $created_at = $post->pubdate->get(); header('Content-type: text/plain; charset=utf-8'); echo <<<HERE # {$post->title} By {$post->author->displayname} <{$current_url}> {$created_at} \t {$post->content} HERE; exit; }
/** * All handlers must implement act() to conform to handler API. * This is the default implementation of act(), which attempts * to call a class member method of $this->act_$action(). Any * subclass is welcome to override this default implementation. * * @param string $action the action that was in the URL rule */ public function act($action) { if (null === $this->handler_vars) { $this->handler_vars = new SuperGlobal(array()); } $this->action = $action; $this->theme->assign('matched_rule', URL::get_matched_rule()); $request = new StdClass(); foreach (URL::get_active_rules() as $rule) { $request->{$rule->name} = false; } $request->{$this->theme->matched_rule->name} = true; $this->theme->assign('request', $request); $action_hook = 'plugin_act_' . $action; $before_action_hook = 'before_' . $action_hook; $theme_hook = 'route_' . $action; $after_action_hook = 'after_' . $action_hook; Plugins::act($before_action_hook, $this); Plugins::act($action_hook, $this); if (Plugins::implemented($theme_hook, 'theme')) { $theme = Themes::create(); $rule = URL::get_matched_rule(); Plugins::theme($theme_hook, $theme, $rule->named_arg_values, $this); } Plugins::act($after_action_hook); }
public function action_init() { // gotta be an easier way of doing this $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', TRUE)); $theme = Themes::create('admin', 'RawPHPEngine', $theme_dir); if (!$theme->template_exists('admincontrol_select')) { $this->add_template('admincontrol_select', dirname(__FILE__) . '/admincontrol_select.php'); } }
/** * Add the help to the publish form */ public function action_form_publish($form, $post) { $selector = $form->append('wrapper', 'help_container'); $selector->class = 'container'; $theme = Themes::create(); $theme->help = Options::get(strtolower(get_class($this)) . '__help'); $content = $theme->fetch('help'); $selector->append('static', 'help', $content); $form->move_after($selector, $form->silos); return $form; }
function filter_post_content_out($content, $post) { if ($post->info->phpexec == 'true') { $content = str_replace('<!--php', '<?php', $content); $content = str_replace('?-->', '?>', $content); ob_start(); $theme = Themes::create(); eval('?>' . $content . '<?php '); $content = ob_get_clean(); } return $content; }
/** * Handles AJAX from /admin/tags * Used to delete and rename tags */ public function ajax_tags($handler_vars) { Utils::check_request_method(array('POST')); $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']); if ($handler_vars['digest'] != $wsse['digest']) { Session::error(_t('WSSE authentication failed.')); echo Session::messages_get(true, array('Format', 'json_messages')); return; } $tag_names = array(); $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true)); $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir); $action = $this->handler_vars['action']; switch ($action) { case 'delete': foreach ($_POST as $id => $delete) { // skip POST elements which are not tag ids if (preg_match('/^tag_\\d+/', $id) && $delete) { $id = substr($id, 4); $tag = Tags::get_by_id($id); $tag_names[] = $tag->term_display; Tags::vocabulary()->delete_term($tag); } } $msg_status = _n(_t('Tag %s has been deleted.', array(implode('', $tag_names))), _t('%d tags have been deleted.', array(count($tag_names))), count($tag_names)); Session::notice($msg_status); break; case 'rename': if (!isset($this->handler_vars['master'])) { Session::error(_t('Error: New name not specified.')); echo Session::messages_get(true, array('Format', 'json_messages')); return; } $master = $this->handler_vars['master']; $tag_names = array(); foreach ($_POST as $id => $rename) { // skip POST elements which are not tag ids if (preg_match('/^tag_\\d+/', $id) && $rename) { $id = substr($id, 4); $tag = Tags::get_by_id($id); $tag_names[] = $tag->term_display; } } Tags::vocabulary()->merge($master, $tag_names); $msg_status = sprintf(_n('Tag %1$s has been renamed to %2$s.', 'Tags %1$s have been renamed to %2$s.', count($tag_names)), implode($tag_names, ', '), $master); Session::notice($msg_status); break; } $this->theme->tags = Tags::vocabulary()->get_tree(); $this->theme->max = Tags::vocabulary()->max_count(); echo json_encode(array('msg' => Session::messages_get(true, 'array'), 'tags' => $this->theme->fetch('tag_collection'))); }
/** * Constructor for theme * * If no parameter is supplied, then the constructor * Loads the active theme from the database. * * If no theme option is set, a fatal error is thrown * * @param name ( optional ) override the default theme lookup * @param template_engine ( optional ) specify a template engine * @param theme_dir ( optional ) specify a theme directory */ public function __construct( $themedata ) { $this->name = $themedata->name; $this->version = $themedata->version; $theme_dir = Utils::single_array($themedata->theme_dir); // Set up the corresponding engine to handle the templating $this->template_engine = new $themedata->template_engine(); if(isset($themedata->parent)) { $parent = Themes::create($themedata->parent); $parent_theme_dir = Utils::single_array($parent->theme_dir); $theme_dir = array_merge($theme_dir, $parent_theme_dir); } $this->theme_dir = $theme_dir; $this->template_engine->set_template_dir( $theme_dir ); $this->plugin_id = $this->plugin_id(); $this->load(); }
function configure() { $ui = new FormUI('jsmincdn'); $scripts = $ui->append('checkboxes', 'scripts', 'jsmincdn__storage', 'Select the scripts that should be served as minimized.'); $theme = Themes::create(); Plugins::act('template_header', $theme); Plugins::act('template_footer', $theme); $options = Stack::get_named_stack('template_header_javascript'); $options = array_merge($options, Stack::get_named_stack('template_footer_javascript')); $options_out = array(); foreach ($options as $option => $value) { if (preg_match('#[a-f0-9]{32}#', $option)) { $value = htmlspecialchars(substr($value, 0, 80)); } else { $value = $option; } $options_out[$option] = $value; } $scripts->options = $options_out; $ui->append('submit', 'submit', 'Submit'); return $ui; }
/** * Handles AJAX requests from the dashboard */ public function ajax_dashboard($handler_vars) { Utils::check_request_method(array('POST')); $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true)); $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir); switch ($handler_vars['action']) { case 'updateModules': $modules = array(); foreach ($_POST as $key => $module) { // skip POST elements which are not module names if (preg_match('/^module\\d+$/', $key)) { list($module_id, $module_name) = explode(':', $module, 2); // remove non-sortable modules from the list if ($module_id != 'nosort') { $modules[$module_id] = $module_name; } } } Modules::set_active($modules); $ar = new AjaxResponse(200, _t('Modules updated.')); break; case 'addModule': $id = Modules::add($handler_vars['module_name']); $this->fetch_dashboard_modules(); $ar = new AjaxResponse(200, _t('Added module %s.', array($handler_vars['module_name']))); $ar->html('modules', $this->theme->fetch('dashboard_modules')); break; case 'removeModule': Modules::remove($handler_vars['moduleid']); $this->fetch_dashboard_modules(); $ar = new AjaxResponse(200, _t('Removed module.')); $ar->html('modules', $this->theme->fetch('dashboard_modules')); break; } $ar->out(); }
/** * Retreive the Theme used to display the form component * * @param boolean $forvalidation If true, perform validation on control and add error messages to output * @param FormControl $control The control to output using a template * @return Theme The theme object to display the template for the control */ function get_theme( $forvalidation = false, $control = null ) { if ( !isset( $this->theme_obj ) ) { $theme_dir = Plugins::filter( 'control_theme_dir', Plugins::filter( 'admin_theme_dir', Site::get_dir( 'admin_theme', true ) ) . 'formcontrols/', $control ); $this->theme_obj = Themes::create( 'admin', 'RawPHPEngine', $theme_dir ); } $this->theme_obj->start_buffer(); if ( $control instanceof FormControl ) { // PHP doesn't allow __get() to return pointers, and passing this array to foreach directly generates an error. $properties = $control->properties; foreach ( $properties as $name => $value ) { $this->theme_obj->$name = $value; } $this->theme_obj->field = $control->field; $this->theme_obj->value = $control->value; $this->theme_obj->caption = $control->caption; $this->theme_obj->id = (string) $control->id; $class = (array) $control->class; $message = ''; if ( $forvalidation ) { $validate = $control->validate(); if ( count( $validate ) != 0 ) { $class[] = 'invalid'; $message = implode( '<br>', (array) $validate ); } } $this->theme_obj->class = implode( ' ', (array) $class ); $this->theme_obj->message = $message; } return $this->theme_obj; }
/** * Load the active theme and create a new Theme instance. * Also, assign the request variables. */ public function setup_theme() { $this->theme = Themes::create(); $this->theme->assign('matched_rule', URL::get_matched_rule()); $request = Controller::get_request_obj(); $this->theme->assign('request', $request); }
/** * Constructor for the default theme handler. Here, we * automatically load the active theme for the installation, * and create a new Theme instance. */ public function __construct() { $this->theme = Themes::create(); }
public function display_calendar() { $theme = Themes::create(); $events = Posts::get(array("status" => Post::status('published'), "nolimit" => true, "content_type" => Post::type('event'))); $upcoming = array(); foreach ($events as $event) { if ($event->start->int > HabariDateTime::date_create()->modify('-1 week')->int) { $upcoming[] = $event; } } $theme->events = $upcoming; $theme->display('calendar'); }
/** * Add a comment to the site * * @param mixed $post A Post object instance or Post object id * @param string $name The commenter's name * @param string $email The commenter's email address * @param string $url The commenter's website URL * @param string $content The comment content * @param array $extra An associative array of extra values that should be considered */ function add_comment($post, $name = null, $email = null, $url = null, $content = null, $extra = null) { if (is_numeric($post)) { $post = Post::get(array('id' => $post)); } if (!$post instanceof Post) { // Not sure what you're trying to pull here, but that's no good header('HTTP/1.1 403 Forbidden', true, 403); die; } // let's do some basic sanity checking on the submission if (1 == Options::get('comments_require_id') && (empty($name) || empty($email))) { Session::error(_t('Both name and e-mail address must be provided.')); } if (empty($content)) { Session::error(_t('You did not provide any content for your comment!')); } if (Session::has_errors()) { // save whatever was provided in session data Session::add_to_set('comment', $name, 'name'); Session::add_to_set('comment', $email, 'email'); Session::add_to_set('comment', $url, 'url'); Session::add_to_set('comment', $content, 'content'); // now send them back to the form Utils::redirect($post->permalink . '#respond'); } if ($post->info->comments_disabled) { // comments are disabled, so let's just send // them back to the post's permalink Session::error(_t('Comments on this post are disabled!')); Utils::redirect($post->permalink); } /* Sanitize data */ foreach (array('name', 'url', 'email', 'content') as $k) { ${$k} = InputFilter::filter(${$k}); } /* Sanitize the URL */ if (!empty($url)) { $parsed = InputFilter::parse_url($url); if ($parsed['is_relative']) { // guess if they meant to use an absolute link $parsed = InputFilter::parse_url('http://' . $url); if (!$parsed['is_error']) { $url = InputFilter::glue_url($parsed); } else { // disallow relative URLs $url = ''; } } if ($parsed['is_pseudo'] || $parsed['scheme'] !== 'http' && $parsed['scheme'] !== 'https') { // allow only http(s) URLs $url = ''; } else { // reconstruct the URL from the error-tolerant parsing // http:moeffju.net/blog/ -> http://moeffju.net/blog/ $url = InputFilter::glue_url($parsed); } } if (preg_match('/^\\p{Z}*$/u', $content)) { Session::error(_t('Comment contains only whitespace/empty comment')); Utils::redirect($post->permalink); } /* Create comment object*/ $comment = new Comment(array('post_id' => $post->id, 'name' => $name, 'email' => $email, 'url' => $url, 'ip' => sprintf("%u", ip2long($_SERVER['REMOTE_ADDR'])), 'content' => $content, 'status' => Comment::STATUS_UNAPPROVED, 'date' => HabariDateTime::date_create(), 'type' => Comment::COMMENT)); // Should this really be here or in a default filter? // In any case, we should let plugins modify the status after we set it here. $user = User::identify(); if ($user->loggedin && $comment->email == $user->email) { $comment->status = Comment::STATUS_APPROVED; } // Users need to have permission to add comments if (!$user->can('comment')) { Session::error(_t('You do not have permission to create comments.')); Utils::redirect($post->permalink); } // Allow themes to work with comment hooks Themes::create(); // Allow plugins to change comment data and add commentinfo based on plugin-added form fields Plugins::act('comment_accepted', $comment, $this->handler_vars, $extra); $spam_rating = 0; $spam_rating = Plugins::filter('spam_filter', $spam_rating, $comment, $this->handler_vars, $extra); $comment->insert(); $anchor = ''; // If the comment was saved if ($comment->id && $comment->status != Comment::STATUS_SPAM) { $anchor = '#comment-' . $comment->id; // store in the user's session that this comment is pending moderation if ($comment->status == Comment::STATUS_UNAPPROVED) { Session::notice(_t('Your comment is pending moderation.'), 'comment_' . $comment->id); } // if no cookie exists, we should set one // but only if the user provided some details $cookie = 'comment_' . Options::get('GUID'); if (!User::identify()->loggedin && !isset($_COOKIE[$cookie]) && (!empty($name) || !empty($email) || !empty($url))) { $cookie_content = $comment->name . '#' . $comment->email . '#' . $comment->url; $site_url = Site::get_path('base', true); setcookie($cookie, $cookie_content, time() + 31536000, $site_url); } } // Return the commenter to the original page. Utils::redirect($post->permalink . $anchor); }
/** * @todo use formui */ private function send_captcha($comment = null) { Session::add_to_set('mollom', $comment, 'comment'); $theme = Themes::create(); $theme->comment = $comment; try { $theme->captcha = Mollom::getImageCaptcha($comment->info->mollom_session_id); $theme->audio_captcha = Mollom::getAudioCaptcha($comment->info->mollom_session_id); } catch (Exception $e) { } $theme->display('mollom_fallback_captcha'); }
/** * Entry point for installation. The reason there is a begin_install * method to handle is that conceivably, the user can stop installation * mid-install and need an alternate entry point action at a later time. */ public function act_begin_install() { // Create a new theme to handle the display of the installer $this->theme = Themes::create('installer', 'RawPHPEngine', HABARI_PATH . '/system/installer/'); /** * Set user selected Locale or default */ $this->theme->locales = Locale::list_all(); if (isset($_POST['locale']) && $_POST['locale'] != null) { Locale::set($_POST['locale']); } else { Locale::set(Config::get('locale', 'en-us')); } $this->theme->locale = Locale::get(); $this->handler_vars['locale'] = Locale::get(); /** * Check .htaccess first because ajax doesn't work without it. */ if (!$this->check_htaccess()) { $this->handler_vars['file_contents'] = htmlentities(implode("\n", $this->htaccess())); $this->display('htaccess'); } // Dispatch AJAX requests. if (isset($_POST['ajax_action'])) { switch ($_POST['ajax_action']) { case 'check_mysql_credentials': self::ajax_check_mysql_credentials(); exit; break; case 'check_pgsql_credentials': self::ajax_check_pgsql_credentials(); exit; break; case 'check_sqlite_credentials': self::ajax_check_sqlite_credentials(); exit; break; } } // set the default values now, which will be overriden as we go $this->form_defaults(); if (!$this->meets_all_requirements()) { $this->display('requirements'); } /** * Add the AJAX hooks */ Plugins::register(Method::create('\\Habari\\InstallHandler', 'ajax_check_mysql_credentials'), 'ajax_', 'check_mysql_credentials'); Plugins::register(Method::create('\\Habari\\InstallHandler', 'ajax_check_pgsql_credentials'), 'ajax_', 'check_pgsql_credentials'); /** * Let's check the config.php file if no POST data was submitted */ if (!file_exists(Site::get_dir('config_file')) && !isset($_POST['admin_username'])) { // no config file, and no HTTP POST $this->display('db_setup'); } // try to load any values that might be defined in config.php if (file_exists(Site::get_dir('config_file'))) { include Site::get_dir('config_file'); // check for old style config (global variable, pre-dates registry based config if (!Config::exists('db_connection') && isset($db_connection)) { // found old style config... // set up registry: Config::set('db_connection', $db_connection); // assign handler vars (for config file write) $this->set_handler_vars_from_db_connection(); // write new config file if ($this->write_config_file(true)) { // successful, so redirect: Utils::redirect(Site::get_url('site')); } } if (Config::exists('db_connection')) { $this->set_handler_vars_from_db_connection(); } // if a $blog_data array exists in config.php, use it // to pre-load values for the installer // ** this is completely optional ** if (Config::exists('blog_data')) { $blog_data = Config::get('blog_data'); foreach ($blog_data as $blog_datum => $value) { $this->handler_vars[$blog_datum] = $value; } } } // now merge in any HTTP POST values that might have been sent // these will override the defaults and the config.php values $this->handler_vars = $this->handler_vars->merge($_POST); // we need details for the admin user to install if ('' == $this->handler_vars['admin_username'] || '' == $this->handler_vars['admin_pass1'] || '' == $this->handler_vars['admin_pass2'] || '' == $this->handler_vars['admin_email']) { // if none of the above are set, display the form $this->display('db_setup'); } $db_type = $this->handler_vars['db_type']; if ((!Config::exists('db_connection') || Config::get('db_connection')->connection_string == '') && ($db_type == 'mysql' || $db_type == 'pgsql')) { $this->handler_vars['db_host'] = $_POST["{$db_type}_db_host"]; $this->handler_vars['db_user'] = $_POST["{$db_type}_db_user"]; $this->handler_vars['db_pass'] = $_POST->raw("{$db_type}_db_pass"); $this->handler_vars['db_schema'] = $_POST["{$db_type}_db_schema"]; } // we got here, so we have all the info we need to install // make sure the admin password is correct if ($this->handler_vars['admin_pass1'] !== $this->handler_vars['admin_pass2']) { $this->theme->assign('form_errors', array('password_mismatch' => _t('Password mis-match.'))); $this->display('db_setup'); } // don't accept emails with control characters if (!ctype_print($this->handler_vars['admin_email'])) { $this->theme->assign('form_errors', array('admin_email' => _t('Only printable characters are allowed.'))); $this->display('db_setup'); } // check whether prefix is valid if (isset($this->handler_vars['table_prefix']) && preg_replace('/[^a-zA-Z_]/', '', $this->handler_vars['table_prefix']) !== $this->handler_vars['table_prefix']) { $this->theme->assign('form_errors', array('table_prefix' => _t('Allowed characters are A-Z, a-z and "_".'))); $this->display('db_setup'); } // Make sure we still have a valid connection if (!call_user_func(array($this, "check_{$db_type}"))) { $this->display('db_setup'); } // try to write the config file if (!$this->write_config_file()) { $this->theme->assign('form_errors', array('write_file' => _t('Could not write config.php file…'))); $this->display('db_setup'); } // try to install the database if (!$this->install_db()) { // the installation failed for some reason. // re-display the form $this->display('db_setup'); } // Try activating plugins and themes $this->activate_plugins(); $this->activate_theme(); // Installation complete. Secure sqlite if it was chosen as the database type to use if ($db_type == 'sqlite') { if (!$this->secure_sqlite()) { $this->theme->sqlite_contents = implode("\n", $this->sqlite_contents()); $this->display('sqlite'); } } EventLog::log(_t('Habari successfully installed.'), 'info', 'default', 'habari'); Utils::redirect(Site::get_url('site')); }
/** * Sets a theme to be the current user's preview theme * * @param string $theme_name The name of the theme to preview * @param string $theme_dir The directory of the theme to preview */ public static function preview_theme($theme_name, $theme_dir) { $_SESSION['user_theme_name'] = $theme_name; $_SESSION['user_theme_dir'] = $theme_dir; // Execute the theme's activated action $preview_theme = Themes::create(); Plugins::act_id('theme_activated', $preview_theme->plugin_id(), $theme_name, $preview_theme); EventLog::log(_t('Previewed Theme: %s', array($theme_name)), 'notice', 'theme', 'habari'); }
/** * Handles AJAX requests from the groups page. */ public function ajax_groups($handler_vars) { Utils::check_request_method(array('GET', 'HEAD')); $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true)); $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir); $output = ''; foreach (UserGroups::get_all() as $group) { $this->theme->group = $group; $group = UserGroup::get_by_id($group->id); $users = array(); foreach ($group->members as $id) { $user = $id == 0 ? User::anonymous() : User::get_by_id($id); if ($user->id == 0) { $users[] = '<strong>' . $user->displayname . '</strong>'; } else { $users[] = '<strong><a href="' . URL::get('admin', 'page=user&id=' . $user->id) . '">' . $user->displayname . '</a></strong>'; } } $this->theme->users = $users; $output .= $this->theme->fetch('groups_item'); } echo json_encode(array('items' => $output)); }
public function create_theme() { $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true)); $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir); }
/** * Prepare and display admin page * */ public function action_admin_theme_get_menus(AdminHandler $handler, Theme $theme) { $theme->page_content = ''; $action = isset($_GET['action']) ? $_GET['action'] : 'create'; switch ($action) { case 'edit': $vocabulary = Vocabulary::get_by_id(intval($handler->handler_vars['menu'])); if ($vocabulary == false) { $theme->page_content = '<h2>' . _t('Invalid Menu.'); // that's it, we're done. Maybe we show the list of menus instead? break; } $form = new FormUI('edit_menu'); $form->append(new FormControlText('menuname', 'null:null', _t('Name'), 'transparent_text'))->add_validator('validate_required', _t('You must supply a valid menu name'))->add_validator(array($this, 'validate_newvocab'))->value = $vocabulary->name; $form->append(new FormControlHidden('oldname', 'null:null'))->value = $vocabulary->name; $form->append(new FormControlText('description', 'null:null', _t('Description'), 'transparent_text'))->value = $vocabulary->description; $edit_items_array = $this->get_menu_type_data(); $edit_items = ''; foreach ($edit_items_array as $action => $menu_type) { $edit_items .= '<a class="modal_popup_form menu_button_dark" href="' . URL::get('admin', array('page' => 'menu_iframe', 'action' => $action, 'menu' => $vocabulary->id)) . "\">" . _t('Add %s', array($menu_type['label'])) . "</a>"; } if (!$vocabulary->is_empty()) { $form->append('tree', 'tree', $vocabulary->get_tree(), _t('Menu')); $form->tree->options = $vocabulary->get_tree(); $form->tree->config = array('itemcallback' => array($this, 'tree_item_callback')); // $form->tree->value = $vocabulary->get_root_terms(); // append other needed controls, if there are any. $form->append('static', 'buttons', '<div id="menu_item_button_container">' . $edit_items . '</div>'); $form->append('submit', 'save', _t('Apply Changes')); } else { $form->append('static', 'buttons', '<div id="menu_item_button_container">' . $edit_items . '</div>'); } $delete_link = URL::get('admin', Utils::WSSE(array('page' => 'menus', 'action' => 'delete_menu', 'menu' => $handler->handler_vars['menu']))); //$delete_link = URL::get( 'admin', array( 'page' => 'menus', 'action' => 'delete_menu', 'menu' => $handler->handler_vars[ 'menu' ] ) ); $form->append('static', 'deletebutton', '<a class="a_button" href="' . $delete_link . '">' . _t('Delete Menu') . '</a>'); $form->append(new FormControlHidden('menu', 'null:null'))->value = $handler->handler_vars['menu']; $form->on_success(array($this, 'rename_menu_form_save')); $form->properties['onsubmit'] = "return habari.menu_admin.submit_menu_update();"; $theme->page_content .= $form->get(); break; case 'create': $form = new FormUI('create_menu'); $form->append('text', 'menuname', 'null:null', _t('Menu Name'), 'transparent_text')->add_validator('validate_required', _t('You must supply a valid menu name'))->add_validator(array($this, 'validate_newvocab')); $form->append('text', 'description', 'null:null', _t('Description'), 'transparent_text'); $form->append('submit', 'submit', _t('Create Menu')); $form->on_success(array($this, 'add_menu_form_save')); $theme->page_content = $form->get(); break; case 'delete_menu': if (Utils::verify_wsse($_GET, true)) { $menu_vocab = Vocabulary::get_by_id(intval($handler->handler_vars['menu'])); // Delete blocks using this menu $at = Themes::get_active_data(true); $t = Themes::create(Themes::get_active()['name']); $i = 0; foreach ($at['areas'] as $area) { foreach ($t->get_blocks($area['name'], 0, $t) as $block) { if ($block->type == 'menu' && $block->menu_taxonomy == $handler->handler_vars['menu']) { $block->delete(); $i++; } } } Session::notice(sprintf(_n('%s block linking to this menu deleted.', '%s blocks linking to this menu deleted.', $i), $i)); $menu_vocab->delete(); // log that it has been deleted? Session::notice(_t('Menu deleted.')); // redirect to a blank menu creation form Utils::redirect(URL::get('admin', array('page' => 'menus', 'action' => 'create'))); } else { Session::notice(_t('Menu deletion failed - please try again.')); Utils::redirect(URL::get('admin', array('page' => 'menus', 'action' => 'edit', 'menu' => $handler->handler_vars['menu']))); } break; case 'delete_term': $term = Term::get(intval($handler->handler_vars['term'])); $menu_vocab = $term->vocabulary_id; if (Utils::verify_wsse($_GET, true)) { $term->delete(); // log that it has been deleted? Session::notice(_t('Item deleted.')); Utils::redirect(URL::get('admin', array('page' => 'menus', 'action' => 'edit', 'menu' => $menu_vocab))); } else { Session::notice(_t('Item deletion failed - please try again.')); Utils::redirect(URL::get('admin', array('page' => 'menus', 'action' => 'edit', 'menu' => $menu_vocab))); } break; default: Utils::debug($_GET, $action); die; } $theme->display('menus_admin'); // End everything exit; }
/** * Handles AJAX requests from the manage comments page. */ public function ajax_comments() { Utils::check_request_method( array( 'GET', 'HEAD' ) ); $theme_dir = Plugins::filter( 'admin_theme_dir', Site::get_dir( 'admin_theme', true ) ); $this->theme = Themes::create( 'admin', 'RawPHPEngine', $theme_dir ); $this->theme->theme = $this->theme; $params = $_GET; $this->fetch_comments( $params ); $items = $this->theme->fetch( 'comments_items' ); $timeline = $this->theme->fetch( 'timeline_items' ); $item_ids = array(); foreach ( $this->theme->comments as $comment ) { $item_ids['p' . $comment->id] = 1; } $ar = new AjaxResponse(); $ar->data = array( 'items' => $items, 'item_ids' => $item_ids, 'timeline' => $timeline, ); $ar->out(); }
public function action_ajax_archive_posts($handler) { $theme = Themes::create(); $theme->posts = self::get_posts($handler->handler_vars['search']); $theme->display('archive_posts'); }
/** * Cancel the viewing of any preview theme */ public static function cancel_preview() { if ( isset( $_SESSION['user_theme_name'] ) ) { // Execute the theme's deactivated action $preview_theme = Themes::create(); Plugins::act_id( 'theme_deactivated', $preview_theme->plugin_id() ); EventLog::log( _t( 'Canceled Theme Preview: %s', array( $_SESSION['user_theme_name'] ) ), 'notice', 'theme', 'habari' ); unset( $_SESSION['user_theme_name'] ); unset( $_SESSION['user_theme_dir'] ); } }
/** * function add_comment * adds a comment to a post, if the comment content is not NULL * @param array An associative array of content found in the $_POST array */ public function act_add_comment() { Utils::check_request_method(array('POST')); $defaults = array('name' => '', 'email' => '', 'url' => '', 'content' => ''); // We need to get the post anyway to redirect back to the post page. $post = Post::get(array('id' => $this->handler_vars['id'])); if (!$post) { // trying to comment on a non-existent post? Weirdo. header('HTTP/1.1 403 Forbidden', true, 403); die; } // make sure all our default values are set so we don't throw undefined index errors foreach ($defaults as $k => $v) { if (!isset($this->handler_vars[$k])) { $this->handler_vars[$k] = $v; } } // let's do some basic sanity checking on the submission if (1 == Options::get('comments_require_id') && (empty($this->handler_vars['name']) || empty($this->handler_vars['email']))) { Session::error(_t('Both name and e-mail address must be provided.')); } if (empty($this->handler_vars['content'])) { Session::error(_t('You did not provide any content for your comment!')); } if (Session::has_errors()) { // save whatever was provided in session data Session::add_to_set('comment', $this->handler_vars['name'], 'name'); Session::add_to_set('comment', $this->handler_vars['email'], 'email'); Session::add_to_set('comment', $this->handler_vars['url'], 'url'); Session::add_to_set('comment', $this->handler_vars['content'], 'content'); // now send them back to the form Utils::redirect($post->permalink . '#respond'); } if ($post->info->comments_disabled) { // comments are disabled, so let's just send // them back to the post's permalink Session::error(_t('Comments on this post are disabled!')); Utils::redirect($post->permalink); } /* Sanitize data */ foreach ($defaults as $k => $v) { $this->handler_vars[$k] = InputFilter::filter($this->handler_vars[$k]); } /* Sanitize the URL */ if (!empty($this->handler_vars['url'])) { $url = $this->handler_vars['url']; $parsed = InputFilter::parse_url($url); if ($parsed['is_relative']) { // guess if they meant to use an absolute link $parsed = InputFilter::parse_url('http://' . $url); if (!$parsed['is_error']) { $url = InputFilter::glue_url($parsed); } else { // disallow relative URLs $url = ''; } } if ($parsed['is_pseudo'] || $parsed['scheme'] !== 'http' && $parsed['scheme'] !== 'https') { // allow only http(s) URLs $url = ''; } else { // reconstruct the URL from the error-tolerant parsing // http:moeffju.net/blog/ -> http://moeffju.net/blog/ $url = InputFilter::glue_url($parsed); } $this->handler_vars['url'] = $url; } if (preg_match('/^\\p{Z}*$/u', $this->handler_vars['content'])) { Session::error(_t('Comment contains only whitespace/empty comment')); Utils::redirect($post->permalink); } /* Create comment object*/ $comment = new Comment(array('post_id' => $this->handler_vars['id'], 'name' => $this->handler_vars['name'], 'email' => $this->handler_vars['email'], 'url' => $this->handler_vars['url'], 'ip' => sprintf("%u", ip2long($_SERVER['REMOTE_ADDR'])), 'content' => $this->handler_vars['content'], 'status' => Comment::STATUS_UNAPPROVED, 'date' => HabariDateTime::date_create(), 'type' => Comment::COMMENT)); // Should this really be here or in a default filter? // In any case, we should let plugins modify the status after we set it here. $user = User::identify(); if ($user->loggedin && $comment->email == $user->email) { $comment->status = Comment::STATUS_APPROVED; } // Allow themes to work with comment hooks Themes::create(); $spam_rating = 0; $spam_rating = Plugins::filter('spam_filter', $spam_rating, $comment, $this->handler_vars); $comment->insert(); $anchor = ''; // If the comment was saved if ($comment->id) { $anchor = '#comment-' . $comment->id; // store in the user's session that this comment is pending moderation if ($comment->status == Comment::STATUS_UNAPPROVED) { Session::notice(_t('Your comment is pending moderation.'), 'comment_' . $comment->id); } // if no cookie exists, we should set one // but only if the user provided some details $cookie = 'comment_' . Options::get('GUID'); if (!isset($_COOKIE[$cookie]) && (!empty($this->handler_vars['name']) || !empty($this->handler_vars['email']) || !empty($this->handler_vars['url']))) { $cookie_content = $comment->name . '#' . $comment->email . '#' . $comment->url; $site_url = Site::get_path('base', true); setcookie($cookie, $cookie_content, time() + 31536000, $site_url); } } // Return the commenter to the original page. Utils::redirect($post->permalink . $anchor); }
/** * Load the active theme and create a new Theme instance. * Also, assign the request variables. */ public function setup_theme() { $this->theme = Themes::create(); $this->theme->assign('matched_rule', URL::get_matched_rule()); $request = new StdClass(); foreach (RewriteRules::get_active() as $rule) { $request->{$rule->name} = false; } $request->{$this->theme->matched_rule->name} = true; $this->theme->assign('request', $request); }
public function action_handler_scratchpad($handler_vars) { $user = User::identify(); if (!$user->loggedin) { // TODO We should allow the user to log in somehow $response = "User not logged in."; } else { // Create a form to enter the ScratchPad entry information $theme = Themes::create(); $this->add_template('scratchpad', dirname(__FILE__) . '/scratchpad.php'); $form = new FormUI('scratchpad'); // Create the Title field $form->append('text', 'title', 'null:null', _t('Title')); $form->title->tabindex = 1; $form->title->value = $handler_vars['title']; // Create the Content field $form->append('textarea', 'content', 'null:null', _t('Content')); $form->content->tabindex = 2; if (isset($handler_vars['selection'])) { $form->content->value = $handler_vars['selection']; } // Add the existing scratchpads $scratchpads = array(); $results = DB::get_results('SELECT id, name FROM {scratchpads} WHERE user_id = ?', array($user->id)); foreach ($results as $result) { $scratchpads[$result->id] = $result->name; } $form->append('select', 'scratchpads', 'null:null', 'ScratchPads', $scratchpads); $form->scratchpads->tabindex = 3; // Create a field for adding a new scratchpad $form->append('text', 'scratchpad', 'null:null', _t('New ScratchPad')); $form->scratchpad->tabindex = 4; // Add the URL as a hidden control $form->append('hidden', 'url', 'null:null'); $form->url->value = $handler_vars['url']; // Create the Save button $form->append('submit', 'save', 'Save'); // Add a callback to save the form data $form->on_success(array($this, 'insert_scratchpad')); // Put the form into the theme $theme->form = $form; $theme->display('scratchpad'); } }
/** * Retreive the Theme used to display this form component and its descendants * * @return Theme The theme object to display the template for the control */ public function get_theme() { static $theme_obj = null; if (is_null($theme_obj)) { $theme_obj = Themes::create(); // Create the current theme instead of: 'admin', 'RawPHPEngine', $theme_dir } $this->prep_theme($theme_obj); return $theme_obj; }
public function __construct() { $this->config = simplexml_load_file(dirname(__FILE__) . '/lifestream.config.xml'); $this->theme = Themes::create(); }
/** * Display the login form * * @param string $name Pre-fill the name field with this name */ protected function login_form($name) { // Display the login form. $this->theme = Themes::create(); if (!$this->theme->template_exists('login')) { $this->theme = Themes::create('admin', 'RawPHPEngine', Site::get_dir('admin_theme', TRUE)); $this->theme->assign('admin_page', 'login'); } $request = new StdClass(); foreach (URL::get_active_rules() as $rule) { $request->{$rule->name} = $rule->name == URL::get_matched_rule()->name; } if (isset($this->handler_vars['error'])) { $this->theme->assign('error', Utils::htmlspecialchars($this->handler_vars['error'])); } $this->theme->assign('request', $request); $this->theme->assign('habari_username', htmlentities($name, ENT_QUOTES, 'UTF-8')); $this->display('login'); return TRUE; }
public function filter_post_content($content, Post $post) { if ($post->info->password) { // if user logged in, show post // make sure it's not just the anonymous user! $user = User::identify(); if ($user instanceof User && $user != User::anonymous()) { return $content; } $session = Session::get_set('post_passwords', false); $token = Utils::crypt('42' . $post->info->password . $post->id . Options::get('GUID')); // if password was submitted verify it if (Controller::get_var('post_password') && Controller::get_var('post_password_id') == $post->id) { $pass = InputFilter::filter(Controller::get_var('post_password')); if (Utils::crypt($pass, $post->info->password)) { Session::add_to_set('post_passwords', $token, $post->id); $session[$post->id] = $token; } else { Session::error(_t('That password was incorrect.', 'postpass')); } } // if password is stored in session verify it if (isset($session[$post->id]) && $session[$post->id] == $token) { return $content; } else { $theme = Themes::create(); $theme->post = $post; return $theme->fetch('post_password_form'); } } else { return $content; } }