/**
* Constructor
*
* @param User $user the user for the feed
* @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off
*
* @return void
*/
function __construct($user, $cur = null, $indent = true)
{
parent::__construct($cur, $indent);
$this->user = $user;
if (!empty($user)) {
$profile = $user->getProfile();
$this->addAuthor($profile->nickname, $user->uri);
$this->setActivitySubject($profile->asActivityNoun('subject'));
}
// TRANS: Title in atom user notice feed. %s is a user name.
$title = sprintf(_("%s timeline"), $user->nickname);
$this->setTitle($title);
$sitename = common_config('site', 'name');
$subtitle = sprintf(_('Updates from %1$s on %2$s!'), $user->nickname, $sitename);
$this->setSubtitle($subtitle);
$avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
$logo = $avatar ? $avatar->displayUrl() : Avatar::defaultImage(AVATAR_PROFILE_SIZE);
$this->setLogo($logo);
$this->setUpdated('now');
$this->addLink(common_local_url('showstream', array('nickname' => $user->nickname)));
$self = common_local_url('ApiTimelineUser', array('id' => $user->id, 'format' => 'atom'));
$this->setId($self);
$this->setSelfLink($self);
$this->addLink(common_local_url('sup', null, null, $user->id), array('rel' => 'http://api.friendfeed.com/2008/03#sup', 'type' => 'application/json'));
}
public function invokeHandler(Smarty $viewModel, $header, $f, $page, User $user)
{
$header->meta(array('keywords' => 'Home Meta Keywords', 'description' => 'Home Meta Description'));
$header->title('RUDRAX');
$header->import('bootstrap', 'utils', 'product_login', 'utils_tunnel');
$cahce = new RxCache();
$page->data->assign('myDataKey', $cahce->get('mykey'));
$cahce->set('mykey', $cahce->get('mykey') + 1);
if (isset($_REQUEST['uname'])) {
$username = $_POST['uname'];
$password = $_POST['pass'];
$user->auth($username, $password);
}
//Console::log($this->user->getToken(),$username,$password);
if ($user->isValid()) {
$viewModel->assign('token', $user->getToken());
$viewModel->assign('profile', $user->getProfile());
$viewModel->assign("Name", "Fred Irving Johnathan Bradley Peppergill", true);
$viewModel->assign("FirstName", array("John", "Mary", "James", "Henry"));
$viewModel->assign("LastName", array("Doe", "Smith", "Johnson", "Case"));
$viewModel->assign("Class", array(array("A", "B", "C", "D"), array("E", "F", "G", "H"), array("I", "J", "K", "L"), array("M", "N", "O", "P")));
$viewModel->assign("contacts", array(array("phone" => "1", "fax" => "2", "cell" => "3"), array("phone" => "555-4444", "fax" => "555-3333", "cell" => "760-1234")));
$viewModel->assign("option_values", array("NY", "NE", "KS", "IA", "OK", "TX"));
$viewModel->assign("option_output", array("New York", "Nebraska", "Kansas", "Iowa", "Oklahoma", "Texas"));
$viewModel->assign("option_selected", "NE");
return "home/home";
} else {
return "sample/login";
}
}
/**
* Constructor
*
* @param User $user the user for the feed
* @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off
*
* @return void
*/
function __construct($user, $cur = null, $indent = true)
{
parent::__construct($cur, $indent);
$this->user = $user;
if (!empty($user)) {
$profile = $user->getProfile();
$ao = ActivityObject::fromProfile($profile);
array_push($ao->extra, $profile->profileInfo($cur));
// XXX: For users, we generate an author _AND_ an <activity:subject>
// This is for backward compatibility with clients (especially
// StatusNet's clients) that assume the Atom will conform to an
// older version of the Activity Streams API. Subject should be
// removed in future versions of StatusNet.
$this->addAuthorRaw($ao->asString('author'));
$depMsg = 'Deprecation warning: activity:subject is present ' . 'only for backward compatibility. It will be ' . 'removed in the next version of StatusNet.';
$this->addAuthorRaw("<!--{$depMsg}-->\n" . $ao->asString('activity:subject'));
}
// TRANS: Title in atom user notice feed. %s is a user name.
$title = sprintf(_("%s timeline"), $user->nickname);
$this->setTitle($title);
$sitename = common_config('site', 'name');
$subtitle = sprintf(_('Updates from %1$s on %2$s!'), $user->nickname, $sitename);
$this->setSubtitle($subtitle);
$avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
$logo = $avatar ? $avatar->displayUrl() : Avatar::defaultImage(AVATAR_PROFILE_SIZE);
$this->setLogo($logo);
$this->setUpdated('now');
$this->addLink(common_local_url('showstream', array('nickname' => $user->nickname)));
$self = common_local_url('ApiTimelineUser', array('id' => $user->id, 'format' => 'atom'));
$this->setId($self);
$this->setSelfLink($self);
$this->addLink(common_local_url('sup', null, null, $user->id), array('rel' => 'http://api.friendfeed.com/2008/03#sup', 'type' => 'application/json'));
}
/**
* @covers User::getProfile
*/
public function testGetProfile()
{
$this->object->populate();
$user = $this->object->getProfile();
$attributes = ['sub' => 1, 'name' => 'admin name', 'login' => 'admin', 'email' => 'mail', 'scope' => 'admin user'];
foreach ($attributes as $attributeName => $attributeValue) {
$this->assertObjectHasAttribute($attributeName, $user, 'User should have the "' . $attributeName . '" attribute');
$this->assertAttributeEquals($attributeValue, $attributeName, $user, 'User->' . $attributeName . ' should be set to "' . $attributeValue . '" but found: "' . $user->{$attributeName} . '"');
}
}
/**
* Add user to the database.
* User for registration.
*
* @param \model\User $user The user to be added to the database
*/
public function add(User $user)
{
$sqli = $this->database->connect();
$stmt = $sqli->prepare("INSERT INTO " . $this->table . "(" . $this->usernameCol . ", " . $this->passwordCol . ", " . $this->profileinfoCol . ") VALUES (?, ?, ?)");
if ($stmt === FALSE) {
throw new Exception($sqli->error);
}
$username = $user->getUsername();
$password = $user->getPassword();
$profileinfo = $user->getProfile();
$stmt->bind_param('sss', $username, $password, $profileinfo);
$stmt->execute();
}
function updateUserUrls()
{
printfnq("Updating user URLs...\n");
// XXX: only update user URLs where out-of-date
$user = new User();
if ($user->find()) {
while ($user->fetch()) {
printfv("Updating user {$user->nickname}...");
try {
$profile = $user->getProfile();
updateProfileUrl($profile);
} catch (Exception $e) {
echo "Error updating URLs: " . $e->getMessage();
}
printfv("DONE.");
}
}
}
/**
* Constructor
*
* @param User $user the user for the feed
* @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off
*
* @return void
*/
function __construct($user, $cur = null, $indent = true)
{
parent::__construct($cur, $indent);
$this->user = $user;
if (!empty($user)) {
$profile = $user->getProfile();
$ao = $profile->asActivityObject();
array_push($ao->extra, $profile->profileInfo($this->scoped));
$this->addAuthorRaw($ao->asString('author'));
}
// TRANS: Title in atom user notice feed. %s is a user name.
$title = sprintf(_("%s timeline"), $user->nickname);
$this->setTitle($title);
$sitename = common_config('site', 'name');
$subtitle = sprintf(_('Updates from %1$s on %2$s!'), $user->nickname, $sitename);
$this->setSubtitle($subtitle);
$this->setLogo($profile->avatarUrl(AVATAR_PROFILE_SIZE));
$this->setUpdated('now');
$this->addLink(common_local_url('showstream', array('nickname' => $user->nickname)));
$self = common_local_url('ApiTimelineUser', array('id' => $user->id, 'format' => 'atom'));
$this->setId($self);
$this->setSelfLink($self);
$this->addLink(common_local_url('sup', null, null, $user->id), array('rel' => 'http://api.friendfeed.com/2008/03#sup', 'type' => 'application/json'));
}
/**
* Called when a new user is registered.
*
* We find all users, and try to subscribe them to the new user, and
* the new user to them. Exceptions (like silenced users or whatever)
* are caught, logged, and ignored.
*
* @param Profile &$newProfile The new user's profile
* @param User &$newUser The new user
*
* @return boolean hook value
*
*/
function onEndUserRegister(&$newProfile, &$newUser)
{
$otherUser = new User();
$otherUser->whereAdd('id != ' . $newUser->id);
if ($otherUser->find()) {
while ($otherUser->fetch()) {
$otherProfile = $otherUser->getProfile();
try {
if (User_followeveryone_prefs::followEveryone($otherUser->id)) {
Subscription::start($otherProfile, $newProfile);
}
Subscription::start($newProfile, $otherProfile);
} catch (Exception $e) {
common_log(LOG_WARNING, $e->getMessage());
continue;
}
}
}
$ufep = new User_followeveryone_prefs();
$ufep->user_id = $newUser->id;
$ufep->followeveryone = true;
$ufep->insert();
return true;
}
<?php
/**
* Authenticate user and create a token.
*
* Provides a token required for others API call
*
* @version 1.0.0
*
* @api
*/
require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/User.php';
$api = new Api('json', ['POST']);
switch ($api->method) {
case 'POST':
if (!$api->checkParameterExists('login', $login) || !$api->checkParameterExists('password', $password)) {
$api->output(400, 'Both login and password must be provided');
//login or password was not provided
return;
}
$user = new User();
if (!$user->checkCredentials($login, $password)) {
$api->output(401, 'Invalid credentials');
header('WWW-Authenticate: Bearer realm="WMP"');
//invalid credentials
return;
}
$api->output(201, $api->generateToken($user->getProfile()));
break;
}
/**
* Save fields that should be stored in the main profile object
*
* XXX: There's a lot of dupe code here from ProfileSettingsAction.
* Do not want.
*
* @param User $user the current user
*/
function saveStandardProfileDetails($user)
{
$fullname = $this->trimmed('extprofile-fullname');
$location = $this->trimmed('extprofile-location');
$tagstring = $this->trimmed('extprofile-tags');
$bio = $this->trimmed('extprofile-bio');
if ($tagstring) {
$tags = array_map('common_canonical_tag', preg_split('/[\\s,]+/', $tagstring));
} else {
$tags = array();
}
foreach ($tags as $tag) {
if (!common_valid_profile_tag($tag)) {
// TRANS: Validation error in form for profile settings.
// TRANS: %s is an invalid tag.
throw new Exception(sprintf(_m('Invalid tag: "%s".'), $tag));
}
}
$profile = $user->getProfile();
$oldTags = $user->getSelfTags();
$newTags = array_diff($tags, $oldTags);
if ($fullname != $profile->fullname || $location != $profile->location || !empty($newTags) || $bio != $profile->bio) {
$orig = clone $profile;
$profile->nickname = $user->nickname;
$profile->fullname = $fullname;
$profile->bio = $bio;
$profile->location = $location;
$loc = Location::fromName($location);
if (empty($loc)) {
$profile->lat = null;
$profile->lon = null;
$profile->location_id = null;
$profile->location_ns = null;
} else {
$profile->lat = $loc->lat;
$profile->lon = $loc->lon;
$profile->location_id = $loc->location_id;
$profile->location_ns = $loc->location_ns;
}
$profile->profileurl = common_profile_url($user->nickname);
$result = $profile->update($orig);
if ($result === false) {
common_log_db_error($profile, 'UPDATE', __FILE__);
// TRANS: Server error thrown when user profile settings could not be saved.
$this->serverError(_m('Could not save profile.'));
}
// Set the user tags
$result = $user->setSelfTags($tags);
if (!$result) {
// TRANS: Server error thrown when user profile settings tags could not be saved.
$this->serverError(_m('Could not save tags.'));
}
Event::handle('EndProfileSaveForm', array($this));
}
}
public function getFollowedProfiles()
{
$this->initConnection();
$res = array();
$res_array = $this->dbQuery('SELECT * FROM subscription WHERE item_type="user" AND user_id=:id', array('id' => $this->id));
foreach ($res_array as $row) {
$user = new User();
$user->id = $row['item_id'];
$user->getProfile();
$res[] = $user;
}
return $res;
}
public function edit()
{
$process = Param::get('process', 'edit');
$user = new User();
switch ($process) {
case self::EDIT_ACCOUNT:
$user->id = get_authenticated_user_id($_SESSION['userid']);
$user->fname = Param::get('firstname');
$user->lname = Param::get('lastname');
$user->new_username = Param::get('username');
$user->new_email = Param::get('email');
try {
$user->updateAccount();
$_SESSION['username'] = $user->new_username;
$user->editSuccess = true;
} catch (ValidationException $e) {
}
break;
case self::EDIT_PROFILE:
$user->id = get_authenticated_user_id($_SESSION['userid']);
$user->company = Param::get('company');
$user->division = Param::get('division');
$user->specialization = Param::get('specialization');
try {
$user->updateProfile();
$user->editSuccess = true;
} catch (ValidationException $e) {
}
break;
case self::EDIT_PASSWORD:
$user->id = get_authenticated_user_id($_SESSION['userid']);
//set username and old password to password
//property to authenticate user
$user->username = $_SESSION['username'];
$user->password = htmlentities(Param::get('oldPassword'));
if (!$user->isRegistered()) {
$user->validation_errors['notAuthorized']['authenticate'] = true;
break;
}
//Unset username so it won't be included in validation
unset($user->username);
$user->password = htmlentities(Param::get('password'));
$user->confirmpassword = htmlentities(Param::get('confirmPassword'));
try {
$user->updatePassword();
$user->editSuccess = true;
} catch (ValidationException $e) {
}
break;
case self::EDIT_PICTURE:
$user = new User();
$target_directory = "bootstrap/img/users/" . $_SESSION['username'];
try {
if (file_exists($file_tmp = $_FILES['picture']['tmp_name'])) {
$finfo = new finfo(FILEINFO_MIME_TYPE);
if (false === ($file_extension = array_search($finfo->file($_FILES['picture']['tmp_name']), $this->mime_types, true))) {
throw new PictureFormatException("Invalid file format.");
}
$user_profile = glob("bootstrap/img/users/" . $_SESSION['username'] . ".*");
if ($user_profile) {
foreach ($user_profile as $picture) {
exec("rm {$picture}");
}
}
if (!move_uploaded_file($_FILES['picture']['tmp_name'], $target_directory . "." . $file_extension)) {
throw new FileNotFound("File not found.");
}
} else {
throw new FileNotFound('File not found.');
}
$user->editSuccess = true;
} catch (FileNotFound $e) {
$_SESSION['upload_error'] = true;
} catch (PictureFormatException $e) {
$_SESSION['upload_error'] = true;
}
break;
case self::EDIT_PAGE:
$user->id = $_SESSION['userid'];
break;
}
$user->getProfile();
$this->set(get_defined_vars());
}
/**
* notify a user that one of their notices has been chosen as a 'fave'
*
* Doesn't check that the user has an email address nor if they
* want to receive notification of faves. Maybe this happens higher
* up the stack...?
*
* @param User $other The user whose notice was faved
* @param User $user The user who faved the notice
* @param Notice $notice The notice that was faved
*
* @return void
*/
function mail_notify_fave($other, $user, $notice)
{
$profile = $user->getProfile();
$bestname = $profile->getBestName();
common_init_locale($other->language);
$subject = sprintf(_('%s added your notice as a favorite'), $bestname);
$body = sprintf(_("%1\$s just added your notice from %2\$s" . " as one of their favorites.\n\n" . "In case you forgot, you can see the text" . " of your notice here:\n\n" . "%3\$s\n\n" . "You can see the list of %1\$s's favorites here:\n\n" . "%4\$s\n\n" . "Faithfully yours,\n" . "%5\$s\n"), $bestname, common_exact_date($notice->created), common_local_url('shownotice', array('notice' => $notice->id)), common_local_url('showfavorites', array('nickname' => $user->nickname)), common_config('site', 'name'));
common_init_locale();
mail_to_user($other, $subject, $body);
}
/**
* Add link in user's XRD file to allow OpenID login.
*
* This link in the XRD should let users log in with their
* Webfinger identity to services that support it. See
* http://webfinger.org/login for an example.
*
* @param XRD &$xrd Currently-displaying XRD object
* @param User $user The user that it's for
*
* @return boolean hook value (always true)
*/
function onEndXrdActionLinks(&$xrd, $user)
{
$profile = $user->getProfile();
if (!empty($profile)) {
$xrd->links[] = array('rel' => 'http://specs.openid.net/auth/2.0/provider', 'href' => $profile->profileurl);
}
return true;
}
/**
* Extra notice info for atom entries
*
* Clients use some extra notice info in the atom stream.
* This gives it to them.
*
* @param User $cur Current user
*
* @return array representation of <statusnet:notice_info> element
*/
function noticeInfo($cur)
{
// local notice ID (useful to clients for ordering)
$noticeInfoAttr = array('local_id' => $this->id);
// notice source
$ns = $this->getSource();
if (!empty($ns)) {
$noticeInfoAttr['source'] = $ns->code;
if (!empty($ns->url)) {
$noticeInfoAttr['source_link'] = $ns->url;
if (!empty($ns->name)) {
$noticeInfoAttr['source'] = '<a href="' . htmlspecialchars($ns->url) . '" rel="nofollow">' . htmlspecialchars($ns->name) . '</a>';
}
}
}
// favorite and repeated
if (!empty($cur)) {
$noticeInfoAttr['favorite'] = $cur->hasFave($this) ? "true" : "false";
$cp = $cur->getProfile();
$noticeInfoAttr['repeated'] = $cp->hasRepeated($this->id) ? "true" : "false";
}
if (!empty($this->repeat_of)) {
$noticeInfoAttr['repeat_of'] = $this->repeat_of;
}
return array('statusnet:notice_info', $noticeInfoAttr, null);
}
/**
* Handle object imported from a backup file
*
* @param User $user User to import for
* @param ActivityObject $author Original author per import file
* @param Activity $activity Activity to import
* @param boolean $trusted Is this a trusted user?
* @param boolean &$done Is this done (success or unrecoverable error)
*
* @return boolean hook value
*/
function onStartImportActivity($user, $author, Activity $activity, $trusted, &$done)
{
if (!$this->isMyActivity($activity)) {
return true;
}
$obj = $activity->objects[0];
$options = array('uri' => $object->id, 'url' => $object->link, 'source' => 'restore');
// $user->getProfile() is a Profile
$saved = $this->saveNoticeFromActivity($activity, $user->getProfile(), $options);
if (!empty($saved)) {
$done = true;
}
return false;
}
/**
* Actually save the avatar we found locally.
*
* @param User $user
* @param string $url to avatar URL
* @todo merge wrapper funcs for this into common place for 1.0 core
*/
private function saveAvatar($user, $url)
{
if (!common_valid_http_url($url)) {
throw new ServerException(sprintf(_m("Invalid avatar URL %s."), $url));
}
// @fixme this should be better encapsulated
// ripped from OStatus via oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
try {
if (!copy($url, $temp_filename)) {
throw new ServerException(sprintf(_m("Unable to fetch avatar from %s."), $url));
}
$profile = $user->getProfile();
$id = $profile->id;
// @fixme should we be using different ids?
$imagefile = new ImageFile($id, $temp_filename);
$filename = Avatar::filename($id, image_type_to_extension($imagefile->type), null, common_timestamp());
rename($temp_filename, Avatar::path($filename));
} catch (Exception $e) {
unlink($temp_filename);
throw $e;
}
$profile->setOriginal($filename);
}
/**
* Update a user from sreg parameters
* @param User $user
* @param array $sreg fields from OpenID sreg response
* @access private
*/
function oid_update_user($user, $sreg)
{
$profile = $user->getProfile();
$orig_profile = clone $profile;
if (!empty($sreg['fullname']) && strlen($sreg['fullname']) <= 255) {
$profile->fullname = $sreg['fullname'];
}
if (!empty($sreg['country'])) {
if ($sreg['postcode']) {
# XXX: use postcode to get city and region
# XXX: also, store postcode somewhere -- it's valuable!
$profile->location = $sreg['postcode'] . ', ' . $sreg['country'];
} else {
$profile->location = $sreg['country'];
}
}
# XXX save language if it's passed
# XXX save timezone if it's passed
if (!$profile->update($orig_profile)) {
// TRANS: OpenID plugin server error.
common_server_error(_m('Error saving the profile.'));
return false;
}
$orig_user = clone $user;
if (!empty($sreg['email']) && Validate::email($sreg['email'], common_config('email', 'check_domain'))) {
$user->email = $sreg['email'];
}
if (!$user->update($orig_user)) {
// TRANS: OpenID plugin server error.
common_server_error(_m('Error saving the user.'));
return false;
}
return true;
}
/**
* Send a mail message to notify a user that her Twitter bridge link
* has stopped working, and therefore has been removed. This can
* happen when the user changes her Twitter password, or otherwise
* revokes access.
*
* @param User $user user whose Twitter bridge link has been removed
*
* @return boolean success flag
*/
function mail_twitter_bridge_removed($user)
{
$profile = $user->getProfile();
common_switch_locale($user->language);
// TRANS: Mail subject after forwarding notices to Twitter has stopped working.
$subject = sprintf(_m('Your Twitter bridge has been disabled'));
$site_name = common_config('site', 'name');
// TRANS: Mail body after forwarding notices to Twitter has stopped working.
// TRANS: %1$ is the name of the user the mail is sent to, %2$s is a URL to the
// TRANS: Twitter settings, %3$s is the StatusNet sitename.
$body = sprintf(_m('Hi, %1$s. We\'re sorry to inform you that your ' . 'link to Twitter has been disabled. We no longer seem to have ' . 'permission to update your Twitter status. Did you maybe revoke ' . '%3$s\'s access?' . "\n\n" . 'You can re-enable your Twitter bridge by visiting your ' . "Twitter settings page:\n\n\t%2\$s\n\n" . "Regards,\n%3\$s"), $profile->getBestName(), common_local_url('twittersettings'), common_config('site', 'name'));
common_switch_locale();
return mail_to_user($user, $subject, $body);
}
/**
* send a mail message to notify a user of a 'nudge'
*
* @param User $from user nudging
* @param User $to user being nudged
*
* @return boolean success flag
*/
function mail_notify_nudge($from, $to)
{
common_switch_locale($to->language);
// TRANS: Subject for 'nudge' notification email.
// TRANS: %s is the nudging user.
$subject = sprintf(_('You have been nudged by %s'), $from->nickname);
$from_profile = $from->getProfile();
// TRANS: Body for 'nudge' notification email.
// TRANS: %1$s is the nuding user's long name, $2$s is the nudging user's nickname,
// TRANS: %3$s is a URL to post notices at.
$body = sprintf(_("%1\$s (%2\$s) is wondering what you are up to " . "these days and is inviting you to post some news.\n\n" . "So let's hear from you :)\n\n" . "%3\$s\n\n" . "Don't reply to this email; it won't get to them."), $from_profile->getBestName(), $from->nickname, common_local_url('all', array('nickname' => $to->nickname))) . mail_footer_block();
common_switch_locale();
$headers = _mail_prepare_headers('nudge', $to->nickname, $from->nickname);
return mail_to_user($to, $subject, $body, $headers);
}
/**
* Send a mail message to notify a user that her Twitter bridge link
* has stopped working, and therefore has been removed. This can
* happen when the user changes her Twitter password, or otherwise
* revokes access.
*
* @param User $user user whose Twitter bridge link has been removed
*
* @return boolean success flag
*/
function mail_twitter_bridge_removed($user)
{
$profile = $user->getProfile();
common_switch_locale($user->language);
$subject = sprintf(_m('Your Twitter bridge has been disabled.'));
$site_name = common_config('site', 'name');
$body = sprintf(_m('Hi, %1$s. We\'re sorry to inform you that your ' . 'link to Twitter has been disabled. We no longer seem to have ' . 'permission to update your Twitter status. (Did you revoke ' . '%3$s\'s access?)' . "\n\n" . 'You can re-enable your Twitter bridge by visiting your ' . "Twitter settings page:\n\n\t%2\$s\n\n" . "Regards,\n%3\$s\n"), $profile->getBestName(), common_local_url('twittersettings'), common_config('site', 'name'));
common_switch_locale();
return mail_to_user($user, $subject, $body);
}
/**
* Actually save the avatar we found locally.
*
* @param User $user
* @param string $url to avatar URL
* @todo merge wrapper funcs for this into common place for 1.0 core
*/
private function saveAvatar($user, $url)
{
if (!common_valid_http_url($url)) {
// TRANS: Server exception thrown when an avatar URL is invalid.
// TRANS: %s is the invalid avatar URL.
throw new ServerException(sprintf(_m('Invalid avatar URL %s.'), $url));
}
// @todo FIXME: This should be better encapsulated
// ripped from OStatus via oauthstore.php (for old OMB client)
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
try {
if (!copy($url, $temp_filename)) {
// TRANS: Exception thrown when fetching an avatar from a URL fails.
// TRANS: %s is a URL.
throw new ServerException(sprintf(_m('Unable to fetch avatar from %s.'), $url));
}
$profile = $user->getProfile();
$id = $profile->id;
$imagefile = new ImageFile(null, $temp_filename);
$filename = Avatar::filename($id, image_type_to_extension($imagefile->type), null, common_timestamp());
rename($temp_filename, Avatar::path($filename));
} catch (Exception $e) {
unlink($temp_filename);
throw $e;
}
$profile->setOriginal($filename);
}
/**
* notify a user that one of their notices has been chosen as a 'fave'
*
* Doesn't check that the user has an email address nor if they
* want to receive notification of faves. Maybe this happens higher
* up the stack...?
*
* @param User $other The user whose notice was faved
* @param User $user The user who faved the notice
* @param Notice $notice The notice that was faved
*
* @return void
*/
function mail_notify_fave($other, $user, $notice)
{
if (!$user->hasRight(Right::EMAILONFAVE)) {
return;
}
$profile = $user->getProfile();
if ($other->hasBlocked($profile)) {
// If the author has blocked us, don't spam them with a notification.
return;
}
$bestname = $profile->getBestName();
common_switch_locale($other->language);
// TRANS: Subject for favorite notification e-mail.
// TRANS: %1$s is the adding user's long name, %2$s is the adding user's nickname.
$subject = sprintf(_('%1$s (@%2$s) added your notice as a favorite'), $bestname, $user->nickname);
// TRANS: Body for favorite notification e-mail.
// TRANS: %1$s is the adding user's long name, $2$s is the date the notice was created,
// TRANS: %3$s is a URL to the faved notice, %4$s is the faved notice text,
// TRANS: %5$s is a URL to all faves of the adding user, %6$s is the StatusNet sitename,
// TRANS: %7$s is the adding user's nickname.
$body = sprintf(_("%1\$s (@%7\$s) just added your notice from %2\$s" . " as one of their favorites.\n\n" . "The URL of your notice is:\n\n" . "%3\$s\n\n" . "The text of your notice is:\n\n" . "%4\$s\n\n" . "You can see the list of %1\$s's favorites here:\n\n" . "%5\$s\n\n" . "Faithfully yours,\n" . "%6\$s\n"), $bestname, common_exact_date($notice->created), common_local_url('shownotice', array('notice' => $notice->id)), $notice->content, common_local_url('showfavorites', array('nickname' => $user->nickname)), common_config('site', 'name'), $user->nickname);
$headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname);
common_switch_locale();
mail_to_user($other, $subject, $body, $headers);
}
/**
* notify a user that one of their notices has been chosen as a 'fave'
*
* Doesn't check that the user has an email address nor if they
* want to receive notification of faves. Maybe this happens higher
* up the stack...?
*
* @param User $other The user whose notice was faved
* @param User $user The user who faved the notice
* @param Notice $notice The notice that was faved
*
* @return void
*/
function mail_notify_fave($other, $user, $notice)
{
if (!$user->hasRight(Right::EMAILONFAVE)) {
return;
}
$profile = $user->getProfile();
$bestname = $profile->getBestName();
common_switch_locale($other->language);
// TRANS: Subject for favorite notification email
$subject = sprintf(_('%s (@%s) added your notice as a favorite'), $bestname, $user->nickname);
// TRANS: Body for favorite notification email
$body = sprintf(_("%1\$s (@%7\$s) just added your notice from %2\$s" . " as one of their favorites.\n\n" . "The URL of your notice is:\n\n" . "%3\$s\n\n" . "The text of your notice is:\n\n" . "%4\$s\n\n" . "You can see the list of %1\$s's favorites here:\n\n" . "%5\$s\n\n" . "Faithfully yours,\n" . "%6\$s\n"), $bestname, common_exact_date($notice->created), common_local_url('shownotice', array('notice' => $notice->id)), $notice->content, common_local_url('showfavorites', array('nickname' => $user->nickname)), common_config('site', 'name'), $user->nickname);
$headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname);
common_switch_locale();
mail_to_user($other, $subject, $body, $headers);
}
/**
* Encode the given string as a signed MagicEnvelope XML document,
* using the keypair for the given local user profile. We can of
* course not sign a remote profile's slap, since we don't have the
* private key.
*
* Side effects: will create and store a keypair on-demand if one
* hasn't already been generated for this user. This can be very slow
* on some systems.
*
* @param string $text XML fragment to sign, assumed to be Atom
* @param User $user User who cryptographically signs $text
*
* @return MagicEnvelope object complete with signature
*
* @throws Exception on bad profile input or key generation problems
*/
public static function signAsUser($text, User $user)
{
$magic_env = new MagicEnvelope(null, $user->getProfile());
$magic_env->signMessage($text, 'application/atom+xml');
return $magic_env;
}
/**
* Send a mail message to notify a user that her Facebook Application
* access has been removed.
*
* @param User $user user whose Facebook app link has been removed
*
* @return boolean success flag
*/
function mail_facebook_app_removed($user)
{
$profile = $user->getProfile();
$site_name = common_config('site', 'name');
common_switch_locale($user->language);
$subject = sprintf(_m('Your %1$s Facebook application access has been disabled.', $site_name));
$body = sprintf(_m("Hi, %1\$s. We're sorry to inform you that we are " . 'unable to update your Facebook status from %2$s, and have disabled ' . 'the Facebook application for your account. This may be because ' . 'you have removed the Facebook application\'s authorization, or ' . 'have deleted your Facebook account. You can re-enable the ' . 'Facebook application and automatic status updating by ' . "re-installing the %2\$s Facebook application.\n\nRegards,\n\n%2\$s"), $user->nickname, $site_name);
common_switch_locale();
return mail_to_user($user, $subject, $body);
}
<?php
/*
* This file is part of the symfony package.
* (c) 2004-2006 Fabien Potencier <*****@*****.**>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
$app = 'frontend';
require_once dirname(__FILE__) . '/../bootstrap/functional.php';
$t = new lime_test(17);
// test for ticket #4935
$user = new User();
$profile = $user->getProfile();
$userForm = new UserForm($user);
$profileForm = new ProfileForm($profile);
unset($profileForm['id'], $profileForm['user_id']);
$userForm->embedForm('Profile', $profileForm);
$data = array('username' => 'jwage', 'password' => 'changeme', 'Profile' => array('first_name' => 'Jonathan', 'last_name' => 'Wage'));
$userForm->bind($data);
$userForm->save();
$t->is($user->getId() > 0, true);
$t->is($user->getId(), $profile->getUserId());
$t->is($user->getUsername(), 'jwage');
$t->is($profile->getFirstName(), 'Jonathan');
$userCount = Doctrine_Query::create()->from('User u')->count();
$t->is($userCount, 1);
$profileCount = Doctrine_Query::create()->from('Profile p')->count();
$t->is($profileCount, 1);
$widget = new sfWidgetFormDoctrineChoice(array('model' => 'User'));
/**
* When one of our local users tries to subscribe to a remote peopletag,
* notify the remote server. If the notification is rejected,
* deny the subscription.
*
* @param Profile_list $peopletag
* @param User $user
*
* @return mixed hook return value
*/
function onStartSubscribePeopletag($peopletag, $user)
{
$oprofile = Ostatus_profile::staticGet('peopletag_id', $peopletag->id);
if ($oprofile) {
if (!$oprofile->subscribe()) {
// TRANS: Exception thrown when setup of remote list subscription fails.
throw new Exception(_m('Could not set up remote list subscription.'));
}
$sub = $user->getProfile();
$tagger = Profile::staticGet($peopletag->tagger);
$act = new Activity();
$act->id = TagURI::mint('subscribe_peopletag:%d:%d:%s', $sub->id, $peopletag->id, common_date_iso8601(time()));
$act->actor = ActivityObject::fromProfile($sub);
$act->verb = ActivityVerb::FOLLOW;
$act->object = $oprofile->asActivityObject();
$act->time = time();
// TRANS: Title for following a remote list.
$act->title = _m('TITLE', 'Follow list');
// TRANS: Success message for remote list follow through OStatus.
// TRANS: %1$s is the subscriber name, %2$s is the list, %3$s is the tagger's name.
$act->content = sprintf(_m('%1$s is now following people listed in %2$s by %3$s.'), $sub->getBestName(), $oprofile->getBestName(), $tagger->getBestName());
if ($oprofile->notifyActivity($act, $sub)) {
return true;
} else {
$oprofile->garbageCollect();
// TRANS: Exception thrown when subscription to remote list fails.
throw new Exception(_m('Failed subscribing to remote list.'));
}
}
}
/**
* @brief Sauvegarde le profil de l'utilisateur dans la base de données
* @param User $user ID du membre qui doit sauvegarder son profil
* @return boolean @b TRUE si la sauvegarde s'est correctement déroulée
*/
public function saveProfile($user)
{
try {
$this->bdd->beginTransaction();
$req = $this->bdd->prepare("SELECT * FROM profile \n\t\t\tNATURAL JOIN profile_key\n\t\t\tWHERE id_member = :id_member");
$req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT);
$req->execute();
$temp = array();
while ($rep = $req->fetch(PDO::FETCH_ASSOC)) {
$temp[$rep['key_name']]['value'] = $rep['value'];
$temp[$rep['key_name']]['key'] = $rep['id_key'];
}
foreach ($user->getProfile() as $key => $value) {
if (isset($temp[$key]['value'])) {
if ($temp[$key] != $value) {
//différence entre BDD et User Session ?
$req = $this->bdd->prepare("UPDATE profile SET value = :value\n\t\t\t\t\t\tWHERE id_member = :id_member AND id_key = :id_key");
$req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT);
$req->bindValue(':id_key', $temp[$key]['key'], PDO::PARAM_INT);
$req->bindValue(':value', $value, PDO::PARAM_STR);
$req->execute();
}
} else {
$req = $this->bdd->prepare("INSERT INTO profile(id_member, id_key, value) \n\t\t\t\t\tVALUES (:id_member, (SELECT id_key FROM profile_key WHERE key_name = :key_name), :value)");
$req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT);
$req->bindValue(':key_name', $key, PDO::PARAM_INT);
$req->bindValue(':value', $value, PDO::PARAM_STR);
$req->execute();
}
}
$this->bdd->commit();
return true;
} catch (Exception $e) {
$this->bdd->rollBack();
return false;
}
}
/**
* @covers Api::checkAuth
* @depends testGenerateToken
* @runInSeparateProcess
*/
public function testcheckAuthWithInvalidSubAttribute()
{
//set method for use in CLI
$_SERVER['REQUEST_METHOD'] = 'GET';
//create valid token
require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/User.php';
$user = new User(1);
$userProfile = $user->getProfile();
unset($userProfile->sub);
$token = $this->object->generateToken($userProfile);
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer ' . $token->token;
$this->object = new Api('json', array('GET'));
ob_start();
$this->assertFalse($this->object->checkAuth());
$output = ob_get_contents();
ob_end_clean();
$this->assertEquals('{"code":401,"message":"Subject not found"}', $output, 'Output should be a json string but found: ' . $output);
}
