/** * wp.getAuthors * * @see http://codex.wordpress.org/XML-RPC_wp#wp.getAuthors * * @param xmlrpcmsg XML-RPC Message * 0 blogid (int): Unique identifier of the blog. * 1 username (string): User login. * 2 password (string): Password for said username. */ function wp_getauthors($m) { // CHECK LOGIN: /** * @var User */ if (!($current_User =& xmlrpcs_login($m, 1, 2))) { // Login failed, return (last) error: return xmlrpcs_resperror(); } // GET BLOG: /** * @var Blog */ if (!($Blog =& xmlrpcs_get_Blog($m, 0))) { // Login failed, return (last) error: return xmlrpcs_resperror(); } if (!$current_User->check_perm('users', 'view')) { return xmlrpcs_resperror(5, T_('You have no permission to view other users!')); } load_class('users/model/_userlist.class.php', 'UserList'); $UserList = new UserList('', NULL, 'u_', array('join_group' => false, 'join_session' => false, 'join_country' => false, 'join_city' => false)); // Run the query: $UserList->query(); logIO('Found users: ' . $UserList->result_num_rows); $data = array(); while ($User =& $UserList->get_next()) { $data[] = new xmlrpcval(array('user_id' => new xmlrpcval($User->ID, 'int'), 'user_login' => new xmlrpcval($User->login), 'display_name' => new xmlrpcval($User->get_preferred_name())), 'struct'); } logIO('OK.'); return new xmlrpcresp(new xmlrpcval($data, 'array')); }
/** * Constructor. * * @access public * @param UserList $list User List Object. * @param User $user User object owning tag/note metadata. * @param int $listId ID of list containing desired tags/notes (or * null to show tags/notes from all user's lists). * @param bool $allowEdit Should we display edit controls? */ public function __construct($list, $user, $allowEdit = true) { $this->list = $list; $this->user = $user; $this->listId = $list->id; $this->allowEdit = $allowEdit; // Determine Sorting Option // if (isset($list->defaultSort)) { $this->defaultSort = $list->defaultSort; } // when list as a sort setting use that if (isset($_REQUEST['sort']) && (in_array($_REQUEST['sort'], $this->solrSortOptions) || in_array($_REQUEST['sort'], array_keys($this->userListSortOptions)))) { // if URL variable is a valid sort option, set the list's sort setting $this->sort = $_REQUEST['sort']; } else { $this->sort = $this->defaultSort; } $this->isUserListSort = in_array($this->sort, array_keys($this->userListSortOptions)); // Get the Favorites // $userListSort = $this->isUserListSort ? $this->userListSortOptions[$this->sort] : null; $this->favorites = $list->getListEntries($userListSort); // when using a user list sorting, rather than solr sorting, get results in order // Process the IDs found in the favorites foreach ($this->favorites as $favorite) { if (is_object($favorite)) { $this->ids[] = $favorite->groupedWorkPermanentId; } else { $this->ids[] = $favorite; } } }
public function createuser() { $errmsg = array(); if ($this->registry->auth->check()) { header("Location: /store"); return; } if (false == preg_match('/^[a-zA-Z0-9_]+$/', $this->registry->request->login)) { $errmsg[] = 'Login should consist from alphanumeric characters'; } if (false == preg_match('/^[a-zA-Z0-9_]+$/', $this->registry->request->pass)) { $errmsg[] = 'Password should consist from alphanumeric characters'; } if ($this->registry->request->pass !== $this->registry->request->pass_confirm) { $errmsg[] = 'Wrong password confirmation'; } /** Instance of UserList class, lib/userlist.class.php */ $ul = new UserList(); /** Check if user exists */ if ($ul->isRegistered($this->registry->request->login)) { $errmsg[] = 'This username is unavailable.'; } /** Create new user */ if (false == $ul->createUser($this->registry->request->login, $this->registry->request->pass)) { $errmsg[] = 'Fatal error. Try again later.'; } if (count($errmsg) > 0) { $this->registry->view->errormessages = $errmsg; $this->registry->view->render('register'); return; } unset($ul); $this->registry->view->render('register_ok'); }
public function signin() { $errmsg = array(); if ($this->registry->auth->check()) { header("Location: /store"); return; } if (false == preg_match('/^[a-zA-Z0-9_]+$/', $this->registry->request->login)) { $errmsg[] = 'Login should consist from alphanumeric characters'; } if (false == preg_match('/^[a-zA-Z0-9_]+$/', $this->registry->request->pass)) { $errmsg[] = 'Password should consist from alphanumeric characters'; } /** instance of UserList class, lib/userlist.class.php */ $ul = new UserList(); if (!($passwordHash = $ul->isRegistered($this->registry->request->login))) { $errmsg[] = 'Wrong login.'; } if (md5($this->registry->request->pass) !== $passwordHash) { $errmsg[] = 'Wrong password.'; } if (count($errmsg) > 0) { $this->registry->view->errormessages = $errmsg; $this->registry->view->render('login'); return; } unset($ul); $this->registry->auth->login(); $this->registry->view->username = $this->registry->request->login; $this->registry->view->render('login_ok'); }
public function getRequestedSearchResults() { $userList = new UserList(); $userList->sortBy('uDateAdded', 'desc'); $userList->showInactiveUsers = true; $userList->showInvalidatedUsers = true; if ($_GET['keywords'] != '') { $userList->filterByKeywords($_GET['keywords']); } if ($_REQUEST['numResults']) { $userList->setItemsPerPage($_REQUEST['numResults']); } if (isset($_REQUEST['gID']) && is_array($_REQUEST['gID'])) { foreach ($_REQUEST['gID'] as $gID) { $userList->filterByGroupID($gID); } } if (is_array($_REQUEST['selectedSearchField'])) { foreach ($_REQUEST['selectedSearchField'] as $i => $item) { // due to the way the form is setup, index will always be one more than the arrays if ($item != '') { switch ($item) { case 'is_active': if ($_GET['active'] === '0') { $userList->filterByIsActive(0); } else { if ($_GET['active'] === '1') { $userList->filterByIsActive(1); } } break; case "date_added": $dateFrom = $_REQUEST['date_from']; $dateTo = $_REQUEST['date_to']; if ($dateFrom != '') { $dateFrom = date('Y-m-d', strtotime($dateFrom)); $userList->filterByDateAdded($dateFrom, '>='); $dateFrom .= ' 00:00:00'; } if ($dateTo != '') { $dateTo = date('Y-m-d', strtotime($dateTo)); $dateTo .= ' 23:59:59'; $userList->filterByDateAdded($dateTo, '<='); } break; default: $akID = $item; $fak = UserAttributeKey::get($akID); $type = $fak->getAttributeType(); $cnt = $type->getController(); $cnt->setAttributeKey($fak); $cnt->searchForm($userList); break; } } } } return $userList; }
public function getAccessEntityUsers(PermissionAccess $pa) { $gl = new UserList(); foreach ($this->groups as $g) { $gl->filterByGroupID($g->getGroupID()); } return $gl->get(); }
/** * Get user IDs from current filterset of users list * * @param string Filterset name * return array User IDs */ function get_filterset_user_IDs($filterset_name = 'admin') { load_class('users/model/_userlist.class.php', 'UserList'); // Initialize users list from session cache in order to get users IDs for newsletter $UserList = new UserList($filterset_name); $UserList->memorize = false; $UserList->load_from_Request(); return $UserList->filters['users']; }
public function view() { $userList = new UserList(); $userList->sortBy('uName', 'asc'); $keywords = $this->get('keywords'); if ($keywords != '') { $userList->filterByKeywords($keywords); } $users = $userList->getPage(); $this->set('userList', $userList); $this->set('users', $users); $this->set('attribs', UserAttributeKey::getMemberListList()); $this->set('keywords', htmlentities($keywords, ENT_COMPAT, APP_CHARSET)); $this->addHeaderItem(Loader::helper('html')->css('ccm.profile.css')); }
public function __construct($seedUserListId = null, $seedUserListName = null, $seedUserListDescription = null, $seedUserListStatus = null, $seedListSize = null, $id = null, $isReadOnly = null, $name = null, $description = null, $status = null, $integrationCode = null, $accessReason = null, $accountUserListStatus = null, $membershipLifeSpan = null, $size = null, $sizeRange = null, $sizeForSearch = null, $sizeRangeForSearch = null, $listType = null, $isEligibleForSearch = null, $isEligibleForDisplay = null, $UserListType = null) { parent::__construct(); $this->seedUserListId = $seedUserListId; $this->seedUserListName = $seedUserListName; $this->seedUserListDescription = $seedUserListDescription; $this->seedUserListStatus = $seedUserListStatus; $this->seedListSize = $seedListSize; $this->id = $id; $this->isReadOnly = $isReadOnly; $this->name = $name; $this->description = $description; $this->status = $status; $this->integrationCode = $integrationCode; $this->accessReason = $accessReason; $this->accountUserListStatus = $accountUserListStatus; $this->membershipLifeSpan = $membershipLifeSpan; $this->size = $size; $this->sizeRange = $sizeRange; $this->sizeForSearch = $sizeForSearch; $this->sizeRangeForSearch = $sizeRangeForSearch; $this->listType = $listType; $this->isEligibleForSearch = $isEligibleForSearch; $this->isEligibleForDisplay = $isEligibleForDisplay; $this->UserListType = $UserListType; }
function launch() { global $interface; //Get all lists for the user // Fetch List object if (isset($_REQUEST['id'])) { /** @var UserList $list */ $list = UserList::staticGet($_GET['listId']); } $interface->assign('favList', $list); // Get all titles on the list // $favorites = $list->getListEntries(); // $favList = new FavoriteHandler($favorites, null, $list->id, false); //TODO: test this $favList = new FavoriteHandler($list, null, false); $citationFormat = $_REQUEST['citationFormat']; $citationFormats = CitationBuilder::getCitationFormats(); $interface->assign('citationFormat', $citationFormats[$citationFormat]); $citations = $favList->getCitations($citationFormat); $interface->assign('citations', $citations); // Display Page $interface->assign('listId', strip_tags($_REQUEST['id'])); $interface->setTemplate('listCitations.tpl'); $interface->display('layout.tpl'); }
/** * @see \wcf\data\DatabaseObjectList::readObjects() */ public function readObjects() { if ($this->objectIDs === null) { $this->readObjectIDs(); } parent::readObjects(); }
function launch($msg = null) { global $interface; global $configArray; if (!($user = UserAccount::isLoggedIn())) { require_once ROOT_DIR . '/services/MyAccount/Login.php'; MyAccount_Login::launch(); exit; } // Save Data if (isset($_POST['submit'])) { $this->saveChanges($user); // After changes are saved, send the user back to an appropriate page; // either the list they were viewing when they started editing, or the // overall favorites list. if (isset($_REQUEST['list_id'])) { $nextAction = 'MyList/' . $_REQUEST['list_id']; } else { $nextAction = 'Home'; } header('Location: ' . $configArray['Site']['path'] . '/MyAccount/' . $nextAction); exit; } require_once ROOT_DIR . '/sys/LocalEnrichment/UserList.php'; $userList = new UserList(); $userList->id = $_REQUEST['list_id']; $userList->find(true); $interface->assign('list', $userList); require_once ROOT_DIR . '/RecordDrivers/GroupedWorkDriver.php'; $id = $_GET['id']; $groupedWorkDriver = new GroupedWorkDriver($id); if ($groupedWorkDriver->isValid) { $interface->assign('recordDriver', $groupedWorkDriver); } // Record ID $interface->assign('recordId', $id); // Retrieve saved information about record require_once ROOT_DIR . '/sys/LocalEnrichment/UserListEntry.php'; $userListEntry = new UserListEntry(); $userListEntry->groupedWorkPermanentId = $id; $userListEntry->listId = $_REQUEST['list_id']; $userListEntry->find(true); $interface->assign('listEntry', $userListEntry); $interface->assign('listFilter', $_GET['list_id']); $interface->setTemplate('editListTitle.tpl'); $interface->display('layout.tpl'); }
function handleSearch($p) { $list = UserList::getUsers($p['q']); echo '<h2>Showing users matching <u>' . $p['q'] . '</u>'; echo ' (' . count($list) . ' hits)</h2>'; $dt = new YuiDatatable(); $dt->addColumn('id', 'Username', 'link', 'u/profile/', 'name'); $dt->addColumn('time_last_active', 'Last active'); $dt->setDataSource($list); echo $dt->render(); }
public function getLeaders($searchString, $city, $limit) { Loader::model('user_list'); $av = Loader::helper('concrete/avatar'); $ul = new UserList(); $ul->filterByKeywords($searchString); $ul->filterByGroup('Walk Leaders'); $ul->filterByIsActive(1); $ul->filterByFirstName(null, '!='); $ul->filterByFirstName('', '!='); $ul->filter('uLastLogin', 0, '!='); $ul->sortBy('uLastLogin'); $userSet = []; foreach ($ul->get($limit ?: 5) as $user) { $home_city = $user->getAttribute('home_city'); $userSet[$user->getUserID()] = ['user_id' => $user->getUserID(), 'first_name' => $user->getAttribute('first_name'), 'last_name' => $user->getAttribute('last_name'), 'city_name' => $home_city ? $home_city->getCollectionName() : null, 'city_id' => $home_city ? $home_city->getCollectionID() : null, 'bio' => $user->getAttribute('bio'), 'twitter' => $user->getAttribute('twitter'), 'facebook' => $user->getAttribute('facebook'), 'website' => $user->getAttribute('website'), 'avatar' => $av->getImagePath($user)]; } return json_encode($userSet); }
public function actionIndex() { $taxModel = LbTax::model()->getTaxes(); $list = UserList::model()->getList(); $translate = Translate::model()->search(); $translate = new Translate('search'); $translate->unsetAttributes(); // clear any default values if (isset($_GET['Translate'])) { $translate->attributes = $_GET['Translate']; } LBApplication::render($this, 'index', array('taxModel' => $taxModel, 'list' => $list, 'translate' => $translate)); // $this->render('index'); }
/** * Echo widget content = list of blog users. */ function widget($args, $instance) { require_once 'UserList.class.php'; // parse hidden users string if (!empty($instance['hiddenusers'])) { $hiddenusers = explode(',', $instance['hiddenusers']); $hiddenusers = array_map('trim', $hiddenusers); } else { $hiddenusers = array(); } $userlist = new UserList(); $userlist->roles = $instance['roles']; $userlist->blogs = $instance['blogs']; $userlist->group_by = $instance['group_by']; $userlist->hiddenusers = $hiddenusers; if (is_array($instance['display'])) { $userlist->show_name = in_array('show_name', $instance['display']); $userlist->show_postcount = in_array('show_postcount', $instance['display']); $userlist->show_bbpress_post_count = in_array('show_bbpress_post_count', $instance['display']); $userlist->show_biography = in_array('show_biography', $instance['display']); $userlist->user_link = $instance['display']['user_link']; $userlist->avatar_size = $instance['display']['avatar_size']; $userlist->limit = $instance['display']['limit']; $userlist->min_post_count = $instance['display']['min_post_count']; $userlist->order = $instance['display']['order']; $userlist->sort_direction = $instance['display']['sort_direction']; } // extract widget arguments extract($args, EXTR_SKIP); // add the standard title filter $title = empty($instance['title']) ? '' : apply_filters('widget_title', $instance['title']); // build the widget html echo $before_widget; echo $before_title . $title . $after_title; $userlist->output(); echo $after_widget; }
function addList() { if ($this->user) { if (strlen(trim($_REQUEST['title'])) == 0) { return new PEAR_Error('list_edit_name_required'); } $list = new UserList(); $list->title = $_REQUEST['title']; $list->description = $_REQUEST['desc']; $list->public = $_REQUEST['public']; $list->user_id = $this->user->id; $list->insert(); $list->find(); return $list->id; } else { return false; } }
public function run() { //We check the level of the user before to allow him to see the content if (isset($this->model->idCategory) && isset($this->filterLevel) && $this->model->idCategory != '') { $levelCategory = Category::model()->findByPk($this->model->idCategory); if ($levelCategory->level > $this->filterLevel) { Yii::app()->user->setFlash('forbiddenLevel', 'Sorry, to have access to this category you need to register a coin which belongs to this category.'); } } //If the user makes a research by username, we shouldn't display the anonymous ones if (isset($this->model->username) && $this->model->username !== '') { $this->model->anonymous = 0; } //We get the generated criterias $criteria = $this->model->getCriteria(); //We set up the number of Truth we want to display if necessary if (isset($this->model->limit)) { $criteria->limit = $this->model->limit; } //We choose the order of display $criteria->order = isset($this->model->order) && $this->model->order !== '' ? $this->model->order . " DESC " : " t.voteUp - t.voteDown DESC "; //Page manager $count = Truth::model()->levelFilter($this->filterLevel)->count($criteria); //Use the $this->limit in Pagination otherwise $pages->pageSize to $criteria overriding the $criteria->limit $pages = new CPagination(isset($this->model->limit) ? $this->model->limit : $count); $pages->pageSize = isset($this->model->limit) ? $this->model->limit : $this->itemsPerPage; $pages->applyLimit($criteria); //Get the datas $datas = Truth::model()->levelFilter($this->filterLevel)->findAll($criteria); //Manage favourites $modelUserList = new UserList(); $userLists = CHtml::listData(array(), 'idUserList', 'name'); if (!Yii::app()->user->isGuest) { $userLists = UserList::model()->findAllByAttributes(array('idUser' => Yii::app()->user->getId())); $userLists = CHtml::listData($userLists, 'idUserList', 'name'); } //Manage send Challenges $friends = CHtml::listData(array(), 'idUser', 'username'); if (!Yii::app()->user->isGuest) { $friends = CHtml::listData(Friend::getFriends(Yii::app()->user->getId()), 'idUser', 'username'); } $this->render('truthList', array('datas' => $datas, 'pages' => $pages, 'userLists' => $userLists, 'friends' => $friends)); }
public function __construct($conversionTypes = null, $id = null, $isReadOnly = null, $name = null, $description = null, $status = null, $integrationCode = null, $accessReason = null, $accountUserListStatus = null, $membershipLifeSpan = null, $size = null, $sizeRange = null, $sizeForSearch = null, $sizeRangeForSearch = null, $type = null, $UserListType = null) { parent::__construct(); $this->conversionTypes = $conversionTypes; $this->id = $id; $this->isReadOnly = $isReadOnly; $this->name = $name; $this->description = $description; $this->status = $status; $this->integrationCode = $integrationCode; $this->accessReason = $accessReason; $this->accountUserListStatus = $accountUserListStatus; $this->membershipLifeSpan = $membershipLifeSpan; $this->size = $size; $this->sizeRange = $sizeRange; $this->sizeForSearch = $sizeForSearch; $this->sizeRangeForSearch = $sizeRangeForSearch; $this->type = $type; $this->UserListType = $UserListType; }
/** * Process parameters and display the page. * * @return void * @access public */ public function launch() { global $interface; global $configArray; if (!($user = UserAccount::isLoggedIn())) { include_once 'Login.php'; MyAccount_Login::launch(); exit; } // Fetch List object $list = UserList::staticGet($_GET['id']); // Ensure user have privs to view the list if ($list->user_id != $user->id) { PEAR_Singleton::raiseError(new PEAR_Error(translate('list_access_denied'))); } // Save Data if (isset($_POST['submit'])) { if (empty($_POST['title'])) { $interface->assign('errorMsg', 'list_edit_name_required'); } else { if ($this->_saveChanges($user, $list)) { // After changes are saved, send the user back to an appropriate page $nextAction = 'MyList/' . $list->id; header('Location: ' . $configArray['Site']['path'] . '/MyResearch/' . $nextAction); exit; } else { // List was not edited $interface->assign('errorMsg', 'edit_list_fail'); } } } // Send list to template so title/description can be displayed: $interface->assign('list', $list); $interface->setTemplate('editList.tpl'); $interface->display('layout.tpl'); }
$admin_Plugins->restart(); $edit_Plugin =& $admin_Plugins->get_by_ID($plugin_ID); load_funcs('plugins/_plugin.funcs.php'); _set_setting_by_path($edit_Plugin, 'UserSettings', $set_path, array()); $edit_Plugin->Settings->dbupdate(); $action = 'edit'; break; case 'search': // Quick search // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('user'); param('user_search', 'string', ''); set_param('keywords', $user_search); set_param('filter', 'new'); load_class('users/model/_userlist.class.php', 'UserList'); $UserList = new UserList('admin', $UserSettings->get('results_per_page'), 'users_', array('join_city' => false)); $UserList->load_from_Request(); // Make query to get a count of users $UserList->query(); if ($UserList->get_total_rows() == 1) { // If we find only one user by quick search we do a redirect to user's edit page $User = $UserList->rows[0]; if (!empty($User)) { header_redirect('?ctrl=user&user_tab=profile&user_ID=' . $User->user_ID); } } // Unset the filter to avoid the step 1 in the function $UserList->query() on the users list set_param('filter', ''); break; case 'remove_sender_customization': // Check that this action request is not a CSRF hacked request:
/** * Initialize internal states for the most common skin displays. * * For more specific skins, this function may not be called and * equivalent code may be customized within the skin. * * @param string What are we going to display. Most of the time the global $disp should be passed. */ function skin_init($disp) { /** * @var Blog */ global $Blog; /** * @var Item */ global $Item; /** * @var Skin */ global $Skin; global $robots_index; global $seo_page_type; global $redir, $ReqURL, $ReqURI, $m, $w, $preview; global $Chapter; global $Debuglog; /** * @var ItemList2 */ global $MainList; /** * This will give more detail when $disp == 'posts'; otherwise it will have the same content as $disp * @var string */ global $disp_detail, $Settings; global $Timer; global $Messages, $PageCache; global $Session, $current_User; $Timer->resume('skin_init'); if (empty($disp_detail)) { $disp_detail = $disp; } $Debuglog->add('skin_init: $disp=' . $disp, 'skins'); // This is the main template; it may be used to display very different things. // Do inits depending on current $disp: switch ($disp) { case 'front': case 'posts': case 'single': case 'page': case 'terms': case 'download': case 'feedback-popup': // We need to load posts for this display: if ($disp == 'terms') { // Initialize the redirect param to know what page redirect after accepting of terms: param('redirect_to', 'url', ''); } // Note: even if we request the same post as $Item above, the following will do more restrictions (dates, etc.) // Init the MainList object: init_MainList($Blog->get_setting('posts_per_page')); // Init post navigation $post_navigation = $Skin->get_post_navigation(); if (empty($post_navigation)) { $post_navigation = $Blog->get_setting('post_navigation'); } if (!empty($MainList) && $MainList->single_post && ($single_Item =& mainlist_get_item())) { // If we are currently viewing a single post // We assume the current user will have read the entire post and all its current comments: $single_Item->update_read_timestamps(true, true); // Restart the items list: $MainList->restart(); } break; case 'search': // Searching post, comments and categories load_funcs('collections/_search.funcs.php'); // Check previous search keywords so it can be displayed in the search input box param('s', 'string', '', true); break; } // SEO stuff & redirects if necessary: $seo_page_type = NULL; switch ($disp) { // CONTENT PAGES: case 'single': case 'page': case 'terms': if ($disp == 'terms' && !$Item) { // Wrong post ID for terms page: global $disp; $disp = '404'; $Messages->add(sprintf(T_('Terms not found. (post ID #%s)'), get_param('p')), 'error'); break; } if (!$preview && empty($Item)) { // No Item, incorrect request and incorrect state of the application, a 404 redirect should have already happened //debug_die( 'Invalid page URL!' ); } if ($disp == 'single') { $seo_page_type = 'Single post page'; } else { $seo_page_type = '"Page" page'; } if (!$preview) { // Check if item has a goal to insert a hit into DB $Item->check_goal(); } // Check if the post has 'redirected' status: if (!$preview && $Item->status == 'redirected' && $redir == 'yes') { // $redir=no here allows to force a 'single post' URL for commenting // Redirect to the URL specified in the post: $Debuglog->add('Redirecting to post URL [' . $Item->url . '].'); header_redirect($Item->url, true, true); } // Check if we want to redirect to a canonical URL for the post // Please document encountered problems. if (!$preview && ($Blog->get_setting('canonical_item_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_item_urls'))) { // We want to redirect to the Item's canonical URL: $canonical_url = $Item->get_permanent_url('', '', '&'); if (preg_match('|[&?](page=\\d+)|', $ReqURI, $page_param)) { // A certain post page has been requested, keep only this param and discard all others: $canonical_url = url_add_param($canonical_url, $page_param[1], '&'); } if (preg_match('|[&?](mode=quote&[qcp]+=\\d+)|', $ReqURI, $page_param)) { // A quote of comment/post, keep only these params and discard all others: $canonical_url = url_add_param($canonical_url, $page_param[1], '&'); } if (!is_same_url($ReqURL, $canonical_url)) { // The requested URL does not look like the canonical URL for this post... // url difference was resolved $url_resolved = false; // Check if the difference is because of an allowed post navigation param if (preg_match('|[&?]cat=(\\d+)|', $ReqURI, $cat_param)) { // A category post navigation param is set $extended_url = ''; if ($post_navigation == 'same_category' && isset($cat_param[1])) { // navigatie through posts from the same category $category_ids = postcats_get_byID($Item->ID); if (in_array($cat_param[1], $category_ids)) { // cat param is one of this Item categories $extended_url = $Item->add_navigation_param($canonical_url, $post_navigation, $cat_param[1], '&'); // Set MainList navigation target to the requested category $MainList->nav_target = $cat_param[1]; } } $url_resolved = is_same_url($ReqURL, $extended_url); } if (preg_match('|[&?]tag=([^&A-Z]+)|', $ReqURI, $tag_param)) { // A tag post navigation param is set $extended_url = ''; if ($post_navigation == 'same_tag' && isset($tag_param[1])) { // navigatie through posts from the same tag $tag_names = $Item->get_tags(); if (in_array($tag_param[1], $tag_names)) { // tag param is one of this Item tags $extended_url = $Item->add_navigation_param($canonical_url, $post_navigation, $tag_param[1], '&'); // Set MainList navigation target to the requested tag $MainList->nav_target = $tag_param[1]; } } $url_resolved = is_same_url($ReqURL, $extended_url); } if (!$url_resolved && $Blog->get_setting('canonical_item_urls') && $redir == 'yes' && !$Item->check_cross_post_nav('auto', $Blog->ID)) { // REDIRECT TO THE CANONICAL URL: $Debuglog->add('Redirecting to canonical URL [' . $canonical_url . '].'); header_redirect($canonical_url, true); } else { // Use rel="canoncial": add_headline('<link rel="canonical" href="' . $canonical_url . '" />'); } // EXITED. } } if (!$MainList->result_num_rows) { // There is nothing to display for this page, don't index it! $robots_index = false; } break; case 'download': if (empty($Item)) { // No Item, incorrect request and incorrect state of the application, a 404 redirect should have already happened debug_die('Invalid page URL!'); } $download_link_ID = param('download', 'integer', 0); // Check if we can allow to download the selected file $LinkCache =& get_LinkCache(); if (!(($download_Link =& $LinkCache->get_by_ID($download_link_ID, false, false)) && ($LinkItem =& $download_Link->get_LinkOwner()) && ($LinkItem->Item && $LinkItem->Item->ID == $Item->ID) && ($download_File =& $download_Link->get_File()) && $download_File->exists())) { // Bad request, Redirect to Item permanent url $Messages->add(T_('The requested file is not available for download.'), 'error'); $canonical_url = $Item->get_permanent_url('', '', '&'); $Debuglog->add('Redirecting to canonical URL [' . $canonical_url . '].'); header_redirect($canonical_url, true); } // Save the downloading Link to the global vars $GLOBALS['download_Link'] =& $download_Link; // Save global $Item to $download_Item, because $Item can be rewritten by function get_featured_Item() in some skins $GLOBALS['download_Item'] =& $Item; init_ajax_forms('blog'); // auto requires jQuery // Initialize JavaScript to download file after X seconds add_js_headline(' jQuery( document ).ready( function () { jQuery( "#download_timer_js" ).show(); } ); var b2evo_download_timer = ' . intval($Blog->get_setting('download_delay')) . '; var downloadInterval = setInterval( function() { jQuery( "#download_timer" ).html( b2evo_download_timer ); if( b2evo_download_timer == 0 ) { // Stop timer and download a file clearInterval( downloadInterval ); jQuery( "#download_help_url" ).show(); } b2evo_download_timer--; }, 1000 );'); // Use meta tag to download file when JavaScript is NOT enabled add_headline('<meta http-equiv="refresh" content="' . intval($Blog->get_setting('download_delay')) . '; url=' . $download_Link->get_download_url(array('type' => 'action')) . '" />'); $seo_page_type = 'Download page'; if ($Blog->get_setting($disp . '_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; case 'posts': init_ajax_forms('blog'); // auto requires jQuery // fp> if we add this here, we have to exetnd the inner if() // init_ratings_js( 'blog' ); // Get list of active filters: $active_filters = $MainList->get_active_filters(); if (!empty($active_filters)) { // The current page is being filtered... if (array_diff($active_filters, array('page')) == array()) { // This is just a follow "paged" page $disp_detail = 'posts-next'; $seo_page_type = 'Next page'; if ($Blog->get_setting('paged_noindex')) { // We prefer robots not to index category pages: $robots_index = false; } } elseif (array_diff($active_filters, array('cat_array', 'cat_modifier', 'cat_focus', 'posts', 'page')) == array()) { // This is a category page $disp_detail = 'posts-cat'; $seo_page_type = 'Category page'; if ($Blog->get_setting('chapter_noindex')) { // We prefer robots not to index category pages: $robots_index = false; } global $cat, $catsel; if (empty($catsel) && preg_match('~^[0-9]+$~', $cat)) { // We are on a single cat page: // NOTE: we must have selected EXACTLY ONE CATEGORY through the cat parameter // BUT: - this can resolve to including children // - selecting exactly one cat through catsel[] is NOT OK since not equivalent (will exclude children) // echo 'SINGLE CAT PAGE'; if ($Blog->get_setting('canonical_cat_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_cat_urls')) { // Check if the URL was canonical: if (!isset($Chapter)) { $ChapterCache =& get_ChapterCache(); /** * @var Chapter */ $Chapter =& $ChapterCache->get_by_ID($MainList->filters['cat_array'][0], false); } if ($Chapter) { if ($Chapter->parent_ID) { // This is a sub-category page (i-e: not a level 1 category) $disp_detail = 'posts-subcat'; } $canonical_url = $Chapter->get_permanent_url(NULL, NULL, $MainList->get_active_filter('page'), NULL, '&'); if (!is_same_url($ReqURL, $canonical_url)) { // fp> TODO: we're going to lose the additional params, it would be better to keep them... // fp> what additional params actually? if ($Blog->get_setting('canonical_cat_urls') && $redir == 'yes') { // REDIRECT TO THE CANONICAL URL: header_redirect($canonical_url, true); } else { // Use rel="canonical": add_headline('<link rel="canonical" href="' . $canonical_url . '" />'); } } } else { // If the requested chapter was not found display 404 page $Messages->add(T_('The requested chapter was not found')); global $disp; $disp = '404'; break; } } if ($post_navigation == 'same_category') { // Category is set and post navigation should go through the same category, set navigation target param $MainList->nav_target = $cat; } } } elseif (array_diff($active_filters, array('tags', 'posts', 'page')) == array()) { // This is a tag page $disp_detail = 'posts-tag'; $seo_page_type = 'Tag page'; if ($Blog->get_setting('tag_noindex')) { // We prefer robots not to index tag pages: $robots_index = false; } if ($Blog->get_setting('canonical_tag_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_tag_urls')) { // Check if the URL was canonical: $canonical_url = $Blog->gen_tag_url($MainList->get_active_filter('tags'), $MainList->get_active_filter('page'), '&'); if (!is_same_url($ReqURL, $canonical_url)) { if ($Blog->get_setting('canonical_tag_urls') && $redir == 'yes') { // REDIRECT TO THE CANONICAL URL: header_redirect($canonical_url, true); } else { // Use rel="canoncial": add_headline('<link rel="canonical" href="' . $canonical_url . '" />'); } } } $tag = $MainList->get_active_filter('tags'); if ($post_navigation == 'same_tag' && !empty($tag)) { // Tag is set and post navigation should go through the same tag, set navigation target param $MainList->nav_target = $tag; } } elseif (array_diff($active_filters, array('ymdhms', 'week', 'posts', 'page')) == array()) { // This is an archive page // echo 'archive page'; $disp_detail = 'posts-date'; $seo_page_type = 'Date archive page'; if ($Blog->get_setting('canonical_archive_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_archive_urls')) { // Check if the URL was canonical: $canonical_url = $Blog->gen_archive_url(substr($m, 0, 4), substr($m, 4, 2), substr($m, 6, 2), $w, '&', $MainList->get_active_filter('page')); if (!is_same_url($ReqURL, $canonical_url)) { if ($Blog->get_setting('canonical_archive_urls') && $redir == 'yes') { // REDIRECT TO THE CANONICAL URL: header_redirect($canonical_url, true); } else { // Use rel="canoncial": add_headline('<link rel="canonical" href="' . $canonical_url . '" />'); } } } if ($Blog->get_setting('archive_noindex')) { // We prefer robots not to index archive pages: $robots_index = false; } } else { // Other filtered pages: // pre_dump( $active_filters ); $disp_detail = 'posts-filtered'; $seo_page_type = 'Other filtered page'; if ($Blog->get_setting('filtered_noindex')) { // We prefer robots not to index other filtered pages: $robots_index = false; } } } elseif ($Blog->get_setting('front_disp') == 'posts') { // This is the default blog page only if the 'front_disp' is set to 'posts' $disp_detail = 'posts-default'; $seo_page_type = 'Default page'; if ($Blog->get_setting('default_noindex')) { // We prefer robots not to index archive pages: $robots_index = false; } } break; case 'search': $seo_page_type = 'Search page'; if ($Blog->get_setting('filtered_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; // SPECIAL FEATURE PAGES: // SPECIAL FEATURE PAGES: case 'feedback-popup': $seo_page_type = 'Comment popup'; if ($Blog->get_setting($disp . '_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; case 'arcdir': $seo_page_type = 'Date archive directory'; if ($Blog->get_setting($disp . '_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; case 'catdir': $seo_page_type = 'Category directory'; if ($Blog->get_setting($disp . '_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; case 'msgform': global $disp; // get expected message form type $msg_type = param('msg_type', 'string', ''); // initialize $recipient_User = NULL; $Comment = NULL; $allow_msgform = NULL; // get possible params $recipient_id = param('recipient_id', 'integer', 0, true); $comment_id = param('comment_id', 'integer', 0, true); $post_id = param('post_id', 'integer', 0, true); $subject = param('subject', 'string', ''); // try to init recipient_User if (!empty($recipient_id)) { $UserCache =& get_UserCache(); $recipient_User =& $UserCache->get_by_ID($recipient_id); } elseif (!empty($comment_id)) { // comment id is set, try to get comment author user $CommentCache =& get_CommentCache(); $Comment = $CommentCache->get_by_ID($comment_id, false); if ($Comment = $CommentCache->get_by_ID($comment_id, false)) { $recipient_User =& $Comment->get_author_User(); if (empty($recipient_User) && $Comment->allow_msgform && is_email($Comment->get_author_email())) { // set allow message form to email because comment author (not registered) accepts email $allow_msgform = 'email'; param('recipient_address', 'string', $Comment->get_author_email()); param('recipient_name', 'string', $Comment->get_author_name()); } } } else { // Recipient was not defined, try set the blog owner as recipient global $Blog; if (empty($Blog)) { // Blog is not set, this is an invalid request debug_die('Invalid send message request!'); } $recipient_User = $Blog->get_owner_User(); } if ($recipient_User) { // recipient User is set // get_msgform_possibility returns NULL (false), only if there is no messaging option between current_User and recipient user $allow_msgform = $recipient_User->get_msgform_possibility(); if ($msg_type == 'email' && $recipient_User->get_msgform_possibility(NULL, 'email') != 'email') { // User doesn't want to receive email messages, Restrict if this was requested by wrong url: $msg_type = ''; } if ($allow_msgform == 'login') { // user must login first to be able to send a message to this User $disp = 'login'; param('action', 'string', 'req_login'); // override redirect to param param('redirect_to', 'url', regenerate_url(), true, true); if (($msg_Blog =& get_setting_Blog('msg_blog_ID')) && $Blog->ID != $msg_Blog->ID) { // Redirect to special blog for messaging actions if it is defined in general settings header_redirect(url_add_param($msg_Blog->get('msgformurl', array('glue' => '&')), 'redirect_to=' . rawurlencode($redirect_to), '&')); } $Messages->add(T_('You must log in before you can contact this user')); } elseif ($allow_msgform == 'PM' && check_user_status('can_be_validated')) { // user is not activated if ($recipient_User->accepts_email()) { // recipient User accepts email allow to send email $allow_msgform = 'email'; $msg_type = 'email'; $activateinfo_link = 'href="' . get_activate_info_url(NULL, '&') . '"'; $Messages->add(sprintf(T_('You must activate your account before you can send a private message to %s. However you can send them an email if you\'d like. <a %s>More info »</a>'), $recipient_User->get('login'), $activateinfo_link), 'warning'); } else { // Redirect to the activate info page for not activated users $Messages->add(T_('You must activate your account before you can contact a user. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } } elseif ($msg_type == 'PM' && $allow_msgform == 'email') { // only email is allowed but user expect private message form if (!empty($current_User) && $recipient_id == $current_User->ID) { $Messages->add(T_('You cannot send a private message to yourself. However you can send yourself an email if you\'d like.'), 'warning'); } else { $Messages->add(sprintf(T_('You cannot send a private message to %s. However you can send them an email if you\'d like.'), $recipient_User->get('login')), 'warning'); } } elseif ($msg_type != 'email' && $allow_msgform == 'PM') { // private message form should be displayed, change display to create new individual thread with the given recipient user // check if creating new PM is allowed if (check_create_thread_limit(true)) { // thread limit reached header_redirect(); // exited here } global $edited_Thread, $edited_Message, $recipients_selected; // Load classes load_class('messaging/model/_thread.class.php', 'Thread'); load_class('messaging/model/_message.class.php', 'Message'); // Set global variable to auto define the FB autocomplete plugin field $recipients_selected = array(array('id' => $recipient_User->ID, 'title' => $recipient_User->login)); init_tokeninput_js('blog'); $disp = 'threads'; $edited_Thread = new Thread(); $edited_Message = new Message(); $edited_Message->Thread =& $edited_Thread; $edited_Thread->recipients = $recipient_User->login; param('action', 'string', 'new', true); param('thrdtype', 'string', 'individual', true); } if ($allow_msgform == 'email') { // set recippient user param set_param('recipient_id', $recipient_User->ID); } } if ($allow_msgform == NULL) { // should be Prevented by UI if (!empty($recipient_User)) { $Messages->add(sprintf(T_('The user "%s" does not want to be contacted through the message form.'), $recipient_User->get('login')), 'error'); } elseif (!empty($Comment)) { $Messages->add(T_('This commentator does not want to get contacted through the message form.'), 'error'); } $blogurl = $Blog->gen_blogurl(); // If it was a front page request or the front page is set to 'msgform' then we must not redirect to the front page because it is forbidden for the current User $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'msgform' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl; header_redirect($redirect_to, 302); // exited here } if ($allow_msgform == 'PM' || $allow_msgform == 'email') { // Some message form is available // Get the suggested subject for the email: if (empty($subject)) { // no subject provided by param: global $DB; if (!empty($comment_id)) { // fp>TODO there should be NO SQL in this file. Make a $ItemCache->get_by_comment_ID(). $row = $DB->get_row(' SELECT post_title FROM T_items__item, T_comments WHERE comment_ID = ' . $DB->quote($comment_id) . ' AND post_ID = comment_item_ID'); if ($row) { $subject = T_('Re:') . ' ' . sprintf(T_('Comment on %s'), $row->post_title); } } if (empty($subject) && !empty($post_id)) { // fp>TODO there should be NO SQL in this file. Use $ItemCache->get_by_ID. $row = $DB->get_row(' SELECT post_title FROM T_items__item WHERE post_ID = ' . $post_id); if ($row) { $subject = T_('Re:') . ' ' . $row->post_title; } } } if ($allow_msgform == 'PM' && isset($edited_Thread)) { $edited_Thread->title = $subject; } else { param('subject', 'string', $subject, true); } } if (($msg_Blog =& get_setting_Blog('msg_blog_ID')) && $Blog->ID != $msg_Blog->ID) { // Redirect to special blog for messaging actions if it is defined in general settings header_redirect($msg_Blog->get('msgformurl', array('glue' => '&'))); } $seo_page_type = 'Contact form'; if ($Blog->get_setting($disp . '_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; case 'messages': case 'contacts': case 'threads': switch ($disp) { case 'messages': // Actions ONLY for disp=messages // fp> The correct place to get thrd_ID is here, because we want it in redirect_to in case we need to ask for login. $thrd_ID = param('thrd_ID', 'integer', '', true); if (!is_logged_in()) { // Redirect to the login page for anonymous users $Messages->add(T_('You must log in to read your messages.')); header_redirect(get_login_url('cannot see messages'), 302); // will have exited } // check if user status allow to view messages if (!$current_User->check_status('can_view_messages')) { // user status does not allow to view messages if ($current_User->check_status('can_be_validated')) { // user is logged in but his/her account is not activate yet $Messages->add(T_('You must activate your account before you can read & send messages. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } $Messages->add('You are not allowed to view Messages!'); header_redirect($Blog->gen_blogurl(), 302); // will have exited } // check if user permissions allow to view messages if (!$current_User->check_perm('perm_messaging', 'reply')) { // Redirect to the blog url for users without messaging permission $Messages->add('You are not allowed to view Messages!'); header_redirect($Blog->gen_blogurl(), 302); // will have exited } if (!empty($thrd_ID)) { // if this thread exists and current user is part of this thread update status because won't be any unread messages on this conversation // we need to mark this early to make sure the unread message count will be correct in the evobar mark_as_read_by_user($thrd_ID, $current_User->ID); } if (($unsaved_message_params = get_message_params_from_session()) !== NULL) { // set Message and Thread saved params from Session global $edited_Message, $action; load_class('messaging/model/_message.class.php', 'Message'); $edited_Message = new Message(); $edited_Message->text = $unsaved_message_params['message']; $edited_Message->original_text = $unsaved_message_params['message_original']; $edited_Message->set_renderers($unsaved_message_params['renderers']); $edited_Message->thread_ID = $thrd_ID; $action = $unsaved_message_params['action']; } break; case 'contacts': // Actions ONLY for disp=contacts if (!is_logged_in()) { // Redirect to the login page for anonymous users $Messages->add(T_('You must log in to manage your contacts.')); header_redirect(get_login_url('cannot see contacts'), 302); // will have exited } if (!$current_User->check_status('can_view_contacts')) { // user is logged in, but his status doesn't allow to view contacts if ($current_User->check_status('can_be_validated')) { // user is logged in but his/her account was not activated yet // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can manage your contacts. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } // Redirect to the blog url for users without messaging permission $Messages->add('You are not allowed to view Contacts!'); $blogurl = $Blog->gen_blogurl(); // If it was a front page request or the front page is set to display 'contacts' then we must not redirect to the front page because it is forbidden for the current User $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'contacts' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl; header_redirect($redirect_to, 302); } if (has_cross_country_restriction('any') && empty($current_User->ctry_ID)) { // User may browse/contact other users only from the same country $Messages->add(T_('Please specify your country before attempting to contact other users.')); header_redirect(get_user_profile_url()); } // Get action parameter from request: $action = param_action(); if (!$current_User->check_perm('perm_messaging', 'reply')) { // Redirect to the blog url for users without messaging permission $Messages->add('You are not allowed to view Contacts!'); $blogurl = $Blog->gen_blogurl(); // If it was a front page request or the front page is set to display 'contacts' then we must not redirect to the front page because it is forbidden for the current User $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'contacts' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl; header_redirect($redirect_to, 302); // will have exited } switch ($action) { case 'add_user': // Add user to contacts list // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('messaging_contacts'); $user_ID = param('user_ID', 'integer', 0); if ($user_ID > 0) { // Add user to contacts if (create_contacts_user($user_ID)) { // Add user to the group $group_ID = param('group_ID', 'string', ''); if ($result = create_contacts_group_users($group_ID, $user_ID, 'group_ID_combo')) { // User has been added to the group $Messages->add(sprintf(T_('User has been added to the «%s» group.'), $result['group_name']), 'success'); } else { // User has been added ONLY to the contacts list $Messages->add('User has been added to your contacts.', 'success'); } } header_redirect($Blog->get('userurl', array('url_suffix' => 'user_ID=' . $user_ID, 'glue' => '&'))); } break; case 'unblock': // Unblock user // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('messaging_contacts'); $user_ID = param('user_ID', 'integer', 0); if ($user_ID > 0) { set_contact_blocked($user_ID, 0); $Messages->add(T_('Contact was unblocked.'), 'success'); } break; case 'remove_user': // Remove user from contacts group // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('messaging_contacts'); $view = param('view', 'string', 'profile'); $user_ID = param('user_ID', 'integer', 0); $group_ID = param('group_ID', 'integer', 0); if ($user_ID > 0 && $group_ID > 0) { // Remove user from selected group if (remove_contacts_group_user($group_ID, $user_ID)) { // User has been removed from the group if ($view == 'contacts') { // Redirect to the contacts list header_redirect($Blog->get('contactsurl', array('glue' => '&'))); } else { // Redirect to the user profile page header_redirect($Blog->get('userurl', array('url_suffix' => 'user_ID=' . $user_ID, 'glue' => '&'))); } } } break; case 'add_group': // Add users to the group // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('messaging_contacts'); $group = param('group', 'string', ''); $users = param('users', 'string', ''); if ($result = create_contacts_group_users($group, $users)) { // Users have been added to the group $Messages->add(sprintf(T_('%d contacts have been added to the «%s» group.'), $result['count_users'], $result['group_name']), 'success'); $redirect_to = $Blog->get('contactsurl', array('glue' => '&')); $item_ID = param('item_ID', 'integer', 0); if ($item_ID > 0) { $redirect_to = url_add_param($redirect_to, 'item_ID=' . $item_ID, '&'); } header_redirect($redirect_to); } break; case 'rename_group': // Rename the group // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('messaging_contacts'); $group_ID = param('group_ID', 'integer', true); if (rename_contacts_group($group_ID)) { $item_ID = param('item_ID', 'integer', 0); $redirect_to = url_add_param($Blog->get('contactsurl', array('glue' => '&')), 'g=' . $group_ID, '&'); if ($item_ID > 0) { $redirect_to = url_add_param($redirect_to, 'item_ID=' . $item_ID, '&'); } $Messages->add(T_('The group has been renamed.'), 'success'); header_redirect($redirect_to); } break; case 'delete_group': // Delete the group // Check that this action request is not a CSRF hacked request: $Session->assert_received_crumb('messaging_contacts'); $group_ID = param('group_ID', 'integer', true); if (delete_contacts_group($group_ID)) { $item_ID = param('item_ID', 'integer', 0); $redirect_to = $Blog->get('contactsurl', array('glue' => '&')); if ($item_ID > 0) { $redirect_to = url_add_param($redirect_to, 'item_ID=' . $item_ID, '&'); } $Messages->add(T_('The group has been deleted.'), 'success'); header_redirect($redirect_to); } break; } modules_call_method('switch_contacts_actions', array('action' => $action)); break; case 'threads': // Actions ONLY for disp=threads if (!is_logged_in()) { // Redirect to the login page for anonymous users $Messages->add(T_('You must log in to read your messages.')); header_redirect(get_login_url('cannot see messages'), 302); // will have exited } if (!$current_User->check_status('can_view_threads')) { // user status does not allow to view threads if ($current_User->check_status('can_be_validated')) { // user is logged in but his/her account is not activate yet $Messages->add(T_('You must activate your account before you can read & send messages. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } $Messages->add('You are not allowed to view Messages!'); $blogurl = $Blog->gen_blogurl(); // If it was a front page request or the front page is set to display 'threads' then we must not redirect to the front page because it is forbidden for the current User $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'threads' ? url_add_param($blogurl, 'disp=404', '&') : $blogurl; header_redirect($redirect_to, 302); // will have exited } if (!$current_User->check_perm('perm_messaging', 'reply')) { // Redirect to the blog url for users without messaging permission $Messages->add('You are not allowed to view Messages!'); $blogurl = $Blog->gen_blogurl(); // If it was a front page request or the front page is set to display 'threads' then we must not redirect to the front page because it is forbidden for the current User $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'threads' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl; header_redirect($redirect_to, 302); // will have exited } $action = param('action', 'string', 'view'); if ($action == 'new') { // Before new message form is displayed ... if (has_cross_country_restriction('contact') && empty($current_User->ctry_ID)) { // Cross country contact restriction is enabled, but user country is not set yet $Messages->add(T_('Please specify your country before attempting to contact other users.')); header_redirect(get_user_profile_url()); } elseif (check_create_thread_limit(true)) { // don't allow to create new thread, because the new thread limit was already reached set_param('action', 'view'); } } // Load classes load_class('messaging/model/_thread.class.php', 'Thread'); load_class('messaging/model/_message.class.php', 'Message'); // Get action parameter from request: $action = param_action('view'); switch ($action) { case 'new': // Check permission: $current_User->check_perm('perm_messaging', 'reply', true); global $edited_Thread, $edited_Message; $edited_Thread = new Thread(); $edited_Message = new Message(); $edited_Message->Thread =& $edited_Thread; modules_call_method('update_new_thread', array('Thread' => &$edited_Thread)); if (($unsaved_message_params = get_message_params_from_session()) !== NULL) { // set Message and Thread saved params from Session $edited_Message->text = $unsaved_message_params['message']; $edited_Message->original_text = $unsaved_message_params['message_original']; $edited_Message->set_renderers($unsaved_message_params['renderers']); $edited_Thread->title = $unsaved_message_params['subject']; $edited_Thread->recipients = $unsaved_message_params['thrd_recipients']; $edited_Message->Thread = $edited_Thread; global $thrd_recipients_array, $thrdtype, $action, $creating_success; $thrd_recipients_array = $unsaved_message_params['thrd_recipients_array']; $thrdtype = $unsaved_message_params['thrdtype']; $action = $unsaved_message_params['action']; $creating_success = !empty($unsaved_message_params['creating_success']) ? $unsaved_message_params['creating_success'] : false; } else { if (empty($edited_Thread->recipients)) { $edited_Thread->recipients = param('thrd_recipients', 'string', ''); } if (empty($edited_Thread->title)) { $edited_Thread->title = param('subject', 'string', ''); } } break; default: // Check permission: $current_User->check_perm('perm_messaging', 'reply', true); break; } break; } // Actions for disp = messages, contacts, threads: if (($msg_Blog =& get_setting_Blog('msg_blog_ID')) && $Blog->ID != $msg_Blog->ID) { // Redirect to special blog for messaging actions if it is defined in general settings $blog_url_params = array('glue' => '&'); if (!empty($thrd_ID)) { // Don't forget the important param on redirect $blog_url_params['url_suffix'] = 'thrd_ID=' . $thrd_ID; } header_redirect($msg_Blog->get($disp . 'url', $blog_url_params)); } // just in case some robot would be logged in: $seo_page_type = 'Messaging module'; $robots_index = false; // Display messages depending on user email status display_user_email_status_message(); break; case 'login': global $Plugins, $transmit_hashed_password; if (is_logged_in()) { // User is already logged in if ($current_User->check_status('can_be_validated')) { // account is not active yet, redirect to the account activation page $Messages->add(T_('You are logged in but your account is not activated. You will find instructions about activating your account below:')); header_redirect(get_activate_info_url(), 302); // will have exited } // User is already logged in, redirect to "redirect_to" page $Messages->add(T_('You are already logged in.'), 'note'); $redirect_to = param('redirect_to', 'url', NULL); if (empty($redirect_to)) { // If empty redirect to referer page $redirect_to = ''; } header_redirect($redirect_to, 302); // will have exited } if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) { // Redirect to special blog for login/register actions if it is defined in general settings header_redirect($login_Blog->get('loginurl', array('glue' => '&'))); } $seo_page_type = 'Login form'; $robots_index = false; break; case 'register': if (is_logged_in()) { // If user is logged in the register form should not be displayed. In this case redirect to the blog home page. $Messages->add(T_('You are already logged in.'), 'note'); header_redirect($Blog->gen_blogurl(), false); } if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) { // Redirect to special blog for login/register actions if it is defined in general settings header_redirect($login_Blog->get('registerurl', array('glue' => '&'))); } $seo_page_type = 'Register form'; $robots_index = false; // Check invitation code if it exists and registration is enabled global $display_invitation; $display_invitation = check_invitation_code(); break; case 'lostpassword': if (is_logged_in()) { // If user is logged in the lost password form should not be displayed. In this case redirect to the blog home page. $Messages->add(T_('You are already logged in.'), 'note'); header_redirect($Blog->gen_blogurl(), false); } if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) { // Redirect to special blog for login/register actions if it is defined in general settings header_redirect($login_Blog->get('lostpasswordurl', array('glue' => '&'))); } $seo_page_type = 'Lost password form'; $robots_index = false; break; case 'activateinfo': if (!is_logged_in()) { // Redirect to the login page for anonymous users $Messages->add(T_('You must log in before you can activate your account.')); header_redirect(get_login_url('cannot see messages'), 302); // will have exited } if (!$current_User->check_status('can_be_validated')) { // don't display activateinfo screen $after_email_validation = $Settings->get('after_email_validation'); if ($after_email_validation == 'return_to_original') { // we want to return to original page after account activation // check if Session 'validatemail.redirect_to' param is still set $redirect_to = $Session->get('core.validatemail.redirect_to'); if (empty($redirect_to)) { // Session param is empty try to get general redirect_to param $redirect_to = param('redirect_to', 'url', ''); } else { // cleanup validateemail.redirect_to param from session $Session->delete('core.validatemail.redirect_to'); } } else { // go to after email validation url which is set in the user general settings form $redirect_to = $after_email_validation; } if (empty($redirect_to) || preg_match('#disp=activateinfo#', $redirect_to)) { // redirect_to is pointing to the activate info display or is empty // redirect to referer page $redirect_to = ''; } if ($current_User->check_status('is_validated')) { $Messages->add(T_('Your account has already been activated.')); } header_redirect($redirect_to, 302); // will have exited } if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) { // Redirect to special blog for login/register actions if it is defined in general settings header_redirect($login_Blog->get('activateinfourl', array('glue' => '&'))); } break; case 'profile': case 'avatar': $action = param_action(); if ($action == 'crop' && is_logged_in()) { // Check data for crop action: global $current_User, $cropped_File; $file_ID = param('file_ID', 'integer'); if (!($cropped_File = $current_User->get_File_by_ID($file_ID, $error_code))) { // Current user cannot crop this file set_param('action', ''); } } case 'pwdchange': case 'userprefs': case 'subs': $seo_page_type = 'Special feature page'; if ($Blog->get_setting('special_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } // Display messages depending on user email status display_user_email_status_message(); break; case 'users': if (!is_logged_in() && !$Settings->get('allow_anonymous_user_list')) { // Redirect to the login page if not logged in and allow anonymous user setting is OFF $Messages->add(T_('You must log in to view the user directory.')); header_redirect(get_login_url('cannot see user'), 302); // will have exited } if (is_logged_in() && !check_user_status('can_view_users')) { // user status doesn't permit to view users list if (check_user_status('can_be_validated')) { // user is logged in but his/her account is not active yet // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can view the user directory. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } // set where to redirect $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl(); $Messages->add(T_('Your account status currently does not permit to view the user directory.')); header_redirect($error_redirect_to, 302); // will have exited } if (has_cross_country_restriction('users', 'list') && empty($current_User->ctry_ID)) { // User may browse other users only from the same country $Messages->add(T_('Please specify your country before attempting to contact other users.')); header_redirect(get_user_profile_url()); } $seo_page_type = 'Users list'; $robots_index = false; break; case 'user': // get user_ID because we want it in redirect_to in case we need to ask for login. $user_ID = param('user_ID', 'integer', '', true); // set where to redirect in case of error $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl(); if (!is_logged_in()) { // Redirect to the login page if not logged in and allow anonymous user setting is OFF $user_available_by_group_level = true; if (!empty($user_ID)) { $UserCache =& get_UserCache(); if ($User =& $UserCache->get_by_ID($user_ID, false)) { // If user exists we can check if the anonymous users have an access to view the user by group level limitation $User->get_Group(); $user_available_by_group_level = $User->Group->level >= $Settings->get('allow_anonymous_user_level_min') && $User->Group->level <= $Settings->get('allow_anonymous_user_level_max'); } } if (!$Settings->get('allow_anonymous_user_profiles') || !$user_available_by_group_level || empty($user_ID)) { // If this user is not available for anonymous users $Messages->add(T_('You must log in to view this user profile.')); header_redirect(get_login_url('cannot see user'), 302); // will have exited } } if (is_logged_in() && !check_user_status('can_view_user', $user_ID)) { // user is logged in, but his/her status doesn't permit to view user profile if (check_user_status('can_be_validated')) { // user is logged in but his/her account is not active yet // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can view this user profile. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } $Messages->add(T_('Your account status currently does not permit to view this user profile.')); header_redirect($error_redirect_to, 302); // will have exited } if (!empty($user_ID)) { $UserCache =& get_UserCache(); $User =& $UserCache->get_by_ID($user_ID, false); if (empty($User)) { $Messages->add(T_('The requested user does not exist!')); header_redirect($error_redirect_to); // will have exited } if ($User->check_status('is_closed')) { $Messages->add(T_('The requested user account is closed!')); header_redirect($error_redirect_to); // will have exited } if (has_cross_country_restriction('any')) { if (empty($current_User->ctry_ID)) { // Current User country is not set $Messages->add(T_('Please specify your country before attempting to contact other users.')); header_redirect(get_user_profile_url()); // will have exited } if (has_cross_country_restriction('users', 'profile') && $current_User->ctry_ID !== $User->ctry_ID) { // Current user country is different then edited user country and cross country user browsing is not enabled. $Messages->add(T_('You don\'t have permission to view this user profile.')); header_redirect(url_add_param($error_redirect_to, 'disp=403', '&')); // will have exited } } } // Initialize users list from session cache in order to display prev/next links: // It is used to navigate between users load_class('users/model/_userlist.class.php', 'UserList'); global $UserList; $UserList = new UserList(); $UserList->memorize = false; $UserList->load_from_Request(); $seo_page_type = 'User display'; break; case 'edit': global $current_User, $post_ID; // Post ID, go from $_GET when we edit a post from Front-office // or from $_POST when we switch from Back-office $post_ID = param('p', 'integer', empty($post_ID) ? 0 : $post_ID, true); if (!is_logged_in()) { // Redirect to the login page if not logged in and allow anonymous user setting is OFF $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit'); $Messages->add(T_('You must log in to create & edit posts.')); header_redirect(get_login_url('cannot edit posts', $redirect_to), 302); // will have exited } if (!$current_User->check_status('can_edit_post')) { if ($current_User->check_status('can_be_validated')) { // user is logged in but his/her account was not activated yet // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can create & edit posts. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } // Redirect to the blog url for users without messaging permission $Messages->add(T_('You are not allowed to create & edit posts!')); header_redirect($Blog->gen_blogurl(), 302); } // user logged in and the account was activated check_item_perm_edit($post_ID); if (!blog_has_cats($Blog->ID)) { // No categories are in this blog $error_message = T_('Since this blog has no categories, you cannot post into it.'); if ($current_User->check_perm('blog_cats', 'edit', false, $Blog->ID)) { // If current user has a permission to create a category global $admin_url; $error_message .= ' ' . sprintf(T_('You must <a %s>create categories</a> first.'), 'href="' . $admin_url . '?ctrl=chapters&blog=' . $Blog->ID . '"'); } $Messages->add($error_message, 'error'); header_redirect($Blog->gen_blogurl(), 302); } // Prepare the 'In-skin editing': init_inskin_editing(); break; case 'edit_comment': global $current_User, $edited_Comment, $comment_Item, $Item, $comment_title, $comment_content, $display_params; // comment ID $comment_ID = param('c', 'integer', 0, true); if (!is_logged_in()) { // Redirect to the login page if not logged in and allow anonymous user setting is OFF $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit_comment'); $Messages->add(T_('You must log in to edit comments.')); header_redirect(get_login_url('cannot edit comments', $redirect_to), 302); // will have exited } if (!$current_User->check_status('can_edit_comment')) { if ($current_User->check_status('can_be_validated')) { // user is logged in but his/her account was not activated yet // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can edit comments. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } // Redirect to the blog url for users without messaging permission $Messages->add('You are not allowed to edit comments!'); header_redirect($Blog->gen_blogurl(), 302); } if (empty($comment_ID)) { // Can't edit a not exisiting comment $Messages->add('Invalid comment edit URL!'); global $disp; $disp = 404; break; } $CommentCache =& get_CommentCache(); $edited_Comment = $CommentCache->get_by_ID($comment_ID); $comment_Item = $edited_Comment->get_Item(); if (!$current_User->check_perm('comment!CURSTATUS', 'edit', false, $edited_Comment)) { // If User has no permission to edit comments with this comment status: $Messages->add('You are not allowed to edit the previously selected comment!'); header_redirect($Blog->gen_blogurl(), 302); } $comment_title = ''; $comment_content = htmlspecialchars_decode($edited_Comment->content); // Format content for editing, if we were not already in editing... $Plugins_admin =& get_Plugins_admin(); $comment_Item->load_Blog(); $params = array('object_type' => 'Comment', 'object_Blog' => &$comment_Item->Blog); $Plugins_admin->unfilter_contents($comment_title, $comment_content, $edited_Comment->get_renderers_validated(), $params); $Item = $comment_Item; $display_params = array(); break; case 'useritems': case 'usercomments': global $display_params, $viewed_User; // get user_ID because we want it in redirect_to in case we need to ask for login. $user_ID = param('user_ID', 'integer', true, true); if (empty($user_ID)) { bad_request_die(sprintf(T_('Parameter «%s» is required!'), 'user_ID')); } // set where to redirect in case of error $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl(); if (!is_logged_in()) { // Redirect to the login page if not logged in and allow anonymous user setting is OFF $Messages->add(T_('You must log in to view this user profile.')); header_redirect(get_login_url('cannot see user'), 302); // will have exited } if (is_logged_in() && !check_user_status('can_view_user', $user_ID)) { // user is logged in, but his/her status doesn't permit to view user profile if (check_user_status('can_be_validated')) { // user is logged in but his/her account is not active yet // Redirect to the account activation page $Messages->add(T_('You must activate your account before you can view this user profile. <b>See below:</b>')); header_redirect(get_activate_info_url(), 302); // will have exited } $Messages->add(T_('Your account status currently does not permit to view this user profile.')); header_redirect($error_redirect_to, 302); // will have exited } if (!empty($user_ID)) { $UserCache =& get_UserCache(); $viewed_User = $UserCache->get_by_ID($user_ID, false); if (empty($viewed_User)) { $Messages->add(T_('The requested user does not exist!')); header_redirect($error_redirect_to); // will have exited } if ($viewed_User->check_status('is_closed')) { $Messages->add(T_('The requested user account is closed!')); header_redirect($error_redirect_to); // will have exited } } $display_params = !empty($Skin) ? $Skin->get_template('Results') : NULL; if ($disp == 'useritems') { // Init items list global $user_ItemList; $useritems_Blog = NULL; $user_ItemList = new ItemList2($useritems_Blog, NULL, NULL, NULL, 'ItemCache', 'useritems_'); $user_ItemList->load_from_Request(); $user_ItemList->set_filters(array('authors' => $user_ID), true, true); $user_ItemList->query(); } else { // Init comments list global $user_CommentList; $user_CommentList = new CommentList2(NULL, NULL, 'CommentCache', 'usercmts_'); $user_CommentList->load_from_Request(); $user_CommentList->set_filters(array('author_IDs' => $user_ID), true, true); $user_CommentList->query(); } break; case 'comments': if (!$Blog->get_setting('comments_latest')) { // If latest comments page is disabled - Display 404 page with error message $Messages->add(T_('This feature is disabled.'), 'error'); global $disp; $disp = '404'; } break; case 'closeaccount': global $current_User; if (!$Settings->get('account_close_enabled') || is_logged_in() && $current_User->check_perm('users', 'edit', false) || !is_logged_in() && !$Session->get('account_closing_success')) { // If an account closing page is disabled - Display 404 page with error message // Don't allow admins close own accounts from front office // Don't display this message for not logged in users, except of one case to display a bye message after account closing global $disp; $disp = '404'; } elseif ($Session->get('account_closing_success')) { // User has closed the account global $account_closing_success; $account_closing_success = $Session->get('account_closing_success'); // Unset this temp session var to don't display the message twice $Session->delete('account_closing_success'); if (is_logged_in()) { // log out current User logout(); } } break; case 'tags': $seo_page_type = 'Tags'; if ($Blog->get_setting($disp . '_noindex')) { // We prefer robots not to index these pages: $robots_index = false; } break; } $Debuglog->add('skin_init: $disp=' . $disp . ' / $disp_detail=' . $disp_detail . ' / $seo_page_type=' . $seo_page_type, 'skins'); // Make this switch block special only for 404 page switch ($disp) { case '404': // We have a 404 unresolved content error // How do we want do deal with it? skin_404_header(); // This MAY or MAY not have exited -- will exit on 30x redirect, otherwise will return here. // Just in case some dumb robot needs extra directives on this: $robots_index = false; break; } global $Hit, $check_browser_version; if ($check_browser_version && $Hit->get_browser_version() > 0 && $Hit->is_IE(9, '<')) { // Display info message if browser IE < 9 version and it is allowed by config var: global $debug; $Messages->add(T_('Your web browser is too old. For this site to work correctly, we recommend you use a more recent browser.'), 'note'); if ($debug) { $Messages->add('User Agent: ' . $Hit->get_user_agent(), 'note'); } } // dummy var for backward compatibility with versions < 2.4.1 -- prevents "Undefined variable" global $global_Cache, $credit_links; $credit_links = $global_Cache->get('creds'); $Timer->pause('skin_init'); // Check if user is logged in with a not active account, and display an error message if required check_allow_disp($disp); // initialize Blog enabled widgets, before displaying anything init_blog_widgets($Blog->ID); // Initialize displaying.... $Timer->start('Skin:display_init'); $Skin->display_init(); $Timer->pause('Skin:display_init'); // Send default headers: // See comments inside of this function: headers_content_mightcache('text/html'); // In most situations, you do NOT want to cache dynamic content! // Never allow Messages to be cached! if ($Messages->count() && !empty($PageCache)) { // Abort PageCache collect $PageCache->abort_collect(); } }
the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ require_once 'database.php'; require 'data/User.php'; require 'data/List.php'; if (isset($_REQUEST['hs'])) { // foo } else { //If we're not handshaking we display the start page require_once 'templating.php'; if ($auth) { $user = new User($casuid); $userid = $user->id; // error_log($userid); $list = new UserList(); $listitems = $list->getUserTopList(20, $userid); $selection = $list->getNewList(5); $smarty->assign('list', $listitems); if ($_GET['msg'] != "") { $msg = "Your image will be processed shortly, and the item will be hidden from your list."; } $smarty->assign('newlist', $selection); $smarty->assign('msg', $msg); $smarty->display('my-list.tpl'); } else { $smarty->display('noauth.tpl'); } }
public function submitNewList() { if (Sentry::check()) { $title = Input::get('title'); $description = Input::get('description'); $anime_ids = Input::get('anime_ids'); if (!empty($title) && !empty($description)) { if (!empty($anime_ids)) { $arr_count = count($anime_ids) - 1; $total_count = 0; $count = 0; $ids = ""; foreach ($anime_ids as $anime_id) { if (is_numeric($anime_id)) { if ($arr_count == $total_count) { $ids .= $anime_id; } else { $ids .= $anime_id . ","; } $count++; } $total_count++; } if ($count < 7) { return View::make('user_lists.home')->nest('update_msg', 'child.alerts', array('msg' => 'Minimum 7 animes in the list! (No maximum limit)')); } UserList::create(["user_id" => Sentry::getUser()->id, "title" => $title, "description" => $description, "anime_ids" => $ids]); return View::make('user_lists.home')->nest('update_msg', 'child.alerts', array('msg_type' => 'success', 'msg' => 'Anime list has been created!')); } else { return View::make('user_lists.home')->nest('update_msg', 'child.alerts', array('msg' => 'No anime selected!')); } } else { return View::make('user_lists.home')->nest('update_msg', 'child.alerts', array('msg' => 'Please, fill in the title/description!')); } } return Redirect::to('/account'); }
public function __construct($conversionTypes = NULL, $id = NULL, $isReadOnly = NULL, $name = NULL, $description = NULL, $status = NULL, $accessReason = NULL, $accountUserListStatus = NULL, $membershipLifeSpan = NULL, $size = NULL, $sizeRange = NULL, $type = NULL, $UserListType = NULL) { if (get_parent_class('RemarketingUserList')) { parent::__construct(); } $this->conversionTypes = $conversionTypes; $this->id = $id; $this->isReadOnly = $isReadOnly; $this->name = $name; $this->description = $description; $this->status = $status; $this->accessReason = $accessReason; $this->accountUserListStatus = $accountUserListStatus; $this->membershipLifeSpan = $membershipLifeSpan; $this->size = $size; $this->sizeRange = $sizeRange; $this->type = $type; $this->UserListType = $UserListType; }
} //实现可被观察对象 //负责维护关注列表,并发送消息 class UserList implements IObservable { private $_observers = array(); public function addCustomer($name) { foreach ($this->_observers as $obs) { $obs->onChanged($this, $name); } } public function addObserver($observer) { $this->_observers[] = $observer; } } //实现一个观察者 class UserListLogger implements IObserver { public function onChanged($sender, $args) { echo "'{$args}' added to user list\n"; } } $ul = new UserList(); //观察者列表 $ul->addObserver(new UserListLogger()); //添加观察者至观察者列表 $ul->addCustomer("Jack"); //添加用户,并将消息发送给观察者
<?php defined('C5_EXECUTE') or die("Access Denied."); $valt = Loader::helper('validation/token'); if ($valt->validate('quick_user_select_' . $_REQUEST['key'], $_REQUEST['token'])) { $u = new User(); $db = Loader::db(); $userList = new UserList(); $userList->filterByFuzzyUserName($_GET['term']); $userList->sortByUserName(); $userList->setItemsPerPage(7); $pagination = $userList->getPagination(); $users = $pagination->getCurrentPageResults(); $userNames = array(); foreach ($users as $ui) { $userNames[] = array('label' => $ui->getUserDisplayName(), 'value' => $ui->getUserID()); } $jh = Loader::helper('json'); echo $jh->encode($userNames); }
respond('POST', '/[:user]/[:id]', function ($request, $response) { $categoryid = $request->id; $userid = $request->user; $list = new UserList(); $save = $list->addUserCategory($categoryid, $userid); }); }); with('/api/usercategories/delete', function () { respond('POST', '/[:user]/[:id]', function ($request, $response) { $categoryid = $request->id; $userid = $request->user; $list = new UserList(); $save = $list->deleteUserCategory($categoryid, $userid); }); }); with('/api/usercategories/list', function () { respond('GET', '/[:user]', function ($request, $response) { $userid = $request->user; $list = new UserList(); $save = $list->getUserCategories($userid); $output = json_encode($save, JSON_PRETTY_PRINT); echo $output; }); }); with('/api', function () { respond('GET', '/', function ($request, $response) { header('Content-Type: text/html; charset=utf8'); require_once 'api.html'; }); }); dispatch();
/** * Add titles to a user list. * * Parameters: * <ul> * <li>username - The barcode of the user. Can be truncated to the last 7 or 9 digits.</li> * <li>password - The pin number for the user. </li> * <li>listId - The id of the list to add items to.</li> * <li>recordIds - The id of the record(s) to add to the list.</li> * <li>tags - A comma separated string of tags to apply to the titles within the list. (optional)</li> * <li>notes - descriptive text to apply to the titles. Can be viewed while on the list. (optional)</li> * </ul> * * Note: You may also provide the parameters to addTitlesToList and titles will be added to the list * after the list is created. * * Returns: * <ul> * <li>success - true if the account is valid and the titles could be added to the list, false if the username or password were incorrect or the list could not be created.</li> * <li>listId - the id of the list that titles were added to.</li> * <li>numAdded - the number of titles that were added to the list.</li> * </ul> * * Sample Call: * <code> * http://catalog.douglascountylibraries.org/API/ListAPI?method=createList&username=23025003575917&password=1234&title=Test+List&description=Test&public=0 * </code> * * Sample Response: * <code> * {"result":{"success":true,"listId":"1688"}} * </code> */ function addTitlesToList() { $username = $_REQUEST['username']; $password = $_REQUEST['password']; if (!isset($_REQUEST['listId'])) { return array('success' => false, 'message' => 'You must provide the listId to add titles to.'); } $recordIds = array(); if (!isset($_REQUEST['recordIds'])) { return array('success' => false, 'message' => 'You must provide one or more records to add tot he list.'); } else { if (!is_array($_REQUEST['recordIds'])) { $recordIds[] = $_REQUEST['recordIds']; } else { $recordIds = $_REQUEST['recordIds']; } } global $user; $user = UserAccount::validateAccount($username, $password); if ($user && !PEAR_Singleton::isError($user)) { $list = new UserList(); $list->id = $_REQUEST['listId']; $list->user_id = $user->id; if (!$list->find(true)) { return array('success' => false, 'message' => 'Unable to find the list to add titles to.'); } else { $numAdded = 0; foreach ($recordIds as $id) { $userListEntry = new UserListEntry(); $userListEntry->listId = $list->id; $userListEntry->groupedWorkPermanentId = $id; $existingEntry = false; if ($userListEntry->find(true)) { $existingEntry = true; } if (isset($_REQUEST['notes'])) { $notes = $_REQUEST['notes']; } else { $notes = ''; } $userListEntry->notes = $notes; $userListEntry->dateAdded = time(); if ($existingEntry) { $userListEntry->update(); } else { $userListEntry->insert(); } $numAdded++; } return array('success' => true, 'listId' => $list->id, 'numAdded' => $numAdded); } } else { return array('success' => false, 'message' => 'Login unsuccessful'); } }
/* The List powered by Creative Commons Copyright (C) 2014, 2015 Creative Commons Corporation This program is free software: you can redistribute it and/or modify it under the terms of either the GNU Affero General Public License or the GNU General Public License as published by the Free Software Foundation, either version 3 of the Licenses, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You should have received a copy of the GNU General Public License and the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ // TODO: This needs a lot of work to make it not horribly unsafe. require "templating.php"; require "data/List.php"; if ($userid) { if ($auth) { $item = $_POST['list-item']; $list = new UserList(); $save = $list->addToMyList($item, $userid); header('Location: my-list.php'); } }