public function basic($arguments)
{
$missions = new missions(ConnectionFactory::get('mongo'));
if (!empty($arguments[0])) {
// A specific mission has been requested.
$mission = $missions->get('basic', intval($arguments[0]));
if (empty($mission)) {
return Error::set('Mission does not exist.');
}
$this->view['valid'] = true;
$this->view['num'] = $arguments[0];
$this->view['basic'] = new BasicMissions();
$this->view['name'] = $mission['name'];
$this->view['next'] = $arguments[0] != 6;
$good = call_user_func(array($this->view['basic'], 'validateMission' . $this->view['num']));
if ($good !== null) {
// BALANCED. TERNARY.
if (!$good) {
return Error::set('Wrong!');
}
$this->view['valid'] = false;
$this->view['good'] = true;
}
} else {
// Just show a listing of possible missions.
$this->view['valid'] = true;
$this->view['missions'] = $missions->getMissionsByType('basic');
$this->setView('missions/base');
}
}
public function index($arguments)
{
$news = new news(ConnectionFactory::get('mongo'));
$articles = new articles(ConnectionFactory::get('mongo'));
$notices = new notices(ConnectionFactory::get('redis'));
$irc = new irc(ConnectionFactory::get('redis'));
$quotes = new quotes(ConnectionFactory::get('mongo'));
$forums = new forums(ConnectionFactory::get('redis'));
// Set all site-wide notices.
foreach ($notices->getAll() as $notice) {
Error::set($notice, true);
}
// Fetch the easy data.
$this->view['news'] = $news->getNewPosts();
$this->view['shortNews'] = $news->getNewPosts(true);
$this->view['newArticles'] = $articles->getNewPosts('new', 1, 5);
$this->view['ircOnline'] = $irc->getOnline();
$this->view['randomQuote'] = $quotes->getRandom();
$this->view['fPosts'] = $forums->getNew();
// Get online users.
$apc = new APCIterator('user', '/' . Cache::PREFIX . 'user_.*/');
$this->view['onlineUsers'] = array();
while ($apc->valid()) {
$current = $apc->current();
array_push($this->view['onlineUsers'], substr($current['key'], strlen(Cache::PREFIX) + 5));
$apc->next();
}
// Set title.
Layout::set('title', 'Home');
}
private static function getModel()
{
if (empty(self::$missions)) {
self::$missions = new missions(ConnectionFactory::get('mongo'));
}
return self::$missions;
}
public function check()
{
$this->setView('reclaim/index');
if (Session::isLoggedIn()) {
return Error::set('You\'re logged in!');
}
$this->view['valid'] = true;
$this->view['publicKey'] = Config::get('recaptcha:publicKey');
if (empty($_POST['recaptcha_challenge_field']) || empty($_POST['recaptcha_response_field'])) {
return Error::set('We could not find the captcha validation fields!');
}
$recaptcha = Recaptcha::check($_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if (is_string($recaptcha)) {
return Error::set(Recaptcha::$errors[$recaptcha]);
}
if (empty($_POST['username']) || empty($_POST['password'])) {
return Error::set('All forms are required.');
}
$reclaims = new reclaims(ConnectionFactory::get('mongo'));
$good = $reclaims->authenticate($_POST['username'], $_POST['password']);
if (!$good) {
return Error::set('Invalid username/password.');
}
$reclaims->import($_POST['username'], $_POST['password']);
$users = new users(ConnectionFactory::get('mongo'));
$users->authenticate($_POST['username'], $_POST['password']);
header('Location: ' . Url::format('/'));
}
public static function handler($data = null)
{
if (isset($_SESSION['done_autoauth'])) {
return;
}
if (empty($_SERVER['SSL_CLIENT_RAW_CERT'])) {
return self::done();
}
if (Session::isLoggedIn()) {
return self::done();
}
$certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis'));
$userId = $certs->check($_SERVER['SSL_CLIENT_RAW_CERT']);
if ($userId == NULL) {
return self::done();
}
$users = new users(ConnectionFactory::get('mongo'));
$user = $users->get($userId, false);
if (empty($user)) {
return;
}
if (!in_array('autoauth', $user['auths'])) {
return self::done();
}
if ($user['status'] == users::ACCT_LOCKED) {
return self::done();
}
Session::setBatchVars($user);
return self::done();
}
public function index()
{
$lectures = new lectures(ConnectionFactory::get('mongo'));
$this->view['lectures'] = $lectures->getNew();
if (is_string($this->view['lectures'])) {
return Error::set($this->view['lectures']);
}
$this->view['valid'] = true;
Layout::set('title', 'Lectures');
}
/**
* Import an account.
*
* @param string $username The username to use.
* @param string $password The password to use.
*/
public function import($username, $password)
{
$data = $this->get($username);
$this->db->remove(array('username' => $this->clean($username)));
$users = new users(ConnectionFactory::get('mongo'));
$id = $users->create($username, $password, $data['email'], $data['hideEmail'], $this->groups[$data['mgroup']], true);
$newRef = MongoDBRef::create('users', $id);
$oldRef = MongoDBRef::create('unimportedUsers', $data['_id']);
$this->mongo->news->update(array('user' => $oldRef), array('$set' => array('user' => $newRef)));
$this->mongo->articles->update(array('user' => $oldRef), array('$set' => array('user' => $newRef)));
self::ApcPurge('get', $data['_id']);
}
public function index($arguments)
{
Layout::set('title', 'Search');
if (empty($_POST['query'])) {
return Error::set('No search query found.');
}
$query = substr(trim(htmlentities($_POST['query'], ENT_QUOTES, 'ISO8859-1', false)), 0, 250);
$results = Search::query($query);
if ($results['hits']['total'] == 0) {
return Error::set('No results found.');
}
$this->view['results'] = array();
$news = new news(ConnectionFactory::get('mongo'));
$articles = new articles(ConnectionFactory::get('mongo'));
$lectures = new lectures(ConnectionFactory::get('mongo'));
$i = 1;
if (empty($results['hits']['hits'])) {
return;
}
foreach ($results['hits']['hits'] as $result) {
$entry = $result['_source'];
switch ($entry['type']) {
case 'news':
$post = $news->get($result['_id'], false, true);
if (empty($post)) {
continue;
}
$post['type'] = 'news';
array_push($this->view['results'], $post);
break;
case 'article':
$article = $articles->get($result['_id'], false, true);
if (empty($article)) {
continue;
}
$article['type'] = 'article';
array_push($this->view['results'], $article);
break;
case 'lecture':
$lecture = $lectures->get($result['_id'], false, true);
if (empty($lecture)) {
continue;
}
$lecture['type'] = 'lecture';
array_push($this->view['results'], $lecture);
break;
}
if ($i == 5) {
break;
}
++$i;
}
}
public function delete($arguments)
{
if (!CheckAcl::can('deleteNotices')) {
return Error::set('You are not allowed to delete notices!');
}
if (empty($arguments[0])) {
return Error::set('No notice id was found!');
}
$notices = new notices(ConnectionFactory::get('redis'));
$return = $notices->delete($arguments[0]);
if (is_string($return)) {
return Error::set($return);
}
header('Location: ' . Url::format('/notice/'));
}
public function vote($arguments)
{
if (!CheckAcl::can('voteOnNews')) {
return Error::set('You can not vote on news posts.');
}
if (empty($arguments[0]) || empty($arguments[1])) {
return Error::set('Vote or news id not found.');
}
$news = new news(ConnectionFactory::get('mongo'));
$result = $news->castVote($arguments[0], $arguments[1]);
$post = $news->get($arguments[0], false, true);
if (is_string($result)) {
return Error::set($result, false, array('Back' => Url::format('/news/view/' . Id::create($post, 'news'))));
}
Error::set('Vote cast!', true, array('Back' => Url::format('/news/view/' . Id::create($post, 'news'))));
}
public function index()
{
if (!CheckAcl::can('viewStats')) {
return Error::set('You are not allowed to view stats!');
}
$info = new APCIterator('user');
$redis = new redisInfo(ConnectionFactory::get('redis'));
$redisInfo = $redis->info();
$this->view['apcNoKeys'] = $info->getTotalCount();
$this->view['apcSize'] = $info->getTotalSize();
$this->view['redisVersion'] = $redisInfo['redis_version'];
$this->view['redisSIP'] = $redisInfo['bgsave_in_progress'];
$this->view['redisNoChans'] = $redisInfo['pubsub_channels'];
$this->view['redisMem'] = $redisInfo['used_memory'];
$this->view['redisLastSave'] = $redisInfo['last_save_time'];
$this->view['valid'] = true;
}
/**
* Get a news post.
*
* @param string $id The news id.
* @param bool $idlib True if the Id library should be used (False for MongoIds)
* @param bool $justOne True if only one entry should be returned.
* @param bool $fixUTF8 True if UTF8 should be decoded.
*
* @return mixed The news post as an array, or an error string.
*/
protected function get($id, $idlib = true, $justOne = false, $fixUTF8 = true, $page = 1, $limit = self::PER_PAGE)
{
$query = array('ghosted' => false);
if ($idlib) {
$keys = Id::dissectKeys($id, 'news');
$query['date'] = array('$gte' => $keys['date'], '$lte' => $keys['date'] + $keys['ambiguity']);
} else {
$query['_id'] = $this->_toMongoId($id);
}
$results = $this->db->find($query)->skip(($page - 1) * self::PER_PAGE)->sort(array('date' => -1));
$total = $results->count();
$valid = array();
if ($limit != null) {
$results->limit($limit);
}
if ($idlib) {
foreach ($results as $result) {
if (!Id::validateHash($id, array('ambiguity' => $keys['ambiguity'], 'reportedDate' => $keys['date'], 'date' => $result['date'], 'title' => $result['title']), 'news')) {
continue;
}
array_push($valid, $result);
}
} else {
$valid = iterator_to_array($results);
}
if ($justOne) {
$valid = array(reset($valid));
}
if (empty($valid)) {
return array('Invalid id.', 0);
}
$comments = new comments(ConnectionFactory::get('mongo'));
foreach ($valid as $key => $entry) {
$this->resolveUser($valid[$key]['user']);
if ($fixUTF8) {
$this->resolveUTF8($valid[$key]);
}
$valid[$key]['comments'] = $comments->getCount($entry['_id']);
$valid[$key]['rating'] = $this->getScore($entry['_id']);
}
if ($justOne) {
return reset($valid);
}
return array($valid, $total);
}
public function changeStatus($arguments)
{
if (!CheckAcl::can('editBugStatus')) {
return Error::set('You are not allowed to change bug statuses.');
}
if (empty($_POST['id'])) {
return Error::set('Invalid id.');
}
$bugs = new bugs(ConnectionFactory::get('mongo'));
$bug = $bugs->get($_POST['id'], false);
if (empty($bug)) {
return Error::set('Invalid id.');
}
$extra = array('public', 'private', 'delete');
$acceptable = array_merge(bugs::$status, $extra);
if (empty($_POST['status']) || !in_array($_POST['status'], $acceptable)) {
return Error::set('Invalid status.');
}
if (in_array($_POST['status'], $extra)) {
// Altering
switch ($_POST['status']) {
case 'public':
$diff = array('public' => true);
break;
case 'private':
$diff = array('public' => false);
break;
case 'delete':
$diff = array('ghosted' => true);
break;
default:
$diff = array();
break;
}
} else {
// Standard status change.
$diff = array('status' => array_search($_POST['status'], bugs::$status));
}
$bugs->alter($_POST['id'], $diff);
$this->view['valid'] = true;
Error::set('Status changed.', true);
apc_delete('bugs_' . Id::create(current($bug), 'bugs'));
}
public static function handler($data = null)
{
Session::init();
$key = Cache::PREFIX . 'sessionReq_' . Session::getId();
if (apc_exists($key)) {
Session::setBatchVars(apc_fetch($key));
apc_delete($key);
}
$ip = Session::getVar('ip');
if (Session::isLoggedIn() && Session::getVar('lockToIP') && $ip != null && $ip != $_SERVER['REMOTE_ADDR']) {
Session::destroy();
header('Location: ' . Url::format('/'));
die;
}
Session::setVar('ip', $_SERVER['REMOTE_ADDR']);
$twitter = new twitter(ConnectionFactory::get('redis'));
Layout::set('tweets', $twitter->getOfficialTweets());
self::slowBan();
self::errorBan();
}
public function admin_note()
{
if (!CheckAcl::can('postNotes')) {
return Error::set('You are not allowed to post notes.');
}
if (empty($_POST['userId'])) {
return Error::set('No user id was found.');
}
if (empty($_POST['note'])) {
return Error::set('No note text was found.');
}
$users = new users(ConnectionFactory::get('mongo'));
$return = $users->addNote($_POST['userId'], $_POST['note']);
if (is_string($return)) {
return Error::set($return);
}
Error::set('Note posted.', true);
if (!empty($_SERVER['HTTP_REFERER'])) {
header('Location: ' . Url::format($_SERVER['HTTP_REFERER']));
}
}
private static function _populate()
{
self::$acl = new acl(ConnectionFactory::get('redis'));
self::$populated = true;
}
/**
* Creates all resources needed.
*/
public static function initiate()
{
self::$logModel = new logs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis'));
openlog('hts', LOG_ODELAY, LOG_USER);
self::$opened = true;
}
/**
* Creates all resources needed.
*/
public static function initiate()
{
self::$logModel = new logs(ConnectionFactory::get('redis'));
self::$opened = true;
}
private function checkCerts($user)
{
if (empty($user['certs'])) {
return false;
}
$certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis'));
foreach ($user['certs'] as $cert) {
if (time() > $cert['validFrom_time_t'] && time() < $cert['validTo_time_t']) {
return true;
}
}
return false;
}
public function revisions($arguments)
{
if (!$this->hasRevisions) {
return Error::set('Revisions are not enabled for ' . $this->name . '.');
}
if (!CheckAcl::can('view' . $this->permission . 'Revisions')) {
return Error::set('You are not allowed to view ' . $this->name . ' revisions.');
}
if (empty($arguments[0])) {
return Error::set('No ' . $this->name . ' id found.');
}
$model = new $this->model(ConnectionFactory::get($this->db));
$current = $model->get($arguments[0], false, true);
$this->view['current'] = $current;
if (empty($current)) {
return Error::set('Invalid id.');
}
if (is_string($current)) {
return Error::set($current);
}
Layout::set('title', ucwords($this->name) . ' Revisions');
$revisions = new revisions(ConnectionFactory::get('mongo'));
// Start excerpt soley for reverting
$revert = $this->revert($arguments, $model, $revisions, $current);
// End excerpt
$revisions = $revisions->getForId($arguments[0]);
$this->view['revisions'] = array();
if (empty($revisions)) {
return Error::set('This entry has no revisions.');
}
$this->view['revisions'] = revisions::resolve($current, $revisions, $this->diffdFields);
}
<a name="comments"></a>
<legend>Comments</legend>
<?php
// Comments
// * $id - Content Id
// * $page - Comments page
// * $pageLoc - Where to send new pages to.
$commLib = new comments(ConnectionFactory::get('mongo'));
$commentData = $commLib->getForId($id, $page);
extract($commentData);
$paginationData = array('total' => $total, 'perPage' => comments::PAGE_LIMIT, 'page' => $page, 'url' => $pageLoc, 'where' => 'comments');
$pagination = Partial::render('pagination', $paginationData);
if ($total != 0) {
echo $pagination;
}
if (empty($comments)) {
echo '<div class="alert">No comments!</div>';
}
foreach ($comments as $comment) {
?>
<table class="table table-bordered">
<tr>
<td style="width: 20%">
<a href="<?php
echo Url::format('/user/view/' . $comment['user']['username']);
?>
">
<?php
echo $comment['user']['username'];
?>
</a><br />
private function checkCAP($username, $password)
{
$user = $this->get($username);
// Check password authentication
if (empty($user)) {
return false;
}
if (!in_array('cert+pass', $user['auths'])) {
return false;
}
if ($user['password'] != $this->hash($password, $username)) {
return false;
}
// Check certificate authentication
$certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis'));
$userId = $certs->check($_SERVER['SSL_CLIENT_RAW_CERT']);
if ($userId == null) {
return false;
}
if ($userId != $user['_id']) {
return false;
}
return $user;
}
public function api($arguments)
{
Layout::cut();
$GLOBALS['api'] = true;
$this->view['data'] = array();
if (empty($_SERVER['SSL_CLIENT_RAW_CERT']) || !in_array(md5($_SERVER['SSL_CLIENT_RAW_CERT']), Config::get('api:clients'))) {
return Error::set('You are not allowed to use the API.');
}
if (count($arguments) != 2) {
return Error::set('Too many or too few arguments.');
}
if (!in_array($arguments[0] . '/' . $arguments[1], Config::get('api:whitelist'))) {
return Error::set('Invalid reference.');
}
$class = new $arguments[0](ConnectionFactory::get('mongo'));
$params = empty($_POST['params']) ? array() : json_decode(base64_decode($_POST['params']), true);
$this->view['data'] = call_user_func_array(array($class, $arguments[1]), $params);
Log::error('API call made ' . $arguments[0] . '::' . $arguments[1] . ' with parameters ' . json_encode($params));
}
/**
* Force logout another user.
*
* @param string $username Username of user.
* @param string $sid Session id of user.
*/
public static function forceLogout($username, $sid)
{
if ($sid == session_id()) {
$current = true;
$data = self::$data;
} else {
$current = false;
$session = new redisSession(ConnectionFactory::get('redis'));
$data = $session->get($sid);
}
if (!empty($data['username'])) {
// User is logged in
if ($current) {
// Current user
self::destroy();
} else {
// Not current user
$session->destroy($sid);
}
}
apc_delete(Cache::PREFIX . 'user_' . $username);
}
