/**
* Run method with main page logic
*
* Read in list of the latest published articles. Pagination enabled.
* Populate template and display results in the page.
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
/*
if ($user == null || !$user->validUser ()) {
header ("Location: " . BASE_URL);
return;
}
*/
$articleDAO = ArticleDAO::getInstance();
$tagDAO = ArticleTagDAO::getInstance();
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
if ($page < 1) {
$page = 1;
}
$count = $paginator = $paginator_page = null;
$article = $articletags_array = null;
$title = "";
$count = $articleDAO->countPublished(true);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$article_array = $articleDAO->allPublished(true, array("order" => "{$articleDAO->getTableName()}.postDate DESC, {$articleDAO->getTableName()}.id DESC", "limit" => $paginator_page, "joins" => true));
foreach ($article_array as $article) {
$articletags_array[] = $tagDAO->allArticleTags($article, array("order" => "name"));
}
$this->template->render(array("title" => "Latests Articles", "main_page" => "article_list_tpl.php", "session" => $session, "article_array" => $article_array, "articletags_array" => $articletags_array, "paginator_page" => $paginator_page));
}
/**
* Run method with main page logic
*
* Read in the specified article from the database.
* Populate template and display article in the page
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
/*
if ($user == null || !$user->validUser ()) {
header ("Location: " . BASE_URL);
return;
}
*/
$articleDAO = ArticleDAO::getInstance();
$tagDAO = ArticleTagDAO::getInstance();
$article = $articletags = null;
$title = "";
if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
$article_id = intval($_GET["id"]);
$article = $articleDAO->load($article_id, array("joins" => true));
if ($article) {
$title .= "{$article->getTitle()}";
$articletags = $tagDAO->allArticleTags($article, array("order" => "name"));
}
}
//print_r ($articletags);
$this->template->render(array("title" => "Article - " . $title, "main_page" => "view_article_tpl.php", "session" => $session, "article" => $article, "articletags" => $articletags));
}
/**
* Run method with main page logic
*
* Read in album information and photos associated with an album from the database.
* Populate template and display results in the page. Pagination possible
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
$albumDAO = AlbumDAO::getInstance();
$photoDAO = PhotoDAO::getInstance();
$album = $photo_array = $photo_count = $paginator_page = $queryVars = null;
$title = "";
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
if ($page < 1) {
$page = 1;
}
$id = isset($_GET["id"]) && is_numeric($_GET["id"]) ? intval($_GET["id"]) : 0;
if ($id <= 0) {
header("Location: " . BASE_URL);
return;
}
$album = $albumDAO->load($id, array("joins" => true));
if ($album) {
$title = $album->getTitle();
$count = $photoDAO->countByAlbum($album);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$photo_array = $photoDAO->allByAlbum($album, array("limit" => $paginator_page));
$queryVars = array("id" => $id);
}
$this->template->render(array("title" => "View Album - {$title}", "session" => $session, "album" => $album, "photo_array" => $photo_array, "paginator_page" => $paginator_page, "queryVars" => $queryVars, "main_page" => "view_album_tpl.php"));
}
/**
* Run method with main page logic
*
* Read in the specified event from the database.
* Populate template and display event details in the page. Allow admin preview of un-approved event
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
$eventDAO = EventDAO::getInstance();
$attendDAO = AttendanceDAO::getInstance();
$title = "";
$event = $attending = $attend_array = null;
$attend_count = null;
if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
$id = intval($_GET["id"]);
$event = $eventDAO->load($id, array("joins" => true));
// Check if event is approved
if ($event && $event->status == Event::APPROVED_STATUS) {
$title .= " - {$event->title}";
if ($user) {
$attending = $attendDAO->loadExists($event, $user);
}
$attend_count = $attendDAO->countByEvent($event);
$attend_array = $attendDAO->allByEvent($event, array("joins" => true, "order" => "id DESC"));
} else {
if ($event && $session->getUser() && $session->getUser()->isAdmin()) {
$title .= " - {$event->title}";
$attending = $attendDAO->loadExists($event, $user);
$attend_count = $attendDAO->countByEvent($event);
$attend_array = $attendDAO->allByEvent($event, array("joins" => true, "order" => "id DESC"));
} else {
$event = null;
}
}
}
$this->template->render(array("title" => "Event Details" . $title, "main_page" => "view_event_tpl.php", "session" => $session, "event" => $event, "attending" => $attending, "attend_array" => $attend_array, "attend_count" => $attend_count));
}
/**
* Run method with main page logic
*
* Read in list of albums and the latest photos for each album. Pagination enabled.
* Populate template with data and display results in the page.
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
$albumDAO = AlbumDAO::getInstance();
$photoDAO = PhotoDAO::getInstance();
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
if ($page < 1) {
$page = 1;
}
$count = $paginator = $paginator_page = null;
$album = $photo_info_array = null;
$title = "";
$count = $albumDAO->count();
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$album_array = $albumDAO->all(array("limit" => $paginator_page));
$photo_info_array = array();
foreach ($album_array as $album) {
$count = $photoDAO->countByAlbum($album);
if ($count > 0) {
$tmp_paginator = new Paginator($count, 1);
$tmp_paginator_page = $paginator->getPage($page);
// Only get latest item
list($latest_photo) = $photoDAO->allByAlbum($album, array("order" => "id DESC", "limit" => $tmp_paginator_page));
$photo_info_array[] = array($count, $latest_photo);
}
}
$this->template->render(array("title" => "Album List", "main_page" => "album_list_tpl.php", "session" => $session, "album_array" => $album_array, "photo_info_array" => $photo_info_array, "paginator_page" => $paginator_page));
}
/**
* Run method with main page logic
*
* Populate template and display form for creating a new album entry. For POST request,
* validate form data and save information to database. Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$albumDAO = AlbumDAO::getInstance();
$album = null;
$form_errors = array();
$form_values = array("title" => "");
if (!empty($_POST)) {
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_errors)) {
$album = new Album();
$album->setTitle($form_values["title"]);
if ($albumDAO->insert($album)) {
$session->setMessage("Album saved");
header("Location: edit_album.php?id={$album->id}");
return;
} else {
$session->setMessage("Album not saved");
}
}
}
$this->template->render(array("title" => "Create Album", "session" => $session, "main_page" => "create_album_tpl.php", "album" => $album, "form_values" => $form_values, "form_errors" => $form_errors));
}
/**
* Run method with main page logic
*
* Read in list of the latest published events and populate template with results.
* Display results in the page. Pagination enabled
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
$eventDAO = EventDAO::getInstance();
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
$platform_id = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
if ($page < 1) {
$page = 1;
}
$count = $paginator = $paginator_page = $queryVars = $current_platform = null;
if ($platform_id <= 0) {
$count = $eventDAO->countStatus(Event::APPROVED_STATUS);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->allByStatus(Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
} else {
$count = $eventDAO->countPlatformStatus($platform_id, Event::APPROVED_STATUS);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->allByPlatformStatus($platform_id, Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
$queryVars = array("platform" => $platform_id);
}
$platformDAO = PlatformDAO::getInstance();
$platform_array = $platformDAO->all();
//print_r ($event_array);
if ($platform_id > 0) {
$current_platform = $platformDAO->load($platform_id);
}
$this->template->render(array("title" => "Event List", "main_page" => "event_list_tpl.php", "event_array" => $event_array, "session" => $session, "paginator_page" => $paginator_page, "sidebar_extra" => joinPath("fragments", "event_sidebar_tpl.php"), "platform_array" => $platform_array, "queryVars" => $queryVars, "current_platform" => $current_platform));
}
/**
* Run method with main page logic
*
* If a user has a valid session, kill old session data and start new anonymous session.
* Populate template and display logout status in page.
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if ($user == null) {
$session->setMessage("Not currently logged in", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$session->kill();
$user = $session->getUser();
$this->template->render(array("main_page" => "logout_tpl.php", "title" => "Logged out", "user" => $user));
}
/**
* Run method with main page logic
*
* Populate template and display form for editing an album entry. For POST requests,
* check user credentials, check if album exists and then update entry in database.
* Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$albumDAO = AlbumDAO::getInstance();
$album = null;
$form_errors = array();
$form_values = array("id" => "", "title" => "");
if (!empty($_POST)) {
$form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
if (empty($form_values["id"])) {
$form_errors["id"] = "No id specified";
}
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_errors)) {
$album = $albumDAO->load($form_values["id"]);
if ($album) {
$album->setTitle($form_values["title"]);
if ($albumDAO->save($album)) {
$session->setMessage("Album saved");
header("Location: edit_album.php?id={$album->id}");
return;
} else {
$session->setMessage("Album not saved");
}
}
} else {
if (empty($form_errors["id"])) {
$album = $albumDAO->load($form_values["id"]);
}
}
} else {
if (!empty($_GET)) {
$form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
if (empty($form_values["id"])) {
header("Location: " . BASE_URL);
return;
} else {
$album = $albumDAO->load($form_values["id"]);
// Album does not exist. Pass null to template
if (!$album) {
} else {
$form_values["id"] = $album->getId();
$form_values["title"] = $album->getTitle();
}
}
}
}
$this->template->render(array("title" => "Edit Album", "session" => $session, "main_page" => "edit_album_tpl.php", "album" => $album, "form_values" => $form_values, "form_errors" => $form_errors));
}
/**
* Run method with main page logic
*
* Populate template and display confirmation for photo deletion. For POST requests,
* check user credentials, check if photo exists and then delete entry from database.
* Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if ($user == null || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$photoDAO = PhotoDAO::getInstance();
$delete_photo = null;
$form_errors = array();
$form_values = array("id" => "");
if (!empty($_POST)) {
$id = isset($_POST["id"]) ? trim($_POST["id"]) : "";
if (empty($id)) {
header("Location: " . BASE_URL);
return;
} else {
if (is_numeric($id)) {
$delete_photo = $photoDAO->load($id);
if ($delete_photo) {
if ($photoDAO->delete($delete_photo)) {
unlink($delete_photo->getFileLoc());
if ($delete_photo->getThumbLoc()) {
unlink($delete_photo->getThumbLoc());
}
$session->setMessage("Photo deleted");
header("Location: " . BASE_URL);
return;
} else {
$session->setMessage("Could not delete photo", Session::MESSAGE_ERROR);
}
}
}
}
} else {
if (!empty($_GET)) {
$id = isset($_GET["id"]) ? trim($_GET["id"]) : "";
if (empty($id)) {
header("Location: " . BASE_URL);
return;
} else {
if (is_numeric($id)) {
$delete_photo = $photoDAO->load($id);
if ($delete_photo) {
$form_values["id"] = $delete_photo->getId();
}
}
}
} else {
header("Location: " . BASE_URL);
return;
}
}
$this->template->render(array("title" => "Delete Profile", "main_page" => "delete_photo_tpl.php", "session" => $session, "delete_photo" => $delete_photo, "form_errors" => $form_errors, "form_values" => $form_values));
}
/**
* Run method with main page logic
*
* Reads in events for a given month or current month if no parameters are passed.
* Allow filtering by platform id. Populate template and display event data in a calendar view on the page.
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
$eventDAO = EventDAO::getInstance();
$platformDAO = PlatformDAO::getInstance();
//$page = (isset ($_GET["page"]) && is_numeric ($_GET["page"])) ? intval ($_GET["page"]) : 1;
$platform_id = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
$month = isset($_GET["month"]) && is_numeric($_GET["month"]) ? intval($_GET["month"]) : 0;
$year = isset($_GET["year"]) && is_numeric($_GET["year"]) ? intval($_GET["year"]) : 0;
//if ($page < 1) {
// $page = 1;
//}
$count = $paginator = $paginator_page = $event_array = $next_eventday = $prev_eventday = $current_platform = null;
if ($platform_id > 0 && checkdate($month, 1, $year)) {
$start = mktime(0, 0, 0, $month, 1, $year);
$end = strtotime("+1 month", $start) - 1;
//$count = $eventDAO->countPlatformStatusAndRange ($platform, Event::APPROVED_STATUS, $start, $end);
//$paginator = new Paginator ($count, 3);
//$paginator_page = $paginator->getPage ($page);
$event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
} else {
if ($platform_id > 0) {
$start = mktime(0, 0, 0, idate("m"), 1, idate("Y"));
$end = strtotime("+1 month", $start) - 1;
//$count = $eventDAO->countPlatformStatusAndRange ($platform, Event::APPROVED_STATUS, $start, $end);
//$paginator = new Paginator ($count, 3);
//$paginator_page = $paginator->getPage ($page);
$event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
} else {
if (checkdate($month, 1, $year)) {
$start = mktime(0, 0, 0, $month, 1, $year);
$end = strtotime("+1 month", $start) - 1;
//$count = $eventDAO->countStatus (Event::APPROVED_STATUS);
//$paginator = new Paginator ($count, 3);
//$paginator_page = $paginator->getPage ($page);
$event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
} else {
$start = mktime(0, 0, 0, idate("m"), 1, idate("Y"));
$end = strtotime("+1 month", $start) - 1;
//$count = $eventDAO->countStatus (Event::APPROVED_STATUS);
//$paginator = new Paginator ($count, 3);
//$paginator_page = $paginator->getPage ($page);
$event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true));
}
}
}
$next_eventday = $eventDAO->loadByNextDay($end, Event::APPROVED_STATUS);
$prev_eventday = $eventDAO->loadByPreviousDay($start, Event::APPROVED_STATUS);
if ($platform_id > 0) {
$current_platform = $platformDAO->load($platform_id);
}
$platform_array = $platformDAO->all();
//print_r ($event_array);
$this->template->render(array("title" => "Event Month Calendar - " . date("F", $start) . " " . date("Y", $start), "main_page" => "events_month_tpl.php", "event_array" => $event_array, "session" => $session, "start" => $start, "end" => $end, "next_eventday" => $next_eventday, "prev_eventday" => $prev_eventday, "sidebar_extra" => joinPath("fragments", "event_sidebar_tpl.php"), "platform_array" => $platform_array, "current_platform" => $current_platform));
}
/**
* Run method with main page logic
*
* Populate template and display confirmation for event deletion. For POST request,
* check user credentials, check if event exists and then delete entry from database.
* Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
// Check if user is an admin
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$eventDAO = EventDAO::getInstance();
$delete_event = null;
$form_errors = array();
$form_values = array("id" => "");
if (!empty($_POST)) {
// Check if a number was passed for the id
$id = isset($_POST["id"]) ? trim($_POST["id"]) : "";
if (empty($id)) {
header("Location: " . BASE_URL);
return;
} else {
if (is_numeric($id)) {
$delete_event = $eventDAO->load($id);
// Event exists. Delete
if ($delete_event) {
if ($eventDAO->delete($delete_event)) {
$session->setMessage("Event deleted");
header("Location: " . BASE_URL);
return;
} else {
$session->setMessage("Could not delete event", Session::MESSAGE_ERROR);
}
}
}
}
} else {
if (!empty($_GET)) {
$id = isset($_GET["id"]) ? trim($_GET["id"]) : "";
if (empty($id)) {
header("Location: " . BASE_URL);
return;
} else {
if (is_numeric($id)) {
$delete_event = $eventDAO->load($id);
if ($delete_event) {
$form_values["id"] = $delete_event->getId();
}
}
}
} else {
header("Location: " . BASE_URL);
return;
}
}
$this->template->render(array("title" => "Delete Event", "main_page" => "delete_event_tpl.php", "session" => $session, "delete_event" => $delete_event, "form_errors" => $form_errors, "form_values" => $form_values));
}
/**
* Run method with main page logic
*
* Read in the specified photo from the database. Read in album data as well.
* Populate template and display photo in the page.
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
$photoDAO = PhotoDAO::getInstance();
$photo = $next_photo = $prev_photo = $photo_index = $photo_count = null;
$title = "";
if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
$photo_id = intval($_GET["id"]);
$photo = $photoDAO->load($photo_id, array("joins" => true));
if ($photo) {
$title .= " - {$photo->getTitle()}";
// Load next and previous photos as well as position of current photo in album
$next_photo = $photoDAO->loadNext($photo);
$prev_photo = $photoDAO->loadPrevious($photo);
$photo_index = $photoDAO->countPosition($photo, $photo->getAlbum());
$photo_count = $photoDAO->countByAlbum($photo->getAlbum());
}
}
$this->template->render(array("title" => "View Photo" . $title, "main_page" => "view_photo_tpl.php", "session" => $session, "photo" => $photo, "next_photo" => $next_photo, "prev_photo" => $prev_photo, "photo_index" => $photo_index, "photo_count" => $photo_count));
}
/**
* Run method with main page logic
*
* Populate template and display form for creating a new page entry. For POST request,
* validate form data and save information to database. Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$pageDAO = PageDAO::getInstance();
$page = null;
$form_errors = array();
$form_values = array("id" => "", "title" => "", "content" => "", "published" => false, "template" => "");
if (!empty($_POST)) {
$form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : "";
$form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : "";
$form_values["template"] = isset($_POST["template"]) ? trim($_POST["template"]) : "";
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["content"])) {
$form_errors["content"] = "No content specified";
}
if (empty($form_values["published"])) {
$form_errors["published"] = "Published status not specified";
} else {
if (strcmp($form_values["published"], "true") != 0 && strcmp($form_values["published"], "false") != 0) {
$form_errors["published"] = "Published must be a boolean value";
}
}
if (empty($form_errors)) {
$page = new PageModel();
$page->setTitle($form_values["title"]);
$page->setContent($form_values["content"]);
$page->setUserId($user->id);
$pub_value = strcmp($form_values["published"], "true") == 0 ? true : false;
$page->setPublished($pub_value);
if (!empty($form_values["template"])) {
$page->setTemplate($form_values["template"]);
}
if ($pageDAO->insert($page)) {
$session->setMessage("Page saved");
header("Location: edit_page.php?id={$page->id}");
return;
} else {
$session->setMessage("Page not saved");
}
}
}
$this->template->render(array("title" => "Create Page", "session" => $session, "main_page" => "create_page_tpl.php", "page" => $page, "form_values" => $form_values, "form_errors" => $form_errors));
}
/**
* Run method with main page logic
*
* Read in the specified profile from the database. Check if the current visitor is a valid user
* and redirect if the user is not. If the user is valid,
* populate template and display profile details in the page. Available to members only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
// Check for a valid user
if ($user == null || !$user->validUser()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$userDAO = UserDAO::getInstance();
$user = null;
$title = "";
if (!empty($_GET["id"]) && is_numeric($_GET["id"])) {
$user_id = intval($_GET["id"]);
$user = $userDAO->load($user_id);
if ($user) {
$title .= " - {$user->getUserName()}";
}
}
$this->template->render(array("title" => "View Profile" . $title, "main_page" => "view_profile_tpl.php", "user" => $user, "session" => $session));
}
/**
* Run method with main page logic
*
* Read in albums from the database. Displays an interface to administer album data
* for allowing bulk deletion of albums, deletion of a single
* album and links to edit and view each album entry. Pagination enabled.
* Available to admins only
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? $_GET["page"] : 1;
if ($page < 1) {
$page = 1;
}
$action = isset($_GET["action"]) ? trim($_GET["action"]) : "";
$albumDAO = AlbumDAO::getInstance();
$album_array = $paginator_page = null;
$content_title = "";
// Check for POST request and necessary data for deletion
if (!empty($_POST) && !empty($_POST["ids"]) && !empty($_POST["action"])) {
$action = isset($_POST["action"]) ? trim($_POST["action"]) : "";
if (!strcmp($action, "delete") == 0) {
header("Location: " . BASE_URL);
return;
}
$status = $albumDAO->deleteByIds($_POST["ids"]);
if ($status) {
$session->setMessage("Selected pages deleted");
header("Location: {$_SERVER["PHP_SELF"]}");
return;
} else {
$session->setMessage("Deletion failed", Session::MESSAGE_ERROR);
header("Location: {$_SERVER["PHP_SELF"]}");
return;
}
} else {
if (strcmp($action, "delete") == 0 && !empty($_GET["ids"])) {
$content_title = "Delete Album";
$album_array = $albumDAO->allByIds($_GET["ids"]);
} else {
if (strcmp($action, "delete") == 0) {
} else {
$count = $albumDAO->count();
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$album_array = $albumDAO->all(array("limit" => $paginator_page));
}
}
}
$this->template->render(array("title" => "Admin - Album Options", "main_page" => "album_options_tpl.php", "session" => $session, "album_array" => $album_array, "paginator_page" => $paginator_page, "action" => $action, "content_title" => $content_title));
}
/**
* Run method with main page logic
*
* Read latest approved event data from database. Alter output header so
* client interprets sent text as RSS/XML. Send feed text
* to client
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 20;
$eventDAO = EventDAO::getInstance();
$platform = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
$count = $paginator = $paginator_page = null;
// Platform choice was made. Retrieve only events with platform id
if ($platform <= 0) {
$count = $eventDAO->countStatus(Event::APPROVED_STATUS);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage(1);
$event_array = $eventDAO->allByStatus(Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
} else {
$count = $eventDAO->countPlatformStatus($platform, Event::APPROVED_STATUS);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage(1);
$event_array = $eventDAO->allByPlatformStatus($platform, Event::APPROVED_STATUS, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
}
//print_r ($event_array);
// Alter header so client does not interpret output as HTML
header("Content-Type: text/xml");
$this->template->render(array("title" => "Latest Events Feed", "event_array" => $event_array, "paginator_page" => $paginator_page));
}
/**
* Run method with main page logic
*
* Populate template and display login form. For POST requests,
* check if a user exists with the specified password, and enter user id into session if login is valid.
* @access public
*/
public function run()
{
$form_errors = array();
$form_values = array("username" => "", "password" => "");
$session = Session::getInstance();
$user = $session->getUser();
if ($user != null) {
$session->setMessage("You are already logged in", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
// Check if form data is being passed
if (!empty($_POST)) {
$form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
$form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
$password = sha1($form_values["password"]);
if (empty($form_values["username"])) {
$form_errors["username"] = "******";
}
if (empty($form_values["password"])) {
$form_errors["password"] = "******";
}
if (empty($form_errors["username"])) {
$userDAO = UserDAO::getInstance();
$user = $userDAO->loadByUsername($form_values["username"]);
if ($user && $user->getStatus() == User::STATUS_OK) {
if (strcmp($user->getPasshash(), $password) != 0) {
$form_errors["username"] = "******";
}
} else {
if ($user && $user->getStatus() == User::STATUS_NEEDADMIN) {
$form_errors["username"] = "******";
} else {
$form_errors["username"] = "******";
}
}
}
if (empty($form_errors)) {
$session->setUser($user);
$session->setMessage("Welcome, {$user->getUsername()}");
header("Location: " . BASE_URL);
return;
}
}
$user = $session->getUser();
$this->template->render(array("main_page" => "login_tpl.php", "title" => "Login", "user" => $user, "form_values" => $form_values, "form_errors" => $form_errors));
}
/**
* Run method with main page logic
*
* Populate template and read in list of users in the database. Allow filtering by online identity
* and by the first letter of a user name. Display list in the page.
* Available to members only
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->validUser()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
if ($page < 1) {
$page = 1;
}
$userDAO = UserDAO::getInstance();
$user_array = $paginator_page = null;
$form_values = array("identity" => "", "startswith" => "");
$form_values["identity"] = $identity = isset($_GET["identity"]) ? trim($_GET["identity"]) : "";
$form_values["startswith"] = isset($_GET["startswith"]) ? trim($_GET["startswith"]) : "";
$identity_array = array("steam", "xbox", "psn", "wii");
$queryVars = array();
if ($identity) {
$found = false;
for ($i = 0; $i < count($identity_array) && !$found; $i++) {
if (strcmp($identity, $identity_array[$i]) == 0) {
$paginator = new Paginator($userDAO->countIdentity($identity), $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$user_array = $userDAO->allByIdentity($identity, array("limit" => $paginator_page, "order" => "userName ASC"));
$found = true;
}
}
$queryVars["identity"] = $form_values["identity"];
} else {
if (!empty($form_values["startswith"]) && preg_match("/^[a-z]/", $form_values["startswith"])) {
$paginator = new Paginator($userDAO->countLetter($form_values["startswith"]), $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$user_array = $userDAO->allByLetter($form_values["startswith"], array("limit" => $paginator_page, "order" => "userName ASC"));
$queryVars["startswith"] = $form_values["startswith"];
} else {
$paginator = new Paginator($userDAO->count(), $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$user_array = $userDAO->all(array("limit" => $paginator_page, "order" => "userName ASC"));
}
}
$this->template->render(array("title" => "View Userlist", "main_page" => "user_list_tpl.php", "user_array" => $user_array, "session" => $session, "paginator_page" => $paginator_page, "form_values" => $form_values, "queryVars" => $queryVars));
}
/**
* Run method with main page logic
*
* Populate template and Display form for editing an event entry. For POST requests,
* check user credentials, check if event exists and then update entry in database.
* Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
//if (!$user || !$user->isAdmin ()) {
if (!$user || !$user->validUser()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$form_errors = array();
$form_values = array("id" => "", "title" => "", "description" => "", "sanctioned" => "", "status" => "", "date" => "", "platform" => "");
$eventDAO = EventDAO::getInstance();
$event = null;
if (!empty($_POST)) {
$form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
$form_values["platform"] = isset($_POST["platform"]) ? trim($_POST["platform"]) : "";
$form_values["sanctioned"] = isset($_POST["sanctioned"]) ? trim($_POST["sanctioned"]) : "";
$form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : "";
$form_values["date"] = isset($_POST["date"]) ? trim($_POST["date"]) : "";
if (empty($form_values["id"])) {
$form_errors["id"] = "No id specified";
}
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["description"])) {
$form_errors["description"] = "No description specified";
}
if (empty($form_values["platform"])) {
$form_errors["platform"] = "No platform specified";
} else {
if (!is_numeric($form_values["platform"])) {
$form_errors["platform"] = "Platform choice must be an integer value";
} else {
$platformDAO = PlatformDAO::getInstance();
$platform = $platformDAO->load($form_values["platform"]);
if (!$platform) {
$form_errors["platform"] = "Invalid platform specified";
}
}
}
if ($user->isAdmin() && empty($form_values["sanctioned"])) {
$form_errors["sanctioned"] = "No sanctioned flag specified";
} else {
if ($user->isAdmin() && strcmp($form_values["sanctioned"], "true") != 0 && strcmp($form_values["sanctioned"], "false") != 0) {
$form_errors["sanctioned"] = "sanctioned flag must be a boolean value";
}
}
if ($user->isAdmin() && empty($form_values["status"])) {
$form_errors["status"] = "No status flag specified";
} else {
if ($user->isAdmin() && !is_numeric($form_values["status"])) {
$form_errors["status"] = "Status flag must be an integer value";
} else {
if ($user->isAdmin()) {
$status = intval($form_values["status"]);
$tmp = new Event();
try {
$tmp->setStatus($status);
} catch (Exception $e) {
$form_errors["status"] = "Invalid value for status";
}
}
}
}
if (empty($form_values["date"])) {
$form_errors["date"] = "No date specified";
} else {
if (strtotime($_POST["date"]) == 0) {
$form_errors["date"] = "An invalid date was specified";
$form_values["date"] = "";
}
}
if (empty($form_errors)) {
$event = $eventDAO->load($form_values["id"]);
if ($event && ($user->isAdmin() || $event->getUserId() == $user->getId())) {
$event->setTitle($form_values["title"]);
$event->setDescription($form_values["description"]);
$event->setPlatformId(intval($form_values["platform"]));
if ($user->isAdmin() || $user->validUser() && $user->getUserType() == User::TRUSTED_TYPE) {
$sanctioned_value = strcmp($form_values["sanctioned"], "true") == 0 ? true : false;
$event->setSanctioned($sanctioned_value);
$event->setStatus($form_values["status"]);
}
$pubtimestamp = strtotime($_POST["date"]);
$event->setDate($pubtimestamp);
$event->setUserId($user->id);
//print_r ($event);
if ($eventDAO->save($event)) {
// Attempt to ignore for regular admin edits
if ($event->getUserId() == $user->getId()) {
require_once joinPath(INCLUDES_DIR, "models", "Attendance.php");
Attendance::emailAttendees($event, $user);
}
$session->setMessage("Event details saved");
header("Location: edit_event.php?id={$event->getId()}");
return;
} else {
$session->setMessage("Event details could not be saved", Session::MESSAGE_ERROR);
}
}
} else {
if (empty($form_errors["id"])) {
$event = $eventDAO->load($form_values["id"]);
}
}
} else {
if (!empty($_GET)) {
$form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
if (empty($form_values["id"])) {
header("Location: " . BASE_URL);
return;
} else {
$event = $eventDAO->load($form_values["id"]);
// Event does not exist. Pass null to template
if (!$event) {
} else {
if (!$user->isAdmin() && $event->userId != $user->id) {
$session->setMessage("Do not have permission to edit page", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
} else {
$form_values["id"] = $event->getId();
$form_values["title"] = $event->getTitle();
$form_values["description"] = $event->getDescription();
$form_values["sanctioned"] = $event->getSanctioned() == true ? "true" : "false";
$form_values["status"] = $event->getStatus();
$form_values["date"] = strftime("%d %B %Y", $event->getDate());
$form_values["platform"] = $event->getPlatformId();
}
}
}
}
}
$platformDAO = PlatformDAO::getInstance();
$platform_array = $platformDAO->all();
$this->template->render(array("title" => "Edit Event", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "edit_event_tpl.php", "session" => $session, "event" => $event, "form_values" => $form_values, "form_errors" => $form_errors, "platform_array" => $platform_array));
}
/**
* Run method with main page logic
*
* Populate template and display form for editing an photo entry. For POST requests,
* check user credentials, check if photo exists and then update entry in database.
* Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$photoDAO = PhotoDAO::getInstance();
$albumDAO = AlbumDAO::getInstance();
$photo = null;
$form_errors = array();
$form_values = array("id" => "", "albumid" => "", "title" => "", "description" => "");
if (!empty($_POST)) {
$form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
$form_values["albumid"] = isset($_POST["albumid"]) && is_numeric($_POST["albumid"]) ? intval($_POST["albumid"]) : "";
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
if (empty($form_values["id"])) {
$form_errors["id"] = "No id specified";
}
$photo = $photoDAO->load($form_values["id"]);
if (!$photo) {
$form_errors["id"] = "Photo does not exist";
}
if (empty($form_values["albumid"])) {
$form_errors["albumid"] = "No albumid specified";
} else {
if (!$albumDAO->load($form_values["albumid"])) {
$form_errors["albumid"] = "Album does not exist";
}
}
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["description"])) {
$form_errors["description"] = "No description specified";
}
// Check if image will be changed
$upload_path = "";
if (!empty($_FILES["imagefile"]) && $_FILES["imagefile"]["error"] != UPLOAD_ERR_NO_FILE) {
if ($_FILES["imagefile"]["error"] != UPLOAD_ERR_OK) {
$form_errors["imagefile"] = "File upload failed";
} else {
$info = getimagesize($_FILES["imagefile"]["tmp_name"]);
$path = pathinfo($_FILES["imagefile"]["name"]);
$upload_path = joinPath(Photo::UPLOAD_DIR, strftime("%Y_%m"), basename($_FILES['imagefile']['name']));
$thumbLoc = joinPath(Photo::THUMBNAIL_DIR, strftime("%Y_%m"), $path["filename"] . "_thumb.jpg");
$smallThumbLoc = joinPath(Photo::THUMBNAIL_DIR, strftime("%Y_%m"), $path["filename"] . "_thumb_small.jpg");
if (!$info || !(strtolower($path["extension"]) != ".png" && strtolower($path["extension"]) != ".jpg" && strtolower($path["extension"]) != ".jpeg")) {
$form_errors["imagefile"] = "An invalid file was uploaded";
} else {
if (file_exists($upload_path)) {
unlink($upload_path);
if (file_exists($thumbLoc)) {
unlink($thumbLoc);
}
if (file_exists($smallThumbLoc)) {
unlink($smallThumbLoc);
}
//$form_errors["imagefile"] = "Filename already exists. Please choose different name or delete file first";
}
}
}
}
if (empty($form_errors)) {
$photo->setAlbumId($form_values["albumid"]);
$photo->setTitle($form_values["title"]);
$photo->setDescription($form_values["description"]);
// New image has been uploaded
if (!empty($_FILES["imagefile"]) && $_FILES["imagefile"]["error"] != UPLOAD_ERR_NO_FILE) {
if (!file_exists(dirname($upload_path))) {
mkdir(dirname($upload_path));
}
if (move_uploaded_file($_FILES["imagefile"]["tmp_name"], $upload_path)) {
$photo->setFileLoc($upload_path);
// Reset thumbnail location in case new image does not need a thumbnail
$photo->setThumbLoc("");
// Create thumbnail
if ($info[0] > Photo::MAX_WIDTH) {
$phpThumb = new phpThumb();
$phpThumb->setSourceFilename($photo->getFileLoc());
$phpThumb->setParameter('w', Photo::MAX_WIDTH);
$phpThumb->setParameter('config_output_format', 'jpeg');
if (!file_exists(dirname($thumbLoc))) {
mkdir(dirname($thumbLoc));
}
if ($phpThumb->GenerateThumbnail() && $phpThumb->RenderToFile($thumbLoc)) {
$photo->setThumbLoc($thumbLoc);
$phpThumb = new phpThumb();
$phpThumb->setSourceFilename($photo->getFileLoc());
$phpThumb->setParameter('h', Photo::SMALL_THUMB_HEIGHT);
$phpThumb->setParameter('config_output_format', 'jpeg');
$phpThumb->GenerateThumbnail();
} else {
if (file_exists($photo->getFileLoc())) {
unlink($photo->getFileLoc());
}
$form_errors["imagefile"] = "Image larger than " . Photo::MAX_WIDTH . "x" . Photo::MAX_HEIGHT . " and thumbnail generation failed";
}
}
} else {
$form_errors["imagefile"] = "File could not be moved";
}
}
if (empty($form_errors["imagefile"])) {
if ($photoDAO->save($photo)) {
$session->setMessage("Photo saved");
header("Location: edit_photo.php?id={$photo->getId()}");
return;
} else {
$session->setMessage("Photo not saved");
}
}
} else {
if (empty($form_errors["id"])) {
$photo = $photoDAO->load($form_values["id"]);
}
}
} else {
if (!empty($_GET)) {
$form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
if (empty($form_values["id"])) {
header("Location: " . BASE_URL);
return;
} else {
$photo = $photoDAO->load($form_values["id"]);
if ($photo) {
$form_values["id"] = $photo->getId();
$form_values["albumid"] = $photo->getAlbumId();
$form_values["title"] = $photo->getTitle();
$form_values["description"] = $photo->getDescription();
}
}
}
}
$album_array = $albumDAO->all();
$this->template->render(array("title" => "Edit Photo", "session" => $session, "main_page" => "edit_photo_tpl.php", "photo" => $photo, "form_values" => $form_values, "form_errors" => $form_errors, "album_array" => $album_array));
}
/**
* Run method with main page logic
*
* Read in events from the database. Populate template and display an interface to administer event data
* for allowing bulk deletion of events, deletion of a single
* event, links to editing and viewing each event entry.
* Available to admins only
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
// Check for admin user
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
if ($page < 1) {
$page = 1;
}
$action = isset($_GET["action"]) ? trim($_GET["action"]) : "";
$eventDAO = EventDAO::getInstance();
$event_array = $paginator_page = null;
$content_title = "";
// Check for POST request and necessary variable for deletion
if (!empty($_POST) && !empty($_POST["ids"]) && !empty($_POST["action"]) && empty($_POST["domodstatus"])) {
$action = isset($_POST["action"]) ? trim($_POST["action"]) : "";
if (!strcmp($action, "delete") == 0) {
header("Location: " . BASE_URL);
return;
}
$status = $eventDAO->deleteByIds($_POST["ids"]);
if ($status) {
$session->setMessage("Selected events deleted");
header("Location: {$_SERVER["PHP_SELF"]}");
return;
} else {
$session->setMessage("Deletion failed", Session::MESSAGE_ERROR);
header("Location: {$_SERVER["PHP_SELF"]}");
return;
}
} else {
if (!empty($_GET) && !empty($_GET["ids"]) && !empty($_GET["domodstatus"])) {
$status = isset($_GET["status"]) ? trim($_GET["status"]) : "";
if (!empty($status)) {
$status = intval($status);
$tmp = new Event();
try {
$tmp->setStatus($status);
} catch (Exception $e) {
$session->setMessage("Invalid status choice");
header("Location: {$_SERVER["PHP_SELF"]}");
return;
}
}
$status = $eventDAO->saveStatusByIds($status, $_GET["ids"]);
if ($status) {
$session->setMessage("Selected events updated");
header("Location: {$_SERVER["PHP_SELF"]}");
return;
} else {
$session->setMessage("Update failed", Session::MESSAGE_ERROR);
header("Location: {$_SERVER["PHP_SELF"]}");
return;
}
} else {
if (strcmp($action, "delete") == 0 && !empty($_GET["ids"])) {
$content_title = "Delete Events";
$event_array = $eventDAO->allByIds($_GET["ids"]);
} else {
if (strcmp($action, "delete") == 0) {
} else {
$count = $eventDAO->count();
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->all(array("limit" => $paginator_page, "joins" => true));
}
}
}
}
$this->template->render(array("title" => "Admin - Event Options", "main_page" => "event_options_tpl.php", "session" => $session, "event_array" => $event_array, "paginator_page" => $paginator_page, "action" => $action, "content_title" => $content_title));
}
/**
* Run method with main page logic
*
* Populate template and display form for registration. For POST requests, check if the user
* already exists. If not, create new User and AuthToken entries and send an email notification to the user
* @access public
*/
public function run()
{
$form_errors = array();
$form_values = array("username" => "", "password" => "", "password2" => "", "ulid" => "");
$session = Session::getInstance();
$user = $session->getUser();
// Session should not have a defined user
if ($user != null) {
$session->setMessage("You are already a user", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
if (!empty($_POST)) {
$form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
$form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
$form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : "";
$form_values["ulid"] = isset($_POST["ulid"]) ? trim($_POST["ulid"]) : "";
if (empty($form_values["username"])) {
$form_errors["username"] = "******";
}
if (empty($form_values["password"])) {
$form_errors["password"] = "******";
}
if (empty($form_values["password2"])) {
$form_errors["password"] = "******";
}
if (empty($form_values["ulid"])) {
$form_errors["ulid"] = "No ulid specified";
} else {
if (!preg_match("/[a-z]{5,7}/", $form_values["ulid"])) {
$form_errors["ulid"] = "Ulid is not in the proper format.";
}
}
$userDAO = UserDAO::getInstance();
$user = $userDAO->loadByUsername($form_values["username"]);
// User already exists
if ($user != null) {
$form_errors["username"] = "******";
}
if (strcmp($form_values["password"], $form_values["password2"]) != 0) {
$form_errors["password"] = "******";
}
$user = $userDAO->loadByUlid($form_values["ulid"]);
// User already exists
if ($user != null) {
$form_errors["ulid"] = "Ulid is already registered";
}
if (empty($form_errors)) {
$user = new User();
$user->setUsername($form_values["username"]);
$user->setPassHash(sha1($form_values["password"]));
$user->setUlid($form_values["ulid"]);
$status = $userDAO->insert($user);
if ($status) {
$token = new AuthToken();
$token->setUser($user);
$tokenDAO = AuthTokenDAO::getInstance();
$status = $tokenDAO->insert($token);
if ($status) {
$session->setMessage("Registration started. Check your email for a message to continue");
if (defined("SMTP_HOST") && strcmp(SMTP_HOST, "") != 0) {
$from_addr = EMAIL_ADDRESS;
//$to = "*****@*****.**";
$to = "{$form_values["ulid"]}@" . User::ISU_EMAIL_DOMAIN;
$subject = "Verify registration with " . SITE_NAME;
$body = "To start the next step of the registration process, click the verify link below and enter the requested information. If the URL does not appear as a link, copy the URL, paste it into your browser's address bar and proceed to the web page.\n\n" . joinPath(BASE_URL, "verify.php") . "?token={$token->getToken()}\n";
$headers = array("From" => $from_addr, "To" => $to, "Subject" => $subject);
$stmp = Mail::factory("smtp", array("host" => SMTP_HOST, "auth" => true, "username" => SMTP_USERNAME, "password" => SMTP_PASSWORD));
$mail = $stmp->send($to, $headers, $body);
}
header("Location: " . BASE_URL);
return;
}
}
}
}
$user = $session->getUser();
$this->template->render(array("title" => "Register", "main_page" => "register_tpl.php", "user" => $user, "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values));
}
/**
* Run method with main page logic
*
* Reads in events for a given day or current day if no parameters are passed.
* Allow filtering by platform id. Populate template and display event data on page.
* @access public
*/
public function run()
{
$PAGINATION_LIMIT = 10;
$session = Session::getInstance();
$user = $session->getUser();
$eventDAO = EventDAO::getInstance();
$page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1;
$platform_id = isset($_GET["platform"]) && is_numeric($_GET["platform"]) ? intval($_GET["platform"]) : 0;
$month = isset($_GET["month"]) && is_numeric($_GET["month"]) ? intval($_GET["month"]) : 0;
$day = isset($_GET["day"]) && is_numeric($_GET["day"]) ? intval($_GET["day"]) : 0;
$year = isset($_GET["year"]) && is_numeric($_GET["year"]) ? intval($_GET["year"]) : 0;
if ($page < 1) {
$page = 1;
}
$count = $paginator = $paginator_page = $event_array = $next_eventday = $prev_eventday = $queryVars = $current_platform = null;
if ($platform_id > 0 && checkdate($month, $day, $year)) {
$start = mktime(0, 0, 0, $month, $day, $year);
$end = strtotime("+1 day", $start) - 1;
$count = $eventDAO->countPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
$queryVars = array("platform" => $platform_id);
} else {
if ($platform_id > 0) {
$start = mktime(0, 0, 0);
$end = strtotime("+1 day", $start) - 1;
$count = $eventDAO->countPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->allByPlatformStatusAndRange($platform_id, Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
$queryVars = array("platform" => $platform_id);
} else {
if (checkdate($month, $day, $year)) {
$start = mktime(0, 0, 0, $month, $day, $year);
$end = strtotime("+1 day", $start) - 1;
$count = $eventDAO->countStatusAndRange(Event::APPROVED_STATUS, $start, $end);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
} else {
$start = mktime(0, 0, 0);
$end = strtotime("+1 day", $start) - 1;
$count = $eventDAO->countStatusAndRange(Event::APPROVED_STATUS, $start, $end);
$paginator = new Paginator($count, $PAGINATION_LIMIT);
$paginator_page = $paginator->getPage($page);
$event_array = $eventDAO->allByStatusAndRange(Event::APPROVED_STATUS, $start, $end, array("order" => "{$eventDAO->getTableName()}.date DESC, {$eventDAO->getTableName()}.id DESC", "joins" => true, "limit" => $paginator_page));
}
}
}
$platformDAO = PlatformDAO::getInstance();
$platform_array = $platformDAO->all();
if ($platform_id > 0) {
$current_platform = $platformDAO->load($platform_id);
$next_eventday = $eventDAO->loadByNextDayPlatform($platform_id, $end, Event::APPROVED_STATUS);
$prev_eventday = $eventDAO->loadByPreviousDayPlatform($platform_id, $start, Event::APPROVED_STATUS);
} else {
$next_eventday = $eventDAO->loadByNextDay($end, Event::APPROVED_STATUS);
$prev_eventday = $eventDAO->loadByPreviousDay($start, Event::APPROVED_STATUS);
}
$this->template->render(array("title" => "Event List for day " . strftime(strftime("%B %d, %Y", $start)), "main_page" => "events_day_tpl.php", "event_array" => $event_array, "session" => $session, "paginator_page" => $paginator_page, "start" => $start, "end" => $end, "next_eventday" => $next_eventday, "prev_eventday" => $prev_eventday, "sidebar_extra" => joinPath("fragments", "event_sidebar_tpl.php"), "platform_array" => $platform_array, "queryVars" => $queryVars, "current_platform" => $current_platform));
}
/**
* Run method with main page logic
*
* Populate template and display form for editing an article entry. For POST requests,
* check user credentials, check if article exists and then update entry in database.
* Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$form_errors = array();
$form_values = array("id" => "", "title" => "", "content" => "", "postDate" => "", "updateDate" => "", "published" => "", "tags" => "");
$articleDAO = ArticleDAO::getInstance();
$tagDAO = ArticleTagDAO::getInstance();
$article = null;
if (!empty($_POST)) {
$form_values["id"] = isset($_POST["id"]) && is_numeric($_POST["id"]) ? intval($_POST["id"]) : "";
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : "";
$form_values["postDate"] = isset($_POST["postDate"]) ? trim($_POST["postDate"]) : "";
$form_values["updateDate"] = isset($_POST["updateDate"]) ? trim($_POST["updateDate"]) : "";
$form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : "";
$form_values["tags"] = isset($_POST["tags"]) ? trim($_POST["tags"]) : "";
if (empty($form_values["id"])) {
$form_errors["id"] = "No id specified";
}
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["content"])) {
$form_errors["content"] = "No content specified";
}
if (empty($form_values["postDate"])) {
$form_errors["postDate"] = "No post date specified";
} else {
if (strtotime($form_values["postDate"]) == 0) {
$form_errors["postDate"] = "An invalid post date was specified";
$form_values["postDate"] = "";
}
}
if (!empty($form_values["updateDate"]) && strtotime($form_values["updateDate"]) == 0) {
$form_errors["updateDate"] = "An invalid update date was specified";
$form_values["updateDate"] = "";
}
if ($form_values["published"] != "true" && $form_values["published"] != "false") {
$form_errors["published"] = "Invalid published choice";
}
if (empty($form_errors)) {
$article = $articleDAO->load($form_values["id"]);
if ($article && ($user->isAdmin() || $article->userId == $user->id)) {
$article->setTitle($form_values["title"]);
$article->setContent($form_values["content"]);
$article->setPostDate(strtotime($form_values["postDate"]));
if (!empty($form_values["updateDate"])) {
$article->setUpdateDate(strtotime($form_values["updateDate"]));
}
//$article->setUpdateDate (time ());
$published = $form_values["published"] == "true" ? 1 : 0;
$article->setPublished($published);
$article->setUserId($user->id);
$sorted_tag_array = ArticleTag::tagsFromString($form_values["tags"]);
$sorted_tags = implode(" ", $sorted_tag_array);
$article->setTags($sorted_tags);
//print_r ($article);
if ($articleDAO->save($article)) {
$tagDAO->updateTags($article);
$session->setMessage("Article details saved");
header("Location: edit_article.php?id={$article->id}");
return;
} else {
$session->setMessage("Article details could not be saved", Session::MESSAGE_ERROR);
}
} else {
$session->setMessage("Do not have permission to edit the article", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
} else {
if (empty($form_errors["id"])) {
$article = $articleDAO->load($form_values["id"]);
}
}
} else {
if (!empty($_GET)) {
$form_values["id"] = isset($_GET["id"]) ? $_GET["id"] : "";
if (empty($form_values["id"])) {
header("Location: " . BASE_URL);
return;
} else {
$article = $articleDAO->load($form_values["id"]);
// Article does not exist. Pass null to template
if (!$article) {
} else {
if (!$user->isAdmin() && $article->userId != $user->id) {
$session->setMessage("Do not have permission to edit article", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
} else {
$form_values["id"] = $article->getId();
$form_values["title"] = $article->getTitle();
$form_values["content"] = $article->getContent();
$form_values["published"] = $article->getPublished() == true ? "true" : "false";
$form_values["postDate"] = strftime("%d %B %Y", $article->getPostDate());
$form_values["updateDate"] = $article->getUpdateDate() > 0 ? strftime("%d %B %Y", $article->getUpdateDate()) : "";
$form_values["tags"] = $article->getTags();
}
}
}
}
}
$this->template->render(array("title" => "Edit Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "edit_article_tpl.php", "session" => $session, "article" => $article, "form_errors" => $form_errors, "form_values" => $form_values));
}
/**
* Run method with main page logic
*
* Display a form for a user to confirm his/her user identity that was previously stored in the
* database. For POST requests, check that an AuthToken exists and that the user credentials entered in
* the form match the credentials of the user stored in the database. If true,
* alter the user's status to NEEDADMIN and make a session message indicating the next step in the process.
* @access public
*/
public function run()
{
$session = Session::getInstance();
// Session should not have a defined user
if ($session->getUser() != null) {
$session->setMessage("You are already a user", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$form_errors = array();
$form_values = array("username" => "", "password" => "", "token" => "");
$tokenDAO = AuthTokenDAO::getInstance();
// Do garbage collection on token table
//$tokenDAO->garbageCollect ();
//return;
// Register form
if (!empty($_POST)) {
$form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
$form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
$form_values["token"] = isset($_POST["token"]) ? trim($_POST["token"]) : "";
if (empty($form_values["username"])) {
$form_errors["username"] = "******";
}
if (empty($form_values["password"])) {
$form_errors["password"] = "******";
}
if (empty($form_values["token"])) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
}
$token = $tokenDAO->loadByToken($form_values["token"], array("joins" => true));
// No corresponding token exists
if ($token == null) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
} else {
if ($token->getExpireTime() < time() - AuthToken::MAX_EXPIRE) {
$userDAO->delete($token->getUser());
$tokenDAO->delete($token);
$session->setMessage("Token has expired. Profile has been deleted");
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
}
}
// Check password and status of pending user
$user = $token->getUser();
$pass_hash = sha1($form_values["password"]);
if (strcmp($user->getUsername(), $form_values["username"]) != 0) {
$form_errors["username"] = "******";
} else {
if (strcmp($user->getPasshash(), $pass_hash) != 0) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
} else {
if ($user->getStatus() == User::STATUS_OK) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
}
}
}
// Form and token are valid. Change user status
if (empty($form_errors)) {
$user->setStatus(User::STATUS_NEEDADMIN);
$user->setUserType(User::REGUSER_TYPE);
$userDAO = UserDAO::getInstance();
if (!$userDAO->save($user)) {
$session->setMessage("Could not alter profile");
} else {
//$session->setUser ($user);
$session->setMessage("Now awaiting admin approval");
$tokenDAO->delete($token);
}
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
}
} else {
if (!empty($_GET)) {
$token_string = isset($_GET["token"]) ? trim($_GET["token"]) : "";
$form_values["token"] = $token_string;
if (empty($token_string)) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
} else {
$token = $tokenDAO->loadByToken($token_string, array("joins" => true));
// Token does not exist. Redirect
if ($token == null) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
} else {
if ($token->getUser()->getStatus() != User::STATUS_PENDING) {
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
} else {
if ($token->getExpireTime() < time() - AuthToken::MAX_EXPIRE) {
$userDAO->delete($token->getUser());
$tokenDAO->delete($token);
$session->setMessage("Token has expired. Profile has been deleted", Session::MESSAGE_ERROR);
$tokenDAO->garbageCollect();
header("Location: " . BASE_URL);
return;
}
}
}
}
} else {
header("Location: " . BASE_URL);
return;
}
}
// Do garbage collection on token table
$tokenDAO->garbageCollect();
$this->template->render(array("title" => "Verify Account", "main_page" => "verify_tpl.php", "form_values" => $form_values, "form_errors" => $form_errors));
}
/**
* Run method with main page logic
*
* Populate template and display form for editing an profile entry. For POST requests,
* check user credentials, check if profile exists and then update entry in database.
* Available to members only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if ($user == null || !$user->validUser()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$userDAO = UserDAO::getInstance();
$alter_user = null;
$form_errors = array();
$form_values = array("id" => "", "password" => "", "password2" => "", "status" => "", "usertype" => "", "steamId" => "", "xboxId" => "", "psnId" => "", "wiiId" => "");
// Check form
if (!empty($_POST)) {
$form_values["id"] = isset($_POST["id"]) ? trim($_POST["id"]) : "";
$form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
$form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : "";
$form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : "";
$form_values["usertype"] = isset($_POST["usertype"]) ? trim($_POST["usertype"]) : "";
$form_values["steamId"] = isset($_POST["steamId"]) ? trim($_POST["steamId"]) : "";
$form_values["xboxId"] = isset($_POST["xboxId"]) ? trim($_POST["xboxId"]) : "";
$form_values["psnId"] = isset($_POST["psnId"]) ? trim($_POST["psnId"]) : "";
$form_values["wiiId"] = isset($_POST["wiiId"]) ? trim($_POST["wiiId"]) : "";
if (empty($form_values["id"])) {
$form_errors["id"] = "User id not set";
}
if (empty($form_values["password"]) && empty($form_values["password2"])) {
} else {
if (empty($form_values["password"])) {
$form_errors["password"] = "******";
} else {
if (empty($form_values["password2"])) {
$form_errors["password"] = "******";
} else {
if (strcmp($form_values["password"], $form_values["password2"]) != 0) {
$form_errors["password"] = "******";
$form_values["password2"] = "";
}
}
}
}
if ($user->isAdmin() && !empty($form_values["status"])) {
if (!is_numeric($form_values["status"])) {
$form_errors["status"] = "Status must be a number";
} else {
$status = intval($form_values["status"]);
$tmp = new User();
try {
$tmp->setUserType($status);
} catch (InvalidUserTypeException $e) {
$form_errors["status"] = "Invalid value for status";
}
}
} else {
if ($user->isAdmin() && empty($form_values["status"])) {
$form_errors["status"] = "Status not defined";
}
}
if ($user->isAdmin() && !empty($form_values["usertype"])) {
if (!is_numeric($form_values["usertype"])) {
$form_errors["usertype"] = "Status must be a number";
}
$tmp = new User();
try {
$tmp->setUserType($status);
} catch (InvalidStatusException $e) {
$form_errors["usertype"] = "Invalid value for status";
}
} else {
if ($user->isAdmin() && !empty($form_values["usertype"])) {
$form_errors["usertype"] = "Type not defined";
}
}
// Regular expression check for identities
if (!empty($form_values["steamId"])) {
if (strlen($form_values["steamId"]) > 20) {
$form_errors["steamId"] = "Steam ID too long";
} else {
if (!preg_match("/^([A-Za-z0-9_]{3,20})\$/", $form_values["steamId"])) {
$form_errors["steamId"] = "Steam ID is not valid";
}
}
}
if (!empty($form_values["xboxId"])) {
if (strlen($form_values["xboxId"]) > 15) {
$form_errors["xboxId"] = "Xbox gamertag too long";
} else {
if (!preg_match("/^[A-Za-z0-9 ]{3,15}\$/", $form_values["xboxId"])) {
$form_errors["xboxId"] = "Xbox gamertag is not valid";
}
}
}
if (!empty($form_values["psnId"])) {
if (strlen($form_values["psnId"]) > 16) {
$form_errors["psnId"] = "PSN ID too long";
} else {
if (!preg_match("/^([A-Za-z0-9-_]+){3,16}\$/", $form_values["psnId"])) {
$form_errors["psnId"] = "PSN ID is not valid";
}
}
}
if (!empty($form_values["wiiId"])) {
if (strlen($form_values["wiiId"]) > 20) {
$form_errors["wiiId"] = "Steam Id too long";
} else {
if (!preg_match("/^([0-9]{4}[- ][0-9]{4}[- ][0-9]{4}[- ][0-9]{4})\$/", $form_values["wiiId"])) {
$form_errors["wiiId"] = "Wii Friend Code is not valid";
}
}
}
// No errors found
if (empty($form_errors)) {
// Status call not done
$alter_user = $userDAO->load($form_values["id"]);
if ($alter_user != null) {
if ($session->getUser()->isAdmin() || $alter_user->getId() == $session->getUser()->id) {
if (!empty($form_values["password"])) {
$alter_user->setPassHash(sha1($form_values["password"]));
}
if (!empty($form_values["status"])) {
$alter_user->setStatus(intval($form_values["status"]));
}
if (!empty($form_values["usertype"])) {
$alter_user->setUserType(intval($form_values["usertype"]));
}
if (!empty($form_values["steamId"])) {
$alter_user->setSteamId($form_values["steamId"]);
}
if (!empty($form_values["xboxId"])) {
$alter_user->setXboxId($form_values["xboxId"]);
}
if (!empty($form_values["psnId"])) {
$alter_user->setPsnId($form_values["psnId"]);
}
if (!empty($form_values["wiiId"])) {
$alter_user->setWiiId($form_values["wiiId"]);
}
// Save profile
if ($userDAO->save($alter_user)) {
$session->setMessage("User profile altered");
header("Location: {$_SERVER["PHP_SELF"]}?id={$alter_user->id}");
return;
} else {
$session->setMessage("User profile not altered", Session::MESSAGE_ERROR);
}
} else {
header("Location: " . BASE_URL);
return;
}
}
} else {
if (empty($form_errors["id"])) {
$alter_user = $userDAO->load($form_values["id"]);
}
}
} else {
if (!empty($_GET)) {
$form_values["id"] = isset($_GET["id"]) ? trim($_GET["id"]) : "";
if (empty($form_values["id"])) {
$form_errors["id"] = "User id not set";
}
if (empty($form_errors)) {
$alter_user = $userDAO->load($form_values["id"]);
// Value is null so user does not exist. Allow null to be passed to template
if (!$alter_user) {
} else {
if ($session->getUser()->isAdmin()) {
$form_values["steamId"] = $alter_user->getSteamId();
$form_values["xboxId"] = $alter_user->getXboxId();
$form_values["psnId"] = $alter_user->getPsnId();
$form_values["wiiId"] = $alter_user->getWiiId();
} else {
if (!$session->getUser()->isAdmin() && $alter_user->getId() != $session->getUser()->getId()) {
$session->setMessage("Do not have permission", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
} else {
$form_values["steamId"] = $alter_user->getSteamId();
$form_values["xboxId"] = $alter_user->getXboxId();
$form_values["psnId"] = $alter_user->getPsnId();
$form_values["wiiId"] = $alter_user->getWiiId();
}
}
}
}
} else {
header("Location: " . BASE_URL);
return;
}
}
$this->template->render(array("title" => "Edit Profile", "main_page" => "edit_profile_tpl.php", "session" => $session, "alter_user" => $alter_user, "form_errors" => $form_errors, "form_values" => $form_values));
}
/**
* Run method with main page logic
*
* Populate template and display form for creating a new event entry. Regular users are allowed to create events but an
* admin must approve them before they are visible on the site. Trusted users are allowed to create
* events that will immediately be visible on the event calendar. For POST request,
* validate form data and save information to database. Available to members only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
//if (!$user || !$user->isAdmin ()) {
if (!$user || !$user->validUser()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$form_errors = array();
$form_values = array("title" => "", "description" => "", "sanctioned" => "", "status" => "", "date" => "", "platform" => "");
$eventDAO = EventDAO::getInstance();
//$event_array = $eventDAO->all ();
if (!empty($_POST)) {
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
$form_values["platform"] = isset($_POST["platform"]) ? trim($_POST["platform"]) : "";
$form_values["sanctioned"] = isset($_POST["sanctioned"]) ? trim($_POST["sanctioned"]) : "";
$form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : "";
$form_values["date"] = isset($_POST["date"]) ? trim($_POST["date"]) : "";
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["description"])) {
$form_errors["description"] = "No description specified";
}
if (empty($form_values["platform"])) {
$form_errors["platform"] = "No platform specified";
} else {
if (!is_numeric($form_values["platform"])) {
$form_errors["platform"] = "Platform choice must be an integer value";
} else {
$platform = intval($form_values["platform"]);
$tmp = new Event();
try {
$tmp->setPlatformId($platform);
} catch (Exception $e) {
$form_errors["platform"] = "Invalid value for platform";
}
}
}
if ($user->isAdmin() && empty($form_values["sanctioned"])) {
$form_errors["sanctioned"] = "No sanctioned flag specified";
} else {
if ($user->isAdmin() && strcmp($form_values["sanctioned"], "true") != 0 && strcmp($form_values["sanctioned"], "false") != 0) {
$form_errors["sanctioned"] = "sanctioned flag must be a boolean value";
}
}
if ($user->isAdmin() && empty($form_values["status"])) {
$form_errors["status"] = "No status flag specified";
} else {
if ($user->isAdmin() && !is_numeric($form_values["status"])) {
$form_errors["status"] = "Status flag must be an integer value";
} else {
if ($user->isAdmin()) {
$status = intval($form_values["status"]);
$tmp = new Event();
try {
$tmp->setStatus($status);
} catch (Exception $e) {
$form_errors["status"] = "Invalid value for status";
}
}
}
}
if (empty($form_values["date"])) {
$form_errors["date"] = "No date specified";
} else {
if (strtotime($_POST["date"]) == 0) {
$form_errors["date"] = "An invalid date was specified";
$form_values["date"] = "";
}
}
if (empty($form_errors)) {
$event = new Event();
$event->setTitle($form_values["title"]);
$event->setDescription($form_values["description"]);
$event->setPlatformId(intval($form_values["platform"]));
if ($user->isAdmin() || $user->validUser() && $user->getUserType() == User::TRUSTED_TYPE) {
$sanctioned_value = strcmp($form_values["sanctioned"], "true") == 0 ? true : false;
$event->setSanctioned($sanctioned_value);
$event->setStatus($form_values["status"]);
} else {
if ($user->validUser()) {
$event->setSanctioned(false);
$event->setStatus(Event::PENDING_STATUS);
}
}
$pubtimestamp = strtotime($_POST["date"]);
$event->setDate($pubtimestamp);
$event->setUserId($user->id);
//print_r ($event);
if ($eventDAO->insert($event)) {
$session->setMessage("Event details saved");
header("Location: edit_event.php?id={$event->id}");
return;
} else {
$session->setMessage("Event details could not be saved", Session::MESSAGE_ERROR);
}
}
}
$platformDAO = PlatformDAO::getInstance();
$platform_array = $platformDAO->all();
$this->template->render(array("title" => "Create Event", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "create_event_tpl.php", "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values, "platform_array" => $platform_array));
}
/**
* Run method with main page logic
*
* Only read in session data. Populate template and display index page.
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
$this->template->render(array("title" => "Index", "user" => $user, "session" => $session));
}
/**
* Run method with main page logic
*
* Populate template and display form for creating a new article entry. For POST requests,
* validate form data and save information to database. Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$form_errors = array();
$form_values = array("title" => "", "content" => "", "postDate" => "", "published" => "", "tags" => "");
$articleDAO = ArticleDAO::getInstance();
$tagDAO = ArticleTagDAO::getInstance();
if (!empty($_POST)) {
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["content"] = isset($_POST["content"]) ? trim($_POST["content"]) : "";
$form_values["postDate"] = isset($_POST["postDate"]) ? trim($_POST["postDate"]) : "";
$form_values["published"] = isset($_POST["published"]) ? trim($_POST["published"]) : "";
$form_values["tags"] = isset($_POST["tags"]) ? trim($_POST["tags"]) : "";
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["content"])) {
$form_errors["content"] = "No content specified";
}
if (empty($form_values["postDate"])) {
$form_errors["postDate"] = "No post date specified";
} else {
if (strtotime($_POST["postDate"]) == 0) {
$form_errors["postDate"] = "An invalid post date was specified";
$form_values["postDate"] = "";
}
}
if ($form_values["published"] != "true" && $form_values["published"] != "false") {
$form_errors["published"] = "Invalid published choice";
}
if (empty($form_errors)) {
$article = new Article();
$article->setTitle($form_values["title"]);
$article->setContent($form_values["content"]);
$article->setPostDate(strtotime($form_values["postDate"]));
$article->setUpdateDate(0);
$published = $form_values["published"] == "true" ? 1 : 0;
$article->setPublished($published);
$article->setUserId($user->id);
//$article->setTags ($form_values["tags"]);
$sorted_tag_array = ArticleTag::tagsFromString($form_values["tags"]);
$sorted_tags = implode(" ", $sorted_tag_array);
$article->setTags($sorted_tags);
if ($articleDAO->insert($article)) {
$tagDAO->updateTags($article);
$session->setMessage("Article details saved");
header("Location: edit_article.php?id={$article->id}");
return;
} else {
$session->setMessage("Article details could not be saved", Session::MESSAGE_ERROR);
}
}
}
$this->template->render(array("title" => "Create Article", "extra_header" => joinPath("headers", "jscal_header_tpl.php"), "main_page" => "create_article_tpl.php", "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values));
}
