/**
* To register new user
* Subject for validations (e.g username length)
**/
public function registration()
{
$username = Param::get('username');
$password = Param::get('pword');
$password_match = Param::get('pword_match');
$fname = Param::get('fname');
$lname = Param::get('lname');
$email = Param::get('email');
$registration = new Registration();
$login_info = array('username' => $username, 'user_password' => $password, 'fname' => $fname, 'lname' => $lname, 'email' => $email);
//To check if all keys are null
if (!array_filter($login_info)) {
$status = "";
} else {
try {
foreach ($login_info as $key => $value) {
if (!is_complete($value)) {
throw new ValidationException("Please fill up all fields");
}
}
if (!is_password_match($password, $password_match)) {
throw new ValidationException("Password did not match");
}
$info = $registration->userRegistration($login_info);
$status = notice("Registration Complete");
} catch (ExistingUserException $e) {
$status = notice($e->getMessage(), "error");
} catch (ValidationException $e) {
$status = notice($e->getMessage(), "error");
}
}
$this->set(get_defined_vars());
}
/**
* To view all comments on a particular thread.
**/
public function view()
{
$thread = Thread::get(Param::get('thread_id'));
$comments = $thread->getComments();
$user_name = $_SESSION['username'];
$this->set(get_defined_vars());
}
/**
* Delete Comment using Username
*/
public function delete()
{
$comment_id = Param::get('comment_id');
$comment = Comment::get(Param::get('comment_id'));
$page = Param::get('page_next', 'delete');
$status = "";
switch ($page) {
case 'delete':
break;
case 'delete_end':
try {
if (Param::get('reply') == 'no') {
redirect(url('thread/index'));
} else {
$comment->delete($_SESSION['username']);
}
} catch (ValidationException $e) {
$status = notify($e->getMessage(), "error");
$page = 'delete';
}
break;
default:
throw new PageNotFoundException("{$page} is not found");
break;
}
$this->set(get_defined_vars());
$this->render($page);
}
/**
* Updating profile, all info details can be retain
* Sessions are initial value in view (previous details)
*/
public function update()
{
if (!is_logged_in()) {
redirect(url('login/index'));
}
$user_id = User::getId($_SESSION['username']);
$user = User::get($user_id);
$_SESSION['fname'] = $user->fname;
$_SESSION['lname'] = $user->lname;
$_SESSION['email'] = $user->email;
$status = "";
if ($user_id) {
$user->username = Param::get('username');
$user->password = Param::get('password');
$user->fname = Param::get('fname');
$user->lname = Param::get('lname');
$user->email = Param::get('email');
if ($user->username) {
try {
$user->update($user_id, $_SESSION['username'], $_SESSION['email']);
$status = notify("Edit Success");
$_SESSION['username'] = $user->username;
} catch (AppException $e) {
$status = notify($e->getMessage(), 'error');
}
}
}
$this->set(get_defined_vars());
}
public function index()
{
$type = Param::get('type', self::TYPE_THREAD);
$query = trim_collapse(Param::get('query'));
$page = Param::get('page', 1);
$pagination = new SimplePagination($page, self::RESULTS_PERPAGE);
if (!$query) {
redirect(APP_URL);
}
$results = new stdClass();
switch ($type) {
case self::TYPE_THREAD:
$results = Thread::search($query, $pagination->start_index - 1, $pagination->count + 1);
// Get other info for each thread
foreach ($results->result as $thread) {
$thread->creator = User::getByID($thread->user_id);
$thread->category = Category::getName($thread->category_id);
$thread->replies_count = Comment::countAll($thread->id);
}
break;
case self::TYPE_COMMENT:
$results = Comment::search($query, $pagination->start_index - 1, $pagination->count + 1);
break;
case self::TYPE_USER:
$results = User::search($query, $pagination->start_index - 1, $pagination->count + 1);
break;
default:
throw new PageNotFoundException();
break;
}
$pagination->checkLastPage($results->result);
$pages = ceil($results->total_result / self::RESULTS_PERPAGE);
$title = "Search: '{$query}'";
$this->set(get_defined_vars());
}
public function create()
{
$thread = new Thread();
$comment = new Comment();
$page = Param::get('page_next', 'create');
switch ($page) {
case 'create':
break;
case 'create_end':
$thread->title = Param::get('title');
$comment->username = Param::get('username');
$comment->body = Param::get('body');
try {
$thread->create($comment);
} catch (ValidationException $e) {
$page = 'create';
}
break;
default:
throw new NotFoundException("{$page} is not found");
break;
}
$this->set(get_defined_vars());
$this->render($page);
}
public function delete()
{
redirect_guest_user(LOGIN_URL);
$id = Param::get('id');
$comment = Comment::get($id);
$auth_user = User::getAuthenticated();
$page = Param::get('page_next', 'delete');
if (!$comment->isAuthor($auth_user)) {
throw new PermissionException();
}
if ($comment->isThreadBody()) {
redirect(DELETE_THREAD_URL, array('id' => $comment->thread_id));
}
switch ($page) {
case 'delete':
break;
case 'delete_end':
$comment->delete();
redirect(VIEW_THREAD_URL, array('id' => $comment->thread_id));
break;
default:
throw new PageNotFoundException();
break;
}
$title = 'Delete comment';
$this->set(get_defined_vars());
}
function print_pagination($pagination, $pages)
{
$page = Param::get('page', 1);
echo '<ul class="pagination">';
// previous button
if ($pagination->current > 1) {
$url = url('', array('page' => $pagination->prev));
echo "<li><a href='{$url}'>«</a></li>";
} else {
echo "<li class='disabled'><a>«</a></li>";
}
// page numbers
for ($i = 1; $i <= $pages; $i++) {
if ($i == $page) {
echo "<li class='disabled'><a>{$i}</a></li>";
} else {
$url = url('', array('page' => $i));
echo "<li><a href='{$url}'>{$i}</a></li>";
}
}
// next button
if ($pagination->is_last_page) {
echo "<li class='disabled'><a>»</a></li>";
} else {
$url = url('', array('page' => $pagination->next));
echo "<li><a href='{$url}'>»</a></li>";
}
echo '</ul>';
}
public function redirect()
{
$follow = Follow::getOrFail(Param::get('id'));
$thread = Thread::get($follow->thread_id);
$last_comment_id = Comment::getLastIdInThread($thread);
$follow->last_comment = $last_comment_id;
$follow->update();
redirect(VIEW_THREAD_URL, array('id' => $thread->id, 'page' => ThreadController::LAST_PAGE));
}
public function next()
{
$q_id = Param::get('id');
$selection_id = Param::get('selection');
$question = Question::get();
$answer = Answer::get($q_id);
$this->set(['question' => $question, 'answer' => $answer, 'selection_id' => $selection_id]);
$this->render('index');
}
public function test_get()
{
$_REQUEST['foo'] = 200;
$this->assertEquals(200, Param::get('foo'));
$_REQUEST['foo'] = array('a', 'b');
$this->assertEquals(array('a', 'b'), Param::get('foo'));
$this->assertTrue(is_null(Param::get('bar')));
$this->assertEquals('default', Param::get('bar', 'default'));
}
public static function invoke()
{
list($controller_name, $action_name) = self::parseAction(Param::get(DC_ACTION));
$controller = self::getController($controller_name);
$controller->action = $action_name;
$controller->beforeFilter();
$controller->dispatchAction();
$controller->afterFilter();
echo $controller->output;
}
public function delete()
{
$thread_id = Param::get('thread_id');
$comment_id = Param::get('comment_id');
authorize_user_request($comment_id, self::AUTH_COMMENT_DELETE);
try {
Comment::delete($comment_id, $thread_id);
} catch (PDOException $e) {
$_SESSION['delete_error'] = true;
}
redirect(VIEW_COMMENT_PAGE, array('thread_id' => $thread_id));
}
/**
* 执行
*/
public static function run()
{
// 设定错误和异常处理
set_error_handler('IndexPHP::_error');
set_exception_handler('IndexPHP::_exception');
register_shutdown_function('IndexPHP::_shutdown');
// 定义常量
defined('PATH_APP') or define('PATH_APP', './app/');
defined('PATH_APP_CTRL') or define('PATH_APP_CTRL', PATH_APP . 'ctrl/');
defined('PATH_APP_VIEW') or define('PATH_APP_VIEW', PATH_APP . 'view/');
defined('PATH_APP_LIB') or define('PATH_APP_LIB', PATH_APP . 'lib/');
defined('PATH_APP_LOG') or define('PATH_APP_LOG', PATH_APP . 'log/');
defined('FILE_APP_CONF') or define('FILE_APP_CONF', PATH_APP . '/conf.php');
defined('FILE_APP_COMM') or define('FILE_APP_COMM', PATH_APP . '/common.php');
define('IS_POST', Param::server('REQUEST_METHOD') == 'POST' ? true : false);
define('HTTP_HOST', Param::server('HTTP_HOST'));
// 初始化框架
self::_init();
// 导入配置
Config::set(self::import(FILE_APP_CONF));
Config::get('ENABLE_SESSION') && session_start();
// 路由处理
$ca = explode('/', trim(Param::server('PATH_INFO', Config::get('DEFAULT_CTRL_ACTION')), '/'));
define('CTRL_NAME', strtolower(Param::get(Config::get('PARAM_CTRL', 'c'), !empty($ca[0]) ? $ca[0] : 'index')));
define('ACTION_NAME', strtolower(Param::get(Config::get('PARAM_ACTION', 'a'), !empty($ca[1]) ? $ca[1] : 'index')));
// URL参数按顺序绑定变量
preg_replace_callback('/(\\w+)\\/([^\\/]+)/', function ($match) {
$_GET[$match[1]] = strip_tags($match[2]);
}, trim(Param::server('PATH_INFO'), '/'));
// 导入控制器文件
if (!self::import(PATH_APP_CTRL . CTRL_NAME . Config::get('FILE_EXTENSION_CTRL', '.class.php'))) {
throw new Exception('没有控制器:' . CTRL_NAME);
}
// 控制器、方法名称变换处理
$c = self::camelize(CTRL_NAME) . Config::get('POSTFIX_CTRL', 'Controller');
$a = lcfirst(self::camelize(ACTION_NAME)) . Config::get('POSTFIX_ACTION', '');
// 控制器类判断是否存在
if (class_exists($c)) {
// 导入公共函数库
self::import(FILE_APP_COMM);
// 自动加载外部库
spl_autoload_register('self::_autoload');
// 调用控制器方法
call_user_func(array(new $c(), $a));
}
}
?>
<hr>
<form class="well" method="post" action="<?php
encode_quotes(url('thread/write'));
?>
">
<label>Your name</label>
<input type="text" class="span2" name="username" value="<?php
echo $_SESSION['username'];
?>
" disabled>
<label>Comment</label>
<textarea name="body"><?php
encode_quotes(Param::get('body'));
?>
</textarea>
<br/>
<input type="hidden" name="thread_id" value="<?php
encode_quotes($thread->id);
?>
">
<input type="hidden" name="page_next" value="write_end">
<div style="float:right; font-size:20px">←Back to All <a href="<?php
encode_quotes(url('thread/index'));
?>
">Threads</a><br></div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
<div>
<?php
$title = "Login";
?>
<div class='register' style='margin-top:100px'>
<center>
<form class="well" action='<?php
encode_quotes(url(''));
?>
' method='POST'>
<table border='0'>
<tr>
<td><label>Username </label></td><td><input type='text' name='login_name' value='<?php
encode_quotes(Param::get('login_name'));
?>
'></td></tr>
<tr><td><label>Password </label></td><td><input type='password' name='login_pword' value='<?php
encode_quotes(Param::get('login_pword'));
?>
'></td></tr>
<tr><td><button type="submit" style='width:100%'>Login</td>
<td><center>Register <a href='<?php
encode_quotes(url('user/registration'));
?>
'>Here</a></td></tr>
</tr>
</table>
</form>
</center>
</div>
<?php
echo $status;
<?php
//$this->widget('main.portlets.Console')
?>
<input type="hidden" id="current_url" value="<?php
echo base64_encode($_SERVER['REQUEST_URI']);
?>
">
<?php
echo $this->renderPartial('application.views.layouts.admin._modal');
?>
<header id="header">
<hgroup>
<h1 class="site_title" ><a href="/admin" style="margin-left: 20px"><?php
echo Param::get('project_name');
?>
</a></h1>
<h2 class="section_title" style="padding-left: 24px;"><?php
echo t($this->module->getName());
?>
</h2>
<div class="btn_view_site"><a href="/"><?php
echo t('На сайт');
?>
</a></div>
<div style="float: right;margin-right:20px">
<?php
<div class="row">
<div class="span8 offset2">
<h2>Editar la encuesta: "<?php
echo $poll->question;
?>
"</h2>
<?php
if (Param::get('answer_deleted') === 'true') {
?>
<div class="alert alert-success">La respuesta ha sido eliminada correctamente</div>
<?php
}
?>
<form action="<?php
echo Url::get('admin@edit');
?>
" method="POST">
<p>
<label for="question">Pregunta:</label>
<input type="text" name="question" id="question" value="<?php
echo $poll->question;
?>
" placeholder="¿Te gusta Justin Bieber?">
</p>
<p>
<label for="slug">Slug (utilizado en la url):</label>
<input type="text" name="slug" id="slug" value="<?php
echo $poll->slug;
?>
" placeholder="NO-te-gusta-justin-bieber">
</p>
$path = substr($path, strlen(BASE_ABSOLUTE_URL));
}
$path_array = array_filter(explode('/', $path));
$controller = array_shift($path_array);
$action = array_shift($path_array);
$args = $path_array;
// Forzar las urls para una barra
if ($path[strlen($path) - 1] !== '/') {
Redirect::to(Url::get($controller . '@' . $action, $args, isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : null));
}
unset($path_array);
unset($path);
} else {
$controller = Param::get('c');
$action = Param::get('action');
$args = Param::get('params');
if ($args) {
$args = array_filter(explode(';', $args));
}
}
/*
* Comprobación home
*/
if (!$controller) {
$controller = 'home';
}
if (!$action) {
$action = 'index';
}
if (!$args) {
$args = array();
public function delete()
{
redirect_guest_user(LOGIN_URL);
$page = Param::get('page_next', 'delete');
$thread = Thread::get(Param::get('id'));
$auth_user = User::getAuthenticated();
if (!$thread->isAuthor($auth_user)) {
throw new PermissionException();
}
switch ($page) {
case 'delete':
break;
case 'delete_end':
$thread->delete();
redirect(LIST_THREADS_URL);
break;
default:
break;
}
$title = 'Delete thread';
$this->set(get_defined_vars());
}
public static function countAll()
{
$db = DB::conn();
$id = Param::get('thread_id');
return $db->value("SELECT COUNT(*) FROM comment WHERE thread_id = ?", array($id));
}
</div>
</div>
<?php
}
?>
<!--FORM to Update Thread -->
<form class = "body" method = "post" action = "<?php
entities(url(''));
?>
">
<div id ="leftcolumn" style="min-height: 50px;"><br />
<label> Edit Title </label>
<input type = "text" class = "span8" name = "title" value = "<?php
entities(Param::get('title'));
?>
" placeholder = "New Title">
<br /><br />
<div style = "color: #0080FF">
<font size = "5"><?php
echo entities($_SESSION['username']);
?>
</font>
</div><br />
<br />
<input type = "submit" name = "submit" value = "Submit" class = "btn-large btn-primary"><br />
<a href = "<?php
entities(url('thread/index'));
?>
">
<li><a href="?thread_id=<?php echo $thread->id ?>
&page=<?php echo $i ?>"?><?php echo $i ?>
</a></li>
<?php endif ?>
<?php endfor ?>
<?php if(!$pagination->is_last_page): ?>
<li><a href="?thread_id=<?php echo $thread->id ?>
&page=<?php echo $pagination->next ?>">Next</a></li>
<?php else: ?>
<li class="disabled"><a href="#">Next</a></li>
<?php endif ?>
</ul>
</nav>
</div>
<?php endif ?>
</div>
</div>
<form class="well" method="post" action="<?php encode_quotes(url('comment/write')) ?>">
<div class="form-group">
<label for="comment">Comment</label>
<textarea id="comment" name="body" class="form-control"><?php encode_quotes(Param::get('body')) ?></textarea>
</div>
<input type="hidden" name="thread_id" value="<?php encode_quotes($thread->id) ?>">
<input type="hidden" name="page_next" value="write_end">
<div class="form-group">
<button type="submit" class="btn btn-primary">Comment</button>
</div>
</form>
function confirm_password($check)
{
$password = Param::get('password');
return $check === $password;
}
<input class='u-full-width' type="text" name="first_name" id="first_name" value="<?php
eh(Param::get('first_name'));
?>
">
</div>
<div class="six columns">
<label for="last_name">Last name</label>
<input class='u-full-width' type="text" name="last_name" id="last_name" value="<?php
eh(Param::get('last_name'));
?>
">
</div>
</div>
<label for="email">Email</label>
<input class='u-full-width' type="email" name="email" id="email" value="<?php
eh(Param::get('email'));
?>
">
<div class="row">
<div class="six columns">
<label for="password">Password</label>
<input class='u-full-width' type="password" name="password" id="password">
</div>
<div class="six columns">
<label for="password_confirm">Confirm Password</label>
<input class='u-full-width' type="password" name="password_confirm" id="password_confirm">
</div>
</div>
<input type="hidden" name="page_next" value="create_end">
<button class='btn btn-primary' type="submit">Register</button> or
<a href="<?php
<div class="row">
<div class="span8 offset2">
<?php
if ($id = Param::get('success')) {
$message = "La encuesta ha sido %s. <a href=\"%s\">Verla</a>";
?>
<div class="alert alert-success"><?php
printf($message, Param::get('updated') == 'true' ? 'actualizada' : 'creada', Url::get('vote', $id));
?>
</div>
<?php
}
unset($id);
unset($message);
?>
<section class="span5 pull-left">
<h2>Selecciona una encuesta</h2>
<ul>
<?php
foreach (Poll::all() as $poll) {
?>
<li class="poll poll-<?php
echo $poll->id;
?>
">
<a href="<?php
echo Url::get('admin@edit', $poll->id);
?>
" title="<?php
echo $poll->question;
?>
public function edit()
{
$process = Param::get('process', 'edit');
$user = new User();
switch ($process) {
case self::EDIT_ACCOUNT:
$user->id = get_authenticated_user_id($_SESSION['userid']);
$user->fname = Param::get('firstname');
$user->lname = Param::get('lastname');
$user->new_username = Param::get('username');
$user->new_email = Param::get('email');
try {
$user->updateAccount();
$_SESSION['username'] = $user->new_username;
$user->editSuccess = true;
} catch (ValidationException $e) {
}
break;
case self::EDIT_PROFILE:
$user->id = get_authenticated_user_id($_SESSION['userid']);
$user->company = Param::get('company');
$user->division = Param::get('division');
$user->specialization = Param::get('specialization');
try {
$user->updateProfile();
$user->editSuccess = true;
} catch (ValidationException $e) {
}
break;
case self::EDIT_PASSWORD:
$user->id = get_authenticated_user_id($_SESSION['userid']);
//set username and old password to password
//property to authenticate user
$user->username = $_SESSION['username'];
$user->password = htmlentities(Param::get('oldPassword'));
if (!$user->isRegistered()) {
$user->validation_errors['notAuthorized']['authenticate'] = true;
break;
}
//Unset username so it won't be included in validation
unset($user->username);
$user->password = htmlentities(Param::get('password'));
$user->confirmpassword = htmlentities(Param::get('confirmPassword'));
try {
$user->updatePassword();
$user->editSuccess = true;
} catch (ValidationException $e) {
}
break;
case self::EDIT_PICTURE:
$user = new User();
$target_directory = "bootstrap/img/users/" . $_SESSION['username'];
try {
if (file_exists($file_tmp = $_FILES['picture']['tmp_name'])) {
$finfo = new finfo(FILEINFO_MIME_TYPE);
if (false === ($file_extension = array_search($finfo->file($_FILES['picture']['tmp_name']), $this->mime_types, true))) {
throw new PictureFormatException("Invalid file format.");
}
$user_profile = glob("bootstrap/img/users/" . $_SESSION['username'] . ".*");
if ($user_profile) {
foreach ($user_profile as $picture) {
exec("rm {$picture}");
}
}
if (!move_uploaded_file($_FILES['picture']['tmp_name'], $target_directory . "." . $file_extension)) {
throw new FileNotFound("File not found.");
}
} else {
throw new FileNotFound('File not found.');
}
$user->editSuccess = true;
} catch (FileNotFound $e) {
$_SESSION['upload_error'] = true;
} catch (PictureFormatException $e) {
$_SESSION['upload_error'] = true;
}
break;
case self::EDIT_PAGE:
$user->id = $_SESSION['userid'];
break;
}
$user->getProfile();
$this->set(get_defined_vars());
}
}
if (Param::get('poll_already_voted') == 'true') {
?>
<div class="message message--error">
Ya has votado esta encuesta en otra ocasión
</div>
<?php
}
if (Param::get('vote_error') == 'true') {
?>
<div class="message message--error">
Ha habido un error con tu voto: ¿Seguro que has escogido alguna respuesta?
</div>
<?php
}
if (Param::get('voted') == 'true') {
?>
<div class="message message--success">
Hey! Tu voto ha sido registrado correctamente.
</div>
<?php
}
?>
<div class="poll poll--single poll--view poll-<?php
echo $poll->id;
?>
" id="poll-<?php
echo $poll->id;
?>
">
</div>
</div>
<?php
}
?>
<hr>
<form id="myform" class="well" method="post" action="<?php
eh(url('thread/write'));
?>
">
<label>Your name</label>
<input type="text" class="span2" name="username" value="<?php
eh(Param::get('username'));
?>
" required />
<label>Comment</label>
<textarea name="body" class="required"><?php
eh(Param::get('body'));
?>
</textarea>
<br />
<input type="hidden" name="thread_id" value="<?php
eh($thread->id);
?>
">
<input type="hidden" name="page_next" value="write_end">
<button type="submit" class="btn btn-primary">Submit</button>
</form>
<a class="btn btn-large btn-primary" href="/thread/index">back</a>
?>
</div>
</div>
<?php
}
?>
<!--FORM to add Comments-->
<div id = "box">
<form class = "well" method = "post" action = "<?php
entities(url(''));
?>
">
<div style = "color:#0080FF"><?php
echo entities($_SESSION['username']);
?>
</div><br />
<label> Post a reply: </label>
<textarea name = "body" class = "span10" style = "height: 300px"><?php
entities(Param::get('body'));
?>
</textarea><br />
<input type = "hidden" name = "thread_id" value = "<?php
entities($thread->id);
?>
">
<input type = "hidden" name = "page_next" value = "write_end">
<button type = "submit" class = "btn btn-primary"> Submit </button>
</form>
</div>
