/**
* Get the jambo form
*/
public function get_jambo_form($attrs, $context = null)
{
// borrow default values from the comment forms
$commenter_name = '';
$commenter_email = '';
$commenter_url = '';
$commenter_content = '';
$user = User::identify();
if (isset($_SESSION['comment'])) {
$details = Session::get_set('comment');
$commenter_name = $details['name'];
$commenter_email = $details['email'];
$commenter_url = $details['url'];
$commenter_content = $details['content'];
} elseif ($user->loggedin) {
$commenter_name = $user->displayname;
$commenter_email = $user->email;
$commenter_url = Site::get_url('habari');
}
// Process settings from shortcode and database
$settings = array('subject' => Options::get('jambo__subject'), 'send_to' => Options::get('jambo__send_to'), 'success_message' => Options::get('jambo__success_msg', 'Thank you contacting me. I\'ll get back to you as soon as possible.'));
$settings = array_merge($settings, $attrs);
// Now start the form.
$form = new FormUI('jambo');
// $form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) );
// Create the Name field
$form->append('text', 'jambo_name', 'null:null', _t('Name'), 'formcontrol_text')->add_validator('validate_required', _t('Your Name is required.'))->id = 'jambo_name';
$form->jambo_name->tabindex = 1;
$form->jambo_name->value = $commenter_name;
// Create the Email field
$form->append('text', 'jambo_email', 'null:null', _t('Email'), 'formcontrol_text')->add_validator('validate_email', _t('Your Email must be a valid address.'))->id = 'jambo_email';
$form->jambo_email->tabindex = 2;
$form->jambo_email->caption = _t('Email');
$form->jambo_email->value = $commenter_email;
// Create the Subject field, if requested
if (self::ask_subject($settings['subject'])) {
$form->append('text', 'jambo_subject', 'null:null', _t('Subject'), 'formcontrol_text')->id = 'jambo_subject';
$form->jambo_subject->tabindex = 32;
}
// Create the Message field
$form->append('text', 'jambo_message', 'null:null', _t('Message', 'jambo'), 'formcontrol_textarea')->add_validator('validate_required', _t('Your message cannot be blank.', 'jambo'))->id = 'jambo_message';
$form->jambo_message->tabindex = 4;
// Create the Submit button
$form->append('submit', 'jambo_submit', _t('Submit'), 'formcontrol_submit');
$form->jambo_submit->tabindex = 5;
// Set up form processing
$form->on_success(array($this, 'process_jambo'), $settings);
Plugins::act('jambo_build_form', $form, $this);
// Allow modification of form
// Return the form object
return $form;
}
/**
* Verifies user credentials before creating the theme and displaying the request.
*/
public function __construct()
{
$user = User::identify();
if ( !$user->loggedin ) {
Session::add_to_set( 'login', $_SERVER['REQUEST_URI'], 'original' );
if ( URL::get_matched_rule()->action == 'admin_ajax' && isset( $_SERVER['HTTP_REFERER'] ) ) {
$ar = new AjaxResponse(408, _t('Your session has ended, please log in and try again.') );
$ar->out();
}
else {
$post_raw = $_POST->get_array_copy_raw();
if ( !empty( $post_raw ) ) {
Session::add_to_set( 'last_form_data', $post_raw, 'post' );
Session::error( _t( 'We saved the last form you posted. Log back in to continue its submission.' ), 'expired_form_submission' );
}
$get_raw = $_GET->get_array_copy_raw();
if ( !empty( $get_raw ) ) {
Session::add_to_set( 'last_form_data', $get_raw, 'get' );
Session::error( _t( 'We saved the last form you posted. Log back in to continue its submission.' ), 'expired_form_submission' );
}
Utils::redirect( URL::get( 'auth', array( 'page' => 'login' ) ) );
}
exit;
}
$last_form_data = Session::get_set( 'last_form_data' ); // This was saved in the "if ( !$user )" above, UserHandler transferred it properly.
/* At this point, Controller has not created handler_vars, so we have to modify $_POST/$_GET. */
if ( isset( $last_form_data['post'] ) ) {
$_POST = $_POST->merge( $last_form_data['post'] );
$_SERVER['REQUEST_METHOD'] = 'POST'; // This will trigger the proper act_admin switches.
Session::remove_error( 'expired_form_submission' );
}
if ( isset( $last_form_data['get'] ) ) {
$_GET = $_GET->merge( $last_form_data['get'] );
Session::remove_error( 'expired_form_submission' );
// No need to change REQUEST_METHOD since GET is the default.
}
$user->remember();
// Create an instance of the active public theme so that its plugin functions are implemented
$this->active_theme = Themes::create();
// setup the stacks for javascript in the admin - it's a method so a plugin can call it externally
self::setup_stacks();
// on every page load check the plugins currently loaded against the list we last checked for updates and trigger a cron if we need to
Update::check_plugins();
}
public function loginform_do_login($form)
{
$name = $form->habari_username->value;
$pass = $form->habari_password->value;
if (null != $name || null != $pass) {
$user = User::authenticate($name, $pass);
if ($user instanceof User && $user != false) {
$userinfo = $user->info;
// if there's an unused password reset token, unset it to make sure there's no possibility of a compromise that way
if (isset($userinfo->password_reset)) {
unset($userinfo->password_reset);
}
/* Successfully authenticated. */
// Timestamp last login date and time.
$user->info->authenticate_time = DateTime::create()->format('Y-m-d H:i:s');
$user->update();
// Remove left over expired session error message.
if (Session::has_errors('expired_session')) {
Session::remove_error('expired_session');
}
$login_session = Session::get_set('login');
if (!empty($login_session)) {
/* Now that we know we're dealing with the same user, transfer the form data so he does not lose his request */
if (!empty($login_session['post_data'])) {
Session::add_to_set('last_form_data', $last_form_data['post'], 'post');
}
if (!empty($login_session['get_data'])) {
Session::add_to_set('last_form_data', $last_form_data['get'], 'get');
}
// don't bother parsing out the URL, we store the URI that was requested, so just append that to the hostname and we're done
$login_dest = Site::get_url('host') . $login_session['original'];
} else {
$login_session = null;
$login_dest = Site::get_url('admin');
}
// filter the destination
$login_dest = Plugins::filter('login_redirect_dest', $login_dest, $user, $login_session);
// finally, redirect to the destination
Utils::redirect($login_dest);
return true;
}
/* Authentication failed. */
// Remove submitted password, see, we're secure!
$form->habari_password->value = '';
$this->handler_vars['error'] = _t('Bad credentials');
}
}
/**
* Verifies user credentials before creating the theme and displaying the request.
*/
public function __construct()
{
$user = User::identify();
if (!$user->loggedin) {
Session::add_to_set('login', $_SERVER['REQUEST_URI'], 'original');
if (URL::get_matched_rule()->name == 'admin_ajax' && isset($_SERVER['HTTP_REFERER'])) {
header('Content-Type: text/javascript;charset=utf-8');
echo '{callback: function(){location.href="' . $_SERVER['HTTP_REFERER'] . '"} }';
} else {
$post_raw = $_POST->get_array_copy_raw();
if (!empty($post_raw)) {
Session::add_to_set('last_form_data', $post_raw, 'post');
Session::error(_t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission');
}
$get_raw = $_GET->get_array_copy_raw();
if (!empty($get_raw)) {
Session::add_to_set('last_form_data', $get_raw, 'get');
Session::error(_t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission');
}
Utils::redirect(URL::get('auth', array('page' => 'login')));
}
exit;
}
$last_form_data = Session::get_set('last_form_data');
// This was saved in the "if ( !$user )" above, UserHandler transferred it properly.
/* At this point, Controller has not created handler_vars, so we have to modify $_POST/$_GET. */
if (isset($last_form_data['post'])) {
$_POST = $_POST->merge($last_form_data['post']);
$_SERVER['REQUEST_METHOD'] = 'POST';
// This will trigger the proper act_admin switches.
Session::remove_error('expired_form_submission');
}
if (isset($last_form_data['get'])) {
$_GET = $_GET->merge($last_form_data['get']);
Session::remove_error('expired_form_submission');
// No need to change REQUEST_METHOD since GET is the default.
}
$user->remember();
// Create an instance of the active public theme so that its plugin functions are implemented
$this->active_theme = Themes::create();
// setup the stacks for javascript in the admin - it's a method so a plugin can call it externally
self::setup_stacks();
}
/**
* Log the entry page view, when appropriate.
*
*/
public function action_add_template_vars($theme, $handler_vars)
{
// If there is only one post
if ($theme->post instanceof Post && count($theme->posts) == 1) {
// Only track users that aren't logged in, unless specifically overridden
if (!User::identify()->loggedin || Options::get('relativelypopular__loggedintoo')) {
$set = Session::get_set('relativelypopular', false);
$post = $theme->post;
// this code is actually executed about 9 times per page request on my system,
// so this check here is essential otherwise we bias the results by a factor of 9
if (!in_array($post->id, $set)) {
// load fields
$visits = $post->info->visits;
$visits_activity = $post->info->visits_activity;
// check if fields currently exist and contain the requsite valid data, otherwise reinitalise
if ($visits_activity == null || count(explode('#', $visits_activity)) != 2 * $this->n_periods) {
$visits_activity = implode('#', array_fill(0, 2 * $this->n_periods, 0));
}
$activity = explode('#', $visits_activity);
if (!array_key_exists($this->now, $activity)) {
$activity += array($this->now => 0);
}
// increment the quantity for the period we're currently in and blank the $n_periods fields following it
$activity[$this->now] += 1;
for ($i = 1; $i <= $this->n_periods; $i++) {
$next = ($this->day + $i) % (2 * $this->n_periods);
if (!array_key_exists($next, $activity)) {
$activity += array($next => 0);
}
$activity[$next] = 0;
}
// evaluate the total hits for this time period and store it along with the activity trace
$post->info->visits = array_sum($activity);
$post->info->visits_activity = implode('#', $activity);
$post->info->commit();
Session::add_to_set('relativelypopular', $post->id);
}
}
}
if (!isset($theme->RelativelyPopular)) {
$theme->RelativelyPopular = $this;
}
}
public function get_jambo_form()
{
// borrow default values from the comment forms
$commenter_name = '';
$commenter_email = '';
$commenter_url = '';
$commenter_content = '';
$user = User::identify();
if (isset($_SESSION['comment'])) {
$details = Session::get_set('comment');
$commenter_name = $details['name'];
$commenter_email = $details['email'];
$commenter_url = $details['url'];
$commenter_content = $details['content'];
} elseif ($user->loggedin) {
$commenter_name = $user->displayname;
$commenter_email = $user->email;
$commenter_url = Site::get_url('habari');
}
// Now start the form.
$form = new FormUI('jambo');
// $form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) );
// Create the Name field
$form->append('text', 'jambo_name', 'null:null', _t('Name'), 'formcontrol_text')->add_validator('validate_required', _t('Your Name is required.'))->id = 'jambo_name';
$form->jambo_name->tabindex = 1;
$form->jambo_name->value = $commenter_name;
// Create the Email field
$form->append('text', 'jambo_email', 'null:null', _t('Email'), 'formcontrol_text')->add_validator('validate_email', _t('Your Email must be a valid address.'))->id = 'jambo_email';
$form->jambo_email->tabindex = 2;
$form->jambo_email->caption = _t('Email');
$form->jambo_email->value = $commenter_email;
// Create the Message field
$form->append('text', 'jambo_message', 'null:null', _t('Message', 'jambo'), 'formcontrol_textarea')->add_validator('validate_required', _t('Your message cannot be blank.', 'jambo'))->id = 'jambo_message';
$form->jambo_message->tabindex = 4;
// Create the Submit button
$form->append('submit', 'jambo_submit', _t('Submit'), 'formcontrol_submit');
$form->jambo_submit->tabindex = 5;
// Set up form processing
$form->on_success(array($this, 'process_jambo'));
// Return the form object
return $form;
}
/**
* Log the entry page view, when appropriate.
*
*/
public function action_add_template_vars($theme, $handler_vars)
{
// If there is only one post
if ($theme->post instanceof Post && count($theme->posts) == 1) {
// Only track users that aren't logged in, unless specifically overridden
if (!User::identify()->loggedin || Options::get('popular_posts__loggedintoo')) {
$set = Session::get_set('popular_posts', false);
$post = $theme->post;
if (!in_array($post->id, $set)) {
$views = $post->info->views;
if ($views == null) {
$views = 0;
}
$views += 1;
$post->info->views = $views;
$post->info->commit();
Session::add_to_set('popular_posts', $post->id);
}
}
}
}
/**
* Set the default value of this control from options or userinfo if the default value isn't explicitly set on creation
*/
protected function get_default()
{
// Get the default value from Options/UserInfo if it's not set explicitly
if ( empty( $this->default ) ) {
if ( $this->storage instanceof FormStorage ) {
$type = 'formstorage';
}
else {
$storage = explode( ':', $this->storage, 2 );
switch ( count( $storage ) ) {
case 2:
list( $type, $location ) = $storage;
break;
case 1:
list( $location ) = $storage;
$type = 'option';
break;
default:
return $this->default;
}
}
switch ( $type ) {
case 'user':
$this->default = User::identify()->info->{$location};
break;
case 'option':
$this->default = Options::get( $location );
break;
case 'action':
$this->default = Plugins::filter( $location, '', $this->name, false );
break;
case 'session';
$session_set = Session::get_set( $location, false );
if ( isset( $session_set[$this->name] ) ) {
$this->default = $session_set[$this->name];
}
break;
case 'formstorage':
$this->default = $this->storage->field_load( $this->name );
break;
case 'null':
break;
}
}
return $this->default;
}
/**
* Produce a basic FormStorage implementation from a classic storage string
* @param string $value A classic storage string, such as "option:someoption" or "user:age"
* @return ControlStorage An instance of an object that will save and load to the indicated location
*/
public static function from_storage_string($value)
{
$storage = explode(':', $value, 2);
switch (count($storage)) {
case 2:
list($type, $location) = $storage;
break;
case 1:
list($location) = $storage;
$type = 'option';
break;
default:
// @todo Figure this case out
$location = '__';
$type = '__';
break;
}
switch ($type) {
case 'user':
$loader = function ($name) {
return User::identify()->info->{$name};
};
$saver = function ($name, $value) {
User::identify()->info->{$name} = $value;
Session::queue(User::identify());
};
break;
case 'option':
$loader = function ($name) use($location) {
return Options::get($location);
};
$saver = function ($name, $value) use($location) {
Options::set($location, $value);
};
break;
case 'action':
$loader = function ($name) use($location) {
return Plugins::filter($location, '', $name, false);
};
$saver = function ($name, $value) use($location) {
Plugins::act($location, $value, $name, true);
};
break;
case 'session':
$loader = function ($name) use($location) {
$session_set = Session::get_set($location, false);
if (isset($session_set[$name])) {
return $session_set[$name];
}
return null;
};
$saver = function ($name, $value) use($location) {
Session::add_to_set($location, $value, $name);
};
break;
default:
$loader = function () {
};
$saver = function () {
};
break;
}
return new ControlStorage($loader, $saver);
}
<div class="comments">
<h2 id="respond" class="reply">Leave a Reply</h2>
<?php
$class = '';
$cookie = 'comment_' . Options::get('GUID');
$commenter_name = '';
$commenter_email = '';
$commenter_url = '';
if ($user) {
$commenter_name = $user->username;
$commenter_email = $user->email;
$commenter_url = Site::get_url('habari');
} elseif (isset($_COOKIE[$cookie])) {
list($commenter_name, $commenter_email, $commenter_url) = explode('#', $_COOKIE[$cookie]);
} elseif (isset($_SESSION['comment'])) {
$details = Session::get_set('comment');
$commenter_name = $details['name'];
$commenter_email = $details['email'];
$commenter_url = $details['url'];
}
if (Session::has_errors()) {
Session::messages_out();
}
?>
<br>
<form action="<?php
URL::out('submit_feedback', array('id' => $post->id));
?>
" method="post" id="commentform">
<div id="comment-personaldetails">
<p>
public function action_handler_mollom_fallback(SuperGlobal $handler_vars)
{
$comment = Session::get_set('mollom');
if (isset($comment['comment'])) {
Plugins::act('mollom_fallback', $handler_vars, $comment['comment']);
} else {
die(_t('Sorry, we could not procces your comment.', 'mollom'));
}
}
$().ajaxSend(function(r,s){
$("#contentLoading").show();
});
$().ajaxStop(function(r,s){
$("#contentLoading").fadeOut("fast");
});
</script>
<?php
if (Session::get_set('votes', false)) {
?>
<script type="text/javascript">
lockdown()
getresults()
</script>
<?php
}
?>
</div>
/**
* Helper function: Display a post
* @param array $user_filters Additional arguments used to get the page content
*/
public function act_display_post($user_filters = array())
{
$paramarray['fallback'] = array('{$type}.{$id}', '{$type}.{$slug}', '{$type}.tag.{$posttag}', '{$type}.single', '{$type}.multiple', 'single', 'multiple');
// Does the same as a Post::get()
$default_filters = array('fetch_fn' => 'get_row', 'limit' => 1);
// Remove the page from filters.
$page_key = array_search('page', $this->valid_filters);
unset($this->valid_filters[$page_key]);
$paramarray['user_filters'] = array_merge($default_filters, $user_filters);
// Handle comment submissions and default commenter id values
$cookie = 'comment_' . Options::get('GUID');
$commenter_name = '';
$commenter_email = '';
$commenter_url = '';
$commenter_content = '';
$user = User::identify();
if (isset($_SESSION['comment'])) {
$details = Session::get_set('comment');
$commenter_name = $details['name'];
$commenter_email = $details['email'];
$commenter_url = $details['url'];
$commenter_content = $details['content'];
} elseif ($user->loggedin) {
$commenter_name = $user->displayname;
$commenter_email = $user->email;
$commenter_url = Site::get_url('habari');
} elseif (isset($_COOKIE[$cookie])) {
list($commenter_name, $commenter_email, $commenter_url) = explode('#', $_COOKIE[$cookie]);
}
$this->commenter_name = $commenter_name;
$this->commenter_email = $commenter_email;
$this->commenter_url = $commenter_url;
$this->commenter_content = $commenter_content;
$this->comments_require_id = Options::get('comments_require_id');
return $this->act_display($paramarray);
}
/**
* Remove an addon-version-combination from the session and therefore from the cart
* After removing, redirect to the overview page for that type of addon
*/
public function theme_route_remove_from_cart($theme, $params)
{
$oldlist = Session::get_set("addon_cart");
for ($i = 0; $i < count($oldlist); $i++) {
if ($i == $params["index"]) {
Session::notice(_t("You removed %s v%s for Habari %s from your cart.", array("<a href='" . $oldlist[$i]["permalink"] . "'>" . $oldlist[$i]["name"] . "</a>", $oldlist[$i]["version"], $oldlist[$i]["habari_version"]), "addon_catalog"));
$type = $oldlist[$i]["type"];
continue;
}
Session::add_to_set("addon_cart", $oldlist[$i]);
}
Utils::redirect(URL::get("display_addons", array('addon' => $type)));
}
/**
* Manage this post's comment form
*
* @param String context // What is $context for ?
* @return FormUI The comment form for this post
*/
public function comment_form( $context = 'public' )
{
// Handle comment submissions and default commenter id values
$cookie = 'comment_' . Options::get( 'GUID' );
$commenter_name = '';
$commenter_email = '';
$commenter_url = '';
$commenter_content = '';
$user = User::identify();
if ( isset( $_SESSION['comment'] ) ) {
$details = Session::get_set( 'comment' );
$commenter_name = $details['name'];
$commenter_email = $details['email'];
$commenter_url = $details['url'];
$commenter_content = $details['content'];
}
elseif ( $user->loggedin ) {
$commenter_name = $user->displayname;
$commenter_email = $user->email;
$commenter_url = Site::get_url( 'habari' );
}
elseif ( isset( $_COOKIE[$cookie] ) ) {
// limit to 3 elements so a # in the URL stays appended
$commenter = explode( '#', $_COOKIE[ $cookie ], 3 );
// make sure there are always at least 3 elements
$commenter = array_pad( $commenter, 3, null );
list( $commenter_name, $commenter_email, $commenter_url ) = $commenter;
}
// Now start the form.
$form = new FormUI( 'comment-' . $context, 'comment' );
$form->class[] = $context;
$form->class[] = 'commentform';
$form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) );
// Create the Name field
$form->append(
'text',
'cf_commenter',
'null:null',
_t( 'Name <span class="required">*Required</span>' ),
'formcontrol_text'
)->add_validator( 'validate_required', _t( 'The Name field value is required' ) )
->id = 'comment_name';
$form->cf_commenter->tabindex = 1;
$form->cf_commenter->value = $commenter_name;
// Create the Email field
$form->append(
'text',
'cf_email',
'null:null',
_t( 'Email' ),
'formcontrol_text'
)->add_validator( 'validate_email', _t( 'The Email field value must be a valid email address' ) )
->id = 'comment_email';
$form->cf_email->tabindex = 2;
if ( Options::get( 'comments_require_id' ) == 1 ) {
$form->cf_email->add_validator( 'validate_required', _t( 'The Email field value must be a valid email address' ) );
$form->cf_email->caption = _t( 'Email <span class="required">*Required</span>' );
}
$form->cf_email->value = $commenter_email;
// Create the URL field
$form->append(
'text',
'cf_url',
'null:null',
_t( 'Website' ),
'formcontrol_text'
)->add_validator( 'validate_url', _t( 'The Web Site field value must be a valid URL' ) )
->id = 'comment_url';
$form->cf_url->tabindex = 3;
$form->cf_url->value = $commenter_url;
// Create the Comment field
$form->append(
'text',
'cf_content',
'null:null',
_t( 'Comment' ),
'formcontrol_textarea'
)->add_validator( 'validate_required', _t( 'The Content field value is required' ) )
->id = 'comment_content';
$form->cf_content->tabindex = 4;
$form->cf_content->value = $commenter_content;
// Create the Submit button
$form->append( 'submit', 'cf_submit', _t( 'Submit' ), 'formcontrol_submit' );
$form->cf_submit->tabindex = 5;
// Add required hidden controls
/*
$form->append( 'hidden', 'content_type', 'null:null' );
$form->content_type->value = $this->content_type;
$form->append( 'hidden', 'post_id', 'null:null' );
$form->post_id->id = 'id';
$form->post_id->value = $this->id;
$form->append( 'hidden', 'slug', 'null:null' );
$form->slug->value = $this->slug;
*/
// Let plugins alter this form
Plugins::act( 'form_comment', $form, $this, $context );
// Return the form object
return $form;
}
/**
* Either just display the login form; or check a user's credentials, and
* create a session for them; or handle a password reset request.
*/
public function act_login()
{
// If we're a reset password request, do that.
if (isset($_POST['submit_button']) && $_POST['submit_button'] === _t('Reset password')) {
Utils::check_request_method(array('POST'));
$name = $this->handler_vars['habari_username'];
if ($name !== NULL) {
if (!is_numeric($name) && ($user = User::get($name))) {
$hash = Utils::random_password();
$user->info->password_reset = md5($hash);
$user->info->commit();
$message = _t('Please visit %1$s to reset your password.', array(URL::get('user', array('page' => 'password_reset', 'id' => $user->id, 'hash' => $hash))));
Utils::mail($user->email, _t('[%1$s] Password reset request for %2$s', array(Options::get('title'), $user->displayname)), $message);
}
// Moving this inside the check for user existence would allow attackers to test usernames, so don't
Session::notice(_t('A password reset request has been sent to the user.'));
}
} else {
Utils::check_request_method(array('GET', 'HEAD', 'POST'));
$name = $_POST['habari_username'];
$pass = $_POST['habari_password'];
if (NULL != $name || NULL != $pass) {
$user = User::authenticate($name, $pass);
if ($user instanceof User && FALSE != $user) {
/* Successfully authenticated. */
// Timestamp last login date and time.
$user->info->authenticate_time = date('Y-m-d H:i:s');
$user->update();
// Remove left over expired session error message.
if (Session::has_errors('expired_session')) {
Session::remove_error('expired_session');
}
$login_session = Session::get_set('login');
if (!empty($login_session)) {
/* Now that we know we're dealing with the same user, transfer the form data so he does not lose his request */
if (!empty($login_session['post_data'])) {
Session::add_to_set('last_form_data', $last_form_data['post'], 'post');
}
if (!empty($login_session['get_data'])) {
Session::add_to_set('last_form_data', $last_form_data['get'], 'get');
}
/* Redirect to the correct admin page */
$dest = explode('/', MultiByte::substr($login_session['original'], MultiByte::strpos($login_session['original'], 'admin/')));
if ('' == $dest[0]) {
$login_dest = Site::get_url('admin');
} else {
// Replace '?' with '&' in $dest[1] before call URL::get()
// Therefore calling URL::get() with a query string
$dest[1] = str_replace('?', '&', $dest[1]);
$login_dest = URL::get('admin', 'page=' . $dest[1]);
}
} else {
$login_session = null;
$login_dest = Site::get_url('admin');
}
// filter the destination
$login_dest = Plugins::filter('login_redirect_dest', $login_dest, $user, $login_session);
// finally, redirect to the destination
Utils::redirect($login_dest);
return TRUE;
}
/* Authentication failed. */
// Remove submitted password, see, we're secure!
$_POST['habari_password'] = '';
$this->handler_vars['error'] = _t('Bad credentials');
}
}
// Display the login form.
$this->login_form($name);
}
$content->checkout_form->out();
}
?>
<hr>
</div>
<?php
if (count(Session::get_set("addon_cart", false)) == 0) {
?>
<div class="empty_cart">Your cart is empty</div>
<?php
} else {
?>
<div id="cart_downloads">
<ul>
<?php
foreach (Session::get_set("addon_cart", false) as $index => $c) {
?>
<li>
<span><i class="icon-<?php
echo $c["type"];
?>
"><?php
echo AddonCatalogPlugin::get_type_icon($c["type"]);
?>
</i></span>
<span><a href="<?php
echo $c["permalink"];
?>
"><?php
echo $c["name"];
?>
public function filter_post_content($content, Post $post)
{
if ($post->info->password) {
// if user logged in, show post
// make sure it's not just the anonymous user!
$user = User::identify();
if ($user instanceof User && $user != User::anonymous()) {
return $content;
}
$session = Session::get_set('post_passwords', false);
$token = Utils::crypt('42' . $post->info->password . $post->id . Options::get('GUID'));
// if password was submitted verify it
if (Controller::get_var('post_password') && Controller::get_var('post_password_id') == $post->id) {
$pass = InputFilter::filter(Controller::get_var('post_password'));
if (Utils::crypt($pass, $post->info->password)) {
Session::add_to_set('post_passwords', $token, $post->id);
$session[$post->id] = $token;
} else {
Session::error(_t('That password was incorrect.', 'postpass'));
}
}
// if password is stored in session verify it
if (isset($session[$post->id]) && $session[$post->id] == $token) {
return $content;
} else {
$theme = Themes::create();
$theme->post = $post;
return $theme->fetch('post_password_form');
}
} else {
return $content;
}
}
