public function control() { if (isset($_POST['Submit']) && $_POST['Submit'] == 'Send Reset') { $this->disableCaching(); $dao = DAOFactory::getDAO('OwnerDAO'); $user = $dao->getByEmail($_POST['email']); if (isset($user)) { $token = $user->setPasswordRecoveryToken(); $es = new SmartyThinkUp(); $es->caching = false; $config = Config::getInstance(); $es->assign('apptitle', $config->getValue('app_title')); $es->assign('recovery_url', "session/reset.php?token={$token}"); $es->assign('server', isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost'); $es->assign('site_root_path', $config->getValue('site_root_path')); $message = $es->fetch('_email.forgotpassword.tpl'); Mailer::mail($_POST['email'], $config->getValue('app_title') . " Password Recovery", $message); $this->addSuccessMessage('Password recovery information has been sent to your email address.'); } else { $this->addErrorMessage('Error: account does not exist.'); } } $this->setViewTemplate('session.forgot.tpl'); return $this->generateView(); }
/** * Generates web page markup * * @return str view markup */ protected function generateView() { // add header javascript if defined if (count($this->header_scripts) > 0) { $this->addToView('header_scripts', $this->header_scripts); } $this->sendHeader(); if (isset($this->view_template)) { if ($this->view_mgr->isViewCached()) { $cache_key = $this->getCacheKeyString(); if ($this->profiler_enabled && !isset($this->json_data) && strpos($this->content_type, 'text/javascript') === false) { $view_start_time = microtime(true); $cache_source = $this->shouldRefreshCache() ? "DATABASE" : "FILE"; $results = $this->view_mgr->fetch($this->view_template, $cache_key); $view_end_time = microtime(true); $total_time = $view_end_time - $view_start_time; $profiler = Profiler::getInstance(); $profiler->add($total_time, "Rendered view from " . $cache_source . ", cache key: <i>" . $this->getCacheKeyString(), false) . '</i>'; return $results; } else { return $this->view_mgr->fetch($this->view_template, $cache_key); } } else { if ($this->profiler_enabled && !isset($this->json_data) && strpos($this->content_type, 'text/javascript') === false) { $view_start_time = microtime(true); $results = $this->view_mgr->fetch($this->view_template); $view_end_time = microtime(true); $total_time = $view_end_time - $view_start_time; $profiler = Profiler::getInstance(); $profiler->add($total_time, "Rendered view (not cached)", false); return $results; } else { return $this->view_mgr->fetch($this->view_template); } } } else { if (isset($this->json_data)) { $this->setContentType('application/json'); if ($this->view_mgr->isViewCached()) { if ($this->view_mgr->is_cached('json.tpl', $this->getCacheKeyString())) { return $this->view_mgr->fetch('json.tpl', $this->getCacheKeyString()); } else { $this->prepareJSON(); return $this->view_mgr->fetch('json.tpl', $this->getCacheKeyString()); } } else { $this->prepareJSON(); return $this->view_mgr->fetch('json.tpl'); } } else { throw new Exception(get_class($this) . ': No view template specified'); } } }
/** * Generates a one time upgrade token, and emails admins with the token info. */ public function generateUpgradeToken() { $token_file = THINKUP_WEBAPP_PATH . self::CACHE_DIR . '/upgrade_token'; $md5_token = ''; if (!file_exists($token_file)) { $fp = fopen($token_file, 'w'); if ($fp) { $token = self::TOKEN_KEY . rand(0, time()); $md5_token = md5($token); if (!fwrite($fp, $md5_token)) { throw new OpenFileException("Unable to write upgrade token file: " + $token_file); } fclose($fp); } else { throw new OpenFileException("Unable to create upgrade token file: " + $token_file); } // email our admin with this token. $owner_dao = DAOFactory::getDAO('OwnerDAO'); $admins = $owner_dao->getAdmins(); if ($admins) { $tos = array(); foreach ($admins as $admin) { $tos[] = $admin->email; } $to = join(',', $tos); $upgrade_email = new SmartyThinkUp(); $upgrade_email->caching = false; $server = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost'; //supress test weirdness $upgrade_email->assign('server', $server); $upgrade_email->assign('token', $md5_token); $message = $upgrade_email->fetch('_email.upgradetoken.tpl'); $config = Config::getInstance(); Mailer::mail($to, "Upgrade Your ThinkUp Database", $message); } } }
/** * Generates plugin page options markup - Calls parent::generateView() * * @return str view markup */ protected function generateView() { // if we have some p[lugin option elements defined // render them and add to the parent view... if (count($this->option_elements) > 0) { $this->setValues(); $view_mgr = new SmartyThinkUp(); $view_mgr->disableCaching(); // assign data $view_mgr->assign('option_elements', $this->option_elements); $view_mgr->assign('option_elements_json', json_encode($this->option_elements)); $view_mgr->assign('option_headers', $this->option_headers); $view_mgr->assign('option_not_required', $this->option_not_required); $view_mgr->assign('option_not_required_json', json_encode($this->option_not_required)); $view_mgr->assign('option_required_message', $this->option_required_message); $view_mgr->assign('option_required_message_json', json_encode($this->option_required_message)); $view_mgr->assign('option_select_multiple', $this->option_select_multiple); $view_mgr->assign('option_select_visible', $this->option_select_visible); $view_mgr->assign('plugin_id', $this->plugin_id); $view_mgr->assign('is_admin', $this->isAdmin()); //$view_mgr->assign('is_admin', false); $options_markup = ''; if ($this->profiler_enabled) { $view_start_time = microtime(true); $options_markup = $view_mgr->fetch(self::OPTIONS_TEMPLATE); $view_end_time = microtime(true); $total_time = $view_end_time - $view_start_time; $profiler = Profiler::getInstance(); $profiler->add($total_time, "Rendered view (not cached)", false); } else { $options_markup = $view_mgr->fetch(self::OPTIONS_TEMPLATE); } $this->addToView('options_markup', $options_markup); } return parent::generateView(); }
public function control() { if ($this->isLoggedIn()) { $controller = new DashboardController(true); return $controller->go(); } else { $this->disableCaching(); $config = Config::getInstance(); if (!$config->getValue('is_registration_open')) { $this->addToView('closed', true); $this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://github.com/ginatrapani/thinkup/tree/master">Install ThinkUp on your own ' . 'server.</a></p>'); } else { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $this->addToView('closed', false); $captcha = new Captcha(); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') { foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; } } if (!$this->is_missing_param) { if (!Utils::validateEmail($_POST['email'])) { $this->addErrorMessage("Incorrect email. Please enter valid email address."); } elseif (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) { $this->addErrorMessage("Passwords do not match."); } elseif (!$captcha->check()) { // Captcha not valid, captcha handles message... } else { if ($owner_dao->doesOwnerExist($_POST['email'])) { $this->addErrorMessage("User account already exists."); } else { $es = new SmartyThinkUp(); $es->caching = false; $session = new Session(); $activ_code = rand(1000, 9999); $cryptpass = $session->pwdcrypt($_POST['pass2']); $server = $_SERVER['HTTP_HOST']; $owner_dao->create($_POST['email'], $cryptpass, $activ_code, $_POST['full_name']); $es->assign('server', $server); $es->assign('email', urlencode($_POST['email'])); $es->assign('activ_code', $activ_code); $message = $es->fetch('_email.registration.tpl'); Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message); unset($_SESSION['ckey']); $this->addSuccessMessage("Success! Check your email for an activation link."); } } } if (isset($_POST["full_name"])) { $this->addToView('name', $_POST["full_name"]); } if (isset($_POST["email"])) { $this->addToView('mail', $_POST["email"]); } } $challenge = $captcha->generate(); $this->addToView('captcha', $challenge); } return $this->generateView(); } }
/** * Send user email alert about invalid OAuth tokens. In test mode, this will only write the message body to a file * in the application data directory. * @param str $email * @param str $username */ private function sendInvalidOAuthEmailAlert($email, $username) { $mailer_view_mgr = new SmartyThinkUp(); $mailer_view_mgr->caching = false; $server = $_SERVER['HTTP_HOST']; $mailer_view_mgr->assign('server', $server); $mailer_view_mgr->assign('email', $email); $mailer_view_mgr->assign('faceboook_user_name', $username); $message = $mailer_view_mgr->fetch(Utils::getPluginViewDirectory('facebook') . '_email.invalidtoken.tpl'); Mailer::mail($email, "Please re-authorize ThinkUp to access " . $username . " on Facebook", $message); }
/** * @return str Object definition */ public function makeModel() { //show full columns from table; $columns = array(); try { $stmt = self::$pdo->query('SHOW FULL COLUMNS FROM ' . $this->table_name); while ($row = $stmt->fetch()) { $row['PHPType'] = $this->converMySQLTypeToPHP($row['Type']); $columns[$row['Field']] = $row; } } catch (Exception $e) { throw new Exception('Unable to show columns from "' . $this->table_name . '" - ' . $e->getMessage()); } //instantiate Smarty, assign results to view $view_mgr = new SmartyThinkUp(); $view_mgr->assign('fields', $columns); $view_mgr->assign('object_name', $this->object_name); $view_mgr->assign('parent_name', $this->parent_name); $tpl_file = THINKUP_ROOT_PATH . 'extras/dev/makemodel/view/model_object.tpl'; //output results $results = $view_mgr->fetch($tpl_file); return $results; }
/** * Step 3 - Populate database and finish */ private function step3() { $this->setViewTemplate('install.step3.tpl'); $config_file_exists = false; $config_file = THINKUP_WEBAPP_PATH . 'config.inc.php'; // make sure we are here with posted data if (empty($_POST)) { $this->step1(); return; } // check if we have made config.inc.php if (file_exists($config_file) && filesize($config_file) > 0) { // this is could be from step 2 is not able writing // to webapp dir $config_file_exists = true; require $config_file; $db_config['db_type'] = $THINKUP_CFG['db_type']; $db_config['db_name'] = $THINKUP_CFG['db_name']; $db_config['db_user'] = $THINKUP_CFG['db_user']; $db_config['db_password'] = $THINKUP_CFG['db_password']; $db_config['db_host'] = $THINKUP_CFG['db_host']; $db_config['db_socket'] = $THINKUP_CFG['db_socket']; $db_config['db_port'] = $THINKUP_CFG['db_port']; $db_config['table_prefix'] = $THINKUP_CFG['table_prefix']; $db_config['GMT_offset'] = $THINKUP_CFG['GMT_offset']; $db_config['timezone'] = $THINKUP_CFG['timezone']; $email = trim($_POST['site_email']); } else { // make sure we're not from error of couldn't write config.inc.php if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) { $this->addErrorMessage("Missing database credentials"); $this->step2(); return; } // trim each posted value $db_config['db_type'] = trim(@$_POST['db_type']); $db_config['db_name'] = trim($_POST['db_name']); $db_config['db_user'] = trim($_POST['db_user']); $db_config['db_password'] = trim($_POST['db_passwd']); $db_config['db_host'] = trim($_POST['db_host']); $db_config['db_socket'] = trim($_POST['db_socket']); $db_config['db_port'] = trim($_POST['db_port']); $db_config['table_prefix'] = trim($_POST['db_prefix']); $db_config['timezone'] = trim($_POST['timezone']); $email = trim($_POST['site_email']); // get GMT offset in hours $db_config['GMT_offset'] = timezone_offset_get(new DateTimeZone($_POST['timezone']), new DateTime('now')) / 3600; } $db_config['db_type'] = 'mysql'; //default for now $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; $full_name = $_POST['full_name']; $display_errors = false; // check email if (!Utils::validateEmail($email)) { $this->addErrorMessage("Please enter a valid email address."); $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } else { if ($password != $confirm_password || $password == '') { //check password if ($password != $confirm_password) { $this->addErrorMessage("Your passwords did not match."); } else { $this->addErrorMessage("Please choose a password."); } $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } elseif (($error = $this->installer->checkDb($db_config)) !== true) { //check db if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) { $db_error = substr($error->getMessage(), $p); } else { $db_error = $error->getMessage(); } $this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again."); $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } } if ($display_errors) { $this->addToView('db_name', $db_config['db_name']); $this->addToView('db_user', $db_config['db_user']); $this->addToView('db_passwd', $db_config['db_password']); $this->addToView('db_host', $db_config['db_host']); $this->addToView('db_prefix', $db_config['table_prefix']); $this->addToView('db_socket', $db_config['db_socket']); $this->addToView('db_port', $db_config['db_port']); $this->addToView('db_type', $db_config['db_type']); $this->addToView('current_tz', $_POST['timezone']); $this->addToView('tz_list', $this->getTimeZoneList()); $this->addToView('site_email', $email); $this->addToView('full_name', $full_name); return; } $admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password); // trying to create config file if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) { $config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user); $config_file_contents_str = ''; foreach ($config_file_contents_arr as $line) { $config_file_contents_str .= htmlentities($line); } $whoami = exec('whoami'); if (!empty($whoami)) { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button below once you did either."); } else { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button once this is done."); } $this->addToView('config_file_contents', $config_file_contents_str); $this->addToView('_POST', $_POST); $this->setViewTemplate('install.config.tpl'); return; } unset($admin_user['confirm_password']); // check tables $this->installer->checkTable($db_config); // if empty, we're ready to populate the database with ThinkUp tables $this->installer->populateTables($db_config); $owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config); if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) { // create admin if not exists $session = new Session(); $activation_code = rand(1000, 9999); $crypt_pass = $session->pwdcrypt($password); //$owner_dao->insertActivatedAdmin($email, $crypt_pass, $full_name); $owner_dao->createAdmin($email, $crypt_pass, $activation_code, $full_name); // view for email $cfg_array = array('site_root_path' => THINKUP_BASE_URL, 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title' => "ThinkUp", 'cache_pages' => false); $email_view = new SmartyThinkUp($cfg_array); $email_view->caching = false; $email_view->assign('server', $_SERVER['HTTP_HOST']); $email_view->assign('email', urlencode($email)); $email_view->assign('activ_code', $activation_code); $message = $email_view->fetch('_email.registration.tpl'); Mailer::mail($email, "Activate Your New ThinkUp Account", $message); } else { $email = 'Use your old email admin'; $password = '******'; } unset($THINKUP_CFG); $this->addToView('errors', $this->installer->getErrorMessages()); $this->addToView('username', $email); $this->addToView('password', $password); $this->addToView('login_url', THINKUP_BASE_URL . 'session/login.php'); }
public function control() { if ($this->isLoggedIn()) { $controller = new DashboardController(true); return $controller->go(); } else { $config = Config::getInstance(); $is_registration_open = $config->getValue('is_registration_open'); $this->disableCaching(); $invite_dao = DAOFactory::getDAO('InviteDAO'); if (isset($_GET['code'])) { $invite_code = $_GET['code']; } else { $invite_code = null; } $this->addToView('invite_code', $invite_code); $is_invite_code_valid = $invite_dao->isInviteValid($invite_code); if (!$is_registration_open && !$is_invite_code_valid) { $this->addToView('closed', true); $this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://thinkupapp.com">Install ThinkUp on your own server.</a></p>'); } else { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $this->addToView('closed', false); $captcha = new Captcha(); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') { foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; } } if (!$this->is_missing_param) { $valid_input = true; if (!Utils::validateEmail($_POST['email'])) { $this->addErrorMessage("Incorrect email. Please enter valid email address.", 'email'); $valid_input = false; } if (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) { $this->addErrorMessage("Passwords do not match.", 'password'); $valid_input = false; } else { if (strlen($_POST['pass1']) < 5) { $this->addErrorMessage("Password must be at least 5 characters.", 'password'); $valid_input = false; } } if (!$captcha->doesTextMatchImage()) { $this->addErrorMessage("Entered text didn't match the image. Please try again.", 'captcha'); $valid_input = false; } if ($valid_input) { if ($owner_dao->doesOwnerExist($_POST['email'])) { $this->addErrorMessage("User account already exists.", 'email'); } else { // Insert the details into the database $activation_code = $owner_dao->create($_POST['email'], $_POST['pass2'], $_POST['full_name']); if ($activation_code != false) { $es = new SmartyThinkUp(); $es->caching = false; $server = $_SERVER['HTTP_HOST']; $es->assign('server', $server); $es->assign('email', urlencode($_POST['email'])); $es->assign('activ_code', $activation_code); $message = $es->fetch('_email.registration.tpl'); Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message); SessionCache::unsetKey('ckey'); $this->addSuccessMessage("Success! Check your email for an activation link."); //delete invite code if ($is_invite_code_valid) { $invite_dao->deleteInviteCode($invite_code); } } else { $this->addErrorMessage("Unable to register a new user. Please try again."); } } } } if (isset($_POST["full_name"])) { $this->addToView('name', $_POST["full_name"]); } if (isset($_POST["email"])) { $this->addToView('mail', $_POST["email"]); } } $challenge = $captcha->generate(); $this->addToView('captcha', $challenge); } $this->view_mgr->addHelp('register', 'userguide/accounts/index'); return $this->generateView(); } }