public function action_view()
{
$uri = $this->request->detect_uri();
if ($uri == '') {
$this->redirect(URL::to('page@view:home'));
}
$id = $this->request->param('id');
$query = $this->request->query();
$username = $this->request->post('username');
$password = $this->request->post('password');
$login = $this->request->post('login');
$identity = Identity::instance();
$info = ORM::factory('Page')->filter('alias', $id)->load();
if ($info->loaded()) {
//downloads
if ($id == 'download') {
$downloads = true;
}
//contact
if ($id == 'contact') {
$form = Form::factory('Contact');
//$form = Form::
if ($form->valid()) {
//var_dump($form->values());
$this->redirect(URL::to('page@view:contact') . '?form=sent');
}
} else {
$form = FALSE;
}
//login mechanism
if (empty($username) && $login == 'Login') {
$this->redirect(URL::current() . '?auth=nameError');
} elseif (empty($password) && $login == 'Login') {
$this->redirect(URL::current() . '?auth=false');
} elseif (!empty($username) && !empty($password) && $login == 'Login') {
$auth = $identity->authenticate($username, $password);
if ($auth) {
$this->redirect(URL::current());
} else {
$this->redirect(URL::current() . '?auth=false');
}
}
//logout mechanism
if ($login == 'Logout') {
$identity->destroy();
$this->redirect(URL::current());
}
$view = View::factory('page/item', array('item' => Viewer::factory($info), 'form' => $form, 'query' => $query, 'downloads' => isset($downloads) ? $downloads : null));
$this->response->body($view->render());
} else {
throw HTTP_Exception::factory(404, 'Page not found');
}
}
/**
* add or remove roles from user
*/
public function action_roles()
{
$id = $this->param('id');
$user = ORM::factory($this->_settings->get('model'), $id);
$acl = Acl::instance();
$form = Form::factory('Roles');
$form->urls(array('submit' => URL::to($this->request->controller() . '@roles:' . $id, array('query' => 'after=roles')), 'submit_back' => URL::to($this->request->controller() . '@roles:' . $id), 'back' => URL::to($this->request->controller())));
// get roles
$roles = $acl->roles();
sort($roles);
$options = array();
$text = Text::instance();
foreach ($roles as $role) {
$parts = explode('_', $role);
if ($parts[0] === 'manager') {
$label = $text->get('option.roles.manager') . ' ' . $parts[1];
} else {
$label = $text->get('option.roles.' . $role);
}
$options[$role] = $label;
}
// set all the available roles
$form->roles($options);
// set roles in form
$form->value('roles', $user->roles);
if ($form->valid()) {
// filter out illegal attempts to upgrade roles
$roles = array_intersect($form->value('roles'), $acl->roles());
// set & save roles
$user->roles = $roles;
$user->save();
$this->redirect_done('updated');
}
// create viewer
$viewer = Viewer::factory('Form', $form)->text(Text::instance());
// create view
$view = View::factory($this->_settings->get('view.update'), array('viewer' => $viewer));
// response
$this->response->body($view->render());
}
/**
* update items
*
* @param int $id
* @param array $addit_values
* @param array $form_data
* @return boolean
*/
protected function update($model, $form)
{
if (!Acl::instance()->allowed($this->_controller, 'update', $model->owner_id, $model->website_id)) {
throw HTTP_Exception::factory(403, 'Update not allowed on :controller :id', array(':controller' => $this->_controller, ':id' => $model->id));
}
if (isset($model->updatable) && $model->updatable == 0) {
throw HTTP_Exception::factory(403, 'Update not allowed on :controller :id', array(':controller' => $this->_controller, ':id' => $model->id));
}
//populate fields from db
$form->values($model->as_map());
// call hook
Event::raise($this, Event::BEFORE_UPDATE_FORM_PARSE, array('model' => $model, 'form' => $form));
// check if valid
if ($form->valid()) {
Event::raise($this, Event::BEFORE_UPDATE_VALUES, array('model' => $model, 'form' => $form));
// set values
$model->values($form->values());
// set editor id
$model->editor_id = Identity::instance()->id;
// call hook
Event::raise($this, Event::BEFORE_UPDATE, array('model' => $model, 'form' => $form));
//save
$model->save();
// call hook
Event::raise($this, Event::AFTER_UPDATE, array('model' => $model, 'form' => $form));
// done
return TRUE;
} else {
// set message if form was submitted (there's an error)
if ($form->submitted() === TRUE) {
$this->error_message('invalid');
}
// create viewer
$viewer = Viewer::factory('Form', $form)->text(Text::instance());
// create view
$view = View::factory($this->_settings->get('view.update'), array('viewer' => $viewer));
// raise event
Event::raise($this, Event::BEFORE_UPDATE_RENDER, array('model' => $model, 'form' => $form, 'viewer' => $viewer, 'view' => $view));
// response
$this->response->body($view->render());
// not done
return FALSE;
}
}
/**
* Create a nice result
* Create a new Viewer for objects and arrays or if a $viewer was provided
* escape strings
* @param mixed $result
* @param boolean $raw
* @param string $viewer
*/
protected function _viewer_result($result, $raw = FALSE, $viewer = FALSE)
{
if ($raw === TRUE) {
// do no escaping or wrapping
return $result;
} else {
if (is_string($result)) {
// escape string
return htmlspecialchars((string) $result, ENT_QUOTES, $this->_charset, FALSE);
} else {
// if a viewer is provided, always return a viewer
// else, only return a viewer for objects and arrays
if (is_string($viewer) || is_object($result) || is_array($result)) {
if (is_string($viewer)) {
// specific viewer
$result = Viewer::factory($viewer, $result);
} else {
// vanilla viewer
$result = Viewer::factory($result);
}
}
return $result;
}
}
}
/**
* Popup launched from wysiwyg to embed an image
* @return void
*/
public function action_embed()
{
$id = $this->request->param('id', 0);
$sizes = $this->_settings->get('sizes_embed');
if ($id > 0) {
// get size from qs
$size = $this->param('param1');
} else {
// get first size
$size = $sizes[0];
}
// create form
$form = Form::factory($this->_settings->get('form_embed'));
// set urls
$form->urls(array('submit' => URL::to($this->request->controller() . '@embed:' . $id, array('query' => 'after=embed')), 'submit_back' => URL::to($this->request->controller() . '@embed:' . $id, array('query' => 'after=close')), 'back' => URL::to($this->request->controller() . '@close')));
// set vars in from
$form->controller($this->request->controller());
$form->sizes($sizes);
// populate form
$form->value('id', $id);
$form->value('size', $size);
// proces form
if ($form->valid()) {
$data = $form->values();
// get the image model
$model = ORM::factory($this->_settings->get('model'), $data['id']);
// get actual base url for the current website
$base_url = Website::instance()->base_url($this->_website, Kohana::$base_url) . $this->_settings->get('url_images');
// get the source
$data['src'] = $model->src($data['size'], $base_url);
// check if it can be enlarged
$data['enlarge'] = $model->size($this->_settings->get('size_enlarge')) === FALSE ? '0' : '1';
// get callback
$callback = $this->request->param('callback', '');
// render close dialog
$view = View::factory($this->_settings->get('view.close'), array('data' => $data, 'callback' => $callback));
$this->response->body($view->render());
} else {
// create view
$viewer = Viewer::factory('Form', $form)->text(Text::instance());
$view = View::factory($this->_settings->get('view.update'), array('viewer' => $viewer));
$this->response->body($view->render());
}
}
/**
* do login
*
* @param string $username
* @param string $password
*/
public function action_login()
{
// create text
$text = Text::instance();
// create form
$form = Form::factory('Login');
$form->urls(array('submit' => URL::to('Auth@login')));
// check form
$authenticated = false;
$message = false;
if ($form->valid()) {
// get the values
$values = $form->values();
// create identity
$identity = Identity::instance();
// check if these are valid credentials
$authenticated = $identity->authenticate($values['username'], $values['password']);
// add error if not authenticated
if ($authenticated) {
// check if user is blocked
if ($identity->user && $identity->user->status == Model_User::STATUS_ACTIVE) {
} else {
$identity->destroy();
$authenticated = false;
$message = $text->get('error.blocked');
}
} else {
$message = $text->get('error.credentials');
}
}
if ($authenticated) {
// if ok, set flash message and redirect to default page
// set message
$message = array('status' => 'success', 'message' => $text->get('message.success'));
Session::instance('database')->set('message', $message);
//redirect
$url = URL::to('Default@redirect_website');
$this->redirect($url);
} else {
// else show form
$body = View::factory('login', array('viewer' => Viewer::factory('Form', $form)->text(Text::instance()), 'message' => $message, 'text' => $text))->render();
$this->response->body($body);
}
}
public function action_view()
{
$newsItems = ORM::factory('News')->filter('status', Model_item::STATUS_LIVE)->current()->sort('time_publication', 'DESC')->amount(50)->items();
$view = View::factory('nieuws', array('newsItems' => Viewer::factory($newsItems)));
$this->response->body($view->render());
}
/**
* create files in db
*/
protected function store($form, $hash)
{
// get files in the temp/hash dir
$files = FS::files($this->_settings->get('path_temp') . $hash . DIRECTORY_SEPARATOR);
// set the files in the form
$form->files($files);
Event::raise($this, Event::BEFORE_STORE_FORM_PARSE, array('form' => $form));
if ($form->valid()) {
// get the hash of the temp dir from qs
$hash = $this->request->param('id');
// get the form values
$values = $form->values();
// loop through temp files
for ($i = 0; $i < count($files); $i++) {
// createmodel
$model = ORM::factory($this->_settings->get('model'));
// set group if one is active
if ($group = $this->_state->get('group', FALSE)) {
$model->group_id = $group;
}
// undouble filename
$file = FS::name_unique($files[$i], $this->_settings->get('path_files'));
// store it
FS::move($this->_settings->get('path_temp') . $hash . DIRECTORY_SEPARATOR . $files[$i], $this->_settings->get('path_files') . $file);
// permissions
FS::permissions($this->_settings->get('path_files') . $file, 0744);
// set item properties
$model->created = date('y-m-d H:i:s', time());
$model->owner_id = Identity::instance()->id;
$model->editor_id = Identity::instance()->id;
$model->website_id = $this->_website;
// set file
$model->file = $file;
// set additional info (mostly title)
foreach ($values as $key => $value) {
if (is_array($value) && isset($value[$i])) {
$model->{$key} = $value[$i];
}
}
// call hook
Event::raise($this, Event::BEFORE_STORE, array('model' => $model, 'form' => $form));
//save
$model->save();
// call hook
Event::raise($this, Event::AFTER_STORE, array('model' => $model, 'form' => $form));
}
// return true
return TRUE;
} else {
// create viewer
$viewer = Viewer::factory('Form', $form)->text(Text::instance());
// render form
$view = View::factory($this->_settings->get('view.create'), array('viewer' => $viewer));
// event
Event::raise($this, Event::BEFORE_STORE_RENDER, array('model' => NULL, 'form' => $form, 'viewer' => $viewer, 'view' => $view));
// render
$this->response->body($view->render());
// return false
return FALSE;
}
}
