public function action_user($id = null) { if (intval($id) < 1) { throw new NotFoundHttpException(); } $data = []; $form = []; try { /** @var \Foolz\FoolFrame\Model\Users $users */ $users = $this->getContext()->getService('users'); $data['object'] = $users->getUserBy('id', $id); $data['object']->password = ''; } catch (\Foolz\FoolFrame\Model\UsersWrongIdException $e) { throw new NotFoundHttpException(); } $form['open'] = array('type' => 'open'); $form['paragraph'] = array('type' => 'paragraph', 'help' => _i('You can customize your account here.')); $form['paragraph-2'] = array('type' => 'paragraph', 'help' => '<img src="' . Gravatar::image($data['object']->email) . '" width="80" height="80" style="padding:2px; border: 1px solid #ccc;"/> ' . _i('The avatar is automatically fetched from %s, based on the user\'s registration email.', '<a href="http://gravatar.com" target="_blank">Gravatar</a>')); if ($this->getAuth()->hasAccess('users.change_credentials')) { $form['username'] = array('type' => 'input', 'database' => true, 'label' => _i('Username'), 'class' => 'span3', 'help' => _i('Change the username'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]); $form['email'] = array('type' => 'input', 'database' => true, 'label' => _i('Email'), 'class' => 'span3', 'help' => _i('Change the email'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]); $form['password'] = array('type' => 'password', 'database' => true, 'label' => _i('Password'), 'class' => 'span3', 'help' => _i('Change the password (leave empty to not change it)')); } $form['bio'] = array('type' => 'textarea', 'database' => true, 'label' => 'Bio', 'style' => 'height:150px;', 'class' => 'span5', 'help' => _i('Some details about you'), 'validation' => [new Trim(), new Assert\Length(['max' => 360])]); $form['twitter'] = array('type' => 'input', 'database' => true, 'label' => 'Twitter', 'class' => 'span3', 'help' => _i('Your twitter nickname'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]); $form['display_name'] = array('type' => 'input', 'database' => true, 'label' => 'Display name', 'class' => 'span3', 'help' => _i('Alternative name in place of login username'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]); if ($this->getAuth()->hasAccess('users.change_group')) { $groups = $this->config->get('foolz/foolframe', 'foolauth', 'groups'); $group_ids = []; foreach ($groups as $level => $group) { $group_ids[$level] = $group['name']; } $form['group_id'] = array('type' => 'radio', 'database' => true, 'label' => 'Display name', 'help' => _i('Change the group of the user'), 'radio_values' => $group_ids); } $form['submit'] = array('type' => 'submit', 'class' => 'btn btn-primary', 'value' => _i('Submit')); $form['close'] = array('type' => 'close'); $data['form'] = $form; if ($this->getPost() && !$this->checkCsrfToken()) { $this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.')); } elseif ($this->getPost()) { $result = Validator::formValidate($form, $this->getPost()); if (isset($result['error'])) { $this->notices->set('warning', $result['error']); } else { if (isset($result['warning'])) { $this->notices->set('warning', $result['warning']); } $this->notices->set('success', _i('Preferences updated.')); $user = $users->getUserBy('id', $id); $user->save($result['success']); $data['object'] = $user; $data['object']->password = ''; } } // create a form $this->param_manager->setParam('method_title', [_i('Manage'), _i('Edit'), $data['object']->username]); $this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data); return new Response($this->builder->build()); }
function action_add() { $data['form'] = $this->radix_coll->structure(); if ($this->getPost() && !$this->checkCsrfToken()) { $this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.')); } elseif ($this->getPost()) { $result = Validator::formValidate($data['form'], $this->getPost()); if (isset($result['error'])) { $this->notices->set('warning', $result['error']); } else { // it's actually fully checked, we just have to throw it in DB $this->radix_coll->save($result['success']); $this->notices->setFlash('success', _i('New board created!')); return $this->redirect('admin/boards/board/' . $result['success']['shortname']); } } // the actual POST is in the board() function $data['form']['open']['action'] = $this->uri->create('admin/boards/add_new'); // panel for creating a new board $this->param_manager->setParam('method_title', [_i('Manage'), _i('Add')]); $this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data); return new Response($this->builder->build()); }
public function submit($data, $media) { // some beginners' validation, while through validation will happen in the Comment model $validator = new Validator(); $validator->add('thread_num', _i('Thread Number'), [new Assert\NotBlank()])->add('name', _i('Name'), [new Assert\Length(['max' => 64])])->add('email', _i('Email'), [new Assert\Length(['max' => 64])])->add('title', _i('Title'), [new Assert\Length(['max' => 64])])->add('delpass', _i('Deletion pass'), [new Assert\Length(['min' => 3, 'max' => 32])]); // no empty posts without images if ($media === null) { $validator->add('comment', _i('Comment'), [new Assert\NotBlank(), new Assert\Length(['min' => 3])]); } // this is for redirecting, not for the database $limit = false; if (isset($data['last_limit'])) { $limit = intval($data['last_limit']); unset($data['last_limit']); } $validator->validate($data); if (!$validator->getViolations()->count()) { try { $data['poster_ip'] = Inet::ptod($this->getRequest()->getClientIp()); $bulk = new CommentBulk(); $bulk->import($data, $this->radix); $comment = new CommentInsert($this->getContext(), $bulk); $comment->insert($media, $data); } catch (\Foolz\Foolfuuka\Model\CommentSendingRequestCaptchaException $e) { if ($this->getRequest()->isXmlHttpRequest()) { return $this->response->setData(['captcha' => true]); } else { return $this->error(_i('Your message looked like spam. Make sure you have JavaScript enabled to display the reCAPTCHA to submit the comment.')); } } catch (\Foolz\Foolfuuka\Model\CommentSendingException $e) { if ($this->getRequest()->isXmlHttpRequest()) { return $this->response->setData(['error' => $e->getMessage()]); } else { return $this->error($e->getMessage()); } } } else { if ($this->getRequest()->isXmlHttpRequest()) { return $this->response->setData(['error' => $validator->getViolations()->getText()]); } else { return $this->error($validator->getViolations()->getHtml()); } } if ($this->request->isXmlHttpRequest()) { $latest_doc_id = $this->getPost('latest_doc_id'); if ($latest_doc_id && ctype_digit((string) $latest_doc_id)) { try { $board = Board::forge($this->getContext())->getThread($comment->comment->thread_num)->setRadix($this->radix)->setOptions(['type' => 'from_doc_id', 'latest_doc_id' => $latest_doc_id]); $comments = $board->getComments(); } catch (\Foolz\Foolfuuka\Model\BoardThreadNotFoundException $e) { return $this->error(_i('Thread not found.')); } catch (\Foolz\Foolfuuka\Model\BoardException $e) { return $this->error(_i('Unknown error.')); } $comment_obj = new Comment($this->getContext()); $comment_obj->setControllerMethod($limit ? 'last/' . $limit : 'thread'); $media_obj = new Media($this->getContext()); $m = null; foreach ($board->getCommentsUnsorted() as $bulk) { $comment_obj->setBulk($bulk, $this->radix); if ($bulk->media) { $media_obj->setBulk($bulk, $this->radix); $m = $media_obj; } else { $m = null; } if ($this->builder) { $this->param_manager->setParam('controller_method', $limit ? 'last/' . $limit : 'thread'); $partial = $this->builder->createPartial('board_comment', 'board_comment'); $partial->getParamManager()->setParam('p', $comment_obj)->setParam('p_media', $m); $bulk->comment->formatted = $partial->build(); $partial->clearBuilt(); } } $this->response->setData(['success' => _i('Message sent.')] + $comments); } else { if ($this->builder) { $this->param_manager->setParam('controller_method', $limit ? 'last/' . $limit : 'thread'); $partial = $this->builder->createPartial('board_comment', 'board_comment'); $partial->getParamManager()->setParam('p', new Comment($this->getContext(), $comment->bulk))->setParam('p_media', new Media($this->getContext(), $comment->bulk)); $bulk->comment->formatted = $partial->build(); $partial->clearBuilt(); } $this->response->setData(['success' => _i('Message sent.'), 'thread_num' => $comment->comment->thread_num, $comment->comment->thread_num => ['posts' => [$comment->bulk]]]); } } else { $this->builder->createLayout('redirect')->getParamManager()->setParam('url', $this->uri->create([$this->radix->shortname, !$limit ? 'thread' : 'last/' . $limit, $comment->comment->thread_num]) . '#' . $comment->comment->num); $this->builder->getProps()->addTitle(_i('Redirecting')); $this->response->setContent($this->builder->build()); } return $this->response; }
public function action_profile() { if (!$this->getAuth()->hasAccess('maccess.user')) { return $this->redirectToLogin(); } $data = []; $form = []; $form['open'] = array('type' => 'open'); $form['paragraph'] = array('type' => 'paragraph', 'help' => _i('You can customize your account here.')); $form['paragraph-2'] = array('type' => 'paragraph', 'help' => '<img src="' . Gravatar::image($this->getAuth()->getUser()->getEmail()) . '" width="80" height="80" style="padding:2px; border: 1px solid #ccc;"/> ' . _i('Your avatar is automatically fetched from %s, based on your registration email.', '<a href="http://gravatar.com" target="_blank">Gravatar</a>')); $form['display_name'] = array('type' => 'input', 'database' => true, 'label' => _i('Display Name'), 'class' => 'span3', 'help' => _i('Alternative name in place of login username'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]); $form['bio'] = array('type' => 'textarea', 'database' => true, 'label' => 'Bio', 'style' => 'height:150px;', 'class' => 'span5', 'help' => _i('Some details about you'), 'validation' => [new Trim(), new Assert\Length(['max' => 360])]); $form['twitter'] = array('type' => 'input', 'database' => true, 'label' => 'Twitter', 'class' => 'span3', 'help' => _i('Your twitter nickname'), 'validation' => [new Trim(), new Assert\Length(['max' => 32])]); $form['submit'] = array('type' => 'submit', 'class' => 'btn btn-primary', 'value' => _i('Submit')); $form['close'] = array('type' => 'close'); $data['form'] = $form; if ($this->getPost() && !$this->security->checkCsrfToken($this->getRequest())) { $this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.')); } elseif ($this->getPost()) { $result = Validator::formValidate($form, $this->getPost()); if (isset($result['error'])) { $this->notices->set('warning', $result['error']); } else { if (isset($result['warning'])) { $this->notices->set('warning', $result['warning']); } $this->notices->set('success', _i('Your profile has been updated.')); $user = $this->getAuth()->getUser(); $user->save($result['success']); } } $data['object'] = (object) $this->getAuth()->getUser(); // generate profile form $this->param_manager->setParam('method_title', _i('Profile')); $this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data); return new Response($this->builder->build()); }
/** * A lazy way to submit the preference panel input, saves some code in controller * * This function runs the custom validation function that uses the $form array * to first run the original FuelPHP validation and then the anonymous * functions included in the $form array. It sets a proper notice for the * admin interface on conclusion. * * @param Request $request * @param array $form * @param bool|array $input If it evaluates to false, content won't be submitted */ public function submit_auto(Request $request, $form, $input = false) { if ($input) { $this->notices = $this->getContext()->getService('notices'); if (!$this->security->checkCsrfToken($request)) { $this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.')); return; } $post = []; foreach ($input as $key => $item) { // PHP doesn't allow periods in POST array $post[str_replace(',', '.', $key)] = $item; } $result = Validator::formValidate($form, $post); if (isset($result['error'])) { $this->notices->set('warning', $result['error']); } else { if (isset($result['warning'])) { $this->notices->set('warning', $result['warning']); } $this->notices->set('success', _i('Preferences updated.')); $this->submit($result['success']); } } }
public function action_edit_release($id = 0) { if (!$id || !ctype_digit((string) $id)) { throw new NotFoundHttpException(); } try { $release_bulk = $this->release_factory->getById($id); } catch (SeriesNotFoundException $e) { throw new NotFoundHttpException(); } $data['object'] = $release_bulk->release; $data['form'] = $this->release_factory->getStructure(); if ($this->getPost() && !$this->checkCsrfToken()) { $this->notices->set('warning', _i('The security token was not found. Please try again.')); } elseif ($this->getPost()) { $result = Validator::formValidate($data['form'], $this->getPost()); if (isset($result['error'])) { $this->notices->set('warning', $result['error']); } else { // it's actually fully checked, we just have to throw it in DB $id = $this->release_factory->save($result['success']); return $this->redirect('admin/reader/edit_release/' . $id); } } $this->param_manager->setParam('method_title', _i('Edit series')); $this->builder->createPartial('body', 'form_creator')->getParamManager()->setParams($data); return new Response($this->builder->build()); }
public function action_create_admin() { // if an admin account exists, lock down this step and redirect to the next step instead /** @var Users $users */ $users = $this->getContext()->getService('users'); $check_users = $users->getAll(); if ($check_users['count'] > 0) { return new RedirectResponse($this->uri->create('install/modules')); } if ($this->getPost()) { $validator = new Validator(); $validator->add('username', _i('Username'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 4, 'max' => 32])])->add('email', _i('Email'), [new Trim(), new Assert\NotBlank(), new Assert\Email()])->add('password', _i('Password'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 4, 'max' => 64])])->add('confirm_password', _i('Confirm Password'), [new EqualsField(['field' => _i('Password'), 'value' => $this->getPost('password')])]); $validator->validate($this->getPost()); if (!$validator->getViolations()->count()) { $input = $validator->getFinalValues(); $auth = new Auth($this->getContext()); list($id, $activation_key) = $auth->createUser($input['username'], $input['password'], $input['email']); $auth->activateUser($id, $activation_key); $auth->authenticateWithId($id); $user = $auth->getUser(); $user->save(['group_id' => 100]); // leave the module installation later in case we must do something with users $this->install->install_modules(); return new RedirectResponse($this->uri->create('install/complete')); } else { $this->notices->set('warning', $validator->getViolations()->getText()); } } $this->process('create_admin'); $this->param_manager->setParam('method_title', _i('Admin Account')); $this->builder->createPartial('body', 'install/create_admin'); return new Response($this->builder->build()); }