private function saveData(Text $text, Request $request, Document $document, DocumentRepository $documentRepo) { if (!$request->hasRequestValue("intro") || !$request->hasRequestValue("title")) { return; } if ($document->isForWidgetArea()) { $text->addError($text->t("main.document") . ' ' . $text->t("errors.not_editable")); return; } $document->setIntro($request->getRequestString("intro", '')); $document->setTitle($request->getRequestString("title", '')); $valid = true; if (!Validate::requestToken($request)) { $valid = false; } if (!Validate::stringLength($document->getIntro(), Document::INTRO_MIN_LENGTH, Document::INTRO_MAX_LENGTH)) { $text->addError($text->t("documents.intro") . ' ' . Validate::getLastError($text)); $valid = false; } if (!Validate::stringLength($document->getTitle(), Document::TITLE_MIN_LENGTH, Document::TITLE_MAX_LENGTH)) { $text->addError($text->t("documents.title") . ' ' . Validate::getLastError($text)); $valid = false; } if (!$valid) { return; } $isNew = $document->getId() == 0; $documentRepo->saveDocument($document); if ($isNew) { $text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_created")); } else { $text->addMessage($text->t("main.document") . ' ' . $text->t("editor.is_edited")); } }
public function getPageContent(Website $website, Request $request) { // Don't allow to edit your own rank (why would admins want to downgrade // themselves?) if (!$this->editing_someone_else) { $website->addError($website->t("users.account") . " " . $website->t("errors.not_editable")); return ""; } $show_form = true; $textToDisplay = ""; if ($request->hasRequestValue("rank")) { // Sent $rank = $request->getRequestInt("rank"); $oAuth = $website->getAuth(); if ($oAuth->isValidRankForAccounts($rank)) { // Valid rank id $this->user->setRank($rank); $userRepo = $website->getAuth()->getUserRepository(); $userRepo->save($this->user); // Saved $textToDisplay .= '<p>' . $website->t("users.rank") . ' ' . $website->t("editor.is_changed") . '</p>'; // Don't show form $show_form = false; } else { // Invalid rank $website->addError($website->t("users.rank") . ' ' . $website->t("errors.not_found")); $textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.rank", true) . '</em></p>'; } } // Show form if ($show_form) { // Variables $rank = $request->getRequestInt("rank", $this->user->getRank()); $ranks = array(Authentication::RANK_USER, Authentication::RANK_MODERATOR, Authentication::RANK_ADMIN); // Form itself $textToDisplay .= <<<EOT <p> {$website->t("users.rank.edit.explained")} {$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")} </p> <p> {$website->t("main.fields_required")} </p> <form action="{$website->getUrlMain()}" method="post"> <p> <label for="rank">{$website->t("users.rank")}</label>:<span class="required">*</span><br /> {$this->get_ranks_box_html($website, $ranks, $rank)} </p> <p> <input type="hidden" name="p" value="edit_rank" /> <input type="hidden" name="id" value="{$this->user->getId()}" /> <input type="submit" value="{$website->t('users.rank.edit')} " class="button" /> </p> </form> EOT; } // Links $textToDisplay .= $this->get_account_links_html($website); return $textToDisplay; }
public function getPageContent(Website $website, Request $request) { $show_form = true; $textToDisplay = ""; if ($request->hasRequestValue("email")) { // Sent $email = $request->getRequestString("email"); if (Validate::email($email)) { // Valid email $this->user->setEmail($email); $userRepo = $website->getAuth()->getUserRepository(); $userRepo->save($this->user); // Saved $textToDisplay .= '<p>' . $website->t("users.email") . ' ' . $website->t("editor.is_changed") . '</p>'; // Don't show form $show_form = false; } else { // Invalid email $website->addError($website->t("users.email") . ' ' . Validate::getLastError($website)); $textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.email", true) . '</em></p>'; } } // Show form if ($show_form) { // Text above form $textToDisplay .= "<p>" . $website->t("users.email.edit.explained") . "</p>\n"; if ($this->editing_someone_else) { $textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n"; } // Form itself $email = htmlSpecialChars($request->getRequestString("email", $this->user->getEmail())); $textToDisplay .= <<<EOT <form action="{$website->getUrlMain()}" method="post"> <p> <label for="email">{$website->t('users.email')}:</label><br /><input type="text" id="email" name="email" value="{$email}"/><br /> </p> <p> <input type="hidden" name="id" value="{$this->user->getId()}" /> <input type="hidden" name="p" value="edit_email" /> <input type="submit" value="{$website->t('users.email.edit')} " class="button" /> </p> </form> EOT; } // Links $textToDisplay .= $this->get_account_links_html($website); return $textToDisplay; }
public function init(Website $website, Request $request) { $text = $website->getText(); $this->requestToken = RequestToken::generateNew(); $commentId = $request->getParamInt(0, 0); $auth = $website->getAuth(); $user = $auth->getCurrentUser(); $repo = new CommentRepository($website->getDatabase()); $this->comment = $repo->getCommentOrFail($commentId); if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) { // Can only edit own comment unless moderator throw new NotFoundException(); } if ($request->hasRequestValue("submit") && Validate::requestToken($request)) { // Validate and save comment $this->updateCommentFromRequest($this->comment, $request); if ($repo->validateComment($this->comment, $text)) { $repo->saveComment($this->comment); $this->redirectLink = $this->comment->getUrl($text); } } $this->requestToken->saveToSession(); }
public function getPageContent(Website $website, Request $request) { $show_form = true; $textToDisplay = ""; if ($request->hasRequestValue("password")) { // Sent $old_password = $request->getRequestString("old_password"); if ($this->editing_someone_else || $this->user->verifyPassword($old_password)) { // Old password entered correctly $password = $request->getRequestString("password"); $password2 = $request->getRequestString("password2"); if (Validate::password($password, $password2)) { // Valid password $this->user->setPassword($password); $userRepo = $website->getAuth()->getUserRepository(); $userRepo->save($this->user); // Saved $textToDisplay .= '<p>' . $website->t("users.password") . ' ' . $website->t("editor.is_changed") . '</p>'; // Update login cookie (only when changing your own password) if (!$this->editing_someone_else) { $website->getAuth()->setLoginCookie(); } // Don't show form $show_form = false; } else { // Invalid new password $website->addError($website->t("users.password") . ' ' . Validate::getLastError($website)); $textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.password", true) . '</em></p>'; } } else { // Invalid old password $website->addError($website->t("users.old_password") . ' ' . $website->t("errors.not_correct")); $textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.password", true) . '</em></p>'; } } // Show form if ($show_form) { // Text above form $textToDisplay .= "<p>" . $website->tReplaced("users.password.edit.explained", Validate::$MIN_PASSWORD_LENGHT) . "</p>\n"; if ($this->editing_someone_else) { $textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n"; } // Form itself $old_password_text = ""; if (!$this->editing_someone_else) { // Add field to verify old password when editing yourself $old_password_text = <<<EOT <label for="old_password">{$website->t('users.old_password')}:</label><span class="required">*</span><br /> <input type="password" id="old_password" name="old_password" value=""/><br /> EOT; } $textToDisplay .= <<<EOT <p>{$website->t("main.fields_required")}</p> <form action="{$website->getUrlMain()}" method="post"> <p> {$old_password_text} <label for="password">{$website->t('users.password')}:</label><span class="required">*</span><br /> <input type="password" id="password" name="password" value=""/><br /> <label for="password2">{$website->t('users.password.repeat')}:</label><span class="required">*</span><br /> <input type="password" id="password2" name="password2" value=""/><br /> </p> <p> <input type="hidden" name="p" value="edit_password" /> <input type="hidden" name="id" value="{$this->user->getId()}" /> <input type="submit" value="{$website->t('users.password.edit')} " class="button" /> </p> </form> EOT; } // Links $textToDisplay .= $this->get_account_links_html($website); return $textToDisplay; }
public function processInput(Text $text, Request $request, CategoryRepository $oCategories) { $article = $this->articleObject; $noErrors = true; // Title if ($request->hasRequestValue("article_title")) { $title = trim($request->getRequestString('article_title')); if (strLen($title) > Article::MAX_TITLE_LENGTH) { $text->addError($text->t("articles.title") . " " . $text->tReplaced("errors.is_too_long_num", Article::MAX_TITLE_LENGTH)); $noErrors = false; } if (strLen($title) < Article::MIN_TITLE_LENGTH) { $text->addError($text->tReplacedKey("errors.please_enter_this", "articles.title", true)); $noErrors = false; } $article->setTitle($title); } // Intro if ($request->hasRequestValue("article_intro")) { $intro = trim($request->getRequestString("article_intro")); if (strLen($intro) < Article::MIN_INTRO_LENGTH) { $text->addError($text->tReplacedKey("errors.please_enter_this", "articles.intro", true)); $noErrors = false; } if (strLen($intro) > Article::MAX_INTRO_LENGTH) { $text->addError($text->t("articles.intro") . " " . $text->tReplaced("errors.is_too_long_num", Article::MAX_INTRO_LENGTH)); $noErrors = false; } $article->setIntro($intro); } // Body if ($request->hasRequestValue("article_body")) { $body = trim($request->getRequestString("article_body")); if (strLen($body) < Article::MIN_BODY_LENGTH) { $text->addError($text->tReplacedKey("errors.please_enter_this", "articles.body", true)); $noErrors = false; } if (strLen($body) > Article::MAX_BODY_LENGTH) { $text->addError($text->t("articles.body") . " " . $text->tReplaced("errors.is_too_long_num", Article::MAX_BODY_LENGTH)); $noErrors = false; } $article->setBody($body); } // Category if ($request->hasRequestValue("article_category")) { $categoryId = (int) $request->getRequestString('article_category', 0); if ($categoryId == 0) { // Silent failure when category id is set to 0, as it is a default value $noErrors = false; } elseif (!$this->categoryExists($oCategories, $categoryId)) { $text->addError($text->t("main.category") . " " . $website->t("errors.not_found")); $noErrors = false; } $article->categoryId = $categoryId; } // Featured image if ($request->hasRequestValue("article_featured_image")) { $featuredImage = trim($request->getRequestString("article_featured_image")); if (strLen($featuredImage) > Article::MAX_FEATURED_IMAGE_URL_LENGTH) { $text->addError($text->t("articles.featured_image") . " " . $text->tReplaced("ërrors.is_too_long_num", Article::MAX_FEATURED_IMAGE_URL_LENGTH)); $noErrors = false; } $article->featuredImage = $featuredImage; } // Pinned, hidden, comments if ($request->hasRequestValue("submit")) { $article->pinned = $request->hasRequestValue("article_pinned"); $article->setHidden($request->hasRequestValue("article_hidden")); $article->showComments = $request->hasRequestValue("article_comments"); } // Event date $eventDate = ""; $eventTime = ""; if ($request->hasRequestValue("article_eventdate")) { $eventDate = trim($request->getRequestString("article_eventdate")); } if ($request->hasRequestValue("article_eventtime") && $eventDate) { $eventTime = trim($request->getRequestString("article_eventtime")); } if (empty($eventDate) && $request->hasRequestValue("article_eventdate")) { // Field was made empty, so delete date on article $article->onCalendar = null; } if (!empty($eventDate)) { if (strtotime($eventDate) === false) { $text->addError($text->t("articles.event_date") . " " . $text->t("errors.not_correct")); $noErrors = false; } else { // Add date to article $article->onCalendar = new DateTime($eventDate . " " . $eventTime); } } return $noErrors; }
public function getPageContent(Website $website, Request $request) { // Don't allow to edit your own status (why would admins want to downgrade // themselves?) if (!$this->editing_someone_else) { $website->addError($website->t("users.account") . " " . $website->t("errors.not_editable")); return ""; } $show_form = true; $textToDisplay = ""; if ($request->hasRequestValue("status")) { // Sent $status = $request->getRequestInt("status"); $status_text = $request->getRequestString("status_text"); $oAuth = $website->getAuth(); $valid = true; // Check status id if (!$oAuth->isValidStatus($status)) { $website->addError($website->t("users.status") . ' ' . $website->t("errors.not_found")); $valid = false; } // Check status text if (!Validate::stringLength($status_text, 1, self::MAXIMUM_STATUS_TEXT_LENGTH)) { $website->addError($website->t("users.status_text") . " " . Validate::getLastError($website)); $valid = false; } if ($valid) { // Valid status $this->user->setStatus($status); $this->user->setStatusText($status_text); $oAuth->getUserRepository()->save($this->user); // Saved $textToDisplay .= '<p>' . $website->t("users.status") . ' ' . $website->t("editor.is_changed") . '</p>'; // Don't show form $show_form = false; } else { // Invalid status $textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.status", true) . '</em></p>'; } } // Show form if ($show_form) { // Variables $status = $website->getRequestInt("status", $this->user->getStatus()); $statuses = array(Authentication::STATUS_NORMAL, Authentication::STATUS_BANNED, Authentication::STATUS_DELETED); $status_text = htmlSpecialChars($request->getRequestString("status_text", $this->user->getStatusText())); // Form itself $textToDisplay .= <<<EOT <p> {$website->t("users.status.edit.explained")} {$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")} </p> <p> {$website->t("main.fields_required")} </p> <form action="{$website->getUrlMain()}" method="get"> <p> <label for="status">{$website->t("users.status")}</label>:<span class="required">*</span><br /> {$this->get_statuses_box_html($website->getAuth(), $statuses, $status)} </p> <p> <label for="status_text">{$website->t("users.status_text")}</label>:<span class="required">*</span><br /> <input type="text" name="status_text" id="status_text" size="80" value="{$status_text}" /> </p> <p> <input type="hidden" name="p" value="edit_account_status" /> <input type="hidden" name="id" value="{$this->user->getId()}" /> <input type="submit" value="{$website->t('editor.save')} " class="button" /> </p> </form> EOT; } // Links $textToDisplay .= $this->get_account_links_html($website); return $textToDisplay; }