public function getPageContent(Website $website, Request $request)
{
// Don't allow to edit your own rank (why would admins want to downgrade
// themselves?)
if (!$this->editing_someone_else) {
$website->addError($website->t("users.account") . " " . $website->t("errors.not_editable"));
return "";
}
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("rank")) {
// Sent
$rank = $request->getRequestInt("rank");
$oAuth = $website->getAuth();
if ($oAuth->isValidRankForAccounts($rank)) {
// Valid rank id
$this->user->setRank($rank);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.rank") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid rank
$website->addError($website->t("users.rank") . ' ' . $website->t("errors.not_found"));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.rank", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Variables
$rank = $request->getRequestInt("rank", $this->user->getRank());
$ranks = array(Authentication::RANK_USER, Authentication::RANK_MODERATOR, Authentication::RANK_ADMIN);
// Form itself
$textToDisplay .= <<<EOT
<p>
{$website->t("users.rank.edit.explained")}
{$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")}
</p>
<p>
{$website->t("main.fields_required")}
</p>
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="rank">{$website->t("users.rank")}</label>:<span class="required">*</span><br />
{$this->get_ranks_box_html($website, $ranks, $rank)}
</p>
<p>
<input type="hidden" name="p" value="edit_rank" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('users.rank.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if (isset($_REQUEST["display_name"])) {
// Sent
$display_name = $request->getRequestString("display_name");
if (Validate::displayName($display_name)) {
// Valid display_name
$this->user->setDisplayName($display_name);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.display_name") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid display_name
$website->addError($website->t("users.display_name") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.display_name", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->t("users.display_name.edit.explained") . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$display_name = isset($_POST['display_name']) ? htmlSpecialChars($_POST['display_name']) : $this->user->getDisplayName();
$textToDisplay .= <<<EOT
<p>{$website->t("main.fields_required")}</p>
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="display_name">{$website->t('users.display_name')}:</label><span class="required">*</span><br />
<input type="text" id="display_name" name="display_name" value="{$display_name}"/><br />
</p>
<p>
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="hidden" name="p" value="edit_display_name" />
<input type="submit" value="{$website->t('users.display_name.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function getPageContent(Website $website, Request $request)
{
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("email")) {
// Sent
$email = $request->getRequestString("email");
if (Validate::email($email)) {
// Valid email
$this->user->setEmail($email);
$userRepo = $website->getAuth()->getUserRepository();
$userRepo->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.email") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid email
$website->addError($website->t("users.email") . ' ' . Validate::getLastError($website));
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.email", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Text above form
$textToDisplay .= "<p>" . $website->t("users.email.edit.explained") . "</p>\n";
if ($this->editing_someone_else) {
$textToDisplay .= "<p><em>" . $website->tReplaced("users.edit_other", $this->user->getDisplayName()) . "</em></p>\n";
}
// Form itself
$email = htmlSpecialChars($request->getRequestString("email", $this->user->getEmail()));
$textToDisplay .= <<<EOT
<form action="{$website->getUrlMain()}" method="post">
<p>
<label for="email">{$website->t('users.email')}:</label><br /><input type="text" id="email" name="email" value="{$email}"/><br />
</p>
<p>
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="hidden" name="p" value="edit_email" />
<input type="submit" value="{$website->t('users.email.edit')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
public function init(Website $website, Request $request)
{
$this->keyword = trim($request->getRequestString("searchbox"));
$this->pageNumber = $request->getRequestInt("page", 0);
$this->showEditLinks = $website->isLoggedInAsStaff();
if (strLen($this->keyword) < self::MIN_SEARCH_LENGTH) {
// Don't search for too short words
if (!empty($this->keyword)) {
$website->addError($website->t("articles.search_term") . " " . $website->tReplaced("errors.is_too_short_num", self::MIN_SEARCH_LENGTH));
}
return;
}
// Fetch article count
$articles = new ArticleRepository($website);
$this->totalResults = $articles->getMatchesFor($this->keyword);
// Count total number of pages, limit current page number
$this->highestPageNumber = floor($this->totalResults / self::ARTICLES_PER_PAGE);
if ($this->pageNumber < 0 || $this->pageNumber > $this->highestPageNumber) {
$this->pageNumber = 0;
}
// Fetch articles
$this->displayedArticles = $articles->getArticlesDataMatch($this->keyword, self::ARTICLES_PER_PAGE, $this->pageNumber * self::ARTICLES_PER_PAGE);
// Fetch links
$menus = new LinkRepository($website->getDatabase());
$this->links = $menus->getLinksBySearch($this->keyword);
}
public function init(Website $website, Request $request)
{
$this->showEditLinks = $website->isLoggedInAsStaff();
$this->selectedYear = $request->getRequestInt("year", 0);
$this->selectedCategory = $request->getParamInt(0);
// Fetch all categories
$categories = new CategoryRepository($website->getDatabase());
$this->allCategories = $categories->getCategoriesArray();
// Check if valid category
if ($this->selectedCategory != 0 && !array_key_exists($this->selectedCategory, $this->allCategories)) {
$website->addError($website->t("main.category") . " " . $website->t("errors.not_found"));
$this->selectedCategory = 0;
}
// Fetch all articles
$articles = new ArticleRepository($website);
$this->articleCountInYears = $articles->getArticleCountInYears($this->selectedCategory);
$this->foundArticles = $articles->getArticlesDataArchive($this->selectedYear, $this->selectedCategory);
}
public function parseData(Website $website, $id)
{
$return_array = [];
// Title
$return_array["title"] = $website->getRequestString("title_" . $id, "");
$return_array["title"] = trim($return_array["title"]);
// Text
$return_array["text"] = $website->getRequestString("text_" . $id, "");
$return_array["text"] = trim($return_array["text"]);
if (strLen($return_array["text"]) == 0) {
$website->addError($website->t("editor.message") . " " . $website->t("errors.not_entered"));
$return_array["valid"] = false;
}
if (strip_tags($return_array["text"]) == $return_array["text"]) {
// No HTML tags, add the needed <p> and <br />
$return_array["text"] = "<p>" . nl2br($return_array["text"], true) . "</p>";
}
return $return_array;
}
/**
* Returns the localized error message of the last error.
* @param Website|Text $websiteOrText The Website object or Text object.
* @return string The localized error message
*/
public static function getLastError($websiteOrText)
{
if (Validate::$replaceInLastError === "") {
$message = $websiteOrText->t("errors." . Validate::$lastError);
} else {
$message = $websiteOrText->tReplaced("errors." . Validate::$lastError, Validate::$replaceInLastError);
}
Validate::$lastError = "";
Validate::$replaceInLastError = "";
return $message;
}
public function parseData(Website $website, $id)
{
$data = [];
$data["title"] = $website->getRequestString("title_" . $id, "");
if (strLen($data["title"]) > self::MAX_TITLE_LENGTH) {
// Limit title length
$website->addError($website->t("widgets.title") . " " . $website->tReplaced("errors.too_long_num", self::MAX_TITLE_LENGTH));
$data["valid"] = false;
}
return $data;
}
public function init(Website $website, Request $request)
{
$text = $website->getText();
$currentUser = $website->getAuth()->getCurrentUser();
$articleId = $request->getParamInt(0);
$articleRepository = new ArticleRepository($website);
$article = $this->getArticle($articleRepository, $currentUser, $articleId);
$articleEditor = new ArticleEditor($article);
$this->articleEditor = $articleEditor;
$categoryRepository = new CategoryRepository($website->getDatabase());
$this->allCategories = $categoryRepository->getCategories();
$this->richEditor = new CKEditor($website->getText(), $website->getConfig(), $website->getThemeManager());
// Validate token, then save new one to session
$validToken = Validate::requestToken($request);
$this->token = RequestToken::generateNew();
$this->token->saveToSession();
// Now check input
if (!$articleEditor->processInput($website->getText(), $request, $categoryRepository)) {
return;
}
if ($request->hasRequestValue("submit") && $validToken) {
// Try to save
$article = $articleEditor->getArticle();
if ($articleRepository->saveArticle($article)) {
$viewArticleLink = Link::of($website->getUrlPage("article", $article->getId()), $website->t("articles.view"));
if ($articleId == 0) {
// New article created
$text->addMessage($text->t("main.article") . " " . $text->t("editor.is_created"), $viewArticleLink);
} else {
// Article updated
$text->addMessage($text->t("main.article") . " " . $text->t("editor.is_edited"), $viewArticleLink);
}
// Check for redirect
if ($request->getRequestString("submit") == $website->t("editor.save_and_quit")) {
$this->redirectUrl = $website->getUrlPage("article", $article->getId());
}
}
}
}
public function parseData(Website $website, $id)
{
$settingsArray = [];
// Title
$settingsArray["title"] = trim($website->getRequestString("title_" . $id, ""));
// Amount
$settingsArray["amount"] = $website->getRequestInt("amount_" . $id, 5);
$amount = $settingsArray["amount"];
if (!Validate::range($amount, self::MIN_COMMENTS, self::MAX_COMMENTS)) {
$settingsArray["valid"] = false;
$website->addError($website->t("comments.count") . " " . Validate::getLastError($website));
}
return $settingsArray;
}
public function getPageContent(Website $website, Request $request)
{
// Don't allow to edit your own status (why would admins want to downgrade
// themselves?)
if (!$this->editing_someone_else) {
$website->addError($website->t("users.account") . " " . $website->t("errors.not_editable"));
return "";
}
$show_form = true;
$textToDisplay = "";
if ($request->hasRequestValue("status")) {
// Sent
$status = $request->getRequestInt("status");
$status_text = $request->getRequestString("status_text");
$oAuth = $website->getAuth();
$valid = true;
// Check status id
if (!$oAuth->isValidStatus($status)) {
$website->addError($website->t("users.status") . ' ' . $website->t("errors.not_found"));
$valid = false;
}
// Check status text
if (!Validate::stringLength($status_text, 1, self::MAXIMUM_STATUS_TEXT_LENGTH)) {
$website->addError($website->t("users.status_text") . " " . Validate::getLastError($website));
$valid = false;
}
if ($valid) {
// Valid status
$this->user->setStatus($status);
$this->user->setStatusText($status_text);
$oAuth->getUserRepository()->save($this->user);
// Saved
$textToDisplay .= '<p>' . $website->t("users.status") . ' ' . $website->t("editor.is_changed") . '</p>';
// Don't show form
$show_form = false;
} else {
// Invalid status
$textToDisplay .= '<p><em>' . $website->tReplacedKey("errors.your_input_has_not_been_changed", "users.status", true) . '</em></p>';
}
}
// Show form
if ($show_form) {
// Variables
$status = $website->getRequestInt("status", $this->user->getStatus());
$statuses = array(Authentication::STATUS_NORMAL, Authentication::STATUS_BANNED, Authentication::STATUS_DELETED);
$status_text = htmlSpecialChars($request->getRequestString("status_text", $this->user->getStatusText()));
// Form itself
$textToDisplay .= <<<EOT
<p>
{$website->t("users.status.edit.explained")}
{$website->tReplaced("accounts.edit_other", "<strong>" . $this->user->getDisplayName() . "</strong>")}
</p>
<p>
{$website->t("main.fields_required")}
</p>
<form action="{$website->getUrlMain()}" method="get">
<p>
<label for="status">{$website->t("users.status")}</label>:<span class="required">*</span><br />
{$this->get_statuses_box_html($website->getAuth(), $statuses, $status)}
</p>
<p>
<label for="status_text">{$website->t("users.status_text")}</label>:<span class="required">*</span><br />
<input type="text" name="status_text" id="status_text" size="80" value="{$status_text}" />
</p>
<p>
<input type="hidden" name="p" value="edit_account_status" />
<input type="hidden" name="id" value="{$this->user->getId()}" />
<input type="submit" value="{$website->t('editor.save')} " class="button" />
</p>
</form>
EOT;
}
// Links
$textToDisplay .= $this->get_account_links_html($website);
return $textToDisplay;
}
/** Gets the links for the bottom of the page */
public function get_account_links_html(Website $website)
{
$textToDisplay = "";
if ($this->editing_someone_else) {
// Editing someone else, don't show "My account" link
$textToDisplay .= <<<EOT
<p>
<a class="arrow" href="{$website->getUrlPage("account", $this->user->getId())}">
{$website->tReplaced("users.profile_page_of", $this->user->getDisplayName())}
</a><br />
<a class="arrow" href="{$website->getUrlPage("account_management")}">
{$website->t("main.account_management")}
</a>
EOT;
} else {
$textToDisplay .= '<p><a class="arrow" href="' . $website->getUrlPage("account") . '">' . $website->t("main.my_account") . "</a>\n";
if ($website->isLoggedInAsStaff(true)) {
$textToDisplay .= '<br /><a class="arrow" href="' . $website->getUrlPage("account_management") . '">' . $website->t("main.account_management") . "</a>\n";
}
$textToDisplay .= "</p>";
}
return $textToDisplay;
}
public function parseData(Website $website, $id)
{
$data = [];
// Title
$data["title"] = trim($website->getRequestString("title_" . $id, ""));
if (strLen($data["title"]) > 200) {
$website->addError($website->t("widgets.title") . " " . $website->t("errors.is_too_long_num", 200));
$data["valid"] = false;
}
// Categories
$categories = isset($_REQUEST["categories_" . $id]) ? $_REQUEST["categories_" . $id] : [];
if (!is_array($categories)) {
// Check for valid array
$website->addError($website->tReplacedKey("errors.none_set", "main.categories", true));
$data["valid"] = false;
$categories = [];
}
// Add all categories to the real array
$data["categories"] = [];
foreach ($categories as $category_id) {
$category_id = (int) $category_id;
if ($category_id > 0) {
$data["categories"][] = $category_id;
}
}
// Check the real array
if (count($data["categories"]) == 0) {
$website->addError($website->tReplacedKey("errors.none_set", "main.categories", true));
$data["valid"] = false;
}
// Count
if (isset($_REQUEST["count_" . $id])) {
$data["count"] = (int) $_REQUEST["count_" . $id];
if (!Validate::range($data["count"], 1, 20)) {
$website->addError($website->t("articles.count") . " " . Validate::getLastError($website));
$data["valid"] = false;
}
} else {
$website->addError($website->t("articles.count") . " " . $website->t("errors.not_found"));
$data["valid"] = false;
}
// Display type
if (isset($_REQUEST["display_type_" . $id])) {
$data["display_type"] = (int) $_REQUEST["display_type_" . $id];
if ($data["display_type"] != self::TYPE_LIST && $data["display_type"] != self::TYPE_WITHOUT_METADATA && $data["display_type"] != self::TYPE_WITH_METADATA && $data["display_type"] != self::TYPE_LIST_WITH_IMAGES) {
$website->addError($website->t("articles.count") . " " . $website->t("errors.not_found"));
$data["valid"] = false;
}
} else {
$website->addError($website->t("articles.count") . " " . $website->t("errors.not_found"));
$data["valid"] = false;
}
// Order
if (isset($_REQUEST["order_" . $id])) {
$data["order"] = (int) $_REQUEST["order_" . $id];
if ($data["order"] != self::SORT_NEWEST_TOP && $data["order"] != self::SORT_OLDEST_TOP) {
$website->addError($website->t("articles.order") . " " . $website->t("errors.not_found"));
$data["valid"] = false;
}
} else {
$website->addError($website->t("articles.order") . " " . $website->t("errors.not_found"));
$data["valid"] = false;
}
// Archive
if (isset($_REQUEST["archive_" . $id])) {
$data["archive"] = true;
} else {
$data["archive"] = false;
}
return $data;
}
public function parseData(Website $website, $id)
{
$website->addError($website->t("widgets.missing_definition.edit"));
return ["valid" => false];
}
public function parseData(Website $website, $id)
{
$data = [];
$data["title"] = isset($_REQUEST["title_" . $id]) ? trim($_REQUEST["title_" . $id]) : "";
if (strLen($data["title"]) > self::TITLE_MAX_LENGTH) {
$website->addError($website->t("widgets.title") . " " . $website->tReplaced("errors.too_long_num", self::TITLE_MAX_LENGTH));
$data["valid"] = false;
}
$data["menu_id"] = isset($_REQUEST["menu_id_" . $id]) ? (int) $_REQUEST["menu_id_" . $id] : 0;
$oMenu = new MenuRepository($website->getDatabase());
try {
$oMenu->getMenu($data["menu_id"]);
} catch (NotFoundException $e) {
$website->addError($website->t("widgets.menu") . " " . $website->t("errors.not_found"));
$data["valid"] = false;
}
return $data;
}
/**
* The function should return an array (id=>name) with all places for widgets.
* Ids must be a whole number larger than 1. (Id 0 is unused, id 1 is used on homepage)
* @param Website $website The website object, used for translations.
*/
public function getWidgetAreas(Website $website)
{
// Get the number of widgets
$areas = $this->infoFile->getInteger("widget_areas", 1);
if ($areas == 0) {
// No widgets in this theme
return [];
} elseif ($areas == 1) {
// One widget area on position 2
return [2 => $website->t("widgets.the_sidebar")];
} else {
// More widget areas, starting on position 2
$widgetAreas = [];
for ($i = 0; $i < $areas; $i++) {
$widgetAreas[$i + 2] = $website->tReplaced("widgets.sidebar_n", $i + 1);
}
return $widgetAreas;
}
}
protected function save_string(Website $website, $name, $optional)
{
$value = trim($website->getRequestString("option_{$name}", $this->{$name}));
if ($optional || !empty($value)) {
$this->{$name} = substr($value, 0, Website::MAX_SITE_OPTION_LENGTH);
$website->getConfig()->set($website->getDatabase(), $name, $this->{$name});
} else {
$website->addError($website->t("site_settings.{$name}") . " " . $website->t("errors.not_found"));
}
}
/** Returns the HTML of the comments of the user, including the header */
public function get_comments_html(Website $website)
{
$oComments = new CommentRepository($website->getDatabase());
$comments = $oComments->getCommentsUser($this->user->getId());
$returnValue = '<h3 class="notable">' . $website->t("comments.comments") . "</h3>\n";
if (count($comments) > 0) {
$commentsTemplate = new CommentsTreeTemplate($website->getText(), $comments, true, $this->user);
$returnValue .= $commentsTemplate->getText();
} else {
$returnValue .= "<p><em>" . $website->t("comments.no_comments_found_user") . "</em></p>";
}
return $returnValue;
}
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php
echo $website->getUrlActiveTheme();
?>
main.css" rel="stylesheet" type="text/css" />
<link href="<?php
echo $website->getUrlMain();
?>
whitebackground.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="<?php
echo $website->getUrlJavaScripts();
?>
tooltip.js"> </script>
<title><?php
echo $website->t("calendar.pick_a_date");
?>
</title>
</head>
<body>
<div>
<?php
$stream = new Stream("php://output", 'w');
$calendarTemplate->writeText($stream);
$stream->close();
?>
</div>
</body>
</html><?php
/** Gets a table of all users */
public function get_users_table(Website $website, $start)
{
$start = (int) $start;
$oAuth = $website->getAuth();
$users = $oAuth->getUserRepository()->getRegisteredUsers($start, self::USERS_PER_PAGE);
$current_user_id = $oAuth->getCurrentUser()->getId();
// Start table
$returnValue = "<table>\n";
$returnValue .= "<tr><th>" . $website->t("users.username") . "</th><th>" . $website->t("users.display_name") . "</th><th>" . $website->t("users.email") . "</th><th>" . $website->t("users.rank") . "</th><th>" . $website->t("main.edit") . "</th></tr>\n";
//login-naam-email-admin-bewerk
$returnValue .= '<tr><td colspan="5"><a class="arrow" href="' . $website->getUrlPage("create_account_admin") . '">' . $website->t("users.create") . "...</a></td></tr>\n";
//maak nieuwe account
if (count($users) > 0) {
foreach ($users as $user) {
// Email
$email_link = '<em>' . $website->t("main.not_set") . '</em>';
$email = $user->getEmail();
if ($email) {
$email = htmlSpecialChars($email);
$email_link = '<a href="mailto:' . $email . '">' . $email . '</a>';
}
// Others
$username = $user->getUsername();
// Usernames are severly restricted, so no need to escape
$display_name = htmlSpecialChars($user->getDisplayName());
$rank_name = $website->t($oAuth->getRankName($user->getRank()));
if ($user->getStatus() == Authentication::STATUS_BANNED) {
$rank_name = $website->t("users.status.banned");
}
if ($user->getStatus() == Authentication::STATUS_DELETED) {
$rank_name = $website->t("users.status.deleted");
}
$username_link = '<a href="' . $website->getUrlPage("account", $user->getId()) . '">' . $username . '</a>';
$login_link = '<a class="arrow" href="' . $website->getUrlPage("login_other", $user->getId()) . '">' . $website->t("main.log_in") . '</a>';
if ($user->getId() == $current_user_id || !$user->canLogIn()) {
// No need to log in as that account
$login_link = "";
}
// Rest of row
$returnValue .= <<<EOT
<tr>
<td>{$username_link}</td>
<td>{$display_name}</td>
<td>{$email_link}</td>
<td>{$rank_name}</td>
<td>{$login_link}</td>
</tr>
EOT;
}
}
$returnValue .= "</table>";
return $returnValue;
}
