$page, JobArgs::ARG_QUERY => $filter, ]); $context = Core::getContext(); $context->filter = $filter; $context->transport->users = $ret->entities; $context->transport->paginator = $ret; $this->renderView('user-list'); } public function genericView($identifier, $tab = 'favs', $page = 1) { $this->prepareGenericView($identifier, $tab, $page); $this->renderView('user-view'); } public function settingsAction($identifier) { $this->prepareGenericView($identifier, 'settings'); $this->interceptErrors(function() use ($identifier) { $suppliedSafety = InputHelper::get('safety'); $desiredSafety = PostSafety::makeFlags($suppliedSafety); $user = Api::run( new EditUserSettingsJob(), $this->appendUserIdentifierArgument( [ JobArgs::ARG_NEW_SETTINGS => [ UserSettings::SETTING_SAFETY => $desiredSafety, UserSettings::SETTING_ENDLESS_SCROLLING => InputHelper::get('endless-scrolling'), UserSettings::SETTING_POST_TAG_TITLES => InputHelper::get('post-tag-titles'), UserSettings::SETTING_HIDE_DISLIKED_POSTS => InputHelper::get('hide-disliked-posts'), ] ], $identifier)); Core::getContext()->transport->user = $user; if ($user->getId() == Auth::getCurrentUser()->getId()) Auth::setCurrentUser($user); Messenger::success('Browsing settings updated!'); }); if ($this->isAjax()) $this->renderAjax(); else $this->renderView('user-view'); } public function editAction($identifier) { $this->prepareGenericView($identifier, 'edit'); $this->interceptErrors(function() use ($identifier) { $this->requirePasswordConfirmation(); if (InputHelper::get('password1') != InputHelper::get('password2')) throw new SimpleException('Specified passwords must be the same'); $args = [ JobArgs::ARG_NEW_USER_NAME => InputHelper::get('name'), JobArgs::ARG_NEW_PASSWORD => InputHelper::get('password1'), JobArgs::ARG_NEW_EMAIL => InputHelper::get('email'), JobArgs::ARG_NEW_ACCESS_RANK => InputHelper::get('access-rank'), Jobargs::ARG_NEW_AVATAR_STYLE => InputHelper::get('avatar-style'), ]; if (!empty($_FILES['avatar-content']['name'])) { $file = $_FILES['avatar-content']; TransferHelper::handleUploadErrors($file); $args[JobArgs::ARG_NEW_AVATAR_CONTENT] = new ApiFileInput( $file['tmp_name'], $file['name']); } $args = $this->appendUserIdentifierArgument($args, $identifier); $args = array_filter($args); $user = Api::run(new EditUserJob(), $args); Core::getContext()->transport->user = $user; if (Auth::getCurrentUser()->getId() == $user->getId()) Auth::setCurrentUser($user); $message = 'Account settings updated!'; if (Mailer::getMailCounter() > 0) $message .= ' You will be sent an e-mail address confirmation message soon.'; Messenger::success($message); }); if ($this->isAjax()) $this->renderAjax(); else $this->renderView('user-view'); } public function deleteAction($identifier) { $this->prepareGenericView($identifier, 'delete'); $success = $this->interceptErrors(function() use ($identifier) { $this->requirePasswordConfirmation(); Api::run( new DeleteUserJob(), $this->appendUserIdentifierArgument([], $identifier)); $user = UserModel::tryGetById(Auth::getCurrentUser()->getId()); if (!$user) Auth::logOut(); }); if ($success) $this->redirectToMainPage(); elseif ($this->isAjax()) $this->renderAjax(); else $this->renderView('user-view'); } public function toggleSafetyAction($safety) { $safety = new PostSafety($safety); $safety->validate(); $user = Auth::getCurrentUser(); $user->getSettings()->enableSafety($safety, !$user->getSettings()->hasEnabledSafety($safety)); $desiredSafety = $user->getSettings()->get(UserSettings::SETTING_SAFETY); $user = Api::run( new EditUserSettingsJob(), [ JobArgs::ARG_USER_ENTITY => $user, JobArgs::ARG_NEW_SETTINGS => [UserSettings::SETTING_SAFETY => $desiredSafety], ]); Auth::setCurrentUser($user); $this->redirectToLastVisitedUrl(); } public function flagAction($identifier) { Api::run( new FlagUserJob(), $this->appendUserIdentifierArgument([], $identifier)); $this->redirectToGenericView($identifier); } public function banAction($identifier) { Api::run( new ToggleUserBanJob(), $this->appendUserIdentifierArgument([ JobArgs::ARG_NEW_STATE => true ], $identifier)); $this->redirectToGenericView($identifier); } public function unbanAction($identifier) { Api::run( new ToggleUserBanJob(), $this->appendUserIdentifierArgument([ JobArgs::ARG_NEW_STATE => true ], $identifier)); $this->redirectToGenericView($identifier); } public function acceptRegistrationAction($identifier) { Api::run( new AcceptUserRegistrationJob(), $this->appendUserIdentifierArgument([], $identifier)); $this->redirectToGenericView($identifier); } public function registrationView() { if (Auth::isLoggedIn()) $this->redirectToMainPage(); $this->renderView('user-registration'); } public function registrationAction() { $this->interceptErrors(function() { if (InputHelper::get('password1') != InputHelper::get('password2')) throw new SimpleException('Specified passwords must be the same'); $user = Api::run(new AddUserJob(), [ JobArgs::ARG_NEW_USER_NAME => InputHelper::get('name'), JobArgs::ARG_NEW_PASSWORD => InputHelper::get('password1'), JobArgs::ARG_NEW_EMAIL => InputHelper::get('email'), ]); if (!$this->isAnyAccountActivationNeeded()) { Auth::setCurrentUser($user); } $message = 'Congratulations, your account was created.'; if (Mailer::getMailCounter() > 0) { $message .= ' Please wait for activation e-mail.'; if (Core::getConfig()->registration->staffActivation) $message .= ' After this, your registration must be confirmed by staff.'; } elseif (Core::getConfig()->registration->staffActivation) $message .= ' Your registration must be now confirmed by staff.'; Messenger::success($message); }); $this->renderView('user-registration'); } public function activationView() { $this->assets->setSubTitle('account activation'); $this->renderView('user-select'); } public function activationAction($tokenText) { $this->assets->setSubTitle('account activation'); $identifier = InputHelper::get('identifier'); $this->interceptErrors(function() use ($tokenText, $identifier) { if (empty($tokenText)) { Api::run( new ActivateUserEmailJob(), $this->appendUserIdentifierArgument([], $identifier)); Messenger::success('Activation e-mail resent.'); } else { $user = Api::run(new ActivateUserEmailJob(), [ JobArgs::ARG_TOKEN => $tokenText ]); $message = 'Activation completed successfully.'; if (Core::getConfig()->registration->staffActivation) $message .= ' However, your account still must be confirmed by staff.'; Messenger::success($message); if (!Core::getConfig()->registration->staffActivation) Auth::setCurrentUser($user); } }); $this->renderView('message'); } public function passwordResetView() { $this->assets->setSubTitle('password reset'); $this->renderView('user-select'); } public function passwordResetAction($tokenText) { $this->assets->setSubTitle('password reset'); $identifier = InputHelper::get('identifier'); $this->interceptErrors(function() use ($tokenText, $identifier) { if (empty($tokenText)) { Api::run( new PasswordResetJob(), $this->appendUserIdentifierArgument([], $identifier)); Messenger::success('E-mail sent. Follow instructions to reset password.'); } else { $ret = Api::run(new PasswordResetJob(), [ JobArgs::ARG_TOKEN => $tokenText ]); Messenger::success(sprintf( 'Password reset successful. Your new password is **%s**.', $ret->newPassword)); Auth::setCurrentUser($ret->user); } }); $this->renderView('message'); } private function prepareGenericView($identifier, $tab, $page = 1) { $user = Api::run( new GetUserJob(), $this->appendUserIdentifierArgument([], $identifier)); $flagged = in_array(TextHelper::reprUser($user), SessionHelper::get('flagged', [])); if ($tab == 'uploads') $query = 'submit:' . $user->getName(); elseif ($tab == 'favs') $query = 'fav:' . $user->getName(); elseif ($tab == 'delete') { Access::assert(new Privilege( Privilege::DeleteUser, Access::getIdentity($user))); } elseif ($tab == 'settings') { Access::assert(new Privilege( Privilege::EditUserSettings, Access::getIdentity($user))); } elseif ($tab == 'edit' and !(new EditUserJob)->canEditAnything(Auth::getCurrentUser())) Access::fail(); $context = Core::getContext(); $context->flagged = $flagged; $context->transport->tab = $tab; $context->transport->user = $user; if (isset($query)) { $ret = Api::run( new ListPostsJob(), [ JobArgs::ARG_PAGE_NUMBER => $page, JobArgs::ARG_QUERY => $query ]); $context->transport->posts = $ret->entities; $context->transport->paginator = $ret; $context->transport->lastSearchQuery = $query; } } private function isAnyAccountActivationNeeded() { $config = Core::getConfig(); return ($config->registration->needEmailForRegistering or $config->registration->staffActivation); } private function requirePasswordConfirmation() { $user = Core::getContext()->transport->user; if (Auth::getCurrentUser()->getId() == $user->getId()) { $suppliedPassword = InputHelper::get('current-password'); $suppliedPasswordHash = UserModel::hashPassword($suppliedPassword, $user->getPasswordSalt()); if ($suppliedPasswordHash != $user->getPasswordHash()) throw new SimpleException('Must supply valid password'); } } private function appendUserIdentifierArgument(array $arguments, $userIdentifier) { if (strpos($userIdentifier, '@') !== false) $arguments[JobArgs::ARG_USER_EMAIL] = $userIdentifier; else $arguments[JobArgs::ARG_USER_NAME] = $userIdentifier; return $arguments; } private function redirectToMainPage() { $this->redirect(Core::getRouter()->linkTo(['StaticPagesController', 'mainPageView'])); exit; } private function redirectToGenericView($identifier) { $this->redirect(Core::getRouter()->linkTo( ['UserController', 'genericView'], ['identifier' => $identifier])); } }