aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--alltags.php86
-rw-r--r--password.php2
-rw-r--r--populartags.php92
-rw-r--r--profile.php151
-rw-r--r--search.php18
-rw-r--r--services/userservice.php28
-rw-r--r--watch.php17
-rw-r--r--watchlist.php2
8 files changed, 199 insertions, 197 deletions
diff --git a/alltags.php b/alltags.php
index dc84cf3..45b13ab 100644
--- a/alltags.php
+++ b/alltags.php
@@ -1,23 +1,23 @@
<?php
/***************************************************************************
-Copyright (C) 2004 - 2006 Scuttle project
-http://sourceforge.net/projects/scuttle/
-http://scuttle.org/
+ Copyright (C) 2004 - 2006 Scuttle project
+ http://sourceforge.net/projects/scuttle/
+ http://scuttle.org/
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-***************************************************************************/
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ ***************************************************************************/
require_once('header.inc.php');
@@ -29,51 +29,47 @@ $cacheservice =& ServiceFactory::getServiceInstance('CacheService');
list($url, $user) = explode('/', $_SERVER['PATH_INFO']);
if (!$user) {
- header('Location: '. createURL('populartags'));
- exit;
+ header('Location: '. createURL('populartags'));
+ exit;
}
if ($usecache) {
- // Generate hash for caching on
- $hashtext = $_SERVER['REQUEST_URI'];
- if ($userservice->isLoggedOn()) {
- $hashtext .= $userservice->getCurrentUserID();
- }
- $hash = md5($hashtext);
-
- // Cache for an hour
- $cacheservice->Start($hash, 3600);
+ // Generate hash for caching on
+ $hashtext = $_SERVER['REQUEST_URI'];
+ if ($userservice->isLoggedOn()) {
+ $hashtext .= $userservice->getCurrentUserID();
+ }
+ $hash = md5($hashtext);
+
+ // Cache for an hour
+ $cacheservice->Start($hash, 3600);
}
// Header variables
$pagetitle = T_('All Tags');
if (isset($user) && $user != '') {
- if (is_int($user)) {
- $userid = intval($user);
- } else {
- if ($userinfo = $userservice->getObjectUserByUsername($user)) {
- $userid = $userinfo->getId();
- } else {
- $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
- $templateservice->loadTemplate('error.404.tpl', $tplVars);
- //throw a 404 error
- exit();
- }
- }
- $pagetitle .= ': '. ucfirst($user);
+
+ $userid = $userservice->getIdFromUser($user);
+ if($userid == NULL) {
+ $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
+ $templateservice->loadTemplate('error.404.tpl', $tplVars);
+ exit();
+ }
+
+ $pagetitle .= ': '. ucfirst($user);
} else {
- $userid = NULL;
+ $userid = NULL;
}
$tags =& $b2tservice->getTags($userid);
-$tplVars['tags'] =& $b2tservice->tagCloud($tags, 5, 90, 225, getSortOrder());
+$tplVars['tags'] =& $b2tservice->tagCloud($tags, 5, 90, 225, getSortOrder());
$tplVars['user'] = $user;
if (isset($userid)) {
- $tplVars['cat_url'] = createURL('bookmarks', '%s/%s');
+ $tplVars['cat_url'] = createURL('bookmarks', '%s/%s');
} else {
- $tplVars['cat_url'] = createURL('tags', '%2$s');
+ $tplVars['cat_url'] = createURL('tags', '%2$s');
}
$tplVars['sidebar_blocks'] = array('linked');
@@ -84,7 +80,7 @@ $tplVars['subtitle'] = $pagetitle;
$templateservice->loadTemplate('tags.tpl', $tplVars);
if ($usecache) {
- // Cache output if existing copy has expired
- $cacheservice->End($hash);
+ // Cache output if existing copy has expired
+ $cacheservice->End($hash);
}
?>
diff --git a/password.php b/password.php
index 430a355..b173978 100644
--- a/password.php
+++ b/password.php
@@ -44,7 +44,7 @@ if (POST_SUBMITTED != '') {
// NO MATCH
$userinfo = $userservice->getObjectUserByUsername(POST_USERNAME);
- if ($userinfo == '') {
+ if ($userinfo == NULL) {
$tplVars['error'] = T_('No matches found for that username.');
} elseif (POST_EMAIL != $userinfo->getEmail()) {
diff --git a/populartags.php b/populartags.php
index c20cabc..7938027 100644
--- a/populartags.php
+++ b/populartags.php
@@ -1,23 +1,23 @@
<?php
/***************************************************************************
-Copyright (C) 2004 - 2006 Scuttle project
-http://sourceforge.net/projects/scuttle/
-http://scuttle.org/
+ Copyright (C) 2004 - 2006 Scuttle project
+ http://sourceforge.net/projects/scuttle/
+ http://scuttle.org/
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-***************************************************************************/
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ ***************************************************************************/
require_once('header.inc.php');
@@ -29,50 +29,46 @@ $cacheservice =& ServiceFactory::getServiceInstance('CacheService');
list($url, $user) = explode('/', $_SERVER['PATH_INFO']);
if ($usecache) {
- // Generate hash for caching on
- $hashtext = $_SERVER['REQUEST_URI'];
- if ($userservice->isLoggedOn()) {
- $hashtext .= $currentUser->getId();
- if ($currentUser->getUsername() == $user) {
- $hashtext .= $user;
- }
- }
- $hash = md5($hashtext);
-
- // Cache for an hour
- $cacheservice->Start($hash, 3600);
+ // Generate hash for caching on
+ $hashtext = $_SERVER['REQUEST_URI'];
+ if ($userservice->isLoggedOn()) {
+ $hashtext .= $currentUser->getId();
+ if ($currentUser->getUsername() == $user) {
+ $hashtext .= $user;
+ }
+ }
+ $hash = md5($hashtext);
+
+ // Cache for an hour
+ $cacheservice->Start($hash, 3600);
}
// Header variables
$pagetitle = T_('Popular Tags');
if (isset($user) && $user != '') {
- if (is_int($user)) {
- $userid = intval($user);
- } else {
- $userinfo = $userservice->getObjectUserByUsername($user);
- if ($userinfo != '') {
- $userid = $userinfo->getId();
- } else {
- $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
- $templateservice->loadTemplate('error.404.tpl', $tplVars);
- //throw a 404 error
- exit();
- }
- }
- $pagetitle .= ': '. ucfirst($user);
+
+ $userid = $userservice->getIdFromUser($user);
+ if($userid == NULL) {
+ $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
+ $templateservice->loadTemplate('error.404.tpl', $tplVars);
+ //throw a 404 error
+ exit();
+ }
+
+ $pagetitle .= ': '. ucfirst($user);
} else {
- $userid = NULL;
+ $userid = NULL;
}
$tags = $b2tservice->getPopularTags($userid, 150);
-$tplVars['tags'] =& $b2tservice->tagCloud($tags, 5, 90, 225, getSortOrder('alphabet_asc'));
+$tplVars['tags'] =& $b2tservice->tagCloud($tags, 5, 90, 225, getSortOrder('alphabet_asc'));
$tplVars['user'] = $user;
if (isset($userid)) {
- $tplVars['cat_url'] = createURL('bookmarks', '%s/%s');
+ $tplVars['cat_url'] = createURL('bookmarks', '%s/%s');
} else {
- $tplVars['cat_url'] = createURL('tags', '%2$s');
+ $tplVars['cat_url'] = createURL('tags', '%2$s');
}
$tplVars['sidebar_blocks'] = array('linked');
@@ -81,8 +77,8 @@ $tplVars['loadjs'] = true;
$templateservice->loadTemplate('tags.tpl', $tplVars);
-if ($usecache) {
- // Cache output if existing copy has expired
- $cacheservice->End($hash);
+if ($usecache) {
+ // Cache output if existing copy has expired
+ $cacheservice->End($hash);
}
?>
diff --git a/profile.php b/profile.php
index 56d6515..2d00101 100644
--- a/profile.php
+++ b/profile.php
@@ -1,23 +1,23 @@
<?php
/***************************************************************************
-Copyright (C) 2004 - 2006 Scuttle project
-http://sourceforge.net/projects/scuttle/
-http://scuttle.org/
+ Copyright (C) 2004 - 2006 Scuttle project
+ http://sourceforge.net/projects/scuttle/
+ http://scuttle.org/
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-***************************************************************************/
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ ***************************************************************************/
require_once('header.inc.php');
@@ -41,29 +41,30 @@ isset($_SESSION['token_stamp']) ? define('SESSION_TOKENSTAMP', $_SESSION['token_
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
if ($user) {
- if (is_int($user)) {
- $userid = intval($user);
- } else {
- $user = urldecode($user);
- $userinfo = $userservice->getObjectUserByUsername($user);
- if ($userinfo == '') {
- $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
- $templateservice->loadTemplate('error.404.tpl', $tplVars);
- exit();
- } else {
- $userid =& $userinfo->getId();
- }
- }
+
+ if (is_int($user)) {
+ $userid = intval($user);
+ } else {
+ $user = urldecode($user);
+ $userinfo = $userservice->getObjectUserByUsername($user);
+ if ($userinfo == NULL) {
+ $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
+ $templateservice->loadTemplate('error.404.tpl', $tplVars);
+ exit();
+ } else {
+ $userid =& $userinfo->getId();
+ }
+ }
} else {
- $tplVars['error'] = T_('Username was not specified');
- $templateservice->loadTemplate('error.404.tpl', $tplVars);
- exit();
+ $tplVars['error'] = T_('Username was not specified');
+ $templateservice->loadTemplate('error.404.tpl', $tplVars);
+ exit();
}
if ($userservice->isLoggedOn() && $user == $currentUser->getUsername()) {
- $title = T_('My Profile');
+ $title = T_('My Profile');
} else {
- $title = T_('Profile') .': '. $user;
+ $title = T_('Profile') .': '. $user;
}
$tplVars['pagetitle'] = $title;
$tplVars['subtitle'] = $title;
@@ -72,55 +73,55 @@ $tplVars['user'] = $user;
$tplVars['userid'] = $userid;
if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) {
- $error = false;
- $detPass = trim(POST_PASS);
- $detPassConf = trim(POST_PASSCONF);
- $detName = trim(POST_NAME);
- $detMail = trim(POST_MAIL);
- $detPage = trim(POST_PAGE);
- $detDesc = filter(POST_DESC);
-
- // manage token preventing from CSRF vulnaribilities
- if ( SESSION_TOKEN == ''
- || time() - SESSION_TOKENSTAMP > 600 //limit token lifetime, optionnal
- || SESSION_TOKEN != POST_TOKEN) {
- $error = true;
- $tplVars['error'] = T_('Invalid Token');
- }
-
- if ($detPass != $detPassConf) {
- $error = true;
- $tplVars['error'] = T_('Password and confirmation do not match.');
- }
- if ($detPass != "" && strlen($detPass) < 6) {
- $error = true;
- $tplVars['error'] = T_('Password must be at least 6 characters long.');
- }
- if (!$userservice->isValidEmail($detMail)) {
- $error = true;
- $tplVars['error'] = T_('E-mail address is not valid.');
- }
- if (!$error) {
- if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) {
- $tplvars['error'] = T_('An error occurred while saving your changes.');
- } else {
- $tplVars['msg'] = T_('Changes saved.');
- }
- }
- $userinfo = $userservice->getObjectUserByUsername($user);
+ $error = false;
+ $detPass = trim(POST_PASS);
+ $detPassConf = trim(POST_PASSCONF);
+ $detName = trim(POST_NAME);
+ $detMail = trim(POST_MAIL);
+ $detPage = trim(POST_PAGE);
+ $detDesc = filter(POST_DESC);
+
+ // manage token preventing from CSRF vulnaribilities
+ if ( SESSION_TOKEN == ''
+ || time() - SESSION_TOKENSTAMP > 600 //limit token lifetime, optionnal
+ || SESSION_TOKEN != POST_TOKEN) {
+ $error = true;
+ $tplVars['error'] = T_('Invalid Token');
+ }
+
+ if ($detPass != $detPassConf) {
+ $error = true;
+ $tplVars['error'] = T_('Password and confirmation do not match.');
+ }
+ if ($detPass != "" && strlen($detPass) < 6) {
+ $error = true;
+ $tplVars['error'] = T_('Password must be at least 6 characters long.');
+ }
+ if (!$userservice->isValidEmail($detMail)) {
+ $error = true;
+ $tplVars['error'] = T_('E-mail address is not valid.');
+ }
+ if (!$error) {
+ if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) {
+ $tplvars['error'] = T_('An error occurred while saving your changes.');
+ } else {
+ $tplVars['msg'] = T_('Changes saved.');
+ }
+ }
+ $userinfo = $userservice->getObjectUserByUsername($user);
}
if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) {
- $templatename = 'profile.tpl.php';
+ $templatename = 'profile.tpl.php';
} else {
//Token Init
$_SESSION['token'] = md5(uniqid(rand(), true));
$_SESSION['token_stamp'] = time();
-
- $templatename = 'editprofile.tpl.php';
- $tplVars['formaction'] = createURL('profile', $user);
- $tplVars['token'] = $_SESSION['token'];
-
+
+ $templatename = 'editprofile.tpl.php';
+ $tplVars['formaction'] = createURL('profile', $user);
+ $tplVars['token'] = $_SESSION['token'];
+
}
$tplVars['objectUser'] = $userinfo;
diff --git a/search.php b/search.php
index 56a910f..122e1e2 100644
--- a/search.php
+++ b/search.php
@@ -95,18 +95,14 @@ if (POST_TERMS != '') {
}
if (isset($s_user)) {
- if (is_numeric($s_user)) {
- $s_user = intval($s_user);
- } else {
- $userinfo = $userservice->getObjectUserByUsername($s_user);
- if ($userinfo == '' ) {
- $tplVars['error'] = sprintf(T_('User with username %s was not found'), $s_user);
- $templateservice->loadTemplate('error.404.tpl', $tplVars);
- exit();
- } else {
- $s_user =& $userinfo->getId();
- }
+
+ $s_user = $userservice->getIdFromUser($s_user);
+ if($s_user == NULL) {
+ $tplVars['error'] = sprintf(T_('User with username %s was not found'), $s_user);
+ $templateservice->loadTemplate('error.404.tpl', $tplVars);
+ exit();
}
+
}
}
$bookmarks =& $bookmarkservice->getBookmarks($start, $perpage, $s_user, NULL, $terms, getSortOrder(), $s_watchlist, $s_start, $s_end);
diff --git a/services/userservice.php b/services/userservice.php
index fa0d5c9..21b9136 100644
--- a/services/userservice.php
+++ b/services/userservice.php
@@ -127,7 +127,25 @@ class UserService {
function getObjectUserByUsername($username) {
$user = $this->_getuser($this->getFieldName('username'), $username);
- return new User($user[$this->getFieldName('primary')], $username);
+ if($user != false) {
+ return new User($user[$this->getFieldName('primary')], $username);
+ } else {
+ return NULL;
+ }
+ }
+
+ /* Takes an numerical "id" or a string "username"
+ and returns the numerical "id" if the user exists else returns NULL */
+ function getIdFromUser($user) {
+ if (is_int($user)) {
+ return intval($user);
+ } else {
+ $objectUser = $this->getObjectUserByUsername($user);
+ if($objectUser != NULL) {
+ return $objectUser->getId();
+ }
+ }
+ return NULL;
}
function getUser($id) {
@@ -465,7 +483,7 @@ class UserService {
// Check if the email domain has a DNS record
//if ($this->_checkdns($emailDomain)) {
- return true;
+ return true;
//}
}
return false;
@@ -520,7 +538,7 @@ class User {
}
return $this->name;
}
-
+
function getEmail() {
// Look for value only if not already set
if(!isset($this->email)) {
@@ -540,7 +558,7 @@ class User {
}
return $this->homepage;
}
-
+
function getContent() {
// Look for value only if not already set
if(!isset($this->content)) {
@@ -549,7 +567,7 @@ class User {
$this->content = $user['uContent'];
}
return $this->content;
- }
+ }
function getDatetime() {
// Look for value only if not already set
diff --git a/watch.php b/watch.php
index 9fc480b..841317d 100644
--- a/watch.php
+++ b/watch.php
@@ -34,17 +34,12 @@ $currentUser = $userservice->getCurrentObjectUser();
if ($userservice->isLoggedOn() && $user) {
$pagetitle = '';
- if (is_int($user)) {
- $userid = intval($user);
- } else {
- $userinfo = $userservice->getObjectUserByUsername($user);
- if ($userinfo == '') {
- $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
- $templateservice->loadTemplate('error.404.tpl', $tplVars);
- exit();
- } else {
- $userid =& $userinfo->getId();
- }
+ $userid = $userservice->getIdFromUser($user);
+
+ if($userid == NULL) {
+ $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
+ $templateservice->loadTemplate('error.404.tpl', $tplVars);
+ exit();
}
$watched = $userservice->getWatchStatus($userid, $currentUser->getId());
diff --git a/watchlist.php b/watchlist.php
index d824937..2cdb5ff 100644
--- a/watchlist.php
+++ b/watchlist.php
@@ -56,7 +56,7 @@ if ($user) {
$userid = intval($user);
} else {
$userinfo = $userservice->getObjectUserByUsername($user);
- if ($userinfo == '' ) {
+ if ($userinfo == NULL ) {
// Throw a 404 error
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);