/** * Setup common variables used by almost all templates. * * @param context SimpleHash The context to use * @param jforumContext JForumContext */ public void prepareTemplateContext(SimpleHash context, ForumContext jforumContext) { RequestContext request = JForumExecutionContext.getRequest(); context.put("karmaEnabled", SecurityRepository.canAccess(SecurityConstants.PERM_KARMA_ENABLED)); context.put("dateTimeFormat", SystemGlobals.getValue(ConfigKeys.DATE_TIME_FORMAT)); context.put("autoLoginEnabled", SystemGlobals.getBoolValue(ConfigKeys.AUTO_LOGIN_ENABLED)); context.put( "sso", ConfigKeys.TYPE_SSO.equals(SystemGlobals.getValue(ConfigKeys.AUTHENTICATION_TYPE))); context.put("contextPath", request.getContextPath()); context.put("serverName", request.getServerName()); context.put("templateName", SystemGlobals.getValue(ConfigKeys.TEMPLATE_DIR)); context.put("extension", SystemGlobals.getValue(ConfigKeys.SERVLET_EXTENSION)); context.put("serverPort", Integer.toString(request.getServerPort())); context.put("I18n", I18n.getInstance()); context.put("version", SystemGlobals.getValue(ConfigKeys.VERSION)); context.put("forumTitle", SystemGlobals.getValue(ConfigKeys.FORUM_PAGE_TITLE)); context.put("pageTitle", SystemGlobals.getValue(ConfigKeys.FORUM_PAGE_TITLE)); context.put("metaKeywords", SystemGlobals.getValue(ConfigKeys.FORUM_PAGE_METATAG_KEYWORDS)); context.put( "metaDescription", SystemGlobals.getValue(ConfigKeys.FORUM_PAGE_METATAG_DESCRIPTION)); context.put("forumLink", SystemGlobals.getValue(ConfigKeys.FORUM_LINK)); context.put("homepageLink", SystemGlobals.getValue(ConfigKeys.HOMEPAGE_LINK)); context.put("encoding", SystemGlobals.getValue(ConfigKeys.ENCODING)); context.put( "bookmarksEnabled", SecurityRepository.canAccess(SecurityConstants.PERM_BOOKMARKS_ENABLED)); context.put( "canAccessModerationLog", SecurityRepository.canAccess(SecurityConstants.PERM_MODERATION_LOG)); context.put("JForumContext", jforumContext); context.put("timestamp", new Long(System.currentTimeMillis())); }
/** * Do a refresh in the user's session. This method will update the last visit time for the current * user, as well checking for authentication if the session is new or the SSO user has changed */ public void refreshSession() { LOG.trace("refreshSession"); UserSession userSession = SessionFacade.getUserSession(); RequestContext request = JForumExecutionContext.getRequest(); if (userSession == null) { userSession = new UserSession(); userSession.registerBasicInfo(); userSession.setSessionId(request.getSessionContext().getId()); userSession.setIp(request.getRemoteAddr()); SessionFacade.makeUnlogged(); if (!JForumExecutionContext.getForumContext().isBot()) { // Non-SSO authentications can use auto login if (!ConfigKeys.TYPE_SSO.equals(SystemGlobals.getValue(ConfigKeys.AUTHENTICATION_TYPE))) { if (SystemGlobals.getBoolValue(ConfigKeys.AUTO_LOGIN_ENABLED)) { this.checkAutoLogin(userSession); } else { userSession.makeAnonymous(); } } else { this.checkSSO(userSession); } } SessionFacade.add(userSession); } else if (ConfigKeys.TYPE_SSO.equals(SystemGlobals.getValue(ConfigKeys.AUTHENTICATION_TYPE))) { SSO sso; try { sso = (SSO) Class.forName(SystemGlobals.getValue(ConfigKeys.SSO_IMPLEMENTATION)).newInstance(); } catch (Exception e) { throw new ForumException(e); } // If SSO, then check if the session is valid if (!sso.isSessionValid(userSession, request)) { SessionFacade.remove(userSession.getSessionId()); refreshSession(); } } else { SessionFacade.getUserSession().updateSessionTime(); } }
/** * Updates the user information * * @param userId int The user id we are saving * @return List */ public static List saveUser(int userId) { LOG.trace("saveUser"); List errors = new ArrayList(); UserDAO um = DataAccessDriver.getInstance().newUserDAO(); User u = um.selectById(userId); RequestContext request = JForumExecutionContext.getRequest(); boolean isAdmin = SessionFacade.getUserSession().isAdmin(); if (isAdmin) { String username = request.getParameter("username"); if (username != null) { u.setUsername(username.trim()); } if (request.getParameter("rank_special") != null) { u.setRankId(request.getIntParameter("rank_special")); } } SafeHtml safeHtml = new SafeHtml(); u.setId(userId); u.setIcq(safeHtml.makeSafe(request.getParameter("icq"))); u.setAim(safeHtml.makeSafe(request.getParameter("aim"))); u.setMsnm(safeHtml.makeSafe(request.getParameter("msn"))); u.setYim(safeHtml.makeSafe(request.getParameter("yim"))); u.setFrom(safeHtml.makeSafe(request.getParameter("location"))); u.setOccupation(safeHtml.makeSafe(request.getParameter("occupation"))); u.setInterests(safeHtml.makeSafe(request.getParameter("interests"))); u.setBiography(safeHtml.makeSafe(request.getParameter("biography"))); u.setSignature(safeHtml.makeSafe(request.getParameter("signature"))); u.setViewEmailEnabled(request.getParameter("viewemail").equals("1")); u.setViewOnlineEnabled(request.getParameter("hideonline").equals("0")); u.setNotifyPrivateMessagesEnabled(request.getParameter("notifypm").equals("1")); u.setNotifyOnMessagesEnabled(request.getParameter("notifyreply").equals("1")); u.setAttachSignatureEnabled(request.getParameter("attachsig").equals("1")); u.setHtmlEnabled(request.getParameter("allowhtml").equals("1")); u.setLang(request.getParameter("language")); u.setBbCodeEnabled("1".equals(request.getParameter("allowbbcode"))); u.setSmiliesEnabled("1".equals(request.getParameter("allowsmilies"))); u.setNotifyAlways("1".equals(request.getParameter("notify_always"))); u.setNotifyText("1".equals(request.getParameter("notify_text"))); String website = safeHtml.makeSafe(request.getParameter("website")); if (!StringUtils.isEmpty(website) && !website.toLowerCase().startsWith("http://")) { website = "http://" + website; } u.setWebSite(website); String currentPassword = request.getParameter("current_password"); boolean isCurrentPasswordEmpty = currentPassword == null || "".equals(currentPassword.trim()); if (isAdmin || !isCurrentPasswordEmpty) { if (!isCurrentPasswordEmpty) { currentPassword = MD5.crypt(currentPassword); } if (isAdmin || u.getPassword().equals(currentPassword)) { u.setEmail(safeHtml.makeSafe(request.getParameter("email"))); String newPassword = request.getParameter("new_password"); if (newPassword != null && newPassword.length() > 0) { u.setPassword(MD5.crypt(newPassword)); } } else { errors.add(I18n.getMessage("User.currentPasswordInvalid")); } } if (request.getParameter("avatardel") != null) { File avatarFile = new File(u.getAvatar()); File fileToDelete = new File(SystemGlobals.getApplicationPath() + "/images/avatar/" + avatarFile.getName()); if (fileToDelete.exists()) { fileToDelete.delete(); } u.setAvatar(null); } if (request.getObjectParameter("avatar") != null) { try { UserCommon.handleAvatar(u); } catch (Exception e) { UserCommon.LOG.warn("Problems while uploading the avatar: " + e); errors.add(I18n.getMessage("User.avatarUploadError")); } } else if (SystemGlobals.getBoolValue(ConfigKeys.AVATAR_ALLOW_EXTERNAL_URL)) { String avatarUrl = request.getParameter("avatarUrl"); if (!StringUtils.isEmpty(avatarUrl)) { if (avatarUrl.toLowerCase().startsWith("http://")) { try { Image image = ImageIO.read(new URL(avatarUrl)); if (image != null) { if (image.getWidth(null) > SystemGlobals.getIntValue(ConfigKeys.AVATAR_MAX_WIDTH) || image.getHeight(null) > SystemGlobals.getIntValue(ConfigKeys.AVATAR_MAX_HEIGHT)) { errors.add(I18n.getMessage("User.avatarTooBig")); } else { u.setAvatar(avatarUrl); } } } catch (Exception e) { errors.add(I18n.getMessage("User.avatarUploadError")); } } else { errors.add(I18n.getMessage("User.avatarUrlShouldHaveHttp")); } } } if (errors.size() == 0) { um.update(u); if (SessionFacade.getUserSession().getUserId() == userId) { SessionFacade.getUserSession().setLang(u.getLang()); } } return errors; }