Constants

NUM_RECOVERY_QUESTIONS

NUM_RECOVERY_QUESTIONS

Number of recovery questions from the complete set of questions to present someone when register for an account

HASH_TIMESTAMP_TIMEOUT

HASH_TIMESTAMP_TIMEOUT

Define the number of seconds till hash code is valid

HASH_CAPTCHA_LEVEL

HASH_CAPTCHA_LEVEL

Use to match the leading zero in the sha1 of the string

Properties

$web_site

$web_site : \seekquarry\yioop\controllers\seekquarry\yioop\library\WebSite

Stores a reference to the web server when Yioop runs in CLI mode, it acts as request router in non-CLI mode.

In CLI, mode it is useful for caching files in RAM as they are read

Type

\seekquarry\yioop\controllers\seekquarry\yioop\library\WebSite

$component_instances

$component_instances : array

Array of instances of components used by this controller

Type

array

$view_instances

$view_instances : array

Array of instances of views used by this controller

Type

array

$model_instances

$model_instances : array

Array of instances of models used by this controller

Type

array

$plugin_instances

$plugin_instances : array

Array of instances of indexing_plugins used by this controller

Type

array

$activities

$activities : array

Holds a list of the allowed activities. These encompass various stages of the account creation and account recovery processes

Type

array

$activity_component

$activity_component : array

Associative array of activity => component activity is on, used by @see Controller::call method to actually invoke a given activity on a given component

Type

array

$component_activities

$component_activities : array

Associative array of $components activities for this controller Components are collections of activities (a little like traits) which can be reused.

Type

array

$register_fields

$register_fields : array

Non-recovery question fields needed to register a Yioop account.

Type

array

$forbidden_usernames

$forbidden_usernames : array

Forbidden username

Type

array

$recovery_qa

$recovery_qa : array

An array of triples, each triple consisting of a question of the form Which is your favorite.

.? followed by one of the form Which is your like the least..? followed by a string which is a comma separated choices. The values for these triples are determined via the translate function tl. So can be set under Manage Locales by editing their values for the desired locale.

Type

array

Methods

__construct()

__construct(\seekquarry\yioop\controllers\seekquarry\yioop\library\WebSite  $web_site = null) 

Besides invoking the base controller, sets up in field variables the captcha and recovery question and possible answers.

Parameters

\seekquarry\yioop\controllers\seekquarry\yioop\library\WebSite $web_site

is the web server when Yioop runs in CLI mode, it acts as request router in non-CLI mode. In CLI, mode it is useful for caching files in RAM as they are read

processRequest()

processRequest() 

Main entry method for this controller. Determine which account creation/recovery activity needs to be performed. Calls the appropriate method, then sends the return $data to a view determined by that activity. $this->displayView then renders that view

component()

component(string  $component) 

Dynamic loader for Component objects which might live on the current Component

Parameters

string $component

name of model to return

model()

model(string  $model) 

Dynamic loader for Model objects which might live on the current Controller

Parameters

string $model

name of model to return

plugin()

plugin(string  $plugin) 

Dynamic loader for Plugin objects which might live on the current Controller

Parameters

string $plugin

name of Plugin to return

getIndexingPluginList()

getIndexingPluginList() 

Used to get a list of all available indexing plugins for this Yioop instance.

view()

view(string  $view) 

Dynamic loader for View objects which might live on the current Controller

Parameters

string $view

name of view to return

displayView()

displayView(string  $view, array  $data) 

Send the provided view to output, drawing it with the given data variable, using the current locale for translation, and writing mode

Parameters

string $view

the name of the view to draw

array $data

an array of values to use in drawing the view

redirectWithMessage()

redirectWithMessage(string  $message, string  $copy_fields = false, boolean  $restart = false) 

Does a 301 redirect to the given location, sets a session variable to display a message when get there.

Parameters

string $message

message to write

string $copy_fields

$_REQUEST fields to copy for redirect

boolean $restart

if yioop is being run as its own server rather than under apache whether to restart this server.

redirectLocation()

redirectLocation(string  $location) 

Method to perform a 301 redirect to $location in both under web server and CLI setting

Parameters

string $location

url to redirect to

pagingLogic()

pagingLogic(\seekquarry\yioop\controllers\array&  $data, mixed  $field_or_model, string  $output_field, integer  $default_show, array  $search_array = array(), string  $var_prefix = "", array  $args = null) 

When an activity involves displaying tabular data (such as rows of users, groups, etc), this method might be called to set up $data fields for next, prev, and page links, it also makes the call to the model to get the row data sorted and restricted as desired. For some data sources, rather than directly make a call to the model to get the data it might be passed directly to this method.

Parameters

\seekquarry\yioop\controllers\array& $data

used to send data to the view will be updated by this method with row and paging data

mixed $field_or_model

if an object, this is assumed to be a model and so the getRows method of this model is called to get row data, sorted and restricted according to $search_array; if a string then the row data is assumed to be in $data[$field_or_model] and pagingLogic itself does the sorting and restricting.

string $output_field

output rows for the view will be stored in $data[$output_field]

integer $default_show

if not specified by $_REQUEST, then this will be used to determine the maximum number of rows that will be written to $data[$output_field]

array $search_array

used to sort and restrict in the getRows call or the data from $data[$field_or_model]. Each element of this is a quadruple name of a field, what comparison to perform, a value to check, and an order (ascending/descending) to sort by

string $var_prefix

if there are multiple uses of pagingLogic presented on the same view then $var_prefix can be prepended to to the $data field variables like num_show, start_row, end_row to distinguish between them

array $args

additional arguments that are passed to getRows and in turn to selectCallback, fromCallback, and whereCallback that might provide user_id, etc to further control which rows are returned

call()

call(  $activity) 

Used to invoke an activity method of the current controller or one its components

Parameters

$activity

method to invoke

generateCSRFToken()

generateCSRFToken(string  $user) : string

Generates a cross site request forgery preventing token based on the provided user name, the current time and the hidden AUTH_KEY

Parameters

string $user

username to use to generate token

Returns

string —

a csrf token

checkCSRFToken()

checkCSRFToken(string  $token_name, string  $user) : boolean

Checks if the form CSRF (cross-site request forgery preventing) token matches the given user and has not expired (1 hour till expires)

Parameters

string $token_name

attribute of $_REQUEST containing CSRFToken

string $user

user id

Returns

boolean —

whether the CSRF token was valid

checkCSRFTime()

checkCSRFTime(string  $token_name, string  $action = "") : boolean

Checks if the timestamp in $_REQUEST[$token_name] matches the timestamp of the last CSRF token accessed by this user for the kind of activity for which there might be a conflict.

This is to avoid accidental replays of postings etc if the back button used.

Parameters

string $token_name

name of a $_REQUEST field used to hold a CSRF_TOKEN

string $action

name of current action to check for conflicts

Returns

boolean —

whether a conflicting action has occurred.

getCSRFTime()

getCSRFTime(string  $token_name) : integer

Used to return just the timestamp portion of the CSRF token

Parameters

string $token_name

name of a $_REQUEST field used to hold a CSRF_TOKEN

Returns

integer —

the timestamp portion of the CSRF_TOKEN

clean()

clean(mixed  $value, mixed  $type, mixed  $default = null) : string

Used to clean strings that might be tainted as originate from the user

Parameters

mixed $value

tainted data

mixed $type

type of data in value can be one of the following strings: bool, color, double, float, int, hash, or string, web-url; or it can be an array listing allowed values. If the latter, then if the value is not in the array the cleaned value will be first element of the array if $default is null

mixed $default

if $value is not set default value is returned, this isn't used much since if the error_reporting is E_ALL or -1 you would still get a Notice.

Returns

string —

the clean input matching the type provided

convertArrayLines()

convertArrayLines(array  $arr, string  $endline_string = "\n", boolean  $clean = false) : string

Converts an array of lines of strings into a single string with proper newlines, each line having been trimmed and potentially cleaned

Parameters

array $arr

the array of lines to be process

string $endline_string

what string should be used to indicate the end of a line

boolean $clean

whether to clean each line

Returns

string —

a concatenated string of cleaned lines

convertStringCleanArray()

convertStringCleanArray(string  $str, string  $line_type = "url") : \seekquarry\yioop\controllers\$lines

Cleans a string consisting of lines, typically of urls into an array of clean lines. This is used in handling data from the crawl options text areas. # is treated as a comment

Parameters

string $str

contains the url data

string $line_type

does additional cleaning depending on the type of the lines. For instance, if is "url" then a line not beginning with a url scheme will have http:// prepended.

Returns

\seekquarry\yioop\controllers\$lines —

an array of clean lines

checkRequest()

checkRequest() : boolean

Checks the request if a request is for a valid activity and if it uses the correct authorization key

Returns

boolean —

whether the request was valid or not

parsePageHeadVarsView()

parsePageHeadVarsView(object  $view, string  $page_name, string  $page_data) 

Used to set up the head variables for and page_data of a wiki or static page associated with a view.

Parameters

object $view

View on which page data will be rendered

string $page_name

a string name/id to associate with page. For example, might have 404 for a page about 404 errors

string $page_data

this is the actual content of a wiki or static page

parsePageHeadVars()

parsePageHeadVars(string  $page_data,   $with_body = false) : array

Used to parse head meta variables out of a data string provided either from a wiki page or a static page. Meta data is stored in lines before the first occurrence of END_HEAD_VARS. Head variables are name=value pairs. An example of head variable might be: title = This web page's title Anything after a semi-colon on a line in the head section is treated as a comment

Parameters

string $page_data

this is the actual content of a wiki or static page

$with_body

Returns

array —

the associative array of head variables or pair [head vars, page body]

initializeAdFields()

initializeAdFields(\seekquarry\yioop\controllers\array&  $data, boolean  $ads_off = false) 

If external source advertisements are present in the output of this controller this function can be used to initialize the field variables used to write the appropriate Javascripts

Parameters

\seekquarry\yioop\controllers\array& $data

data to be used in drawing the view

boolean $ads_off

whether or not ads are turned off so that this method should do nothing

addDifferentialPrivacy()

addDifferentialPrivacy(integer  $actual_value) : integer

Adds to an integer, $actual_value, epsilon-noise taken from an L_1 gaussian source to centered at $actual_value to get a epsilon private, integer value.

Parameters

integer $actual_value

number want to make private

Returns

integer —

$fuzzy_value number after noise added

recordViewSession()

recordViewSession(integer  $page_id, string  $sub_path, string  $media_name) 

Used to store in a session which media list items have been viewed so we can put an indicator by them when the media list is rendered

Parameters

integer $page_id

the id of page with media list

string $sub_path

the resource folder on that page

string $media_name

item to store indiicator into session for

createAccount()

createAccount() : array

Sets up the form variables need to present the initial account creation form. If this form is submitted with missing fields, this method would also be called to set up an appropriate MISSING field

Returns

array —

$data field correspond to values needed for account creation form

processAccountData()

processAccountData() : array

Used to process account data from completely filled in create account forms. Depending on the registration type: no_activation, email registration, or admin activation, either the account is immediately activated or it is created in an active state and an email to the person who could activate it is sent.

Returns

array —

$data will contain a SCRIPT field with the Javascript doMessage call saying whether this step was successful or not

sendActivationMail()

sendActivationMail(array  $user, array  $data) 

Use to send the account activation email

Parameters

array $user

associative array of user

array $data

field to be sent to view so can set sent mail interface message

emailVerification()

emailVerification() : array

Used to verify the email sent to a user try to set up an account.

If the email is legit the account is activated

Returns

array —

$data will contain a SCRIPT field with the Javascript doMessage call saying whether verification was successful or not

recoverPassword()

recoverPassword() : array

Sets up the form variables need to present the initial recover account form. If this form is submitted with missing fields, this method would also be called to set up an appropriate MISSING field

Returns

array —

$data field correspond to values needed for account recovery form

processRecoverData()

processRecoverData() : array

Called with the data from the initial recover form was completely provided and captcha was correct. This method sends the recover email provided the account had recover questions set otherwise sets up an error message.

Returns

array —

$data will contain a SCRIPT field with the Javascript doMessage call saying whether email sent or if there was a problem

recoverComplete()

recoverComplete() : array

This activity either verifies the recover email and sets up the appropriate data for a change password form or it verifies the change password form data and changes the password. If verifications fail, error messages are set up

Returns

array —

form data to be used by recover or signin views

resendRegistration()

resendRegistration() : array

Sets up the form variables need to present the resend registration form. If this form is submitted with missing fields, this method would also be called to set up an appropriate MISSING field

Returns

array —

$data field correspond to values needed for account creation form

resendComplete()

resendComplete() : array

This activity either verifies the recover email and sets up the appropriate data for a change password form or it verifies the change password form data and changes the password. If verifications error messages are set up

Returns

array —

form data to be used by recover or signin views

suggestUrl()

suggestUrl() : array

Used to handle data from the suggest-a-url to crawl form (suggest_view.php). Basically, it saves any data submitted to a file which can then be imported in manageCrawls

Returns

array —

$data contains fields with the current value for the url (if set but not submitted) as well as for a captcha

setupQuestionViewData()

setupQuestionViewData() : array

Sets up the captcha question and or recovery questions in a $data associative array so that they can be drawn by the register or recover views.

Returns

array —

$data associate array with field to help the register and recover view draw themselves

setupGraphicalCaptchaViewData()

setupGraphicalCaptchaViewData(\seekquarry\yioop\controllers\array&  $data) 

Sets up the graphical captcha view Draws the string for graphical captcha

Parameters

\seekquarry\yioop\controllers\array& $data

used by view to draw any dynamic content in this case we append a field "CAPTCHA_IMAGE" with a data url of the captcha to draw.

getRecoveryQuestions()

getRecoveryQuestions(string  $register_view, string  $locale) : array

Gets a list of translated recovery questions from the register view.

If insufficiently many questions have been translated for the current locale backfill with default locale

Parameters

string $register_view

view with register for an account form since auto checked for string to translate, have but a list of translated recovery string there.

string $locale

which locale to get the recovery questions for

Returns

array —

of translated recovery questions

selectQuestionsAnswers()

selectQuestionsAnswers(array  $question_answers, integer  $num_select, integer  $num_choices = -1) : array

Picks $num_select most/least questions from an array of triplets of the form a string question: Which is the most .

.?, a string question: Which is the least ..?, followed by a comma separated list of choices ranked from least to most. For each question pick, $num_choices many items from the last element of the triplet are chosen.

Parameters

array $question_answers

an array t_1, t_2, t_3, t_4, where each t_i is an associative array containing the most and least arrays as described above

integer $num_select

number of triples from the list to pick for each triple pick either the most question or the least question

integer $num_choices

from the list component of a triplet we we pick this many elements

Returns

array —

a pair consisting of an array of questions and possible choice for least/most, and another array of the correct answers to the least/most problem.

preactivityPrerequisiteCheck()

preactivityPrerequisiteCheck(\seekquarry\yioop\controllers\string&  $activity, string  $activity_success, string  $activity_fail, \seekquarry\yioop\controllers\array&  $data) 

Used to select which activity a controller will do. If the $activity is $activity_success, then this method checks the prereqs for $activity_success. If they are not met then the view $data array is updated with an error message and $activity_fail is set to be the next activity. If the prereq is met then the $activity is left as $activity_success. If $activity was not initially equal to $activity_success then this method does nothing.

Parameters

\seekquarry\yioop\controllers\string& $activity

current tentative activity

string $activity_success

activity to test for and to test prereqs for.

string $activity_fail

if prereqs not met which acitivity to switch to

\seekquarry\yioop\controllers\array& $data

data to help render the view this controller draws

dataIntegrityCheck()

dataIntegrityCheck(\seekquarry\yioop\controllers\array&  $data) 

Add SCRIPT tags for errors to the view $data array if there were any missing fields on a create account or recover account form.

also adds error info if try to create an existing using.

Parameters

\seekquarry\yioop\controllers\array& $data

contains info for the view on which the above forms are to be drawn.

checkRecoveryQuestions()

checkRecoveryQuestions(array  $user) : boolean

Checks whether the answers to the account recovery questions match those provided earlier by an account user

Parameters

array $user

who to check recovery answers for

Returns

boolean —

true if only if all were correct

getCleanFields()

getCleanFields(\seekquarry\yioop\controllers\array&  $data) 

Used to clean the inputs for form variables for creating/recovering an account. It also puts in blank values for missing fields into a "MISSING" array

Parameters

\seekquarry\yioop\controllers\array& $data

an array of data to be sent to the view After this method is done it will have cleaned versions of the $_REQUEST variables from create or recover account forms as well as a "MISSING" field which is an array of those items which did not have values on the create/recover account form

validateHashCode()

validateHashCode() : boolean

Calculates the sha1 of a string consist of a randomString,request_time send by a server and the nonce send by a client.It checks whether the sha1 produces expected number of a leading zeroes

Returns

boolean —

true if the sha1 produces expected number of a leading zeroes.