public function editUserAction()
{
$intUserID = $this->getParam('user_id');
if (empty($intUserID)) {
$objUser = new User();
} else {
$objUser = User::fetchById($intUserID);
}
if (!is_object($objUser)) {
throw new Exception('User with id = ' . $intUserID . ' does not exist');
}
$objAuthUser = App_Auth::getInstance()->getUser();
if (!$objAuthUser->isAdmin() && $objAuthUser->getId() != $objUser->getId()) {
throw new Exception('You have no permition to create new user');
}
foreach ($objUser->toArray() as $strField => $strValue) {
if ($this->hasParam($strField)) {
$objUser->{$strField} = $this->getParam($strField);
}
}
if (!User::isUnique($objUser)) {
$this->view->result = ['error' => 'User with login ' . $objUser->getLogin() . ' already exist'];
return;
}
$objUser->save();
$this->view->result = $objUser->toArray();
}
/**
* testFindUnique method
*
* @return void
*/
public function testFindUnique()
{
$this->loadFixtures('User');
$TestModel = new User();
$this->assertFalse($TestModel->isUnique(array('user' => 'nate')));
$TestModel->id = 2;
$this->assertTrue($TestModel->isUnique(array('user' => 'nate')));
$this->assertFalse($TestModel->isUnique(array('user' => 'nate', 'password' => '5f4dcc3b5aa765d61d8327deb882cf99')));
}
public function myaccountAction()
{
if (!$this->isLoggedIn()) {
$this->doNoAccessError();
}
if (!($user_id = $this->isLoggedIn())) {
$this->doNoAccessError();
}
if ($this->view->mode == 'edit') {
$user_id = $this->getSanParam('id');
}
$request = $this->getRequest();
$validateOnly = $request->isXmlHttpRequest();
if ($validateOnly) {
$this->setNoRenderer();
}
$user = new User();
$userRow = $user->find($user_id)->current();
if ($request->isPost()) {
$status = ValidationContainer::instance();
//validate
$status->checkRequired($this, 'first_name', 'First name');
$status->checkRequired($this, 'last_name', 'Last name');
$status->checkRequired($this, 'username', 'Login');
$status->checkRequired($this, 'email', 'Email');
//valid email?
$validator = new Zend_Validate_EmailAddress();
if (!$validator->isValid($this->_getParam('email'))) {
$status->addError('email', 'That email address does not appear to be valid.');
}
if (strlen($this->_getParam('username')) < 3) {
$status->addError('username', 'Usernames should be at least 3 characters in length.');
}
//changing usernames?
if ($this->_getParam('username') != $userRow->username) {
//check unique username and email
if ($uniqueArray = User::isUnique($this->getSanParam('username'))) {
if (isset($uniqueArray['username'])) {
$status->addError('username', 'That username is already in use. Please choose another one.');
}
}
}
//changing email?
if ($this->_getParam('email') != $userRow->email) {
//check unique username and email
if ($uniqueArray = User::isUnique(false, $this->getSanParam('email'))) {
if (isset($uniqueArray['email'])) {
$status->addError('email', 'That email address is already in use. Please choose another one.');
}
}
}
//changing passwords?
$passwordChange = false;
if (strlen($this->_getParam('password')) > 0 and strlen($this->_getParam('confirm_password')) > 0) {
if (strlen($this->_getParam('password')) < 6) {
$status->addError('password', 'Passwords should be at least 6 characters in length.');
}
if ($this->_getParam('password') != $this->_getParam('confirm_password')) {
$status->addError('password', 'Password fields do not match. Please enter them again.');
}
$passwordChange = true;
}
if ($status->hasError()) {
$status->setStatusMessage('Your account information could not be saved.');
} else {
$params = $this->_getAllParams();
if (!$passwordChange) {
unset($params['password']);
}
self::fillFromArray($userRow, $params);
if ($userRow->save()) {
$status->setStatusMessage('Your account information was saved.');
if ($this->view->mode == 'edit') {
$this->saveAclCheckboxes($user_id);
}
if ($passwordChange == true) {
$email = $this->_getParam('email');
if (trim($email) != '') {
$view = new Zend_View();
$view->setScriptPath(Globals::$BASE_PATH . '/app/views/scripts/email');
$view->assign('first_name', $this->_getParam('first_name'));
$view->assign('username', $this->_getParam('username'));
$view->assign('password', $this->_getParam('password'));
$text = $view->render('text/password_changed.phtml');
$html = $view->render('html/password_changed.phtml');
$mail = new Zend_Mail();
$mail->setBodyText($text);
$mail->setBodyHtml($html);
$mail->setFrom(Settings::$EMAIL_ADDRESS, Settings::$EMAIL_NAME);
$mail->addTo($this->_getParam('email'), $this->getSanParam('first_name') . " " . $this->getSanParam('last_name'));
$mail->setSubject('Password Changed');
$mail->send();
}
}
} else {
$status->setStatusMessage('Your account information could not be saved.');
}
}
if ($validateOnly) {
$this->sendData($status);
} else {
$this->view->assign('status', $status);
}
}
$userArray = $userRow->toArray();
if ($this->view->mode == 'edit') {
//set acls
$acls = User::getACLs($user_id);
$userArray['acls'] = $acls;
}
$training_organizer_array = MultiOptionList::choicesList('user_to_organizer_access', 'user_id', $user_id, 'training_organizer_option', 'training_organizer_phrase', false, false);
$this->viewAssignEscaped('training_organizer', $training_organizer_array);
$this->viewAssignEscaped('user', $userArray);
if ($this->hasACL('pre_service')) {
$helper = new Helper();
$this->view->assign('showinstitutions', true);
$this->view->assign('institutions', $helper->getInstitutions());
// Getting current credentials
$auth = Zend_Auth::getInstance();
$identity = $auth->getIdentity();
$this->view->assign('userinstitutions', $helper->getUserInstitutions($user_id));
} else {
$this->view->assign('showinstitutions', false);
}
}
try {
if (!$user->level) {
throw new LoginException("You must be logged in to use this feature.");
}
if ($user->level < 2) {
throw new LoginException("You do not have permission to use this feature. Please log into the Administrator account.");
}
list($newUser->username, $newUser->password, $newUser->firstname, $newUser->lastname) = $input->getInputValues('newusername', 'newpassword', 'newfirstname', 'newlastname');
if ($newUser->username && $newUser->password) {
$newUser->level = 1;
$input->minMax($newUser->firstname, 1, 32, 'First Name');
$input->minMax($newUser->lastname, 1, 32, 'Last Name');
$input->password($newUser->password, 'Password');
$input->minMax($newUser->password, 5, 30, 'Password');
$input->minMax($newUser->username, 3, 16, 'Username');
if ($newUser->isUnique('username')) {
$newUser->createUser();
flash("New User (" . $newUser->username . ") Created Successfully");
include "../views/administration.php";
} else {
throw new Exception("That user already exists.");
}
} else {
include "../views/createuser.php";
}
} catch (LoginException $e) {
$redirect = "createuser.php";
include "../views/login.php";
throw $e;
} catch (InputException $e) {
include "../views/createuser.php";
