public function editUserAction() { $intUserID = $this->getParam('user_id'); if (empty($intUserID)) { $objUser = new User(); } else { $objUser = User::fetchById($intUserID); } if (!is_object($objUser)) { throw new Exception('User with id = ' . $intUserID . ' does not exist'); } $objAuthUser = App_Auth::getInstance()->getUser(); if (!$objAuthUser->isAdmin() && $objAuthUser->getId() != $objUser->getId()) { throw new Exception('You have no permition to create new user'); } foreach ($objUser->toArray() as $strField => $strValue) { if ($this->hasParam($strField)) { $objUser->{$strField} = $this->getParam($strField); } } if (!User::isUnique($objUser)) { $this->view->result = ['error' => 'User with login ' . $objUser->getLogin() . ' already exist']; return; } $objUser->save(); $this->view->result = $objUser->toArray(); }
/** * testFindUnique method * * @return void */ public function testFindUnique() { $this->loadFixtures('User'); $TestModel = new User(); $this->assertFalse($TestModel->isUnique(array('user' => 'nate'))); $TestModel->id = 2; $this->assertTrue($TestModel->isUnique(array('user' => 'nate'))); $this->assertFalse($TestModel->isUnique(array('user' => 'nate', 'password' => '5f4dcc3b5aa765d61d8327deb882cf99'))); }
public function myaccountAction() { if (!$this->isLoggedIn()) { $this->doNoAccessError(); } if (!($user_id = $this->isLoggedIn())) { $this->doNoAccessError(); } if ($this->view->mode == 'edit') { $user_id = $this->getSanParam('id'); } $request = $this->getRequest(); $validateOnly = $request->isXmlHttpRequest(); if ($validateOnly) { $this->setNoRenderer(); } $user = new User(); $userRow = $user->find($user_id)->current(); if ($request->isPost()) { $status = ValidationContainer::instance(); //validate $status->checkRequired($this, 'first_name', 'First name'); $status->checkRequired($this, 'last_name', 'Last name'); $status->checkRequired($this, 'username', 'Login'); $status->checkRequired($this, 'email', 'Email'); //valid email? $validator = new Zend_Validate_EmailAddress(); if (!$validator->isValid($this->_getParam('email'))) { $status->addError('email', 'That email address does not appear to be valid.'); } if (strlen($this->_getParam('username')) < 3) { $status->addError('username', 'Usernames should be at least 3 characters in length.'); } //changing usernames? if ($this->_getParam('username') != $userRow->username) { //check unique username and email if ($uniqueArray = User::isUnique($this->getSanParam('username'))) { if (isset($uniqueArray['username'])) { $status->addError('username', 'That username is already in use. Please choose another one.'); } } } //changing email? if ($this->_getParam('email') != $userRow->email) { //check unique username and email if ($uniqueArray = User::isUnique(false, $this->getSanParam('email'))) { if (isset($uniqueArray['email'])) { $status->addError('email', 'That email address is already in use. Please choose another one.'); } } } //changing passwords? $passwordChange = false; if (strlen($this->_getParam('password')) > 0 and strlen($this->_getParam('confirm_password')) > 0) { if (strlen($this->_getParam('password')) < 6) { $status->addError('password', 'Passwords should be at least 6 characters in length.'); } if ($this->_getParam('password') != $this->_getParam('confirm_password')) { $status->addError('password', 'Password fields do not match. Please enter them again.'); } $passwordChange = true; } if ($status->hasError()) { $status->setStatusMessage('Your account information could not be saved.'); } else { $params = $this->_getAllParams(); if (!$passwordChange) { unset($params['password']); } self::fillFromArray($userRow, $params); if ($userRow->save()) { $status->setStatusMessage('Your account information was saved.'); if ($this->view->mode == 'edit') { $this->saveAclCheckboxes($user_id); } if ($passwordChange == true) { $email = $this->_getParam('email'); if (trim($email) != '') { $view = new Zend_View(); $view->setScriptPath(Globals::$BASE_PATH . '/app/views/scripts/email'); $view->assign('first_name', $this->_getParam('first_name')); $view->assign('username', $this->_getParam('username')); $view->assign('password', $this->_getParam('password')); $text = $view->render('text/password_changed.phtml'); $html = $view->render('html/password_changed.phtml'); $mail = new Zend_Mail(); $mail->setBodyText($text); $mail->setBodyHtml($html); $mail->setFrom(Settings::$EMAIL_ADDRESS, Settings::$EMAIL_NAME); $mail->addTo($this->_getParam('email'), $this->getSanParam('first_name') . " " . $this->getSanParam('last_name')); $mail->setSubject('Password Changed'); $mail->send(); } } } else { $status->setStatusMessage('Your account information could not be saved.'); } } if ($validateOnly) { $this->sendData($status); } else { $this->view->assign('status', $status); } } $userArray = $userRow->toArray(); if ($this->view->mode == 'edit') { //set acls $acls = User::getACLs($user_id); $userArray['acls'] = $acls; } $training_organizer_array = MultiOptionList::choicesList('user_to_organizer_access', 'user_id', $user_id, 'training_organizer_option', 'training_organizer_phrase', false, false); $this->viewAssignEscaped('training_organizer', $training_organizer_array); $this->viewAssignEscaped('user', $userArray); if ($this->hasACL('pre_service')) { $helper = new Helper(); $this->view->assign('showinstitutions', true); $this->view->assign('institutions', $helper->getInstitutions()); // Getting current credentials $auth = Zend_Auth::getInstance(); $identity = $auth->getIdentity(); $this->view->assign('userinstitutions', $helper->getUserInstitutions($user_id)); } else { $this->view->assign('showinstitutions', false); } }
try { if (!$user->level) { throw new LoginException("You must be logged in to use this feature."); } if ($user->level < 2) { throw new LoginException("You do not have permission to use this feature. Please log into the Administrator account."); } list($newUser->username, $newUser->password, $newUser->firstname, $newUser->lastname) = $input->getInputValues('newusername', 'newpassword', 'newfirstname', 'newlastname'); if ($newUser->username && $newUser->password) { $newUser->level = 1; $input->minMax($newUser->firstname, 1, 32, 'First Name'); $input->minMax($newUser->lastname, 1, 32, 'Last Name'); $input->password($newUser->password, 'Password'); $input->minMax($newUser->password, 5, 30, 'Password'); $input->minMax($newUser->username, 3, 16, 'Username'); if ($newUser->isUnique('username')) { $newUser->createUser(); flash("New User (" . $newUser->username . ") Created Successfully"); include "../views/administration.php"; } else { throw new Exception("That user already exists."); } } else { include "../views/createuser.php"; } } catch (LoginException $e) { $redirect = "createuser.php"; include "../views/login.php"; throw $e; } catch (InputException $e) { include "../views/createuser.php";