public function testSavingWithAnExpression()
{
$e = new Doctrine_Expression("CONCAT('some', 'one')");
$this->assertEqual($e->getSql(), "CONCAT('some', 'one')");
$u = new User();
$u->name = $e;
$u->save();
$u->refresh();
$this->assertEqual($u->name, 'someone');
}
/**
* get a user object
* @param id can be either email or sisId
*/
public static function get($id)
{
try {
$identifier = strpos($id, '@') === false ? 'sisId' : 'email';
$user = new User(array($identifier => $id));
$user->refresh();
return $user;
} catch (\Exception $e) {
return false;
}
// end catch
}
/**
* Create a user and his aircraft relations
* @param array $params
*/
public static function createUser($params)
{
if (!empty($params)) {
$user = new User();
$user->first_name = $params['first_name'];
$user->last_name = $params['last_name'];
$user->role_id = $params['role_id'];
$user->username = $params['username'];
$user->password = $params['password'];
if (!empty($params['aircraft'])) {
foreach ($params['aircraft'] as $aircraft_id) {
$user->Aircraft[] = Doctrine::getTable("Aircraft")->find($aircraft_id);
}
}
$user->language = $params['language'];
$user->save();
$user->refresh();
return $user->id;
}
}
function restore_users($users, $cours_user, $departments, $restoreHelper) {
global $tool_content, $langRestoreUserExists, $langRestoreUserNew, $uid;
$userid_map = array();
if ($_POST['add_users'] == 'none') {
// find the 1st teacher (oldid)
foreach ($cours_user as $cudata) {
if (intval($cudata[$restoreHelper->getField('course_user', 'status')]) === USER_TEACHER) {
$old_id = $cudata['user_id'];
$userid_map[$old_id] = $uid;
break;
}
}
return $userid_map;
}
if ($_POST['add_users'] == 'prof') {
$add_only_profs = true;
foreach ($cours_user as $cu_info) {
$is_prof[$cu_info['user_id']] = ($cu_info[$restoreHelper->getField('course_user', 'status')] == 1);
}
} else {
$add_only_profs = false;
}
require_once 'include/lib/user.class.php';
foreach ($users as $data) {
if ($add_only_profs and !$is_prof[$data[$restoreHelper->getField('user', 'id')]]) {
continue;
}
$u = Database::get()->querySingle("SELECT * FROM user WHERE BINARY username = ?s", $data['username']);
if ($u) {
$userid_map[$data[$restoreHelper->getField('user', 'id')]] = $u->id;
$tool_content .= "<div class='alert alert-info'>" .
sprintf($langRestoreUserExists,
'<b>' . q($data['username']) . '</b>',
'<i>' . q(trim($u->givenname . ' ' . $u->surname)) . '</i>',
'<i>' . q(trim($data[$restoreHelper->getField('user', 'givenname')] .
' ' . $data[$restoreHelper->getField('user', 'surname')])) . '</i>') .
"</div>\n";
} elseif (isset($_POST['create_users'])) {
$now = date('Y-m-d H:i:s', time());
$user_id = Database::get()->query("INSERT INTO user SET surname = ?s, "
. "givenname = ?s, username = ?s, password = ?s, email = ?s, status = ?d, phone = ?s, "
. "registered_at = ?t, expires_at = ?t",
(isset($data[$restoreHelper->getField('user', 'surname')])) ? $data[$restoreHelper->getField('user', 'surname')] : '',
(isset($data[$restoreHelper->getField('user', 'givenname')])) ? $data[$restoreHelper->getField('user', 'givenname')] : '',
$data['username'],
isset($data['password'])? $data['password']: '******',
isset($data['email'])? $data['email']: '',
intval($data[$restoreHelper->getField('course_user', 'status')]),
isset($data['phone'])? $data['phone']: '',
$now,
date('Y-m-d H:i:s', time() + get_config('account_duration')))->lastInsertID;
$userid_map[$data[$restoreHelper->getField('user', 'id')]] = $user_id;
$user = new User();
$user->refresh($user_id, $departments);
user_hook($user_id);
$tool_content .= "<div class='alert alert-info'>" .
sprintf($langRestoreUserNew,
'<b>' . q($data['username']) . '</b>',
'<i>' . q($data[$restoreHelper->getField('user', 'givenname')] .
' ' . $data[$restoreHelper->getField('user', 'surname')]) . '</i>') .
"</div>\n";
}
}
return $userid_map;
}
} else {
$q1 = Database::get()->query("INSERT INTO user (surname, givenname, username, password, email,
status, am, phone, registered_at, expires_at,
lang, verified_mail, whitelist, description)
VALUES (?s, ?s, ?s, '$password_encrypted', ?s, " . USER_STUDENT . ", ?s, ?s, " . DBHelper::timeAfter() . ",
" . DBHelper::timeAfter(get_config('account_duration')) . ", ?s, $verified_mail, '', '')",
$surname_form, $givenname_form, $uname, $email, $am, $phone, $language);
if ($q1) {
Database::get()->query('INSERT INTO user_ext_uid
SET user_id = ?d, auth_id = ?d, uid = ?s',
$q1->lastInsertID, $auth, $user_data->identifier);
}
}
$last_id = $q1->lastInsertID;
$userObj->refresh($last_id, $departments);
user_hook($last_id);
//fill custom profile fields
process_profile_fields_data(array('uid' => $last_id, 'origin' => 'student_register'));
if ($vmail) {
$hmac = token_generate($uname . $email . $last_id);
}
$emailsubject = "$langYourReg $siteName";
$telephone = get_config('phone');
$administratorName = get_config('admin_name');
$emailhelpdesk = get_config('email_helpdesk');
$emailbody = "$langDestination $givenname_form $surname_form\n" .
"$langYouAreReg $siteName $langSettings $uname\n" .
public function testSaveAssociations()
{
$user = $this->objTable->find(5);
$gf = $this->connection->getTable("Group");
$this->assertTrue($user->Group instanceof Doctrine_Collection);
$this->assertEqual($user->Group->count(), 1);
$this->assertEqual($user->Group[0]->id, 3);
// ADDING ASSOCIATED REFERENCES
$group1 = $gf->find(1);
$group2 = $gf->find(2);
$user->Group[1] = $group1;
$user->Group[2] = $group2;
$this->assertEqual($user->Group->count(), 3);
$user->save();
$coll = $user->Group;
// UNSETTING ASSOCIATED REFERENCES
unset($user);
$user = $this->objTable->find(5);
$this->assertEqual($user->Group->count(), 3);
$this->assertEqual($user->Group[1]->id, 1);
$this->assertEqual($user->Group[2]->id, 2);
$user->unlink('Group', array($group1->id, $group2->id), true);
$this->assertEqual($user->Group->count(), 1);
$user->save();
unset($user);
// CHECKING THE PERSISTENCE OF UNSET ASSOCIATED REFERENCES
$this->connection->clear();
$user = $this->objTable->find(5);
$this->assertEqual($user->Group->count(), 1);
$this->assertEqual($user->Group[0]->id, 3);
$this->assertEqual($gf->findAll()->count(), 3);
// REPLACING OLD ASSOCIATED REFERENCE
$user->unlink('Group', 3, true);
// you MUST first unlink old relationship
$user->Group[1] = $group1;
$user->Group[0] = $group2;
$user->save();
$user = $this->objTable->find(5);
$this->assertEqual($user->Group->count(), 2);
$this->assertEqual($user->Group[0]->identifier(), $group2->identifier());
$this->assertEqual($user->Group[1]->identifier(), $group1->identifier());
$user->unlink('Group', array(), true);
$user->save();
$user->free();
$user = $this->objTable->find(5);
$this->assertEqual($user->Group->count(), 0);
// ACCESSING ASSOCIATION OBJECT PROPERTIES
$user = new User();
$this->assertTrue($user->getTable()->getRelation("Groupuser") instanceof Doctrine_Relation_ForeignKey);
$this->assertTrue($user->Groupuser instanceof Doctrine_Collection);
$this->assertTrue($user->Groupuser[0] instanceof Groupuser);
$user->name = "Jack Daniels";
$user->Group[0]->name = "Group #1";
$user->Group[1]->name = "Group #2";
$t1 = time();
$t2 = time();
$user->Groupuser[0]->added = $t1;
$user->Groupuser[1]->added = $t2;
$this->assertEqual($user->Groupuser[0]->added, $t1);
$this->assertEqual($user->Groupuser[1]->added, $t2);
$user->save();
$user->refresh();
$this->assertEqual($user->Groupuser[0]->added, $t1);
$this->assertEqual($user->Groupuser[1]->added, $t2);
}
} elseif (isset($_SESSION['uname_app_exists'])) {
unset($_SESSION['uname_app_exists']);
}
// register user
if ($autoregister and empty($_SESSION['uname_exists']) and empty($_SESSION['uname_app_exists'])) {
if (get_config('email_verification_required') && !empty($email)) {
$verified_mail = 0;
$vmail = TRUE;
} else {
$verified_mail = 2;
$vmail = FALSE;
}
$authmethods = array('2', '3', '4', '5');
$q1 = Database::get()->query("INSERT INTO user\n SET surname = ?s,\n givenname = ?s,\n username = ?s,\n password = ?s,\n email = ?s,\n status = " . USER_STUDENT . ",\n am = ?s,\n registered_at = " . DBHelper::timeAfter() . ",\n expires_at = " . DBHelper::timeAfter(get_config('account_duration')) . ",\n lang = ?s,\n verified_mail = ?d,\n whitelist='',\n description = ''", $surname_form, $givenname_form, $uname, $password, $email, $am, $language, $verified_mail);
$last_id = $q1->lastInsertID;
$userObj->refresh($last_id, array(intval($depid)));
if ($vmail and !empty($email)) {
$hmac = token_generate($uname . $email . $last_id);
}
// Register a new user
$password = $auth_ids[$auth];
$telephone = get_config('phone');
$administratorName = get_config('admin_name');
$emailhelpdesk = get_config('email_helpdesk');
$emailAdministrator = get_config('email_sender');
$emailsubject = "{$langYourReg} {$siteName}";
$emailbody = "{$langDestination} {$givenname_form} {$surname_form}\n" . "{$langYouAreReg} {$siteName} {$langSettings} {$uname}\n" . "{$langPassSameAuth}\n{$langAddress} {$siteName}: " . "{$urlServer}\n" . ($vmail ? "\n{$langMailVerificationSuccess}.\n{$langMailVerificationClick}\n{$urlServer}" . "modules/auth/mail_verify.php?ver=" . $hmac . "&id=" . $last_id . "\n" : "") . "{$langProblem}\n{$langFormula}" . "{$administratorName}\n" . "{$langManager} {$siteName} \n{$langTel} {$telephone} \n" . "{$langEmail}: {$emailhelpdesk}";
if (!empty($email)) {
send_mail($siteName, $emailAdministrator, '', $email, $emailsubject, $emailbody, $charset, "Reply-To: {$emailhelpdesk}");
}
$myrow = Database::get()->querySingle("SELECT id, surname, givenname FROM user WHERE id = ?d", $last_id);
$updateStatus = true;
if (is_null($form_error)) {
if (!is_null($user_name)) {
$updateStatus = $u->updateUserName($user_name);
}
if ($updateStatus && !is_null($user_email)) {
$updateStatus = $u->updateUserEmail($user_email);
}
if ($updateStatus && !is_null($user_email)) {
$updateStatus = $u->updateUserPassword($user_password);
}
if ($updateStatus) {
$updateStatus = $u->updateUserNotify($user_notify);
}
if ($updateStatus) {
$u->refresh();
$status_message = WEB::_success('User Successfully updated!');
} else {
$status_message = WEB::_error('There was an error when you were updating the User.', null);
}
} else {
$status_message = WEB::_error('There is an error when you were updating the User. Please review the form below!', $form_error);
}
}
?>
<?php
include __DIR__ . "/../bourbon/template/header.php";
?>
if ($username_check) {
Session::Messages($langUserFree);
redirect_to_home_page("main/profile/profile.php");
}
}
// TODO: Allow admin to configure allowed username format
if (!empty($email_form) && $email_form != $_SESSION['email'] && get_config('email_verification_required')) {
$verified_mail_sql = ", verified_mail = " . EMAIL_UNVERIFIED;
} else {
$verified_mail_sql = '';
}
// everything is ok
$email_form = mb_strtolower(trim($email_form));
$q = Database::get()->query("UPDATE user SET surname = ?s,\n givenname = ?s,\n username = ?s,\n email = ?s,\n am = ?s,\n phone = ?s,\n description = ?s,\n email_public = ?s,\n phone_public = ?s,\n receive_mail = ?d,\n am_public = ?d\n {$verified_mail_sql}\n WHERE id = ?d", $surname_form, $givenname_form, $username_form, $email_form, $am_form, $phone_form, $desc_form, $email_public, $phone_public, $subscribe, $am_public, $uid);
if ($q->affectedRows > 0 or isset($departments)) {
$userObj->refresh($uid, $departments);
Log::record(0, 0, LOG_PROFILE, array('uid' => intval($_SESSION['uid']), 'modifyprofile' => 1, 'username' => $username_form, 'email' => $email_form, 'am' => $am_form));
$_SESSION['uname'] = $username_form;
$_SESSION['surname'] = $surname_form;
$_SESSION['givenname'] = $givenname_form;
$_SESSION['email'] = $email_form;
Session::Messages($langProfileReg, 'alert-success');
redirect_to_home_page("main/profile/display_profile.php");
}
if ($old_language != $language) {
Session::Messages($langProfileReg, 'alert-success');
redirect_to_home_page("main/profile/display_profile.php");
}
}
$surname_form = q($myrow->surname);
$givenname_form = q($myrow->givenname);
$user_notify = WEB::_post('user_notify');
// Passed as: array($user_name, user_email, user_password)
$form_error = $p->validateParams(array($user_name, $user_email, $user_password));
if (is_null($form_error)) {
$updateStatus = $p->updateUserName($user_name);
if ($updateStatus) {
$updateStatus = $p->updateUserEmail($user_email);
}
if ($updateStatus) {
$updateStatus = $p->updateUserPassword($user_password);
}
if ($updateStatus) {
$updateStatus = $p->updateUserNotify($user_notify);
}
if ($updateStatus) {
$p->refresh();
$status_message = WEB::_success('Profile Updated Successfully!');
} else {
$status_message = WEB::_error('There is an error when you were updating your profile.', $form_error);
}
} else {
$status_message = WEB::_error('There is an error when you were updating your profile. Please review the form below!', $form_error);
}
}
?>
<!-- // Begin Genre Template (List View) -->
<?php
include __DIR__ . "/bourbon/template/header.php";
?>
if (isDepartmentAdmin()) {
$olddeps = $user->getDepartmentIds(intval($u));
foreach ($departments as $depId) {
if (!in_array($depId, $olddeps)) {
validateNode(intval($depId), true);
}
}
foreach ($olddeps as $depId) {
if (!in_array($depId, $departments)) {
validateNode($depId, true);
}
}
}
$user->refresh(intval($u), $departments);
user_hook($u);
$qry = Database::get()->query("UPDATE user SET surname = ?s,
givenname = ?s,
username = ?s,
email = ?s,
status = ?d,
phone = ?s,
expires_at = ?t,
am = ?s,
verified_mail = ?d,
whitelist = ?s
WHERE id = ?d", $lname, $fname, $username, $email, $newstatus, $phone, $user_expires_at, $am, $verified_mail, $user_upload_whitelist, $u);
//update custom profile fields
$cpf_updated = process_profile_fields_data(array('uid' => $u, 'origin' => 'admin_edit_profile'));
if ($qry->affectedRows > 0 || $cpf_updated === true) {
<?php
require_once "helpers.php";
require_once "class.configuration.php";
require_once "class.sqlite.php";
require_once "class.pagination.php";
require_once "class.user.php";
require_once "class.game.php";
require_once "class.captcha.php";
session_start();
$config = new Configuration("config/config");
$GLOBALS['db'] = new Sqlite($config->getConfiguration("db"));
$GLOBALS['paginatior'] = new Paginator();
User::refresh();
// refresh user data in session
break;
}
$registered_at = time();
$expires_at = time() + get_config('account_duration');
$verified_mail = isset($_REQUEST['verified_mail']) ? intval($_REQUEST['verified_mail']) : 2;
$sql = Database::get()->query("INSERT INTO user (surname, givenname, username, password, email, status, phone,
am, registered_at, expires_at, lang, verified_mail, description, whitelist)
VALUES (?s, ?s, ?s, ?s, ?s, 1, ?s, ?s,
" . DBHelper::timeAfter() . ",
" . DBHelper::timeAfter(get_config('account_duration')) . ", ?s, ?d, '', '')",
$ps, $pn, $pu, $password, $pe, $phone, $comment, $lang, $verified_mail);
$last_id = $sql->lastInsertID;
$userObj->refresh($last_id, array(intval($department)));
user_hook($last_id);
$telephone = get_config('phone');
$administratorName = get_config('admin_name');
$emailhelpdesk = get_config('email_helpdesk');
// Close user request
Database::get()->query("UPDATE user_request SET state = 2,
date_closed = " . DBHelper::timeAfter() . ",
verified_mail = ?d WHERE id = ?d", $verified_mail, $rid);
$emailbody = "$langDestination $pn $ps\n" .
"$langYouAreReg $siteName $langSettings $pu\n" .
"$langPass: $langPassSameAuth\n$langAddress $siteName: " .
"$urlServer\n$langProblem\n$langFormula" .
"$administratorName\n" .
"$langManager $siteName \n$langTel $telephone \n" .
$verified_mail = isset($_REQUEST['verified_mail_form']) ? intval($_REQUEST['verified_mail_form']) : 2;
// check if user name exists
$user_exist = Database::get()->querySingle("SELECT username FROM user WHERE username=?s", $uname);
// check if there are empty fields
if (!$all_set) {
$tool_content .= "<div class='alert alert-danger'>{$langFieldsMissing} <br /><a href='{$backlink}'>{$langAgain}</a></div>";
} elseif ($user_exist) {
$tool_content .= "<div class='alert alert-danger'>{$langUserFree} <br /><a href='{$backlink}'>{$langAgain}</a></div>";
} elseif (!email_seems_valid($email_form)) {
$tool_content .= "<div class='alert alert-danger'>{$langEmailWrong} <br /><a href='{$backlink}'>{$langAgain}</a></div>";
} else {
validateNode(intval($depid), isDepartmentAdmin());
$hasher = new PasswordHash(8, false);
$password_encrypted = $hasher->HashPassword($password);
$uid = Database::get()->query("INSERT INTO user\n (surname, givenname, username, password, email, status, phone, am, registered_at, expires_at, lang, description, verified_mail, whitelist)\n VALUES (?s, ?s, ?s, ?s, ?s, ?d, ?s, ?s , " . DBHelper::timeAfter() . "\n , " . DBHelper::timeAfter(get_config('account_duration')) . "\n , ?s, '', ?s, '')", $surname_form, $givenname_form, $uname, $password_encrypted, $email_form, $pstatus, $phone, $am, $proflanguage, $verified_mail)->lastInsertID;
$user->refresh($uid, array(intval($depid)));
// close request if needed
if (!empty($rid)) {
$rid = intval($rid);
Database::get()->query("UPDATE user_request set state = 2, date_closed = NOW() WHERE id = ?d", $rid);
}
if ($pstatus == 1) {
$message = $profsuccess;
$reqtype = '';
$type_message = $langAsProf;
} else {
$message = $usersuccess;
$reqtype = '?type=user';
$type_message = '';
// $langAsUser;
}
if ($user->isLoggedIn) {
if (isset($_POST['email'])) {
$email = $_POST['email'];
if ($user->update("Email", trim($_POST['email']))) {
$message = "Email address has been successfully changed.";
}
}
// Check to see if the password was set.
if (isset($_POST['pwd']) && !empty($_POST['pwd']) && (isset($_POST['confirm_pwd']) && !empty($_POST['confirm_pwd']) && $_POST['pwd'] == $_POST['confirm_pwd'])) {
if ($user->update("Password", md5(trim($_POST['pwd'])))) {
$message = "Password has been successfully changed.";
}
} elseif (isset($_POST['pwd']) && !empty($_POST['pwd']) && (isset($_POST['confirm_pwd']) && !empty($_POST['confirm_pwd']) && $_POST['pwd'] !== $_POST['confirm_pwd'])) {
$message = "Password change was unsuccessful.";
}
$user->refresh();
} else {
$message = "Invalid credentials given.";
}
}
}
// This function is used to list the states for choosing.
function listStates($selected)
{
$states_arr = array('AL' => "Alabama", 'AK' => "Alaska", 'AZ' => "Arizona", 'AR' => "Arkansas", 'CA' => "California", 'CO' => "Colorado", 'CT' => "Connecticut", 'DE' => "Delaware", 'DC' => "District Of Columbia", 'FL' => "Florida", 'GA' => "Georgia", 'HI' => "Hawaii", 'ID' => "Idaho", 'IL' => "Illinois", 'IN' => "Indiana", 'IA' => "Iowa", 'KS' => "Kansas", 'KY' => "Kentucky", 'LA' => "Louisiana", 'ME' => "Maine", 'MD' => "Maryland", 'MA' => "Massachusetts", 'MI' => "Michigan", 'MN' => "Minnesota", 'MS' => "Mississippi", 'MO' => "Missouri", 'MT' => "Montana", 'NE' => "Nebraska", 'NV' => "Nevada", 'NH' => "New Hampshire", 'NJ' => "New Jersey", 'NM' => "New Mexico", 'NY' => "New York", 'NC' => "North Carolina", 'ND' => "North Dakota", 'OH' => "Ohio", 'OK' => "Oklahoma", 'OR' => "Oregon", 'PA' => "Pennsylvania", 'RI' => "Rhode Island", 'SC' => "South Carolina", 'SD' => "South Dakota", 'TN' => "Tennessee", 'TX' => "Texas", 'UT' => "Utah", 'VT' => "Vermont", 'VA' => "Virginia", 'WA' => "Washington", 'WV' => "West Virginia", 'WI' => "Wisconsin", 'WY' => "Wyoming");
$string = '';
foreach ($states_arr as $k => $v) {
$s = $selected === $k ? "selected" : "";
$string .= '<option value="' . $k . '" ' . $s . '>' . $v . '</option>' . "\n";
}
return $string;
function shib_cas_login($type) {
global $surname, $givenname, $email, $status, $language, $session,
$urlServer, $is_admin, $is_power_user, $is_usermanage_user,
$is_departmentmanage_user, $langUserAltAuth, $langRegistrationDenied;
$alt_auth_stud_reg = get_config('alt_auth_stud_reg');
if ($alt_auth_stud_reg == 2) {
$autoregister = TRUE;
} else {
$autoregister = FALSE;
}
if ($type == 'shibboleth') {
$uname = $_SESSION['shib_uname'];
$email = $_SESSION['shib_email'];
$shib_surname = $_SESSION['shib_surname'];
$shibsettings = Database::get()->querySingle("SELECT auth_settings FROM auth WHERE auth_id = 6");
if ($shibsettings) {
if ($shibsettings->auth_settings != 'shibboleth' and $shibsettings->auth_settings != '') {
$shibseparator = $shibsettings->auth_settings;
}
if (strpos($shib_surname, $shibseparator)) {
$temp = explode($shibseparator, $shib_surname);
$givenname = $temp[0];
$surname = $temp[1];
}
}
} elseif ($type == 'cas') {
$uname = $_SESSION['cas_uname'];
$surname = $_SESSION['cas_surname'];
$givenname = $_SESSION['cas_givenname'];
$email = isset($_SESSION['cas_email']) ? $_SESSION['cas_email'] : '';
$am = isset($_SESSION['cas_userstudentid']) ? $_SESSION['cas_userstudentid'] : '';
}
// Attributes passed to login_hook()
$attributes = array();
if (isset($_SESSION['cas_attributes'])) {
foreach ($_SESSION['cas_attributes'] as $name => $value) {
$attributes[strtolower($name)] = $value;
}
}
// user is authenticated, now let's see if he is registered also in db
if (get_config('case_insensitive_usernames')) {
$sqlLogin = "******";
} else {
$sqlLogin = "******";
}
$info = Database::get()->querySingle("SELECT id, surname, username, password, givenname, status, email, lang, verified_mail
FROM user WHERE username $sqlLogin", $uname);
if ($info) {
// if user found
if ($info->password != $type) {
// has different auth method - redirect to home page
unset($_SESSION['shib_uname']);
unset($_SESSION['shib_email']);
unset($_SESSION['shib_surname']);
unset($_SESSION['cas_uname']);
unset($_SESSION['cas_email']);
unset($_SESSION['cas_surname']);
unset($_SESSION['cas_givenname']);
unset($_SESSION['cas_userstudentid']);
Session::Messages($langUserAltAuth, 'alert-danger');
redirect_to_home_page();
} else {
// don't force email address from CAS/Shibboleth.
// user might prefer a different one
if (!empty($info->email)) {
$email = $info->email;
}
$userObj = new User();
$options = login_hook(array(
'user_id' => $info->id,
'attributes' => $attributes,
'status' => $info->status,
'departments' => $userObj->getDepartmentIds($info->id),
'am' => $am));
if (!$options['accept']) {
foreach (array_keys($_SESSION) as $key) {
unset($_SESSION[$key]);
}
Session::Messages($langRegistrationDenied, 'alert-warning');
redirect_to_home_page();
}
$status = $options['status'];
// update user information
Database::get()->query("UPDATE user SET surname = ?s, givenname = ?s, email = ?s,
status = ?d WHERE id = ?d",
$surname, $givenname, $email, $status, $info->id);
$userObj->refresh($info->id, $options['departments']);
user_hook($_SESSION['uid']);
// check for admin privileges
$admin_rights = get_admin_rights($info->id);
if ($admin_rights == ADMIN_USER) {
$is_active = 1; // admin user is always active
$_SESSION['is_admin'] = 1;
$is_admin = 1;
} elseif ($admin_rights == POWER_USER) {
$_SESSION['is_power_user'] = 1;
$is_power_user = 1;
} elseif ($admin_rights == USERMANAGE_USER) {
$_SESSION['is_usermanage_user'] = 1;
$is_usermanage_user = 1;
} elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
$_SESSION['is_departmentmanage_user'] = 1;
$is_departmentmanage_user = 1;
}
$_SESSION['uid'] = $info->id;
if (isset($_SESSION['langswitch'])) {
$language = $_SESSION['langswitch'];
} else {
$language = $info->lang;
}
}
} elseif ($autoregister and !(get_config('am_required') and empty($am))) {
// if user not found and autoregister enabled, create user
$verified_mail = EMAIL_UNVERIFIED;
if (isset($_SESSION['cas_email'])) {
$verified_mail = EMAIL_VERIFIED;
} else { // redirect user to mail_verify_change.php
$_SESSION['mail_verification_required'] = 1;
}
$options = login_hook(array(
'user_id' => null,
'attributes' => $attributes,
'am' => $am));
if (!$options['accept']) {
foreach (array_keys($_SESSION) as $key) {
unset($_SESSION[$key]);
}
Session::Messages($langRegistrationDenied, 'alert-warning');
redirect_to_home_page();
}
$status = $options['status'];
$_SESSION['uid'] = Database::get()->query("INSERT INTO user
SET surname = ?s, givenname = ?s, password = ?s,
username = ?s, email = ?s, status = ?d, lang = ?s,
am = ?s, verified_mail = ?d,
registered_at = " . DBHelper::timeAfter() . ",
expires_at = " . DBHelper::timeAfter(get_config('account_duration')) . ",
whitelist = ''",
$surname, $givenname, $type, $uname, $email, $status,
$language, $options['am'], $verified_mail)->lastInsertID;
$userObj = new User();
$userObj->refresh($_SESSION['uid'], $options['departments']);
user_hook($_SESSION['uid']);
} else {
// user not registered, automatic registration disabled
// redirect to registration screen
foreach (array_keys($_SESSION) as $key) {
unset($_SESSION[$key]);
}
session_destroy();
redirect_to_home_page('modules/auth/registration.php');
exit;
}
$_SESSION['uname'] = $uname;
$_SESSION['surname'] = $surname;
$_SESSION['givenname'] = $givenname;
$_SESSION['email'] = $email;
$_SESSION['status'] = $status;
//$_SESSION['is_admin'] = $is_admin;
$_SESSION['shib_user'] = 1; // now we are shibboleth user
Database::get()->query("INSERT INTO loginout (loginout.id_user, loginout.ip, loginout.when, loginout.action)
VALUES ($_SESSION[uid], '$_SERVER[REMOTE_ADDR]', " . DBHelper::timeAfter() . ", 'LOGIN')");
$session->setLoginTimestamp();
if (get_config('email_verification_required') and
get_mail_ver_status($_SESSION['uid']) == EMAIL_VERIFICATION_REQUIRED) {
$_SESSION['mail_verification_required'] = 1;
// init.php is already loaded so redirect from here
redirect_to_home_page('modules/auth/mail_verify_change.php');
}
}
