function login($username, $password)
{
$sql = "SELECT * FROM users WHERE username = '******' AND password = '******'";
$result = mysql_query($sql, $this->conn);
if (mysql_num_rows($result) > 0) {
//successful login
while ($row = mysql_fetch_assoc($result)) {
$user = new User();
$user->charities = $this->getCharities($row["user_id"]);
$user->setEmail($this->getEmail($row["user_id"]));
$user->setAddress($this->getAddress($row["user_id"]));
$user->setZipcode($this->getZipcode($row["user_id"]));
$card = $this->getCard($row["user_id"]);
$user->setCard($card[0]);
$user->setFullName($row["full_name"]);
$user->setUsername($row["username"]);
$user->setId($row["user_id"]);
return $user;
}
} else {
return null;
//Unsuccessful login
}
return null;
}
public function configureUser()
{
$_response = User::login(request_var('cmbCompany'), request_var('userId'));
if (is_array($_response) && count($_response)) {
session_init();
$objUser = new User();
$objUser->setId($_response["ParticipanteId"]);
$objUser->setIdentification($_response["Identificacion"]);
$objUser->setFirstName($_response["Nombre"]);
$objUser->setLastName($_response["Apellido"]);
$objUser->setFullName($_response["Nombre"] . " " . $_response["Apellido"]);
$objUser->setUsername($_response["UsuarioId"]);
$objUser->setCompany(request_var('cmbCompany'));
$objUser->setOffice(request_var("cmbOffice"));
set_session_var(VAR_USER, $objUser);
send_redirect("../view/main/master.php");
}
}
public function register()
{
if (!$this->validate()) {
return false;
}
$user = new User();
$user->setFullName($this->fio);
$user->username = $this->email;
$user->email = $this->email;
$user->password = md5($this->password);
$user->passwordConfirm = md5($this->passwordConfirmation);
$user->organizationName = $this->organizationName;
$user->organizationPhone = $this->organizationPhone;
$user->mobilePhone = $this->mobilePhone;
$user->isKnownFromSearch = $this->isKnownFromSearch;
$user->isKnownFromRecommendation = $this->isKnownFromRecommendation;
$user->isKnownFromInetAdvert = $this->isKnownFromInetAdvert;
$user->isKnownFromMaps = $this->isKnownFromMaps;
$user->isKnownFromOther = $this->isKnownFromOther;
if (!$user->save()) {
return false;
}
$auth = Yii::app()->authManager;
$defaultRole = $auth->getAuthItem(User::DEFAULT_ROLE);
if ($defaultRole) {
$auth->assign(User::DEFAULT_ROLE, $user->id);
}
$mail = new YiiMailer();
$mail->setFrom(Yii::app()->params['noReplyEmail']);
$mail->setTo(Yii::app()->params['notificationEmail']);
$mail->setSubject('Заявка на регистрацию нового пользователя');
$mail->setView('userRegistration');
$mail->setData(array('user' => $user));
if (!$mail->send()) {
error_log('Cannot send email about registered user: ' . $mail->getError());
}
return true;
}
if ($user) {
fURL::redirect('/members');
}
if (isset($_POST['submit'])) {
try {
fRequest::validateCSRFToken($_POST['token']);
$validator = new fValidation();
$validator->addRequiredFields('fullname', 'password', 'email', 'address');
$validator->addEmailFields('email');
$validator->validate();
if ($_POST['password'] != $_POST['passwordconfirm']) {
throw new fValidationException('Passwords do not match');
}
$user = new User();
$user->setEmail(strtolower($_POST['email']));
$user->setFullName($_POST['fullname']);
$user->setAddress($_POST['address']);
$user->setPassword(fCryptography::hashPassword($_POST['password']));
if (isset($_POST['hackney'])) {
$user->setHackney(true);
}
$user->store();
fSession::set('user', $user->getId());
fURL::redirect('/members');
exit;
} catch (fValidationException $e) {
echo "<p>" . $e->printMessage() . "</p>";
} catch (fSQLException $e) {
echo "<p>An unexpected error occurred, please try again later</p>";
trigger_error($e);
}
$page->addCSS("assets/css/profile.css");
$page->addJavascript("assets/js/jquery.inputmask.bundle.min.js");
$page->startBody();
$update = null;
//update PassWord
$updatePW = true;
date_default_timezone_set('Asia/Bangkok');
$User = new User();
if (isset($_POST["btnUpdate"])) {
$User->setUserID($_POST["txtUserID"]);
$User->setUserName($_POST["txtUserName"]);
$User->setEmail($_POST["txtEmail"]);
$dateOfBirth = new DateTime(str_replace('/', '-', $_POST["txtBirthDay"]));
//d-m-Y
$User->setDateOfBirth($dateOfBirth);
$User->setFullName($_POST["txtFullName"]);
$User->setGender($_POST["cboGender"]);
$User->setUserPermission(0);
$userLastModified = new DateTime();
$User->setUserLastModified($userLastModified);
$User->setUserPassWord(Context::getCurrentUser()["userPassWord"]);
$User->update();
$_SESSION["CurrentUser"] = (array) $User;
$update = true;
unset($_SESSION['captcha']);
} else {
if (isset($_POST["btnSave"]) && isset($_POST["txtPassWordOld"])) {
$messagePW = "";
$User->setUserID(Context::getCurrentUser()["userID"]);
$passWordOld = $_POST["txtPassWordOld"];
if (Context::getCurrentUser()["userPassWord"] == $passWordOld) {
public function getUser($login)
{
if ($this->userLogin == 'NONE') {
return false;
}
if (strlen($login)==0) {
return new AnonymousUser();
}
if ($userData = $this->getUserData($login)) {
$user = new User($this);
$user->setUserID($userData['userID']);
$user->setEmail($userData['email']);
$user->setFullName($userData['fullname']);
return $user;
} else {
return false;
return AUTH_USER_NOT_FOUND; // not sure which one is correct yet
}
}
$this->userImage = $value;
}
function getUserImage()
{
return $this->userImage;
}
}
//check if the user exist in DB
$sql = "SELECT * FROM user WHERE login = '******'login']}'" . " AND password = '******'password']}'";
$user_data = mysql_query($sql, $con);
$row = mysql_fetch_array($user_data);
if (empty($row['login'])) {
//redirect to registration page
$to = 'not-exist.html';
header('Location: ' . $to);
exit;
}
//put user data in Model (User Object)
$user01 = new User();
$user01->setUserLogin($row['login']);
$user01->setUserPassword($row['password']);
$user01->setFullName($row['fullname']);
$user01->setUserType($row['usertype']);
$user01->setUserImage($row['image']);
//put user data in session
$_SESSION['user'] = $user01;
//redirect to the HOME page
$to = 'home.php';
header('Location: ' . $to);
mysql_close($con);
exit;
if ($user) {
fURL::redirect('/members');
}
if (isset($_POST['submit'])) {
try {
fRequest::validateCSRFToken($_POST['token']);
$validator = new fValidation();
$validator->addRequiredFields('fullname', 'password', 'email', 'address');
$validator->addEmailFields('email');
$validator->validate();
if ($_POST['password'] != $_POST['passwordconfirm']) {
throw new fValidationException('Passwords do not match');
}
$user = new User();
$user->setEmail(strtolower(trim($_POST['email'])));
$user->setFullName(trim($_POST['fullname']));
$user->setAddress(trim($_POST['address']));
$user->setPassword(fCryptography::hashPassword($_POST['password']));
$user->setEmergencyName(trim($_POST['emergency_name']));
$user->setEmergencyPhone(trim($_POST['emergency_phone']));
$user->store();
fSession::set('user', $user->getId());
fURL::redirect('/members');
exit;
} catch (fValidationException $e) {
echo "<p>" . $e->printMessage() . "</p>";
} catch (fSQLException $e) {
echo "<p>An unexpected error occurred, please try again later</p>";
trigger_error($e);
}
}
public function populateObject($rsItem)
{
$seq_ = $rsItem["seq"];
$fullname = $rsItem["fullname"];
$username_ = $rsItem["username"];
$password_ = $rsItem["password"];
$emailId_ = $rsItem["emailid"];
$dateOfRegistration_ = $rsItem["dateofregistration"];
$isActive_ = $rsItem["isactive"];
$isManager_ = $rsItem["ismanager"];
$locationSeq_ = $rsItem["locationseq"];
$folderSeq_ = $rsItem["folderseq"];
$locationName_ = $rsItem["locationName"];
$mobile_ = $rsItem["mobile"];
$user = new User();
$user->setSeq($seq_);
$user->setFullName($fullname);
$user->setUserName($username_);
$user->setPassword($password_);
$user->setDecodedPassword(SecurityUtil::Decode($password_));
$user->setEmailId($emailId_);
$user->setDateOfRegistration($dateOfRegistration_);
$user->setConfirmPassword($password_);
$user->setIsActive($isActive_);
$user->setIsManager($isManager_);
$user->setLocationSeq($locationSeq_);
$user->setFolderSeq($folderSeq_);
$user->setLocationName($locationName_);
$user->setMobile($mobile_);
$otherLocationSeqs = $this->getLocationUsersLocationSeqs($user->getSeq(), $locationSeq_);
$user->setOtherLocationSeqs($otherLocationSeqs);
return $user;
}
