function indexAction()
{
$this->form = new Am_Form_Profile();
$this->form->addCsrf();
if ($c = $this->getFiltered('c')) {
$record = $this->getDi()->savedFormTable->findFirstBy(array('code' => $c, 'type' => SavedForm::T_PROFILE));
} else {
$record = $this->getDi()->savedFormTable->getDefault(SavedForm::D_PROFILE);
}
$event = new Am_Event(Am_Event::LOAD_PROFILE_FORM, array('request' => $this->_request, 'user' => $this->getDi()->auth->getUser()));
$event->setReturn($record);
$this->getDi()->hook->call($event);
$record = $event->getReturn();
if (!$record) {
throw new Am_Exception_Configuration("No profile form configured");
}
if ($record->meta_title) {
$this->view->meta_title = $record->meta_title;
}
if ($record->meta_keywords) {
$this->view->headMeta()->setName('keywords', $record->meta_keywords);
}
if ($record->meta_description) {
$this->view->headMeta()->setName('description', $record->meta_description);
}
$this->form->initFromSavedForm($record);
$this->form->setUser($this->user);
$u = $this->user->toArray();
unset($u['pass']);
$dataSources = array(new HTML_QuickForm2_DataSource_Array($u));
if ($this->form->isSubmitted()) {
array_unshift($dataSources, $this->_request);
}
$this->form->setDataSources($dataSources);
if ($this->form->isSubmitted() && $this->form->validate()) {
$oldUser = clone $this->user;
$oldUser->toggleFrozen(true);
$vars = $this->form->getValue();
unset($vars['user_id']);
if (!empty($vars['pass'])) {
$this->user->setPass($vars['pass']);
}
unset($vars['pass']);
$ve = $this->handleEmail($record, $vars) ? 1 : 0;
$u = $this->user->setForUpdate($vars);
$this->emailChangesToAdmin();
$u->update();
$this->getDi()->hook->call(Am_Event::PROFILE_USER_UPDATED, array('vars' => $vars, 'oldUser' => $oldUser, 'user' => $u, 'form' => $this->form));
$this->getDi()->auth->setUser($u, '');
$msg = $ve ? ___('Verification email has been sent to your address.
E-mail will be changed in your account after confirmation') : ___('Your profile has been updated successfully');
return $this->redirectLocation($this->getFullUrl() . '?a=saved&_msg=' . urlencode($msg));
}
$this->view->title = $record->title;
$this->view->form = $this->form;
$this->view->display('member/profile.phtml');
}
function indexAction()
{
$this->form = new Am_Form_Profile();
$record = $this->getDi()->savedFormTable->getByType(SavedForm::T_PROFILE);
if (!$record) {
throw new Am_Exception_Configuration("No profile form configured");
}
$this->form->initFromSavedForm($record);
$this->form->setUser($this->user);
$u = $this->user->toArray();
$u = $this->getDi()->userTable->customFields()->valuesFromTable($u);
$u['visible_in_profile'][3] = 3;
unset($u['pass']);
$dataSources = array(new HTML_QuickForm2_DataSource_Array($u));
if ($this->form->isSubmitted()) {
array_unshift($dataSources, $this->_request);
}
$this->form->setDataSources($dataSources);
if ($this->form->isSubmitted() && $this->form->validate()) {
$vars = $this->form->getValue();
unset($vars['user_id']);
if (!empty($vars['pass'])) {
$this->user->setPass($vars['pass']);
}
unset($vars['pass']);
$ve = $this->handleEmail($record, $vars) ? 1 : 0;
$vars = $this->getDi()->userTable->customFields()->valuesToTable($vars);
$this->user->setForUpdate($vars)->update();
return $this->redirectLocation($this->getFullUrl() . '?a=saved&ve=' . $ve);
}
if ($this->getRequest()->getParam('ve')) {
$this->view->message = ___('Verification email has been sent to your address.
E-mail will be changed in your account after confirmation');
}
$this->view->form = $this->form;
$this->view->display('member/profile.phtml');
}
public function getAccessToken()
{
// pega os parametros enviados pelo rest
$params = Lib::getParams();
$hash = $params["hash"];
// forma um modelo qualquer
$obj = new User();
$obj->setPass($hash);
$obj->setValorUm("valor um");
$obj->setValorDois("valor dois");
// para interagir com banco
$dao = new $this->dao();
// usando o dao para qualquer coisa:
//////////////////////////////////// $dao->insert($obj);
// debuga na saida
Lib::debug($obj);
}
public function doChangePass(User $user, $code)
{
$form = $this->createForm();
$form->addDataSource(new HTML_QuickForm2_DataSource_Array(array(self::SECURITY_VAR => $code, 'login' => $user->login)));
if ($form->isSubmitted() && $form->validate()) {
$user->setPass($this->getParam('pass0'));
$user->save();
// Password has been reset. Delete all other sessions besides of current one. (Logout other' users)
$this->getDi()->db->query('DELETE FROM ?_session where user_id=? and id<>?', $user->pk(), session_id());
$this->getDi()->store->delete(self::STORE_PREFIX . $code);
$msg = ___('Your password has been changed successfully. ' . 'You can %slogin to your account%s with new password.', sprintf('<a href="%s">', $this->escape(REL_ROOT_URL . '/login')), '</a>');
$this->view->title = ___('Change Password');
$this->view->content = <<<CUT
<div class="am-info">{$msg}</div>
CUT;
$this->view->display('layout.phtml');
} else {
$this->view->form = $form;
$this->view->display('changepass.phtml');
}
}
public function executeNewuser(sfWebRequest $request)
{
$this->form = new UserForm();
// check if the data is coming from POST method
if ($request->isMethod('post')) {
// bind the form
$this->form->bind($request->getParameter($this->form->getName()));
$captcha = new reCaptcha();
$responsecaptcha = $captcha->recaptcha_check_answer($_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
//check capcha
if (!$responsecaptcha->is_valid) {
$this->getUser()->setFlash('message', 'Invalid Sequrity Code,Please enter again');
} else {
$formData = $this->form->getValues();
$checkUsernameAndEmail = Doctrine::getTable('User')->func_checkUsernameAndEmail($formData['email_address'], $formData['username']);
if (count($checkUsernameAndEmail)) {
$this->getUser()->setFlash('message', 'UserName or Email is already taken');
} else {
$user = new User();
$user->setUsername($formData['username']);
$getSalt = Doctrine::getTable('User')->func_generateSalt();
$getPassword = Doctrine::getTable('User')->func_generatePassword($getSalt, $formData['pass']);
$user->setSalt($getSalt);
$user->setPass($getPassword);
$user->setIsActive(0);
$user->setFirstName($formData['first_name']);
$user->setLastName($formData['last_name']);
$user->setEmailAddress($formData['email_address']);
$user->save();
Doctrine::getTable('User')->func_sendVerificationEmail($formData['first_name'], $formData['email_address'], $getSalt);
$this->getUser()->setFlash('message', 'Thanks for registration. Account activation link has been sent into your email address.');
$this->redirect('@login');
}
// if the username and email does not exist
}
}
// check if the method is POST
}
public function changePassAction()
{
$s = $this->_request->getFiltered('s');
if (!$s || !$this->user) {
throw new Am_Exception_FatalError('Trying to change User password without security code');
}
$form = $this->createForm();
if ($form->isSubmitted()) {
$form->setDataSources(array($this->_request, new HTML_QuickForm2_DataSource_Array(array('login' => $user->login))));
} else {
$form->setDataSources(array(new HTML_QuickForm2_DataSource_Array(array('s' => $this->_request->get('s'), 'login' => $this->user->login))));
}
if ($form->isSubmitted() && $form->validate()) {
//allright let's change pass
$this->user->setPass($this->_request->get('pass0'));
$this->user->update();
$this->getDi()->store->delete(self::STORE_PREFIX . $this->_request->getFiltered('s'));
$this->getDi()->auth->setUser($user);
$this->redirectLocation(REL_ROOT_URL . '/member', ___('You will be redirected to protected area'), 'Redirect');
} else {
$this->view->form = $form;
$this->view->display('changepass.phtml');
}
}
public function setpass()
{
$model = new User();
$model->setPass();
View::$layout = 'empty';
View::render('site/redirect', array('text' => 'Пароль успешно изменен', 'href' => '/cabinet/'));
}
function getUserByName($name)
{
$db = connectDB();
$sql = 'SELECT * FROM mif22_user WHERE username_user = "******"';
$req = mysql_query($sql) or die('Erreur SQL ! : ' . mysql_error());
$user = new User();
while ($data = mysql_fetch_assoc($req)) {
$user->setId($data['id_user']);
$user->setUsername($data['username_user']);
$user->setPass($data['pass_user']);
$user->setType($data['type_user']);
}
$user->setLevel(getLevelByUser($user));
mysql_close($db);
return $user;
}
require_once 'view/layout/layout.php';
break;
case 'csvImport':
$adminLvlThisControler = 4;
require_once 'lib/checkRights.php';
if (isset($_POST['file'])) {
if ($file = fopen('web/csv/' . $_POST['file'], 'r')) {
$userManager = new UserManager($bdd);
$user = new User(array());
while ($ligne = fgetcsv($file, 0, ';', '"')) {
$username = strtolower($ligne['1']);
$username = $username . '.' . strtolower($ligne['2']);
$username = utf8_encode($username);
$user->setLogin($username);
$pass = str_replace('/', '', $ligne['3']);
$user->setPass(sha1($pass));
$userManager->add($user);
}
header('Location: ?controler=user&action=list');
}
} else {
$directory = 'web/csv/';
$files = array_diff(scandir($directory), array('..', '.'));
ob_start();
require_once 'view/user/csvimport.php';
$content = ob_get_contents();
ob_end_clean();
require_once 'view/layout/layout.php';
}
break;
case 'userexport':
/**
* Will run only at startup if no users defined
*/
public function installAction()
{
if (count(User::find())) {
return $this->response->redirect();
}
$this->view->showMenu = false;
$errorMessage = [];
if (!(is_readable('reports') && is_writable('reports'))) {
$this->view->permission = ['status' => false, 'message' => "Directory: <b>[YourProjectRoot]/public/reports</b> does not have permission to read, write and delete.<br/>"];
$errorMessage[] = "You can't install without permission to read, write and delete for directory: <b>[YourProjectRoot]/public/reports</b>.<br/>";
} else {
$this->view->permission = ['status' => true, 'message' => 'Directory: <b>[YourProjectRoot]/public/reports</b> has right permissions.'];
}
//Mongo check connection
if ($this->mongo instanceof Exception) {
$this->view->mongo = ['status' => false, 'message' => $this->mongo->getMessage()];
$errorMessage[] = "You can't install without a functional Mongo connection!<br/>";
} else {
$this->view->mongo = ['status' => true, 'message' => 'Mongo connection succeed.'];
}
//Mail check SMTP
if ($this->mail instanceof Exception) {
$this->view->mail = ['status' => false, 'message' => $this->mail->getMessage()];
$errorMessage[] = $this->mail->getMessage();
} else {
$this->view->mail = ['status' => true, 'message' => 'Mail service connection succeed.'];
}
if ($this->request->isPost()) {
$post = $this->request->getPost();
if ($this->utility->isEmailValid($post['conf']['master_user']) && $post['conf']['master_pass'] == $post['conf']['master_pass2']) {
//save user;
$user = new User();
$user->email = $post['conf']['master_user'];
$user->type = 'master';
$user->setPass($post['conf']['master_pass']);
$user->save();
//change install.txt;
$fp = fopen('reports/install.txt', 'w');
$str = file_get_contents('reports/install.txt');
$str = str_replace('install=none;', 'install=done;', $str);
fwrite($fp, $str);
fclose($fp);
return $this->response->redirect('index/index');
}
}
}
function beforeSave(array &$values, User $record)
{
if (in_array('pass', Am_Di::getInstance()->config->get('subusers_fields', array())) && $values['_pass']) {
$record->setPass($values['_pass']);
}
}
function beforeSave(array &$values, User $record)
{
if (!empty($values['_pass'])) {
$record->setPass($values['_pass']);
}
if (!$record->isLoaded()) {
$record->is_approved = 1;
}
}
$_SESSION['loginError'] = "Nom d'utilisateur inconnu";
} else {
if ($resConnect == -1) {
$_SESSION['loginError'] = "Mauvais mot de passe";
}
}
$_SESSION['username'] = '******';
header('Location: ../part/accueil.php');
}
//CREATION COMPTE
} else {
if (isset($_POST['creation'])) {
if (isset($_POST['user_login_c']) && isset($_POST['user_pass_c']) && $_POST['user_login_c'] != "" && $_POST['user_pass_c'] != "") {
$user = new User();
$user->setUsername($_POST['user_login_c']);
$user->setPass($_POST['user_pass_c']);
$user->setType(1);
addUser($user);
$_SESSION['creationSuccess'] = "Vous avez crée un nouveau compte: nom d'utilisateur : " . $user->getUsername() . ", mot de passe : " . $user->getPass();
header('Location: ../part/accueil.php');
} else {
$_SESSION['loginError'] = "Merci de remplir tous les champs";
$_SESSION['username'] = '******';
header('Location: ../part/accueil.php');
}
} else {
if (isset($_POST['deconnexion'])) {
echo 'Deconnexion';
unset($_SESSION['username']);
unset($_SESSION['user']);
header('Location: ../part/accueil.php');
function returnUserAffiliateLink(User $user)
{
$link = $user->link;
//echo("Check link for: $user<br>");
if (isset($user)) {
$origUserPass = $user->pass;
if ($user->getPass()) {
$user->setPass(false);
$newUser = $this->getUserById($user->upline);
if (isset($_REQUEST['debug'])) {
echo "New User (is old): {$newUser}<br>";
}
if (isset($newUser) && $newUser->id != $user->id) {
if (isset($_REQUEST['debug'])) {
echo "New User (is new): {$newUser}<br>";
}
$link = $this->returnUserAffiliateLink($newUser);
}
} else {
$user->setPass(true);
}
// Save current state of user
$updateQuery = "Update wp_usermeta SET meta_value='" . ($user->getPass() ? 1 : 0) . "' WHERE meta_key='cb_pass' AND user_id=" . $user->id;
if (isset($_REQUEST['debug'])) {
echo "Update Query: {$updateQuery}<br>";
}
$this->getDBConnection()->queryWP($updateQuery);
$affected = $this->getDBConnection()->getWPDBConnection()->affected_rows;
if (isset($_REQUEST['debug'])) {
echo "Affected : {$affected}<br>";
}
if ($affected == 0 && $user->getPass() != $origUserPass) {
if (isset($_REQUEST['debug'])) {
echo "No rows affected after updating<br>";
}
$insertQuery = "INSERT INTO wp_usermeta (user_id,meta_key,meta_value) VALUES(" . $user->id . ",'cb_pass'," . ($user->getPass() ? 1 : 0) . ")";
$this->getDBConnection()->queryWP($insertQuery);
if (isset($_REQUEST['debug'])) {
echo "Inset Query: {$insertQuery}<br>";
}
}
}
return $link;
}
function beforeSave(array &$values, User $record)
{
if (!empty($values['_pass'])) {
$record->setPass($values['_pass']);
}
$event = new Am_Event_UserForm(Am_Event_UserForm::BEFORE_SAVE, $this->grid->getForm(), $record, $values);
$event->run();
$values = $event->getValues();
}
function userCreateAdmin()
{
$pass1 = Request::req('pass');
$pass2 = Request::req('pass2');
if ($pass1 !== $pass2) {
Utils::Redirect('./admin.php?op=create&r=password-error');
} else {
$user = new User();
$user->read();
$user->setFechaAlta(date_create()->format('Y-m-d H:i:s'));
$user->setPass(sha1($pass1));
if ($user->getActivo() == null) {
$user->setActivo('0');
}
if ($user->getAdministrador() == null) {
$user->setAdministrrador('0');
}
if ($user->getPersonal() == null) {
$user->setPersonal('0');
}
$v = $this->validate($user);
if ($v == 1) {
$r = $this->insert($user);
Utils::Redirect('./admin.php?op=create&r=' . $r);
} else {
Utils::Redirect('./admin.php?op=create&r=user-exists-' . $v);
}
}
}
