/** * Mapea un usuario de un recordset al objeto * * @param $rs Recordset con datos del usuario * @param $mapCollections boolean, si true, las colecciones se mapean en el objeto empleado N selects * @return objeto User mapeado */ function mapOne($rs) { if ($rs == null) { return array(); } $user = new User(); $user->setId($rs->fields["ID"]); $user->setName($rs->fields["name"]); $user->setNick($rs->fields["nick"]); $user->setPwd($rs->fields["pwd"]); $user->setAttributesId($rs->fields["attributesID"]); return $user; }
}); //GET route $app->get('/setup', function () use($app) { disable_cache($app); if (DatawrapperSession::getUser()->isLoggedIn() || UserQuery::create()->filterByRole(array('admin', 'sysadmin'))->count() > 0) { $app->redirect('/'); } $page = array('title' => 'Datawrapper', 'pageClass' => 'setup', 'noHeader' => true, 'noFooter' => true, 'noSignup' => true, 'auth_salt' => DW_AUTH_SALT); add_header_vars($page, ''); $app->render('setup.twig', $page); }); /* * endpoint for final setup script */ $app->post('/setup', function () use($app) { $data = json_decode($app->request()->getBody()); // check that there is no admin user yet (only true right after setup) if (UserQuery::create()->count() == 0) { $user = new User(); $user->setCreatedAt(time()); $user->setEmail($data->email); $user->setRole('admin'); $user->setPwd(secure_password($data->pwd)); $user->setLanguage(DatawrapperSession::getLanguage()); $user->save(); DatawrapperSession::login($user); $app->redirect('/'); } else { print json_encode(array('status' => 'fail')); } });
}, 'password-missing' => function ($d) { return trim($d->pwd) != ''; })); } foreach ($checks as $code => $check) { if (call_user_func($check, $data) == false) { error($code, $code); return; } } // all checks passed $user = new User(); $user->setCreatedAt(time()); $user->setEmail($data->email); if (!$invitation) { $user->setPwd($data->pwd); } if ($currUser->isAdmin() && !empty($data->role)) { // Only sysadmin can set a sysadmin role if ($data->role == "sysadmin") { if (!$currUser->isSysAdmin()) { error(403, 'Permission denied'); return; } } $user->SetRole($data->role); } $user->setLanguage(DatawrapperSession::getLanguage()); $user->setActivateToken(hash_hmac('sha256', $data->email . '/' . time(), DW_TOKEN_SALT)); $user->save(); $result = $user->toArray();
/** * Checking permissions */ require_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); require_once "../lib/Form.php"; /** * Validate data */ $errorLocation = "../admin/user_pwd_reset_form.php?id_user="******"id_user"]); // controlling var require_once "../model/Query/User.php"; $user = new User(); $user->setIdUser($_POST["id_user"]); $user->setLogin($_POST["login"]); $user->setPwd($_POST["md5"]); $_POST["pwd"] = ""; $user->setPwd2($_POST["md5_confirm"]); $_POST["pwd2"] = ""; if (!$user->validatePwd()) { $formError["pwd"] = $user->getPwdError(); Form::setSession($_POST, $formError); header("Location: " . $errorLocation); exit; } /** * Destroy form values and errors */ Form::unsetSession(); /** * Update user
$charts = ChartQuery::create()->filterByUser($user)->find(); if ($charts) { foreach ($charts as $chart) { $chart->delete(); $chart->save(); } } // delete user $user->delete(); $user->save(); } // create test user $user = new User(); $user->setEmail('test'); $pwd = !empty($dw_config['testuser_pwd']) ? $dw_config['testuser_pwd'] : 'test'; $user->setPwd(hash_hmac('sha256', $pwd, DW_AUTH_SALT)); $user->setRole('editor'); $user->setCreatedAt(time()); $user->save(); $themes = DatawrapperTheme::all(true); foreach (glob("../test/test-charts/*.json") as $test) { $config = json_decode(file_get_contents($test), true); $data = $config['_data']; unset($config['_data']); unset($config['_sig']); if (isset($config['_id'])) { $config['metadata']['describe']['__test_id'] = $config['_id']; unset($config['_id']); } unset($config['id']); foreach ($themes as $theme) {
<?php require_once "private/config.php"; require_once "views/GeneralView.class.php"; require_once "views/ErrorOrSuccessView.class.php"; require_once "models/User.class.php"; require_once "models/UserManager.class.php"; $manager = new UserManager($db); $viewG = new GeneralView(); $viewG->header("Modification d'utilisateur"); $viewG->navBar("Modification d'utilisateur"); if (isset($_POST['login']) && isset($_POST['nom']) && isset($_POST['prenom']) && isset($_POST['adresse']) && $_POST['EnvoyerModifUser'] == 'Envoyer') { $user = new User($_POST); if ($_POST['newpwd'] != $_POST['confpwd']) { echo 'Mauvaise confirmation du mot de passe.'; } else { $pass = htmlspecialchars($_POST['newpwd']); $nouveauPwd = sha1($pass); $user->setPwd($nouveauPwd); } $manager->modify($user); echo 'La modification de l\'utilisateur a bien été prise en compte.<br/>'; } $viewG->footer();
} $ds = ldap_connect($LDAP_SERVER); try { $r = ldap_bind($ds, "{$user}@" . $LDAP_DOMAIN, $payload->password); $user = UserQuery::create()->findOneByEmail($user); if (!empty($user)) { if ($admin === true && $user->getRole() != "admin") { $user->setRole("admin"); } DatawrapperSession::login($user, $payload->keeplogin == true); ok(); } else { $user = new User(); $user->setCreatedAt(time()); $user->setEmail($payload->user); $user->setPwd("via_ldap"); if ($admin === false) { $user->setRole("editor"); } else { $user->setRole("admin"); } $user->setLanguage("en_GB"); $user->save(); DatawrapperSession::login($user, $payload->keeplogin == true); ok(); } } catch (Exception $e) { error('login-invalid', __('Invalid login.')); } // $payload = json_decode($app->request()->getBody()); // // First, check username against LDAP