function user_edit()
{
$log = Log::getInstance();
$user = new User();
$storeid = isset($_POST['store']) ? $_POST['store'] : 0;
$user->id = isset($_POST['user']) ? $_POST['user'] : "";
$user->firstname = isset($_POST['firstname']) ? $_POST['firstname'] : "";
$user->lastname = isset($_POST['lastname']) ? $_POST['lastname'] : "";
$user->username = isset($_POST['username']) ? $_POST['username'] : "";
$user->password = isset($_POST['passwd']) ? $_POST['passwd'] : "";
$user->ci = isset($_POST['ci']) ? $_POST['ci'] : "";
$user->active = isset($_POST['active']);
$user->level = isset($_POST['role']) ? $_POST['role'] : 0;
$user->address = isset($_POST['address']) ? $_POST['address'] : "";
$user->phone = isset($_POST['phone']) ? $_POST['phone'] : "";
$user->email = isset($_POST['email']) ? $_POST['email'] : "";
if ($user->update()) {
if ($_FILES['upload']['name']) {
$imagepath = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']) . "img/user/\${$user->id}.jpg";
if (move_uploaded_file($_FILES['upload']['tmp_name'], $imagepath)) {
$user->imagepath = $imagepath;
$user->update();
} else {
$log->addError("No fue posible subir imagen");
}
}
} else {
$log->addError("No fue posible actualizar usuario, verifique que Usuario sea único.");
}
}
/**
* Save the associated user model
*
* Also, this clears out all password resets associated with the given user,
* if successful.
* @return type
*/
public function save()
{
if ($this->validate()) {
$this->userModel->password = PasswordUtil::createHash($this->password);
PasswordReset::model()->deleteAllByAttributes(array('userId' => $this->userModel->id));
return $this->userModel->update(array('password'));
}
return false;
}
private function processILSUser($info)
{
require_once ROOT_DIR . "/services/MyResearch/lib/User.php";
$user = new User();
//Marmot make sure we are using the username which is the
//unique patron ID in Millennium.
$user->username = $info['username'];
if ($user->find(true)) {
$insert = false;
} else {
$insert = true;
}
$user->password = $info['cat_password'];
$user->firstname = $info['firstname'] == null ? " " : $info['firstname'];
$user->lastname = $info['lastname'] == null ? " " : $info['lastname'];
$user->cat_username = $info['cat_username'] == null ? " " : $info['cat_username'];
$user->cat_password = $info['cat_password'] == null ? " " : $info['cat_password'];
$user->email = $info['email'] == null ? " " : $info['email'];
$user->major = $info['major'] == null ? " " : $info['major'];
$user->college = $info['college'] == null ? " " : $info['college'];
$user->patronType = $info['patronType'] == null ? " " : $info['patronType'];
$user->web_note = $info['web_note'] == null ? " " : $info['web_note'];
if ($insert) {
$user->created = date('Y-m-d');
$user->insert();
} else {
$user->update();
}
return $user;
}
public function actionVklogin($code)
{
$result = false;
$params = array('client_id' => $this->client_id, 'client_secret' => $this->client_secret, 'code' => $code, 'redirect_uri' => Yii::app()->getBaseUrl(true) . $this->redirect_uri);
$token = json_decode(file_get_contents('https://oauth.vk.com/access_token' . '?' . urldecode(http_build_query($params))), true);
if (isset($token['access_token'])) {
$params = array('uids' => $token['user_id'], 'fields' => 'uid,first_name,last_name,screen_name,nickname,photo_200', 'access_token' => $token['access_token']);
$userInfo = json_decode(file_get_contents('https://api.vk.com/method/users.get' . '?' . urldecode(http_build_query($params))), true);
if (isset($userInfo['response'][0]['uid'])) {
$userInfo = $userInfo['response'][0];
$result = true;
}
}
if ($result) {
$save = false;
$user = User::model()->find('vkid=:vkid', array('vkid' => $userInfo['uid']));
if ($user === null) {
$save = true;
$user = new User();
$user->vkid = $userInfo['uid'];
}
$user->avatar = $userInfo['photo_200'];
$user->vkuri = $userInfo['screen_name'];
$user->nickname = empty($userInfo['nickname']) ? $userInfo['first_name'] . " " . $userInfo['last_name'] : $userInfo['nickname'];
$save ? $user->save() : $user->update();
Yii::app()->session['uid'] = $user->id;
$this->redirect("/login/success");
} else {
$this->redirect("/login/error");
}
}
public function service($name)
{
if ($name == "edit") {
$id = $_GET['id'];
$user = User::byId($id);
$fields = array("username", "email", "isAdmin");
foreach ($fields as $key) {
if (isset($_GET[$key])) {
$user[$key] = $_GET[$key];
}
}
$ok = User::update($user);
return new AetherJSONResponse(array("ok" => $ok, 'id' => $id));
} elseif ($name == "create") {
// Silly way to generate a password
if (isset($_GET['username']) && strlen($_GET['username']) > 0) {
if (isset($_GET['email']) && strlen($_GET['email']) > 0) {
$username = $_GET['username'];
$email = $_GET['email'];
$isAdmin = isset($_GET['isAdmin']) && $_GET['isAdmin'] == 1 ? true : false;
$password = substr(md5(time() . rand(0, 10)), 0, 6);
$user = User::create($username, $password, $email, $isAdmin);
return new AetherJSONResponse(array("ok" => true, 'id' => $user['_id'], 'username' => $user['username'], 'pass' => $password));
} else {
$ok = false;
$msg = "Bad email";
}
} else {
$ok = false;
$msg = "Bad username";
}
return new AetherJSONResponse(array("ok" => $ok, 'msg' => $msg));
}
}
/**
* Exibe o form para edição de usuário.
*
* Exibe o form para editar o usuário a partir do ID passado pela URL
* Se o usuário não existir é exibo uma mensagem de erro e não apresentamos
* o form.
*
* @return void|false
*/
public function editAction()
{
$id = (int) $this->_getParam('id');
$result = $this->_model->find($id);
$data = $result->current();
if ( null === $data )
{
$this->view->message = "Usuário não encontrado!";
return false;
}
$form = new Application_Form_User();
$form->setAsEditForm($data);
if ( $this->_request->isPost() )
{
$data = array(
'name' => $this->_request->getPost('name'),
'email' => $this->_request->getPost('email')
);
if ( $form->isValid($data) )
{
$this->_model->update($data, "id = $id");
$this->_redirect('/users');
}
}
$this->view->form = $form;
}
function _ops_update()
{
require_login();
$msg = '';
$uid = max(0, intval($_POST['uid']));
$user = new User();
if ($uid) {
$user->retrieve($uid);
$user->merge($_POST);
if (!$user->exists()) {
$msg = 'User not found!';
} else {
if ($user->update()) {
$msg = 'User updated!';
} else {
$msg = 'User update failed!';
}
}
} else {
$user->merge($_POST);
if ($user->create()) {
$msg = 'User inserted!';
} else {
$msg = 'User insert failed!';
}
}
redirect('users/manage', $msg);
}
public function displayMain()
{
global $smarty, $link, $cookie;
if (!$cookie->logged) {
Tools::redirect($link->getPage('LoginView'));
}
$user = new User((int) $cookie->id_user);
if (Tools::isSubmit('joinCommit')) {
if (User::checkPassword($user->id, Tools::encrypt($_POST['old_passwd']))) {
if (Tools::getRequest('confirmation') == Tools::getRequest('passwd')) {
if (!empty($_POST['passwd']) && Validate::isPasswd($_POST['passwd'])) {
$user->copyFromPost();
if ($user->update()) {
$cookie->passwd = $user->passwd;
$cookie->write();
$smarty->assign('success', 'Your personal information has been successfully updated.');
}
} else {
$user->_errors[] = 'Password is invalid.';
}
} else {
$user->_errors[] = 'Password and confirmation do not match.';
}
} else {
$user->_errors[] = 'Your password is incorrect.';
}
}
$smarty->assign(array('errors' => $user->_errors, 'DISPLAY_LEFT' => Module::hookBlock(array('myaccount')), 'user' => $user));
return $smarty->fetch('my-user.tpl');
}
/**
* update
*/
public function update()
{
$res = new Response();
if (!get_class($this->params)) {
$res->data = array();
foreach ($this->params as $data) {
if ($rec = User::update($data->id, $data)) {
array_push($res->data, $rec->to_hash());
}
}
$res->success = true;
$res->message = "Updated " . count($res->data) . " records";
} else {
if ($rec = User::update($this->params->id, $this->params)) {
$res->data = $rec->to_hash();
// SIMULATE ERROR: All records having odd-numbered ID have error.
if ($rec->id % 2) {
$res->success = false;
$res->message = "SIMULATED ERROR: Lorem ipsum dolor sit amet, placerat consectetuer, nec lacus imperdiet velit dui interdum vestibulum, sagittis lectus morbi, urna aliquet minus natoque commodo egestas non, libero libero arcu sed sed.";
} else {
$res->success = true;
$res->message = "Updated record";
}
} else {
$res->message = "Failed to updated record " . $this->params->id;
$res->success = false;
}
}
return $res->to_json();
}
public function testUpdate()
{
$update = User::update(joe()->id, array('name' => 'joe_updated'));
$this->assertTrue(User::$callback_tests['before_update']);
$this->assertTrue(User::$callback_tests['after_update']);
$this->assertTrue(User::$callback_tests['before_validation']);
$this->assertTrue(User::$callback_tests['after_validation']);
}
function doModel()
{
switch ($this->action) {
case 'change_email_confirm':
//change email confirm
if (Params::getParam('userId') && Params::getParam('code')) {
$userManager = new User();
$user = $userManager->findByPrimaryKey(Params::getParam('userId'));
if ($user['s_pass_code'] == Params::getParam('code') && $user['b_enabled'] == 1) {
$userEmailTmp = UserEmailTmp::newInstance()->findByPk(Params::getParam('userId'));
$code = osc_genRandomPassword(50);
$userManager->update(array('s_email' => $userEmailTmp['s_new_email']), array('pk_i_id' => $userEmailTmp['fk_i_user_id']));
Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']);
UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
osc_add_flash_ok_message(_m('Your email has been changed successfully'));
$this->redirectTo(osc_user_profile_url());
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
} else {
osc_add_flash_error_message(_m('Sorry, the link is not valid'));
$this->redirectTo(osc_base_url());
}
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if ($email != '' && $secret != '') {
$result = Alerts::newInstance()->activate($email, $secret);
}
if ($result == 1) {
osc_add_flash_ok_message(_m('Alert activated'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo(osc_base_url(true));
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if ($email != '' && $secret != '') {
Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_base_url());
break;
default:
$this->redirectTo(osc_user_login_url());
break;
}
}
function actionUpdate()
{
$user = new User();
// 修改uid=2的名字为whoami
$this->result = $user->update(array("uid" => "2"), array("username" => "whoami"));
// update返回结果是影响行数,返回0证明查询不到对应条件的数据
$this->findall = $user->findAll();
$this->display("db/update.html");
}
/**
* Creates a new user session for the active session.
*
* @param integer $userID
*/
protected function createUser($userID)
{
// create a user and add group data from cache to user_data.
// if cache for this users groups does not exist: build it.
$this->user = $userID ? new $this->userSessionClassName($userID) : new $this->guestSessionClassName();
$this->user->update();
$this->userDataChanged = true;
$this->userDataReset = false;
}
/**
* @covers User::update
*/
public function testUpdateWithLoginAlreadyUsed()
{
$this->object->login = '******';
$this->object->name = 'name';
$this->object->password = '******';
$this->object->status = 1;
$this->assertFalse($this->object->update($this->object, $error), 'User updated but login already used');
$this->assertEquals(': login `' . $this->object->login . '` already exists', $error, 'Error message should explain that login "' . $this->object->login . '" is already used, but following reason is returned: ' . $error);
}
function panel()
{
$this->load->model('user');
$this->load->model('script');
$this->load->library('facebook');
if ($signedUp = $this->session->flashdata('signedUp')) {
$this->session->keep_flashdata('signedUp');
$viewData['signedUp'] = $signedUp;
}
if ($this->input->post('changePassword')) {
if ($this->_checkToken()) {
$this->load->library('validation');
$rules['currentPassword'] = '******';
$rules['newPassword'] = '******';
$rules['newPasswordRepeat'] = 'required|matches[newPassword]';
$fields['currentPassword'] = '******';
$fields['newPassword'] = '******';
$fields['newPasswordRepeat'] = 'new password repeated';
$this->validation->set_rules($rules);
$this->validation->set_fields($fields);
if ($this->validation->run() === true) {
$user = new User();
$user->setKey($this->_getUser());
$user->retrieve();
if ($user->get('password') === $user->makePass($this->input->post('currentPassword'))) {
$user->set('password', $user->makePass($this->input->post('newPassword')));
$viewData['checkpoints'][] = 'You have successfully changed your password.';
$user->update();
} else {
$viewData['errors'][] = 'You did not enter your current password correctly.';
}
}
}
}
$viewData['token'] = $this->_token();
$user = new User();
$script = new Script();
$user->retrieve($this->session->userdata('email'));
if ($user->getType() === User::FB_CONNECT) {
$viewData['email'] = false;
$viewData['UID'] = $user->getKey();
$viewData['name'] = $user->name();
$viewData['institution'] = $user->institution();
if (!($subject = $user->subject())) {
$subject = 'Not specified on Facebook';
}
$viewData['subject'] = $subject;
$viewData['fbEmail'] = $user->get('fbEmail');
} else {
$viewData['email'] = $user->getKey();
$viewData['name'] = $user->get('name');
$user->get('subject') ? $viewData['subject'] = $user->get('subject') : ($viewData['subject'] = 'Not specified');
$viewData['institution'] = $user->get('institution');
}
//$viewData['messages'][] = 'We are on day '.ceil((time() - 1229536800)/86400).' of the Exambuff pilot. Thanks for taking part!';
$this->_template('user/panel', 'Your account', 'my-account', $viewData);
}
public function testCanUpdateUserMyintNonNumeric()
{
$joe = joe();
$update = User::update($joe->id, array('my_int' => 'l'));
$this->assertFalse($update->saved);
//reload joe
$joe2 = User::_find($joe->id);
//assert that nothing changed
$this->assertTrue(is_null($joe2->my_int));
}
public function initLogin()
{
App::import('vendor', array('db', 'api.basic_auth'));
$id = BasicAuth::getCurrentUser();
if (false === $id) {
$this->controller->error(ECode::$LOGIN_ERROR);
}
$this->isLogin = $id !== 'guest';
if ('guest' !== $id) {
$ret = Forum::checkBanIP($id, $this->from);
switch ($ret) {
case 1:
$this->controller->error(ECode::$LOGIN_IPBAN);
break;
case 2:
$this->controller->error(ECode::$LOGIN_EPOS);
break;
case 3:
$this->controller->error(ECode::$LOGIN_ERROR);
break;
}
}
$db = DB::getInstance();
if ($u = $db->one('select id, utmpnum, utmpkey from pl_api_session where id=?', array($id))) {
if (Forum::initUser($u['id'], intval($u['utmpnum']), intval($u['utmpkey']))) {
$val = array('expire' => time() + $this->_expire);
$db->update('pl_api_session', $val, 'where id=?', array($u['id']));
return;
}
}
$ret = Forum::setUser(true);
switch ($ret) {
case -1:
$this->controller->error(ECode::$LOGIN_MULLOGIN);
case 1:
$this->controller->error(ECode::$LOGIN_MAX);
case 3:
$this->controller->error(ECode::$LOGIN_IDBAN);
case 4:
$this->controller->error(ECode::$LOGIN_IPBAN);
case 5:
$this->controller->error(ECode::$LOGIN_FREQUENT);
case 7:
$this->controller->error(ECode::$LOGIN_NOPOS);
}
User::update();
$user = User::getInstance();
if ($u) {
$val = array('utmpnum' => $user->index, 'utmpkey' => $user->utmpkey, 'expire' => time() + $this->_expire);
$db->update('pl_api_session', $val, 'where id=?', array($user->userid));
} else {
$val = array('k' => array('id', 'utmpnum', 'utmpkey', 'expire'), 'v' => array(array($user->userid, $user->index, $user->utmpkey, time() + $this->_expire)));
$db->insert('pl_api_session', $val);
}
}
public function confirmAction()
{
$guid = $this->getRequest()->getParam(User::COL_GUID);
$userTable = new User();
$dbAdapter = $userTable->getAdapter();
$result = $userTable->update(array(User::COL_ACTIVE => 1, User::COL_GUID => null), $dbAdapter->quoteInto(User::COL_GUID . '=?', $guid));
if ($result == 1) {
$this->view->message = 'User confirmed!';
} else {
$this->view->message = 'User not confirmed!';
}
}
public function testUpdateFails()
{
$user = User::_create($this->user_data);
$u = User::update($user->id, array('name' => NULL));
$this->assertFalse($u->test_before_create);
$this->assertFalse($u->test_after_create);
$this->assertFalse($u->test_before_save);
$this->assertFalse($u->test_after_save);
$this->assertTrue($u->test_before_validations);
$this->assertTrue($u->test_after_validations);
$this->assertFalse($u->test_before_update);
$this->assertFalse($u->test_after_update);
}
/**
* update
*/
public function update()
{
$res = new Response();
$rec = User::update($this->id, $this->params);
if ($rec) {
$res->data = $rec->to_hash();
$res->success = true;
$res->message = 'Updated User ' . $this->id;
} else {
$res->message = "Failed to find that User";
}
return $res->to_json();
}
/**
* 登录
* @param string $username 用户名
* @param string $password 密码
*/
public static function Login($username, $password)
{
$user = new User();
$ret = $user->getByName($username);
if (!$ret) {
return '用户名不存在!';
}
if ($ret['password'] != md5($password)) {
return '密码错误!';
}
$user->update(array('last_login' => time()), $ret);
return self::WriteCookie($ret['id'], $ret['username'], $ret['type']);
}
/**
* create new company & user as creator & admin
*/
public function register()
{
$transaction = Yii::app()->db->beginTransaction();
try {
//create company first
$company = new Company();
$company->name = $this->name;
$company->country = $this->country;
$company->phone = $this->phone;
if (!$company->save()) {
$transaction->rollback();
return false;
}
//create user
$user = new User();
$user->username = $this->username;
$user->password = $user->encrypt($this->password);
$user->password_repeat = $this->password_repeat;
$user->email = $this->email;
$user->company_id = $company->id;
$user->create_time_utc = $user->update_time_utc = time();
if (!$user->save(false)) {
$transaction->rollback();
return false;
}
$company->owner_id = $company->create_user_id = $company->update_user_id = $user->id;
if (!$company->update()) {
$transaction->rollback();
return false;
}
$user->create_user_id = $user->update_user_id = $user->id;
if (!$user->update()) {
$transaction->rollback();
return false;
}
//create default product folder
$defaultProductFolder = new ProductFolder();
$defaultProductFolder->name = 'Main Folder';
$defaultProductFolder->parent_id = 0;
$defaultProductFolder->company_id = $company->id;
if (!$defaultProductFolder->save()) {
$transaction->rollback();
return false;
}
$transaction->commit();
return true;
} catch (Exception $ex) {
$transaction->rollback();
return false;
}
}
public function update()
{
// validation
$user = new User(_post('user'));
$user->id = User::get_login_id();
if (!$user->validate_update()) {
$this->flash->add('message_error', $user->errors->get_messages());
$this->back();
}
$user->update();
$user->login();
$this->flash->add('message_success', '성공적으로 수정 되었습니다!');
$this->redirect_to('/user/update_form');
}
public function save()
{
$user = new User($_REQUEST['id']);
if ($user->id) {
$res = $user->update($_REQUEST);
if ($res) {
Registry::addMessage("Usuario actualizado satisfactoriamente", "success", "", Url::site("users"));
}
} else {
$res = $user->insert($_REQUEST);
if ($res) {
Registry::addMessage("Usuario creado satisfactoriamente", "success", "", Url::site("users"));
}
}
$this->ajax();
}
/**
* Reset profile user.
*/
public static function reset_user($input)
{
// sanitize daftar tipe
if (isset($input['tipe'])) {
$tipe = in_array($input['tipe'], User::daftar_tipe()) ? $input['tipe'] : 1;
} else {
$tipe = 1;
}
// update profile user
User::update($input['id'], array('username' => $input['username'], 'password' => Hash::make($input['password']), 'fullname' => $input['fullname'], 'tipe' => $tipe));
// user logged in dengan username dan password yang baru tanpa harus login ulang
Auth::login(Auth::user()->id);
// message sukses
$msg = $input['fullname'] . ' telah diupdate ke dalam daftar pengguna aplikasi ini.';
return $msg;
}
public static function update($id)
{
self::check_logged_in();
$params = $_POST;
if ($params['password'] == '') {
$params['password'] = User::find($id)->password;
}
if (array_key_exists('admin', $params)) {
$params['admin'] = 't';
} else {
$params['admin'] = 'f';
}
$attributes = array('id' => $id, 'username' => $params['username'], 'password' => $params['password'], 'admin' => $params['admin']);
$user = new User($attributes);
$user->update();
Redirect::to('/user', array('message' => 'The user has been modified successfully!'));
}
function save()
{
$translator = new Translator();
$user = new User();
try {
$data = array('first_name' => '', 'last_name' => '', 'email' => '', 'password' => '', 'company' => '', 'position' => '', 'phone' => '', 'country' => '', 'city' => '', 'interface' => '', 'role_id' => 0, 'subscribe' => false, 'active' => false);
foreach ($data as $key => $val) {
if (isset($_POST[$key])) {
$data[$key] = $_POST[$key];
}
}
$data['name'] = $_POST['last_name'] . ' ' . $_POST['first_name'];
foreach ($user->roles as $key => $val) {
if (isset($_POST['role' . $val])) {
$data['role_id'] += $val;
}
}
$id = array_shift($this->param);
$user->update($id, $data);
echo <<<EOF
<div class="container">
<div class="page-header">
<h1>{$translator->User_updated}</h1>
</div>
<p class="lead">{$translator->User_updated_Desc}</p>
<p >{$translator->Error_Backusers}</p>
</div>
<script type="text/javascript">
window.location.href='/admin_users';
</script>
EOF;
} catch (Exception $e) {
echo <<<EOF
<div class="container">
<div class="page-header">
<h1>{$translator->User_error}</h1>
</div>
<p class="lead">{$translator->User_error_Desc}</p>
<p >{$translator->Error_Backusers}</p>
</div>
EOF;
}
}
public function procede()
{
try {
if ($this->oRequest->existParam('login')) {
if (!$this->oRequest->existParam('mail')) {
throw new Error("Le champ Email doit être renseigné.", 1033);
}
if (!$this->oRequest->existParam('rank')) {
throw new Error("Le champ Rang doit être renseigné.", 1033);
}
$sPassword = $this->checkPassword();
if ($this->oRequest->existParam('edit')) {
$sPassword = $this->checkPassword();
$oUser = new User($this->oRequest->getParam('edit', 'int'), $this->oRequest->getParam('login', 'string'), $sPassword, $this->oRequest->getParam('mail', 'string'), md5(time() * rand()), $this->oRequest->getParam('rank', 'int'));
//Suppression
if ($this->oRequest->existParam('delete') && $this->oRequest->getParam('delete', 'boolean')) {
$oUser->delete();
Logger::log('admin', 'L\'utilisateur ' . $this->oRequest->getParam('login', 'string') . ' a été supprimé par ' . $this->oCurrentUser->getLogin());
$this->oView->addAlert('L\'utilisateur ' . $this->oRequest->getParam('login', 'string') . ' a été supprimé.', 'success');
} else {
//Edit
$oUser->update();
Logger::log('admin', 'L\'utilisateur ' . $this->oRequest->getParam('login', 'string') . ' a été modifié par ' . $this->oCurrentUser->getLogin());
$this->oView->addAlert('L\'utilisateur ' . $this->oRequest->getParam('login', 'string') . ' a été modifié.', 'success');
}
} else {
if (!$this->oRequest->existParam('password')) {
throw new Error("Le champ Password doit être renseigné.", 1033);
}
if (!$this->oRequest->existParam('confirmation')) {
throw new Error("Le champ Confirmation doit être renseigné.", 1033);
}
$sPassword = $this->checkPassword();
$oUser = new User(0, $this->oRequest->getParam('login', 'string'), $sPassword, $this->oRequest->getParam('mail', 'string'), md5(time() * rand()), $this->oRequest->getParam('rank', 'int'));
$oUser->store();
Logger::log('admin', 'L\'utilisateur ' . $this->oRequest->getParam('login', 'string') . ' a été ajouté par ' . $this->oCurrentUser->getLogin());
$this->oView->addAlert('L\'utilisateur ' . $this->oRequest->getParam('login', 'string') . ' a été ajouté.', 'success');
}
}
} catch (Exception $e) {
$this->oView->addAlert($ex, 'danger');
} finally {
$this->createView();
}
}
function editUser()
{
global $lang;
$page_lang = scandir('inc/lang/' . $_SESSION['language']);
foreach ($page_lang as $file) {
if ($file != '.' && $file != '..') {
$parts = explode(".", $file);
$page = $parts[0];
if ($page == 'user') {
$page_file = $file;
}
}
}
include_once 'inc/lang/' . $_SESSION['language'] . '/' . $page_file;
if ($_SESSION['access']->users > 1) {
$results = array();
$results['formAction'] = "editUser";
if (isset($_POST['saveChanges'])) {
// User has posted the user edit form: save the user changes
if (!($user = User::getById((int) $_GET['editId']))) {
header("Location: index.php?action=listUser&error=userNotFound");
return;
}
if (!empty($_POST['newPassword'])) {
$_POST['password'] = md5($_POST['newPassword']);
}
unset($_POST['newPassword']);
unset($_POST['newPassConfirm']);
$user = new User();
$user->storeFormValues($_POST);
$user->update();
header("Location: index.php?action=listUser&success=userChangesSaved");
} elseif (isset($_POST['cancel'])) {
// User has cancelled their edits: return to the user list
header("Location: index.php?action=listUser");
} else {
// User has not submitted the user edit form: display the user edit form
$results['user'] = User::getById((int) $_GET['userId']);
require "inc/layout/editUser.php";
}
} else {
require "inc/layout/noAccess.php";
}
}
/**
* Create a new user
*
* @param $email
*/
public function createAction($email)
{
if (!$this->isValidEmail($email)) {
die("'{$email}' is not a valid email address\n");
}
if ($user = User::findFirst(['email = :email:', 'bind' => ['email' => $email]])) {
die("The account {$email} already exists. Duplicate account emails are not allowed.\n");
}
echo "Creating user '{$email}'\n";
$password = $this->promptCreatePassword();
echo "Keying...\n";
$user = new User();
$user->email = $email;
$user->setPassword($password);
// Create OTP key
$otp = Seed::generate(40);
$user->setOtpKey($otp->getValue(Seed::FORMAT_BASE32), $password);
// Create account key
$key = Key::generate($user->dangerouslyRegenerateAccountKeyPassphrase($password));
$key->setName('Account key');
// Save user and key
$this->db->begin();
$user->create();
$key->user_id = $user->id;
$key->create();
$user->accountKey_id = $key->id;
$user->update();
$this->db->commit();
echo "Created user {$email} with id {$user->id}\n";
echo "OTP: {$this->generateOtpUri($user, $otp)}\n";
}
