/**
* get_show takes in a username, finds the user's id from the username, gets the information about the user from the
* followers and critts table and outputs it into the others.profile view
*/
public function action_show($username)
{
// we get the user's id that matches the username
$user_id = User::where('username', '=', $username)->only('id');
// declare some default values for variables
$following = null;
$followers = 0;
// if the username is not found, display an error
if ($user_id == null) {
echo "This username does not exist.";
} else {
if (Auth::user()) {
// if the user tries to go to his/her own profile, redirect to user's profile action.
if ($user_id == Auth::user()->id) {
return Redirect::to_action('user@index');
}
// check if the current user is already following $username
$following = Follower::where('user_id', '=', Auth::user()->id)->where('following_id', '=', $user_id)->get() ? true : false;
}
// eager load the critts with user data
$allcritts = Critt::with('user')->where('user_id', '=', $user_id);
// order the critts and split them in chunks of 10 per page
$critts = $allcritts->order_by('created_at', 'desc')->paginate(10);
// count the critts
$critts_count = $allcritts->count();
// count the followers
$followers = Follower::where('following_id', '=', $user_id)->count();
// bind data to the view
return View::make('others.profile')->with('username', $username)->with('user_id', $user_id)->with('following', $following)->with('followers', $followers)->with('count', $critts_count)->with('critts', $critts);
}
}
function member_view($id = NULL)
{
$users = new User();
$data['category'] = new Category($id);
if ($id) {
$data['users'] = $users->where("newsletter like '%" . $id . "%'")->get_page();
} else {
$data['users'] = $users->where("newsletter <> ''")->get_page();
}
$this->template->build('admin/category_member_view', $data);
}
public function save($id = false)
{
if ($this->perm->can_create == 'y') {
if ($_POST) {
$data = new User($id);
// ตรวจสอบชื่อ username ซ้ำ
if (@$_POST["username"]) {
$chk = new User();
if ($id) {
$chk->where("id !=", $id);
}
$chk->where("username", strip_tags(trim($_POST["username"])))->get();
if ($chk->id) {
redirect("admin/settings/users");
}
}
// ตรวจสอบชื่อ email ซ้ำ
if (@$_POST["email"]) {
$chk = new User();
if ($id) {
$chk->where("id !=", $id);
}
$chk->where("email", strip_tags(trim($_POST["email"])))->get();
if ($chk->id) {
// redirect("admin/settings/users");
}
}
// Username
// $data->username = strip_tags(trim($_POST["username"]));
if (!empty($_POST["password"])) {
$data->password = encrypt_password(strip_tags(trim($_POST["password"])));
}
$data->titulation = strip_tags($_POST["titulation"]);
$data->firstname = strip_tags($_POST["firstname"]);
$data->lastname = strip_tags($_POST["lastname"]);
$data->email = strip_tags($_POST["email"]);
$data->tel = strip_tags($_POST["tel"]);
$data->org_id = $_POST['org_id'];
$data->position = strip_tags($_POST['position']);
$data->user_type_id = $_POST['user_type_id'];
$data->username = strip_tags($_POST['username']);
$data->status = !empty($_POST['status']) ? '1' : '0';
if ($_POST['id'] == '') {
$data->created_by = $this->current_user->id;
} else {
$data->updated_by = $this->current_user->id;
}
$data->save();
$action = $_POST['id'] > 0 ? 'UPDATE' : 'CREATE';
save_logs($this->menu_id, $action, @$data->id, $action . ' ' . $data->firstname . ' ' . $data->lastname . ' User Detail');
}
}
redirect("admin/settings/users");
}
public function __construct()
{
$this->beforeFilter(function () {
if (Request::format() == 'html') {
if (!Auth::check()) {
return Redirect::to('/login');
} else {
$this->user_id = Auth::user()->id;
$this->zipcode = Session::get('zipcode');
$this->store_id = Session::get('store_id');
$this->cart_id = Session::get('cart_id');
$lists = Lists::where('owner_id', $this->user_id)->get();
Session::put('lists', $lists);
$this->city = City::where('zipcode', $this->zipcode)->first();
$this->stores = DB::table('stores')->leftJoin('store_locations', 'stores.id', '=', 'store_locations.store_id')->where('store_locations.zipcode', $this->zipcode)->select('stores.*')->get();
$this->departments = Department::where('store_id', $this->store_id)->get();
$this->store = Store::find($this->store_id);
}
} else {
$this->user_id = Input::get('user_id');
$token = Input::get('token');
if ($user = User::where('token', '=', $token)->where('id', '=', $this->user_id)->first()) {
$this->zipcode = $user->zipcode;
} else {
$response_array = array('success' => 'false', 'error_code' => '400', 'error' => 'Invalid Token');
$response_code = 200;
$response = Response::json($response_array, $response_code);
return $response;
}
}
}, array('except' => array()));
}
public function run()
{
/**
* $userModel = User::find(1);
* $userModel->detachRoles($userModel->roles);
*/
DB::statement('SET FOREIGN_KEY_CHECKS=0;');
DB::table('roles')->truncate();
DB::table('roles')->delete();
DB::table('assigned_roles')->truncate();
DB::table('assigned_roles')->delete();
DB::table('users')->truncate();
DB::table('users')->delete();
User::create(array('firstname' => 'Администратор', 'email' => '*****@*****.**', 'password' => Hash::make('123456')));
User::create(array('firstname' => 'Богдан', 'email' => '*****@*****.**', 'password' => Hash::make('123456')));
$role = new Role();
$role->name = 'Customer';
$role->save();
$role = new Role();
$role->name = 'Admin';
$role->save();
$admin = User::where('firstname', '=', 'Администратор')->first();
$admin->attachRole($role);
$user = User::where('firstname', '=', 'Богдан')->first();
$user->attachRole($role);
DB::statement('SET FOREIGN_KEY_CHECKS=1;');
}
/**
* Attempt to do login
*
* @return Illuminate\Http\Response
*/
public function doLogin()
{
$repo = App::make('UserRepository');
$input = Input::all();
if ($repo->login($input)) {
$usuario = User::where('email', '=', $input['email'])->first();
//Codigo de verificacion si es superAdmin
$rol_admin = AssigmentRole::where('user_id', '=', $usuario->id)->where('role_id', '=', 1)->first();
if ($rol_admin) {
return Redirect::route('home');
} else {
$err_msg = 'No tiene los permisos para acceder como administrador.';
return Redirect::action('UsersController@login')->with('error', $err_msg);
}
} else {
if ($repo->isThrottled($input)) {
$err_msg = 'emasiados intentos. Inténtelo de nuevo en unos minutos.';
} elseif ($repo->existsButNotConfirmed($input)) {
$user = User::where('email', '=', $input['email'])->first();
if (Config::get('confide::signup_email')) {
Mail::queueOn(Config::get('confide::email_queue'), Config::get('confide::email_account_confirmation'), compact('user'), function ($message) use($user) {
$message->to($user->email, $user->username)->subject(Lang::get('confide::confide.email.account_confirmation.subject'));
});
}
$err_msg = 'Su cuenta puede ser que no este confirmada. Compruebe su e-mail para acceder al enlace de activación.';
} else {
$err_msg = 'Usuario, e-mail o contraseña incorrectos.';
}
return Redirect::action('UsersController@login')->with('error', $err_msg);
}
}
public function registrar()
{
$username = Input::get('correo');
$usuarios = User::where('username', '=', $username)->count();
$codigo = Input::get('codigo_postal');
if ($codigo > 34398 || $codigo < 34000) {
return Response::json('0');
} elseif ($usuarios > 0) {
return Response::json('usuario repetido');
} else {
$reg_id = Input::get('reg_id');
$user = new UsuariosHD();
$user->username = $username;
$user->id_restaurante = 0;
$user->estatus = 0;
$user->estatus_u = 'disponible';
$user->password = Hash::make(Input::get('password'));
$user->nombre = Input::get('nombre');
$user->apellidos = Input::get('apellidos');
$user->correo = $username;
$user->edad = Input::get('edad');
$user->sexo = Input::get('sexo');
$user->reg_id = $reg_id;
$user->codigo_postal = Input::get('codigo_postal');
$user->save();
return Response::json('1');
}
}
public function getIndex()
{
$data['pageTitle'] = "Quizzler | Users";
//$data['urlAddBack'] = "backends/users/add";
$data['urlAddBack'] = "#";
$data['btnAddBack'] = '<i class="icon-plus"></i><span>Add<span>';
$data['labelPage'] = "The Quizzler";
if (isset($_GET['keyword'])) {
$userRoleId = $_GET['keyword'];
if ($_GET['keyword'] != '') {
$data['users'] = User::where('user_role_id', $userRoleId)->orderBy('created_at', 'asc')->paginate(10);
} else {
$data['users'] = User::orderBy('created_at', 'asc')->paginate(10);
}
} else {
$userRoleId = 1;
$data['users'] = User::where('user_role_id', $userRoleId)->orderBy('created_at', 'asc')->paginate(10);
}
$data['userType'] = $userRoleId;
$userRole = Userrole::orderBy('name', 'asc')->get();
$userRoleArr = ['' => '-- All users --'];
foreach ($userRole as $role) {
$userRoleArr[$role->id] = $role->name;
}
$data['userRole'] = $userRoleArr;
$result = Results::all();
$resultArr = [];
foreach ($result as $rs) {
$resultArr[$rs->user_id] = $rs->user_id;
}
$data['resultArr'] = $resultArr;
$data['formOrigin'] = "users";
$data['activeU'] = 'active';
return View::make('backends.users.users', $data);
}
public function fbConnect()
{
if (!Auth::check()) {
$fb_user = Input::get('fb_user');
$user = User::where('email', '=', $fb_user['email'])->first();
if ($user != null) {
if ($user->count()) {
Auth::login($user);
$user->last_login_at = new DateTime('now');
$user->last_ip_address = $_SERVER["REMOTE_ADDR"];
$user->save();
return Response::json(array('status' => 'logging'));
} else {
//create user account
$user = User::create(array('email' => '*****@*****.**', 'username' => 'Monkey', 'password' => Hash::make($this->gen_random_string(12)), 'code' => str_random(60), 'active' => 1));
//normally active = 0 but until we can get email validation working it will stay 1);
$user->save();
Auth::login($user);
return Response::json(array('status' => 'registering'));
}
} else {
$fb_user_name = explode(" ", $fb_user['name']);
//create user account
$user = User::create(array('email' => $fb_user['email'], 'username' => $fb_user['name'], 'password' => Hash::make($this->gen_random_string(12)), 'first_name' => $fb_user_name[0], 'last_name' => $fb_user_name[1], 'code' => str_random(60), 'active' => 1));
//normally active = 0 but until we can get email validation working it will stay 1);
$user->save();
Auth::login($user);
return Response::json(array('status' => 'registering'));
}
} else {
return Response::json(array('status' => 'logged'));
}
}
public function login()
{
$account = Input::get('account');
$password = Input::get('password');
if (!isset($account)) {
return Response::json(array('error_code' => 1, 'message' => '请输入账户'));
}
if (!isset($password)) {
return Response::json(array('error_code' => 2, 'message' => '请输入密码'));
}
$user = User::where('account', $account)->first();
if (!isset($user)) {
return Response::json(array('error_code' => 3, 'message' => '用户名不存在'));
}
if (!($user->role & 0x2)) {
return Response::json(array('error_code' => 4, 'message' => '无效用户'));
}
try {
Sentry::authenticate(array('phone' => $user->phone, 'password' => $password));
} catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
return Response::json(array('error_code' => 5, 'message' => '用户名或密码错误'));
} catch (Cartalyst\Sentry\Users\PasswordRequiredException $e) {
return Response::json(array('error_code' => 5, 'message' => '用户名或密码错误'));
}
$doctor = Doctor::where('user_id', $user->id)->first();
Session::put('user.id', $user->id);
Session::put('doctor.id', $doctor->id);
Session::put('doctor.name', $doctor->name);
Session::put('doctor.photo', $doctor->photo);
return Response::json(array('error_code' => 0, 'message' => '登录成功'));
}
static function operatorsOnline($company_id)
{
$response = 0;
$department_admin_ids = CompanyDepartmentAdmins::where('company_id', $company_id)->lists('user_id');
$company = Company::find($company_id);
$user = User::find($company->user_id);
if ($user->is_online == 1) {
return 1;
} else {
foreach ($department_admin_ids as $admin_id) {
if ($response == 0) {
$user = User::find($admin_id);
if ($user->is_online == 1) {
return 1;
} else {
$department_admin = DepartmentAdmins::where('user_id', $admin_id)->first();
if (!empty($department_admin)) {
$operators_ids = OperatorsDepartment::where('department_id', $department_admin->department_id)->lists('user_id');
foreach ($operators_ids as $operators_id) {
if (sizeof(User::where('id', $operators_id)->get()) > 0) {
$user = User::find($operators_id);
if ($user->is_online == 1) {
return 1;
}
}
}
}
}
}
}
}
return $response;
}
public function run()
{
if (file_exists(app_path() . '/config/creds.yml')) {
$creds = yaml_parse_file(app_path() . '/config/creds.yml');
} else {
$creds = array('admin_email' => '*****@*****.**');
}
$admin = new Role();
$admin->name = 'Admin';
$admin->save();
$independent_sponsor = new Role();
$independent_sponsor->name = 'Independent Sponsor';
$independent_sponsor->save();
$permIds = array();
foreach ($this->adminPermissions as $permClass => $data) {
$perm = new Permission();
foreach ($data as $key => $val) {
$perm->{$key} = $val;
}
$perm->save();
$permIds[] = $perm->id;
}
$admin->perms()->sync($permIds);
$user = User::where('email', '=', $creds['admin_email'])->first();
$user->attachRole($admin);
$createDocPerm = new Permission();
$createDocPerm->name = "independent_sponsor_create_doc";
$createDocPerm->display_name = "Independent Sponsoring";
$createDocPerm->save();
$independent_sponsor->perms()->sync(array($createDocPerm->id));
}
public function register_visualization($document_id)
{
$documento = \Documento::find($document_id);
if (!$documento) {
return \Response::json(['error' => 'No existe ningun documento con id = ' . $document_id], 200);
}
$auth_token = \Request::header('authorization');
$user = \User::where('auth_token', '=', $auth_token)->first();
$idevento = \Input::get('session_id');
if ($idevento) {
$evento = \Evento::find($idevento);
if (!$evento) {
return \Response::json(['error' => 'No existe ninguna sesión con id = ' . $idevento], 200);
}
$v = new \Visualizacion();
$v->idusers = $user->id;
$v->ideventos = $evento->ideventos;
$v->iddocumentos = $document_id;
$v->save();
} else {
// obtener todos los eventos asociados al documento
$eventos = \DocumentosEvento::where('iddocumentos', '=', $document_id)->get();
foreach ($eventos as $evento) {
$v = new \Visualizacion();
$v->idusers = $user->id;
$v->ideventos = $evento->ideventos;
$v->iddocumentos = $document_id;
$v->save();
}
}
return \Response::json(['success' => 1], 200);
}
public function buscarUserbyEmail($input_buscar, $mi_email)
{
$user_que_solicita = User::where('email', $mi_email)->first();
$findUserByCedula = User::where('cedula', $input_buscar)->where('cedula', '<>', 0)->first();
// buscar por # de cedula
if (empty($findUserByCedula)) {
// buscar por email
try {
$findUserByEmail = Sentry::findUserByLogin($input_buscar);
// valida que su email no sea el mismo que va a buscar
if ($mi_email == $findUserByEmail->email) {
return Response::json(['success' => false, 'msg' => 'No, se puede buscar a usted mismo']);
}
return Response::json(['success' => true, 'user' => $findUserByEmail]);
} catch (Cartalyst\Sentry\Users\UserNotFoundException $e) {
return Response::json(['success' => false, 'msg' => 'El usuario no se encontró, en la base de datos']);
}
} else {
// valida que su cedula no sea la misma que va a buscar
if ($user_que_solicita->cedula == $input_buscar) {
return Response::json(['success' => false, 'msg' => 'No, se puede buscar a usted mismo']);
} else {
return Response::json(['success' => true, 'user' => $findUserByCedula]);
}
}
}
/**
* //Establece la relación users-grupoRecursos || users-recursos(pendiente) (supervisor-validador-tecnico)
*
* @param Input::get('id') int
* @param $tipo string en Config::get('options.objectWithRelation')
* @param Input::get('username') string
* @param Input::get('rol') string
*
* @return $result array
*
*/
public function ajaxAddRelacion()
{
// :)
//input
$id = Input::get('id', '');
$username = Input::get('username', '');
$rol = Input::get('rol', '');
$tipo = Input::get('tipo', '');
//Output
$result = array('errors' => array(), 'msg' => '', 'error' => false);
//Validate
$rules = array('id' => 'required', 'username' => 'required|exists:users,username', 'rol' => 'required|in:1,2,3', 'tipo' => 'required|in:' . Config::get('options.objectWithRelation'));
$messages = array('required' => 'El campo <strong>:attribute</strong> es obligatorio.', 'tipo.in' => 'Tipo de objeto no reconocido', 'username.exists' => 'No existe usuario en la BD.', 'rol.in' => 'El campo <strong>:attribute</strong> no coincide con ninguno de los valores aceptados.');
$validator = Validator::make(Input::all(), $rules, $messages);
//Save Input or return error
if ($validator->fails()) {
$result['errors'] = $validator->errors()->toArray();
$result['error'] = true;
return $result;
} else {
$user = User::where('username', '=', $username)->first();
$idUser = $user->id;
if ($tipo == 'grupo') {
$result = $this->addRelacionConGrupo($id, $idUser, $username, $rol);
} elseif ($tipo == 'recurso') {
$result = $this->addRelacionConRecurso($id, $idUser, $username, $rol);
}
}
//fin else
$result['msg'] = (string) View::make('msg.success')->with(array('msg' => Config::get('msg.success')));
return $result;
}
public function authAction($post)
{
$paramsName = array('txt_usr', 'txt_passwd');
$action = $this->app->urlFor('login_view');
if ($this->checkParams($paramsName, $post)) {
$_SESSION['vars'] = array('usr' => $post['txt_usr']);
$username = strip_tags($post['txt_usr']);
$passwd = strip_tags($post['txt_passwd']);
$usr = User::where('username', '=', $username)->get();
if (count($usr) > 0) {
$encriptada = hash('sha256', $passwd . $usr[0]->salt);
if ($encriptada === $usr[0]->passwd) {
//$this->loadProfile( $usr );
unset($_SESSION['vars']);
//Dependiendo del rol, será la interfaz que se muestre al usuario autenticado
switch ($usr[0]->role_id) {
case 1:
$action = $this->app->urlFor('admin_index');
break;
default:
# code...
break;
}
} else {
$this->app->flash('error', 'Credenciales incorrectas');
}
} else {
$this->app->flash('error', 'Credenciales incorrectas');
}
} else {
$this->app->flash('error', 'Debe validar todos los campos');
}
$this->app->redirect($action);
}
public function postBasic()
{
$response = array();
// 获取所有表单数据
$data = Input::all();
$user = User::where('id', '=', Auth::id())->first();
// 创建验证规则
$rules = array();
// 自定义验证消息
$messages = array();
// 开始验证
$validator = Validator::make($data, $rules, $messages);
if ($validator->passes()) {
// 验证成功
// 更新用户
$user->nickname = $data['nickname'];
$user->phone_number = $data['phone_number'];
$user->qq = $data['qq'];
$user->wechat = $data['wechat'];
$user->address = $data['address'];
$user->signature = $data['signature'];
if ($user->save()) {
$response['success'] = true;
$response['message'] = '资料更新成功';
} else {
$response['success'] = false;
$response['message'] = '资料更新失败';
}
} else {
$response['success'] = false;
$response['message'] = $validator->errors->first();
}
return Response::json($response);
}
public function setUp()
{
parent::setUp();
$this->setUpData();
$this->setUpRating();
$this->setUpProfile();
$user = new User();
$user->email = '*****@*****.**';
$user->password = '******';
$user->save();
$follow_id = User::where('email', '*****@*****.**')->first()->user_id;
$profile = new Profile();
$profile->user_id = $follow_id;
$profile->follower_count = '13';
$profile->following_count = '2';
$profile->rate_count = '32';
$profile->comment_count = '12';
$profile->scan_count = '8';
$profile->last_name = 'pro3';
$profile->first_name = 'user login';
$profile->save();
$follow = new Follow();
$follow->id = 1;
$follow->from_id = $this->_user_id;
$follow->to_id = $follow_id;
$follow->save();
}
public function __construct()
{
/* I just figured that I could've just checked for sessions here (constructor)
* instead of checking it in each method of each class.
* But I guess I've gone too far on this project that it'll be time wasting to change my codes.
* I'm gonna continue checking sessions per method per class on this project...
* But in my next projects, I'll do the non-specific session checking in the constructors <3
*
* -Christian (Programmer)
*
*/
if (Session::has('username')) {
date_default_timezone_set("Asia/Manila");
$user = User::where('username', '=', Session::get("username"))->first();
if (!$user) {
Session::flush();
return Redirect::to("/");
}
Session::put('user_id', $user->id);
Session::put('username', $user->username);
Session::put('first_name', $user->first_name);
Session::put('last_name', $user->last_name);
Session::put('user_type', $user->user_type);
}
}
/**
* make shure the username is valid for this room
*
* @param $newName string
* @param $roomName string
* @return bool
*/
public function isUnique($newName, $roomName)
{
$room = Room::where('name', '=', $roomName)->first();
$count = User::where('room_id', '=', $room->id)->where('connected', '=', 1)->where('name', '=', $newName)->count();
$this->validationErrors->add('name', 'This name has already been taken :(');
return $count === 0 ? true : false;
}
public function showIndex()
{
if (!Auth::check()) {
return View::make('login', array('title' => 'edison'));
}
$category_names = array('ent' => 'エンターテイメント', 'music' => '音楽', 'sing' => '歌ってみた', 'play' => '演奏してみた', 'dance' => '踊ってみた', 'vocaloid' => 'VOCALOID', 'nicoindies' => 'ニコニコインディーズ', 'animal' => '動物', 'cooking' => '料理', 'nature' => '自然', 'travel' => '旅行', 'sport' => 'スポーツ', 'lecture' => 'ニコニコ動画講座', 'drive' => '車載動画', 'history' => '歴史', 'politics' => '政治', 'science' => '科学', 'tech' => 'ニコニコ技術部', 'handcraft' => 'ニコニコ手芸部', 'make' => '作ってみた', 'anime' => 'アニメ', 'game' => 'ゲーム', 'toho' => '東方', 'imas' => 'アイドルマスター', 'radio' => 'ラジオ', 'draw' => '描いてみた', 'are' => '例のアレ', 'diary' => '日記', 'other' => 'その他', 'r18' => 'R-18', 'original' => 'オリジナル', 'portrait' => '似顔絵', 'character' => 'キャラクター');
$all_items = Item::orderBy('created_at', 'desc')->take(10)->get();
foreach ($all_items as &$item) {
$item['user'] = User::where('id', '=', $item->user_id)->get()[0];
$item['star_count'] = Starmap::where('item_id', '=', $item->id)->count();
$item['comment_count'] = Comment::where('item_id', '=', $item->id)->count();
if ($item->category_id != 0) {
$item['category'] = Category::where('id', '=', $item->category_id)->get()[0]->content;
}
}
$recent_works = Work::orderBy('created_at', 'desc')->take(10)->get();
foreach ($recent_works as &$work) {
$item = Item::where('id', '=', $work->item_id)->get()[0];
$work['item'] = $item;
$work['user'] = User::where('id', '=', $work->user_id)->get()[0];
$work['item_poster_screen_name'] = User::where('id', '=', $item->user_id)->get()[0]->screen_name;
if ($item->category_id != 0) {
$work['item_category'] = Category::where('id', '=', $item->category_id)->get()[0]->content;
}
}
$user = User::where('screen_name', '=', Auth::user()->screen_name)->get()[0];
$data = array('title' => 'edison', 'user' => $user, 'all_items' => $all_items, 'recent_works' => $recent_works, 'categories' => $category_names, 'star_count' => Starmap::where('user_id', '=', $user->id)->count(), 'work_count' => Work::where('user_id', '=', Auth::user()->id)->count());
return View::make('index', $data);
}
public function getUsers()
{
$usuarios = User::where('admin', 0)->get();
$hoy = new DateTime();
$data = array('usuarios' => $usuarios, 'hoy' => $hoy);
return View::make('Backend/usuarios.index', $data);
}
function login()
{
$app = \Slim\Slim::getInstance();
$json = decodeJsonOrFail($app->request->getBody());
$user = User::where('username', '=', $json['username'])->where('password', '=', $json['password'])->firstOrFail();
getUser($user->id);
}
/**
* Validates that no more than 3 failed attempts login to the user sent as a parameter
*
* @param String $email
* @return View
*/
public static function validateUser($email)
{
$count = User::where(['user' => $email])->count();
if ($count > 0) {
if (Session::has($email)) {
$value = Session::get($email);
if ($value >= 2) {
$user = new BlockedUser();
$user->user = $email;
$user->date = new MongoDate();
try {
$user->save();
} catch (MongoDuplicateKeyException $e) {
}
$user = User::first(['user' => $email]);
$info = UserController::getUser($user);
$data = array('name' => strtoupper($info->name));
Mail::send('emails.block-user', $data, function ($message) use($email) {
$message->to($email)->subject(Lang::get('login.blocked_title'));
});
return Redirect::back()->withErrors(array('error' => Lang::get('login.attemp') . ' [' . $email . '] ' . Lang::get('login.blocked') . 30 . Lang::get('login.minute')));
} else {
$value += 1;
Session::put($email, $value);
}
} else {
Session::put($email, 1);
}
}
return Redirect::back()->withErrors(array('error' => Lang::get('login.invalid_user')));
}
/**
* Handle a POST request to remind a user of their password.
*
* @return Response
*/
public function postConfirmation()
{
// 3 error cases - user already confirmed, email does not exist, password not correct
// (prevents people from brute-forcing email addresses to see who is registered)
$email = Input::get('email');
$password = Input::get('password');
$user = User::where('email', $email)->first();
if (!isset($user)) {
return Response::json($this->growlMessage('That email does not exist.', 'error'), 400);
}
if (empty($user->token)) {
return Response::json($this->growlMessage('That user was already confirmed.', 'error'), 400);
}
if (!Hash::check($password, $user->password)) {
return Response::json($this->growlMessage('The password for that email is incorrect.', 'error'), 400);
}
$token = $user->token;
$email = $user->email;
$fname = $user->fname;
//Send email to user for email account verification
Mail::queue('email.signup', array('token' => $token), function ($message) use($email, $fname) {
$message->subject('Welcome to the Madison Community');
$message->from('*****@*****.**', 'Madison');
$message->to($email);
});
return Response::json($this->growlMessage('An email has been sent to your email address. Please follow the instructions in the email to confirm your email address before logging in.', 'warning'));
}
protected function set_current_user()
{
$user = null;
$AnonymousUser = array('id' => 0, 'level' => 0, 'name' => "Anonymous", 'show_samples' => true, 'language' => '', 'secondary_languages' => '', 'pool_browse_mode' => 1, 'always_resize_images' => true, 'ip_addr' => $this->request()->remoteIp());
if (!current_user() && $this->session()->user_id) {
$user = User::where(['id' => $this->session()->user_id])->first();
} else {
if ($this->cookies()->login && $this->cookies()->pass_hash) {
$user = User::authenticate_hash($this->cookies()->login, $this->cookies()->pass_hash);
} elseif (isset($this->params()->login) && isset($this->params()->password_hash)) {
$user = User::authenticate($this->params()->login, $this->params()->password_hash);
} elseif (isset($this->params()->user['name']) && isset($this->params()->user['password'])) {
$user = User::authenticate($this->params()->user['name'], $this->params()->user['password']);
}
$user && $user->updateAttribute('last_logged_in_at', date('Y-m-d H:i:s'));
}
if ($user) {
if ($user->is_blocked() && $user->ban && $user->ban->expires_at < date('Y-m-d H:i:s')) {
$user->updateAttribute('level', CONFIG()->starting_level);
Ban::destroyAll("user_id = " . $user->id);
}
$this->session()->user_id = $user->id;
} else {
$user = new User();
$user->assignAttributes($AnonymousUser, ['without_protection' => true]);
}
User::set_current_user($user);
$this->current_user = $user;
# For convenient access in activerecord models
$user->ip_addr = $this->request()->remoteIp();
Moebooru\Versioning\Versioning::init_history();
if (!current_user()->is_anonymous()) {
current_user()->log($this->request()->remoteIp());
}
}
public function testSeed()
{
$seeder = new UserTableSeeder();
$seeder->run();
$user = User::where('name', 'John Doe')->first();
$this->assertTrue($user->seed);
}
public function create()
{
$companies = Company::where("user_id", Auth::user()->id)->get();
if (\KodeInfo\Utilities\Utils::isDepartmentAdmin(Auth::user()->id)) {
$department_admin = DepartmentAdmins::where('user_id', Auth::user()->id)->first();
$this->data['department'] = Department::where('id', $department_admin->department_id)->first();
$this->data["company"] = Company::where('id', $this->data['department']->company_id)->first();
$this->data['operators'] = API::getDepartmentOperators($department_admin->department_id);
} elseif (\KodeInfo\Utilities\Utils::isOperator(Auth::user()->id)) {
$department_admin = OperatorsDepartment::where('user_id', Auth::user()->id)->first();
$this->data['department'] = Department::where('id', $department_admin->department_id)->first();
$this->data["company"] = Company::where('id', $this->data['department']->company_id)->first();
$this->data['operator'] = User::where('id', $department_admin->user_id)->first();
} else {
$this->data['departments'] = [];
$this->data['operators'] = [];
if (sizeof($companies) > 0) {
$company_departments = API::getCompanyDepartments($companies[0]->id);
if (sizeof($company_departments) > 0) {
$this->data['departments'] = $company_departments;
$this->data['operators'] = API::getDepartmentOperators($company_departments[0]->id);
}
}
$this->data["companies"] = $companies;
}
return View::make('canned_messages.create', $this->data);
}
public function postLogin()
{
//Retrieve POST values
$email = Input::get('email');
$password = Input::get('password');
$previous_page = Input::get('previous_page');
$user_details = Input::all();
//Rules for login form submission
$rules = array('email' => 'required', 'password' => 'required');
$validation = Validator::make($user_details, $rules);
//Validate input against rules
if ($validation->fails()) {
return Response::json(array('status' => 'error', 'errors' => $validation->messages()->getMessages()));
}
//Check that the user account exists
$user = User::where('email', $email)->first();
if (!isset($user)) {
return Response::json(array('status' => 'error', 'errors' => array('No such user')));
}
//If the user's token field isn't blank, he/she hasn't confirmed their account via email
if ($user->token != '') {
return Response::json(array('status' => 'error', 'errors' => array('Please click the link sent to your email to verify your account.')));
}
//Attempt to log user in
$credentials = array('email' => $email, 'password' => $password);
if (Auth::attempt($credentials)) {
return Response::json(array('status' => 'ok', 'errors' => array()));
} else {
return Response::json(array('status' => 'error', 'errors' => array('The email address or password is incorrect.')));
}
}
public function accountSignin()
{
if (isset($_GET['email']) && isset($_GET['password'])) {
$user_lookup = User::where('email', '=', $_GET['email'])->first();
if (sizeof($user_lookup) == 1) {
if (Hash::check($_GET['password'], $user_lookup->password)) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < 36; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
$session = new ApiSession();
$session->session_key = $randomString;
$session->user_id = $user_lookup->id;
$session->save();
$data = array('status' => 'ok', 'session' => $session);
return $data;
} else {
$data = array('status' => 'failed', 'error_msg' => 'Incorrect email or password');
return $data;
}
} else {
$data = array('status' => 'failed', 'error_msg' => 'Incorrect email or password');
return $data;
}
} else {
$data = array('status' => 'failed', 'error_msg' => 'Missing email or password');
return $data;
}
}