Beispiel #1
0
function reset_password($email)
{
    global $data;
    $ci =& get_instance();
    $user = $ci->SystemModel->get_user_by_email($email);
    if ($user) {
        $uid = $user->id;
        $username = $user->username;
        $password = get_random_password();
        $dbdata = array('password' => prep_password($password));
        $ci->SystemModel->update_user($uid, $dbdata);
        //Email User
        $message = array();
        $message[] = "Your password to your Nakid CMS installation has been reset. You can now log in with:";
        $message[] = "<strong>Username:</strong> " . $username;
        $message[] = "<strong>Password:</strong> " . $password;
        $message[] = "This password can be changed once you log in";
        $message = implode("<br/>\n", $message);
        systememail($email, "Nakid CMS login", $message);
    } else {
        $data['notes'][] = array("Account not found", "error");
    }
}
Beispiel #2
0
 function profile()
 {
     global $data, $user;
     $error = false;
     //Check if editing
     if ($this->input->post('action') && $this->input->post('action') == "edit_profile") {
         //Check if username exists
         $usernameexists = $this->SystemModel->check_username_exists($this->input->post('username'), $user->id);
         if ($usernameexists) {
             $error = true;
             $data['notes'][] = array("Username already in use", "error");
         }
         //Check if email exists
         $emailexists = $this->SystemModel->check_email_exists($this->input->post('email'), $user->id);
         if ($emailexists) {
             $error = true;
             $data['notes'][] = array("Email already in use", "error");
         }
         if (!$error) {
             //Update info
             $dbdata = array('username' => $this->input->post('username'), 'email' => $this->input->post('email'), 'fname' => $this->input->post('fname'), 'lname' => $this->input->post('lname'));
             $postpw = $this->input->post('password');
             if (!strstr($postpw, "*") && !empty($postpw)) {
                 $dbdata['password'] = prep_password($postpw);
             }
             $this->SystemModel->update_user($user->id, $dbdata);
             //Refresh page
             redirect($this->uri->uri_string());
         }
     }
     $data['page'] = "system/profile";
     $data['user'] = $user;
     $this->load->view('template', $data);
 }
Beispiel #3
0
 function users()
 {
     global $user;
     if (permission('manage_users')) {
         $error = false;
         $operation = $this->input->post('oper');
         if ($operation == "add" || $operation == "edit") {
             $dbdata = array('username' => $this->input->post('username'), 'email' => $this->input->post('email'), 'fname' => $this->input->post('fname'), 'lname' => $this->input->post('lname'));
         }
         //ADD
         if ($operation == "add") {
             //Check if username exists
             $usernameexists = $this->SystemModel->check_username_exists($this->input->post('username'), 0);
             if ($usernameexists) {
                 $error = true;
                 $data['error'] = "Username already in use";
                 $this->load->view('grid', $data);
             }
             //Check if email exists
             $emailexists = $this->SystemModel->check_email_exists($this->input->post('email'), 0);
             if ($emailexists) {
                 $error = true;
                 $data['error'] = "Email already in use";
                 $this->load->view('grid', $data);
             }
             //Insert User (and add all available permissions)
             $dbdata['password'] = prep_password($this->input->post('password'));
             if (!$error) {
                 $this->SystemModel->add_user($dbdata, true, $user->id);
             }
         }
         //EDIT
         if ($operation == "edit") {
             //Check if username exists
             $usernameexists = $this->SystemModel->check_username_exists($this->input->post('username'), $this->input->post('id'));
             if ($usernameexists) {
                 $error = true;
                 $data['error'] = "Username already in use";
                 $this->load->view('grid', $data);
             }
             //Check if email exists
             $emailexists = $this->SystemModel->check_email_exists($this->input->post('email'), $this->input->post('id'));
             if ($emailexists) {
                 $error = true;
                 $data['error'] = "Email already in use";
                 $this->load->view('grid', $data);
             }
             //Update User
             $postpw = $this->input->post('password');
             if (!strstr($postpw, "*") && !empty($postpw)) {
                 $dbdata['password'] = prep_password($postpw);
             }
             if (!$error) {
                 $this->SystemModel->update_user($this->input->post('id'), $dbdata);
             }
         }
         //DELETE
         if ($operation == "del") {
             $this->SystemModel->delete_user($this->input->post('id'));
         }
         //VIEW
         if (empty($operation)) {
             $data = array();
             $page = 1;
             $sidx = "id";
             $sord = "asc";
             $rows = 20;
             if ($this->input->post('page')) {
                 $page = $this->input->post('page');
             }
             if ($this->input->post('sidx')) {
                 $sidx = $this->input->post('sidx');
             }
             if ($this->input->post('sord')) {
                 $sord = $this->input->post('sord');
             }
             if ($this->input->post('rows')) {
                 $rows = $this->input->post('rows');
             }
             $totalpages = 0;
             $count = 0;
             $search = false;
             if ($this->input->post('searchField')) {
                 $search = array($this->input->post('searchField'), $this->input->post('searchOper'), $this->input->post('searchString'));
             }
             $user_data = $this->GridModel->get_users_grid($sidx, $sord, $page, $rows, $search);
             $totalpages = $user_data['total_pages'];
             $count = $user_data['total_rowct'];
             //Create rows
             $rows = array();
             foreach ($user_data['rows'] as $row) {
                 //Get user permissions
                 $user_permissions = $this->SystemModel->get_users_permissions($row->id);
                 $user_permission_keys = array();
                 $permissions = array();
                 foreach ($user_permissions as $user_permission) {
                     $user_permission_keys[] = $user_permission->key;
                     $permissions[] = $user_permission->key;
                 }
                 $permissions = implode(", ", $permissions);
                 if (empty($permissions)) {
                     $permissions = "<span style='color:red;'>NONE</span>";
                 }
                 //Permissions Link
                 $permissions_url = site_url("system/permissions/" . $row->id);
                 $permissions_link = "<a href='" . $permissions_url . "' class='framepop' onclick='parent.\$.colorbox({href:\"" . $permissions_url . "\",width:\"500\", height:\"600\", iframe:true,onClosed:function(){ \$(\"#list\").trigger(\"reloadGrid\"); } }); return false;'>(edit)</a> " . $permissions . "";
                 //check if can edit permissions for this user
                 if ($row->id == 1) {
                     $permissions_link = "Full Access";
                 }
                 //Add row
                 $rows[$row->id] = array();
                 $rows[$row->id][] = $row->username;
                 $rows[$row->id][] = "*****";
                 $rows[$row->id][] = $row->email;
                 $rows[$row->id][] = $row->fname;
                 $rows[$row->id][] = $row->lname;
                 $rows[$row->id][] = $permissions_link;
             }
             $data['page'] = $page;
             $data['total_pages'] = $totalpages;
             $data['count'] = $count;
             $data['grid'] = $rows;
             $this->load->view('grid', $data);
         }
     } else {
         $data['page'] = "system/access_denied";
         $this->load->view('template', $data);
     }
 }
Beispiel #4
0
 function index()
 {
     global $data, $system, $user;
     //Get db info
     $data['dbhostname'] = NAKID_DBHOSTNAME;
     $data['dbusername'] = NAKID_DBUSERNAME;
     $data['dbdatabase'] = NAKID_DBDATABASE;
     $data['dbprefix'] = NAKID_TABLE_PREFIX;
     $data['postusername'] = "******";
     $data['postemail'] = "";
     $data['installed'] = false;
     //Form Submission
     if ($this->input->post('action') && $this->input->post('action') == "install") {
         $post_username = $this->input->post('username');
         $post_password = $this->input->post('password');
         $post_email = $this->input->post('email');
         $data['postusername'] = $this->input->post('username');
         $data['postemail'] = $this->input->post('email');
         $this->form_validation->set_rules('username', 'Username', 'required|trim|min_length[3]|max_length[25]');
         $this->form_validation->set_rules('password', 'Password', 'required|trim|matches[password_confirm]');
         $this->form_validation->set_rules('password_confirm', 'Password Confirmation', 'required|trim');
         $this->form_validation->set_rules('email', 'Email', 'required|trim|valid_email');
         if ($this->form_validation->run() == FALSE) {
             $data['notes'][] = array("<strong>Error submitting the form:</strong> <br/>" . validation_errors(), "error");
         } else {
             //Data is valid, install tables
             $this->load->dbforge();
             //SETTINGS TABLE
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'name' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'value' => array('type' => 'VARCHAR', 'constraint' => '255', 'null' => FALSE), 'description' => array('type' => 'TEXT', 'null' => FALSE), 'editable' => array('type' => 'INT', 'constraint' => 2, 'unsigned' => TRUE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('settings');
             //USERS
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'username' => array('type' => 'VARCHAR', 'constraint' => '30', 'null' => FALSE), 'password' => array('type' => 'VARCHAR', 'constraint' => '255', 'null' => FALSE), 'email' => array('type' => 'VARCHAR', 'constraint' => '255', 'null' => FALSE), 'role' => array('type' => 'INT', 'constraint' => 3, 'unsigned' => TRUE), 'fname' => array('type' => 'VARCHAR', 'constraint' => '50', 'null' => FALSE), 'lname' => array('type' => 'VARCHAR', 'constraint' => '50', 'null' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_field("`date` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP");
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('users');
             //PERMISSION CATEGORIES
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'name' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('permission_categories');
             //PERMISSION VALUES
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'cid' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'key' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'description' => array('type' => 'VARCHAR', 'constraint' => '255', 'null' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('permission_values');
             //PERMISSION USERS
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'uid' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'pid' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('permission_users');
             //KEYWORDS
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'keyword' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'tool' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'tid' => array('type' => 'INT', 'constraint' => 10, 'null' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('keywords');
             //CONTENT_BLOCKS
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'version' => array('type' => 'INT', 'constraint' => 10, 'null' => FALSE), 'editable' => array('type' => 'INT', 'constraint' => 10, 'default' => 1, 'null' => FALSE), 'deletable' => array('type' => 'INT', 'constraint' => 10, 'default' => 1, 'null' => FALSE), 'title' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'data' => array('type' => 'TEXT', 'null' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('content_blocks');
             //CONTENT_VERSIONS
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'block' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'content' => array('type' => 'MEDIUMTEXT', 'null' => FALSE), 'type' => array('type' => 'VARCHAR', 'constraint' => '50'), 'author' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_field("`date` TIMESTAMP NOT NULL default CURRENT_TIMESTAMP");
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('content_versions');
             //GALLERIES
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'title' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'description' => array('type' => 'MEDIUMTEXT', 'null' => FALSE), 'data' => array('type' => 'TEXT', 'null' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('gallery_galleries');
             //GALLERY IMAGES
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'gallery' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'title' => array('type' => 'VARCHAR', 'constraint' => '255', 'null' => FALSE), 'file' => array('type' => 'VARCHAR', 'constraint' => '255', 'null' => FALSE), 'order' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('gallery_images');
             //GALLERY CATEGORIES
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'gallery' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'title' => array('type' => 'VARCHAR', 'constraint' => '100', 'null' => FALSE), 'order' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => FALSE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('gallery_categories');
             //GALLERY CATEGORIES
             $fields = array('id' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE, 'auto_increment' => TRUE), 'gallery' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'image' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE), 'category' => array('type' => 'INT', 'constraint' => 10, 'unsigned' => TRUE));
             $this->dbforge->add_field($fields);
             $this->dbforge->add_key('id', TRUE);
             $this->dbforge->create_table('gallery_image_categories');
             /*-------------------------------------------
             		ADD DEFAULT SETTINGS
             		--------------------------------------------*/
             //primary email
             $this->db->set('name', 'primary_email');
             $this->db->set('value', $post_email);
             $this->db->set('description', 'Primary account administrator (Any system emails will be sent here)');
             $this->db->set('editable', 1);
             $this->db->insert('settings');
             //from email
             $this->db->set('name', 'from_email');
             $this->db->set('value', '*****@*****.**');
             $this->db->set('description', 'Emails from the website will come from this address');
             $this->db->set('editable', 1);
             $this->db->insert('settings');
             //from name
             $this->db->set('name', 'from_name');
             $this->db->set('value', 'Nakid CMS');
             $this->db->set('description', 'Emails from the website will come from this name');
             $this->db->set('editable', 1);
             $this->db->insert('settings');
             //include path
             $this->db->set('name', 'include_path');
             $this->db->set('value', 'cms/');
             $this->db->set('description', 'The path to include nakid FROM your website');
             $this->db->set('editable', 1);
             $this->db->insert('settings');
             /*-------------------------------------------
             		ADD PERMISSION CATEGORIES
             		--------------------------------------------*/
             $this->db->set('id', 1);
             $this->db->set('name', 'System');
             $this->db->insert('permission_categories');
             $this->db->set('id', 2);
             $this->db->set('name', 'Content');
             $this->db->insert('permission_categories');
             $this->db->set('id', 3);
             $this->db->set('name', 'Catalog');
             $this->db->insert('permission_categories');
             /*-------------------------------------------
             		ADD PERMISSION VALUES
             		--------------------------------------------*/
             $this->db->set('cid', 1);
             $this->db->set('key', 'system_settings');
             $this->db->set('description', 'Manage System Settings');
             $this->db->insert('permission_values');
             $this->db->set('cid', 1);
             $this->db->set('key', 'view_code');
             $this->db->set('description', 'View Connector Link Code');
             $this->db->insert('permission_values');
             $this->db->set('cid', 1);
             $this->db->set('key', 'manage_users');
             $this->db->set('description', 'Add, Edit, and Delete users');
             $this->db->insert('permission_values');
             $this->db->set('cid', 2);
             $this->db->set('key', 'cms_add');
             $this->db->set('description', 'Add CMS Blocks');
             $this->db->insert('permission_values');
             $this->db->set('cid', 2);
             $this->db->set('key', 'cms_edit');
             $this->db->set('description', 'Edit CMS Blocks');
             $this->db->insert('permission_values');
             $this->db->set('cid', 2);
             $this->db->set('key', 'cms_delete');
             $this->db->set('description', 'Delete CMS Blocks');
             $this->db->insert('permission_values');
             $this->db->set('cid', 2);
             $this->db->set('key', 'gallery');
             $this->db->set('description', 'Manage Photo Galleries');
             $this->db->insert('permission_values');
             /*-------------------------------------------
             		ADD ADMINISTRATIVE USER
             		--------------------------------------------*/
             $this->db->set('username', $post_username);
             $this->db->set('password', prep_password($post_password));
             $this->db->set('email', $post_email);
             $this->db->set('role', 1);
             $this->db->insert('users');
             /*-------------------------------------------
             		ADD PERMISSIONS FOR USER
             		--------------------------------------------*/
             $permissions_query = $this->db->get('permission_values');
             foreach ($permissions_query->result() as $permission) {
                 $this->db->set('uid', 1);
                 $this->db->set('pid', $permission->id);
                 $this->db->insert('permission_users');
             }
             /*-------------------------------------------
             		ADD EDITABLE HOME CONTENT
             		--------------------------------------------*/
             //Content Block
             $hometitle = "_System Home";
             $homekeyword = "Nakid System Home";
             $homecontent = "<h1>Welcome</h1>";
             $homecontent .= "<p>To get started editing content, click on 'Content Editor' in the top menu under 'Tools'. You can then create a new content area to manage. You will also see a content area called '_System Home' that you can edit. Click the edit link next to the title and you can edit this page!</p>";
             //Insert Block
             $this->db->set('id', 1);
             $this->db->set('version', 1);
             $this->db->set('editable', 1);
             $this->db->set('deletable', 0);
             $this->db->set('title', $hometitle);
             $this->db->insert('content_blocks');
             //Insert Keyword
             $this->db->set('id', 1);
             $this->db->set('keyword', $homekeyword);
             $this->db->set('tool', "content");
             $this->db->set('tid', 1);
             $this->db->insert('keywords');
             //Insert Version
             $this->db->set('id', 1);
             $this->db->set('block', 1);
             $this->db->set('content', $homecontent);
             $this->db->set('type', "content");
             $this->db->set('author', 1);
             $this->db->insert('content_versions');
             //
             $data['notes'][] = array("Database Tables Installed!", "message");
             //
             $data['installed'] = true;
             /*-------------------------------------------
             		GET SYSTEM INFO AND SEND EMAIL
             		--------------------------------------------*/
             $system = $this->SystemModel->get_settings_array();
             //Get array of system settings
             //SEND EMAIL TO USER WITH LOGIN INFORMATION
             $message = array();
             $message[] = "Congratulations! You have successfully setup your Nakid CMS system. To login, use the username and password below:";
             $message[] = "<strong>Username:</strong> " . $post_username;
             $message[] = "<strong>Password:</strong> " . $post_password;
             $message[] = "This password can be changed once you log in";
             $message = implode("<br/>\n", $message);
             systememail($post_email, "Your website is NAKID!", $message);
         }
     }
     $this->load->view('template', $data);
 }