Beispiel #1
0
 /**
  * Post-AuthView process: create new accounts for new users
  */
 public function signup()
 {
     global $countrylist;
     $this->view = null;
     $success = false;
     $msg = '';
     try {
         $access_token = isset($_POST["access_token"]) ? trim($_POST["access_token"]) : "";
         $country = isset($_POST["country"]) ? trim($_POST["country"]) : "";
         $username = isset($_POST["username"]) ? trim($_POST["username"]) : "";
         $password = isset($_POST["password"]) ? $_POST["password"] : "";
         $pass2 = isset($_POST["password2"]) ? $_POST["password2"] : "";
         $usernameTestUser = new User();
         $tokenTestUser = new User();
         $usernameTestUser->findUserByUsername($username);
         $tokenTestUser->findUserByAuthToken($access_token);
         if (empty($access_token)) {
             throw new Exception("Access token not provided.");
         } else {
             if (empty($country) || !array_key_exists($country, $countrylist)) {
                 throw new Exception("Invalid country." . $country);
             } else {
                 if (empty($username) || !filter_var($username, FILTER_VALIDATE_EMAIL)) {
                     throw new Exception("Invalid username.");
                 } else {
                     if (empty($password) || $password != $pass2) {
                         throw new Exception("Invalid passwords.");
                     } else {
                         if ($usernameTestUser->getId()) {
                             throw new Exception("Username already taken.");
                         } else {
                             if ($tokenTestUser->getId()) {
                                 throw new Exception("Access token already in use.");
                             }
                         }
                     }
                 }
             }
         }
         $this->access_token = $access_token;
         $gh_user = $this->apiRequest(GITHUB_API_URL . 'user');
         if (!$gh_user) {
             throw new Exception("Unable to read user credentials from github.");
         }
         $nicknameTestUser = new User();
         $nickname = $gh_user->login;
         if ($nicknameTestUser->findUserByNickname($nickname)) {
             $nickname = preg_replace('/[^a-zA-Z0-9]/', '', $gh_user->name);
         }
         while ($nicknameTestUser->findUserByNickname($nickname)) {
             $rand = mt_rand(1, 99999);
             $nickname = $gh_user->login . $rand;
             if ($nicknameTestUser->findUserByNickname($nickname)) {
                 $nickname = preg_replace('/[^a-zA-Z0-9]/', '', $gh_user->name) . $rand;
             }
         }
         $user = User::signup($username, $nickname, $password, $access_token, $country);
         $success = true;
         $this->sync($user, $gh_user);
         // Email user
         $subject = "Registration";
         $link = SECURE_SERVER_URL . "confirmation?cs=" . $user->getConfirm_string() . "&str=" . base64_encode($user->getUsername());
         $body = '<p>' . $user->getNickname() . ': </p>' . '<p>You are one click away from an account on Worklist:</p>' . '<p><a href="' . $link . '">Click to verify your email address</a> and activate your account.</p>' . '<p>Welcome aboard, <br /> Worklist / High Fidelity</p>';
         $plain = $user->getNickname() . "\n\n" . "You are one click away from an account on Worklist: \n\n" . 'Click/copy following URL to verify your email address activate your account:' . $link . "\n\n" . "Welcome aboard, \n Worklist / High Fidelity\n";
         $msg = "An email containing a confirmation link was sent to your email address. " . "Please click on that link to verify your email address and activate your account.";
         if (!Utils::send_email($user->getUsername(), $subject, $body, $plain)) {
             error_log("SignupController: Utils::send_email failed");
             $msg = 'There was an issue sending email. Please try again or notify admin@lovemachineinc.com';
         }
     } catch (Exception $e) {
         $msg = $e->getMessage();
     }
     echo json_encode(array('success' => $success, 'msg' => $msg));
 }
Beispiel #2
0
 public function reports()
 {
     if (empty($_SESSION['is_runner']) && empty($_SESSION['is_payer']) && isset($_POST['paid'])) {
         $this->view = null;
         Utils::redirect("jobs");
         return;
     }
     $this->view = new ReportsView();
     if (!empty($_REQUEST['payee'])) {
         $payee = new User();
         $payee->findUserByNickname($_REQUEST['payee']);
         $_REQUEST['user'] = $payee->getId();
     }
     $showTab = 0;
     if (!empty($_REQUEST['view'])) {
         if ($_REQUEST['view'] == 'chart') {
             $showTab = 1;
         }
         if ($_REQUEST['view'] == 'payee') {
             $showTab = 2;
         }
     }
     $this->write('showTab', $showTab);
     $w2_only = 0;
     if (!empty($_REQUEST['w2_only'])) {
         if ($_REQUEST['w2_only'] == 1) {
             $w2_only = 1;
         }
     }
     $this->write('w2_only', $w2_only);
     $_REQUEST['name'] = '.reports';
     if (isset($_POST['paid']) && !empty($_POST['paidList']) && !empty($_SESSION['is_payer'])) {
         // we need to decide if we are dealing with a fee or bonus and call appropriate routine
         $fees_id = explode(',', trim($_POST['paidList'], ','));
         foreach ($fees_id as $id) {
             $query = "SELECT `id`, `bonus` FROM `" . FEES . "` WHERE `id` = {$id} ";
             $result = mysql_query($query);
             $row = mysql_fetch_assoc($result);
             if ($row['bonus']) {
                 Bonus::markPaidById($id, $user_paid = 0, $paid = 1, true, $fund_id = false);
             } else {
                 Fee::markPaidById($id, $user_paid = 0, $paid_notes = '', $paid = 1, true, $fund_id = false);
             }
         }
     }
     parent::run();
 }