Beispiel #1
0
 public function get_login()
 {
     $userDB = UserDB::getInstance();
     if (!is_object($userDB)) {
         return NULL;
     }
     $prefs = Preferences::getInstance();
     $config = $prefs->get('AuthMethod', 'Auto');
     if (array_key_exists('login', $_POST) && array_key_exists('uselogin', $config) && $config['uselogin'] == '1') {
         $this->login = $_POST['login'];
     } else {
         $this->login = '******' . gen_unique_string();
     }
     $u = new User();
     $u->setAttribute('login', $this->login);
     $u->setAttribute('password', $u->getAttribute('login'));
     $u->setAttribute('displayname', 'user ' . $u->getAttribute('login'));
     if ($userDB->add($u)) {
         $user = $userDB->import($u->getAttribute('login'));
     } else {
         Logger::error('main', 'AuthMethod::Auto::get_login failed to add user ' . $u->getAttribute('login'));
         return NULL;
     }
     if (!is_object($user)) {
         return NULL;
     }
     $this->login = $user->getAttribute('login');
     return $this->login;
 }
 /**
  * Transform the \User entity.
  *
  * @param \User $model
  *
  * @return array
  */
 public function transformData($model)
 {
     $user = array_only($model->toArray(), User::$includable);
     if ($model->getAttribute('avatar')) {
         $user['avatar'] = $model->avatar();
     }
     if ($model->getAttribute('links')) {
         $user['links'] = ['replies_web_view' => route('users.replies.web_view', $model->id)];
     }
     return $user;
 }
 /**
  * Transform the \User entity.
  *
  * @param \User $model
  *
  * @return array
  */
 public function transformData($model)
 {
     $user = array_only($model->toArray(), User::$includable);
     if ($model->getAttribute('avatar')) {
         $user['avatar'] = starts_with($model->avatar, 'http') ? $model->avatar : cdn('uploads/avatars/' . $model->avatar);
     }
     if ($model->getAttribute('links')) {
         $user['links'] = ['replies_web_view' => route('users.replies.web_view', $model->id)];
     }
     return $user;
 }
 /**
  * Transform the \User entity.
  *
  * @param \User $model
  *
  * @return array
  */
 public function transformData($model)
 {
     $data = array_only($model->toArray(), User::$includable);
     if ($model->getAttribute('avatar')) {
         $data['avatar'] = $model->avatar();
     }
     return $data;
 }
Beispiel #5
0
 public function passwordReset($token)
 {
     $user = new User();
     $tokenFromDb = $user->getAttribute('passwordToken');
     if ($tokenFromDb != $token) {
         $this->route->redirect('/?m=token-expired');
         die;
     }
     $bodyTemplate = sprintf('%s/manage-password-reset.php', $this->config->paths->templates);
     $body = $this->template->get($bodyTemplate, array('passwordToken' => $token));
     $this->theme->display('template.php', array('body' => $body, 'page' => null));
 }
 public function userIsMember(User $user)
 {
     //by definition LDAP groups can only contain users from the same authority
     if ($user->getAuthenticationAuthorityIndex() == $this->getAuthenticationAuthorityIndex()) {
         if (in_array($user->getAttribute($this->AuthenticationAuthority->getField('memberuid')), $this->members)) {
             return true;
         }
     }
     return false;
 }
Beispiel #7
0
     $renderer->setKeywords(array('store', 'files', 'upload', 'easy', 'fast', 'anywhere'));
     $renderer->setDescription('Sign up for easy file storage, right from your browser!');
     $user = new User();
     $error = false;
     if (count($_POST) > 0) {
         if ($user->loadByAttributes(array('email' => $_POST['email']))) {
             $error = "There's already an account with that email";
         } else {
             if ($_POST['password1'] !== $_POST['password2']) {
                 $error = "Your passwords don't match! Give it another shot.";
             } else {
                 $user->setAttributes($_POST);
                 $user->setPassword($_POST['password1']);
                 if ($user->save()) {
                     if ($user->login()) {
                         mkdir(FILES_DIR . '/' . $user->getAttribute('user_id'));
                         header('Location: ' . WEB_ROOT . '/files');
                         exit;
                     } else {
                         $error = 'Could not log in';
                     }
                 } else {
                     $error = 'Error saving';
                 }
             }
         }
     }
     $renderer->addContent('signup.tpl', array('user' => $user, 'error' => $error));
     break;
 case 'login':
     $renderer->setTitle('Login');
Beispiel #8
0
function show_step1()
{
    $usersgroupsList = new UsersGroupsList($_REQUEST);
    $usergroups = $usersgroupsList->search();
    if (!is_array($usergroups)) {
        $usergroups = array();
        popup_error(_("Failed to get User Group data"));
    }
    uasort($usergroups, "usergroup_cmp");
    $searchDiv = $usersgroupsList->getForm();
    $has_usergroups = count($usergroups) > 0;
    $usergroup_selected = false;
    if (!isset($_SESSION['wizard']['use_users'])) {
        $usergroup_selected = true;
    } elseif ($_SESSION['wizard']['use_users'] == 'usergroups') {
        $usergroup_selected = true;
    }
    $users = array();
    $sizelimit_exceeded = false;
    $res = $_SESSION['service']->users_list_partial('', array('login'));
    // todo manage wsdl to be able to send no/void argument to this request
    if ($res !== null) {
        foreach ($res['data'] as $item_id => $item) {
            $user = new User($item);
            if (!$user->is_valid()) {
                continue;
            }
            $users[] = $user;
        }
        uasort($users, "user_cmp");
        $sizelimit_exceeded = $res['partial'];
    }
    $applications = $_SESSION['service']->applications_list();
    if (!count($users)) {
        popup_error(_('No available users'));
    }
    if (!count($applications)) {
        popup_error(_('No available applications'));
    }
    if ($sizelimit_exceeded) {
        popup_error(_('Unable to display the list of users: too many users'));
        $users = array();
    }
    page_header();
    echo '<div>';
    echo '<h1><a href="wizard.php">' . _('Publication Wizard') . '</a> - ' . _('Select User Groups') . '</h1>';
    echo '<form action="" method="post">';
    echo '<input type="hidden" name="from" value="step1" />';
    echo '<table class="" id="wizard_list_table" border="0" cellspacing="1" cellpadding="5">';
    if ($has_usergroups) {
        echo '<tr class="title">';
        echo '<th>';
        if (userdb_is_writable() && count($users) > 0) {
            echo '<input class="input_radio" type="radio" name="use" value="users" onclick="$(\'wizard_usergroups_list_table\').hide(); $(\'wizard_users_list_table\').show()"';
            if (!$usergroup_selected) {
                echo ' checked="checked"';
            }
            echo '/>' . _('Create a new User Group');
        }
        echo '</th>';
        echo '<th><input class="input_radio" type="radio" name="use" value="usergroups" onclick="$(\'wizard_users_list_table\').hide(); $(\'wizard_usergroups_list_table\').show()"';
        if ($usergroup_selected) {
            echo ' checked="checked"';
        }
        echo '/> ' . _('Use existing User Groups') . '</th>';
        echo '</tr>';
    } else {
        echo '<input type="hidden" name="use" value="users" />';
    }
    echo '<tr>';
    echo '<td>';
    if (userdb_is_writable()) {
        $count = 0;
        echo '<table class="main_sub"';
        if ($has_usergroups) {
            if ($usergroup_selected) {
                echo ' style="display: none" ';
            }
        }
        echo 'id="wizard_users_list_table" border="0" cellspacing="1" cellpadding="5">';
        foreach ($users as $user) {
            $content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
            echo '<tr class="' . $content . '">';
            echo '<td colspan="2"><input class="input_checkbox" type="checkbox" name="users[]" value="' . $user->getAttribute('login') . '"';
            if (isset($_SESSION['wizard']['users']) && in_array($user->getAttribute('login'), $_SESSION['wizard']['users'])) {
                echo ' checked="checked"';
            }
            echo '/> <a href="users.php?action=manage&id=' . $user->getAttribute('login') . '">' . $user->getAttribute('displayname') . '</a></td>';
            echo '</tr>';
        }
        $content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
        echo '<tr class="' . $content . '"><td colspan="2"><a href="javascript:;" onclick="markAllRows(\'wizard_users_list_table\'); return false">' . _('Mark all') . '</a> / <a href="javascript:;" onclick="unMarkAllRows(\'wizard_users_list_table\'); return false">' . _('Unmark all') . '</a></td></tr>';
        echo '</table>';
        echo '</td>';
    }
    echo '<td>';
    if ($has_usergroups) {
        $count = 0;
        echo '<table class="main_sub"';
        if (!$usergroup_selected) {
            echo ' style="display: none;" ';
        }
        echo 'id="wizard_usergroups_list_table" border="0" cellspacing="1" cellpadding="5">';
        foreach ($usergroups as $usergroup) {
            $content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
            echo '<tr class="' . $content . '">';
            echo '<td><input class="input_checkbox" type="checkbox" name="usergroups[]" value="' . $usergroup->id . '" /> <a href="usersgroup.php?action=manage&id=' . $usergroup->id . '">' . $usergroup->name . '</a></td>';
            echo '</tr>';
        }
        $content = 'content' . ($count++ % 2 == 0 ? 1 : 2);
        echo '<tr class="' . $content . '"><td><a href="javascript:;" onclick="markAllRows(\'wizard_usergroups_list_table\'); return false">' . _('Mark all') . '</a> / <a href="javascript:;" onclick="unMarkAllRows(\'wizard_usergroups_list_table\'); return false">' . _('Unmark all') . '</a></td></tr>';
        echo '</table>';
        echo $searchDiv;
    }
    echo '</td>';
    echo '</tr>';
    echo '<tr>';
    echo '<td style="text-align: right;" colspan="2">';
    echo '<input type="submit" name="submit_next" value="' . _('Next') . '" />';
    echo '</td>';
    echo '</tr>';
    echo '</table>';
    echo '</form>';
    echo '</div>';
    page_footer();
    die;
}
Beispiel #9
0
 /**
  * Resets a user's password after validating the password token
  *
  * @return string Standard JSON envelope
  */
 public function passwordReset()
 {
     $user = new User();
     $token = $_POST['token'];
     $password = $_POST['password'];
     $passwordConfirm = $_POST['password-confirm'];
     $tokenFromDb = $user->getAttribute('passwordToken');
     if ($tokenFromDb != $token) {
         return $this->error('Could not validate password reset token.', false);
     } elseif ($password !== $passwordConfirm) {
         return $this->error('Password confirmation did not match.', false);
     }
     $this->user->update(array('password' => $password));
     $this->user->setAttribute('passwordToken', null);
     return $this->success('Password was updated successfully.', true);
 }
Beispiel #10
0
 $userDB = UserDB::getInstance();
 if (!$userDB->isWriteable()) {
     die_error(_('User Database not writeable'), __FILE__, __LINE__);
 }
 if ($_REQUEST['action'] == 'add') {
     $minimun_attributes = array('login', 'displayname', 'password');
     if (!isset($_REQUEST['login']) or !isset($_REQUEST['displayname']) or !isset($_REQUEST['password'])) {
         die_error(_("Unable to create user"), __FILE__, __LINE__);
     }
     $u = new User();
     foreach ($minimun_attributes as $attributes) {
         if (isset($_REQUEST[$attributes])) {
             $u->setAttribute($attributes, $_REQUEST[$attributes]);
         }
     }
     if ($u->hasAttribute('password') && $u->getAttribute('password') === '') {
         popup_error(_('Unable to create user with an empty password'));
         redirect();
     }
     $res = $userDB->add($u);
     if (!$res) {
         popup_error(sprintf(_("Unable to create user '%s'"), $_REQUEST['login']));
         redirect();
     }
     popup_info(sprintf(_("User '%s' successfully added"), $u->getAttribute('login')));
     redirect('users.php');
 }
 if ($_REQUEST['action'] == 'del') {
     if (isset($_REQUEST['checked_users']) && is_array($_REQUEST['checked_users'])) {
         foreach ($_REQUEST['checked_users'] as $user_login) {
             $sessions = Abstract_Session::getByUser($user_login);
Beispiel #11
0
 protected function generateUserFromRow($row_)
 {
     $u = new User();
     foreach ($this->config['match'] as $attribut => $match_ldap) {
         if (isset($row_[$match_ldap])) {
             if (is_array($row_[$match_ldap])) {
                 unset($row_[$match_ldap]['count']);
                 if (count($row_[$match_ldap]) == 1) {
                     $u->setAttribute($attribut, $row_[$match_ldap][0]);
                 } else {
                     $u->setAttribute($attribut, $row_[$match_ldap]);
                 }
             } else {
                 $u->setAttribute($attribut, $row_[$match_ldap]);
             }
         }
     }
     if ($u->hasAttribute('displayname') == false) {
         Logger::debug('main', 'UserDB::ldap::generateUserFromRow user ' . $u->getAttribute('login') . ' does not have a displayname, generate one');
         $u->setAttribute('displayname', $u->getAttribute('login'));
     }
     return $u;
 }
 public function setPassword(User $user, $password)
 {
     $userId = $user->getId();
     $file = $this->dao->get('/etc/passwords.xml');
     $xml = new \DOMDocument();
     $xml->loadXML($file->contents());
     $users = $xml->getElementsByTagName('user');
     foreach ($users as $user) {
         if ((int) $user->getAttribute('id') == (int) $userId) {
             $userAttributes = $user->getElementsByTagName('attribute');
             foreach ($userAttributes as $userAttribute) {
                 if ($userAttribute->getAttribute('name') == 'password') {
                     $userAttribute->setAttribute('value', $this->encodePassword($password));
                     $file->setContents($xml->saveXML());
                     return;
                 }
             }
         }
     }
     return false;
 }
Beispiel #13
0
 /**
  * Display the upload form for photos.
  *
  * @return string HTML
  */
 public function uploadBeta()
 {
     getAuthentication()->requireAuthentication();
     $userObj = new User();
     if (!$userObj->isAdmin()) {
         $this->route->run('/error/403');
         return;
     }
     $this->theme->setTheme();
     // defaults
     $crumb = $this->session->get('crumb');
     $template = sprintf('%s/upload-beta.php', $this->config->paths->templates);
     $groupsResp = $this->api->invoke('/groups/list.json');
     $albumsResp = $this->api->invoke('/albums/list.json', EpiRoute::httpGet, array('_GET' => array('pageSize' => '0')));
     $preferences = array('permission' => $userObj->getAttribute('stickyPermission'));
     $body = $this->template->get($template, array('crumb' => $crumb, 'groups' => $groupsResp['result'], 'albums' => $albumsResp['result'], 'licenses' => $this->utility->getLicenses($userObj->getAttribute('stickyLicense')), 'preferences' => $preferences));
     $this->theme->display('template.php', array('body' => $body, 'page' => 'upload'));
 }
 public function actionSaveMember()
 {
     if (!Yii::app()->request->isPostRequest) {
         echo json_encode(array('status' => 0, 'message' => 'Only Post request are allowed.'));
         die;
     }
     if (Yii::app()->user->isGuest) {
         echo json_encode(array('status' => 0, 'message' => 'Only authorize user can allow this.'));
         die;
     }
     $member = new Member();
     $member->setAttributes($_POST);
     $member->validate();
     if (!UserAccessTable::checkUser2PropertyAccess(Yii::app()->user->getState('id'), $member->propertyId, UserAccessTable::FULL_ACCESS)) {
         echo json_encode(array('status' => 0, 'message' => 'You can not do this action.'));
         die;
     }
     $errors = $member->getErrors();
     if (count($errors) > 0) {
         echo json_encode(array('status' => 0, 'errors' => $errors));
         die;
     }
     //get property
     $property = Properties::model()->findByPk($member->propertyId);
     //check new user in database
     $user = User::model()->findByAttributes(array('email' => $member->email));
     if ($user != null) {
         //system already contains user with some email
         $eu2p = User2property::model()->with('user')->findByAttributes(array('userId' => $user->getAttribute('id'), 'propertyId' => $member->propertyId));
         if ($eu2p != null) {
             echo json_encode(array('status' => 0, 'message' => 'User already exist.'));
             die;
         }
         $u2p = new User2property();
         $u2p->setAttribute('userId', $user->getAttribute('id'));
         $u2p->setAttribute('bookingName', $member->bookname);
         $u2p->setAttributes($member->attributes);
         $u2p->save();
         $this->layout = "emailmaster";
         $emailBody = $this->render('../emails/emailInviteMember', array('userFullName' => $user->getAttribute('firstname') . ' ' . $user->getAttribute('lastname'), 'senderFullName' => Yii::app()->user->getState('firstname') . ' ' . Yii::app()->user->getState('lastname'), 'propertyName' => $property->getAttribute('property_name'), 'access' => UserAccessTable::accessLevelToString($member->access)), true);
         MailHelper::send($emailBody, "SharedKey.com - New Property Added to Your Account", array($user->getAttribute('email')));
         $temp = User2property::model()->with('user')->findByPk($u2p->getAttribute('id'));
         echo json_encode(array('status' => 1, 'member' => $this->createViewItem($temp)));
         die;
     }
     $newUser = new User();
     $newUser->setAttributes($member->attributes);
     $password = PasswordGenerator::generatePassword();
     $newUser->setAttribute('password', $password);
     $newUser->setAttribute('property_id', $member->propertyId);
     $tutorialModel = new TutorialModel();
     $tutorialModel->setAttributes(array('gallery' => 1, 'guest_book' => 1, 'house_rules' => 1, 'key_contacts' => 1, 'mapdirections' => 1, 'notice_board' => 1, 'tourist_info' => 1));
     $tutorialModel->save();
     $newUser->setAttribute('tutorial_id', $tutorialModel->id);
     $newUser->setAttribute('status', 1);
     $newUser->setAttribute('createdDate', new CDbExpression('NOW()'));
     $newUser->save();
     $u2p = new User2property();
     $u2p->setAttribute('userId', $newUser->getAttribute('id'));
     $u2p->setAttribute('bookingName', $member->bookname);
     $u2p->setAttributes($member->attributes);
     $u2p->save();
     $this->layout = "emailmaster";
     $emailBody = $this->render('../emails/emailInviteNewMember', array('userFullName' => $newUser->getAttribute('firstname') . ' ' . $newUser->getAttribute('lastname'), 'senderFullName' => Yii::app()->user->getState('firstname') . ' ' . Yii::app()->user->getState('lastname'), 'propertyName' => $property->getAttribute('property_name'), 'email' => $newUser->getAttribute('email'), 'access' => UserAccessTable::accessLevelToString($member->access), 'password' => $password), true);
     MailHelper::send($emailBody, "Sharedkey.com - Invitation to " . $property->getAttribute('property_name'), array($newUser->getAttribute('email')));
     $temp = User2property::model()->with('user')->findByPk($u2p->getAttribute('id'));
     echo json_encode(array('status' => 1, 'member' => $this->createViewItem($temp)));
     die;
 }