public function actionLeave($id = null)
{
if ($id !== null) {
$p = YumUsergroup::model()->findByPk($id);
$participants = $p->participants;
if (!in_array(Yii::app()->user->id, $participants)) {
Yum::setFlash(Yum::t('You are not participating in this group'));
} else {
$participants = $p->participants;
foreach ($participants as $key => $participant) {
if ($participant == Yii::app()->user->id) {
unset($participants[$key]);
}
}
$p->participants = $participants;
if ($p->save(array('participants'))) {
Yum::setFlash(Yum::t('You have left this group'));
Yum::log(Yum::t('User {username} left group id {id}', array('{username}' => Yii::app()->user->data()->username, '{id}' => $id)));
}
}
$this->redirect(array('//usergroup/groups/index'));
} else {
throw new CHttpException(404);
}
}
public function actionEditAvatar()
{
$model = YumUser::model()->findByPk(Yii::app()->user->id);
if (isset($_POST['YumUser'])) {
$model->attributes = $_POST['YumUser'];
$model->setScenario('avatarUpload');
if (Yum::module('avatar')->avatarMaxWidth != 0) {
$model->setScenario('avatarSizeCheck');
}
$model->avatar = CUploadedFile::getInstanceByName('YumUser[avatar]');
if ($model->validate()) {
if ($model->avatar instanceof CUploadedFile) {
// Prepend the id of the user to avoid filename conflicts
$filename = Yum::module('avatar')->avatarPath . '/' . $model->id . '_' . $_FILES['YumUser']['name']['avatar'];
$model->avatar->saveAs($filename);
$model->avatar = $filename;
if ($model->save()) {
Yum::setFlash(Yum::t('The image was uploaded successfully'));
Yum::log(Yum::t('User {username} uploaded avatar image {filename}', array('{username}' => $model->username, '{filename}' => $model->avatar)));
$this->redirect(array('//profile/profile/view'));
}
}
}
}
$this->render('edit_avatar', array('model' => $model));
}
public function afterSave()
{
// If the user has activated email receiving, send a email
if ($this->to_user->privacy && $this->to_user->privacy->message_new_message) {
Yum::log(Yum::t('Message id {id} has been sent from user {from_user_id} to user {to_user_id}', array('{id}' => $this->id, '{from_user_id}' => $this->from_user_id, '{to_user_id}' => $this->to_user_id)));
YumMailer::send($this->to_user->profile->email, $this->title, $this->message);
}
return parent::afterSave();
}
public function beforeSave()
{
if ($this->isNewRecord) {
// If the user has activated email receiving, send a email
if ($this->to_user->privacy && $this->to_user->privacy->message_new_message) {
Yum::log(Yum::t('Message id {id} has been sent from user {from_user_id} to user {to_user_id}', array('{id}' => $this->id, '{from_user_id}' => $this->from_user_id, '{to_user_id}' => $this->to_user_id)));
$answer_link = CHtml::link(Yum::t('Click here to respond to {username}', array('{username}' => $this->from_user->username)), Yii::app()->controller->createAbsoluteUrl('//message/message/compose', array('to_user_id' => $this->from_user_id)));
YumMailer::send($this->to_user->profile->email, Yum::t('New message from {from}: {subject}', array('{from}' => $this->from_user->username, '{subject}' => $this->title)), $this->message . '<br />' . $answer_link);
}
}
return parent::beforeSave();
}
public function actionCreate()
{
$this->layout = Yum::module()->adminLayout;
$model = new YumRole();
$this->performAjaxValidation($model, 'yum-role-form');
if (isset($_POST['YumRole'])) {
$model->attributes = $_POST['YumRole'];
if ($model->save()) {
if (Yum::module()->enableLogging == true) {
$user = YumUser::model()->findbyPK(Yii::app()->user->id);
Yum::log(Yum::t('The role {role} has been created by {username}', array('{role}' => $model->title, '{username}' => Yii::app()->user->data()->username)));
}
$this->redirect(array('admin'));
}
}
$this->render('create', array('model' => $model));
}
public function actionJoin($id = null)
{
if ($id !== null) {
$p = YumUsergroup::model()->findByPk($id);
$participants = $p->participants;
if (in_array(Yii::app()->user->id, $participants)) {
Yum::setFlash(Yum::t('You are already participating in this group'));
} else {
$participants[] = Yii::app()->user->id;
$p->participants = $participants;
if ($p->save(array('participants'))) {
Yum::setFlash(Yum::t('You have joined this group'));
Yum::log(Yum::t('User {username} joined group id {id}', array('{username}' => Yii::app()->user->data()->username, '{id}' => $id)));
}
}
$this->redirect(array('//usergroup/groups/view', 'id' => $id));
}
}
/**
* Password recovery routine. The User will receive an email with an
* activation link. If clicked, he will be prompted to enter his new
* password.
*/
public function actionRecovery($email = null, $key = null)
{
$form = new YumPasswordRecoveryForm();
if ($email != null && $key != null) {
if ($profile = YumProfile::model()->find('email = :email', array('email' => $email))) {
$user = $profile->user;
if ($user->status <= 0) {
throw new CHttpException(403, 'User is not active');
} else {
if ($user->activationKey == urldecode($key)) {
$passwordform = new YumUserChangePassword();
if (isset($_POST['YumUserChangePassword'])) {
$passwordform->attributes = $_POST['YumUserChangePassword'];
if ($passwordform->validate()) {
$user->setPassword($passwordform->password);
$user->activationKey = CPasswordHelper::hashPassword(microtime() . $passwordform->password, Yum::module()->passwordHashCost);
$user->save();
Yum::setFlash('Your new password has been saved.');
if (Yum::module('registration')->loginAfterSuccessfulRecovery) {
$login = new YumUserIdentity($user->username, false);
$login->authenticate(true);
Yii::app()->user->login($login);
$this->redirect(Yii::app()->homeUrl);
} else {
$this->redirect(Yum::module()->loginUrl);
}
}
}
$this->render(Yum::module('registration')->changePasswordView, array('form' => $passwordform));
Yii::app()->end();
} else {
$form->addError('login_or_email', Yum::t('Invalid recovery key'));
Yum::log(Yum::t('Someone tried to recover a password, but entered a wrong recovery key. Email is {email}, associated user is {username} (id: {uid})', array('{email}' => $email, '{uid}' => $user->id, '{username}' => $user->username)));
}
}
}
} else {
if (isset($_POST['YumPasswordRecoveryForm'])) {
$form->attributes = $_POST['YumPasswordRecoveryForm'];
if ($form->validate()) {
if ($form->user instanceof YumUser) {
if ($form->user->status <= 0) {
throw new CHttpException(403, 'User is not active');
}
$form->user->generateActivationKey();
$recovery_url = $this->createAbsoluteUrl(Yum::module('registration')->recoveryUrl[0], array('key' => urlencode($form->user->activationKey), 'email' => $form->user->profile->email));
Yum::log(Yum::t('{username} successfully requested a new password in the password recovery form. A email with the password recovery url {recovery_url} has been sent to {email}', array('{email}' => $form->user->profile->email, '{recovery_url}' => $recovery_url, '{username}' => $form->user->username)));
$mail = array('from' => Yii::app()->params['adminEmail'], 'to' => $form->user->profile->email, 'subject' => 'You requested a new password', 'body' => strtr('You have requested a new password. Please use this URL to continue: {recovery_url}', array('{recovery_url}' => $recovery_url)));
$sent = YumMailer::send($mail);
Yum::setFlash('Instructions have been sent to you. Please check your email.');
} else {
Yum::log(Yum::t('A password has been requested, but no associated user was found in the database. Requested user/email is: {username}', array('{username}' => $form->login_or_email)));
}
$this->redirect(Yum::module()->loginUrl);
}
}
}
$this->render(Yum::module('registration')->recoverPasswordView, array('form' => $form));
}
public function actionLogout()
{
// If the user is already logged out send them to returnLogoutUrl
if (Yii::app()->user->isGuest) {
$this->redirect(Yum::module()->returnLogoutUrl);
}
//let's delete the login_type cookie
$cookie = Yii::app()->request->cookies['login_type'];
if ($cookie) {
$cookie->expire = time() - 3600 * 72;
Yii::app()->request->cookies['login_type'] = $cookie;
}
if ($user = YumUser::model()->findByPk(Yii::app()->user->id)) {
$username = $user->username;
$user->logout();
if (Yii::app()->user->name == 'facebook') {
if (!Yum::module()->loginType & UserModule::LOGIN_BY_FACEBOOK) {
throw new Exception('actionLogout for Facebook was called, but is not activated in main.php');
}
Yii::import('application.modules.user.vendors.facebook.*');
require_once 'Facebook.php';
$facebook = new Facebook(Yum::module()->facebookConfig);
$fb_cookie = 'fbs_' . Yum::module()->facebookConfig['appId'];
$cookie = Yii::app()->request->cookies[$fb_cookie];
if ($cookie) {
$cookie->expire = time() - 1 * (3600 * 72);
Yii::app()->request->cookies[$cookie->name] = $cookie;
$servername = '.' . Yii::app()->request->serverName;
setcookie("{$fb_cookie}", "", time() - 3600);
setcookie("{$fb_cookie}", "", time() - 3600, "/", "{$servername}", 1);
}
$session = $facebook->getSession();
Yum::log('Facebook logout from user ' . $username);
Yii::app()->user->logout();
$this->redirect($facebook->getLogoutUrl(array('next' => $this->createAbsoluteUrl(Yum::module()->returnLogoutUrl), 'session_key' => $session['session_key'])));
} else {
Yum::log(Yum::t('User {username} logged off', array('{username}' => $username)));
Yii::app()->user->logout();
}
}
$this->redirect(Yum::module()->returnLogoutUrl);
}
/**
* Change password
*/
public function actionChangePassword($expired = false) {
$uid = Yii::app()->user->id;
if(isset($_GET['id']))
$uid = $_GET['id'];
$form = new YumUserChangePassword;
$form->scenario = 'user_request';
if(isset($_POST['YumUserChangePassword'])) {
$form->attributes = $_POST['YumUserChangePassword'];
$form->validate();
if(YumUser::encrypt($form->currentPassword) != YumUser::model()->findByPk($uid)->password)
$form->addError('currentPassword',
Yum::t('Your current password is not correct'));
if(!$form->hasErrors()) {
if(YumUser::model()->findByPk($uid)->setPassword($form->password)) {
Yum::setFlash('The new password has been saved');
Yum::log(Yum::t('User {username} has changed his password', array(
'{username}' => Yii::app()->user->name)));
}
else {
Yum::setFlash('There was an error saving the password');
Yum::log(
Yum::t(
'User {username} tried to change his password, but an error occured', array(
'{username}' => Yii::app()->user->name)), 'error');
}
$this->redirect(Yum::module()->returnUrl);
}
}
if(Yii::app()->request->isAjaxRequest)
$this->renderPartial('changepassword', array(
'form'=>$form,
'expired' => $expired));
else
$this->render('changepassword', array(
'form'=>$form,
'expired' => $expired));
}
/**
* Change password
*/
public function actionChangePassword($expired = false)
{
$id = Yii::app()->user->id;
$user = YumUser::model()->findByPk($id);
if (!$user) {
throw new CHttpException(403, Yum::t('User can not be found'));
} else {
if ($user->status <= 0) {
throw new CHttpException(404, Yum::t('User is not active'));
}
}
$form = new YumUserChangePassword();
$form->scenario = 'user_request';
if (isset($_POST['YumUserChangePassword'])) {
$form->attributes = $_POST['YumUserChangePassword'];
$form->validate();
if (!CPasswordHelper::verifyPassword($form->currentPassword, YumUser::model()->findByPk($id)->password)) {
$form->addError('currentPassword', Yum::t('Your current password is not correct'));
}
if (!$form->hasErrors()) {
if (YumUser::model()->findByPk($id)->setPassword($form->password)) {
Yum::setFlash('The new password has been saved');
Yum::log(Yum::t('User {username} has changed his password', array('{username}' => Yii::app()->user->name)));
} else {
Yum::setFlash('There was an error saving the password');
Yum::log(Yum::t('User {username} tried to change his password, but an error occured', array('{username}' => Yii::app()->user->name)), 'error');
}
$this->redirect(Yum::module()->returnUrl);
}
}
if (Yii::app()->request->isAjaxRequest) {
$this->renderPartial(Yum::module()->changePasswordView, array('form' => $form, 'expired' => $expired));
} else {
$this->render(Yum::module()->changePasswordView, array('form' => $form, 'expired' => $expired));
}
}
/**
* Activation of an user account.
* If everything is set properly, and the emails exists in the database,
* and is associated with a correct user, and this user has the status
* NOTACTIVE and the given activationKey is identical to the one in the
* database then generate a new Activation key to avoid double activation,
* set the status to ACTIVATED and save the data
* Error Codes:
* -1 : User is not inactive, it can not be activated
* -2 : Wrong activation key
* -3 : Profile found, but no user - database inconsistency?
*/
public static function activate($email, $key)
{
Yii::import('application.modules.profile.models.*');
if ($profile = YumProfile::model()->find("email = :email", array(':email' => $email))) {
if ($user = $profile->user) {
if ($user->status != self::STATUS_INACTIVE) {
return -1;
}
if ($user->activationKey == $key) {
$user->activationKey = $user->generateActivationKey(true);
$user->status = self::STATUS_ACTIVE;
if ($user->save(false, array('activationKey', 'status'))) {
Yum::log(Yum::t('User {username} has been activated', array('{username}' => $user->username)));
if (Yum::hasModule('messages') && Yum::module('registration')->enableActivationConfirmation) {
Yii::import('application.modules.messages.models.YumMessage');
YumMessage::write($user, 1, Yum::t('Your activation succeeded'), strtr('The activation of the account {username} succeeded. Please use <a href="{link_login}">this link</a> to go to the login page', array('{username}' => $user->username, '{link_login}' => Yii::app()->controller->createUrl('//user/user/login'))));
}
return $user;
}
} else {
return -2;
}
} else {
return -3;
}
}
return false;
}
/**
* Password recovery routine. The User will receive an email with an
* activation link. If clicked, he will be prompted to enter his new
* password.
*/
public function actionRecovery($email = null, $key = null) {
$form = new YumPasswordRecoveryForm;
if ($email != null && $key != null) {
if($profile = YumProfile::model()->find('email = :email', array(
'email' => $email))) {
$user = $profile->user;
if($user->activationKey == $key) {
$passwordform = new YumUserChangePassword;
if (isset($_POST['YumUserChangePassword'])) {
$passwordform->attributes = $_POST['YumUserChangePassword'];
if ($passwordform->validate()) {
$user->password = YumUser::encrypt($passwordform->password);
$user->activationKey = YumUser::encrypt(microtime() . $passwordform->password);
$user->save();
Yum::setFlash('Your new password has been saved.');
$this->redirect(Yum::module()->loginUrl);
}
}
$this->render(
Yum::module('registration')->changePasswordView, array(
'form' => $passwordform));
Yii::app()->end();
} else {
$form->addError('login_or_email', Yum::t('Invalid recovery key'));
Yum::log(Yum::t(
'Someone tried to recover a password, but entered a wrong recovery key. Email is {email}, associated user is {username} (id: {uid})', array(
'{email}' => $email,
'{uid}' => $user->id,
'{username}' => $user->username)));
}
}
} else {
if (isset($_POST['YumPasswordRecoveryForm'])) {
$form->attributes = $_POST['YumPasswordRecoveryForm'];
if ($form->validate()) {
Yum::setFlash(
'Instructions have been sent to you. Please check your email.');
if($form->user instanceof YumUser) {
$form->user->generateActivationKey();
$recovery_url = $this->createAbsoluteUrl(
Yum::module('registration')->recoveryUrl[0], array(
'key' => $form->user->activationKey,
'email' => $form->user->profile->email));
Yum::log(Yum::t(
'{username} successfully requested a new password in the password recovery form. A email with the password recovery url {recovery_url} has been sent to {email}', array(
'{email}' => $form->user->profile->email,
'{recovery_url}' => $recovery_url,
'{username}' => $form->user->username)));
$content = YumTextSettings::model()->find(
'language = :lang', array('lang' => Yii::app()->language));
$sent = null;
if (is_object($content)) {
$mail = array(
'from' => Yii::app()->params['adminEmail'],
'to' => $form->user->profile->email,
'subject' => $content->subject_email_registration,
'body' => strtr($content->text_email_recovery, array(
'{recovery_url}' => $recovery_url)),
);
$sent = YumMailer::send($mail);
} else {
throw new CException(Yum::t('The messages for your application language are not defined.'));
}
} else
Yum::log(Yum::t(
'A password has been requested, but no associated user was found in the database. Requested user/email is: {username}', array(
'{username}' => $form->login_or_email)));
$this->redirect(Yum::module()->loginUrl);
}
}
}
$this->render(Yum::module('registration')->recoverPasswordView, array(
'form' => $form));
}
/**
* Activation of an user account.
* If everything is set properly, and the emails exists in the database,
* and is associated with a correct user, and this user has the status
* NOTACTIVE and the given activationKey is identical to the one in the
* database then generate a new Activation key to avoid double activation,
* set the status to ACTIVATED and save the data
* Error Codes:
* -1 : User is not inactive, it can not be activated
* -2 : Wrong activation key
* -3 : Profile found, but no user - database inconsistency?
*/
public static function activate($email, $key)
{
Yii::import('application.modules.profile.models.*');
if ($profile = YumProfile::model()->find("email = :email", array(
':email' => $email))
) {
if ($user = $profile->user) {
if ($user->status != self::STATUS_INACTIVE)
return -1;
if ($user->activationKey == $key) {
$user->activationKey = $user->generateActivationKey(true);
$user->status = self::STATUS_ACTIVE;
if ($user->save(false, array('activationKey', 'status'))) {
Yum::log(Yum::t('User {username} has been activated', array(
'{username}' => $user->username)));
if (Yum::hasModule('messages')
&& Yum::module('registration')->enableActivationConfirmation
) {
Yii::import('application.modules.messages.models.YumMessage');
YumMessage::write($user, 1,
Yum::t('Your activation succeeded'),
YumTextSettings::getText('text_email_activation', array(
'{username}' => $user->username,
'{link_login}' =>
Yii::app()->controller->createUrl('//user/user/login'))));
}
return $user;
}
} else return -2;
} else return -3;
}
return false;
}
public function actionLogout()
{
// If the user is already logged out send them to returnLogoutUrl
if (Yii::app()->user->isGuest) {
$this->redirect(Yum::module()->returnLogoutUrl);
}
// let's delete the login_type cookie
$cookie = Yii::app()->request->cookies['login_type'];
if ($cookie) {
$cookie->expire = time() - Yum::module()->cookieDuration;
Yii::app()->request->cookies['login_type'] = $cookie;
}
if ($user = YumUser::model()->findByPk(Yii::app()->user->id)) {
$user->logout();
Yum::log(Yum::t('User {username} logged off', array('{username}' => $user->username)));
Yii::app()->user->logout();
}
$this->redirect(Yum::module()->returnLogoutUrl);
}
