public function testAll()
{
if ($this->config === null) {
$this->sendMessage('Ldap plugin for jauth is not tested because there isn\'t configuration.' . ' To test it, you should create and configure an auth_ldap.coord.ini.php file.');
return;
}
for ($i = 1; $i <= NB_USERS_LDAP; $i++) {
$myUser = jAuth::createUserObject("testldap usr {$i}", "pass{$i}");
$this->assertTrue($myUser instanceof jAuthUserLDAP);
jAuth::saveNewUser($myUser);
$myUserLDAP = jAuth::getUser("testldap usr {$i}");
$user = "******"jAuthUserLDAP\">\n <string property=\"login\" value=\"testldap usr {$i}\" />\n <string property=\"email\" value=\"\" />\n <array property=\"cn\">array('testldap usr {$i}')</array>\n <array property=\"distinguishedName\">array('CN=testldap usr {$i},{$this->config['ldap']['searchBaseDN']}')</array>\n <array property=\"name\">array('testldap usr {$i}')</array>\n <string property=\"password\" value=\"\" />\n </object>\n ";
$this->assertComplexIdenticalStr($myUserLDAP, $user);
$myUser->email = "usr{$i}.testldap@domain.com";
jAuth::updateUser($myUser);
$myUserLDAP = jAuth::getUser("testldap usr {$i}");
$user = "******"login\" value=\"testldap usr {$i}\" />\n <array property=\"email\">array('usr{$i}.testldap@domain.com')</array>\n <array property=\"cn\">array('testldap usr {$i}')</array>\n <array property=\"distinguishedName\">array('CN=testldap usr {$i},{$this->config['ldap']['searchBaseDN']}')</array>\n <array property=\"name\">array('testldap usr {$i}')</array>\n <string property=\"password\" value=\"\" />\n </object>\n ";
$this->assertComplexIdenticalStr($myUserLDAP, $user);
$this->assertTrue(jAuth::verifyPassword("testldap usr {$i}", "pass{$i}"));
$this->assertTrue(jAuth::changePassword("testldap usr {$i}", "newpass{$i}"));
}
$myUsersLDAP = jAuth::getUserList('testldap usr*');
$users = "<array>";
for ($i = 1; $i <= NB_USERS_LDAP; $i++) {
$users .= "\n <object>\n <array property=\"login\">array('testldap usr {$i}')</array>\n <array property=\"email\">array('usr{$i}.testldap@domain.com')</array>\n <array property=\"cn\">array('testldap usr {$i}')</array>\n <array property=\"distinguishedName\">array('CN=testldap usr {$i},{$this->config['ldap']['searchBaseDN']}')</array>\n <array property=\"name\">array('testldap usr {$i}')</array>\n <string property=\"password\" value=\"\" />\n </object>\n ";
}
$users .= "</array>";
$this->assertComplexIdenticalStr($myUsersLDAP, $users);
for ($i = 1; $i <= NB_USERS_LDAP; $i++) {
$this->assertTrue(jAuth::removeUser("testldap usr {$i}"));
}
$myUsersLDAP = jAuth::getUserList('testldap usr*');
$this->assertFalse(count($myUsersLDAP) > 0);
}
/**
*
*/
function save()
{
$rep = $this->getResponse('json');
//parametres
$password = $this->param('password');
$lastname = $this->param('lastname');
$firstname = $this->param('firstname');
$email = $this->param('email');
//alert
$success = false;
$msg = "Profile non modifié";
//verification
//update
if (!empty($firstname) && !empty($lastname) && jFilter::isEmail($email)) {
// instanciation de la factory
$user = jAuth::getUser(jAuth::getUserSession()->id);
// infos user
$user->lastname = $lastname;
$user->firstname = $firstname;
$user->email = $email;
// on le sauvegarde dans la base
try {
jAuth::updateUser($user);
if (!empty($password) && $user->password != $password) {
jAuth::changePassword($user->login, $password);
}
$success = true;
} catch (Exception $e) {
$success = false;
$msg = "Profile non modifié";
}
if ($success) {
$msg = "profile modifié ";
}
}
$rep->data = array('success' => $success, 'msg' => $msg);
return $rep;
}
/**
* activate a new password. the key should be given as a parameter
*/
function confirm()
{
$repError = $this->_check();
if ($repError) {
return $repError;
}
$rep = $this->getResponse("redirect");
$rep->action = "password:confirmform";
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return $rep;
}
$form = jForms::fill('confirmation');
if ($form == null) {
return $rep;
}
if (!$form->check()) {
return $rep;
}
$login = $form->getData('conf_login');
$user = jAuth::getUser($login);
if (!$user) {
$form->setErrorOn('conf_login', jLocale::get('password.form.confirm.login.doesnt.exist'));
return $rep;
}
if ($user->status != JCOMMUNITY_STATUS_PWD_CHANGED) {
jForms::destroy('confirmation');
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('status', JCOMMUNITY_STATUS_VALID);
$rep->body->assign('MAIN', $tpl->fetch('password_ok'));
return $rep;
}
if (strcmp($user->request_date, date('Y-m-d H:i:s', time() - 48 * 60 * 60)) < 0) {
jForms::destroy('confirmation');
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('status', JCOMMUNITY_STATUS_MAIL_CHANGED);
$rep->body->assign('MAIN', $tpl->fetch('password_ok'));
return $rep;
}
if ($form->getData('conf_key') != $user->keyactivate) {
$form->setErrorOn('conf_key', jLocale::get('password.form.confirm.bad.key'));
return $rep;
}
$passwd = $form->getData('conf_password');
$user->status = JCOMMUNITY_STATUS_VALID;
jAuth::updateUser($user);
jAuth::changePassword($login, $passwd);
jAuth::login($login, $passwd);
jForms::destroy('confirmation');
$rep->action = "password:confirmok";
return $rep;
}
/**
* save data of a form in a new record
*/
function saveupdate()
{
$rep = $this->getResponse('redirect');
$id = $this->param('id');
$form = jForms::get($this->form, $id);
$form->initFromRequest();
if ($form === null || $id === null) {
$rep->action = 'master_admin~default:index';
return $rep;
}
$evresp = array();
if ($form->check() && !jEvent::notify('jauthdbAdminCheckUpdateForm', array('form' => $form))->inResponse('check', false, $evresp)) {
extract($form->prepareDaoFromControls($this->dao, $id, $this->dbProfile), EXTR_PREFIX_ALL, "form");
// we call jAuth instead of using jDao, to allow jAuth to do
// all process, events...
jAuth::updateUser($form_daorec);
$form->saveAllFiles($this->uploadsDirectory);
$rep->action = 'user:index';
jMessage::add(jLocale::get('crud.message.update.ok', $id), 'notice');
jForms::destroy($this->form, $id);
} else {
$rep->action = 'user:editupdate';
}
$rep->params['id'] = $id;
return $rep;
}
/**
* activate an account. the key should be given as a parameter
*/
function confirm()
{
if (jAuth::isConnected()) {
return $this->noaccess();
}
$rep = $this->getResponse("redirect");
$rep->action = "registration:confirmform";
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return $rep;
}
$form = jForms::fill('confirmation');
if ($form == null) {
return $rep;
}
if (!$form->check()) {
return $rep;
}
$login = $form->getData('conf_login');
$user = jAuth::getUser($login);
if (!$user) {
$form->setErrorOn('conf_login', jLocale::get('register.form.confirm.login.doesnt.exist'));
return $rep;
}
if ($user->status != JCOMMUNITY_STATUS_NEW) {
jForms::destroy('confirmation');
$rep = $this->getResponse('html');
$tpl = new jTpl();
$tpl->assign('already', true);
$rep->body->assign('MAIN', $tpl->fetch('registration_ok'));
return $rep;
}
if ($form->getData('conf_key') != $user->keyactivate) {
$form->setErrorOn('conf_key', jLocale::get('register.form.confirm.bad.key'));
return $rep;
}
$user->status = JCOMMUNITY_STATUS_VALID;
jEvent::notify('jcommunity_registration_confirm', array('user' => $user));
jAuth::updateUser($user);
jAuth::changePassword($login, $form->getData('conf_password'));
jAuth::login($login, $form->getData('conf_password'));
jForms::destroy('confirmation');
$rep->action = "registration:confirmok";
return $rep;
}
/**
*
*/
function save()
{
$rep = $this->getResponse('json');
//parametres
$id = $this->intParam('id', null, true);
$active = $this->param('active', 'NO', true);
$login = $this->param('login');
$password = $this->param('password');
$lastname = $this->param('lastname');
$firstname = $this->param('firstname');
$email = $this->param('email');
$phone = $this->param('phone');
//verification
if ($id) {
//update
if (!empty($firstname) && !empty($lastname) && !empty($active) && jFilter::isEmail($email)) {
// instanciation de la factory
$user = jAuth::getUser($login);
// infos user
$user->phone = $phone;
$user->lastname = $lastname;
$user->firstname = $firstname;
$user->email = $email;
$user->active = $active;
// on le sauvegarde dans la base
try {
jAuth::updateUser($user);
if (!empty($password) && $user->password != $password) {
jAuth::changePassword($user->login, $password);
}
$this->success = true;
$this->msg = "utilisateur modifié ";
} catch (Exception $e) {
$this->success = false;
$this->msg = "utilisateur non modifié";
}
}
} else {
//insert
if (!empty($login) && !empty($password) && !empty($firstname) && !empty($lastname) && !empty($active) && jFilter::isEmail($email)) {
// instanciation
$user = jAuth::createUserObject($login, $password);
// infos user
$user->phone = $phone;
$user->lastname = $lastname;
$user->firstname = $firstname;
$user->email = $email;
$user->active = $active;
// on le sauvegarde dans la base
try {
$this->success = jAuth::saveNewUser($user);
$this->msg = "utilisateur ajouté ";
} catch (Exception $e) {
$this->success = false;
$this->msg = "utilisateur non ajouté";
}
}
}
$rep->data = array('success' => $this->success, 'msg' => $this->msg);
return $rep;
}
/**
* let's change the user password
*/
function savenewpwd()
{
$login = $this->param('user');
$rep = $this->getResponse('redirect');
$rep->action = 'jcommunity~account:show';
$rep->params = array('user' => $login);
if ($login == '' || !jAuth::isConnected() || jAuth::getUserSession()->login != $login) {
return $rep;
}
$form = jForms::fill('havefnubb~pwd', $login);
if (!$form) {
return $rep;
}
// check the form !
$form->check();
//if error go back to the form to retry to change the password
if (count($form->getErrors())) {
$rep->action = 'havefnubb~members:changepwd';
// check if the new password is different from the actual one
} else {
if ($form->getData('conf_password') == $form->getData('old_password')) {
jMessage::add(jLocale::get('havefnubb~members.pwd.passwd.are.the.same.unchanged'), 'warning');
$rep->action = 'havefnubb~members:changepwd';
return $rep;
}
//update the password
$passwd = $form->getData('conf_password');
$user = jAuth::getUser($login);
// update the user info
jAuth::updateUser($user);
// change the pass
jAuth::changePassword($login, $passwd);
// login back with new pass
jAuth::login($login, $passwd);
jForms::destroy('havefnubb~pwd');
}
jMessage::add(jLocale::get('havefnubb~member.pwd.passwd.successfully.changed'), 'ok');
return $rep;
}
function changePassword()
{
$rep = $this->getResponse('html');
$token = uniqid('', true);
$email = $this->param("email");
$success = false;
$msg = "Echec de l'operation : lien expiré ";
// security
$recaptcha = $this->param("g-recaptcha-response");
if (empty($recaptcha)) {
$rep = $this->getResponse('redirect');
$rep->action = "user~default:lostPass";
$rep->params = array('msg' => "Formulaire invalide : Vueillez cocher la case je ne suis pas un robot et respecter les instructions");
return $rep;
} else {
$response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $this->secretkey . "&response=" . $recaptcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']);
if ($response . success == false) {
$rep = $this->getResponse('redirect');
$rep->action = "user~default:lostPass";
$rep->params = array('msg' => "Formulaire invalide : Vueillez cocher la case je ne suis pas un robot et respecter les instructions");
return $rep;
}
}
// end security
//$userFactory= jDao::get("user~user");
$exst = jAuth::getUser($email);
$rep->bodyTpl = "changepassmessage";
if (!empty($email) && jFilter::isEmail($email) && $exst->id) {
//$userFactory= jDao::get("user~user");
$user = jAuth::getUser($email);
// $user->status=1;
$user->keyactivate = $token;
try {
jAuth::updateUser($user);
$success = true;
} catch (Exception $e) {
$success = false;
$msg = "Opération échouée : " . "Veuillez recommencez s'il vous plait";
$rep = $this->getResponse('redirect');
$rep->action = "user~default:lostPass";
$rep->params = array('msg' => $msg);
return $rep;
}
if ($success) {
$msg = "Opération effectuée avec succès : " . "votre mot de passe a ete réinitialisé" . " veuillez consulter votre mail pour l'activer";
//mail
$mail = new jMailer();
$tpl = $mail->Tpl('user~changepassmail', false);
$tpl->assign('user', $user);
$mail->Send();
}
}
$rep->body->assign('MESSAGE', $msg);
return $rep;
}
