/**
* Darse de baja
* - Si no llega nada, mostrar formulario para que pongan el email de su cuenta
* - Si llega post es una peticion, comprobar que el email que han puesto es válido
* si no es, dejarlos en el formulario y mensaje de error
* si es válido, enviar email con la url y mensaje de ok
*
* - Si llega un hash, verificar y dar de baja la cuenta (desactivar y ocultar)
*
* @param string $token Codigo
*/
public function leave($token = null)
{
// si el token mola, lo doy de baja
if (!empty($token)) {
$token = base64_decode($token);
$parts = explode('¬', $token);
if (count($parts) > 1) {
$query = Model\User::query('SELECT id FROM user WHERE email = ? AND token = ?', array($parts[1], $token));
if ($id = $query->fetchColumn()) {
if (!empty($id)) {
// el token coincide con el email y he obtenido una id
if (Model\User::cancel($id)) {
Message::Info(Text::get('leave-process-completed'));
throw new Redirection(SEC_URL . '/user/login');
} else {
Message::Error(Text::get('leave-process-fail'));
throw new Redirection(SEC_URL . '/user/login');
}
}
}
}
$error = Text::get('leave-token-incorrect');
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['leaving'])) {
if (Model\User::leaving($_POST['email'], $_POST['reason'])) {
$message = Text::get('leave-email-sended');
unset($_POST['email']);
unset($_POST['reason']);
} else {
$error = Text::get('leave-request-fail');
}
}
return new View('view/user/leave.html.php', array('error' => $error, 'message' => $message));
}
public static function process($action = 'list', $id = null, $filters = array(), $subaction = '')
{
// @NODESYS
$nodes = array();
// @NODESYS
$node = \GOTEO_NODE;
$errors = array();
switch ($action) {
case 'add':
// si llega post: creamos
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// para crear se usa el mismo método save del modelo, hay que montar el objeto
$user = new Model\User();
$user->userid = $_POST['userid'];
$user->name = $_POST['name'];
$user->email = $_POST['email'];
$user->password = $_POST['password'];
$user->node = !empty($_POST['node']) ? $_POST['node'] : \GOTEO_NODE;
if (isset($_SESSION['admin_node']) && $user->node != $_SESSION['admin_node']) {
$user->node = $_SESSION['admin_node'];
}
$user->save($errors);
if (empty($errors)) {
// mensaje de ok y volvemos a la lista de usuarios
Message::Info(Text::get('user-register-success'));
throw new Redirection('/admin/users/manage/' . $user->id);
} else {
// si hay algun error volvemos a poner los datos en el formulario
$data = $_POST;
Message::Error(implode('<br />', $errors));
}
}
// vista de crear usuario
return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'add', 'data' => $data, 'nodes' => $nodes));
break;
case 'edit':
$user = Model\User::get($id);
// si llega post: actualizamos
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$tocado = array();
// para crear se usa el mismo método save del modelo, hay que montar el objeto
if (!empty($_POST['email'])) {
$user->email = $_POST['email'];
$tocado[] = Text::_('el email');
}
if (!empty($_POST['password'])) {
$user->password = $_POST['password'];
$tocado[] = Text::_('la contraseña');
}
if (!empty($tocado) && $user->update($errors)) {
// Evento Feed
$log = new Feed();
$log->setTarget($user->id, 'user');
$log->populate(Text::_('Operación sobre usuario'), '/admin/users', \vsprintf('El admin %s ha %s del usuario %s', array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Tocado ' . implode(' y ', $tocado)), Feed::item('user', $user->name, $user->id))));
$log->doAdmin('user');
unset($log);
// mensaje de ok y volvemos a la lista de usuarios
Message::Info(Text::_('Datos actualizados'));
throw new Redirection('/admin/users');
} else {
// si hay algun error volvemos a poner los datos en el formulario
$data = $_POST;
Message::Error(Text::_('No se ha guardado correctamente. ') . implode('<br />', $errors));
}
}
// vista de editar usuario
return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'edit', 'user' => $user, 'data' => $data, 'nodes' => $nodes));
break;
case 'manage':
// si llega post: ejecutamos + mensaje + seguimos editando
// operación y acción para el feed
$mngSa = static::_manageSubAct();
$sql = $mngSa[$subaction]['sql'];
$log_action = $mngSa[$subaction]['log'];
if (!empty($sql)) {
$user = Model\User::getMini($id);
if (Model\User::query($sql, array(':user' => $id))) {
// mensaje de ok y volvemos a la gestion del usuario
// Message::Info('Ha <strong>' . $log_action . '</strong> al usuario <strong>'.$user->name.'</strong> CORRECTAMENTE');
$log_text = 'El admin %s ha %s al usuario %s';
// procesos adicionales
switch ($subaction) {
case 'admin':
case 'noadmin':
// @NODESYS : this admin/noadmin subactions are here for NODESYS module extra
break;
case 'translator':
// le ponemos todos los idiomas (excepto el español)
$sql = "INSERT INTO user_translang (user, lang) SELECT '{$id}' as user, id as lang FROM `lang` WHERE id != 'es'";
Model\User::query($sql);
break;
case 'notranslator':
// quitamos los idiomas
$sql = "DELETE FROM user_translang WHERE user = :user";
Model\User::query($sql, array(':user' => $id));
break;
}
} else {
// mensaje de error y volvemos a la gestion del usuario
Message::Error('Ha FALLADO cuando ha <strong>' . $log_action . '</strong> al usuario <strong>' . $id . '</strong>');
$log_text = 'Al admin %s le ha <strong>FALLADO</strong> cuando ha %s al usuario %s';
}
// Evento Feed
$log = new Feed();
$log->setTarget($user->id, 'user');
$log->populate(Text::_('Operación sobre usuario'), '/admin/users', \vsprintf($log_text, array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', $log_action), Feed::item('user', $user->name, $user->id))));
$log->doAdmin('user');
unset($log);
throw new Redirection('/admin/users/manage/' . $id);
}
$user = Model\User::get($id);
$viewData = array('folder' => 'users', 'file' => 'manage', 'user' => $user, 'nodes' => $nodes);
$viewData['roles'] = Model\User::getRolesList();
$viewData['langs'] = Lang::getAll();
// quitamos el español
unset($viewData['langs']['es']);
// vista de gestión de usuario
return new View('view/admin/index.html.php', $viewData);
break;
// aplicar idiomas
// aplicar idiomas
case 'translang':
if (!isset($_POST['user'])) {
Message::Error(Text::_('Hemos perdido de vista al usuario'));
throw new Redirection('/admin/users');
} else {
$user = $_POST['user'];
}
$sql = "DELETE FROM user_translang WHERE user = :user";
Model\User::query($sql, array(':user' => $user));
$anylang = false;
foreach ($_POST as $key => $value) {
if (\substr($key, 0, \strlen('lang_')) == 'lang_') {
$sql = "INSERT INTO user_translang (user, lang) VALUES (:user, :lang)";
if (Model\User::query($sql, array(':user' => $user, ':lang' => $value))) {
$anylang = true;
}
}
}
if (!$anylang) {
Message::Error(Text::_('No se ha seleccionado ningún idioma, este usuario tendrá problemas en su panel de traducción!'));
} else {
Message::Info(Text::_('Se han aplicado al traductor los idiomas seleccionados'));
}
throw new Redirection('/admin/users/manage/' . $user);
break;
case 'impersonate':
$user = Model\User::get($id);
// vista de acceso a suplantación de usuario
return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'impersonate', 'user' => $user, 'nodes' => $nodes));
break;
case 'move':
$user = Model\User::get($id);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$values = array(':id' => $id, ':node' => $_POST['node']);
try {
$sql = "UPDATE user SET node = :node WHERE id = :id";
if (Model\User::query($sql, $values)) {
$log_text = 'El admin %s ha <span class="red">movido</span> el usuario %s al nodo %s';
} else {
$log_text = 'Al admin %s le ha <span class="red">fallado al mover</span> el usuario %s al nodo %s';
}
// Evento Feed
$log = new Feed();
$log->setTarget($user->id, 'user');
$log->populate('User cambiado de nodo (admin)', '/admin/users', \vsprintf($log_text, array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('user', $user->name, $user->id), Feed::item('user', $nodes[$_POST['node']]))));
Message::Error($log->html);
$log->doAdmin('user');
unset($log);
throw new Redirection('/admin/users');
} catch (\PDOException $e) {
Message::Error("Ha fallado! " . $e->getMessage());
}
}
// vista de acceso a suplantación de usuario
return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'move', 'user' => $user, 'nodes' => $nodes));
break;
case 'list':
default:
if (!empty($filters['filtered'])) {
$users = Model\User::getAll($filters, $node);
} else {
$users = array();
}
$status = array('active' => Text::_('Activo'), 'inactive' => Text::_('Inactivo'));
$interests = Model\User\Interest::getAll();
$roles = Model\User::getRolesList();
$roles['user'] = Text::_('Solo usuario');
$types = array('creators' => Text::_('Impulsores'), 'investors' => Text::_('Cofinanciadores'), 'supporters' => Text::_('Colaboradores'));
$orders = array('created' => Text::_('Fecha de alta'), 'name' => Text::_('Alias'), 'id' => Text::_('User'), 'amount' => Text::_('Cantidad'), 'projects' => Text::_('Proyectos'));
// proyectos con aportes válidos
$projects = Model\Invest::projects(true, $node);
return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'list', 'users' => $users, 'filters' => $filters, 'status' => $status, 'interests' => $interests, 'roles' => $roles, 'types' => $types, 'nodes' => $nodes, 'projects' => $projects, 'orders' => $orders));
break;
}
}
public static function process($action = 'list', $id = null, $filters = array())
{
// año fiscal
$year = Model\User\Donor::$currYear;
$year0 = $year;
$year1 = $year - 1;
$errors = array();
$node = isset($_SESSION['admin_node']) ? $_SESSION['admin_node'] : \GOTEO_NODE;
// Valores de filtro
$interests = Model\User\Interest::getAll();
$status = Model\Project::status();
$methods = Model\Invest::methods();
$types = array('investor' => 'Cofinanciadores', 'owner' => 'Autores', 'user' => 'Usuarios');
$roles = array('admin' => 'Administrador', 'checker' => 'Revisor', 'translator' => 'Traductor');
// una variable de sesion para mantener los datos de todo esto
if (!isset($_SESSION['mailing'])) {
$_SESSION['mailing'] = array();
}
switch ($action) {
case 'edit':
$_SESSION['mailing']['receivers'] = array();
$values = array();
$sqlFields = '';
$sqlInner = '';
$sqlFilter = '';
// cargamos los destiantarios
//----------------------------
// por tipo de usuario
switch ($filters['type']) {
case 'investor':
$sqlInner .= "INNER JOIN invest\n ON invest.user = user.id\n AND (invest.status = 0 OR invest.status = 1 OR invest.status = 3 OR invest.status = 4)\n INNER JOIN project\n ON project.id = invest.project\n ";
$sqlFields .= ", project.name as project";
$sqlFields .= ", project.id as projectId";
break;
case 'owner':
$sqlInner .= "INNER JOIN project\n ON project.owner = user.id\n ";
$sqlFields .= ", project.name as project";
$sqlFields .= ", project.id as projectId";
break;
default:
break;
}
$_SESSION['mailing']['filters_txt'] = 'los <strong>' . $types[$filters['type']] . '</strong> ';
if (!empty($filters['project']) && !empty($sqlInner)) {
$sqlFilter .= " AND project.name LIKE (:project) ";
$values[':project'] = '%' . $filters['project'] . '%';
$_SESSION['mailing']['filters_txt'] .= 'de proyectos que su nombre contenga <strong>\'' . $filters['project'] . '\'</strong> ';
} elseif (empty($filters['project']) && !empty($sqlInner)) {
$_SESSION['mailing']['filters_txt'] .= 'de cualquier proyecto ';
}
if (isset($filters['status']) && $filters['status'] > -1 && !empty($sqlInner)) {
$sqlFilter .= "AND project.status = :status ";
$values[':status'] = $filters['status'];
$_SESSION['mailing']['filters_txt'] .= 'en estado <strong>' . $status[$filters['status']] . '</strong> ';
} elseif ($filters['status'] < 0 && !empty($sqlInner)) {
$_SESSION['mailing']['filters_txt'] .= 'en cualquier estado ';
}
if ($filters['type'] == 'investor') {
if (!empty($filters['method']) && !empty($sqlInner)) {
$sqlFilter .= "AND invest.method = :method ";
$values[':method'] = $filters['method'];
$_SESSION['mailing']['filters_txt'] .= 'mediante <strong>' . $methods[$filters['method']] . '</strong> ';
} elseif (empty($filters['method']) && !empty($sqlInner)) {
$_SESSION['mailing']['filters_txt'] .= 'mediante cualquier metodo ';
}
}
if (!empty($filters['interest'])) {
$sqlInner .= "INNER JOIN user_interest\n ON user_interest.user = user.id\n AND user_interest.interest = :interest\n ";
$values[':interest'] = $filters['interest'];
if ($filters['interest'] == 15) {
$_SESSION['mailing']['filters_txt'] .= 'del grupo de testeo ';
} else {
$_SESSION['mailing']['filters_txt'] .= 'interesados en fin <strong>' . $interests[$filters['interest']] . '</strong> ';
}
}
if (!empty($filters['role'])) {
$sqlInner .= "INNER JOIN user_role\n ON user_role.user_id = user.id\n AND user_role.role_id = :role\n ";
$values[':role'] = $filters['role'];
$_SESSION['mailing']['filters_txt'] .= 'que sean <strong>' . $roles[$filters['role']] . '</strong> ';
}
if (!empty($filters['name'])) {
$sqlFilter .= " AND ( user.name LIKE (:name) OR user.email LIKE (:name) ) ";
$values[':name'] = '%' . $filters['name'] . '%';
$_SESSION['mailing']['filters_txt'] .= 'que su nombre o email contenga <strong>\'' . $filters['name'] . '\'</strong> ';
}
if (!empty($filters['donant'])) {
if ($filters['type'] == 'investor') {
$sqlFilter .= " AND invest.resign = 1\n AND invest.status IN (1, 3)\n AND invest.charged >= '{$year0}-01-01'\n AND invest.charged < '{$year1}-01-01'\n AND (project.passed IS NOT NULL AND project.passed != '0000-00-00')\n ";
$_SESSION['mailing']['filters_txt'] .= 'que haya hecho algun donativo ';
} else {
Message::Error('Solo se filtran donantes si se envia "A los: Cofinanciadores"');
}
}
if ($node != \GOTEO_NODE) {
$sqlFilter .= " AND user.node = :node";
$values[':node'] = $node;
if (!empty($sqlInner)) {
$sqlFilter .= " AND project.node = :node";
}
}
$sql = "SELECT\n user.id as id,\n user.id as user,\n user.name as name,\n user.email as email\n {$sqlFields}\n FROM user\n {$sqlInner}\n WHERE user.active = 1\n {$sqlFilter}\n GROUP BY user.id\n ORDER BY user.name ASC\n ";
// die('<pre>'.$sql . '<br />'.print_r($values, 1).'</pre>');
if ($query = Model\User::query($sql, $values)) {
foreach ($query->fetchAll(\PDO::FETCH_OBJ) as $receiver) {
$_SESSION['mailing']['receivers'][$receiver->id] = $receiver;
}
} else {
Message::Error('Fallo el SQL!!!!! <br />' . $sql . '<pre>' . print_r($values, 1) . '</pre>');
}
// si no hay destinatarios, salta a la lista con mensaje de error
if (empty($_SESSION['mailing']['receivers'])) {
Message::Error('No se han encontrado destinatarios para ' . $_SESSION['mailing']['filters_txt']);
throw new Redirection('/admin/mailing/list');
}
// si hay, mostramos el formulario de envio
return new View('view/admin/index.html.php', array('folder' => 'mailing', 'file' => 'edit', 'filters' => $filters, 'interests' => $interests, 'status' => $status, 'types' => $types, 'roles' => $roles));
break;
case 'send':
// die(\trace($_POST));
$URL = NODE_ID != GOTEO_NODE ? NODE_URL : SITE_URL;
// Enviando contenido recibido a destinatarios recibidos
$receivers = array();
$subject = $_POST['subject'];
$templateId = !empty($_POST['template']) ? $_POST['template'] : 11;
$content = \str_replace('%SITEURL%', $URL, $_POST['content']);
// quito usuarios desmarcados
foreach ($_SESSION['mailing']['receivers'] as $usr => $userData) {
$errors = array();
$campo = 'receiver_' . $usr;
if (!isset($_POST[$campo])) {
$_SESSION['mailing']['receivers'][$usr]->ok = null;
} else {
$receivers[] = $userData;
}
}
// montamos el mailing
// - se crea un registro de tabla mail
$sql = "INSERT INTO mail (id, email, html, template, node) VALUES ('', :email, :html, :template, :node)";
$values = array(':email' => 'any', ':html' => $content, ':template' => $templateId, ':node' => $node);
$query = \Goteo\Core\Model::query($sql, $values);
$mailId = \Goteo\Core\Model::insertId();
// - se usa el metodo initializeSending para grabar el envío (parametro para autoactivar)
// - initiateSending ($mailId, $subject, $receivers, $autoactive = 0)
if (\Goteo\Library\Sender::initiateSending($mailId, $subject, $receivers, 1)) {
$ok = true;
// Evento Feed
$log = new Feed();
$log->populate('comunicación masiva a usuarios (admin)', '/admin/mailing', \vsprintf("El admin %s ha iniciado una %s a %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Comunicacion masiva'), $_SESSION['mailing']['filters_txt'])));
$log->doAdmin('admin');
unset($log);
} else {
$ok = false;
// Evento Feed
$log = new Feed();
$log->populate('comunicación masiva a usuarios (admin)', '/admin/mailing', \vsprintf("El admin %s le ha %s una %s a %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'fallado'), Feed::item('relevant', 'Comunicacion masiva'), $_SESSION['mailing']['filters_txt'])));
$log->doAdmin('admin');
unset($log);
}
return new View('view/admin/index.html.php', array('folder' => 'mailing', 'file' => 'send', 'subject' => $subject, 'interests' => $interests, 'status' => $status, 'methods' => $methods, 'types' => $types, 'roles' => $roles, 'users' => $receivers, 'ok' => $ok));
break;
}
return new View('view/admin/index.html.php', array('folder' => 'mailing', 'file' => 'list', 'interests' => $interests, 'status' => $status, 'methods' => $methods, 'types' => $types, 'roles' => $roles, 'filters' => $filters));
}
