/** * Update ['pwd'] in Viewer object and save object * * @return object $this */ protected function saveNewPassword() { $this->email = $this->Registry->Viewer['email']; $this->username = $this->Registry->Viewer['username']; $this->newPwd = $this->Request['pwd1']; $this->Registry->Viewer['pwd'] = String::hashPassword($this->newPwd); $this->Registry->Viewer->save(); return $this; }
/** * * Create new record in USERS collection, * * @return object $this */ protected function createNewUser() { $coll = $this->Registry->Mongo->USERS; $coll->ensureIndex(array('username_lc' => 1), array('unique' => true)); /** * Cannot make email unique index because external users * don't have email, and then value counts as null * and multiple null values count as duplicate! * */ $coll->ensureIndex(array('email' => 1)); $coll->ensureIndex(array('role' => 1)); /** * Indexes for managing 3 types * of following */ $coll->ensureIndex(array('a_f_t' => 1)); $coll->ensureIndex(array('a_f_u' => 1)); $coll->ensureIndex(array('a_f_q' => 1)); $sid = \Lampcms\Cookie::getSidCookie(); $aData['username'] = $this->username; $aData['username_lc'] = strtolower($this->username); $aData['email'] = $this->email; $aData['rs'] = false !== $sid ? $sid : \Lampcms\String::makeSid(); $aData['role'] = $this->getRole(); $aData['tz'] = \Lampcms\TimeZone::getTZbyoffset($this->Request->get('tzo')); $aData['pwd'] = String::hashPassword($this->pwd); $aData['i_reg_ts'] = time(); $aData['date_reg'] = date('r'); $aData['i_fv'] = false !== ($intFv = \Lampcms\Cookie::getSidCookie(true)) ? $intFv : time(); $aData['lang'] = $this->Registry->getCurrentLang(); $aData['locale'] = $this->Registry->Locale->getLocale(); /** * Initial amount of profit point is always 1 * @var int */ $aData['i_pp'] = 0; $aUser = array_merge($this->Registry->Geo->Location->data, $aData); d('aUser: '******'id: ' . $User['_id']); $this->processLogin($User); \Lampcms\PostRegistration::createReferrerRecord($this->Registry, $User); return $this; }
/** * * Update USERS collection with the * new value of salted password * * @internal param string $pwd * @internal param int $uid * * @return object $this */ protected function savePassword() { d('$this->newPwd: ' . $this->newPwd); $uid = $this->Router->getNumber(1); $salted = String::hashPassword($this->newPwd); $newdata = array('$set' => array(Schema::PASSWORD => $salted)); $this->Registry->Mongo->USERS->update(array(Schema::PRIMARY => (int) $uid), $newdata); return $this; }
/** * * Update USERS collection with the * new value of salted password * * @param string $pwd * @param int $uid * * @return object $this */ protected function savePassword() { d('$this->newPwd: ' . $this->newPwd); $salted = String::hashPassword($this->newPwd); $newdata = array('$set' => array("pwd" => $salted)); $this->Registry->Mongo->USERS->update(array('_id' => (int) $this->Request['uid']), $newdata); return $this; }
/** * * What if email address provided from Facebook * already belongs to some other user? * * This would mean that existing user is just * trying to signup with Facebook. * * In this case we should allow it but ONLY create * a record in the USERS_FACEBOOK table and use users_id * of use that we find by email address * * and then also insert avatar_external into USERS * * @todo create username for user based on Facebook username * Facebook does not really have username, so we can use fn_ln * */ protected function createNewUser() { $extAuth = new \Lampcms\ExternalAuth($this->Registry); d('cp'); $this->Registry->Mongo->USERS->ensureIndex(array('fb_id' => 1)); /** * Time zone offset in seconds * * @var int */ if (array_key_exists('timezone', $this->aFbUserData)) { $timezone = TimeZone::getTZbyoffset($this->aFbUserData['timezone'] * 3600); } elseif (false !== ($tzn = Cookie::get('tzn'))) { $timezone = $tzn; } else { $timezone = $this->Registry->Ini->SERVER_TIMEZONE; } /** * User language * * @var string */ $lang = !empty($this->aFbUserData['locale']) ? \strtolower(\substr($this->aFbUserData['locale'], 0, 2)) : $this->Registry->getCurrentLang(); /** * User locale * * @var string */ $locale = !empty($this->aFbUserData['locale']) ? $this->aFbUserData['locale'] : $this->Registry->Locale->getLocale(); $this->tempPassword = String::makePasswd(); /** * Sid value use existing cookie val * if possible, otherwise create a new one * * @var string */ $sid = false === ($sid = Cookie::getSidCookie()) ? String::makeSid() : $sid; $displayName = !empty($this->aFbUserData['name']) ? $this->aFbUserData['name'] : $this->aFbUserData['first_name'] . ' ' . $this->aFbUserData['last_name']; $username = $extAuth->makeUsername($displayName, true); if (!array_key_exists('email', $this->aFbUserData)) { /** * @todo if this becomes a common problem * then we need to ask user for an email address * at step 2 of registration, just like for Twitter users * And the 'role' will then be different like 'unactivated_external' */ e('No email in Facebook data: ' . print_r($this->aFbUserData, 1)); $email = ''; } else { $email = \mb_strtolower($this->aFbUserData['email']); } /** * Create new record in USERS table * do this first because we need uid from * newly created record */ $aUser = array('username' => $username, 'username_lc' => \mb_strtolower($username, 'utf-8'), 'fn' => $this->aFbUserData['first_name'], 'ln' => $this->aFbUserData['last_name'], 'rs' => $sid, 'email' => $email, 'fb_id' => (string) $this->aFbUserData['id'], 'fb_token' => $this->aFbUserData['token'], 'pwd' => String::hashPassword($this->tempPassword), 'avatar_external' => 'http://graph.facebook.com/' . $this->aFbUserData['id'] . '/picture', 'i_reg_ts' => time(), 'date_reg' => date('r'), 'role' => 'external_auth', 'lang' => $lang, 'locale' => $locale, 'i_rep' => 1, 'tz' => $timezone, 'i_fv' => false !== ($intFv = Cookie::getSidCookie(true)) ? $intFv : time()); if (!empty($this->aFbUserData['gender'])) { $aUser['gender'] = 'male' === $this->aFbUserData['gender'] ? 'M' : 'F'; } $aUser = \array_merge($this->Registry->Geo->Location->data, $aUser); if (!empty($this->aFbUserData['locale'])) { $aUser['locale'] = $this->aFbUserData['locale']; } if (!empty($this->aFbUserData['link'])) { $aUser['fb_url'] = $this->aFbUserData['link']; } d('aUser: '******'$this->User after insert: ' . print_r($this->User->getArrayCopy(), 1)); $this->Registry->Dispatcher->post($this->User, 'onNewUser'); $this->Registry->Dispatcher->post($this->User, 'onNewFacebookUser'); d('cp'); $this->saveEmailAddress(); d('cp'); \Lampcms\PostRegistration::createReferrerRecord($this->Registry, $this->User); return $this; }
/** * * Create new record in USERS collection, * * @return object $this */ protected function createNewUser() { $coll = $this->Registry->Mongo->USERS; $coll->ensureIndex(array(Schema::USERNAME_LOWERCASE => 1), array('unique' => true)); /** * Cannot make email unique index because external users * don't have email, and then value counts as null * and multiple null values count as duplicate! * */ $coll->ensureIndex(array(Schema::EMAIL => 1)); $coll->ensureIndex(array(Schema::ROLE => 1)); /** * Indexes for managing 3 types * of following */ $coll->ensureIndex(array('a_f_t' => 1)); $coll->ensureIndex(array('a_f_u' => 1)); $coll->ensureIndex(array('a_f_q' => 1)); $sid = Cookie::getSidCookie(); if (false !== ($tzn = Cookie::get('tzn'))) { $timezone = $tzn; } else { $timezone = $this->Registry->Ini->SERVER_TIMEZONE; } $aData[Schema::USERNAME] = $this->username; $aData[Schema::USERNAME_LOWERCASE] = \mb_strtolower($this->username); $aData[Schema::EMAIL] = $this->email; $aData[Schema::SID] = false !== $sid ? $sid : \Lampcms\String::makeSid(); $aData[Schema::ROLE] = $this->getRole(); $aData[Schema::TIMEZONE] = $timezone; $aData[Schema::PASSWORD] = String::hashPassword($this->pwd); $aData[Schema::REGISTRATION_TIMESTAMP] = time(); $aData[Schema::REGISTRATION_TIME] = date('r'); $aData[Schema::FIRST_VISIT_TIMESTAMP] = false !== ($intFv = \Lampcms\Cookie::getSidCookie(true)) ? $intFv : time(); $aData[Schema::LOCALE] = $this->Registry->Locale->getLocale(); /** * Initial reputation is always 1 * * @var int */ $aData[Schema::REPUTATION] = 1; $aUser = \array_merge($this->Registry->Geo->Location->data, $aData); d('aUser: '******'new user _id: ' . $User['_id']); $this->processLogin($User); \Lampcms\PostRegistration::createReferrerRecord($this->Registry, $User); return $this; }
/** * * What if email address provided from Facebook * already belongs to some other user? * * This would mean that existing user is just * trying to signup with Facebook. * * In this case we should allow it but ONLY create * a record in the USERS_FACEBOOK table and use users_id * of use that we find by email address * * and then also insert avatar_external into USERS * * @todo create username for user based on Facebook username * Facebook does not really have username, so we can use fn_ln * */ protected function createNewUser() { $extAuth = new \Lampcms\ExternalAuth($this->Registry); d('cp'); $this->Registry->Mongo->USERS->ensureIndex(array('fb_id' => 1)); /** * Time zone offset in seconds * @var int */ $tzo = array_key_exists('timezone', $this->aFbUserData) ? $this->aFbUserData['timezone'] * 3600 : Cookie::get('tzo', 0); /** * User language * @var string */ $lang = !empty($this->aFbUserData['locale']) ? \strtolower(\substr($this->aFbUserData['locale'], 0, 2)) : $this->Registry->getCurrentLang(); /** * User locale * @var string */ $locale = !empty($this->aFbUserData['locale']) ? $this->aFbUserData['locale'] : $this->Registry->Locale->getLocale(); $this->tempPassword = String::makePasswd(); /** * Sid value use existing cookie val * if possible, otherwise create a new one * @var string */ $sid = false === ($sid = Cookie::getSidCookie()) ? String::makeSid() : $sid; $displayName = !empty($this->aFbUserData['name']) ? $this->aFbUserData['name'] : $this->aFbUserData['first_name'] . ' ' . $this->aFbUserData['last_name']; $username = $extAuth->makeUsername($displayName); /** * Create new record in USERS table * do this first because we need uid from * newly created record */ $aUser = array('username' => $username, 'username_lc' => \mb_strtolower($username, 'utf-8'), 'fn' => $this->aFbUserData['first_name'], 'ln' => $this->aFbUserData['last_name'], 'rs' => $sid, 'email' => Utf8String::factory($this->aFbUserData['email'])->toLowerCase()->valueOf(), 'fb_id' => (string) $this->aFbUserData['id'], 'fb_token' => $this->aFbUserData['token'], 'pwd' => String::hashPassword($this->tempPassword), 'avatar_external' => 'http://graph.facebook.com/' . $this->aFbUserData['id'] . '/picture', 'i_reg_ts' => time(), 'date_reg' => date('r'), 'role' => 'external_auth', 'lang' => $lang, 'i_pp' => 1, 'tz' => TimeZone::getTZbyoffset($tzo), 'i_fv' => false !== ($intFv = Cookie::getSidCookie(true)) ? $intFv : time()); if (!empty($this->aFbUserData['gender'])) { $aUser['gender'] = 'male' === $this->aFbUserData['gender'] ? 'M' : 'F'; } $aUser = \array_merge($this->Registry->Geo->Location->data, $aUser); if (!empty($this->aFbUserData['locale'])) { $aUser['locale'] = $this->aFbUserData['locale']; } if (!empty($this->aFbUserData['link'])) { $aUser['fb_url'] = $this->aFbUserData['link']; } d('aUser: '******'$this->User after insert: ' . print_r($this->User->getArrayCopy(), 1)); $this->Registry->Dispatcher->post($this->User, 'onNewUser'); $this->Registry->Dispatcher->post($this->User, 'onNewFacebookUser'); d('cp'); $this->saveEmailAddress(); d('cp'); \Lampcms\PostRegistration::createReferrerRecord($this->Registry, $this->User); return $this; }
/** * Update the viewer object * with the new values * then save the object * * @return object $this */ protected function updateViewer() { $currentRole = $this->Registry->Viewer->getRoleId(); d('$currentRole: ' . $currentRole); $this->pwd = String::makePasswd(); $pwd = String::hashPassword($this->pwd); $this->Registry->Viewer->offsetSet(Schema::EMAIL, $this->email); /** * Only change username IF this is a new registration * and username was actually submitted * * This means we don't allow to change username after * the user has already joined the site. * * This extra measure here will prevent a possible * hack where an existing user otherwise may be able * to change username */ if (!empty($this->Request['username'])) { $username = \trim($this->Request['username']); $this->Registry->Viewer->offsetSet(Schema::USERNAME, $username); $this->Registry->Viewer->offsetSet(Schema::USERNAME_LOWERCASE, \mb_strtolower($username)); /** * Set the hashed password but it will only be * set if this is a new registration (post-registration) */ $this->Registry->Viewer->offsetSet(Schema::PASSWORD, $pwd); } /** * Now sure about changing usergroup yet.... * This is not so easy because if we change to unactivated then * user will not be able to do certain things like post comments * but would have been able to do it if he decided NOT to provide * email address and to just stay as 'external' account * * We have to do a more complicated check: * If user isNewRegistration then we let such user to post comments * and resources during the first visit otherwise we will check * if user does not have email address -> ask to provide it * if user is NOT activated then ask to activate it... * * OR we can just don't treat external account as trusted account * until user provides email and activates it! * * I think the best way is to treat external account as trusted BUT * periodically check and remind user to provide email address * and to activate it... * */ /** * If current usergroup is external_users * then we change it to unactivated_external * otherwise change to unactivated * * unactivated_external have more rights that just * unactivated but we can still spot that the user * has not activated an account * and present a reminder as some point. */ $this->Registry->Viewer->setRoleId(Role::UNACTIVATED_EXTERNAL); $this->Registry->Viewer->save(); /** * * This is used in Register for sending out email */ $this->username = $this->Registry->Viewer->offsetGet(Schema::USERNAME); return $this; }