Ejemplo n.º 1
0
 /**
  * Action called to post values of a new user.
  */
 public function postnewAction()
 {
     // TODO prevent CSRF
     $this->secure('admin');
     $user = new App_Model_User();
     $user->setUsername($_POST['username']);
     $user->setPassword($_POST['password']);
     $user->setFirstname($_POST['firstname']);
     $user->setLastname($_POST['lastname']);
     $user->setIsAdmin($_POST['is_admin'] == 'on');
     $user->setEmail($_POST['email']);
     if (0 === count($user->isValid())) {
         $user->save();
         return redirect_to('/admin/users');
     } else {
         $errors = '';
         foreach ($user->isValid() as $error) {
             $errors .= $error . "<br />";
         }
         flash_now('error', $errors);
         return $this->createAction();
     }
 }
Ejemplo n.º 2
0
 public function createAction()
 {
     if (!$this->getUser()->getIsSuperAdmin()) {
         $this->addFlashMessageNotice('Only super admins may create new users');
         $this->_redirect($this->getUrl(array(), 'admin_view_users'));
     }
     $this->view->page_heading = 'Create New User';
     $form = new Admin_Form_CreateUser();
     $this->view->form = $form;
     if (!$this->getRequest()->isPost()) {
         return;
     }
     $is_form_valid = $form->isValid($this->getRequest()->getPost());
     if ($form->password->getValue() != $form->password_confirm->getValue()) {
         $form->password_confirm->addError('This does not match the other password given');
         $is_form_valid = false;
     }
     if ($is_form_valid) {
         $user = new App_Model_User();
         $user->setEmail($form->email->getValue());
         $user->setPassword($form->password->getValue());
         $user->setIsSuperAdmin(false);
         try {
             $this->getDb()->persist($user);
             $this->getDb()->flush();
             $this->addFlashMessageSuccess('New user has been created successfully');
             $this->_redirect($this->getUrl(array(), 'admin_view_users'));
         } catch (PDOException $e) {
             $dbException = new App_Model_DBExceptionDecorator($e);
             if ($dbException->isDuplicateKeyViolation()) {
                 $form->email->addError('A user with that email address already exists');
             } else {
                 throw $e;
             }
         }
     }
 }