function saveWorkerPeekAction()
{
$translate = DevblocksPlatform::getTranslationService();
$active_worker = FegApplication::getActiveWorker();
if (!$active_worker || !$active_worker->is_superuser) {
return;
}
@($id = DevblocksPlatform::importGPC($_POST['id'], 'integer'));
@($view_id = DevblocksPlatform::importGPC($_POST['view_id'], 'string'));
@($first_name = DevblocksPlatform::importGPC($_POST['first_name'], 'string'));
@($last_name = DevblocksPlatform::importGPC($_POST['last_name'], 'string'));
@($title = DevblocksPlatform::importGPC($_POST['title'], 'string'));
@($email = DevblocksPlatform::importGPC($_POST['email'], 'string'));
@($password = DevblocksPlatform::importGPC($_POST['password'], 'string'));
@($is_superuser = DevblocksPlatform::importGPC($_POST['is_superuser'], 'integer', 0));
@($disabled = DevblocksPlatform::importGPC($_POST['is_disabled'], 'integer', 0));
// @$group_ids = DevblocksPlatform::importGPC($_POST['group_ids'],'array');
// @$group_roles = DevblocksPlatform::importGPC($_POST['group_roles'],'array');
@($delete = DevblocksPlatform::importGPC($_POST['do_delete'], 'integer', 0));
// [TODO] The superuser set bit here needs to be protected by ACL
if (empty($first_name)) {
$first_name = "Anonymous";
}
if (!empty($id) && !empty($delete)) {
// Can't delete or disable self
if ($active_worker->id != $id) {
DAO_Worker::delete($id);
}
} else {
if (empty($id) && null == DAO_Worker::getWhere(sprintf("%s=%s", DAO_Worker::EMAIL, Feg_ORMHelper::qstr($email)))) {
$workers = DAO_Worker::getAll();
$license = FegLicense::getInstance();
if (!empty($license) && !empty($license['serial']) || count($workers) < 3) {
// Creating new worker. If password is empty, email it to them
if (empty($password)) {
$settings = DevblocksPlatform::getPluginSettingsService();
$replyFrom = $settings->get('feg.core', FegSettings::DEFAULT_REPLY_FROM);
$replyPersonal = $settings->get('feg.core', FegSettings::DEFAULT_REPLY_PERSONAL, '');
$url = DevblocksPlatform::getUrlService();
$password = FegApplication::generatePassword(8);
}
$fields = array(DAO_Worker::EMAIL => $email, DAO_Worker::PASS => $password);
$id = DAO_Worker::create($fields);
}
}
// end create worker
// Update
$fields = array(DAO_Worker::FIRST_NAME => $first_name, DAO_Worker::LAST_NAME => $last_name, DAO_Worker::TITLE => $title, DAO_Worker::EMAIL => $email, DAO_Worker::IS_SUPERUSER => $is_superuser, DAO_Worker::IS_DISABLED => $disabled);
// if we're resetting the password
if (!empty($password)) {
$fields[DAO_Worker::PASS] = md5($password);
}
// Update worker
DAO_Worker::update($id, $fields);
// Custom field saves
@($field_ids = DevblocksPlatform::importGPC($_POST['field_ids'], 'array', array()));
DAO_CustomFieldValue::handleFormPost(FegCustomFieldSource_Worker::ID, $id, $field_ids);
}
if (!empty($view_id)) {
$view = Feg_AbstractViewLoader::getView($view_id);
$view->render();
}
}
function doRecoverStep3Action()
{
@($password = DevblocksPlatform::importGPC($_REQUEST['password'], 'string'));
$email = $_SESSION[self::KEY_FORGOT_EMAIL];
$sentcode = $_SESSION[self::KEY_FORGOT_SENTCODE];
$code = $_SESSION[self::KEY_FORGOT_CODE];
$worker = null;
$results = DAO_Worker::getWhere(sprintf("%s = %s", DAO_Worker::EMAIL, Feg_ORMHelper::qstr($email)));
if (!empty($results)) {
$worker = array_shift($results);
}
if (empty($email) || empty($code) || empty($worker)) {
return;
}
if (0 == strcmp($sentcode, $code)) {
// passed
DAO_Worker::update($worker->id, array(DAO_Worker::PASS => md5($password)));
unset($_SESSION[self::KEY_FORGOT_EMAIL]);
unset($_SESSION[self::KEY_FORGOT_CODE]);
unset($_SESSION[self::KEY_FORGOT_SENTCODE]);
DevblocksPlatform::redirect(new DevblocksHttpResponse(array('login')));
} else {
DevblocksPlatform::redirect(new DevblocksHttpResponse(array('login', 'forgot', 'step2')));
}
}
