public function checkexists($attribute, $params)
{
$user = null;
// we only want to authenticate when there are no input errors so far
if (!$this->hasErrors()) {
if (strpos($this->login_or_email, "@")) {
$profile = YumProfile::model()->findByAttributes(array('email' => $this->login_or_email));
$this->user = $profile && $profile->user && $profile->user instanceof YumUser ? $profile->user : null;
} else {
$this->user = YumUser::model()->findByAttributes(array('username' => $this->login_or_email));
}
}
}
public function actionDelete()
{
$this->layout = Yum::module()->adminLayout;
if (Yii::app()->request->isPostRequest) {
// we only allow deletion via POST request
$model = $this->loadModel('YumProfileField');
$sql = 'ALTER TABLE ' . YumProfile::model()->tableName() . ' DROP `' . $model->varname . '`';
if ($model->dbConnection->createCommand($sql)->execute()) {
$model->delete();
}
if (!isset($_POST['ajax'])) {
$this->redirect(array('index'));
}
} else {
throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
}
}
public function authenticate($without_password = false)
{
$user = YumUser::model()->find('username = :username', array(':username' => $this->username));
// try to authenticate via email
if (Yum::hasModule('profile') && Yum::module()->loginType & UserModule::LOGIN_BY_EMAIL && !$user) {
if ($profile = YumProfile::model()->find('email = :email', array(':email' => $this->username))) {
if ($profile->user) {
$user = $profile->user;
}
}
}
if (!$user) {
return self::ERROR_STATUS_USER_DOES_NOT_EXIST;
}
if ($user->status == YumUser::STATUS_INACTIVE) {
$this->errorCode = self::ERROR_STATUS_INACTIVE;
} else {
if ($user->status == YumUser::STATUS_BANNED) {
$this->errorCode = self::ERROR_STATUS_BANNED;
} else {
if ($user->status == YumUser::STATUS_REMOVED) {
$this->errorCode = self::ERROR_STATUS_REMOVED;
} else {
if ($without_password) {
$this->credentialsConfirmed($user);
} else {
if (!CPasswordHelper::verifyPassword($this->password, $user->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->credentialsConfirmed($user);
}
}
}
}
}
return !$this->errorCode;
}
/**
* Password recovery routine. The User will receive an email with an
* activation link. If clicked, he will be prompted to enter his new
* password.
*/
public function actionRecovery($email = null, $key = null)
{
$form = new YumPasswordRecoveryForm();
if ($email != null && $key != null) {
if ($profile = YumProfile::model()->find('email = :email', array('email' => $email))) {
$user = $profile->user;
if ($user->status <= 0) {
throw new CHttpException(403, 'User is not active');
} else {
if ($user->activationKey == urldecode($key)) {
$passwordform = new YumUserChangePassword();
if (isset($_POST['YumUserChangePassword'])) {
$passwordform->attributes = $_POST['YumUserChangePassword'];
if ($passwordform->validate()) {
$user->setPassword($passwordform->password);
$user->activationKey = CPasswordHelper::hashPassword(microtime() . $passwordform->password, Yum::module()->passwordHashCost);
$user->save();
Yum::setFlash('Your new password has been saved.');
if (Yum::module('registration')->loginAfterSuccessfulRecovery) {
$login = new YumUserIdentity($user->username, false);
$login->authenticate(true);
Yii::app()->user->login($login);
$this->redirect(Yii::app()->homeUrl);
} else {
$this->redirect(Yum::module()->loginUrl);
}
}
}
$this->render(Yum::module('registration')->changePasswordView, array('form' => $passwordform));
Yii::app()->end();
} else {
$form->addError('login_or_email', Yum::t('Invalid recovery key'));
Yum::log(Yum::t('Someone tried to recover a password, but entered a wrong recovery key. Email is {email}, associated user is {username} (id: {uid})', array('{email}' => $email, '{uid}' => $user->id, '{username}' => $user->username)));
}
}
}
} else {
if (isset($_POST['YumPasswordRecoveryForm'])) {
$form->attributes = $_POST['YumPasswordRecoveryForm'];
if ($form->validate()) {
if ($form->user instanceof YumUser) {
if ($form->user->status <= 0) {
throw new CHttpException(403, 'User is not active');
}
$form->user->generateActivationKey();
$recovery_url = $this->createAbsoluteUrl(Yum::module('registration')->recoveryUrl[0], array('key' => urlencode($form->user->activationKey), 'email' => $form->user->profile->email));
Yum::log(Yum::t('{username} successfully requested a new password in the password recovery form. A email with the password recovery url {recovery_url} has been sent to {email}', array('{email}' => $form->user->profile->email, '{recovery_url}' => $recovery_url, '{username}' => $form->user->username)));
$mail = array('from' => Yii::app()->params['adminEmail'], 'to' => $form->user->profile->email, 'subject' => 'You requested a new password', 'body' => strtr('You have requested a new password. Please use this URL to continue: {recovery_url}', array('{recovery_url}' => $recovery_url)));
$sent = YumMailer::send($mail);
Yum::setFlash('Instructions have been sent to you. Please check your email.');
} else {
Yum::log(Yum::t('A password has been requested, but no associated user was found in the database. Requested user/email is: {username}', array('{username}' => $form->login_or_email)));
}
$this->redirect(Yum::module()->loginUrl);
}
}
}
$this->render(Yum::module('registration')->recoverPasswordView, array('form' => $form));
}
public function loginByEmail()
{
if (Yum::hasModule('profile')) {
Yii::import('application.modules.profile.models.*');
$profile = YumProfile::model()->find('email = :email', array(':email' => $this->loginForm->username));
if ($profile && $profile->user) {
return $this->authenticate($profile->user);
}
} else {
throw new CException(Yum::t('The profile submodule must be enabled to allow login by Email'));
}
}
public function authenticate($without_password = false)
{
$user = YumUser::model()->find('username = :username', array(
':username' => $this->username));
// try to authenticate via email
if(!$user && (Yum::module()->loginType & 2) && Yum::hasModule('profile')) {
if($profile = YumProfile::model()->find('email = :email', array(
':email' => $this->username)))
if($profile->user)
$user = $profile->user;
}
if(!$user)
return self::ERROR_STATUS_USER_DOES_NOT_EXIST;
if($without_password)
$this->credentialsConfirmed($user);
else if(YumUser::encrypt($this->password)!==$user->password)
$this->errorCode=self::ERROR_PASSWORD_INVALID;
else if($user->status == YumUser::STATUS_INACTIVE)
$this->errorCode=self::ERROR_STATUS_INACTIVE;
else if($user->status == YumUser::STATUS_BANNED)
$this->errorCode=self::ERROR_STATUS_BANNED;
else if($user->status == YumUser::STATUS_REMOVED)
$this->errorCode=self::ERROR_STATUS_REMOVED;
else
$this->credentialsConfirmed($user);
return !$this->errorCode;
}
/**
* Activation of an user account.
* If everything is set properly, and the emails exists in the database,
* and is associated with a correct user, and this user has the status
* NOTACTIVE and the given activationKey is identical to the one in the
* database then generate a new Activation key to avoid double activation,
* set the status to ACTIVATED and save the data
* Error Codes:
* -1 : User is not inactive, it can not be activated
* -2 : Wrong activation key
* -3 : Profile found, but no user - database inconsistency?
*/
public static function activate($email, $key)
{
Yii::import('application.modules.profile.models.*');
if ($profile = YumProfile::model()->find("email = :email", array(':email' => $email))) {
if ($user = $profile->user) {
if ($user->status != self::STATUS_INACTIVE) {
return -1;
}
if ($user->activationKey == $key) {
$user->activationKey = $user->generateActivationKey(true);
$user->status = self::STATUS_ACTIVE;
if ($user->save(false, array('activationKey', 'status'))) {
Yum::log(Yum::t('User {username} has been activated', array('{username}' => $user->username)));
if (Yum::hasModule('messages') && Yum::module('registration')->enableActivationConfirmation) {
Yii::import('application.modules.messages.models.YumMessage');
YumMessage::write($user, 1, Yum::t('Your activation succeeded'), strtr('The activation of the account {username} succeeded. Please use <a href="{link_login}">this link</a> to go to the login page', array('{username}' => $user->username, '{link_login}' => Yii::app()->controller->createUrl('//user/user/login'))));
}
return $user;
}
} else {
return -2;
}
} else {
return -3;
}
}
return false;
}
/**
* Password recovery routine. The User will receive an email with an
* activation link. If clicked, he will be prompted to enter his new
* password.
*/
public function actionRecovery($email = null, $key = null) {
$form = new YumPasswordRecoveryForm;
if ($email != null && $key != null) {
if($profile = YumProfile::model()->find('email = :email', array(
'email' => $email))) {
$user = $profile->user;
if($user->activationKey == $key) {
$passwordform = new YumUserChangePassword;
if (isset($_POST['YumUserChangePassword'])) {
$passwordform->attributes = $_POST['YumUserChangePassword'];
if ($passwordform->validate()) {
$user->password = YumUser::encrypt($passwordform->password);
$user->activationKey = YumUser::encrypt(microtime() . $passwordform->password);
$user->save();
Yum::setFlash('Your new password has been saved.');
$this->redirect(Yum::module()->loginUrl);
}
}
$this->render(
Yum::module('registration')->changePasswordView, array(
'form' => $passwordform));
Yii::app()->end();
} else {
$form->addError('login_or_email', Yum::t('Invalid recovery key'));
Yum::log(Yum::t(
'Someone tried to recover a password, but entered a wrong recovery key. Email is {email}, associated user is {username} (id: {uid})', array(
'{email}' => $email,
'{uid}' => $user->id,
'{username}' => $user->username)));
}
}
} else {
if (isset($_POST['YumPasswordRecoveryForm'])) {
$form->attributes = $_POST['YumPasswordRecoveryForm'];
if ($form->validate()) {
Yum::setFlash(
'Instructions have been sent to you. Please check your email.');
if($form->user instanceof YumUser) {
$form->user->generateActivationKey();
$recovery_url = $this->createAbsoluteUrl(
Yum::module('registration')->recoveryUrl[0], array(
'key' => $form->user->activationKey,
'email' => $form->user->profile->email));
Yum::log(Yum::t(
'{username} successfully requested a new password in the password recovery form. A email with the password recovery url {recovery_url} has been sent to {email}', array(
'{email}' => $form->user->profile->email,
'{recovery_url}' => $recovery_url,
'{username}' => $form->user->username)));
$content = YumTextSettings::model()->find(
'language = :lang', array('lang' => Yii::app()->language));
$sent = null;
if (is_object($content)) {
$mail = array(
'from' => Yii::app()->params['adminEmail'],
'to' => $form->user->profile->email,
'subject' => $content->subject_email_registration,
'body' => strtr($content->text_email_recovery, array(
'{recovery_url}' => $recovery_url)),
);
$sent = YumMailer::send($mail);
} else {
throw new CException(Yum::t('The messages for your application language are not defined.'));
}
} else
Yum::log(Yum::t(
'A password has been requested, but no associated user was found in the database. Requested user/email is: {username}', array(
'{username}' => $form->login_or_email)));
$this->redirect(Yum::module()->loginUrl);
}
}
}
$this->render(Yum::module('registration')->recoverPasswordView, array(
'form' => $form));
}
/**
* Activation of an user account.
* If everything is set properly, and the emails exists in the database,
* and is associated with a correct user, and this user has the status
* NOTACTIVE and the given activationKey is identical to the one in the
* database then generate a new Activation key to avoid double activation,
* set the status to ACTIVATED and save the data
* Error Codes:
* -1 : User is not inactive, it can not be activated
* -2 : Wrong activation key
* -3 : Profile found, but no user - database inconsistency?
*/
public static function activate($email, $key)
{
Yii::import('application.modules.profile.models.*');
if ($profile = YumProfile::model()->find("email = :email", array(
':email' => $email))
) {
if ($user = $profile->user) {
if ($user->status != self::STATUS_INACTIVE)
return -1;
if ($user->activationKey == $key) {
$user->activationKey = $user->generateActivationKey(true);
$user->status = self::STATUS_ACTIVE;
if ($user->save(false, array('activationKey', 'status'))) {
Yum::log(Yum::t('User {username} has been activated', array(
'{username}' => $user->username)));
if (Yum::hasModule('messages')
&& Yum::module('registration')->enableActivationConfirmation
) {
Yii::import('application.modules.messages.models.YumMessage');
YumMessage::write($user, 1,
Yum::t('Your activation succeeded'),
YumTextSettings::getText('text_email_activation', array(
'{username}' => $user->username,
'{link_login}' =>
Yii::app()->controller->createUrl('//user/user/login'))));
}
return $user;
}
} else return -2;
} else return -3;
}
return false;
}
public function loginByHybridAuth($provider)
{
if (!Yum::module()->loginType & UserModule::LOGIN_BY_HYBRIDAUTH) {
throw new CException(400, 'Hybrid authentification is not allowed');
}
if (!Yum::hasModule('profile')) {
throw new CException(400, 'Hybrid auth needs the profile submodule to be enabled');
}
Yii::import('user.vendors.hybridauth.Hybrid.Auth', true);
Yii::import('user.profile.models.*');
require_once Yum::module()->hybridAuthConfigFile;
try {
$hybridauth = new Hybrid_Auth(Yum::module()->hybridAuthConfigFile);
$providers = Yum::module()->hybridAuthProviders;
if (count($providers) == 0) {
throw new CException('No Hybrid auth providers enabled in configuration file');
}
if (!in_array($provider, $providers)) {
throw new CException('Requested provider is not enabled in configuration file');
}
$success = $hybridauth->authenticate($provider);
if ($success && $success->isUserConnected()) {
// User found and authenticated at foreign party. Is he already
// registered at our application?
$hybridAuthProfile = $success->getUserProfile();
$user = $this->getUserByEmail($hybridAuthProfile->email);
if (!$user && !YumProfile::model()->findByAttributes(array('email' => $hybridAuthProfile->email))) {
// No, he is not, so we register the user and sync the profile fields
$user = new YumUser();
if (!$user->registerByHybridAuth($hybridAuthProfile)) {
Yum::setFlash(Yum::t('Registration by external provider failed'));
$this->redirect(Yum::module()->returnUrl);
} else {
Yum::setFlash('Registration successful');
}
}
$identity = new YumUserIdentity($user->username, null);
if ($identity->authenticate(true)) {
Yum::log(Yum::t('User {username} logged in by hybrid {provider}', array('{username}' => $hybridAuthProfile->displayName, '{email}' => $hybridAuthProfile->displayName, '{provider}' => $provider)));
Yii::app()->user->login($identity, Yum::module()->cookieDuration);
} else {
Yum::setFlash(Yum::t('Login by external provider failed'));
}
$this->redirect(Yum::module()->returnUrl);
}
} catch (Exception $e) {
if (Yum::module()->debug) {
throw new CException($e->getMessage());
} else {
throw new CHttpException(403, Yum::t('Permission denied'));
}
}
}
