public function actionRegistration()
{
// When we overrie the registrationUrl, this one is not valid anymore!
if (Yum::module('registration')->registrationUrl != array('//registration/registration/registration')) {
throw new CHttpException(403);
}
Yii::import('application.modules.profile.models.*');
$form = new YumRegistrationForm();
$profile = new YumProfile();
$this->performAjaxValidation('YumRegistrationForm', $form);
if (isset($_POST['YumRegistrationForm'])) {
$form->attributes = $_POST['YumRegistrationForm'];
$profile->attributes = $_POST['YumProfile'];
$form->validate();
$profile->validate();
if (!$form->hasErrors() && !$profile->hasErrors()) {
$user = new YumUser();
$user->register($form->username, $form->password, $profile->email);
$profile->user_id = $user->id;
$profile->save();
$this->sendRegistrationEmail($user);
Yum::setFlash('Thank you for your registration. Please check your email.');
$this->redirect(Yum::module()->loginUrl);
}
}
$this->render(Yum::module()->registrationView, array('form' => $form, 'profile' => $profile));
}
public function authenticateLdap()
{
if (!($settings = YumSettings::model()->find('is_active'))) {
throw new ExceptionClass('No active YUM-Settings profile found');
}
$ds = @ldap_connect($settings->ldap_host, $settings->ldap_port);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $settings->ldap_protocol);
if ($settings->ldap_tls == 1) {
ldap_start_tls($ds);
}
if (!@ldap_bind($ds)) {
throw new Exception('OpenLDAP: Could not connect to LDAP-Server');
}
if ($r = ldap_search($ds, $settings->ldap_basedn, '(uid=' . $this->username . ')')) {
$result = @ldap_get_entries($ds, $r);
if ($result[0] && @ldap_bind($ds, $result[0]['dn'], $this->password)) {
$user = YumUser::model()->find('username=:username', array(':username' => $this->username));
if ($user == NULL) {
if ($settings->ldap_autocreate == 1) {
$user = new YumUser();
$user->username = $this->username;
if ($settings->ldap_transfer_pw == 1) {
$user->password = YumEncrypt::encrypt($this->password);
}
$user->lastpasswordchange = 0;
$user->activationKey = '';
$user->superuser = 0;
$user->createtime = time();
$user->status = 1;
if ($user->save(false)) {
if (Yum::module()->enableProfiles) {
$profile = new YumProfile();
$profile->user_id = $user->id;
$profile->privacy = 'protected';
if ($settings->ldap_transfer_attr == 1) {
$profile->email = $result[0]['mail'][0];
$profile->lastname = $result[0]['sn'][0];
$profile->firstname = $result[0]['givenname'][0];
$profile->street = $result[0]['postaladdress'][0];
$profile->city = $result[0]['l'][0];
}
$profile->save(false);
}
} else {
return !($this->errorCode = self::ERROR_PASSWORD_INVALID);
}
} else {
return !($this->errorCode = self::ERROR_PASSWORD_INVALID);
}
}
$this->id = $user->id;
$this->setState('id', $user->id);
$this->username = $user->username;
$this->user = $user;
return !($this->errorCode = self::ERROR_NONE);
}
}
return !($this->errorCode = self::ERROR_PASSWORD_INVALID);
}
public function actionRegistration()
{
Yii::import('application.modules.profile.models.*');
$profile = new YumProfile();
if (isset($_POST['Profile'])) {
$profile->attributes = $_POST['YumProfile'];
if ($profile->save()) {
$user = new YumUser();
}
$password = YumUser::generatePassword();
// we generate a dummy username here, since yum requires one
$user->register(md5($profile->email), $password, $profile);
$this->sendRegistrationEmail($user, $password);
Yum::setFlash('Thank you for your registration. Please check your email.');
$this->redirect(Yum::module()->loginUrl);
}
$this->render('/registration/registration', array('profile' => $profile));
}
public function loginByFacebook()
{
if (!Yum::module()->loginType & UserModule::LOGIN_BY_FACEBOOK) {
throw new Exception('actionFacebook was called, but is not activated in application configuration');
}
Yii::app()->user->logout();
Yii::import('application.modules.user.vendors.facebook.*');
$facebook = new Facebook(Yum::module()->facebookConfig);
$fb_uid = $facebook->getUser();
if ($fb_uid) {
$profile = YumProfile::model()->findByAttributes(array('facebook_id' => $fb_uid));
$user = $profile ? YumUser::model()->findByPk($profile->user_id) : null;
try {
$fb_user = $facebook->api('/me');
if (isset($fb_user['email'])) {
$profile = YumProfile::model()->findByAttributes(array('email' => $fb_user['email']));
} else {
return false;
}
if ($user === null && $profile === null) {
// New account
$user = new YumUser();
$user->username = '******' . YumRegistrationForm::genRandomString(Yum::module()->usernameRequirements['maxLen'] - 3);
$user->password = YumUser::encrypt(YumUserChangePassword::createRandomPassword());
$user->activationKey = YumUser::encrypt(microtime() . $user->password);
$user->createtime = time();
$user->superuser = 0;
if ($user->save()) {
$profile = new YumProfile();
$profile->user_id = $user->id;
$profile->facebook_id = $fb_user['id'];
$profile->email = $fb_user['email'];
$profile->save(false);
}
} else {
//No superuser account can log in using Facebook
$user = $profile->user;
if ($user->superuser) {
Yum::log('A superuser tried to login by facebook', 'error');
return false;
}
//Current account and FB account blending
$profile->facebook_id = $fb_uid;
$profile->save(false);
$user->username = '******' . YumRegistrationForm::genRandomString(Yum::module()->usernameRequirements['maxLen'] - 3);
$user->superuser = 0;
$user->save();
}
$identity = new YumUserIdentity($fb_uid, $user->id);
$identity->authenticateFacebook(true);
switch ($identity->errorCode) {
case YumUserIdentity::ERROR_NONE:
$duration = 3600 * 24 * 30;
//30 days
Yii::app()->user->login($identity, $duration);
Yum::log('User ' . $user->username . ' logged in via facebook');
return $user;
break;
case YumUserIdentity::ERROR_STATUS_INACTIVE:
$user->addError('status', Yum::t('Your account is not activated.'));
break;
case YumUserIdentity::ERROR_STATUS_BANNED:
$user->addError('status', Yum::t('Your account is blocked.'));
break;
case YumUserIdentity::ERROR_PASSWORD_INVALID:
Yum::log(Yum::t('Failed login attempt for {username} via facebook', array('{username}' => $user->username)), 'error');
$user->addError('status', Yum::t('Password incorrect.'));
break;
}
return false;
} catch (FacebookApiException $e) {
/* FIXME: Workaround for avoiding the 'Error validating access token.'
* inmediatly after a user logs out. This is nasty. Any other
* approach to solve this issue is more than welcomed.
*/
Yum::log('Failed login attempt for ' . $user->username . ' via facebook', 'error');
return false;
}
} else {
return false;
}
}
/**
* Creates a new User.
*/
public function actionCreate() {
$model = new YumUser;
if(Yum::hasModule('profile'))
$profile = new YumProfile;
$passwordform = new YumUserChangePassword;
// When opening a empty user creation mask, we most probably want to
// insert an _active_ user
if(!isset($model->status))
$model->status = 1;
if(isset($_POST['YumUser'])) {
$model->attributes=$_POST['YumUser'];
if(Yum::hasModule('role'))
$model->roles = Relation::retrieveValues($_POST);
if(Yum::hasModule('profile') && isset($_POST['YumProfile']) )
$profile->attributes = $_POST['YumProfile'];
if(isset($_POST['YumUserChangePassword'])) {
if($_POST['YumUserChangePassword']['password'] == '') {
$password = YumUser::generatePassword();
$model->setPassword($password);
Yum::setFlash(Yum::t('The generated Password is {password}', array(
'{password}' => $password)));
} else {
$passwordform->attributes = $_POST['YumUserChangePassword'];
if($passwordform->validate())
$model->setPassword($_POST['YumUserChangePassword']['password']);
}
}
$model->activationKey = YumUser::encrypt(microtime() . $model->password);
if($model->username == '' && isset($profile))
$model->username = $profile->email;
$model->validate();
if(isset($profile))
$profile->validate();
if(!$model->hasErrors()
&& !$passwordform->hasErrors()) {
$model->save();
if(isset($profile)) {
$profile->user_id = $model->id;
$profile->save(array('user_id'), false);
}
Yii::import('application.modules.registration.controllers.YumRegistrationController');
YumRegistrationController::sendRegistrationEmail($model);
$this->redirect(array('view', 'id'=>$model->id));
}
}
$this->render('create',array(
'model' => $model,
'passwordform' => $passwordform,
'profile' => isset($profile) ? $profile : null,
));
}
/**
* Creates a new User.
*/
public function actionCreate()
{
$user = new YumUser();
if (Yum::hasModule('profile')) {
$profile = new YumProfile();
}
$passwordform = new YumUserChangePassword();
// When opening a empty user creation mask, we most probably want to
// insert an _active_ user
if (!$user->status) {
$user->status = 1;
}
if (isset($_POST['YumUser'])) {
$user->attributes = $_POST['YumUser'];
if (isset($_POST['YumUserChangePassword'])) {
if ($_POST['YumUserChangePassword']['password'] == '') {
Yii::import('user.components.EPasswordGenerator');
$generatorOptions = Yum::module()->passwordGeneratorOptions;
$password = EPasswordGenerator::generate($generatorOptions['length'], $generatorOptions['capitals'], $generatorOptions['numerals'], $generatorOptions['symbols']);
$user->setPassword($password);
Yum::setFlash(Yum::t('The generated Password is {password}', array('{password}' => $password)));
} else {
$passwordform->attributes = $_POST['YumUserChangePassword'];
if ($passwordform->validate()) {
$user->setPassword($_POST['YumUserChangePassword']['password']);
}
}
}
$user->validate();
if (Yum::hasModule('profile') && isset($_POST['YumProfile'])) {
$profile->attributes = $_POST['YumProfile'];
}
if (!$user->hasErrors()) {
$user->activationKey = CPasswordHelper::hashPassword(microtime() . $user->password, Yum::module()->passwordHashCost);
if ($user->username == '' && isset($profile)) {
$user->username = $profile->email;
}
if (isset($profile)) {
$profile->validate();
}
if (!$user->hasErrors() && !$passwordform->hasErrors()) {
$user->save();
if (isset($_POST['YumUser']['roles'])) {
$user->syncRoles($_POST['YumUser']['roles']);
} else {
$user->syncRoles();
}
if (isset($profile)) {
$profile->user_id = $user->id;
$profile->save(array('user_id'), false);
}
$this->redirect(array('view', 'id' => $user->id));
}
}
}
$this->render('create', array('user' => $user, 'passwordform' => $passwordform, 'profile' => isset($profile) ? $profile : null));
}
public function registerByHybridAuth($hybridAuthProfile)
{
Yii::import('user.profile.models.*');
$profile = new YumProfile();
$profile->firstname = $hybridAuthProfile->firstName;
$profile->lastname = $hybridAuthProfile->lastName;
$profile->email = $hybridAuthProfile->email;
$this->username = $hybridAuthProfile->email;
$this->status = 1;
$this->createtime = time();
$this->password = md5(time());
// obfuscated password
$this->save(false);
$profile->user_id = $this->id;
$profile->save(false);
if (Yum::hasModule('role')) {
foreach (Yum::module('registration')->defaultHybridAuthRoles as $role) {
Yii::app()->db->createCommand(sprintf('insert into %s (user_id, role_id) values(%s, %s)', Yum::module('role')->userRoleTable, $this->id, $role))->execute();
}
}
return true;
}
public static function import($data, $delimiter = ',', $enclosure = '"', $escape = '\\', $roles = '')
{
if (!$data) {
throw new CException('No data given');
}
$rows = explode("\n", $data);
$firstrow = str_getcsv($rows[0], $delimiter, $enclosure, $escape);
$attributes = array();
$i = 0;
foreach ($firstrow as $row) {
$attributes[$i] = $row;
$i++;
}
unset($rows[0]);
foreach ($rows as $row) {
$values = str_getcsv($row, $delimiter, $enclosure, $escape);
$user = YumUser::model()->findByPk($values[0]);
// Update existing User
if ($user) {
$profile = $user->profile;
foreach ($attributes as $key => $attribute) {
if (isset($user->{$attribute}) && isset($values[$key])) {
$user->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE);
} else {
if (isset($profile->{$attribute}) && isset($values[$key])) {
$profile->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE);
}
}
}
$user->save(false);
if ($profile instanceof YumProfile) {
$profile->save(false);
}
if ($roles) {
foreach (explode(',', $roles) as $role) {
$user->assignRole(trim($role));
}
}
} else {
if (!$user) {
// Create new User
$user = new YumUser();
$profile = new YumProfile();
foreach ($attributes as $key => $attribute) {
if (isset($user->{$attribute}) && isset($values[$key])) {
$user->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE);
} else {
if (isset($profile->{$attribute}) && isset($values[$key])) {
$profile->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE);
}
}
}
$user->id = $values[0];
if (!$user->username && $profile->email) {
$user->username = $profile->email;
}
if (!$user->status) {
$user->status = 1;
}
$user->createtime = time();
if ($user->username) {
$user->save(false);
$profile->user_id = $user->id;
$profile->save(false);
}
}
}
}
}
