public function actionRegistration() { // When we overrie the registrationUrl, this one is not valid anymore! if (Yum::module('registration')->registrationUrl != array('//registration/registration/registration')) { throw new CHttpException(403); } Yii::import('application.modules.profile.models.*'); $form = new YumRegistrationForm(); $profile = new YumProfile(); $this->performAjaxValidation('YumRegistrationForm', $form); if (isset($_POST['YumRegistrationForm'])) { $form->attributes = $_POST['YumRegistrationForm']; $profile->attributes = $_POST['YumProfile']; $form->validate(); $profile->validate(); if (!$form->hasErrors() && !$profile->hasErrors()) { $user = new YumUser(); $user->register($form->username, $form->password, $profile->email); $profile->user_id = $user->id; $profile->save(); $this->sendRegistrationEmail($user); Yum::setFlash('Thank you for your registration. Please check your email.'); $this->redirect(Yum::module()->loginUrl); } } $this->render(Yum::module()->registrationView, array('form' => $form, 'profile' => $profile)); }
public function authenticateLdap() { if (!($settings = YumSettings::model()->find('is_active'))) { throw new ExceptionClass('No active YUM-Settings profile found'); } $ds = @ldap_connect($settings->ldap_host, $settings->ldap_port); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $settings->ldap_protocol); if ($settings->ldap_tls == 1) { ldap_start_tls($ds); } if (!@ldap_bind($ds)) { throw new Exception('OpenLDAP: Could not connect to LDAP-Server'); } if ($r = ldap_search($ds, $settings->ldap_basedn, '(uid=' . $this->username . ')')) { $result = @ldap_get_entries($ds, $r); if ($result[0] && @ldap_bind($ds, $result[0]['dn'], $this->password)) { $user = YumUser::model()->find('username=:username', array(':username' => $this->username)); if ($user == NULL) { if ($settings->ldap_autocreate == 1) { $user = new YumUser(); $user->username = $this->username; if ($settings->ldap_transfer_pw == 1) { $user->password = YumEncrypt::encrypt($this->password); } $user->lastpasswordchange = 0; $user->activationKey = ''; $user->superuser = 0; $user->createtime = time(); $user->status = 1; if ($user->save(false)) { if (Yum::module()->enableProfiles) { $profile = new YumProfile(); $profile->user_id = $user->id; $profile->privacy = 'protected'; if ($settings->ldap_transfer_attr == 1) { $profile->email = $result[0]['mail'][0]; $profile->lastname = $result[0]['sn'][0]; $profile->firstname = $result[0]['givenname'][0]; $profile->street = $result[0]['postaladdress'][0]; $profile->city = $result[0]['l'][0]; } $profile->save(false); } } else { return !($this->errorCode = self::ERROR_PASSWORD_INVALID); } } else { return !($this->errorCode = self::ERROR_PASSWORD_INVALID); } } $this->id = $user->id; $this->setState('id', $user->id); $this->username = $user->username; $this->user = $user; return !($this->errorCode = self::ERROR_NONE); } } return !($this->errorCode = self::ERROR_PASSWORD_INVALID); }
public function actionRegistration() { Yii::import('application.modules.profile.models.*'); $profile = new YumProfile(); if (isset($_POST['Profile'])) { $profile->attributes = $_POST['YumProfile']; if ($profile->save()) { $user = new YumUser(); } $password = YumUser::generatePassword(); // we generate a dummy username here, since yum requires one $user->register(md5($profile->email), $password, $profile); $this->sendRegistrationEmail($user, $password); Yum::setFlash('Thank you for your registration. Please check your email.'); $this->redirect(Yum::module()->loginUrl); } $this->render('/registration/registration', array('profile' => $profile)); }
public function loginByFacebook() { if (!Yum::module()->loginType & UserModule::LOGIN_BY_FACEBOOK) { throw new Exception('actionFacebook was called, but is not activated in application configuration'); } Yii::app()->user->logout(); Yii::import('application.modules.user.vendors.facebook.*'); $facebook = new Facebook(Yum::module()->facebookConfig); $fb_uid = $facebook->getUser(); if ($fb_uid) { $profile = YumProfile::model()->findByAttributes(array('facebook_id' => $fb_uid)); $user = $profile ? YumUser::model()->findByPk($profile->user_id) : null; try { $fb_user = $facebook->api('/me'); if (isset($fb_user['email'])) { $profile = YumProfile::model()->findByAttributes(array('email' => $fb_user['email'])); } else { return false; } if ($user === null && $profile === null) { // New account $user = new YumUser(); $user->username = '******' . YumRegistrationForm::genRandomString(Yum::module()->usernameRequirements['maxLen'] - 3); $user->password = YumUser::encrypt(YumUserChangePassword::createRandomPassword()); $user->activationKey = YumUser::encrypt(microtime() . $user->password); $user->createtime = time(); $user->superuser = 0; if ($user->save()) { $profile = new YumProfile(); $profile->user_id = $user->id; $profile->facebook_id = $fb_user['id']; $profile->email = $fb_user['email']; $profile->save(false); } } else { //No superuser account can log in using Facebook $user = $profile->user; if ($user->superuser) { Yum::log('A superuser tried to login by facebook', 'error'); return false; } //Current account and FB account blending $profile->facebook_id = $fb_uid; $profile->save(false); $user->username = '******' . YumRegistrationForm::genRandomString(Yum::module()->usernameRequirements['maxLen'] - 3); $user->superuser = 0; $user->save(); } $identity = new YumUserIdentity($fb_uid, $user->id); $identity->authenticateFacebook(true); switch ($identity->errorCode) { case YumUserIdentity::ERROR_NONE: $duration = 3600 * 24 * 30; //30 days Yii::app()->user->login($identity, $duration); Yum::log('User ' . $user->username . ' logged in via facebook'); return $user; break; case YumUserIdentity::ERROR_STATUS_INACTIVE: $user->addError('status', Yum::t('Your account is not activated.')); break; case YumUserIdentity::ERROR_STATUS_BANNED: $user->addError('status', Yum::t('Your account is blocked.')); break; case YumUserIdentity::ERROR_PASSWORD_INVALID: Yum::log(Yum::t('Failed login attempt for {username} via facebook', array('{username}' => $user->username)), 'error'); $user->addError('status', Yum::t('Password incorrect.')); break; } return false; } catch (FacebookApiException $e) { /* FIXME: Workaround for avoiding the 'Error validating access token.' * inmediatly after a user logs out. This is nasty. Any other * approach to solve this issue is more than welcomed. */ Yum::log('Failed login attempt for ' . $user->username . ' via facebook', 'error'); return false; } } else { return false; } }
/** * Creates a new User. */ public function actionCreate() { $model = new YumUser; if(Yum::hasModule('profile')) $profile = new YumProfile; $passwordform = new YumUserChangePassword; // When opening a empty user creation mask, we most probably want to // insert an _active_ user if(!isset($model->status)) $model->status = 1; if(isset($_POST['YumUser'])) { $model->attributes=$_POST['YumUser']; if(Yum::hasModule('role')) $model->roles = Relation::retrieveValues($_POST); if(Yum::hasModule('profile') && isset($_POST['YumProfile']) ) $profile->attributes = $_POST['YumProfile']; if(isset($_POST['YumUserChangePassword'])) { if($_POST['YumUserChangePassword']['password'] == '') { $password = YumUser::generatePassword(); $model->setPassword($password); Yum::setFlash(Yum::t('The generated Password is {password}', array( '{password}' => $password))); } else { $passwordform->attributes = $_POST['YumUserChangePassword']; if($passwordform->validate()) $model->setPassword($_POST['YumUserChangePassword']['password']); } } $model->activationKey = YumUser::encrypt(microtime() . $model->password); if($model->username == '' && isset($profile)) $model->username = $profile->email; $model->validate(); if(isset($profile)) $profile->validate(); if(!$model->hasErrors() && !$passwordform->hasErrors()) { $model->save(); if(isset($profile)) { $profile->user_id = $model->id; $profile->save(array('user_id'), false); } Yii::import('application.modules.registration.controllers.YumRegistrationController'); YumRegistrationController::sendRegistrationEmail($model); $this->redirect(array('view', 'id'=>$model->id)); } } $this->render('create',array( 'model' => $model, 'passwordform' => $passwordform, 'profile' => isset($profile) ? $profile : null, )); }
/** * Creates a new User. */ public function actionCreate() { $user = new YumUser(); if (Yum::hasModule('profile')) { $profile = new YumProfile(); } $passwordform = new YumUserChangePassword(); // When opening a empty user creation mask, we most probably want to // insert an _active_ user if (!$user->status) { $user->status = 1; } if (isset($_POST['YumUser'])) { $user->attributes = $_POST['YumUser']; if (isset($_POST['YumUserChangePassword'])) { if ($_POST['YumUserChangePassword']['password'] == '') { Yii::import('user.components.EPasswordGenerator'); $generatorOptions = Yum::module()->passwordGeneratorOptions; $password = EPasswordGenerator::generate($generatorOptions['length'], $generatorOptions['capitals'], $generatorOptions['numerals'], $generatorOptions['symbols']); $user->setPassword($password); Yum::setFlash(Yum::t('The generated Password is {password}', array('{password}' => $password))); } else { $passwordform->attributes = $_POST['YumUserChangePassword']; if ($passwordform->validate()) { $user->setPassword($_POST['YumUserChangePassword']['password']); } } } $user->validate(); if (Yum::hasModule('profile') && isset($_POST['YumProfile'])) { $profile->attributes = $_POST['YumProfile']; } if (!$user->hasErrors()) { $user->activationKey = CPasswordHelper::hashPassword(microtime() . $user->password, Yum::module()->passwordHashCost); if ($user->username == '' && isset($profile)) { $user->username = $profile->email; } if (isset($profile)) { $profile->validate(); } if (!$user->hasErrors() && !$passwordform->hasErrors()) { $user->save(); if (isset($_POST['YumUser']['roles'])) { $user->syncRoles($_POST['YumUser']['roles']); } else { $user->syncRoles(); } if (isset($profile)) { $profile->user_id = $user->id; $profile->save(array('user_id'), false); } $this->redirect(array('view', 'id' => $user->id)); } } } $this->render('create', array('user' => $user, 'passwordform' => $passwordform, 'profile' => isset($profile) ? $profile : null)); }
public function registerByHybridAuth($hybridAuthProfile) { Yii::import('user.profile.models.*'); $profile = new YumProfile(); $profile->firstname = $hybridAuthProfile->firstName; $profile->lastname = $hybridAuthProfile->lastName; $profile->email = $hybridAuthProfile->email; $this->username = $hybridAuthProfile->email; $this->status = 1; $this->createtime = time(); $this->password = md5(time()); // obfuscated password $this->save(false); $profile->user_id = $this->id; $profile->save(false); if (Yum::hasModule('role')) { foreach (Yum::module('registration')->defaultHybridAuthRoles as $role) { Yii::app()->db->createCommand(sprintf('insert into %s (user_id, role_id) values(%s, %s)', Yum::module('role')->userRoleTable, $this->id, $role))->execute(); } } return true; }
public static function import($data, $delimiter = ',', $enclosure = '"', $escape = '\\', $roles = '') { if (!$data) { throw new CException('No data given'); } $rows = explode("\n", $data); $firstrow = str_getcsv($rows[0], $delimiter, $enclosure, $escape); $attributes = array(); $i = 0; foreach ($firstrow as $row) { $attributes[$i] = $row; $i++; } unset($rows[0]); foreach ($rows as $row) { $values = str_getcsv($row, $delimiter, $enclosure, $escape); $user = YumUser::model()->findByPk($values[0]); // Update existing User if ($user) { $profile = $user->profile; foreach ($attributes as $key => $attribute) { if (isset($user->{$attribute}) && isset($values[$key])) { $user->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE); } else { if (isset($profile->{$attribute}) && isset($values[$key])) { $profile->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE); } } } $user->save(false); if ($profile instanceof YumProfile) { $profile->save(false); } if ($roles) { foreach (explode(',', $roles) as $role) { $user->assignRole(trim($role)); } } } else { if (!$user) { // Create new User $user = new YumUser(); $profile = new YumProfile(); foreach ($attributes as $key => $attribute) { if (isset($user->{$attribute}) && isset($values[$key])) { $user->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE); } else { if (isset($profile->{$attribute}) && isset($values[$key])) { $profile->{$attribute} = htmlentities($values[$key], ENT_IGNORE, 'utf-8', FALSE); } } } $user->id = $values[0]; if (!$user->username && $profile->email) { $user->username = $profile->email; } if (!$user->status) { $user->status = 1; } $user->createtime = time(); if ($user->username) { $user->save(false); $profile->user_id = $user->id; $profile->save(false); } } } } }