/** * Save an entry and return to main listing * * @return void */ public function saveTask() { // Check for request forgeries Request::checkToken(); if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.edit', $this->_option)) { App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR')); } // Incoming profile edits $fields = Request::getVar('fields', array(), 'post', 'none', 2); // Load the profile $user = Member::oneOrNew($fields['id']); // Get the user before changes so we can // compare how data changed later on $prev = clone $user; // Set the incoming data $user->set($fields); if ($user->isNew()) { $newUsertype = $this->config->get('new_usertype'); if (!$newUsertype) { $newUsertype = Accessgroup::oneByTitle('Registered')->get('id'); } $user->set('accessgroups', array($newUsertype)); // Check that username is filled if (!Validate::username($user->get('username'))) { Notify::error(Lang::txt('COM_MEMBERS_MEMBER_USERNAME_INVALID')); return $this->editTask($user); } // Check email is valid if (!Validate::email($user->get('email'))) { Notify::error(Lang::txt('COM_MEMBERS_MEMBER_EMAIL_INVALID')); return $this->editTask($user); } // Set home directory $hubHomeDir = rtrim($this->config->get('homedir'), '/'); if (!$hubHomeDir) { // try to deduce a viable home directory based on sitename or live_site $sitename = strtolower(Config::get('sitename')); $sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1); $sitename = trim($sitename, '/ '); $sitename_e = explode('.', $sitename, 2); if (isset($sitename_e[1])) { $sitename = $sitename_e[0]; } if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) { $sitename = ''; } if (empty($sitename)) { $sitename = strtolower(Request::base()); $sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1); $sitename = trim($sitename, '/ '); $sitename_e = explode('.', $sitename, 2); if (isset($sitename_e[1])) { $sitename = $sitename_e[0]; } if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) { $sitename = ''; } } $hubHomeDir = DS . 'home'; if (!empty($sitename)) { $hubHomeDir .= DS . $sitename; } } $user->set('homeDirectory', $hubHomeDir . DS . $user->get('username')); $user->set('loginShell', '/bin/bash'); $user->set('ftpShell', '/usr/lib/sftp-server'); $user->set('registerDate', Date::toSql()); } // Set the new info $user->set('givenName', preg_replace('/\\s+/', ' ', trim($fields['givenName']))); $user->set('middleName', preg_replace('/\\s+/', ' ', trim($fields['middleName']))); $user->set('surname', preg_replace('/\\s+/', ' ', trim($fields['surname']))); $name = array($user->get('givenName'), $user->get('middleName'), $user->get('surname')); $name = implode(' ', $name); $name = preg_replace('/\\s+/', ' ', $name); $user->set('name', $name); $user->set('modifiedDate', Date::toSql()); if ($ec = Request::getInt('activation', 0, 'post')) { $user->set('activation', $ec); } else { $user->set('activation', Helpers\Utility::genemailconfirm()); } // Can't block yourself if ($user->get('block') && $user->get('id') == User::get('id') && !User::get('block')) { Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_BLOCK_SELF')); return $this->editTask($user); } // Make sure that we are not removing ourself from Super Admin group $iAmSuperAdmin = User::authorise('core.admin'); if ($iAmSuperAdmin && User::get('id') == $user->get('id')) { // Check that at least one of our new groups is Super Admin $stillSuperAdmin = false; foreach ($fields['accessgroups'] as $group) { $stillSuperAdmin = $stillSuperAdmin ? $stillSuperAdmin : \JAccess::checkGroup($group, 'core.admin'); } if (!$stillSuperAdmin) { Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_DEMOTE_SELF')); return $this->editTask($user); } } // Save the changes if (!$user->save()) { Notify::error($user->getError()); return $this->editTask($user); } // Save profile data $profile = Request::getVar('profile', array(), 'post', 'none', 2); $access = Request::getVar('profileaccess', array(), 'post', 'none', 2); foreach ($profile as $key => $data) { if (isset($profile[$key]) && is_array($profile[$key])) { $profile[$key] = array_filter($profile[$key]); } if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) { if (is_array($profile[$key])) { $profile[$key][] = $profile[$key . '_other']; } else { $profile[$key] = $profile[$key . '_other']; } unset($profile[$key . '_other']); } } if (!$user->saveProfile($profile, $access)) { Notify::error($user->getError()); return $this->editTask($user); } // Do we have a new pass? $newpass = trim(Request::getVar('newpass', '', 'post')); if ($newpass) { // Get password rules and validate $password_rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows(); $validated = \Hubzero\Password\Rule::verify($newpass, $password_rules, $user->get('id')); if (!empty($validated)) { // Set error Notify::error(Lang::txt('COM_MEMBERS_PASSWORD_DOES_NOT_MEET_REQUIREMENTS')); $this->validated = $validated; $this->_task = 'apply'; } else { // Save password \Hubzero\User\Password::changePassword($user->get('username'), $newpass); } } $passinfo = \Hubzero\User\Password::getInstance($user->get('id')); if (is_object($passinfo)) { // Do we have shadow info to change? $shadowMax = Request::getInt('shadowMax', false, 'post'); $shadowWarning = Request::getInt('shadowWarning', false, 'post'); $shadowExpire = Request::getVar('shadowExpire', '', 'post'); if ($shadowMax || $shadowWarning || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) { if ($shadowMax) { $passinfo->set('shadowMax', $shadowMax); } if ($shadowExpire || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) { if (preg_match("/[0-9]{4}-[0-9]{2}-[0-9]{2}/", $shadowExpire)) { $shadowExpire = strtotime($shadowExpire) / 86400; $passinfo->set('shadowExpire', $shadowExpire); } elseif (preg_match("/[0-9]+/", $shadowExpire)) { $passinfo->set('shadowExpire', $shadowExpire); } elseif (empty($shadowExpire)) { $passinfo->set('shadowExpire', NULL); } } if ($shadowWarning) { $passinfo->set('shadowWarning', $shadowWarning); } $passinfo->update(); } } // Check for spam count $reputation = Request::getVar('spam_count', null, 'post'); if (!is_null($reputation)) { $user->reputation->set('spam_count', $reputation); $user->reputation->save(); } // Email the user that their account has been approved if (!$prev->get('approved') && $this->config->get('useractivation_email')) { if (!$this->emailApprovedUser($user)) { Notify::error(Lang::txt('COM_MEMBERS_ERROR_EMAIL_FAILED')); } } // Set success message Notify::success(Lang::txt('COM_MEMBERS_MEMBER_SAVED')); // Drop through to edit form? if ($this->getTask() == 'apply') { return $this->editTask($user); } // Redirect $this->cancelTask(); }
/** * Get information about the password expiration * * @return array - password expiration information */ private function getPassInfo() { $hzup = \Hubzero\User\Password::getInstance($this->member->get('uidNumber')); // Check to see if password expiration is even enforced if (empty($hzup->passhash) || $hzup->shadowMax === NULL) { return false; } $chgtime = time(); $chgtime = intval($chgtime / 86400); $diff = $hzup->shadowLastChange + $hzup->shadowMax - $chgtime; if ($diff > $hzup->shadowWarning) { $message_style = 'info'; } else { if ($diff <= $hzup->shadowWarning && $diff > 0) { $message_style = 'warning'; } else { $message_style = 'error'; } } return array('diff' => $diff, 'warning' => $hzup->shadowWarning, 'max' => $hzup->shadowMax, 'message_style' => $message_style); }
/** * Save an entry and return to main listing * * @param integer $redirect Redirect to main listing? * @return void */ public function saveTask($redirect = 1) { // Check for request forgeries Request::checkToken(); // Incoming user ID $id = Request::getInt('id', 0, 'post'); // Do we have an ID? if (!$id) { App::abort(500, Lang::txt('COM_MEMBERS_NO_ID')); return; } // Incoming profile edits $p = Request::getVar('profile', array(), 'post', 'none', 2); // Load the profile $profile = new Profile(); $profile->load($id); // Set the new info $profile->set('givenName', preg_replace('/\\s+/', ' ', trim($p['givenName']))); $profile->set('middleName', preg_replace('/\\s+/', ' ', trim($p['middleName']))); $profile->set('surname', preg_replace('/\\s+/', ' ', trim($p['surname']))); $name = trim($p['givenName']) . ' '; $name .= trim($p['middleName']) != '' ? trim($p['middleName']) . ' ' : ''; $name .= trim($p['surname']); $name = preg_replace('/\\s+/', ' ', $name); $profile->set('name', $name); if (isset($p['vip'])) { $profile->set('vip', $p['vip']); } else { $profile->set('vip', 0); } $profile->set('orcid', trim($p['orcid'])); $profile->set('url', trim($p['url'])); $profile->set('phone', trim($p['phone'])); $profile->set('orgtype', trim($p['orgtype'])); $profile->set('organization', trim($p['organization'])); $profile->set('bio', trim($p['bio'])); if (isset($p['public'])) { $profile->set('public', $p['public']); } else { $profile->set('public', 0); } $profile->set('modifiedDate', Date::toSql()); $profile->set('homeDirectory', trim($p['homeDirectory'])); $profile->set('loginShell', trim($p['loginShell'])); $ec = Request::getInt('emailConfirmed', 0, 'post'); if ($ec) { $profile->set('emailConfirmed', $ec); } else { $confirm = Helpers\Utility::genemailconfirm(); $profile->set('emailConfirmed', $confirm); } if (isset($p['email'])) { $profile->set('email', trim($p['email'])); } if (isset($p['mailPreferenceOption'])) { $profile->set('mailPreferenceOption', trim($p['mailPreferenceOption'])); } else { $profile->set('mailPreferenceOption', -1); } if (!empty($p['gender'])) { $profile->set('gender', trim($p['gender'])); } if (!empty($p['disability'])) { if ($p['disability'] == 'yes') { if (!is_array($p['disabilities'])) { $p['disabilities'] = array(); } if (count($p['disabilities']) == 1 && isset($p['disabilities']['other']) && empty($p['disabilities']['other'])) { $profile->set('disability', array('no')); } else { $profile->set('disability', $p['disabilities']); } } else { $profile->set('disability', array($p['disability'])); } } if (!empty($p['hispanic'])) { if ($p['hispanic'] == 'yes') { if (!is_array($p['hispanics'])) { $p['hispanics'] = array(); } if (count($p['hispanics']) == 1 && isset($p['hispanics']['other']) && empty($p['hispanics']['other'])) { $profile->set('hispanic', array('no')); } else { $profile->set('hispanic', $p['hispanics']); } } else { $profile->set('hispanic', array($p['hispanic'])); } } if (isset($p['race']) && is_array($p['race'])) { $profile->set('race', $p['race']); } // Save the changes if (!$profile->update()) { App::abort(500, $profile->getError()); return false; } // Do we have a new pass? $newpass = trim(Request::getVar('newpass', '', 'post')); if ($newpass != '') { // Get password rules and validate $password_rules = \Hubzero\Password\Rule::getRules(); $validated = \Hubzero\Password\Rule::validate($newpass, $password_rules, $profile->get('uidNumber')); if (!empty($validated)) { // Set error $this->setError(Lang::txt('COM_MEMBERS_PASSWORD_DOES_NOT_MEET_REQUIREMENTS')); $this->validated = $validated; $redirect = false; } else { // Save password \Hubzero\User\Password::changePassword($profile->get('username'), $newpass); } } $passinfo = \Hubzero\User\Password::getInstance($id); if (is_object($passinfo)) { // Do we have shadow info to change? $shadowMax = Request::getInt('shadowMax', false, 'post'); $shadowWarning = Request::getInt('shadowWarning', false, 'post'); $shadowExpire = Request::getVar('shadowExpire', '', 'post'); if ($shadowMax || $shadowWarning || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) { if ($shadowMax) { $passinfo->set('shadowMax', $shadowMax); } if ($shadowExpire || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) { if (preg_match("/[0-9]{4}-[0-9]{2}-[0-9]{2}/", $shadowExpire)) { $shadowExpire = strtotime($shadowExpire) / 86400; $passinfo->set('shadowExpire', $shadowExpire); } elseif (preg_match("/[0-9]+/", $shadowExpire)) { $passinfo->set('shadowExpire', $shadowExpire); } elseif (empty($shadowExpire)) { $passinfo->set('shadowExpire', NULL); } } if ($shadowWarning) { $passinfo->set('shadowWarning', $shadowWarning); } $passinfo->update(); } } // Get the user's interests (tags) $tags = trim(Request::getVar('tags', '')); // Process tags include_once dirname(dirname(__DIR__)) . DS . 'models' . DS . 'tags.php'; $mt = new \Components\Members\Models\Tags($id); $mt->setTags($tags, $id); // Make sure certain changes make it back to the user table $user = User::getInstance($id); $user->set('name', $name); $user->set('email', $profile->get('email')); if (!$user->save()) { App::abort('', Lang::txt($user->getError())); return false; } if ($redirect) { // Redirect App::redirect(Route::url('index.php?option=' . $this->_option), Lang::txt('COM_MEMBERS_MEMBER_SAVED')); } else { $this->editTask($id); } }