Ejemplo n.º 1
0
 /**
  * Handles the entire registration process for DEFAULT users (not for people who register with
  * 3rd party services, like facebook) and creates a new user in the database if everything is fine
  *
  * @return boolean Gives back the success status of the registration
  */
 public static function registerNewUser()
 {
     // clean the input
     $user_name = strip_tags(Request::post('user_name'));
     $user_email = strip_tags(Request::post('user_email'));
     $user_email_repeat = strip_tags(Request::post('user_email_repeat'));
     $user_password_new = Request::post('user_password_new');
     $user_password_repeat = Request::post('user_password_repeat');
     // stop registration flow if registrationInputValidation() returns false (= anything breaks the input check rules)
     $validation_result = self::registrationInputValidation(Request::post('captcha'), $user_name, $user_password_new, $user_password_repeat, $user_email, $user_email_repeat);
     if (!$validation_result) {
         return false;
     }
     // crypt the password with the PHP 5.5's password_hash() function, results in a 60 character hash string.
     // @see php.net/manual/en/function.password-hash.php for more, especially for potential options
     $user_password_hash = password_hash($user_password_new, PASSWORD_DEFAULT);
     // make return a bool variable, so both errors can come up at once if needed
     $return = true;
     // check if username already exists
     if (UserModel::doesUsernameAlreadyExist($user_name)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USERNAME_ALREADY_TAKEN'));
         $return = false;
     }
     // check if email already exists
     if (UserModel::doesEmailAlreadyExist($user_email)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_USER_EMAIL_ALREADY_TAKEN'));
         $return = false;
     }
     // if Username or Email were false, return false
     if (!$return) {
         return false;
     }
     // generate random hash for email verification (40 char string)
     $user_activation_hash = sha1(uniqid(mt_rand(), true));
     // write user data to database
     if (!self::writeNewUserToDatabase($user_name, $user_password_hash, $user_email, time(), $user_activation_hash)) {
         Session::add('feedback_negative', Text::get('FEEDBACK_ACCOUNT_CREATION_FAILED'));
         return false;
         // no reason not to return false here
     }
     // get user_id of the user that has been created, to keep things clean we DON'T use lastInsertId() here
     $user_id = UserModel::getUserIdByUsername($user_name);
     if (!$user_id) {
         Session::add('feedback_negative', Text::get('FEEDBACK_UNKNOWN_ERROR'));
         return false;
     }
     // send verification email
     if (self::sendVerificationEmail($user_id, $user_email, $user_activation_hash)) {
         Session::add('feedback_positive', Text::get('FEEDBACK_ACCOUNT_SUCCESSFULLY_CREATED'));
         return true;
     }
     // if verification email sending failed: instantly delete the user
     self::rollbackRegistrationByUserId($user_id);
     Session::add('feedback_negative', Text::get('FEEDBACK_VERIFICATION_MAIL_SENDING_FAILED'));
     return false;
 }
Ejemplo n.º 2
0
 public function actionAccountSettings()
 {
     AdminModel::setAccountSuspensionAndDeletionStatus(Request::post('suspension'), Request::post('softDelete'), Request::post('user_id'));
     Redirect::to("admin");
 }
Ejemplo n.º 3
0
 /**
  * Password Change Action
  * Submit form, if retured positive redirect to index, otherwise show the changePassword page again
  */
 public function changePassword_action()
 {
     $result = PasswordResetModel::changePassword(Session::get('user_name'), Request::post('user_password_current'), Request::post('user_password_new'), Request::post('user_password_repeat'));
     if ($result) {
         Redirect::to('user/index');
     } else {
         Redirect::to('user/changePassword');
     }
 }
Ejemplo n.º 4
0
 /**
  * This method controls what happens when you move to /note/editSave in your app.
  * Edits a note (performs the editing after form submit).
  * POST request.
  */
 public function editSave()
 {
     NoteModel::updateNote(Request::post('note_id'), Request::post('note_text'));
     Redirect::to('note');
 }
Ejemplo n.º 5
0
 /**
  * Set the new password
  * Please note that this happens while the user is not logged in. The user identifies via the data provided by the
  * password reset link from the email, automatically filled into the <form> fields. See verifyPasswordReset()
  * for more. Then (regardless of result) route user to index page (user will get success/error via feedback message)
  * POST request !
  * TODO this is an _action
  */
 public function setNewPassword()
 {
     PasswordResetModel::setNewPassword(Request::post('user_name'), Request::post('user_password_reset_hash'), Request::post('user_password_new'), Request::post('user_password_repeat'));
     Redirect::to('login/index');
 }