Ejemplo n.º 1
0
 function postContent()
 {
     $this->adminGatekeeper();
     // Admins only
     $action = $this->getInput('action');
     switch ($action) {
         case 'add_rights':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 $user->setAdmin(true);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage($user->getTitle() . " was given administration rights.");
             }
             break;
         case 'remove_rights':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 $user->setAdmin(false);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage($user->getTitle() . " was stripped of their administration rights.");
             }
             break;
         case 'delete':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 if ($user->delete()) {
                     \Idno\Core\site()->session()->addMessage($user->getTitle() . " was removed from your site.");
                 }
             }
             break;
         case 'invite_users':
             $emails = $this->getInput('invitation_emails');
             preg_match_all('/[a-z\\d._%+-]+@[a-z\\d.-]+\\.[a-z]{2,4}\\b/i', $emails, $matches);
             $invitation_count = 0;
             if (!empty($matches[0])) {
                 if (is_array($matches[0])) {
                     foreach ($matches[0] as $email) {
                         if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
                             if (!($user = User::getByEmail($email))) {
                                 if ((new Invitation())->sendToEmail($email) !== 0) {
                                     $invitation_count++;
                                 }
                             }
                         }
                     }
                 }
             }
             if ($invitation_count > 1) {
                 \Idno\Core\site()->session()->addMessage("{$invitation_count} invitations were sent.");
             } else {
                 if ($invitation_count == 1) {
                     \Idno\Core\site()->session()->addMessage("Your invitation was sent.");
                 } else {
                     \Idno\Core\site()->session()->addMessage("No email addresses were found or all the people you invited are already members of this site.");
                 }
             }
             break;
     }
     $this->forward(\Idno\Core\site()->config()->getURL() . 'admin/users');
 }
Ejemplo n.º 2
0
 function postContent()
 {
     // TODO: change this to actual basic login, of course
     if ($user = \Idno\Entities\User::getByHandle($this->getInput('email'))) {
     } else {
         if ($user = \Idno\Entities\User::getByEmail($this->getInput('email'))) {
         } else {
             \Idno\Core\site()->triggerEvent('login/failure/nouser', ['method' => 'password', 'credentials' => ['email' => $this->getInput('email')]]);
             $this->setResponse(401);
             $this->forward('/session/login');
         }
     }
     if ($user instanceof \Idno\Entities\User) {
         if ($user->checkPassword($this->getInput('password'))) {
             \Idno\Core\site()->triggerEvent('login/success', ['user' => $user]);
             // Trigger an event for auditing
             \Idno\Core\site()->session()->logUserOn($user);
             \Idno\Core\site()->session()->addMessage("You've signed in as {$user->getTitle()}.");
             $this->forward();
         } else {
             \Idno\Core\site()->session()->addMessage("Oops! It looks like your password isn't correct. Please try again.");
             \Idno\Core\site()->triggerEvent('login/failure', ['user' => $user]);
         }
     } else {
         \Idno\Core\site()->session()->addMessage("Oops! We couldn't find your username or email address. Please check you typed it correctly and try again.");
     }
 }
Ejemplo n.º 3
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $name = $this->getInput('name');
     $handle = trim($this->getInput('handle'));
     $password = trim($this->getInput('password'));
     $email = trim($this->getInput('email'));
     if (empty($handle) && empty($email)) {
         \Idno\Core\site()->session()->addErrorMessage("Please enter a username and email address.");
     } else {
         if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
             if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/') && \Idno\Entities\User::checkNewPasswordStrength($password)) {
                 $user = new Application();
                 $user->email = $email;
                 $user->handle = strtolower(trim($handle));
                 // Trim the handle and set it to lowercase
                 $user->setPassword($password);
                 $user->notifications['email'] = 'all';
                 if (empty($name)) {
                     $name = $user->handle;
                 }
                 $user->setTitle($name);
                 if ($user->save()) {
                     $t = clone \Idno\Core\site()->template();
                     $t->setTemplateType('email');
                     foreach (\Idno\Core\site()->getAdmins() as $admin) {
                         $email_message = new Email();
                         $email_message->setSubject("You have a new membership application!");
                         $email_message->addTo($admin->email);
                         $email_message->setHTMLBodyFromTemplate('applytojoin/new', ['user' => $user]);
                         $email_message->send();
                     }
                     $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'account/join/thanks/');
                 } else {
                     var_export(\Idno\Core\site()->session()->messages);
                 }
             } else {
                 if (empty($handle)) {
                     \Idno\Core\site()->session()->addErrorMessage("Please create a username.");
                 }
                 if (strlen($handle) > 32) {
                     \Idno\Core\site()->session()->addErrorMessage("Your username is too long.");
                 }
                 if (substr_count($handle, '/')) {
                     \Idno\Core\site()->session()->addErrorMessage("Usernames can't contain a slash ('/') character.");
                 }
                 if (!empty($handleuser)) {
                     \Idno\Core\site()->session()->addErrorMessage("Unfortunately, someone is already using that username. Please choose another.");
                 }
                 if (!empty($emailuser)) {
                     \Idno\Core\site()->session()->addErrorMessage("Hey, it looks like there's already an account with that email address. Did you forget your login?");
                 }
                 if (!\Idno\Entities\User::checkNewPasswordStrength($password)) {
                     \Idno\Core\site()->session()->addErrorMessage("Please check that your password is at least 7 characters long.");
                 }
             }
         }
     }
     $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'account/join/');
 }
Ejemplo n.º 4
0
 function postContent()
 {
     $fwd = $this->getInput('fwd');
     // Forward to a new page?
     if (empty($fwd)) {
         $fwd = \Idno\Core\site()->config()->url;
     }
     if ($user = \Idno\Entities\User::getByHandle($this->getInput('email'))) {
     } else {
         if ($user = \Idno\Entities\User::getByEmail($this->getInput('email'))) {
         } else {
             \Idno\Core\site()->triggerEvent('login/failure/nouser', array('method' => 'password', 'credentials' => array('email' => $this->getInput('email'))));
             $this->setResponse(401);
         }
     }
     if ($user instanceof \Idno\Entities\User) {
         if ($user->checkPassword(trim($this->getInput('password')))) {
             \Idno\Core\site()->triggerEvent('login/success', array('user' => $user));
             // Trigger an event for auditing
             \Idno\Core\site()->session()->logUserOn($user);
             $this->forward($fwd);
         } else {
             \Idno\Core\site()->session()->addErrorMessage("Oops! It looks like your password isn't correct. Please try again.");
             \Idno\Core\site()->triggerEvent('login/failure', array('user' => $user));
             $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'session/login/?fwd=' . urlencode($fwd));
         }
     } else {
         \Idno\Core\site()->session()->addErrorMessage("Oops! We couldn't find your username or email address. Please check you typed it correctly and try again.");
         $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'session/login/?fwd=' . urlencode($fwd));
     }
 }
Ejemplo n.º 5
0
 function postContent()
 {
     $this->createGatekeeper();
     // Logged-in only please
     $user = \Idno\Core\site()->session()->currentUser();
     $name = $this->getInput('name');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $username = trim($this->getInput('handle'));
     if (!empty($name)) {
         $user->setTitle($name);
     }
     if (!empty($username) && $username != $user->getHandle()) {
         $user->setHandle($username);
     }
     if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!\Idno\Entities\User::getByEmail($email)) {
             $user->email = $email;
         } else {
             \Idno\Core\site()->session()->addMessage('Someone is already using ' . $email . ' as their email address.', 'alert-error');
         }
     }
     if (!empty($password)) {
         $user->setPassword($password);
     }
     if ($user->save()) {
         \Idno\Core\site()->session()->refreshSessionUser($user);
         \Idno\Core\site()->session()->addMessage("Your details were saved.");
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 6
0
 function postContent()
 {
     $name = $this->getInput('name');
     $handle = $this->getInput('handle');
     $password = $this->getInput('password');
     $password2 = $this->getInput('password2');
     $email = $this->getInput('email');
     $user = new \Idno\Entities\User();
     if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && $password == $password2 && strlen($password) > 4 && !empty($name)) {
             $user = new \Idno\Entities\User();
             $user->email = $email;
             $user->handle = $handle;
             $user->setPassword($password);
             $user->setTitle($name);
             if (!\Idno\Entities\User::get()) {
                 $user->setAdmin(true);
             }
             $user->save();
         } else {
             if (empty($handle)) {
                 \Idno\Core\site()->session()->addMessage("You can't have an empty handle.");
             } else {
                 if (!empty($handleuser)) {
                     \Idno\Core\site()->session()->addMessage("Unfortunately, a user is already using that handle. Please choose another.");
                 }
             }
             if (!empty($emailuser)) {
                 \Idno\Core\site()->session()->addMessage("Unfortunately, a user is already using that email address. Please choose another.");
             }
             if ($password != $password2 || strlen($password) <= 4) {
                 \Idno\Core\site()->session()->addMessage("Please check that your passwords match and that your password is over four characters long.");
             }
         }
     } else {
         \Idno\Core\site()->session()->addMessage("That doesn't seem to be a valid email address.");
     }
     if (!empty($user->_id)) {
         \Idno\Core\site()->session()->addMessage("You've registered! Well done.");
         \Idno\Core\site()->session()->logUserOn($user);
     } else {
         \Idno\Core\site()->session()->addMessage("We couldn't register you.");
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 7
0
 function postContent()
 {
     $this->gatekeeper();
     // Logged-in only please
     $user = \Idno\Core\site()->session()->currentUser();
     $name = $this->getInput('name');
     //$handle = $this->getInput('handle');
     $email = $this->getInput('email');
     $password = $this->getInput('password');
     $password2 = $this->getInput('password2');
     if (!empty($name)) {
         $user->setTitle($name);
     }
     if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!\Idno\Entities\User::getByEmail($email)) {
             $user->email = $email;
         } else {
             \Idno\Core\site()->session()->addMessage('Someone is already using ' . $email . ' as their email address.', 'alert-error');
         }
     }
     if (!empty($password) && $password == $password2) {
         $user->setPassword($password);
     }
     if (!empty($_FILES['avatar'])) {
         if (in_array($_FILES['avatar']['type'], array('image/png', 'image/jpg', 'image/jpeg', 'image/gif'))) {
             if (getimagesize($_FILES['avatar']['tmp_name'])) {
                 if ($icon = \Idno\Entities\File::createThumbnailFromFile($_FILES['avatar']['tmp_name'], $_FILES['avatar']['name'], 300)) {
                     $user->icon = (string) $icon;
                 } else {
                     if ($icon = \Idno\Entities\File::createFromFile($_FILES['avatar']['tmp_name'], $_FILES['avatar']['name'])) {
                         $user->icon = (string) $icon;
                     }
                 }
             }
         }
     }
     if ($user->save()) {
         \Idno\Core\site()->session()->addMessage("Your details were saved.");
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 8
0
 function postContent()
 {
     $this->adminGatekeeper();
     $user_uuid = $this->getInput('user');
     $action = $this->getInput('action');
     $user = Application::getByUUID($user_uuid);
     if ($user instanceof Application) {
         $name = $user->getTitle();
         $handle = $user->handle;
         $email = $user->email;
         switch ($action) {
             case 'approve':
                 if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/')) {
                     $real_user = new \Idno\Entities\User();
                     $real_user->setHandle($user->handle);
                     $real_user->email = $user->email;
                     $real_user->password = $user->password;
                     $real_user->setTitle($user->getTitle());
                     if ($real_user->save()) {
                         $user->delete();
                         $email_message = new Email();
                         $email_message->setSubject("Your membership was approved!");
                         $email_message->addTo($real_user->email);
                         $email_message->setHTMLBodyFromTemplate('applytojoin/approved', ['user' => $real_user]);
                         $email_message->send();
                         \Idno\Core\site()->session()->addMessage("{$name}'s membership application was approved. They can now log into the site.");
                     } else {
                         \Idno\Core\site()->session()->addMessage("Something went wrong and we weren't able to approve {$name}'s membership application.");
                     }
                 } else {
                     \Idno\Core\site()->session()->addMessage("We couldn't approve {$name}'s application. Either their handle or their email was invalid or in use.");
                 }
                 break;
             case 'delete':
                 $user->delete();
                 \Idno\Core\site()->session()->addMessage("{$name}'s membership application was deleted.");
                 break;
         }
     }
     $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'admin/applytojoin/');
 }
Ejemplo n.º 9
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $email_address = $this->getInput('email');
     if ($user = User::getByEmail($email_address)) {
         if ($auth_code = $user->addPasswordRecoveryCode()) {
             $user->save();
             // Save the recovery code to the user
             $t = clone \Idno\Core\site()->template();
             $t->setTemplateType('email');
             $email = new Email();
             $email->setSubject("Password reset");
             $email->addTo($user->email);
             $email->setHTMLBody($t->__(array('email' => $email_address, 'code' => $auth_code))->draw('account/password'));
             $email->send();
             $this->forward(\Idno\Core\site()->config()->getURL() . 'account/password/?sent=true');
         }
     }
     \Idno\Core\site()->session()->addErrorMessage("Oh no! We couldn't find an account associated with that email address.");
     $this->forward(\Idno\Core\site()->config()->getURL() . 'account/password');
 }
Ejemplo n.º 10
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $code = $this->getInput('code');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $password2 = trim($this->getInput('password2'));
     if ($password == $password2 && !empty($password2)) {
         if ($user = \Idno\Entities\User::getByEmail($email)) {
             if ($code = $user->getPasswordRecoveryCode()) {
                 /* @var \Idno\Entities\User $user */
                 $user->setPassword($password);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage("Your password was reset!");
             }
         }
     } else {
         \Idno\Core\site()->session()->addMessage("Your passwords need to match!");
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 11
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $code = $this->getInput('code');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $password2 = trim($this->getInput('password2'));
     if (\Idno\Entities\User::checkNewPasswordStrength($password) && $password == $password2) {
         if ($user = \Idno\Entities\User::getByEmail($email)) {
             if ($code = $user->getPasswordRecoveryCode()) {
                 /* @var \Idno\Entities\User $user */
                 $user->setPassword($password);
                 $user->clearPasswordRecoveryCode();
                 $user->save();
                 \Idno\Core\site()->session()->addMessage("Your password was reset!");
             }
         }
     } else {
         \Idno\Core\site()->session()->addErrorMessage('Sorry, your passwords either don\'t match, or are too weak', 'alert-error');
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 12
0
 function postContent()
 {
     $this->createGatekeeper();
     // Logged-in only please
     $user = \Idno\Core\site()->session()->currentUser();
     $name = $this->getInput('name');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $username = trim($this->getInput('handle'));
     /*if (!\Idno\Common\Page::isSSL() && !\Idno\Core\site()->config()->disable_cleartext_warning) {
           \Idno\Core\site()->session()->addErrorMessage("Warning: Access credentials were sent over a non-secured connection! To disable this warning set disable_cleartext_warning in your config.ini");
       }*/
     if (!empty($name)) {
         $user->setTitle($name);
     }
     if (!empty($username) && $username != $user->getHandle()) {
         $user->setHandle($username);
     }
     if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!\Idno\Entities\User::getByEmail($email)) {
             $user->email = $email;
         } else {
             \Idno\Core\site()->session()->addErrorMessage('Someone is already using ' . $email . ' as their email address.');
         }
     }
     if (!empty($password)) {
         if (\Idno\Entities\User::checkNewPasswordStrength($password)) {
             \Idno\Core\site()->session()->addMessage("Your password has been updated.");
             $user->setPassword($password);
         } else {
             \Idno\Core\site()->session()->addErrorMessage('Sorry, your password is too weak');
         }
     }
     if ($user->save()) {
         \Idno\Core\site()->session()->addMessage("Your details were saved.");
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 13
0
 function postContent()
 {
     $name = $this->getInput('name');
     $handle = trim($this->getInput('handle'));
     $password = trim($this->getInput('password'));
     $password2 = trim($this->getInput('password2'));
     $email = trim($this->getInput('email'));
     $code = $this->getInput('code');
     $onboarding = $this->getInput('onboarding');
     if (empty(\Idno\Core\site()->config()->open_registration)) {
         if (!($invitation = \Idno\Entities\Invitation::validate($email, $code))) {
             \Idno\Core\site()->session()->addMessage("Your invitation doesn't seem to be valid or has expired.");
             $this->forward(\Idno\Core\site()->config()->getURL());
         } else {
             // Removing this from here - invitation will be deleted once user is created
             //$invitation->delete(); // Remove the invitation; it's no longer needed
         }
     }
     $user = new \Idno\Entities\User();
     if (empty($handle) && empty($email)) {
         \Idno\Core\site()->session()->addMessage("Please enter a username and email address.");
     } else {
         if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
             if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle <= 32) && !substr_count($handle, '/') && $password == $password2 && strlen($password) > 4) {
                 $user = new \Idno\Entities\User();
                 $user->email = $email;
                 $user->handle = strtolower(trim($handle));
                 // Trim the handle and set it to lowercase
                 $user->setPassword($password);
                 if (empty($name)) {
                     $name = $user->handle;
                 }
                 $user->setTitle($name);
                 if (!\Idno\Entities\User::get()) {
                     $user->setAdmin(true);
                     $user->robot_state = 1;
                     // State for our happy robot helper
                     if (\Idno\Core\site()->config()->title == 'New Known site') {
                         if (!empty($_SESSION['set_name'])) {
                             \Idno\Core\site()->config()->title = $_SESSION['set_name'];
                         } else {
                             \Idno\Core\site()->config()->title = $user->getTitle() . '\'s Known';
                         }
                         \Idno\Core\site()->config()->open_registration = false;
                         \Idno\Core\site()->config()->from_email = $user->email;
                         \Idno\Core\site()->config()->save();
                     }
                 }
                 $user->save();
                 \Idno\Core\site()->triggerEvent('site/firstadmin', ['user' => $user]);
                 // Event hook for first admin
                 // Now we can remove the invitation
                 if ($invitation instanceof Invitation) {
                     $invitation->delete();
                     // Remove the invitation; it's no longer needed
                 }
             } else {
                 if (empty($handle)) {
                     \Idno\Core\site()->session()->addMessage("Please create a username.");
                 } else {
                     if (strlen($handle) > 32) {
                         \Idno\Core\site()->session()->addMessage("Your username is too long.");
                     } else {
                         if (substr_count($handle, '/')) {
                             \Idno\Core\site()->session()->addMessage("Usernames can't contain a slash ('/') character.");
                         } else {
                             if (!empty($handleuser)) {
                                 \Idno\Core\site()->session()->addMessage("Unfortunately, someone is already using that username. Please choose another.");
                             }
                         }
                     }
                 }
                 if (!empty($emailuser)) {
                     \Idno\Core\site()->session()->addMessage("Hey, it looks like there's already an account with that email address. Did you forget your login?");
                 }
                 if ($password != $password2 || strlen($password) <= 4) {
                     \Idno\Core\site()->session()->addMessage("Please check that your passwords match and that your password is over four characters long.");
                 }
             }
         } else {
             \Idno\Core\site()->session()->addMessage("That doesn't seem like it's a valid email address.");
         }
     }
     if (!empty($user->_id)) {
         \Idno\Core\site()->session()->addMessage("You've registered! You're ready to get started. Why not add some profile information?");
         \Idno\Core\site()->session()->logUserOn($user);
         if (empty($onboarding)) {
             $this->forward($user->getURL());
         } else {
             $this->forward(\Idno\Core\site()->config()->getURL() . 'begin/profile');
         }
     } else {
         \Idno\Core\site()->session()->addMessageAtStart("We couldn't register you.");
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 14
0
 function postContent()
 {
     $name = $this->getInput('name');
     $handle = trim($this->getInput('handle'));
     $password = trim($this->getInput('password'));
     $password2 = trim($this->getInput('password2'));
     $email = trim($this->getInput('email'));
     $code = $this->getInput('code');
     $onboarding = $this->getInput('onboarding');
     /*if (!\Idno\Common\Page::isSSL() && !\Idno\Core\site()->config()->disable_cleartext_warning) {
           \Idno\Core\site()->session()->addErrorMessage("Warning: Access credentials were sent over a non-secured connection! To disable this warning set disable_cleartext_warning in your config.ini");
       }*/
     if (empty(\Idno\Core\site()->config()->open_registration)) {
         if (!($invitation = \Idno\Entities\Invitation::validate($email, $code))) {
             \Idno\Core\site()->session()->addErrorMessage("Your invitation doesn't seem to be valid, or has expired.");
             $this->forward(\Idno\Core\site()->config()->getURL());
         } else {
             // Removing this from here - invitation will be deleted once user is created
             //$invitation->delete(); // Remove the invitation; it's no longer needed
         }
     }
     $user = new \Idno\Entities\User();
     if (empty($handle) && empty($email)) {
         \Idno\Core\site()->session()->addErrorMessage("Please enter a username and email address.");
     } else {
         if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
             if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && preg_match('/^[a-zA-Z0-9_]{1,}$/', $handle) && !substr_count($handle, '/') && $password == $password2 & \Idno\Entities\User::checkNewPasswordStrength($password)) {
                 $user = new \Idno\Entities\User();
                 $user->email = $email;
                 $user->handle = strtolower(trim($handle));
                 // Trim the handle and set it to lowercase
                 $user->setPassword($password);
                 $user->notifications['email'] = 'all';
                 if (empty($name)) {
                     $name = $user->handle;
                 }
                 $user->setTitle($name);
                 if (!\Idno\Entities\User::get()) {
                     $user->setAdmin(true);
                     $user->robot_state = '1';
                     // State for our happy robot helper
                     if (\Idno\Core\site()->config()->title == 'New Known site') {
                         if (!empty($_SESSION['set_name'])) {
                             \Idno\Core\site()->config()->title = $_SESSION['set_name'];
                         } else {
                             \Idno\Core\site()->config()->title = $user->getTitle() . '\'s Known';
                         }
                         \Idno\Core\site()->config()->theme = 'Solo';
                         \Idno\Core\site()->config()->open_registration = false;
                         \Idno\Core\site()->config()->from_email = $user->email;
                         \Idno\Core\site()->config()->save();
                     }
                     \Idno\Core\site()->triggerEvent('site/firstadmin', array('user' => $user));
                     // Event hook for first admin
                 } else {
                     \Idno\Core\site()->triggerEvent('site/newuser', array('user' => $user));
                     // Event hook for new user
                 }
                 $user->save();
                 // Now we can remove the invitation
                 if (!empty($invitation)) {
                     if ($invitation instanceof Invitation) {
                         $invitation->delete();
                         // Remove the invitation; it's no longer needed
                     }
                 }
             } else {
                 if (empty($handle)) {
                     \Idno\Core\site()->session()->addErrorMessage("Please create a username.");
                 }
                 if (strlen($handle) > 32) {
                     \Idno\Core\site()->session()->addErrorMessage("Your username is too long.");
                 }
                 if (!preg_match('/^[a-zA-Z0-9_]{1,}$/', $handle)) {
                     \Idno\Core\site()->session()->addErrorMessage("Usernames can only have letters, numbers and underscores.");
                 }
                 if (substr_count($handle, '/')) {
                     \Idno\Core\site()->session()->addErrorMessage("Usernames can't contain a slash ('/') character.");
                 }
                 if (!empty($handleuser)) {
                     \Idno\Core\site()->session()->addErrorMessage("Unfortunately, someone is already using that username. Please choose another.");
                 }
                 if (!empty($emailuser)) {
                     \Idno\Core\site()->session()->addErrorMessage("Hey, it looks like there's already an account with that email address. Did you forget your login?");
                 }
                 if (!\Idno\Entities\User::checkNewPasswordStrength($password) || $password != $password2) {
                     \Idno\Core\site()->session()->addErrorMessage("Please check that your passwords match and that your password is at least 7 characters long.");
                 }
             }
         } else {
             \Idno\Core\site()->session()->addErrorMessage("That doesn't seem like it's a valid email address.");
         }
     }
     if (!empty($user->_id)) {
         \Idno\Core\site()->session()->addMessage("You've registered! You're ready to get started. Why not add a status update to say hello?");
         \Idno\Core\site()->session()->logUserOn($user);
         if (empty($onboarding)) {
             $this->forward();
         } else {
             $this->forward(\Idno\Core\site()->config()->getURL() . 'begin/profile');
         }
     } else {
         \Idno\Core\site()->session()->addMessageAtStart("We couldn't register you.");
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 15
0
 function postContent()
 {
     $this->adminGatekeeper();
     // Admins only
     $action = $this->getInput('action');
     switch ($action) {
         case 'add_rights':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 $user->setAdmin(true);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage($user->getTitle() . " was given administration rights.");
             }
             break;
         case 'remove_rights':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 $user->setAdmin(false);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage($user->getTitle() . " was stripped of their administration rights.");
             }
             break;
         case 'delete':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 if ($user->delete()) {
                     \Idno\Core\site()->session()->addMessage($user->getTitle() . " was removed from your site.");
                 }
             }
             break;
         case 'invite_users':
             $emails = $this->getInput('invitation_emails');
             preg_match_all('/[a-z\\d._%\\+\\-]+@[a-z\\d.-]+\\.[a-z]{2,4}\\b/i', $emails, $matches);
             $invitation_count = 0;
             if (!empty($matches[0])) {
                 if (is_array($matches[0])) {
                     foreach ($matches[0] as $email) {
                         if (!($user = User::getByEmail($email))) {
                             $invitation = new Invitation();
                             if ($invitation->sendToEmail($email, \Idno\Core\site()->session()->currentUser()->email) !== 0) {
                                 $invitation_count++;
                             }
                         }
                     }
                 }
             }
             if ($invitation_count > 1) {
                 \Idno\Core\site()->session()->addMessage("{$invitation_count} invitations were sent.");
             } else {
                 if ($invitation_count == 1) {
                     \Idno\Core\site()->session()->addMessage("Your invitation was sent.");
                 } else {
                     \Idno\Core\site()->session()->addMessage("No email addresses were found or all the people you invited are already members of this site.");
                 }
             }
             break;
         case 'remove_invitation':
             $invitation_id = $this->getInput('invitation_id');
             if ($invitation = Invitation::getByID($invitation_id)) {
                 if ($invitation->delete()) {
                     \Idno\Core\site()->session()->addMessage("The invitation was removed.");
                 }
             }
             break;
         case 'resend_invitation':
             $invitation_id = $this->getInput('invitation_id');
             if ($invitation = Invitation::getByID($invitation_id)) {
                 $email = $invitation->email;
                 if ($invitation->delete()) {
                     $new_invitation = new Invitation();
                     if ($new_invitation->sendToEmail($email)) {
                         \Idno\Core\site()->session()->addMessage("The invitation was resent.");
                     }
                 }
             }
             break;
         case 'add_user':
             if (!\Idno\Core\site()->config()->canAddUsers()) {
                 \Idno\Core\site()->session()->addMessage("You can't add any more users to your site.");
                 break;
             }
             $name = $this->getInput('name');
             $handle = trim($this->getInput('handle'));
             $email = trim($this->getInput('email'));
             $password = trim($this->getInput('password1'));
             $password2 = trim($this->getInput('password2'));
             $user = new \Idno\Entities\User();
             if (empty($password) || $password != $password2) {
                 \Idno\Core\site()->session()->addMessage("Please make sure your passwords match and aren't empty.");
             } else {
                 if (empty($handle) && empty($email)) {
                     \Idno\Core\site()->session()->addMessage("Please enter a username and email address.");
                 } else {
                     if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
                         if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/')) {
                             $user = new \Idno\Entities\User();
                             $user->email = $email;
                             $user->handle = strtolower(trim($handle));
                             // Trim the handle and set it to lowercase
                             $user->setPassword($password);
                             if (empty($name)) {
                                 $name = $user->handle;
                             }
                             $user->setTitle($name);
                             $user->save();
                         } else {
                             if (empty($handle)) {
                                 \Idno\Core\site()->session()->addMessage("Please create a username.");
                             }
                             if (strlen($handle) > 32) {
                                 \Idno\Core\site()->session()->addMessage("Your username is too long.");
                             }
                             if (substr_count($handle, '/')) {
                                 \Idno\Core\site()->session()->addMessage("Usernames can't contain a slash ('/') character.");
                             }
                             if (!empty($handleuser)) {
                                 \Idno\Core\site()->session()->addMessage("Unfortunately, someone is already using that username. Please choose another.");
                             }
                             if (!empty($emailuser)) {
                                 \Idno\Core\site()->session()->addMessage("Hey, it looks like there's already an account with that email address. Did you forget your login?");
                             }
                         }
                     } else {
                         \Idno\Core\site()->session()->addMessage("That doesn't seem like it's a valid email address.");
                     }
                 }
             }
             if (!empty($user->_id)) {
                 \Idno\Core\site()->session()->addMessage("User " . $user->getHandle() . " was created. You may wish to email them to let them know.");
             } else {
                 \Idno\Core\site()->session()->addMessageAtStart("We couldn't register that user.");
             }
             break;
         case 'block_emails':
             $emails = $this->getInput('blocked_emails');
             preg_match_all('/[a-z\\d._%+-]+@[a-z\\d.-]+\\.[a-z]{2,4}\\b/i', $emails, $matches);
             $block_count = 0;
             if (!empty($matches[0])) {
                 if (is_array($matches[0])) {
                     foreach ($matches[0] as $email) {
                         if (\Idno\Core\site()->config()->addBlockedEmail($email)) {
                             $block_count++;
                         }
                     }
                     \Idno\Core\site()->config()->save();
                 }
             }
             if ($block_count > 1) {
                 \Idno\Core\site()->session()->addMessage("{$block_count} emails were blocked.");
             } else {
                 if ($block_count == 1) {
                     \Idno\Core\site()->session()->addMessage("The email address was blocked.");
                 } else {
                     \Idno\Core\site()->session()->addMessage("No email addresses were found.");
                 }
             }
             break;
         case 'unblock_emails':
             $emails = $this->getInput('blocked_emails');
             preg_match_all('/[a-z\\d._%+-]+@[a-z\\d.-]+\\.[a-z]{2,4}\\b/i', $emails, $matches);
             $block_count = 0;
             if (!empty($matches[0])) {
                 if (is_array($matches[0])) {
                     foreach ($matches[0] as $email) {
                         if (\Idno\Core\site()->config()->removeBlockedEmail($email)) {
                             $block_count++;
                         }
                     }
                     \Idno\Core\site()->config()->save();
                 }
             }
             if ($block_count > 1) {
                 \Idno\Core\site()->session()->addMessage("{$block_count} emails were unblocked.");
             } else {
                 if ($block_count == 1) {
                     \Idno\Core\site()->session()->addMessage("The email address was unblocked.");
                 } else {
                     \Idno\Core\site()->session()->addMessage("No email addresses were found.");
                 }
             }
             break;
     }
     $this->forward(\Idno\Core\site()->config()->getURL() . 'admin/users');
 }