protected function getUserInfo($id)
{
$data = \Mod\User::i()->getUserInfo($id);
if (empty($data)) {
$_SESSION['userMsg'] = array('type' => 'danger', 'msg' => 'Cannot find user!');
header('Location: /users');
exit;
}
$user = array();
foreach ($data as $k => $v) {
$user[str_replace('user_', '', $k)] = $v;
}
return $user;
}
public function removeServer($id)
{
$server = control()->database()->search('server')->filterByServerId($id)->getRow();
if (!$server) {
return false;
}
//get users
$users = control()->database()->search('dev')->addInnerJoinOn('user', 'user_id = dev_user')->filterByDevServer($id)->getRows();
foreach ($users as $v) {
\Mod\User::i()->setUserId($v['user_id'])->removeUser($server['server_id']);
}
control()->database()->deleteRows('dev', array(array('dev_server=%s', $id)));
control()->database()->deleteRows('server', array(array('server_id=%s', $id)));
return true;
}
protected function saveServer($data, $id)
{
if ($id != $data['id']) {
$_SESSION['serverMsg'] = array('type' => 'danger', 'msg' => 'Something went wrong!');
header('Location: /server');
exit;
}
$fields = array('server_root' => $data['root'], 'server_name' => $data['name']);
if (trim($data['pass']) != '') {
$fields['server_pass'] = \Mod\User::i()->encode($data['pass']);
}
control()->database()->updateRows('server', $fields, array(array('server_id=%s', $id)));
$_SESSION['serverMsg'] = array('type' => 'success', 'msg' => 'Server updated successfully');
header('Location: /servers');
exit;
}
protected function verify($data, $userId)
{
if (!isset($data['password']) || !trim($data['password'])) {
$this->setVerifyMsg('Password invalid!', 'danger');
}
if (!isset($data['password_repeat']) || !trim($data['password_repeat'])) {
$this->setVerifyMsg('Password did not match!', 'danger');
}
if ($data['password'] != $data['password_repeat']) {
$this->setVerifyMsg('Password did not match!', 'danger');
}
$pass = \Mod\User::i()->encode($data['password']);
$fields = array('user_pass' => $pass, 'user_active' => 1);
$query = array(array('user_id=%s', $userId));
control()->database()->updateRows('user', $fields, $query);
$_SESSION['loginError'] = array('type' => 'success', 'msg' => 'Your account has been activated. You can now login using your username and password');
header('Location: /login');
exit;
}
protected function login($data)
{
$error = array();
if (!isset($data['email']) || !trim($data['email'])) {
$this->loginError(array('type' => 'danger', 'msg' => 'Email Address cannot be empty!'));
}
if (!isset($data['password']) || !trim($data['password'])) {
$this->loginError(array('type' => 'danger', 'msg' => 'Password is invalid!'));
}
$pass = \Mod\User::i()->encode($data['password']);
$email = control()->database()->bind($data['email']);
$account = control()->database()->search('user')->filterByUserPass($pass)->filterByUserActive(1)->addFilter('(user_email = ' . $email . ' OR user_name = ' . $email . ')')->getRow();
if (empty($account)) {
$this->loginError(array('type' => 'danger', 'msg' => 'Username and Password did not match'));
}
$_SESSION['user'] = $account;
header('Location: /');
exit;
}
public function getVariables()
{
if ($_SESSION['user']['user_role'] != 1 && isset($_SERVER['REDIRECT_URL'])) {
header('Location: /');
exit;
}
// get requested user Id
$this->userId = control()->registry()->get('request', 'variables', 0);
if (!$this->userId || !is_numeric($this->userId)) {
// throw a message
$this->addMessage('Unknown user. Please select users from the list below.', 'danger');
// redirect
control()->redirect('/users');
}
$detail = control()->database()->search('user')->setColumns('*')->addFilter('user_id=%s', $this->userId)->getRow();
// remove server from user
if (isset($_GET['remove']) && trim($_GET['remove'])) {
$stat = \Mod\User::i()->setUserId($this->userId)->removeUser($_GET['remove']);
if (!$stat) {
$_SESSION['userMsg'] = array('type' => 'danger', 'msg' => 'Something went wrong. Please try again!');
header('Location: /user/detail/' . $this->userId);
exit;
}
$_SESSION['userMsg'] = array('type' => 'success', 'msg' => 'Server has been removed');
header('Location: /user/detail/' . $this->userId);
exit;
}
$server = control()->database()->search('dev')->innerJoinOn('server', 'server_id=dev_server')->filterByDevUser($this->userId);
// Determine Current Page
$page = isset($_GET['page']) ? $_GET['page'] : 1;
// Get The Start In Query
$start = isset($_GET['page']) && $_GET['page'] != 1 ? ($_GET['page'] - 1) * self::RANGE : 0;
$totalServers = $server->getTotal();
$server = $server->setStart($start)->setRange(self::RANGE)->getRows();
$msg = array();
if (isset($_SESSION['userMsg']) && !empty($_SESSION['userMsg'])) {
$msg = $_SESSION['userMsg'];
unset($_SESSION['userMsg']);
}
return array('userMsg' => $msg, 'detail' => $detail, 'server' => $server, 'page' => $page, 'range' => self::RANGE, 'totalServers' => $totalServers);
}
protected function addUser($user)
{
// check data
// validate email email
if (!isset($user['email']) && !trim($user['email'])) {
$this->setMsg('Email is invalid!', 'danger');
}
if (!preg_match('/^[A-Za-z0-9\\._\\-]+\\@[A-Za-z0-9\\.\\-]+\\.[A-Za-z]{2,6}$/i', $user['email'])) {
$this->setMsg('Email is invalid!', 'danger');
}
$account = control()->database()->search('user')->filterByUserEmail($user['email'])->getRow();
if (!empty($account)) {
$this->setMsg('Email is already taken', 'danger');
}
// validate username
if (!isset($user['name']) || !trim($user['name'])) {
$this->setMsg('Username is invalid!', 'danger');
}
$account = control()->database()->search('user')->filterByUserName($user['name'])->getRow();
if (!empty($account)) {
$this->setMsg('Username is already taken', 'danger');
}
if (!isset($user['first']) || !trim($user['first'])) {
$this->setMsg('Please provide a firstname', 'danger');
}
if (!isset($user['last']) || !trim($user['last'])) {
$this->setMsg('Please provide a lastname', 'danger');
}
if (!isset($user['role']) || $user['role'] < 0 && $data['role'] > 1) {
$this->setMsg('Invalid role!', 'danger');
}
$user['status'] = '0';
$fields = array('user_email' => $user['email'], 'user_name' => $user['name'], 'user_first' => $user['first'], 'user_last' => $user['last'], 'user_role' => $user['role'], 'user_pass' => '', 'user_active' => $user['status']);
$token = \Mod\User::i()->encode($user['email']);
$html = '<h3>User Access Control Account Verification</h3>' . '<p>Hi ' . ucwords($user['first']) . ',</p><br>' . '<p>Please verify your account for User Access Control</p>' . '<p>To verify your account, Visit the link below and create your password.</p>' . '<p><a href="http://' . $_SERVER['HTTP_HOST'] . '/verify?token=' . $token . '">http://' . $_SERVER['HTTP_HOST'] . '/verify?token=' . $token . '</a></p>' . '<br>' . '<p>Thanks</p>' . '<p>Openovate Team</p>';
$account = control('system')->file(control()->path('config') . '/front/accounts.php')->getData();
control('mail')->smtp($account['host'], $account['email'], $account['pass'], $account['port'], true)->addTo($user['email'])->setSubject('Account Verification')->setBody($html, true)->send();
control()->database()->insertRow('user', $fields);
$this->setMsg('User ' . $user['name'] . ' has been created', 'success');
}
protected function addServer($data)
{
if (!isset($data['name']) || !trim($data['name'])) {
$this->setMsg('Server name is required!', 'danger');
}
if (!isset($data['root']) || !trim($data['root'])) {
$this->setMsg('Server username is invalid!', 'danger');
}
if (!isset($data['pass']) || !trim($data['pass'])) {
$this->setMsg('Password is invalid', 'danger');
}
if (!isset($data['ip']) || !trim($data['ip'])) {
$this->setMsg('Server IP is invalid!', 'danger');
}
$server = control()->database()->search('server')->filterByServerIp($data['ip'])->getRow();
if (!empty($server)) {
$this->setMsg('Server IP already exist!', 'danger');
}
$fields = array('server_name' => $data['name'], 'server_root' => $data['root'], 'server_pass' => \Mod\User::i()->encode($data['pass']), 'server_ip' => $data['ip']);
control()->database()->insertRow('server', $fields);
$id = control()->database()->getLastInsertedId();
\Mod\Server::i()->setId($id)->addServer();
$this->setMsg('Server added', 'success');
}
protected function addToServer($data)
{
if (!isset($data['user']) || !trim($data['user'])) {
die(json_encode(array('type' => 'danger', 'msg' => 'Something went wrong, reload the page and try again!!')));
}
if (!isset($data['server']) || empty($data['server'])) {
die(json_encode(array('type' => 'danger', 'msg' => 'Please select a server!')));
}
if (!is_array($data['server'])) {
die(json_encode(array('type' => 'danger', 'msg' => 'Something went wrong, reload the page and try again!')));
}
if (!isset($data['role']) || !trim($data['role'])) {
die(json_encode(array('type' => 'danger', 'msg' => 'Please select a role for the user!')));
}
if ($data['role'] < 1 && $data['role'] > 2) {
die(json_encode(array('type' => 'danger', 'msg' => 'Invalid role!')));
}
//get user information
$user = \Mod\User::i()->getUserInfo($data['user']);
if (empty($user)) {
die(json_encode(array('type' => 'danger', 'msg' => 'User does not exist!')));
}
if ($user['user_active'] != 1) {
die(json_encode(array('type' => 'danger', 'msg' => 'User is not active!')));
}
\Mod\User::i()->setUserId($data['user'])->addToServer($data['server'], $data['role']);
$_SESSION['userMsg'] = array('type' => 'success', 'msg' => 'User added to server successfully!');
die('Ok');
}
