/** * insert user into elgg user table * * Get user info from db * Tries to insert, otherwise return error * * @return user */ function cas_insertUser($username, $casUser, $config) { // $name = $attr['cn']; // $uname = !empty($attr['textuid']) ? $attr['textuid'] : str_replace(".", "",$username); // $email = $attr['mail']; $name = $casUser->name; $uname = !empty($casUser->username) ? $casUser->username : $username; $email = $casUser->email; $password = md5($uname . $email); $user = new ElggUser(); $user->username = $uname; $user->email = $email; $user->name = $name; $user->access_id = 2; $user->salt = generate_random_cleartext_password(); // Note salt generated before password! $user->password = generate_user_password($user, $password); $user->save(); $guid = $user->guid; $obj = get_entity($guid); if (isset($config->casadminuser) && $config->casadminuser == $username) { if ($obj instanceof ElggUser && $obj->canEdit()) { $obj->admin = 'yes'; if ($obj->admin) { system_message(elgg_echo('admin:user:makeadmin:yes')); } else { register_error(elgg_echo('admin:user:makeadmin:no')); } } else { register_error(elgg_echo('admin:user:makeadmin:no')); } } return $user; }
public function testUpdateACL() { // another fake user to test with $user = new ElggUser(); $user->username = '******' . rand(); $user->email = '*****@*****.**' . rand(); $user->name = 'fake user'; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, rand()); $user->owner_guid = 0; $user->container_guid = 0; $user->save(); $acl_id = create_access_collection('test acl'); $member_lists = array(array($this->user->guid, $user->guid), array($user->guid), array($this->user->guid), array()); foreach ($member_lists as $members) { $result = update_access_collection($acl_id, $members); $this->assertTrue($result); if ($result) { $q = "SELECT * FROM {$this->dbPrefix}access_collection_membership\n\t\t\t\t\tWHERE access_collection_id = {$acl_id}"; $data = get_data($q); if (count($members) == 0) { $this->assertFalse($data); } else { $this->assertEqual(count($members), count($data)); } foreach ($data as $row) { $this->assertTrue(in_array($row->user_guid, $members)); } } } delete_access_collection($acl_id); $user->delete(); }
/** * Called before each test object. */ public function __construct() { $this->ia = elgg_set_ignore_access(TRUE); parent::__construct(); $this->user = new ElggUser(); $this->user->username = '******' . rand(); $this->user->email = '*****@*****.**'; $this->user->name = 'I am a Test User'; $this->user->access_id = ACCESS_PUBLIC; $this->user->salt = generate_random_cleartext_password(); $this->user->password = generate_user_password($this->user, "pass123"); $this->user->container_guid = 0; $this->user->owner_guid = 0; $this->user->save(); // all __construct() code should come after here $this->user2 = new ElggUser(); // generating API key $keypair = create_api_user($CONFIG->site_id); if ($keypair) { $this->apikey = new ElggObject(); $this->apikey->subtype = 'api_key'; $this->apikey->access_id = ACCESS_PUBLIC; $this->apikey->title = "User web services"; $this->apikey->public = $keypair->api_key; $this->apikey->save(); } }
/** * Set a user's password * * @return bool * @since 1.8.0 * @access private */ function elgg_set_user_password() { $current_password = get_input('current_password'); $password = get_input('password'); $password2 = get_input('password2'); $user_guid = get_input('guid'); if (!$user_guid) { $user = elgg_get_logged_in_user_entity(); } else { $user = get_entity($user_guid); } if ($user && $password) { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array('username' => $user->username, 'password' => $current_password); try { pam_auth_userpass($credentials); } catch (LoginException $e) { register_error(elgg_echo('LoginException:ChangePasswordFailure')); return false; } } try { $result = validate_password($password); } catch (RegistrationException $e) { register_error($e->getMessage()); return false; } if ($result) { if ($password == $password2) { $user->salt = generate_random_cleartext_password(); // Reset the salt $user->password = generate_user_password($user, $password); if ($user->save()) { system_message(elgg_echo('user:password:success')); return true; } else { register_error(elgg_echo('user:password:fail')); } } else { register_error(elgg_echo('user:password:fail:notsame')); } } else { register_error(elgg_echo('user:password:fail:tooshort')); } } else { // no change return null; } return false; }
/** * Create a fake user * * @return ElggUser */ public static function createUser() { $user = new ElggUser(); $user->username = '******' . rand(); $user->email = '*****@*****.**' . rand(); $user->name = 'fake user ' . rand(); $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, rand()); $user->owner_guid = 0; $user->container_guid = 0; $user->save(); return $user; }
/** * Called before each test object. */ public function __construct() { parent::__construct(); $this->user = new ElggUser(); $this->user->username = '******' . rand(); $this->user->email = '*****@*****.**' . rand(); $this->user->name = 'fake user ' . rand(); $this->user->access_id = ACCESS_PUBLIC; $this->user->salt = generate_random_cleartext_password(); $this->user->password = generate_user_password($this->user, rand()); $this->user->owner_guid = 0; $this->user->container_guid = 0; $this->user->save(); }
/** * {@inheritdoc} */ public function post(ParameterBag $params) { if (!elgg_get_config('allow_registration') && !elgg_trigger_plugin_hook('allow_registration', 'graph')) { throw new \RegistrationException(elgg_echo('registerdisabled'), 403); } $email = $params->email; $email_parts = explode('@', $params->email); $username = $params->username ?: Registration::generateUsername(); $password = $params->password ?: generate_random_cleartext_password(); $name = $params->name ?: array_shift($email_parts); $guid = register_user($username, $password, $name, $email); if (!$guid) { throw new RegistrationException(elgg_echo('registerbad')); } $new_user = get_entity($guid); $new_user->language = $params->language; $hook_params = array('user' => $new_user, 'password' => $password, 'friend_guid' => $this->graph->get($params->friend_uid)->guid, 'invitecode' => $params->invitecode); if (!elgg_trigger_plugin_hook('validate_registration', 'graph', null, true)) { // disable uservalidationbyemail elgg_unregister_plugin_hook_handler('register', 'user', 'uservalidationbyemail_disable_new_user'); } $ia = elgg_set_ignore_access(true); $params->guid = $new_user->guid; if (!isset($params->access_id)) { $params->access_id = ACCESS_PRIVATE; } $ctrl = new UserProfile($this->request, $this->graph); $ctrl->put($params); elgg_set_ignore_access($ia); $return = array('nodes' => array($new_user)); if (!elgg_trigger_plugin_hook('register', 'user', $hook_params, true)) { $ia = elgg_set_ignore_access(true); $new_user->delete(); elgg_set_ignore_access($ia); throw new RegistrationException(elgg_echo('registerbad')); } if ($params->notify) { $subject = elgg_echo('useradd:subject', array(), $new_user->language); $body = elgg_echo('useradd:body', array($name, elgg_get_site_entity()->name, elgg_get_site_entity()->url, $username, $password), $new_user->language); notify_user($new_user->guid, elgg_get_site_entity()->guid, $subject, $body); } return $return; }
/** * Set a user's password * * @return bool * @since 1.8.0 */ function elgg_set_user_password() { $current_password = get_input('current_password'); $password = get_input('password'); $password2 = get_input('password2'); $user_id = get_input('guid'); if (!$user_id) { $user = elgg_get_logged_in_user_entity(); } else { $user = get_entity($user_id); } if ($user && $password != "") { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array('username' => $user->username, 'password' => $current_password); if (!pam_auth_userpass($credentials)) { register_error(elgg_echo('user:password:fail:incorrect_current_password')); return false; } } if (strlen($password) >= 4) { if ($password == $password2) { $user->salt = generate_random_cleartext_password(); // Reset the salt $user->password = generate_user_password($user, $password); if ($user->save()) { system_message(elgg_echo('user:password:success')); return true; } else { register_error(elgg_echo('user:password:fail')); } } else { register_error(elgg_echo('user:password:fail:notsame')); } } else { register_error(elgg_echo('user:password:fail:tooshort')); } } else { // no change return null; } return false; }
/** * {@inheritdoc} */ protected function handle() { $admin = $this->option('admin'); $notify = $this->option('notify'); $email = $this->ask('Enter account email: '); list($username, ) = explode('@', $email, 2); $username = $this->ask("Enter account username [{$username}]: ", $username); $password = $this->ask('Enter account password (leave empty to autegenerate): ', null, true, false); if (empty($password)) { $password = generate_random_cleartext_password(); } $name = $this->ask("Enter account display name [{$username}]: ", $username); $guid = register_user($username, $password, $name, $email); $user = get_entity($guid); $user->admin_created = true; elgg_set_user_validation_status($user->guid, true, 'cli'); $params = ['user' => $user, 'password' => $password]; if (!elgg_trigger_plugin_hook('register', 'user', $params, TRUE)) { $ia = elgg_set_ignore_access(true); $user->delete(); elgg_set_ignore_access($ia); throw new RegistrationException(elgg_echo('registerbad')); } if ($admin) { $ia = elgg_set_ignore_access(true); $user->makeAdmin(); elgg_set_ignore_access($ia); } if ($notify) { $subject = elgg_echo('useradd:subject', array(), $user->language); $body = elgg_echo('useradd:body', array($name, elgg_get_site_entity()->name, elgg_get_site_entity()->url, $username, $password), $user->language); notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $body, ['password' => $password]); } if ($user->isAdmin()) { system_message("New admin user has been registered [guid: {$user->guid}]"); } else { system_message("New user has been registered [guid: {$user->guid}]"); } }
/** * Register a user in Elgg based on information provided by the Service Provider (SP). * * @param string $name the (display)name of the new user * @param string $email the email address of the user * @param string $saml_source the name of the SP this information came from * @param bool $validate do we need to validate the email address of this new users * @param string $username the username provided by the SP (optional) * * @return false|ElggUser */ function simplesaml_register_user($name, $email, $saml_source, $validate = false, $username = '') { if (empty($name) || empty($email) || empty($saml_source)) { return false; } // check which username to use if (!empty($username)) { // make sure the username is unique $username = simplesaml_generate_unique_username($username); } else { // create a username from email $username = simplesaml_generate_username_from_email($email); } if (empty($username)) { register_error(elgg_echo("registration:usernamenotvalid")); return false; } // generate a random password $password = generate_random_cleartext_password(); try { $user_guid = register_user($username, $password, $name, $email); if (empty($user_guid)) { return false; } $new_user = get_user($user_guid); if (!$validate) { // no need for extra validation. We trust this user elgg_set_user_validation_status($new_user->getGUID(), true, 'simplesaml'); } $params = ['user' => $new_user, 'password' => $password, 'friend_guid' => null, 'invitecode' => null]; if (!elgg_trigger_plugin_hook('register', 'user', $params, true)) { register_error(elgg_echo('registerbad')); } else { return $new_user; } } catch (Exception $e) { register_error($e->getMessage()); } return false; }
/** * Create a new user from Twitter information * * @param object $twitter Twitter OAuth response * @return ElggUser */ function twitter_api_create_user($twitter) { // check new registration allowed if (!twitter_api_allow_new_users_with_twitter()) { register_error(elgg_echo('registerdisabled')); forward(); } // Elgg-ify Twitter credentials $username = $twitter->screen_name; while (get_user_by_username($username)) { // @todo I guess we just hope this is good enough $username = $twitter->screen_name . '_' . rand(1000, 9999); } $password = generate_random_cleartext_password(); $name = $twitter->name; $user = new ElggUser(); $user->username = $username; $user->name = $name; $user->access_id = ACCESS_PUBLIC; $user->salt = _elgg_generate_password_salt(); $user->password = generate_user_password($user, $password); $user->owner_guid = 0; $user->container_guid = 0; if (!$user->save()) { register_error(elgg_echo('registerbad')); forward(); } return $user; }
/** * Insert user into elgg user table using info from ldap * Tries to insert, otherwise returns error * * @return user or error (false?) */ function cas_insertUser($username, $ldap_attributes, $config) { // name is 'cn' in ldap $name = $ldap_attributes['cn']; // remove periods from ldap username // ex. anthony.hopkins -> anthonyhopkins $uname = !empty($ldap_attributes['textUid']) ? $ldap_attributes['textUid'] : str_replace(".", "", $username); $email = $ldap_attributes['mail']; $user = new ElggUser(); $user->username = $uname; $user->email = $email; $user->name = $name; $user->access_id = 2; $user->salt = generate_random_cleartext_password(); // Note salt generated before password! // cas users don't need password stored locally // so create an invalid password // a real password can be saved at a later time if they become a local user $user->password = md5(time()); //generate_user_password($user, $password); // returns guid or false $guid = $user->save(); if (!$guid) { return false; } $obj = get_entity($guid); if (isset($config->casadminuser) && $config->casadminuser == $uname) { if ($obj instanceof \ElggUser) { //set context for permissions check elgg_push_context('au_cas_auth_make_admin'); if (make_user_admin($guid)) { system_message(elgg_echo('admin:user:makeadmin:yes')); } else { register_error(elgg_echo('admin:user:makeadmin:no')); } // set context back elgg_pop_context(); } else { register_error(elgg_echo('admin:user:makeadmin:no')); } } return $user; }
/** * Registers a user, returning false if the username already exists * * @param string $username The username of the new user * @param string $password The password * @param string $name The user's display name * @param string $email Their email address * @param bool $allow_multiple_emails Allow the same email address to be * registered multiple times? * @param int $friend_guid GUID of a user to friend once fully registered * @param string $invitecode An invite code from a friend * * @return int|false The new user's GUID; false on failure */ function register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') { // Load the configuration global $CONFIG; // no need to trim password. $username = trim($username); $name = trim(strip_tags($name)); $email = trim($email); // A little sanity checking if (empty($username) || empty($password) || empty($name) || empty($email)) { return false; } // Make sure a user with conflicting details hasn't registered and been disabled $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); if (!validate_email_address($email)) { throw new RegistrationException(elgg_echo('registration:emailnotvalid')); } if (!validate_password($password)) { throw new RegistrationException(elgg_echo('registration:passwordnotvalid')); } if (!validate_username($username)) { throw new RegistrationException(elgg_echo('registration:usernamenotvalid')); } if ($user = get_user_by_username($username)) { throw new RegistrationException(elgg_echo('registration:userexists')); } if (!$allow_multiple_emails && get_user_by_email($email)) { throw new RegistrationException(elgg_echo('registration:dupeemail')); } access_show_hidden_entities($access_status); // Create user $user = new ElggUser(); $user->username = $username; $user->email = $email; $user->name = $name; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); // Note salt generated before password! $user->password = generate_user_password($user, $password); $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created. $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created. $user->language = get_current_language(); $user->save(); // If $friend_guid has been set, make mutual friends if ($friend_guid) { if ($friend_user = get_user($friend_guid)) { if ($invitecode == generate_invite_code($friend_user->username)) { $user->addFriend($friend_guid); $friend_user->addFriend($user->guid); // @todo Should this be in addFriend? add_to_river('river/relationship/friend/create', 'friend', $user->getGUID(), $friend_guid); add_to_river('river/relationship/friend/create', 'friend', $friend_guid, $user->getGUID()); } } } // Turn on email notifications by default set_user_notification_setting($user->getGUID(), 'email', true); return $user->getGUID(); }
/** * Returns a secret key to sign ajax requests * @return string */ function elgg_tokeninput_get_secret() { $secret = elgg_get_plugin_setting('__secret', 'elgg_tokeninput'); if (!$secret) { $secret = generate_random_cleartext_password(); elgg_set_plugin_setting('__secret', $secret, 'elgg_tokeninput'); } return $secret; }
/** * Register a user in Elgg based on information provided by the Service Provider (SP). * * @param string $name the (display)name of the new user * @param string $email the email address of the user * @param string $saml_source the name of the SP this information came from * @param bool $validate do we need to validate the email address of this new users * @param string $username the username provided by the SP (optional) * * @return bool|ElggUser the new user, false on failure */ function simplesaml_register_user($name, $email, $saml_source, $validate = false, $username = "") { $result = false; if (!empty($name) && !empty($email) && !empty($saml_source)) { // check which username to use if (!empty($username)) { // make sure the username is unique $username = simplesaml_generate_unique_username($username); } else { // create a username from email $username = simplesaml_generate_username_from_email($email); } if (!empty($username)) { // generate a random password $password = generate_random_cleartext_password(); try { $user_guid = register_user($username, $password, $name, $email); if (!empty($user_guid)) { $new_user = get_user($user_guid); if (!$validate) { // no need for extra validation. We trust this user elgg_set_user_validation_status($new_user->getGUID(), true, "simplesaml"); } $params = array("user" => $new_user, "password" => $password, "friend_guid" => null, "invitecode" => null); if (!elgg_trigger_plugin_hook("register", "user", $params, true)) { register_error(elgg_echo("registerbad")); } else { $result = $new_user; } } } catch (Exception $e) { register_error($e->getMessage()); } } else { register_error(elgg_echo("registration:usernamenotvalid")); } } return $result; }
function import_to_stormpath() { $dbprefix = elgg_get_config('dbprefix'); $subject = elgg_get_plugin_setting('import_subject', PLUGIN_ID); $message = elgg_get_plugin_setting('import_message', PLUGIN_ID); $site = elgg_get_site_entity(); $site_url = elgg_get_site_url(); if (!$subject || !$message) { error_log('no subject/message'); return true; } if (is_elgg18()) { $name_id = add_metastring('__stormpath_user'); $value_id = add_metastring(1); } else { $name_id = elgg_get_metastring_id('__stormpath_user'); $value_id = elgg_get_metastring_id(1); } $options = array('type' => 'user', 'joins' => array("LEFT JOIN {$dbprefix}metadata md ON md.entity_guid = e.guid AND md.name_id = {$name_id}"), 'wheres' => array('md.name_id IS NULL'), 'limit' => false); $batch = new \ElggBatch('elgg_get_entities', $options); $batch->setIncrementOffset(false); foreach ($batch as $user) { // search stormpath for a matching account $application = get_application(); $accts = $application->getAccounts(array('email' => $user->email)); $already_exists = false; foreach ($accts as $a) { $user->__stormpath_user = $a->href; error_log('set user ' . $user->username . ': ' . $a->href); $already_exists = true; break; } if ($already_exists) { continue; } // change it locally $password = generate_random_cleartext_password(); $user->salt = _elgg_generate_password_salt(); $user->password = generate_user_password($user, $password); $user->save(); error_log('adding to stormpath ' . $user->email); $result = add_to_stormpath($user, $password); if ($result) { // notify them of the change // replace tokens in the message $message_m = str_replace('{{password}}', $password, $message); $message_m = str_replace('{{name}}', $user->name, $message_m); $message_m = str_replace('{{username}}', $user->username, $message_m); $message_m = str_replace('{{email}}', $user->email, $message_m); $message_m = str_replace('{{forgot_password}}', $site_url . 'forgotpassword', $message_m); $message_m = str_replace('{{site_email}}', $site->email, $message_m); $message_m = str_replace('{{site_url}}', $site_url, $message_m); notify_user($user->guid, $site->guid, $subject, $message_m, null, 'email'); } } }
/** * Create a user based on LinkedIn information * * @param string $token LinkedIn access token * * @return bool|ElggUser */ function socialink_linkedin_create_user($token) { if (empty($token) || !is_array($token)) { return false; } $keys = socialink_linkedin_available(); if (empty($keys)) { return false; } $keys["oauth_token"] = $token["oauth_token"]; $keys["oauth_secret"] = $token["oauth_token_secret"]; $api = socialink_linkedin_get_api_object($keys); if (empty($api)) { return false; } try { // get user data $response = $api->profile("~:(first-name,last-name,email-address)"); } catch (Exception $e) { } $api_result = socialink_linkedin_verify_response($response); if (empty($api_result)) { return false; } $api_result = json_decode($api_result); // build user information $name = $api_result->firstName . " " . $api_result->lastName; $email = $api_result->emailAddress; $pwd = generate_random_cleartext_password(); $username = socialink_create_username_from_email($email); // check email address if (get_user_by_email($email)) { register_error(elgg_echo("socialink:networks:create_user:error:email")); return false; } try { // register user $user_guid = register_user($username, $pwd, $name, $email); if (empty($user_guid)) { return false; } // show hidden entities $access = access_get_show_hidden_status(); access_show_hidden_entities(true); $user = get_user($user_guid); if (empty($user)) { access_show_hidden_entities($access); return false; } // save user tokens elgg_set_plugin_user_setting("linkedin_oauth_token", $token["oauth_token"], $user_guid, "socialink"); elgg_set_plugin_user_setting("linkedin_oauth_secret", $token["oauth_token_secret"], $user_guid, "socialink"); // no need for uservalidationbyemail elgg_unregister_plugin_hook_handler("register", "user", "uservalidationbyemail_disable_new_user"); // sync user data socialink_linkedin_sync_profile_metadata($user->getGUID()); // trigger hook for registration $params = array("user" => $user, "password" => $pwd, "friend_guid" => 0, "invitecode" => ""); if (elgg_trigger_plugin_hook("register", "user", $params, true) !== false) { // return the user access_show_hidden_entities($access); return $user; } // restore hidden entities access_show_hidden_entities($access); } catch (Exception $e) { } return false; }
$userlogin = str_replace(' ', '-', $user_profile->displayName); if (!$userlogin) { $userlogin = '******' . rand(10000, 99999); } while (get_user_by_username($userlogin)) { $userlogin = str_replace(' ', '-', $user_profile->displayName) . '-' . rand(1000, 9999); } $password = generate_random_cleartext_password(); $username = $user_profile->displayName; $useremail = $user_profile->email; $user = new ElggUser(); $user->username = $userlogin; $user->name = $username; $user->access_id = ACCESS_PUBLIC; $user->email = $user_profile->email; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, $password); $user->owner_guid = 0; $user->container_guid = 0; if (!$user->save()) { register_error(elgg_echo('registerbad')); } // register user && provider elgg_set_plugin_user_setting('uid', $user_uid, $user->guid, 'elgg_social_login'); elgg_set_plugin_user_setting('provider', $provider, $user->guid, 'elgg_social_login'); // notice && login if (elgg_get_plugin_setting("social_login_notify", "social_login") == "yes") { if (strtolower($provider) == "facebook" || strtolower($provider) == "linkedin") { if (empty($user->last_login)) { $message = elgg_echo('social:register:joined'); $adapter->setUserStatus($message);
/** * Validate and change password for a user. * * @param int $user_guid The user id * @param string $conf_code Confirmation code as sent in the request email. * @param string $password Optional new password, if not randomly generated. * * @return bool True on success */ function executeNewPasswordReset($user_guid, $conf_code, $password = null) { $user_guid = (int) $user_guid; $user = get_entity($user_guid); if ($password === null) { $password = generate_random_cleartext_password(); $reset = true; } else { $reset = false; } if (!$user instanceof \ElggUser) { return false; } $saved_code = $user->getPrivateSetting('passwd_conf_code'); $code_time = (int) $user->getPrivateSetting('passwd_conf_time'); $codes_match = _elgg_services()->crypto->areEqual($saved_code, $conf_code); if (!$saved_code || !$codes_match) { return false; } // Discard for security if it is 24h old if (!$code_time || $code_time < time() - 24 * 60 * 60) { return false; } if (!$this->forcePasswordReset($user, $password)) { return false; } remove_private_setting($user_guid, 'passwd_conf_code'); remove_private_setting($user_guid, 'passwd_conf_time'); // clean the logins failures reset_login_failure_count($user_guid); $ns = $reset ? 'resetpassword' : 'changepassword'; $message = _elgg_services()->translator->translate("email:{$ns}:body", array($user->username, $password), $user->language); $subject = _elgg_services()->translator->translate("email:{$ns}:subject", array(), $user->language); notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $message, array(), 'email'); return true; }
/** * Validate and execute a password reset for a user. * * @param int $user_guid The user id * @param string $conf_code Confirmation code as sent in the request email. * * @return mixed */ function execute_new_password_request($user_guid, $conf_code) { global $CONFIG; $user_guid = (int) $user_guid; $user = get_entity($user_guid); if ($user instanceof ElggUser) { $saved_code = $user->getPrivateSetting('passwd_conf_code'); if ($saved_code && $saved_code == $conf_code) { $password = generate_random_cleartext_password(); if (force_user_password_reset($user_guid, $password)) { remove_private_setting($user_guid, 'passwd_conf_code'); // clean the logins failures reset_login_failure_count($user_guid); $email = '<div style="color:#333;font-size:16px;">' . elgg_echo('email:resetpassword:body', array($user->name, $password)) . '</div>'; //return notify_user($user->guid, $CONFIG->site->guid, // elgg_echo('email:resetpassword:subject'), $email, array(), 'email'); $site_name = elgg_get_site_entity()->name; return zhgroups_send_email($site_name, $user->email, elgg_echo('email:resetpassword:subject', array($site_name)), $email); } } } return FALSE; }
/** * Log in a user with twitter. */ function twitter_api_login() { // sanity check if (!twitter_api_allow_sign_on_with_twitter()) { forward(); } $token = twitter_api_get_access_token(get_input('oauth_verifier')); if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) { register_error(elgg_echo('twitter_api:login:error')); forward(); } // attempt to find user and log them in. // else, create a new user. $options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0); $users = elgg_get_entities_from_plugin_user_settings($options); if ($users) { if (count($users) == 1 && login($users[0])) { system_message(elgg_echo('twitter_api:login:success')); // trigger login hook elgg_trigger_plugin_hook('login', 'twitter_api', array('user' => $users[0])); } else { system_message(elgg_echo('twitter_api:login:error')); } forward(); } else { // need Twitter account credentials elgg_load_library('twitter_oauth'); $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api'); $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api'); $api = new TwitterOAuth($consumer_key, $consumer_secret, $token['oauth_token'], $token['oauth_token_secret']); $twitter = $api->get('account/verify_credentials'); // backward compatibility for stalled-development Twitter Login plugin $user = FALSE; if ($twitter_user = get_user_by_username($token['screen_name'])) { if (($screen_name = $twitter_user->twitter_screen_name) && $screen_name == $token['screen_name']) { // convert existing account $user = $twitter_user; $forward = ''; } } // create new user if (!$user) { // check new registration allowed if (!twitter_api_allow_new_users_with_twitter()) { register_error(elgg_echo('registerdisabled')); forward(); } // trigger a hook for plugin authors to intercept if (!elgg_trigger_plugin_hook('new_twitter_user', 'twitter_service', array('account' => $twitter), TRUE)) { // halt execution register_error(elgg_echo('twitter_api:login:error')); forward(); } // Elgg-ify Twitter credentials $username = $twitter->screen_name; while (get_user_by_username($username)) { $username = $twitter->screen_name . '_' . rand(1000, 9999); } $password = generate_random_cleartext_password(); $name = $twitter->name; $user = new ElggUser(); $user->username = $username; $user->name = $name; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, $password); $user->owner_guid = 0; $user->container_guid = 0; if (!$user->save()) { register_error(elgg_echo('registerbad')); forward(); } // @todo require email address? $site_name = elgg_get_site_entity()->name; system_message(elgg_echo('twitter_api:login:email', array($site_name))); $forward = "settings/user/{$user->username}"; } // set twitter services tokens elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid); elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid); elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid); // pull in Twitter icon twitter_api_update_user_avatar($user, $twitter->profile_image_url); // login new user if (login($user)) { system_message(elgg_echo('twitter_api:login:success')); // trigger login hook for new user elgg_trigger_plugin_hook('first_login', 'twitter_api', array('user' => $user)); } else { system_message(elgg_echo('twitter_api:login:error')); } forward($forward, 'twitter_api'); } // register login error register_error(elgg_echo('twitter_api:login:error')); forward(); }
function social_connect_handle_authentication($user_profile, $provider) { global $CONFIG; global $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG; $ignore_access = elgg_get_ignore_access(); $provider_name = $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG[$provider]['provider_name']; $user_uid = $user_profile->identifier; // establish the value for the proceeding hook $default_proceed = elgg_get_plugin_setting("ha_settings_{$provider}_hook1_default", 'social_connect'); if (!$default_proceed || $default_proceed == 'global') { $default_proceed = elgg_get_plugin_setting('ha_settings_hook1_default', 'social_connect'); } if (!$default_proceed) { $default_proceed = SOCIAL_CONNECT_DEFAULT_PROCEED; } else { if ($default_proceed == 'true') { $default_proceed = true; } else { if ($default_proceed == 'false') { $default_proceed = false; } } } // the arguments for social connect events and hooks $args = array('mode' => null, 'userid' => $user_uid, 'provider' => $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG[$provider], 'user' => null, 'profile' => $user_profile); // look for users that have already connected via this plugin $options = array('type' => 'user', 'plugin_id' => 'social_connect', 'plugin_user_setting_name_value_pairs' => array("{$provider}/uid" => $user_uid), 'plugin_user_setting_name_value_pairs_operator' => 'AND', 'limit' => 0); $users = elgg_get_entities_from_plugin_user_settings($options); if (!$users) { // user has not connected with plugin before $args['mode'] = 'connect'; elgg_set_ignore_access(true); $proceed = elgg_trigger_plugin_hook('social_connect', 'user', $args, $default_proceed); elgg_set_ignore_access($ignore_access); if ($proceed === false) { // hook prevented social connection return; } else { if ($proceed === 'email' || $proceed === 'emailOnly') { // hook wants to try and connect via email address // check whether the user already exists with the email provided $useremail = $user_profile->email; if ($useremail && ($users = get_user_by_email($useremail))) { social_connect_user($user_uid, $users[0], $user_profile, $provider); system_message(sprintf(elgg_echo('social_connect:connect:ok'), $provider_name)); $args['mode'] = 'email'; $args['user'] = $users[0]; elgg_set_ignore_access(true); elgg_trigger_event('social_connect', 'user', $args); elgg_set_ignore_access($ignore_access); return; } if ($proceed === 'emailOnly') { // hook wants only email address connection or failure register_error(sprintf(elgg_echo('social_connect:connect:emailnotfound'), $proceed)); return; } } } // email connection not required or failed, so register a new user $userlogin = str_replace(' ', '', $user_profile->displayName); if (!$userlogin) { $userlogin = $provider . '_user_' . rand(1000, 9999); } $org_userlogin = $userlogin; while (get_user_by_username($userlogin)) { $userlogin = $org_userlogin . '_' . rand(1000, 9999); } unset($org_userlogin); $password = generate_random_cleartext_password(); $username = $user_profile->displayName; $user = new ElggUser(); $user->username = $userlogin; $user->name = $username; $user->email = $user_profile->email; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, $password); $user->owner_guid = 0; $user->container_guid = 0; if ($user->save()) { if ($user->email && elgg_get_plugin_setting('notify_new_user', 'social_connect')) { $email = elgg_echo('email:social_connect:body', array($userlogin, $password)); set_user_notification_setting($user->getGUID(), 'email', true); notify_user($user->guid, $CONFIG->site->guid, elgg_echo('email:social_connect:subject', array($provider_name)), $email, NULL, 'email'); } } else { register_error(sprintf(elgg_echo('social_connect:register:bad'), $provider_name) . elgg_echo("zhaohu:sorry")); elgg_log("ZHError social_connect:register:bad , userlogin {$userlogin}", "ERROR"); return; } system_message(sprintf(elgg_echo('social_connect:register:ok'), $provider_name)); social_connect_user($user_uid, $user, $user_profile, $provider); $args['mode'] = 'register'; $args['user'] = $user; elgg_set_ignore_access(true); elgg_trigger_event('social_connect', 'user', $args); elgg_set_ignore_access($ignore_access); } elseif (count($users) == 1) { // one user has already been registered on Elgg with this provider $args['mode'] = 'login'; $args['user'] = $users[0]; elgg_set_ignore_access(true); if (elgg_trigger_plugin_hook('social_connect', 'user', $args, (bool) $default_proceed)) { // if not, hook prevented social connection login($users[0]); system_message(sprintf(elgg_echo('social_connect:login:ok'), $provider_name)); } elgg_set_ignore_access($ignore_access); } else { throw new Exception(sprintf(elgg_echo('social_connect:login:bad'), $provider_name)); } }
/** * Used to create user with facebook data * * @access public * @param array $fbData facebook data of user * @return void */ function facebook_connect_create_update_user($fbData) { elgg_load_library('facebook'); // need facebook account credentials // backward compatibility for stalled-development FBConnect plugin $user = FALSE; $facebook_users = elgg_get_entities_from_metadata(array('type' => 'user', 'metadata_name_value_pairs' => array('name' => 'facebook_uid', 'value' => $fbData['user_profile']['id']))); if (is_array($facebook_users) && count($facebook_users) == 1) { // convert existing account $user = $facebook_users[0]; // remove unused metadata remove_metadata($user->getGUID(), 'facebook_uid'); remove_metadata($user->getGUID(), 'facebook_controlled_profile'); } // create new user if (!$user) { // check new registration allowed if (!facebook_connect_allow_new_users_with_facebook()) { register_error(elgg_echo('registerdisabled')); forward(); } $email = $fbData['user_profile']['email']; $users = get_user_by_email($email); if (!$users) { // Elgg-ify facebook credentials if (!empty($fbData['user_profile']['username'])) { $username = $fbData['user_profile']['username']; } else { $username = str_replace(' ', '', strtolower($fbData['user_profile']['name'])); } $usernameTmp = $username; while (get_user_by_username($username)) { $username = $usernameTmp . '_' . rand(1000, 9999); } $password = generate_random_cleartext_password(); $name = $fbData['user_profile']['name']; $user = new ElggUser(); $user->username = $username; $user->name = $name; $user->email = $email; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, $password); $user->owner_guid = 0; $user->container_guid = 0; $user->last_action = date("Y-m-d"); $user->last_login = date("Y-m-d"); $user->validated = 1; $user->validated_method = 'facebook'; $user->language = 'en'; if (!$user->save()) { register_error(elgg_echo('registerbad')); forward(); } else { // send mail to user send_user_password_mail($email, $name, $username, $password); // post status on facebook if (facebook_connect_allow_post_on_facebook()) { facebook_connect_post_status($fbData); } // pull in facebook icon $url = 'https://graph.facebook.com/' . $fbData['user_profile']['id'] . '/picture?type=large'; facebook_connect_update_user_avatar($user, $url); } } else { $user = $users[0]; } } // set facebook services tokens elgg_set_plugin_user_setting('uid', $fbData['user_profile']['id'], $user->guid); elgg_set_plugin_user_setting('access_token', $fbData['user_profile']['accessToken'], $user->guid); return $user; }
/** * Validates and prepares values for 'register' action * @return void */ function forms_register_prepare_action_values() { elgg_make_sticky_form('register'); $first_name = get_input('first_name'); $last_name = get_input('last_name'); $email = get_input('email', ''); $name = get_input('name'); $username = get_input('username'); $password = get_input('password'); list($email_username) = explode('@', $email); if (elgg_get_plugin_setting('first_last_name', 'forms_register') && !$name) { if (!$first_name || !$last_name) { register_error(elgg_echo('actions:register:error:first_last_name')); forward(REFERRER); } set_input('name', "{$first_name} {$last_name}"); } else { if (elgg_get_plugin_setting('autogen_name', 'forms_register') && !$name) { set_input('name', $email_username); } } if (elgg_get_plugin_setting('autogen_username', 'forms_register') && !$username) { $algo = elgg_get_plugin_setting('autogen_username_algo', 'forms_register', 'first_name_only'); switch ($algo) { case 'first_name_only': $username = $first_name ?: $email_username; break; case 'full_name': $username = $first_name && $last_name ? "{$first_name}.{$last_name}" : $email_username; break; case 'email': $username = $email_username; break; case 'alnum': $username = ''; break; } $username = forms_register_generate_username($username); set_input('username', $username); } if (elgg_get_plugin_setting('autogen_password', 'forms_register')) { $password = generate_random_cleartext_password(); set_input('password', $password); set_input('password2', $password); } else { if ($min_strength = elgg_get_plugin_setting('min_password_strength', 'forms_register')) { // @todo: add other user inputs $zxcvbn = new \ZxcvbnPhp\Zxcvbn(); $strength = $zxcvbn->passwordStrength($password); if ($strength < $min_strength) { register_error(elgg_echo('actions:register:error:password_strength')); forward(REFERER); } } if (elgg_get_plugin_setting('hide_password_repeat', 'forms_register')) { set_input('password2', $password); } } }
/** * Registers a user, returning false if the username already exists * * @param string $username The username of the new user * @param string $password The password * @param string $name The user's display name * @param string $email Their email address * @param bool $allow_multiple_emails Allow the same email address to be registered multiple times? * @param int $friend_guid Optionally, GUID of a user this user will friend once fully registered * @return int|false The new user's GUID; false on failure */ function register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '') { // Load the configuration global $CONFIG; $username = trim($username); $password = trim($password); $name = trim($name); $email = trim($email); // A little sanity checking if (empty($username) || empty($password) || empty($name) || empty($email)) { return false; } // See if it exists and is disabled $access_status = access_get_show_hidden_status(); access_show_hidden_entities(true); // Validate email address if (!validate_email_address($email)) { throw new RegistrationException(elgg_echo('registration:emailnotvalid')); } // Validate password if (!validate_password($password)) { throw new RegistrationException(elgg_echo('registration:passwordnotvalid')); } // Validate the username if (!validate_username($username)) { throw new RegistrationException(elgg_echo('registration:usernamenotvalid')); } // Check to see if $username exists already if ($user = get_user_by_username($username)) { //return false; throw new RegistrationException(elgg_echo('registration:userexists')); } // If we're not allowed multiple emails then see if this address has been used before if (!$allow_multiple_emails && get_user_by_email($email)) { throw new RegistrationException(elgg_echo('registration:dupeemail')); } access_show_hidden_entities($access_status); // Check to see if we've registered the first admin yet. // If not, this is the first admin user! $admin = datalist_get('admin_registered'); // Otherwise ... $user = new ElggUser(); $user->username = $username; $user->email = $email; $user->name = $name; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); // Note salt generated before password! $user->password = generate_user_password($user, $password); $user->owner_guid = 0; // Users aren't owned by anyone, even if they are admin created. $user->container_guid = 0; // Users aren't contained by anyone, even if they are admin created. $user->save(); // If $friend_guid has been set, make mutual friends if ($friend_guid) { if ($friend_user = get_user($friend_guid)) { if ($invitecode == generate_invite_code($friend_user->username)) { $user->addFriend($friend_guid); $friend_user->addFriend($user->guid); } } } global $registering_admin; if (!$admin) { $user->admin = true; datalist_set('admin_registered', 1); $registering_admin = true; } else { $registering_admin = false; } // Turn on email notifications by default set_user_notification_setting($user->getGUID(), 'email', true); return $user->getGUID(); }
function pleio_api_change_setting($name = "", $password = "", $language = "", $email = "") { $fail = false; $dirty = false; $user = elgg_get_logged_in_user_entity(); if ($language && $language != $user->language && array_key_exists($language, get_installed_translations())) { $user->language = $language; $dirty = true; } if ($email && $email != $user->email) { if (!is_email_address($email)) { $fail = elgg_echo('email:save:fail'); } else { if (!get_user_by_email($email)) { $user->email = $email; $dirty = true; } else { $fail = elgg_echo('registration:dupeemail'); } } } if ($name && $name != $user->name) { $name = strip_tags($name); if (elgg_strlen($name) > 50) { $fail = elgg_echo('user:name:fail'); } else { $user->name = $name; $dirty = true; } } if ($password) { try { $result = validate_password($password); if ($result) { $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, $password); $dirty = true; } else { $fail = elgg_echo('user:password:fail'); } } catch (RegistrationException $e) { $fail = $e->getMessage(); } } if ($fail) { return new ErrorResult($fail); } else { if ($dirty) { if ($user->canEdit() && $user->save()) { return new SuccessResult("Instellingen opgeslagen"); } else { return new ErrorResult("Opslaan mislukt"); } } else { return new SuccessResult("Instellingen niet gewijzigd"); } } return new ErrorResult("Niets gewijzigd"); }
<?php $anchor1 = elgg_view('output/url', ['text' => 'Simple anchor', 'href' => '#anchor']); $anchor2 = elgg_view('output/url', ['text' => 'Icon anchor', 'href' => 'http://elgg.org/', 'icon' => 'external-link', 'target' => '_blank']); $query = []; for ($i = 0; $i < 50; $i++) { $query['q'][$i] = generate_random_cleartext_password(); } $anchor3 = elgg_view('output/url', ['href' => elgg_http_add_url_query_elements(current_page_url(), $query), 'icon' => 'globe', 'title' => 'Very long URL']); $anchor4 = elgg_view('output/url', ['href' => '#anchor2', 'text' => 'Image anchor', 'icon' => elgg_view('output/img', ['src' => elgg_get_simplecache_url('graphics/favicon-16.png'), 'alt' => 'favicon'])]); $anchor5 = elgg_view('output/url', ['href' => '#anchor3', 'text' => 'Anchor with badge', 'icon' => 'bank', 'badge' => '$500']); ?> <p>Lorem ipsum dolor sit amet (<?php echo $anchor1; ?> ) adipiscing elit. Nullam dignissim convallis est. Quisque aliquam. Donec faucibus. Nunc iaculis suscipit dui. Nam sit amet sem. Aliquam <?php echo $anchor5; ?> libero nisi, imperdiet at, tincidunt nec, gravida vehicula, nisl. Praesent mattis, massa quis luctus <?php echo $anchor2; ?> , turpis mi volutpat justo, eu volutpat enim diam eget metus. Maecenas ornare tortor. Donec sed tellus eget sapien <?php echo $anchor3; ?> nonummy. Mauris a ante. Suspendisse quam sem,
/** * Create a user based on Facebook information * * @param string $token Facebook access token * * @return bool|ElggUser */ function socialink_facebook_create_user($token) { if (empty($token)) { return false; } if (!socialink_facebook_available()) { return false; } $session = new Facebook\FacebookSession($token); if (empty($session)) { return false; } $request = new FaceBook\FacebookRequest($session, "GET", "/me"); // set correct proxy settings (if needed) $curl_http_client = socialink_facebook_get_curl_http_client(); $request->setHttpClientHandler($curl_http_client); try { $api_result = $request->execute()->getGraphObject(Facebook\GraphUser::className()); } catch (Exception $e) { } if (empty($api_result)) { return false; } // get user information $name = $api_result->getName(); $email = $api_result->getEmail(); if (get_user_by_email($email)) { register_error(elgg_echo("socialink:networks:create_user:error:email")); return false; } $pwd = generate_random_cleartext_password(); $username = socialink_create_username_from_email($email); try { $user_guid = register_user($username, $pwd, $name, $email); if (empty($user_guid)) { return false; } // show hidden entities $access = access_get_show_hidden_status(); access_show_hidden_entities(true); $user = get_user($user_guid); if (empty($user)) { access_show_hidden_entities($access); return false; } // register user's access tokens elgg_set_plugin_user_setting("facebook_access_token", $token, $user_guid, "socialink"); elgg_set_plugin_user_setting("facebook_user_id", $api_result->getId(), $user_guid, "socialink"); // no need for uservalidationbyemail elgg_unregister_plugin_hook_handler("register", "user", "uservalidationbyemail_disable_new_user"); // sync user data socialink_facebook_sync_profile_metadata($user->getGUID()); // trigger hook for registration $params = array("user" => $user, "password" => $pwd, "friend_guid" => 0, "invitecode" => ""); if (elgg_trigger_plugin_hook("register", "user", $params, true) !== false) { access_show_hidden_entities($access); // return the user return $user; } // restore hidden entities access_show_hidden_entities($access); } catch (Exception $e) { } return false; }
<?php /** * Reset a user's password. * * This is an admin action that generates a new salt and password * for a user, then emails the password to the user's registered * email address. * * NOTE: This is different to the "reset password" link users * can use in that it does not first email the user asking if * they want to have their password reset. * * @package Elgg.Core * @subpackage Administration.User */ $guid = get_input('guid'); $user = get_entity($guid); if ($user instanceof ElggUser && $user->canEdit()) { $password = generate_random_cleartext_password(); if (force_user_password_reset($user->guid, $password)) { system_message(elgg_echo('admin:user:resetpassword:yes')); notify_user($user->guid, elgg_get_site_entity()->guid, elgg_echo('email:resetpassword:subject'), elgg_echo('email:resetpassword:body', array($user->username, $password)), array(), 'email'); } else { register_error(elgg_echo('admin:user:resetpassword:no')); } } else { register_error(elgg_echo('admin:user:resetpassword:no')); } forward(REFERER);
/** * Log in a user with facebook. */ function facebook_connect_login() { global $CONFIG; elgg_load_library('facebook'); // sanity check if (!facebook_connect_allow_sign_on_with_facebook()) { forward(); } $facebook = facebookservice_api(); $access_token = $facebook->getAccessToken(); // Get User ID $userID = $facebook->getUser(); if ($userID) { try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); $userID = null; register_error(elgg_echo('facebook_connect:login:error')); forward(); } } else { system_message(elgg_echo('loginerror')); forward(); } // attempt to find user and log them in. // else, create a new user. $options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('uid' => $userID, 'access_token' => $access_token), 'plugin_user_setting_name_value_pairs_operator' => 'OR', 'limit' => 0); $users = elgg_get_entities_from_plugin_user_settings($options); if (!empty($users)) { if (count($users) == 1 && login($users[0])) { system_message(elgg_echo('facebook_connect:login:success')); elgg_set_plugin_user_setting('access_token', $access_token, $users[0]->guid); if (empty($users[0]->email)) { $data = $facebook->api('/me'); $email = $data['email']; $user = get_entity($users[0]->guid); $user->email = $email; $user->save(); } } else { system_message(elgg_echo('facebook_connect:login:error')); } forward(); } else { // need facebook account credentials $data = $facebook->api('/me'); // backward compatibility for stalled-development FBConnect plugin $user = FALSE; $facebook_users = elgg_get_entities_from_metadata(array('type' => 'user', 'metadata_name_value_pairs' => array('name' => 'facebook_uid', 'value' => $userID))); if (is_array($facebook_users) && count($facebook_users) == 1) { // convert existing account $user = $facebook_users[0]; login($user); // remove unused metadata remove_metadata($user->getGUID(), 'facebook_uid'); remove_metadata($user->getGUID(), 'facebook_controlled_profile'); } // create new user if (!$user) { // check new registration allowed if (!facebook_connect_allow_new_users_with_facebook()) { register_error(elgg_echo('registerdisabled')); forward(); } $userSave = 0; $email = $data['email']; $users = get_user_by_email($email); if (!$users) { // Elgg-ify facebook credentials $username = str_replace(' ', '', strtolower($data['name'])); while (get_user_by_username($username)) { $username = str_replace(' ', '', strtolower($data['name'])) . '_' . rand(1000, 9999); } $permissions = $facebook->api("/me/permissions"); if (array_key_exists('publish_stream', $permissions['data'][0])) { $postWall = true; } else { $postWall = false; } $password = generate_random_cleartext_password(); $name = $data['name']; $user = new ElggUser(); $user->username = $username; $user->name = $name; $user->email = $email; $user->location = $data['locate']; $user->website = $data['link']; $user->access_id = ACCESS_PUBLIC; $user->salt = generate_random_cleartext_password(); $user->password = generate_user_password($user, $password); $user->owner_guid = 0; $user->container_guid = 0; if ($postWall) { $user->post_wall = true; } $userSave = 1; } else { $user = $users[0]; } $site = elgg_get_site_entity(); if ($postWall) { $message = $user->name . ' just synchronized Facebook account with ' . $site->name; $params = array('link' => elgg_get_site_url(), 'message' => $message, 'picture' => elgg_get_site_url() . '_graphics/elgg_logo.png', 'description' => $site->name . ' is the social network for connecting people.'); $status = $facebook->api('/me/feed', 'POST', $params); } if ($userSave) { $userGuid = $user->save(); if (!$userGuid) { register_error(elgg_echo('registerbad')); forward(); } send_user_password_mail($email, $name, $username, $password); $forward = "profile/{$user->username}"; } else { $forward = ""; } } // set facebook services tokens elgg_set_plugin_user_setting('uid', $userID, $user->guid); elgg_set_plugin_user_setting('access_token', $access_token, $user->guid); // pull in facebook icon $url = 'https://graph.facebook.com/' . $userID . '/picture?type=large'; facebook_connect_update_user_avatar($user, $url); // login new user if (login($user)) { system_message(elgg_echo('facebook_connect:login:success')); } else { system_message(elgg_echo('facebook_connect:login:error')); } forward($forward, 'facebook_connect'); } // register login error register_error(elgg_echo('facebook_connect:login:error')); forward(); }