/** * AdminController::userAddEdit() * Add or Edit a user * @return void */ protected function userAddEdit($p_sMode = 'create') { $bEdit = $p_sMode == 'edit'; $oUser = new APP_Model_User(); $oForm = new PPI_Model_Form(); $oForm->init('admin_user_addedit'); //$oForm->setTinyMCE(true); $oForm->setFormStructure($oUser->getAdminAddEditFormStructure($p_sMode)); if ($oForm->isSubmitted()) { $aSubmitValues = $oForm->getSubmitValues(); // Edit mode to set the primary key so that it performs an update if ($bEdit && ($iUserID = $this->oInput->get($p_sMode)) > 0) { $aSubmitValues[$oUser->getPrimaryKey()] = $iUserID; } // Security check if ($bEdit && $this->getAuthData(false)->role_id < $aSubmitValues[$oUser->getPrimaryKey()]) { throw new PPI_Exception('Permission error: You cannot modify user privileges higher than your own.'); } // Unique field check $sUsernameField = $this->getConfig()->system->usernameField; $aUniqueFields = array('email'); if ($sUsernameField != 'email') { $aUniqueFields[] = $sUsernameField; } foreach ($aUniqueFields as $sUniqueField) { $aClause = array($sUniqueField . ' = ' . $oUser->quote($aSubmitValues[$sUsernameField])); // If we're editing a user, make sure we're not checking against that same user (eg: we don't change the value) if ($bEdit) { $aClause[] = $oUser->getPrimaryKey() . ' != ' . $oUser->quote($iUserID); } $aRecord = $oUser->getList(implode(' AND ', $aClause))->fetch(); if (!empty($aRecord)) { $oForm->setElementError($sUniqueField, 'Another user has this field, it must be unique'); } } // Main validation check if ($oForm->isValidated()) { // Put the record (insert/update) $oUser->putRecord($aSubmitValues); /* $aAuthData = $this->getAuthData(); foreach($aSubmitValues as $submitField => $submitValue) { $aAuthData[$submitField] = $submitValue; } $aAuthData['role_name'] = PPI_Helper_User::getRoleNameFromID($aAuthData['role_id']); $aAuthData['role_name_nice'] = PPI_Helper_User::getRoleNameNice($aAuthData['role_name']); $this->getSession()->setAuthData($aAuthData); */ $this->setFlashMessage('User account successfully ' . ($bEdit ? 'updated' : 'created') . '.'); $this->redirect('admin/user'); } } if ($bEdit === true) { if (($iUserID = $this->oInput->get('edit', 0)) < 1) { throw new PPI_Exception('Invalid User ID: ' . $iUserID); } // Set the defaults here $oForm->setDefaults($oUser->find($iUserID)); } $aViewVars = array('bEdit' => $bEdit, 'formBuilder' => $oForm->getRenderInformation()); $this->adminLoad('admin/user_addedit', $aViewVars); }
/** * Send the password recovery email to the user. * @param string $p_sEmail The Email Address * @param string $p_sSubject The Subject * @param string $p_sMessage The Message * @return boolean */ function sendRecoverEmail($p_aUser, $p_sSubject = '', $p_sMessage = '') { $oConfig = $this->getConfig(); if ($p_sSubject === '') { $p_sSubject = 'Password recovery'; } $sRecoveryCode = base64_encode(time()); if ($p_sMessage === '') { $p_sMessage = "Hi, {$p_aUser['first_name']}\n\nYou have requested a password recovery and your password has now been reset.\nPlease click the following verification link to reset your password.\n"; $p_sMessage .= $oConfig->system->base_url . 'user/recover/' . urlencode($sRecoveryCode); } $oEmail = new PPI_Model_Email_Advanced(); $oEmail->Subject = $p_sSubject; $oEmail->SetFrom($oConfig->system->adminEmail, $oConfig->system->adminName); $oEmail->AddAddress($p_aUser['email']); $oEmail->AltBody = $p_sMessage; $oEmail->MsgHTML($p_sMessage); // If the email sent successfully, if ($oEmail->Send()) { $oUser = new APP_Model_User(); $sPrimaryKey = $oUser->getPrimaryKey(); // Lets update the users record with their recovery_code $oUser->putRecord(array('recovery_code' => $sRecoveryCode, $sPrimaryKey => $p_aUser[$sPrimaryKey])); return true; } return false; }
/** * AdminController::userAddEdit() * Add or Edit a user * @return void */ private function userAddEdit($p_sMode = 'create') { if (($iSchoolID = $this->oInput->get('schoolid', 0)) < 1) { throw new PPI_Exception('Invalid School ID: ' . $iSchoolID); } $bEdit = $p_sMode == 'edit'; $oUser = new APP_Model_User(); $oForm = new PPI_Model_Form(); $oForm->init('admin_user_addedit'); //$oForm->setTinyMCE(true); $oForm->setFormStructure($oUser->getAdminAddEditFormStructure($p_sMode)); if ($oForm->isSubmitted() && $oForm->isValidated()) { $aSubmitValues = $oForm->getSubmitValues(); // Setting the school ID when we insert the user if (!$bEdit) { $aSubmitValues['school_id'] = $iSchoolID; } // Edit mode to set the primary key so that it performs an update if ($bEdit && ($iUserID = $this->oInput->get($p_sMode)) > 0) { $aSubmitValues[$oUser->getPrimaryKey()] = $iUserID; } // Put the record (insert/update) $oUser->putRecord($aSubmitValues); $this->_setFlashMessage('User account successfully ' . ($bEdit ? 'updated' : 'created') . '.'); $this->_redirect('admin/user/list/schoolid/' . $iSchoolID); } else { if ($bEdit === true) { if (($iUserID = $this->oInput->get('edit', 0)) < 1) { throw new PPI_Exception('Invalid User ID: ' . $iUserID); } // Set the defaults here $oForm->setDefaults($oUser->find($iUserID)); } $aViewVars = array('bEdit' => $bEdit, 'formBuilder' => $oForm->getRenderInformation(), 'leftMenu' => true); $this->loadSmarty('admin/user_addedit', $aViewVars); } }
/** * This function cannot be called directly, it must be extended by a child class and then called. * * @return void */ protected function register() { // If they are already logged in, send them to the postloginredirect location if ($this->isLoggedIn() === true) { $this->postLoginRedirect(); } // Init $oForm = new PPI_Model_Form(); $oUser = new APP_Model_User(); $oForm->init('user_register', '', 'post'); $oForm->setFormStructure($oUser->_registerFormStructure); // If the form has been submitted and has been validated if ($oForm->isSubmitted() && $oForm->isValidated()) { // Get the info from the form and pass it to the usermodel for insertion $oUser->putRecord($oForm->getSubmitValues()); // Redirect to the login page $this->redirect('user/login'); } $this->addStylesheet('formbuilder.css'); $this->addJavascript('jquery-validate/jquery.validate.min.js'); // show our registration page $this->load('user/register', array('formBuilder' => $oForm->getRenderInformation())); }