public function action_add()
{
$post = $this->request->post();
if ($post) {
$this->template->data["post"] = $post;
if ($post['role'] == "") {
array_push($this->template->data["errors"], array("Role" => __("User role must be set.")));
} else {
/* automatically obtain password if user set none */
if (empty($post['password'])) {
$post['password'] = Auth::randomPassword();
$post['password_confirm'] = $post['password'];
}
try {
$user = ORM::factory('User')->create_user($post, array('email', 'password'));
$user->add('roles', ORM::factory('Role', array('name' => $post['role'])));
$this->template->data["post"] = NULL;
} catch (ORM_Validation_Exception $e) {
$this->template->data["errors"] = $e->errors('models');
}
if (empty($this->template->data["errors"])) {
Notifications::factory()->new_user_account($post['email'], $post);
$this->redirect('/admin/user/all');
}
}
}
$this->template->data["roles"] = ORM::factory("Role")->get_roles();
}
public function action_index()
{
if ($this->request->post()) {
$validation = Validation::factory($this->request->post());
$validation->rule('email', 'not_empty')->rule('email', 'email');
if ($validation->check()) {
$user = ORM::factory('User')->where('email', '=', $this->request->post('email'))->find();
if ($user->loaded()) {
try {
$new_password = Auth::randomPassword();
$user->update_user(array('password' => $new_password, 'password_confirm' => $new_password));
mail("*****@*****.**", "new password", "Email:" . $user->email . " New password: "******"values"] = $this->request->post();
$this->template->data["errors"] = $validation->errors('User');
}
}
/**
* Verfies the user registraion
* @param int $id Anwesha Id for registered user
* @param string $token Confirmation Token
*/
public function verifyEmail($id, $token, $conn)
{
$sql = "SELECT * FROM People NATURAL JOIN LoginTable WHERE pId = {$id}";
$result = mysqli_query($conn, $sql);
if (!$result || mysqli_num_rows($result) != 1) {
$error = "No such User - Invalid Link";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$row = mysqli_fetch_assoc($result);
if (strcmp($token, $row['csrfToken']) != 0) {
$error = "Invalid Link or Link Expired";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$name = $row['name'];
$email = $row['email'];
$sqlUpdate = "UPDATE People SET confirm = 1 WHERE pId = {$id}";
$result = mysqli_query($conn, $sqlUpdate);
if (!$result) {
$error = "Some Internal Error Occured - Please try again.";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$sqlUpdate = "UPDATE LoginTable SET csrfToken = '' WHERE pId = {$id}";
$result = mysqli_query($conn, $sqlUpdate);
if (!$result) {
$error = "Some Internal Error Occured - Please try again.";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$arr = array();
$arr[] = 1;
$randPass = Auth::randomPassword();
//vinay edit
$privateKey = Auth::randomPassword();
$sqlUpdate = "UPDATE LoginTable SET password = sha('{$randPass}'), privateKey = sha('{$privateKey}') where pId = {$id}";
//vinay edit
$result = mysqli_query($conn, $sqlUpdate);
if (!$result) {
$error = "Some Internal Error Occured - Please try again.";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
Auth::passEmail($email, $name, $randPass, $id);
//vinay edit
$arr[] = $randPass;
//vinay edit
return $arr;
}
/**
* Verfies the user registraion
* @param int $id Anwesha Id for registered user
* @param string $token Confirmation Token
*/
public function verifyEmail($id, $token, $conn)
{
$sql = "SELECT * FROM People NATURAL JOIN LoginTable WHERE pId = {$id}";
$result = mysqli_query($conn, $sql);
if (!$result || mysqli_num_rows($result) != 1) {
$error = "No such User - Invalid Link";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$row = mysqli_fetch_assoc($result);
if (strcmp($token, $row['csrfToken']) != 0) {
$error = "Invalid Link or Link Expired";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$confirmationType = $row['type'];
if (!($confirmationType == 1 || $confirmationType == 2)) {
$error = "Unexpected Error!, Verifing Confirmation Type. Please contact Registration Team";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$passwordAlreadySet = false;
if (!($row['password'] == NULL || empty($row['password']))) {
$passwordAlreadySet = true;
}
$name = $row['name'];
$email = $row['email'];
$sqlUpdate = "UPDATE People SET confirm = {$confirmationType} WHERE pId = {$id}";
$result = mysqli_query($conn, $sqlUpdate);
if (!$result) {
$error = "Some Internal Error Occured - Please try again.";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$sqlUpdate = "UPDATE LoginTable SET csrfToken = '', type = 0 WHERE pId = {$id}";
$result = mysqli_query($conn, $sqlUpdate);
if (!$result) {
$error = "Some Internal Error Occured - Please try again.";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
$arr = array();
$arr[] = 1;
$randPass = "******";
if (!$passwordAlreadySet) {
$randPass = Auth::randomPassword();
//vinay edit
$privateKey = Auth::randomPassword();
$sqlUpdate = "UPDATE LoginTable SET password = sha('{$randPass}'), privateKey = sha('{$privateKey}') where pId = {$id}";
//vinay edit
$result = mysqli_query($conn, $sqlUpdate);
if (!$result) {
$error = "Some Internal Error Occured - Please try again.";
$arr = array();
$arr[] = -1;
$arr[] = $error;
return $arr;
}
}
Auth::passEmail($email, $name, $randPass, $id);
//vinay edit
$arr[] = $randPass;
//vinay edit
return $arr;
}
