/> <?php if ($domainUsersMode) { echo '@' . getConfiguration('default.domain'); } if (!$canUpdateEmail) { echo '<p class="description">' . _('Authentication policy does not allow you to change email account.') . '</p>'; } else { if ($domainUsersMode) { echo '<p class="description">' . _('Please use your company email, without the domain suffix.') . '</p>'; } } ?> </dd> <?php if (AuthHandler::getAuthMode() == AuthHandler::AUTH_MODE_PASS) { ?> <dd class="mandatory"> <label for="passw1"><?php echo _('Password'); ?> </label> <input class="textInput" id="passw1" name="passw1" type="password" size=20 value="" /> </dd> <dd class="mandatory"> <label for="passw2"><?php echo _('Confirm password'); ?> </label> <input class="textInput" id="passw2" name="passw2" type="password" size=20 value="" /> </dd>
AuthHandler::init(); // Initialize the ACL $acl = new SimpleAcl(); $acl->addRole(ROLE_GUEST); $acl->addRole(ROLE_AUTHORIZED_ACCESS, ROLE_GUEST); $acl->addRole(ROLE_IDENTIFIED, ROLE_GUEST); $acl->addRole(ROLE_IDENTIFIED_REGISTERED, ROLE_IDENTIFIED); $acl->addRole(ROLE_ADMINISTRATOR, ROLE_IDENTIFIED_REGISTERED); if (ENV === ENV_DEVELOPMENT) { $acl->addResource(ROLE_GUEST, array('webres.php', 'test.php')); } $acl->addResource(ROLE_GUEST, array('auth.php', 'optout.php')); if (getConfiguration('auth.mode') == AuthHandler::AUTH_MODE_PASS) { $acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'AddRideAll.php', 'GetRegionConfiguration.php')); } else { if (AuthHandler::getAuthMode() == AuthHandler::AUTH_MODE_TOKEN) { $acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'index.php', 'AddRideAll.php', 'feedback.php', 'SearchRides.php', 'GetRegionConfiguration.php')); } } $acl->addResource(ROLE_IDENTIFIED, array('join.php', 'help.php', 'index.php', 'feedback.php', 'logout.php', 'thanks.php', 'SearchRides.php', 'AddRideAll.php', 'GetRegionConfiguration.php')); $acl->addResource(ROLE_IDENTIFIED_REGISTERED, array('ActivateToggle.php', 'DeleteRide.php', 'ShowInterest.php')); // Content management $acl->addResource(ROLE_ADMINISTRATOR, array('translations.php')); // Enfore access control $role = AuthHandler::getRole(); $resource = Utils::getRunningScript(); if (!$acl->isAllowed($role, $resource)) { if ($role == ROLE_GUEST && $acl->isAllowed($role, 'auth.php')) { // Not allowed: if not logged in and allowed to - redirect to login page GlobalMessage::setGlobalMessage(_('Please login to access this page'), GlobalMessage::ERROR); Utils::redirect('auth.php', array('ref' => $resource));
if ($passw1 !== $passw2) { $valid = false; $messages[] = _("Password and confirmation field does not match"); } else { // Valid $password = Utils::hashPassword($passw1); } } } $contactId = AuthHandler::getLoggedInUserId(); // If this contact already exists, it must be an update $isUpdateContact = $contactId !== false; // If there are any rides assigned with this contact, it is an update $isUpdateRide = AuthHandler::isRideRegistered(); // XXX: Policy or something like that for the auth handler $canUpdateEmail = AuthHandler::getAuthMode() != AuthHandler::AUTH_MODE_LDAP; $action = $isUpdateRide ? 'update' : 'add'; if (RegionManager::getInstance()->isMultiRegion()) { if (!RegionManager::getInstance()->isValidRegion($region)) { $messages[] = _("Invalid region"); $valid = false; } } else { $region = RegionManager::getInstance()->getDefaultRegion(); } if ($valid) { $db = DatabaseHelper::getInstance(); try { if ($isUpdateRide) { $ride = $db->getRideProvidedByContactId($contactId); $rideId = $ride['Id'];