function __construct()
{
// Only allow guests to view this page
parent::guestOnly();
/* Has the admin disabled user registrations? */
$disable = parent::getOption('disable-registrations-enable');
if ($disable) {
$this->error = sprintf('<div class="alert alert-block alert-error">%s</div>', _('<h4 class="alert-heading">Registrations disabled.</h4><p>Already have an account? <a href="login.php">Sign in here</a>!</p>'));
parent::displayMessage($this->error, true);
}
$this->use_emails = parent::getOption('email-as-username-enable');
$this->username_type = $this->use_emails ? 'email' : 'username';
// jQuery form validation
parent::checkExists();
// Generate a unique token for security purposes
parent::generateToken();
// Has the form been submitted?
if (!empty($_POST)) {
// Sign up form post data
foreach ($_POST as $field => $value) {
$this->settings[$field] = parent::secure($value);
}
$this->process();
}
if (isset($_GET['new_social'])) {
$this->error = sprintf('<div class="alert alert-success">%s</div>', _('We don\'t see you as a registered user. Perhaps you\'d like to sign up :)'));
}
parent::displayMessage($this->error, false);
}
function __construct()
{
// Assign their username to a variable
if (isset($_SESSION['jigowatt']['username'])) {
$this->user = $_SESSION['jigowatt']['username'];
}
// Are they clicking from an email?
if (isset($_GET['key'])) {
$this->key = parent::secure($_GET['key']);
$this->getKey();
// Do they want the key resent?
} else {
if (isset($_GET['resend']) && $_GET['resend'] == '1') {
$this->resendKey();
// Are they already signed in without a key?
} else {
if (isset($this->user) && !isset($this->key)) {
$this->signedIn();
} else {
header('location: home.php');
exit;
}
}
}
// Display any errors
parent::displayMessage($this->error, false);
}
function __construct()
{
if (isset($_POST['searchUsers'])) {
$this->searchUsers();
exit;
}
// jQuery form validation
parent::checkExists();
if (isset($_POST['add_user'])) {
$this->name = parent::secure($_POST['name']);
$this->username = parent::secure($_POST['username']);
$this->email = parent::secure($_POST['email']);
$this->password = substr(md5(rand() . rand()), 0, 6);
// Confirm all details are correct
$this->verify();
// Create the user
$this->adduser();
if (!empty($this->error)) {
parent::displayMessage($this->error);
} else {
echo $this->result;
}
exit;
}
}
private function grabCurrentUser()
{
$this->id = parent::secure($_GET['uid']);
$params = array(':user_id' => $this->id);
$stmt = parent::query("SELECT user_id, user_level, restricted, username, name, email FROM login_users WHERE user_id = :user_id;", $params);
if ($stmt->rowCount() < 1) {
parent::displayMessage("<div class='alert alert-danger'>" . _('No such user!') . "</div>");
}
foreach ($stmt->fetch(PDO::FETCH_ASSOC) as $field => $value) {
$this->options[$field] = $value;
}
}
function __construct()
{
// Once the form has been processed
if (!empty($_POST)) {
foreach ($_POST as $key => $value) {
$this->options[$key] = parent::secure($value);
}
// Validate fields
$this->validate();
// Process form
echo empty($this->error) ? $this->process() : $this->error;
exit;
}
}
function __construct()
{
// jQuery form validation
parent::checkExists();
if (isset($_POST['searchLevels'])) {
$this->searchLevels();
exit;
}
if (isset($_POST['add_level'])) {
$this->auth = parent::secure($_POST['auth']);
$this->level = parent::secure($_POST['level']);
// Confirm all details are correct
$this->verify();
// Create the level
$this->addlevel();
}
}
function __construct()
{
// Save level and auth
if (!empty($_GET['lid'])) {
$this->retrieveInfo();
}
if (isset($_POST['do_edit'])) {
foreach ($_POST as $key => $value) {
$this->options[$key] = parent::secure($value);
}
$this->options['level_disabled'] = !empty($_POST['disable']) ? 'checked' : '';
$this->options['welcome_email'] = !empty($_POST['welcome_email']) ? 'checked' : '';
// Validate fields
$this->validate();
}
if (!empty($this->error)) {
parent::displayMessage("<div class='alert alert-warning'>{$this->error}</div>", false);
}
if (!empty($this->result)) {
parent::displayMessage("<div class='alert alert-success'>{$this->result}</div>", false);
}
}
private function retrieveFields()
{
$params = array(':user_id' => $this->user_id);
$stmt = parent::query("SELECT `user_id`, `username`, `name`, `email` FROM `accounts` WHERE `user_id` = :user_id;", $params);
if ($stmt->rowCount() < 1) {
$this->error = sprintf('<div class="alert alert-warning">%s</div>', _('Sorry, that user does not exist.'));
parent::displayMessage($this->error, true);
return false;
}
foreach ($stmt->fetch(PDO::FETCH_ASSOC) as $field => $value) {
$this->settings[$field] = parent::secure($value);
}
}
public function modal_process()
{
if (isset($_POST['usernamemail'])) {
$usernamemail = parent::secure($_POST['usernamemail']);
// The input field wasn't filled out
if (empty($usernamemail)) {
$this->error = '<div class="alert alert-danger">' . _('Please enter your username or email address.') . '</div>';
} else {
$params = array(':usernameEmail' => $usernamemail);
$stmt = parent::query("SELECT * FROM `login_users` WHERE `username` = :usernameEmail OR `email` = :usernameEmail;", $params);
if ($stmt->rowCount() > 0) {
$row = $stmt->fetch();
// Reuse the email variable.
$email = $row['email'];
// Check that a recovery key doesn't already exist, if it does, remove it.
$params = array(':email' => $email);
$stmt = parent::query("SELECT * FROM `login_confirm` WHERE `email` = :email AND `type` = 'forgot_pw';", $params);
if ($stmt->rowCount() > 0) {
parent::query("DELETE FROM `login_confirm` WHERE email = :email AND `type` = 'forgot_pw';", $params);
}
// Generate a new recovery key
$key = md5(uniqid(mt_rand(), true));
$params = array(':email' => $email, ':key' => $key);
parent::query("INSERT INTO `login_confirm` (`email`, `key`, `type`) VALUES (:email, :key, 'forgot_pw');", $params);
$shortcodes = array('site_address' => SITE_PATH, 'full_name' => $row['name'], 'username' => $row['username'], 'reset' => SITE_PATH . "forgot.php?key={$key}");
$subj = parent::getOption('email-forgot-subj');
$msg = parent::getOption('email-forgot-msg');
// Send an email confirming their password reset
if (!parent::sendEmail($email, $subj, $msg, $shortcodes)) {
$this->error = '<div class="alert alert-danger">' . _('ERROR. Mail not sent') . '</div>';
} else {
$this->error = "<div class='alert alert-success'>" . _('We\'ve emailed you password reset instructions. Check your email.') . "</div>";
}
} else {
$this->error = '<div class="alert alert-danger">' . _('This account does not exist.') . '</div>';
}
}
echo $this->error;
}
}
