public static function users_from_group($group_name)
{
$groups = array_map(function ($group) {
return $group->id;
}, Group::where('name', 'LIKE', '%' . $group_name . '%')->get());
return static::with('group')->where_in('group_id', $groups)->order_by('username', 'asc')->get();
}
public function postVerify()
{
$this->beforeFilter('admin');
$request = Input::get('request');
$status = Input::get('status');
if (!Group::isValidStatus($status)) {
throw new \Exception("Invalid value for verify request");
}
$group = Group::where('id', '=', $request['id'])->first();
if (!$group) {
throw new \Exception("Invalid Group");
}
$group->status = $status;
DB::transaction(function () use($group) {
$group->save();
switch ($group->status) {
case Group::STATUS_ACTIVE:
$group->createRbacRules();
break;
case Group::STATUS_PENDING:
$group->destroyRbacRules();
break;
}
});
return Response::json($group);
}
public function getIndex()
{
Allow::permission($this->module['group'], 'users');
## Фильтр юзеров по группе
$group = false;
$group_id = Input::get('group_id');
$group_name = Input::get('group');
$users = new User();
## Обрабатываем условия фильтра
if ($group_id != '' && !is_null($group = Group::where('id', $group_id)->first())) {
$users = $users->where('group_id', $group->id);
} elseif ($group_name != '' && !is_null($group = Group::where('name', $group_name)->first())) {
$users = $users->where('group_id', $group->id);
}
#else
# $users = User::all();
if (!Allow::superuser()) {
$users = $users->where('group_id', '!=', 1);
}
$users = $users->get();
#Helper::tad($users);
if (@(!is_object($group))) {
$group = Group::firstOrNew(array('id' => 0));
}
$groups = Group::all();
$groups_ids = array();
foreach ($groups as $grp) {
$groups_ids[] = $grp->id;
}
return View::make($this->module['tpl'] . 'index', compact('group', 'users', 'groups', 'groups_ids'));
}
public function createFile()
{
$dbFile = new DBFile();
$dbFile->name = Input::get('filename');
$dbFile->path = "";
$dbFile->uploader = Auth::user()->id;
$dbFile->size = "Unknown";
$dbFile->content = "";
$dbFile->filetype = Input::get('filetype');
$uploaded = $dbFile->save();
$allowEditing = Input::get('allowediting');
$post = new Post();
$grp = Group::where('uid', '=', Input::get('uid'))->first();
$filelist = unserialize($grp->files);
array_push($filelist, $dbFile->id);
$grp->files = serialize($filelist);
$grp->save();
$post->parent = $grp->id;
$post->title = Auth::user()->firstname . ' ' . Auth::user()->lastname . ' has created a new file.';
if ($allowEditing) {
$post->content = 'A new file named \'' . $dbFile->name . '\' has been created. Click <a href="' . URL::to('g/' . $grp->uid . '/edit/' . $dbFile->id) . '">here</a> to edit it.';
} else {
$post->content = 'A new file named \'' . $dbFile->name . '\' has been created. Click <a href="' . URL::to('g/' . $grp->uid . '/view/' . $dbFile->id) . '">here</a> to view it.';
}
$post->creator = Auth::user()->id;
$post->save();
if ($uploaded) {
return Redirect::to('g/' . Input::get('uid') . '/edit/' . $dbFile->id);
} else {
return Response::jscon('error', 400);
}
}
/**
* Get the guest's group, containing only the 'guests' group model.
*
* @return Group
*/
public function getGroupsAttribute()
{
if (!isset($this->attributes['groups'])) {
$this->attributes['groups'] = $this->relations['groups'] = Group::where('id', Group::GUEST_ID)->get();
}
return $this->attributes['groups'];
}
public static function parseQuestionStore($file, $schoolID, $returnFile = false)
{
$file = explode("\n", $file);
$fileLength = count($file);
$origMarks = array();
for ($lineI = 0; $lineI < $fileLength; ++$lineI) {
$file[$lineI] = explode("|", $file[$lineI]);
$lineLength = count($file[$lineI]);
for ($i = 0; $i < $lineLength; ++$i) {
$valueLength = $valueIndex = strlen($file[$lineI][$i]);
if ($valueLength) {
while ($file[$lineI][$i][--$valueIndex] == '\\') {
}
if (($valueLength - $valueIndex + 1) % 2) {
$file[$lineI][$i] = substr($file[$lineI][$i], 0, $valueLength - 1) . "|" . $file[$lineI][$i + 1];
//Move all of the remaining values back.
for ($innerI = $i + 1; $innerI < $lineLength - 1; ++$innerI) {
$file[$lineI][$innerI] = $file[$lineI][$innerI + 1];
}
array_pop($file[$lineI]);
--$i;
--$lineLength;
}
}
}
//Line has been completed.
//Does it have 4 entries only?
if ($lineLength != 4) {
return array(false, "Question {$lineI} must have 4 values.");
}
//First is Q?
if ($file[$lineI][0] != "Q") {
return array(false, "The first value of question {$lineI} must be 'Q'.");
}
//All in second value are valid group names for the given schoolID.
$file[$lineI][1] = explode(',', $file[$lineI][1]);
$groupsLength = count($file[$lineI][1]);
$groupRecords = array();
for ($i = 0; $i < $groupsLength; ++$i) {
if (is_null(Group::where('school_id', '=', $schoolID)->where('name', '=', $file[$lineI][1][$i])->first())) {
return array(false, "Question {$lineI} contains invalid group {$file[$lineI][1][$i]}.");
}
foreach ($groupRecords as $groupRecord) {
if ($groupRecord == $file[$lineI][1][$i]) {
return array(false, "In question {$lineI}, the group {$groupRecord} cannot be repeated.");
}
}
$groupRecords[] = $file[$lineI][1][$i];
}
if (in_array($file[$lineI][2], $origMarks)) {
return array(false, "In question {$lineI}, the original mark {$file[$lineI][2]} already exists.");
}
$origMarks[] = $file[$lineI][2];
}
if ($returnFile) {
return array(true, $file);
}
return array(true);
}
/**
* Show the form for editing the specified resource.
*
* @param int $id
* @return Response
*/
public function edit($id)
{
//get the nerd
$nerd = Nerd::find($id);
$group_options = Group::where('active', '=', 1)->lists('group_name', 'id');
//show the edit view and pass the nerd to it
return View::make('nerds.edit')->with('nerd', $nerd)->with('group_options', $group_options);
}
public function viewGroup($name, $mode = 'default')
{
$group = Group::where('group_name', $name)->firstOrFail();
$subscription = Gsub::where('user_fp', self::userFp())->where('group_name', $name)->first();
$subscribers = Gsub::where('group_name', $name)->count();
$subscribers = DB::table('gsubs')->where('gsubs.group_name', $name)->join('users', 'users.user_fp', '=', 'gsubs.user_fp')->select('gsubs.id', 'users.*')->get();
return View::make('board.group', ['mode' => $mode, 'posts' => Post::group($name, $mode, self::getBL()), 'subscription' => $subscription, 'subscribers' => $subscribers, 'group' => $group]);
}
public function show($id)
{
if (Auth::user()->is_admin) {
$grupo = Group::where('id', $id)->first();
return View::make('grupos.show')->with('grupo', $grupo);
}
return Redirect::to('/inicio');
}
public function showFellowSelect($city_id)
{
$fellowName = "Propel Fellow";
$home = new HomeController();
$year = $home->get_year();
$fellows = Group::where('name', '=', $fellowName)->first()->fellow()->distinct()->where('city_id', '=', $city_id)->where('year', '=', $year)->where('status', '=', '1')->where('user_type', '=', 'volunteer')->get();
//return $fellows;
return View::make('city.select-fellow')->with('fellows', $fellows);
}
public function findGroupByID($group_id)
{
$group = \Group::where('id', '=', $group_id)->first();
if ($group) {
return $group;
} else {
return false;
}
}
private static function statGroups()
{
$groups = DB::table('posts')->where('parent_id', '=', 0)->where('timestamp', '>', Carbon\Carbon::now()->subMonth())->whereIn('group_name', Group::where('is_featured', 1)->lists('group_name'))->lists('group_name');
$result = [];
foreach ($groups as $g) {
$result[$g] = Post::where('group_name', '=', $g)->count();
}
arsort($result);
return array_slice($result, 0, 30);
}
public function getGroupverifications()
{
$user = Auth::user();
if (!$user->can('admin_verify_users')) {
return Redirect::to('/dashboard')->with('message', "You do not have permission");
}
$groups = Group::where('status', '!=', Group::STATUS_ACTIVE)->get();
$data = array('page_id' => 'verify_groups', 'page_title' => 'Verify Groups', 'requests' => $groups);
return View::make('dashboard.verify-group', $data);
}
public function subscriberCounterStat()
{
$count = 0;
$subscriber = Group::where('name', 'LIKE', '%ubscrib%')->first();
if ($subscriber) {
$related = Groups::getRelationProvider()->createModel()->where('group_id', '=', $subscriber->id);
$count = count($related->get());
}
$this->widgetData = array('count' => $count);
$this->setupWidgetLayout(__METHOD__);
}
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
DB::table('user_group')->delete();
$lukas = User::where('username', '=', 'Lukas Bindreiter')->firstOrFail();
$philipp = User::where('username', '=', 'Philipp Hofer')->firstOrFail();
$megacities = Group::where('name', '=', 'Megacities')->firstOrFail()->id;
$house = Group::where('name', '=', 'House, mouse ...')->firstOrFail()->id;
$ly = Group::where('name', '=', 'Last year')->firstOrFail()->id;
$lukas->groups()->sync(array($megacities, $house));
$philipp->groups()->sync(array($megacities, $ly));
}
public function run()
{
$tableresource = "resource";
$tablegroupresource = "group_resource";
$resources = [["pattern" => "/stock", "name" => "stock/index", "target" => "StockController@indexAction", "secure" => true], ["pattern" => "/stock/add", "name" => "stock/add", "target" => "StockController@addAction", "secure" => true], ["pattern" => "/stock/edit", "name" => "stock/edit", "target" => "StockController@editAction", "secure" => true], ["pattern" => "/stock/delete", "name" => "stock/delete", "target" => "StockController@deleteAction", "secure" => true], ["pattern" => "/stock/addrow", "name" => "stock/addrow", "target" => "StockController@addrowAction", "secure" => true]];
foreach ($resources as $resource) {
DB::unprepared('ALTER TABLE ' . $tableresource . ' AUTO_INCREMENT = 1');
DB::unprepared('ALTER TABLE ' . $tablegroupresource . ' AUTO_INCREMENT = 1');
$r = Resource::create($resource);
$id = Group::where('id', '=', 1)->first()->id;
$r->groups()->attach(array($id));
}
}
/**
* Fetch a list of groups based on the value of a given column. Returns empty array if no match is found.
*
* @param value $value The value to find. (defaults to null, which means return all records in the table)
* @param string $name The name of the column to match (defaults to null)
* @return array An array of Group objects, indexed by group_id
*/
public static function fetchAll($value = null, $name = null)
{
if (!$value || !$name) {
$result = Group::all();
} else {
$result = Group::where($name, $value)->get();
}
$groups = [];
foreach ($result as $group) {
$groups[$group->id] = $group;
}
return $groups;
}
public function run()
{
$tableUser = "******";
$tableUserGroup = "group_user";
$users = [["username" => "alejandro", "password" => Hash::make("Stuttma98*"), "email" => "*****@*****.**"], ["username" => "Mario", "password" => Hash::make("Stuttma98*"), "email" => "*****@*****.**"]];
DB::unprepared('ALTER TABLE ' . $tableUser . ' AUTO_INCREMENT = 1');
DB::unprepared('ALTER TABLE ' . $tableUserGroup . ' AUTO_INCREMENT = 1');
foreach ($users as $user) {
$u = User::create($user);
$id = Group::where('name', '=', 'ADMIN')->first()->id;
$u->groups()->attach(array($id));
}
}
/**
* Update the group
*
* @param $id
*/
public function updateAction($id)
{
$group = Group::find($id);
$validation = Validator::make(Input::all(), Group::$rules);
if (!$validation->passes()) {
return Redirect::route('groups.edit', $id)->withInput()->withErrors($validation)->with('message', 'There were validation errors.');
}
/**
* Check name duplicates
*/
if (count(Group::where('name', Input::get('name'))->where('id', '!=', $id)->get())) {
return Redirect::route('groups.edit', $id)->withInput()->with('message', 'This groups already exists.');
}
$group->update(Input::all());
$group->save();
return Redirect::route('groups.show', $id);
}
/**
* Page de contact, envoie un email aux admins
*
* @access public
* @return View home.contact
*/
public function contact()
{
// Fetch le group admin
$group = Group::where('slug', '=', 'administrators')->first();
// Recup les admins
$admins = User::where('group_id', '=', $group->id)->get();
if (Request::getMethod() == 'POST') {
$input = Input::all();
// Boucle d'envoie de mails
foreach ($admins as $user) {
Mail::send('emails.contact', array('input' => $input), function ($message) use($user, $input) {
$message->from($input['email'], Config::get('other.title'));
$message->to($user->email, $user->username)->subject('New contact mail');
});
}
Session::put('message', 'Your message was successfully send');
}
return View::make('home.contact');
}
public function run()
{
$faker = Faker\Factory::create();
DB::table('groups')->delete();
DB::table('rooms')->delete();
DB::table('users')->delete();
$group = new Group();
$group->name = "Admin";
$group->permission = "1,2,3,4,5,6";
$group->admin = true;
$group->save();
$group = new Group();
$group->name = "Customer";
$group->permission = "10";
$group->admin = false;
$group->save();
for ($i = 1; $i < 10; $i++) {
$room = new Room();
$room->room_code = sprintf("%03dS", $i);
$room->save();
}
$admin_group = Group::where('name', '=', 'Admin')->first();
$customer_group = Group::where('name', '=', 'Customer')->first();
$user = new User();
$user->username = "******";
$user->password = Hash::make("passnhulon");
$user->group_id = $admin_group->id;
$user->realname = "Sairen Nguyen";
$user->birthday = "1993-04-05";
$user->email = "*****@*****.**";
$user->save();
for ($i = 1; $i < 10; $i++) {
$user = new User();
$user->username = sprintf("%03dS", $i);
$user->password = Hash::make("passnhulon");
$user->group_id = $customer_group->id;
$user->room_id = Room::all()->first()->id + $i - 1;
$user->realname = $faker->name();
$user->email = $faker->email;
$user->save();
}
}
public function run()
{
$adminEmail = Config::get('madison.seeder.admin_email');
$adminPassword = Config::get('madison.seeder.admin_password');
// Login as admin to create docs
$credentials = array('email' => $adminEmail, 'password' => $adminPassword);
Auth::attempt($credentials);
$admin = Auth::user();
$group = Group::where('id', '=', 1)->first();
// Create first doc
$docSeedPath = app_path() . '/database/seeds/example.md';
if (file_exists($docSeedPath)) {
$content = file_get_contents($docSeedPath);
} else {
$content = "New Document Content";
}
$docOptions = array('title' => 'Example Document', 'content' => $content, 'sponsor' => $group->id, 'sponsorType' => Doc::SPONSOR_TYPE_GROUP);
$document = Doc::createEmptyDocument($docOptions);
Input::replace($input = ['content' => $content]);
App::make('DocumentsController')->saveDocumentEdits($document->id);
//Set first doc as featured doc
$featuredSetting = new Setting();
$featuredSetting->meta_key = 'featured-doc';
$featuredSetting->meta_value = $document->id;
$featuredSetting->save();
// Create second doc
$docSeedPath = app_path() . '/database/seeds/example2.md';
if (file_exists($docSeedPath)) {
$content = file_get_contents($docSeedPath);
} else {
$content = "New Document Content";
}
$docOptions = array('title' => 'Second Example Document', 'sponsor' => $group->id, 'sponsorType' => Doc::SPONSOR_TYPE_GROUP);
$document = Doc::createEmptyDocument($docOptions);
DB::table('doc_contents')->insert(array('doc_id' => $document->id, 'content' => $content));
}
public function selectOption($schoolName, $surveyName, $groupName)
{
if (!Auth::check()) {
$user = new User();
$user->group_id = Group::where('name', '=', $groupName)->first()->id;
$user->name = "Anonymous";
$user->password = "******";
$user->save();
Auth::login($user);
}
if (Input::has('anonymous')) {
return Redirect::to(Request::path())->with('remainAnon', true);
}
return Redirect::to("account?intended=" . Request::path());
// By this point the submission must have been to create a new account.
}
public function register()
{
$validator = Validator::make(Input::all(), array('token' => 'required', 'remote_id' => 'required|numeric', 'email' => 'required|email', 'name' => 'required', 'password' => ''));
if ($validator->passes()) {
$post = Input::all();
if ($post['token'] == Config::get('doktornarabote.secret_string')) {
if (User::where('remote_id', $post['remote_id'])->exists() === FALSE) {
$user = new User();
$user->remote_id = $post['remote_id'];
$user->type = isset($post['type']) ? $post['type'] : 0;
$user->group_id = Group::where('name', 'doctors')->pluck('id');
$user->name = @$post['name'];
$user->email = @$post['email'];
$user->active = 0;
$user->password = Hash::make('TSHZVixc');
$user->save();
$this->json_request['error'] = 0;
$this->json_request['message'] = 'Аккаунт зарегистрирован.';
} else {
$this->json_request['message'] = 'Аккаунт уже зарегистрирован.';
}
} else {
$this->json_request['message'] = 'Неверный токен';
}
}
return Response::make(Input::get('callback') . '(' . json_encode($this->json_request) . ')', 200);
}
public function getRegisterAccount($post = NULL)
{
$user = new User();
if (!is_null($post)) {
$user->group_id = Group::where('name', 'participant')->pluck('id');
$user->name = $post['name'];
$user->surname = $post['surname'];
$user->email = $post['email'];
$user->active = 1;
$user->phone = $post['phone'];
$user->sex = $post['sex'];
$bdate = Carbon::createFromFormat('Y-m-d', $post['yyyy'] . '-' . $post['mm'] . '-' . $post['dd'])->format('Y-m-d 00:00:00');
$user->bdate = $bdate;
$user->city = isset($post['city']) ? $post['city'] : '';
$user->remote_id = @$post['remote_id'];
$user->sessionKey = @$post['sessionKey'];
$user->password = $post['password'];
$user->photo = '';
$user->thumbnail = '';
$user->temporary_code = '';
$user->code_life = '';
$user->save();
$user->touch();
return $user;
}
return FALSE;
}
public function createDocument()
{
if (!Auth::check()) {
return Redirect::to('/')->with('error', 'You must be logged in');
}
$input = Input::all();
$rules = array('title' => 'required');
$validator = Validator::make($input, $rules);
if ($validator->fails()) {
return Redirect::to('documents')->withInput()->withErrors($validator);
}
try {
$docOptions = array('title' => $input['title']);
$user = Auth::user();
$activeGroup = Session::get('activeGroupId');
if ($activeGroup > 0) {
$group = Group::where('id', '=', $activeGroup)->first();
if (!$group) {
return Redirect::to('documents')->withInput()->with('error', 'Invalid Group');
}
if (!$group->userHasRole($user, Group::ROLE_EDITOR) && !$group->userHasRole($user, Group::ROLE_OWNER)) {
return Redirect::to('documents')->withInput()->with('error', 'You do not have permission to create a document for this group');
}
$docOptions['sponsor'] = $activeGroup;
$docOptions['sponsorType'] = Doc::SPONSOR_TYPE_GROUP;
} else {
if (!$user->hasRole(Role::ROLE_INDEPENDENT_SPONSOR)) {
return Redirect::to('documents')->withInput()->with('error', 'You do not have permission to create a document as an individual');
}
$docOptions['sponsor'] = Auth::user()->id;
$docOptions['sponsorType'] = Doc::SPONSOR_TYPE_INDIVIDUAL;
}
$document = Doc::createEmptyDocument($docOptions);
if ($activeGroup > 0) {
Event::fire(MadisonEvent::NEW_GROUP_DOCUMENT, array('document' => $document, 'group' => $group));
}
return Redirect::to("documents/edit/{$document->id}")->with('success_message', "Document Created Successfully");
} catch (\Exception $e) {
return Redirect::to("documents")->withInput()->with('error', "Sorry there was an error processing your request - {$e->getMessage()}");
}
}
@empty
<tr><td><i>There are no groups available to join. Click the 'Create Group' link at the right to create a new group!</i></td></tr>
@endforelse
</table>
</div>
</div>
</div>
<div class="col-lg-6">
<div class="panel panel-primary">
<div class="panel-heading">
<div class="panel-title">My Created Groups <a class="pull-right" data-toggle="modal" data-target="#createGroupModal" style="cursor:pointer;"><span class="fa fa-plus"></span> Create Group</a></div>
</div>
<div class="panel-body">
<table class="table table-condensed">
<?php
$gcount = Group::where('ownerid', '=', Auth::user()->id)->count();
?>
@if($gcount === 0)
<tr><td><i>You have not created any groups! Click the 'Create Group' link above to create a new group!</i></td></tr>
@else
<?php
$groups = DB::table('groups')->where('ownerid', '=', Auth::user()->id)->get();
?>
@foreach($groups as $group)
<tr><td><a href="{{ URL::to('g/' . $group->uid) }}">{{ $group->name }}</a></td></tr>
@endforeach
@endif
</table>
</div>
</div>
</div>
/**
* Renders the form for creating a new user.
*
* This does NOT render a complete page. Instead, it renders the HTML for the form, which can be embedded in other pages.
* The form can be rendered in "modal" (for popup) or "panel" mode, depending on the value of the GET parameter `render`.
* If the currently logged-in user has permission to modify user group membership, then the group toggles will be displayed.
* Otherwise, the user will be added to the default groups automatically.
* This page requires authentication.
* Request type: GET
*/
public function formUserCreate()
{
// Access-controlled resource
if (!$this->_app->user->checkAccess('create_account')) {
$this->_app->notFound();
}
$get = $this->_app->request->get();
if (isset($get['render'])) {
$render = $get['render'];
} else {
$render = "modal";
}
// Get a list of all groups
$groups = Group::all()->getDictionary();
// Get a list of all locales
$locale_list = $this->_app->site->getLocales();
// Get default primary group (is_default = GROUP_DEFAULT_PRIMARY)
$primary_group = Group::where("is_default", GROUP_DEFAULT_PRIMARY)->first();
// If there is no default primary group, there is a problem. Show an error message for now.
if (!$primary_group) {
$this->_app->alerts->addMessageTranslated("danger", "GROUP_DEFAULT_PRIMARY_NOT_DEFINED");
$this->_app->halt(500);
}
// Get the default groups
$default_groups = Group::all()->where("is_default", GROUP_DEFAULT)->getDictionary();
// Set default groups, including default primary group
foreach ($groups as $group_id => $group) {
$group_list[$group_id] = $group->export();
if (isset($default_groups[$group_id]) || $group_id == $primary_group->id) {
$group_list[$group_id]['member'] = true;
} else {
$group_list[$group_id]['member'] = false;
}
}
$data['primary_group_id'] = $primary_group->id;
// Set default title for new users
$data['title'] = $primary_group->new_user_title;
// Set default locale
$data['locale'] = $this->_app->site->default_locale;
// Create a dummy user to prepopulate fields
$target_user = new User($data);
if ($render == "modal") {
$template = "components/common/user-info-modal.twig";
} else {
$template = "components/common/user-info-panel.twig";
}
// Determine authorized fields for those that have default values. Don't hide any fields
$fields = ['title', 'locale', 'groups', 'primary_group_id'];
$show_fields = [];
$disabled_fields = [];
$hidden_fields = [];
foreach ($fields as $field) {
if ($this->_app->user->checkAccess("update_account_setting", ["user" => $target_user, "property" => $field])) {
$show_fields[] = $field;
} else {
$disabled_fields[] = $field;
}
}
// Load validator rules
$schema = new \Fortress\RequestSchema($this->_app->config('schema.path') . "/forms/user-create.json");
$this->_app->jsValidator->setSchema($schema);
$this->_app->render($template, ["box_id" => $get['box_id'], "box_title" => "Create User", "submit_button" => "Create user", "form_action" => $this->_app->site->uri['public'] . "/users", "target_user" => $target_user, "groups" => $group_list, "locales" => $locale_list, "fields" => ["disabled" => $disabled_fields, "hidden" => $hidden_fields], "buttons" => ["hidden" => ["edit", "enable", "delete", "activate"]], "validators" => $this->_app->jsValidator->rules()]);
}
/**
* Processes an new account registration request.
*
* Processes the request from the form on the registration page, checking that:
* 1. The honeypot was not modified;
* 2. The master account has already been created (during installation);
* 3. Account registration is enabled;
* 4. The user is not already logged in;
* 5. Valid information was entered;
* 6. The captcha, if enabled, is correct;
* 7. The username and email are not already taken.
* Automatically sends an activation link upon success, if account activation is enabled.
* This route is "public access".
* Request type: POST
* Returns the User Object for the user record that was created.
*/
public function register()
{
// POST: user_name, display_name, email, title, password, passwordc, captcha, spiderbro, csrf_token
$post = $this->_app->request->post();
// Get the alert message stream
$ms = $this->_app->alerts;
// Check the honeypot. 'spiderbro' is not a real field, it is hidden on the main page and must be submitted with its default value for this to be processed.
if (!$post['spiderbro'] || $post['spiderbro'] != "http://") {
error_log("Possible spam received:" . print_r($this->_app->request->post(), true));
$ms->addMessage("danger", "Aww hellllls no!");
$this->_app->halt(500);
// Don't let on about why the request failed ;-)
}
// Load the request schema
$requestSchema = new \Fortress\RequestSchema($this->_app->config('schema.path') . "/forms/register.json");
// Set up Fortress to process the request
$rf = new \Fortress\HTTPRequestFortress($ms, $requestSchema, $post);
// Security measure: do not allow registering new users until the master account has been created.
if (!User::find($this->_app->config('user_id_master'))) {
$ms->addMessageTranslated("danger", "MASTER_ACCOUNT_NOT_EXISTS");
$this->_app->halt(403);
}
// Check if registration is currently enabled
if (!$this->_app->site->can_register) {
$ms->addMessageTranslated("danger", "ACCOUNT_REGISTRATION_DISABLED");
$this->_app->halt(403);
}
// Prevent the user from registering if he/she is already logged in
if (!$this->_app->user->isGuest()) {
$ms->addMessageTranslated("danger", "ACCOUNT_REGISTRATION_LOGOUT");
$this->_app->halt(200);
}
// Sanitize data
$rf->sanitize();
// Validate, and halt on validation errors.
$error = !$rf->validate(true);
// Get the filtered data
$data = $rf->data();
// Check captcha, if required
if ($this->_app->site->enable_captcha == "1") {
if (!$data['captcha'] || md5($data['captcha']) != $_SESSION['userfrosting']['captcha']) {
$ms->addMessageTranslated("danger", "CAPTCHA_FAIL");
$error = true;
}
}
// Remove captcha, password confirmation from object data
$rf->removeFields(['captcha', 'passwordc']);
// Perform desired data transformations. Is this a feature we could add to Fortress?
$data['display_name'] = trim($data['display_name']);
$data['locale'] = $this->_app->site->default_locale;
if ($this->_app->site->require_activation) {
$data['flag_verified'] = 0;
} else {
$data['flag_verified'] = 1;
}
// Check if username or email already exists
if (User::where('user_name', $data['user_name'])->first()) {
$ms->addMessageTranslated("danger", "ACCOUNT_USERNAME_IN_USE", $data);
$error = true;
}
if (User::where('email', $data['email'])->first()) {
$ms->addMessageTranslated("danger", "ACCOUNT_EMAIL_IN_USE", $data);
$error = true;
}
// Halt on any validation errors
if ($error) {
$this->_app->halt(400);
}
// Get default primary group (is_default = GROUP_DEFAULT_PRIMARY)
$primaryGroup = Group::where('is_default', GROUP_DEFAULT_PRIMARY)->first();
// Check that a default primary group is actually set
if (!$primaryGroup) {
$ms->addMessageTranslated("danger", "ACCOUNT_REGISTRATION_BROKEN");
error_log("Account registration is not working because a default primary group has not been set.");
$this->_app->halt(500);
}
$data['primary_group_id'] = $primaryGroup->id;
// Set default title for new users
$data['title'] = $primaryGroup->new_user_title;
// Hash password
$data['password'] = Authentication::hashPassword($data['password']);
// Create the user
$user = new User($data);
// Add user to default groups, including default primary group
$defaultGroups = Group::where('is_default', GROUP_DEFAULT)->get();
$user->addGroup($primaryGroup->id);
foreach ($defaultGroups as $group) {
$user->addGroup($group->id);
}
// Create sign-up event
$user->newEventSignUp();
// Store new user to database
$user->save();
if ($this->_app->site->require_activation) {
// Create verification request event
$user->newEventVerificationRequest();
$user->save();
// Re-save with verification event
// Create and send verification email
$twig = $this->_app->view()->getEnvironment();
$template = $twig->loadTemplate("mail/activate-new.twig");
$notification = new Notification($template);
$notification->fromWebsite();
// Automatically sets sender and reply-to
$notification->addEmailRecipient($user->email, $user->display_name, ["user" => $user]);
try {
$notification->send();
} catch (\phpmailerException $e) {
$ms->addMessageTranslated("danger", "MAIL_ERROR");
error_log('Mailer Error: ' . $e->errorMessage());
$this->_app->halt(500);
}
$ms->addMessageTranslated("success", "ACCOUNT_REGISTRATION_COMPLETE_TYPE2");
} else {
// No activation required
$ms->addMessageTranslated("success", "ACCOUNT_REGISTRATION_COMPLETE_TYPE1");
}
// Return the user object to the calling program
return $user;
}
/**
* activeGroup.
*
* Returns current active group for this user
* Grabs the active group id from Session
*
* @param void
*
* @return Group|| new Group
*
* @todo Why would this return a new group? Should probalby return some falsy value.
*/
public function activeGroup()
{
$activeGroupId = Session::get('activeGroupId');
if ($activeGroupId <= 0) {
//return new Group();
return;
}
return Group::where('id', '=', $activeGroupId)->first();
}
