/**
* Save the associated user model
*
* Also, this clears out all password resets associated with the given user,
* if successful.
* @return type
*/
public function save()
{
if ($this->validate()) {
$this->userModel->password = PasswordUtil::createHash($this->password);
PasswordReset::model()->deleteAllByAttributes(array('userId' => $this->userModel->id));
return $this->userModel->update(array('password'));
}
return false;
}
public function testCreateHash()
{
for ($i = 0; $i < 20; $i++) {
$seed = str_split('abcdefghijklmnopqrstuvwxyz' . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . '0123456789!@#$%^&*()');
shuffle($seed);
$password = '';
foreach (array_rand($seed, 16) as $k) {
$password .= $seed[$k];
}
$hash = PasswordUtil::createHash($password);
$pieces = explode(':', $hash);
$this->assertEquals(count($pieces), PasswordUtil::HASH_SECTIONS);
$this->assertTrue(in_array($pieces[PasswordUtil::HASH_ALGORITHM_INDEX], hash_algos()));
$this->assertTrue(PasswordUtil::validatePassword($password, $hash));
}
$a = PasswordUtil::createHash('test');
$b = PasswordUtil::createHash('test');
$this->assertNotEquals($a, $b);
}
/**
* Updates a particular model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id the ID of the model to be updated
*/
public function actionUpdate($id)
{
$model = $this->loadModel($id);
$groups = array();
foreach (Groups::model()->findAll() as $group) {
$groups[$group->id] = CHtml::encode($group->name);
}
$selectedGroups = array();
foreach (GroupToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$selectedGroups[] = $link->groupId;
}
$roles = array();
foreach (Roles::model()->findAll() as $role) {
$roles[$role->id] = CHtml::encode($role->name);
}
$selectedRoles = array();
foreach (RoleToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$selectedRoles[] = $link->roleId;
}
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (!isset($model->userAlias)) {
$model->userAlias = $model->username;
}
if (isset($_POST['User'])) {
$old = $model->attributes;
$temp = $model->password;
$model->attributes = $_POST['User'];
if ($model->password != "") {
$model->password = PasswordUtil::createHash($model->password);
} else {
$model->password = $temp;
}
if (empty($model->userKey)) {
$model->userKey = substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789', 32)), 0, 32);
}
if ($model->save()) {
$profile = $model->profile;
if (!empty($profile)) {
$profile->emailAddress = $model->emailAddress;
$profile->fullName = $model->firstName . ' ' . $model->lastName;
$profile->save();
}
if ($old['username'] != $model->username) {
$fieldRecords = Fields::model()->findAllByAttributes(array('fieldName' => 'assignedTo'));
$modelList = array();
foreach ($fieldRecords as $record) {
$modelList[$record->modelName] = $record->linkType;
}
foreach ($modelList as $modelName => $type) {
if ($modelName == 'Quotes') {
$modelName = "Quote";
}
if ($modelName == 'Products') {
$modelName = 'Product';
}
if (empty($type)) {
$list = X2Model::model($modelName)->findAllByAttributes(array('assignedTo' => $old['username']));
foreach ($list as $item) {
$item->assignedTo = $model->username;
$item->save();
}
} else {
$list = X2Model::model($modelName)->findAllBySql("SELECT * FROM " . X2Model::model($modelName)->tableName() . " WHERE assignedTo LIKE '%" . $old['username'] . "%'");
foreach ($list as $item) {
$assignedTo = explode(", ", $item->assignedTo);
$key = array_search($old['username'], $assignedTo);
if ($key >= 0) {
$assignedTo[$key] = $model->username;
}
$item->assignedTo = implode(", ", $assignedTo);
$item->save();
}
}
}
$profile = Profile::model()->findByAttributes(array('username' => $old['username']));
if (isset($profile)) {
$profile->username = $model->username;
$profile->save();
}
}
foreach (RoleToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$link->delete();
}
foreach (GroupToUser::model()->findAllByAttributes(array('userId' => $model->id)) as $link) {
$link->delete();
}
if (isset($_POST['roles'])) {
$roles = $_POST['roles'];
foreach ($roles as $role) {
$link = new RoleToUser();
$link->roleId = $role;
$link->type = "user";
$link->userId = $model->id;
$link->save();
}
}
if (isset($_POST['groups'])) {
$groups = $_POST['groups'];
foreach ($groups as $group) {
$link = new GroupToUser();
$link->groupId = $group;
$link->userId = $model->id;
$link->username = $model->username;
$link->save();
}
}
$this->redirect(array('view', 'id' => $model->id));
}
}
$this->render('update', array('model' => $model, 'groups' => $groups, 'roles' => $roles, 'selectedGroups' => $selectedGroups, 'selectedRoles' => $selectedRoles));
}
/**
* Changes the password for the user given by its record ID number.
* @param integer $id ID of the user to be updated.
*/
public function actionChangePassword($id)
{
if ($id === Yii::app()->user->getId()) {
$user = User::model()->findByPk($id);
if (isset($_POST['oldPassword'], $_POST['newPassword'], $_POST['newPassword2'])) {
$oldPass = $_POST['oldPassword'];
$newPass = $_POST['newPassword'];
$newPass2 = $_POST['newPassword2'];
if (PasswordUtil::validatePassword($oldPass, $user->password)) {
if ($newPass === $newPass2) {
$user->password = PasswordUtil::createHash($newPass);
// Ensure an alias is set so that validation succeeds
if (empty($user->userAlias)) {
$user->userAlias = $user->username;
}
$user->save();
$this->redirect($this->createUrl('/profile/view', array('id' => $id)));
}
} else {
Yii::app()->clientScript->registerScript('alertPassWrong', "alert('Old password is incorrect.');");
}
}
$this->render('changePassword', array('model' => $user));
}
}
public function authenticate($google = false)
{
$user = $this->getUserModel();
$isRealUser = $user instanceof User;
if ($isRealUser) {
$this->username = $user->username;
if ((int) $user->status === User::STATUS_INACTIVE) {
$this->errorCode = self::ERROR_DISABLED;
return false;
}
}
if (!$isRealUser) {
// username not found
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif ($google) {
// Completely bypasses password-based authentication
$this->errorCode = self::ERROR_NONE;
$this->_id = $user->id;
return true;
} else {
if ($user->status == 0) {
// User has been disabled
$this->errorCode = self::ERROR_DISABLED;
return false;
}
$reEncrypt = false;
$isValid = false;
if (PasswordUtil::validatePassword($this->password, $user->password)) {
$isValid = true;
} else {
if (PasswordUtil::slowEquals(md5($this->password), $user->password)) {
//Oldest format
$isValid = true;
$reEncrypt = true;
} else {
if (PasswordUtil::slowEquals(crypt($this->password, '$5$rounds=32678$' . $user->password), '$5$rounds=32678$' . $user->password)) {
//Old format
$isValid = true;
$reEncrypt = true;
}
}
}
if ($isValid) {
$this->errorCode = self::ERROR_NONE;
$this->_id = $user->id;
if ($reEncrypt) {
$user->password = PasswordUtil::createHash($this->password);
$user->update(array('password'));
}
} else {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
}
}
return $this->errorCode === self::ERROR_NONE;
}