/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'index' page.
*/
public function actionCreateUser()
{
Yii::log("actionCreate called", "trace", self::LOG_CAT);
$cancelLink = $this->createUrl('site/login');
$model = new Users();
if (isset($_POST['Users'])) {
$model->attributes = $_POST['Users'];
$model->roles = $_POST['Users']['roles'];
if ($model->validate("insert")) {
if ($model->save() && $model->saveRoles($model->userId, "create")) {
// send the user the email link:
$toMailName = $model->userName;
$email = $model->email;
// construct data and set expiry to 24 hrs
$resetEncrypt = base64_encode($email . ",resetTrue," . (strtotime(date("H:i:s")) + 86400));
$passwordUrl = "http://" . $_SERVER["HTTP_HOST"] . Yii::app()->request->baseUrl . "/index.php/site/changepassword?data={$resetEncrypt}" . "&redirect_uri=" . $cancelLink;
$mail = new TTMailer();
$subject = Yii::t('translation', 'User created');
$altBody = Yii::t('translation', 'To view the message, please use an HTML compatible email viewer!');
$message = Yii::t('translation', 'Dear ') . $toMailName . ',<br /><br />' . Yii::t('translation', 'your user account has been created, please visit ');
$message .= '<a href="' . $passwordUrl . '">' . $passwordUrl . '</a>' . Yii::t('translation', ' to activate it and set a new password. ') . '<p></p>' . Yii::t('translation', 'This message was automatically generated.') . '<br />' . Yii::t('translation', ' If you think it was sent incorrectly, ') . Yii::t('translation', 'please contact your administrator.');
//if mail is not sent successfully issue appropriate message
if (!$mail->ttSendMail($subject, $altBody, $message, $email, $toMailName)) {
Yii::log("Error in sending the password to the user", "error", self::LOG_CAT);
$msg = Yii::t('translation', "Error in sending the password to the user");
return $msg;
}
Yii::app()->user->setFlash('success', "User successfully created.");
$this->redirect(array('users/index'));
}
}
}
$this->render('create', array('model' => $model));
}
/**
* actionRegisterUser
*
* @access public
* @return void
*/
public function actionRegisterUser()
{
Yii::log("actionRegisterUser called", "trace", self::LOG_CAT);
$model = new RegisterForm();
// Form to add users
$rolesModel = new UsersHasRoles();
// Form to add roles to users_has_roles table
$encryption = Yii::app()->encryption;
if (isset($_GET['usd']) && isset($_GET['risksur'])) {
// Check if incoming url has these values. i.e. user has clicked on confirmation link.
$password = $_GET['risksur'];
// Get the user password
$decryptData = $encryption->decrypt($_GET['usd'], self::FORGOT_SALT);
// Decrypt the user details
$userDetails = explode(",", $decryptData);
// if the link has expired or not valid give error message to user
if ($encryption->isExpired() || !isset($userDetails[0]) || !isset($userDetails[2]) || $userDetails[2] != "newUser") {
Yii::app()->user->setFlash('error', 'The account activation data is either expired or invalid. Kindly register again.');
Yii::log("Expired link or invalid parameters in link sent by confirmationUrl", "error", self::LOG_CAT);
$this->redirect(array('site/login'));
return;
}
// Arrange data to be saved to the db i.e. creating the user.
$model->userName = $userDetails[0];
$model->email = $userDetails[1];
$model->password = $password;
$model->confirmPassword = $password;
$model->active = "1";
// Set status to active
// $model->save(); // Save the user details
if (!$model->save()) {
// If the user hasn't been saved to users yable then show an error
Yii::app()->user->setFlash('error', 'There was a problem activating your account. Please contact the RiskSur admin on info@tracetracker.com');
$this->redirect(array('site/login'));
return;
}
$rolesModel->users_id = $model->userId;
// Get the last inserted userId in users table
$rolesModel->roles_id = "3";
// Insert roleId 3 i.e. normal user as defined in roles table
// $rolesModel->save(); // Save to users_has_roles table
if (!$rolesModel->save()) {
// If the user roles haven't been save then show an error
Yii::app()->user->setFlash('error', 'There was a problem activating your account. Please contact the RiskSur admin on info@tracetracker.com');
$this->redirect(array('site/login'));
return;
}
// Else if all data was saved show a success message.
Yii::app()->user->setFlash('success', 'Thank you for registering on Risksur, please login to continue.');
$this->redirect(array('site/login'));
return;
}
if (isset($_POST['RegisterForm'])) {
// Check if there is a post i.e. user has entered data
$model->attributes = $_POST['RegisterForm'];
if ($model->userName == "" || $model->email == "" || $model->password == "") {
// Check for blanks
Yii::app()->user->setFlash('error', 'All fields must be filled in!');
Yii::log("Blank fields posted", "error", self::LOG_CAT);
$this->render('register', array('model' => $model));
return;
}
if (!filter_var($model->email, FILTER_VALIDATE_EMAIL)) {
// Check for invalid email address
Yii::app()->user->setFlash('error', 'Enter a valid email address!');
Yii::log("Invalid format of email address provided", "error", self::LOG_CAT);
$this->render('register', array('model' => $model));
return;
}
if ($model->confirmPassword !== $model->password) {
// Check for password mismatch
Yii::app()->user->setFlash('error', 'Password mismatch! Re-type the password');
Yii::log("Password mis-match", "error", self::LOG_CAT);
$this->render('register', array('model' => $model));
return;
}
// Query for the email address provided
$queryUserEmail = Yii::app()->db->createCommand()->select('*')->from('users')->where('email = "' . $model->email . '" ')->queryAll();
if (count($queryUserEmail) > 0) {
// If the email address already exists shown an error message
Yii::app()->user->setFlash('error', 'The email is already registered. Enter a different email address.');
Yii::log("Email already registered", "error", self::LOG_CAT);
$this->render('register', array('model' => $model));
return;
}
// Query for the username provided
$queryUserName = Yii::app()->db->createCommand()->select('*')->from('users')->where('userName = "******" ')->queryAll();
if (count($queryUserName) > 0) {
// If the username already exists show an error message
Yii::app()->user->setFlash('error', 'The username is already registered. Enter a different username.');
Yii::log("Username already registered", "error", self::LOG_CAT);
$this->render('register', array('model' => $model));
return;
}
$model->password = md5($this->salt . $_POST['RegisterForm']['password']);
// MD5 and Salt the password b4 saving
$mail = new TTMailer();
// Initiate mailer
$originUrl = Yii::app()->createAbsoluteUrl("site/login");
$cancelLink = $this->createUrl('site/login');
// Not sure what this is for but wth, just leave it there
$encryptUserData = urlencode($encryption->encrypt($model->userName . "," . $model->email . ",newUser", 86400, self::FORGOT_SALT));
$confirmationUrl = "http://" . $_SERVER["HTTP_HOST"] . Yii::app()->request->baseUrl . "/index.php/site/registerUser?usd={$encryptUserData}" . "&redirect_uri=" . $cancelLink . "&risksur=" . $model->password;
$subject = 'User Registration';
$altBody = 'To view the message, please use an HTML compatible email viewer!';
$message = 'Dear ' . $model->userName . ',<br><br>';
$message .= 'You have successfully registered at ' . $originUrl . '. Click on the link below to activate your account:<br><br>';
$message .= '<a href="' . $confirmationUrl . '">' . $confirmationUrl . '</a><br><br>';
$message .= '<b>Best Regards,</b><br><br>';
$message .= '<b>Team RiskSur</b>';
$toAddress = $model->email;
$toName = $model->userName;
/*IF EMAIL IS NOT SENT THEN LOG THE ERROR*/
if (!$mail->ttSendMail($subject, $altBody, $message, $toAddress, $toName)) {
Yii::log("Error in sending user registration email to " . $model->email, "error", self::LOG_CAT);
return;
}
Yii::app()->user->setFlash('success', "User Created Successfully");
$this->redirect(array('site/login'));
return;
}
$this->render('register', array('model' => $model));
}
