public function __construct($iCustomerId)
{
$this->iCustomerId = $iCustomerId;
$this->iCrawled = 0;
$this->iSeen = 0;
//crawl settings
$res = mysql_query("SELECT * from user where id='" . $this->iCustomerId . "'") or die(mysql_error());
if ($row = mysql_fetch_array($res)) {
if ($row['level_limit'] > 0) {
$this->iMaxLevel = $row['level_limit'];
} else {
$this->iMaxLevel = 20;
}
if ($row['crawl_limit'] > 0) {
$this->iCrawlLimit = $row['crawl_limit'];
} else {
$this->iCrawlLimit = 500;
}
} else {
$this->iMaxLevel = 20;
$this->iCrawlLimit = 500;
}
//fetch domains to be crawled
$u = new UserManagement();
$aDomain = $u->getDomains($iCustomerId);
$aFilterAdd = array();
for ($i = 0; $i < sizeof($aDomain); $i++) {
array_push($aFilterAdd, $aDomain[$i]);
}
$this->aFilterAdd = $aFilterAdd;
$this->aFound = array();
$this->aCrawled = array();
$this->aProcess = array();
}
public function other($argument = false)
{
$model = new Help_Model();
echo "we are inside other";
$t = new UserManagement();
$t->createUser();
}
/**
*
**/
public function routes(&$router)
{
//
$router->get('/user(/:user_id)', function ($user_id) use($router) {
$user_id = $user_id ?: $GLOBALS['user']->id;
$user = User::find($user_id);
if (!$user) {
$router->halt(404, sprintf('User %s not found', $user_id));
return;
}
$visibilities = get_local_visibility_by_id($user_id, 'homepage');
if (is_array(json_decode($visibilities, true))) {
$visibilities = json_decode($visibilities, true);
} else {
$visibilities = array();
}
$get_field = function ($field, $visibility) use($user_id, $user, $visibilities) {
if (!$user[$field] || !is_element_visible_for_user($GLOBALS['user']->id, $user_id, $visibilities[$visibility])) {
return '';
}
return $user[$field];
};
$avatar = function ($size) use($user_id, $visibilities) {
static $avatar;
if (!$avatar) {
$avatar_id = is_element_visible_for_user($GLOBALS['user']->id, $user_id, $visibilities['picture']) ? $user_id : 'nobody';
$avatar = Avatar::getAvatar($avatar_id);
}
return $avatar->getURL($size);
};
$user = array('user_id' => $user_id, 'username' => $user['username'], 'perms' => $user['perms'], 'title_pre' => $user['title_front'], 'forename' => $user['Vorname'], 'lastname' => $user['Nachname'], 'title_post' => $user['title_rear'], 'email' => get_visible_email($user_id), 'avatar_small' => $avatar(Avatar::SMALL), 'avatar_medium' => $avatar(Avatar::MEDIUM), 'avatar_normal' => $avatar(Avatar::NORMAL), 'phone' => $get_field('privatnr', 'private_phone'), 'homepage' => $get_field('Home', 'homepage'), 'privadr' => $get_field('privadr', 'privadr'));
$query = "SELECT value\n FROM user_config\n WHERE field = ? AND user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array('SKYPE_NAME', $user_id));
$user['skype'] = $statement->fetchColumn() ?: '';
$statement->closeCursor();
if ($user['skype']) {
$statement->execute(array('SKYPE_ONLINE_STATUS', $user_id));
$user['skype_show'] = (bool) $statement->fetchColumn();
} else {
$user['skype_show'] = false;
}
$router->render(compact('user'));
});
// Deletes a user
$router->delete('/user/:user_id', function ($user_id) use($router) {
$user = new \UserManagement($user_id . '.');
if (empty($user->user_data['auth_user_md5.user_id'])) {
$router->halt(404, sprintf('User id "%s" not found', $user_id));
die;
}
$router->halt($user->deleteUser() ? 200 : 500);
});
}
/**
* Stores a new password for a user.
*/
public function store_action()
{
$this->check_ticket();
$errors = array();
$hasher = UserManagement::getPwdHasher();
$password = Request::get('new_password');
$confirm = Request::get('new_password_confirm');
if (!($hasher->CheckPassword(md5(Request::get('password')), $this->user['password']) || $hasher->CheckPassword(Request::get('password'), $this->user['password']) || strlen($this->user['password']) == 32 && md5(Request::get('password')) == $this->user['password'])) {
$errors[] = _('Das aktuelle Passwort wurde nicht korrekt eingegeben.');
}
if (!$this->validator->ValidatePassword($password)) {
$errors[] = _('Das Passwort ist zu kurz - es sollte mindestens 4 Zeichen lang sein.');
} else {
if ($password !== $confirm) {
$errors[] = _('Die Wiederholung Ihres Passworts stimmt nicht mit Ihrer Eingabe überein.');
} else {
if ($password == $this->user['username']) {
$errors[] = _('Das Passwort darf nicht mit dem Nutzernamen übereinstimmen.');
} else {
if (str_replace(array('.', ' '), '', strtolower($password)) == 'studip') {
$errors[] = _('Aus Sicherheitsgründen darf das Passwort nicht "Stud.IP" oder eine Abwandlung davon sein.');
}
}
}
}
if (count($errors) > 0) {
$this->reportErrorWithDetails(_('Bitte überprüfen Sie Ihre Eingabe:'), $errors);
} else {
$this->user->password = $hasher->HashPassword($password);
if ($this->user->store()) {
$this->reportSuccess(_('Das Passwort wurde erfolgreich geändert.'));
}
}
$this->redirect('settings/password');
}
/**
*
*
*
* @access public
*
*/
function isAuthenticated($username, $password)
{
$user = User::findByUsername($username);
if (!$user || !$password || strlen($password) > 72) {
$this->error_msg = _("Ungültige Benutzername/Passwort-Kombination!");
return false;
} elseif ($user->username != $username) {
$this->error_msg = _("Bitte achten Sie auf korrekte Groß-Kleinschreibung beim Username!");
return false;
} elseif (!is_null($user->auth_plugin) && $user->auth_plugin != "standard") {
$this->error_msg = sprintf(_("Dieser Benutzername wird bereits über %s authentifiziert!"), $user->auth_plugin);
return false;
} else {
$pass = $user->password;
// Password is stored as a md5 hash
}
$hasher = UserManagement::getPwdHasher();
$old_style_check = strlen($pass) == 32 && md5($password) == $pass;
$migrated_check = $hasher->CheckPassword(md5($password), $pass);
$check = $hasher->CheckPassword($password, $pass);
if (!($check || $migrated_check || $old_style_check)) {
$this->error_msg = _("Das Passwort ist falsch!");
return false;
} else {
return true;
}
}
public static function outputFooterMenu()
{
require_once "lib.php";
UserManagement::InitSession();
if (isset($_SESSION['User'])) {
print "<footer><center>© myAarth LLC 2012 | <a href='mailto:contact@myaarth.com'>contact@myaarth.com</a> | <a href='/User/logout.php'>Logout</a></center></footer>";
} else {
print "<footer><center>© myAarth 2012 | <a href='mailto:contact@myaarth.com'>contact@myaarth.com</a></center></footer>";
}
}
function up()
{
$db = DBManager::get();
$db->exec("ALTER TABLE `auth_user_md5` CHANGE `password` `password` VARBINARY( 64 ) NOT NULL DEFAULT ''");
$hasher = UserManagement::getPwdHasher();
$pwd_up = $db->prepare("UPDATE auth_user_md5 SET password=? WHERE user_id=?");
foreach($db->query("SELECT user_id,password FROM auth_user_md5 WHERE auth_plugin='standard' AND password <> ''") as $row) {
$new_pwd = $hasher->HashPassword($row['password']);
$pwd_up->execute(array($new_pwd, $row['user_id']));
}
SimpleORMap::expireTableScheme();
}
public function signupAction()
{
$errorCount = array();
$response = array();
$fname = isset($_POST["fname"]) ? $_POST["fname"] : null;
$lname = isset($_POST["lname"]) ? $_POST["lname"] : null;
$email = isset($_POST["email"]) ? $_POST["email"] : null;
$password = isset($_POST["password1"]) ? $_POST["password1"] : null;
if ($fname == null || $lname == null || $email == null || $password == null) {
return false;
}
$result = UserManagement::createUser($email, $password, $fname, $lname);
if ($result > 0) {
$response["success"] = true;
} else {
$response["success"] = false;
}
echo json_encode($response);
}
/**
* @return bool|string
*/
function auth_doregister()
{
global $_language_path;
$this->error_msg = "";
// check for direct link to register2.php
if (!$_SESSION['_language'] || $_SESSION['_language'] == "") {
$_SESSION['_language'] = get_accepted_languages();
}
$_language_path = init_i18n($_SESSION['_language']);
$this->auth["uname"] = Request::username('username');
// This provides access for "crcregister.ihtml"
$validator = new email_validation_class();
// Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
// Wie lange warten wir auf eine Antwort des Mailservers?
if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) {
return false;
}
$username = trim(Request::get('username'));
$Vorname = trim(Request::get('Vorname'));
$Nachname = trim(Request::get('Nachname'));
// accept only registered domains if set
$cfg = Config::GetInstance();
$email_restriction = $cfg->getValue('EMAIL_DOMAIN_RESTRICTION');
if ($email_restriction) {
$Email = trim(Request::get('Email')) . '@' . trim(Request::get('emaildomain'));
} else {
$Email = trim(Request::get('Email'));
}
if (!$validator->ValidateUsername($username)) {
$this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist zu kurz!") . "<br>";
return false;
}
// username syntaktisch falsch oder zu kurz
// auf doppelte Vergabe wird weiter unten getestet.
if (!$validator->ValidatePassword(Request::quoted('password'))) {
$this->error_msg = $this->error_msg . _("Das Passwort ist zu kurz!") . "<br>";
return false;
}
if (!$validator->ValidateName($Vorname)) {
$this->error_msg = $this->error_msg . _("Der Vorname fehlt oder ist unsinnig!") . "<br>";
return false;
}
// Vorname nicht korrekt oder fehlend
if (!$validator->ValidateName($Nachname)) {
$this->error_msg = $this->error_msg . _("Der Nachname fehlt oder ist unsinnig!") . "<br>";
return false;
// Nachname nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailAddress($Email)) {
$this->error_msg = $this->error_msg . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "<br>";
return false;
}
// E-Mail syntaktisch nicht korrekt oder fehlend
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
if (!$validator->ValidateEmailHost($Email)) {
// Mailserver nicht erreichbar, ablehnen
$this->error_msg = $this->error_msg . _("Der Mailserver ist nicht erreichbar, bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken und empfangen können!") . "<br>";
return false;
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($Email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("Register", "Emailbox unbekannt\n\nUser: {$username}\nEmail: {$Email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse ist nicht erreichbar, bitte überprüfen Sie Ihre Angaben!") . "<br>";
return false;
} else {
// Alles paletti, jetzt kommen die Checks gegen die Datenbank...
}
}
$check_uname = StudipAuthAbstract::CheckUsername($username);
if ($check_uname['found']) {
// error_log("username schon vorhanden", 0);
$this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist bereits vorhanden!") . "<br>";
return false;
// username schon vorhanden
}
if (count(User::findBySQL("Email LIKE " . DbManager::get()->quote($Email)))) {
$this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer verwendet. Sie müssen eine andere E-Mail-Adresse angeben!") . "<br>";
return false;
// Email schon vorhanden
}
// alle Checks ok, Benutzer registrieren...
$hasher = UserManagement::getPwdHasher();
$new_user = new User();
$new_user->username = $username;
$new_user->perms = 'user';
$new_user->password = $hasher->HashPassword(Request::get('password'));
$new_user->vorname = $Vorname;
$new_user->nachname = $Nachname;
$new_user->email = $Email;
$new_user->geschlecht = Request::int('geschlecht');
$new_user->title_front = trim(Request::get('title_front', Request::get('title_front_chooser')));
$new_user->title_rear = trim(Request::get('title_rear', Request::get('title_rear_chooser')));
$new_user->auth_plugin = 'standard';
$new_user->store();
if ($new_user->user_id) {
self::sendValidationMail($new_user);
$this->auth["perm"] = $new_user->perms;
return $new_user->user_id;
}
}
<?php
/* TODO: User query string
* $_SERVER['QUERY_STRING'];
*/
$deactivated = $_GET['deactivated'];
$userMgmt = new UserManagement();
$users = $userMgmt->getUsers($deactivated);
$obj = array();
foreach ($users as $user) {
$userArr = array('guid' => $user->guid, 'name' => $user->name);
array_push($obj, $userArr);
}
echo json_encode($obj);
<?php
require_once "lib/lib.php";
require_once "lib/presentation.php";
UserManagement::InitSession();
if (isset($_SESSION['User'])) {
header("Location: tracker.php");
die;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title><?php
Presentation::outputPageTitle();
?>
</title>
<meta name="description" content="">
<meta name="author" content="">
<!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link rel="stylesheet" href="Style/bootstrap.min.css"/>
<link rel="stylesheet" href="Style/Main.css"/>
<script type="text/javascript" src="Script/jquery.min.js"></script>
<script type="text/javascript" src="Script/bootstrap-modal.js"></script>
<script type="text/javascript" src="Script/bootstrap-twipsy.js"></script>
/**
* <MethodDescription>
*
* @return type <description>
*/
function destroy()
{
$user_management = new UserManagement($this->id);
if (!$user_management->deleteUser()) {
$this->error = $user_management->msg;
// TODO
return FALSE;
}
return TRUE;
}
public function getMappedData($line)
{
$plugin = $this->getPlugin();
$fields = $this->getTargetFields();
//dynamic additional fields:
switch ($this['import_type']) {
case "Course":
foreach (Datafield::findBySQL("object_type = 'sem'") as $datafield) {
$fields[] = $datafield['name'];
}
$fields[] = "fleximport_dozenten";
$fields[] = "fleximport_related_institutes";
$fields[] = "fleximport_studyarea";
$fields[] = "fleximport_locked";
$fields[] = "fleximport_course_userdomains";
break;
case "User":
foreach (Datafield::findBySQL("object_type = 'user'") as $datafield) {
$fields[] = $datafield['name'];
}
$fields[] = "fleximport_username_prefix";
$fields[] = "fleximport_userdomains";
$fields[] = "fleximport_user_inst";
$fields[] = "fleximport_expiration_date";
$fields[] = "fleximport_welcome_message";
break;
}
$data = array();
foreach ($fields as $field) {
$mapping = false;
//important: false means no mapping, null means mapping to database null
if ($plugin && in_array($field, $plugin->fieldsToBeMapped())) {
$mapping = $plugin->mapField($field, $line);
}
if ($mapping !== false) {
$data[$field] = $mapping;
} else {
if ($this['tabledata']['simplematching'][$field]['column']) {
if ($this['tabledata']['simplematching'][$field]['column'] === "static value") {
//use a static value
$data[$field] = $this['tabledata']['simplematching'][$field]['static'];
} else {
if (strpos($this['tabledata']['simplematching'][$field]['column'], "fleximportconfig_") === 0) {
$config = substr($this['tabledata']['simplematching'][$field]['column'], strlen("fleximportconfig_"));
$template = FleximportConfig::get($config);
foreach ($data as $index => $value) {
$template = str_replace("{{" . $index . "}}", $value, $template);
}
foreach ($line as $index => $value) {
if (!in_array($index, $data)) {
$template = str_replace("{{" . $index . "}}", $value, $template);
}
}
$data[$field] = $template;
} else {
//use a matched column
$data[$field] = $line[$this['tabledata']['simplematching'][$field]['column']];
}
}
} else {
//else no mapping, don't even overwrite old value.
}
}
}
foreach ($fields as $field) {
//mapper:
if (strpos($this['tabledata']['simplematching'][$field]['column'], "fleximport_mapper__") === 0) {
list($prefix, $mapperclass, $format) = explode("__", $this['tabledata']['simplematching'][$field]['column']);
if (class_exists($mapperclass)) {
$mapper = new $mapperclass();
if (is_a($mapper, "FleximportMapper")) {
$mapfrom = $this['tabledata']['simplematching'][$field]['mapfrom'];
$data[$field] = $mapper->map($format, $data[$mapfrom] ?: $line[$mapfrom]);
}
}
}
}
//special mapping
if ($this['import_type'] === "Course") {
//Map seminar_id :
if (!$data['seminar_id'] && $this['tabledata']['simplematching']["seminar_id"]['column'] === "fleximport_map_from_veranstaltungsnummer_and_semester") {
$course = Course::findOneBySQL("name = ? AND start_time = ?", array($data['name'], $data['start_time']));
if ($course) {
$data['seminar_id'] = $course->getId();
}
}
//Map dozenten:
if ($this['tabledata']['simplematching']["fleximport_dozenten"]['column'] && !in_array("fleximport_dozenten", $this->fieldsToBeDynamicallyMapped())) {
$data['fleximport_dozenten'] = (array) preg_split($this['tabledata']['simplematching']["fleximport_dozenten"]['format'] === "fullname" ? "/\\s*,\\s*/" : "/\\s+/", $data['fleximport_dozenten'], null, PREG_SPLIT_NO_EMPTY);
switch ($this['tabledata']['simplematching']["fleximport_dozenten"]['format']) {
case "user_id":
$data['fleximport_dozenten'] = array_map(function ($user_id) {
$user = User::find($user_id);
if ($user) {
return $user->getId();
} else {
return null;
}
}, $data['fleximport_dozenten']);
break;
case "username":
$data['fleximport_dozenten'] = array_map("get_userid", $data['fleximport_dozenten']);
break;
case "email":
$data['fleximport_dozenten'] = array_map(function ($email) {
$user = User::findOneByEmail($email);
if ($user) {
return $user->getId();
} else {
return null;
}
}, $data['fleximport_dozenten']);
break;
case "fullname":
$data['fleximport_dozenten'] = array_map(function ($fullname) {
list($vorname, $nachname) = (array) preg_split("/\\s+/", $fullname, null, PREG_SPLIT_NO_EMPTY);
$user = User::findOneBySQL("Vorname = ? AND Nachname = ? AND perms = 'dozent'", array($vorname, $nachname));
if ($user) {
return $user->getId();
} else {
return null;
}
}, $data['fleximport_dozenten']);
break;
default:
//map by datafield
$datafield_id = $this['tabledata']['simplematching']["fleximport_dozenten"]['format'];
foreach ($data['fleximport_dozenten'] as $key => $value) {
$entry = DatafieldEntryModel::findOneBySQL("datafield_id = ? AND content = ?", array($datafield_id, $value));
if ($entry) {
$data['fleximport_dozenten'][$key] = $entry['range_id'];
} else {
unset($data['fleximport_dozenten'][$key]);
}
}
break;
}
}
//Map sem_type:
if ($this['tabledata']['simplematching']["status"]['column'] && $this['tabledata']['simplematching']["status"]['format']) {
if ($this['tabledata']['simplematching']["status"]['format'] === "name") {
$sem_type_id = null;
foreach ($GLOBALS['SEM_TYPE'] as $id => $sem_type) {
if ($sem_type['name'] === $data['status']) {
$sem_type_id = $id;
}
}
$data['status'] = $sem_type_id;
}
}
//Map Studienbereiche
if ($this['tabledata']['simplematching']["fleximport_studyarea"]['column'] && !in_array("fleximport_studyarea", $this->fieldsToBeDynamicallyMapped())) {
if ($this['tabledata']['simplematching']["fleximport_studyarea"]['column'] === "static value") {
$data['fleximport_studyarea'] = (array) explode(";", $this['tabledata']['simplematching']["fleximport_studyarea"]['static']);
} else {
$data['fleximport_studyarea'] = (array) explode(";", $data['fleximport_studyarea']);
$study_areas = array();
foreach ($data['fleximport_studyarea'] as $key => $name) {
foreach (StudipStudyArea::findBySQL("name = ?", array($name)) as $study_area) {
$study_areas[] = $study_area->getId();
}
}
$data['fleximport_studyarea'] = $study_areas;
}
}
if ($this['tabledata']['simplematching']["fleximport_course_userdomains"]['column'] && !in_array("fleximport_course_userdomains", $this->fieldsToBeDynamicallyMapped())) {
$data['fleximport_course_userdomains'] = (array) preg_split("/\\s*,\\s*/", $data['fleximport_course_userdomains'], null, PREG_SPLIT_NO_EMPTY);
$statement = DBManager::get()->prepare("SELECT userdomain_id FROM userdomains WHERE name IN (:domains) OR userdomain_id IN (:domains)");
$statement->execute(array('domains' => $data['fleximport_course_userdomains']));
$data['fleximport_course_userdomains'] = $statement->fetchAll(PDO::FETCH_COLUMN, 0);
}
}
if ($this['import_type'] === "User") {
if ($this['tabledata']['simplematching']["username"]['column']) {
if ($this['tabledata']['simplematching']["username"]['format'] === "email_first_part") {
list($data['username']) = explode("@", $data['username']);
}
if ($this['tabledata']['simplematching']["fleximport_username_prefix"]['column']) {
$data['username'] = $data['fleximport_username_prefix'] . $data['username'];
}
}
if ($this['tabledata']['simplematching']["fleximport_user_inst"]['column']) {
$data['fleximport_user_inst'] = (array) preg_split("/\\s*,\\s*/", $data['fleximport_user_inst'], null, PREG_SPLIT_NO_EMPTY);
$institut_ids = array();
foreach ($data['fleximport_user_inst'] as $inst_name) {
$statement = DBManager::get()->prepare("\n SELECT Institut_id\n FROM Institute\n WHERE Name = ?\n ");
$statement->execute(array($inst_name));
$institut_id = $statement->fetch(PDO::FETCH_COLUMN, 0);
if ($institut_id) {
$institut_ids[] = $institut_id;
}
}
$data['fleximport_user_inst'] = $institut_ids;
}
if ($this['tabledata']['simplematching']["fleximport_userdomains"]['column'] && !in_array("fleximport_userdomains", $this->fieldsToBeDynamicallyMapped())) {
$data['fleximport_userdomains'] = (array) preg_split("/\\s*,\\s*/", $data['fleximport_userdomains'], null, PREG_SPLIT_NO_EMPTY);
$statement = DBManager::get()->prepare("SELECT userdomain_id FROM userdomains WHERE name IN (:domains) OR userdomain_id IN (:domains)");
$statement->execute(array('domains' => $data['fleximport_userdomains']));
$data['fleximport_userdomains'] = $statement->fetchAll(PDO::FETCH_COLUMN, 0);
}
if ($this['tabledata']['simplematching']["fleximport_expiration_date"]['column'] && !in_array("fleximport_expiration_date", $this->fieldsToBeDynamicallyMapped())) {
if (!is_numeric($data['fleximport_expiration_date'])) {
$data['fleximport_expiration_date'] = strtotime($data['fleximport_expiration_date']);
}
}
}
if ($this['import_type'] === "User" && !$data['user_id']) {
if (!$data['user_id'] && $data['auth_plugin'] === "standard" && !$data['password']) {
$usermanager = new UserManagement();
$data['password'] = $usermanager->generate_password(6);
}
}
return $data;
}
public static function getPwdHasher()
{
if (self::$pwd_hasher === null) {
self::$pwd_hasher = new PasswordHash(8, $GLOBALS['PHPASS_USE_PORTABLE_HASH']);
}
return self::$pwd_hasher;
}
function userManagementPageHandler($page)
{
switch ($page[0]) {
case 'users':
include elgg_get_plugins_path() . 'userManagement/pages/users.php';
break;
case 'deactivate':
$userMgmt = new UserManagement();
$userMgmt->getInactiveUsers();
$userMgmt->deactivateUsers();
break;
//activate account form
//activate account form
case 'activate':
$userMgmt = new UserManagement();
//check if user doesnt have forces email send them to different form
if ($userMgmt->validEmail(get_input('email'))) {
include elgg_get_plugins_path() . 'userManagement/pages/activate.php';
} else {
include elgg_get_plugins_path() . 'userManagement/pages/changeEmail.php';
}
break;
//activate account action
//activate account action
case 'activation':
$userMgmt = new UserManagement();
$userGuid = get_input('u');
$code = get_input('c');
$user = get_entity($userGuid);
if (!$user) {
register_error(elgg_echo('activate:error'));
forward(REFERER);
}
$userMgmt->setUser($user);
if (!$userMgmt->validateCode($code)) {
register_error(elgg_echo('activate:error'));
forward(REFERER);
}
//activate user
if ($userMgmt->activateUser()) {
system_message(elgg_echo('activate:success'));
forward(REFERER);
}
break;
case 'import':
admin_gatekeeper();
elgg_admin_add_plugin_settings_menu();
elgg_set_context('admin');
elgg_unregister_css('elgg');
elgg_load_js('elgg.admin');
elgg_load_js('jquery.jeditable');
$vars = array('page' => $page);
$view = 'usermanagement/' . implode('/', $page);
$title = "Import Users";
$content = elgg_view($view);
$body = elgg_view_layout('admin', array('content' => $content, 'title' => $title));
echo elgg_view_page($title, $body, 'admin');
break;
case 'resetPassword':
set_input('guid', $_SESSION['userId']);
include elgg_get_plugins_path() . "userManagement/pages/resetPassword.php";
break;
case 'registerEmails':
include elgg_get_plugins_path() . "userManagement/pages/registerEmails.php";
break;
case 'admin':
if ($page[1] == activate) {
include elgg_get_plugins_path() . "userManagement/pages/admin/activate.php";
}
break;
default:
return false;
}
return true;
}
<?php $userMgmt = new UserManagement(); $userMgmt->importUsers($_FILES['users']['tmp_name']);
/**
* Function to test the function logOutFromALLDevices
*/
public function testLogOutFromAllDevices()
{
UserManagement::createUser("owasp1", "owasp", "*****@*****.**");
//create a user.
User::activateAccount("owasp1");
$obj1 = UserManagement::logIn("owasp1", "owasp");
$obj2 = UserManagement::logIn("owasp1", "owasp");
//log in the same user from different device.
$obj3 = UserManagement::logIn("owasp1", "owasp");
//log in the same user from different device.
//set session variables to imitate real cookies.
$randomValue = randstr(32);
SQL("INSERT INTO `SESSION` (`SESSION_ID`, `DATE_CREATED`, `LAST_ACTIVITY`, `USERID`) VALUES (?, ?, ?, ?)", array($randomValue, time(), time(), $obj3->getUserID()));
SQL("INSERT INTO `SESSION` (`SESSION_ID`, `DATE_CREATED`, `LAST_ACTIVITY`, `USERID`) VALUES (?, ?, ?, ?)", array(randstr(32), time(), time(), $obj3->getUserID()));
SQL("INSERT INTO `SESSION` (`SESSION_ID`, `DATE_CREATED`, `LAST_ACTIVITY`, `USERID`) VALUES (?, ?, ?, ?)", array(randstr(32), time(), time(), $obj3->getUserID()));
$_COOKIE['sessionid'] = $randomValue;
UserManagement::logOutFromAllDevices($obj1->getUserID());
//This will delete all the sessions from the DB
$result = SQL("SELECT * FROM SESSION");
$Test = count($result) == 0;
UserManagement::deleteUser("owasp1");
//delete the newly created users.
$this->assertTrue($Test);
}
/**
* To delete a user.
* @param string $userID The user ID that needs to be deleted
* @return boolean Returns true if the user is deleted. False
* @throws UserNotExistsException Will be thrown if no user is found with the given ID
*/
public static function deleteUser($userID)
{
$userObj = UserManagement::forceLogIn($userID);
$deleted = $userObj->deleteUser();
return $deleted == TRUE;
}
user-select: none;
}
.autocompleteSuggestion {
cursor: pointer;
}
.showEmphasis {
border-color: rgba(82, 168, 236, 0.8);
box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1) inset, 0 0 8px #62C462;
outline: 0 none;
}
</style>
<?php
UserManagement::SetInactiveLogoutTime(30);
?>
</head>
<body>
<div id="portfolioErrorModal" class="modal hide">
<div class="modal-header">
<a href="#" class="close">×</a>
<h3>Portfolio Error</h3>
</div>
<div class="modal-body">
<p>
There is some issue with your portfolio.
</p>
<p>
Please ensure that you have entered only positive, numeric values.
function __construct()
{
self::$passwordHashManager = new PasswordHash(8, FALSE);
self::$db = Utilities::get("Db");
}
<?php
require_once "../lib/lib.php";
UserManagement::DestroySession();
header("Location: /");
function UserManagementRequestNewPassword ($user_id) {
parent::UserManagement($user_id);
}
<?php
include "../classes/Global.php";
include "../classes/UserManagement.php";
$u = new UserManagement();
$u->addUser("korpen.se", "test", "www.korpen.se");
$u->addUser("pedant.dk", "test", "pedant.dk");
$u->addUser("efessexparktaarnby.dk", "test", "efessexparktaarnby.dk");
$u->addUser("jci.dk", "test", "jci.dk");
$u->addUser("johanbackstrom.se", "test", "johanbackstrom.se");
$u->addUser("gianelli.dk", "test", "gianelli.dk");
$u->addUser("jaksm.dk", "test", "jaksm.dk");
$u->addUser("kruse-net.dk", "test", "kruse-net.dk");
$u->addUser("www.xn--schler-dya.net", "test", "www.xn--schler-dya.net");
$u->addUser("sjv.se", "test", "sjv.se");
if (isset($_REQUEST['e'])) {
$EmailAddress = $_REQUEST['e'];
} else {
return;
}
if (isset($_REQUEST['p'])) {
$Password = $_REQUEST['p'];
} else {
return;
}
if (isset($_REQUEST['s'])) {
$CreateSession = $_REQUEST['s'] == "true" ? true : false;
} else {
return;
}
$UM = new UserManagement();
$UM->CreateUser($EmailAddress, $Password);
print JSONResponse::PrepareResponse(true, "Creation status enclosed", $Created);
break;
case 'validateusercredentials':
if (isset($_REQUEST['e'])) {
$EmailAddress = $_REQUEST['e'];
} else {
return;
}
if (isset($_REQUEST['p'])) {
$Password = $_REQUEST['p'];
} else {
return;
}
if (isset($_REQUEST['s'])) {
public function StoreRecoveryHash($EmailAddress)
{
$this->Connect();
$Rows = null;
if ($Statement = $this->MySQLi->prepare("UPDATE users SET recovery_hash = ? WHERE users.user_email = ?")) {
$RecoveryHash = UserManagement::GenerateRecoveryHash();
$Statement->bind_param("ss", $RecoveryHash, $EmailAddress);
$Statement->execute();
$Rows = $this->MySQLi->affected_rows;
if ($Rows == 1) {
}
$Statement->close();
}
$this->Disconnect();
return $RecoveryHash;
}
<?php
/** New User Creation Page Presents form to user with Checksum */
session_start();
/* includes PHP functions, activates myAutoLoader*/
include 'functions.php';
spl_autoload_register('my_autoLoader');
$key = new FormKey();
/*Validates form keys*/
$newU = false;
if (isset($_SESSION['formKey']) && isset($_POST['formKey'])) {
if ($key->confirmKey()) {
/* Begins Validation loop */
$create = new UserManagement();
$newU = $create->setNewUser($_POST['username'], $_POST['password'], $_POST['passwordConf'], $_POST['email']);
if (!$newU) {
$createErrors = $create->getErrorCode();
}
$create = null;
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
<title>Bootstrap 101 Template</title>
<?php
/** New User Creation Page Presents form to user with Checksum */
session_start();
/* includes PHP functions, activates myAutoLoader*/
include 'functions.php';
spl_autoload_register('my_autoLoader');
$lock = new LockoutCheck();
$locked = $lock->getLockout();
$lock = null;
$status = false;
$key = new FormKey();
if (isset($_SESSION['formKey']) && isset($_POST['formKey'])) {
$keyConfirmed = $key->confirmKey();
//
$login = new UserManagement();
$status = $login->loginUser($_POST['username'], $_POST['password']);
$login = null;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
<title>Bootstrap 101 Template</title>
<!-- Bootstrap -->
<?php
$guids = get_input('user-guids');
$userMgmt = new UserManagement();
if (is_array($guids)) {
foreach ($guids as $guid) {
$user = get_entity($guid);
$userMgmt->setUser($user);
if (!$userMgmt->activateUser()) {
$error = 'Unable to activate ' . $user->username;
}
}
} elseif ($guids) {
$user = get_entity($guids);
$userMgmt->setUser($user);
if (!$userMgmt->activateUser()) {
$error = 'Unable to activate ' . $user->username;
}
}
if ($error) {
register_error($error);
} else {
system_message('Users activated');
}
forward(REFERER);
<?php
$guid = get_input('guid');
$password = get_input('password');
$passwordAgain = get_input('password-again');
if ($guid != $_SESSION['userId']) {
forward('');
}
$userMgmt = UserManagement::withID($guid);
if ($userMgmt->changePswd($password, $passwordAgain)) {
system_message(elgg_echo('resetPassword:success'));
forward('');
} else {
forward(REFERER);
}
while (!feof($fo)) {
$list .= fgets($fo, 1024);
}
$kill_list = preg_split("/[\\s,;]+/", $list, -1, PREG_SPLIT_NO_EMPTY);
$kill_list = array_unique($kill_list);
$query = "SELECT * FROM auth_user_md5 WHERE username IN (?)";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($kill_list ?: ''));
while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
$kill_user[$row['username']] = $row;
}
if (!is_array($kill_user)) {
fwrite(STDOUT, 'No user from list found in database.' . chr(10));
exit(0);
}
$umanager = new UserManagement();
foreach ($kill_user as $uname => $udetail) {
if (!KILL_ADMINS && ($udetail['perms'] == 'admin' || $udetail['perms'] == 'root')) {
fwrite(STDOUT, "user: {$uname} is '{$udetail['perms']}', NOT deleted" . chr(10));
} else {
$umanager->user_data = array();
$umanager->msg = '';
$umanager->getFromDatabase($udetail['user_id']);
//wenn keine Email gewünscht, Adresse aus den Daten löschen
if (!SEND_MAIL_ON_DELETE) {
$umanager->user_data['auth_user_md5.Email'] = '';
}
if ($umanager->deleteUser()) {
fwrite(STDOUT, "user: {$uname} successfully deleted:" . chr(10) . parse_msg_to_clean_text($umanager->msg) . chr(10));
} else {
fwrite(STDOUT, "user: {$uname} NOT deleted:" . chr(10) . parse_msg_to_clean_text($umanager->msg) . chr(10));
