function train($f3)
{
// Check if Logged In User is Allowed to Train
if (!$f3->get('SESSION.active') || !$f3->get('SESSION.admin') && !\R::findOne('trainings', 'users_id=? AND tools_id=? AND level=?', array($f3->get('SESSION.id'), $this->D->id, 'T'))) {
throw new \Exception('You are not authorized to train for this machine.');
}
if ($f3->get('POST')) {
// Check Instructor Validity
if ($f3->get('POST.instructor') != $f3->get('SESSION.username')) {
if (!$f3->get('SESSION.admin')) {
throw new \Exception('Cannot Change Instructor');
}
}
if (!($instructor = \R::findOne('users', 'username=? AND active=1', array($f3->get('POST.instructor'))))) {
throw new \Exception('Invalid Instructor Username');
}
$f3->set('instructor', $instructor);
if ($f3->exists('POST.username')) {
// Ensure User Checked the Affirmation
if (!$f3->get('POST.affirmation')) {
throw new \Exception('Did not check legal aggreement box.');
}
// Get Trained User
$user = new Users($f3);
$user->authenticate($f3);
$user->update_user($f3);
$this->create_record($f3, $user->D, $instructor);
}
}
$f3->set('data.training_levels', json_decode($f3->get('data.training_levels')));
show_page($f3, 'trainings.train');
}
function users_after_pie_reroute($params, &$stop_dispatch)
{
$uri = Pie_Dispatcher::uri();
$app = Pie_Config::expect('pie', 'app');
$ma = $uri->module . '/' . $uri->action;
$requireComplete = Pie_Config::get('users', 'requireComplete', array());
if (isset($requireComplete[$ma])) {
$redirect_action = is_string($requireComplete[$ma]) ? $requireComplete[$ma] : "{$app}/login";
$test_complete = true;
} else {
$requireLogin = Pie_Config::get('users', 'requireLogin', array());
if (!isset($requireLogin[$ma])) {
// We don't have to require complete or login here
return;
}
$redirect_action = is_string($requireLogin[$ma]) ? $requireLogin[$ma] : "{$app}/login";
}
// First, try to get the user
$user = Users::loggedInUser();
if (!$user) {
// Try authenticating with facebook
$module = Pie_Dispatcher::uri()->module;
$app_id = Pie_Config::expect('users', 'facebookApps', $module, 'appId');
$user = Users::authenticate('facebook', $app_id);
}
if (!$user) {
$uri->onSuccess = $uri->module . '/' . $uri->action;
$uri->onCancel = "{$app}/welcome";
if ($uri->onSuccess === $redirect_action) {
// avoid a redirect loop
$uri->onSuccess = "{$app}/home";
}
$parts = explode('/', $redirect_action);
$uri->action = $parts[0];
$uri->action = $parts[1];
}
// If have requireLogin but not requireComplete, then
// simply change the underlying URI without redirecting
if (empty($test_complete)) {
return;
}
// If we are here, we should check if the user account is complete
$complete = Pie::event('users/account/complete');
if ($complete) {
// good, nothing else to complete
return;
}
// redirect to account page
$account_action = Pie_Config::expect('users', 'accountAction', $uri->module);
if ($ma != $account_action) {
// Make the user launch into setting up their account.
// If they want to return to this URL later, they can do it on their own.
Pie_Response::redirect($account_action);
$stop_dispatch = true;
return;
}
}
function Users_authenticate_post()
{
// Authenticate the logged-in user with the provider via the app
// It will try to set an email address for the user if one isn't set yet
$user = Users::authenticate('facebook', null, $authenticated, true);
if (!$user) {
throw new Users_Exception_NotLoggedIn();
}
Users::setLoggedInUser($user);
}
/**
* Authenticates the user. If the authentication fails, displays the login
* page. Otherwise, sets the user id to the 'user' session variable and
* redirects to checkout.
*/
public static function login()
{
$params = $_POST;
$user = Users::authenticate($params['username'], $params['password']);
if ($user) {
$_SESSION['user'] = $user->id;
Redirect::to('/kassa', array('message' => 'Kirjautuminen onnistui!'));
} else {
View::make('user/login.html', array('message' => 'Väärä käyttäjätunnus tai salasana!', 'username' => $params['username']));
}
}
public function actionIndex()
{
if (!Yii::app()->user->isGuest) {
$this->redirect("/");
}
$user = new Users();
if (Yii::app()->request->isPostRequest && isset($_POST['Auth'])) {
$user->setAttributes($_POST['Auth']);
$user->authenticate();
if (!$user->hasErrors()) {
$this->redirect("/");
}
}
$this->render("index", array("model" => $user));
}
public function actionIndex()
{
if (!Yii::app()->user->isGuest) {
$this->redirect($this->createUrl("/personal/cabinet/index"));
}
$user = new Users();
if (Yii::app()->request->isPostRequest && isset($_POST['Auth'])) {
if (!isset($_POST['YII_CSRF_TOKEN']) || $_POST['YII_CSRF_TOKEN'] !== Yii::app()->getRequest()->getCsrfToken()) {
throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.');
}
$user->setAttributes($_POST['Auth']);
$user->authenticate();
if (!$user->hasErrors()) {
$this->redirect($this->createUrl("/personal/cabinet/index"));
}
}
$this->Title = "Авторизация";
$this->render("index", array("model" => $user));
}
/**
* Performs an authentication attempt
*
* @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
* @return Zend_Auth_Result
*/
public function authenticate()
{
try {
$this->user = Users::authenticate($this->email, $this->password);
} catch (Exception $e) {
if ($e->getMessage() == Users::WRONG_PW) {
return $this->result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, self::BAD_PW_MESSAGE);
}
if ($e->getMessage() == Users::NOT_FOUND) {
return $this->result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, self::NOT_FOUND_MESSAGE);
}
if ($e->getMessage() == Users::BAN) {
return $this->result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, self::BAN_MESSAGE);
}
if ($e->getMessage() == Users::NOT_VERIFY) {
return $this->result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, self::VERIFY_MESSAGE);
}
}
return $this->result(Zend_Auth_Result::SUCCESS);
}
* - feed.php?id=12
*
* @link http://blogs.law.harvard.edu/tech/rss RSS 2.0 Specification
*
* @author Bernard Paques
* @author GnapZ
* @tester Pat
* @reference
* @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
*/
// common definitions and initial processing
include_once '../shared/global.php';
// ensure we only provide public content through newsfeeds
$context['users_without_teasers'] = 'Y';
// check network credentials, if any -- used by winamp and other media players
if ($user = Users::authenticate()) {
Surfer::empower($user['capability']);
}
// look for the id
$id = NULL;
if (isset($_REQUEST['id'])) {
$id = $_REQUEST['id'];
} elseif (isset($context['arguments'][0])) {
$id = $context['arguments'][0];
} elseif (Surfer::is_logged()) {
$id = Surfer::get_id();
}
$id = strip_tags($id);
// get the item from the database
$item = Users::get($id);
// associates can do what they want
/**
* Registers a user in the system.
* @method register
* @static
* @param {string} $username The name of the user
* @param {string|array} $identifier Can be an email address or mobile number. Or it could be an array of $type => $info
* @param {string} [$identifier.identifier] an email address or phone number
* @param {array} [$identifier.device] an array with keys "deviceId", "platform", "version"
* to store in the Users_Device table for sending notifications
* @param {array|string} [$icon=array()] Array of filename => url pairs
* @param {string} [$provider=null] Provider such as "facebook"
* @param {array} [$options=array()] An array of options that could include:
* @param {string} [$options.activation] The key under "Users"/"transactional" config to use for sending an activation message. Set to false to skip sending the activation message for some reason.
* @return {Users_User}
* @throws {Q_Exception_WrongType} If identifier is not e-mail or modile
* @throws {Q_Exception} If user was already verified for someone else
* @throws {Users_Exception_AlreadyVerified} If user was already verified
* @throws {Users_Exception_UsernameExists} If username exists
*/
static function register($username, $identifier, $icon = array(), $provider = null, $options = array())
{
if (is_array($provider)) {
$options = $provider;
$provider = null;
}
/**
* @event Users/register {before}
* @param {string} username
* @param {string|array} identifier
* @param {string} icon
* @param {string} provider
* @return {Users_User}
*/
$return = Q::event('Users/register', compact('username', 'identifier', 'icon', 'provider', 'options'), 'before');
if (isset($return)) {
return $return;
}
$during = 'register';
if (is_array($identifier)) {
reset($identifier);
switch (key($identifier)) {
case 'device':
$fields = array('deviceId', 'platform', 'version');
Q_Valid::requireFields($fields, $identifier, true);
$device = $identifier;
if (isset($identifier['identifier'])) {
$identifier = $identifier['identifier'];
}
break;
default:
throw new Q_Exception_WrongType(array('field' => 'identifier', 'type' => 'an array with entry named "device"'));
}
}
if (Q_Valid::email($identifier, $emailAddress)) {
$ui_identifier = $emailAddress;
$key = 'email address';
$type = 'email';
} else {
if (Q_Valid::phone($identifier, $mobileNumber)) {
$key = 'mobile number';
$ui_identifier = $mobileNumber;
$type = 'mobile';
} else {
throw new Q_Exception_WrongType(array('field' => 'identifier', 'type' => 'email address or mobile number'), array('emailAddress', 'mobileNumber'));
}
}
$user = false;
if ($provider) {
if ($provider != 'facebook') {
throw new Q_Exception_WrongType(array('field' => 'provider', 'type' => '"facebook"'));
}
$facebook = Users::facebook();
if ($facebook) {
$uid = $facebook->getUser();
try {
// authenticate (and possibly adopt) an existing provider user
// or insert a new user during this authentication
$user = Users::authenticate($provider, null, $authenticated, true);
} catch (Exception $e) {
}
if ($user) {
// the user is also logged in
$adopted = true;
// Adopt this provider user
/**
* @event Users/adoptFutureUser {before}
* @param {Users_User} user
* @param {string} during
* @return {Users_User}
*/
$ret = Q::event('Users/adoptFutureUser', compact('user', 'during'), 'before');
if ($ret) {
$user = $ret;
}
}
}
}
if (!$user) {
$user = new Users_User();
// the user we will save in the database
}
if (empty($adopted)) {
// We will be inserting a new user into the database, so check if
// this identifier was already verified for someone else.
$ui = Users::identify($type, $ui_identifier);
if ($ui) {
throw new Users_Exception_AlreadyVerified(compact('key'), array('emailAddress', 'mobileNumber', 'identifier'));
}
}
// Insert a new user into the database, or simply modify an existing (adopted) user
$user->username = $username;
if (!isset($user->signedUpWith) or $user->signedUpWith == 'none') {
$user->signedUpWith = $type;
}
$user->icon = 'default';
$user->passphraseHash = '';
$url_parts = parse_url(Q_Request::baseUrl());
if (isset($url_parts['host'])) {
// By default, the user's url would be this:
$user->url = $username ? "http://{$username}." . $url_parts['host'] : "";
}
/**
* @event Users/insertUser {before}
* @param {string} during
* @param {Users_User} user
*/
Q::event('Users/insertUser', compact('user', 'during'), 'before');
$user->save();
// sets the user's id
/**
* @event Users/insertUser {after}
* @param {string} during
* @param {Users_User} user
*/
Q::event('Users/insertUser', compact('user', 'during'), 'after');
$sizes = Q_Config::expect('Users', 'icon', 'sizes');
sort($sizes);
if (empty($icon)) {
switch ($provider) {
case 'facebook':
// let's get this user's icon on facebook
if (empty($uid)) {
break;
}
$icon = array();
foreach ($sizes as $size) {
$icon["{$size}.png"] = "https://graph.facebook.com/{$uid}/picture?width={$size}&height={$size}";
}
break;
}
} else {
// Import the user's icon and save it
if (is_string($icon)) {
// assume it's from gravatar
$iconString = $icon;
$icon = array();
foreach ($sizes as $size) {
$icon["{$size}.png"] = "{$iconString}&s={$size}";
}
} else {
// locally generated icons
$hash = md5(strtolower(trim($identifier)));
$icon = array();
foreach ($sizes as $size) {
$icon["{$size}.png"] = array('hash' => $hash, 'size' => $size);
}
}
}
if (!Q_Config::get('Users', 'register', 'icon', 'leaveDefault', false)) {
self::importIcon($user, $icon);
$user->save();
}
if (empty($user->emailAddress) and empty($user->mobileNumber)) {
// Add an email address or mobile number to the user, that they'll have to verify
try {
$activation = Q::ifset($options, 'activation', 'activation');
if ($activation) {
$subject = Q_Config::get('Users', 'transactional', $activation, "subject", null);
$body = Q_Config::get('Users', 'transactional', $activation, "body", null);
} else {
$subject = $body = null;
}
if ($type === 'email') {
$user->addEmail($identifier, $subject, $body, array(), $options);
} else {
if ($type === 'mobile') {
$p = $options;
if ($delay = Q_Config::get('Users', 'register', 'delaySms', 0)) {
$p['delay'] = $delay;
}
$sms = Q_Config::get('Users', 'transactional', $activation, "sms", null);
$user->addMobile($mobileNumber, $sms, array(), $p);
}
}
} catch (Exception $e) {
// The activation message could not be sent, so remove this user
// from the database. This way, this username will be
// back on the market.
$user->remove();
throw $e;
}
}
if (!empty($device)) {
$device['userId'] = $user->id;
Users_Device::add($device);
}
/**
* @event Users/register {after}
* @param {string} username
* @param {string|array} identifier
* @param {string} icon
* @param {Users_User} user
* @param {string} provider
* @return {Users_User}
*/
$return = Q::event('Users/register', compact('username', 'identifier', 'icon', 'user', 'provider', 'options', 'device'), 'after');
return $user;
}
/**
* Get the status of the logged-in user and their account.
* @param Users_Email $email
* Optional. Pass a reference here to be filled with the email object, if it's loaded.
* You can use it in conjunction with the "verify email" status.
* @return array|boolean
* Returns false if the user is not logged in.
* Returns true if everything is complete.
* Otherwise, returns an array whose keys are the names of the missing fields:
* ("first_name", "last_name", "birthday", "gender", "desired_gender", "username",
* "email_address")
* and the values are "missing" or "unverified"
*/
static function accountStatus(&$email = null)
{
$module = Pie_Dispatcher::uri()->module;
$user = Users::loggedInUser();
if (!$user) {
// Try to authenticate
$app_id = Pie_Config::expect('users', 'facebookApps', $module, 'appId');
$user = Users::authenticate('facebook', $app_id);
if (!$user) {
return false;
}
}
$result = array();
if (empty($user->email_address)) {
// An email address isn't verified for this user yet.
// If the user hasn't even added an email address, then ask for one.
if (!isset(self::$email)) {
self::$email = new Users_Email();
self::$email->user_id = $user->id;
self::$email = self::$email->retrieve(null, false, '*', true)->orderBy('time_created', false)->resume();
}
$email = self::$email;
if ($email) {
// The email could be unverified, sunspended, unsubscribed, etc.
$result['email_address'] = $email->state;
} else {
$result['email_address'] = 'missing';
}
}
$fieldnames = array('first_name', 'last_name', 'username', 'birthday', 'gender', 'desired_gender', 'relationship_status', 'relationship_user_id', 'zipcode');
foreach ($fieldnames as $k => $v) {
if (empty($user->{$v})) {
$result[$v] = 'missing';
}
}
return $result;
}
function items_addPhoto_response_content()
{
if (isset($_POST['fb_sig_app_id'])) {
$app_id = $_POST['fb_sig_app_id'];
} else {
$app = Pie_Config::expect('pie', 'app');
$app_id = Pie_Config::expect('users', 'facebookApps', $app, 'appId');
}
Users::authenticate('facebook', $app_id);
return Pie::tool('items/addPhoto', array());
}
