public function createUserAction()
{
$this->view->disable();
$inputData = $this->request->getJsonRawBody();
$messages = Users::getValidator()->validate($inputData);
if (count($messages)) {
$errors = [];
foreach ($messages as $message) {
$errors[] = ['message' => $message->getMessage(), 'field' => $message->getField()];
}
$this->response->setJsonContent(['status' => 'error', 'data' => $errors]);
$this->response->setStatusCode(401, 'validation fail');
$this->response->send();
} else {
$user = new Users();
$user->firstName = $inputData->firstName;
$user->lastName = $inputData->lastName;
$user->email = $inputData->email;
$user->password = md5($inputData->password);
$user->gender = $inputData->gender;
$user->details = $inputData->details;
$user->hobby = serialize($inputData->hobby);
if ($inputData->image->filetype == 'image/jpeg') {
$user->fileName = '.jpg';
} else {
$user->fileName = '.png';
}
$user->create();
file_put_contents('files/' . $user->id . $user->fileName, base64_decode($inputData->image->base64));
$this->response->setJsonContent(['status' => 'success', 'data' => 'user added']);
$this->response->setStatusCode(200, "OK");
$this->response->send();
}
}
/** * Run the database seeds. * * @return void */
public function run()
{
DB::table('users')->delete();
Users::create(['id' => 1210311232, 'name' => '李锐', 'password' => Hash::make('1210311232')]);
Users::create(['id' => 1210311233, 'name' => '陈曦', 'password' => Hash::make('1210311233')]);
Users::create(['id' => 1234567890, 'name' => '管理员', 'password' => Hash::make('root'), 'is_admin' => 1]);
}
/**
* Registration
*/
public function upAction()
{
if ($this->request->isPost()) {
$user = new Users();
$user->login = $this->request->getPost('login', 'string');
$user->password = $this->request->getPost('password', 'string');
$passwordVerify = $this->request->getPost('password-verify', 'string');
if (md5($user->password) !== md5($passwordVerify)) {
$this->flashSession->error('Пароли не совпадают');
return;
}
if (!$user->create()) {
$this->flashSession->error(implode("<br/>", $user->getMessages()));
return;
}
$auth = new Auth();
$authSucceed = $auth->authorize($user);
if ($authSucceed) {
$this->response->redirect();
return;
}
$this->dispatcher->forward(['controller' => 'sign', 'action' => 'in']);
return;
}
}
public function postAction()
{
$this->getConnectedUser()->assertRight('user_create');
if (Users::exists($_POST['user_login'])) {
throw new Knb_Error("An user with the name {${$_POST['user_login']}} already exists");
}
Users::create($_POST);
}
public function getKlantByID($idklant)
{
$sql = "select * from klant where idklant = :idklant";
$dbh = new PDO(DBConfig::$DB_CONNSTRING, DBConfig::$DB_USERNAME, DBConfig::$DB_PASSWORD);
$stmt = $dbh->prepare($sql);
$stmt->execute(array(':idklant' => $idklant));
$rij = $stmt->fetch(PDO::FETCH_ASSOC);
$klanten = Users::create($rij["idklant"], $rij["naam"], $rij["voornaam"], $rij["straat"], $rij["nr"], $rij["postcode"], $rij["gemeente"], $rij["email"]);
$dbh = null;
return $klanten;
}
public function post_create()
{
$rules = array('userEmail' => 'required|email|max:60', 'userPassword' => 'required|max:60');
$validation = Validator::make(Input::get(), $rules);
if ($validation->fails()) {
return Redirect::to('admin/users');
}
$email = Input::get('userEmail');
$password = Input::get('userPassword');
Users::create($email, $password);
return Redirect::to('admin/users');
}
public function process()
{
$user = new Users();
$salt = Hash::salt(32);
//generate some tandom salt
try {
$user->create(array('userid' => Input::get('res-id'), 'password' => Hash::make(Input::get('res-pass'), $salt), 'salt' => $salt, 'joined' => date('Y-m-d H:i:s')));
return 1;
} catch (Exception $e) {
return 0;
}
}
public function register()
{
include_once "models/Users.php";
$users = new Users();
$result = $users->create();
if ($result) {
$_SESSION["user"] = serialize($users);
header("Location: dashboard");
} else {
$error = "register";
header("Location: login?error=" . $error);
}
}
/**
* getUser
* Get user info from db or save fb data to db
*
* @param array $fb_user returned by FB request
*
* @return object
**/
function getUser($fb_user)
{
// check user exists in DB
$user = Users::findOne($fb_user['id']);
if (!$user) {
// save user info
$user = Users::create();
$user->id = $fb_user['id'];
$user->name = $fb_user['name'];
$user->email = $fb_user['email'];
$user->save();
}
return $user;
}
function CreateUser($data, $fields)
{
try {
$User = new Users();
$result = $User->create($fields);
$this->domain->addDomainValue('CREATED', $User->getUsrUid());
return $result;
} catch (Exception $e) {
$result = array('Exception!! ' => $e->getMessage());
if (isset($e->aValidationFailures)) {
$result['ValidationFailures'] = $e->aValidationFailures;
}
return $result;
}
}
function signupAction()
{
if ($this->request->isPost()) {
$fields = array('username', 'email', 'password', 'cpassword');
$fieldsEntered = 0;
foreach ($fields as $field) {
${$field} = $this->request->getPost($field);
if (trim(${$field}) != '') {
$fieldsEntered++;
}
}
$errors = array();
if ($fieldsEntered < count($fields)) {
array_push($errors, "Some fields were not entered.");
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
array_push($errors, "Email is invalid.");
}
if (strlen($password) < 6) {
array_push($errors, "Password must be at least 6 characters long.");
}
if ($password != $cpassword) {
array_push($errors, "Passwords don't match.");
}
$user = Users::findFirst("email = '{$email}' OR username = '******'");
if ($user) {
array_push($errors, "Email or username is already taken.");
}
if (!count($errors)) {
$salt = bin2hex(openssl_random_pseudo_bytes(16, $cstrong));
$user = new Users();
$user->username = $username;
$user->email = $email;
$user->salt = $salt;
$user->password = md5($salt . $password);
if ($user->create()) {
$this->response->redirect('/login?success');
$this->view->disable();
} else {
array_push($errors, "An error occurred during the signup process.");
}
}
$this->view->errors = $errors;
}
echo $this->view->render('auth', 'signup');
}
public static function create($data)
{
session_start();
$headers = apache_request_headers();
$token = $headers['X-Auth-Token'];
if (!$headers['X-Auth-Token']) {
header('Invalid CSRF Token', true, 401);
return print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Invalid CSRF Token / Bad Request / Unauthorized ... Please Login again'), JSON_PRETTY_PRINT);
die;
} else {
if ($token != $_SESSION['form_token']) {
header('Invalid CSRF Token', true, 401);
return print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Invalid CSRF Token / Bad Request / Unauthorized ... Please Login again'), JSON_PRETTY_PRINT);
die;
} else {
if (isset($data['username']) && empty($data['username'])) {
return print json_encode(array('success' => false, 'status' => 200, 'msg' => 'Username is required'), JSON_PRETTY_PRINT);
die;
} else {
if (isset($data['password']) && empty($data['password'])) {
return print json_encode(array('success' => false, 'status' => 200, 'msg' => 'Password is required'), JSON_PRETTY_PRINT);
die;
} else {
if (isset($data['email']) && empty($data['email'])) {
return print json_encode(array('success' => false, 'status' => 200, 'msg' => 'Email is required'), JSON_PRETTY_PRINT);
die;
} else {
if (isset($data['fname']) && empty($data['fname'])) {
return print json_encode(array('success' => false, 'status' => 200, 'msg' => 'First Name is required'), JSON_PRETTY_PRINT);
die;
} else {
if (isset($data['lname']) && empty($data['lname'])) {
return print json_encode(array('success' => false, 'status' => 200, 'msg' => 'Last Name is required'), JSON_PRETTY_PRINT);
die;
} else {
$var = ["username" => $data['username'], "password" => $data['password'], "email" => $data['email'], "mobileno" => $data['mobileno'], "fname" => $data['fname'], "lname" => $data['lname'], "level" => $data['level']];
Users::create($var);
}
}
}
}
}
}
}
}
function createPage($smarty)
{
if (Users::loggedIn()) {
Redirect::to('?page=profile');
}
if (Input::exists()) {
if (Input::get('action') === 'register') {
$validation = new Validate();
$validation->check($_POST, array_merge(Config::get('validation/register_info'), Config::get('validation/set_password')));
if ($validation->passed()) {
try {
Users::create(array('student_id' => Input::get('sid'), 'password' => Hash::hashPassword(Input::get('password')), 'permission_group' => 1, 'name' => Input::get('name'), 'email' => Input::get('email'), 'umail' => Input::get('sid') . '@umail.leidenuniv.nl', 'phone' => Phone::formatNumber(Input::get('phone')), 'joined' => DateFormat::sql()));
Users::login(Input::get('sid'), Input::get('password'));
Notifications::addSuccess('You have been succesfully registered!');
Redirect::to('?page=profile');
} catch (Exception $e) {
Notifications::addError($e->getMessage());
}
} else {
Notifications::addValidationFail($validation->getErrors());
}
}
if (Input::get('action') === 'login') {
$validation = new Validate();
$validation->check($_POST, Config::get('validation/login'));
if ($validation->passed()) {
$login = Users::login(Input::get('sid'), Input::get('password'), Input::getAsBool('remember'));
if ($login) {
Notifications::addSuccess('You have been logged in!');
Redirect::to('?page=profile');
} else {
Notifications::addValidationFail('Invalid student number or password.');
}
} else {
Notifications::addValidationFail($validation->getErrors());
}
}
}
$smarty->assign('remember', Input::getAsBool('remember'));
$smarty->assign('name', Input::get('name'));
$smarty->assign('sid', Input::get('sid'));
$smarty->assign('email', Input::get('email'));
$smarty->assign('phone', Input::get('phone'));
return $smarty;
}
public function action_check()
{
$rules = array('email' => 'required|email|max:60', 'password' => 'required|max:60');
$validation = Validator::make(Input::get(), $rules);
if ($validation->fails()) {
return Redirect::to('signup');
}
$email = Input::get('email');
$password = Input::get('password');
$created = Users::create($email, $password);
if (Request::ajax()) {
if ($created) {
return Response::json(array('success' => true));
} else {
return Response::json(array('success' => false));
}
} else {
return Redirect::to('home');
}
}
public function masuk()
{
FacebookSession::setDefaultApplication(Config::get('facebook.appId'), Config::get('facebook.secret'));
$helper = new FacebookRedirectLoginHelper(url('/fblogin'));
$scope = array('email');
$session = $helper->getSessionFromRedirect();
if (isset($session)) {
//return Redirect::to('/bergabung');
$request = new FacebookRequest($session, 'GET', '/me');
$response = $request->execute();
// get response
$graphObject = $response->getGraphObject();
$fbid = $graphObject->getProperty('id');
// To Get Facebook ID
$fbfullname = $graphObject->getProperty('name');
// To Get Facebook full name
$femail = $graphObject->getProperty('email');
Session::put('logged_in', '1');
Session::put('level', 'user');
Session::put('user_name', $fbfullname);
Session::put('fbid', $fbid);
//$fbcheck = $this->checkuser($fbid,$fbfullname,$femail);
$fbcheck = $this->check($fbid);
if ($fbcheck == TRUE) {
$data = array('fbname' => $fbfullname, 'fbemail' => $femail);
Users::where('fbid', '=', $fbid)->update($data);
$userid = Users::where('fbid', '=', $fbid)->first()->id;
Session::put('user_id', $userid);
return Redirect::to('/beranda');
} else {
Users::create($data);
$userid = Users::where('fbid', '=', $fbid)->first()->id;
Session::put('user_id', $userid);
return View::make('selamat_bergabung');
}
} else {
$loginUrl = $helper->getLoginUrl($scope);
return Redirect::to($loginUrl);
}
}
public function insert_employee_data()
{
$id = 'EMP00' . (count(Emp_info_model::all()) + 1);
$this->form_validation->set_rules('txtJobTitle', 'Job Title', 'trim|required');
$this->form_validation->set_rules('txtEmploymentType', 'Employment Type', 'trim|required');
$this->form_validation->set_rules('txtEmpDepartment', 'Employee Department', 'trim|required');
$this->form_validation->set_rules('txtFirstName', 'First Name', 'trim|required');
$this->form_validation->set_rules('txtMiddleName', 'Middle Name', 'trim');
$this->form_validation->set_rules('txtLastName', 'Last Name', 'trim|required');
$this->form_validation->set_rules('txtGender', 'Gender', 'trim|required');
$this->form_validation->set_rules('txtBday', 'Birthday', 'trim|required');
$this->form_validation->set_rules('txtStatus', 'Marital Status', 'trim|required');
$this->form_validation->set_rules('txtStreet', 'Street', 'trim|required');
$this->form_validation->set_rules('txtBarangay', 'Barangay', 'trim|required');
$this->form_validation->set_rules('txtCity', 'City', 'trim|required');
$this->form_validation->set_rules('txtState', 'State', 'trim|required');
$this->form_validation->set_rules('txtZip', 'Zip Code', 'trim|required');
$this->form_validation->set_rules('txtCountry', 'Country', 'trim|required');
// $empid = count(Emp_info_model::all())+1;
$empInfo = array('emp_id' => $id, 'status' => 'Existing', 'job_title_id' => $this->input->post('txtJobTitle'), 'employment_type_id' => $this->input->post('txtEmploymentType'), 'department_id' => $this->input->post('txtEmpDepartment'), 'start_date' => date('Y-m-d'), 'end_date' => date('Y-m-d'), 'probationary_date' => date('Y-m-d'), 'permanency_date' => date('Y-m-d'));
$address = array('employee_id' => $id, 'street' => $this->input->post('txtStreet'), 'barangay' => $this->input->post('txtBarangay'), 'city' => $this->input->post('txtCity'), 'state' => $this->input->post('txtState'), 'zip' => $this->input->post('txtZip'), 'country' => $this->input->post('txtCountry'));
$contact = array('employee_id' => $id, 'mobile_number' => $this->input->post('txtMobile'), 'tel_number' => $this->input->post('txtTelephone'), 'email_address' => $this->input->post('txtEmail'));
$personal = array('emp_id' => $id, 'first_name' => $this->input->post('txtFirstName'), 'middle_name' => $this->input->post('txtMiddleName'), 'last_name' => $this->input->post('txtLastName'), 'birthday' => $this->input->post('txtBday'), 'gender' => $this->input->post('txtGender'), 'marital_status' => $this->input->post('txtStatus'));
$wew = array('employee_id' => $id);
$acc = array('employee_id' => $id, 'profile_image' => 'default.jpg', 'user_level' => 'EMP');
$leave1 = array('employee_id' => $id, 'leave_type_id' => 'EL', 'days' => 0);
$leave2 = array('employee_id' => $id, 'leave_type_id' => 'ML', 'days' => 0);
$leave3 = array('employee_id' => $id, 'leave_type_id' => 'PL', 'days' => 0);
$leave4 = array('employee_id' => $id, 'leave_type_id' => 'SL', 'days' => 0);
$leave5 = array('employee_id' => $id, 'leave_type_id' => 'VL', 'days' => 0);
if ($this->form_validation->run()) {
if (Emp_info_model::create($personal) && Emp_history_model::create($empInfo) && Emp_address_model::create($address) && Emp_contact_model::create($contact) && Emp_contact_person::create($wew) && Emp_school_model::create($wew) && Gov_id_model::create($wew) && Users::create($acc) && Leave_left_model::create($leave1) && Leave_left_model::create($leave2) && Leave_left_model::create($leave3) && Leave_left_model::create($leave4) && Leave_left_model::create($leave5)) {
$this->session->set_userdata('added', 1);
Audit_trail_model::auditAddEmp($id);
redirect('ems/employees');
}
} else {
return FALSE;
}
}
public function daftar()
{
$data_input = array();
$data_input['nama_depan'] = Input::get('nama_depan');
$data_input['nama_belakang'] = Input::get('nama_belakang');
$data_input['surel'] = Input::get('email');
$data_input['telpon'] = Input::get('phone');
$data_input['password'] = Fungsi::enkripsi_password(Input::get('pass'));
$cekduplikasi = $this->user->cek_duplikasi_email($data_input['surel']);
if ($cekduplikasi == TRUE) {
return Redirect::to('/');
} elseif ($cekduplikasi == FALSE) {
Users::create($data_input);
$id = Users::where('surel', '=', $data_input['surel'])->first()->id;
$user_id = array();
$user_id['id_user'] = $id;
UserAvgRate::create($user_id);
Session::put('logged_in', '1');
Session::put('level', 'user');
Session::put('user_id', $id);
Session::put('user_name', $data_input['nama_depan']);
return Redirect::to('/bergabung');
}
}
<?
if(isset($_GET['action'])){
if($_GET['action']=='author_act'){
$valid=$users->checkPass(strip_tags($_POST['login']),strip_tags($_POST['pass']));
if($valid){
setcookie('id',$valid,time()+60*60*24*365);
header('Location: '.base_url());
}else{
header('Location: '.base_url().'?error=Не вірно введений логін чи пароль');
}
}elseif($_GET['action']=='regist_form'){
include ('views/regist_view.php');
}elseif($_GET['action']=='regist_act'){
$result=$users->getByLogin(strip_tags($_POST['login']));
if($result->num_rows==0){
$users->create(strip_tags($_POST['login']),strip_tags($_POST['pass']));
header('Location: '.base_url());
}else{
header('Location: '.base_url().'?action=regist_form&error=Такий логін вже використовується');
}
}elseif($_GET['action']=='save'){
ini_set('display_errors', '1');
$rId = $reading->getByInf(urldecode($_GET['title']),urldecode($_GET['author']),$_COOKIE['id']);
if($rId->num_rows>0){
$rUp = $reading->update($rId->fetch_object()->id,$_GET['line']);
}else{
$qIns = $reading->create(urldecode($_GET['title']),urldecode($_GET['author']),$_COOKIE['id'],$_GET['line']);
}
}elseif($_GET['action']=='line'){
ob_get_clean();
$rId = $reading->getByInf(urldecode($_GET['title']),urldecode($_GET['author']),$_COOKIE['id']);
$aData['USR_UID'] = $sUserUID;
$aData['USR_PASSWORD'] = md5($sUserUID);
//fake :p
$aData['USR_COUNTRY'] = $form['USR_COUNTRY'];
$aData['USR_CITY'] = $form['USR_CITY'];
$aData['USR_LOCATION'] = $form['USR_LOCATION'];
$aData['USR_ADDRESS'] = $form['USR_ADDRESS'];
$aData['USR_PHONE'] = $form['USR_PHONE'];
$aData['USR_ZIP_CODE'] = $form['USR_ZIP_CODE'];
$aData['USR_POSITION'] = $form['USR_POSITION'];
// $aData['USR_RESUME'] = $form['USR_RESUME'];
$aData['USR_ROLE'] = $form['USR_ROLE'];
$aData['USR_REPLACED_BY'] = $form['USR_REPLACED_BY'];
require_once 'classes/model/Users.php';
$oUser = new Users();
$oUser->create($aData);
if ($_FILES['USR_PHOTO']['error'] != 1) {
//print (PATH_IMAGES_ENVIRONMENT_USERS);
if ($_FILES['USR_PHOTO']['tmp_name'] != '') {
G::uploadFile($_FILES['USR_PHOTO']['tmp_name'], PATH_IMAGES_ENVIRONMENT_USERS, $sUserUID . '.gif');
}
} else {
$result->success = false;
$result->fileError = true;
print G::json_encode($result);
die;
}
/*
if ($_FILES['USR_RESUME']['error'] != 1) {
if ($_FILES['USR_RESUME']['tmp_name'] != '') {
G::uploadFile($_FILES['USR_RESUME']['tmp_name'], PATH_IMAGES_ENVIRONMENT_FILES . $sUserUID . '/', $_FILES['USR_RESUME']['name']);
public function postfbgoogle()
{
$validator = Validator::make($newUserData = Input::all(), Users::$rulesfbgoole);
if ($validator->fails()) {
return Redirect::to('/fbgoogle')->withErrors($validator)->withInput();
} else {
if (Session::has('fb')) {
$tempData = Session::get('fb');
$newUserData['uid'] = $tempData['uid'];
$newUserData['signup_type'] = $tempData['signup_type'];
if (Users::create($newUserData)) {
Session::forget('fb');
return Redirect::to('/login')->with('message', 'Registered succesfully');
} else {
return Redirect::to('/login')->with('message', 'Registration failed');
}
Session::forget('fb');
}
}
}
/**
* Create an new user
*
* @param string sessionId : The session ID.
* @param string userName : The username for the new user.
* @param string firstName : The user's first name.
* @param string lastName : The user's last name.
* @param string email : The user's email address.
* @param string role : The user's role, such as "PROCESSMAKER_ADMIN" or "PROCESSMAKER_OPERATOR".
* @param string password : The user's password such as "Be@gle2" (It will be automatically encrypted
* with an MD5 hash).
* @param string dueDate : Optional parameter. The expiration date must be a string in the format "yyyy-mm-dd".
* @param string status : Optional parameter. The user's status, such as "ACTIVE", "INACTIVE" or "VACATION".
* @return $result will return an object
*/
public function createUser ($userName, $firstName, $lastName, $email, $role, $password, $dueDate = null, $status = null)
{
try {
global $RBAC;
$RBAC->initRBAC();
if (empty( $userName )) {
$result = new wsCreateUserResponse( 25, G::loadTranslation( "ID_USERNAME_REQUIRED" ), null );
return $result;
}
if (empty( $firstName )) {
$result = new wsCreateUserResponse( 27, G::loadTranslation( "ID_MSG_ERROR_USR_FIRSTNAME" ), null );
return $result;
}
if (empty( $password )) {
$result = new wsCreateUserResponse( 26, G::loadTranslation( "ID_PASSWD_REQUIRED" ), null );
return $result;
}
$mktimeDueDate = 0;
if (! empty( $dueDate ) && $dueDate != 'null' && $dueDate) {
if (! preg_match( "/^(\d{4})-(\d{2})-(\d{2})$/", $dueDate, $arrayMatch )) {
$result = new wsCreateUserResponse( - 1, G::loadTranslation( "ID_INVALID_DATA" ) . " $dueDate", null );
return $result;
} else {
$mktimeDueDate = mktime( 0, 0, 0, intval( $arrayMatch[2] ), intval( $arrayMatch[3] ), intval( $arrayMatch[1] ) );
}
} else {
$mktimeDueDate = mktime( 0, 0, 0, date( "m" ), date( "d" ), date( "Y" ) + 1 );
}
if (! empty( $status ) && $status != 'null' && $status) {
if ($status != "ACTIVE" && $status != "INACTIVE" && $status != "VACATION") {
$result = new wsCreateUserResponse( - 1, G::loadTranslation( "ID_INVALID_DATA" ) . " $status", null );
return $result;
}
} else {
$status = "ACTIVE";
}
$arrayRole = $RBAC->loadById( $role );
$strRole = null;
if (is_array( $arrayRole )) {
$strRole = $arrayRole["ROL_CODE"];
} else {
$strRole = $role;
if ($RBAC->verifyByCode( $role ) == 0) {
$data = array ();
$data["ROLE"] = $role;
$result = new wsCreateUserResponse( 6, G::loadTranslation( "ID_INVALID_ROLE", SYS_LANG, $data ), null );
return $result;
}
}
if (strlen( $password ) > 20) {
$result = new wsCreateUserResponse( - 1, G::loadTranslation( "ID_PASSWORD_SURPRASES" ), null );
return $result;
}
if ($RBAC->verifyUser( $userName ) == 1) {
$data = array ();
$data["USER_ID"] = $userName;
$result = new wsCreateUserResponse( 7, G::loadTranslation( "ID_USERNAME_ALREADY_EXISTS", SYS_LANG, $data ), null );
return $result;
}
//Set fields
$arrayData = array ();
$arrayData["USR_USERNAME"] = $userName;
$arrayData["USR_PASSWORD"] = Bootstrap::hashPassword( $password );
$arrayData["USR_FIRSTNAME"] = $firstName;
$arrayData["USR_LASTNAME"] = $lastName;
$arrayData["USR_EMAIL"] = $email;
$arrayData["USR_DUE_DATE"] = $mktimeDueDate;
$arrayData["USR_CREATE_DATE"] = date( "Y-m-d H:i:s" );
$arrayData["USR_UPDATE_DATE"] = date( "Y-m-d H:i:s" );
$arrayData["USR_BIRTHDAY"] = date( "Y-m-d" );
$arrayData["USR_AUTH_USER_DN"] = "";
$arrayData["USR_STATUS"] = ($status == "ACTIVE") ? 1 : 0;
try {
$userUid = $RBAC->createUser( $arrayData, $strRole );
} catch(Exception $oError) {
$result = new wsCreateUserResponse(100, $oError->getMessage(), null );
return $result;
}
$arrayData["USR_UID"] = $userUid;
$arrayData["USR_STATUS"] = $status;
//$arrayData["USR_PASSWORD"] = md5($userUid);
$arrayData["USR_COUNTRY"] = "";
$arrayData["USR_CITY"] = "";
$arrayData["USR_LOCATION"] = "";
$arrayData["USR_ADDRESS"] = "";
$arrayData["USR_PHONE"] = "";
$arrayData["USR_ZIP_CODE"] = "";
$arrayData["USR_POSITION"] = "";
//$arrayData["USR_RESUME"]
$arrayData["USR_ROLE"] = $strRole;
//$arrayData["USR_REPLACED_BY"]
$user = new Users();
$user->create( $arrayData );
//Response
$data = array ();
$data["FIRSTNAME"] = $firstName;
$data["LASTNAME"] = $lastName;
$data["USER_ID"] = $userName;
$res = new wsResponse( 0, G::loadTranslation( "ID_USER_CREATED_SUCCESSFULLY", SYS_LANG, $data ) );
$result = array ("status_code" => $res->status_code,"message" => $res->message,"userUID" => $userUid,"timestamp" => $res->timestamp
);
return $result;
} catch (Exception $e) {
$result = wsCreateUserResponse( 100, $e->getMessage(), null );
return $result;
}
}
<?php
require_once '1trainSongs.php';
require_once '1trainArtists.php';
require_once '1trainUsers.php';
$songid = $_REQUEST['id'];
$artistid = $_REQUEST['user_id'];
$title = $_REQUEST['title'];
$artist = $_REQUEST['user']['username'];
$art = $_REQUEST['artwork_url'];
$avatar = $_REQUEST['user']['avatar_url'];
$user_id = $_REQUEST['whoLikedID'];
$profile = $_REQUEST['whoLiked'];
Artists::create($artistid, $artist);
Users::create($user_id, $profile);
if ($art == "") {
$avatar = explode("large", $avatar)[0] . "crop.jpg";
//gets a higher quality image
Songs::create($songid, $title, $artistid, $avatar, $user_id);
} elseif ($art == "https://sndcdn.com/images/default_avatar_crop.jpg") {
//if no song art or user avatar
$art = "photoshop/carousel-headphones-black-red.png";
Songs::create($songid, $title, $artistid, $art, $user_id);
} else {
$art = explode("large", $art)[0] . "crop.jpg";
//gets a higher quality image
Songs::create($songid, $title, $artistid, $art, $user_id);
}
header('Content-type: application/json');
print "success from uploadToDB";
exit;
if (!defined('DOCROOT')) {
die('No direct access');
}
require DOCROOT . '/includes/classes/users.php';
$Users = new Users();
$api_action = $GPXIN['action'];
$api_relid = $GPXIN['id'];
$usr_userid = $GPXIN['userid'];
$usr_username = $GPXIN['username'];
$usr_password = $GPXIN['password'];
$usr_email = $GPXIN['email'];
$usr_first_name = $GPXIN['first_name'];
$usr_last_name = $GPXIN['last_name'];
$usr_language = $GPXIN['language'];
$usr_theme = $GPXIN['theme'];
// Create user
if ($api_action == 'create') {
// Returns a userid if successful
$result_create = $Users->create($usr_username, $usr_password, $usr_email, $usr_first_name, $usr_last_name);
if (is_numeric($result_create)) {
echo 'success';
} else {
echo $result_create;
}
} elseif ($api_action == 'update') {
echo $Users->update($usr_userid, $usr_username, $usr_password, $usr_email, $usr_first_name, $usr_last_name, $usr_language, $usr_theme);
} elseif ($api_action == 'delete') {
echo $Users->delete($usr_userid);
} else {
die('Unknown API action');
}
/**
* creates a new user
* @param string sessionId : The session ID.
* @param string userId : The username for the new user.
* @param string firstname : The user's first name.
* @param string lastname : The user's last name.
* @param string email : The user's email address.
* @param string role : The user's role, such as 'PROCESSMAKER_ADMIN' or 'PROCESSMAKER_OPERATOR'.
* @param string password : The user's password such as 'Be@gle2'(It will be automatically encrypted
* with an MD5 hash).
* @param string dueDate : Optional parameter. The expiration date must be a string in the format 'yyyy-mm-dd'.
* @param string status : Optional parameter. The user's status, such as 'ACTIVE', 'INACTIVE' or 'VACATION'.
* @return $result will return an object
*/
public function createUser($userId, $firstname, $lastname, $email, $role, $password, $dueDate = null, $status = null)
{
try {
if ($userId == '') {
$result = new wsCreateUserResponse(25, G::loadTranslation('ID_USERNAME_REQUIRED'));
return $result;
}
if ($password == '') {
$result = new wsCreateUserResponse(26, G::loadTranslation('ID_PASSWD_REQUIRED'));
return $result;
}
if ($firstname == '') {
$result = new wsCreateUserResponse(27, G::loadTranslation('ID_MSG_ERROR_USR_FIRSTNAME'));
return $result;
}
if (strlen($password) > 20) {
$result = new wsCreateUserResponse(28, G::loadTranslation('ID_PASSWORD_SURPRASES'), '');
return $result;
}
global $RBAC;
$RBAC->initRBAC();
$user = $RBAC->verifyUser($userId);
if ($user == 1) {
$data['USER_ID'] = $userId;
$result = new wsCreateUserResponse(7, G::loadTranslation('ID_USERNAME_ALREADY_EXISTS', SYS_LANG, $data), '');
return $result;
}
$rol = $RBAC->loadById($role);
if (is_array($rol)) {
$strRole = $rol['ROL_CODE'];
} else {
$very_rol = $RBAC->verifyByCode($role);
if ($very_rol == 0) {
$data['ROLE'] = $role;
$result = new wsResponse(6, G::loadTranslation('ID_INVALID_ROLE', SYS_LANG, $data));
return $result;
}
$strRole = $role;
}
if ($dueDate != null) {
if (!preg_match("/^(\\d{4})-(\\d{2})-(\\d{2})\$/", $dueDate, $matches)) {
$result = new wsCreateUserResponse(5, G::loadTranslation("ID_INVALID_DATA") . ", {$dueDate}");
return $result;
} else {
$mktimeDueDate = mktime(0, 0, 0, intval($matches[2]), intval($matches[3]), intval($matches[1]));
}
} else {
$mktimeDueDate = mktime(0, 0, 0, date("m"), date("d"), date("Y") + 1);
}
if ($status != null) {
if ($status != "ACTIVE" && $status != "INACTIVE" && $status != "VACATION") {
$result = new wsCreateUserResponse(5, G::loadTranslation("ID_INVALID_DATA") . ", {$status}");
return $result;
}
} else {
$status = "ACTIVE";
}
$aData['USR_USERNAME'] = $userId;
$aData['USR_PASSWORD'] = md5($password);
$aData['USR_FIRSTNAME'] = $firstname;
$aData['USR_LASTNAME'] = $lastname;
$aData['USR_EMAIL'] = $email;
$aData['USR_DUE_DATE'] = $mktimeDueDate;
$aData['USR_CREATE_DATE'] = date('Y-m-d H:i:s');
$aData['USR_UPDATE_DATE'] = date('Y-m-d H:i:s');
$aData['USR_BIRTHDAY'] = date('Y-m-d');
$aData['USR_AUTH_USER_DN'] = '';
$aData['USR_STATUS'] = $status == 'ACTIVE' ? 1 : 0;
$sUserUID = $RBAC->createUser($aData, $strRole);
$aData['USR_STATUS'] = $status;
$aData['USR_UID'] = $sUserUID;
$aData['USR_PASSWORD'] = md5($sUserUID);
$aData['USR_COUNTRY'] = '';
$aData['USR_CITY'] = '';
$aData['USR_LOCATION'] = '';
$aData['USR_ADDRESS'] = '';
$aData['USR_PHONE'] = '';
$aData['USR_ZIP_CODE'] = '';
$aData['USR_POSITION'] = '';
//$aData['USR_RESUME']
$aData['USR_ROLE'] = $strRole;
//$aData['USR_REPLACED_BY']
$oUser = new Users();
$oUser->create($aData);
$data['FIRSTNAME'] = $firstname;
$data['LASTNAME'] = $lastname;
$data['USER_ID'] = $userId;
$res = new wsResponse(0, G::loadTranslation('ID_USER_CREATED_SUCCESSFULLY', SYS_LANG, $data));
$result = array('status_code' => $res->status_code, 'message' => $res->message, 'userUID' => $sUserUID, 'timestamp' => $res->timestamp);
return $result;
} catch (Exception $e) {
$result = wsCreateUserResponse(100, $e->getMessage(), '');
return $result;
}
}
function parseJsonBody($request)
{
return json_decode($request->getBody(), true);
}
function putJsonBody($body, $status, $response)
{
return $response->withStatus($status)->withHeader('Content-Type', 'application/json')->write(json_encode($body));
}
function putError($body, $code, $response)
{
return putJsonBody(array('error' => true, 'error_code' => $code, 'msg' => $body), 400, $response);
}
/* Handle new user */
$app->post('/user/new', function ($request, $response) {
$data = parseJsonBody($request);
return Users::create($response, $data);
});
/* Handle authenticate user */
$app->post('/user/me', function ($request, $response) {
$data = parseJsonBody($request);
return Users::auth($response, $data);
});
/* Handle delete current user */
$app->delete('/user/me', function ($request, $response) {
$token = parseToken($request);
return Users::delete($response, $token);
});
/* Handle get user info */
$app->get('/user/{id:[0-9]+}/info', function ($request, $response, $args) {
$token = parseToken($request);
$friend_id = $args['id'];
public function addAction()
{
// set page title
$this->view->pageTitle = 'Add User';
// breadcrumb
$this->pageBreadcrumbs[] = 'Add User';
$this->view->setVar('pageBreadcrumbs', $this->pageBreadcrumbs);
// get groups
$this->view->groups = Groups::find(array('name <> "admin"', 'order' => 'name'));
// create group list
$groupList = array();
foreach ($this->view->groups as $group) {
$groupList[$group->id] = $group->label;
}
$this->view->groupId = null;
$this->view->firstName = null;
$this->view->lastName = null;
$this->view->username = null;
$this->view->newPassword = null;
$this->view->confirmPassword = null;
$this->view->status = null;
// process post
if ($this->request->isPost()) {
// Receiving the variables sent by POST
$this->view->groupId = $this->request->getPost('group_id', 'int');
$this->view->firstName = $this->filter->sanitize($this->request->getPost('first_name', 'string'), "trim");
$this->view->lastName = $this->filter->sanitize($this->request->getPost('last_name', 'string'), "trim");
$this->view->username = $this->filter->sanitize($this->request->getPost('username', 'email'), "trim");
$this->view->newPassword = $this->filter->sanitize($this->request->getPost('new_password'), "trim");
$this->view->confirmPassword = $this->filter->sanitize($this->request->getPost('confirm_new_password'), "trim");
$this->view->status = $this->request->getPost('status', 'string');
// make sure email does not exists
// find user in the database
$user = Users::findFirst(array("username = :email:", "bind" => array('email' => $this->view->username)));
if (!empty($user)) {
$this->getFlashSession('error', 'Email already exists for another user.', true);
return true;
} else {
// match the two passwords
if ($this->view->newPassword != $this->view->confirmPassword) {
$this->getFlashSession('error', 'Both passwords should match.', true);
return;
} elseif (!in_array($this->view->groupId, array_keys($groupList))) {
$this->getFlashSession('error', 'Invalid user type selection.', true);
return;
} else {
$user = new Users();
$user->group_id = $this->view->groupId;
$user->first_name = $this->view->firstName;
$user->last_name = $this->view->lastName;
$user->username = $this->view->username;
$user->password = hash('sha256', $this->config->application['securitySalt'] . $this->view->newPassword);
$user->status = $this->view->status == 'on' ? 'active' : 'inactive';
$user->created = date('Y-m-d H:i:s');
$user->modified = date('Y-m-d H:i:s');
$user->modified_by = $this->userSession['email'];
if ($user->create() == false) {
$this->logger->log("Failed to save user", \Phalcon\Logger::ERROR);
foreach ($user->getMessages() as $message) {
$this->logger->log($message, \Phalcon\Logger::ERROR);
}
$this->getFlashSession('error', 'Sorry, we could not create a new user. Please try again.', true);
} else {
// email user
Basics::sendEmail(array('type' => 'newUser', 'toName' => $user->first_name . " " . $user->last_name, 'toEmail' => $user->username, 'tempPassword' => $this->view->newPassword, 'welcomeUrl' => $this->config->application['baseUrl']));
$this->getFlashSession('success', 'New user is created.', true);
// Forward to index
return $this->response->redirect("/user");
}
}
}
}
// post
}
/**
* Create User
*
* @param array $arrayData Data
*
* return array Return data of the new User created
*/
public function create(array $arrayData)
{
try {
\G::LoadSystem("rbac");
//Verify data
$process = new \ProcessMaker\BusinessModel\Process();
$validator = new \ProcessMaker\BusinessModel\Validator();
$validator->throwExceptionIfDataIsNotArray($arrayData, "\$arrayData");
$validator->throwExceptionIfDataIsEmpty($arrayData, "\$arrayData");
//Set data
$arrayData = array_change_key_case($arrayData, CASE_UPPER);
unset($arrayData["USR_UID"]);
$this->throwExceptionIfDataIsInvalid("", $arrayData);
//Create
$cnn = \Propel::getConnection("workflow");
try {
$rbac = new \RBAC();
$user = new \Users();
$rbac->initRBAC();
$arrayData["USR_PASSWORD"] = \Bootstrap::hashPassword($arrayData["USR_NEW_PASS"]);
$arrayData["USR_BIRTHDAY"] = (isset($arrayData["USR_BIRTHDAY"]))? $arrayData["USR_BIRTHDAY"] : date("Y-m-d");
$arrayData["USR_LOGGED_NEXT_TIME"] = (isset($arrayData["USR_LOGGED_NEXT_TIME"]))? $arrayData["USR_LOGGED_NEXT_TIME"] : 0;
$arrayData["USR_CREATE_DATE"] = date("Y-m-d H:i:s");
$arrayData["USR_UPDATE_DATE"] = date("Y-m-d H:i:s");
//Create in rbac
//$userStatus = $arrayData["USR_STATUS"];
//
//if ($arrayData["USR_STATUS"] == "ACTIVE") {
// $arrayData["USR_STATUS"] = 1;
//}
//
//if ($arrayData["USR_STATUS"] == "INACTIVE") {
// $arrayData["USR_STATUS"] = 0;
//}
//
//$userUid = $this->createUser($arrayData);
//
//if ($arrayData["USR_ROLE"] != "") {
// $this->assignRoleToUser($userUid, $arrayData["USR_ROLE"]);
//}
//
//$arrayData["USR_STATUS"] = $userStatus;
$userUid = $rbac->createUser($arrayData, $arrayData["USR_ROLE"]);
//Create in workflow
$arrayData["USR_UID"] = $userUid;
$arrayData["USR_PASSWORD"] = "******";
$result = $user->create($arrayData);
//User Properties
$userProperty = new \UsersProperties();
$aUserProperty = $userProperty->loadOrCreateIfNotExists($arrayData["USR_UID"], array("USR_PASSWORD_HISTORY" => serialize(array(\Bootstrap::hashPassword($arrayData["USR_PASSWORD"])))));
$aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];
$userProperty->update($aUserProperty);
//Save Calendar assigment
if (isset($arrayData["USR_CALENDAR"])) {
//Save Calendar ID for this user
\G::LoadClass("calendar");
$calendar = new \Calendar();
$calendar->assignCalendarTo($arrayData["USR_UID"], $arrayData["USR_CALENDAR"], "USER");
}
//Return
return $this->getUser($userUid);
} catch (\Exception $e) {
$cnn->rollback();
throw $e;
}
} catch (\Exception $e) {
throw $e;
}
}
public function admin_addAction()
{
if ($this->request->isPost()) {
$error = 0;
// if($this->security->checkToken() == false){
// $error = 1;
// $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Invalid CSRF Token');
// return $this->response->redirect('signup');
// }
$firstName = $this->request->getPost('first_name');
$middleName = $this->request->getPost('middle_name');
$lastName = $this->request->getPost('last_name');
$street = $this->request->getPost('street');
$city = $this->request->getPost('city');
$country_id = $this->request->getPost('country_id');
$mobile = $this->request->getPost('mobile');
$email = $this->request->getPost('email');
$password = $this->request->getPost('password');
if (empty($firstName) || empty($lastName) || empty($email) || empty($password)) {
$this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>All fields required');
return $this->response->redirect();
}
if (!empty($email) && Users::findFirstByEmail($email)) {
$errorMsg = "Email is already in use. Please try again.";
$this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>' . $errorMsg);
return $this->response->redirect();
}
$user = new Users();
$user->created = date('Y-m-d H:i:s');
$user->modified = date('Y-m-d H:i:s');
$user->first_name = $firstName;
$user->middle_name = $middleName;
$user->last_name = $lastName;
$user->mobile = $mobile;
$user->street = $street;
$user->city = $city;
$user->country_id = $country_id;
$user->email = $email;
$user->password = $this->security->hash($password);
if ($user->create()) {
$activationToken = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 50);
$emailConfimation = new EmailConfirmations();
$emailConfimation->created = date('Y-m-d H:i:s');
$emailConfimation->modified = date('Y-m-d H:i:s');
$emailConfimation->user_id = $user->id;
$emailConfimation->email = $email;
$emailConfimation->token = $activationToken;
$emailConfimation->confirmed = 'N';
if ($emailConfimation->save()) {
$this->getDI()->getMail()->send(array($email => $firstName . ' ' . $lastName), 'Please confirm your email', 'confirmation', array('confirmUrl' => 'admin/user/emailConfimation/' . $user->id . '/' . $email . '/' . $activationToken));
}
$this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>You\'ve successfully created a MyBarangay account. We sent a confirmation email to ' . $email . '.');
} else {
//print_r($user->getMessages());
$this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Registration failed. Please try again.');
}
return $this->response->redirect();
}
$countries = Countries::find();
$this->view->setVar('countries', $countries);
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
Users::create($request->all());
return response()->json(["mensaje" => "Usuario creado correctamente"]);
}
function commitUser()
{
$users = new Users();
if ($_POST["conf"]) {
$conf = $_POST["conf"];
}
// Manipulations {
$conf["username"] = strtolower($conf["username"]);
$conf["isit"] = $conf["isit"] == true ? 1 : 0;
$conf["deleted"] = 0;
// IT only {
if ($_SESSION["isit"] == 1) {
$conf["isgeneric"] = $conf["isgeneric"] == true ? 1 : 0;
$conf["isplace"] = $conf["isplace"] == true ? 1 : 0;
$conf["canlogin"] = $conf["canlogin"] == true ? 1 : 0;
$conf["oninout"] = $conf["oninout"] == true ? 1 : 0;
$conf["ismanager"] = $conf["ismanager"] == true ? 1 : 0;
$conf["issuper"] = $conf["issuper"] == true ? 1 : 0;
$conf["isfleetman"] = $conf["isfleetman"] == true ? 1 : 0;
$conf["isfleetper"] = $conf["isfleetper"] == true ? 1 : 0;
$conf["isdamage"] = $conf["isdamage"] == true ? 1 : 0;
}
// }
// }
if (strlen($conf["password"]) == 0) {
unset($conf["password"]);
}
if ($conf["personid"]) {
$users->update("personid=" . $conf["personid"], $conf);
} else {
if (!$conf["password"]) {
$conf["password"] = md5($conf["username"] . "9");
}
$conf["personid"] = $users->create($conf);
}
userBirthday($conf["personid"], $conf["birth"]);
if ($_SESSION["isit"]) {
commitUserRights($conf["personid"], $conf["groups"]);
}
goHere("index.php?mode=maxine/index&action=listusers");
}
