/** Edit the user details * @access public * @return void * @throws Pas_Exception */ public function editAction() { $form = new ProfileForm(); $form->removeElement('username'); $form->removeElement('password'); $this->view->form = $form; if ($this->getRequest()->isPost() && $form->isValid($this->_request->getPost())) { if ($form->isValid($form->getValues())) { $where = array(); $where[] = $this->_users->getAdapter()->quoteInto('id = ?', $this->getIdentityForForms()); $this->_users->update($form->getValues(), $where); $this->getFlash()->addMessage('You updated your profile successfully.'); $this->_redirect('/users/account/'); } else { $form->populate($form->getValues()); $this->getFlash()->addMessage('You have some errors with your submission.'); } } else { $id = (int) $this->getIdentityForForms(); if ($id > 0) { $user = $this->_users->fetchRow('id =' . $this->getIdentityForForms())->toArray(); if ($user) { $form->populate($user); } else { throw new Pas_Exception('No user account found with that id', 500); } } } }
function loginAction() { if ($this->_request->isPost('log-form')) { Zend_Loader::loadClass('Zend_Filter_StripTags'); $filter = new Zend_Filter_StripTags(); $username = trim($filter->filter($this->_request->getPost('log-name'))); $password = trim($filter->filter($this->_request->getPost('log-pswd'))); $warnings = new Zend_Session_Namespace(); $warnings->username = $username; $warnings->error = ''; $error_msg = ''; if ($username == '') { $error_msg .= '<p>Enter your username.</p>'; } else { if ($password == '') { $error_msg .= '<p>Enter your password.</p>'; } else { $data = new Users(); $query = 'login = "******"'; $data_row = $data->fetchRow($query); if (!count($data_row)) { $error_msg .= '<p>There is no user with such username.</p>'; } else { if ($data_row == '0') { $error_msg .= '<p>Your account is not activated.</p>'; } $check_pass = sha1($password . $data_row['salt']); if ($check_pass != $data_row['password']) { $error_msg .= '<p>Wrong password.</p>'; } } } } if ($error_msg != '') { $warnings->error = $error_msg; $warnings->status = ''; $this->_redirect('/'); return; } else { Zend_Loader::loadClass('Zend_Date'); $date = new Zend_Date(); $current_date = $date->toString('YYYY-MM-dd HH:mm:ss'); $where = 'login = "******"'; $data = array('last_login' => $current_date); $user_update = new Users(); $user_update->update($data, $where); $warnings->error = ''; $warnings->username = ''; $warnings->email = ''; $warnings->real_name = ''; $warnings->status = ' hide'; $user_dates = new Zend_Session_Namespace(); $user_dates->username = $username; $user_dates->status = '1'; $this->_redirect('/profile/'); return; } } }
function indexAction() { $this->view->title = "User profile Page"; $user_dates = new Zend_Session_Namespace(); if ($user_dates->status != '1') { $this->_redirect('/'); return; } $username = $user_dates->username; $data = new Users(); $query = 'login = "******"'; $data_row = $data->fetchRow($query); if ($data_row['avatar'] == '') { $this->view->avatar = '/public/img/avatar.png'; } else { $this->view->avatar = '/public/upload/avatars/' . $data_row['avatar']; } $this->view->username = $data_row['login']; $this->view->email = $data_row['email']; $this->view->real_name = $data_row['real_name']; $this->view->reg_date = $data_row['reg_date']; $this->view->last_login = $data_row['last_login']; }
/** Provide a notification for an object */ protected function notify($objecttype, $broadperiod, $institution, $createdBy, $data) { if ($institution === 'PUBLIC') { $users = new Users(); $responsible = $users->fetchRow('id = ' . $createdBy); $to = array(array('email' => $responsible->email, 'name' => $responsible->fullname)); } elseif (in_array($institution, array('PAS', 'DCMS', 'RAH', 'BM'))) { $to = array(array('email' => '*****@*****.**', 'name' => 'Central Unit')); } else { $responsible = new Contacts(); $to = $responsible->getOwner($data['comment_findID']); if (empty($to)) { $to = array(array('email' => '*****@*****.**', 'name' => 'Central Unit')); } } $cc = $this->_getAdviser($objecttype, $broadperiod); if ($this->_user) { $from = array(array('email' => $this->_user->email, 'name' => $this->_user->fullname)); } else { $from = array(array('email' => $data['comment_author_email'], 'name' => $data['comment_author'])); } $assignData = array_merge($to['0'], $data); $this->_helper->mailer($assignData, 'errorSubmission', $to, $cc, $from); }
/** * * @return void */ public function lostpasswordAction() { $form = $this->getLostpassForm(); $request = $this->getRequest(); $this->view->showform = true; // Check if we have a POST request if ($request->isPost() && !$form->isValid($request->getPost())) { // Invalid entries $this->view->form = $form; } if ($request->isPost() && $form->isValid($request->getPost())) { $this->view->showform = false; $usrDB = new Users(); $user = $usrDB->fetchRow("login LIKE '" . addslashes($request->username) . "' AND safinstances_id = '" . $this->safinstancesId . "' "); if ($user) { $strl = 'qwertyuiopasdfghjklzxcvbnm12345678902@#$!'; $strll = strlen($strl); $npwd = ''; for ($i = 0; $i <= 8; $i++) { $rdd = rand(0, $strll - 1); $npwd .= $strl[$rdd]; } $user->password = md5($npwd); $user->lastpwdchanges = Sydney_Tools::getMySQLFormatedDate(); $user->save(); // send the email $tmsg = "Dear user,\n\nYour password has been modified as requested.\nYou will now be able to use the following credentials:\n\nlogin: "******"\npassword: "******"\n\nWe suggest you change your password as soon as possible for security reason.\nIf you did not request a password change, please contact our support.\n\nRegards,\n" . $this->_config->general->siteTitle . " team.\n\n"; $mail = new Zend_Mail(); $mail->setBodyText($tmsg); $mail->setFrom($this->_config->general->siteEmail, $this->_config->general->siteTitle); $mail->addTo($user->login, $user->login); $mail->setSubject($this->_config->general->siteTitle . ' new password.'); $mail->send(); $this->view->mmsg = 'Thank you! Your new password has been sent to your email. Please check your email and use this new password for authentication.'; } else { $this->view->mmsg = 'We could not find this user in our database for this website... Are you sure you are registered?'; } } $this->view->form = $form; }
/** Provide a notification for an object * @param string $institution * @param integer $createdBy * @param array $data * @return void */ protected function notify($institution, $createdBy, $data) { $to = array(); if ($institution === 'PUBLIC') { $users = new Users(); $responsible = $users->fetchRow('id = ' . $createdBy); $to[] = array('email' => $responsible->email, 'name' => $responsible->fullname); } elseif (in_array($institution, array('PAS', 'DCMS', 'RAH'))) { $to = array('email' => '*****@*****.**', 'name' => 'Central Unit'); } else { $responsible = new Contacts(); $to = $responsible->getOwnerHoard($data['comment_findID']); } $cc = array(); $team = new Users(); $advisers = $team->getHoardsTeam(); foreach ($advisers as $adviser) { $cc[] = array('email' => $adviser['email'], 'name' => $adviser['fullname']); } if ($this->_user) { $from = array(array('email' => $this->_user->email, 'name' => $this->_user->fullname)); } else { $from = array(array('email' => $data['comment_author_email'], 'name' => $data['comment_author'])); } $assignData = array_merge($to['0'], $data); $this->_helper->mailer($assignData, 'errorHoard', $to, $cc, $from); }
/** * Returns the group of the user and put the user's data in the session * @param $login * @return string */ private function getGroupName($login) { if (!isset($this->userNamespace->user)) { $users = new Users(); $select = $users->select()->setIntegrityCheck(false)->from($users, array('users_id' => 'users.id', 'login' => 'users.login', 'usersgroups_name' => 'usersgroups.name', 'usersgroups_id' => 'usersgroups.id', 'fname' => 'users.fname', 'lname' => 'users.lname', 'email' => 'users.email', 'usersgroups_id' => 'users.usersgroups_id'))->where(' users.login LIKE ?', $login)->join('usersgroups', 'users.usersgroups_id = usersgroups.id'); $rows = $users->fetchAll($select); $row = $rows->current(); // save the last login time $usrDB = new Users(); $urow = $usrDB->fetchRow("id = '" . $row->users_id . "'"); $urow->lastlogindate = Sydney_Tools::getMySQLFormatedDate(); $urow->save(); $this->userNamespace->user = $row->toArray(); // define all the groups this user is part of $groupsDB = new Usersgroups(); $this->userNamespace->user['member_of_groups'] = $groupsDB->getParentsIds($this->userNamespace->user['usersgroups_id']); $this->userNamespace->lock(); return $row->usersgroups_name; } else { return $this->userNamespace->user['usersgroups_name']; } }
/** Reject a user's account */ public function rejectAction() { if ($this->_getParam('id', false)) { $id = $this->_getParam('id'); $form = new RejectUpgradeForm(); $this->view->form = $form; if ($this->_request->isPost()) { $formData = $this->_request->getPost(); if ($form->isValid($formData)) { $fullname = $form->getValue('fullname'); $email = $form->getValue('email'); $userUpdateData = array(); $userUpdateData['updated'] = $this->getTimeForForms(); $userUpdateData['updatedBy'] = $this->getIdentityForForms(); $userUpdateData['higherLevel'] = 0; $rejectData = array('status' => 'reject', 'message' => $form->getValue('message'), 'createdBy' => $this->getIdentityForForms(), 'created' => $this->getTimeForForms()); $users = new Users(); $where = array(); $where[] = $users->getAdapter()->quoteInto('id = ?', $id); $users->update($userUpdateData, $where); $approvals = new ApproveReject(); $approvals->insert($rejectData); $message = $form->getValue('message'); $researchOutline = $form->getValue('researchOutline'); $role = $form->getValue('role'); $to = array(array('email' => $form->getValue('email'), 'name' => $form->getValue('fullname'))); $this->_helper->mailer($form->getValues(), 'upgradeRejected', $to); $this->_flashMessenger->addMessage('Account rejected'); $this->_redirect('/admin/users/upgrades'); } else { $form->populate($formData); } } else { $id = (int) $this->_request->getParam('id', 0); if ($id > 0) { $users = new Users(); $user = $users->fetchRow('id =' . $id); if (count($user)) { $form->populate($user->toArray()); } else { throw new Pas_Exception_Param($this->_nothingFound); } } } } else { throw new Pas_Exception_Param($this->_missingParameter); } }
function forgotpasswordAction() { if ($this->_auth->hasIdentity()) { $this->_redirect('/default/user/profile/username/'.$this->_identity->username); } $this->view->pagetitle = "Forgot Password"; if ($this->_request->isPost()) { $username = trim($this->_request->getPost('username')); $email = trim($this->_request->getPost('email')); $errors = array(); $users_table = new Users(); $username_where = $users_table->getAdapter()->quoteInto('username = ?', $username); $test_user = $users_table->fetchRow($username_where); if (is_null($test_user)) { $email_where = $users_table->getAdapter()->quoteInto('email = ?', $email); $test_user = $users_table->fetchRow($email_where); if (is_null($test_user)) $errors[] = $this->_T("No such user."); } if (count($errors) == 0) { // send email $this->view->showForm = false; $this->view->success = $this->_T("Password reset email sent. Please check your email."); // prepare notification email $subject = $this->_T("Password Reset Link"); $from = trim(RivetyCore_Registry::get('site_from')); $from = $this->_T($from); $from_email = trim(RivetyCore_Registry::get('site_from_email')); $from_email = $this->_T($from_email); $email_params = array( "url" => $this->_getConfirmationUrl($test_user->email), "from" => $from, "from_email" => $from_email, "locale_code" => $this->locale_code ); $email = new RivetyCore_Email(); $email->sendEmail($subject, $test_user->email, "password.tpl", $email_params); } else { $this->view->errors = $errors; $this->view->username = $username; $this->view->email = $email; $this->view->showForm = true; } } else { $this->view->showForm = true; } }
/** * * @param unknown_type $userId * @param unknown_type $newAvatar */ public static function changeAvatar($userId, $newAvatar = 0) { // save information into people table (users) $people = new Users(); $rowPeople = $people->fetchRow("id = " . $userId); if (isset($rowPeople)) { // store old avatar $oldAvatar = $rowPeople->avatar; // update avatar $dataUsers = array('avatar' => $newAvatar); if (!$people->update($dataUsers, "id = " . $userId)) { return false; } // link avatar to system folder if ($newAvatar > 0) { self::linkAvatarToSystemFolder($newAvatar); } // if old avatar, check if another user has the same avatar if ($oldAvatar > 0) { // search avatar $select = $people->select()->where('avatar = ?', $oldAvatar); $rowsetPeople = $people->fetchAll($select); // if no avatar found, clean link between avatar and folder if (count($rowsetPeople) == 0) { $objectFolder = new Filfolders(); // get id of filfolders "adminpeople" and isSystemFolder "1" $rowFolder = $objectFolder->getFoldersByModule('adminpeople'); $objectLinkFolder = new FilfoldersFilfiles(); $objectLinkFolder->delete('filfiles_id = ' . $oldAvatar . ' AND filfolders_id = ' . $rowFolder->id); } } return true; } }
function recAction() { Zend_Loader::loadClass('Zend_Filter_StripTags'); Zend_Loader::loadClass('Zend_Mail'); Zend_Loader::loadClass('Zend_Validate_EmailAddress'); $filter = new Zend_Filter_StripTags(); $email = trim($filter->filter($this->_request->getPost('rec-email'))); $warnings = new Zend_Session_Namespace(); $error_msg = ''; $mail_val = new Zend_Validate_EmailAddress(); if ($email == '') { $error_msg .= '<p>Enter your email.</p>'; } else { if (!$mail_val->isValid($email)) { foreach ($mail_val->getMessages() as $message) { $error_msg .= '<p>' . $message . '</p>'; } } } $data = new Users(); $query = 'email = "' . $email . '"'; $data_row = $data->fetchRow($query); if (!count($data_row)) { $error_msg .= '<p>Can`t find user with such email.</p>'; } else { $salt = $data_row['salt']; } if ($error_msg != '') { $warnings->error = $error_msg; $warnings->status = ''; $this->_redirect('/register/recovery'); } else { $ranges = array(range('a', 'z'), range('A', 'Z'), range(1, 9)); $length = 8; $pass = ''; for ($i = 0; $i < $length; $i++) { $rkey = array_rand($ranges); $vkey = array_rand($ranges[$rkey]); $pass .= $ranges[$rkey][$vkey]; } $hash = sha1($pass . $salt); $user_update = new Users(); $where = 'email = "' . $email . '"'; $dates = array('password' => $hash); $user_update->update($dates, $where); $mail = new Zend_Mail(); $url = $this->getRequest()->getServer('HTTP_HOST'); $mail->setBodyHtml('<p>Your new password.</p> <p>Password: '******'</p> '); $mail->setFrom('*****@*****.**', 'Administrator'); $mail->addTo($email, $data_row['login']); $mail->setSubject('Test password recovery'); $mail->send(); $warnings->error = '<p>Password was sent to ' . $email . '.</p>'; $warnings->status = ' reg_ok'; $this->_redirect('/register/recovery'); return; } }