public function actionLeave($id = null) { if ($id !== null) { $p = YumUsergroup::model()->findByPk($id); $participants = $p->participants; if (!in_array(Yii::app()->user->id, $participants)) { Yum::setFlash(Yum::t('You are not participating in this group')); } else { $participants = $p->participants; foreach ($participants as $key => $participant) { if ($participant == Yii::app()->user->id) { unset($participants[$key]); } } $p->participants = $participants; if ($p->save(array('participants'))) { Yum::setFlash(Yum::t('You have left this group')); Yum::log(Yum::t('User {username} left group id {id}', array('{username}' => Yii::app()->user->data()->username, '{id}' => $id))); } } $this->redirect(array('//usergroup/groups/index')); } else { throw new CHttpException(404); } }
public function actionEditAvatar() { $model = YumUser::model()->findByPk(Yii::app()->user->id); if (isset($_POST['YumUser'])) { $model->attributes = $_POST['YumUser']; $model->setScenario('avatarUpload'); if (Yum::module('avatar')->avatarMaxWidth != 0) { $model->setScenario('avatarSizeCheck'); } $model->avatar = CUploadedFile::getInstanceByName('YumUser[avatar]'); if ($model->validate()) { if ($model->avatar instanceof CUploadedFile) { // Prepend the id of the user to avoid filename conflicts $filename = Yum::module('avatar')->avatarPath . '/' . $model->id . '_' . $_FILES['YumUser']['name']['avatar']; $model->avatar->saveAs($filename); $model->avatar = $filename; if ($model->save()) { Yum::setFlash(Yum::t('The image was uploaded successfully')); Yum::log(Yum::t('User {username} uploaded avatar image {filename}', array('{username}' => $model->username, '{filename}' => $model->avatar))); $this->redirect(array('//profile/profile/view')); } } } } $this->render('edit_avatar', array('model' => $model)); }
public function afterSave() { // If the user has activated email receiving, send a email if ($this->to_user->privacy && $this->to_user->privacy->message_new_message) { Yum::log(Yum::t('Message id {id} has been sent from user {from_user_id} to user {to_user_id}', array('{id}' => $this->id, '{from_user_id}' => $this->from_user_id, '{to_user_id}' => $this->to_user_id))); YumMailer::send($this->to_user->profile->email, $this->title, $this->message); } return parent::afterSave(); }
public function beforeSave() { if ($this->isNewRecord) { // If the user has activated email receiving, send a email if ($this->to_user->privacy && $this->to_user->privacy->message_new_message) { Yum::log(Yum::t('Message id {id} has been sent from user {from_user_id} to user {to_user_id}', array('{id}' => $this->id, '{from_user_id}' => $this->from_user_id, '{to_user_id}' => $this->to_user_id))); $answer_link = CHtml::link(Yum::t('Click here to respond to {username}', array('{username}' => $this->from_user->username)), Yii::app()->controller->createAbsoluteUrl('//message/message/compose', array('to_user_id' => $this->from_user_id))); YumMailer::send($this->to_user->profile->email, Yum::t('New message from {from}: {subject}', array('{from}' => $this->from_user->username, '{subject}' => $this->title)), $this->message . '<br />' . $answer_link); } } return parent::beforeSave(); }
public function actionCreate() { $this->layout = Yum::module()->adminLayout; $model = new YumRole(); $this->performAjaxValidation($model, 'yum-role-form'); if (isset($_POST['YumRole'])) { $model->attributes = $_POST['YumRole']; if ($model->save()) { if (Yum::module()->enableLogging == true) { $user = YumUser::model()->findbyPK(Yii::app()->user->id); Yum::log(Yum::t('The role {role} has been created by {username}', array('{role}' => $model->title, '{username}' => Yii::app()->user->data()->username))); } $this->redirect(array('admin')); } } $this->render('create', array('model' => $model)); }
public function actionJoin($id = null) { if ($id !== null) { $p = YumUsergroup::model()->findByPk($id); $participants = $p->participants; if (in_array(Yii::app()->user->id, $participants)) { Yum::setFlash(Yum::t('You are already participating in this group')); } else { $participants[] = Yii::app()->user->id; $p->participants = $participants; if ($p->save(array('participants'))) { Yum::setFlash(Yum::t('You have joined this group')); Yum::log(Yum::t('User {username} joined group id {id}', array('{username}' => Yii::app()->user->data()->username, '{id}' => $id))); } } $this->redirect(array('//usergroup/groups/view', 'id' => $id)); } }
/** * Password recovery routine. The User will receive an email with an * activation link. If clicked, he will be prompted to enter his new * password. */ public function actionRecovery($email = null, $key = null) { $form = new YumPasswordRecoveryForm(); if ($email != null && $key != null) { if ($profile = YumProfile::model()->find('email = :email', array('email' => $email))) { $user = $profile->user; if ($user->status <= 0) { throw new CHttpException(403, 'User is not active'); } else { if ($user->activationKey == urldecode($key)) { $passwordform = new YumUserChangePassword(); if (isset($_POST['YumUserChangePassword'])) { $passwordform->attributes = $_POST['YumUserChangePassword']; if ($passwordform->validate()) { $user->setPassword($passwordform->password); $user->activationKey = CPasswordHelper::hashPassword(microtime() . $passwordform->password, Yum::module()->passwordHashCost); $user->save(); Yum::setFlash('Your new password has been saved.'); if (Yum::module('registration')->loginAfterSuccessfulRecovery) { $login = new YumUserIdentity($user->username, false); $login->authenticate(true); Yii::app()->user->login($login); $this->redirect(Yii::app()->homeUrl); } else { $this->redirect(Yum::module()->loginUrl); } } } $this->render(Yum::module('registration')->changePasswordView, array('form' => $passwordform)); Yii::app()->end(); } else { $form->addError('login_or_email', Yum::t('Invalid recovery key')); Yum::log(Yum::t('Someone tried to recover a password, but entered a wrong recovery key. Email is {email}, associated user is {username} (id: {uid})', array('{email}' => $email, '{uid}' => $user->id, '{username}' => $user->username))); } } } } else { if (isset($_POST['YumPasswordRecoveryForm'])) { $form->attributes = $_POST['YumPasswordRecoveryForm']; if ($form->validate()) { if ($form->user instanceof YumUser) { if ($form->user->status <= 0) { throw new CHttpException(403, 'User is not active'); } $form->user->generateActivationKey(); $recovery_url = $this->createAbsoluteUrl(Yum::module('registration')->recoveryUrl[0], array('key' => urlencode($form->user->activationKey), 'email' => $form->user->profile->email)); Yum::log(Yum::t('{username} successfully requested a new password in the password recovery form. A email with the password recovery url {recovery_url} has been sent to {email}', array('{email}' => $form->user->profile->email, '{recovery_url}' => $recovery_url, '{username}' => $form->user->username))); $mail = array('from' => Yii::app()->params['adminEmail'], 'to' => $form->user->profile->email, 'subject' => 'You requested a new password', 'body' => strtr('You have requested a new password. Please use this URL to continue: {recovery_url}', array('{recovery_url}' => $recovery_url))); $sent = YumMailer::send($mail); Yum::setFlash('Instructions have been sent to you. Please check your email.'); } else { Yum::log(Yum::t('A password has been requested, but no associated user was found in the database. Requested user/email is: {username}', array('{username}' => $form->login_or_email))); } $this->redirect(Yum::module()->loginUrl); } } } $this->render(Yum::module('registration')->recoverPasswordView, array('form' => $form)); }
public function actionLogout() { // If the user is already logged out send them to returnLogoutUrl if (Yii::app()->user->isGuest) { $this->redirect(Yum::module()->returnLogoutUrl); } //let's delete the login_type cookie $cookie = Yii::app()->request->cookies['login_type']; if ($cookie) { $cookie->expire = time() - 3600 * 72; Yii::app()->request->cookies['login_type'] = $cookie; } if ($user = YumUser::model()->findByPk(Yii::app()->user->id)) { $username = $user->username; $user->logout(); if (Yii::app()->user->name == 'facebook') { if (!Yum::module()->loginType & UserModule::LOGIN_BY_FACEBOOK) { throw new Exception('actionLogout for Facebook was called, but is not activated in main.php'); } Yii::import('application.modules.user.vendors.facebook.*'); require_once 'Facebook.php'; $facebook = new Facebook(Yum::module()->facebookConfig); $fb_cookie = 'fbs_' . Yum::module()->facebookConfig['appId']; $cookie = Yii::app()->request->cookies[$fb_cookie]; if ($cookie) { $cookie->expire = time() - 1 * (3600 * 72); Yii::app()->request->cookies[$cookie->name] = $cookie; $servername = '.' . Yii::app()->request->serverName; setcookie("{$fb_cookie}", "", time() - 3600); setcookie("{$fb_cookie}", "", time() - 3600, "/", "{$servername}", 1); } $session = $facebook->getSession(); Yum::log('Facebook logout from user ' . $username); Yii::app()->user->logout(); $this->redirect($facebook->getLogoutUrl(array('next' => $this->createAbsoluteUrl(Yum::module()->returnLogoutUrl), 'session_key' => $session['session_key']))); } else { Yum::log(Yum::t('User {username} logged off', array('{username}' => $username))); Yii::app()->user->logout(); } } $this->redirect(Yum::module()->returnLogoutUrl); }
/** * Change password */ public function actionChangePassword($expired = false) { $uid = Yii::app()->user->id; if(isset($_GET['id'])) $uid = $_GET['id']; $form = new YumUserChangePassword; $form->scenario = 'user_request'; if(isset($_POST['YumUserChangePassword'])) { $form->attributes = $_POST['YumUserChangePassword']; $form->validate(); if(YumUser::encrypt($form->currentPassword) != YumUser::model()->findByPk($uid)->password) $form->addError('currentPassword', Yum::t('Your current password is not correct')); if(!$form->hasErrors()) { if(YumUser::model()->findByPk($uid)->setPassword($form->password)) { Yum::setFlash('The new password has been saved'); Yum::log(Yum::t('User {username} has changed his password', array( '{username}' => Yii::app()->user->name))); } else { Yum::setFlash('There was an error saving the password'); Yum::log( Yum::t( 'User {username} tried to change his password, but an error occured', array( '{username}' => Yii::app()->user->name)), 'error'); } $this->redirect(Yum::module()->returnUrl); } } if(Yii::app()->request->isAjaxRequest) $this->renderPartial('changepassword', array( 'form'=>$form, 'expired' => $expired)); else $this->render('changepassword', array( 'form'=>$form, 'expired' => $expired)); }
/** * Change password */ public function actionChangePassword($expired = false) { $id = Yii::app()->user->id; $user = YumUser::model()->findByPk($id); if (!$user) { throw new CHttpException(403, Yum::t('User can not be found')); } else { if ($user->status <= 0) { throw new CHttpException(404, Yum::t('User is not active')); } } $form = new YumUserChangePassword(); $form->scenario = 'user_request'; if (isset($_POST['YumUserChangePassword'])) { $form->attributes = $_POST['YumUserChangePassword']; $form->validate(); if (!CPasswordHelper::verifyPassword($form->currentPassword, YumUser::model()->findByPk($id)->password)) { $form->addError('currentPassword', Yum::t('Your current password is not correct')); } if (!$form->hasErrors()) { if (YumUser::model()->findByPk($id)->setPassword($form->password)) { Yum::setFlash('The new password has been saved'); Yum::log(Yum::t('User {username} has changed his password', array('{username}' => Yii::app()->user->name))); } else { Yum::setFlash('There was an error saving the password'); Yum::log(Yum::t('User {username} tried to change his password, but an error occured', array('{username}' => Yii::app()->user->name)), 'error'); } $this->redirect(Yum::module()->returnUrl); } } if (Yii::app()->request->isAjaxRequest) { $this->renderPartial(Yum::module()->changePasswordView, array('form' => $form, 'expired' => $expired)); } else { $this->render(Yum::module()->changePasswordView, array('form' => $form, 'expired' => $expired)); } }
/** * Activation of an user account. * If everything is set properly, and the emails exists in the database, * and is associated with a correct user, and this user has the status * NOTACTIVE and the given activationKey is identical to the one in the * database then generate a new Activation key to avoid double activation, * set the status to ACTIVATED and save the data * Error Codes: * -1 : User is not inactive, it can not be activated * -2 : Wrong activation key * -3 : Profile found, but no user - database inconsistency? */ public static function activate($email, $key) { Yii::import('application.modules.profile.models.*'); if ($profile = YumProfile::model()->find("email = :email", array(':email' => $email))) { if ($user = $profile->user) { if ($user->status != self::STATUS_INACTIVE) { return -1; } if ($user->activationKey == $key) { $user->activationKey = $user->generateActivationKey(true); $user->status = self::STATUS_ACTIVE; if ($user->save(false, array('activationKey', 'status'))) { Yum::log(Yum::t('User {username} has been activated', array('{username}' => $user->username))); if (Yum::hasModule('messages') && Yum::module('registration')->enableActivationConfirmation) { Yii::import('application.modules.messages.models.YumMessage'); YumMessage::write($user, 1, Yum::t('Your activation succeeded'), strtr('The activation of the account {username} succeeded. Please use <a href="{link_login}">this link</a> to go to the login page', array('{username}' => $user->username, '{link_login}' => Yii::app()->controller->createUrl('//user/user/login')))); } return $user; } } else { return -2; } } else { return -3; } } return false; }
/** * Password recovery routine. The User will receive an email with an * activation link. If clicked, he will be prompted to enter his new * password. */ public function actionRecovery($email = null, $key = null) { $form = new YumPasswordRecoveryForm; if ($email != null && $key != null) { if($profile = YumProfile::model()->find('email = :email', array( 'email' => $email))) { $user = $profile->user; if($user->activationKey == $key) { $passwordform = new YumUserChangePassword; if (isset($_POST['YumUserChangePassword'])) { $passwordform->attributes = $_POST['YumUserChangePassword']; if ($passwordform->validate()) { $user->password = YumUser::encrypt($passwordform->password); $user->activationKey = YumUser::encrypt(microtime() . $passwordform->password); $user->save(); Yum::setFlash('Your new password has been saved.'); $this->redirect(Yum::module()->loginUrl); } } $this->render( Yum::module('registration')->changePasswordView, array( 'form' => $passwordform)); Yii::app()->end(); } else { $form->addError('login_or_email', Yum::t('Invalid recovery key')); Yum::log(Yum::t( 'Someone tried to recover a password, but entered a wrong recovery key. Email is {email}, associated user is {username} (id: {uid})', array( '{email}' => $email, '{uid}' => $user->id, '{username}' => $user->username))); } } } else { if (isset($_POST['YumPasswordRecoveryForm'])) { $form->attributes = $_POST['YumPasswordRecoveryForm']; if ($form->validate()) { Yum::setFlash( 'Instructions have been sent to you. Please check your email.'); if($form->user instanceof YumUser) { $form->user->generateActivationKey(); $recovery_url = $this->createAbsoluteUrl( Yum::module('registration')->recoveryUrl[0], array( 'key' => $form->user->activationKey, 'email' => $form->user->profile->email)); Yum::log(Yum::t( '{username} successfully requested a new password in the password recovery form. A email with the password recovery url {recovery_url} has been sent to {email}', array( '{email}' => $form->user->profile->email, '{recovery_url}' => $recovery_url, '{username}' => $form->user->username))); $content = YumTextSettings::model()->find( 'language = :lang', array('lang' => Yii::app()->language)); $sent = null; if (is_object($content)) { $mail = array( 'from' => Yii::app()->params['adminEmail'], 'to' => $form->user->profile->email, 'subject' => $content->subject_email_registration, 'body' => strtr($content->text_email_recovery, array( '{recovery_url}' => $recovery_url)), ); $sent = YumMailer::send($mail); } else { throw new CException(Yum::t('The messages for your application language are not defined.')); } } else Yum::log(Yum::t( 'A password has been requested, but no associated user was found in the database. Requested user/email is: {username}', array( '{username}' => $form->login_or_email))); $this->redirect(Yum::module()->loginUrl); } } } $this->render(Yum::module('registration')->recoverPasswordView, array( 'form' => $form)); }
/** * Activation of an user account. * If everything is set properly, and the emails exists in the database, * and is associated with a correct user, and this user has the status * NOTACTIVE and the given activationKey is identical to the one in the * database then generate a new Activation key to avoid double activation, * set the status to ACTIVATED and save the data * Error Codes: * -1 : User is not inactive, it can not be activated * -2 : Wrong activation key * -3 : Profile found, but no user - database inconsistency? */ public static function activate($email, $key) { Yii::import('application.modules.profile.models.*'); if ($profile = YumProfile::model()->find("email = :email", array( ':email' => $email)) ) { if ($user = $profile->user) { if ($user->status != self::STATUS_INACTIVE) return -1; if ($user->activationKey == $key) { $user->activationKey = $user->generateActivationKey(true); $user->status = self::STATUS_ACTIVE; if ($user->save(false, array('activationKey', 'status'))) { Yum::log(Yum::t('User {username} has been activated', array( '{username}' => $user->username))); if (Yum::hasModule('messages') && Yum::module('registration')->enableActivationConfirmation ) { Yii::import('application.modules.messages.models.YumMessage'); YumMessage::write($user, 1, Yum::t('Your activation succeeded'), YumTextSettings::getText('text_email_activation', array( '{username}' => $user->username, '{link_login}' => Yii::app()->controller->createUrl('//user/user/login')))); } return $user; } } else return -2; } else return -3; } return false; }
public function actionLogout() { // If the user is already logged out send them to returnLogoutUrl if (Yii::app()->user->isGuest) { $this->redirect(Yum::module()->returnLogoutUrl); } // let's delete the login_type cookie $cookie = Yii::app()->request->cookies['login_type']; if ($cookie) { $cookie->expire = time() - Yum::module()->cookieDuration; Yii::app()->request->cookies['login_type'] = $cookie; } if ($user = YumUser::model()->findByPk(Yii::app()->user->id)) { $user->logout(); Yum::log(Yum::t('User {username} logged off', array('{username}' => $user->username))); Yii::app()->user->logout(); } $this->redirect(Yum::module()->returnLogoutUrl); }