public function action_create()
{
try {
user::create($_POST);
ajax::success(__('User created'), array('redirect' => 'users'));
} catch (ORM_Validation_Exception $e) {
$errors = $e->errors('models');
$errstr = array('<ul>');
if ((bool) count($errors)) {
foreach ($errors as $error) {
if (is_array($error)) {
foreach ($error as $err) {
$errstr[] = '<li>' . $err . '</li>';
}
} else {
$errstr[] = '<li>' . $error . '</li>';
}
}
}
$errstr[] = '</li>';
ajax::error(implode('', $errstr));
} catch (exception $e) {
ajax::error(__('An uncaught error occurred: :error', array(':error' => $e->getMessage())));
}
}
public function add_user()
{
access::verify_csrf();
$form = $this->_get_user_add_form_admin();
$valid = $form->validate();
$name = $form->add_user->inputs["name"]->value;
if ($user = user::lookup_by_name($name)) {
$form->add_user->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
if ($valid) {
$user = user::create($name, $form->add_user->full_name->value, $form->add_user->password->value);
$user->email = $form->add_user->email->value;
$user->admin = $form->add_user->admin->checked;
if ($form->add_user->locale) {
$desired_locale = $form->add_user->locale->value;
$user->locale = $desired_locale == "none" ? null : $desired_locale;
}
$user->save();
module::event("user_add_form_admin_completed", $user, $form);
message::success(t("Created user %user_name", array("user_name" => $user->name)));
print json_encode(array("result" => "success"));
} else {
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
static function install()
{
$db = Database::instance();
$version = module::get_version("user");
if ($version == 0) {
$db->query("CREATE TABLE IF NOT EXISTS {users} (\n `id` int(9) NOT NULL auto_increment,\n `name` varchar(32) NOT NULL,\n `full_name` varchar(255) NOT NULL,\n `password` varchar(64) NOT NULL,\n `login_count` int(10) unsigned NOT NULL DEFAULT 0,\n `last_login` int(10) unsigned NOT NULL DEFAULT 0,\n `email` varchar(64) default NULL,\n `admin` BOOLEAN default 0,\n `guest` BOOLEAN default 0,\n `hash` char(32) default NULL,\n `url` varchar(255) default NULL,\n `locale` char(10) default NULL,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`hash`),\n UNIQUE KEY(`name`))\n ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups} (\n `id` int(9) NOT NULL auto_increment,\n `name` char(64) default NULL,\n `special` BOOLEAN default 0,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`name`))\n ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups_users} (\n `group_id` int(9) NOT NULL,\n `user_id` int(9) NOT NULL,\n PRIMARY KEY (`group_id`, `user_id`),\n UNIQUE KEY(`user_id`, `group_id`))\n ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$everybody = group::create("Everybody");
$everybody->special = true;
$everybody->save();
$registered = group::create("Registered Users");
$registered->special = true;
$registered->save();
$guest = user::create("guest", "Guest User", "");
$guest->guest = true;
$guest->remove($registered);
$guest->save();
$admin = user::create("admin", "Gallery Administrator", "admin");
$admin->admin = true;
$admin->save();
// Let the admin own everything
$db->update("items", array("owner_id" => $admin->id), array("owner_id" => "IS NULL"));
module::set_version("user", 1);
$root = ORM::factory("item", 1);
access::allow($everybody, "view", $root);
access::allow($everybody, "view_full", $root);
access::allow($registered, "view", $root);
access::allow($registered, "view_full", $root);
}
}
public function add_user()
{
access::verify_csrf();
$form = user::get_add_form_admin();
$valid = $form->validate();
$name = $form->add_user->inputs["name"]->value;
$user = ORM::factory("user")->where("name", $name)->find();
if ($user->loaded) {
$form->add_user->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
if ($valid) {
$user = user::create($name, $form->add_user->full_name->value, $form->add_user->password->value);
$user->email = $form->add_user->email->value;
$user->admin = $form->add_user->admin->checked;
if ($form->add_user->locale) {
$desired_locale = $form->add_user->locale->value;
$user->locale = $desired_locale == "none" ? null : $desired_locale;
}
$user->save();
message::success(t("Created user %user_name", array("user_name" => p::clean($user->name))));
print json_encode(array("result" => "success"));
} else {
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
function create()
{
$user = new user();
$user->firstname = "Temp";
$user->lastname = "";
$user->mail = "";
$user->mail_password = "";
$user->mobile = "";
$user->comment = "";
$user->user_id = $user->create();
$user->id = $user->user_id;
$data['user'] = $user;
$this->view('users/edit_view.php', $data, 'main_template.php');
}
public function store_user()
{
$user = new user();
$data = Input::all();
$data['password'] = Hash::make($data['password']);
$uid = $user->create($data);
$priviledge = new Priviledge();
$priviledge->user_id = $uid->id;
$priviledge->name_show = '2';
$priviledge->user_authority = '2';
$priviledge->save();
//send mail on registration
Mail::send('authentications.mails.welcome', array('user_name' => Input::get('user_name')), function ($message) {
$message->to(Input::get('email'), Input::get('user_name'))->subject('Welcome to the Votting-System App!');
});
return Redirect::intended('login');
}
static function install()
{
$db = Database::instance();
$db->query("CREATE TABLE IF NOT EXISTS {users} (\n `id` int(9) NOT NULL auto_increment,\n `name` varchar(32) NOT NULL,\n `full_name` varchar(255) NOT NULL,\n `password` varchar(64) NOT NULL,\n `login_count` int(10) unsigned NOT NULL DEFAULT 0,\n `last_login` int(10) unsigned NOT NULL DEFAULT 0,\n `email` varchar(64) default NULL,\n `admin` BOOLEAN default 0,\n `guest` BOOLEAN default 0,\n `hash` char(32) default NULL,\n `url` varchar(255) default NULL,\n `locale` char(10) default NULL,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`hash`),\n UNIQUE KEY(`name`))\n DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups} (\n `id` int(9) NOT NULL auto_increment,\n `name` char(64) default NULL,\n `special` BOOLEAN default 0,\n PRIMARY KEY (`id`),\n UNIQUE KEY(`name`))\n DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS {groups_users} (\n `group_id` int(9) NOT NULL,\n `user_id` int(9) NOT NULL,\n PRIMARY KEY (`group_id`, `user_id`),\n UNIQUE KEY(`user_id`, `group_id`))\n DEFAULT CHARSET=utf8;");
$everybody = group::create("Everybody");
$everybody->special = true;
$everybody->save();
$registered = group::create("Registered Users");
$registered->special = true;
$registered->save();
$guest = user::create("guest", "Guest User", "");
$guest->guest = true;
$guest->remove($registered);
$guest->save();
$admin = user::create("admin", "Gallery Administrator", "admin");
$admin->admin = true;
$admin->save();
$current_provider = module::get_var("gallery", "identity_provider");
if (empty($current_provider)) {
// If there is no provider defined then we are doing an initial install
// so we need to set the provider and make the administrator own everything
// If the installer is called and there is an identity provider, then we
// are switching identity providers and and the event handlers will do the
// right things
module::set_var("gallery", "identity_provider", "user");
// Let the admin own everything
$db->query("update {items} set owner_id = {$admin->id}");
}
$root = ORM::factory("item", 1);
access::allow($everybody, "view", $root);
access::allow($everybody, "view_full", $root);
access::allow($registered, "view", $root);
access::allow($registered, "view_full", $root);
module::set_var("user", "mininum_password_length", 5);
module::set_version("user", 2);
}
public function action_signup()
{
$errors = false;
$password = false;
if ($_POST) {
$user = ORM::factory('User');
try {
user::create($_POST);
notes::add('success', 'You are now signed up. Welcome!');
if (user::logged()) {
site::redirect('write');
} else {
// should log this error (user wasnt logged in with user::create())
user::redirect('login');
}
} catch (ORM_Validation_Exception $e) {
$errors = $e->errors('models');
}
}
$this->bind('errors', $errors);
}
/**
* @brief Constructor for Password Authentication
*
* @param string $username The username for which to validate the token
* @param string $password The user's password.
*/
public function __construct()
{
$token = request::get('token')->toString();
$apikey = config::get('lepton.user.engage.apikey');
$ret = new HttpRequest('https://rpxnow.com/api/v2/auth_info', array('method' => 'post', 'parameters' => array('apiKey' => $apikey, 'token' => $token, 'format' => 'xml')));
$dom = DOMDocument::loadXml($ret->responseText());
$domx = new DOMXPath($dom);
// Get the status
$status = $domx->query('/rsp')->item(0)->getAttribute('stat');
if ($status == 'ok') {
// Call on the successful callback method
event::invoke(EngageEvents::EVENT_SUCCESSFUL_CALLBACK, array('profile' => $dom, 'profiletext' => $ret->responseText()));
// Extract the values
$identifier = $domx->query('/rsp/profile/identifier')->item(0)->nodeValue;
$displayname = $domx->query('/rsp/profile/displayName')->item(0)->nodeValue;
$provider = $domx->query('/rsp/profile/providerName')->item(0)->nodeValue;
$firstname = $domx->query('/rsp/profile/name/givenName')->item(0)->nodeValue;
$lastname = $domx->query('/rsp/profile/name/familyName')->item(0)->nodeValue;
$preferredusername = $domx->query('/rsp/profile/preferredUsername')->item(0)->nodeValue;
$email = $domx->query('/rsp/profile/email')->item(0)->nodeValue;
// Sign in
$db = new DatabaseConnection();
$idrs = $db->getSingleRow("SELECT * FROM userengage WHERE identifier=%s", $identifier);
if ($idrs) {
$cu = $idrs['userid'];
$db->updateRow("UPDATE userengage SET lastseen=NOW(), lastip=%s WHERE id=%d", request::getRemoteIp(), $idrs['id']);
} else {
if (!user::isAuthenticated()) {
if (!config::get(EngageAuthentication::KEY_ALLOW_CREATION, false)) {
throw new SecurityException("User creation is disabled for EngageAuthentication");
}
// Check username, add random numbers if not available
$username = $preferredusername;
$retrycount = 0;
while (!user::checkUsername($username)) {
$username = substr($preferredusername, 0, 6) . rand(1000, 9999);
$retrycount = $retrycount + 1;
if ($retrycount > 10) {
throw new UserException("Bad username");
}
}
// Generate a new password
$password = substr(md5(uniqid()), 0, 6);
// And create the userrecord
$u = new UserRecord();
$u->username = $username;
$u->password = $password;
$u->flags = config::get(EngageAuthentication::KEY_DEFAULT_FLAGS, EngageAuthentication::DEFAULT_FLAGS);
$u->displayname = $displayname;
$u->firstname = $firstname;
$u->lastname = $lastname;
$u->email = $email;
$cu = user::create($u);
session::set(self::SESSIONKEY_USER_CREATED, true);
} else {
$cu = user::getActiveUser();
}
// Add identifier to user
$db->updateRow("INSERT INTO userengage (userid,identifier,provider,lastseen,lastip) VALUES (%d,%s,%s,NOW(),%s)", $cu, $identifier, $provider, request::getRemoteIp());
}
$this->userid = $cu;
} else {
$this->userid = null;
}
}
<?php
require_once "user_class.php";
$login = $_POST['input_login'];
$password = $_POST['input_pass'];
$mail = $_POST['input_mail'];
if (isset($login) && isset($password) && isset($mail) && !empty($login) && !empty($password) && !empty($mail)) {
$newuser = new user($login, $password, $mail);
$newuser->create($login, $password, $mail);
} else {
echo "Error";
}
if (input::get('type')) {
$user_t = input::get('type');
$users_id = DB::getInstance()->get('user_type', array('name', '=', $user_t));
if ($users_id->count()) {
foreach ($users_id->results() as $ids) {
$user_t_id = $ids->id;
}
}
}
$Validate = new validate();
$validation = $Validate->check($_POST, array('username' => array('required' => true, 'min' => 2, 'max' => 20, 'unique' => 'users'), 'password' => array('required' => true, 'min' => 6), 'password_again' => array('required' => true, 'matches' => 'password'), 'Address' => array('required' => true, 'min' => 5, 'max' => 50)));
if ($validation->passed()) {
$user = new user();
$salt = Hash::salt(32);
try {
$user->create(array('username' => input::get('username'), 'password' => Hash::make(input::get('password'), $salt), 'name' => input::get('name'), 'salt' => $salt, 'email' => input::get('email'), 'Address' => input::get('Address'), 'Mobile' => input::get('Mobile'), 'joined' => date('Y-m-d H:i:s'), 'user_type_id' => $user_t_id));
Redirect::to('admin.php');
} catch (Exception $e) {
die($e->getMessage());
}
} else {
$i = 0;
foreach ($validation->errors() as $error) {
$rs[$i] = $error;
$i++;
}
}
}
}
} else {
Redirect::to('includes/errors/404.php');
require_once '../Core/init.php';
$user = new user(null, $_log);
if (!$user->isLoggedIn() || !$user->hasPermission('Admin')) {
redirect::to('../index.php');
}
if (input::exists()) {
if (token::check(input::get('token'))) {
$validate = new validate();
$validation = $validate->check($_POST, array('Username' => array('required' => true, 'min' => 2, 'max' => 20, 'unique' => 'Users'), 'Password' => array('required' => true, 'min' => 6), 'password_again' => array('required' => true, 'matches' => 'Password'), 'Name' => array('required' => true, 'min' => 2, 'max' => 50)));
if ($validation->passed()) {
//session::flash('success','You registered successfully!');
//header('Location: index.php');
$user = new user(null, $_log);
$salt = hash::salt(32);
try {
$user->create(array('Username' => input::get('Username'), 'User_Group' => 3, 'Password' => hash::make(input::get('Password'), $salt), 'Salt' => $salt));
session::flash('home', 'You have been registered');
redirect::to('index.php');
} catch (Exception $e) {
//echo $e->getMessage(), '<br>';
die($e->getMessage());
}
} else {
foreach ($validation->errors() as $error) {
echo $error, '<br>';
}
}
}
}
?>
/**
* test
*
* tests almost all functions in the class
*
* @return boolean
*/
public function test()
{
$pass = true;
$user1 = new user();
$user1->create('testuser4', 'Passw0rd', '*****@*****.**', 'TEST');
$user2 = new user();
$user2->create('testuser5', 'Passw0rd', '*****@*****.**', 'TEST');
//create
$pass = $this->testRun($this->create($user2->id, $user1->id, "this is a test message." . time()));
echo "|create\n";
//getOutgoing
$outmess = $this->getOutgoing($user1->id);
$pass = $this->testRun($outmess);
echo "|getOutgoing\n";
//getIncoming
$this->create($user1->id, $user2->id, "this is a second test message." . time());
$inmess = $this->getIncoming($user1->id);
$pass = $this->testRun($inmess);
echo "|getIncomming\n";
//delete
$delpass = true;
foreach ($inmess as $mess) {
if (!$this->delete($mess['id'])) {
$delpass = false;
}
}
foreach ($outmess as $mess) {
if (!$this->delete($mess['id'])) {
$delpass = false;
}
}
$pass = $this->testRun($delpass);
echo "|delete\n";
$user1->delete();
$user2->delete();
return $pass;
}
/**
* Import a single user.
*/
static function import_user(&$queue)
{
$g2_user_id = array_shift($queue);
if (self::map($g2_user_id)) {
return;
}
if (g2(GalleryCoreApi::isAnonymousUser($g2_user_id))) {
self::set_map($g2_user_id, user::guest()->id);
return;
}
$g2_admin_group_id = g2(GalleryCoreApi::getPluginParameter("module", "core", "id.adminGroup"));
try {
$g2_user = g2(GalleryCoreApi::loadEntitiesById($g2_user_id));
} catch (Exception $e) {
g2_import::log(t("Failed to import Gallery 2 user with id: %id", array("id" => $g2_user_id)));
return;
}
$g2_groups = g2(GalleryCoreApi::fetchGroupsForUser($g2_user->getId()));
try {
$user = user::create($g2_user->getUsername(), $g2_user->getfullname(), "");
} catch (Exception $e) {
// @todo For now we assume this is a "duplicate user" exception
$user = user::lookup_by_name($g2_user->getUsername());
}
$user->hashed_password = $g2_user->getHashedPassword();
$user->email = $g2_user->getEmail();
$user->locale = $g2_user->getLanguage();
foreach ($g2_groups as $g2_group_id => $g2_group_name) {
if ($g2_group_id == $g2_admin_group_id) {
$user->admin = true;
} else {
$user->add(ORM::factory("group", self::map($g2_group_id)));
}
}
$user->save();
self::set_map($g2_user->getId(), $user->id);
}
<?php
require_once "../config/database.php";
require "../model/user_model.php";
session_start();
$request = $_POST["request"];
$user = $_POST["user"];
switch ($request) {
case 'create':
user::create($user);
echo "<script>location.href = '/view/'; </script>";
break;
case 'login':
$login = user::login($user);
if ($login == 0) {
echo "ユーザ名かパスワードが正しくわありません";
} else {
$_SESSION["user_id"] = $login;
//var_dump($_SESSION);
header("location: http://192.168.33.10/view/");
//echo "<script>location.href = '/view/'; </script>";
}
break;
case null:
$_SESSION["user_id"] = null;
echo "<script>location.href = '/view/'; </script>";
break;
}
isset($_GET['function']) ? $function = $_GET['function'] : ($function = false);
/*-------------------------------------------------------------------------------------------------*/
switch ($function) {
case 'create_account':
if (isset($_POST['email'])) {
try {
if (in_array($_SESSION['current_user']->get('account_type'), array('admin', 'crew_admin')) != true) {
throw new Exception('You don\'t have permission to create new accounts');
} elseif ($_POST['account_type'] == 'crew_admin' && crew_has_max_admins($_POST['crew_affiliation_id'])) {
throw new Exception('Your crew already has the maximum number of crew-admin accounts');
}
update_form_memory_from_post('create_account');
$new_password = user::generate_code(8);
// Generate an 8-character password
$new_user = new user();
$new_user->create($_POST['firstname'], $_POST['lastname'], $new_password, $_POST['email'], $_POST['account_type'], $_POST['crew_affiliation_id']);
$message = new email('new_account', $new_user->get('email'), $new_password);
$message->send();
clear_form_memory('create_account');
show_account_creation_form('Account created successfully!');
} catch (Exception $e) {
show_account_creation_form($e->getMessage());
}
} elseif (in_array($_SESSION['current_user']->get('account_type'), array('admin', 'crew_admin'))) {
clear_form_memory('create_account');
show_account_creation_form();
} else {
show_edit_account_form();
}
break;
/*-------------------------------------------------------------------------------------------------*/
public function create()
{
user::create(array('username' => 'evan', 'email' => '*****@*****.**', 'password' => 'test', 'type' => 'admin'));
}
<?php
/*
* -------------------------------------------------------
* ALL RIGHTS RESERVED!
* -------------------------------------------------------
*/
require_once 'user.php';
session_start();
$user = new user();
if (isset($_POST['g-recaptcha-response']) && $_POST['g-recaptcha-response'] !== '') {
if (!$user->usernameExists($_POST['username'])) {
if (!$user->emailExists($_POST['email'])) {
if ($_POST['password'] === $_POST['password2']) {
$user->create($_POST['username'], $_POST['password'], $_POST['email'], 'regular');
$user->login($_POST['username'], $_POST['password']);
echo "Account created Successfully. You can now log in.";
die;
} else {
echo "Passwords don't match.";
die;
}
} else {
echo "Email already exists.";
die;
}
} else {
echo "Username already exists.";
die;
}
} else {
<?php
require_once 'core/init.php';
if (Input::exists()) {
if (Token::check(Input::get('token'))) {
$validate = new Validate();
$validation = $validate->check($_POST, array('username' => array('required' => true, 'min' => 2, 'max' => 20, 'unique' => 'users'), 'password' => array('required' => true, 'min' => 6), 'password_again' => array('required' => true, 'matches' => 'password'), 'name' => array('required' => true, 'min' => 2, 'max' => 50)));
if ($validation->passed()) {
$user = new user();
$salt = Hash::salt(32);
$console = "";
foreach ($_POST['console'] as $con) {
$console .= $con . ' ';
}
try {
$user->create(array('username' => Input::get('username'), 'password' => Hash::make(Input::get('password'), $salt), 'salt' => $salt, 'name' => Input::get('name'), 'joined' => date('Y-m-d H:i:s'), 'group' => 1, 'console' => $console));
Session::flash('home', 'You have been registered!');
Redirect::to('login.php');
} catch (Exception $e) {
die($e->getMessage());
}
} else {
foreach ($validation->errors() as $error) {
echo $error, '<br>';
}
}
}
}
?>
<html>
<head>
<?php
session_start();
require_once 'include/userModel.php';
$userModel = new user();
if (isset($_POST['submit'])) {
$userModel->username = $_POST['username'];
$userModel->password = $_POST['password'];
$userModel->email = $_POST['email'];
$userModel->country = $_POST['country'];
$userModel->accout_type = $_POST['account_type'];
if ($userModel->check($_POST['email'])) {
header("location:join.php?create=0");
} else {
$userModel->create();
$username = $userModel->username;
$_SESSION['email'] = $userModel->email;
$_SESSION['password'] = $userModel->password;
header("location:thanks.php");
}
/*
$account_type = $_POST['accout_type'];
$id = $userSet[0]['user_id'];
if ($account_type == "Organizer couples") {
header("location:couples.php?id=$id");
} */
}
<?php
session_start();
require_once 'includes/database.php';
require_once 'includes/user.php';
if (isset($_POST['submit'])) {
$db = new database();
$userModel = new user();
$userModel->email = mysqli_real_escape_string($db->conn, trim($_POST['email']));
$userModel->password = mysqli_real_escape_string($db->conn, trim($_POST['password']));
$userModel->gender = $_POST['gender'];
$userModel->date_of_birth = $_POST['year'] . "-" . $_POST['month'] . "-" . $_POST['day'];
if ($userModel->create()) {
header("location:editprofile.php");
} else {
echo "error happends";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>NoSoGo</title>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<link rel="stylesheet" type="text/css" href="css/bootstrap.min.css" />
<link rel="stylesheet" type="text/css" href="css/font-awesome.min.css" />
<link rel="stylesheet" type="text/css" href="css/default.css" />
<script type="text/javascript" src="js/bootstrap.min.js"></script>
</head>
<body>
require_once '../core/init.php';
req::once('functions/rand_pass.php');
$user = new user();
if ($user->hasPermission('logged in')) {
redirect::to('index.php');
}
if (input::exists()) {
$validate = new validate();
$validate->check($_POST, array('email' => array('required' => true, 'min' => 2, 'max' => 32, 'unique' => 'users', 'email' => true), 'password' => array('required' => true, 'min' => 6, 'max' => 32), 'confirmation' => array('required' => true, 'matches' => 'password')));
if ($validate->passed()) {
$user = new user();
$salt = hash::salt(32);
$activation_code = random_code(16);
$activation_hash = hash::make($activation_code);
try {
$id = $user->create(array('email' => input::get('email'), 'type' => input::get('account_type'), 'status' => 'u', 'password' => hash::make(input::get('password'), $salt), 'salt' => $salt, 'activation_code' => $activation_hash));
mail(input::get('email'), 'Thank you for registering with MyBasket', 'To activate your account, go here: ' . config::get('site_url') . '/activate.php?code=' . $activation_code . '&user='******'email'));
$db = db::getInstance();
if (input::get('account_type') === 'l') {
$db->insert('lab_user_data', array('user_id' => $id));
} else {
if (input::get('account_type') === 'd') {
$db->insert('ds_user_data', array('user_id' => $id));
}
}
} catch (Exception $e) {
die($e->getMessage());
}
}
}
public function i_can_edit_test()
{
// Create a new user that belongs to no groups
$user = user::create("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
$user->save();
user::set_active($user);
// This user can't edit anything
$root = ORM::factory("item", 1);
$this->assert_false(access::can("edit", $root));
// Now add them to a group that has edit permission
$group = group::create("access_test");
$group->add($user);
$group->save();
access::allow($group, "edit", $root);
$user = ORM::factory("user", $user->id);
// reload() does not flush related columns
user::set_active($user);
// And verify that the user can edit.
$this->assert_true(access::can("edit", $root));
}
/**
* Import a single user.
*/
static function import_user(&$queue)
{
$g2_user_id = array_shift($queue);
if (self::map($g2_user_id)) {
return t("User with id: %id already imported, skipping", array("id" => $g2_user_id));
}
if (g2(GalleryCoreApi::isAnonymousUser($g2_user_id))) {
self::set_map($g2_user_id, user::guest()->id);
return t("Skipping Anonymous User");
}
$g2_admin_group_id = g2(GalleryCoreApi::getPluginParameter("module", "core", "id.adminGroup"));
try {
$g2_user = g2(GalleryCoreApi::loadEntitiesById($g2_user_id));
} catch (Exception $e) {
return t("Failed to import Gallery 2 user with id: %id\n%exception", array("id" => $g2_user_id, "exception" => $e->__toString()));
}
$g2_groups = g2(GalleryCoreApi::fetchGroupsForUser($g2_user->getId()));
try {
$user = user::create($g2_user->getUsername(), $g2_user->getfullname(), "");
$message = t("Created user: '******'.", array("name" => $user->name));
} catch (Exception $e) {
// @todo For now we assume this is a "duplicate user" exception
$user = user::lookup_by_name($g2_user->getUsername());
$message = t("Loaded existing user: '******'.", array("name" => $user->name));
}
$user->hashed_password = $g2_user->getHashedPassword();
$user->email = $g2_user->getEmail();
$user->locale = $g2_user->getLanguage();
foreach ($g2_groups as $g2_group_id => $g2_group_name) {
if ($g2_group_id == $g2_admin_group_id) {
$user->admin = true;
$message .= t("\n\tAdded 'admin' flag to user");
} else {
$group = ORM::factory("group", self::map($g2_group_id));
$user->add($group);
$message .= t("\n\tAdded user to group '%group'.", array("group" => $group->name));
}
}
$user->save();
self::set_map($g2_user->getId(), $user->id);
return $message;
}
public function create($data)
{
return user::create($data);
}
/**
* @see IdentityProvider_Driver::create_user.
*/
public function create_user($name, $full_name, $password)
{
return user::create($name, $full_name, $password);
}
public function action_register()
{
if (user::logged()) {
ajax::error('You are already logged in as ' . user::get()->username());
}
if ($_POST) {
$user = ORM::factory('User');
try {
user::create($_POST);
if (user::logged()) {
ajax::success('You are now signed up. Welcome!');
} else {
// should log this error (user wasnt logged in with user::create())
ajax::error('An error occurred and I couldn\'t sign you in! Please try again or open an issue here: https://github.com/ellenbrook/morningpages');
}
} catch (ORM_Validation_Exception $e) {
$errors = $e->errors('models');
$ehtml = '<ul>';
foreach ($errors as $error) {
if (is_array($error)) {
foreach ($error as $suberror) {
$ehtml .= '<li>' . $suberror . '</li>';
}
} else {
$ehtml .= '<li>' . $error . '</li>';
}
}
$ehtml .= '<ul>';
ajax::error('Whoops! There was an error in the form. Please review it and submit it again.', array('errors' => $ehtml));
}
} else {
ajax::error('No data received');
}
}
\tborder-collapse: collapse;
}
STYLE;
$style->save();
$section = Section::create("home");
$section->title["en"] = new Translation("Home", "");
if ($lang != "en") {
$section->title[$lang] = new Translation("Home", "");
}
$section->template = "standard.html";
$section->add_style($style);
$section->save();
$ratatoeskr_settings["default_section"] = $section->get_id();
$ratatoeskr_settings->save();
$admingrp = Group::create("admins");
$admin = user::create($_POST["admin_username"], PasswordHash::create($_POST["admin_init_password"]));
$admin->save();
$admingrp->include_user($admin);
$article = Article::create("congratulations");
$article->title["en"] = new Translation("Congratulations! You have just installed Ratatöskr!", "");
$article->text["en"] = new Translation("Congratulations! You have just installed Ratatöskr!", "Markdown");
$article->excerpt["en"] = new Translation("Congratulations! You have just installed Ratatöskr!", "Markdown");
$article->status = ARTICLE_STATUS_LIVE;
$article->timestamp = time();
$article->allow_comments = True;
$article->set_section($section);
$article->save();
try {
Repository::create("http://r7r-repo-community.silvasur.net/");
Repository::create("http://r7r-repo-official.silvasur.net/");
} catch (RepositoryUnreachableOrInvalid $e) {
public function __construct($parts = array())
{
// Initialize
global $config, $template;
// Set variables
if ($config['is_setup'] == 1 && preg_match("/^admin/", trim($_GET['route'], '/'))) {
$panel = 'admin';
$require_login = true;
} else {
$panel = 'public';
$require_login = false;
}
// Check IP restrictions
if ($panel == 'admin' && isset($config['ipallow']) && $config['ipallow'] != '') {
$ok = false;
$ips = explode("\n", $config['ipallow']);
foreach ($ips as $ip) {
if (preg_match("/^{$ip}/", $_SERVER['REMOTE_ADDR'])) {
$ok = true;
break;
}
}
if ($ok === false) {
echo "Access dened by IP restrictions.";
exit(0);
}
}
// Continue setup, if needed
if (DBNAME == '' && isset($_POST['submit']) && $_POST['submit'] == tr('Continue to Next Step')) {
// Initialize
$template = new template('admin/setup/first_time2');
require_once SITE_PATH . '/data/lib/sqlparser.php';
// Check database connection
if (!mysqli_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'], $_POST['dbname'], $_POST['dbport'])) {
$template->add_message("Unable to connect to mySQL database using information supplied. Please double check the mySQL information, and try again.", 'error');
}
if (!is_writeable(SITE_PATH . '/data/config.php')) {
$template->add_message("Unable to write to file at /data/config.php. Please change file permissions appropriately, and reload the page.", 'error');
}
if (!is_writeable(SITE_PATH . '/data/backups')) {
$template->add_message("Unable to write to directory at /data/backups/. Please change directory permissions appropriately, and reload the page.", 'error');
}
if (!is_writeable(SITE_PATH . '/data/log')) {
$template->add_message("Unable to write to directory at /data/log/. Please change directory permissions appropriately, and reload the page.", 'error');
}
if (!is_writeable(SITE_PATH . '/data/tpl_c')) {
$template->add_message("Unable to write to directory at /data/tpl_c/. Please change directory permissions appropriately, and reload the page.", 'error');
}
// Check for errors
if ($template->has_errors == 1) {
$template->route = 'admin/setup/first_time';
echo $template->parse();
exit(0);
}
// Define MeekroDB settings
DB::$dbName = $_POST['dbname'];
DB::$user = $_POST['dbuser'];
DB::$password = $_POST['dbpass'];
DB::$host = $_POST['dbhost'];
DB::$port = $_POST['dbport'];
// Parse sql
$sql_lines = SqlParser::parse(file_get_contents(SITE_PATH . '/data/sql/install.sql'));
foreach ($sql_lines as $line) {
DB::query($line);
}
// Save config.php file
$conf = "<?php\n";
$conf .= "define('DBNAME', '" . $_POST['dbname'] . "');\n";
$conf .= "define('DBUSER', '" . $_POST['dbuser'] . "');\n";
$conf .= "define('DBPASS', '" . $_POST['dbpass'] . "');\n";
$conf .= "define('DBHOST', '" . $_POST['dbhost'] . "');\n";
$conf .= "define('DBPORT', '" . $_POST['dbport'] . "');\n";
$conf .= "define('COOKIE_NAME', '" . generate_random_string(6) . "');\n";
$conf .= "define('ENCRYPT_PASS', '" . generate_random_string(32) . "');\n";
$conf .= "define('TESTNET', 0);\n";
$conf .= "?>\n";
// Save config file
file_put_contents(SITE_PATH . '/data/config.php', $conf);
// Parse template
echo $template->parse();
exit(0);
} elseif ($config['is_setup'] != '1' && isset($_POST['_setup_step']) && $_POST['_setup_step'] == '2') {
// Initialize
$template = new template('admin/setup/first_time3');
if (strlen($_POST['username']) < 4) {
$template->add_message('Administrator username must be at least 4 characters in length.', 'error');
}
// Create user
$user = new user();
$user->create(1);
// Update config vars
update_config_var('site_name', $_POST['site_name']);
update_config_var('company_name', $_POST['company_name']);
// Check for errors
if ($template->has_errors == 1) {
$template->route = 'admin/setup/first_time2';
} else {
// Login
$auth = new auth();
$auth->login('admin', false);
}
echo $template->parse();
exit(0);
} elseif ($config['is_setup'] != '1' && isset($_POST['_setup_step']) && $_POST['_setup_step'] == '3') {
// Initialize
$template = new template('admin/setup/first_time4');
// Update config vars
update_config_var('btc_rpc_host', $_POST['btc_rpc_host']);
update_config_var('btc_rpc_user', $_POST['btc_rpc_user']);
update_config_var('btc_rpc_pass', $_POST['btc_rpc_pass']);
update_config_var('btc_rpc_port', $_POST['btc_rpc_port']);
// Test connection
$client = new transaction();
if (!$client->get_info()) {
$template->route = 'admin/setup/first_time3';
$template->add_message('Unable to connect to RPC using the provided settings. Please check the connection information, restart bitcoind, and try again. If you have just started bitcoind for the first time, you will need to wait a while for all blocks to download before continuing.', 'error');
$template->parse();
exit(0);
}
// Parse template
echo $template->parse();
exit(0);
// Complete setup, if needed
} elseif ($config['is_setup'] != '1' && isset($_POST['_setup_step']) && $_POST['_setup_step'] == '4') {
// Initialize
$template = new template('admin/setup/first_time5');
// Update config vars
update_config_var('is_setup', '1');
// Get exchange date
$rate = get_coin_exchange_rate($config['currency']);
if ($rate != 0) {
update_config_var('exchange_rate', $rate);
}
// Add wallet
$bip32 = new bip32();
$bip32->add_wallet();
// Display template
if ($template->has_errors != 1) {
//$template->add_message("Successfully completed first time setup.");
}
echo $template->parse();
exit(0);
}
// Check if setup
if ($config['is_setup'] == 0) {
$template = new template('admin/setup/first_time');
echo $template->parse();
exit(0);
}
// Check login
$auth = new auth();
if ($userid = $auth->check_login($panel, $require_login)) {
define('LOGIN', true);
$GLOBALS['userid'] = $userid;
} else {
define('LOGIN', false);
$GLOBALS['userid'] = 0;
}
// Check admin permission, if needed
if ($panel == 'admin') {
$group_id = DB::queryFirstField("SELECT group_id FROM users WHERE id = %d", $GLOBALS['userid']);
if ($group_id != 1) {
trigger_error("You do not have permission to access this area.", E_USER_ERROR);
}
}
// Parse template
$template = new template();
echo $template->parse();
// Exit
exit(0);
}
/**
* Store a newly created user in storage.
*
* @return Response
*/
public function store()
{
$validator = Validator::make($data = Input::all(), user::$rules);
if ($validator->fails()) {
return Redirect::back()->withErrors($validator)->withInput();
}
user::create($data);
return Redirect::route('users.index');
}
