/** * Allows a model to be loaded by username or email address. */ public function unique_key($id) { if (!empty($id) and is_string($id) and !ctype_digit($id)) { return valid::email($id) ? 'email' : 'username'; } return parent::unique_key($id); }
public function save() { if (!$_POST) { die; } $this->rsp = Response::instance(); if (!valid::email($_POST['email'])) { $this->rsp->msg = 'Invalid Email!'; $this->rsp->send(); } elseif ($this->owner->unique_key_exists($_POST['email'])) { $this->rsp->msg = 'Email already exists!'; $this->rsp->send(); } $pw = text::random('alnum', 8); $this->owner->email = $_POST['email']; $this->owner->password = $pw; $this->owner->save(); $replyto = 'unknown'; $body = "Hi there, thanks for saving your progess over at http://pluspanda.com \r\n" . "Your auto-generated password is: {$pw} \r\n" . "Change your password to something more appropriate by going here:\r\n" . "http://pluspanda.com/admin/account?old={$pw} \r\n\n" . "Thank you! - Jade from pluspanda"; # to do FIX THE HEADERS. $subject = 'Your Pluspanda account information =)'; $headers = "From: welcome@pluspanda.com \r\n" . "Reply-To: Jade \r\n" . 'X-Mailer: PHP/' . phpversion(); mail($_POST['email'], $subject, $body, $headers); # add to mailing list. include Kohana::find_file('vendor/mailchimp', 'MCAPI'); $config = Kohana::config('mailchimp'); $mailchimp = new MCAPI($config['apikey']); $mailchimp->listSubscribe($config['list_id'], $_POST['email'], '', 'text', FALSE, TRUE, TRUE, FALSE); $this->rsp->status = 'success'; $this->rsp->msg = 'Thanks, Account Saved!'; $this->rsp->send(); }
public function __construct($username = '', $password = '', $email = '') { // load database library into $this->db parent::__construct(); if ($username != '' and $password != '' and $email != '') { if (strlen($username) < 3) { throw new Exception('Username too short'); } elseif (strlen($username) > 12) { throw new Exception('Username too long'); } elseif (strlen($password) < 6) { throw new Exception('Password too short'); } elseif (strlen($username) > 255) { throw new Exception('Password too long'); } elseif (valid::email($email) == False) { throw new Exception('Invalid email supplied'); } elseif ($this->user_exists($username, $email)) { throw new Exception('User already exists (login or email matched)'); } if ($this->register($username, $password, $email)->valid()) { return true; } else { return false; } } }
private function validate_email_form() { $messages = array(); if (valid::email($this->input->post('email')) == false) { $messages[] = 'The supplied email address does not appear valid'; } if ($this->input->post('body') == '') { $messages[] = 'The body of your message should not be empty'; } return $messages; }
/** * Displays a profile page for a user */ public function user() { // Cacheable Controller $this->is_cachable = TRUE; $this->template->header->this_page = 'profile'; // Check if we are looking for a user. Argument must be set to continue. if (!isset(Router::$arguments[0])) { url::redirect('profile'); } $username = Router::$arguments[0]; // We won't allow profiles to be public if the username is an email address if (valid::email($username)) { url::redirect('profile'); } $user = User_Model::get_user_by_username($username); // We only want to show public profiles here if ($user->public_profile == 1) { $this->template->content = new View('profile/user'); $this->template->content->user = $user; // User Reputation Score $this->template->content->reputation = reputation::calculate($user->id); // All users reports $this->template->content->reports = ORM::factory('incident')->where(array('user_id' => $user->id, 'incident_active' => 1))->with('incident:location')->find_all(); // Get Badges $this->template->content->badges = Badge_Model::users_badges($user->id); // Logged in user id (false if not logged in) $logged_in_id = FALSE; if (isset(Auth::instance()->get_user()->id)) { $logged_in_id = Auth::instance()->get_user()->id; } $this->template->content->logged_in_id = $logged_in_id; // Is this the logged in user? $logged_in_user = FALSE; if ($logged_in_id == $user->id) { $logged_in_user = TRUE; } $this->template->content->logged_in_user = $logged_in_user; } else { // this is a private profile so get out of here url::redirect('profile'); } $this->template->header->page_title .= $user->name . Kohana::config('settings.title_delimiter'); $this->template->header->header_block = $this->themes->header_block(); $this->template->footer->footer_block = $this->themes->footer_block(); }
public function validate($array) { $default = array("title" => "", "display_name" => "", "email" => ""); $array = arr::overwrite($default, $array); $errors = array(); if ($array['display_name'] == "") { $errors['display_name'] = "Please enter a display name"; } if (!valid::email($array['email'])) { $errors['email'] = "Please enter a valid email"; } if ($array['title'] == "") { $errors['title'] = "Please enter text for your comment"; } $array['title'] = strip_tags($array['title']); $array['errors'] = $errors; return $array; }
public function save(array $person = array(), $person_id = null) { $result = array('success' => false, 'error' => ''); $valid = true; $person = $this->get_trimmed_allowed($person, array('space_id', 'email', 'x', 'y', 'active')); if (isset($person['space_id']) && !valid::digit($person['space_id'])) { $valid = false; } if (isset($person['email']) && !valid::email($person['email'])) { $valid = false; } if (isset($person['x']) && !valid::numeric($person['x'])) { $valid = false; } if (isset($person['y']) && !valid::numeric($person['y'])) { $valid = false; } if (isset($person['active']) && !valid::digit($person['active'])) { $valid = false; } if ($valid) { if ($person_id) { //UPDATE $this->db->from('people')->set($person)->where(array('id' => (int) $person_id))->update(); $result['success'] = true; } else { // INSERT $new_person = $this->db->from('people')->set($person)->insert(); $result['success'] = true; $person_id = $new_person->insert_id(); } $person = $this->db->select('people.*')->from('people')->where(array('id' => $person_id))->get(); $person = $this->result_as_array($person); $result['person'] = $person; } else { $result['error'] = "The supplied data was invalid"; } return $result; }
public function password_recovery() { $id = 0; $passto = false; $errors = array(); $msg = ""; if ($this->ispost()) { $input = Input::Instance(); $mail = $input->post('mail'); if ($mail == '') { $errors[] = __("El Email no puede estar vacio", false); } else { if (valid::email($mail) == false) { $errors[] = __("El Email no es valido", false); } else { $orm = $this->table->db2cls(); $result = $orm->load($mail, 'mail_client'); $id = (int) $result->id_client; if ($id == 0) { $errors[] = __("El Email no existe", false); } else { $passto = true; $passwordgenorig = basics::passwordgenerator(); $passwordgen = fpp::cryptme($passwordgenorig); $result->password_client = $passwordgen; $href = html::anchor($this->href_store); basics::mail_html_utf8($mail, __('Recuperación de clave de acceso', false), __("Estimado Cliente, <br/>Su nueva contraseña es", false) . " {$passwordgenorig} <br/>{$href}", $this->mail_store, "Floreria Rosabel"); $passto = true; $result->save(); } } } $msg = $passto == false ? basics::diverror($errors) : basics::diverror(array(__("E-mail enviado, revise su buzón", false))); } $this->content = View::factory("main/recovery_password")->set("msg", $msg)->render(); }
/** * Import a single user. */ static function import_user(&$queue) { $messages = array(); $g2_user_id = array_shift($queue); if (self::map($g2_user_id)) { return t("User with id: %id already imported, skipping", array("id" => $g2_user_id)); } if (g2(GalleryCoreApi::isAnonymousUser($g2_user_id))) { self::set_map($g2_user_id, identity::guest()->id, "group"); return t("Skipping anonymous user"); } $g2_admin_group_id = g2(GalleryCoreApi::getPluginParameter("module", "core", "id.adminGroup")); try { $g2_user = g2(GalleryCoreApi::loadEntitiesById($g2_user_id)); } catch (Exception $e) { throw new G2_Import_Exception(t("Failed to import Gallery 2 user with id: %id\n%exception", array("id" => $g2_user_id, "exception" => (string) $e)), $e); } $g2_groups = g2(GalleryCoreApi::fetchGroupsForUser($g2_user->getId())); $user = identity::lookup_user_by_name($g2_user->getUsername()); if ($user) { $messages[] = t("Loaded existing user: '******'.", array("name" => $user->name)); } else { $email = $g2_user->getEmail(); if (empty($email) || !valid::email($email)) { $email = "*****@*****.**"; } try { $user = identity::create_user($g2_user->getUserName(), $g2_user->getFullName(), $g2_user->getHashedPassword(), $email); } catch (Exception $e) { throw new G2_Import_Exception(t("Failed to create user: '******' (id: %id)", array("name" => $g2_user->getUserName(), "id" => $g2_user_id)), $e, $messages); } if (class_exists("User_Model") && $user instanceof User_Model) { // This will work if G2's password is a PasswordHash password as well. $user->hashed_password = $g2_user->getHashedPassword(); } $messages[] = t("Created user: '******'.", array("name" => $user->name)); if ($email == "*****@*****.**") { $messages[] = t("Fixed invalid email (was '%invalid_email')", array("invalid_email" => $g2_user->getEmail())); } } $user->locale = $g2_user->getLanguage(); foreach ($g2_groups as $g2_group_id => $g2_group_name) { if ($g2_group_id == $g2_admin_group_id) { $user->admin = true; $messages[] = t("Added 'admin' flag to user"); } else { $group = identity::lookup_group(self::map($g2_group_id)); $user->add($group); $messages[] = t("Added user to group '%group'.", array("group" => $group->name)); } } try { $user->save(); self::set_map($g2_user->getId(), $user->id, "user"); } catch (Exception $e) { throw new G2_Import_Exception(t("Failed to create user: '******'", array("name" => $user->name)), $e, $messages); } return $messages; }
public function action_affiliate() { Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Affiliate'))); $this->template->title = __('Affiliate Panel'); $user = Auth::instance()->get_user(); //Hack so the admin can see the stats for any user! cool! if ($user->id_role == Model_Role::ROLE_ADMIN) { $id_user = $this->request->param('id'); if (is_numeric($id_user)) { $user = new Model_User($id_user); } } $this->template->styles = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen'); $this->template->scripts['footer'] = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/oc-panel/stats/dashboard.js'); $this->template->bind('content', $content); $this->template->content = View::factory('oc-panel/profile/affiliate'); $content->user = $user; // list of all products to build affiliate links $products = new Model_Product(); $products = $products->where('status', '=', Model_Product::STATUS_ACTIVE)->find_all(); $content->products = $products; //change paypal account->profile, put a warning if he didnt set it yet with a link if (!valid::email($user->paypal_email)) { Alert::set(Alert::INFO, __('Please set your paypal email at your profile')); } //list all his payments->orders paid $payments = new Model_Order(); $content->payments = $payments->where('id_user', '=', $user->id_user)->where('id_product', 'is', NULL)->where('status', '=', Model_Order::STATUS_PAID)->order_by('pay_date', 'DESC')->find_all(); //see stats //////////////////// //total earned commissions $query = DB::select(DB::expr('SUM(amount) total'))->from('affiliates')->where('id_user', '=', $user->id_user)->group_by('id_user')->execute(); $total_earnings = $query->as_array(); $content->total_earnings = isset($total_earnings[0]['total']) ? $total_earnings[0]['total'] : 0; //total since last payment $last_payment_date = DB::select('pay_date')->from('orders')->where('id_user', '=', $user->id_user)->where('id_product', 'is', NULL)->where('status', '=', Model_Order::STATUS_PAID)->order_by('pay_date', 'ASC')->limit(1)->execute(); $last_payment_date = $last_payment_date->as_array(); $content->last_payment_date = isset($last_payment_date[0]['pay_date']) ? $last_payment_date[0]['pay_date'] : NULL; $content->last_earnings = 0; if ($content->last_payment_date != NULL) { //commissions since last payment $query = DB::select(DB::expr('SUM(amount) total'))->from('affiliates')->where('id_user', '=', $user->id_user)->where('created', 'between', array($content->last_payment_date, Date::unix2mysql()))->where('status', '=', Model_Affiliate::STATUS_CREATED)->group_by('id_user')->execute(); $last_earnings = $query->as_array(); $content->last_earnings = isset($last_earnings[0]['total']) ? $last_earnings[0]['total'] : 0; } //due to pay, is commisions with to pay date bigger than today //commissions due to pay $query = DB::select(DB::expr('SUM(amount) total'))->from('affiliates')->where('id_user', '=', $user->id_user)->where('date_to_pay', '<', Date::unix2mysql())->where('status', '=', Model_Affiliate::STATUS_CREATED)->group_by('id_user')->execute(); $due_to_pay = $query->as_array(); $content->due_to_pay = isset($due_to_pay[0]['total']) ? $due_to_pay[0]['total'] : 0; //Getting the dates and range $from_date = Core::post('from_date', strtotime('-1 month')); $to_date = Core::post('to_date', time()); //we assure is a proper time stamp if not we transform it if (is_string($from_date) === TRUE) { $from_date = strtotime($from_date); } if (is_string($to_date) === TRUE) { $to_date = strtotime($to_date); } //mysql formated dates $my_from_date = Date::unix2mysql($from_date); $my_to_date = Date::unix2mysql($to_date); //dates range we are filtering $dates = Date::range($from_date, $to_date, '+1 day', 'Y-m-d', array('date' => 0, 'count' => 0), 'date'); //dates displayed in the form $content->from_date = date('Y-m-d', $from_date); $content->to_date = date('Y-m-d', $to_date); //visits created last XX days $query = DB::select(DB::expr('DATE(created) date'))->select(DB::expr('COUNT(id_visit) count'))->from('visits')->where('id_affiliate', '=', $user->id_user)->where('created', 'between', array($my_from_date, $my_to_date))->group_by(DB::expr('DATE( created )'))->order_by('date', 'asc')->execute(); $visits = $query->as_array('date'); //commissions created last XX days $query = DB::select(DB::expr('DATE(created) date'))->select(DB::expr('SUM(amount) total'))->from('affiliates')->where('id_user', '=', $user->id_user)->where('created', 'between', array($my_from_date, $my_to_date))->group_by(DB::expr('DATE( created )'))->order_by('date', 'asc')->execute(); $earnings = $query->as_array('date'); $stats_daily = array(); foreach ($dates as $date) { $count_views = isset($visits[$date['date']]['count']) ? $visits[$date['date']]['count'] : 0; $earned = isset($earnings[$date['date']]['total']) ? $earnings[$date['date']]['total'] : 0; $stats_daily[] = array('date' => $date['date'], 'views' => $count_views, '$' => $earned); } $content->stats_daily = $stats_daily; //////////////////////////////////////////////// //list paginated with commissions ///////////////////////////////// $commissions = new Model_Affiliate(); $commissions = $commissions->where('id_user', '=', $user->id_user); $pagination = Pagination::factory(array('view' => 'oc-panel/crud/pagination', 'total_items' => $commissions->count_all(), 'items_per_page' => 100))->route_params(array('controller' => $this->request->controller(), 'action' => $this->request->action(), 'id' => $this->request->param('id'))); $pagination->title($this->template->title); $commissions = $commissions->order_by('created', 'desc')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all(); $pagination = $pagination->render(); $content->pagination = $pagination; $content->commissions = $commissions; ////////////////////////////////// }
/** * Validate Custom Form Fields * @param Validation $post Validation object from form post * XXX This whole function is being done backwards * Need to pull the list of custom form fields first * Then look through them to see if they're set, not the other way around. */ public static function validate_custom_form_fields(&$post) { $custom_fields = array(); if (!isset($post->custom_field)) { return; } /* XXX Checkboxes hackery Checkboxes are submitted in the post as custom_field[field_id-boxnum] This foreach loop consolidates them into one variable separated by commas. If no checkboxes are selected then the custom_field[] for that variable is not sent To get around that the view sets a hidden custom_field[field_id-BLANKHACK] field that ensures the checkbox custom_field is there to be tested. */ foreach ($post->custom_field as $field_id => $field_response) { $split = explode("-", $field_id); if (isset($split[1])) { // The view sets a hidden field for blankhack if ($split[1] == 'BLANKHACK') { if (!isset($custom_fields[$split[0]])) { // then no checkboxes were checked $custom_fields[$split[0]] = ''; } // E.Kala - Removed the else {} block; either way continue is still invoked continue; } if (isset($custom_fields[$split[0]])) { $custom_fields[$split[0]] .= ",{$field_response}"; } else { $custom_fields[$split[0]] = $field_response; } } else { $custom_fields[$split[0]] = $field_response; } } $post->custom_field = $custom_fields; // Kohana::log('debug', Kohana::debug($custom_fields)); foreach ($post->custom_field as $field_id => $field_response) { $field_param = ORM::factory('form_field', $field_id); $custom_name = $field_param->field_name; // Validate that this custom field already exists if (!$field_param->loaded) { // Populate the error field //$errors[$field_id] = "The $custom_name field does not exist"; $post->add_error('custom_field', 'not_exist', array($field_id)); return; } $max_auth = self::get_user_max_auth(); $required_role = ORM::factory('role', $field_param->field_ispublic_submit); if (($required_role->loaded ? $required_role->access_level : 0) > $max_auth) { // Populate the error field $post->add_error('custom_field', 'permission', array($custom_name)); return; } // Validate that the field is required if ($field_param->field_required == 1 and $field_response == "") { $post->add_error('custom_field', 'required', array($custom_name)); return; } // Grab the custom field options for this field $field_options = self::get_custom_field_options($field_id); // Validate Custom fields for text boxes if ($field_param->field_type == 1 and isset($field_options) and $field_response != '') { if (isset($field_options['field_datatype'])) { if ($field_options['field_datatype'] == 'email' and !valid::email($field_response)) { $post->add_error('custom_field', 'email', array($custom_name)); } if ($field_options['field_datatype'] == 'phonenumber' and !valid::phone($field_response)) { $post->add_error('custom_field', 'phone', array($custom_name)); } if ($field_options['field_datatype'] == 'numeric' and !valid::numeric($field_response)) { $post->add_error('custom_field', 'numeric', array($custom_name)); } } } // Validate for date if ($field_param->field_type == 3 and $field_response != "") { $field_default = $field_param->field_default; if (!valid::date_mmddyyyy($field_response)) { $post->add_error('custom_field', 'date_mmddyyyy', array($custom_name)); } } // Validate multi-value boxes only have acceptable values if ($field_param->field_type >= 5 and $field_param->field_type <= 7) { $defaults = explode('::', $field_param->field_default); $options = array(); if (preg_match("/[0-9]+-[0-9]+/", $defaults[0]) and count($defaults) == 1) { $dashsplit = explode('-', $defaults[0]); $start = $dashsplit[0]; $end = $dashsplit[1]; for ($i = $start; $i <= $end; $i++) { array_push($options, $i); } } else { $options = array_map('trim', explode(',', $defaults[0])); } $responses = explode(',', $field_response); foreach ($responses as $response) { if (!in_array($response, $options) and $response != '') { $post->add_error('custom_field', 'values', array($custom_name)); //$errors[$field_id] = "The $custom_name field does not include $response as an option"; } } } // Validate that a required checkbox is checked if ($field_param->field_type == 6 and $field_response == 'BLANKHACK' and $field_param->field_required == 1) { $post->add_error('custom_field', 'required', array($custom_name)); } } return; }
public function request() { if (!IN_PRODUCTION) { $profiler = new Profiler(); } $post = new Validation($_POST); $post->add_rules('email', 'required', array('valid', 'email')); $is_resending = $this->input->get('resend', 0); if ($is_resending || $post->validate()) { $db = Database::instance(); // Check for re-entry of the page here. if ($is_resending) { $email = trim($this->session->get('saved_email')); if (!$email || !valid::email($email)) { if (!$email) { $error_str_id = 'form_error_messages.email.required'; } else { $error_str_id = 'form_error_messages.email.email'; } $this->session->set_flash('signup_email_error', Kohana::lang($error_str_id)); url::redirect('signup'); return; } } else { $email = trim($this->input->post('email')); } if (!$is_resending) { $email_users_set = $db->from('email_users')->select('user_id', 'last_emailed_timestamp', 'is_validated')->where('email', $email)->limit(1)->get(); } if (!$is_resending && count($email_users_set)) { foreach ($email_users_set as $row) { $email_user = $row; } $this->prepend_title("Sign up"); if ($email_user->is_validated) { $this->render_markdown_template(new View('account_already_active')); } else { $this->session->set_flash('saved_email', $email); $this->render_markdown_template(new View('account_resend_email')); } } else { $validation_key = $this->getUniqueCode($email, 32); // What kind of email address is it? if (eregi('@([a-z0-9]+\\.)*uwaterloo\\.ca$', $email)) { $public_api_key = $this->getUniqueCode($email, 32); $private_api_key = $this->getUniqueCode($email, 32); $successfully_sent_email = $this->send_api_key_email($email, $validation_key, $public_api_key, $private_api_key); } else { $successfully_sent_email = $this->send_coming_soon_email($email, $validation_key); } if (!$is_resending) { $user_details_values = array('primary_email' => $email); if (isset($public_api_key) && isset($private_api_key)) { $user_details_values['public_api_key'] = $public_api_key; $user_details_values['private_api_key'] = $private_api_key; } $user_details = $db->insert('user_details', $user_details_values); } if (!$is_resending) { $email_users_values = array('email' => $email, 'validation_key' => $validation_key, 'user_id' => $user_details->insert_id()); $db->insert('email_users', $email_users_values); if ($successfully_sent_email) { $db->from('email_users')->set('last_emailed_timestamp', 'CURRENT_TIMESTAMP', $disable_escaping = true)->where('email', $email)->update(); } } else { if ($successfully_sent_email) { $db->from('email_users')->set('validation_key', $validation_key)->set('last_emailed_timestamp', 'CURRENT_TIMESTAMP', $disable_escaping = true)->where('email', $email)->update(); } } $this->session->set_flash('just_completed', true); url::redirect('signup/completed'); } } else { $errors = $post->errors(); $this->session->set_flash('signup_email_error', Kohana::lang('form_error_messages.email.' . $errors['email'])); url::redirect('signup'); } }
public static function send_notifications($recipient_id, $item_id, $mailtype) { //Load the item $item = ORM::factory("item")->where("id", "=", $item_id)->find(); if (!$item->loaded()) { return false; } //Load the user $recipient = ORM::factory("user")->where("id", "=", $recipient_id)->find(); if (!$recipient->loaded()) { return false; } //Only send mail if the notifications are switched on globally if (!module::get_var("photoannotation", "nonotifications", false)) { //Check if the use has a valid e-mail if (!valid::email($recipient->email)) { return false; } //Get the users settings $notification_settings = self::get_user_notification_settings($recipient); //Check which type of mail to send switch ($mailtype) { case "newtag": //Only send if user has this option enabled if ($notification_settings->newtag) { //Get subject and body and send the mail $subject = module::get_var("photoannotation", "newtagsubject", "Someone tagged a photo of you"); $body = module::get_var("photoannotation", "newtagbody", "Hello %name, please visit %url to view the photo."); $body = str_ireplace(array("%url", "%name"), array($item->abs_url(), $recipient->display_name()), $body); return self::_send_mail($recipient->email, $subject, $body); } break; case "newcomment": //Only send if user has this option enabled if ($notification_settings->comment) { //Don't send if the notification module is active and the user is watching this item if (module::is_active("notification")) { if (notification::is_watching($item, $recipient)) { return false; } } //Get subject and body and send the mail $subject = module::get_var("photoannotation", "newcommentsubject", "Someone added a comment to photo of you"); $body = module::get_var("photoannotation", "newcommentbody", "Hello %name, please visit %url to read the comment."); $body = str_ireplace(array("%url", "%name"), array($item->abs_url(), $recipient->display_name()), $body); return self::_send_mail($recipient->email, $subject, $body); } break; case "updatecomment": //Only send if user has this option enabled if ($notification_settings->comment) { //Don't send if the notification module is active and the user is watching this item if (module::is_active("notification")) { if (notification::is_watching($item, $recipient)) { return false; } } //Get subject and body and send the mail $subject = module::get_var("photoannotation", "updatedcommentsubject", "Someone updated a comment to photo of you"); $body = module::get_var("photoannotation", "updatedcommentbody", "Hello %name, please visit %url to read the comment."); $body = str_ireplace(array("%url", "%name"), array($item->abs_url(), $recipient->display_name()), $body); return self::_send_mail($recipient->email, $subject, $body); } } } return false; }
private function processCreateAdmin() { $valid = TRUE; if (!valid::email($this->session->get('installer.adminEmailAddress'))) { message::set('You must enter a valid email address to continue!'); $valid = FALSE; } elseif (strlen($this->session->get('installer.adminPassword')) < 1) { message::set('You need to set a password!'); $valid = FALSE; } elseif ($this->session->get('installer.adminPassword') != $this->session->get('installer.adminConfirmPassword')) { message::set('Passwords do not match!'); $valid = FALSE; } return $valid; }
/** * Function to import a report form a row in the CSV file * @param array $row * @return bool */ function import_report($row) { // If the date is not in proper date format if (!strtotime($row['INCIDENT DATE'])) { $this->errors[] = Kohana::lang('import.incident_date') . ($this->rownumber + 1) . ': ' . $row['INCIDENT DATE']; } // If a value of Yes or No is NOT set for approval status for the imported row if (isset($row["APPROVED"]) and !in_array(utf8::strtoupper($row["APPROVED"]), array('NO', 'YES'))) { $this->errors[] = Kohana::lang('import.csv.approved') . ($this->rownumber + 1); } // If a value of Yes or No is NOT set for verified status for the imported row if (isset($row["VERIFIED"]) and !in_array(utf8::strtoupper($row["VERIFIED"]), array('NO', 'YES'))) { $this->errors[] = Kohana::lang('import.csv.verified') . ($this->rownumber + 1); } if (count($this->errors)) { return false; } // STEP 1: SAVE LOCATION if (isset($row['LOCATION'])) { $location = new Location_Model(); $location->location_name = isset($row['LOCATION']) ? $row['LOCATION'] : ''; // For Geocoding purposes $location_geocoded = map::geocode($location->location_name); // If we have LATITUDE and LONGITUDE use those if (isset($row['LATITUDE']) and isset($row['LONGITUDE'])) { $location->latitude = isset($row['LATITUDE']) ? $row['LATITUDE'] : 0; $location->longitude = isset($row['LONGITUDE']) ? $row['LONGITUDE'] : 0; } else { $location->latitude = $location_geocoded ? $location_geocoded['latitude'] : 0; $location->longitude = $location_geocoded ? $location_geocoded['longitude'] : 0; } $location->country_id = $location_geocoded ? $location_geocoded['country_id'] : 0; $location->location_date = $this->time; $location->save(); $this->locations_added[] = $location->id; } // STEP 2: SAVE INCIDENT $incident = new Incident_Model(); $incident->location_id = isset($row['LOCATION']) ? $location->id : 0; $incident->user_id = 0; $incident->form_id = (isset($row['FORM #']) and Form_Model::is_valid_form($row['FORM #'])) ? $row['FORM #'] : 1; $incident->incident_title = $row['INCIDENT TITLE']; $incident->incident_description = isset($row['DESCRIPTION']) ? $row['DESCRIPTION'] : ''; $incident->incident_date = date("Y-m-d H:i:s", strtotime($row['INCIDENT DATE'])); $incident->incident_dateadd = $this->time; $incident->incident_active = (isset($row['APPROVED']) and utf8::strtoupper($row['APPROVED']) == 'YES') ? 1 : 0; $incident->incident_verified = (isset($row['VERIFIED']) and utf8::strtoupper($row['VERIFIED']) == 'YES') ? 1 : 0; $incident->save(); $this->incidents_added[] = $incident->id; // STEP 3: Save Personal Information if (isset($row['FIRST NAME']) or isset($row['LAST NAME']) or isset($row['EMAIL'])) { $person = new Incident_Person_Model(); $person->incident_id = $incident->id; $person->person_first = isset($row['FIRST NAME']) ? $row['FIRST NAME'] : ''; $person->person_last = isset($row['LAST NAME']) ? $row['LAST NAME'] : ''; $person->person_email = (isset($row['EMAIL']) and valid::email($row['EMAIL'])) ? $row['EMAIL'] : ''; $person->person_date = date("Y-m-d H:i:s", time()); // Make sure that you're not importing an empty record i.e at least one field has been recorded // If all fields are empty i.e you have an empty record, don't save if (!empty($person->person_first) or !empty($person->person_last) or !empty($person->person_email)) { $person->save(); // Add to array of incident persons added $this->incident_persons_added[] = $person->id; } } // STEP 4: SAVE CATEGORIES // If CATEGORY column exists if (isset($row['CATEGORY'])) { $categorynames = explode(',', trim($row['CATEGORY'])); // Trim whitespace from array values $categorynames = array_map('trim', $categorynames); // Get rid of duplicate category entries in a row $categories = array_unique(array_map('strtolower', $categorynames)); // Add categories to incident foreach ($categories as $categoryname) { // Convert the first string character of the category name to Uppercase $categoryname = utf8::ucfirst($categoryname); // For purposes of adding an entry into the incident_category table $incident_category = new Incident_Category_Model(); $incident_category->incident_id = $incident->id; // If category name exists, add entry in incident_category table if ($categoryname != '') { // Check if the category exists (made sure to convert to uppercase for comparison) if (!isset($this->existing_categories[utf8::strtoupper($categoryname)])) { $this->notices[] = Kohana::lang('import.new_category') . $categoryname; $category = new Category_Model(); $category->category_title = $categoryname; // We'll just use black for now. Maybe something random? $category->category_color = '000000'; // because all current categories are of type '5' $category->category_visible = 1; $category->category_description = $categoryname; $category->category_position = count($this->existing_categories); $category->save(); $this->categories_added[] = $category->id; // Now category_id is known: This time, and for the rest of the import. $this->existing_categories[utf8::strtoupper($categoryname)] = $category->id; } $incident_category->category_id = $this->existing_categories[utf8::strtoupper($categoryname)]; $incident_category->save(); $this->incident_categories_added[] = $incident_category->id; } } } // STEP 5: Save Custom form fields responses // Check for form_id $form_id = (isset($row['FORM #']) and Form_Model::is_valid_form($row['FORM #'])) ? $row['FORM #'] : 1; // Get custom form fields for this particular form $custom_titles = customforms::get_custom_form_fields('', $form_id, false); // Do custom form fields exist on this deployment? if (!empty($custom_titles)) { foreach ($custom_titles as $field_name) { // Check if the column exists in the CSV $rowname = utf8::strtoupper($field_name['field_name']); if (isset($row[$rowname . '-' . $form_id])) { $response = $row[$rowname . '-' . $form_id]; // Grab field_id and field_type $field_id = $field_name['field_id']; $field_type = $field_name['field_type']; // Initialize form response model $form_response = new Form_Response_Model(); $form_response->incident_id = $incident->id; $form_response->form_field_id = $field_id; // If form response exists if ($response != '') { /* Handling case sensitivity issues with custom form field upload */ // Check if the field is a radio button, checkbox OR dropdown field if ($field_type == '5' or $field_type == '6' or $field_type == '7') { // Get field option values $field_values = $field_name['field_default']; // Split field options into individual values $options = explode(",", $field_values); // Since radio button and dropdown fields take single responses if ($field_type == '5' or $field_type == '7') { foreach ($options as $option) { // Carry out a case insensitive comparison between individual field options and csv response // If there's a match, store field option value from the db if (strcasecmp($option, $response) == 0) { $form_response->form_response = $option; } } } // For checkboxes, which accomodate multiple responses if ($field_type == '6') { // Split user responses into single values $csvresponses = explode(",", $response); $values = array(); foreach ($options as $option) { foreach ($csvresponses as $csvresponse) { // Carry out a case insensitive comparison between individual field options and csv response // If there's a match if (strcasecmp($option, $csvresponse) == 0) { // Store field option value from the db $values[] = $option; } } } // Concatenate checkbox values into a string, separated by a comma $form_response->form_response = implode(",", $values); } } else { $form_response->form_response = $response; } // If form_response is provided based on conditions set above, Save the form response if ($form_response->form_response != '') { $form_response->save(); // Add to array of field responses added $this->incident_responses_added[] = $form_response->id; } } } } } return true; }
private function reset_password() { if ($_POST) { if (!valid::email($_POST['email'])) { die('email is not valid'); } $db = new Database(); $account_user_db = $db->query("\n SELECT id, username\n FROM account_users\n WHERE fk_site = '{$this->site_id}'\n AND email = '{$_POST['email']}'\n ")->current(); if (!is_object($account_user_db)) { die('This email does not exist in our records.'); } # Load the user model $account_user = ORM::factory('account_user', $account_user_db->id); $new_password = text::random('alnum', 10); $account_user->password = $new_password; if ($account_user->save()) { die("new password has been generated: {$account_user->username}: {$new_password}"); } # TODO: Remember to send the email!!! } die; }
/** * Enregistrement d'un utilisateur. * * @return void */ public function register() { if (Auth::instance()->logged_in()) { return url::redirect(cookie::get('urlAdminUrl') . '?msg=' . urlencode(Kohana::lang('logger.identify'))); } elseif ($_POST) { $username = $this->input->post('username'); $password = $this->input->post('password'); $tmpUsername = explode('@', $username); $tmpUsername = $tmpUsername[0]; $user = ORM::factory('user', $username); if (!$username || !$password) { $txt = Kohana::lang('logger.error_all_form'); } elseif (!valid::email($username) || !valid::email_domain($username) || !valid::email_rfc($username)) { $txt = Kohana::lang('logger.error_mail_valid'); } elseif (User_Model::verification_mail($username)) { $txt = Kohana::lang('logger.exist_email'); } elseif ($user->loaded) { $txt = Kohana::lang('logger.exist_username'); } elseif ($user->insert(array('username' => $tmpUsername, 'x' => Kohana::config('game.initialPosition.x'), 'y' => Kohana::config('game.initialPosition.y'), 'z' => Kohana::config('game.initialPosition.z'), 'region_id' => Kohana::config('game.initialPosition.region'), 'speed' => Kohana::config('game.initialSpeed'), 'gravity' => Kohana::config('game.initialGravity'), 'password' => Auth::instance()->hash_password($password), 'last_login' => date::Now(), 'argent' => 0, 'hp' => Kohana::config('game.initialHP'), 'hp_max' => Kohana::config('game.initialHP'), 'email' => $username, 'ip' => $_SERVER['REMOTE_ADDR']))) { Auth::instance()->login($username, $password); $from = Kohana::config('game.name') . ' <' . Kohana::config('email.from') . '>'; $subject = Kohana::lang('logger.title_mail_register', Kohana::config('game.name')); $message = Kohana::lang('logger.content_mail_register', $username, $username, $password); email::send($username, $from, $subject, $message, TRUE); return url::redirect('?msg=' . urlencode(Kohana::lang('logger.identify'))); } else { $txt = Kohana::lang('logger.error_register'); } } else { $txt = Kohana::lang('logger.no_acces'); } return self::redirection($txt); }
/** * Tests the valid::email() function. * @dataProvider email_provider * @group core.helpers.valid.email * @test */ public function email($input_email, $expected_result) { $result = valid::email($input_email); $this->assertEquals($expected_result, $result); }
public function valid_email_test() { $this->assert_true_strict(valid::email('*****@*****.**'))->assert_false_strict(valid::email('address@domain')); }
public function reset() { // Validate the form input $input = Validation::factory($this->input->post())->pre_filter('trim')->add_rules('email', 'required', 'email'); if ($input->validate()) { $user = ORM::factory('user')->where('email', $this->input->post('email'))->find(); if (valid::email($this->input->post('email'))) { if ($user->loaded) { $original_password = $user->password; // we have found the user and their email address. // @todo make email useable, view, conifg options etc. $password = text::random(Kohana::config('password_reset.password_character_type'), Kohana::config('password_reset.random_password_length')); $view = new view('account/reset_email'); $view->password = $password; // send the password first, so if it fails we know not to update their account. $sent = email::send($this->input->post('email'), 'admin@' . $this->input->server('HTTP_HOST', 'default_value'), 'You\'re password has been reset', $view, TRUE); if ($sent) { $user->password = $password; if ($user->save()) { $this->notification->add($this->i18n['system.user.success']); url::redirect(url::area() . 'login'); // if their password has been reset, then send them to the login form } else { $this->notification->add($this->i18n['system.user.failed']); } } else { $this->notification->add($this->i18n['system.email.failed'], $this->input->post('email')); } } else { $this->notification->add($this->i18n['system.user.invalid'], $this->input->post('email')); } } else { $this->notification->add($this->i18n['filter.email.email']); // invlaid email address } } else { foreach ($input->errors() as $key => $value) { $this->notification->add($this->i18n['filter.' . $key . '.' . $value]); } } url::redirect(url::area() . 'recover'); // the password was not updated, send them back to the recover page }
public function isValid($validation_data) { $errors = []; foreach ($validation_data as $name => $value) { //echo $name." "; //if (isset($_REQUEST[$name]) && !empty($_REQUEST[$name])) if ($name == "verify_emails") { //echo "verify email found"; $name = "verify_email"; } if ($name == "verify_passwords") { //echo "verify password found"; $name = "verify_password"; } if ($name == "emails") { //echo "verify password found"; $name = "email"; } $exploded = explode(":", $value); //echo $exploded[0]."<br>"; switch ($exploded[0]) { case 'min': $min = $exploded[1]; if (valid::alpha()->length($min)->validate($_REQUEST[$name]) == false) { $errors[] = "{$name} must be at least {$min} Characters Long!"; } break; case 'email': //echo "irum"; if (valid::email()->validate($_REQUEST[$name]) == false) { $errors[] = "You must enter a valid Email address"; } break; case 'alnum': //echo "irum"; if (valid::alnum()->length(4)->validate($_REQUEST[$name]) == false) { $errors[] = "Password must be at least 4 Characters Long"; } break; case 'equalTo': if (valid::equals($_REQUEST[$name])->validate($_REQUEST[$exploded[1]]) == false) { $errors[] = "Values does not match verification value!"; } break; case 'unique': //echo "unique"; $model = "Acme\\models\\" . $exploded[1]; $table = new $model(); //dd($name); $results = $table::where($name, '=', $_REQUEST[$name])->first(); //dd($results); if ($results != null) { $errors[] = $_REQUEST[$name] . " already exist in this system!"; } break; default: $errors[] = "No Values Found!"; break; } } return $errors; }
/** * Check if a given string is a valid url or email. * * @param String $str * @return Boolean */ public function contact_is_valid($str) { if (valid::email($str) || valid::url($str)) { return true; } return false; }
/** * Make sure that the email address is legal. */ public function valid_email(Validation $v, $field) { if ($this->author_id == identity::guest()->id) { if (empty($v->guest_email)) { $v->add_error("guest_email", "required"); } else { if (!valid::email($v->guest_email)) { $v->add_error("guest_email", "invalid"); } } } }
/** * Allows a model to be loaded by code or email * * @param mixed $id code, email * @return string */ public function unique_key($code) { return valid::email($code) ? 'email' : 'code'; }
/** * Set Gravatar email * * @param string $email * @return Gravatar */ public function set_email($email) { if (valid::email($email)) { $this->id = md5(strtolower($email)); } return $this; }
/** * Import Reports via XML * @param DOMNodeList Object $report * @return bool */ public function import_reports($reports) { /* Import individual reports */ foreach ($reports->getElementsByTagName('report') as $report) { $this->totalreports++; // Get Report id $report_id = $report->getAttribute('id'); // Check if this incident already exists in the db if (isset($report_id) and isset($this->incident_ids[$report_id])) { $this->notices[] = Kohana::lang('import.incident_exists') . $report_id; } else { /* Step 1: Location information */ $locations = $report->getElementsByTagName('location'); // If location information has been provided if ($locations->length > 0) { $report_location = $locations->item(0); // Location Name $location_name = xml::get_node_text($report_location, 'name'); // Longitude $longitude = xml::get_node_text($report_location, 'longitude'); // Latitude $latitude = xml::get_node_text($report_location, 'latitude'); if ($location_name) { // For geocoding purposes $location_geocoded = map::geocode($location_name); // Save the location $new_location = new Location_Model(); $new_location->location_name = $location_name ? $location_name : NULL; $new_location->location_date = $this->time; // If longitude/latitude values are present if ($latitude and $longitude) { $new_location->latitude = $latitude ? $latitude : 0; $new_location->longitude = $longitude ? $longitude : 0; } else { // Get geocoded lat/lon values $new_location->latitude = $location_geocoded ? $location_geocoded['latitude'] : $latitude; $new_location->longitude = $location_geocoded ? $location_geocoded['longitude'] : $longitude; } $new_location->country_id = $location_geocoded ? $location_geocoded['country_id'] : 0; $new_location->save(); // Add this location to array of imported locations $this->locations_added[] = $new_location->id; } } /* Step 2: Save Report */ // Report Title $report_title = xml::get_node_text($report, 'title'); // Report Date $report_date = xml::get_node_text($report, 'date'); // Missing report title or report date? if (!$report_title or !$report_date) { $this->errors[] = Kohana::lang('import.xml.incident_title_date') . $this->totalreports; } // If report date is not in the required format if (!strtotime($report_date)) { $this->errors[] = Kohana::lang('import.incident_date') . $this->totalreports . ': ' . html::escape($report_date); } else { // Approval status? $approved = $report->getAttribute('approved'); $report_approved = (isset($approved) and in_array($approved, $this->allowable)) ? $approved : 0; // Verified Status? $verified = $report->getAttribute('verified'); $report_verified = (isset($verified) and in_array($verified, $this->allowable)) ? $verified : 0; // Report mode? $allowed_modes = array(1, 2, 3, 4); $mode = $report->getAttribute('mode'); $report_mode = (isset($mode) and in_array($mode, $allowed_modes)) ? $mode : 1; // Report Form $report_form = xml::get_node_text($report, 'form_name', FALSE); if ($report_form) { if (!isset($this->existing_forms[utf8::strtoupper($report_form)])) { $this->notices[] = Kohana::lang('import.xml.no_form_exists') . $this->totalreports . ': "' . $report_form . '"'; } $form_id = isset($this->existing_forms[utf8::strtoupper($report_form)]) ? $this->existing_forms[utf8::strtoupper($report_form)] : 1; } // Report Date added $dateadd = xml::get_node_text($report, 'dateadd'); // Report Description $report_description = xml::get_node_text($report, 'description'); $new_report = new Incident_Model(); $new_report->location_id = isset($new_location) ? $new_location->id : 0; $new_report->user_id = 0; $new_report->incident_title = $report_title; $new_report->incident_description = $report_description ? $report_description : ''; $new_report->incident_date = date("Y-m-d H:i:s", strtotime($report_date)); $new_report->incident_dateadd = ($dateadd and strtotime($dateadd)) ? $dateadd : $this->time; $new_report->incident_active = $report_approved; $new_report->incident_verified = $report_verified; $new_report->incident_mode = $report_mode; $new_report->form_id = isset($form_id) ? $form_id : 1; $new_report->save(); // Increment imported rows counter $this->importedreports++; // Add this report to array of reports added during import $this->incidents_added[] = $new_report->id; /* Step 3: Save Report Categories*/ // Report Categories exist? $reportcategories = $report->getElementsByTagName('report_categories'); if ($reportcategories->length > 0) { $report_categories = $reportcategories->item(0); foreach ($report_categories->getElementsByTagName('category') as $r_category) { $category = trim($r_category->nodeValue); $report_category = (isset($category) and $category != '') ? $category : ''; if ($report_category != '' and isset($this->existing_categories[utf8::strtoupper($report_category)])) { // Save the incident category $new_incident_category = new Incident_Category_Model(); $new_incident_category->incident_id = $new_report->id; $new_incident_category->category_id = $this->existing_categories[utf8::strtoupper($report_category)]; $new_incident_category->save(); // Add this to array of incident categories added $this->incident_categories_added[] = $new_incident_category->id; } if ($report_category != '' and !isset($this->existing_categories[utf8::strtoupper($report_category)])) { $this->notices[] = Kohana::lang('import.xml.no_category_exists') . $this->totalreports . ': "' . $report_category . '"'; } } } /* Step 4: Save Custom form field responses for this report */ // Report Custom Fields $this_form = $new_report->form_id; $reportfields = $report->getElementsByTagName('custom_fields'); if ($reportfields->length > 0) { $report_fields = $reportfields->item(0); $custom_fields = $report_fields->getElementsByTagName('field'); if ($custom_fields->length > 0) { foreach ($custom_fields as $field) { // Field Name $field_name = $field->hasAttribute('name') ? xml::get_node_text($field, 'name', FALSE) : FALSE; if ($field_name) { // If this field exists in the form listed for this report if (isset($this->existing_fields[utf8::strtoupper($field_name)][$this_form])) { // Get field type and default values $match_field_id = $this->existing_fields[utf8::strtoupper($field_name)][$this_form]; // Grab form field object $match_fields = ORM::Factory('form_field', $match_field_id); $match_field_type = $match_fields->field_type; $match_field_defaults = $match_fields->field_default; // Grab form responses $field_response = trim($field->nodeValue); if ($field_response != '') { // Initialize form response model $new_form_response = new Form_Response_Model(); $new_form_response->incident_id = $new_report->id; $new_form_response->form_field_id = $match_field_id; // For radio buttons, checkbox fields and drop downs, make sure form responses are // within bounds of allowable options for that field // Split field defaults into individual values $field_defaults = explode(',', $match_field_defaults); /* Radio buttons and Drop down fields which take single responses */ if ($match_field_type == 5 or $match_field_type == 7) { foreach ($field_defaults as $match_field_default) { // Carry out a case insensitive string comparison $new_form_response->form_response = strcasecmp($match_field_default, $field_response) == 0 ? $match_field_default : NULL; } } // Checkboxes which if ($match_field_type == 6) { // Split user responses into individual value $responses = explode(',', $field_response); $values = array(); foreach ($match_field_defaults as $match_field_default) { foreach ($responses as $response) { $values[] = strcasecmp($match_field_default, $response) == 0 ? $match_field_default : NULL; } } // Concatenate checkbox values into a string, separated by a comma $new_form_response->form_response = implode(",", $values); } else { $new_form_response->form_response = $field_response; } // Only save if form response is not empty if ($new_form_response->form_response != NULL) { $new_form_response->save(); } // Add this to array of form responses added $this->incident_responses_added[] = $new_form_response->id; } } else { $this->notices[] = Kohana::lang('import.xml.form_field_no_match') . $this->totalreports . ': "' . $field_name . '" on form "' . $new_report->form->form_title . '"'; } } } } } /* Step 5: Save incident persons for this report */ // Report Personal Information $personal_info = $report->getElementsByTagName('personal_info'); // If personal info exists if ($personal_info->length > 0) { $report_info = $personal_info->item(0); // First Name $firstname = xml::get_node_text($report_info, 'first_name'); // Last Name $lastname = xml::get_node_text($report_info, 'last_name'); // Email $r_email = xml::get_node_text($report_info, 'email'); $email = ($r_email and valid::email($r_email)) ? $r_email : NULL; $new_incident_person = new Incident_Person_Model(); $new_incident_person->incident_id = $new_report->id; $new_incident_person->person_date = $new_report->incident_dateadd; // Make sure that at least one of the personal info field entries is provided if ($firstname or $lastname or $email != NULL) { $new_incident_person->person_first = $firstname ? $firstname : NULL; $new_incident_person->person_last = $lastname ? $firstname : NULL; $new_incident_person->person_email = $email; $new_incident_person->save(); // Add this to array of incident persons added during import $this->incident_persons_added[] = $new_incident_person->id; } } /* Step 6: Save media links for this report */ // Report Media $media = $report->getElementsByTagName('media'); if ($media->length > 0) { $media = $media->item(0); foreach ($media->getElementsByTagName('item') as $media_element) { $media_link = trim($media_element->nodeValue); $media_date = $media_element->getAttribute('date'); if (!empty($media_link)) { $media_item = new Media_Model(); $media_item->location_id = isset($new_location) ? $new_location->id : 0; $media_item->incident_id = $new_report->id; $media_item->media_type = $media_element->getAttribute('type'); $media_item->media_link = $media_link; $media_item->media_date = !empty($media_date) ? $media_date : $new_report->incident_date; $media_item->save(); } } } } } } // end individual report import // If we have errors, return FALSE, else TRUE return count($this->errors) === 0; }
public function index($user_id = 0) { // Set messages to display on the login page for the user $message = FALSE; $message_class = 'login_error'; $auth = Auth::instance(); // If already logged in redirect to user account page $insufficient_role = FALSE; if ($auth->logged_in()) { // Redirect users to the relevant dashboard if ($auth->logged_in('login')) { url::redirect($auth->get_user()->dashboard()); } $insufficient_role = TRUE; $message_class = 'login_error'; $message = Kohana::lang('ui_main.insufficient_role'); } // setup and initialize form field names $form = array('action' => '', 'username' => '', 'password' => '', 'password_again' => '', 'name' => '', 'email' => '', 'resetemail' => '', 'confirmation_email' => ''); // copy the form as errors, so the errors will be stored with keys corresponding to the form field names $errors = $form; $form_error = FALSE; $openid_error = FALSE; $success = FALSE; $change_pw_success = FALSE; $new_confirm_email_form = FALSE; $action = isset($_POST["action"]) ? $_POST["action"] : ""; // Override success variable if change_pw_success GET var is set if (isset($_GET["change_pw_success"])) { $change_pw_success = TRUE; $message_class = 'login_success'; $message = Kohana::lang('ui_main.password_changed_successfully'); } // Show send new confirm email form if (isset($_GET["new_confirm_email"])) { $new_confirm_email_form = TRUE; $message_class = 'login_error'; $message = Kohana::lang('ui_main.must_confirm_email_address'); } // Show send new confirm email form if (isset($_GET["confirmation_failure"])) { $new_confirm_email_form = TRUE; $message_class = 'login_error'; $message = Kohana::lang('ui_main.confirm_email_failed'); } // Show that confirming the email address was a success if (isset($_GET["confirmation_success"])) { $message_class = 'login_success'; $message = Kohana::lang('ui_main.confirm_email_successful'); } // Is this a password reset request? We need to show the password reset form if it is if (isset($_GET["reset"])) { $this->template->token = $this->uri->segment(4); $this->template->changeid = $this->uri->segment(3); } // Regular Form Post for Signin // check, has the form been submitted, if so, setup validation if ($_POST and isset($_POST["action"]) and $_POST["action"] == "signin") { // START: Signin Process $post = Validation::factory($_POST); $post->pre_filter('trim'); $post->add_rules('username', 'required'); $post->add_rules('password', 'required'); if ($post->validate(FALSE)) { // Sanitize $_POST data removing all inputs without rules $postdata_array = $post->safe_array(); // Flip this flag to flase to skip the login $valid_login = TRUE; // Load the user $user = ORM::factory('user', $postdata_array['username']); $remember = isset($post->remember) ? TRUE : FALSE; // Allow a login with username or email address, but we need to figure out which is // which so we can pass the appropriate variable on login. Mostly used for RiverID $email = $postdata_array['username']; if (valid::email($email) == FALSE) { // Invalid Email, we need to grab it from the user account instead $email = $user->email; if (valid::email($email) == FALSE and kohana::config('riverid.enable') == TRUE) { // We don't have any valid email for this user. // Only skip login if we are authenticating with RiverID. $valid_login = FALSE; } } // Auth Login requires catching exceptions to properly show errors try { $login = $auth->login($user, $postdata_array['password'], $remember, $email); // Attempt a login if ($login and $valid_login) { // Action::user_login - User Logged In Event::run('ushahidi_action.user_login', $user); // Exists Redirect to Dashboard url::redirect($user->dashboard()); } else { // If user isn't confirmed, redirect to resend confirmation page if (Kohana::config('settings.require_email_confirmation') and ORM::factory('user', $user)->confirmed == 0) { url::redirect("login?new_confirm_email"); } // Generic Error if exception not passed $post->add_error('password', 'login error'); } } catch (Exception $e) { $error_message = $e->getMessage(); // We use a "custom" message because of RiverID. $post->add_error('password', $error_message); } // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any // We need to already have created an error message file, for Kohana to use // Pass the error message file name to the errors() method $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any // We need to already have created an error message file, for Kohana to use // Pass the error message file name to the errors() method $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } // END: Signin Process } elseif ($_POST and isset($_POST["action"]) and $_POST["action"] == "new") { // START: New User Process $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); $post->add_rules('password', 'required', 'length[' . kohana::config('auth.password_length') . ']', 'alpha_dash'); $post->add_rules('name', 'required', 'length[3,100]'); $post->add_rules('email', 'required', 'email', 'length[4,64]'); $post->add_callbacks('username', array($this, 'username_exists_chk')); $post->add_callbacks('email', array($this, 'email_exists_chk')); // If Password field is not blank if (!empty($post->password)) { $post->add_rules('password', 'required', 'length[' . kohana::config('auth.password_length') . ']', 'alpha_dash', 'matches[password_again]'); } //pass the post object to any plugins that care to know. Event::run('ushahidi_action.users_add_login_form', $post); if ($post->validate()) { $riverid_id = false; if (kohana::config('riverid.enable') == true) { $riverid = new RiverID(); $riverid->email = $post->email; $riverid->password = $post->password; $riverid->register(); $riverid_id = $riverid->user_id; } $user = User_Model::create_user($post->email, $post->password, $riverid_id, $post->name); //pass the new user on to any plugins that care to know Event::run('ushahidi_action.user_edit', $user); // Send Confirmation email $email_sent = $this->_send_email_confirmation($user); if ($email_sent) { $message_class = 'login_success'; $message = Kohana::lang('ui_main.login_confirmation_sent'); } else { $message_class = 'login_success'; $message = Kohana::lang('ui_main.login_account_creation_successful'); } $success = TRUE; $action = ""; } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } // END: New User Process } elseif ($_POST and isset($_POST["action"]) and $_POST["action"] == "forgot") { // START: Forgot Password Process $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); $post->add_callbacks('resetemail', array($this, 'email_exists_chk')); if ($post->validate()) { $user = ORM::factory('user', $post->resetemail); // Existing User?? if ($user->loaded) { $email_sent = FALSE; // Determine which reset method to use. The options are to use the RiverID server // or to use the normal method which just resets the password locally. if (Kohana::config('riverid.enable') == TRUE and !empty($user->riverid)) { // Reset on RiverID Server $secret_link = url::site('login/index/' . $user->id . '/%token%?reset'); $message = $this->_email_resetlink_message($user->name, $secret_link); $riverid = new RiverID(); $riverid->email = $post->resetemail; $email_sent = $riverid->requestpassword($message); } else { // Reset locally $secret = $user->forgot_password_token(); $secret_link = url::site('login/index/' . $user->id . '/' . urlencode($secret) . '?reset'); $email_sent = $this->_email_resetlink($post->resetemail, $user->name, $secret_link); } if ($email_sent == TRUE) { $message_class = 'login_success'; $message = Kohana::lang('ui_main.login_confirmation_sent'); } else { $message_class = 'login_error'; $message = Kohana::lang('ui_main.unable_send_email'); } $success = TRUE; $action = ""; } } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } // END: Forgot Password Process } elseif ($_POST and isset($_POST["action"]) and $_POST["action"] == "changepass") { // START: Password Change Process $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); $post->add_rules('token', 'required'); $post->add_rules('changeid', 'required'); $post->add_rules('password', 'required', 'length[' . Kohana::config('auth.password_length') . ']', 'alpha_dash'); $post->add_rules('password', 'required', 'length[' . Kohana::config('auth.password_length') . ']', 'alpha_dash', 'matches[password_again]'); if ($post->validate()) { $success = $this->_new_password($post->changeid, $post->password, $post->token); if ($success == TRUE) { // We don't need to see this page anymore if we were successful. We want to go // to the login form and let the user know that they were successful at // changing their password url::redirect("login?change_pw_success"); exit; } $post->add_error('token', 'invalid'); // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } // END: Password Change Process } elseif ($_POST and isset($_POST["action"]) and $_POST["action"] == "resend_confirmation") { // START: Confirmation Email Resend Process $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); $post->add_callbacks('confirmation_email', array($this, 'email_exists_chk')); if ($post->validate()) { $user = ORM::factory('user', $post->confirmation_email); if ($user->loaded) { // Send Confirmation email $email_sent = $this->_send_email_confirmation($user); if ($email_sent) { $message_class = 'login_success'; $message = Kohana::lang('ui_main.login_confirmation_sent'); $success = TRUE; } else { $message_class = 'login_error'; $message = Kohana::lang('ui_main.unable_send_email'); $success = FALSE; } } else { // ERROR: User doesn't exist $message_class = 'login_error'; $message = Kohana::lang('ui_main.login_email_doesnt_exist'); $success = FALSE; } } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::merge($errors, $post->errors('auth')); $form_error = TRUE; } } // Only if we allow OpenID, should we even try this if (Kohana::config('config.allow_openid') == TRUE) { // START: OpenID Shenanigans // OpenID Post try { $openid = new OpenID(); // Retrieve the Name (if available) and Email $openid->required = array("namePerson", "contact/email"); if (!$openid->mode) { if (isset($_POST["openid_identifier"])) { $openid->identity = $_POST["openid_identifier"]; header("Location: " . $openid->authUrl()); } } elseif ($openid->mode == "cancel") { $openid_error = TRUE; $message_class = 'login_error'; $message = "You have canceled authentication!"; } else { if ($openid->validate()) { // Does User Exist? $openid_user = ORM::factory("openid")->where("openid", $openid->identity)->find(); if ($openid_user->loaded and $openid_user->user) { // First log all other sessions out $auth->logout(); // Initiate Ushahidi side login + AutoLogin $auth->force_login($openid_user->user->username); // Exists Redirect to Dashboard url::redirect($user->dashboard()); } else { // Does this openid have the required email?? $new_openid = $openid->getAttributes(); if (!isset($new_openid["contact/email"]) or empty($new_openid["contact/email"])) { $openid_error = TRUE; $message_class = 'login_error'; $message = $openid->identity . " has not been logged in. No Email Address Found."; } else { // Create new User and save OpenID $user = ORM::factory("user"); // But first... does this email address already exist // in the system? if ($user->email_exists($new_openid["contact/email"])) { $openid_error = TRUE; $message_class = 'login_error'; $message = $new_openid["contact/email"] . " is already registered in our system."; } else { $username = "******" . time(); // Random User Name from TimeStamp - can be changed later $password = text::random("alnum", 16); // Create Random Strong Password // Name Available? $user->name = (isset($new_openid["namePerson"]) and !empty($new_openid["namePerson"])) ? $new_openid["namePerson"] : $username; $user->username = $username; $user->password = $password; $user->email = $new_openid["contact/email"]; // Add New Roles $user->add(ORM::factory('role', 'login')); $user->add(ORM::factory('role', 'member')); $user->save(); // Save OpenID and Association $openid_user->user_id = $user->id; $openid_user->openid = $openid->identity; $openid_user->openid_email = $new_openid["contact/email"]; $openid_user->openid_server = $openid->server; $openid_user->openid_date = date("Y-m-d H:i:s"); $openid_user->save(); // Initiate Ushahidi side login + AutoLogin $auth->login($username, $password, TRUE); // Redirect to Dashboard url::redirect($user->dashboard()); } } } } else { $openid_error = TRUE; $message_class = 'login_error'; $message = $openid->identity . "has not been logged in."; } } } catch (ErrorException $e) { $openid_error = TRUE; $message_class = 'login_error'; $message = $e->getMessage(); } // END: OpenID Shenanigans } // Set the little badge under the form informing users that their logins are being managed // by an external service. $this->template->riverid_information = ''; if (kohana::config('riverid.enable') == TRUE) { $riverid = new RiverID(); $this->template->riverid_information = Kohana::lang('ui_main.riverid_information', $riverid->name); $this->template->riverid_url = $riverid->url; } $this->template->errors = $errors; $this->template->success = $success; $this->template->change_pw_success = $change_pw_success; $this->template->form = $form; $this->template->form_error = $form_error; $this->template->new_confirm_email_form = $new_confirm_email_form; // Message to user $this->template->message_class = $message_class; $this->template->message = $message; // This just means the user isn't a member or an admin, so they have nowhere to go, but they are logged in. $this->template->insufficient_role = $insufficient_role; $this->template->site_name = Kohana::config('settings.site_name'); $this->template->site_tagline = Kohana::config('settings.site_tagline'); // Javascript Header $this->template->js = new View('login/login_js'); $this->template->js->action = $action; // Header Nav $header_nav = new View('header_nav'); $this->template->header_nav = $header_nav; $this->template->header_nav->loggedin_user = FALSE; if (isset(Auth::instance()->get_user()->id)) { // Load User $this->template->header_nav->loggedin_role = Auth::instance()->get_user()->dashboard(); $this->template->header_nav->loggedin_user = Auth::instance()->get_user(); } $this->template->header_nav->site_name = Kohana::config('settings.site_name'); }
</span>: <ul> <?php foreach ($user->openid as $openid) { $openid_server = parse_url($openid->openid_server); echo "<li>" . $openid->openid_email . " (" . $openid_server["host"] . ")</li>"; } ?> </ul> </div> <?php } ?> <?php if (isset($user->username) and ($user->username != '' or $user->username != NULL) and valid::email($user->username) == false and $user->public_profile == 1) { ?> <div class="member_info_row"><span class="member_info_label"><?php echo Kohana::lang('ui_main.public_profile_url'); ?> </span>: <br/><a href="<?php echo url::base() . 'profile/user/' . $user->username; ?> "><?php echo url::base() . 'profile/user/' . $user->username; ?> </a> </div> <?php }
/** * Accessor method for setting email address * * @param string email the valid email address of Gravatar user * @return self * @access public * @author Sam Clark */ public function email($email) { if (valid::email($email)) { $this->email = strtolower($email); } else { throw new Kohana_User_Exception('Invalid email format', 'The email address \'' . $email . '\' is improperly formatted'); } return $this; }
public function reset_process() { // Validate the form input $input = Validation::factory($this->input->post())->pre_filter('trim')->add_rules('email', 'required', 'length[4,127]'); if ($input->validate()) { $user = ORM::factory('user')->where('email', $this->input->post('email'))->find(); if (valid::email($this->input->post('email'))) { if ($user->loaded) { // we have found the user and their email address. // @todo make email useable, view, conifg options etc. $password = text::random(Kohana::config('password_reset.password_character_type'), Kohana::config('password_reset.random_password_length')); $user->password = $password; if ($user->save()) { // @todo change this. So very bad. email::send($this->input->post('email'), '*****@*****.**', 'Password Reset', 'As requested, your password has been reset. It is now : ' . $password, TRUE); $this->notification->add()->type('success')->title('Password Reset')->description('Your new password has been emailed to you.'); } else { $this->notification->add()->type('error')->title('System Error')->description('The System was unable to set the new password.'); } } else { $this->notification->add()->type('error')->title('Invalid Email')->description('No such email address is with in our system.'); } } else { $this->notification->add()->type('error')->title('Invalid Email')->description('You must enter a <u>valid</u> email address to recover your password.'); } url::redirect(url::area() . 'login'); } else { $this->notification->add()->type('error')->title('No Email Entered')->description('You must enter a valid email address to recover your password.'); } }