/** * Darse de baja * - Si no llega nada, mostrar formulario para que pongan el email de su cuenta * - Si llega post es una peticion, comprobar que el email que han puesto es válido * si no es, dejarlos en el formulario y mensaje de error * si es válido, enviar email con la url y mensaje de ok * * - Si llega un hash, verificar y dar de baja la cuenta (desactivar y ocultar) * * @param string $token Codigo */ public function leave($token = null) { // si el token mola, lo doy de baja if (!empty($token)) { $token = base64_decode($token); $parts = explode('¬', $token); if (count($parts) > 1) { $query = Model\User::query('SELECT id FROM user WHERE email = ? AND token = ?', array($parts[1], $token)); if ($id = $query->fetchColumn()) { if (!empty($id)) { // el token coincide con el email y he obtenido una id if (Model\User::cancel($id)) { Message::Info(Text::get('leave-process-completed')); throw new Redirection(SEC_URL . '/user/login'); } else { Message::Error(Text::get('leave-process-fail')); throw new Redirection(SEC_URL . '/user/login'); } } } } $error = Text::get('leave-token-incorrect'); } if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['leaving'])) { if (Model\User::leaving($_POST['email'], $_POST['reason'])) { $message = Text::get('leave-email-sended'); unset($_POST['email']); unset($_POST['reason']); } else { $error = Text::get('leave-request-fail'); } } return new View('view/user/leave.html.php', array('error' => $error, 'message' => $message)); }
public static function process($action = 'list', $id = null, $filters = array(), $subaction = '') { // @NODESYS $nodes = array(); // @NODESYS $node = \GOTEO_NODE; $errors = array(); switch ($action) { case 'add': // si llega post: creamos if ($_SERVER['REQUEST_METHOD'] == 'POST') { // para crear se usa el mismo método save del modelo, hay que montar el objeto $user = new Model\User(); $user->userid = $_POST['userid']; $user->name = $_POST['name']; $user->email = $_POST['email']; $user->password = $_POST['password']; $user->node = !empty($_POST['node']) ? $_POST['node'] : \GOTEO_NODE; if (isset($_SESSION['admin_node']) && $user->node != $_SESSION['admin_node']) { $user->node = $_SESSION['admin_node']; } $user->save($errors); if (empty($errors)) { // mensaje de ok y volvemos a la lista de usuarios Message::Info(Text::get('user-register-success')); throw new Redirection('/admin/users/manage/' . $user->id); } else { // si hay algun error volvemos a poner los datos en el formulario $data = $_POST; Message::Error(implode('<br />', $errors)); } } // vista de crear usuario return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'add', 'data' => $data, 'nodes' => $nodes)); break; case 'edit': $user = Model\User::get($id); // si llega post: actualizamos if ($_SERVER['REQUEST_METHOD'] == 'POST') { $tocado = array(); // para crear se usa el mismo método save del modelo, hay que montar el objeto if (!empty($_POST['email'])) { $user->email = $_POST['email']; $tocado[] = Text::_('el email'); } if (!empty($_POST['password'])) { $user->password = $_POST['password']; $tocado[] = Text::_('la contraseña'); } if (!empty($tocado) && $user->update($errors)) { // Evento Feed $log = new Feed(); $log->setTarget($user->id, 'user'); $log->populate(Text::_('Operación sobre usuario'), '/admin/users', \vsprintf('El admin %s ha %s del usuario %s', array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Tocado ' . implode(' y ', $tocado)), Feed::item('user', $user->name, $user->id)))); $log->doAdmin('user'); unset($log); // mensaje de ok y volvemos a la lista de usuarios Message::Info(Text::_('Datos actualizados')); throw new Redirection('/admin/users'); } else { // si hay algun error volvemos a poner los datos en el formulario $data = $_POST; Message::Error(Text::_('No se ha guardado correctamente. ') . implode('<br />', $errors)); } } // vista de editar usuario return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'edit', 'user' => $user, 'data' => $data, 'nodes' => $nodes)); break; case 'manage': // si llega post: ejecutamos + mensaje + seguimos editando // operación y acción para el feed $mngSa = static::_manageSubAct(); $sql = $mngSa[$subaction]['sql']; $log_action = $mngSa[$subaction]['log']; if (!empty($sql)) { $user = Model\User::getMini($id); if (Model\User::query($sql, array(':user' => $id))) { // mensaje de ok y volvemos a la gestion del usuario // Message::Info('Ha <strong>' . $log_action . '</strong> al usuario <strong>'.$user->name.'</strong> CORRECTAMENTE'); $log_text = 'El admin %s ha %s al usuario %s'; // procesos adicionales switch ($subaction) { case 'admin': case 'noadmin': // @NODESYS : this admin/noadmin subactions are here for NODESYS module extra break; case 'translator': // le ponemos todos los idiomas (excepto el español) $sql = "INSERT INTO user_translang (user, lang) SELECT '{$id}' as user, id as lang FROM `lang` WHERE id != 'es'"; Model\User::query($sql); break; case 'notranslator': // quitamos los idiomas $sql = "DELETE FROM user_translang WHERE user = :user"; Model\User::query($sql, array(':user' => $id)); break; } } else { // mensaje de error y volvemos a la gestion del usuario Message::Error('Ha FALLADO cuando ha <strong>' . $log_action . '</strong> al usuario <strong>' . $id . '</strong>'); $log_text = 'Al admin %s le ha <strong>FALLADO</strong> cuando ha %s al usuario %s'; } // Evento Feed $log = new Feed(); $log->setTarget($user->id, 'user'); $log->populate(Text::_('Operación sobre usuario'), '/admin/users', \vsprintf($log_text, array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', $log_action), Feed::item('user', $user->name, $user->id)))); $log->doAdmin('user'); unset($log); throw new Redirection('/admin/users/manage/' . $id); } $user = Model\User::get($id); $viewData = array('folder' => 'users', 'file' => 'manage', 'user' => $user, 'nodes' => $nodes); $viewData['roles'] = Model\User::getRolesList(); $viewData['langs'] = Lang::getAll(); // quitamos el español unset($viewData['langs']['es']); // vista de gestión de usuario return new View('view/admin/index.html.php', $viewData); break; // aplicar idiomas // aplicar idiomas case 'translang': if (!isset($_POST['user'])) { Message::Error(Text::_('Hemos perdido de vista al usuario')); throw new Redirection('/admin/users'); } else { $user = $_POST['user']; } $sql = "DELETE FROM user_translang WHERE user = :user"; Model\User::query($sql, array(':user' => $user)); $anylang = false; foreach ($_POST as $key => $value) { if (\substr($key, 0, \strlen('lang_')) == 'lang_') { $sql = "INSERT INTO user_translang (user, lang) VALUES (:user, :lang)"; if (Model\User::query($sql, array(':user' => $user, ':lang' => $value))) { $anylang = true; } } } if (!$anylang) { Message::Error(Text::_('No se ha seleccionado ningún idioma, este usuario tendrá problemas en su panel de traducción!')); } else { Message::Info(Text::_('Se han aplicado al traductor los idiomas seleccionados')); } throw new Redirection('/admin/users/manage/' . $user); break; case 'impersonate': $user = Model\User::get($id); // vista de acceso a suplantación de usuario return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'impersonate', 'user' => $user, 'nodes' => $nodes)); break; case 'move': $user = Model\User::get($id); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $values = array(':id' => $id, ':node' => $_POST['node']); try { $sql = "UPDATE user SET node = :node WHERE id = :id"; if (Model\User::query($sql, $values)) { $log_text = 'El admin %s ha <span class="red">movido</span> el usuario %s al nodo %s'; } else { $log_text = 'Al admin %s le ha <span class="red">fallado al mover</span> el usuario %s al nodo %s'; } // Evento Feed $log = new Feed(); $log->setTarget($user->id, 'user'); $log->populate('User cambiado de nodo (admin)', '/admin/users', \vsprintf($log_text, array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('user', $user->name, $user->id), Feed::item('user', $nodes[$_POST['node']])))); Message::Error($log->html); $log->doAdmin('user'); unset($log); throw new Redirection('/admin/users'); } catch (\PDOException $e) { Message::Error("Ha fallado! " . $e->getMessage()); } } // vista de acceso a suplantación de usuario return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'move', 'user' => $user, 'nodes' => $nodes)); break; case 'list': default: if (!empty($filters['filtered'])) { $users = Model\User::getAll($filters, $node); } else { $users = array(); } $status = array('active' => Text::_('Activo'), 'inactive' => Text::_('Inactivo')); $interests = Model\User\Interest::getAll(); $roles = Model\User::getRolesList(); $roles['user'] = Text::_('Solo usuario'); $types = array('creators' => Text::_('Impulsores'), 'investors' => Text::_('Cofinanciadores'), 'supporters' => Text::_('Colaboradores')); $orders = array('created' => Text::_('Fecha de alta'), 'name' => Text::_('Alias'), 'id' => Text::_('User'), 'amount' => Text::_('Cantidad'), 'projects' => Text::_('Proyectos')); // proyectos con aportes válidos $projects = Model\Invest::projects(true, $node); return new View('view/admin/index.html.php', array('folder' => 'users', 'file' => 'list', 'users' => $users, 'filters' => $filters, 'status' => $status, 'interests' => $interests, 'roles' => $roles, 'types' => $types, 'nodes' => $nodes, 'projects' => $projects, 'orders' => $orders)); break; } }
public static function process($action = 'list', $id = null, $filters = array()) { // año fiscal $year = Model\User\Donor::$currYear; $year0 = $year; $year1 = $year - 1; $errors = array(); $node = isset($_SESSION['admin_node']) ? $_SESSION['admin_node'] : \GOTEO_NODE; // Valores de filtro $interests = Model\User\Interest::getAll(); $status = Model\Project::status(); $methods = Model\Invest::methods(); $types = array('investor' => 'Cofinanciadores', 'owner' => 'Autores', 'user' => 'Usuarios'); $roles = array('admin' => 'Administrador', 'checker' => 'Revisor', 'translator' => 'Traductor'); // una variable de sesion para mantener los datos de todo esto if (!isset($_SESSION['mailing'])) { $_SESSION['mailing'] = array(); } switch ($action) { case 'edit': $_SESSION['mailing']['receivers'] = array(); $values = array(); $sqlFields = ''; $sqlInner = ''; $sqlFilter = ''; // cargamos los destiantarios //---------------------------- // por tipo de usuario switch ($filters['type']) { case 'investor': $sqlInner .= "INNER JOIN invest\n ON invest.user = user.id\n AND (invest.status = 0 OR invest.status = 1 OR invest.status = 3 OR invest.status = 4)\n INNER JOIN project\n ON project.id = invest.project\n "; $sqlFields .= ", project.name as project"; $sqlFields .= ", project.id as projectId"; break; case 'owner': $sqlInner .= "INNER JOIN project\n ON project.owner = user.id\n "; $sqlFields .= ", project.name as project"; $sqlFields .= ", project.id as projectId"; break; default: break; } $_SESSION['mailing']['filters_txt'] = 'los <strong>' . $types[$filters['type']] . '</strong> '; if (!empty($filters['project']) && !empty($sqlInner)) { $sqlFilter .= " AND project.name LIKE (:project) "; $values[':project'] = '%' . $filters['project'] . '%'; $_SESSION['mailing']['filters_txt'] .= 'de proyectos que su nombre contenga <strong>\'' . $filters['project'] . '\'</strong> '; } elseif (empty($filters['project']) && !empty($sqlInner)) { $_SESSION['mailing']['filters_txt'] .= 'de cualquier proyecto '; } if (isset($filters['status']) && $filters['status'] > -1 && !empty($sqlInner)) { $sqlFilter .= "AND project.status = :status "; $values[':status'] = $filters['status']; $_SESSION['mailing']['filters_txt'] .= 'en estado <strong>' . $status[$filters['status']] . '</strong> '; } elseif ($filters['status'] < 0 && !empty($sqlInner)) { $_SESSION['mailing']['filters_txt'] .= 'en cualquier estado '; } if ($filters['type'] == 'investor') { if (!empty($filters['method']) && !empty($sqlInner)) { $sqlFilter .= "AND invest.method = :method "; $values[':method'] = $filters['method']; $_SESSION['mailing']['filters_txt'] .= 'mediante <strong>' . $methods[$filters['method']] . '</strong> '; } elseif (empty($filters['method']) && !empty($sqlInner)) { $_SESSION['mailing']['filters_txt'] .= 'mediante cualquier metodo '; } } if (!empty($filters['interest'])) { $sqlInner .= "INNER JOIN user_interest\n ON user_interest.user = user.id\n AND user_interest.interest = :interest\n "; $values[':interest'] = $filters['interest']; if ($filters['interest'] == 15) { $_SESSION['mailing']['filters_txt'] .= 'del grupo de testeo '; } else { $_SESSION['mailing']['filters_txt'] .= 'interesados en fin <strong>' . $interests[$filters['interest']] . '</strong> '; } } if (!empty($filters['role'])) { $sqlInner .= "INNER JOIN user_role\n ON user_role.user_id = user.id\n AND user_role.role_id = :role\n "; $values[':role'] = $filters['role']; $_SESSION['mailing']['filters_txt'] .= 'que sean <strong>' . $roles[$filters['role']] . '</strong> '; } if (!empty($filters['name'])) { $sqlFilter .= " AND ( user.name LIKE (:name) OR user.email LIKE (:name) ) "; $values[':name'] = '%' . $filters['name'] . '%'; $_SESSION['mailing']['filters_txt'] .= 'que su nombre o email contenga <strong>\'' . $filters['name'] . '\'</strong> '; } if (!empty($filters['donant'])) { if ($filters['type'] == 'investor') { $sqlFilter .= " AND invest.resign = 1\n AND invest.status IN (1, 3)\n AND invest.charged >= '{$year0}-01-01'\n AND invest.charged < '{$year1}-01-01'\n AND (project.passed IS NOT NULL AND project.passed != '0000-00-00')\n "; $_SESSION['mailing']['filters_txt'] .= 'que haya hecho algun donativo '; } else { Message::Error('Solo se filtran donantes si se envia "A los: Cofinanciadores"'); } } if ($node != \GOTEO_NODE) { $sqlFilter .= " AND user.node = :node"; $values[':node'] = $node; if (!empty($sqlInner)) { $sqlFilter .= " AND project.node = :node"; } } $sql = "SELECT\n user.id as id,\n user.id as user,\n user.name as name,\n user.email as email\n {$sqlFields}\n FROM user\n {$sqlInner}\n WHERE user.active = 1\n {$sqlFilter}\n GROUP BY user.id\n ORDER BY user.name ASC\n "; // die('<pre>'.$sql . '<br />'.print_r($values, 1).'</pre>'); if ($query = Model\User::query($sql, $values)) { foreach ($query->fetchAll(\PDO::FETCH_OBJ) as $receiver) { $_SESSION['mailing']['receivers'][$receiver->id] = $receiver; } } else { Message::Error('Fallo el SQL!!!!! <br />' . $sql . '<pre>' . print_r($values, 1) . '</pre>'); } // si no hay destinatarios, salta a la lista con mensaje de error if (empty($_SESSION['mailing']['receivers'])) { Message::Error('No se han encontrado destinatarios para ' . $_SESSION['mailing']['filters_txt']); throw new Redirection('/admin/mailing/list'); } // si hay, mostramos el formulario de envio return new View('view/admin/index.html.php', array('folder' => 'mailing', 'file' => 'edit', 'filters' => $filters, 'interests' => $interests, 'status' => $status, 'types' => $types, 'roles' => $roles)); break; case 'send': // die(\trace($_POST)); $URL = NODE_ID != GOTEO_NODE ? NODE_URL : SITE_URL; // Enviando contenido recibido a destinatarios recibidos $receivers = array(); $subject = $_POST['subject']; $templateId = !empty($_POST['template']) ? $_POST['template'] : 11; $content = \str_replace('%SITEURL%', $URL, $_POST['content']); // quito usuarios desmarcados foreach ($_SESSION['mailing']['receivers'] as $usr => $userData) { $errors = array(); $campo = 'receiver_' . $usr; if (!isset($_POST[$campo])) { $_SESSION['mailing']['receivers'][$usr]->ok = null; } else { $receivers[] = $userData; } } // montamos el mailing // - se crea un registro de tabla mail $sql = "INSERT INTO mail (id, email, html, template, node) VALUES ('', :email, :html, :template, :node)"; $values = array(':email' => 'any', ':html' => $content, ':template' => $templateId, ':node' => $node); $query = \Goteo\Core\Model::query($sql, $values); $mailId = \Goteo\Core\Model::insertId(); // - se usa el metodo initializeSending para grabar el envío (parametro para autoactivar) // - initiateSending ($mailId, $subject, $receivers, $autoactive = 0) if (\Goteo\Library\Sender::initiateSending($mailId, $subject, $receivers, 1)) { $ok = true; // Evento Feed $log = new Feed(); $log->populate('comunicación masiva a usuarios (admin)', '/admin/mailing', \vsprintf("El admin %s ha iniciado una %s a %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'Comunicacion masiva'), $_SESSION['mailing']['filters_txt']))); $log->doAdmin('admin'); unset($log); } else { $ok = false; // Evento Feed $log = new Feed(); $log->populate('comunicación masiva a usuarios (admin)', '/admin/mailing', \vsprintf("El admin %s le ha %s una %s a %s", array(Feed::item('user', $_SESSION['user']->name, $_SESSION['user']->id), Feed::item('relevant', 'fallado'), Feed::item('relevant', 'Comunicacion masiva'), $_SESSION['mailing']['filters_txt']))); $log->doAdmin('admin'); unset($log); } return new View('view/admin/index.html.php', array('folder' => 'mailing', 'file' => 'send', 'subject' => $subject, 'interests' => $interests, 'status' => $status, 'methods' => $methods, 'types' => $types, 'roles' => $roles, 'users' => $receivers, 'ok' => $ok)); break; } return new View('view/admin/index.html.php', array('folder' => 'mailing', 'file' => 'list', 'interests' => $interests, 'status' => $status, 'methods' => $methods, 'types' => $types, 'roles' => $roles, 'filters' => $filters)); }