/** * Step 3 of installation - registers the site Admin. */ function register_admin($h) { global $lang; //already included so Hotaru can't re-include it // Make sure that the cache folders have been created before we call $h for the first time // Since we have defined CACHE in install script, the normal Initialize script will think folders are already present createCacheFolders(); //$h = new \Libs\Hotaru(); // overwrites current global with fully initialized Hotaru object // save default admin user if none already present in db $sql = "SELECT user_username FROM " . TABLE_USERS . " WHERE user_role = %s"; $admin_name = $h->db->get_var($h->db->prepare($sql, 'admin')); if (!$admin_name) { // Insert default settings $user_name = 'admin'; $user_email = '*****@*****.**'; $user_password = '******'; $defaultAdminPermission = serialize($h->currentUser->getDefaultPermissions($h, 'admin')); $passwordHash = password_hash($user_password, PASSWORD_DEFAULT); $sql = "INSERT INTO " . TABLE_USERS . " (user_username, user_role, user_date, user_password, user_email, user_permissions) VALUES (%s, %s, CURRENT_TIMESTAMP, %s, %s, %s)"; $h->db->query($h->db->prepare($sql, $user_name, 'admin', $passwordHash, $user_email, $defaultAdminPermission)); } $next_button = false; $error = 0; $step = $h->cage->post->getInt('step'); if ($step == 4) { // Test CSRF // if (!$h->csrf()) { // $h->message = $lang['install_step3_csrf_error']; ; // $h->messages[$lang['install_step3_csrf_error']] = 'red'; // $error = 1; //} if ($h->cage->post->getAlpha('updated') == 'forum') { // Test username $forumUsernameCheck = $h->cage->post->testUsername('forumUsername'); // alphanumeric, dashes and underscores okay, case insensitive if ($forumUsernameCheck) { $forumUsername = $forumUsernameCheck; } else { $h->message = $lang['install_step3_username_error']; $h->messages[$lang['install_step3_username_error']] = 'red'; $error = 1; } // Test password $forumPasswordCheck = $h->cage->post->testPassword('forumPassword'); if ($forumPasswordCheck) { $forumPassword = $forumPasswordCheck; // $h->currentUser->generateHash($password_check); } else { $h->messages[$lang['install_step3_password_match_error']] = 'red'; $error = 1; } // save \Hotaru\Models2\Setting::makeUpdate($h, 'FORUM_USERNAME', $forumUsername); \Hotaru\Models2\Setting::makeUpdate($h, 'FORUM_PASSWORD', $forumPassword); // TODO give a check/confirmation button } else { // Test username $name_check = $h->cage->post->testUsername('username'); // alphanumeric, dashes and underscores okay, case insensitive if ($name_check) { $user_name = $name_check; } else { $h->message = $lang['install_step3_username_error']; $h->messages[$lang['install_step3_username_error']] = 'red'; $error = 1; } // Test password $password_check = $h->cage->post->testPassword('password'); if ($password_check) { $password2_check = $h->cage->post->testPassword('password2'); if ($password_check == $password2_check) { // success $user_password = $password_check; // $h->currentUser->generateHash($password_check); } else { $h->messages[$lang['install_step3_password_match_error']] = 'red'; $error = 1; } } else { $password_check = ""; $password2_check = ""; $h->messages[$lang['install_step3_password_error']] = 'red'; $error = 1; } // Test email $email_check = $h->cage->post->testEmail('email'); if ($email_check) { $user_email = $email_check; // also use this email address as the site notification email address \Hotaru\Models2\Setting::makeUpdate($h, 'SITE_EMAIL', $user_email); } else { $h->messages[$lang['install_step3_email_error']] = 'red'; $error = 1; } } } if ($error == 0) { $user_info = $h->currentUser->getUser($h, 0, $admin_name); // On returning to this page via back or next, the fields are empty at this point, so... $user_name = isset($user_name) ? $user_name : ""; $user_email = isset($user_email) ? $user_email : ""; $user_password = isset($user_password) ? $user_password : ""; if ($user_name != "" && $user_email != "" && $user_password != "") { // There's been a change so update... $h->currentUser->name = $user_name; $h->currentUser->email = $user_email; $h->currentUser->password = $user_password; $h->currentUser->role = 'admin'; $h->currentUser->updateUserBasic($h); $h->currentUser->savePassword($h); // auto login admin user as well, but no cookie unset($h->users[$user_name]); $h->loginCheck($user_name, $user_password); $next_button = true; } else { $user_id = $user_info->user_id; $user_name = $user_info->user_username; $user_email = $user_info->user_email; //$user_password = $user_info->user_password; } } // Show success message if ($step == 4 && $error == 0) { $h->messages[$lang['install_step3_update_success']] = 'green'; } template($h, 'install/register_admin.php', array('next_button' => $next_button, 'user_name' => $user_name, 'user_email' => $user_email)); }
/** * Open or close the site for maintenance * * @param object $h * @param string $switch - 'open' or 'close' */ public function openCloseSite($h, $switch = 'open') { // called via JavaScript if ($switch == 'open') { $value = 'true'; $message = $h->lang("admin_theme_maintenance_close_site"); $siteState = 'close'; } else { $value = 'false'; $message = $h->lang("admin_theme_maintenance_open_site"); $siteState = 'open'; } $result = \Hotaru\Models2\Setting::makeUpdate($h, 'SITE_OPEN', $value, $h->currentUser->id); $json_array = array('activate' => $result, 'message' => $message, 'name' => $siteState); // Send back result data echo json_encode($json_array); die; }
/** * Update an admin setting * * @param string $setting * @param string $value */ public function adminSettingUpdate($h, $setting = '', $value = '') { //$result = \Hotaru\Models\Setting::makeUpdate($setting, $value, $h->currentUser->id); $result = \Hotaru\Models2\Setting::makeUpdate($h, $setting, $value, $h->currentUser->id); }