/**
* Update ['pwd'] in Viewer object and save object
*
* @return object $this
*/
protected function saveNewPassword()
{
$this->email = $this->Registry->Viewer['email'];
$this->username = $this->Registry->Viewer['username'];
$this->newPwd = $this->Request['pwd1'];
$this->Registry->Viewer['pwd'] = String::hashPassword($this->newPwd);
$this->Registry->Viewer->save();
return $this;
}
/**
*
* Create new record in USERS collection,
*
* @return object $this
*/
protected function createNewUser()
{
$coll = $this->Registry->Mongo->USERS;
$coll->ensureIndex(array('username_lc' => 1), array('unique' => true));
/**
* Cannot make email unique index because external users
* don't have email, and then value counts as null
* and multiple null values count as duplicate!
*
*/
$coll->ensureIndex(array('email' => 1));
$coll->ensureIndex(array('role' => 1));
/**
* Indexes for managing 3 types
* of following
*/
$coll->ensureIndex(array('a_f_t' => 1));
$coll->ensureIndex(array('a_f_u' => 1));
$coll->ensureIndex(array('a_f_q' => 1));
$sid = \Lampcms\Cookie::getSidCookie();
$aData['username'] = $this->username;
$aData['username_lc'] = strtolower($this->username);
$aData['email'] = $this->email;
$aData['rs'] = false !== $sid ? $sid : \Lampcms\String::makeSid();
$aData['role'] = $this->getRole();
$aData['tz'] = \Lampcms\TimeZone::getTZbyoffset($this->Request->get('tzo'));
$aData['pwd'] = String::hashPassword($this->pwd);
$aData['i_reg_ts'] = time();
$aData['date_reg'] = date('r');
$aData['i_fv'] = false !== ($intFv = \Lampcms\Cookie::getSidCookie(true)) ? $intFv : time();
$aData['lang'] = $this->Registry->getCurrentLang();
$aData['locale'] = $this->Registry->Locale->getLocale();
/**
* Initial amount of profit point is always 1
* @var int
*/
$aData['i_pp'] = 0;
$aUser = array_merge($this->Registry->Geo->Location->data, $aData);
d('aUser: '******'id: ' . $User['_id']);
$this->processLogin($User);
\Lampcms\PostRegistration::createReferrerRecord($this->Registry, $User);
return $this;
}
/**
*
* Update USERS collection with the
* new value of salted password
*
* @internal param string $pwd
* @internal param int $uid
*
* @return object $this
*/
protected function savePassword()
{
d('$this->newPwd: ' . $this->newPwd);
$uid = $this->Router->getNumber(1);
$salted = String::hashPassword($this->newPwd);
$newdata = array('$set' => array(Schema::PASSWORD => $salted));
$this->Registry->Mongo->USERS->update(array(Schema::PRIMARY => (int) $uid), $newdata);
return $this;
}
/**
*
* Update USERS collection with the
* new value of salted password
*
* @param string $pwd
* @param int $uid
*
* @return object $this
*/
protected function savePassword()
{
d('$this->newPwd: ' . $this->newPwd);
$salted = String::hashPassword($this->newPwd);
$newdata = array('$set' => array("pwd" => $salted));
$this->Registry->Mongo->USERS->update(array('_id' => (int) $this->Request['uid']), $newdata);
return $this;
}
/**
*
* What if email address provided from Facebook
* already belongs to some other user?
*
* This would mean that existing user is just
* trying to signup with Facebook.
*
* In this case we should allow it but ONLY create
* a record in the USERS_FACEBOOK table and use users_id
* of use that we find by email address
*
* and then also insert avatar_external into USERS
*
* @todo create username for user based on Facebook username
* Facebook does not really have username, so we can use fn_ln
*
*/
protected function createNewUser()
{
$extAuth = new \Lampcms\ExternalAuth($this->Registry);
d('cp');
$this->Registry->Mongo->USERS->ensureIndex(array('fb_id' => 1));
/**
* Time zone offset in seconds
*
* @var int
*/
if (array_key_exists('timezone', $this->aFbUserData)) {
$timezone = TimeZone::getTZbyoffset($this->aFbUserData['timezone'] * 3600);
} elseif (false !== ($tzn = Cookie::get('tzn'))) {
$timezone = $tzn;
} else {
$timezone = $this->Registry->Ini->SERVER_TIMEZONE;
}
/**
* User language
*
* @var string
*/
$lang = !empty($this->aFbUserData['locale']) ? \strtolower(\substr($this->aFbUserData['locale'], 0, 2)) : $this->Registry->getCurrentLang();
/**
* User locale
*
* @var string
*/
$locale = !empty($this->aFbUserData['locale']) ? $this->aFbUserData['locale'] : $this->Registry->Locale->getLocale();
$this->tempPassword = String::makePasswd();
/**
* Sid value use existing cookie val
* if possible, otherwise create a new one
*
* @var string
*/
$sid = false === ($sid = Cookie::getSidCookie()) ? String::makeSid() : $sid;
$displayName = !empty($this->aFbUserData['name']) ? $this->aFbUserData['name'] : $this->aFbUserData['first_name'] . ' ' . $this->aFbUserData['last_name'];
$username = $extAuth->makeUsername($displayName, true);
if (!array_key_exists('email', $this->aFbUserData)) {
/**
* @todo if this becomes a common problem
* then we need to ask user for an email address
* at step 2 of registration, just like for Twitter users
* And the 'role' will then be different like 'unactivated_external'
*/
e('No email in Facebook data: ' . print_r($this->aFbUserData, 1));
$email = '';
} else {
$email = \mb_strtolower($this->aFbUserData['email']);
}
/**
* Create new record in USERS table
* do this first because we need uid from
* newly created record
*/
$aUser = array('username' => $username, 'username_lc' => \mb_strtolower($username, 'utf-8'), 'fn' => $this->aFbUserData['first_name'], 'ln' => $this->aFbUserData['last_name'], 'rs' => $sid, 'email' => $email, 'fb_id' => (string) $this->aFbUserData['id'], 'fb_token' => $this->aFbUserData['token'], 'pwd' => String::hashPassword($this->tempPassword), 'avatar_external' => 'http://graph.facebook.com/' . $this->aFbUserData['id'] . '/picture', 'i_reg_ts' => time(), 'date_reg' => date('r'), 'role' => 'external_auth', 'lang' => $lang, 'locale' => $locale, 'i_rep' => 1, 'tz' => $timezone, 'i_fv' => false !== ($intFv = Cookie::getSidCookie(true)) ? $intFv : time());
if (!empty($this->aFbUserData['gender'])) {
$aUser['gender'] = 'male' === $this->aFbUserData['gender'] ? 'M' : 'F';
}
$aUser = \array_merge($this->Registry->Geo->Location->data, $aUser);
if (!empty($this->aFbUserData['locale'])) {
$aUser['locale'] = $this->aFbUserData['locale'];
}
if (!empty($this->aFbUserData['link'])) {
$aUser['fb_url'] = $this->aFbUserData['link'];
}
d('aUser: '******'$this->User after insert: ' . print_r($this->User->getArrayCopy(), 1));
$this->Registry->Dispatcher->post($this->User, 'onNewUser');
$this->Registry->Dispatcher->post($this->User, 'onNewFacebookUser');
d('cp');
$this->saveEmailAddress();
d('cp');
\Lampcms\PostRegistration::createReferrerRecord($this->Registry, $this->User);
return $this;
}
/**
*
* Create new record in USERS collection,
*
* @return object $this
*/
protected function createNewUser()
{
$coll = $this->Registry->Mongo->USERS;
$coll->ensureIndex(array(Schema::USERNAME_LOWERCASE => 1), array('unique' => true));
/**
* Cannot make email unique index because external users
* don't have email, and then value counts as null
* and multiple null values count as duplicate!
*
*/
$coll->ensureIndex(array(Schema::EMAIL => 1));
$coll->ensureIndex(array(Schema::ROLE => 1));
/**
* Indexes for managing 3 types
* of following
*/
$coll->ensureIndex(array('a_f_t' => 1));
$coll->ensureIndex(array('a_f_u' => 1));
$coll->ensureIndex(array('a_f_q' => 1));
$sid = Cookie::getSidCookie();
if (false !== ($tzn = Cookie::get('tzn'))) {
$timezone = $tzn;
} else {
$timezone = $this->Registry->Ini->SERVER_TIMEZONE;
}
$aData[Schema::USERNAME] = $this->username;
$aData[Schema::USERNAME_LOWERCASE] = \mb_strtolower($this->username);
$aData[Schema::EMAIL] = $this->email;
$aData[Schema::SID] = false !== $sid ? $sid : \Lampcms\String::makeSid();
$aData[Schema::ROLE] = $this->getRole();
$aData[Schema::TIMEZONE] = $timezone;
$aData[Schema::PASSWORD] = String::hashPassword($this->pwd);
$aData[Schema::REGISTRATION_TIMESTAMP] = time();
$aData[Schema::REGISTRATION_TIME] = date('r');
$aData[Schema::FIRST_VISIT_TIMESTAMP] = false !== ($intFv = \Lampcms\Cookie::getSidCookie(true)) ? $intFv : time();
$aData[Schema::LOCALE] = $this->Registry->Locale->getLocale();
/**
* Initial reputation is always 1
*
* @var int
*/
$aData[Schema::REPUTATION] = 1;
$aUser = \array_merge($this->Registry->Geo->Location->data, $aData);
d('aUser: '******'new user _id: ' . $User['_id']);
$this->processLogin($User);
\Lampcms\PostRegistration::createReferrerRecord($this->Registry, $User);
return $this;
}
/**
*
* What if email address provided from Facebook
* already belongs to some other user?
*
* This would mean that existing user is just
* trying to signup with Facebook.
*
* In this case we should allow it but ONLY create
* a record in the USERS_FACEBOOK table and use users_id
* of use that we find by email address
*
* and then also insert avatar_external into USERS
*
* @todo create username for user based on Facebook username
* Facebook does not really have username, so we can use fn_ln
*
*/
protected function createNewUser()
{
$extAuth = new \Lampcms\ExternalAuth($this->Registry);
d('cp');
$this->Registry->Mongo->USERS->ensureIndex(array('fb_id' => 1));
/**
* Time zone offset in seconds
* @var int
*/
$tzo = array_key_exists('timezone', $this->aFbUserData) ? $this->aFbUserData['timezone'] * 3600 : Cookie::get('tzo', 0);
/**
* User language
* @var string
*/
$lang = !empty($this->aFbUserData['locale']) ? \strtolower(\substr($this->aFbUserData['locale'], 0, 2)) : $this->Registry->getCurrentLang();
/**
* User locale
* @var string
*/
$locale = !empty($this->aFbUserData['locale']) ? $this->aFbUserData['locale'] : $this->Registry->Locale->getLocale();
$this->tempPassword = String::makePasswd();
/**
* Sid value use existing cookie val
* if possible, otherwise create a new one
* @var string
*/
$sid = false === ($sid = Cookie::getSidCookie()) ? String::makeSid() : $sid;
$displayName = !empty($this->aFbUserData['name']) ? $this->aFbUserData['name'] : $this->aFbUserData['first_name'] . ' ' . $this->aFbUserData['last_name'];
$username = $extAuth->makeUsername($displayName);
/**
* Create new record in USERS table
* do this first because we need uid from
* newly created record
*/
$aUser = array('username' => $username, 'username_lc' => \mb_strtolower($username, 'utf-8'), 'fn' => $this->aFbUserData['first_name'], 'ln' => $this->aFbUserData['last_name'], 'rs' => $sid, 'email' => Utf8String::factory($this->aFbUserData['email'])->toLowerCase()->valueOf(), 'fb_id' => (string) $this->aFbUserData['id'], 'fb_token' => $this->aFbUserData['token'], 'pwd' => String::hashPassword($this->tempPassword), 'avatar_external' => 'http://graph.facebook.com/' . $this->aFbUserData['id'] . '/picture', 'i_reg_ts' => time(), 'date_reg' => date('r'), 'role' => 'external_auth', 'lang' => $lang, 'i_pp' => 1, 'tz' => TimeZone::getTZbyoffset($tzo), 'i_fv' => false !== ($intFv = Cookie::getSidCookie(true)) ? $intFv : time());
if (!empty($this->aFbUserData['gender'])) {
$aUser['gender'] = 'male' === $this->aFbUserData['gender'] ? 'M' : 'F';
}
$aUser = \array_merge($this->Registry->Geo->Location->data, $aUser);
if (!empty($this->aFbUserData['locale'])) {
$aUser['locale'] = $this->aFbUserData['locale'];
}
if (!empty($this->aFbUserData['link'])) {
$aUser['fb_url'] = $this->aFbUserData['link'];
}
d('aUser: '******'$this->User after insert: ' . print_r($this->User->getArrayCopy(), 1));
$this->Registry->Dispatcher->post($this->User, 'onNewUser');
$this->Registry->Dispatcher->post($this->User, 'onNewFacebookUser');
d('cp');
$this->saveEmailAddress();
d('cp');
\Lampcms\PostRegistration::createReferrerRecord($this->Registry, $this->User);
return $this;
}
/**
* Update the viewer object
* with the new values
* then save the object
*
* @return object $this
*/
protected function updateViewer()
{
$currentRole = $this->Registry->Viewer->getRoleId();
d('$currentRole: ' . $currentRole);
$this->pwd = String::makePasswd();
$pwd = String::hashPassword($this->pwd);
$this->Registry->Viewer->offsetSet(Schema::EMAIL, $this->email);
/**
* Only change username IF this is a new registration
* and username was actually submitted
*
* This means we don't allow to change username after
* the user has already joined the site.
*
* This extra measure here will prevent a possible
* hack where an existing user otherwise may be able
* to change username
*/
if (!empty($this->Request['username'])) {
$username = \trim($this->Request['username']);
$this->Registry->Viewer->offsetSet(Schema::USERNAME, $username);
$this->Registry->Viewer->offsetSet(Schema::USERNAME_LOWERCASE, \mb_strtolower($username));
/**
* Set the hashed password but it will only be
* set if this is a new registration (post-registration)
*/
$this->Registry->Viewer->offsetSet(Schema::PASSWORD, $pwd);
}
/**
* Now sure about changing usergroup yet....
* This is not so easy because if we change to unactivated then
* user will not be able to do certain things like post comments
* but would have been able to do it if he decided NOT to provide
* email address and to just stay as 'external' account
*
* We have to do a more complicated check:
* If user isNewRegistration then we let such user to post comments
* and resources during the first visit otherwise we will check
* if user does not have email address -> ask to provide it
* if user is NOT activated then ask to activate it...
*
* OR we can just don't treat external account as trusted account
* until user provides email and activates it!
*
* I think the best way is to treat external account as trusted BUT
* periodically check and remind user to provide email address
* and to activate it...
*
*/
/**
* If current usergroup is external_users
* then we change it to unactivated_external
* otherwise change to unactivated
*
* unactivated_external have more rights that just
* unactivated but we can still spot that the user
* has not activated an account
* and present a reminder as some point.
*/
$this->Registry->Viewer->setRoleId(Role::UNACTIVATED_EXTERNAL);
$this->Registry->Viewer->save();
/**
*
* This is used in Register for sending out email
*/
$this->username = $this->Registry->Viewer->offsetGet(Schema::USERNAME);
return $this;
}
