/** * Get Auth result * * @param \Phire\Table\UserTypes $type * @return string */ public function getAuthResult($type) { $result = null; if (!$this->isValid()) { $result = $this->getResultMessage(); } else { $user = $this->getUser(); $session = Table\UserSessions::findBy(array('user_id' => $user['id'])); if (!$type->multiple_sessions && isset($session->id)) { $result = 'Multiple sessions are not allowed. Someone is already logged on from ' . $session->ip . '.'; } else { if (!$type->mobile_access && \Pop\Web\Mobile::isMobileDevice()) { $result = 'Mobile access is not allowed.'; } else { if (!$user['verified']) { $result = 'The user is not verified.'; } else { if ($type->id != $user['type_id']) { $userType = Table\UserTypes::findById($user['type_id']); if (isset($userType->id) && !$userType->global_access) { $result = 'The user is not allowed in this area.'; } } } } } } return $result; }
/** * Send password reminder to user * * @param string $email * @param \Pop\Config $config * @return void */ public function sendReminder($email, $config) { $encOptions = $config->encryptionOptions->asArray(); $user = Table\Users::findBy(array('email' => $email)); if (isset($user->id)) { $type = Table\UserTypes::findById($user->type_id); if ($type->password_encryption == Auth\Auth::ENCRYPT_NONE) { $newPassword = $this->password; $newEncPassword = $newPassword; $msg = $this->i18n->__('Your username and password is:'); } else { $newPassword = (string) String::random(8, String::ALPHANUM); $newEncPassword = self::encryptPassword($newPassword, $type->password_encryption, $encOptions); $msg = $this->i18n->__('Your password has been reset for security reasons. Your username and new password is:'); } // Save new password $user->password = $newEncPassword; $user->save(); // Get base path and domain $basePath = strtolower($type->type) != 'user' ? BASE_PATH . '/' . strtolower($type->type) : BASE_PATH . APP_URI; $domain = str_replace('www.', '', $_SERVER['HTTP_HOST']); // Set recipient $rcpt = array('name' => $user->username, 'email' => $user->email, 'username' => $user->username, 'password' => $newPassword, 'login' => 'http://' . $_SERVER['HTTP_HOST'] . $basePath . '/login', 'domain' => $domain, 'message' => $msg); if (file_exists($_SERVER['DOCUMENT_ROOT'] . BASE_PATH . CONTENT_PATH . '/extensions/themes/phire/mail/forgot.txt')) { $mailTmpl = file_get_contents($_SERVER['DOCUMENT_ROOT'] . BASE_PATH . CONTENT_PATH . '/extensions/themes/phire/mail/forgot.txt'); } else { $mailTmpl = file_get_contents(__DIR__ . '/../../../view/phire/mail/forgot.txt'); } $mailTmpl = str_replace(array('Dear', 'Here is your password for', 'You can login at:', 'Thank You'), array($this->i18n->__('Dear'), $this->i18n->__('Here is your password for'), $this->i18n->__('You can login at:'), $this->i18n->__('Thank You')), $mailTmpl); // Send reminder $mail = new Mail($domain . ' - ' . $this->i18n->__('Password Reset'), $rcpt); $mail->from(Table\Config::findById('reply_email')->value); $mail->setText($mailTmpl); $mail->send(); } }
/** * Initialize the ACL object, checking for user types and user roles * * @return void */ protected function initAcl() { // Get the user type from either session or the URI $sess = \Pop\Web\Session::getInstance(); $type = str_replace(BASE_PATH, '', $_SERVER['REQUEST_URI']); // If the URI matches the system user URI if (substr($type, 0, strlen(APP_URI)) == APP_URI) { $type = 'user'; // Else, set user type } else { $type = substr($type, 1); if (strpos($type, '/') !== false) { $type = substr($type, 0, strpos($type, '/')); } } // Create the type object and pass it to the Acl object if (isset($sess->user->type_id)) { $typeObj = \Phire\Table\UserTypes::findById($sess->user->type_id); } else { $typeObj = \Phire\Table\UserTypes::findBy(array('type' => $type)); } $this->getService('acl')->setType($typeObj); // Set the roles for this user type in the Acl object $perms = \Phire\Table\UserRoles::getAllRoles($typeObj->id); if (count($perms['roles']) > 0) { foreach ($perms['roles'] as $role) { $this->getService('acl')->addRole($role); } } // Set up the ACL object's resources and permissions if (count($perms['resources']) > 0) { foreach ($perms['resources'] as $role => $perm) { if (count($perm['allow']) > 0) { foreach ($perm['allow'] as $resource => $p) { $this->getService('acl')->addResource($resource); if (count($p) > 0) { $this->getService('acl')->allow($role, $resource, $p); } else { $this->getService('acl')->allow($role, $resource); } } } else { $this->getService('acl')->allow($role); } if (count($perm['deny']) > 0) { foreach ($perm['deny'] as $resource => $p) { $this->getService('acl')->addResource($resource); if (count($p) > 0) { $this->getService('acl')->deny($role, $resource, $p); } else { $this->getService('acl')->deny($role, $resource); } } } } } }
/** * User add method * * @return void */ public function add() { $this->prepareView('add.phtml', array('assets' => $this->project->getAssets(), 'acl' => $this->project->getService('acl'), 'phireNav' => $this->project->getService('phireNav'))); // Select user type if (null === $this->request->getPath(1)) { $this->view->set('title', $this->view->i18n->__('Users') . ' ' . $this->view->separator . ' ' . $this->view->i18n->__('Select Type')); $form = new Form\User($this->request->getBasePath() . $this->request->getRequestUri(), 'post', '0', false, 0, $this->project->getService('acl')); // If form is submitted if ($this->request->isPost()) { $form->setFieldValues($this->request->getPost(), array('strip_tags' => null, 'htmlentities' => array(ENT_QUOTES, 'UTF-8'))); // If form is valid, redirect to the second part of the form if ($form->isValid()) { Response::redirect($this->request->getBasePath() . $this->request->getRequestUri() . '/' . $form->type_id); // Else, re-render the form with errors } else { $this->view->set('form', $form); $this->send(); } // Else, render the form } else { $this->view->set('form', $form); $this->send(); } // Else, add user } else { $type = Table\UserTypes::findById($this->request->getPath(1)); // If user type is valid if (isset($type->id)) { $this->view->set('title', $this->view->i18n->__('Users') . ' ' . $this->view->separator . ' ' . ucwords(str_replace('-', ' ', $type->type)) . ' ' . $this->view->separator . ' ' . $this->view->i18n->__('Add'))->set('typeId', $type->id); $form = new Form\User($this->request->getBasePath() . $this->request->getRequestUri(), 'post', $type->id, false, 0); // If form is submitted if ($this->request->isPost()) { $form->setFieldValues($this->request->getPost(), array('strip_tags' => null, 'htmlentities' => array(ENT_QUOTES, 'UTF-8'))); // If form is valid, save new user if ($form->isValid()) { $user = new Model\User(); $user->save($form, $this->project->module('Phire')); $this->view->set('id', $user->id); if (null !== $this->request->getPost('update_value') && $this->request->getPost('update_value') == '1') { Response::redirect($this->request->getBasePath() . '/edit/' . $user->id . '?saved=' . time()); } else { if (null !== $this->request->getQuery('update')) { $this->sendJson(array('redirect' => $this->request->getBasePath() . '/edit/' . $user->id . '?saved=' . time(), 'updated' => '', 'form' => 'user-form')); } else { Response::redirect($this->request->getBasePath() . '/index/' . $this->request->getPath(1) . '?saved=' . time()); } } // Else, re-render form with errors } else { if (null !== $this->request->getQuery('update')) { $this->sendJson($form->getErrors()); } else { $this->view->set('form', $form); $this->send(); } } // Else, render form } else { $this->view->set('form', $form); $this->send(); } // Else, redirect } else { Response::redirect($this->request->getBasePath() . '/add'); } } }
/** * Get the init field values * * @param int $tid * @param boolean $profile * @param int $uid * @param string $action * @param boolean $register * @return array */ protected function getInitFields($tid = 0, $profile = false, $uid = 0, $action, $register = false) { $type = Table\UserTypes::findById($tid); $fields1 = array(); // Continue setting up initial user fields $fields1['email1'] = array('type' => 'text', 'label' => $this->i18n->__('Email'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\Email()); if ($type->email_verification) { $fields1['email2'] = array('type' => 'text', 'label' => $this->i18n->__('Re-Type Email'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\Email()); } // If not email as username, create username field if (!$type->email_as_username) { $fields2 = array('username' => array('type' => 'text', 'label' => $this->i18n->__('Username'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => array(new Validator\AlphaNumeric(), new Validator\LengthGte(4)))); if ($uid != 0) { $fields2['username']['attributes']['onkeyup'] = "phire.updateTitle('#username-title', this);"; } } else { $fields2 = array(); if ($uid != 0) { $fields1['email1']['attributes']['onkeyup'] = "phire.updateTitle('#username-title', this);"; } } // Continue setting up initial user fields if ($type->login) { $fields3 = array('password1' => array('type' => 'password', 'label' => $this->i18n->__('Enter Password'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\LengthGte(6)), 'password2' => array('type' => 'password', 'label' => $this->i18n->__('Re-Type Password'), 'required' => true, 'attributes' => array('size' => 30), 'validators' => new Validator\LengthGte(6))); } else { $fields3 = array(); } $fieldGroups = array(); $dynamicFields = false; $model = str_replace('Form', 'Model', get_class($this)); $newFields = \Phire\Model\Field::getByModel($model, $tid, $uid); if ($newFields['dynamic']) { $dynamicFields = true; } if ($newFields['hasFile']) { $this->hasFile = true; } foreach ($newFields as $key => $value) { if (is_numeric($key)) { $fieldGroups[] = $value; } } $fields4 = array(); if ($register) { $site = Table\Sites::getSite(); if ($type->use_csrf) { $fields4['csrf'] = array('type' => 'csrf', 'value' => \Pop\Filter\String::random(8)); } if ($type->use_captcha) { $fields4['captcha'] = array('type' => 'captcha', 'label' => $this->i18n->__('Enter Code'), 'captcha' => '<br /><img id="captcha-image" src="' . $site->base_path . '/captcha" /><br /><a class="reload-link" href="#" onclick="document.getElementById(\'captcha-image\').src = \'' . $site->base_path . '/captcha?reload=1\';return false;">' . $this->i18n->__('Reload') . '</a>', 'attributes' => array('size' => 5)); } } // Finish the initial fields $fields4['submit'] = array('type' => 'submit', 'value' => strpos($action, '/register') !== false ? $this->i18n->__('REGISTER') : $this->i18n->__('SAVE'), 'attributes' => array('class' => strpos($action, '/install/user') !== false || $profile ? 'update-btn' : 'save-btn')); if ($profile) { $fields4['submit']['label'] = ' '; $fields4['submit']['attributes']['style'] = 'width: 250px;'; $fields4['profile'] = array('type' => 'hidden', 'value' => 1); $sess = \Pop\Web\Session::getInstance(); if (isset($sess->reset_pwd)) { $fields4['reset_pwd'] = array('type' => 'hidden', 'value' => 1); } } if (!$profile) { $fields4['update'] = array('type' => 'button', 'value' => $this->i18n->__('Update'), 'attributes' => array('onclick' => "return phire.updateForm('#user-form', " . ($this->hasFile || $dynamicFields ? 'true' : 'false') . ");", 'class' => 'update-btn')); } $fields4['type_id'] = array('type' => 'hidden', 'value' => $tid); $fields4['id'] = array('type' => 'hidden', 'value' => 0); if (!$profile) { $fields4['update_value'] = array('type' => 'hidden', 'value' => 0); } // If not profile if (!$profile) { // Get roles for user type $rolesAry = array('0' => '(' . $this->i18n->__('Blocked') . ')'); if ($tid != 0) { $roles = Table\UserRoles::findBy(array('type_id' => $tid), 'id ASC'); foreach ($roles->rows as $role) { $rolesAry[$role->id] = $role->name; } } $siteIds = array('0' => $_SERVER['HTTP_HOST']); $sites = Table\Sites::findAll(); foreach ($sites->rows as $site) { $siteIds[(string) $site->id] = $site->domain; } $fields4['role_id'] = array('type' => 'select', 'required' => true, 'label' => $this->i18n->__('User Role'), 'value' => $rolesAry, 'marked' => $type->default_role_id); $fields4['verified'] = array('type' => 'select', 'label' => $this->i18n->__('Verified'), 'value' => array('1' => $this->i18n->__('Yes'), '0' => $this->i18n->__('No')), 'marked' => '0'); $fields4['failed_attempts'] = array('type' => 'text', 'label' => $this->i18n->__('Failed Attempts'), 'attributes' => array('size' => 3)); $fields4['site_ids'] = array('type' => 'checkbox', 'label' => $this->i18n->__('Allowed Sites'), 'value' => $siteIds); } if (strpos($action, '/install/user') !== false || $profile) { $allFields = array($fields1, $fields2, $fields3); if (count($fieldGroups) > 0) { foreach ($fieldGroups as $fg) { $allFields[] = $fg; } } $allFields[] = $fields4; } else { $allFields = array($fields4, $fields1, $fields2, $fields3); if (count($fieldGroups) > 0) { foreach ($fieldGroups as $fg) { $allFields[] = $fg; } } } return $allFields; }