Example #1
0
 public function onSuccessImageRemoval($imageName)
 {
     $rearSlashPosition = mb_strpos($imageName, '/');
     $imageID = mb_substr($imageName, 0, $rearSlashPosition);
     $imageOriginalName = mb_substr($imageName, $rearSlashPosition + 1);
     $this->appEventLogger->saveLog(sprintf('User [%s#%s] <b>has REMOVED</b> the Image [%s#%s]', $this->user->getId(), $this->user->getUsername(), $imageID, $imageOriginalName), 'image_removal', $this->user->getId());
 }
Example #2
0
 private function loadDefaultUsers(ObjectManager $manager)
 {
     $guest = new User('guest', '*****@*****.**', 'guest');
     $guest->addRole($this->getReference('role_guest'));
     $manager->persist($guest);
     $admin = new User('admin', '*****@*****.**', 'admin');
     $admin->addRole($this->getReference('role_admin'));
     $manager->persist($admin);
 }
Example #3
0
 public function removeRole(SubmitButton $button)
 {
     if (!$this->authorizator->isAllowed($this->user, 'user', 'remove')) {
         $this->flashMessage('authorization.noPermission', FlashMessage::WARNING);
         $this->redirect('this');
     }
     try {
         $this->userFacade->removeUser($this->pickedUser);
         $this->onSuccessUserRemoval($this->pickedUser);
     } catch (ForeignKeyConstraintViolationException $e) {
         $this->flashMessage('users.userRemoval.messages.cantBeRemoved', FlashMessage::WARNING, ['username' => $this->pickedUser->getUsername()]);
         $this->redirect('this');
     }
 }
Example #4
0
 public function run()
 {
     $user = User::getByRequest();
     if ($user->getUsername() !== null && $user->getPassword() !== null) {
         $readed = $user->read();
         $this->sendModel($readed);
     } else {
         throw new GraphException('bad request', 400);
     }
 }
Example #5
0
 /**
  * Erstellt einen neuen Kommentar in einem Event
  * Returncodes: 0; 50
  * @param $EventID
  * @param $Comment
  * @param $UserID
  * @return int
  */
 public function newComment($EventID, $Comment, $UserID)
 {
     $PDO = $this->PDO;
     $query = "INSERT INTO `eventcomment` (`CommentID`, `EventID`, `UserID`,`UserName`, `Text`) VALUES (:CommentID, :EventID, :UserID, :UserName, :Text)";
     $CommentID = $this->generateCommentID();
     $Comment = str_replace("%20", ' ', $Comment);
     $stmt = $PDO->prepare($query);
     $Users = new \Users\User();
     $UserName = $Users->getNickname($UserID);
     $stmt->bindParam(":CommentID", $CommentID, $PDO::PARAM_INT);
     $stmt->bindParam(":EventID", $EventID, $PDO::PARAM_INT);
     $stmt->bindParam(":UserID", $UserID, $PDO::PARAM_INT);
     $stmt->bindParam(":UserName", $UserName, $PDO::PARAM_STR);
     $stmt->bindParam(":Text", $Comment, $PDO::PARAM_STR);
     if ($stmt->execute()) {
         return 0;
     } else {
         return 50;
     }
 }
Example #6
0
 public static function validators()
 {
     return ['userSearch' => function ($activeForm, $request) {
         if (empty($request['userSearch'])) {
             throw new \Exception('Не указан получатель');
         }
         if (!(int) $request['userSearch']) {
             throw new \Exception('Не указан получатель');
         }
         $user = \Users\User::get((int) $request['userSearch']);
         if (!$user) {
             throw new \Exception('Такой пользователь не найден');
         }
         if ($user->id == \Users\User::$cur->id) {
             throw new \Exception('Нельзя выбрать себя в качестве получателя');
         }
         return true;
     }, 'amount' => function ($activeForm, $request) {
         if (empty($request['amount'])) {
             throw new \Exception('Не указана сумма');
         }
         if (!(double) $request['amount']) {
             throw new \Exception('Не указана сумма');
         }
         $amount = (double) $request['amount'];
         if (empty($request['wallets'])) {
             throw new \Exception('Не указан кошелек');
         }
         if (!(int) $request['wallets']) {
             throw new \Exception('Не указан кошелек');
         }
         $wallets = \App::$cur->money->getUserWallets();
         if (empty($wallets[(int) $request['wallets']])) {
             throw new \Exception('У вас нет такого кошелька');
         }
         $wallet = $wallets[(int) $request['wallets']];
         if (!$wallet->currency->transfer) {
             throw new \Exception('Вы не можете переводить эту валюту');
         }
         if ($wallet->amount < $amount) {
             throw new \Exception('У вас недостаточно средств на кошельке');
         }
         return true;
     }, 'commentClean' => function ($activeForm, &$request) {
         $request['comment'] = trim(htmlspecialchars(urldecode($request['comment'])));
     }];
 }
Example #7
0
 private function fillForm(Form $form, User $user)
 {
     $form['username']->setDefaultValue($user->getUsername());
     $form['email']->setDefaultValue($user->getEmail());
     $form['first_name']->setDefaultValue($user->getFirstName());
     $form['last_name']->setDefaultValue($user->getLastName());
     foreach ($user->getRoles() as $roleID => $role) {
         // todo
         $form['role']->setDefaultValue($roleID);
     }
 }
Example #8
0
 public function onSuccessRolePermissionsEditing(Role $role)
 {
     $this->appEventLogger->saveLog(sprintf('User [%s#%s] <b>has EDITED</b> permissions of Role [%s#%s]', $this->user->getId(), $this->user->getUsername(), $role->getId(), $role->getName()), 'user_role_editing', $this->user->getId());
 }
Example #9
0
 /**
  * @param string $formatString
  * @param Page $page
  * @return string
  * @throws \Nette\Application\UI\InvalidLinkException
  */
 private function createLogMessage($formatString, Page $page)
 {
     return sprintf($formatString, $this->user->getId(), $this->user->getUsername(), $this->linkGenerator->link('Pages:Front:Page:show', ['internal_id' => $page->getId()]), $page->isDraft() ? ' draft' : '', $page->getId(), $page->getTitle());
 }
Example #10
0
$logout = require_post("logout", require_get("logout", false));
$openid = $use_password ? false : require_post("openid", require_get("openid", require_post("openid_manual", require_get("openid_manual", false))));
$oauth2 = require_post("oauth2", require_get("oauth2", false));
if ($openid && !is_string($openid)) {
    throw new Exception(t("Invalid openid parameter"));
}
$messages = array();
$errors = array();
// try logging in?
try {
    if ($openid && $password) {
        // but you can add OpenID identities later
        throw new EscapedException(t("You cannot use both OpenID and password at login."));
    }
    if ($logout) {
        User::logout(db());
        $messages[] = t("Successfully logged out. You may login again here.");
    } else {
        if (!require_get("pause", false)) {
            $user = false;
            try {
                if ($oauth2) {
                    $args = array('oauth2' => $oauth2);
                    $url = absolute_url(url_for('login', $args));
                    $provider = Users\OAuth2Providers::createProvider($oauth2, $url);
                    $user = Users\UserOAuth2::tryLogin(db(), $provider, $url);
                } else {
                    if ($openid) {
                        // we want to add the openid identity URL to the return address
                        // (the return URL is also verified in validate())
                        $args = array("openid" => $openid);
Example #11
0
 public function getUserPartners($user, $levels = 0)
 {
     $return = ['users' => [], 'levels' => [], 'count' => 0, 'lastLevel' => 0];
     $levels = [];
     $userIds = $user->user_id;
     for ($i = 1; $i <= $levels || !$levels; $i++) {
         if (!$userIds && $levels) {
             $levels[$i] = [];
             continue;
         } elseif (!$userIds && !$levels) {
             break;
         }
         $usersLevel = \Users\User::getList(['where' => [['parent_id', $userIds, 'IN']]]);
         $return['users'] += $usersLevel;
         $return['levels'][$i] = array_keys($usersLevel);
         $userIds = implode(',', $return['levels'][$i]);
         $return['lastLevel'] = $i;
     }
     $return['count'] = count($return['users']);
     return $return;
 }
Example #12
0
                $q->execute($user);
                if ($subscribe) {
                    $q = db()->prepare("INSERT INTO pending_subscriptions SET user_id=?,created_at=NOW(),is_subscribe=1");
                    $q->execute(array($user['id']));
                    $messages[] = t("You will be added manually to the :mailing_list soon.", array(':mailing_list' => "<a href=\"http://groups.google.com/group/" . htmlspecialchars(get_site_config('google_groups_announce')) . "\" target=\"_blank\">" . t("Announcements Mailing List") . "</a>"));
                }
                // try sending email
                if ($user_instance->getEmail()) {
                    $user['email'] = $user_instance->getEmail();
                    send_user_email($user, "signup", array("email" => $user['email'], "name" => $name ? $name : $user['email'], "announcements" => "http://groups.google.com/group/" . htmlspecialchars(get_site_config('google_groups_announce')), "url" => absolute_url(url_for("unsubscribe", array('email' => $user['email'], 'hash' => md5(get_site_config('unsubscribe_salt') . $user['email'])))), "wizard_currencies" => absolute_url(url_for("wizard_currencies")), "wizard_addresses" => absolute_url(url_for("wizard_accounts_addresses")), "wizard_accounts" => absolute_url(url_for("wizard_accounts")), "wizard_notifications" => absolute_url(url_for("wizard_notifications")), "reports" => absolute_url(url_for("profile")), "premium" => absolute_url(url_for("premium"))));
                }
                // create default summary pages and cryptocurrencies and graphs contents
                reset_user_settings($user['id']);
                // success!
                // issue #62: rather than requiring another step to login, just log the user in now.
                \Users\User::forceLogin(db(), $user['id']);
                complete_login($user, $autologin);
                $messages[] = t("New account creation successful.");
                // redirect
                set_temporary_messages($messages);
                redirect(url_for(get_site_config('premium_welcome') ? "welcome" : get_site_config('signup_login'), array("pause" => true)));
            }
        } catch (Exception $e) {
            if (!$e instanceof EscapedException) {
                $e = new EscapedException(htmlspecialchars($e->getMessage()), (int) $e->getCode(), $e);
            }
            $errors[] = $e->getMessage();
        }
    }
}
require __DIR__ . "/../layout/templates.php";
Example #13
0
 public function resendActivationAction($userId = 0)
 {
     $user = \Users\User::get((int) $userId);
     if (!$user) {
         Tools::redirect('/', 'Не указан пользователь', 'danger');
     }
     if (!$user->activation) {
         Tools::redirect('/', 'Пользователь уже активирован');
     }
     $from = 'noreply@' . INJI_DOMAIN_NAME;
     $to = $user->mail;
     $subject = 'Активация аккаунта на сайте ' . idn_to_utf8(INJI_DOMAIN_NAME);
     $text = 'Для активации вашего аккаунта перейдите по ссылке <a href = "http://' . INJI_DOMAIN_NAME . '/users/activation/' . $user->id . '/' . $user->activation . '">http://' . idn_to_utf8(INJI_DOMAIN_NAME) . '/users/activation/' . $user->id . '/' . $user->activation . '</a>';
     Tools::sendMail($from, $to, $subject, $text);
     Tools::redirect('/', 'На указанный почтовый ящик была выслана ваша ссылка для подтверждения E-Mail', 'success');
 }
Example #14
0
/**
 * Log out the current user.
 * Also disables autologin for this session.
 */
function user_logout()
{
    User::logout(db());
}
Example #15
0
 public function onSuccessUserRemoval(User $user)
 {
     $this->flashMessage('users.userRemoval.messages.success', FlashMessage::SUCCESS, ['username' => $user->getUsername()]);
     $this->redirect('Users:default');
 }
Example #16
0
 public function getRequestStruct()
 {
     $user = new User();
     return ['User' => $user->defineStruct()];
 }
Example #17
0
 /**
  * @param array $values
  * @param User|null $user
  * @return ValidationObject
  */
 public function update(array $values, User $user)
 {
     $this->em->beginTransaction();
     $user->setFirstName($values['first_name']);
     $user->setLastName($values['last_name']);
     $validationObject = new ValidationObject();
     // todo could be optimized
     $user->clearRoles();
     $role = $this->getRole($values['role'], $validationObject);
     if (!$validationObject->isValid()) {
         $this->em->rollback();
         return $validationObject;
     }
     $user->addRole($role);
     $this->em->persist($user);
     $this->em->flush();
     if ($validationObject->isValid()) {
         $this->em->commit();
         $this->onSuccessUserEditing($user);
         $this->cache->remove($user->getCacheKey());
     } else {
         $this->em->rollback();
     }
     return $validationObject;
 }
Example #18
0
File: Page.php Project: blitzik/CMS
 /**
  * @return string
  */
 public function getAuthorName()
 {
     return $this->author->getName();
 }
Example #19
0
File: Vk.php Project: krvd/cms-Inji
 public static function auth()
 {
     $config = static::getConfig();
     if (empty($_GET['code']) && empty($_GET['error'])) {
         $query = ['client_id' => $config['appId'], 'scope' => 'email', 'response_type' => 'code', 'display' => 'page', 'redirect_uri' => 'http://' . INJI_DOMAIN_NAME . '/users/social/auth/vk'];
         \Tools::redirect("https://oauth.vk.com/authorize?" . http_build_query($query));
     }
     if (empty($_GET['code']) && !empty($_GET['error'])) {
         \Tools::redirect('/', 'Произошла ошибка во время авторизации через соц. сеть: ' . $_GET['error_description']);
     }
     $query = ['client_id' => $config['appId'], 'client_secret' => $config['secret'], 'code' => $_GET['code'], 'redirect_uri' => 'http://' . INJI_DOMAIN_NAME . '/users/social/auth/vk'];
     $result = @file_get_contents("https://oauth.vk.com/access_token?" . http_build_query($query));
     if ($result === false) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $result = json_decode($result, true);
     if (empty($result['user_id'])) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $userQuery = ['user_id' => $result['user_id'], 'fields' => 'sex, bdate, photo_max_orig, home_town', 'access_token' => $result['access_token']];
     $userResult = @file_get_contents("https://api.vk.com/method/users.get?" . http_build_query($userQuery));
     if (!$userResult) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $userDetail = json_decode($userResult, true);
     if (empty($userDetail['response'][0])) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $social = static::getObject();
     $userSocial = \Users\User\Social::get([['uid', $result['user_id']], ['social_id', $social->id]]);
     if ($userSocial && $userSocial->user) {
         \App::$cur->users->newSession($userSocial->user);
         if (!empty(\App::$cur->users->config['loginUrl'][\App::$cur->type])) {
             \Tools::redirect(\App::$cur->users->config['loginUrl'][\App::$cur->type]);
         }
     } else {
         if ($userSocial && !$userSocial->user) {
             $userSocial->delete();
         }
         if (!\Users\User::$cur->id) {
             $user = false;
             if (!empty($result['email'])) {
                 $user = \Users\User::get($result['email'], 'mail');
             }
             if (!$user) {
                 $user = new \Users\User();
                 $user->group_id = 2;
                 $user->role_id = 2;
                 if (!empty($result['email'])) {
                     $user->login = $user->mail = $result['email'];
                 }
                 $invite_code = !empty($_POST['invite_code']) ? $_POST['invite_code'] : (!empty($_COOKIE['invite_code']) ? $_COOKIE['invite_code'] : (!empty($_GET['invite_code']) ? $_GET['invite_code'] : ''));
                 if (!empty($invite_code)) {
                     $invite = \Users\User\Invite::get($invite_code, 'code');
                     $inveiteError = false;
                     if (!$invite) {
                         Msg::add('Такой код пришлашения не найден', 'danger');
                         $inveiteError = true;
                     }
                     if ($invite->limit && !($invite->limit - $invite->count)) {
                         Msg::add('Лимит приглашений для данного кода исчерпан', 'danger');
                         $inveiteError = true;
                     }
                     if (!$inveiteError) {
                         $user->parent_id = $invite->user_id;
                         $invite->count++;
                         $invite->save();
                     }
                 }
                 if (!$user->parent_id && !empty(\App::$cur->Users->config['defaultPartner'])) {
                     $user->parent_id = \App::$cur->Users->config['defaultPartner'];
                 }
                 $user->save();
                 $userInfo = new \Users\User\Info();
                 $userInfo->user_id = $user->id;
                 $userInfo->save();
             }
         } else {
             $user = \Users\User::$cur;
         }
         if (!$user->info->photo_file_id && !empty($userDetail['response'][0]['photo_max_orig'])) {
             $user->info->photo_file_id = \App::$cur->files->uploadFromUrl($userDetail['response'][0]['photo_max_orig']);
         }
         if (!$user->info->first_name && !empty($userDetail['response'][0]['first_name'])) {
             $user->info->first_name = $userDetail['response'][0]['first_name'];
         }
         if (!$user->info->last_name && !empty($userDetail['response'][0]['last_name'])) {
             $user->info->last_name = $userDetail['response'][0]['last_name'];
         }
         if (!$user->info->city && !empty($userDetail['response'][0]['home_town'])) {
             $user->info->city = $userDetail['response'][0]['home_town'];
         }
         if (!$user->info->sex && !empty($userDetail['response'][0]['sex'])) {
             $user->info->sex = $userDetail['response'][0]['sex'] == 2 ? 1 : ($userDetail['response'][0]['sex'] == 1 ? 2 : 0);
         }
         if ($user->info->bday == '0000-00-00' && !empty($userDetail['response'][0]['bdate'])) {
             $user->info->bday = substr_count($userDetail['response'][0]['bdate'], '.') == 2 ? \DateTime::createFromFormat('d.m.Y', $userDetail['response'][0]['bdate'])->format('Y-m-d') : (substr_count($userDetail['response'][0]['bdate'], '.') == 1 ? \DateTime::createFromFormat('d.m', $userDetail['response'][0]['bdate'])->format('Y-m-1') : '0000-00-00');
         }
         $user->info->save();
         $userSocial = new \Users\User\Social();
         $userSocial->uid = $result['user_id'];
         $userSocial->social_id = $social->id;
         $userSocial->user_id = $user->id;
         $userSocial->save();
         \App::$cur->users->newSession($user);
         \Tools::redirect(\App::$cur->users->config['loginUrl'][\App::$cur->type], 'Вы успешно зарегистрировались через ВКонтакте', 'success');
     }
 }
Example #20
0
 /**
  * Gibt alle Teilnhemer mit Details(bspw. Nutzername) für ein Event aus
  * Returncodes: 7; 23
  * @param $EventID
  * @return array|int
  */
 public function getEventMembersWithInformation($EventID)
 {
     $PDO = $this->PDO;
     $query = "SELECT UserID FROM `eventmembers` WHERE EventID = :EventID";
     $stmt = $PDO->prepare($query);
     $stmt->bindParam(":EventID", $EventID, $PDO::PARAM_INT);
     if ($stmt->execute()) {
         if ($stmt->rowCount() == 0) {
             return 23;
         } else {
             $UserIDs = $stmt->fetchAll($PDO::FETCH_COLUMN);
             $Users = new User();
             $temp2 = array();
             foreach ($UserIDs as $UserID) {
                 $Nickname = $Users->getNickname($UserID);
                 $ParticipationState = $this->getParticipantStatus($EventID, $UserID);
                 $temp1 = array('UserID' => $UserID, 'Nickname' => $Nickname, 'ParticipationState' => $ParticipationState);
                 array_push($temp2, $temp1);
             }
             return array("Users" => $temp2);
         }
     } else {
         return 7;
     }
 }
Example #21
0
/**
 * Allows users to delete OpenID locations from their account.
 */
require_login();
$messages = array();
$errors = array();
$identity = require_post("identity");
// make sure we aren't deleting our last identity
$q = db()->prepare("SELECT COUNT(*) AS c FROM user_openid_identities WHERE user_id=?");
$q->execute(array(user_id()));
$count = $q->fetch();
// or we have an OAuth2 identity
$q = db()->prepare("SELECT * FROM user_oauth2_identities WHERE user_id=? LIMIT 1");
$q->execute(array(user_id()));
$oauth2 = $q->fetch();
// or we have a password hash
$q = db()->prepare("SELECT * FROM user_passwords WHERE user_id=?");
$q->execute(array(user_id()));
$password_hash = $q->fetch();
if ($count['c'] <= 1 && !$password_hash && !$oauth2) {
    $errors[] = t("Cannot remove that OpenID identity; at least one identity must be defined.");
    set_temporary_messages($messages);
    set_temporary_errors($errors);
    redirect(url_for('user#user_openid'));
}
$user = \Users\User::getInstance(db());
\Users\UserOpenID::removeIdentity(db(), $user, $identity);
$messages[] = t("Removed OpenID identity ':identity'.", array(':identity' => $identity));
set_temporary_messages($messages);
set_temporary_errors($errors);
redirect(url_for('user#user_openid'));
Example #22
0
 public static function auth()
 {
     $config = static::getConfig();
     if (empty($_GET['code']) && empty($_GET['error'])) {
         $query = ['client_id' => $config['client_id'], 'scope' => 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile', 'response_type' => 'code', 'redirect_uri' => 'http://' . INJI_DOMAIN_NAME . '/users/social/auth/google'];
         \Tools::redirect("https://accounts.google.com/o/oauth2/auth?" . http_build_query($query));
     }
     if (empty($_GET['code']) && !empty($_GET['error'])) {
         \Tools::redirect('/', 'Произошла ошибка во время авторизации через соц. сеть: ' . $_GET['error_description']);
     }
     $query = ['client_id' => $config['client_id'], 'client_secret' => $config['secret'], 'code' => $_GET['code'], 'grant_type' => 'authorization_code', 'redirect_uri' => 'http://' . INJI_DOMAIN_NAME . '/users/social/auth/google'];
     $result = false;
     if ($curl = curl_init()) {
         curl_setopt($curl, CURLOPT_URL, 'https://accounts.google.com/o/oauth2/token');
         curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
         curl_setopt($curl, CURLOPT_POST, true);
         curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($query));
         $result = curl_exec($curl);
         curl_close($curl);
     }
     if ($result === false) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $result = json_decode($result, true);
     if (empty($result['access_token'])) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $userQuery = ['access_token' => $result['access_token']];
     $userResult = @file_get_contents("https://www.googleapis.com/oauth2/v1/userinfo?" . http_build_query($userQuery));
     if (!$userResult) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $userDetail = json_decode($userResult, true);
     if (empty($userDetail['id'])) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $social = static::getObject();
     $userSocial = \Users\User\Social::get([['uid', $userDetail['id']], ['social_id', $social->id]]);
     if ($userSocial && $userSocial->user) {
         \App::$cur->users->newSession($userSocial->user);
         if (!empty(\App::$cur->users->config['loginUrl'][\App::$cur->type])) {
             \Tools::redirect(\App::$cur->users->config['loginUrl'][\App::$cur->type]);
         }
     } else {
         if ($userSocial && !$userSocial->user) {
             $userSocial->delete();
         }
         if (!\Users\User::$cur->id) {
             $user = false;
             if (!empty($userDetail['email']) && !empty($userDetail['verified_email'])) {
                 $user = \Users\User::get($userDetail['email'], 'mail');
             }
             if (!$user) {
                 $user = new \Users\User();
                 $user->group_id = 2;
                 $user->role_id = 2;
                 if (!empty($userDetail['email']) && !empty($userDetail['verified_email'])) {
                     $user->login = $user->mail = $userDetail['email'];
                 }
                 $invite_code = !empty($_POST['invite_code']) ? $_POST['invite_code'] : (!empty($_COOKIE['invite_code']) ? $_COOKIE['invite_code'] : (!empty($_GET['invite_code']) ? $_GET['invite_code'] : ''));
                 if (!empty($invite_code)) {
                     $invite = \Users\User\Invite::get($invite_code, 'code');
                     $inveiteError = false;
                     if (!$invite) {
                         Msg::add('Такой код пришлашения не найден', 'danger');
                         $inveiteError = true;
                     }
                     if ($invite->limit && !($invite->limit - $invite->count)) {
                         Msg::add('Лимит приглашений для данного кода исчерпан', 'danger');
                         $inveiteError = true;
                     }
                     if (!$inveiteError) {
                         $user->parent_id = $invite->user_id;
                         $invite->count++;
                         $invite->save();
                     }
                 }
                 if (!$user->parent_id && !empty(\App::$cur->Users->config['defaultPartner'])) {
                     $user->parent_id = \App::$cur->Users->config['defaultPartner'];
                 }
                 $user->save();
                 $userInfo = new \Users\User\Info();
                 $userInfo->user_id = $user->id;
                 $userInfo->save();
             }
         } else {
             $user = \Users\User::$cur;
         }
         if (!$user->info->photo_file_id && !empty($userDetail['picture'])) {
             $user->info->photo_file_id = \App::$cur->files->uploadFromUrl($userDetail['picture']);
         }
         if (!$user->info->first_name && !empty($userDetail['given_name'])) {
             $user->info->first_name = $userDetail['given_name'];
         }
         if (!$user->info->last_name && !empty($userDetail['family_name'])) {
             $user->info->last_name = $userDetail['family_name'];
         }
         if (!$user->info->sex && !empty($userDetail['gender'])) {
             $user->info->sex = $userDetail['gender'] == 'male' ? 1 : ($userDetail['gender'] == 'female' ? 2 : 0);
         }
         $user->info->save();
         $userSocial = new \Users\User\Social();
         $userSocial->uid = $userDetail['id'];
         $userSocial->social_id = $social->id;
         $userSocial->user_id = $user->id;
         $userSocial->save();
         \App::$cur->users->newSession($user);
         \Tools::redirect('/users/cabinet/profile', 'Вы успешно зарегистрировались через Google+', 'success');
     }
 }
Example #23
0
 public static function auth()
 {
     $config = static::getConfig();
     if (empty($_GET['code']) && empty($_GET['error'])) {
         $query = ['client_id' => $config['appId'], 'scope' => 'email', 'response_type' => 'code', 'redirect_uri' => 'http://' . INJI_DOMAIN_NAME . '/users/social/auth/facebook'];
         \Tools::redirect("https://www.facebook.com/dialog/oauth?" . http_build_query($query));
     }
     if (empty($_GET['code']) && !empty($_GET['error'])) {
         \Tools::redirect('/', 'Произошла ошибка во время авторизации через соц. сеть: ' . $_GET['error_description']);
     }
     $query = ['client_id' => $config['appId'], 'redirect_uri' => 'http://' . INJI_DOMAIN_NAME . '/users/social/auth/facebook', 'client_secret' => $config['secret'], 'code' => urldecode($_GET['code'])];
     $result = @file_get_contents("https://graph.facebook.com/oauth/access_token?" . http_build_query($query));
     if ($result === false) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     parse_str($result, $output);
     if (empty($output['access_token'])) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $userQuery = ['access_token' => $output['access_token'], 'fields' => 'first_name,middle_name,last_name,email,gender,location,picture'];
     $userResult = @file_get_contents("https://graph.facebook.com/me?" . http_build_query($userQuery));
     if (!$userResult) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $userDetail = json_decode($userResult, true);
     if (empty($userDetail['id'])) {
         \Tools::redirect('/', 'Во время авторизации произошли ошибки', 'danger');
     }
     $social = static::getObject();
     $userSocial = \Users\User\Social::get([['uid', $userDetail['id']], ['social_id', $social->id]]);
     if ($userSocial && $userSocial->user) {
         \App::$cur->users->newSession($userSocial->user);
         if (!empty(\App::$cur->users->config['loginUrl'][\App::$cur->type])) {
             \Tools::redirect(\App::$cur->users->config['loginUrl'][\App::$cur->type]);
         }
     } else {
         if ($userSocial && !$userSocial->user) {
             $userSocial->delete();
         }
         if (!\Users\User::$cur->id) {
             $user = false;
             if (!empty($userDetail['email'])) {
                 $user = \Users\User::get($userDetail['email'], 'mail');
             }
             if (!$user) {
                 $user = new \Users\User();
                 $user->group_id = 2;
                 $user->role_id = 2;
                 if (!empty($userDetail['email'])) {
                     $user->login = $user->mail = $userDetail['email'];
                 }
                 $invite_code = !empty($_POST['invite_code']) ? $_POST['invite_code'] : (!empty($_COOKIE['invite_code']) ? $_COOKIE['invite_code'] : (!empty($_GET['invite_code']) ? $_GET['invite_code'] : ''));
                 if (!empty($invite_code)) {
                     $invite = \Users\User\Invite::get($invite_code, 'code');
                     $inveiteError = false;
                     if (!$invite) {
                         Msg::add('Такой код пришлашения не найден', 'danger');
                         $inveiteError = true;
                     }
                     if ($invite->limit && !($invite->limit - $invite->count)) {
                         Msg::add('Лимит приглашений для данного кода исчерпан', 'danger');
                         $inveiteError = true;
                     }
                     if (!$inveiteError) {
                         $user->parent_id = $invite->user_id;
                         $invite->count++;
                         $invite->save();
                     }
                 }
                 if (!$user->parent_id && !empty(\App::$cur->Users->config['defaultPartner'])) {
                     $user->parent_id = \App::$cur->Users->config['defaultPartner'];
                 }
                 $user->save();
                 $userInfo = new \Users\User\Info();
                 $userInfo->user_id = $user->id;
                 $userInfo->save();
             }
         } else {
             $user = \Users\User::$cur;
         }
         if (!$user->info->photo_file_id && !empty($userDetail['picture']['data']['url'])) {
             $user->info->photo_file_id = \App::$cur->files->uploadFromUrl($userDetail['picture']['data']['url']);
         }
         if (!$user->info->first_name && !empty($userDetail['first_name'])) {
             $user->info->first_name = $userDetail['first_name'];
         }
         if (!$user->info->last_name && !empty($userDetail['last_name'])) {
             $user->info->last_name = $userDetail['last_name'];
         }
         if (!$user->info->middle_name && !empty($userDetail['middle_name'])) {
             $user->info->middle_name = $userDetail['middle_name'];
         }
         if (!$user->info->city && !empty($userDetail['location'])) {
             $user->info->city = $userDetail['location'];
         }
         if (!$user->info->sex && !empty($userDetail['gender'])) {
             $user->info->sex = $userDetail['gender'] == 'male' ? 1 : ($userDetail['gender'] == 'female' ? 2 : 0);
         }
         $user->info->save();
         $userSocial = new \Users\User\Social();
         $userSocial->uid = $userDetail['id'];
         $userSocial->social_id = $social->id;
         $userSocial->user_id = $user->id;
         $userSocial->save();
         \App::$cur->users->newSession($user);
         if (!empty(\App::$cur->users->config['loginUrl'][\App::$cur->type])) {
             \Tools::redirect(\App::$cur->users->config['loginUrl'][\App::$cur->type], 'Вы успешно зарегистрировались через Facebook', 'success');
         } else {
             \Tools::redirect('/users/cabinet/profile', 'Вы успешно зарегистрировались через Facebook', 'success');
         }
     }
 }
Example #24
0
 /**
  * Remove the given OAuth2 identity from the given user.
  */
 static function removeIdentity(\Db\Connection $db, User $user, $provider, $uid)
 {
     if (!$user) {
         throw new \InvalidArgumentException("No user provided.");
     }
     $q = $db->prepare("DELETE FROM user_oauth2_identities WHERE user_id=? AND provider=? AND uid=? LIMIT 1");
     return $q->execute(array($user->getId(), $provider, $uid));
 }
Example #25
0
 public function parseDeliveryFields($data, $cart, $fields)
 {
     $name = '';
     foreach ($fields as $field) {
         if ($field->save && !empty($data[$field->id])) {
             $name .= htmlspecialchars($data[$field->id]) . ' ';
         }
     }
     $name = trim($name);
     $save = Ecommerce\Delivery\Save::get([['user_id', $cart->user->id], ['name', $name]]);
     if (!$save) {
         $save = new Ecommerce\Delivery\Save();
         $save->user_id = $cart->user->id;
         $save->name = $name;
         $save->save();
         foreach ($fields as $field) {
             if (!$field->save) {
                 continue;
             }
             $saveValue = new Ecommerce\Delivery\Value();
             $saveValue->value = htmlspecialchars($data[$field->id]);
             $saveValue->delivery_field_id = $field->id;
             $saveValue->delivery_save_id = $save->id;
             $saveValue->save();
         }
     }
     $user = \Users\User::get($cart->user_id);
     foreach ($fields as $field) {
         $info = new \Ecommerce\Cart\DeliveryInfo();
         $info->name = $field->name;
         $info->value = htmlspecialchars($data[$field->id]);
         $info->delivery_field_id = $field->id;
         $info->cart_id = $cart->id;
         $info->save();
         $relations = [];
         if ($field->userfield) {
             if (strpos($field->userfield, ':')) {
                 $path = explode(':', $field->userfield);
                 if (!$user->{$path[0]}->{$path[1]}) {
                     $user->{$path[0]}->{$path[1]} = $info->value;
                     $relations[$path[0]] = $path[0];
                 }
             } else {
                 if (!$user->{$field->userfield}) {
                     $user->{$field->userfield} = $info->value;
                 }
             }
         }
         foreach ($relations as $rel) {
             $user->{$rel}->save();
         }
         $user->save();
     }
     return $save;
 }
Example #26
0
 public function onSuccessTagRemoval(Tag $tag, $id)
 {
     $this->appEventLogger->saveLog(sprintf('User [%s#%s] <b>has REMOVED</b> Tag [%s#%s]', $this->user->getId(), $this->user->getUsername(), $id, $tag->getName()), 'page_tag_removal', $this->user->getId());
 }
Example #27
0
$messages = array();
$errors = array();
$password = require_post("password", false);
$password2 = require_post("password2", false);
if ($password && (strlen($password) < 6 || strlen($password) > 255)) {
    $errors[] = t("Please select a password between :min-:max characters long.", array(':min' => 6, ':max' => 255));
}
if ($password && $password != $password2) {
    $errors[] = t("Those passwords do not match.");
}
if (!$user['email']) {
    $errors[] = t("You need to have added an e-mail address to your account before you can enable password login.");
}
// check there are no other accounts using a password hash on this e-mail address
$q = db()->prepare("SELECT * FROM users WHERE email=? AND id <> ?");
$q->execute(array($user['email'], user_id()));
if ($q->fetch()) {
    $errors[] = t("This e-mail address is already being used by another account for password login.");
}
if (!$errors) {
    // change password
    $user_instance = \Users\User::getInstance(db());
    \Users\UserPassword::changePassword(db(), $user_instance, $password);
    $messages[] = t("Updated password.");
    $name = $user['name'] ? $user['name'] : $user['email'];
    $email = $user['email'];
    send_user_email($user, $user['password_hash'] ? "password_changed" : "password_added", array("email" => $email, "name" => $name));
}
set_temporary_messages($messages);
set_temporary_errors($errors);
redirect(url_for('user#user_password'));