/**
* AdminController::userAddEdit()
* Add or Edit a user
* @return void
*/
protected function userAddEdit($p_sMode = 'create')
{
$bEdit = $p_sMode == 'edit';
$oUser = new APP_Model_User();
$oForm = new PPI_Model_Form();
$oForm->init('admin_user_addedit');
//$oForm->setTinyMCE(true);
$oForm->setFormStructure($oUser->getAdminAddEditFormStructure($p_sMode));
if ($oForm->isSubmitted()) {
$aSubmitValues = $oForm->getSubmitValues();
// Edit mode to set the primary key so that it performs an update
if ($bEdit && ($iUserID = $this->oInput->get($p_sMode)) > 0) {
$aSubmitValues[$oUser->getPrimaryKey()] = $iUserID;
}
// Security check
if ($bEdit && $this->getAuthData(false)->role_id < $aSubmitValues[$oUser->getPrimaryKey()]) {
throw new PPI_Exception('Permission error: You cannot modify user privileges higher than your own.');
}
// Unique field check
$sUsernameField = $this->getConfig()->system->usernameField;
$aUniqueFields = array('email');
if ($sUsernameField != 'email') {
$aUniqueFields[] = $sUsernameField;
}
foreach ($aUniqueFields as $sUniqueField) {
$aClause = array($sUniqueField . ' = ' . $oUser->quote($aSubmitValues[$sUsernameField]));
// If we're editing a user, make sure we're not checking against that same user (eg: we don't change the value)
if ($bEdit) {
$aClause[] = $oUser->getPrimaryKey() . ' != ' . $oUser->quote($iUserID);
}
$aRecord = $oUser->getList(implode(' AND ', $aClause))->fetch();
if (!empty($aRecord)) {
$oForm->setElementError($sUniqueField, 'Another user has this field, it must be unique');
}
}
// Main validation check
if ($oForm->isValidated()) {
// Put the record (insert/update)
$oUser->putRecord($aSubmitValues);
/*
$aAuthData = $this->getAuthData();
foreach($aSubmitValues as $submitField => $submitValue) {
$aAuthData[$submitField] = $submitValue;
}
$aAuthData['role_name'] = PPI_Helper_User::getRoleNameFromID($aAuthData['role_id']);
$aAuthData['role_name_nice'] = PPI_Helper_User::getRoleNameNice($aAuthData['role_name']);
$this->getSession()->setAuthData($aAuthData);
*/
$this->setFlashMessage('User account successfully ' . ($bEdit ? 'updated' : 'created') . '.');
$this->redirect('admin/user');
}
}
if ($bEdit === true) {
if (($iUserID = $this->oInput->get('edit', 0)) < 1) {
throw new PPI_Exception('Invalid User ID: ' . $iUserID);
}
// Set the defaults here
$oForm->setDefaults($oUser->find($iUserID));
}
$aViewVars = array('bEdit' => $bEdit, 'formBuilder' => $oForm->getRenderInformation());
$this->adminLoad('admin/user_addedit', $aViewVars);
}
/**
* Send the password recovery email to the user.
* @param string $p_sEmail The Email Address
* @param string $p_sSubject The Subject
* @param string $p_sMessage The Message
* @return boolean
*/
function sendRecoverEmail($p_aUser, $p_sSubject = '', $p_sMessage = '')
{
$oConfig = $this->getConfig();
if ($p_sSubject === '') {
$p_sSubject = 'Password recovery';
}
$sRecoveryCode = base64_encode(time());
if ($p_sMessage === '') {
$p_sMessage = "Hi, {$p_aUser['first_name']}\n\nYou have requested a password recovery and your password has now been reset.\nPlease click the following verification link to reset your password.\n";
$p_sMessage .= $oConfig->system->base_url . 'user/recover/' . urlencode($sRecoveryCode);
}
$oEmail = new PPI_Model_Email_Advanced();
$oEmail->Subject = $p_sSubject;
$oEmail->SetFrom($oConfig->system->adminEmail, $oConfig->system->adminName);
$oEmail->AddAddress($p_aUser['email']);
$oEmail->AltBody = $p_sMessage;
$oEmail->MsgHTML($p_sMessage);
// If the email sent successfully,
if ($oEmail->Send()) {
$oUser = new APP_Model_User();
$sPrimaryKey = $oUser->getPrimaryKey();
// Lets update the users record with their recovery_code
$oUser->putRecord(array('recovery_code' => $sRecoveryCode, $sPrimaryKey => $p_aUser[$sPrimaryKey]));
return true;
}
return false;
}
/**
* AdminController::userAddEdit()
* Add or Edit a user
* @return void
*/
private function userAddEdit($p_sMode = 'create')
{
if (($iSchoolID = $this->oInput->get('schoolid', 0)) < 1) {
throw new PPI_Exception('Invalid School ID: ' . $iSchoolID);
}
$bEdit = $p_sMode == 'edit';
$oUser = new APP_Model_User();
$oForm = new PPI_Model_Form();
$oForm->init('admin_user_addedit');
//$oForm->setTinyMCE(true);
$oForm->setFormStructure($oUser->getAdminAddEditFormStructure($p_sMode));
if ($oForm->isSubmitted() && $oForm->isValidated()) {
$aSubmitValues = $oForm->getSubmitValues();
// Setting the school ID when we insert the user
if (!$bEdit) {
$aSubmitValues['school_id'] = $iSchoolID;
}
// Edit mode to set the primary key so that it performs an update
if ($bEdit && ($iUserID = $this->oInput->get($p_sMode)) > 0) {
$aSubmitValues[$oUser->getPrimaryKey()] = $iUserID;
}
// Put the record (insert/update)
$oUser->putRecord($aSubmitValues);
$this->_setFlashMessage('User account successfully ' . ($bEdit ? 'updated' : 'created') . '.');
$this->_redirect('admin/user/list/schoolid/' . $iSchoolID);
} else {
if ($bEdit === true) {
if (($iUserID = $this->oInput->get('edit', 0)) < 1) {
throw new PPI_Exception('Invalid User ID: ' . $iUserID);
}
// Set the defaults here
$oForm->setDefaults($oUser->find($iUserID));
}
$aViewVars = array('bEdit' => $bEdit, 'formBuilder' => $oForm->getRenderInformation(), 'leftMenu' => true);
$this->loadSmarty('admin/user_addedit', $aViewVars);
}
}
/**
* This function cannot be called directly, it must be extended by a child class and then called.
*
* @return void
*/
protected function register()
{
// If they are already logged in, send them to the postloginredirect location
if ($this->isLoggedIn() === true) {
$this->postLoginRedirect();
}
// Init
$oForm = new PPI_Model_Form();
$oUser = new APP_Model_User();
$oForm->init('user_register', '', 'post');
$oForm->setFormStructure($oUser->_registerFormStructure);
// If the form has been submitted and has been validated
if ($oForm->isSubmitted() && $oForm->isValidated()) {
// Get the info from the form and pass it to the usermodel for insertion
$oUser->putRecord($oForm->getSubmitValues());
// Redirect to the login page
$this->redirect('user/login');
}
$this->addStylesheet('formbuilder.css');
$this->addJavascript('jquery-validate/jquery.validate.min.js');
// show our registration page
$this->load('user/register', array('formBuilder' => $oForm->getRenderInformation()));
}
