/** * Action called to post values of a new user. */ public function postnewAction() { // TODO prevent CSRF $this->secure('admin'); $user = new App_Model_User(); $user->setUsername($_POST['username']); $user->setPassword($_POST['password']); $user->setFirstname($_POST['firstname']); $user->setLastname($_POST['lastname']); $user->setIsAdmin($_POST['is_admin'] == 'on'); $user->setEmail($_POST['email']); if (0 === count($user->isValid())) { $user->save(); return redirect_to('/admin/users'); } else { $errors = ''; foreach ($user->isValid() as $error) { $errors .= $error . "<br />"; } flash_now('error', $errors); return $this->createAction(); } }
public function createAction() { if (!$this->getUser()->getIsSuperAdmin()) { $this->addFlashMessageNotice('Only super admins may create new users'); $this->_redirect($this->getUrl(array(), 'admin_view_users')); } $this->view->page_heading = 'Create New User'; $form = new Admin_Form_CreateUser(); $this->view->form = $form; if (!$this->getRequest()->isPost()) { return; } $is_form_valid = $form->isValid($this->getRequest()->getPost()); if ($form->password->getValue() != $form->password_confirm->getValue()) { $form->password_confirm->addError('This does not match the other password given'); $is_form_valid = false; } if ($is_form_valid) { $user = new App_Model_User(); $user->setEmail($form->email->getValue()); $user->setPassword($form->password->getValue()); $user->setIsSuperAdmin(false); try { $this->getDb()->persist($user); $this->getDb()->flush(); $this->addFlashMessageSuccess('New user has been created successfully'); $this->_redirect($this->getUrl(array(), 'admin_view_users')); } catch (PDOException $e) { $dbException = new App_Model_DBExceptionDecorator($e); if ($dbException->isDuplicateKeyViolation()) { $form->email->addError('A user with that email address already exists'); } else { throw $e; } } } }