Exemple #1
0
 /**
  * Display a form for updating profile info
  *
  * @return  void
  */
 public function updateTask()
 {
     // Check if the user is logged in
     if (User::isGuest()) {
         return App::abort(500, Lang::txt('COM_MEMBERS_REGISTER_ERROR_SESSION_EXPIRED'));
     }
     $force = false;
     $updateEmail = false;
     // Set the pathway
     $this->_buildPathway();
     // Set the page title
     $this->_buildTitle();
     // Instantiate a new registration object
     $xregistration = new \Components\Members\Models\Registration();
     $xprofile = Member::oneOrFail(User::get('id'));
     $hzal = \Hubzero\Auth\Link::find_by_id(User::get('auth_link_id'));
     // Get users component config options, specifically whether or not 'simple' registration is enabled
     $method = Request::getMethod();
     $usersConfig = Component::params('com_members');
     $simpleRegistration = $usersConfig->get('simple_registration', false);
     if ($method == 'POST') {
         // Load POSTed data
         $xregistration->loadPOST();
     } else {
         // Load data from the user object
         $xregistration->loadProfile($xprofile);
         $username = User::get('username');
         $email = User::get('email');
         if ($username[0] == '-' && is_object($hzal)) {
             $sub_email = explode('@', (string) $hzal->email, 2);
             $tmp_username = Session::get('auth_link.tmp_username', $sub_email[0]);
             $xregistration->set('login', $tmp_username);
             $xregistration->set('orcid', Session::get('auth_link.tmp_orcid', ''));
             $xregistration->set('email', $hzal->email);
             $xregistration->set('confirmEmail', $hzal->email);
             if ($simpleRegistration) {
                 $force = false;
                 $method = 'POST';
             } else {
                 $force = true;
             }
         }
     }
     $check = $xregistration->check('update');
     if (!$force && $check && $method == 'GET') {
         Session::set('registration.incomplete', false);
         if ($_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/register/update' || $_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/members/register/update') {
             App::redirect(rtrim(Request::base(true), '/') . '/');
         } else {
             App::redirect($_SERVER['REQUEST_URI']);
         }
         return true;
     }
     if (!$force && $check && $method == 'POST') {
         // Before going any further, we need to do a sanity check to make sure username isn't being changed.
         // This really only happens on a race condition where someone is creating the same account
         // using a 3rd party auth service in two different browsers. Yes, it's crazy!
         if ($xregistration->get('login') && substr(User::get('username'), 0, 1) == '-') {
             // Make sure the username hasn't since been set in the database
             if (substr(User::getInstance(User::get('id'))->get('username'), 0, 1) != '-') {
                 App::redirect(Route::url('index.php?option=com_users&view=logout'), Lang::txt('This account appears to already exist. Please try logging in again.'), 'warning');
                 return;
             }
         }
         $hubHomeDir = rtrim($this->config->get('homedir'), DS);
         $updateEmail = false;
         if ($xprofile->get('homeDirectory') == '') {
             $xprofile->set('homeDirectory', $hubHomeDir . DS . $xprofile->get('username'));
         }
         if ($xprofile->get('registerIP') == '') {
             $xprofile->set('registerIP', Request::getVar('REMOTE_ADDR', '', 'server'));
         }
         if ($xprofile->get('registerDate') == '') {
             $xprofile->set('registerDate', Date::toSql());
         }
         if ($xregistration->get('email') != $xprofile->get('email')) {
             if (is_object($hzal) && $xregistration->get('email') == $hzal->email) {
                 $xprofile->set('activation', 3);
             } else {
                 $code = \Components\Members\Helpers\Utility::genemailconfirm();
                 $xprofile->set('activation', $code);
                 $updateEmail = true;
             }
         }
         if ($xregistration->get('login') != $xprofile->get('username')) {
             $xprofile->set('homeDirectory', $hubHomeDir . DS . $xregistration->get('login'));
         }
         $keys = array('email', 'name', 'surname', 'givenName', 'middleName', 'usageAgreement', 'sendEmail', 'password');
         foreach ($keys as $key) {
             if ($xregistration->get($key) !== null) {
                 $xprofile->set($key, $xregistration->get($key));
             }
         }
         $xprofile->set('username', $xregistration->get('login'));
         $xprofile->save();
         // Update current session if appropriate
         // TODO: update all session of this user
         // TODO: only update if changed
         if ($xprofile->get('id') == User::get('id')) {
             $suser = Session::get('user');
             $suser->set('username', $xprofile->get('username'));
             $suser->set('email', $xprofile->get('email'));
             $suser->set('name', $xprofile->get('name'));
             Session::set('user', $suser);
             // Get the session object
             $table = \JTable::getInstance('session');
             $table->load(Session::getId());
             $table->username = $xprofile->get('username');
             $table->update();
         }
         Session::set('registration.incomplete', false);
         // Notify the user
         if ($updateEmail) {
             \Components\Members\Helpers\Utility::sendConfirmEmail($xprofile, $xregistration);
         }
         // Notify administration
         if ($method == 'POST') {
             $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_ACCOUNT_UPDATE');
             $eaview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'adminupdate'));
             $eaview->option = $this->_option;
             $eaview->controller = $this->_controller;
             $eaview->sitename = Config::get('sitename');
             $eaview->xprofile = $xprofile;
             $eaview->baseURL = $this->baseURL;
             $message = $eaview->loadTemplate();
             $message = str_replace("\n", "\r\n", $message);
         }
         if (!$updateEmail) {
             $suri = Request::getVar('REQUEST_URI', '/', 'server');
             if ($suri == '/register/update' || $suri == '/members/update' || $suri == '/members/register/update') {
                 $suri = Route::url('index.php?option=' . $this->_option . '&task=myaccount');
             }
             App::redirect($suri);
             return;
         } else {
             // Instantiate a new view
             $this->view->set('title', Lang::txt('COM_MEMBERS_REGISTER_UPDATE'))->set('sitename', Config::get('sitename'))->set('xprofile', $xprofile)->set('isSelf', true)->set('updateEmail', $updateEmail)->setErrors($this->getErrors())->display();
         }
         return true;
     }
     return $this->_show_registration_form($xregistration, 'update');
 }
Exemple #2
0
 /**
  * Display a form for updating profile info
  *
  * @return  void
  */
 public function updateTask()
 {
     // Check if the user is logged in
     if (User::isGuest()) {
         return App::abort(500, Lang::txt('COM_MEMBERS_REGISTER_ERROR_SESSION_EXPIRED'));
     }
     $force = false;
     $updateEmail = false;
     // Set the pathway
     $this->_buildPathway();
     // Set the page title
     $this->_buildTitle();
     // Instantiate a new registration object
     $xregistration = new \Components\Members\Models\Registration();
     $xprofile = \Hubzero\User\Profile::getInstance(User::get('id'));
     $hzal = \Hubzero\Auth\Link::find_by_id(User::get('auth_link_id'));
     if (Request::getMethod() == 'POST') {
         // Load POSTed data
         $xregistration->loadPOST();
     } else {
         // Load data from the user object
         if (is_object($xprofile)) {
             $xregistration->loadProfile($xprofile);
         } else {
             $xregistration->loadAccount(User::getRoot());
         }
         $username = User::get('username');
         $email = User::get('email');
         if ($username[0] == '-' && is_object($hzal)) {
             $tmp_username = Session::get('auth_link.tmp_username', '');
             $xregistration->set('login', $tmp_username);
             $xregistration->set('orcid', Session::get('auth_link.tmp_orcid', ''));
             $xregistration->set('email', $hzal->email);
             $xregistration->set('confirmEmail', $hzal->email);
             $force = true;
         }
     }
     $check = $xregistration->check('update');
     if (!$force && $check && Request::getMethod() == 'GET') {
         Session::set('registration.incomplete', false);
         if ($_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/register/update' || $_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/members/register/update') {
             App::redirect(rtrim(Request::base(true), '/') . '/');
         } else {
             App::redirect($_SERVER['REQUEST_URI']);
         }
         return true;
     }
     if (!$force && $check && Request::getMethod() == 'POST') {
         // Before going any further, we need to do a sanity check to make sure username isn't being changed.
         // This really only happens on a race condition where someone is creating the same account
         // using a 3rd party auth service in two different browsers. Yes, it's crazy!
         if ($xregistration->get('login') && substr(User::get('username'), 0, 1) == '-') {
             // Make sure the username hasn't since been set in the database
             if (substr(User::getInstance(User::get('id'))->get('username'), 0, 1) != '-') {
                 App::redirect(Route::url('index.php?option=com_users&view=logout'), Lang::txt('This account appears to already exist. Please try logging in again.'), 'warning');
                 return;
             }
         }
         //$params = Component::params('com_members');
         $hubHomeDir = rtrim($this->config->get('homedir'), '/');
         $updateEmail = false;
         if ($xprofile->get('homeDirectory') == '') {
             $xprofile->set('homeDirectory', $hubHomeDir . '/' . $xprofile->get('username'));
         }
         if ($xprofile->get('regIP') == '') {
             $xprofile->set('regIP', Request::getVar('REMOTE_ADDR', '', 'server'));
         }
         if ($xprofile->get('regHost') == '') {
             if (isset($_SERVER['REMOTE_HOST'])) {
                 $xprofile->set('regHost', Request::getVar('REMOTE_HOST', '', 'server'));
             }
         }
         if ($xprofile->get('registerDate') == '') {
             $xprofile->set('registerDate', Date::toSql());
         }
         if ($xregistration->get('email') != $xprofile->get('email')) {
             if (is_object($hzal) && $xregistration->get('email') == $hzal->email) {
                 $xprofile->set('emailConfirmed', 3);
             } else {
                 $xprofile->set('emailConfirmed', -rand(1, pow(2, 31) - 1));
                 $updateEmail = true;
             }
         }
         if ($xregistration->get('login') != $xprofile->get('username')) {
             $xprofile->set('homeDirectory', $hubHomeDir . '/' . $xregistration->get('login'));
         }
         $xprofile->loadRegistration($xregistration);
         $xprofile->update();
         // Update user table
         // TODO: only update if changed
         $myuser = User::getInstance($xprofile->get('uidNumber'));
         $myuser->set('username', $xprofile->get('username'));
         $myuser->set('email', $xprofile->get('email'));
         $myuser->set('name', $xprofile->get('name'));
         $myuser->save();
         // Update current session if appropriate
         // TODO: update all session of this user
         // TODO: only update if changed
         if ($myuser->get('id') == User::get('id')) {
             $suser = Session::get('user');
             $suser->set('username', $xprofile->get('username'));
             $suser->set('email', $xprofile->get('email'));
             $suser->set('name', $xprofile->get('name'));
             Session::set('user', $suser);
             // Get the session object
             $table = \JTable::getInstance('session');
             $table->load(Session::getId());
             $table->username = $xprofile->get('username');
             $table->update();
         }
         Session::set('registration.incomplete', false);
         // Notify the user
         if ($updateEmail) {
             $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION');
             $eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'update'));
             $eview->option = $this->_option;
             $eview->controller = $this->_controller;
             $eview->sitename = Config::get('sitename');
             $eview->xprofile = $xprofile;
             $eview->baseURL = $this->baseURL;
             $message = $eview->loadTemplate();
             $message = str_replace("\n", "\r\n", $message);
             $msg = new \Hubzero\Mail\Message();
             $msg->setSubject($subject)->addTo($xprofile->get('email'))->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', $this->_option)->setBody($message);
             if (!$msg->send()) {
                 $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION'));
                 // @FIXME: LOG ERROR SOMEWHERE
             }
         }
         // Notify administration
         if (Request::getMethod() == 'POST') {
             $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_ACCOUNT_UPDATE');
             $eaview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'adminupdate'));
             $eaview->option = $this->_option;
             $eaview->controller = $this->_controller;
             $eaview->sitename = Config::get('sitename');
             $eaview->xprofile = $xprofile;
             $eaview->baseURL = $this->baseURL;
             $message = $eaview->loadTemplate();
             $message = str_replace("\n", "\r\n", $message);
             /*$msg = new \Hubzero\Mail\Message();
             		$msg->setSubject($subject)
             		    ->addTo($hubMonitorEmail)
             		    ->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')
             		    ->addHeader('X-Component', $this->_option)
             		    ->setBody($message)
             		    ->send();*/
             // @FIXME: LOG ACCOUNT UPDATE ACTIVITY SOMEWHERE
         }
         if (!$updateEmail) {
             $suri = Request::getVar('REQUEST_URI', '/', 'server');
             if ($suri == '/register/update' || $suri == '/members/update') {
                 App::redirect(Route::url('index.php?option=' . $this->_option . '&task=myaccount'));
             } else {
                 App::redirect($suri);
             }
             return;
         } else {
             // Instantiate a new view
             $this->view->title = Lang::txt('COM_MEMBERS_REGISTER_UPDATE');
             $this->view->sitename = Config::get('sitename');
             $this->view->xprofile = $xprofile;
             $this->view->self = true;
             $this->view->updateEmail = $updateEmail;
             if ($this->getError()) {
                 $this->view->setError($this->getError());
             }
             $this->view->display();
         }
         return true;
     }
     return $this->_show_registration_form($xregistration, 'update');
 }
 /**
  * Save changes to a profile
  * Outputs JSON when called via AJAX, redirects to profile otherwise
  *
  * @return     string JSON
  */
 public function saveTask()
 {
     // Check if they are logged in
     if (User::isGuest()) {
         return false;
     }
     Request::checkToken(array('get', 'post'));
     $no_html = Request::getVar("no_html", 0);
     // Incoming user ID
     $id = Request::getInt('id', 0, 'post');
     // Do we have an ID?
     if (!$id) {
         App::abort(404, Lang::txt('MEMBERS_NO_ID'));
         return;
     }
     // Incoming profile edits
     $p = Request::getVar('profile', array(), 'post', 'none', 2);
     $n = Request::getVar('name', array(), 'post');
     $a = Request::getVar('access', array(), 'post');
     // Load the profile
     $profile = \Hubzero\User\Profile::getInstance($id);
     $oldemail = $profile->get('email');
     if ($n) {
         $profile->set('givenName', trim($n['first']));
         $profile->set('middleName', trim($n['middle']));
         $profile->set('surname', trim($n['last']));
         $name = trim($n['first']) . ' ';
         $name .= trim($n['middle']) != '' ? trim($n['middle']) . ' ' : '';
         $name .= trim($n['last']);
         $profile->set('name', $name);
     }
     if (isset($p['bio'])) {
         $profile->set('bio', trim($p['bio']));
     }
     if (is_array($a) && count($a) > 0) {
         foreach ($a as $k => $v) {
             $v = intval($v);
             if (!in_array($v, array(0, 1, 2, 3, 4))) {
                 $v = 0;
             }
             $profile->setParam('access_' . $k, $v);
         }
     }
     if (isset($p['public'])) {
         $profile->set('public', $p['public']);
     }
     // Set some post data for the xregistration class
     $tags = trim(Request::getVar('tags', ''));
     if (isset($tags)) {
         Request::setVar('interests', $tags, 'post');
     }
     // Instantiate a new \Components\Members\Models\Registration
     $xregistration = new \Components\Members\Models\Registration();
     $xregistration->loadPOST();
     // Push the posted data to the profile
     // Note: this is done before the required fields check so, if we need to display the edit form, it'll show all the new changes
     if (!is_null($xregistration->_registration['email'])) {
         $profile->set('email', $xregistration->_registration['email']);
         // Unconfirm if the email address changed
         if ($oldemail != $xregistration->_registration['email']) {
             // Get a new confirmation code
             $confirm = \Components\Members\Helpers\Utility::genemailconfirm();
             $profile->set('emailConfirmed', $confirm);
         }
     }
     if (!is_null($xregistration->_registration['countryresident'])) {
         $profile->set('countryresident', $xregistration->_registration['countryresident']);
     }
     if (!is_null($xregistration->_registration['countryorigin'])) {
         $profile->set('countryorigin', $xregistration->_registration['countryorigin']);
     }
     if (!is_null($xregistration->_registration['nativetribe'])) {
         $profile->set('nativeTribe', $xregistration->_registration['nativetribe']);
     }
     if ($xregistration->_registration['org'] != '') {
         $profile->set('organization', $xregistration->_registration['org']);
     } elseif ($xregistration->_registration['orgtext'] != '') {
         $profile->set('organization', $xregistration->_registration['orgtext']);
     }
     if (!is_null($xregistration->_registration['web'])) {
         $profile->set('url', $xregistration->_registration['web']);
     }
     if (!is_null($xregistration->_registration['phone'])) {
         $profile->set('phone', $xregistration->_registration['phone']);
     }
     if (!is_null($xregistration->_registration['orgtype'])) {
         $profile->set('orgtype', $xregistration->_registration['orgtype']);
     }
     if (!is_null($xregistration->_registration['sex'])) {
         $profile->set('gender', $xregistration->_registration['sex']);
     }
     if (!is_null($xregistration->_registration['disability'])) {
         $profile->set('disability', $xregistration->_registration['disability']);
     }
     if (!is_null($xregistration->_registration['hispanic'])) {
         $profile->set('hispanic', $xregistration->_registration['hispanic']);
     }
     if (!is_null($xregistration->_registration['race'])) {
         $profile->set('race', $xregistration->_registration['race']);
     }
     if (!is_null($xregistration->_registration['mailPreferenceOption'])) {
         $profile->set('mailPreferenceOption', $xregistration->_registration['mailPreferenceOption']);
     }
     if (!is_null($xregistration->_registration['usageAgreement'])) {
         $profile->set('usageAgreement', $xregistration->_registration['usageAgreement']);
     }
     if (!is_null($xregistration->_registration['orcid'])) {
         $profile->set('orcid', $xregistration->_registration['orcid']);
     }
     $field_to_check = Request::getVar("field_to_check", array());
     // Check that required fields were filled in properly
     if (!$xregistration->check('edit', $profile->get('uidNumber'), $field_to_check)) {
         if (!$no_html) {
             $this->_task = 'edit';
             $this->editTask($xregistration, $profile);
             return;
         } else {
             echo json_encode($xregistration);
             exit;
         }
     }
     //are we declining the terms of use
     //if yes we want to set the usage agreement to 0 and profile to private
     $declineTOU = Request::getVar('declinetou', 0);
     if ($declineTOU) {
         $profile->set('public', 0);
         $profile->set('usageAgreement', 0);
     }
     // Set the last modified datetime
     $profile->set('modifiedDate', Date::toSql());
     // Save the changes
     if (!$profile->update()) {
         App::abort(500, $profile->getError());
         return false;
     }
     // Process tags
     if (isset($tags) && in_array('interests', $field_to_check)) {
         $mt = new \Components\Members\Models\Tags($id);
         $mt->setTags($tags, $id);
     }
     $email = $profile->get('email');
     $name = $profile->get('name');
     // Make sure certain changes make it back to the user table
     if ($id > 0) {
         $user = User::getInstance($id);
         $jname = $user->get('name');
         $jemail = $user->get('email');
         if ($name != trim($jname)) {
             $user->set('name', $name);
         }
         if ($email != trim($jemail)) {
             $user->set('email', $email);
         }
         if ($name != trim($jname) || $email != trim($jemail)) {
             if (!$user->save()) {
                 App::abort(500, Lang::txt($user->getError()));
                 return false;
             }
         }
         // Update session if name is changing
         if ($n && $user->get('name') != App::get('session')->get('user')->get('name')) {
             $suser = App::get('session')->get('user');
             $user->set('name', $suser->get('name'));
         }
         // Update session if email is changing
         if ($user->get('email') != App::get('session')->get('user')->get('email')) {
             $suser = App::get('session')->get('user');
             $user->set('email', $suser->get('email'));
             // add item to session to mark that the user changed emails
             // this way we can serve profile images for these users but not all
             // unconfirmed users
             $session = App::get('session');
             $session->set('userchangedemail', 1);
         }
     }
     // Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address
     if ($email != $oldemail) {
         $this->_message = $this->_sendConfirmationCode($profile->get('username'), $email, $confirm);
     }
     //if were declinging the terms we want to logout user and tell the javascript
     if ($declineTOU) {
         App::get('auth')->logout();
         echo json_encode(array('loggedout' => true));
         return;
     }
     if (!$no_html) {
         // Redirect
         App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : '')), $this->_message);
     } else {
         // Output JSON
         echo json_encode(array('success' => true));
     }
 }