function addGuestUserToSession()
{
$userManager = new UserManager();
$user = $userManager->getUserByEmail("guest");
if ($user == FALSE) {
die("utilities.addGuestUserToSession: Cannot access guest account");
}
$_SESSION['FFuser'] = serialize($user);
return $user;
}
/**
* Si l'user envoie le formulaire pour recevoir un code, la fonction vérifie si son email existe et envoie
* un mail contenant l'url contenant le code d'activation à cette adresse. La fonction ajoute aussi le code
* à la BDD
*/
function envoiCode()
{
if (isset($_POST['email']) && !empty($_POST['email'])) {
$ini = getConfigFile();
$email = $_POST['email'];
$um = new UserManager(connexionDb());
$userToSend = $um->getUserByEmail($email);
$inconnu = false;
if ($userToSend->getId() == NULL) {
$inconnu = true;
}
if ($inconnu) {
echo "<div class='alert alert-danger' role='alert'>Cet email n'est pas répertorié chez nous, désolé !</div>";
} else {
$code_aleatoire = genererCode();
$adresseAdmin = $ini['ADMINISTRATEUR']['mail'];
$to = $email;
$sujet = "Confirmation de la demande du mot de passe";
$entete = "From:" . $adresseAdmin . "\r\n";
$entete .= "Content-Type: text/html; charset=utf-8\r\n";
$message = "Nous confirmons que vous avez bien demandé un nouveau mot de passe : <br>\n\t\t\t\t\t\t\tVotre lien pour pouvoir le modifier est : <a href='http://www.everydayidea.be/Page/mdpOublie.page.php?code=" . $code_aleatoire . "'>www.everydayidea/mdpOublie.page.php?code=" . $code_aleatoire . "</a>";
mail($to, $sujet, $message, $entete);
echo "<div class='alert alert-success' role='alert'>Un mail vous a été envoyé avec un code d'activation pour le changement de votre mot de passe !</div>";
$am = new ActivationManager(connexionDb());
$ac = new Activation(array("code" => $code_aleatoire, "id_user" => $userToSend->getId(), "libelle" => "Récupération"));
/**
* Si le user possède déjà un code de récupération de mdp, je le delete pour lui en mettre un nouveau
*/
$actDelete = $am->getActivationByLibelleAndId('Récupération', $userToSend->getId());
if ($actDelete->getCode() == NULL) {
$am->deleteActivationByIdAndLibelle($actDelete->getIdUser(), 'Récupération');
}
$am->addActivation($ac);
}
}
}
public function service()
{
$userManager = new UserManager($this->config, $this->args);
if (isset($_REQUEST['login_type'])) {
$json_profile = $_REQUEST['json_profile'];
$social_user_id = $this->secure($_REQUEST['social_user_id']);
$first_name = $this->secure($_REQUEST['first_name']);
$last_name = $this->secure($_REQUEST['last_name']);
$custDto = $userManager->getUserByEmail($social_user_id);
if (!isset($custDto)) {
$userId = $userManager->createUser($social_user_id, uniqid(), $first_name, '', $last_name, $_REQUEST['login_type']);
$userManager->setActive($userId);
$userManager->setUserSocialProfile($userId, $json_profile);
$custDto = $userManager->getUserByEmail($social_user_id);
//bonus to inviter
$invitation_code = $this->secure($_COOKIE["invc"]);
$inviterId = $userManager->setSubUser($invitation_code, $userId);
if ($inviterId > 0) {
$invbonus = intval($this->getCmsVar("bonus_points_for_every_accepted_invitation"));
$userManager->addUserPoints($inviterId, $invbonus, "{$invbonus} bonus for invitation accept from user number: {$userId}");
}
}
$userType = UserGroups::$USER;
} else {
$email = strtolower($userManager->secure($_REQUEST["user_email"]));
$pass = $userManager->secure($_REQUEST["user_pass"]);
$custDto = $userManager->getCustomerByEmailAndPassword($email, $pass);
$userType = $userManager->getCustomerType($email, $pass);
if ($userType == UserGroups::$USER && $custDto->getActive() == 0) {
$jsonArr = array('status' => "err", "errText" => sprintf($this->getPhrase(380), $custDto->getEmail()));
echo json_encode($jsonArr);
return false;
}
}
if ($custDto) {
if ($userType !== UserGroups::$ADMIN && $custDto->getBlocked() == 1) {
$jsonArr = array('status' => "err", "errText" => $this->getPhraseSpan(411) . ' ' . $this->getCmsVar("pcstore_support_phone_number"));
echo json_encode($jsonArr);
return false;
}
$user = null;
if ($userType === UserGroups::$ADMIN) {
$user = new AdminUser($custDto->getId());
} else {
if ($userType === UserGroups::$USER) {
$user = new CustomerUser($custDto->getId());
$this->setcookie('ul', $custDto->getLanguageCode());
} else {
if ($userType === UserGroups::$COMPANY) {
$user = new CompanyUser($custDto->getId());
$companyManager = CompanyManager::getInstance($this->config, $this->args);
$companyManager->updateCompanyRating($custDto);
$this->setcookie('ul', $custDto->getLanguageCode());
} else {
if ($userType === UserGroups::$SERVICE_COMPANY) {
$user = new ServiceCompanyUser($custDto->getId());
$companyManager = ServiceCompanyManager::getInstance($this->config, $this->args);
$this->setcookie('ul', $custDto->getLanguageCode());
}
}
}
}
$user->setUniqueId($custDto->getHash());
$this->sessionManager->setUser($user, true, true);
$jsonArr = array('status' => "ok");
echo json_encode($jsonArr);
return true;
} else {
$jsonArr = array('status' => "err", "errText" => $this->getPhrase(412));
echo json_encode($jsonArr);
return false;
}
}
require_once '../lib/db.interface.php';
require_once '../lib/db.class.php';
require_once '../models/allModels.php';
require_once 'utilities.php';
?>
<?php
$ObservationMgr = new ObservationMgr();
$weather = new Weather();
$weather->RetrieveWeatherByCoordinates(40.73, -105.085);
if (isset($_SESSION['FFuser'])) {
$user = unserialize($_SESSION['FFuser']);
} else {
$userMgr = new UserManager();
$user = $userMgr->getUserByEmail("guest");
if (FALSE == $user) {
die("entryTracker: Cannot access guest account");
}
}
$username = $user->getName();
//need for display purposes
$action = isset($_GET["action"]) ? $_GET["action"] : '';
switch ($action) {
case 'add_item':
$item = new PlantObservation();
$arr = array();
$arr["id"] = isset($_GET["id"]) ? $_GET["id"] : '';
$arr["PlantName"] = isset($_GET["plantName"]) ? $_GET["plantName"] : 'entryTracker:undefined';
$arr["notes"] = isset($_GET["notes"]) ? $_GET["notes"] : 'entryTracker:unset';
$arr["observationDate"] = isset($_GET["observationDate"]) ? $_GET["observationDate"] : '';
<?php
require_once '../config.php';
require_once BUSINESS_DIR_USER . 'User.php';
require_once BUSINESS_DIR_USER . 'UserManager.php';
//$regex ="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})+$";
$userid = isset($_POST['userid']) ? $_POST['userid'] : "";
$useremail = isset($_POST['useremail']) ? $_POST['useremail'] : "";
//$useremail="*****@*****.**";
//$userid="lily";
if ($userid != "") {
$userManager = new UserManager();
$logged = $userManager->getUserByLoginId($userid);
if ($logged->getFirstName() == null) {
echo "<font color='green' size='2px'>User Name Available!</font>";
} else {
echo "<font color='red' size='2px'>User Name Not Available!</font>";
}
} else {
$userManager = new UserManager();
$logged = $userManager->getUserByEmail($useremail);
if ($logged->getFirstName() == "") {
echo "<font color='green' size='2px'></font>";
} else {
echo "<font color='red' size='2px'>Email Already registered! Please use the forget Password link<br> to retrieve your UserId/Password!</font>";
}
}
/**
* Fonction permettant de vérifier si le formulaire de modification de profil est correct et si il ne contient pas d'erreurs.
* @param User $user : l'utilisateur qui a fait la demande de changement de profil.
* @return array : un tableau contenant tous les messages d'erreur liés au formulaire de changement de profil ou un booleen
* si le formulaire est correct.
*/
function isValidForm(User $user)
{
$config = getConfigFile()['CONSTANTE'];
$UserName = $_POST['userName'];
$Email = $_POST['email'];
$Mdp = $_POST['Mdp'];
$MdpBis = $_POST['MdpBis'];
$tel = $_POST['Tel'];
$MdpActuel = $_POST['MdpActuel'];
if ($Mdp == '') {
$Mdp = NULL;
$MdpBis = NULL;
}
$userTest = new User(array("UserName" => $UserName, "email" => $Email, "Mdp" => $Mdp, "tel" => $tel));
$tab = array("RETURN" => false, "ERROR" => array());
$nameValable = false;
$emailValable = false;
$mdpValable = false;
$nameExistant = false;
$mailExistant = false;
$goodMdp = false;
$boolean_name = false;
$boolean_mdp = false;
$mdpIdentique = false;
$noMdp = false;
$um = new UserManager(connexionDb());
$nameVerif = $um->getUserByUserName($userTest->getUserName());
if ($nameVerif->getUserName() != NULL && $user->getUserName() != $UserName) {
$nameExistant = true;
$tab['ERROR']['Name'] = "Nom déjà existant ";
}
if (champsEmailValable($Email)) {
$emailValable = true;
} else {
$tab['ERROR']['EmailValable'] = "Votre email contient des caractères indésirables";
}
if (champsEmailValable($UserName)) {
$nameValable = true;
} else {
$tab['ERROR']['NameValable'] = "Votre nom d'utilisateur contient des caractères indésirables";
}
$mailVerif = $um->getUserByEmail($userTest->getEmail());
if ($mailVerif->getUserName() != NULL && $user->getEmail() != $Email) {
$mailExistant = true;
$tab['ERROR']['Email'] = "Email déjà existant";
}
if ($user->getMdp() == hash("sha256", $MdpActuel . $user->getSalt())) {
$goodMdp = true;
} else {
$tab['ERROR']['MdpActuel'] = "Mauvais mot de passe actuel ! Annulation de la modification";
}
if (isset($UserName) and strlen($UserName) >= $config['size_user_name']) {
$boolean_name = true;
} else {
$tab['ERROR']['UserName'] = "******" . $config['size_user_name'] . ")";
}
if (isset($Mdp) and isset($MdpBis) and $Mdp == $MdpBis and $Mdp != NULL) {
if (strlen($Mdp) >= $config['size_user_mdp']) {
$boolean_mdp = true;
} else {
$tab['ERROR']['Mdp'] = "Mots de passe trop court (min: " . $config['size_user_mdp'] . ")";
}
if (champsMdpValable($Mdp)) {
$mdpValable = true;
} else {
$tab['ERROR']['mdpValable'] = "Votre mot de passe contient des caractères indésirables";
}
} else {
$noMdp = true;
}
if (isset($Mdp) and isset($MdpBis) and $Mdp != $MdpBis) {
$tab['ERROR']['Mdp'] = "Le mot de passe et le mot de passe de vérification sont différents";
} else {
$mdpIdentique = true;
}
$tab['RETURN'] = ($boolean_mdp && $mdpValable || $noMdp and $boolean_name and !$nameExistant and !$mailExistant and $goodMdp && $mdpIdentique && $nameValable && $emailValable);
if ($tab['RETURN']) {
if (isset($UserName) and $userTest->getUserName() != $user->getUserName()) {
$user->setUserName($UserName);
}
if (isset($Email) and $userTest->getEmail() != $user->getEmail()) {
$user->setEmail($Email);
}
if (isset($Mdp) and strlen($Mdp) > 4 and hash("sha256", $userTest->getMdp() . $userTest->getSalt()) != $user->getMdp()) {
$user->setMdp($Mdp);
$user->setHashMdp();
}
if (isset($tel) and $tel != $user->getTel()) {
$user->setTel($tel);
}
$um->updateUserProfil($user);
$userToReconnect = $um->getUserById($user->getId());
setSessionUser($userToReconnect);
}
return $tab;
}
