public function create()
{
$this->template->content = new View('users/create');
$form = new Validation($_POST);
$form->pre_filter('trim', true);
$form->add_rules('username', 'required')->add_rules('password', 'required')->add_rules('email', 'required', 'valid::email');
$this->template->content->repopulate = $form;
if ($form->validate()) {
// Create new user
$user = new User_Model();
if (!$user->username_exists($this->input->post('username'))) {
foreach ($form->as_array() as $key => $val) {
// Set user data
$user->{$key} = $val;
}
if ($user->validate($form->as_array())) {
if ($user->add(ORM::factory('role', 'login')) and $user->save()) {
// Redirect to the login page
url::redirect('login');
}
}
}
}
// Error
$this->template->content->error = $form->errors('login');
}
public function setup()
{
$user = new User_Model();
$user->email = '*****@*****.**';
$user->username = '******';
$user->password = '******';
$user->roles = array(new Role_Model(1));
$user->save();
}
/**
* Complete the login for a user by incrementing the logins and setting
* session data: user_id, username, roles
*
* @param User_Model $user
* @return boolean
*/
protected function complete_login(User_Model $user)
{
$user->logins += 1;
$user->old_login = $user->last_login;
$user->last_login = time();
$user->ip = Input::instance()->ip_address();
$user->hostname = Input::instance()->host_name();
$user->save();
// Regenerate session_id
$this->session->regenerate();
// Store user in session
$_SESSION[$this->config['session_key']] = $user;
return true;
}
public function save()
{
if ($this->form->validate() and $data = $this->form->as_array()) {
if (empty($data['password'])) {
// Remove the empty password so it's not reset
unset($data['password'], $data['confirm']);
}
// Need to set this before saving
$new_user = $this->object->id == 0;
// Remove the roles from data
isset($data['roles']) and $roles = arr::remove('roles', $data);
foreach ($data as $field => $val) {
// Set object data from the form
$this->{$field} = $val;
}
if ($status = parent::save()) {
// if ($new_user)
// {
// foreach ($roles as $role)
// {
// // Add the user roles
// $this->add_role($role);
// }
// }
// else
// {
// foreach (array_diff($this->roles, $roles) as $role)
// {
// // Remove roles that were deactivated
// $this->remove_role($role);
// }
//
// foreach (array_diff($roles, $this->roles) as $role)
// {
// // Add new roles
// $this->add_role($role);
// }
// }
}
// Return the save status
return $status;
}
return FALSE;
}
/**
* Complete the login for a user by incrementing the logins and setting
* session data: user_id, username, roles
*
* @param object user model object
* @return void
*/
protected function complete_login(User_Model $user)
{
// Update the number of logins
$user->logins += 1;
// Set the last login date
$user->last_login = time();
// Save the user
$user->save();
return parent::complete_login($user);
}
/**
* User profile
*/
public function _view()
{
$this->tab_id = 'profile';
$owner = $this->user && $this->member->id == $this->user->id;
if ($owner && $this->user->newcomments) {
$this->user->newcomments = 0;
$this->user->save();
}
// Actions
if ($this->member->has_access(User_Model::ACCESS_EDIT)) {
$this->page_actions[] = array('link' => url::user($this->member) . '/edit', 'text' => __('Settings'), 'class' => 'settings');
}
// Picture
widget::add('side', View_Mod::factory('member/member', array('mod_class' => 'member member-' . $this->member->id, 'user' => $this->member)));
// Comments
if ($this->member->has_access(User_Model::ACCESS_COMMENT)) {
$comment = new User_Comment_Model();
$form_values = $comment->as_array();
$form_errors = array();
// check post
if (csrf::valid() && ($post = $this->input->post())) {
$comment->user_id = $this->member->id;
$comment->author_id = $this->user->id;
$comment->comment = $post['comment'];
if (isset($post['private'])) {
$comment->private = 1;
}
try {
$comment->save();
if (!$owner) {
$this->member->newcomments += 1;
$this->member->save();
}
$this->user->commentsleft += 1;
$this->user->save();
if (!request::is_ajax()) {
url::redirect(url::current());
}
} catch (ORM_Validation_Exception $e) {
$form_errors = $e->validation->errors();
$form_values = arr::overwrite($form_values, $post);
}
}
// Handle pagination
$per_page = 25;
$page_num = $this->uri->segment('page') ? $this->uri->segment('page') : 1;
$page_offset = ($page_num - 1) * $per_page;
$total_comments = $this->member->get_comment_count();
$comments = $this->member->find_comments($page_num, $per_page, $this->user);
$pagination = new Pagination(array('items_per_page' => $per_page, 'total_items' => $total_comments));
$view = View::factory('generic/comments', array('delete' => '/member/comment/%d/delete/?token=' . csrf::token(), 'private' => '/member/comment/%d/private/?token=' . csrf::token(), 'comments' => $comments, 'errors' => $form_errors, 'values' => $form_values, 'pagination' => $pagination, 'user' => $this->user));
if (request::is_ajax()) {
echo $view;
return;
}
widget::add('main', $view);
}
// Basic info
$basic_info = array();
if (!empty($this->member->name)) {
$basic_info[__('Name')] = html::specialchars($this->member->name);
}
if (!empty($this->member->city_name)) {
$basic_info[__('City')] = html::specialchars($this->member->city_name);
}
if (!empty($this->member->dob) && $this->member->dob != '0000-00-00') {
$basic_info[__('Date of Birth')] = __(':dob (:years years)', array(':dob' => date::format('DMYYYY', $this->member->dob), ':years' => date::timespan(strtotime($this->member->dob), null, 'years')));
}
if (!empty($this->member->gender)) {
$basic_info[__('Gender')] = $this->member->gender == 'm' ? __('Male') : __('Female');
}
if (!empty($this->member->latitude) && !empty($this->member->longitude)) {
$basic_info[__('Location')] = $this->member->latitude . ', ' . $this->member->longitude;
$basic_info[__('Location')] = html::anchor('#map', __('Toggle map'), array('class' => 'expander', 'title' => __('Show/hide'))) . '<div id="map" style="display: none">' . __('Map loading') . '</div>';
$map = new Gmap('map', array('ScrollWheelZoom' => true));
$map->center($this->member->latitude, $this->member->longitude, 15)->controls('small')->types();
$map->add_marker($this->member->latitude, $this->member->longitude, html::avatar($this->member->avatar, $this->member->username) . html::user($this->member));
widget::add('foot', html::script_source($map->render('gmaps/jquery_event')));
widget::add('foot', html::script_source("\$('a[href*=\"#map\"]:first').click(function() { \$('#map').toggle('normal', gmap_open); return false; });"));
}
// Site info
$site_info = array(__('Registered') => date::format('DMYYYY_HM', $this->member->created) . ' [#' . $this->member->id . ']', __('Logins') => __(':logins (:ago ago)', array(':logins' => number_format($this->member->logins, 0), ':ago' => '<abbr title="' . date::format('DMYYYY_HM', $this->member->last_login) . '">' . date::timespan_short($this->member->last_login) . '</abbr>')), __('Posts') => number_format($this->member->posts, 0), __('Comments') => number_format($this->member->commentsleft, 0));
// Initialize tabs
$tabs = array('basic-info' => array('href' => '#basic-info', 'title' => __('Basic info'), 'tab' => new View('generic/list_info', array('id' => 'basic-info', 'title' => __('Basic info'), 'list' => $basic_info))), 'site-info' => array('href' => '#site-info', 'title' => __('Site info'), 'tab' => new View('generic/list_info', array('id' => 'site-info', 'title' => __('Site info'), 'list' => $site_info))));
widget::add('side', View::factory('generic/tabs', array('id' => 'info-tab', 'tabs' => $tabs)));
$this->_side_views();
}
/**
* Complete the login for a user by incrementing the logins and setting
* session data: user_id, username, roles
*
* @param object user model object
* @return void
*/
protected function complete_login(User_Model $user)
{
// Update the number of logins
$user->logins += 1;
// Set the last login date
$user->last_login = time();
// Save the user
$user->save();
// Regenerate session_id
$this->session->regenerate();
// Store session data
$_SESSION['auth_user'] = $user;
}
/**
* Edit a user
*/
public function edit($params)
{
$this->setView('edit.php');
$is_logged = isset(User_Model::$auth_data);
$is_admin = $is_logged && User_Model::$auth_data['admin'] == '1';
// Authorization
if (!$is_admin) {
throw new ActionException('Page', 'error404');
}
try {
$student = $this->model->getInfo($params['username']);
} catch (Exception $e) {
throw new ActionException('Page', 'error404');
}
$this->setTitle(__('STUDENT_EDIT_TITLE', array('username' => $student['username'])));
// Birthday
$student['birthday'] = date(__('USER_EDIT_FORM_BIRTHDAY_FORMAT'), strtotime($student['birthday']));
// Saving data
if (isset($_POST['mail']) && isset($_POST['msn']) && isset($_POST['jabber']) && isset($_POST['address']) && isset($_POST['zipcode']) && isset($_POST['city']) && isset($_POST['cellphone']) && isset($_POST['phone']) && isset($_POST['birthday']) && isset($_POST['firstname']) && isset($_POST['lastname']) && isset($_POST['student_number']) && isset($_POST['promo'])) {
$uploaded_files = array();
try {
// Other info
$user_data = array('mail' => $_POST['mail'], 'msn' => $_POST['msn'], 'jabber' => $_POST['jabber'], 'address' => $_POST['address'], 'zipcode' => $_POST['zipcode'], 'city' => $_POST['city'], 'cellphone' => $_POST['cellphone'], 'phone' => $_POST['phone'], 'birthday' => $_POST['birthday']);
$student_data = array('firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'student_number' => $_POST['student_number'], 'promo' => $_POST['promo'], 'cesure' => isset($_POST['cesure']));
// Avatar
if (isset($_FILES['avatar']) && !is_array($_FILES['avatar']['name'])) {
if ($_FILES['avatar']['size'] > Config::UPLOAD_MAX_SIZE_PHOTO) {
throw new FormException('avatar');
}
if ($avatarpath = File::upload('avatar')) {
$uploaded_files[] = $avatarpath;
try {
$img = new Image();
$img->load($avatarpath);
$type = $img->getType();
if ($type == IMAGETYPE_JPEG) {
$ext = 'jpg';
} else {
if ($type == IMAGETYPE_GIF) {
$ext = 'gif';
} else {
if ($type == IMAGETYPE_PNG) {
$ext = 'png';
} else {
throw new Exception();
}
}
}
if ($img->getWidth() > 800) {
$img->setWidth(800, true);
}
$img->setType(IMAGETYPE_JPEG);
$img->save($avatarpath);
// Thumb
$avatarthumbpath = $avatarpath . '.thumb';
$img->thumb(Config::$AVATARS_THUMBS_SIZES[0], Config::$AVATARS_THUMBS_SIZES[1]);
$img->setType(IMAGETYPE_JPEG);
$img->save($avatarthumbpath);
unset($img);
$uploaded_files[] = $avatarthumbpath;
$student_data['avatar_path'] = $avatarthumbpath;
$student_data['avatar_big_path'] = $avatarpath;
} catch (Exception $e) {
throw new FormException('avatar');
}
}
}
$user_model = new User_Model();
$user_model->save((int) $student['id'], $user_data);
$this->model->save($student['username'], $student_data);
Routes::redirect('student', array('username' => $params['username']));
} catch (FormException $e) {
foreach ($uploaded_files as $uploaded_file) {
File::delete($uploaded_file);
}
foreach ($student_data as $key => $value) {
$student[$key] = $value;
}
foreach ($user_data as $key => $value) {
$student[$key] = $value;
}
$this->set('form_error', $e->getError());
}
}
$this->set('student', $student);
$this->addJSCode('User.initEdit();');
}
public function save()
{
$user = new User_Model($_POST['id']);
if (!$user->loaded) {
$this->template->title = 'New Password Invocation Error';
$this->template->content = new View('login/login_message');
$this->template->content->message = 'Invalid user id.';
return;
}
$username = $user->username;
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email_key = $_POST['email_key'];
$person = ORM::factory('person', $user->person_id);
if ($email_key != '') {
/* if the email_key field is filled in, then being called from a forgotten password email */
if ($user->forgotten_password_key != $email_key) {
$this->template->title = 'New Password Invocation Error';
$this->template->content = new View('login/login_message');
$this->template->content->message = 'The forgotten password identification string embedded in this link is invalid for this user. This may be because there has been a valid login for this user between the point where the Set Password page was brought up and when the Submit button was pressed.';
return;
}
} else {
if (!empty($_SESSION['auth_user']) and is_object($_SESSION['auth_user']) and $_SESSION['auth_user'] instanceof User_Model and $_SESSION['auth_user']->loaded) {
if ($user->id != $_SESSION['auth_user']->id) {
$this->template->title = 'New Password Invocation Error';
$this->template->content = new View('login/login_message');
$this->template->content->message = 'Inconsistent user id: POST vs logged in user.';
return;
}
} else {
$this->template->title = 'New Password Invocation Error';
$this->template->content = new View('login/login_message');
$this->template->content->message = 'Attempt to set password when not logged in.';
return;
}
}
$user_validation = new Validation($_POST);
$person_validation = new Validation($_POST);
// override the user_id for person in submission
$person_validation['id'] = $user->person_id;
// Can't just and following together as I want both functions to run
$userstatus = $user->password_validate($user_validation, false);
$personstatus = $person->email_validate($person_validation, false);
if ($userstatus and $personstatus) {
$user->save();
$person->save();
// we need different paths for core users and web site users
if (is_null($user->core_role_id)) {
// just return a success confirmation, can't log them in as not a core user
$this->template->title = 'Password reset successfully';
$this->template->content = new View('login/login_message');
$this->template->content->message = 'Your indicia password has been reset and you can now use the new password to <a href="' . url::site() . '/login">log in</a>.<br />';
} else {
// with the password updated, login and jump to the home page
$this->auth->login($user->id, $password);
url::redirect(arr::remove('requested_page', $_SESSION));
}
} else {
// errors are now embedded in the model
$view = new View('login/new_password');
$user->load_values(array('username' => $username));
// repopulate for error condition after validate has removed it (is a disabled field so not present in POST)
// have to reset passord as it gets encrypted
$view->password = $password;
$view->password2 = $password2;
$view->email_key = $email_key;
$view->user_model = $user;
$view->person_model = $person;
$this->template->title = 'Enter New Password';
$this->template->content = $view;
}
}
public function login_by_email()
{
$login_config = Kohana::config('login');
if ($this->auth->logged_in()) {
$this->template->title = 'Already Logged In';
$this->template->content = new View('login/login_message');
$this->template->content->message = 'You are already logged in.';
$this->template->content->link_to_home = 'YES';
$this->template->content->link_to_logout = 'YES';
return;
}
$this->build_template('login_by_email');
if ($login_config['login_by_email'] != 'YES') {
$this->template->content->link_to_username = '******';
}
if (request::method() == 'post') {
# this is name complete as needs to convert from email address to username
# or to extend auth model
$person = ORM::factory('person')->like('email_address', $_POST['Email'], false)->find();
if ($this->auth->login(array('person_id' => $person->id), $_POST['Password'], isset($_POST['remember_me']))) {
$user = new User_Model($_SESSION['auth_user']->id);
$user->__set('forgotten_password_key', NULL);
$user->save();
url::redirect(arr::remove('requested_page', $_SESSION));
return;
}
$this->template->content->error_message = 'Invalid Email address/Password Combination, or insufficient privileges';
}
}
/**
* Register with code
*
* @param Invitation_Model $invitation
*/
public function _join(Invitation_Model $invitation)
{
$this->history = false;
$user = new User_Model();
$form_values = $user->as_array();
$form_errors = array();
// handle post
if (request::method() == 'post') {
$post = $this->input->post();
$post['email'] = $invitation->email;
$post['username_clean'] = utf8::clean($post['username']);
if ($user->validate($post, false, null, null, array('rules' => 'register', 'callbacks' => 'register'))) {
$invitation->delete();
$user->add(ORM::factory('role', 'login'));
$user->save();
$this->visitor->login($user, $post->password);
url::back();
} else {
$form_errors = $post->errors();
$form_values = arr::overwrite($form_values, $post->as_array());
}
}
widget::add('main', View::factory('member/signup', array('values' => $form_values, 'errors' => $form_errors, 'invitation' => $invitation)));
}
