public function run()
{
if (!$this->getPackageContentsDir()) {
$this->redirectToAction('install/finish');
}
$form = $this->getForm('ftp');
$is_submitted = $this->request->has('submit');
$account = cmsUser::isSessionSet('ftp_account') ? cmsUser::sessionGet('ftp_account') : array();
if ($is_submitted) {
$account = array_merge($account, $form->parse($this->request, $is_submitted, $account));
cmsUser::sessionSet('ftp_account', $account);
$errors = $form->validate($this, $account);
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
if (!$errors) {
$account['host'] = trim(str_replace('ftp://', '', $account['host']), '/');
if ($account['path'] != '/') {
$account['path'] = '/' . trim($account['path'], '/') . '/';
}
$this->uploadPackageToFTP($account);
}
}
return cmsTemplate::getInstance()->render('install_ftp', array('account' => $account, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run($pass_token)
{
if (!$pass_token) {
cmsCore::error404();
}
if (cmsUser::isLogged()) {
$this->redirectToHome();
}
$users_model = cmsCore::getModel('users');
$user = $users_model->getUserByPassToken($pass_token);
if (!$user) {
cmsCore::error404();
}
$users_model->unlockUser($user['id']);
$users_model->clearUserPassToken($user['id']);
cmsEventsManager::hook('user_registered', $user);
cmsUser::addSessionMessage($this->options['reg_auto_auth'] ? LANG_REG_SUCCESS_VERIFIED_AND_AUTH : LANG_REG_SUCCESS_VERIFIED, 'success');
// авторизуем пользователя автоматически
if ($this->options['reg_auto_auth']) {
$user = cmsEventsManager::hook('user_login', $user);
cmsUser::sessionSet('user', array('id' => $user['id'], 'groups' => $user['groups'], 'time_zone' => $user['time_zone'], 'perms' => cmsUser::getPermissions($user['groups']), 'is_admin' => $user['is_admin']));
$update_data = array('ip' => cmsUser::getIp());
$this->model->update('{users}', $user['id'], $update_data, true);
cmsEventsManager::hook('auth_login', $user['id']);
}
$this->redirect($this->getAuthRedirectUrl($this->options['first_auth_redirect']));
}
public function run()
{
if (!$this->getPackageContentsDir()) {
$this->redirectToAction('install/finish');
}
$form = $this->getForm('ftp');
$account = cmsUser::isSessionSet('ftp_account') ? cmsUser::sessionGet('ftp_account') : array();
if ($this->request->has('submit')) {
$account = array_merge($account, $form->parse($this->request, true, $account));
if ($account['save_to_session']) {
cmsUser::sessionSet('ftp_account', $account);
} else {
cmsUser::sessionSet('ftp_account', array('host' => $account['host'], 'path' => $account['path'], 'is_pasv' => $account['is_pasv']));
}
$errors = $form->validate($this, $account);
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
if (!$errors) {
$account['host'] = trim(str_replace('ftp://', '', $account['host']), '/');
if ($account['path'] != '/') {
$account['path'] = '/' . trim($account['path'], '/') . '/';
}
$this->uploadPackageToFTP($account);
}
}
return $this->cms_template->render('install_ftp', array('manifest' => $this->parsePackageManifest(), 'account' => $account, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function run()
{
if (cmsUser::isLogged()) {
$this->redirectToHome();
}
$email = $this->request->get('login_email');
$password = $this->request->get('login_password');
$remember = (bool) $this->request->get('remember');
$back_url = $this->request->has('back') ? $this->request->get('back') : false;
$is_site_offline = !cmsConfig::get('is_site_on');
if ($this->request->has('submit')) {
$is_captcha_valid = true;
if (cmsUser::sessionGet('is_auth_captcha') && $this->options['auth_captcha']) {
$is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request);
}
if ($is_captcha_valid) {
cmsUser::sessionUnset('is_auth_captcha');
$logged_id = cmsUser::login($email, $password, $remember);
if ($logged_id) {
if ($is_site_offline) {
$userSession = cmsUser::sessionGet('user');
if (!$userSession['is_admin']) {
cmsUser::addSessionMessage(LANG_LOGIN_ADMIN_ONLY, 'error');
cmsUser::logout();
$this->redirectBack();
}
}
cmsEventsManager::hook('auth_login', $logged_id);
$is_back = $this->request->get('is_back');
if ($is_back) {
$this->redirectBack();
}
if ($back_url) {
$this->redirect($back_url);
} else {
$this->redirectToHome();
}
}
}
if ($this->options['auth_captcha'] && !$is_site_offline) {
cmsUser::sessionSet('is_auth_captcha', true);
}
if ($is_captcha_valid) {
cmsUser::addSessionMessage(LANG_LOGIN_ERROR, 'error');
if ($is_site_offline) {
$this->redirectBack();
}
} else {
cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error');
}
}
if ($back_url) {
cmsUser::addSessionMessage(LANG_LOGIN_REQUIRED, 'error');
}
if (cmsUser::sessionGet('is_auth_captcha')) {
$captcha_html = cmsEventsManager::hook('captcha_html');
}
return cmsTemplate::getInstance()->render('login', array('back_url' => $back_url, 'captcha_html' => isset($captcha_html) ? $captcha_html : false));
}
public function run()
{
if (cmsUser::isLogged()) {
$this->redirectToHome();
}
$email = $this->request->get('login_email', '');
$password = $this->request->get('login_password', '');
$remember = (bool) $this->request->get('remember');
$back_url = $this->request->get('back', '');
$is_site_offline = !cmsConfig::get('is_site_on');
$is_submit = $this->request->has('submit');
if ($is_submit) {
$is_captcha_valid = true;
if (cmsUser::sessionGet('is_auth_captcha') && $this->options['auth_captcha']) {
$is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request);
}
if ($is_captcha_valid) {
cmsUser::sessionUnset('is_auth_captcha');
$logged_id = cmsUser::login($email, $password, $remember);
if ($logged_id) {
if ($is_site_offline) {
$userSession = cmsUser::sessionGet('user');
if (!$userSession['is_admin']) {
cmsUser::addSessionMessage(LANG_LOGIN_ADMIN_ONLY, 'error');
cmsUser::logout();
$this->redirectBack();
}
}
cmsEventsManager::hook('auth_login', $logged_id);
$auth_redirect = $this->options['auth_redirect'];
$is_first_auth = cmsUser::getUPS('first_auth', $logged_id);
if ($is_first_auth) {
$auth_redirect = $this->options['first_auth_redirect'];
cmsUser::deleteUPS('first_auth', $logged_id);
}
if ($back_url) {
$this->redirect($back_url);
} else {
$this->redirect($this->getAuthRedirectUrl($auth_redirect));
}
}
}
if ($this->options['auth_captcha'] && !$is_site_offline) {
cmsUser::sessionSet('is_auth_captcha', true);
}
if ($is_captcha_valid) {
cmsUser::addSessionMessage(LANG_LOGIN_ERROR, 'error');
if ($is_site_offline) {
$this->redirectBack();
}
} else {
cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error');
}
if ($this->options['auth_redirect'] == 'none' || !empty($is_first_auth) && $this->options['first_auth_redirect'] == 'none') {
if (!$back_url) {
$back_url = $this->getBackURL();
}
}
}
if ($back_url && !$is_submit) {
cmsUser::addSessionMessage(LANG_LOGIN_REQUIRED, 'error');
}
if (cmsUser::sessionGet('is_auth_captcha')) {
$captcha_html = cmsEventsManager::hook('captcha_html');
}
return $this->cms_template->render('login', array('back_url' => $back_url, 'captcha_html' => isset($captcha_html) ? $captcha_html : false));
}
public function run()
{
if (cmsUser::isLogged() && !cmsUser::isAdmin()) {
$this->redirectToHome();
}
$users_model = cmsCore::getModel('users');
$form = $this->getForm('registration');
//
// Добавляем поле для кода приглашения,
// если регистрация доступна только по приглашениям
//
if ($this->options['is_reg_invites']) {
$fieldset_id = $form->addFieldsetToBeginning(LANG_REG_INVITED_ONLY);
$form->addField($fieldset_id, new fieldString('inv', array('title' => LANG_REG_INVITE_CODE, 'rules' => array(array('required'), array('min_length', 10), array('max_length', 10)))));
}
//
// Добавляем поле выбора группы,
// при наличии публичных групп
//
$public_groups = $users_model->getPublicGroups();
if ($public_groups) {
$pb_items = array();
foreach ($public_groups as $pb) {
$pb_items[$pb['id']] = $pb['title'];
}
$form->addFieldToBeginning('basic', new fieldList('group_id', array('title' => LANG_USER_GROUP, 'items' => $pb_items)));
}
//
// Добавляем в форму обязательные поля профилей
//
$content_model = cmsCore::getModel('content');
$content_model->setTablePrefix('');
$content_model->orderBy('ordering');
$fields = $content_model->getRequiredContentFields('{users}');
// Разбиваем поля по группам
$fieldsets = cmsForm::mapFieldsToFieldsets($fields);
// Добавляем поля в форму
foreach ($fieldsets as $fieldset) {
$fieldset_id = $form->addFieldset($fieldset['title']);
foreach ($fieldset['fields'] as $field) {
if ($field['name'] == 'nickname') {
$form->addFieldToBeginning('basic', $field['handler']);
}
if ($field['is_system']) {
continue;
}
$form->addField($fieldset_id, $field['handler']);
}
}
$user = array();
if ($this->request->hasInQuery('inv')) {
$user['inv'] = $this->request->get('inv', '');
}
if ($this->request->has('submit')) {
if (!$this->options['is_reg_enabled']) {
cmsCore::error404();
}
$is_captcha_valid = true;
//
// Парсим и валидируем форму
//
$user = $form->parse($this->request, true);
$user['groups'] = array();
if (!empty($this->options['def_groups'])) {
$user['groups'] = $this->options['def_groups'];
}
if (isset($user['group_id'])) {
if (!in_array($user['group_id'], $user['groups'])) {
$user['groups'][] = $user['group_id'];
}
}
//
// убираем поля которые не относятся к выбранной пользователем группе
//
foreach ($fieldsets as $fieldset) {
foreach ($fieldset['fields'] as $field) {
if (!$field['groups_edit']) {
continue;
}
if (in_array(0, $field['groups_edit'])) {
continue;
}
if (!in_array($user['group_id'], $field['groups_edit'])) {
$form->disableField($field['name']);
unset($user[$field['name']]);
}
}
}
$errors = $form->validate($this, $user);
if (!$errors) {
//
// проверяем код приглашения
//
if ($this->options['is_reg_invites']) {
$invite = $this->model->getInviteByCode($user['inv']);
if (!$invite) {
$errors['inv'] = LANG_REG_WRONG_INVITE_CODE;
} else {
if ($this->options['is_invites_strict'] && $invite['email'] != $user['email']) {
$errors['inv'] = LANG_REG_WRONG_INVITE_CODE_EMAIL;
} else {
$user['inviter_id'] = $invite['user_id'];
}
}
}
//
// проверяем допустимость e-mail, имени и IP
//
if (!$this->isEmailAllowed($user['email'])) {
$errors['email'] = sprintf(LANG_AUTH_RESTRICTED_EMAIL, $user['email']);
}
if (!$this->isNameAllowed($user['nickname'])) {
$errors['nickname'] = sprintf(LANG_AUTH_RESTRICTED_NAME, $user['nickname']);
}
if (!$this->isIPAllowed(cmsUser::get('ip'))) {
cmsUser::addSessionMessage(sprintf(LANG_AUTH_RESTRICTED_IP, cmsUser::get('ip')), 'error');
$errors = true;
}
}
//
// Проверяем капчу
//
if (!$errors && $this->options['reg_captcha']) {
$is_captcha_valid = cmsEventsManager::hook('captcha_validate', $this->request);
if (!$is_captcha_valid) {
$errors = true;
cmsUser::addSessionMessage(LANG_CAPTCHA_ERROR, 'error');
}
}
if (!$errors) {
unset($user['inv']);
//
// Блокируем пользователя, если включена верификация e-mail
//
if ($this->options['verify_email']) {
$user = array_merge($user, array('is_locked' => true, 'lock_reason' => LANG_REG_CFG_VERIFY_LOCK_REASON, 'pass_token' => string_random(32, $user['email']), 'date_token' => ''));
}
$result = $users_model->addUser($user);
if ($result['success']) {
$user['id'] = $result['id'];
cmsUser::addSessionMessage(LANG_REG_SUCCESS, 'success');
cmsUser::setUPS('first_auth', 1, $user['id']);
// отправляем письмо верификации e-mail
if ($this->options['verify_email']) {
$this->options['verify_exp'] = empty($this->options['verify_exp']) ? 48 : $this->options['verify_exp'];
$messenger = cmsCore::getController('messages');
$to = array('email' => $user['email'], 'name' => $user['nickname']);
$letter = array('name' => 'reg_verify');
$messenger->sendEmail($to, $letter, array('nickname' => $user['nickname'], 'page_url' => href_to_abs('auth', 'verify', $user['pass_token']), 'pass_token' => $user['pass_token'], 'valid_until' => html_date(date('d.m.Y H:i', time() + $this->options['verify_exp'] * 3600), true)));
cmsUser::addSessionMessage(sprintf(LANG_REG_SUCCESS_NEED_VERIFY, $user['email']), 'info');
} else {
cmsEventsManager::hook('user_registered', $user);
// авторизуем пользователя автоматически
if ($this->options['reg_auto_auth']) {
$logged_id = cmsUser::login($user['email'], $user['password1']);
if ($logged_id) {
cmsEventsManager::hook('auth_login', $logged_id);
}
}
}
$back_url = cmsUser::sessionGet('auth_back_url') ? cmsUser::sessionGet('auth_back_url', true) : false;
if ($back_url) {
$this->redirect($back_url);
} else {
$this->redirect($this->getAuthRedirectUrl($this->options['first_auth_redirect']));
}
} else {
$errors = $result['errors'];
}
}
if ($errors && $is_captcha_valid) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
// Капча
if ($this->options['reg_captcha']) {
$captcha_html = cmsEventsManager::hook('captcha_html');
}
// запоминаем откуда пришли на регистрацию
if (empty($errors) && $this->options['first_auth_redirect'] == 'none') {
cmsUser::sessionSet('auth_back_url', $this->getBackURL());
}
return $this->cms_template->render('registration', array('user' => $user, 'form' => $form, 'captcha_html' => isset($captcha_html) ? $captcha_html : false, 'errors' => isset($errors) ? $errors : false));
}
/**
* Создает, сохраняет в сессии и возвращает CSRF-token
* @return string
*/
public static function generateCSRFToken()
{
$hash = implode('::', array(session_id(), rand(0, 9999), microtime(true)));
$token = md5($hash);
cmsUser::sessionSet('csrf_token', $token);
return $token;
}
public function run($profile, $do = false)
{
if (!cmsUser::isLogged()) {
cmsCore::error404();
}
$user = cmsUser::getInstance();
// если нужно, передаем управление другому экшену
if ($do) {
$this->runAction('profile_edit_' . $do, array($profile) + array_slice($this->params, 2));
return;
}
// проверяем наличие доступа
if ($profile['id'] != $user->id && !$user->is_admin) {
cmsCore::error404();
}
// Получаем поля
$content_model = cmsCore::getModel('content');
$content_model->setTablePrefix('');
$content_model->orderBy('ordering');
$fields = $content_model->getContentFields('{users}');
// Строим форму
$form = new cmsForm();
// Разбиваем поля по группам
$fieldsets = cmsForm::mapFieldsToFieldsets($fields, function ($field, $user) {
// проверяем что группа пользователя имеет доступ к редактированию этого поля
if ($field['groups_edit'] && !$user->isInGroups($field['groups_edit'])) {
return false;
}
return true;
});
// Добавляем поля в форму
foreach ($fieldsets as $fieldset) {
$fieldset_id = $form->addFieldset($fieldset['title']);
foreach ($fieldset['fields'] as $field) {
// добавляем поле в форму
$form->addField($fieldset_id, $field['handler']);
}
}
// Добавляем поле выбора часового пояса
$config = cmsConfig::getInstance();
$fieldset_id = $form->addFieldset(LANG_TIME_ZONE);
$form->addField($fieldset_id, new fieldList('time_zone', array('default' => $config->time_zone, 'generator' => function ($item) {
return cmsCore::getTimeZones();
})));
// Форма отправлена?
$is_submitted = $this->request->has('submit');
if ($is_submitted) {
// Парсим форму и получаем поля записи
$new = $form->parse($this->request, $is_submitted, $profile);
$old = $profile;
$profile = array_merge($profile, $new);
// Проверям правильность заполнения
$errors = $form->validate($this, $profile);
if (!$errors) {
$is_allowed = cmsEventsManager::hookAll('user_profile_update', $profile, true);
if ($is_allowed !== true && in_array(false, $is_allowed)) {
$errors = true;
}
}
if (!$errors) {
// Обновляем профиль и редиректим на его просмотр
$this->model->updateUser($profile['id'], $profile);
// Отдельно обновляем часовой пояс в сессии
cmsUser::sessionSet('user_data:time_zone', $profile['time_zone']);
// Постим уведомление о смене аватара в ленту
if (!$this->model->isAvatarsEqual($new['avatar'], $old['avatar'])) {
$activity_controller = cmsCore::getController('activity');
$activity_controller->deleteEntry($this->name, "avatar", $profile['id']);
if (!empty($new['avatar'])) {
$activity_controller->addEntry($this->name, "avatar", array('user_id' => $profile['id'], 'subject_title' => $profile['nickname'], 'subject_id' => $profile['id'], 'subject_url' => href_to('users', $profile['id']), 'is_private' => 0, 'group_id' => null, 'images' => array(array('url' => href_to('users', $profile['id']), 'src' => html_image_src($new['avatar'], 'normal'))), 'images_count' => 1));
}
}
$this->redirectTo('users', $profile['id']);
}
if ($errors) {
cmsUser::addSessionMessage(LANG_FORM_ERRORS, 'error');
}
}
return cmsTemplate::getInstance()->render('profile_edit', array('do' => 'edit', 'id' => $profile['id'], 'profile' => $profile, 'form' => $form, 'errors' => isset($errors) ? $errors : false));
}
public function getGeoByIp()
{
$cached_geo = cmsUser::sessionGet('geo_data');
if ($cached_geo) {
return $cached_geo;
}
$out = simplexml_load_string(file_get_contents_from_url('http://ipgeobase.ru:7020/geo?ip=' . cmsUser::getIp()));
$data = array();
if ($out && is_object($out) && !empty($out->ip[0])) {
foreach ($out->ip[0] as $key => $value) {
$data[$key] = (string) $value;
}
}
$geo = array('city' => array('id' => null, 'name' => null), 'country' => array('id' => null, 'name' => null));
if (isset($data['country'])) {
$geo['country'] = $this->model->getItemByField('geo_countries', 'alpha2', $data['country']);
}
if (isset($data['city'])) {
if (!empty($geo['country']['id'])) {
$this->model->filterEqual('country_id', $geo['country']['id']);
}
$geo['city'] = $this->model->getItemByField('geo_cities', 'name', $data['city']);
}
cmsUser::sessionSet('geo_data', $geo);
return $geo;
}
