/** * Validates input from user registration form * * @param eZHTTPTool $http * * @return array */ public static function validateUserInput($http) { if ($http->hasPostVariable('data_user_login') && $http->hasPostVariable('data_user_email') && $http->hasPostVariable('data_user_password') && $http->hasPostVariable('data_user_password_confirm')) { $loginName = $http->postVariable('data_user_login'); $email = $http->postVariable('data_user_email'); $password = $http->postVariable('data_user_password'); $passwordConfirm = $http->postVariable('data_user_password_confirm'); if (trim($loginName) == '') { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.')); } else { $existUser = eZUser::fetchByName($loginName); if ($existUser != null) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.')); } // validate user email $isValidate = eZMail::validate($email); if (!$isValidate) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.')); } $authenticationMatch = eZUser::authenticationMatch(); if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) { if (eZUser::requireUniqueEmail()) { $userByEmail = eZUser::fetchByEmail($email); if ($userByEmail != null) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.')); } } } // validate user name if (!eZUser::validateLoginName($loginName, $errorText)) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', $errorText)); } // validate user password $ini = eZINI::instance(); $generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true'; if (!$generatePasswordIfEmpty || $password != "") { if ($password == "") { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType')); } if ($password != $passwordConfirm) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType')); } if (!eZUser::validatePassword($password)) { $minPasswordLength = $ini->hasVariable('UserSettings', 'MinPasswordLength') ? $ini->variable('UserSettings', 'MinPasswordLength') : 3; return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength))); } if (strtolower($password) == 'password') { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".')); } } } } else { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'Input required.')); } return array('status' => 'success'); }
/** * Populates the user_account datatype with the correct values * based upon the string passed in $string. * * The string that must be passed looks like the following : * login|email|password_hash|hash_identifier|is_enabled * * Example: * <code> * foo|foo@ez.no|1234|md5_password|0 * </code> * * @param object $contentObjectAttribute A contentobject attribute of type user_account. * @param string $string The string as described in the example. * @return object The newly created eZUser object */ function fromString($contentObjectAttribute, $string) { if ($string == '') { return true; } $userData = explode('|', $string); if (count($userData) < 2) { return false; } $login = $userData[0]; $email = $userData[1]; $userByUsername = eZUser::fetchByName($login); if ($userByUsername && $userByUsername->attribute('contentobject_id') != $contentObjectAttribute->attribute('contentobject_id')) { return false; } if (eZUser::requireUniqueEmail()) { $userByEmail = eZUser::fetchByEmail($email); if ($userByEmail && $userByEmail->attribute('contentobject_id') != $contentObjectAttribute->attribute('contentobject_id')) { return false; } } $user = eZUser::create($contentObjectAttribute->attribute('contentobject_id')); $user->setAttribute('login', $login); $user->setAttribute('email', $email); if (isset($userData[2])) { $user->setAttribute('password_hash', $userData[2]); } if (isset($userData[3])) { $user->setAttribute('password_hash_type', eZUser::passwordHashTypeID($userData[3])); } if (isset($userData[4])) { $userSetting = eZUserSetting::fetch($contentObjectAttribute->attribute('contentobject_id')); $userSetting->setAttribute("is_enabled", (int) (bool) $userData[4]); $userSetting->store(); } $user->store(); return $user; }
function validateObjectAttributeHTTPInput($http, $base, $contentObjectAttribute) { if ($http->hasPostVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id"))) { $classAttribute = $contentObjectAttribute->contentClassAttribute(); $loginName = $http->postVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id")); $email = $http->postVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id")); $password = $http->postVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id")); $passwordConfirm = $http->postVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id")); if (trim($loginName) == '') { if ($contentObjectAttribute->validateIsRequired() || trim($email) != '') { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.')); return eZInputValidator::STATE_INVALID; } } else { $existUser = eZUser::fetchByName($loginName); if ($existUser != null) { $userID = $existUser->attribute('contentobject_id'); if ($userID != $contentObjectAttribute->attribute("contentobject_id")) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.')); return eZInputValidator::STATE_INVALID; } } // validate user email $isValidate = eZMail::validate($email); if (!$isValidate) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.')); return eZInputValidator::STATE_INVALID; } $authenticationMatch = eZUser::authenticationMatch(); if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) { if (eZUser::requireUniqueEmail()) { $userByEmail = eZUser::fetchByEmail($email); if ($userByEmail != null) { $userID = $userByEmail->attribute('contentobject_id'); if ($userID != $contentObjectAttribute->attribute("contentobject_id")) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.')); return eZInputValidator::STATE_INVALID; } } } } // validate user name if (!eZUser::validateLoginName($loginName, $errorText)) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', $errorText)); return eZInputValidator::STATE_INVALID; } // validate user password $ini = eZINI::instance(); $generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true'; if (!$generatePasswordIfEmpty || $password != "") { if ($password == "") { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType')); return eZInputValidator::STATE_INVALID; } if ($password != $passwordConfirm) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType')); return eZInputValidator::STATE_INVALID; } if (!eZUser::validatePassword($password)) { $minPasswordLength = $ini->hasVariable('UserSettings', 'MinPasswordLength') ? $ini->variable('UserSettings', 'MinPasswordLength') : 3; $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength))); return eZInputValidator::STATE_INVALID; } if (strtolower($password) == 'password') { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".')); return eZInputValidator::STATE_INVALID; } } } } else { if ($contentObjectAttribute->validateIsRequired()) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'Input required.')); return eZInputValidator::STATE_INVALID; } } return eZInputValidator::STATE_ACCEPTED; }
/** @var array $Params */ /** @var eZModule $module */ $module = $Params['Module']; $http = eZHTTPTool::instance(); $siteINI = eZINI::instance(); $ngConnectINI = eZINI::instance('ngconnect.ini'); $regularRegistration = trim($ngConnectINI->variable('ngconnect', 'RegularRegistration')) == 'enabled'; $forcedRedirect = $http->hasSessionVariable('NGConnectForceRedirect'); if ($http->hasSessionVariable('NGConnectAuthResult') && ($regularRegistration || $forcedRedirect)) { $authResult = $http->sessionVariable('NGConnectAuthResult'); if ($http->hasPostVariable('SkipButton') && !$forcedRedirect && $ngConnectINI->variable('ProfileGenerationSettings', 'Skip') == 'enabled') { // user wants to skip connecting accounts // again, who are we to say no? so just create the user and bail out // however, we need to force email uniqueness, if set so by the system $userExists = false; if (eZUser::requireUniqueEmail()) { $userExists = eZUser::fetchByEmail($authResult['email']) instanceof eZUser; } if (!$userExists) { $user = ngConnectFunctions::createUser($authResult); if ($user instanceof eZUser && $user->canLoginToSiteAccess($GLOBALS['eZCurrentAccess'])) { $user->loginCurrent(); } else { eZUser::logoutCurrent(); } redirect($http, $module); } else { $validationError = ezpI18n::tr('extension/ngconnect/ngconnect/profile', 'User with an email address supplied by your social network already exists. Try logging in instead.'); } } else { if ($http->hasPostVariable('LoginButton') && ($ngConnectINI->variable('ProfileGenerationSettings', 'LoginUser') == 'enabled' || $forcedRedirect)) {
} } else { // no previously connected accounts, try to find existing social network account $user = eZUser::fetchByName('ngconnect_' . $result['login_method'] . '_' . $result['id']); if ($user instanceof eZUser) { if ($user->isEnabled() && $user->canLoginToSiteAccess($GLOBALS['eZCurrentAccess'])) { ngConnectFunctions::updateUser($user, $result); $user->loginCurrent(); } else { eZUser::logoutCurrent(); } } else { // we didn't find any social network accounts, create new account // redirect to ngconnect/profile if enabled $forceRedirect = false; if (eZUser::requireUniqueEmail() && eZUser::fetchByEmail($result['email']) instanceof eZUser && trim($ngConnectINI->variable('ngconnect', 'DuplicateEmailForceRedirect')) == 'enabled') { $forceRedirect = true; } if ($regularRegistration || $forceRedirect) { if (!$regularRegistration && $forceRedirect) { $http->setSessionVariable('NGConnectForceRedirect', 'true'); } $http->setSessionVariable('NGConnectAuthResult', $result); if ($loginWindowType == 'page') { return $module->redirectToView('profile'); } else { $http->setSessionVariable('NGConnectRedirectToProfile', 'true'); } } else { $user = ngConnectFunctions::createUser($result); if ($user instanceof eZUser && $user->canLoginToSiteAccess($GLOBALS['eZCurrentAccess'])) {
/** * Updates user with provided auth data * * @param eZUser $user * @param array $authResult * * @return bool */ public static function updateUser($user, $authResult) { $currentTimeStamp = eZDateTime::currentTimeStamp(); $contentObject = $user->contentObject(); if (!$contentObject instanceof eZContentObject) { return false; } /** @var eZContentObjectVersion $version */ $version = $contentObject->currentVersion(); $db = eZDB::instance(); $db->begin(); $version->setAttribute('modified', $currentTimeStamp); $version->store(); self::fillUserObject($version->dataMap(), $authResult); if ($authResult['email'] != $user->Email) { $userExists = false; if (eZUser::requireUniqueEmail()) { $userExists = eZUser::fetchByEmail($authResult['email']) instanceof eZUser; } if (empty($authResult['email']) || $userExists) { $email = md5('ngconnect_' . $authResult['login_method'] . '_' . $authResult['id']) . '@localhost.local'; } else { $email = $authResult['email']; } $user->setAttribute('email', $email); $user->store(); } $contentObject->setName($contentObject->contentClass()->contentObjectName($contentObject)); $contentObject->store(); $db->commit(); return $user; }