forked from osclass/Osclass
/
user-non-secure.php
executable file
·108 lines (95 loc) · 5.99 KB
/
user-non-secure.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php if ( ! defined('ABS_PATH')) exit('ABS_PATH is not loaded. Direct access is not allowed.');
/**
* OSClass – software for creating and publishing online classified advertising platforms
*
* Copyright (C) 2010 OSCLASS
*
* This program is free software: you can redistribute it and/or modify it under the terms
* of the GNU Affero General Public License as published by the Free Software Foundation,
* either version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
class CWebUserNonSecure extends BaseModel
{
function __construct() {
parent::__construct() ;
if( !osc_users_enabled() && ($this->action != 'activate_alert' && $this->action != 'unsub_alert') ) {
osc_add_flash_error_message( _m('Users not enabled') ) ;
$this->redirectTo(osc_base_url(true));
}
}
//Business Layer...
function doModel() {
switch( $this->action ) {
case 'change_email_confirm': //change email confirm
if ( Params::getParam('userId') && Params::getParam('code') ) {
$userManager = new User() ;
$user = $userManager->findByPrimaryKey( Params::getParam('userId') ) ;
if( $user['s_pass_code'] == Params::getParam('code') && $user['b_enabled']==1) {
$userEmailTmp = UserEmailTmp::newInstance()->findByPk( Params::getParam('userId') ) ;
$code = osc_genRandomPassword(50) ;
$userManager->update(
array('s_email' => $userEmailTmp['s_new_email'])
,array('pk_i_id' => $userEmailTmp['fk_i_user_id'])
);
Item::newInstance()->update(array('s_contact_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
ItemComment::newInstance()->update(array('s_author_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Alerts::newInstance()->update(array('s_email' => $userEmailTmp['s_new_email']), array('fk_i_user_id' => $userEmailTmp['fk_i_user_id']));
Session::newInstance()->_set('userEmail', $userEmailTmp['s_new_email']) ;
UserEmailTmp::newInstance()->delete(array('s_new_email' => $userEmailTmp['s_new_email']));
osc_add_flash_ok_message( _m('Your email has been changed successfully'));
$this->redirectTo( osc_user_profile_url() ) ;
} else {
osc_add_flash_error_message( _m('Sorry, the link is not valid'));
$this->redirectTo( osc_base_url() ) ;
}
} else {
osc_add_flash_error_message( _m('Sorry, the link is not valid'));
$this->redirectTo( osc_base_url() ) ;
}
break;
case 'activate_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
$result = 0;
if($email!='' && $secret!='') {
$result = Alerts::newInstance()->activate($email, $secret );
}
if( $result == 1 ) {
osc_add_flash_ok_message(_m('Alert activated'));
}else{
osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
}
$this->redirectTo( osc_base_url(true) );
break;
case 'unsub_alert':
$email = Params::getParam('email');
$secret = Params::getParam('secret');
if($email!='' && $secret!='') {
Alerts::newInstance()->delete(array('s_email' => $email, 'S_secret' => $secret));
osc_add_flash_ok_message(_m('Unsubscribed correctly'));
} else {
osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
}
$this->redirectTo(osc_base_url());
break;
default:
$this->redirectTo( osc_user_login_url() );
break;
}
}
//hopefully generic...
function doView($file) {
osc_run_hook("before_html");
osc_current_web_theme_path($file) ;
Session::newInstance()->_clearVariables();
osc_run_hook("after_html");
}
}
?>