/**
* insert user into elgg user table
*
* Get user info from db
* Tries to insert, otherwise return error
*
* @return user
*/
function cas_insertUser($username, $casUser, $config)
{
// $name = $attr['cn'];
// $uname = !empty($attr['textuid']) ? $attr['textuid'] : str_replace(".", "",$username);
// $email = $attr['mail'];
$name = $casUser->name;
$uname = !empty($casUser->username) ? $casUser->username : $username;
$email = $casUser->email;
$password = md5($uname . $email);
$user = new ElggUser();
$user->username = $uname;
$user->email = $email;
$user->name = $name;
$user->access_id = 2;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
$user->password = generate_user_password($user, $password);
$user->save();
$guid = $user->guid;
$obj = get_entity($guid);
if (isset($config->casadminuser) && $config->casadminuser == $username) {
if ($obj instanceof ElggUser && $obj->canEdit()) {
$obj->admin = 'yes';
if ($obj->admin) {
system_message(elgg_echo('admin:user:makeadmin:yes'));
} else {
register_error(elgg_echo('admin:user:makeadmin:no'));
}
} else {
register_error(elgg_echo('admin:user:makeadmin:no'));
}
}
return $user;
}
public function testUpdateACL()
{
// another fake user to test with
$user = new ElggUser();
$user->username = '******' . rand();
$user->email = '*****@*****.**' . rand();
$user->name = 'fake user';
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, rand());
$user->owner_guid = 0;
$user->container_guid = 0;
$user->save();
$acl_id = create_access_collection('test acl');
$member_lists = array(array($this->user->guid, $user->guid), array($user->guid), array($this->user->guid), array());
foreach ($member_lists as $members) {
$result = update_access_collection($acl_id, $members);
$this->assertTrue($result);
if ($result) {
$q = "SELECT * FROM {$this->dbPrefix}access_collection_membership\n\t\t\t\t\tWHERE access_collection_id = {$acl_id}";
$data = get_data($q);
if (count($members) == 0) {
$this->assertFalse($data);
} else {
$this->assertEqual(count($members), count($data));
}
foreach ($data as $row) {
$this->assertTrue(in_array($row->user_guid, $members));
}
}
}
delete_access_collection($acl_id);
$user->delete();
}
/**
* Called before each test object.
*/
public function __construct()
{
$this->ia = elgg_set_ignore_access(TRUE);
parent::__construct();
$this->user = new ElggUser();
$this->user->username = '******' . rand();
$this->user->email = '*****@*****.**';
$this->user->name = 'I am a Test User';
$this->user->access_id = ACCESS_PUBLIC;
$this->user->salt = generate_random_cleartext_password();
$this->user->password = generate_user_password($this->user, "pass123");
$this->user->container_guid = 0;
$this->user->owner_guid = 0;
$this->user->save();
// all __construct() code should come after here
$this->user2 = new ElggUser();
// generating API key
$keypair = create_api_user($CONFIG->site_id);
if ($keypair) {
$this->apikey = new ElggObject();
$this->apikey->subtype = 'api_key';
$this->apikey->access_id = ACCESS_PUBLIC;
$this->apikey->title = "User web services";
$this->apikey->public = $keypair->api_key;
$this->apikey->save();
}
}
/**
* Set a user's password
*
* @return bool
* @since 1.8.0
* @access private
*/
function elgg_set_user_password()
{
$current_password = get_input('current_password');
$password = get_input('password');
$password2 = get_input('password2');
$user_guid = get_input('guid');
if (!$user_guid) {
$user = elgg_get_logged_in_user_entity();
} else {
$user = get_entity($user_guid);
}
if ($user && $password) {
// let admin user change anyone's password without knowing it except his own.
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
$credentials = array('username' => $user->username, 'password' => $current_password);
try {
pam_auth_userpass($credentials);
} catch (LoginException $e) {
register_error(elgg_echo('LoginException:ChangePasswordFailure'));
return false;
}
}
try {
$result = validate_password($password);
} catch (RegistrationException $e) {
register_error($e->getMessage());
return false;
}
if ($result) {
if ($password == $password2) {
$user->salt = generate_random_cleartext_password();
// Reset the salt
$user->password = generate_user_password($user, $password);
if ($user->save()) {
system_message(elgg_echo('user:password:success'));
return true;
} else {
register_error(elgg_echo('user:password:fail'));
}
} else {
register_error(elgg_echo('user:password:fail:notsame'));
}
} else {
register_error(elgg_echo('user:password:fail:tooshort'));
}
} else {
// no change
return null;
}
return false;
}
/**
* Create a fake user
*
* @return ElggUser
*/
public static function createUser()
{
$user = new ElggUser();
$user->username = '******' . rand();
$user->email = '*****@*****.**' . rand();
$user->name = 'fake user ' . rand();
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, rand());
$user->owner_guid = 0;
$user->container_guid = 0;
$user->save();
return $user;
}
/**
* Called before each test object.
*/
public function __construct()
{
parent::__construct();
$this->user = new ElggUser();
$this->user->username = '******' . rand();
$this->user->email = '*****@*****.**' . rand();
$this->user->name = 'fake user ' . rand();
$this->user->access_id = ACCESS_PUBLIC;
$this->user->salt = generate_random_cleartext_password();
$this->user->password = generate_user_password($this->user, rand());
$this->user->owner_guid = 0;
$this->user->container_guid = 0;
$this->user->save();
}
/**
* {@inheritdoc}
*/
public function post(ParameterBag $params)
{
if (!elgg_get_config('allow_registration') && !elgg_trigger_plugin_hook('allow_registration', 'graph')) {
throw new \RegistrationException(elgg_echo('registerdisabled'), 403);
}
$email = $params->email;
$email_parts = explode('@', $params->email);
$username = $params->username ?: Registration::generateUsername();
$password = $params->password ?: generate_random_cleartext_password();
$name = $params->name ?: array_shift($email_parts);
$guid = register_user($username, $password, $name, $email);
if (!$guid) {
throw new RegistrationException(elgg_echo('registerbad'));
}
$new_user = get_entity($guid);
$new_user->language = $params->language;
$hook_params = array('user' => $new_user, 'password' => $password, 'friend_guid' => $this->graph->get($params->friend_uid)->guid, 'invitecode' => $params->invitecode);
if (!elgg_trigger_plugin_hook('validate_registration', 'graph', null, true)) {
// disable uservalidationbyemail
elgg_unregister_plugin_hook_handler('register', 'user', 'uservalidationbyemail_disable_new_user');
}
$ia = elgg_set_ignore_access(true);
$params->guid = $new_user->guid;
if (!isset($params->access_id)) {
$params->access_id = ACCESS_PRIVATE;
}
$ctrl = new UserProfile($this->request, $this->graph);
$ctrl->put($params);
elgg_set_ignore_access($ia);
$return = array('nodes' => array($new_user));
if (!elgg_trigger_plugin_hook('register', 'user', $hook_params, true)) {
$ia = elgg_set_ignore_access(true);
$new_user->delete();
elgg_set_ignore_access($ia);
throw new RegistrationException(elgg_echo('registerbad'));
}
if ($params->notify) {
$subject = elgg_echo('useradd:subject', array(), $new_user->language);
$body = elgg_echo('useradd:body', array($name, elgg_get_site_entity()->name, elgg_get_site_entity()->url, $username, $password), $new_user->language);
notify_user($new_user->guid, elgg_get_site_entity()->guid, $subject, $body);
}
return $return;
}
/**
* Set a user's password
*
* @return bool
* @since 1.8.0
*/
function elgg_set_user_password()
{
$current_password = get_input('current_password');
$password = get_input('password');
$password2 = get_input('password2');
$user_id = get_input('guid');
if (!$user_id) {
$user = elgg_get_logged_in_user_entity();
} else {
$user = get_entity($user_id);
}
if ($user && $password != "") {
// let admin user change anyone's password without knowing it except his own.
if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
$credentials = array('username' => $user->username, 'password' => $current_password);
if (!pam_auth_userpass($credentials)) {
register_error(elgg_echo('user:password:fail:incorrect_current_password'));
return false;
}
}
if (strlen($password) >= 4) {
if ($password == $password2) {
$user->salt = generate_random_cleartext_password();
// Reset the salt
$user->password = generate_user_password($user, $password);
if ($user->save()) {
system_message(elgg_echo('user:password:success'));
return true;
} else {
register_error(elgg_echo('user:password:fail'));
}
} else {
register_error(elgg_echo('user:password:fail:notsame'));
}
} else {
register_error(elgg_echo('user:password:fail:tooshort'));
}
} else {
// no change
return null;
}
return false;
}
/**
* {@inheritdoc}
*/
protected function handle()
{
$admin = $this->option('admin');
$notify = $this->option('notify');
$email = $this->ask('Enter account email: ');
list($username, ) = explode('@', $email, 2);
$username = $this->ask("Enter account username [{$username}]: ", $username);
$password = $this->ask('Enter account password (leave empty to autegenerate): ', null, true, false);
if (empty($password)) {
$password = generate_random_cleartext_password();
}
$name = $this->ask("Enter account display name [{$username}]: ", $username);
$guid = register_user($username, $password, $name, $email);
$user = get_entity($guid);
$user->admin_created = true;
elgg_set_user_validation_status($user->guid, true, 'cli');
$params = ['user' => $user, 'password' => $password];
if (!elgg_trigger_plugin_hook('register', 'user', $params, TRUE)) {
$ia = elgg_set_ignore_access(true);
$user->delete();
elgg_set_ignore_access($ia);
throw new RegistrationException(elgg_echo('registerbad'));
}
if ($admin) {
$ia = elgg_set_ignore_access(true);
$user->makeAdmin();
elgg_set_ignore_access($ia);
}
if ($notify) {
$subject = elgg_echo('useradd:subject', array(), $user->language);
$body = elgg_echo('useradd:body', array($name, elgg_get_site_entity()->name, elgg_get_site_entity()->url, $username, $password), $user->language);
notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $body, ['password' => $password]);
}
if ($user->isAdmin()) {
system_message("New admin user has been registered [guid: {$user->guid}]");
} else {
system_message("New user has been registered [guid: {$user->guid}]");
}
}
/**
* Register a user in Elgg based on information provided by the Service Provider (SP).
*
* @param string $name the (display)name of the new user
* @param string $email the email address of the user
* @param string $saml_source the name of the SP this information came from
* @param bool $validate do we need to validate the email address of this new users
* @param string $username the username provided by the SP (optional)
*
* @return false|ElggUser
*/
function simplesaml_register_user($name, $email, $saml_source, $validate = false, $username = '')
{
if (empty($name) || empty($email) || empty($saml_source)) {
return false;
}
// check which username to use
if (!empty($username)) {
// make sure the username is unique
$username = simplesaml_generate_unique_username($username);
} else {
// create a username from email
$username = simplesaml_generate_username_from_email($email);
}
if (empty($username)) {
register_error(elgg_echo("registration:usernamenotvalid"));
return false;
}
// generate a random password
$password = generate_random_cleartext_password();
try {
$user_guid = register_user($username, $password, $name, $email);
if (empty($user_guid)) {
return false;
}
$new_user = get_user($user_guid);
if (!$validate) {
// no need for extra validation. We trust this user
elgg_set_user_validation_status($new_user->getGUID(), true, 'simplesaml');
}
$params = ['user' => $new_user, 'password' => $password, 'friend_guid' => null, 'invitecode' => null];
if (!elgg_trigger_plugin_hook('register', 'user', $params, true)) {
register_error(elgg_echo('registerbad'));
} else {
return $new_user;
}
} catch (Exception $e) {
register_error($e->getMessage());
}
return false;
}
/**
* Create a new user from Twitter information
*
* @param object $twitter Twitter OAuth response
* @return ElggUser
*/
function twitter_api_create_user($twitter)
{
// check new registration allowed
if (!twitter_api_allow_new_users_with_twitter()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
// Elgg-ify Twitter credentials
$username = $twitter->screen_name;
while (get_user_by_username($username)) {
// @todo I guess we just hope this is good enough
$username = $twitter->screen_name . '_' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$name = $twitter->name;
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = _elgg_generate_password_salt();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
forward();
}
return $user;
}
/**
* Insert user into elgg user table using info from ldap
* Tries to insert, otherwise returns error
*
* @return user or error (false?)
*/
function cas_insertUser($username, $ldap_attributes, $config)
{
// name is 'cn' in ldap
$name = $ldap_attributes['cn'];
// remove periods from ldap username
// ex. anthony.hopkins -> anthonyhopkins
$uname = !empty($ldap_attributes['textUid']) ? $ldap_attributes['textUid'] : str_replace(".", "", $username);
$email = $ldap_attributes['mail'];
$user = new ElggUser();
$user->username = $uname;
$user->email = $email;
$user->name = $name;
$user->access_id = 2;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
// cas users don't need password stored locally
// so create an invalid password
// a real password can be saved at a later time if they become a local user
$user->password = md5(time());
//generate_user_password($user, $password);
// returns guid or false
$guid = $user->save();
if (!$guid) {
return false;
}
$obj = get_entity($guid);
if (isset($config->casadminuser) && $config->casadminuser == $uname) {
if ($obj instanceof \ElggUser) {
//set context for permissions check
elgg_push_context('au_cas_auth_make_admin');
if (make_user_admin($guid)) {
system_message(elgg_echo('admin:user:makeadmin:yes'));
} else {
register_error(elgg_echo('admin:user:makeadmin:no'));
}
// set context back
elgg_pop_context();
} else {
register_error(elgg_echo('admin:user:makeadmin:no'));
}
}
return $user;
}
/**
* Registers a user, returning false if the username already exists
*
* @param string $username The username of the new user
* @param string $password The password
* @param string $name The user's display name
* @param string $email Their email address
* @param bool $allow_multiple_emails Allow the same email address to be
* registered multiple times?
* @param int $friend_guid GUID of a user to friend once fully registered
* @param string $invitecode An invite code from a friend
*
* @return int|false The new user's GUID; false on failure
*/
function register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '')
{
// Load the configuration
global $CONFIG;
// no need to trim password.
$username = trim($username);
$name = trim(strip_tags($name));
$email = trim($email);
// A little sanity checking
if (empty($username) || empty($password) || empty($name) || empty($email)) {
return false;
}
// Make sure a user with conflicting details hasn't registered and been disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (!validate_email_address($email)) {
throw new RegistrationException(elgg_echo('registration:emailnotvalid'));
}
if (!validate_password($password)) {
throw new RegistrationException(elgg_echo('registration:passwordnotvalid'));
}
if (!validate_username($username)) {
throw new RegistrationException(elgg_echo('registration:usernamenotvalid'));
}
if ($user = get_user_by_username($username)) {
throw new RegistrationException(elgg_echo('registration:userexists'));
}
if (!$allow_multiple_emails && get_user_by_email($email)) {
throw new RegistrationException(elgg_echo('registration:dupeemail'));
}
access_show_hidden_entities($access_status);
// Create user
$user = new ElggUser();
$user->username = $username;
$user->email = $email;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->language = get_current_language();
$user->save();
// If $friend_guid has been set, make mutual friends
if ($friend_guid) {
if ($friend_user = get_user($friend_guid)) {
if ($invitecode == generate_invite_code($friend_user->username)) {
$user->addFriend($friend_guid);
$friend_user->addFriend($user->guid);
// @todo Should this be in addFriend?
add_to_river('river/relationship/friend/create', 'friend', $user->getGUID(), $friend_guid);
add_to_river('river/relationship/friend/create', 'friend', $friend_guid, $user->getGUID());
}
}
}
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
return $user->getGUID();
}
/**
* Returns a secret key to sign ajax requests
* @return string
*/
function elgg_tokeninput_get_secret()
{
$secret = elgg_get_plugin_setting('__secret', 'elgg_tokeninput');
if (!$secret) {
$secret = generate_random_cleartext_password();
elgg_set_plugin_setting('__secret', $secret, 'elgg_tokeninput');
}
return $secret;
}
/**
* Register a user in Elgg based on information provided by the Service Provider (SP).
*
* @param string $name the (display)name of the new user
* @param string $email the email address of the user
* @param string $saml_source the name of the SP this information came from
* @param bool $validate do we need to validate the email address of this new users
* @param string $username the username provided by the SP (optional)
*
* @return bool|ElggUser the new user, false on failure
*/
function simplesaml_register_user($name, $email, $saml_source, $validate = false, $username = "")
{
$result = false;
if (!empty($name) && !empty($email) && !empty($saml_source)) {
// check which username to use
if (!empty($username)) {
// make sure the username is unique
$username = simplesaml_generate_unique_username($username);
} else {
// create a username from email
$username = simplesaml_generate_username_from_email($email);
}
if (!empty($username)) {
// generate a random password
$password = generate_random_cleartext_password();
try {
$user_guid = register_user($username, $password, $name, $email);
if (!empty($user_guid)) {
$new_user = get_user($user_guid);
if (!$validate) {
// no need for extra validation. We trust this user
elgg_set_user_validation_status($new_user->getGUID(), true, "simplesaml");
}
$params = array("user" => $new_user, "password" => $password, "friend_guid" => null, "invitecode" => null);
if (!elgg_trigger_plugin_hook("register", "user", $params, true)) {
register_error(elgg_echo("registerbad"));
} else {
$result = $new_user;
}
}
} catch (Exception $e) {
register_error($e->getMessage());
}
} else {
register_error(elgg_echo("registration:usernamenotvalid"));
}
}
return $result;
}
function import_to_stormpath()
{
$dbprefix = elgg_get_config('dbprefix');
$subject = elgg_get_plugin_setting('import_subject', PLUGIN_ID);
$message = elgg_get_plugin_setting('import_message', PLUGIN_ID);
$site = elgg_get_site_entity();
$site_url = elgg_get_site_url();
if (!$subject || !$message) {
error_log('no subject/message');
return true;
}
if (is_elgg18()) {
$name_id = add_metastring('__stormpath_user');
$value_id = add_metastring(1);
} else {
$name_id = elgg_get_metastring_id('__stormpath_user');
$value_id = elgg_get_metastring_id(1);
}
$options = array('type' => 'user', 'joins' => array("LEFT JOIN {$dbprefix}metadata md ON md.entity_guid = e.guid AND md.name_id = {$name_id}"), 'wheres' => array('md.name_id IS NULL'), 'limit' => false);
$batch = new \ElggBatch('elgg_get_entities', $options);
$batch->setIncrementOffset(false);
foreach ($batch as $user) {
// search stormpath for a matching account
$application = get_application();
$accts = $application->getAccounts(array('email' => $user->email));
$already_exists = false;
foreach ($accts as $a) {
$user->__stormpath_user = $a->href;
error_log('set user ' . $user->username . ': ' . $a->href);
$already_exists = true;
break;
}
if ($already_exists) {
continue;
}
// change it locally
$password = generate_random_cleartext_password();
$user->salt = _elgg_generate_password_salt();
$user->password = generate_user_password($user, $password);
$user->save();
error_log('adding to stormpath ' . $user->email);
$result = add_to_stormpath($user, $password);
if ($result) {
// notify them of the change
// replace tokens in the message
$message_m = str_replace('{{password}}', $password, $message);
$message_m = str_replace('{{name}}', $user->name, $message_m);
$message_m = str_replace('{{username}}', $user->username, $message_m);
$message_m = str_replace('{{email}}', $user->email, $message_m);
$message_m = str_replace('{{forgot_password}}', $site_url . 'forgotpassword', $message_m);
$message_m = str_replace('{{site_email}}', $site->email, $message_m);
$message_m = str_replace('{{site_url}}', $site_url, $message_m);
notify_user($user->guid, $site->guid, $subject, $message_m, null, 'email');
}
}
}
/**
* Create a user based on LinkedIn information
*
* @param string $token LinkedIn access token
*
* @return bool|ElggUser
*/
function socialink_linkedin_create_user($token)
{
if (empty($token) || !is_array($token)) {
return false;
}
$keys = socialink_linkedin_available();
if (empty($keys)) {
return false;
}
$keys["oauth_token"] = $token["oauth_token"];
$keys["oauth_secret"] = $token["oauth_token_secret"];
$api = socialink_linkedin_get_api_object($keys);
if (empty($api)) {
return false;
}
try {
// get user data
$response = $api->profile("~:(first-name,last-name,email-address)");
} catch (Exception $e) {
}
$api_result = socialink_linkedin_verify_response($response);
if (empty($api_result)) {
return false;
}
$api_result = json_decode($api_result);
// build user information
$name = $api_result->firstName . " " . $api_result->lastName;
$email = $api_result->emailAddress;
$pwd = generate_random_cleartext_password();
$username = socialink_create_username_from_email($email);
// check email address
if (get_user_by_email($email)) {
register_error(elgg_echo("socialink:networks:create_user:error:email"));
return false;
}
try {
// register user
$user_guid = register_user($username, $pwd, $name, $email);
if (empty($user_guid)) {
return false;
}
// show hidden entities
$access = access_get_show_hidden_status();
access_show_hidden_entities(true);
$user = get_user($user_guid);
if (empty($user)) {
access_show_hidden_entities($access);
return false;
}
// save user tokens
elgg_set_plugin_user_setting("linkedin_oauth_token", $token["oauth_token"], $user_guid, "socialink");
elgg_set_plugin_user_setting("linkedin_oauth_secret", $token["oauth_token_secret"], $user_guid, "socialink");
// no need for uservalidationbyemail
elgg_unregister_plugin_hook_handler("register", "user", "uservalidationbyemail_disable_new_user");
// sync user data
socialink_linkedin_sync_profile_metadata($user->getGUID());
// trigger hook for registration
$params = array("user" => $user, "password" => $pwd, "friend_guid" => 0, "invitecode" => "");
if (elgg_trigger_plugin_hook("register", "user", $params, true) !== false) {
// return the user
access_show_hidden_entities($access);
return $user;
}
// restore hidden entities
access_show_hidden_entities($access);
} catch (Exception $e) {
}
return false;
}
$userlogin = str_replace(' ', '-', $user_profile->displayName);
if (!$userlogin) {
$userlogin = '******' . rand(10000, 99999);
}
while (get_user_by_username($userlogin)) {
$userlogin = str_replace(' ', '-', $user_profile->displayName) . '-' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$username = $user_profile->displayName;
$useremail = $user_profile->email;
$user = new ElggUser();
$user->username = $userlogin;
$user->name = $username;
$user->access_id = ACCESS_PUBLIC;
$user->email = $user_profile->email;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
}
// register user && provider
elgg_set_plugin_user_setting('uid', $user_uid, $user->guid, 'elgg_social_login');
elgg_set_plugin_user_setting('provider', $provider, $user->guid, 'elgg_social_login');
// notice && login
if (elgg_get_plugin_setting("social_login_notify", "social_login") == "yes") {
if (strtolower($provider) == "facebook" || strtolower($provider) == "linkedin") {
if (empty($user->last_login)) {
$message = elgg_echo('social:register:joined');
$adapter->setUserStatus($message);
/**
* Validate and change password for a user.
*
* @param int $user_guid The user id
* @param string $conf_code Confirmation code as sent in the request email.
* @param string $password Optional new password, if not randomly generated.
*
* @return bool True on success
*/
function executeNewPasswordReset($user_guid, $conf_code, $password = null)
{
$user_guid = (int) $user_guid;
$user = get_entity($user_guid);
if ($password === null) {
$password = generate_random_cleartext_password();
$reset = true;
} else {
$reset = false;
}
if (!$user instanceof \ElggUser) {
return false;
}
$saved_code = $user->getPrivateSetting('passwd_conf_code');
$code_time = (int) $user->getPrivateSetting('passwd_conf_time');
$codes_match = _elgg_services()->crypto->areEqual($saved_code, $conf_code);
if (!$saved_code || !$codes_match) {
return false;
}
// Discard for security if it is 24h old
if (!$code_time || $code_time < time() - 24 * 60 * 60) {
return false;
}
if (!$this->forcePasswordReset($user, $password)) {
return false;
}
remove_private_setting($user_guid, 'passwd_conf_code');
remove_private_setting($user_guid, 'passwd_conf_time');
// clean the logins failures
reset_login_failure_count($user_guid);
$ns = $reset ? 'resetpassword' : 'changepassword';
$message = _elgg_services()->translator->translate("email:{$ns}:body", array($user->username, $password), $user->language);
$subject = _elgg_services()->translator->translate("email:{$ns}:subject", array(), $user->language);
notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $message, array(), 'email');
return true;
}
/**
* Validate and execute a password reset for a user.
*
* @param int $user_guid The user id
* @param string $conf_code Confirmation code as sent in the request email.
*
* @return mixed
*/
function execute_new_password_request($user_guid, $conf_code)
{
global $CONFIG;
$user_guid = (int) $user_guid;
$user = get_entity($user_guid);
if ($user instanceof ElggUser) {
$saved_code = $user->getPrivateSetting('passwd_conf_code');
if ($saved_code && $saved_code == $conf_code) {
$password = generate_random_cleartext_password();
if (force_user_password_reset($user_guid, $password)) {
remove_private_setting($user_guid, 'passwd_conf_code');
// clean the logins failures
reset_login_failure_count($user_guid);
$email = '<div style="color:#333;font-size:16px;">' . elgg_echo('email:resetpassword:body', array($user->name, $password)) . '</div>';
//return notify_user($user->guid, $CONFIG->site->guid,
// elgg_echo('email:resetpassword:subject'), $email, array(), 'email');
$site_name = elgg_get_site_entity()->name;
return zhgroups_send_email($site_name, $user->email, elgg_echo('email:resetpassword:subject', array($site_name)), $email);
}
}
}
return FALSE;
}
/**
* Log in a user with twitter.
*/
function twitter_api_login()
{
// sanity check
if (!twitter_api_allow_sign_on_with_twitter()) {
forward();
}
$token = twitter_api_get_access_token(get_input('oauth_verifier'));
if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) {
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
// attempt to find user and log them in.
// else, create a new user.
$options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('access_key' => $token['oauth_token'], 'access_secret' => $token['oauth_token_secret']), 'limit' => 0);
$users = elgg_get_entities_from_plugin_user_settings($options);
if ($users) {
if (count($users) == 1 && login($users[0])) {
system_message(elgg_echo('twitter_api:login:success'));
// trigger login hook
elgg_trigger_plugin_hook('login', 'twitter_api', array('user' => $users[0]));
} else {
system_message(elgg_echo('twitter_api:login:error'));
}
forward();
} else {
// need Twitter account credentials
elgg_load_library('twitter_oauth');
$consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api');
$consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api');
$api = new TwitterOAuth($consumer_key, $consumer_secret, $token['oauth_token'], $token['oauth_token_secret']);
$twitter = $api->get('account/verify_credentials');
// backward compatibility for stalled-development Twitter Login plugin
$user = FALSE;
if ($twitter_user = get_user_by_username($token['screen_name'])) {
if (($screen_name = $twitter_user->twitter_screen_name) && $screen_name == $token['screen_name']) {
// convert existing account
$user = $twitter_user;
$forward = '';
}
}
// create new user
if (!$user) {
// check new registration allowed
if (!twitter_api_allow_new_users_with_twitter()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
// trigger a hook for plugin authors to intercept
if (!elgg_trigger_plugin_hook('new_twitter_user', 'twitter_service', array('account' => $twitter), TRUE)) {
// halt execution
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
// Elgg-ify Twitter credentials
$username = $twitter->screen_name;
while (get_user_by_username($username)) {
$username = $twitter->screen_name . '_' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$name = $twitter->name;
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
forward();
}
// @todo require email address?
$site_name = elgg_get_site_entity()->name;
system_message(elgg_echo('twitter_api:login:email', array($site_name)));
$forward = "settings/user/{$user->username}";
}
// set twitter services tokens
elgg_set_plugin_user_setting('twitter_name', $token['screen_name'], $user->guid);
elgg_set_plugin_user_setting('access_key', $token['oauth_token'], $user->guid);
elgg_set_plugin_user_setting('access_secret', $token['oauth_token_secret'], $user->guid);
// pull in Twitter icon
twitter_api_update_user_avatar($user, $twitter->profile_image_url);
// login new user
if (login($user)) {
system_message(elgg_echo('twitter_api:login:success'));
// trigger login hook for new user
elgg_trigger_plugin_hook('first_login', 'twitter_api', array('user' => $user));
} else {
system_message(elgg_echo('twitter_api:login:error'));
}
forward($forward, 'twitter_api');
}
// register login error
register_error(elgg_echo('twitter_api:login:error'));
forward();
}
function social_connect_handle_authentication($user_profile, $provider)
{
global $CONFIG;
global $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG;
$ignore_access = elgg_get_ignore_access();
$provider_name = $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG[$provider]['provider_name'];
$user_uid = $user_profile->identifier;
// establish the value for the proceeding hook
$default_proceed = elgg_get_plugin_setting("ha_settings_{$provider}_hook1_default", 'social_connect');
if (!$default_proceed || $default_proceed == 'global') {
$default_proceed = elgg_get_plugin_setting('ha_settings_hook1_default', 'social_connect');
}
if (!$default_proceed) {
$default_proceed = SOCIAL_CONNECT_DEFAULT_PROCEED;
} else {
if ($default_proceed == 'true') {
$default_proceed = true;
} else {
if ($default_proceed == 'false') {
$default_proceed = false;
}
}
}
// the arguments for social connect events and hooks
$args = array('mode' => null, 'userid' => $user_uid, 'provider' => $HA_SOCIAL_CONNECT_PROVIDERS_CONFIG[$provider], 'user' => null, 'profile' => $user_profile);
// look for users that have already connected via this plugin
$options = array('type' => 'user', 'plugin_id' => 'social_connect', 'plugin_user_setting_name_value_pairs' => array("{$provider}/uid" => $user_uid), 'plugin_user_setting_name_value_pairs_operator' => 'AND', 'limit' => 0);
$users = elgg_get_entities_from_plugin_user_settings($options);
if (!$users) {
// user has not connected with plugin before
$args['mode'] = 'connect';
elgg_set_ignore_access(true);
$proceed = elgg_trigger_plugin_hook('social_connect', 'user', $args, $default_proceed);
elgg_set_ignore_access($ignore_access);
if ($proceed === false) {
// hook prevented social connection
return;
} else {
if ($proceed === 'email' || $proceed === 'emailOnly') {
// hook wants to try and connect via email address
// check whether the user already exists with the email provided
$useremail = $user_profile->email;
if ($useremail && ($users = get_user_by_email($useremail))) {
social_connect_user($user_uid, $users[0], $user_profile, $provider);
system_message(sprintf(elgg_echo('social_connect:connect:ok'), $provider_name));
$args['mode'] = 'email';
$args['user'] = $users[0];
elgg_set_ignore_access(true);
elgg_trigger_event('social_connect', 'user', $args);
elgg_set_ignore_access($ignore_access);
return;
}
if ($proceed === 'emailOnly') {
// hook wants only email address connection or failure
register_error(sprintf(elgg_echo('social_connect:connect:emailnotfound'), $proceed));
return;
}
}
}
// email connection not required or failed, so register a new user
$userlogin = str_replace(' ', '', $user_profile->displayName);
if (!$userlogin) {
$userlogin = $provider . '_user_' . rand(1000, 9999);
}
$org_userlogin = $userlogin;
while (get_user_by_username($userlogin)) {
$userlogin = $org_userlogin . '_' . rand(1000, 9999);
}
unset($org_userlogin);
$password = generate_random_cleartext_password();
$username = $user_profile->displayName;
$user = new ElggUser();
$user->username = $userlogin;
$user->name = $username;
$user->email = $user_profile->email;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
if ($user->save()) {
if ($user->email && elgg_get_plugin_setting('notify_new_user', 'social_connect')) {
$email = elgg_echo('email:social_connect:body', array($userlogin, $password));
set_user_notification_setting($user->getGUID(), 'email', true);
notify_user($user->guid, $CONFIG->site->guid, elgg_echo('email:social_connect:subject', array($provider_name)), $email, NULL, 'email');
}
} else {
register_error(sprintf(elgg_echo('social_connect:register:bad'), $provider_name) . elgg_echo("zhaohu:sorry"));
elgg_log("ZHError social_connect:register:bad , userlogin {$userlogin}", "ERROR");
return;
}
system_message(sprintf(elgg_echo('social_connect:register:ok'), $provider_name));
social_connect_user($user_uid, $user, $user_profile, $provider);
$args['mode'] = 'register';
$args['user'] = $user;
elgg_set_ignore_access(true);
elgg_trigger_event('social_connect', 'user', $args);
elgg_set_ignore_access($ignore_access);
} elseif (count($users) == 1) {
// one user has already been registered on Elgg with this provider
$args['mode'] = 'login';
$args['user'] = $users[0];
elgg_set_ignore_access(true);
if (elgg_trigger_plugin_hook('social_connect', 'user', $args, (bool) $default_proceed)) {
// if not, hook prevented social connection
login($users[0]);
system_message(sprintf(elgg_echo('social_connect:login:ok'), $provider_name));
}
elgg_set_ignore_access($ignore_access);
} else {
throw new Exception(sprintf(elgg_echo('social_connect:login:bad'), $provider_name));
}
}
/**
* Used to create user with facebook data
*
* @access public
* @param array $fbData facebook data of user
* @return void
*/
function facebook_connect_create_update_user($fbData)
{
elgg_load_library('facebook');
// need facebook account credentials
// backward compatibility for stalled-development FBConnect plugin
$user = FALSE;
$facebook_users = elgg_get_entities_from_metadata(array('type' => 'user', 'metadata_name_value_pairs' => array('name' => 'facebook_uid', 'value' => $fbData['user_profile']['id'])));
if (is_array($facebook_users) && count($facebook_users) == 1) {
// convert existing account
$user = $facebook_users[0];
// remove unused metadata
remove_metadata($user->getGUID(), 'facebook_uid');
remove_metadata($user->getGUID(), 'facebook_controlled_profile');
}
// create new user
if (!$user) {
// check new registration allowed
if (!facebook_connect_allow_new_users_with_facebook()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
$email = $fbData['user_profile']['email'];
$users = get_user_by_email($email);
if (!$users) {
// Elgg-ify facebook credentials
if (!empty($fbData['user_profile']['username'])) {
$username = $fbData['user_profile']['username'];
} else {
$username = str_replace(' ', '', strtolower($fbData['user_profile']['name']));
}
$usernameTmp = $username;
while (get_user_by_username($username)) {
$username = $usernameTmp . '_' . rand(1000, 9999);
}
$password = generate_random_cleartext_password();
$name = $fbData['user_profile']['name'];
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->email = $email;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
$user->last_action = date("Y-m-d");
$user->last_login = date("Y-m-d");
$user->validated = 1;
$user->validated_method = 'facebook';
$user->language = 'en';
if (!$user->save()) {
register_error(elgg_echo('registerbad'));
forward();
} else {
// send mail to user
send_user_password_mail($email, $name, $username, $password);
// post status on facebook
if (facebook_connect_allow_post_on_facebook()) {
facebook_connect_post_status($fbData);
}
// pull in facebook icon
$url = 'https://graph.facebook.com/' . $fbData['user_profile']['id'] . '/picture?type=large';
facebook_connect_update_user_avatar($user, $url);
}
} else {
$user = $users[0];
}
}
// set facebook services tokens
elgg_set_plugin_user_setting('uid', $fbData['user_profile']['id'], $user->guid);
elgg_set_plugin_user_setting('access_token', $fbData['user_profile']['accessToken'], $user->guid);
return $user;
}
/**
* Validates and prepares values for 'register' action
* @return void
*/
function forms_register_prepare_action_values()
{
elgg_make_sticky_form('register');
$first_name = get_input('first_name');
$last_name = get_input('last_name');
$email = get_input('email', '');
$name = get_input('name');
$username = get_input('username');
$password = get_input('password');
list($email_username) = explode('@', $email);
if (elgg_get_plugin_setting('first_last_name', 'forms_register') && !$name) {
if (!$first_name || !$last_name) {
register_error(elgg_echo('actions:register:error:first_last_name'));
forward(REFERRER);
}
set_input('name', "{$first_name} {$last_name}");
} else {
if (elgg_get_plugin_setting('autogen_name', 'forms_register') && !$name) {
set_input('name', $email_username);
}
}
if (elgg_get_plugin_setting('autogen_username', 'forms_register') && !$username) {
$algo = elgg_get_plugin_setting('autogen_username_algo', 'forms_register', 'first_name_only');
switch ($algo) {
case 'first_name_only':
$username = $first_name ?: $email_username;
break;
case 'full_name':
$username = $first_name && $last_name ? "{$first_name}.{$last_name}" : $email_username;
break;
case 'email':
$username = $email_username;
break;
case 'alnum':
$username = '';
break;
}
$username = forms_register_generate_username($username);
set_input('username', $username);
}
if (elgg_get_plugin_setting('autogen_password', 'forms_register')) {
$password = generate_random_cleartext_password();
set_input('password', $password);
set_input('password2', $password);
} else {
if ($min_strength = elgg_get_plugin_setting('min_password_strength', 'forms_register')) {
// @todo: add other user inputs
$zxcvbn = new \ZxcvbnPhp\Zxcvbn();
$strength = $zxcvbn->passwordStrength($password);
if ($strength < $min_strength) {
register_error(elgg_echo('actions:register:error:password_strength'));
forward(REFERER);
}
}
if (elgg_get_plugin_setting('hide_password_repeat', 'forms_register')) {
set_input('password2', $password);
}
}
}
/**
* Registers a user, returning false if the username already exists
*
* @param string $username The username of the new user
* @param string $password The password
* @param string $name The user's display name
* @param string $email Their email address
* @param bool $allow_multiple_emails Allow the same email address to be registered multiple times?
* @param int $friend_guid Optionally, GUID of a user this user will friend once fully registered
* @return int|false The new user's GUID; false on failure
*/
function register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '')
{
// Load the configuration
global $CONFIG;
$username = trim($username);
$password = trim($password);
$name = trim($name);
$email = trim($email);
// A little sanity checking
if (empty($username) || empty($password) || empty($name) || empty($email)) {
return false;
}
// See if it exists and is disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
// Validate email address
if (!validate_email_address($email)) {
throw new RegistrationException(elgg_echo('registration:emailnotvalid'));
}
// Validate password
if (!validate_password($password)) {
throw new RegistrationException(elgg_echo('registration:passwordnotvalid'));
}
// Validate the username
if (!validate_username($username)) {
throw new RegistrationException(elgg_echo('registration:usernamenotvalid'));
}
// Check to see if $username exists already
if ($user = get_user_by_username($username)) {
//return false;
throw new RegistrationException(elgg_echo('registration:userexists'));
}
// If we're not allowed multiple emails then see if this address has been used before
if (!$allow_multiple_emails && get_user_by_email($email)) {
throw new RegistrationException(elgg_echo('registration:dupeemail'));
}
access_show_hidden_entities($access_status);
// Check to see if we've registered the first admin yet.
// If not, this is the first admin user!
$admin = datalist_get('admin_registered');
// Otherwise ...
$user = new ElggUser();
$user->username = $username;
$user->email = $email;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->save();
// If $friend_guid has been set, make mutual friends
if ($friend_guid) {
if ($friend_user = get_user($friend_guid)) {
if ($invitecode == generate_invite_code($friend_user->username)) {
$user->addFriend($friend_guid);
$friend_user->addFriend($user->guid);
}
}
}
global $registering_admin;
if (!$admin) {
$user->admin = true;
datalist_set('admin_registered', 1);
$registering_admin = true;
} else {
$registering_admin = false;
}
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
return $user->getGUID();
}
function pleio_api_change_setting($name = "", $password = "", $language = "", $email = "")
{
$fail = false;
$dirty = false;
$user = elgg_get_logged_in_user_entity();
if ($language && $language != $user->language && array_key_exists($language, get_installed_translations())) {
$user->language = $language;
$dirty = true;
}
if ($email && $email != $user->email) {
if (!is_email_address($email)) {
$fail = elgg_echo('email:save:fail');
} else {
if (!get_user_by_email($email)) {
$user->email = $email;
$dirty = true;
} else {
$fail = elgg_echo('registration:dupeemail');
}
}
}
if ($name && $name != $user->name) {
$name = strip_tags($name);
if (elgg_strlen($name) > 50) {
$fail = elgg_echo('user:name:fail');
} else {
$user->name = $name;
$dirty = true;
}
}
if ($password) {
try {
$result = validate_password($password);
if ($result) {
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$dirty = true;
} else {
$fail = elgg_echo('user:password:fail');
}
} catch (RegistrationException $e) {
$fail = $e->getMessage();
}
}
if ($fail) {
return new ErrorResult($fail);
} else {
if ($dirty) {
if ($user->canEdit() && $user->save()) {
return new SuccessResult("Instellingen opgeslagen");
} else {
return new ErrorResult("Opslaan mislukt");
}
} else {
return new SuccessResult("Instellingen niet gewijzigd");
}
}
return new ErrorResult("Niets gewijzigd");
}
<?php
$anchor1 = elgg_view('output/url', ['text' => 'Simple anchor', 'href' => '#anchor']);
$anchor2 = elgg_view('output/url', ['text' => 'Icon anchor', 'href' => 'http://elgg.org/', 'icon' => 'external-link', 'target' => '_blank']);
$query = [];
for ($i = 0; $i < 50; $i++) {
$query['q'][$i] = generate_random_cleartext_password();
}
$anchor3 = elgg_view('output/url', ['href' => elgg_http_add_url_query_elements(current_page_url(), $query), 'icon' => 'globe', 'title' => 'Very long URL']);
$anchor4 = elgg_view('output/url', ['href' => '#anchor2', 'text' => 'Image anchor', 'icon' => elgg_view('output/img', ['src' => elgg_get_simplecache_url('graphics/favicon-16.png'), 'alt' => 'favicon'])]);
$anchor5 = elgg_view('output/url', ['href' => '#anchor3', 'text' => 'Anchor with badge', 'icon' => 'bank', 'badge' => '$500']);
?>
<p>Lorem ipsum dolor sit amet (<?php
echo $anchor1;
?>
)
adipiscing elit. Nullam dignissim convallis est. Quisque aliquam. Donec
faucibus. Nunc iaculis suscipit dui. Nam sit amet sem. Aliquam <?php
echo $anchor5;
?>
libero
nisi, imperdiet at, tincidunt nec, gravida vehicula, nisl. Praesent
mattis, massa quis luctus <?php
echo $anchor2;
?>
, turpis mi volutpat justo, eu
volutpat enim diam eget metus. Maecenas ornare tortor. Donec sed tellus
eget sapien <?php
echo $anchor3;
?>
nonummy. Mauris a ante. Suspendisse quam sem,
/**
* Create a user based on Facebook information
*
* @param string $token Facebook access token
*
* @return bool|ElggUser
*/
function socialink_facebook_create_user($token)
{
if (empty($token)) {
return false;
}
if (!socialink_facebook_available()) {
return false;
}
$session = new Facebook\FacebookSession($token);
if (empty($session)) {
return false;
}
$request = new FaceBook\FacebookRequest($session, "GET", "/me");
// set correct proxy settings (if needed)
$curl_http_client = socialink_facebook_get_curl_http_client();
$request->setHttpClientHandler($curl_http_client);
try {
$api_result = $request->execute()->getGraphObject(Facebook\GraphUser::className());
} catch (Exception $e) {
}
if (empty($api_result)) {
return false;
}
// get user information
$name = $api_result->getName();
$email = $api_result->getEmail();
if (get_user_by_email($email)) {
register_error(elgg_echo("socialink:networks:create_user:error:email"));
return false;
}
$pwd = generate_random_cleartext_password();
$username = socialink_create_username_from_email($email);
try {
$user_guid = register_user($username, $pwd, $name, $email);
if (empty($user_guid)) {
return false;
}
// show hidden entities
$access = access_get_show_hidden_status();
access_show_hidden_entities(true);
$user = get_user($user_guid);
if (empty($user)) {
access_show_hidden_entities($access);
return false;
}
// register user's access tokens
elgg_set_plugin_user_setting("facebook_access_token", $token, $user_guid, "socialink");
elgg_set_plugin_user_setting("facebook_user_id", $api_result->getId(), $user_guid, "socialink");
// no need for uservalidationbyemail
elgg_unregister_plugin_hook_handler("register", "user", "uservalidationbyemail_disable_new_user");
// sync user data
socialink_facebook_sync_profile_metadata($user->getGUID());
// trigger hook for registration
$params = array("user" => $user, "password" => $pwd, "friend_guid" => 0, "invitecode" => "");
if (elgg_trigger_plugin_hook("register", "user", $params, true) !== false) {
access_show_hidden_entities($access);
// return the user
return $user;
}
// restore hidden entities
access_show_hidden_entities($access);
} catch (Exception $e) {
}
return false;
}
<?php
/**
* Reset a user's password.
*
* This is an admin action that generates a new salt and password
* for a user, then emails the password to the user's registered
* email address.
*
* NOTE: This is different to the "reset password" link users
* can use in that it does not first email the user asking if
* they want to have their password reset.
*
* @package Elgg.Core
* @subpackage Administration.User
*/
$guid = get_input('guid');
$user = get_entity($guid);
if ($user instanceof ElggUser && $user->canEdit()) {
$password = generate_random_cleartext_password();
if (force_user_password_reset($user->guid, $password)) {
system_message(elgg_echo('admin:user:resetpassword:yes'));
notify_user($user->guid, elgg_get_site_entity()->guid, elgg_echo('email:resetpassword:subject'), elgg_echo('email:resetpassword:body', array($user->username, $password)), array(), 'email');
} else {
register_error(elgg_echo('admin:user:resetpassword:no'));
}
} else {
register_error(elgg_echo('admin:user:resetpassword:no'));
}
forward(REFERER);
/**
* Log in a user with facebook.
*/
function facebook_connect_login()
{
global $CONFIG;
elgg_load_library('facebook');
// sanity check
if (!facebook_connect_allow_sign_on_with_facebook()) {
forward();
}
$facebook = facebookservice_api();
$access_token = $facebook->getAccessToken();
// Get User ID
$userID = $facebook->getUser();
if ($userID) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$userID = null;
register_error(elgg_echo('facebook_connect:login:error'));
forward();
}
} else {
system_message(elgg_echo('loginerror'));
forward();
}
// attempt to find user and log them in.
// else, create a new user.
$options = array('type' => 'user', 'plugin_user_setting_name_value_pairs' => array('uid' => $userID, 'access_token' => $access_token), 'plugin_user_setting_name_value_pairs_operator' => 'OR', 'limit' => 0);
$users = elgg_get_entities_from_plugin_user_settings($options);
if (!empty($users)) {
if (count($users) == 1 && login($users[0])) {
system_message(elgg_echo('facebook_connect:login:success'));
elgg_set_plugin_user_setting('access_token', $access_token, $users[0]->guid);
if (empty($users[0]->email)) {
$data = $facebook->api('/me');
$email = $data['email'];
$user = get_entity($users[0]->guid);
$user->email = $email;
$user->save();
}
} else {
system_message(elgg_echo('facebook_connect:login:error'));
}
forward();
} else {
// need facebook account credentials
$data = $facebook->api('/me');
// backward compatibility for stalled-development FBConnect plugin
$user = FALSE;
$facebook_users = elgg_get_entities_from_metadata(array('type' => 'user', 'metadata_name_value_pairs' => array('name' => 'facebook_uid', 'value' => $userID)));
if (is_array($facebook_users) && count($facebook_users) == 1) {
// convert existing account
$user = $facebook_users[0];
login($user);
// remove unused metadata
remove_metadata($user->getGUID(), 'facebook_uid');
remove_metadata($user->getGUID(), 'facebook_controlled_profile');
}
// create new user
if (!$user) {
// check new registration allowed
if (!facebook_connect_allow_new_users_with_facebook()) {
register_error(elgg_echo('registerdisabled'));
forward();
}
$userSave = 0;
$email = $data['email'];
$users = get_user_by_email($email);
if (!$users) {
// Elgg-ify facebook credentials
$username = str_replace(' ', '', strtolower($data['name']));
while (get_user_by_username($username)) {
$username = str_replace(' ', '', strtolower($data['name'])) . '_' . rand(1000, 9999);
}
$permissions = $facebook->api("/me/permissions");
if (array_key_exists('publish_stream', $permissions['data'][0])) {
$postWall = true;
} else {
$postWall = false;
}
$password = generate_random_cleartext_password();
$name = $data['name'];
$user = new ElggUser();
$user->username = $username;
$user->name = $name;
$user->email = $email;
$user->location = $data['locate'];
$user->website = $data['link'];
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
$user->container_guid = 0;
if ($postWall) {
$user->post_wall = true;
}
$userSave = 1;
} else {
$user = $users[0];
}
$site = elgg_get_site_entity();
if ($postWall) {
$message = $user->name . ' just synchronized Facebook account with ' . $site->name;
$params = array('link' => elgg_get_site_url(), 'message' => $message, 'picture' => elgg_get_site_url() . '_graphics/elgg_logo.png', 'description' => $site->name . ' is the social network for connecting people.');
$status = $facebook->api('/me/feed', 'POST', $params);
}
if ($userSave) {
$userGuid = $user->save();
if (!$userGuid) {
register_error(elgg_echo('registerbad'));
forward();
}
send_user_password_mail($email, $name, $username, $password);
$forward = "profile/{$user->username}";
} else {
$forward = "";
}
}
// set facebook services tokens
elgg_set_plugin_user_setting('uid', $userID, $user->guid);
elgg_set_plugin_user_setting('access_token', $access_token, $user->guid);
// pull in facebook icon
$url = 'https://graph.facebook.com/' . $userID . '/picture?type=large';
facebook_connect_update_user_avatar($user, $url);
// login new user
if (login($user)) {
system_message(elgg_echo('facebook_connect:login:success'));
} else {
system_message(elgg_echo('facebook_connect:login:error'));
}
forward($forward, 'facebook_connect');
}
// register login error
register_error(elgg_echo('facebook_connect:login:error'));
forward();
}
