public function admincreateusers($user_data)
{
// Check that the user is not already on the system
$users = new LoveUser();
$userlist = $users->getUserList();
$newUsers = array();
$returnUsers = array();
foreach ($user_data as $user) {
if (!$this->searchMultiArray($userlist, 'username', $user['username'])) {
$counter = 1;
$user_nick = $user['nickname'];
while ($this->searchMultiArray($userlist, 'nickname', $user['nickname'])) {
$user['nickname'] = $user_nick . "+" . (string) $counter;
$counter++;
}
$newUsers[] = $user;
} else {
// Check if the user was removed, and if so, readd him
foreach ($userlist as $singleUser) {
if ($singleUser['username'] == $user['username']) {
if ($singleUser['removed'] == 1) {
// Unset removed flag
$user['removed'] = 0;
$user_obj = new LoveUser();
$user_obj->loadByUsername($user['username']);
$user_obj->setPassword($user['password']);
$user_obj->setRemoved(0);
$user_obj->save();
// And add it to the create list
$returnUsers[] = array('uid' => $user_obj->id, 'user_data' => $user);
}
}
}
}
}
if (count($newUsers) > 0) {
return array_merge($returnUsers, $users->insertUsers($newUsers));
} else {
return $returnUsers;
}
}
/**
* Authenticate the user
*
* @var Controller_Action
* @var Username
* @var Password
* @return if success user's object otherwise NULL.
*/
public function authenticate(Controller_Action $controller, $username, $password)
{
$user = NULL;
if (!$this->ldapConnect()) {
$controller->setError('Could not connect to the LDAP Server.');
return $user;
}
//If the login id is not the COMMON_NAME_ATTRIBUTE, find the value to bind
if (defined('LDAP_ALT_LOGIN_ATTRIBUTE') && LDAP_ALT_LOGIN_ATTRIBUTE !== false) {
$ldap_commonName = $this->getLdapCommonName(LDAP_ALT_LOGIN_ATTRIBUTE . '=' . $username);
} else {
$ldap_commonName = $username;
}
$ldap_username = $this->getLdapUsername($ldap_commonName);
error_log("Ldap: {$ldap_commonName} : {$ldap_username}");
$login_status = $this->ldapBind($ldap_username, $password);
if ($login_status) {
// if ($sr=ldap_read($this->ldap_connection, LDAP_USER_DN,"(objectclass=*)",array('samaccountname'))) {
// error_log("LdapDump: ".json_encode(ldap_get_entries($this->ldap_connection,$sr)));
// }
$ldapEmail = $this->getLdapEmail(LDAP_COMMON_NAME_ATTRIBUTE . "=" . $ldap_commonName);
if ($this->user->loadByUsername($ldapEmail)) {
if ($this->user->isActive()) {
$user = $this->user;
} else {
$controller->setError("User is deactivated.");
}
} else {
//Ldap users are already authenticated. If they don't exist yet, take care of it.
$user = new LoveUser();
$data = array("Username" => $ldapEmail, "Password" => 'LDAP', "Nickname" => array_shift(split('@', $ldapEmail)), "Active" => 1, "Confirmed" => 1, "Removed" => 0, "Admin" => 0, "Token" => '', "DateAdded" => 0, "DateModified" => 0);
$user->loadData($data);
try {
$id = $user->save();
$result = $id;
} catch (Exception $e) {
$controller->setError($e->getMessage());
}
}
} else {
$controller->setError("Invalid login");
}
$this->ldapClose();
return $user;
}
<?php
include "class/frontend.class.php";
$front = new Frontend();
require_once 'db_connect.php';
require_once 'autoload.php';
require_once 'class/Session.class.php';
$user = new LoveUser();
if (!$user->getId()) {
die(json_encode(array('error' => 'unauthorized')));
}
if (empty($_REQUEST['action'])) {
die(json_encode(array('error' => 'wrong action')));
}
// array of required arguments for each action (when needed)
$requiredArgs = array('get_periods_list' => array('page', 'rows'));
if (array_key_exists($_REQUEST['action'], $requiredArgs)) {
foreach ($requiredArgs[$_REQUEST['action']] as $arg) {
if (!isset($_REQUEST[$arg])) {
echo json_encode(array('error' => 'args'));
return;
}
}
}
$periods = new Periods($user->getId());
$campaign = new Campaign($user->getId(), $periods);
$campaign->setUserEmail($user->getUsername());
switch ($_REQUEST['action']) {
case 'get_periods_list':
$page = $_REQUEST['page'];
// get the requested page
/**
* Get users from DB and compare it with the supplied
* array, return the users that are present in both.
*/
function userCreationSucceded($newUsers = array())
{
$user = new LoveUser();
$currentUsers = $user->getUserList();
$existingUsers = array();
$found = false;
foreach ($newUsers as $newUser) {
foreach ($currentUsers as $currentUser) {
// If we can find the entry's username on the Db take it as the user exists
if (searchMultiArray($currentUser, 'username', $newUser['username'])) {
// Set the found flag as true
$found = true;
}
}
// If the user has not been found we add it
if (!$found) {
// Add it to the existing users array
$existingUsers[] = $newUser;
}
}
return $existingUsers;
}
<?php
include "class/frontend.class.php";
$front = new Frontend();
require_once 'db_connect.php';
require_once 'autoload.php';
$user = new LoveUser();
if (!$user->getId()) {
die(json_encode(array('error' => 'unauthorized')));
}
if (empty($_REQUEST['action'])) {
die(json_encode(array('error' => 'wrong action')));
}
// array of required arguments for each action (when needed)
$requiredArgs = array('get_userlist' => array('period_id'), 'user_info' => array('user_id', 'period_id'), 'user_love' => array('period_id'), 'mark_favorite' => array('love_id', 'status'), 'favorite_why' => array('love_id', 'why'), 'update_love' => array('love_id', 'love_status', 'period_id'), 'update_wizard' => array('user_review_id', 'wizard_step'), 'peer_review_status' => array('user_review_id', 'user_review_peer_status'), 'get_periods_list' => array('page', 'rows'), 'review_completed' => array('user_review_id'), 'review_started' => array('user_review_id'), 'reset_user_review' => array('user_id'));
if (array_key_exists($_REQUEST['action'], $requiredArgs)) {
foreach ($requiredArgs[$_REQUEST['action']] as $arg) {
if (!isset($_REQUEST[$arg])) {
echo json_encode(array('error' => 'args'));
return;
}
}
}
$periods = new Periods($user->getId());
$review = new Review($user->getId(), $periods);
$review->setUserEmail($user->getUsername());
switch ($_REQUEST['action']) {
// gets info about requested period with period stats (done/not done)
case 'get_period':
$totalCount = $periods->getPeriodCount();
$position = !empty($_REQUEST['position']) ? intval($_REQUEST['position']) : $periods->getCurrentPeriodCount();
/**
* Change password controller function
*
* Changes the password
*
* @return json|xml True on success otherwise false
*/
public function changepassword()
{
try {
$error_flag = false;
$message = '';
$user = new LoveUser();
if ($user->loadByUsername($_REQUEST['username'])) {
if ($user->getToken() == $_REQUEST['token']) {
$user->setPassword($_REQUEST['password']);
$user->setToken(md5(uniqid()));
$user->save();
echo json_encode(array('success' => true, 'message' => 'Password changed.'));
exit(0);
}
echo json_encode(array('success' => false, 'message' => 'Token not correct.'));
exit(0);
} else {
echo json_encode(array('success' => false, 'message' => 'User not found.'));
exit(0);
}
} catch (Exception $e) {
$msg = 'An error occured while updating:' . "\n";
$msg .= "\n" . ' ' . $e->getMessage();
if (defined('APPLICATION_ENV') && APPLICATION_ENV == 'development') {
$msg .= "\n\nFile: " . $e->getFile();
$msg .= "\nLine: " . $e->getLine();
$msg .= "\n" . $e->getTraceAsString();
} else {
if (defined('APPLICATION_ENV') && APPLICATION_ENV == 'testing') {
$msg .= "<br /><br />File: " . $e->getFile();
$msg .= "<br />Line: " . $e->getLine();
$msg .= "<br />" . $e->getTraceAsString();
}
}
echo $msg;
exit;
}
}
public function notifyOfLogin($calling_app, $user_id, $session_id)
{
global $regApps;
$user = new LoveUser();
$user->loadById($user_id);
// push notification of logged in user to each of registered apps
// except of calling app
foreach ($regApps as $app => $info) {
if (is_array($info) && !empty($info['endpoint']) && !empty($info['key']) && $calling_app != $app && !empty($info['listenLogin'])) {
// setting request variables
$vars = array('action' => 'login', 'user_id' => $user_id, 'session_id' => $session_id, 'username' => $user->getUsername(), 'nickname' => $user->getNickname(), 'admin' => $user->getAdmin(), 'api_key' => $info['key']);
ob_start();
// send the request
CURLHandler::Post($info['endpoint'], $vars);
$result = ob_get_contents();
ob_end_clean();
}
}
return true;
}
public function testAdminCreateUser()
{
$failureAffects = "Login will no longer allow admins to create new users";
// admin ID
$aid = 6;
$dbConfig = array();
$dbConfig['adapter'] = 'mysqli';
$dbConfig['host'] = 'mysql.dev.sendlove.us';
$dbConfig['dbname'] = 'LM_logintest';
$dbConfig['username'] = '******';
$dbConfig['password'] = '******';
$u = new LoveUser($dbConfig);
$username = uniqid() . "@domain.com";
$user_data = array("username" => $username, "nickname" => uniqid(), "password" => "sample", "confirmed" => 1, "active" => 1, "admin" => 0, "removed" => 0, "token" => uniqid());
// create user
$uid = $this->aHandler->admincreateuser($this->controller, $user_data, $aid, $dbConfig);
// verify that no error is returned
$this->assertEquals(false, $this->controller->getErrorFlag(), $failureAffects);
// verify that a new user has been created and we are able to load it
$this->assertEquals(true, false != $u->loadByUsername($username), $failureAffects);
// verify that the uid is correct
$this->assertEquals($uid, $u->getId(), $failureAffects);
}
public function reviewForm()
{
include_once "db_connect.php";
include_once "autoload.php";
// include_once("review.php");
$user = new LoveUser();
$periods = new Periods($user->getId());
$review = new Review($user->getId(), $periods);
global $front;
include 'view/tofor/review/form.php';
include "view/tofor/review/love-selector.php";
}
