public function addUser()
{
$this->redirectIfLoggedIn();
$req = $this->app->request;
$user = new \Models\User();
list($errors, $fixes) = $user->create($req->post('email'), $req->post('firstname'), $req->post('lastname'), $req->post('password'), $req->post('confirmPassword'));
if (0 == count($fixes)) {
$this->app->flashNow('registered', true);
} else {
if (!is_null($req->post('email'))) {
$this->app->flashNow('email', $req->post('email'));
}
if (!is_null($req->post('firstname'))) {
$this->app->flashNow('firstname', $req->post('firstname'));
}
if (!is_null($req->post('lastname'))) {
$this->app->flashNow('lastname', $req->post('lastname'));
}
/*
echo "ERRORS";
print("<pre>");
print_r($errors);
print_r($fixes);
exit;
*/
$this->app->flashNow('errors', $errors);
$this->app->flashNow('fixes', $fixes);
}
$this->app->flashNow('hideRegister', true);
$this->app->render('register.twig', array('postLoginUrl' => $this->app->urlFor('home')));
// Change 'home' to be the page to go to after registering.
}
public function login()
{
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$cleaner = new \Framework\Common();
$username = $cleaner->normalize($username, 'xss|string');
$password = $cleaner->normalize($password, 'xss|string');
$userDb = new \Models\User();
$user = $userDb->getUser($username)[0];
if (!$user || $user['password'] != $password) {
header('Location: /php_project/application/public/');
}
$_SESSION['userId'] = $user['user_id'];
$_SESSION['username'] = $user['username'];
$_SESSION[$user['type']] = true;
if ($user['type'] == 'admin') {
header('Location: /php_project/application/public/admin/index');
} else {
if ($user['type'] == 'editor') {
header('Location: /php_project/application/public/editor/index');
} else {
header('Location: /php_project/application/public/user/index');
}
}
}
$this->view->appendToLayout('body', 'login');
$this->view->display('layouts.default');
}
public function register()
{
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['confirmPassword']) && isset($_POST['email'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$cPassword = $_POST['confirmPassword'];
$email = $_POST['email'];
if ($password != $cPassword) {
header('Location: /php_project/application/public/');
}
$cleaner = new \Framework\Common();
$newUser['username'] = $cleaner->normalize($username, 'trim|xss|string');
$newUser['password'] = $cleaner->normalize($password, 'trim|xss|string');
$newUser['email'] = $cleaner->normalize($email, 'trim|xss|string');
$userDb = new \Models\User();
$user = $userDb->add($newUser);
if (!is_numeric($user)) {
header('Location: /php_project/application/public/');
exit;
} else {
$this->loginAfterRegister($user, $newUser['username']);
}
}
$this->view->appendToLayout('body', 'register');
$this->view->display('layouts.default');
}
public function update()
{
$f3 = \Base::instance();
$this->_requireLogin();
$db = $f3->get('db.instance');
$user = $f3->get('user');
$user_obj = $f3->get('user_obj');
$user_org = $f3->get('user_org');
$user_org_links = $f3->get('user_org_links');
$orgId = $f3->get('PARAMS.id');
if ($orgId == 'active') {
if ($f3->exists('SESSION.selected_organisation')) {
$orgId = $f3->get('SESSION.selected_organisation');
foreach ($user_org_links as $orgKey => $orgValue) {
if ($orgValue['orgId'] == $orgId) {
$validated = true;
}
}
}
if (!isset($validated)) {
// Select first
$orgId = $user_org_links[0]['orgId'];
}
}
foreach ($user_org_links as $orgKey => $orgValue) {
if ($orgValue['orgId'] == $orgId) {
$validated = true;
}
}
$orgMap = new \Models\Organisation();
$orgMap->load($orgId);
$f3->set('user_org_selected', $orgMap->cast());
if ($orgMap->ownerId != $user['id']) {
$validated = false;
}
// Organisation either does not exists or he isn't a member or he has no permission
if (!isset($validated) or $validated == false) {
$f3->set('target', 'dashboard/organisations/details/unauthorized.html');
$this->_render('base.html');
} else {
// Members
$orgUsers = $f3->get('db.instance')->exec('SELECT * FROM organisation_members WHERE orgId = ' . $orgId);
$members = array();
foreach ($orgUsers as $orgUser) {
$member = new \Models\User();
$member->load($orgUser['memberId']);
$members[] = $member->cast();
}
$f3->set('user_org_selected_members', $members);
// Display a notification to masquerading administrators
if ($f3->exists('SESSION.mask')) {
new Notification('You are currently masquerading as a client, <a href="/dashboard/admin/masquerade/reveal">back to your admin account</a>', 'danger', true);
}
$f3->set('target', 'dashboard/organisations/details/edit.html');
$this->_render('base.html');
}
}
/**
* Retorna o usuário logado ou null se não estiver logado
* @return mixed Objeto \Models\User do usuário logado ou null se não estiver logado
*/
public static function user()
{
if (($data = \Controllers\SessionsController::extractCookieInfo()) != null) {
$user = new \Models\User();
$user->find($data['id']);
return $user;
}
return null;
}
public function validate(\Phalcon\Validation $validator, $attribute)
{
$user = new \Models\User();
if (!$user->isAuth($validator->getValue('login'), $validator->getValue($attribute))) {
$validator->appendMessage(new \Phalcon\Validation\Message($this->getOption('message'), $attribute));
return false;
}
return true;
}
public function testValidationsString2()
{
try {
$user = new \Models\User();
$fields = array('name' => 'foo', 'role' => 'admin');
$user->validation($fields, array(array('name' => array('\\Simple\\Model\\Validation\\String::contains([foo,bar])', '\\Simple\\Model\\Validation\\String::required()'))), 'new');
} catch (Exception $e) {
$this->fail($e->getMessage());
}
}
public function index()
{
if (!isset($_SESSION['userId']) || $_SESSION['admin'] != true) {
header('Location: /php_project/application/public/');
exit;
}
$userDb = new \Models\User();
$allUsers = $userDb->find();
$this->view->appendToLayout('body', 'adminIndex');
$this->view->display('layouts.default', $allUsers);
}
public function mainAction($rowsCount = null)
{
$config = $config = $this->di->getShared('config');
if (null === $rowsCount) {
$rowsCount = $config->fixture->count;
}
$rowsCount = max(0, (int) $rowsCount);
$faker = \Faker\Factory::create($config->facker->locale);
while ($rowsCount--) {
$user = new \Models\User();
$user->save(['email' => $faker->email, 'username' => $faker->userName, 'fname' => $faker->firstName, 'lname' => $faker->lastName, 'address' => $faker->address, 'phone' => $faker->phoneNumber, 'credit_card' => $faker->creditCardNumber, 'balance' => $faker->randomFloat(4, 0, 10000), 'timezone' => $faker->timezone, 'birthday' => $faker->date('Y-m-d', '2000-12-31'), 'registered_at' => $faker->dateTimeThisCentury()->format('Y-m-d H:i:s'), 'logins' => $faker->numberBetween(0, 10000)]);
}
echo "Done!\n";
}
public function __construct($request, $origin)
{
parent::__construct($request);
// Abstracted out for example
$APIKey = new Models\APIKey();
$User = new Models\User();
if (!array_key_exists('apiKey', $this->request)) {
throw new Exception('No API Key provided');
} elseif (!$APIKey->verifyKey($this->request['apiKey'], $origin)) {
throw new Exception('Invalid API Key');
} elseif (array_key_exists('token', $this->request) && !$User->get('token', $this->request['token'])) {
throw new Exception('Invalid User Token');
}
$this->User = $User;
}
public function run()
{
$faker = Faker::create();
foreach (range(1, 1) as $index) {
Models\User::create(['username' => 'admin', 'password' => Hash::make('2515'), 'email' => '*****@*****.**']);
}
}
public function ajaxSignIn()
{
extract($_POST['input']);
if (isset($remember)) {
\Models\Auth::remember($username, $password);
}
$user = Models\User::signIn($username, sha1($password));
if (!isset($user['id'])) {
$data['name'] = 'password';
$data['notice'] = 'Invalid login or password. Please try again.';
echo json_encode($data, JSON_UNESCAPED_UNICODE);
die;
}
$activated_at = \Models\User::getUserActivatedAt($username, sha1($password));
if (!isset($activated_at['activated_at']) || $activated_at['activated_at'] == null) {
$data['name'] = 'password';
$data['notice'] = 'Your account is not activated. Please, activate it at first.';
echo json_encode($data, JSON_UNESCAPED_UNICODE);
die;
} else {
\Models\Auth::userInSession($user);
$data['notice'] = true;
$data['id'] = $user['id'];
echo json_encode($data, JSON_UNESCAPED_UNICODE);
die;
}
}
function cron()
{
$users = Models\User::all();
foreach ($users as $user) {
$user->avatar_url = str_replace("@", "", $user->username);
$user->twitter = str_replace("@", "", $user->twitter);
$user->save();
}
}
public function invites()
{
$f3 = \Base::instance();
$this->_requireLogin();
$db = $f3->get('db.instance');
$user = $f3->get('user');
$user_obj = $f3->get('user_obj');
$user_org = $f3->get('user_org');
$user_org_links = $f3->get('user_org_links');
// Organisation invitations
$result = $db->exec('SELECT * FROM organisations_invites WHERE targetId = ?', $user['id']);
if (count($result) == 0) {
$f3->set('target', 'dashboard/organisations/invites/no-invites.html');
} else {
$invites = [];
foreach ($result as $res) {
$invite = [];
// From
$from = new \Models\User();
$from->load($res['fromId']);
$invite['from'] = $from->cast();
// Target organisation
$org = new \Models\Organisation();
$org->load($res['orgId']);
if (!$org) {
// Organisation has been deleted, so yeah, delete the invite
$db->exec('DELETE FROM organisations_invites WHERE id = ?', $res['id']);
$f3->reroute($f3->get('PATH'));
}
$invite['org'] = $org->cast();
$invite['key'] = $res['accept_key'];
$invites[] = $invite;
}
$f3->set('invites', $invites);
$f3->set('target', 'dashboard/organisations/invites/invites.html');
}
// Display a notification to masquerading administrators
if ($f3->exists('SESSION.mask')) {
new Notification('You are currently masquerading as a client, <a href="/dashboard/admin/masquerade/reveal">back to your admin account</a>', 'danger', true);
}
$this->_render('base.html');
}
public function ban()
{
if (!isset($_SESSION['userId']) || $_SESSION['admin'] != true) {
header('Location: /php_project/application/public/');
exit;
}
$user_id = $this->input->get(0);
$userDb = new \Models\User();
$user = $userDb->get('user_id = ' . $user_id);
if (!is_numeric($user_id) || !$user) {
header('Location: /php_project/application/public/');
exit;
}
$userUpdate = array();
$userUpdate['banned'] = 1;
$userUpdate['user_id'] = $user_id;
$userDb->update('user', $userUpdate);
header('Location: /php_project/application/public/admin/index');
exit;
}
public function doLookup()
{
$req = $this->app->request;
$user = new \Models\User();
$email = $req->post('email');
if ('' == $email) {
$this->app->flashNow('lookupError', true);
$this->app->render('forgot.twig');
return;
}
if ('findUsername' == $req->post('lookupOptions')) {
$username = $user->getUsername($email);
if ('' == $username) {
$this->app->flashNow('lookupError', true);
$this->app->render('forgot.twig');
return;
}
$this->app->flashNow('foundUsername', $username);
$this->app->flashNow('email', $email);
$this->app->flash('username', $username);
$this->app->render('forgot.twig');
} else {
if ('resetPassword' == $req->post('lookupOptions')) {
list($success, $newPass) = $user->resetPassword($email);
if (!$success) {
$this->app->flashNow('lookupError', true);
$this->app->render('forgot.twig');
return;
}
$this->app->flashNow('email', $email);
$this->app->flashNow('resetPassword', true);
// TODO: Send email with new password.
$this->app->render('forgot.twig');
} else {
$this->app->notFound();
}
}
}
require_once 'gtcclibrary/odmconfig.php';
require_once 'gtcclibrary/dbconfig.php';
use Utility\DoctrineConnect;
use Utility\CommonUtility;
require_once 'gtcclibrary/odmconfig.php';
include_once 'gtcclibrary/Crypt/BingoCrypt.php';
include 'gtcclibrary/InitData.ini.php';
use Doctrine\Common\ClassLoader, Doctrine\Common\Annotations\AnnotationReader, Doctrine\Common\Annotations\IndexedReader, Doctrine\ODM\MongoDB\DocumentManager, Doctrine\MongoDB\Connection, Doctrine\ODM\MongoDB\Configuration, Doctrine\ODM\MongoDB\Mapping\Driver\AnnotationDriver;
$docConnector = DoctrineConnect::GetInstance(__DIR__ . '/../cache');
$sfcity = $docConnector->Doctrinemodel->getRepository('Models\\GameRoom')->findOneBy(array('cityId' => 1));
echo 'Loading city: ' . $sfcity->getName() . PHP_EOL;
$bc = new BingoCrypt();
// add another 3 users for test city level...
for ($i = 1; $i < 11; $i++) {
echo 'Setup power test user: '******'player' . $i . PHP_EOL;
$newUser = new Models\User('player' . $i, base64_encode($bc->encrypt('player' . $i)));
$newUser->plusXp(10000);
$newUser->plusCoin(10000);
$newUser->plusToken(10000);
$newUser->plusKeys(10000);
$docConnector->Doctrinemodel->persist($newUser);
}
$docConnector->Doctrinemodel->flush();
// Add Powerup
$users = $docConnector->Doctrinemodel->createQueryBuilder('Models\\User')->getQuery()->execute()->toArray();
foreach ($users as $user) {
$docConnector->Doctrinemodel->refresh($user);
addPowerUpToUser($docConnector->Doctrinemodel, $PowerupTypes, $user, 100);
}
// add another 7 users for test
for ($i = 1; $i < 9; $i++) {
<?php
// Services
// db
$db = new Helpers\Db();
$db->loadCurrent();
if (!$db->upToDate()) {
die(Template::instance()->render('maintenance.html'));
}
$f3->set('notif', new \Helpers\Notification());
// Load user if he is logged in :)
$user = new Models\User();
$user->loadCurrent();
//=====================================================
// Functions
function convertRankToText($rank)
{
switch ($rank) {
case 0:
return 'banned';
break;
case 1:
return 'user';
break;
case 2:
return 'support';
break;
case 3:
return 'admin';
break;
}
/**
* Processa o formulário de login
*/
protected static function processLoginForm()
{
// proteção contra CSRF
\CSRF::Check();
$email = isset($_POST['email']) ? $_POST['email'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
$hashedPassword = \Hash::password($password);
$errors = [];
if (empty($email)) {
$errors[] = 'Informe seu email';
}
if (empty($password)) {
$errors[] = 'Informe sua senha';
}
if (count($errors) > 0) {
return \View::make('login', compact('errors'));
}
$DB = new \DB();
$sql = "SELECT id, password, status FROM users WHERE email = :email";
$stmt = $DB->prepare($sql);
$stmt->bindParam(':email', $email);
$stmt->execute();
$rows = $stmt->fetchAll(\PDO::FETCH_OBJ);
if (count($rows) <= 0) {
$errors[] = 'Usuário não encontrado';
} else {
$user = $rows[0];
if ($hashedPassword != $user->password) {
$errors[] = 'Senha incorreta';
} elseif ($user->status != \Models\User::STATUS_ACTIVE) {
$errors[] = 'Ative sua conta antes de fazer login';
} else {
// busca os dados do usuário para criar os dados no cookie
$objUser = new \Models\User();
$objUser->find($user->id);
// gera um token de acesso
$token = $objUser->generateToken();
// salva o cookie com os dados do usuário
self::saveSessionCookieForUser($objUser);
// redireciona para a página inicial
redirect(getBaseURL());
}
}
if (count($errors) > 0) {
return \View::make('login', compact('errors'));
}
}
public function ajaxSavePersonal()
{
//session_start();
$user = new \Models\User();
$user->updatePersonal($_POST['input'], $_SESSION['auth']['id']);
}
/**
* Validate a user (that it exists)
*
* @param $identifier mixed Can be username, email or id
* @return bool
*/
public static function validateUser($identifier)
{
// Get the right ID
$identifier = self::getUserId($identifier);
// Load the user
$user = new \Models\User();
$user->load(array("id=?", $identifier));
if (!$user->id) {
return false;
}
return true;
}
/**
* Converts a guest user to a registered user.
*
* @param Models\User $user
* @param array $credentials
* @param bool $activate
* @return Models\User
*/
public function convertGuestToUser($user, $credentials, $activate = false)
{
$user->fill($credentials);
$user->convertToRegistered(false);
// Remove user from guest group
if ($group = UserGroupModel::getGuestGroup()) {
$user->groups()->remove($group);
}
if ($activate) {
$user->attemptActivation($user->getActivationCode());
}
// Prevents revalidation of the password field
// on subsequent saves to this model object
$user->password = null;
return $this->user = $user;
}
private function getUser()
{
$userDb = new \Models\User();
$this->user = $userDb->get('user_id = ' . $_SESSION['userId']);
}
/**
* @depends testCreate
*/
public function testResetPassword()
{
list($success, $newPass) = $this->user->resetPassword($this->email);
$this->assertTrue($success);
$this->assertEquals(8, strlen($newPass));
$user = new \Models\User();
$this->assertFalse($user->login($this->username, $this->password));
}
<?php
require_once __DIR__ . '/../../vendor/autoload.php';
$app = new Silex\Application();
$app->register(new Silex\Provider\TwigServiceProvider(), array('twig.path' => __DIR__ . '/../../src/views'));
$app->register(new Silex\Provider\MonologServiceProvider(), array('monolog.logfile' => __DIR__ . '/../../logs/silex/development.log'));
$app->register(new Silex\Provider\UrlGeneratorServiceProvider());
$app->register(new Silex\Provider\DoctrineServiceProvider(), array('db.options' => array('driver' => 'pdo_mysql', 'host' => '10.11.12.3', 'user' => 'silex', 'password' => 'silex', 'dbname' => 'silex')));
$app['debug'] = true;
$app->get('/', function () use($app) {
return $app['twig']->render('index.twig');
})->bind('homepage');
$app->get('/users', function () use($app) {
//@TODO Autoload
require_once __DIR__ . '/../models/Users.php';
$users = new Models\Users($app['db']);
return $app['twig']->render('users.twig', array('users' => $users->users()));
})->bind('users');
$app->get('/favicon.ico', function () {
return 1;
});
$app->get('/user/{id_user}', function ($id_user) use($app) {
//@TODO Autoload
require_once __DIR__ . '/../models/User.php';
$user = new Models\User($id_user, $app['db']);
return $app['twig']->render('user.twig', array('user' => $user->user()));
})->bind('user');
return $app;
