/**
* Change password
*/
public function actionChangepassword()
{
$model = new UserChangePassword();
if (Yii::app()->user->id) {
//$phis = new PasswordHistory();
//$passes = $phis->getHistory(Yii::app()->user->id);
//CVarDumper::dump($passes);
// ajax validator
if (isset($_POST['ajax']) && $_POST['ajax'] === 'changepassword-form') {
echo UActiveForm::validate($model);
Yii::app()->end();
}
if (isset($_POST['UserChangePassword'])) {
$model->attributes = $_POST['UserChangePassword'];
if ($model->validate()) {
$new_password = User::model()->notsafe()->findbyPk(Yii::app()->user->id);
$new_password->password = PasswordHelper::hashPassword($model->password);
$new_password->activkey = PasswordHelper::hashPassword(microtime() . $model->password);
$new_password->password_update_time = date('Y-m-d H:i:s');
$new_password->save();
$passwordHistory = new PasswordHistory();
$passwordHistory->profile_id = $new_password->id;
$passwordHistory->password = $new_password->password;
$passwordHistory->save();
Yii::app()->user->setFlash('profileMessage', UserModule::t("New password is saved."));
$this->redirect(array("profile"));
}
}
if (isset($this->location)) {
$this->render('frontend.views.profile.changepassword', array('model' => $model));
} else {
$this->render('changepassword', array('model' => $model));
}
}
}
public function actionCreate()
{
$model = new Staff();
$profile = new Profile();
$this->performAjaxValidation(array($model, $profile), 'staff-form');
if (isset($_POST['Staff'])) {
$model->attributes = $_POST['Staff'];
$profile->attributes = $_POST['Profile'];
$profile->user_id = 0;
if ($model->validate() && $profile->validate()) {
$realp = PasswordHelper::generateStrongPassword();
$model->password = $realp;
$model->activkey = PasswordHelper::hashPassword(microtime() . $model->password);
$model->password = PasswordHelper::hashPassword($model->password);
$model->status = 0;
if ($model->save()) {
$profile->user_id = $model->id;
$profile->save();
if (!empty($_POST['Profile']['group_id'])) {
foreach ($_POST['Profile']['group_id'] as $groupid) {
$userGroup = new UserGroup();
$userGroup->profile_id = $model->id;
$userGroup->group_id = $groupid;
$userGroup->save();
}
}
$passwordHistory = new PasswordHistory();
$passwordHistory->profile_id = $model->id;
$passwordHistory->password = $model->password;
$passwordHistory->save();
if (Yii::app()->getModule('user')->sendActivationMail) {
$activation_url = $this->createAbsoluteUrl('/user/activation', array("activkey" => $model->activkey, "email" => $model->email));
UserModule::sendMail($model->email, UserModule::t("Your {site_name} account has been created", array('{site_name}' => Yii::app()->name)), UserModule::t("To activate your account, go to <a href='{activation_url}'>{activation_url}</a>.<br/><br/>Username: "******"<br/>Password: "******"<br/>", array('{activation_url}' => $activation_url)));
}
if (Yii::app()->getRequest()->getIsAjaxRequest()) {
$this->renderPartial('_view', array('model' => $model, 'profile' => $profile), false, true);
Yii::app()->end();
}
$this->redirect(array('view', 'id' => $model->id));
} else {
Yii::app()->user->setFlash(TbHtml::ALERT_COLOR_ERROR, 'An error occured while trying to create new user, please try again.');
if (Yii::app()->getRequest()->getIsAjaxRequest()) {
$this->renderPartial('_form', array('model' => $model, 'profile' => $profile), false, true);
Yii::app()->end();
}
$this->render('create', array('model' => $model, 'profile' => $profile));
}
} else {
$profile->validate();
}
}
if (Yii::app()->getRequest()->getIsAjaxRequest()) {
$this->renderPartial('_form', array('model' => $model, 'profile' => $profile), false, true);
Yii::app()->end();
}
$this->render('create', array('model' => $model, 'profile' => $profile));
}
/**
* Returns the JavaScript needed for performing client-side validation.
* @param CModel $object the data object being validated
* @param string $attribute the name of the attribute to be validated.
* @return string the client-side validation script.
* @see CActiveForm::enableClientValidation
*/
public function clientValidateAttribute($object, $attribute)
{
$phis = new PasswordHistory();
$passes = $phis->getHistory(Yii::app()->user->id);
$condition = "1==2";
foreach ($passes as $pass) {
$value = $object->{$attribute};
if (PasswordHelper::verifyPassword($value, $pass->password)) {
$condition = "1==1";
$this->addError($object, $attribute, 'You can not use a password which you have already used!');
break;
}
}
return "\n\tif(" . $condition . ") {\n\t\tmessages.push(" . CJSON::encode('your password is too weak, you fool!') . ");\n\t}\n\t";
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model = new Customer();
$profile = new Profile();
$address = new CheckoutAddress();
//Yii::app()->session['cid'] = '';
$this->performAjaxValidation(array($model, $profile), 'customer-form');
if (isset($_POST['Customer'])) {
$model->attributes = $_POST['Customer'];
$profile->attributes = $_POST['Profile'];
$profile->user_id = 0;
if ($model->validate() && $profile->validate() && $this->validateAddress()) {
$realp = PasswordHelper::generateStrongPassword();
$model->password = $realp;
$model->activkey = PasswordHelper::hashPassword(microtime() . $model->password);
$model->password = PasswordHelper::hashPassword($model->password);
$model->status = 0;
$model->type = 1;
if ($model->save()) {
Yii::app()->session['cid'] = $model->id;
$profile->user_id = $model->id;
$profile->save();
if (!empty($_POST['Customer']['c_group_id'])) {
foreach ($_POST['Customer']['c_group_id'] as $groupid) {
$customerGroup = new CustomerCGroup();
$customerGroup->user_id = $model->id;
$customerGroup->c_group_id = $groupid;
$customerGroup->save();
}
}
$passwordHistory = new PasswordHistory();
$passwordHistory->profile_id = $model->id;
$passwordHistory->password = $model->password;
$passwordHistory->save();
foreach ($this->_address as $address) {
$address->user_id = $model->id;
$address->save();
}
if (Yii::app()->getModule('user')->sendActivationMail) {
$activation_url = $this->createAbsoluteUrl('/user/activation', array("activkey" => $model->activkey, "email" => $model->email));
UserModule::sendMail($model->email, UserModule::t("Your {site_name} account has been created", array('{site_name}' => Yii::app()->name)), UserModule::t("To activate your account, go to <a href='{activation_url}'>{activation_url}</a>.<br/><br/>Username: "******"<br/>Password: "******"<br/>", array('{activation_url}' => $activation_url)));
}
Yii::app()->user->setFlash(TbHtml::ALERT_COLOR_SUCCESS, Yii::t('info', 'Customer was successfully created'));
$this->renderPartial('_view', array('model' => $model, 'profile' => $profile, 'address' => $this->_address), false, true);
Yii::app()->end();
} else {
Yii::app()->user->setFlash(TbHtml::ALERT_COLOR_ERROR, Yii::t('info', 'An error occurred while trying to create new customer, please try again.'));
/*$this->render('create',array(
'model'=>$model,
'profile'=>$profile,
));*/
}
} else {
$profile->validate();
$this->validateAddress();
//echo GxActiveForm::validateMultiple(array($model,$profile,$address));
//Yii::app()->end();
}
}
if (Yii::app()->getRequest()->getIsAjaxRequest()) {
$this->renderPartial('_form_address', array('model' => $model, 'profile' => $profile, 'address' => $this->_address), false, true);
Yii::app()->end();
}
$this->render('create', array('model' => $model, 'profile' => $profile, 'address' => $this->_address));
}
/**
* Recovery password
*/
public function actionRecovery()
{
$form = new UserRecoveryForm();
if (Yii::app()->user->id) {
$this->redirect(Yii::app()->controller->module->returnUrl);
} else {
$email = isset($_GET['email']) ? $_GET['email'] : '';
$activkey = isset($_GET['activkey']) ? $_GET['activkey'] : '';
if ($email && $activkey) {
$form2 = new UserChangePassword();
$find = User::model()->notsafe()->findByAttributes(array('email' => $email));
if (isset($find) && $find->activkey == $activkey) {
if (isset($_POST['UserChangePassword'])) {
$form2->attributes = $_POST['UserChangePassword'];
if ($form2->validate()) {
$find->password = PasswordHelper::hashPassword($form2->password);
$find->activkey = PasswordHelper::hashPassword(microtime() . $form2->password);
$find->password_update_time = date('Y-m-d H:i:s');
if ($find->status == 0) {
$find->status = 1;
}
$find->save();
$passwordHistory = new PasswordHistory();
$passwordHistory->profile_id = $find->id;
$passwordHistory->password = $find->password;
$passwordHistory->save();
Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Your password has been changed. Please login with your new password."));
$this->redirect(Yii::app()->controller->module->loginUrl);
}
}
if (isset($this->location)) {
$this->render('frontend.views.recovery.changepassword', array('form' => $form2));
} else {
$this->render('changepassword', array('form' => $form2));
}
} else {
Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Incorrect recovery link."));
$this->redirect(Yii::app()->controller->module->recoveryUrl);
}
} else {
if (isset($_POST['UserRecoveryForm'])) {
$form->attributes = $_POST['UserRecoveryForm'];
if ($form->validate()) {
$user = User::model()->notsafe()->findbyPk($form->user_id);
$activation_url = 'http://' . $_SERVER['HTTP_HOST'] . $this->createUrl(implode(Yii::app()->controller->module->recoveryUrl), array("activkey" => $user->activkey, "email" => $user->email));
$subject = UserModule::t("You have requested password recovery for {site_name}", array('{site_name}' => Yii::app()->name));
$message = UserModule::t("You have requested password recovery for {site_name}. To change your password, click <a href='{$activation_url}'>here</a> or copy and paste this link into your browser: {$activation_url}", array('{site_name}' => Yii::app()->name, '{activation_url}' => $activation_url));
UserModule::sendMail($user->email, $subject, $message);
//echo $message.'here';
Yii::app()->user->setFlash('recoveryMessage', UserModule::t("Please check your email, the reset link was sent to your email address."));
$this->refresh();
}
}
if (isset($this->location)) {
$this->render('frontend.views.recovery.recovery', array('form' => $form));
} else {
$this->render('recovery', array('form' => $form));
}
}
}
}
