public function validateEmail()
{
$emailreg = "/^[a-zA-Z0-9.!#\$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*\$/";
if (isset($_POST['memail'])) {
if ($_POST['memail'] == "") {
echo "<div data-alert class='alert-box'>Please enter your email address<a href='#' class='close'>×</a></div></div>";
return "<div data-alert class='alert-box'>Please enter your email address<a href='#' class='close'>×</a></div></div>";
exit;
} elseif (!filter_var($_POST['memail'], FILTER_VALIDATE_EMAIL)) {
echo "<div data-alert class='alert-box alert'>Invalid email Please enter a valid email<a href='#' class='close'>×</a></div></div>";
return "<div data-alert class='alert-box alert'>Invalid email Please enter a valid email<a href='#' class='close'>×</a></div></div>";
exit;
} elseif (!User::find_by_email($_POST['memail'])) {
echo "<div data-alert class='alert-box alert'>Email not found in our database<a href='#' class='close'>×</a></div></div>";
return "<div data-alert class='alert-box alert'>Email not found in our database<a href='#' class='close'>×</a></div></div>";
exit;
} else {
if ($this->doRecorvery($_POST['memail'])) {
$pruser = User::find_by_email($_POST['memail']);
if ($this->sendMail($pruser->fname, $pruser->lname, "", $pruser->password, $pruser->username, $pruser->email)) {
echo "<div data-alert class='alert-box'>You login details has been sent to your email box. please get the detail and retry<a href='#' class='close'>×</a></div></div>";
return "<div data-alert class='alert-box'>You login details has been sent to your email box. please get the detail and retry<a href='#' class='close'>×</a></div></div>";
exit;
}
}
}
}
}
public function passRecovery($email)
{
if (User::find_by_email($email)) {
return true;
} else {
return false;
}
}
function recuperar($email)
{
$u = User::find_by_email($email);
if ($u) {
$hash = uniqid();
$u->hash = $hash;
$u->save();
return $hash;
} else {
return FALSE;
}
}
function email_reset_token_email($email)
{
// $user = find_one_in_fake_db('users', 'username', sql_prep($username));
$user = User::find_by_email($email);
if ($user) {
// This is where you would connect to your emailer
// and send an email with a URL that includes the token.
return true;
} else {
return false;
}
}
public function initByRequest()
{
$data = $_REQUEST;
if ($data[Auth::GET_LOGIN] && $data[Auth::GET_PASSWORD]) {
$User = User::find_by_email(strtolower($data[Auth::GET_LOGIN]));
if ($User instanceof User) {
if ($User->getHashPassword(trim(strip_tags($data[Auth::GET_PASSWORD])), strtolower($data[Auth::GET_LOGIN])) == $User->password) {
$this->authorize($User);
}
}
}
}
public function test_custom_file_name()
{
$file = new File("/tmp/test.txt");
$result = file_exists($file->path);
FuzzyTest::assert_true($result, "File not written");
$user = User::find_by_email("*****@*****.**");
$document = new CustomDocument();
$document->user = $user;
$document->last_modified = new Date();
$document->file = $file;
$document->save();
$result = file_exists(DOCUMENT_SAVE_PATH . "/" . $document->id . ".info");
FuzzyTest::assert_true($result, "File not written");
}
public static function validar($user_email)
{
$callback_obj = new \stdClass();
$callback_obj->user = null;
$callback_obj->code = null;
$callback_obj->status = false;
$user_exists = User::find_by_email($user_email);
if (!is_null($user_exists)) {
$callback_obj->status = true;
$callback_obj->user = $user_exists;
self::delete_all(array('conditions' => array('user_id = ?', $user_exists->id)));
} else {
$callback_obj->code = 'nenhum-usuario-encontrado';
}
return $callback_obj;
}
function token($token = FALSE)
{
$this->load->database();
$sql = "SELECT * FROM `pw_reset` WHERE token = '" . $token . "'";
$query = $this->db->query($sql);
$result = $query->result();
if ($result) {
$lees = $result[0]->timestamp + 24 * 60 * 60;
if (time() < $lees) {
$new_password = substr(str_shuffle(strtolower(sha1(rand() . time() . "nekdotlggjaoudlpqwejvlfk"))), 0, 8);
if ($result[0]->user == "1") {
$user = User::find_by_email($result[0]->email);
$user->set_password($new_password);
$user->save();
} else {
$client = Client::find_by_email($result[0]->email);
$client->password = $client->set_password($new_password);
$client->save();
}
$sql = "DELETE FROM `pw_reset` WHERE `email`='" . $result[0]->email . "'";
$query = $this->db->query($sql);
$data["core_settings"] = Setting::first();
$this->email->from($data["core_settings"]->email, $data["core_settings"]->company);
$this->email->to($result[0]->email);
$this->load->library('parser');
$this->load->helper('file');
$this->email->subject($data["core_settings"]->pw_reset_link_mail_subject);
$parse_data = array('password' => $new_password, 'link' => base_url(), 'company' => $data["core_settings"]->company, 'logo' => '<img src="' . base_url() . '' . $data["core_settings"]->logo . '" alt="' . $data["core_settings"]->company . '"/>', 'invoice_logo' => '<img src="' . base_url() . '' . $data["core_settings"]->invoice_logo . '" alt="' . $data["core_settings"]->company . '"/>');
$email = read_file('./application/views/' . $data["core_settings"]->template . '/templates/email_pw_reset.html');
$message = $this->parser->parse_string($email, $parse_data);
$this->email->message($message);
$this->email->send();
$this->session->set_flashdata('message', 'success:' . $this->lang->line('messages_password_reset'));
redirect('forgotpass');
}
} else {
redirect('login');
}
}
/**
* Восстановление пароля
*/
public function recovery()
{
if (User::check()) {
App::abort(403);
}
if (Request::isMethod('post')) {
$email = Request::input('email');
$captcha = Request::input('captcha');
$errors = [];
if (!App::isMail($email)) {
$errors['email'] = 'Неверный формат адреса email';
}
if ($captcha != $_SESSION['captcha']) {
$errors['captcha'] = 'Неверный проверочный код';
}
if (!$errors && !($user = User::find_by_email($email))) {
$errors['email'] = 'Пользователь не найден';
}
if (!$errors) {
$user->reset_code = str_random(mt_rand(35, 40));
$user->save();
$reset_link = 'http://' . Setting::get('sitelink') . '/reset?key=' . $user->reset_code;
$message = 'Здравствуйте, ' . e($user->login) . '<br />Вами была произведена операция по восстановлению пароля на сайте ' . Setting::get('sitelink') . '<br />Для того, чтобы восстановить пароль, необходимо нажать на кнопку восстановления<br /><br />Если это письмо попало к вам по ошибке или вы не собираетесь восстанавливать пароль, то просто проигнорируйте его';
$to = [$user->email => $user->login];
$subject = 'Восстановление пароля';
$body = App::view('mailer.recovery', compact('subject', 'message', 'reset_link'), true);
// Отправка письма
App::sendMail($to, $subject, $body);
App::setFlash('success', 'Письмо с инструкцией выслано вам на email!');
} else {
App::setFlash('danger', $errors);
App::setInput($_POST);
}
App::redirect('/recovery');
}
App::view('users.recovery');
}
/**
* View user profile
*
* @param Request $request
* @param $matches
* @return mixed|string
*/
public function profile(Request $request, $matches)
{
try {
/** @var \User $user */
$user = \User::find($matches['id']);
} catch (\Exception $e) {
return $this->error404($request);
}
// User access log filter
$access_filter = ['conditions' => ['user_id = ?', $user->id]];
// Paginator access log
/** @var Listing $paginator */
$paginator = NCService::load('Paginator.Listing', [$request->page, \Visit::count($access_filter)]);
$access_filter['order'] = 'id DESC';
$access_filter = array_merge($access_filter, $paginator->limit());
// Unban user
if ($request->get('unban')) {
$user->ban_time = null;
$user->ban_user_id = null;
$user->ban_reason = null;
$user->save();
static::redirect_response($this->map->reverse('users.profile', ['id' => $user->id]));
}
if ($request->isMethod('post')) {
$changed = false;
// Edit rating
$rating = intval($request->get('rating', 0));
if ($user->rating != $rating) {
$user->rating = $rating;
$changed = true;
}
// Change ban user
$ban_time = $request->get('ban_time', false);
$ban_reason = $request->get('ban_reason', false);
if ($ban_time) {
if ($ban_time == '-1' || strtolower(trim($ban_time)) == 'forever') {
$ban_time = -1;
} else {
$ban_time = strtotime($ban_time, time());
}
$user->ban($this->user, $ban_time, $ban_reason);
$changed = true;
}
// Edit username
$new_login = $request->get('username');
if ($new_login && $new_login != $user->username) {
$exists = \User::find_by_username($new_login);
if ($exists && $exists->id) {
return static::json_response(['status' => $this->lang->translate('user.edit.exists', $new_login), 'class' => 'error']);
} else {
$changed = true;
$user->username = $new_login;
}
}
// Edit email
$new_email = $request->get('email');
if ($new_email && $new_email != $user->email) {
$exists = \User::find_by_email($new_email);
if ($exists && $exists->id) {
return static::json_response(['status' => $this->lang->translate('user.edit.exists_email', $new_email), 'class' => 'error']);
} else {
$changed = true;
$user->email = $new_email;
}
}
// Edit group
$new_group = intval($request->get('group', $user->group_id));
if (!\Group::find($new_group)) {
return static::json_response(['status' => $this->lang->translate('user.edit.wrong_group'), 'class' => 'error']);
} else {
$changed = true;
$user->group_id = $new_group;
}
// Change password
$new_password = $request->get('new_password');
if ($new_password) {
$user->password = $new_password;
if (strlen($new_password) > 5 && $user->save()) {
return static::json_response(['status' => $this->lang->translate('form.saved'), 'class' => 'success']);
} else {
return static::json_response(['status' => $this->lang->translate('form.failed'), 'class' => 'error']);
}
}
if ($changed && $user->save()) {
return static::json_response(['status' => $this->lang->translate('form.saved'), 'class' => 'success']);
} else {
return static::json_response(['status' => $this->lang->translate('form.failed'), 'class' => 'error']);
}
}
return $this->view->render('users/profile.twig', ['title' => $this->lang->translate('user.profile.name', $user->username), 'profile' => $user->to_array(), 'groups' => array_map(function ($i) {
return $i->to_array();
}, \Group::all()), 'visits_list' => \Visit::as_array(\Visit::find('all', $access_filter)), 'user_ips' => array_map(function ($ip) {
$data = ['addr' => long2ip($ip->ip)];
$data['banned'] = !Env::$kernel->ipwall->allowed(long2ip($ip->ip));
return $data;
}, \Visit::ips_by_user($user)), 'listing' => $paginator->pages(), 'page' => $paginator->cur_page]);
}
function checkEmail($email)
{
$thisUser = User::find_by_email($email);
//Check if Email exits
if ($thisUser != NULL) {
//Email exists
return TRUE;
} else {
//Email doesn't exist
return FALSE;
}
}
public function test_has_many()
{
UserLogin::delete_all();
User::delete_all();
$user = new User();
$user->email = "*****@*****.**";
$user->password = "******";
$user->accepted_terms_and_conditions = true;
$user->registration_date = new Date();
$user->first_name = "Ben";
$user->last_name = "Copsey";
$user->save();
$user = new User();
$user->email = "*****@*****.**";
$user->password = "******";
$user->accepted_terms_and_conditions = true;
$user->registration_date = new Date();
$user->first_name = "Ben";
$user->last_name = "Copsey";
$user->save();
$user = User::find_by_email('*****@*****.**');
$user_login = new UserLogin();
$user_login->user_id = $user->id;
$user_login->date = new Date();
$user_login->ip_address = "127.0.0.1";
$user_login->save();
$matches = $user->logins();
FuzzyTest::assert_equal(count($matches), 1, "Should find one login here");
$user_login = new UserLogin();
$user_login->user_id = $user->id;
$user_login->date = new Date();
$user_login->ip_address = "127.0.0.1";
$user_login->save();
$matches = UserLogin::find_all_by_user($user);
FuzzyTest::assert_equal(count($matches), 2, "Should find two logins here");
$matches = UserLogin::find_all_where("user_id = " . DB::escape($user->id));
FuzzyTest::assert_equal(count($matches), 2, "Should find two logins here");
$matches = UserLogin::find_all_where("user_id = " . DB::escape($user->id), 1);
FuzzyTest::assert_equal(count($matches), 1, "Should find one login here");
$login = $matches[0];
$matches = UserLogin::find_all_where("user_id = " . DB::escape($user->id), 2);
$login2 = $matches[0];
FuzzyTest::assert_equal($login->id, $login2->id, "Two logins should be equal");
$matches = UserLogin::find_all_where("user_id = " . DB::escape($user->id), 0, 2);
$login2 = $matches[0];
FuzzyTest::assert_equal($login->id, $login2->id, "Two logins should be equal");
$matches = UserLogin::find_all_where("user_id = " . DB::escape($user->id), 1, 2);
$login2 = $matches[0];
FuzzyTest::assert_not_equal($login->id, $login2->id, "Two logins should be equal");
$matches = $user->logins();
FuzzyTest::assert_equal(count($matches), 2, "Should find two logins here");
$login = UserLogin::find_by_user_id($user->id);
FuzzyTest::assert_equal($login->user_id, $user->id, "Found wrong login");
$login = UserLogin::find_by_user($user);
FuzzyTest::assert_equal($login->user_id, $user->id, "Found wrong login");
$u = User::find_by_login($user_login);
FuzzyTest::assert_equal($u->id, $user->id, "Found wrong user");
$user_login = new UserLogin();
$user_login->user = $user;
$user_login->date = new Date();
$user_login->ip_address = "127.0.0.1";
$user_login->save();
$matches = $user->logins();
FuzzyTest::assert_equal(count($matches), 3, "Should find three logins here");
$user->delete();
$matches = UserLogin::find_by_user_id($user->id);
FuzzyTest::assert_equal(count($matches), 0, "Should find zero logins here");
$matches = UserLogin::find_by_user($user);
FuzzyTest::assert_equal(count($matches), 0, "Should find zero logins here");
UserLogin::delete_all();
$user_login1 = new UserLogin();
$user_login1->date = new Date();
$user_login1->ip_address = "127.0.0.1";
$user_login2 = new UserLogin();
$user_login2->date = new Date();
$user_login2->ip_address = "127.0.0.1";
//$user->save();
$user->logins = array($user_login1, $user_login2);
$user->save();
$matches = $user->logins;
FuzzyTest::assert_equal(count($matches), 2, "Should find two logins here");
$user2 = new User();
$user2 = User::find_by_email('*****@*****.**');
$user_login1->user = $user2;
$user_login1->save();
$matches = $user->logins;
FuzzyTest::assert_equal(count($matches), 1, "Should find one login here");
$matches = $user2->logins();
FuzzyTest::assert_equal(count($matches), 1, "Should find one login here");
}
<?php
require 'includes/initialize.php';
$email = $_GET['email'];
$key = $_GET['activation'];
if (isset($email) && isset($key)) {
$user = User::find_by_email($email);
if ($user->update_activation($email, $key)) {
echo 'Your account is now active. You may now Log in from the app.';
} else {
echo 'Oops !Your account could not be activated. Please recheck the link or contact the system administrator.';
}
} else {
echo 'Error Occured.';
}
<?php
$success = false;
$errors = array();
require 'includes/initialize.php';
if ($session->is_logged_in()) {
//already logged in
$session->logout();
}
if (isset($_POST['email']) && isset($_POST['pwd'])) {
if (User::authenticate_user($_POST['email'], $_POST['pwd'])) {
$user = User::find_by_email($_POST['email']);
if ($user->is_activated($_POST['email'])) {
$session->login($user);
$success = true;
} else {
array_push($errors, 'Please activate your email account.');
}
} else {
array_push($errors, 'Invalid username and password combination.');
}
}
display_success($success, $errors);
function test_delete()
{
$user = User::find_by_email($this->m_email_user);
if ($user) {
if ($user->delete() == TRUE) {
$this->_assert_true(TRUE);
} else {
$this->_assert_true(FALSE);
}
} else {
$this->_assert_true(FALSE);
}
}
}
//Remove it from 'trash'...
$message_to_remove->delete();
}
//foreach...
} else {
if ($action == 'send') {
$message = new Message();
$message->sender_id = $_SESSION['user_id'];
$message->subject = $_REQUEST['subject'];
$message->body = $_REQUEST['body'];
$message->is_deleted = 'false';
$message->date_time = date('Y-m-d H:i:s');
$message->create();
$receiver_emails = explode(",", $_REQUEST['to']);
foreach ($receiver_emails as $receiver_email) {
$rcvr = User::find_by_email(trim($receiver_email));
$last_message = Message::find_last_email($receiver_email);
$receiver = new Receiver();
$receiver->user_id = $rcvr->id;
$receiver->message_id = $last_message->id;
$receiver->is_read = 'false';
$receiver->create();
}
}
}
}
}
//Action done, redirect bo back page...
$page_to_return = $_SERVER['HTTP_REFERER'];
redirect_to($page_to_return);
public function test_basic_find()
{
$count = User::count();
FuzzyTest::assert_equal($count, 3, "Should find three users here");
$matches = User::find_all();
FuzzyTest::assert_equal(count($matches), 3, "Should find three users here");
$count = User::count(array('email' => '*****@*****.**'));
FuzzyTest::assert_equal($count, 1, "Should find one user here");
$matches = User::find(array('email' => '*****@*****.**'));
FuzzyTest::assert_equal(count($matches), 1, "Should find one user here");
$u = $matches[0];
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Found wrong user");
$count = User::count(array('first_name' => 'Ben'));
FuzzyTest::assert_equal($count, 2, "Should find two users here");
$matches = User::find(array('first_name' => 'Ben'));
FuzzyTest::assert_equal(count($matches), 2, "Should find two users here");
$matches = User::find_all_by_first_name('Ben');
FuzzyTest::assert_equal(count($matches), 2, "Should find two users here");
$count = User::count_by_first_name('Ben');
FuzzyTest::assert_equal($count, 2, "Should find two users here");
$matches = User::find_all_by_email('*****@*****.**');
FuzzyTest::assert_equal(count($matches), 1, "Should find one user here");
$count = User::count_by_email('*****@*****.**');
FuzzyTest::assert_equal($count, 1, "Should find one user here");
$u = $matches[0];
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Found wrong user");
$u = User::find_by_email('*****@*****.**');
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Found wrong user");
$matches = User::find_all_by_email_and_first_name('*****@*****.**', 'Ben');
FuzzyTest::assert_equal(count($matches), 1, "Should find one user here");
$count = User::count_by_email_and_first_name('*****@*****.**', 'Ben');
FuzzyTest::assert_equal($count, 1, "Should find one user here");
$u = $matches[0];
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Found wrong user");
$matches = User::find(array('first_name' => 'Ben', 'limit' => 1));
FuzzyTest::assert_equal(count($matches), 1, "Should find one user here");
$matches = User::find(array('first_name' => 'Ben', 'order_by' => 'registration_date'));
FuzzyTest::assert_equal(count($matches), 2, "Should find two users here");
$u = $matches[0];
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Sorted results in the wrong order");
$matches = User::find(array('first_name' => 'Ben', 'order_by' => 'email', 'sort' => "descending"));
FuzzyTest::assert_equal(count($matches), 2, "Should find two users here");
$u = $matches[0];
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Sorted results in the wrong order");
$matches = User::find(array('first_name' => 'Ben', 'order_by' => 'email', 'sort' => "ascending"));
FuzzyTest::assert_equal(count($matches), 2, "Should find two users here");
$u = $matches[1];
FuzzyTest::assert_equal($u->email, "*****@*****.**", "Found wrong user");
$matches = User::find(array('email_not' => '*****@*****.**'));
FuzzyTest::assert_equal(count($matches), 2, "Should find two users here");
}
/**
* Insert a forgotten password key.
*
* @return bool
* @author Mathew
* @updated Ryan
**/
public function forgotten_password($identity)
{
if (empty($identity)) {
return FALSE;
}
$key = self::hash_password(microtime() . $identity);
$user = User::find_by_email($identity);
if ($user) {
$data = array('forgotten_password_code' => $key);
$user->update_attributes($data);
if ($user->is_valid()) {
return $key;
}
if ($user->in_invalid()) {
return FALSE;
}
} else {
return FALSE;
}
}
/**
* forgotten password feature
*
* @return void
* @author Mathew
**/
public function forgotten_password($identity)
{
$code = User::forgotten_password($identity);
if ($code) {
$user = User::find_by_email($identity);
if ($user) {
$data = array('forgotten_password_code' => $code);
$message = $this->ci->load->view($this->ci->config->item('email_templates') . $this->ci->config->item('email_forgot_password'), $data, true);
$this->ci->email->clear();
$this->ci->email->set_newline("\r\n");
$this->ci->email->from($this->ci->config->item('admin_email'), $this->ci->config->item('site_title'));
$this->ci->email->to($user->email);
$this->ci->email->subject($this->ci->config->item('site_title') . ' - ' . lang('web_auth_voc'));
$this->ci->email->message($message);
if ($this->ci->email->send()) {
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
} else {
return FALSE;
}
}
<?php
require_once "../../includes/initialize.php";
$username = null;
$server_name = $_SERVER['PHP_SELF'];
$new_password = null;
if (request_is_post() && request_is_same_domain()) {
if (!csrf_token_is_valid() || !csrf_token_is_recent()) {
$message = "Sorry, request was not valid.";
} else {
$username = trim($_POST['email']);
$valid = new FormValidation();
$valid->validate_presences('email');
$valid->validate_email('email');
if (empty($valid->errors)) {
$user = User::find_by_email($username);
if ($user) {
$user->delete_reset_token();
$user->create_reset_token();
$user->send_email();
} else {
// Username was not found; don't do anything
}
// Message returned is the same whether the user
// was found or not, so that we don't reveal which
// usernames exist and which do not.
$message = "A link to reset your password has been sent to the email address on file.";
} else {
$message = "Please enter your email.";
}
}
