Esempio n. 1
0
 public function testGetActiveStatus()
 {
     $this->User->setActiveStatus(true);
     if ($this->User->getActiveStatus() != true) {
         $this->fail();
     }
 }
Esempio n. 2
0
 public function getUserAddEditForm($target = '/admin/User', $admin = false)
 {
     $form = new Form('user_addedit', 'POST', $target, '', array('class' => 'admin'));
     $form->setConstants(array('section' => 'addedit'));
     $form->addElement('hidden', 'section');
     if (@$_REQUEST['id']) {
         $user = new User($_REQUEST['id']);
         $form->setConstants(array('id' => $_REQUEST['id']));
         $form->addElement('hidden', 'id');
     } else {
         $user = new User();
     }
     $statuses = array(1 => 'Active', 0 => 'Disabled');
     $form->addElement('text', 'a_username', 'Username');
     $form->addElement('password', 'a_password', 'Password');
     $form->addElement('password', 'a_password_confirm', 'Confirm Password');
     $form->addElement('text', 'a_name', 'Full Name');
     $form->addElement('text', 'a_email', 'Email Address');
     if ($admin) {
         $form->addElement('select', 'a_status', 'Active Status', $statuses);
     }
     if (isset($this->user) && $this->user->hasPerm('assigngroups')) {
         $sql = 'SELECT agp_id, agp_name from auth_groups';
         $groups = Database::singleton()->query_fetch_all($sql);
         $assignableGroup = array();
         foreach ($groups as $group) {
             $assignableGroup[$group['agp_id']] = $group['agp_name'];
         }
         if (@$user) {
             $defaultValues['a_group'] = $user->getAuthGroup();
         }
         $form->addElement('select', 'a_group', 'Member Group', $assignableGroup);
     }
     $form->addElement('submit', 'a_submit', 'Save');
     $defaultValues['a_username'] = $user->getUsername();
     $defaultValues['a_name'] = $user->getName();
     $defaultValues['a_email'] = $user->getEmail();
     $defaultValues['a_password'] = null;
     $defaultValues['a_password_confirm'] = null;
     if ($admin) {
         $defaultValues['a_status'] = $user->getActiveStatus();
     }
     $form->setDefaults($defaultValues);
     $form->addRule('a_username', 'Please enter a username', 'required', null);
     $form->addRule('a_name', 'Please enter the user\'s name', 'required', null);
     $form->addRule('a_email', 'Please enter an email address', 'required', null);
     $form->addRule('a_email', 'Please enter a valid email address', 'email', null);
     if (!isset($_REQUEST['id'])) {
         $form->addRule('a_password', 'Please enter a password', 'required', null);
         $form->addRule('a_password_confirm', 'Please confirm the passwords match', 'required', null);
     }
     $form->addRule(array('a_password', 'a_password_confirm'), 'The passwords do not match', 'compare', null);
     if (isset($_REQUEST['a_submit']) && $form->validate()) {
         $this->template = 'admin/user.tpl';
         $this->doUserSubmit();
     }
     return $form;
 }
 private function modifyUser()
 {
     global $_ARRAYLANG, $_CONFIG;
     $associatedGroups = '';
     $notAssociatedGroups = '';
     $cssDisplayStatusCreate = 'none';
     $objFWUser = \FWUser::getFWUserObject();
     if (($objUser = $objFWUser->objUser->getUser(isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0)) === false) {
         $objUser = new \User();
         $cssDisplayStatusCreate = '';
     }
     if ($objFWUser->objUser->getAdminStatus()) {
         $cssDisplayStatus = 'none';
     } else {
         $cssDisplayStatus = '';
     }
     if (isset($_POST['access_save_user'])) {
         $arrSettings = \User_Setting::getSettings();
         // only administrators are allowed to change a users account. or users may be allowed to change their own account
         if (!\Permission::hasAllAccess() && ($objUser->getId() != $objFWUser->objUser->getId() || !\Permission::checkAccess(31, 'static', true))) {
             \Permission::noAccess();
         }
         $objUser->setUsername(isset($_POST['access_user_username']) ? trim(contrexx_stripslashes($_POST['access_user_username'])) : '');
         $objUser->setEmail(isset($_POST['access_user_email']) ? trim(contrexx_stripslashes($_POST['access_user_email'])) : '');
         $objUser->setFrontendLanguage(isset($_POST['access_user_frontend_language']) ? intval($_POST['access_user_frontend_language']) : 0);
         $objUser->setBackendLanguage(isset($_POST['access_user_backend_language']) ? intval($_POST['access_user_backend_language']) : 0);
         $oldActiveStatus = $objUser->getActiveStatus();
         $objUser->setActiveStatus(isset($_POST['access_user_active']) ? (bool) $_POST['access_user_active'] : false);
         $objUser->setEmailAccess(isset($_POST['access_user_email_access']) && $objUser->isAllowedToChangeEmailAccess() ? trim(contrexx_stripslashes($_POST['access_user_email_access'])) : '');
         $objUser->setProfileAccess(isset($_POST['access_user_profile_access']) && $objUser->isAllowedToChangeProfileAccess() ? trim(contrexx_stripslashes($_POST['access_user_profile_access'])) : '');
         $objUser->setSubscribedNewsletterListIDs(isset($_POST['access_user_newsletters']) ? $_POST['access_user_newsletters'] : array());
         if (isset($_POST['access_profile_attribute']) && is_array($_POST['access_profile_attribute'])) {
             $arrProfile = $_POST['access_profile_attribute'];
             if (!empty($_POST['access_image_uploader_id']) && isset($_POST['access_profile_attribute_images']) && is_array($_POST['access_profile_attribute_images'])) {
                 $upload_res = $this->addUploadedImagesToProfile($objUser, $arrProfile, $_POST['access_profile_attribute_images'], $_POST['access_image_uploader_id']);
                 if (is_array($upload_res)) {
                     self::$arrStatusMsg['error'] = array_merge(self::$arrStatusMsg['error'], $upload_res);
                 }
             }
             $objUser->setProfile($arrProfile);
         }
         // only administrators are allowed to change the group assigement
         if (\Permission::hasAllAccess()) {
             if (isset($_POST['access_user_associated_groups']) && is_array($_POST['access_user_associated_groups'])) {
                 $objUser->setGroups($_POST['access_user_associated_groups']);
             } else {
                 $objUser->setGroups(array());
             }
         }
         $objUser->setPrimaryGroup(isset($_POST['access_user_primary_group']) ? $_POST['access_user_primary_group'] : 0);
         if ((isset($_POST['notification_email']) && $_POST['notification_email'] == 1 && !$objUser->getId() || $objUser->setPassword(isset($_POST['access_user_password']) ? trim(contrexx_stripslashes($_POST['access_user_password'])) : '', isset($_POST['access_user_password_confirmed']) ? trim(contrexx_stripslashes($_POST['access_user_password_confirmed'])) : '')) && (!\Permission::hasAllAccess() || $objUser->getId() == $objFWUser->objUser->getId() || $objUser->setAdminStatus(isset($_POST['access_user_is_admin']) ? (bool) $_POST['access_user_is_admin'] : false) && (!isset($_POST['access_user_validity']) || $_REQUEST['access_user_validity'] == 'current' || $objUser->setValidityTimePeriod(intval($_POST['access_user_validity'])))) && (\Permission::hasAllAccess() || !$arrSettings['user_account_verification']['value'] || $objUser->checkMandatoryCompliance()) && $objUser->store()) {
             self::$arrStatusMsg['ok'][] = $_ARRAYLANG['TXT_ACCESS_USER_ACCOUNT_STORED_SUCCESSFULLY'];
             $objFWUser->objUser->getDynamicPermissionIds(true);
             $objFWUser->objUser->getStaticPermissionIds(true);
             if ($oldActiveStatus != $objUser->getActiveStatus() && isset($_POST['access_user_status_notification']) && $_POST['access_user_status_notification'] == '1') {
                 // notify user about the status (in-/ active) of his account
                 $this->notifyUserAboutAccountStatusChange($objUser);
             }
             // process module specific extensions
             $this->processModuleSpecificExtensions($objUser);
             if (\Permission::checkAccess(18, 'static', true)) {
                 return $this->userList();
             }
         } else {
             self::$arrStatusMsg['error'] = array_merge(self::$arrStatusMsg['error'], $objUser->getErrorMsg());
         }
     } elseif (!$objUser->getId()) {
         $objUser->setActiveStatus(true);
     }
     $this->_objTpl->addBlockfile('ACCESS_USER_TEMPLATE', 'module_access_user_modify', 'module_access_user_modify.html');
     if ($objUser->getId()) {
         $this->_pageTitle = $_ARRAYLANG['TXT_ACCESS_MODIFY_USER_ACCOUNT'];
         $this->_objTpl->touchBlock('access_user_active_notification_function_call');
     } else {
         $this->_pageTitle = $_ARRAYLANG['TXT_ACCESS_CREATE_USER_ACCOUNT'];
         $this->_objTpl->hideBlock('access_user_active_notification_function_call');
     }
     if (\Permission::hasAllAccess()) {
         $objGroup = $objFWUser->objGroup->getGroups();
         while (!$objGroup->EOF) {
             $var = in_array($objGroup->getId(), $objUser->getAssociatedGroupIds()) ? 'associatedGroups' : 'notAssociatedGroups';
             ${$var} .= "<option value=\"" . $objGroup->getId() . "\">" . htmlentities($objGroup->getName(), ENT_QUOTES, CONTREXX_CHARSET) . " [" . $objGroup->getType() . "]</option>\n";
             $objGroup->next();
         }
         $this->_objTpl->touchBlock('access_profile_group_assignment');
         $this->attachJavaScriptFunction('accessSelectAllGroups');
         $this->attachJavaScriptFunction('accessDeselectAllGroups');
         $this->attachJavaScriptFunction('accessAddGroupToList');
         $this->attachJavaScriptFunction('accessRemoveGroupFromList');
         $this->attachJavaScriptFunction('accessAssignGroupToUser');
         $this->attachJavaScriptFunction('confirmUserNotification');
     } else {
         $this->_objTpl->hideBlock('access_profile_group_assignment');
     }
     $this->attachJavaScriptFunction('accessSetWebsite');
     $passwordInfo = self::getPasswordInfo();
     $this->_objTpl->setVariable(array('TXT_ACCESS_USER_ACCOUNT' => $_ARRAYLANG['TXT_ACCESS_USER_ACCOUNT'], 'TXT_ACCESS_USER_GROUP_S' => $_ARRAYLANG['TXT_ACCESS_USER_GROUP_S'], 'TXT_ACCESS_PROFILE' => $_ARRAYLANG['TXT_ACCESS_PROFILE'], 'TXT_ACCESS_NEWSLETTER_LISTS' => $_ARRAYLANG['TXT_ACCESS_NEWSLETTER_LISTS'], 'TXT_ACCESS_USERNAME' => $_ARRAYLANG['TXT_ACCESS_USERNAME'], 'TXT_ACCESS_PASSWORD' => $_ARRAYLANG['TXT_ACCESS_PASSWORD'], 'TXT_ACCESS_CONFIRM_PASSWORD' => $_ARRAYLANG['TXT_ACCESS_CONFIRM_PASSWORD'], 'TXT_ACCESS_EMAIL' => $_ARRAYLANG['TXT_ACCESS_EMAIL'], 'TXT_ACCESS_LANGUAGE' => $_ARRAYLANG['TXT_ACCESS_LANGUAGE'], 'TXT_ACCESS_ADMINISTRATOR' => $_ARRAYLANG['TXT_ACCESS_ADMINISTRATOR'], 'TXT_ACCESS_PASSWORD_INFO' => $passwordInfo, 'TXT_ACCESS_USER_ADMIN_RIGHTS' => $_ARRAYLANG['TXT_ACCESS_USER_ADMIN_RIGHTS'], 'TXT_ACCESS_USER_ADMIN_RIGHTS_TOOLTIP' => $_ARRAYLANG['TXT_ACCESS_USER_ADMIN_RIGHTS_TOOLTIP'], 'TXT_ACCESS_PASSWORD_FIELD_EMPTY' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_FIELD_EMPTY'], 'TXT_ACCESS_PASSWORD_MD5_ENCRYPTED' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_MD5_ENCRYPTED'], 'TXT_ACCESS_AVAILABLE_GROUPS' => $_ARRAYLANG['TXT_ACCESS_AVAILABLE_GROUPS'], 'TXT_ACCESS_ASSOCIATED_GROUPS' => $_ARRAYLANG['TXT_ACCESS_ASSOCIATED_GROUPS'], 'TXT_ACCESS_PRIMARY_GROUP' => $_ARRAYLANG['TXT_ACCESS_PRIMARY_GROUP'], 'TXT_ACCESS_CHECK_ALL' => $_ARRAYLANG['TXT_ACCESS_CHECK_ALL'], 'TXT_ACCESS_UNCHECK_ALL' => $_ARRAYLANG['TXT_ACCESS_UNCHECK_ALL'], 'TXT_ACCESS_SAVE' => $_ARRAYLANG['TXT_ACCESS_SAVE'], 'TXT_ACCESS_CANCEL' => $_ARRAYLANG['TXT_ACCESS_CANCEL'], 'TXT_ACCESS_CHANGE_WEBSITE' => $_ARRAYLANG['TXT_ACCESS_CHANGE_WEBSITE'], 'TXT_ACCESS_VISIT_WEBSITE' => $_ARRAYLANG['TXT_ACCESS_VISIT_WEBSITE'], 'TXT_ACCESS_NO_SPECIFIED' => $_ARRAYLANG['TXT_ACCESS_NO_SPECIFIED'], 'TXT_ACCESS_CHANGE_PROFILE_PIC' => $_ARRAYLANG['TXT_ACCESS_CHANGE_PROFILE_PIC'], 'TXT_ACCESS_STATUS' => $_ARRAYLANG['TXT_ACCESS_STATUS'], 'TXT_ACCESS_ACTIVE' => $_ARRAYLANG['TXT_ACCESS_ACTIVE'], 'TXT_ACCESS_CONFIRM_OPEN_URL' => $_ARRAYLANG['TXT_ACCESS_CONFIRM_OPEN_URL'], 'TXT_ACCESS_URL_OPEN_RISK_MSG' => $_ARRAYLANG['TXT_ACCESS_URL_OPEN_RISK_MSG'], 'TXT_ACCESS_PRIVACY' => $_ARRAYLANG['TXT_ACCESS_PRIVACY'], 'TXT_ACCESS_FRONTEND_DESC' => $_ARRAYLANG['TXT_ACCESS_FRONTEND_DESC'], 'TXT_ACCESS_BACKEND_DESC' => $_ARRAYLANG['TXT_ACCESS_BACKEND_DESC'], 'TXT_ACCESS_VALIDITY_EXPIRATION' => $_ARRAYLANG['TXT_ACCESS_VALIDITY_EXPIRATION'], 'TXT_ACCESS_PASSWORD_INVALID' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_INVALID'], 'TXT_ACCESS_PASSWORD_TOO_SHORT' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_TOO_SHORT'], 'TXT_ACCESS_PASSWORD_WEAK' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_WEAK'], 'TXT_ACCESS_PASSWORD_GOOD' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_GOOD'], 'TXT_ACCESS_PASSWORD_STRONG' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_STRONG'], 'TXT_ACCESS_PASSWORD_MANUALLY' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_MANUALLY'], 'TXT_ACCESS_PASSWORD_GENERATED' => $_ARRAYLANG['TXT_ACCESS_PASSWORD_GENERATED'], 'TXT_ACCESS_NOTIFICATION_EMAIL_TITLE' => $_ARRAYLANG['TXT_ACCESS_NOTIFICATION_EMAIL_TITLE']));
     $this->parseAccountAttributes($objUser, true);
     if ($objUser->isAllowedToChangeEmailAccess() || $objUser->isAllowedToChangeProfileAccess()) {
         $this->_objTpl->touchBlock('access_user_privacy');
     } else {
         $this->_objTpl->hideBlock('access_user_privacy');
     }
     $arrSettings = \User_Setting::getSettings();
     if (!$arrSettings['use_usernames']['status']) {
         $this->_objTpl->hideBlock('access_user_username_block');
     }
     $this->parseNewsletterLists($objUser);
     $urlParams = '';
     $cancelUrl = 'index.php?cmd=Access&amp;act=user';
     $source = isset($_GET['source']) ? contrexx_input2raw($_GET['source']) : 'Access';
     switch ($source) {
         case 'Newsletter':
             $cancelUrl = 'index.php?cmd=Newsletter&act=users';
             $urlParams = (!empty($_GET['newsletterListId']) ? '&newsletterListId=' . contrexx_input2raw($_GET['newsletterListId']) : '') . (!empty($_GET['filterkeyword']) ? '&filterkeyword=' . contrexx_input2raw($_GET['filterkeyword']) : '') . (!empty($_GET['filterattribute']) ? '&filterattribute=' . contrexx_input2raw($_GET['filterattribute']) : '') . (!empty($_GET['filterStatus']) ? '&filterStatus=' . contrexx_input2raw($_GET['filterStatus']) : '');
             break;
     }
     $this->attachJavaScriptFunction('addHistoryField');
     $uploader = $this->getImageUploader();
     $this->_objTpl->setVariable(array('ACCESS_USER_ID' => $objUser->getId(), 'ACCESS_USER_IS_ADMIN' => $objUser->getAdminStatus() ? 'checked="checked"' : '', 'ACCESS_USER_ACTIVE' => $objUser->getActiveStatus() ? 'checked="checked"' : '', 'ACCESS_USER_NOT_ASSOCIATED_GROUPS' => $notAssociatedGroups, 'ACCESS_USER_ASSOCIATED_GROUPS' => $associatedGroups, 'ACCESS_USER_PRIMARY_GROUP_MENU' => $this->getGroupMenu($objUser->getPrimaryGroupId(), 'name="access_user_primary_group" id="access_user_primary_group" onchange="accessAssignGroupToUser(this,document.getElementById(\'access_user_not_associated_groups\'),document.getElementById(\'access_user_associated_groups\'))"', false), 'ACCESS_USER_VALIDITY_EXPIRATION_MENU' => $this->getUserValidityMenu($objUser->getValidityTimePeriod(), $objUser->getExpirationDate()), 'ACCESS_USER_VALIDITY_OPTION_DISPLAY' => $objUser->getAdminStatus() ? 'none' : '', 'ACCESS_JAVASCRIPT_FUNCTIONS' => $this->getJavaScriptCode(), 'CSS_DISPLAY_STATUS' => $cssDisplayStatus, 'CSS_DISPLAY_STATUS_CREATE' => $cssDisplayStatusCreate, 'ACCESS_PASSWORT_COMPLEXITY' => isset($_CONFIG['passwordComplexity']) ? $_CONFIG['passwordComplexity'] : 'off', 'SOURCE' => $source, 'CANCEL_URL' => $cancelUrl, 'URL_PARAMS' => $urlParams, 'ACCESS_IMAGE_UPLOADER_ID' => $uploader->getId(), 'ACCESS_IMAGE_UPLOADER_CODE' => $uploader->getXHtml()));
     $rowNr = 0;
     $objUser->objAttribute->first();
     while (!$objUser->objAttribute->EOF) {
         $objAttribute = $objUser->objAttribute->getById($objUser->objAttribute->getId());
         if (!$objAttribute->isProtected() || (\Permission::checkAccess($objAttribute->getAccessId(), 'dynamic', true) || $objAttribute->checkModifyPermission())) {
             $this->_objTpl->setVariable(array('ACCESS_ATTRIBUTE_ROW_CLASS' => ++$rowNr % 2 + 1, 'ACCESS_PROFILE_ATTRIBUTE_DESC' => htmlentities($objUser->objAttribute->getName(), ENT_QUOTES, CONTREXX_CHARSET), 'ACCESS_PROFILE_ATTRIBUTE' => $this->parseAttribute($objUser, $objAttribute->getId(), 0, true, true)));
             $this->_objTpl->parse('access_profile_attribute_list');
         }
         $objUser->objAttribute->next();
     }
     $this->parseModuleSpecificExtensions();
     $this->_objTpl->parse('module_access_user_modify');
     return true;
 }