/**
* Responds to process_edit hook-like event notifications.
*
* @param Zikula_Event $event The event that triggered this function call.
*
* @return void
*
* @throws Zikula_Exception_Fatal Thrown if a user account does not exist for the uid specified by the event.
*/
public function processEdit(Zikula_Event $event)
{
$activePolicies = $this->helper->getActivePolicies();
$eventName = $event->getName();
if (isset($this->validation) && !$this->validation->hasErrors()) {
$user = $event->getSubject();
$uid = $user['uid'];
if (!UserUtil::isLoggedIn()) {
if (($eventName == 'module.users.ui.process_edit.login_screen') || ($eventName == 'module.users.ui.process_edit.login_block')) {
$policiesAcceptedAtLogin = $this->validation->getObject();
$nowUTC = new DateTime('now', new DateTimeZone('UTC'));
$nowUTCStr = $nowUTC->format(DateTime::ISO8601);
if ($activePolicies['termsOfUse'] && $policiesAcceptedAtLogin['termsOfUse']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_TERMSOFUSE_ACCEPTED, $nowUTCStr, $uid);
}
if ($activePolicies['privacyPolicy'] && $policiesAcceptedAtLogin['privacyPolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_PRIVACYPOLICY_ACCEPTED, $nowUTCStr, $uid);
}
if ($activePolicies['agePolicy'] && $policiesAcceptedAtLogin['agePolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_AGEPOLICY_CONFIRMED, $nowUTCStr, $uid);
}
if ($activePolicies['cancellationRightPolicy'] && $policiesAcceptedAtLogin['cancellationRightPolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_CANCELLATIONRIGHTPOLICY_ACCEPTED, $nowUTCStr, $uid);
}
if ($activePolicies['tradeConditions'] && $policiesAcceptedAtLogin['tradeConditions']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_TRADECONDITIONS_ACCEPTED, $nowUTCStr, $uid);
}
// Force the reload of the user record
$user = UserUtil::getVars($uid, true);
} else {
$isRegistration = UserUtil::isRegistration($uid);
$user = UserUtil::getVars($uid, false, 'uid', $isRegistration);
if (!$user) {
throw new Zikula_Exception_Fatal(__('A user account or registration does not exist for the specified uid.', $this->domain));
}
$policiesAcceptedAtRegistration = $this->validation->getObject();
$nowUTC = new DateTime('now', new DateTimeZone('UTC'));
$nowUTCStr = $nowUTC->format(DateTime::ISO8601);
if ($activePolicies['termsOfUse'] && $policiesAcceptedAtRegistration['termsOfUse']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_TERMSOFUSE_ACCEPTED, $nowUTCStr, $uid);
}
if ($activePolicies['privacyPolicy'] && $policiesAcceptedAtRegistration['privacyPolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_PRIVACYPOLICY_ACCEPTED, $nowUTCStr, $uid);
}
if ($activePolicies['agePolicy'] && $policiesAcceptedAtRegistration['agePolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_AGEPOLICY_CONFIRMED, $nowUTCStr, $uid);
}
if ($activePolicies['cancellationRightPolicy'] && $policiesAcceptedAtRegistration['cancellationRightPolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_CANCELLATIONRIGHTPOLICY_ACCEPTED, $nowUTCStr, $uid);
}
if ($activePolicies['tradeConditions'] && $policiesAcceptedAtRegistration['tradeConditions']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_TRADECONDITIONS_ACCEPTED, $nowUTCStr, $uid);
}
// Force the reload of the user record
$user = UserUtil::getVars($uid, true, 'uid', $isRegistration);
}
} else {
$isRegistration = UserUtil::isRegistration($uid);
$user = UserUtil::getVars($uid, false, 'uid', $isRegistration);
if (!$user) {
throw new Zikula_Exception_Fatal(__('A user account or registration does not exist for the specified uid.', $this->domain));
}
$policiesAcceptedAtRegistration = $this->validation->getObject();
$editablePolicies = $this->helper->getEditablePolicies();
$nowUTC = new DateTime('now', new DateTimeZone('UTC'));
$nowUTCStr = $nowUTC->format(DateTime::ISO8601);
if ($activePolicies['termsOfUse'] && $editablePolicies['termsOfUse']) {
if ($policiesAcceptedAtRegistration['termsOfUse']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_TERMSOFUSE_ACCEPTED, $nowUTCStr, $uid);
} elseif (($policiesAcceptedAtRegistration['termsOfUse'] === 0) || ($policiesAcceptedAtRegistration['termsOfUse'] === "0")) {
UserUtil::delVar(Legal_Constant::ATTRIBUTE_TERMSOFUSE_ACCEPTED, $uid);
}
}
if ($activePolicies['privacyPolicy'] && $editablePolicies['privacyPolicy']) {
if ($policiesAcceptedAtRegistration['privacyPolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_PRIVACYPOLICY_ACCEPTED, $nowUTCStr, $uid);
} elseif (($policiesAcceptedAtRegistration['privacyPolicy'] === 0) || ($policiesAcceptedAtRegistration['termsOfUse'] === "0")) {
UserUtil::delVar(Legal_Constant::ATTRIBUTE_PRIVACYPOLICY_ACCEPTED, $uid);
}
}
if ($activePolicies['agePolicy'] && $editablePolicies['agePolicy']) {
if ($policiesAcceptedAtRegistration['agePolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_AGEPOLICY_CONFIRMED, $nowUTCStr, $uid);
} elseif (($policiesAcceptedAtRegistration['agePolicy'] === 0) || ($policiesAcceptedAtRegistration['termsOfUse'] === "0")) {
UserUtil::delVar(Legal_Constant::ATTRIBUTE_AGEPOLICY_CONFIRMED, $uid);
}
}
if ($activePolicies['cancellationRightPolicy'] && $editablePolicies['cancellationRightPolicy']) {
if ($policiesAcceptedAtRegistration['cancellationRightPolicy']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_CANCELLATIONRIGHTPOLICY_ACCEPTED, $nowUTCStr, $uid);
} elseif (($policiesAcceptedAtRegistration['cancellationRightPolicy'] === 0) || ($policiesAcceptedAtRegistration['cancellationRightPolicy'] === "0")) {
UserUtil::delVar(Legal_Constant::ATTRIBUTE_CANCELLATIONRIGHTPOLICY_ACCEPTED, $uid);
}
}
if ($activePolicies['tradeConditions'] && $editablePolicies['tradeConditions']) {
if ($policiesAcceptedAtRegistration['tradeConditions']) {
UserUtil::setVar(Legal_Constant::ATTRIBUTE_TRADECONDITIONS_ACCEPTED, $nowUTCStr, $uid);
} elseif (($policiesAcceptedAtRegistration['tradeConditions'] === 0) || ($policiesAcceptedAtRegistration['tradeConditions'] === "0")) {
UserUtil::delVar(Legal_Constant::ATTRIBUTE_TRADECONDITIONS_ACCEPTED, $uid);
}
}
// Force the reload of the user record
$user = UserUtil::getVars($uid, true, 'uid', $isRegistration);
}
}
}
/**
* Sets or resets a user's need to changed his password on his next attempt at logging ing.
*
* Parameters passed via GET:
* --------------------------
* numeric userid The uid of the user for whom a change of password should be forced (or canceled).
*
* Parameters passed via POST:
* ---------------------------
* numeric userid The uid of the user for whom a change of password should be forced (or canceled).
* boolean user_must_change_password True to force the user to change his password at his next log-in attempt, otherwise false.
*
* Parameters passed via SESSION:
* ------------------------------
* None.
*
* @return string The rendered output from either the template for confirmation.
*
* @throws Zikula_Exception_Fatal Thrown if a user id is not specified, is invalid, or does not point to a valid account record,
* or the account record is not in a consistent state.
* @throws Zikula_Exception_Forbidden Thrown if the current user does not have edit access for the account record.
*/
public function toggleForcedPasswordChange()
{
if ($this->request->isGet()) {
$uid = $this->request->query->get('userid', false);
if (!$uid || !is_numeric($uid) || ((int)$uid != $uid)) {
throw new Zikula_Exception_Fatal(LogUtil::getErrorMsgArgs());
}
$userObj = UserUtil::getVars($uid);
if (!isset($userObj) || !$userObj || !is_array($userObj) || empty($userObj)) {
throw new Zikula_Exception_Fatal(LogUtil::getErrorMsgArgs());
}
if (!SecurityUtil::checkPermission('Users::', "{$userObj['uname']}::{$uid}", ACCESS_EDIT)) {
throw new Zikula_Exception_Forbidden();
}
$userMustChangePassword = UserUtil::getVar('_Users_mustChangePassword', $uid, false);
return $this->view->assign('user_obj', $userObj)
->assign('user_must_change_password', $userMustChangePassword)
->fetch('users_admin_toggleforcedpasswordchange.tpl');
} elseif ($this->request->isPost()) {
$this->checkCsrfToken();
$uid = $this->request->request->get('userid', false);
$userMustChangePassword = $this->request->request->get('user_must_change_password', false);
if (!$uid || !is_numeric($uid) || ((int)$uid != $uid)) {
throw new Zikula_Exception_Fatal(LogUtil::getErrorMsgArgs());
}
// Force reload of User object into cache.
$userObj = UserUtil::getVars($uid);
if (!SecurityUtil::checkPermission('Users::', "{$userObj['uname']}::{$uid}", ACCESS_EDIT)) {
throw new Zikula_Exception_Forbidden();
}
if ($userMustChangePassword) {
UserUtil::setVar('_Users_mustChangePassword', $userMustChangePassword, $uid);
} else {
UserUtil::delVar('_Users_mustChangePassword', $uid);
}
// Force reload of User object into cache.
$userObj = UserUtil::getVars($uid, true);
if ($userMustChangePassword) {
if (isset($userObj['__ATTRIBUTES__']) && isset($userObj['__ATTRIBUTES__']['_Users_mustChangePassword'])) {
$this->registerStatus($this->__f('Done! A password change will be required the next time %1$s logs in.', array($userObj['uname'])));
} else {
throw new Zikula_Exception_Fatal();
}
} else {
if (isset($userObj['__ATTRIBUTES__']) && isset($userObj['__ATTRIBUTES__']['_Users_mustChangePassword'])) {
throw new Zikula_Exception_Fatal();
} else {
$this->registerStatus($this->__f('Done! A password change will no longer be required for %1$s.', array($userObj['uname'])));
}
}
$this->redirect(ModUtil::url($this->name, 'admin', 'view'));
} else {
throw new Zikula_Exception_Forbidden();
}
}
/**
* Delete the contents of a user variable. This can either be
* - a variable stored in the users table or
* - an attribute to the users table, either a new style sttribute or the old style user information
*
* Examples:
* pnUserDelVar('ublock'); // clears the recent users table entry for 'ublock'
* pnUserDelVar('_YOURAVATAR', 123), // removes a users avatar, old style (uid = 123)
* pnUserDelVar('avatar', 123); // removes a users avatar, new style (uid=123)
* (internally both the new style and the old style clear the same attribute)
*
* It does not allow the deletion of uid, email, uname and pass (word) as these are mandatory
* fields in the users table.
*
* @deprecated
* @see UserUtil::delVar()
*
* @param name $ the name of the variable
* @param uid $ the user to delete the variable for
* @return boolen true on success, false on failure
*/
function pnUserDelVar($name, $uid = -1)
{
LogUtil::log(__f('Warning! Function %1$s is deprecated. Please use %2$s instead.', array(__FUNCTION__, 'UserUtil::delVar()')), E_USER_DEPRECATED);
return UserUtil::delVar($name, $uid);
}
public function applyCsvValues($args){
$this->throwForbiddenUnless(SecurityUtil::checkPermission('IWusers::', '::', ACCESS_DELETE));
$update = isset($args['update'])?$args['update']:null;
$insert = isset($args['insert'])?$args['insert']:null;
// Upate users table with new values
if (!(DBUtil::updateObjectArray($update, 'users', 'uid')))
LogUtil::registerError($this->__('Error! Update attempt failed.'));
// Update IWusers table
foreach ($update as &$user){
if (DBUtil::updateObject($user, 'IWusers', "iw_uid =".$user['uid']))
$user['action'] = 'm'; // modified //$this->__('Update');
else
$user['error']= $user['uname']." - ".$this->__('Error! Update attempt failed.'). " ";
}
if (count($insert)){
// Create new users in users table
if (!(DBUtil::InsertObjectArray($insert, 'users', 'uid')))
LogUtil::registerError($this->__('Error! New user creation attempt failed.'));
// Create new users in IWusers table
if (!(DBUtil::InsertObjectArray($insert, 'IWusers')))
LogUtil::registerError($this->__('Error! New user creation attempt failed.'));
}
// Join update and insert arrays and process
$allChanges = array_merge($update, $insert);
foreach ($allChanges as &$user){
// Process "in" and "out" groups information
ModUtil::apiFunc($this->name, 'admin', 'updateUserGroups', $user);
// Set user pass
if (isset($user['password']) && ($user['password']!="")) {
// Validate pass length and pass <> uname or new_uname
if (userUtil::validatePassword($user['password'])) {
UserUtil::setPassword($user['password'], $user['uid']);
} else {
// Not a valid password -> error
$result['error'][$user['uid']] = $user;
$user['error'].= $this->__('Password does not meet the minimum criteria.')." ";
}
}
// Force user change password?
if ($forcechgpass) {
switch ($user['forcechgpass']) {
case 1:
UserUtil::setVar('_Users_mustChangePassword', 1, $user['uid']);
break;
case 0;
UserUtil::delVar('_Users_mustChangePassword', $user['uid']);
break;
}
}
// Change uname
if (isset($user['new_uname']) && ($user['new_uname']!= "") && (!is_null($user['uid']))) {
// search repeated uname/new_uname
if (!(UserUtil::getIdFromName($user['new_uname']))) {
// new_uname not exists proceed with uname change
$object['uname'] = $user['new_uname'];
//$object['uid'] = $user['uid'];
DBUtil::updateObject($object, 'users', "uid=".$user['uid']);
//UserUtil::setPassword($user['pass'], $user['uid']);
} else {
$user['error'].= $this->__f('Duplicated username: %s.', $user['new_uname']);
}
}
}
return $allChanges;
}
/**
* Update the user's password.
*
* Parameters passed via GET:
* --------------------------
* None.
*
* Parameters passed via POST:
* ---------------------------
* string oldpassword The original password.
* string newpassword The new password to be stored for the user.
* string newpasswordconfirm Verification of the new password to be stored for the user.
*
* Parameters passed via SESSION:
* ------------------------------
* Namespace: Zikula_Users
* Variable: Users_Controller_User_updatePassword
* Type: array
* Contents: An array containing the information saved from the log-in attempt in order to re-enter it, including:
* 'authentication_method', an array containing the selected authentication module name and method name,
* 'authentication_info', an array containing the authentication information entered by the user,
* 'user_obj', a user record containing the user information found during the log-in attempt,
* 'password_errors', errors that have occurred during a previous pass through this function.
*
* @return bool True on success, otherwise false.
*/
public function updatePassword()
{
$sessionVars = $this->request->getSession()->get('Users_Controller_User_updatePassword', null, 'Zikula_Users');
$this->request->getSession()->del('Users_Controller_User_updatePassword', 'Zikula_Users');
if (!$this->request->isPost()) {
throw new Zikula_Exception_Forbidden();
}
$this->checkCsrfToken();
if (isset($sessionVars) && !empty($sessionVars)) {
$login = true;
$userObj = $sessionVars['user_obj'];
} else {
$login = false;
$userObj = UserUtil::getVars(UserUtil::getVar('uid'), true);
}
$uid = $userObj['uid'];
if (!$login && !UserUtil::isLoggedIn()) {
throw new Zikula_Exception_Forbidden();
} elseif ($login && UserUtil::isLoggedIn()) {
throw new Zikula_Exception_Fatal();
}
$passwordChanged = false;
$currentPassword = $this->request->request->get('oldpassword', '');
$newPassword = $this->request->request->get('newpassword', '');
$newPasswordAgain = $this->request->request->get('newpasswordconfirm', '');
$newPasswordReminder= $this->request->request->get('passreminder', '');
$passwordErrors = array();
if (empty($currentPassword) || !UserUtil::passwordsMatch($currentPassword, $userObj['pass'])) {
$passwordErrors['oldpass'][] = $this->__('The current password you entered is not correct. Please correct your entry and try again.');
} else {
$passwordErrors = ModUtil::apiFunc($this->name, 'registration', 'getPasswordErrors', array(
'uname' => $userObj['uname'],
'pass' => $newPassword,
'passagain' => $newPasswordAgain,
'passreminder' => $newPasswordReminder
));
if ($login && ($currentPassword == $newPassword)) {
$passwordErrors['reginfo_pass'][] = $this->__('Your new password cannot match your current password.');
}
}
if (empty($passwordErrors)) {
if (UserUtil::setPassword($newPassword, $uid)) {
// no user.update event for password chagnes.
$passwordChanged = true;
// Clear the forced change of password flag, if it exists.
UserUtil::delVar('_Users_mustChangePassword', $uid);
if (!UserUtil::setVar('passreminder', $newPasswordReminder, $uid)) {
$this->registerError($this->__('Warning! Your new password was saved, however there was a problem saving your new password reminder.'));
} else {
$this->registerStatus($this->__('Done! Saved your new password.'));
}
$userObj = UserUtil::getVars(UserUtil::getVar('uid'), true);
if ($login) {
$sessionVars['user_obj'] = $userObj;
if ($sessionVars['authentication_method']['modname'] == $this->name) {
// The password for Users module authentication was just changed.
// In order to successfully log in the user, we need to change it on the authentication_info.
$sessionVars['authentication_info']['pass'] = $newPassword;
}
}
} else {
throw new Zikula_Exception_Fatal($this->__('Sorry! There was a problem saving your new password.'));
}
}
if ($passwordChanged) {
if ($login) {
$loginArgs = $this->request->getSession()->get('Users_Controller_User_login', array(), 'Zikula_Users');
$loginArgs['authentication_method'] = $sessionVars['authentication_method'];
$loginArgs['authentication_info'] = $sessionVars['authentication_info'];
$loginArgs['rememberme'] = $sessionVars['rememberme'];
return ModUtil::func($this->name, 'user', 'login', $loginArgs);
} else {
return $this->redirect(ModUtil::url($this->name, 'user', 'main'));
}
} else {
$sessionVars['password_errors'] = $passwordErrors;
SessionUtil::requireSession();
$this->request->getSession()->set('Users_Controller_User_changePassword', $sessionVars, 'Zikula_Users');
$this->redirect(ModUtil::url($this->name, 'user', 'changePassword', array('login' => $login)));
}
}
