Esempio n. 1
0
 public function change()
 {
     if (!isset($_SESSION['UserID'])) {
         redirect('Login/logout');
     }
     //Create new user and load its data
     $user = new User_model();
     if (!$user->loadPropertiesFromPrimaryKey($_SESSION['UserID'])) {
         redirect('Login/logout');
     }
     //If user did not load, logout the session
     if ($user->isGuest()) {
         redirect('Mainpage');
     }
     //If not a student, redirect to mainpage
     $oldpw = $this->input->post('oldpw');
     $newpw = $this->input->post('newpw');
     $newpw2 = $this->input->post('newpw2');
     if (!$user->authenticate($oldpw)) {
         $this->load->view('changePassword', array('user' => $user, 'error' => TRUE));
     } elseif ($newpw != $newpw2) {
         $this->load->view('changePassword', array('user' => $user, 'error2' => TRUE));
     } elseif (strpbrk($newpw, '!@#$%&*-+=1234567890') === FALSE || strlen($newpw) < 8) {
         $this->load->view('changePassword', array('user' => $user, 'error3' => TRUE));
     } elseif (strpbrk($newpw, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ') === FALSE || strlen($newpw) < 8) {
         $this->load->view('changePassword', array('user' => $user, 'error3' => TRUE));
     } else {
         $user->setPassword($newpw);
         $user->update();
         $this->load->view('changePassword', array('user' => $user, 'success' => TRUE));
     }
 }
Esempio n. 2
0
 public function auth()
 {
     //Get the username and password from the field
     $username = $this->input->post('username');
     $password = $this->input->post('password');
     //Create a new user object
     $user = new User_model();
     //If username exists load userdata
     if ($user->loadPropertiesFromPrimaryKey($username) || $user->loadPropertiesFromEmailAddress($username)) {
         //If password is correct
         if ($user->authenticate($password)) {
             if (null !== $user->getLastLogin() && 0 < $user->getLastLogin() && $user->getLastLogin() + 10368000 < time()) {
                 $advisor = $user->getAdvisor();
                 $this->load->view('login', array("error2" => TRUE, 'advisorname' => $advisor->getName(), 'advisoremail' => $advisor->getEmailAddress()));
             } else {
                 //Set the logged in timestamp
                 $user->setLastLogin(time());
                 $user->update();
                 //Activate the session
                 $_SESSION['UserID'] = $user->getUserID();
                 //Redirect to the mainpage controller
                 redirect('Mainpage');
             }
         } else {
             //Incorrect username or password, reload login and display an error
             $this->load->view('login', array("error" => TRUE));
         }
     } else {
         //Incorrect username or password, reload login and display an error
         $this->load->view('login', array("error" => TRUE));
     }
 }
Esempio n. 3
0
 /**
  * Sauvegarde des modifications
  */
 public function save()
 {
     // Mise a jour des donnees en base
     $model = new User_model();
     $model->usridusr = $this->input->post('usridusr');
     $model->usrlbnom = $this->input->post('nom');
     $model->usrlblgn = $this->input->post('login');
     $model->usrlbpwd = $this->input->post('password');
     $model->update($this->db);
     $model->setProjects($this->db, explode(",", $this->input->post('selectedProjectIds')));
     $this->session->set_flashdata('message', formatInfo('User mis a jour'));
     redirect('listusers/index');
 }
Esempio n. 4
0
 public function saveOrUpdate($data)
 {
     if (empty($data)) {
         throw new InvalidArgumentException('Data cannot be empty.');
     }
     $user = new User_model();
     $user->username = $data['username'];
     $user->password = $data['password'];
     $user->firstName = $data['firstName'];
     $user->lastName = $data['lastName'];
     $user->isAdmin = $data['isAdmin'];
     if (!empty($data['userId'])) {
         $user->userId = $data['userId'];
         $userId = $user->update();
         return $userId;
     }
     $userId = $user->insert();
     return $userId;
 }
Esempio n. 5
0
 /**
  * Register User profile
  *
  * @access	private
  * @param   array 	$_post _POST array
  * @return  void
  */
 private function profiling($_post)
 {
     $msg = null;
     // ther'is no permission check because each user can only change his profile
     // handle _post
     $post = array('lang' => $_post['lang'], 'username' => $_post['username'], 'description' => strip_tags($_post['description']), 'mail' => $_post['mail'], 'phone' => $_post['phone']);
     // check for password update
     if (!empty($_post['password'])) {
         $post['password'] = X4Utils_helper::hashing($_post['password']);
     }
     $user = new User_model();
     // check if username or email address are already used by another user
     $check = (bool) $user->exists($post['username'], $post['mail'], $_SESSION['xuid']);
     if ($check) {
         $msg = AdmUtils_helper::set_msg($false, '', $this->dict->get_word('_USER_ALREADY_EXISTS', 'msg'));
     } else {
         // update profile
         $result = $user->update($_SESSION['xuid'], $post);
         // if user changes his password then send a reminder
         if ($result[1] && !empty($_post['password'])) {
             // build subject and message
             $s = array('DOMAIN', 'USERNAME', 'PASSWORD');
             $r = array($this->site->site->domain, $_post['username'], $_post['password']);
             $subject = str_replace($s, $r, _SUBJECT_PROFILE);
             $msg = str_replace($s, $r, _MSG_PROFILE);
             $to = array(array('mail' => $_post['mail'], 'name' => $_post['username']));
             // send
             X4Mailer_helper::mailto(MAIL, false, $subject, $msg, $to);
         }
         // set message
         $this->dict->get_words();
         $msg = AdmUtils_helper::set_msg($result);
         // set update
         if ($result[1]) {
             $msg->update[] = array('element' => 'topic', 'url' => urldecode(BASE_URL . 'profile'), 'title' => null);
         }
     }
     $this->response($msg);
 }
Esempio n. 6
0
 public function send($userID = NULL, $email = NULL)
 {
     $session_user = new User_model();
     if (!$session_user->loadPropertiesFromPrimaryKey($_SESSION['UserID'])) {
         redirect('Login/logout');
     }
     if (!$session_user->isAdvisor()) {
         redirect('Login/logout');
     }
     $this->load->library('email');
     $user = new User_model();
     $user->loadPropertiesFromPrimaryKey($userID);
     if ($user->getAdvisor()->getUserID() != $session_user->getUserID()) {
         redirect('Login/logout');
     }
     //Loads user's email if optional email wasn't set
     if ($email == NULL) {
         $email = $user->getEmailAddress();
     }
     //Array of characters to generate password
     $charset = array('!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '~', '=', '+', '_', '-', '?', '/', '>', '<', '.', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'w', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'W', 'Z');
     //Generate random password
     $passlen = mt_rand(8, 12);
     $pass = NULL;
     for ($i = 0; $i < $passlen; $i++) {
         $pass = $pass . $charset[mt_rand(0, count($charset) - 1)];
     }
     //Set user password
     //Email user their login information
     $this->email->from('*****@*****.**', 'Admin Name');
     $this->email->to('*****@*****.**');
     $this->email->subject('Subject');
     $this->email->message('Password: '******'Username: '******'headers', 'subject', 'body'));
     $user->setPassword($pass);
     //Email user their login information
     $this->load->library('email');
     $config['protocol'] = 'smtp';
     $config['smpt_crypt'] = 'ssl';
     $config['smtp_host'] = 'ssl://smtp.gmail.com';
     $config['smtp_port'] = '465';
     $config['smtp_user'] = '******';
     $config['smtp_pass'] = '******';
     $config['mailtype'] = 'html';
     $config['charset'] = 'utf-8';
     $config['newline'] = "\r\n";
     $config['validate'] = FALSE;
     $config['bcc_batch_mode'] = FALSE;
     $config['bcc_batch_size'] = 200;
     $this->email->initialize($config);
     $this->email->from('*****@*****.**', 'Senior');
     $list = array('*****@*****.**');
     $this->email->to($list);
     $this->email->reply_to('*****@*****.**', 'Senior');
     $this->email->subject('Subject');
     $this->email->message('Email works great!');
     if ($user->update() && $this->email->send()) {
         $_SESSION['activation.message'] = "Success!";
     } else {
         $_SESSION['activation.error'] = "Sending email failed!<br />" . $this->email->print_debugger();
     }
     redirect('Activation/index');
 }
Esempio n. 7
0
 public function submitStudentInfoForm($studentID)
 {
     $allCurriculums = $this->Curriculum_model->getAllCurriculums();
     $student = new User_model();
     $student->loadPropertiesFromPrimaryKey($studentID);
     foreach ($allCurriculums as $curriculum) {
         $cID = $curriculum->getCurriculumID();
         if ($this->input->post('Curriculum' . $cID)) {
             if (!in_array($curriculum, $student->getCurriculums())) {
                 $student->addCurriculum($curriculum);
             }
         } else {
             $student->removeCurriculum($curriculum);
         }
     }
     $advisorID = $this->input->post('advisorID');
     $advisor = new User_model();
     $advisor->loadPropertiesFromPrimaryKey($advisorID);
     $curriculum = new Curriculum_model();
     $curriculum->loadPropertiesFromPrimaryKey($curriculumID);
     $student->setAdvisor($advisor);
     $student->update();
     redirect('User/prepareAddCourses/' . $studentID);
 }
Esempio n. 8
0
 /**
 * Register Edit / New User form data
 *
 (if 0 then is a new item)
 * @param   integer $id item ID (if 0 then is a new item)
 * @param   array 	$_post _POST array
 * @return  void
 */
 private function editing($id, $_post)
 {
     $msg = null;
     // check permission
     $msg = $id ? AdmUtils_helper::chk_priv_level($_SESSION['xuid'], 'users', $id, 2) : AdmUtils_helper::chk_priv_level($_SESSION['xuid'], '_user_creation', 0, 4);
     if (is_null($msg)) {
         // handle _post
         $post = array('lang' => $_post['lang'], 'id_group' => $_post['id_group'], 'username' => $_post['username'], 'description' => $_post['description'], 'mail' => $_post['mail'], 'phone' => $_post['phone'], 'level' => $_post['level']);
         // update password
         if (!empty($_post['password'])) {
             $post['password'] = X4Utils_helper::hashing($_post['password']);
         }
         // check if an user with the same username or password already exists
         $user = new User_model();
         $check = (bool) $user->exists($post['username'], $post['mail'], $id);
         if ($check) {
             $msg = AdmUtils_helper::set_msg(false, '', $this->dict->get_word('_USER_ALREADY_EXISTS', 'msg'));
         } else {
             $perm = new Permission_model();
             if ($id) {
                 // update
                 $result = $user->update($id, $post);
                 // update user privileges on areas
                 $perm->set_aprivs($id, $_post['domain']);
                 // redirect
                 $where = '/detail/' . $id;
             } else {
                 // insert
                 $result = $user->insert($post);
                 // redirect
                 $where = '';
                 if ($result[1]) {
                     $id = $result[0];
                     // set privileges on areas
                     $perm->set_aprivs($id, $_post['domain']);
                     // add privs on new user
                     $array[] = array('action' => 'insert', 'id_what' => $result[0], 'id_user' => $_SESSION['xuid'], 'level' => 4);
                     $res = $perm->pexec('users', $array, $_post['id_area']);
                     // refactory permissions for the user
                     $perm->refactory($id);
                 }
             }
             // set message
             $msg = AdmUtils_helper::set_msg($result);
             // set what update
             if ($result[1]) {
                 $msg->update[] = array('element' => 'tdown', 'url' => BASE_URL . 'users' . $where, 'title' => null);
             }
         }
     }
     $this->response($msg);
 }