public function change()
{
if (!isset($_SESSION['UserID'])) {
redirect('Login/logout');
}
//Create new user and load its data
$user = new User_model();
if (!$user->loadPropertiesFromPrimaryKey($_SESSION['UserID'])) {
redirect('Login/logout');
}
//If user did not load, logout the session
if ($user->isGuest()) {
redirect('Mainpage');
}
//If not a student, redirect to mainpage
$oldpw = $this->input->post('oldpw');
$newpw = $this->input->post('newpw');
$newpw2 = $this->input->post('newpw2');
if (!$user->authenticate($oldpw)) {
$this->load->view('changePassword', array('user' => $user, 'error' => TRUE));
} elseif ($newpw != $newpw2) {
$this->load->view('changePassword', array('user' => $user, 'error2' => TRUE));
} elseif (strpbrk($newpw, '!@#$%&*-+=1234567890') === FALSE || strlen($newpw) < 8) {
$this->load->view('changePassword', array('user' => $user, 'error3' => TRUE));
} elseif (strpbrk($newpw, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ') === FALSE || strlen($newpw) < 8) {
$this->load->view('changePassword', array('user' => $user, 'error3' => TRUE));
} else {
$user->setPassword($newpw);
$user->update();
$this->load->view('changePassword', array('user' => $user, 'success' => TRUE));
}
}
public function auth()
{
//Get the username and password from the field
$username = $this->input->post('username');
$password = $this->input->post('password');
//Create a new user object
$user = new User_model();
//If username exists load userdata
if ($user->loadPropertiesFromPrimaryKey($username) || $user->loadPropertiesFromEmailAddress($username)) {
//If password is correct
if ($user->authenticate($password)) {
if (null !== $user->getLastLogin() && 0 < $user->getLastLogin() && $user->getLastLogin() + 10368000 < time()) {
$advisor = $user->getAdvisor();
$this->load->view('login', array("error2" => TRUE, 'advisorname' => $advisor->getName(), 'advisoremail' => $advisor->getEmailAddress()));
} else {
//Set the logged in timestamp
$user->setLastLogin(time());
$user->update();
//Activate the session
$_SESSION['UserID'] = $user->getUserID();
//Redirect to the mainpage controller
redirect('Mainpage');
}
} else {
//Incorrect username or password, reload login and display an error
$this->load->view('login', array("error" => TRUE));
}
} else {
//Incorrect username or password, reload login and display an error
$this->load->view('login', array("error" => TRUE));
}
}
/**
* Sauvegarde des modifications
*/
public function save()
{
// Mise a jour des donnees en base
$model = new User_model();
$model->usridusr = $this->input->post('usridusr');
$model->usrlbnom = $this->input->post('nom');
$model->usrlblgn = $this->input->post('login');
$model->usrlbpwd = $this->input->post('password');
$model->update($this->db);
$model->setProjects($this->db, explode(",", $this->input->post('selectedProjectIds')));
$this->session->set_flashdata('message', formatInfo('User mis a jour'));
redirect('listusers/index');
}
public function saveOrUpdate($data)
{
if (empty($data)) {
throw new InvalidArgumentException('Data cannot be empty.');
}
$user = new User_model();
$user->username = $data['username'];
$user->password = $data['password'];
$user->firstName = $data['firstName'];
$user->lastName = $data['lastName'];
$user->isAdmin = $data['isAdmin'];
if (!empty($data['userId'])) {
$user->userId = $data['userId'];
$userId = $user->update();
return $userId;
}
$userId = $user->insert();
return $userId;
}
/**
* Register User profile
*
* @access private
* @param array $_post _POST array
* @return void
*/
private function profiling($_post)
{
$msg = null;
// ther'is no permission check because each user can only change his profile
// handle _post
$post = array('lang' => $_post['lang'], 'username' => $_post['username'], 'description' => strip_tags($_post['description']), 'mail' => $_post['mail'], 'phone' => $_post['phone']);
// check for password update
if (!empty($_post['password'])) {
$post['password'] = X4Utils_helper::hashing($_post['password']);
}
$user = new User_model();
// check if username or email address are already used by another user
$check = (bool) $user->exists($post['username'], $post['mail'], $_SESSION['xuid']);
if ($check) {
$msg = AdmUtils_helper::set_msg($false, '', $this->dict->get_word('_USER_ALREADY_EXISTS', 'msg'));
} else {
// update profile
$result = $user->update($_SESSION['xuid'], $post);
// if user changes his password then send a reminder
if ($result[1] && !empty($_post['password'])) {
// build subject and message
$s = array('DOMAIN', 'USERNAME', 'PASSWORD');
$r = array($this->site->site->domain, $_post['username'], $_post['password']);
$subject = str_replace($s, $r, _SUBJECT_PROFILE);
$msg = str_replace($s, $r, _MSG_PROFILE);
$to = array(array('mail' => $_post['mail'], 'name' => $_post['username']));
// send
X4Mailer_helper::mailto(MAIL, false, $subject, $msg, $to);
}
// set message
$this->dict->get_words();
$msg = AdmUtils_helper::set_msg($result);
// set update
if ($result[1]) {
$msg->update[] = array('element' => 'topic', 'url' => urldecode(BASE_URL . 'profile'), 'title' => null);
}
}
$this->response($msg);
}
public function send($userID = NULL, $email = NULL)
{
$session_user = new User_model();
if (!$session_user->loadPropertiesFromPrimaryKey($_SESSION['UserID'])) {
redirect('Login/logout');
}
if (!$session_user->isAdvisor()) {
redirect('Login/logout');
}
$this->load->library('email');
$user = new User_model();
$user->loadPropertiesFromPrimaryKey($userID);
if ($user->getAdvisor()->getUserID() != $session_user->getUserID()) {
redirect('Login/logout');
}
//Loads user's email if optional email wasn't set
if ($email == NULL) {
$email = $user->getEmailAddress();
}
//Array of characters to generate password
$charset = array('!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '~', '=', '+', '_', '-', '?', '/', '>', '<', '.', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'w', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'W', 'Z');
//Generate random password
$passlen = mt_rand(8, 12);
$pass = NULL;
for ($i = 0; $i < $passlen; $i++) {
$pass = $pass . $charset[mt_rand(0, count($charset) - 1)];
}
//Set user password
//Email user their login information
$this->email->from('*****@*****.**', 'Admin Name');
$this->email->to('*****@*****.**');
$this->email->subject('Subject');
$this->email->message('Password: '******'Username: '******'headers', 'subject', 'body'));
$user->setPassword($pass);
//Email user their login information
$this->load->library('email');
$config['protocol'] = 'smtp';
$config['smpt_crypt'] = 'ssl';
$config['smtp_host'] = 'ssl://smtp.gmail.com';
$config['smtp_port'] = '465';
$config['smtp_user'] = '******';
$config['smtp_pass'] = '******';
$config['mailtype'] = 'html';
$config['charset'] = 'utf-8';
$config['newline'] = "\r\n";
$config['validate'] = FALSE;
$config['bcc_batch_mode'] = FALSE;
$config['bcc_batch_size'] = 200;
$this->email->initialize($config);
$this->email->from('*****@*****.**', 'Senior');
$list = array('*****@*****.**');
$this->email->to($list);
$this->email->reply_to('*****@*****.**', 'Senior');
$this->email->subject('Subject');
$this->email->message('Email works great!');
if ($user->update() && $this->email->send()) {
$_SESSION['activation.message'] = "Success!";
} else {
$_SESSION['activation.error'] = "Sending email failed!<br />" . $this->email->print_debugger();
}
redirect('Activation/index');
}
public function submitStudentInfoForm($studentID)
{
$allCurriculums = $this->Curriculum_model->getAllCurriculums();
$student = new User_model();
$student->loadPropertiesFromPrimaryKey($studentID);
foreach ($allCurriculums as $curriculum) {
$cID = $curriculum->getCurriculumID();
if ($this->input->post('Curriculum' . $cID)) {
if (!in_array($curriculum, $student->getCurriculums())) {
$student->addCurriculum($curriculum);
}
} else {
$student->removeCurriculum($curriculum);
}
}
$advisorID = $this->input->post('advisorID');
$advisor = new User_model();
$advisor->loadPropertiesFromPrimaryKey($advisorID);
$curriculum = new Curriculum_model();
$curriculum->loadPropertiesFromPrimaryKey($curriculumID);
$student->setAdvisor($advisor);
$student->update();
redirect('User/prepareAddCourses/' . $studentID);
}
/**
* Register Edit / New User form data
*
(if 0 then is a new item)
* @param integer $id item ID (if 0 then is a new item)
* @param array $_post _POST array
* @return void
*/
private function editing($id, $_post)
{
$msg = null;
// check permission
$msg = $id ? AdmUtils_helper::chk_priv_level($_SESSION['xuid'], 'users', $id, 2) : AdmUtils_helper::chk_priv_level($_SESSION['xuid'], '_user_creation', 0, 4);
if (is_null($msg)) {
// handle _post
$post = array('lang' => $_post['lang'], 'id_group' => $_post['id_group'], 'username' => $_post['username'], 'description' => $_post['description'], 'mail' => $_post['mail'], 'phone' => $_post['phone'], 'level' => $_post['level']);
// update password
if (!empty($_post['password'])) {
$post['password'] = X4Utils_helper::hashing($_post['password']);
}
// check if an user with the same username or password already exists
$user = new User_model();
$check = (bool) $user->exists($post['username'], $post['mail'], $id);
if ($check) {
$msg = AdmUtils_helper::set_msg(false, '', $this->dict->get_word('_USER_ALREADY_EXISTS', 'msg'));
} else {
$perm = new Permission_model();
if ($id) {
// update
$result = $user->update($id, $post);
// update user privileges on areas
$perm->set_aprivs($id, $_post['domain']);
// redirect
$where = '/detail/' . $id;
} else {
// insert
$result = $user->insert($post);
// redirect
$where = '';
if ($result[1]) {
$id = $result[0];
// set privileges on areas
$perm->set_aprivs($id, $_post['domain']);
// add privs on new user
$array[] = array('action' => 'insert', 'id_what' => $result[0], 'id_user' => $_SESSION['xuid'], 'level' => 4);
$res = $perm->pexec('users', $array, $_post['id_area']);
// refactory permissions for the user
$perm->refactory($id);
}
}
// set message
$msg = AdmUtils_helper::set_msg($result);
// set what update
if ($result[1]) {
$msg->update[] = array('element' => 'tdown', 'url' => BASE_URL . 'users' . $where, 'title' => null);
}
}
}
$this->response($msg);
}
