/** * Recovery password */ public function actionRecovery () { $form = new UserRecoveryForm; if (Y::userId()) { $this->redirect(Y::module()->returnUrl); Y::end(); } $email = isset($_GET['email']) ? $_GET['email'] : ''; $activkey = isset($_GET['activkey']) ? $_GET['activkey'] : ''; if ($email&&$activkey) { //get new pass $find = User::model()->notsafe()->findByAttributes(array('email'=>$email)); if(isset($find)&&$find->activkey==$activkey) { $form2 = new UserChangePassword; if(isset($_POST['UserChangePassword'])) { $form2->attributes=$_POST['UserChangePassword']; if($form2->validate()) { $find->password = UserModule::encrypting($form2->password); if ($find->status==0) { $find->status = 1; } $find->save(); Y::flash('recoveryMessage',Users::t("New password is saved.")); $this->redirect(Y::module()->recoveryUrl); } } $this->render('changepassword',array('form'=>$form2)); } else { Y::flash('recoveryMessage',Users::t("Incorrect recovery link.")); $this->redirect(Y::module()->recoveryUrl); } } else { //send email if(isset($_POST['UserRecoveryForm'])) { $form->attributes=$_POST['UserRecoveryForm']; if($form->validate()) { $user = User::model()->notsafe()->findbyPk($form->user_id); $user->activkey = Y::module()->encrypting(microtime().$user->password); $user->save(); $activation_url = 'http://' . $_SERVER['HTTP_HOST'].$this->siteUrl('user/recovery',array("activkey" => $user->activkey, "email" => urldecode($user->email))); $subject = Users::t("You have requested the password recovery site {site_name}", array( '{site_name}'=>Yii::app()->name, )); $message = Users::t("You have requested the password recovery site {site_name}. To receive a new password, go to {activation_url}.", array( '{site_name}'=>Yii::app()->name, '{activation_url}'=>$activation_url, )); UserModule::sendMail($user->email,$subject,$message); Y::flash('recoveryMessage',Users::t("Please check your email. An instructions was sent to your email address.")); $this->refresh(); } } $this->render('recovery',array('form'=>$form)); } }
/** * Registration user */ public function actionRegistration() { if(Y::module()->isRegistrationClose) $this->redirect('close'); $model = new RegistrationForm; $profile=new Profile; $profile->regMode = true; // ajax validator if(isset($_POST['ajax']) && $_POST['ajax']==='registration-form') Y::end(UActiveForm::validate(array($model,$profile))); if (Y::userId()) { $this->redirect(Y::module()->cabinetUrl); } else { if(isset($_POST['RegistrationForm'])) { $model->attributes=$_POST['RegistrationForm']; $profile->attributes= isset($_POST['Profile'])?$_POST['Profile']:array(); if($model->validate()&&$profile->validate()) { $soucePassword = $model->password; $model->activkey=UserModule::encrypting(microtime().$soucePassword); $model->password=UserModule::encrypting($soucePassword); $model->verifyPassword=UserModule::encrypting($model->verifyPassword); $model->createtime=time(); $model->lastvisit=((Y::module()->loginNotActiv||(Y::module()->activeAfterRegister&&Y::module()->sendActivationMail==false))&&Y::module()->autoLogin)?time():0; $model->superuser=0; $model->status=((Y::module()->activeAfterRegister)?User::STATUS_ACTIVE:User::STATUS_NOACTIVE); if ($model->save()) { $profile->user_id=$model->id; $profile->save(); if (Y::module()->sendActivationMail) { $activation_url = $this->createAbsoluteUrl('/user/activation',array("activkey" => $model->activkey, "email" => $model->email)); UserModule::sendMail($model->email,Users::t("You registered from {site_name}",array('{site_name}'=>Yii::app()->name)),Users::t("Please activate you account go to {activation_url}",array('{activation_url}'=>$activation_url))); } if ((Y::module()->loginNotActiv||(Y::module()->activeAfterRegister&&Y::module()->sendActivationMail==false))&&Y::module()->autoLogin) { $identity=new UserIdentity($model->username,$soucePassword); $identity->authenticate(); Y::user()->login($identity,0); $this->redirect(Y::module()->returnUrl); } else { if (!Y::module()->activeAfterRegister&&!Y::module()->sendActivationMail) { Y::flash('/user/registration',Users::t("Thank you for your registration. Contact Admin to activate your account.")); } elseif(Y::module()->activeAfterRegister&&Y::module()->sendActivationMail==false) { Y::flash('/user/registration',Users::t("Thank you for your registration. Please {{login}}.",array('{{login}}'=>CHtml::link(Users::t('Login'),Y::module()->loginUrl)))); } elseif(Y::module()->loginNotActiv) { Y::flash('/user/registration',Users::t("Thank you for your registration. Please check your email or login.")); } else { Y::flash('/user/registration',Users::t("Thank you for your registration. Please check your email.")); } $this->refresh(); } } } else $profile->validate(); } $this->render('/user/registration',array('model'=>$model,'profile'=>$profile,'lang'=>Yii::app()->language)); } }
/** * @return array validation rules for model attributes. */ public function rules() { return (Y::checkAccess('moderator')?array( array('username, password, email', 'required', 'on' => 'create'), array('username, email', 'required', 'on' => 'update'), array('id, role, username, password, email, activkey, createtime, lastvisit, status', 'safe'), array('username', 'length', 'max'=>20, 'min' => 3,'message' => Users::t("Incorrect username (length between 2 and 20 characters).")), array('password', 'length', 'max'=>128, 'min' => 4,'message' => Users::t("Incorrect password (minimal length 4 symbols).")), array('email', 'email'), array('username', 'unique', 'message' => Users::t("This user's name already exists.")), array('email', 'unique', 'message' => Users::t("This user's email address already exists.")), array('username', 'match', 'pattern' => '/^[A-Za-z0-9_]+$/u','message' => Users::t("Incorrect symbols (A-z0-9).")), array('status', 'in', 'range'=>array(self::STATUS_NOACTIVE,self::STATUS_ACTIVE,self::STATUS_BANED)), array('role', 'in', 'range'=>Lookup::keys('role')), array('username, email, createtime, lastvisit, status', 'required'), array('createtime, lastvisit, status', 'numerical', 'integerOnly'=>true), ):((Y::userId()==$this->id)?array( array('username, email', 'required'), array('username', 'length', 'max'=>20, 'min' => 3,'message' => Users::t("Incorrect username (length between 2 and 20 characters).")), array('email', 'email'), array('username', 'unique', 'message' => Users::t("This user's name already exists.")), array('username', 'match', 'pattern' => '/^[A-Za-z0-9_]+$/u','message' => Users::t("Incorrect symbols (A-z0-9).")), array('email', 'unique', 'message' => Users::t("This user's email address already exists.")), ):array())); }
public function init() { // Иерархию ролей расположим в файле auth.php в директории config приложения if($this->authFile===null){ $this->authFile=Yii::getPathOfAlias('application.config.auth').'.php'; } parent::init(); // Для гостей у нас и так роль по умолчанию guest. if(!Y::isGuest()){ // Связываем роль, заданную в БД с идентификатором пользователя, // возвращаемым UserIdentity.getId(). $this->assign(Y::user()->role, Y::userId()); } }
/** * Change password */ public function actionChangepassword() { $model = new UserChangePassword; if (Y::userId()) { // ajax validator if(isset($_POST['ajax']) && $_POST['ajax']==='changepassword-form') Y::end(UActiveForm::validate($model)); if(isset($_POST['UserChangePassword'])) { $model->attributes=$_POST['UserChangePassword']; if($model->validate()) { $new_password = User::model()->notsafe()->findbyPk(Y::userId()); $new_password->password = UserModule::encrypting($model->password); $new_password->activkey=UserModule::encrypting(microtime().$model->password); $new_password->save(); Y::flashRedir('profileMessage',Users::t("New password is saved."),$this->module->profileUrl); } } $this->render('changepassword',array('model'=>$model)); } }
private function lastVisit() { $lastVisit = User::model()->notsafe()->findByPk(Y::userId()); $lastVisit->lastvisit = time(); $lastVisit->save(); }