protected function setUp() { $o_dm = new Datamodel(true); // PHPUnit seems to barf on the caching code if we don't instanciate a Datamodel instance $o_dm->getTableNum("ca_objects"); // set up test role $this->opt_role = new ca_user_roles(); $this->opt_role->setMode(ACCESS_WRITE); $this->opt_role->set("name", "UnitTestRole"); $this->opt_role->set("code", "unit_test_role"); if (!$this->opt_role->insert()) { print "ERROR inserting role: " . join(" ", $this->opt_role->getErrors()) . "\n"; } $this->opt_role->setMode(ACCESS_READ); // set up test user $this->ops_username = "******"; $this->ops_password = "******"; $this->opt_user = new ca_users(); $this->opt_user->setMode(ACCESS_WRITE); $this->opt_user->set(array('user_name' => $this->ops_username, 'password' => $this->ops_password, 'email' => '*****@*****.**', 'active' => 1, 'userclass' => 0, 'fname' => 'Test', 'lname' => "User")); if (!$this->opt_user->insert()) { print "ERROR inserting user: "******" ", $this->opt_user->getErrors()) . "\n"; } $this->opt_user->addRoles("unit_test_role"); $this->opt_user->setMode(ACCESS_READ); global $req, $resp; $resp = new ResponseHTTP(); $req = new RequestHTTP($resp, array("dont_create_new_session" => true)); $this->assertInstanceOf('ca_users', $this->opt_user); $this->assertInstanceOf('ca_user_roles', $this->opt_role); }
/** * Creates a new active user * * @param string $user_name user name * @param string $password password * @param string $email email address * @param string $fname first name * @param string $lname last name * @return int identifier of the new user * @throws SoapFault */ public function createUser($user_name, $password, $email, $fname, $lname) { $t_user = new ca_users(); $t_user->set("user_name", $user_name); $t_user->set("password", $password); $t_user->set("email", $email); $t_user->set("fname", $fname); $t_user->set("lname", $lname); $t_user->set("active", 1); $t_user->setMode(ACCESS_WRITE); $t_user->insert(); if ($t_user->numErrors()) { throw new SoapFault("Server", "Could not create user: "******" ", $t_user->getErrors())); } return $t_user->getPrimaryKey(); }
/** * Reset user password */ public static function reset_password($po_opts = null) { if ($vs_user_name = (string) $po_opts->getOption('user')) { if (!($vs_password = (string) $po_opts->getOption('password'))) { CLIUtils::addError(_t("You must specify a password")); return false; } $t_user = new ca_users(); if (!$t_user->load(array("user_name" => $vs_user_name))) { CLIUtils::addError(_t("User name %1 does not exist", $vs_user_name)); return false; } $t_user->setMode(ACCESS_WRITE); $t_user->set('password', $vs_password); $t_user->update(); if ($t_user->numErrors()) { CLIUtils::addError(_t("Password change for user %1 failed: %2", $vs_user_name, join("; ", $t_user->getErrors()))); return false; } CLIUtils::addMessage(_t('Changed password for user %1', $vs_user_name), array('color' => 'bold_green')); return true; } CLIUtils::addError(_t("You must specify a user")); return false; }
public function createAdminAccount() { require_once __CA_MODELS_DIR__ . "/ca_users.php"; $ps_password = $this->getRandomPassword(); $t_user = new ca_users(); $t_user->setMode(ACCESS_WRITE); $t_user->set("user_name", 'administrator'); $t_user->set("password", $ps_password); $t_user->set("email", $this->ops_admin_email); $t_user->set("fname", 'CollectiveAccess'); $t_user->set("lname", 'Administrator'); $t_user->set("userclass", 0); $t_user->set("active", 1); $t_user->insert(); if ($t_user->numErrors()) { $this->addError("Errors while adding the default administrator account: " . join("; ", $t_user->getErrors())); return false; } return $ps_password; }
function resetSave() { MetaTagManager::setWindowTitle($this->request->config->get("app_display_name") . ": " . _t("Reset Password")); $ps_action = $this->request->getParameter('action', pString); if (!$ps_action) { $ps_action = "reset"; } $ps_key = $this->request->getParameter('key', pString); $ps_key = preg_replace("/[^A-Za-z0-9]+/", "", $ps_key); $this->view->setVar("key", $ps_key); $this->view->setVar("email", $this->request->config->get("ca_admin_email")); $o_check_key = new Db(); $qr_check_key = $o_check_key->query("\n\t\t\t\tSELECT user_id \n\t\t\t\tFROM ca_users \n\t\t\t\tWHERE\n\t\t\t\t\tmd5(concat(concat(user_id, '/'), password)) = ?\n\t\t\t", $ps_key); # # Check reset key # if (!$qr_check_key->nextRow() || !($vs_user_id = $qr_check_key->get("user_id"))) { $this->view->setVar("action", "reset_failure"); $this->view->setVar("message", _t("Your password could not be reset")); $this->render('LoginReg/form_reset_html.php'); } else { $ps_password = $this->request->getParameter('password', pString); $ps_password_confirm = $this->request->getParameter('password_confirm', pString); switch ($ps_action) { case 'reset_save': if (!$ps_password || !$ps_password_confirm) { $this->view->setVar("message", _t("Please enter and re-type your password.")); $ps_action = "reset"; break; } if ($ps_password != $ps_password_confirm) { $this->view->setVar("message", _t("Passwords do not match. Please try again.")); $ps_action = "reset"; break; } $t_user = new ca_users(); $t_user->purify(true); $t_user->load($vs_user_id); # verify user exists with this e-mail address if ($t_user->getPrimaryKey()) { # user with e-mail already exists... $t_user->setMode(ACCESS_WRITE); $t_user->set("password", $ps_password); $t_user->update(); if ($t_user->numErrors()) { $this->notification->addNotification(join("; ", $t_user->getErrors()), __NOTIFICATION_TYPE_INFO__); $ps_action = "reset_failure"; } else { $ps_action = "reset_success"; $o_view = new View($this->request, array($this->request->getViewsDirectoryPath())); # -- generate email subject $vs_subject_line = $o_view->render("mailTemplates/notification_subject.tpl"); # -- generate mail text from template - get both the html and text versions $vs_mail_message_text = $o_view->render("mailTemplates/notification.tpl"); $vs_mail_message_html = $o_view->render("mailTemplates/notification_html.tpl"); caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html); } break; } else { $this->notification->addNotification(_t("Invalid user"), __NOTIFICATION_TYPE_INFO__); $ps_action = "reset_failure"; } } $this->view->setVar("action", $ps_action); $this->render('LoginReg/form_reset_html.php'); } }
public function Save() { // Field to user profile preference mapping $va_mapping = array('billing_organization' => 'user_profile_organization', 'billing_address1' => 'user_profile_address1', 'billing_address2' => 'user_profile_address2', 'billing_city' => 'user_profile_city', 'billing_zone' => 'user_profile_state', 'billing_postal_code' => 'user_profile_postalcode', 'billing_country' => 'user_profile_country', 'billing_phone' => 'user_profile_phone', 'billing_fax' => 'user_profile_fax', 'shipping_organization' => 'user_profile_organization', 'shipping_address1' => 'user_profile_address1', 'shipping_address2' => 'user_profile_address2', 'shipping_city' => 'user_profile_city', 'shipping_zone' => 'user_profile_state', 'shipping_postal_code' => 'user_profile_postalcode', 'shipping_country' => 'user_profile_country', 'shipping_phone' => 'user_profile_phone', 'shipping_fax' => 'user_profile_fax'); $va_errors = array(); $va_failed_insert_list = array(); $va_fields = $this->opt_order->getFormFields(); foreach ($va_fields as $vs_f => $va_field_info) { switch ($vs_f) { case 'transaction_id': // noop break; default: if (isset($_REQUEST[$vs_f])) { if (!$this->opt_order->set($vs_f, $this->request->getParameter($vs_f, pString))) { $va_errors[$vs_f] = $this->opt_order->errors(); } } break; } } // Set additional fees for order $va_fees = $this->opo_client_services_config->getAssoc('additional_order_fees'); if (is_array($va_fees)) { if (!is_array($va_fee_values = $this->opt_order->get('additional_fees'))) { $va_fee_values = array(); } foreach ($va_fees as $vs_code => $va_info) { $va_fee_values[$vs_code] = (double) $this->request->getParameter("additional_fee_{$vs_code}", pString); } $this->opt_order->set('additional_fees', $va_fee_values); } $this->opt_order->setMode(ACCESS_WRITE); if ($this->opt_order->getPrimaryKey()) { $this->opt_order->update(); $vn_transaction_id = $this->opt_order->get('transaction_id'); } else { // Set transaction if (!($vn_transaction_id = $this->request->getParameter('transaction_id', pInteger))) { if (!($vn_user_id = $this->request->getParameter('transaction_user_id', pInteger))) { if ($vs_user_name = $this->request->getParameter('billing_email', pString)) { // Try to create user in-line $t_user = new ca_users(); if ($t_user->load(array('user_name' => $vs_user_name))) { if ($t_user->get('active') == 1) { // user is active - if not active don't use if ($t_user->get('userclass') == 255) { // user is deleted $t_user->setMode(ACCESS_WRITE); $t_user->set('userclass', 1); // 1=public user (no back-end login) $t_user->update(); if ($t_user->numErrors()) { $this->notification->addNotification(_t('Errors occurred when undeleting user: %1', join('; ', $t_user->getErrors())), __NOTIFICATION_TYPE_ERROR__); } else { $vn_user_id = $t_user->getPrimaryKey(); } } else { $vn_user_id = $t_user->getPrimaryKey(); } } else { $t_user->setMode(ACCESS_WRITE); $t_user->set('active', 1); $t_user->set('userclass', 1); // 1=public user (no back-end login) $t_user->update(); if ($t_user->numErrors()) { $this->notification->addNotification(_t('Errors occurred when reactivating user: %1', join('; ', $t_user->getErrors())), __NOTIFICATION_TYPE_ERROR__); } else { $vn_user_id = $t_user->getPrimaryKey(); } } } else { $t_user->setMode(ACCESS_WRITE); $t_user->set('user_name', $vs_user_name); $t_user->set('password', $vs_password = substr(md5(uniqid(microtime())), 0, 6)); $t_user->set('userclass', 1); // 1=public user (no back-end login) $t_user->set('fname', $vs_fname = $this->request->getParameter('billing_fname', pString)); $t_user->set('lname', $vs_lname = $this->request->getParameter('billing_lname', pString)); $t_user->set('email', $vs_user_name); $t_user->insert(); if ($t_user->numErrors()) { $this->notification->addNotification(_t('Errors occurred when creating new user: %1', join('; ', $t_user->getErrors())), __NOTIFICATION_TYPE_ERROR__); } else { $vn_user_id = $t_user->getPrimaryKey(); $this->notification->addNotification(_t('Created new client login for <em>%1</em>. Login name is <em>%2</em> and password is <em>%3</em>', $vs_fname . ' ' . $vs_lname, $vs_user_name, $vs_password), __NOTIFICATION_TYPE_INFO__); // Create related entity? } } } } if ($vn_user_id) { // try to create transaction $t_trans = new ca_commerce_transactions(); $t_trans->setMode(ACCESS_WRITE); $t_trans->set('user_id', $vn_user_id); $t_trans->set('short_description', "Created on " . date("c")); $t_trans->set('set_id', null); $t_trans->insert(); if ($t_trans->numErrors()) { $this->notification->addNotification(_t('Errors occurred when creating commerce transaction: %1', join('; ', $t_trans->getErrors())), __NOTIFICATION_TYPE_ERROR__); } else { $vn_transaction_id = $t_trans->getPrimaryKey(); } } else { $this->notification->addNotification(_t('You must specify a client'), __NOTIFICATION_TYPE_ERROR__); $va_errors['general'][] = new Error(1100, _t('You must specify a client'), 'CheckOutController->Save()', false, false, false); } } $this->opt_order->set('transaction_id', $vn_transaction_id); if ($vn_transaction_id) { $this->opt_order->set('order_type', 'L'); // L = loan (as opposed to 'O' for sales orders) $this->opt_order->set('order_status', 'OPEN'); $this->opt_order->insert(); $this->request->setParameter('order_id', $x = $this->opt_order->getPrimaryKey()); } } if ($vn_transaction_id) { // set user profile if not already set $t_trans = new ca_commerce_transactions($vn_transaction_id); $t_user = new ca_users($t_trans->get('user_id')); $t_user->setMode(ACCESS_WRITE); foreach ($va_mapping as $vs_field => $vs_pref) { if (!strlen($t_user->getPreference($vs_pref))) { $t_user->setPreference($vs_pref, $this->opt_order->get($vs_field)); } } $t_user->update(); $va_additional_fee_codes = $this->opo_client_services_config->getAssoc('additional_loan_fees'); // Look for newly added items $vn_items_added = 0; $vn_item_errors = 0; $vs_errors = ''; foreach ($_REQUEST as $vs_k => $vs_v) { if (preg_match("!^item_list_idnew_([\\d]+)\$!", $vs_k, $va_matches)) { if ($vn_object_id = (int) $vs_v) { // add item to order $va_values = array(); foreach ($_REQUEST as $vs_f => $vs_value) { if (preg_match("!^item_list_([A-Za-z0-9_]+)_new_" . $va_matches[1] . "\$!", $vs_f, $va_matches2)) { $va_values[$va_matches2[1]] = $vs_value; } } // Set additional fees // $va_fee_values = array(); foreach ($va_additional_fee_codes as $vs_code => $va_info) { $va_fee_values[$vs_code] = $_REQUEST['additional_order_item_fee_' . $vs_code . '_new_' . $va_matches[1]]; } $t_item = $this->opt_order->addItem($vn_object_id, $va_values, array('additional_fees' => $va_fee_values)); if ($t_item && $t_item->getPrimaryKey()) { $vn_items_added++; } else { if ($this->opt_order->numErrors()) { $t_object = new ca_objects($vn_object_id); $this->notification->addNotification(_t('Could not check-out item <em>%1</em> (%2) due to errors: %3', $t_object->get('ca_objects.preferred_labels.name'), $t_object->get('idno'), join("; ", $this->opt_order->getErrors())), __NOTIFICATION_TYPE_ERROR__); $vn_item_errors++; $va_fee_values_proc = array(); foreach ($va_fee_values as $vs_k => $vs_v) { $va_fee_values_proc['ADDITIONAL_FEE_' . $vs_k] = $vs_v; } $va_failed_insert_list[] = array_merge($va_values, $va_fee_values_proc, array('autocomplete' => $_REQUEST['item_list_autocompletenew_' . $va_matches[1]], 'id' => $vn_object_id)); } } } } } if (!$this->opt_order->numErrors() && $vn_items_added) { $this->notification->addNotification(_t('Checked out %1 %2 for %3 (order %4)', $vn_items_added, $vn_items_added == 1 ? _t('item') : _t('items'), $t_user->get('fname') . ' ' . $t_user->get('lname'), $this->opt_order->getOrderNumber()), __NOTIFICATION_TYPE_INFO__); $this->opt_order->set('order_status', 'PROCESSED'); $this->opt_order->update(); $this->opt_order = new ca_commerce_orders(); $this->request->setParameter('order_id', null); $this->view->setVar('t_order', $this->opt_order); $this->view->setVar('order_id', $this->opt_order->getPrimaryKey()); $this->view->setVar('t_item', $this->opt_order); } else { if ($vn_items_added == 0 && $this->opt_order->numErrors() == 0) { $vs_errors = _t('No items were specified'); } else { if ($vn_item_errors == 0) { $vs_errors = join('; ', $this->opt_order->getErrors()); } } if ($vs_errors) { $va_errors['general'] = $this->opt_order->errors(); $this->notification->addNotification(_t('Errors occurred: %1', $vs_errors), __NOTIFICATION_TYPE_ERROR__); } } } $this->view->setVar('errors', $va_errors); $this->view->setVar('failed_insert_list', $va_failed_insert_list); $this->Index(); }
function resetSave() { $ps_action = $this->request->getParameter('action', pString); $ps_key = $this->request->getParameter('key', pString); $ps_key = preg_replace("/[^A-Za-z0-9]+/", "", $ps_key); $this->view->setVar("key", $ps_key); $o_check_key = new Db(); $qr_check_key = $o_check_key->query("\n\t\t\t\tSELECT user_id \n\t\t\t\tFROM ca_users \n\t\t\t\tWHERE\n\t\t\t\t\tmd5(concat(concat(user_id, '/'), password)) = ?\n\t\t\t", $ps_key); # # Check reset key # if (!$qr_check_key->nextRow() || !($vs_user_id = $qr_check_key->get("user_id"))) { $this->view->setVar("action", "reset_failure"); $this->render('LoginReg/resetpw_html.php'); } else { $ps_password = $this->request->getParameter('password', pString); $ps_password_confirm = $this->request->getParameter('password_confirm', pString); switch ($ps_action) { case 'reset_save': if (!$ps_password || !$ps_password_confirm) { $this->view->setVar("password_error", _t("Please enter and re-type your password.")); $ps_action = "reset"; break; } if ($ps_password != $ps_password_confirm) { $this->view->setVar("password_error", _t("Passwords do not match. Please try again.")); $ps_action = "reset"; break; } $t_user = new ca_users(); $t_user->load($vs_user_id); # verify user exists with this e-mail address if ($t_user->getPrimaryKey()) { # user with e-mail already exists... $t_user->setMode(ACCESS_WRITE); $t_user->set("password", $ps_password); $t_user->update(); if ($t_user->numErrors()) { $this->notification->addNotification(join("; ", $t_user->getErrors()), __NOTIFICATION_TYPE_INFO__); $ps_action = "reset_failure"; } else { $ps_action = "reset_success"; # -- generate mail text from template ob_start(); require $this->request->getViewsDirectoryPath() . "/mailTemplates/notification.tpl"; $vs_mail_message = ob_get_contents(); ob_end_clean(); caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), "[" . $this->request->config->get("app_display_name") . "] " . _t("Your password has been reset"), $vs_mail_message); } break; } else { $this->notification->addNotification(_t("Invalid user"), __NOTIFICATION_TYPE_INFO__); $ps_action = "reset_failure"; } } $this->view->setVar("action", $ps_action); $this->render('LoginReg/resetpw_html.php'); } }