public function execute() { $form = shopHelper::getCustomerForm(); if ($form->post()) { $customer_validation_disabled = wa()->getSetting('disable_backend_customer_form_validation'); if ($customer_validation_disabled || $form->isValid()) { $c = new waContact(); if ($customer_validation_disabled) { $errors = array(); $c->save($form->post()); } else { $errors = $c->save($form->post(), true); } if (!$errors) { $scm = new shopCustomerModel(); $scm->createFromContact($c->getId()); echo '<script>$.customers.reloadSidebar(); window.location.hash = "#/id/' . $c->getId() . '"</script>'; exit; } // Show errors that waContact returned, e.g. email must be unique. foreach ($errors as $fld => $list) { foreach ($list as $err) { $form->errors($fld, $err); } } } } $this->view->assign('form', $form); $this->view->assign('customer_validation_disabled', wa()->getSetting('disable_backend_customer_form_validation')); }
public function execute() { // Задаём лайаут для фронтенда $this->setLayout(new guestbook2FrontendLayout()); // Получаем hash из GET параметров $hash = waRequest::get('hash'); // Проверяем хэш if (!$hash || strlen($hash) < 33) { $this->redirect(wa()->getRouteUrl('/frontend')); } // Получаем contact_id из хэша $contact_id = substr($hash, 16, -16); $hash = substr($hash, 0, 16) . substr($hash, -16); $contact = new waContact($contact_id); // Проверяем валидность хэша if ($contact->getSettings($this->getAppId(), 'confirm_hash') === $hash) { // Удаляем хэш $contact->delSettings($this->getAppId(), 'confirm_hash'); // Выставляем статус confirmed для email-адреса контакта $contact['email'] = array('value' => $contact->get('email', 'default'), 'status' => 'confirmed'); // Сохраняем контакт $contact->save(); } else { // Если хэш неправильный, то просто редирект на главную страницу $this->redirect(wa()->getRouteUrl('/frontend')); } }
/** Using $this->id get waContact and save it in $this->contact; * Load vars into $this->view specific to waContact. */ protected function getContactInfo() { $system = wa(); if ($this->id == $system->getUser()->getId()) { $this->contact = $system->getUser(); $this->view->assign('own_profile', true); } else { $this->contact = new waContact($this->id); $this->view->assign('own_profile', false); } $exists = $this->contact->exists(); if ($exists) { $this->view->assign('contact', $this->contact); // who created this contact and when $this->view->assign('contact_create_time', waDateTime::format('datetime', $this->contact['create_datetime'], $system->getUser()->getTimezone())); if ($this->contact['create_contact_id']) { try { $author = new waContact($this->contact['create_contact_id']); if ($author['name']) { $this->view->assign('author', $author); } } catch (Exception $e) { // Contact not found. Ignore silently. } } $this->view->assign('top', $this->contact->getTopFields()); // Main contact editor data $fieldValues = $this->contact->load('js', true); $m = new waContactModel(); if (isset($fieldValues['company_contact_id'])) { if (!$m->getById($fieldValues['company_contact_id'])) { $fieldValues['company_contact_id'] = 0; $this->contact->save(array('company_contact_id' => 0)); } } $contactFields = waContactFields::getInfo($this->contact['is_company'] ? 'company' : 'person', true); // Only show fields that are allowed in own profile if (!empty($this->params['limited_own_profile'])) { $allowed = array(); foreach (waContactFields::getAll('person') as $f) { if ($f->getParameter('allow_self_edit')) { $allowed[$f->getId()] = true; } } $fieldValues = array_intersect_key($fieldValues, $allowed); $contactFields = array_intersect_key($contactFields, $allowed); } contactsHelper::normalzieContactFieldValues($fieldValues, $contactFields); $this->view->assign('contactFields', $contactFields); $this->view->assign('contactFieldsOrder', array_keys($contactFields)); $this->view->assign('fieldValues', $fieldValues); // Contact categories $cm = new waContactCategoriesModel(); $this->view->assign('contact_categories', array_values($cm->getContactCategories($this->id))); } else { $this->view->assign('contact', array('id' => $this->id)); } return $exists; }
/** * @param array $data * @return waContact */ protected function afterAuth($data) { $app_id = $this->getStorage()->get('auth_app'); $contact_id = 0; // find contact by auth adapter id, i.e. facebook_id $contact_data_model = new waContactDataModel(); $row = $contact_data_model->getByField(array('field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); if ($row) { $contact_id = $row['contact_id']; } // try find user by email if (!$contact_id && isset($data['email'])) { $sql = "SELECT c.id FROM wa_contact_emails e\n JOIN wa_contact c ON e.contact_id = c.id\n WHERE e.email = s:email AND e.sort = 0 AND c.password != ''"; $contact_model = new waContactModel(); $contact_id = $contact_model->query($sql, array('email' => $data['email']))->fetchField('id'); // save source_id if ($contact_id) { $contact_data_model->insert(array('contact_id' => $contact_id, 'field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); } } // create new contact if (!$contact_id) { $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . end($photo_url_parts), $app_id); $photo = file_get_contents($photo_url); file_put_contents($path, $photo); $contact->setPhoto($path); } } else { $contact = new waContact($contact_id); } // auth user if ($contact_id) { wa()->getAuth()->auth(array('id' => $contact_id)); return $contact; } return false; }
public function execute() { $this->contact = wa()->getUser(); $data = json_decode(waRequest::post('data'), true); if (!$data || !is_array($data)) { $this->response = array('errors' => array(), 'data' => array()); return; } // Make sure only allowed fields are saved $allowed = array(); foreach (waContactFields::getAll('person') as $f) { if ($f->getParameter('allow_self_edit')) { $allowed[$f->getId()] = true; } } $data = array_intersect_key($data, $allowed); $oldLocale = $this->getUser()->getLocale(); // Validate and save contact if no errors found $errors = $this->contact->save($data, true); if ($errors) { $response = array(); } else { // New data formatted for JS $response['name'] = $this->contact->get('name', 'js'); foreach ($data as $field_id => $field_value) { if (!isset($errors[$field_id])) { $response[$field_id] = $this->contact->get($field_id, 'js'); } } // Top fields $response['top'] = array(); foreach (array('email', 'phone', 'im') as $f) { if ($v = $this->contact->get($f, 'top,html')) { $response['top'][] = array('id' => $f, 'name' => waContactFields::get($f)->getName(), 'value' => is_array($v) ? implode(', ', $v) : $v); } } } // Reload page with new language if user just changed it in own profile if ($oldLocale != $this->contact->getLocale()) { $response['reload'] = TRUE; } $this->response = array('errors' => $errors, 'data' => $response); }
public function execute() { $id = $this->getRequest()->request('id', null, waRequest::TYPE_INT); $sort = $this->getRequest()->request('sort', null, waRequest::TYPE_INT); if ($id && $sort !== null) { $lat = $this->getRequest()->request('lat', '', waRequest::TYPE_STRING); $lng = $this->getRequest()->request('lng', '', waRequest::TYPE_STRING); $contact = new waContact($id); $address = array(); foreach ($contact->get('address') as $i => $addr) { $address[$i] = array('value' => $addr['data'], 'ext' => $addr['ext']); } $address[$sort]['value']['lat'] = $lat; $address[$sort]['value']['lng'] = $lng; $contact->save(array('address' => $address)); } }
public function execute() { // There is the same code in webasystProfileSaveGeocoords.controller.php $id = $this->getRequest()->request('id', null, waRequest::TYPE_INT); $sort = $this->getRequest()->request('sort', null, waRequest::TYPE_INT); if ($id && $sort !== null) { $lat = $this->getRequest()->request('lat', '', waRequest::TYPE_STRING); $lng = $this->getRequest()->request('lng', '', waRequest::TYPE_STRING); $contact = new waContact($id); $address = array(); foreach ($contact->get('address') as $i => $addr) { $address[$i] = array('value' => $addr['data'], 'ext' => $addr['ext']); } $address[$sort]['value']['lat'] = $lat; $address[$sort]['value']['lng'] = $lng; $contact->save(array('address' => $address)); } }
public function execute() { $id = $this->getId(); // Delete the old photos if they exist $oldDir = wa()->getDataPath(waContact::getPhotoDir($id), TRUE); if (file_exists($oldDir)) { waFiles::delete($oldDir); } // Update record in DB for this user $contact = new waContact($id); $contact['photo'] = 0; $contact->save(); // Update recent history to reload thumbnail correctly (if not called from personal account) if (wa()->getUser()->get('is_user')) { $history = new contactsHistoryModel(); $history->save('/contact/' . $id, null, null, '--'); } $this->response = array('done' => 1, 'url' => $contact->getPhoto()); }
public function execute() { if (!$this->getRequest()->request('json', 0)) { $action = new contactsContactsInfoAction(); echo $action->display(); return; } $m = new waContactModel(); $contact_id = $this->getRequest()->request('id', 0, 'int'); $contact = new waContact($contact_id); $values = $contact->load('js', true); if (isset($values['company_contact_id'])) { if (!$m->getById($values['company_contact_id'])) { $values['company_contact_id'] = 0; $contact->save(array('company_contact_id' => 0)); } } $values['photo_url_96'] = $contact->getPhoto(96); $values['photo_url_20'] = $contact->getPhoto(20); $fields = waContactFields::getInfo($contact['is_company'] ? 'company' : 'person', true); echo json_encode(array('fields' => $fields, 'values' => $values, 'top' => $contact->getTopFields())); }
public function execute() { // Setting the frontend layout // Задаём лайаут для фронтенда $this->setLayout(new guestbook2FrontendLayout()); // Retrieving hash from the GET request // Получаем hash из GET параметров $hash = waRequest::get('hash'); // Verifying hash // Проверяем хэш if (!$hash || strlen($hash) < 33) { $this->redirect(wa()->getRouteUrl('/frontend')); } // Retrieving contact_id from the hash // Получаем contact_id из хэша $contact_id = substr($hash, 16, -16); $hash = substr($hash, 0, 16) . substr($hash, -16); $contact = new waContact($contact_id); // Validating hash // Проверяем валидность хэша if ($contact->getSettings($this->getAppId(), 'confirm_hash') === $hash) { // Deleting hash // Удаляем хэш $contact->delSettings($this->getAppId(), 'confirm_hash'); // Setting "confirmed" status to the contact's email address // Выставляем статус confirmed для email-адреса контакта $contact['email'] = array('value' => $contact->get('email', 'default'), 'status' => 'confirmed'); // Saving contact // Сохраняем контакт $contact->save(); } else { // If the hash is incorrect then simply redirect to the home page // Если хэш неправильный, то просто редирект на главную страницу $this->redirect(wa()->getRouteUrl('/frontend')); } }
public function execute() { $this->id = (int) waRequest::post('id'); // Check access if (!$this->id) { if (!$this->getRights('create')) { throw new waRightsException('Access denied.'); } } else { $cr = new contactsRightsModel(); if ($cr->getRight(null, $this->id) != 'write') { throw new waRightsException('Access denied.'); } } $this->type = waRequest::post('type'); $this->contact = new waContact($this->id); if ($this->type == 'company') { $this->contact['is_company'] = 1; } $data = json_decode(waRequest::post('data'), true); if (!$this->id && !isset($data['create_method'])) { $data['create_method'] = 'add'; } $oldLocale = $this->getUser()->getLocale(); // get old data for logging if ($this->id) { $old_data = array(); foreach ($data as $field_id => $field_value) { $old_data[$field_id] = $this->contact->get($field_id); } } $response = array(); if (!($errors = $this->contact->save($data, true))) { if ($this->id) { $new_data = array(); foreach ($data as $field_id => $field_value) { if (!isset($errors[$field_id])) { $response[$field_id] = $this->contact->get($field_id, 'js'); $new_data[$field_id] = $this->contact->get($field_id); } } if (empty($errors)) { $this->logContactEdit($old_data, $new_data); } $response['name'] = $this->contact->get('name', 'js'); $response['top'] = contactsHelper::getTop($this->contact); $response['id'] = $this->contact->getId(); } else { $response = array('id' => $this->contact->getId()); $response['address'] = $this->contact->get('address', 'js'); $this->logAction('contact_add', null, $this->contact->getId()); } // Update recently added menu item $name = waContactNameField::formatName($this->contact); if ($name || $name === '0') { $history = new contactsHistoryModel(); $history->save('/contact/' . $this->contact->getId(), $name, $this->id ? null : 'add'); $history = $history->get(); // to update history in user's browser } } // Reload page with new language if user just changed it in own profile if ($this->contact->getId() == $this->getUser()->getId() && $oldLocale != $this->contact->getLocale()) { $response['reload'] = true; } $this->response = array('errors' => $errors, 'data' => $response); if (isset($history)) { $this->response['history'] = $history; } }
/** * Merge given contacts into master contact, save, send merge event, then delete slaves. * * !!! Probably should move it into something like contactsHelper * * @param array $merge_ids list of contact ids * @param int $master_id contact id to merge others into * @return array */ public static function merge($merge_ids, $master_id) { $merge_ids[] = $master_id; // List of contacts to merge $collection = new contactsCollection('id/' . implode(',', $merge_ids)); $contacts_data = $collection->getContacts('*'); // Master contact data if (!$master_id || !isset($contacts_data[$master_id])) { throw new waException('No contact to merge into.'); } $master_data = $contacts_data[$master_id]; unset($contacts_data[$master_id]); $master = new waContact($master_id); $result = array('total_requested' => count($contacts_data) + 1, 'total_merged' => 0, 'error' => '', 'users' => 0); if ($master_data['photo']) { $filename = wa()->getDataPath(waContact::getPhotoDir($master_data['id']) . "{$master_data['photo']}.original.jpg", true, 'contacts'); if (!file_exists($filename)) { $master_data['photo'] = null; } } $data_fields = waContactFields::getAll('enabled'); $check_duplicates = array(); // field_id => true $update_photo = null; // if need to update photo here it is file paths // merge loop foreach ($contacts_data as $id => $info) { if ($info['is_user'] > 0) { $result['users']++; unset($contacts_data[$id]); continue; } foreach ($data_fields as $f => $field) { if (!empty($info[$f])) { if ($field->isMulti()) { $master->add($f, $info[$f]); $check_duplicates[$f] = true; } else { // Field does not allow multiple values. // Set value if no value yet. if (empty($master_data[$f])) { $master[$f] = $master_data[$f] = $info[$f]; } } } } // photo if (!$master_data['photo'] && $info['photo'] && !$update_photo) { $filename_original = wa()->getDataPath(waContact::getPhotoDir($info['id']) . "{$info['photo']}.original.jpg", true, 'contacts'); if (file_exists($filename_original)) { $update_photo = array('original' => $filename_original); $filename_crop = wa()->getDataPath(waContact::getPhotoDir($info['id']) . "{$info['photo']}.jpg", true, 'contacts'); if (file_exists($filename_crop)) { $update_photo['crop'] = $filename_crop; } } } // birthday parts if (!empty($data_fields['birthday'])) { foreach (array('birth_day', 'birth_month', 'birth_year') as $f) { if (empty($master_data[$f]) && !empty($info[$f])) { $master[$f] = $master_data[$f] = $info[$f]; } } } } // Remove duplicates foreach (array_keys($check_duplicates) as $f) { $values = $master[$f]; if (!is_array($values) || count($values) <= 1) { continue; } $unique_values = array(); // md5 => true foreach ($values as $k => $v) { if (is_array($v)) { if (isset($v['value']) && is_string($v['value'])) { $v = $v['value']; } else { unset($v['ext'], $v['status']); ksort($v); $v = serialize($v); } } $hash = md5(mb_strtolower($v)); if (!empty($unique_values[$hash])) { unset($values[$k]); continue; } $unique_values[$hash] = true; } $master[$f] = array_values($values); } // Save master contact $errors = $master->save(array(), 42); // 42 == do not validate anything at all if ($errors) { $errormsg = array(); foreach ($errors as $field => $err) { if (!is_array($err)) { $err = array($err); } foreach ($err as $str) { $errormsg[] = $field . ': ' . $str; } } $result['error'] = implode("\n<br>", $errormsg); return $result; } // Merge categories $category_ids = array(); $ccm = new waContactCategoriesModel(); foreach ($ccm->getContactsCategories($merge_ids) as $cid => $cats) { $category_ids += array_flip($cats); } $category_ids = array_keys($category_ids); $ccm->add($master_id, $category_ids); // update photo if ($update_photo) { $rand = mt_rand(); $path = wa()->getDataPath(waContact::getPhotoDir($master['id']), true, 'contacts', false); // delete old image if (file_exists($path)) { waFiles::delete($path); } waFiles::create($path); $filename = $path . "/" . $rand . ".original.jpg"; waFiles::create($filename); waImage::factory($update_photo['original'])->save($filename, 90); if (!empty($update_photo['crop'])) { $filename = $path . "/" . $rand . ".jpg"; waFiles::create($filename); waImage::factory($update_photo['crop'])->save($filename, 90); } else { waFiles::copy($filename, $path . "/" . $rand . ".jpg"); } $master->save(array('photo' => $rand)); } $result['total_merged'] = count($contacts_data) + 1; $contact_ids = array_keys($contacts_data); // wa_log $log_model = new waLogModel(); $log_model->updateByField('contact_id', $contact_ids, array('contact_id' => $master_id)); // wa_login_log $login_log_model = new waLoginLogModel(); $login_log_model->updateByField('contact_id', $contact_ids, array('contact_id' => $master_id)); // Merge event $params = array('contacts' => $contact_ids, 'id' => $master_data['id']); wa()->event(array('contacts', 'merge'), $params); // Delete all merged contacts $contact_model = new waContactModel(); $contact_model->delete($contact_ids, false); // false == do not trigger event $history_model = new contactsHistoryModel(); foreach ($contact_ids as $contact_id) { $history_model->deleteByField(array('type' => 'add', 'hash' => '/contact/' . $contact_id)); } return $result; }
/** * @param array $data * @return waContact */ protected function afterAuth($data) { $app_id = $this->getStorage()->get('auth_app'); $contact_id = 0; // find contact by auth adapter id, i.e. facebook_id $contact_data_model = new waContactDataModel(); $row = $contact_data_model->getByField(array('field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); if ($row) { $contact_id = $row['contact_id']; } // try find user by email if (!$contact_id && isset($data['email'])) { $contact_model = new waContactModel(); $sql = "SELECT c.id FROM wa_contact_emails e\n JOIN wa_contact c ON e.contact_id = c.id\n WHERE e.email LIKE '" . $contact_model->escape($data['email'], 'like') . "' AND e.sort = 0 AND c.password != ''"; $contact_id = $contact_model->query($sql)->fetchField('id'); // save source_id if ($contact_id) { $contact_data_model->insert(array('contact_id' => $contact_id, 'field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); } } // create new contact if (!$contact_id) { $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . md5(end($photo_url_parts)), $app_id); $s = parse_url($photo_url, PHP_URL_SCHEME); $w = stream_get_wrappers(); if (in_array($s, $w) && ini_get('allow_url_fopen')) { $photo = file_get_contents($photo_url); } elseif (function_exists('curl_init')) { $ch = curl_init($photo_url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25); $photo = curl_exec($ch); curl_close($ch); } else { $photo = null; } if ($photo) { file_put_contents($path, $photo); $contact->setPhoto($path); } } } else { $contact = new waContact($contact_id); } // auth user if ($contact_id) { wa()->getAuth()->auth(array('id' => $contact_id)); return $contact; } return false; }
public function execute() { // only allowed to global admin if (!wa()->getUser()->getRights('webasyst', 'backend')) { throw new waRightsException('Access denied.'); } $app_id = waRequest::post('app_id'); $name = waRequest::post('name'); $value = (int) waRequest::post('value'); $contact_id = waRequest::get('id'); $has_backend_access_old = $this->hasBackendAccess($contact_id); if (!$name && !$value) { $values = waRequest::post('app'); if (!is_array($values)) { throw new waException('Bad values for access rights.'); } } else { $values = array($name => $value); } $right_model = new waContactRightsModel(); $is_admin = $right_model->get($contact_id, 'webasyst', 'backend', false); if ($is_admin && $app_id != 'webasyst') { throw new waException('Cannot change application rights for global admin.'); } // If $contact_id used to have limited access and we're changing global admin privileges, // then need to notify all applications to remove their custom access records. if (!$is_admin && $app_id == 'webasyst' && $name == 'backend') { foreach (wa()->getApps() as $aid => $app) { try { if (isset($app['rights']) && $app['rights']) { $app_config = SystemConfig::getAppConfig($aid); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); $right_config = null; if (!file_exists($file_path)) { continue; } waSystem::getInstance($aid, $app_config); include_once $file_path; /** * @var waRightConfig */ $right_config = new $class_name(); $right_config->clearRights($contact_id); } } catch (Exception $e) { // silently ignore other applications errors } } } // Update $app_id access records $app_config = SystemConfig::getAppConfig($app_id); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); $right_config = null; if (file_exists($file_path)) { // Init app waSystem::getInstance($app_id, $app_config); include_once $file_path; /** * @var waRightConfig */ $right_config = new $class_name(); } foreach ($values as $name => $value) { if ($right_config && $right_config->setRights($contact_id, $name, $value)) { // If we've got response from custom rights config, then no need to update main rights table continue; } // Set default limited rights if ($right_config && $name == 'backend' && $value == 1) { /** * @var $right_config waRightConfig */ foreach ($right_config->setDefaultRights($contact_id) as $n => $v) { $right_model->save($contact_id, $app_id, $n, $v); } } $right_model->save($contact_id, $app_id, $name, $value); } waSystem::setActive('contacts'); if ($contact_id) { // TODO: use waContact method for disabling $is_user = waRequest::post('is_user', null, 'int'); if ($is_user === -1 || $is_user === 0 || $is_user === 1) { $contact = new waContact($contact_id); $contact->save(array('is_user' => $is_user)); $this->response['access_disable_msg'] = contactsHelper::getAccessDisableMsg($contact); } } $has_backend_access_new = $this->hasBackendAccess($contact_id); if ($has_backend_access_new !== $has_backend_access_old) { if ($has_backend_access_new) { $this->logAction("grant_backend_access", null, $contact_id); } else { $this->logAction("revoke_backend_access", null, $contact_id); } } }
/** * @param array $data * @param array $errors * @return bool|waContact */ public function signup($data, &$errors = array()) { // check exists contacts $auth = wa()->getAuth(); $field_id = $auth->getOption('login'); if ($field_id == 'login') { $field_name = _ws('Login'); } else { $field = waContactFields::get($field_id); if ($field) { $field_name = $field->getName(); } else { $field_name = ucfirst($field_id); } } $is_error = false; // check passwords if ($data['password'] !== $data['password_confirm']) { $errors['password'] = array(); $errors['password_confirm'] = array(_ws('Passwords do not match')); $is_error = true; } elseif (!$data['password']) { $errors['password'] = array(); $errors['password_confirm'][] = _ws('Password can not be empty.'); $is_error = true; } if (!$data[$field_id]) { $errors[$field_id] = array(sprintf(_ws("%s is required"), $field_name)); $is_error = true; } $contact = $auth->getByLogin($data[$field_id]); if ($contact) { $errors[$field_id] = array(sprintf(_ws('User with the same %s is already registered'), $field_name)); $is_error = true; } // set unconfirmed status for email if (isset($data['email']) && $data['email']) { $data['email'] = array('value' => $data['email'], 'status' => 'unconfirmed'); } // check captcha $auth_config = wa()->getAuthConfig(); if (isset($auth_config['signup_captcha']) && $auth_config['signup_captcha']) { if (!wa()->getCaptcha()->isValid()) { $errors['captcha'] = _ws('Invalid captcha'); $is_error = true; } } if ($is_error) { return false; } // remove password_confirm field unset($data['password_confirm']); // set advansed data $data['create_method'] = 'signup'; $data['create_ip'] = waRequest::getIp(); $data['create_user_agent'] = waRequest::getUserAgent(); // try save contact $contact = new waContact(); if (!($errors = $contact->save($data, true))) { // after sign up callback $this->afterSignup($contact); // auth new contact wa()->getAuth()->auth($contact); return $contact; } if (isset($errors['name'])) { $errors['firstname'] = array(); $errors['middlename'] = array(); $errors['lastname'] = $errors['name']; } return false; }
/** * @param array $data * @return waContact * @throws waException */ protected function createContact($data) { $app_id = $this->getStorage()->get('auth_app'); $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . md5(end($photo_url_parts)), $app_id); $s = parse_url($photo_url, PHP_URL_SCHEME); $w = stream_get_wrappers(); if (in_array($s, $w) && ini_get('allow_url_fopen')) { $photo = file_get_contents($photo_url); } elseif (function_exists('curl_init')) { $ch = curl_init($photo_url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25); $photo = curl_exec($ch); curl_close($ch); } else { $photo = null; } if ($photo) { file_put_contents($path, $photo); $contact->setPhoto($path); } } /** * @event signup * @param waContact $contact */ wa()->event('signup', $contact); return $contact; }
public function execute() { $this->id = (int) waRequest::post('id'); // Check access if (!$this->id) { if (!$this->getRights('create')) { throw new waRightsException('Access denied.'); } } else { $cr = new contactsRightsModel(); if ($cr->getRight(null, $this->id) != 'write') { throw new waRightsException('Access denied.'); } } $this->type = waRequest::post('type'); $this->contact = new waContact($this->id); if ($this->type == 'company') { $this->contact['is_company'] = 1; } $data = json_decode(waRequest::post('data'), true); if (!$this->id && !isset($data['create_method'])) { $data['create_method'] = 'add'; } $oldLocale = $this->getUser()->getLocale(); $response = array(); if (!($errors = $this->contact->save($data, true))) { if ($this->id) { foreach ($data as $field_id => $field_value) { if (!isset($errors[$field_id])) { $response[$field_id] = $this->contact->get($field_id, 'js'); } } $response['name'] = $this->contact->get('name', 'js'); $fields = array('email', 'phone', 'im'); $top = array(); foreach ($fields as $f) { if ($v = $this->contact->get($f, 'top,html')) { $top[] = array('id' => $f, 'name' => waContactFields::get($f)->getName(), 'value' => is_array($v) ? implode(', ', $v) : $v); } } $response['top'] = $top; } else { $response = array('id' => $this->contact->getId()); $this->log('contact_add', 1); } // Update recently added menu item if (($name = $this->contact->get('name')) || $name === '0') { $name = trim($this->contact->get('title') . ' ' . $name); $history = new contactsHistoryModel(); $history->save('/contact/' . $this->contact->getId(), $name, $this->id ? null : 'add'); $history = $history->get(); // to update history in user's browser } } // Reload page with new language if user just changed it in own profile if ($this->contact->getId() == $this->getUser()->getId() && $oldLocale != $this->contact->getLocale()) { $response['reload'] = TRUE; } $this->response = array('errors' => $errors, 'data' => $response); if (isset($history)) { $this->response['history'] = $history; } }
public function execute() { if ($shipping_id = waRequest::post('shipping_id')) { if ($data = waRequest::post('customer_' . $shipping_id)) { $settings = wa('shop')->getConfig()->getCheckoutSettings(); if (!isset($settings['contactinfo']) || !isset($settings['contactinfo']['fields']['address.shipping']) && !isset($settings['contactinfo']['fields']['address'])) { $settings = wa('shop')->getConfig()->getCheckoutSettings(true); } $plugin = shopShipping::getPlugin(null, $shipping_id); $form = $this->getAddressForm($shipping_id, $plugin, $settings, array(), true); if (!$form->isValid()) { return false; } $contact = $this->getContact(); if (!$contact) { $contact = new waContact(); } if ($data && is_array($data)) { foreach ($data as $field => $value) { if (is_array($value) && ($old = $contact->get($field))) { if (isset($old[0]['data'])) { foreach ($old[0]['data'] as $k => $v) { if (!isset($value[$k])) { $value[$k] = $v; } } } } $contact->set($field, $value); } if (wa()->getUser()->isAuth()) { $contact->save(); } else { $this->setSessionData('contact', $contact); } } } $rates = waRequest::post('rate_id'); $rate_id = isset($rates[$shipping_id]) ? $rates[$shipping_id] : null; $rate = $this->getRate($shipping_id, $rate_id); if (is_string($rate)) { $rate = false; } $this->setSessionData('shipping', array('id' => $shipping_id, 'rate_id' => $rate_id, 'name' => $rate ? $rate['name'] : '', 'plugin' => $rate ? $rate['plugin'] : '')); if (!$rate) { return false; } if ($comment = waRequest::post('comment')) { $this->setSessionData('comment', $comment); } if ($shipping_params = waRequest::post('shipping_' . $shipping_id)) { $params = $this->getSessionData('params', array()); $params['shipping'] = $shipping_params; $this->setSessionData('params', $params); } return true; } else { return false; } }
public static function revokeUser($id) { // wa_contact $user = new waContact($id); $user['is_user'] = 0; $user['login'] = null; $user['password'] = ''; $user->save(); // user groups $ugm = new waUserGroupsModel(); $ugm->delete($id); // Access rigths $right_model = new waContactRightsModel(); $right_model->deleteByField('group_id', -$id); // Custom application access rigths foreach (wa()->getApps() as $aid => $app) { if (isset($app['rights']) && $app['rights']) { $app_config = SystemConfig::getAppConfig($aid); $class_name = $app_config->getPrefix() . "RightConfig"; $file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php"); $right_config = null; if (!file_exists($file_path)) { continue; } waSystem::getInstance($aid, $app_config); include_once $file_path; /** * @var waRightConfig $right_config */ $right_config = new $class_name(); $right_config->clearRights($id); } } }
/** * @param array $data * @param array $errors * @return bool|waContact */ public function signup($data, &$errors = array()) { // check exists contacts $auth = wa()->getAuth(); $field_id = $auth->getOption('login'); if ($field_id == 'login') { $field_name = _ws('Login'); } else { $field = waContactFields::get($field_id); if ($field) { $field_name = $field->getName(); } else { $field_name = ucfirst($field_id); } } $is_error = false; // check passwords if ($data['password'] !== $data['password_confirm']) { $errors['password'] = array(); $errors['password_confirm'] = array(_ws('Passwords do not match')); $is_error = true; } elseif (!$data['password']) { $errors['password'] = array(); $errors['password_confirm'][] = _ws('Password can not be empty.'); $is_error = true; } if (!$data[$field_id]) { $errors[$field_id] = array(sprintf(_ws("%s is required"), $field_name)); $is_error = true; } if (!$is_error) { $contact = $auth->getByLogin($data[$field_id]); if ($contact) { $errors[$field_id] = array(sprintf(_ws('User with the same %s is already registered'), $field_name)); $is_error = true; } } $auth_config = wa()->getAuthConfig(); // set unknown or unconfirmed status for email if (isset($data['email']) && $data['email']) { if (!empty($auth_config['params']['confirm_email'])) { $email_status = 'unconfirmed'; } else { $email_status = 'unknown'; } $data['email'] = array('value' => $data['email'], 'status' => $email_status); } // check captcha if (isset($auth_config['signup_captcha']) && $auth_config['signup_captcha']) { if (!wa()->getCaptcha()->isValid()) { $errors['captcha'] = _ws('Invalid captcha'); $is_error = true; } } if (is_array($auth_config['fields'])) { foreach ($auth_config['fields'] as $fld_id => $fld) { if (array_key_exists('required', $fld) && !$data[$fld_id] && $fld_id !== 'password') { $field = waContactFields::get($fld_id); if (!empty($fld['caption'])) { $field_name = $fld['caption']; } else { if ($field) { $field_name = $field->getName(); } else { $field_name = ucfirst($fld_id); } } $errors[$fld_id] = array(sprintf(_ws("%s is required"), $field_name)); $is_error = true; } } } if ($is_error) { return false; } if (isset($data['birthday']) && is_array($data['birthday']['value'])) { foreach ($data['birthday']['value'] as $bd_id => $bd_val) { if (strlen($bd_val) === 0) { $data['birthday']['value'][$bd_id] = null; } } } // remove password_confirm field unset($data['password_confirm']); // set advanced data $data['create_method'] = 'signup'; $data['create_ip'] = waRequest::getIp(); $data['create_user_agent'] = waRequest::getUserAgent(); // try save contact $contact = new waContact(); if (!($errors = $contact->save($data, true))) { if (!empty($data['email'])) { $this->send($contact); } /** * @event signup * @param waContact $contact */ wa()->event('signup', $contact); // after sign up callback $this->afterSignup($contact); // try auth new contact try { if (empty($data['email']) || empty($auth_config['params']['confirm_email'])) { if (wa()->getAuth()->auth($contact)) { $this->logAction('signup', wa()->getEnv()); } } } catch (waException $e) { $errors = array('auth' => $e->getMessage()); } return $contact; } if (isset($errors['name'])) { $errors['firstname'] = array(); $errors['middlename'] = array(); $errors['lastname'] = $errors['name']; } return false; }
public function execute() { $this->response = array(); // Initialize all needed post vars as $vars in current namespace foreach (array('x1', 'y1', 'x2', 'y2', 'w', 'h', 'ww', 'orig') as $var) { if (null === (${$var} = (int) waRequest::post($var))) { // $$ black magic... $this->response['error'] = 'wrong parameters'; return; } } $id = $this->getId(); $contact = new waContact($id); // Path to file we need to crop $rand = mt_rand(); $dir = waContact::getPhotoDir($id, true); $filename = wa()->getDataPath("{$dir}{$rand}.original.jpg", true, 'contacts'); $oldDir = wa()->getDataPath("{$dir}", true, 'contacts'); $no_old_photo = false; if (!$orig) { // Delete the old photos if they exist if (file_exists($oldDir)) { waFiles::delete($oldDir); $no_old_photo = true; } waFiles::create($oldDir); // Is there an uploaded file in session? $photoEditors = $this->getStorage()->read('photoEditors'); if (!isset($photoEditors[$id]) || !file_exists($photoEditors[$id])) { $this->response['error'] = 'Photo editor session is not found or already expired.'; return; } $newFile = $photoEditors[$id]; // Save the original image in jpeg for future use try { $img = waImage::factory($newFile)->save($filename); } catch (Exception $e) { $this->response['error'] = 'Unable to save new file ' . $filename . ' (' . pathinfo($filename, PATHINFO_EXTENSION) . ') as jpeg: ' . $e->getMessage(); return; } // Remove uploaded file unset($photoEditors[$id]); $this->getStorage()->write('photoEditors', $photoEditors); unlink($newFile); } else { // cropping an old file. Move it temporarily to temp dir to delete all cached thumbnails $oldFile = wa()->getDataPath("{$dir}{$contact['photo']}.original.jpg", TRUE, 'contacts'); $tempOldFile = wa()->getTempPath("{$id}/{$rand}.original.jpg", 'contacts'); waFiles::move($oldFile, $tempOldFile); // Delete thumbnails if (file_exists($oldDir)) { waFiles::delete($oldDir); } waFiles::create($oldDir); // return original image to its proper place waFiles::move($tempOldFile, $filename); } if (!file_exists($filename)) { $this->response['error'] = 'Image to crop not found (check directory access rights).'; return; } // Crop and save selected area $croppedFilename = wa()->getDataPath("{$dir}{$rand}.jpg", TRUE, 'contacts'); try { $img = waImage::factory($filename); $scale = $img->width / $ww; $img->crop(floor($w * $scale), floor($h * $scale), floor($x1 * $scale), floor($y1 * $scale))->save($croppedFilename); } catch (Exception $e) { $this->response['error'] = 'Unable to crop an image: ' . $e->getMessage(); return; } // Update record in DB for this user $contact['photo'] = $rand; $contact->save(); if ($no_old_photo) { $old_app = null; if (wa()->getApp() !== 'contacts') { $old_app = wa()->getApp(); waSystem::setActive('contacts'); } $this->logAction('photo_add', null, $contact->getId()); if ($old_app) { waSystem::setActive($old_app); } } // Update recent history to reload thumbnail correctly (if not called from personal account) if (wa()->getUser()->get('is_user')) { $history = new contactsHistoryModel(); $history->save('/contact/' . $id, null, null, '--'); } $this->response = array('url' => $contact->getPhoto()); }
public function oauth($provider, $config, $token, $code = null) { /** * @var waOAuth2Adapter $auth */ $auth = wa()->getAuth($provider, $config); if (!$token && $code) { $token = $auth->getAccessToken($code); } $data = $auth->getUserData($token); if (wa()->getUser()->getId()) { wa()->getUser()->save(array($data['source'] . '_id' => $data['source_id'])); return wa()->getUser(); } $app_id = wa()->getApp(); $contact_id = 0; // find contact by auth adapter id, i.e. facebook_id $contact_data_model = new waContactDataModel(); $row = $contact_data_model->getByField(array('field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); if ($row) { $contact_id = $row['contact_id']; } // try find user by email if (!$contact_id && isset($data['email'])) { $sql = "SELECT c.id FROM wa_contact_emails e\n JOIN wa_contact c ON e.contact_id = c.id\n WHERE e.email = s:email AND e.sort = 0 AND c.password != ''"; $contact_model = new waContactModel(); $contact_id = $contact_model->query($sql, array('email' => $data['email']))->fetchField('id'); // save source_id if ($contact_id) { $contact_data_model->insert(array('contact_id' => $contact_id, 'field' => $data['source'] . '_id', 'value' => $data['source_id'], 'sort' => 0)); } } // create new contact if (!$contact_id) { $contact = new waContact(); $data[$data['source'] . '_id'] = $data['source_id']; $data['create_method'] = $data['source']; $data['create_app_id'] = $app_id; // set random password (length = default hash length - 1, to disable ability auth using login and password) $contact->setPassword(substr(waContact::getPasswordHash(uniqid(time(), true)), 0, -1), true); unset($data['source']); unset($data['source_id']); if (isset($data['photo_url'])) { $photo_url = $data['photo_url']; unset($data['photo_url']); } else { $photo_url = false; } $contact->save($data); $contact_id = $contact->getId(); if ($contact_id && $photo_url) { $photo_url_parts = explode('/', $photo_url); // copy photo to tmp dir $path = wa()->getTempPath('auth_photo/' . $contact_id . '.' . md5(end($photo_url_parts)), $app_id); if (function_exists('curl_init')) { $ch = curl_init($photo_url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25); $photo = curl_exec($ch); curl_close($ch); } else { $photo = file_get_contents($photo_url); } if ($photo) { file_put_contents($path, $photo); $contact->setPhoto($path); } } } else { $contact = new waContact($contact_id); } // auth user if ($contact_id) { wa()->getAuth()->auth(array('id' => $contact_id)); return $contact; } return false; }