/**
* Save profile
*
* @return void
*/
private function _saveEntryData()
{
$isNew = !$this->_profile->get('uidNumber');
if (!isset($this->raw->password)) {
$this->raw->password = null;
}
if ($isNew) {
if (!$this->_profile->get('username')) {
$valid = false;
// Try to create from name
$username = preg_replace('/[^a-z9-0_]/i', '', strtolower($this->_profile->get('name')));
if (\Hubzero\Utility\Validate::username($username)) {
if (!$this->_usernameExists($username)) {
$valid = true;
}
}
// Try to create from portion preceeding @ in email address
if (!$valid) {
$username = strstr($this->_profile->get('email'), '@', true);
if (\Hubzero\Utility\Validate::username($username)) {
if ($this->_usernameExists($username)) {
$valid = true;
}
}
}
// Try to create from whole email address
if (!$valid) {
for ($i = 0; $i <= 99; $i++) {
$username = preg_replace('/[^a-z9-0_]/i', '', strtolower($this->_profile->get('name'))) . $i;
if (\Hubzero\Utility\Validate::username($username)) {
if ($this->_usernameExists($username)) {
$valid = true;
break;
}
}
}
}
if ($valid) {
$this->_profile->set('username', $username);
}
}
if (!$this->raw->password) {
//\Hubzero\User\Helper::random_password();
$this->raw->password = $this->_profile->get('username');
}
$usersConfig = Component::params('com_users');
$newUsertype = $usersConfig->get('new_usertype');
if (!$newUsertype) {
$db = \App::get('db');
$query = $db->getQuery(true)->select('id')->from('#__usergroups')->where('title = "Registered"');
$db->setQuery($query);
$newUsertype = $db->loadResult();
}
$user = User::getRoot();
$user->set('username', $this->_profile->get('username'));
$user->set('name', $this->_profile->get('name'));
$user->set('email', $this->_profile->get('email'));
$user->set('id', 0);
$user->set('groups', array($newUsertype));
$user->set('registerDate', Date::of('now')->toSql());
$user->set('password', $this->raw->password);
$user->set('password_clear', $this->raw->password);
$user->save();
$user->set('password_clear', '');
// Attempt to get the new user
$profile = \Hubzero\User\Profile::getInstance($user->get('id'));
$result = is_object($profile);
// Did we successfully create an account?
if ($result) {
if (!$this->record->entry->get('emailConfirmed', null)) {
$this->_profile->set('emailConfirmed', -rand(1, pow(2, 31) - 1));
}
$this->_profile->set('uidNumber', $user->get('id'));
$this->_profile->set('gidNumber', $profile->get('gidNumber'));
if (!$this->_profile->get('homeDirectory')) {
$this->_profile->set('homeDirectory', $profile->get('homeDirectory'));
}
if (!$this->_profile->get('loginShell')) {
$this->_profile->set('loginShell', $profile->get('loginShell'));
}
if (!$this->_profile->get('ftpShell')) {
$this->_profile->set('ftpShell', $profile->get('ftpShell'));
}
if (!$this->_profile->get('jobsAllowed')) {
$this->_profile->set('jobsAllowed', $profile->get('jobsAllowed'));
}
}
}
if (!$this->_profile->store()) {
throw new Exception(Lang::txt('Unable to save the entry data.'));
}
if ($password = $this->raw->password) {
/*if ($isNew)
{
// We need to bypass any hashing
$this->raw->password = '******';
\Hubzero\User\Password::changePasshash($this->_profile->get('uidNumber'), $password);
}
else
{*/
\Hubzero\User\Password::changePassword($this->_profile->get('uidNumber'), $password);
//}
}
\Hubzero\User\Password::expirePassword($this->_profile->get('uidNumber'));
if ($isNew && $this->_options['emailnew'] == 1) {
$eview = new \Hubzero\Component\View(array('base_path' => PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'site', 'name' => 'emails', 'layout' => 'confirm'));
$eview->option = 'com_members';
$eview->controller = 'register';
$eview->sitename = Config::get('sitename');
$eview->login = $this->_profile->get('username');
$eview->name = $this->_profile->get('name');
$eview->registerDate = $this->_profile->get('registerDate');
$eview->confirm = $this->_profile->get('emailConfirmed');
$eview->baseURL = Request::base();
$msg = new \Hubzero\Mail\Message();
$msg->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION'))->addTo($this->_profile->get('email'))->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', 'com_members');
$message = $eview->loadTemplate();
$message = str_replace("\n", "\r\n", $message);
$msg->addPart($message, 'text/plain');
$eview->setLayout('confirm_html');
$message = $eview->loadTemplate();
$message = str_replace("\n", "\r\n", $message);
$msg->addPart($message, 'text/html');
if (!$msg->send()) {
array_push($this->record->errors, Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION'));
}
}
}
/**
* Create a user profile
*
* @apiMethod POST
* @apiUri /members
* @return void
*/
public function createTask()
{
$this->requiresAuthentication();
// Initialize new usertype setting
$usersConfig = Component::params('com_users');
$newUsertype = $usersConfig->get('new_usertype');
if (!$newUsertype) {
$db = App::get('db');
$query = $db->getQuery(true)->select('id')->from('#__usergroups')->where('title = "Registered"');
$db->setQuery($query);
$newUsertype = $db->loadResult();
}
// Incoming
$user = User::getInstance();
$user->set('id', 0);
$user->set('groups', array($newUsertype));
$user->set('registerDate', Date::toSql());
$user->set('name', Request::getVar('name', '', 'post'));
if (!$user->get('name')) {
App::abort(500, Lang::txt('No name provided.'));
}
$user->set('username', Request::getVar('username', '', 'post'));
if (!$user->get('username')) {
App::abort(500, Lang::txt('No username provided.'));
}
if (!\Hubzero\Utility\Validate::username($user->get('username'))) {
App::abort(500, Lang::txt('Username not valid.'));
}
$user->set('email', Request::getVar('email', '', 'post'));
if (!$user->get('email')) {
App::abort(500, Lang::txt('No email provided.'));
}
if (!\Hubzero\Utility\Validate::email($user->get('email'))) {
App::abort(500, Lang::txt('Email not valid.'));
}
$name = explode(' ', $user->get('name'));
$surname = $user->get('name');
$givenName = '';
$middleName = '';
if (count($name) > 1) {
$surname = array_pop($name);
$givenName = array_shift($name);
$middleName = implode(' ', $name);
}
// Set the new info
$user->set('givenName', $givenName);
$user->set('middleName', $middleName);
$user->set('surname', $surname);
$user->set('activation', -rand(1, pow(2, 31) - 1));
$user->set('access', 1);
$user->set('password', $password);
//$user->set('password_clear', $password);
$result = $user->save();
$user->set('password_clear', '');
$user->set('password', '');
if ($result) {
$result = \Hubzero\User\Password::changePassword($user->get('id'), $password);
// Set password back here in case anything else down the line is looking for it
$user->set('password', $password);
$user->save();
}
// Did we successfully create/update an account?
if (!$result) {
App::abort(500, Lang::txt('Account creation failed.'));
}
if ($groups = Request::getVar('groups', array(), 'post')) {
foreach ($groups as $id) {
$group = \Hubzero\User\Group::getInstance($id);
if ($group) {
if (!in_array($user->get('id'), $group->get('members'))) {
$group->add('members', array($user->get('id')));
$group->update();
}
}
}
}
// Create a response object
$response = new stdClass();
$response->id = $user->get('id');
$response->name = $user->get('name');
$response->email = $user->get('email');
$response->username = $user->get('username');
$this->send($response);
}
/**
* Create a new user
*
* @param integer $redirect Redirect to main listing?
* @return void
*/
public function newTask($redirect = 1)
{
// Check for request forgeries
Request::checkToken();
// Incoming profile edits
$p = Request::getVar('profile', array(), 'post', 'none', 2);
// Initialize new usertype setting
$usersConfig = \Component::params('com_users');
$newUsertype = $usersConfig->get('new_usertype');
if (!$newUsertype) {
$db = \App::get('db');
$query = $db->getQuery(true)->select('id')->from('#__usergroups')->where('title = "Registered"');
$db->setQuery($query);
$newUsertype = $db->loadResult();
}
// check that username & password are filled
if (!Validate::username($p['username'])) {
$this->setError(Lang::txt('COM_MEMBERS_MEMBER_USERNAME_INVALID'));
$this->addTask();
return;
}
// check email is valid
if (!Validate::email($p['email'])) {
$this->setError(Lang::txt('COM_MEMBERS_MEMBER_EMAIL_INVALID'));
$this->addTask();
return;
}
$name = trim($p['givenName']) . ' ';
$name .= trim($p['middleName']) != '' ? trim($p['middleName']) . ' ' : '';
$name .= trim($p['surname']);
$user = User::getRoot();
$user->set('username', trim($p['username']));
$user->set('name', $name);
$user->set('email', trim($p['email']));
$user->set('id', 0);
$user->set('groups', array($newUsertype));
$user->set('registerDate', Date::toSql());
$user->set('password', trim($p['password']));
$user->set('password_clear', trim($p['password']));
$user->save();
$user->set('password_clear', '');
// Attempt to get the new user
$profile = Profile::getInstance($user->get('id'));
$result = is_object($profile);
// Did we successfully create an account?
if ($result) {
// Set the new info
$profile->set('givenName', trim($p['givenName']));
$profile->set('middleName', trim($p['middleName']));
$profile->set('surname', trim($p['surname']));
$profile->set('name', $name);
$profile->set('emailConfirmed', -rand(1, pow(2, 31) - 1));
$profile->set('public', 0);
$profile->set('password', '');
$result = $profile->store();
}
if ($result) {
$result = \Hubzero\User\Password::changePassword($profile->get('uidNumber'), $p['password']);
// Set password back here in case anything else down the line is looking for it
$profile->set('password', $p['password']);
$profile->store();
}
// Did we successfully create/update an account?
if (!$result) {
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $user->getError(), 'error');
return;
}
// Redirect
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=edit&id[]=' . $profile->get('uidNumber'), false), Lang::txt('COM_MEMBERS_MEMBER_SAVED'));
}
/**
* Save an entry and return to main listing
*
* @return void
*/
public function saveTask()
{
// Check for request forgeries
Request::checkToken();
if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.edit', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming profile edits
$fields = Request::getVar('fields', array(), 'post', 'none', 2);
// Load the profile
$user = Member::oneOrNew($fields['id']);
// Get the user before changes so we can
// compare how data changed later on
$prev = clone $user;
// Set the incoming data
$user->set($fields);
if ($user->isNew()) {
$newUsertype = $this->config->get('new_usertype');
if (!$newUsertype) {
$newUsertype = Accessgroup::oneByTitle('Registered')->get('id');
}
$user->set('accessgroups', array($newUsertype));
// Check that username is filled
if (!Validate::username($user->get('username'))) {
Notify::error(Lang::txt('COM_MEMBERS_MEMBER_USERNAME_INVALID'));
return $this->editTask($user);
}
// Check email is valid
if (!Validate::email($user->get('email'))) {
Notify::error(Lang::txt('COM_MEMBERS_MEMBER_EMAIL_INVALID'));
return $this->editTask($user);
}
// Set home directory
$hubHomeDir = rtrim($this->config->get('homedir'), '/');
if (!$hubHomeDir) {
// try to deduce a viable home directory based on sitename or live_site
$sitename = strtolower(Config::get('sitename'));
$sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1);
$sitename = trim($sitename, '/ ');
$sitename_e = explode('.', $sitename, 2);
if (isset($sitename_e[1])) {
$sitename = $sitename_e[0];
}
if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) {
$sitename = '';
}
if (empty($sitename)) {
$sitename = strtolower(Request::base());
$sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1);
$sitename = trim($sitename, '/ ');
$sitename_e = explode('.', $sitename, 2);
if (isset($sitename_e[1])) {
$sitename = $sitename_e[0];
}
if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) {
$sitename = '';
}
}
$hubHomeDir = DS . 'home';
if (!empty($sitename)) {
$hubHomeDir .= DS . $sitename;
}
}
$user->set('homeDirectory', $hubHomeDir . DS . $user->get('username'));
$user->set('loginShell', '/bin/bash');
$user->set('ftpShell', '/usr/lib/sftp-server');
$user->set('registerDate', Date::toSql());
}
// Set the new info
$user->set('givenName', preg_replace('/\\s+/', ' ', trim($fields['givenName'])));
$user->set('middleName', preg_replace('/\\s+/', ' ', trim($fields['middleName'])));
$user->set('surname', preg_replace('/\\s+/', ' ', trim($fields['surname'])));
$name = array($user->get('givenName'), $user->get('middleName'), $user->get('surname'));
$name = implode(' ', $name);
$name = preg_replace('/\\s+/', ' ', $name);
$user->set('name', $name);
$user->set('modifiedDate', Date::toSql());
if ($ec = Request::getInt('activation', 0, 'post')) {
$user->set('activation', $ec);
} else {
$user->set('activation', Helpers\Utility::genemailconfirm());
}
// Can't block yourself
if ($user->get('block') && $user->get('id') == User::get('id') && !User::get('block')) {
Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_BLOCK_SELF'));
return $this->editTask($user);
}
// Make sure that we are not removing ourself from Super Admin group
$iAmSuperAdmin = User::authorise('core.admin');
if ($iAmSuperAdmin && User::get('id') == $user->get('id')) {
// Check that at least one of our new groups is Super Admin
$stillSuperAdmin = false;
foreach ($fields['accessgroups'] as $group) {
$stillSuperAdmin = $stillSuperAdmin ? $stillSuperAdmin : \JAccess::checkGroup($group, 'core.admin');
}
if (!$stillSuperAdmin) {
Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_DEMOTE_SELF'));
return $this->editTask($user);
}
}
// Save the changes
if (!$user->save()) {
Notify::error($user->getError());
return $this->editTask($user);
}
// Save profile data
$profile = Request::getVar('profile', array(), 'post', 'none', 2);
$access = Request::getVar('profileaccess', array(), 'post', 'none', 2);
foreach ($profile as $key => $data) {
if (isset($profile[$key]) && is_array($profile[$key])) {
$profile[$key] = array_filter($profile[$key]);
}
if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) {
if (is_array($profile[$key])) {
$profile[$key][] = $profile[$key . '_other'];
} else {
$profile[$key] = $profile[$key . '_other'];
}
unset($profile[$key . '_other']);
}
}
if (!$user->saveProfile($profile, $access)) {
Notify::error($user->getError());
return $this->editTask($user);
}
// Do we have a new pass?
$newpass = trim(Request::getVar('newpass', '', 'post'));
if ($newpass) {
// Get password rules and validate
$password_rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows();
$validated = \Hubzero\Password\Rule::verify($newpass, $password_rules, $user->get('id'));
if (!empty($validated)) {
// Set error
Notify::error(Lang::txt('COM_MEMBERS_PASSWORD_DOES_NOT_MEET_REQUIREMENTS'));
$this->validated = $validated;
$this->_task = 'apply';
} else {
// Save password
\Hubzero\User\Password::changePassword($user->get('username'), $newpass);
}
}
$passinfo = \Hubzero\User\Password::getInstance($user->get('id'));
if (is_object($passinfo)) {
// Do we have shadow info to change?
$shadowMax = Request::getInt('shadowMax', false, 'post');
$shadowWarning = Request::getInt('shadowWarning', false, 'post');
$shadowExpire = Request::getVar('shadowExpire', '', 'post');
if ($shadowMax || $shadowWarning || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
if ($shadowMax) {
$passinfo->set('shadowMax', $shadowMax);
}
if ($shadowExpire || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
if (preg_match("/[0-9]{4}-[0-9]{2}-[0-9]{2}/", $shadowExpire)) {
$shadowExpire = strtotime($shadowExpire) / 86400;
$passinfo->set('shadowExpire', $shadowExpire);
} elseif (preg_match("/[0-9]+/", $shadowExpire)) {
$passinfo->set('shadowExpire', $shadowExpire);
} elseif (empty($shadowExpire)) {
$passinfo->set('shadowExpire', NULL);
}
}
if ($shadowWarning) {
$passinfo->set('shadowWarning', $shadowWarning);
}
$passinfo->update();
}
}
// Check for spam count
$reputation = Request::getVar('spam_count', null, 'post');
if (!is_null($reputation)) {
$user->reputation->set('spam_count', $reputation);
$user->reputation->save();
}
// Email the user that their account has been approved
if (!$prev->get('approved') && $this->config->get('useractivation_email')) {
if (!$this->emailApprovedUser($user)) {
Notify::error(Lang::txt('COM_MEMBERS_ERROR_EMAIL_FAILED'));
}
}
// Set success message
Notify::success(Lang::txt('COM_MEMBERS_MEMBER_SAVED'));
// Drop through to edit form?
if ($this->getTask() == 'apply') {
return $this->editTask($user);
}
// Redirect
$this->cancelTask();
}
/**
* Save profile
*
* @return void
*/
private function _saveEntryData()
{
$isNew = !$this->record->entry->get('id');
if (!isset($this->raw->password)) {
$this->raw->password = null;
}
if ($isNew) {
if (!$this->record->entry->get('username')) {
$valid = false;
// Try to create from name
$username = preg_replace('/[^a-z9-0_]/i', '', strtolower($this->record->entry->get('name')));
if (Validate::username($username)) {
if (!$this->_usernameExists($username)) {
$valid = true;
}
}
// Try to create from portion preceeding @ in email address
if (!$valid) {
$username = strstr($this->record->entry->get('email'), '@', true);
if (Validate::username($username)) {
if ($this->_usernameExists($username)) {
$valid = true;
}
}
}
// Try to create from whole email address
if (!$valid) {
for ($i = 0; $i <= 99; $i++) {
$username = preg_replace('/[^a-z9-0_]/i', '', strtolower($this->record->entry->get('name'))) . $i;
if (Validate::username($username)) {
if ($this->_usernameExists($username)) {
$valid = true;
break;
}
}
}
}
if ($valid) {
$this->record->entry->set('username', $username);
}
}
if (!$this->raw->password) {
$this->raw->password = $this->record->entry->get('username');
}
$newUsertype = null;
if (isset($this->raw->usertype)) {
if (is_numeric($this->raw->usertype)) {
$newUsertype = (int) $this->raw->usertype;
} else {
$db = \App::get('db');
$query = $db->getQuery(true)->select('id')->from('#__usergroups')->where('title=' . $db->quote($this->raw->usertype));
$db->setQuery($query);
$newUsertype = (int) $db->loadResult();
}
}
if (!$newUsertype) {
$usersConfig = Component::params('com_users');
$newUsertype = $usersConfig->get('new_usertype');
if (!$newUsertype) {
$db = \App::get('db');
$query = $db->getQuery(true)->select('id')->from('#__usergroups')->where('title = "Registered"');
$db->setQuery($query);
$newUsertype = $db->loadResult();
}
}
$d = Date::of('now');
if ($this->raw->registerDate) {
try {
$d = Date::of($this->raw->registerDate);
} catch (Exception $e) {
array_push($this->record->errors, $e->getMessage());
}
}
$this->record->entry->set('id', 0);
$this->record->entry->set('accessgroups', array($newUsertype));
$this->record->entry->set('registerDate', $d->toSql());
$this->record->entry->set('password', $this->raw->password);
if (!$this->record->entry->get('activation', null)) {
$this->record->entry->set('activation', -rand(1, pow(2, 31) - 1));
}
}
if (!$this->record->entry->save()) {
throw new Exception(Lang::txt('Unable to save the entry data.'));
}
if (!empty($this->_profile)) {
if (!$this->record->entry->saveProfile($this->_profile)) {
throw new Exception($this->record->entry->getError());
}
}
if ($this->raw->password) {
\Hubzero\User\Password::changePassword($this->record->entry->get('id'), $this->raw->password);
\Hubzero\User\Password::expirePassword($this->record->entry->get('id'));
}
if ($isNew && $this->_options['emailnew'] == 1) {
$eview = new \Hubzero\Component\View(array('base_path' => PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'site', 'name' => 'emails', 'layout' => 'confirm'));
$eview->option = 'com_members';
$eview->controller = 'register';
$eview->sitename = Config::get('sitename');
$eview->login = $this->record->entry->get('username');
$eview->name = $this->record->entry->get('name');
$eview->registerDate = $this->record->entry->get('registerDate');
$eview->confirm = $this->record->entry->get('activation');
$eview->baseURL = Request::base();
$msg = new \Hubzero\Mail\Message();
$msg->setSubject(Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION'))->addTo($this->record->entry->get('email'))->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', 'com_members');
$message = $eview->loadTemplate();
$message = str_replace("\n", "\r\n", $message);
$msg->addPart($message, 'text/plain');
$eview->setLayout('confirm_html');
$message = $eview->loadTemplate();
$message = str_replace("\n", "\r\n", $message);
$msg->addPart($message, 'text/html');
if (!$msg->send()) {
array_push($this->record->errors, Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION'));
}
}
}