public static function __init() { /* * Some special validation rules */ Validator::add('uniqueEmail', function ($value) { $current_user = Auth::check('li3b_user'); if (!empty($current_user)) { $user = User::find('first', array('fields' => array('_id'), 'conditions' => array('email' => $value, '_id' => array('$ne' => new MongoId($current_user['_id']))))); } else { $user = User::find('first', array('fields' => array('_id'), 'conditions' => array('email' => $value))); } if (!empty($user)) { return false; } return true; }); Validator::add('notEmptyHash', function ($value) { if ($value == Password::hash('')) { return false; } return true; }); Validator::add('moreThanFive', function ($value) { if (strlen($value) < 5) { return false; } return true; }); Validator::add('notTooLarge', function ($value) { if ($value == 'TOO_LARGE.jpg') { return false; } return true; }); Validator::add('invalidFileType', function ($value) { if ($value == 'INVALID_FILE_TYPE.jpg') { return false; } return true; }); parent::__init(); /* * If told to ues a specific connection, do so. * Otherwise, use the default li3b_users connection. * Note: This model requires MongoDB. * Also note: This must be called AFTER parent::__init() * * This is useful if the main application also uses MongoDB * and wishes everything to use the same database...Be it * local or on something like MongoLab or wherever. * * In fact, when gluing together libraries, one may choose * all libraries that use the same database and kinda go * with each other. That way it'll end up looking like a single * cohesive application from the database's point of view. * Of course the it's difficult to avoid conflicts in the MongoDB * collection names. In this case, this model is prefixing the * library name to the collection in order to ensure there are * no conflicts. */ $libConfig = Libraries::get('li3b_users'); $connection = isset($libConfig['useConnection']) ? $libConfig['useConnection'] : 'li3b_users'; static::meta('connection', $connection); }
/** * Public view action, for user profiles and such. * * @param $url The user's pretty URL */ public function read($url = null) { $conditions = array('url' => $url); /** * If nothing is passed, get the currently logged in user's profile. * This is safer to use for logged in users, because if they update * their profile and change their name...The pretty URL changes. */ if (empty($url) && isset($this->request->user)) { $conditions = array('_id' => $this->request->user['_id']); } $user = User::find('first', array('conditions' => $conditions)); if (empty($user)) { FlashMessage::write('Sorry, that user does not exist.', 'default'); return $this->redirect('/'); } /** * Protect the password in case changes are made where this action * could be called with a handler like JSON or XML, etc. This way, * even if the user document is returned, it won't contain any * sensitive password information. Not even the _id. */ $user->set(array('password' => null, '_id' => null)); $this->set(compact('user')); }