/** * Show a form for registering * * @return void */ public function createTask() { if (!User::isGuest() && !User::get('tmp_user')) { App::redirect(Route::url('index.php?option=' . $this->_option . '&task=myaccount'), Lang::txt('COM_MEMBERS_REGISTER_ERROR_NONGUEST_SESSION_CREATION'), 'warning'); } if (!isset($this->_taskMap[$this->_task])) { $this->_task = 'create'; Request::setVar('task', 'create'); } // If user registration is not allowed, show 403 not authorized. $usersConfig = Component::params('com_members'); if ($usersConfig->get('allowUserRegistration') == '0') { return App::abort(404, Lang::txt('JGLOBAL_RESOURCE_NOT_FOUND')); } $hzal = null; if (User::get('auth_link_id')) { $hzal = \Hubzero\Auth\Link::find_by_id(User::get('auth_link_id')); } // Instantiate a new registration object $xregistration = new \Components\Members\Models\Registration(); if (Request::getMethod() == 'POST') { // Check for request forgeries Request::checkToken(); // Load POSTed data $xregistration->loadPost(); // Perform field validation $result = $xregistration->check('create'); // Incoming profile edits $profile = Request::getVar('profile', array(), 'post', 'none', 2); // Compile profile data foreach ($profile as $key => $data) { if (isset($profile[$key]) && is_array($profile[$key])) { $profile[$key] = array_filter($profile[$key]); } if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) { if (is_array($profile[$key])) { $profile[$key][] = $profile[$key . '_other']; } else { $profile[$key] = $profile[$key . '_other']; } unset($profile[$key . '_other']); } } // Validate profile data $fields = \Components\Members\Models\Profile\Field::all()->including(['options', function ($option) { $option->select('*'); }])->where('action_create', '!=', \Components\Members\Models\Profile\Field::STATE_HIDDEN)->ordered()->rows(); // Validate profile fields if ($fields->count()) { $form = new \Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(\Components\Members\Models\Profile\Field::toXml($fields, 'create', $profile)); $form->bind(new \Hubzero\Config\Registry($profile)); if (!$form->validate($profile)) { $result = false; foreach ($form->getErrors() as $key => $error) { if ($error instanceof \Hubzero\Form\Exception\MissingData) { $xregistration->_missing[$key] = $error; } $xregistration->_invalid[$key] = $error; } } } // Passed validation? if ($result) { // Get required system objects $user = clone User::getInstance(); // Initialize new usertype setting $newUsertype = $usersConfig->get('new_usertype'); if (!$newUsertype) { $db = App::get('db'); $query = $db->getQuery(true)->select('id')->from('#__usergroups')->where('title = "Registered"'); $db->setQuery($query); $newUsertype = $db->loadResult(); } $user->set('username', $xregistration->get('login', '')); $user->set('name', $xregistration->get('name', '')); $user->set('givenName', $xregistration->get('givenName', '')); $user->set('middleName', $xregistration->get('middleName', '')); $user->set('surname', $xregistration->get('surname', '')); $user->set('email', $xregistration->get('email', '')); $user->set('usageAgreement', (int) $xregistration->get('usageAgreement', 0)); $user->set('sendEmail', -1); if ($xregistration->get('sendEmail') >= 0) { $user->set('sendEmail', (int) $xregistration->get('sendEmail')); } // Set home directory $hubHomeDir = rtrim($this->config->get('homedir'), '/'); if (!$hubHomeDir) { // try to deduce a viable home directory based on sitename or live_site $sitename = strtolower(Config::get('sitename')); $sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1); $sitename = trim($sitename, '/ '); $sitename_e = explode('.', $sitename, 2); if (isset($sitename_e[1])) { $sitename = $sitename_e[0]; } if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) { $sitename = ''; } if (empty($sitename)) { $sitename = strtolower(Request::base()); $sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1); $sitename = trim($sitename, '/ '); $sitename_e = explode('.', $sitename, 2); if (isset($sitename_e[1])) { $sitename = $sitename_e[0]; } if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) { $sitename = ''; } } $hubHomeDir = DS . 'home'; if (!empty($sitename)) { $hubHomeDir .= DS . $sitename; } } $user->set('homeDirectory', $hubHomeDir . DS . $user->get('username')); $user->set('loginShell', '/bin/bash'); $user->set('ftpShell', '/usr/lib/sftp-server'); // Set some initial user values $user->set('id', 0); $user->set('accessgroups', array($newUsertype)); $user->set('registerDate', Date::toSql()); // Check user activation setting // 0 = automatically confirmed // 1 = require email confirmation (the norm) // 2 = require admin confirmation $useractivation = $usersConfig->get('useractivation', 1); // If requiring admin approval, set user to block if ($useractivation == 2) { $user->set('approved', 0); } $user->set('access', 5); $user->set('activation', -rand(1, pow(2, 31) - 1)); if (is_object($hzal)) { if ($user->get('email') == $hzal->email) { $user->set('activation', 3); } } else { if ($useractivation == 0) { $user->set('activation', 1); $user->set('access', (int) $this->config->get('privacy', 1)); } } $user->set('password', \Hubzero\User\Password::getPasshash($xregistration->get('password'))); // Do we have a return URL? $regReturn = Request::getVar('return', ''); if ($regReturn) { $user->setParam('return', $regReturn); } // If we managed to create a user if ($user->save()) { $access = array(); foreach ($fields as $field) { $access[$field->get('name')] = $field->get('access'); } $profile = $xregistration->_registration['_profile']; // Save profile data $member = Member::oneOrNew($user->get('id')); if (!$member->saveProfile($profile, $access)) { \Notify::error($member->getError()); // Don't stop the registration process! // At this point, the account was successfully created. // The profile info, however, may have issues. But, it's not crucial. //$result = false; } } else { \Notify::error($user->getError()); $result = false; } // If everything is OK so far... if ($result) { $result = \Hubzero\User\Password::changePassword($user->get('id'), $xregistration->get('password')); // Set password back here in case anything else down the line is looking for it $user->set('password', $xregistration->get('password')); // Did we successfully create/update an account? if (!$result) { return App::abort(500, Lang::txt('COM_MEMBERS_REGISTER_ERROR_CREATING_ACCOUNT')); } // Send confirmation email if ($user->get('activation') < 0) { \Components\Members\Helpers\Utility::sendConfirmEmail($user, $xregistration); } // Instantiate a new view $this->view->set('title', Lang::txt('COM_MEMBERS_REGISTER_CREATE_ACCOUNT'))->set('sitename', Config::get('sitename'))->set('xprofile', $user)->setErrors($this->getErrors())->setLayout('create')->display(); if (is_object($hzal)) { $hzal->user_id = $user->get('id'); if ($hzal->user_id > 0) { $hzal->update(); } } User::set('auth_link_id', null); User::set('tmp_user', null); User::set('username', $xregistration->get('login')); User::set('email', $xregistration->get('email')); User::set('id', $user->get('id')); return; } } } if (Request::method() == 'GET') { if (User::get('tmp_user')) { $xregistration->loadAccount(User::getInstance()); $username = $xregistration->get('login'); $email = $xregistration->get('email'); if (is_object($hzal)) { $xregistration->set('login', $hzal->username); $xregistration->set('email', $hzal->email); $xregistration->set('confirmEmail', $hzal->email); } } } // Set the pathway $this->_buildPathway(); // Set the page title $this->_buildTitle(); return $this->_show_registration_form($xregistration, 'create'); }
/** * Save changes to a profile * Outputs JSON when called via AJAX, redirects to profile otherwise * * @return string JSON */ public function saveTask() { // Check if they are logged in if (User::isGuest()) { return false; } Request::checkToken(array('get', 'post')); $no_html = Request::getVar('no_html', 0); // Incoming user ID $id = Request::getInt('id', 0, 'post'); // Do we have an ID? if (!$id) { App::abort(404, Lang::txt('COM_MEMBERS_NO_ID')); } // Load the profile $member = Member::oneOrFail($id); // Name changed? $name = Request::getVar('name', array(), 'post'); if ($name && !empty($name)) { $member->set('givenName', trim($name['first'])); $member->set('middleName', trim($name['middle'])); $member->set('surname', trim($name['last'])); $name = implode(' ', $name); $name = preg_replace('/\\s+/', ' ', $name); $member->set('name', $name); } // Set profile access $visibility = Request::getVar('profileaccess', null, 'post'); if (!is_null($visibility)) { $member->set('access', $visibility); } // Check email $oldemail = $member->get('email'); $email = Request::getVar('email', null, 'post'); if (!is_null($email)) { $member->set('email', (string) $email); // Unconfirm if the email address changed if ($oldemail != $email) { // Get a new confirmation code $confirm = \Components\Members\Helpers\Utility::genemailconfirm(); $member->set('activation', $confirm); } } // Receieve email updates? $sendEmail = Request::getVar('sendEmail', null, 'post'); if (!is_null($sendEmail)) { $member->set('sendEmail', $sendEmail); } // Usage agreement $usageAgreement = Request::getVar('usageAgreement', null, 'post'); if (!is_null($usageAgreement)) { $member->set('usageAgreement', (int) $usageAgreement); } // Are we declining the terms of use? // If yes we want to set the usage agreement to 0 and profile to private $declineTOU = Request::getVar('declinetou', 0); if ($declineTOU) { $member->set('access', 0); $member->set('usageAgreement', 0); } // Save the changes if (!$member->save()) { $this->setError($member->getError()); if ($no_html) { echo json_encode($this->getErrors()); exit; } return $this->editTask($member); } // Incoming profile edits $profile = Request::getVar('profile', array(), 'post', 'none', 2); $access = Request::getVar('access', array(), 'post'); $field_to_check = Request::getVar('field_to_check', array()); $old = Profile::collect($member->profiles); $profile = array_merge($old, $profile); // Compile profile data foreach ($profile as $key => $data) { if (isset($profile[$key]) && is_array($profile[$key])) { $profile[$key] = array_filter($profile[$key]); } if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) { if (is_array($profile[$key])) { $profile[$key][] = $profile[$key . '_other']; } else { $profile[$key] = $profile[$key . '_other']; } unset($profile[$key . '_other']); } } // Validate profile data $fields = Field::all()->including(['options', function ($option) { $option->select('*'); }])->where('action_edit', '!=', Field::STATE_HIDDEN)->ordered()->rows(); $form = new \Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(Field::toXml($fields, 'edit', $profile)); $form->bind(new \Hubzero\Config\Registry($profile)); $errors = array('_missing' => array(), '_invalid' => array()); if (!$form->validate($profile)) { foreach ($form->getErrors() as $key => $error) { // Filter out fields if (!empty($field_to_check) && !in_array($key, $field_to_check)) { continue; } if ($error instanceof \Hubzero\Form\Exception\MissingData) { $errors['_missing'][$key] = (string) $error; } $errors['_invalid'][$key] = (string) $error; $this->setError((string) $error); } } if ($this->getError()) { if ($no_html) { echo json_encode($errors); exit; } return $this->editTask($member); } // Save profile data if (!$member->saveProfile($profile, $access)) { $this->setError($member->getError()); if ($no_html) { echo json_encode($this->getErrors()); exit; } return $this->editTask($member); } $email = $member->get('email'); // Make sure certain changes make it back to the user table if ($member->get('id') == User::get('id')) { $user = App::get('session')->get('user'); if ($member->get('name') != $user->get('name')) { $user->set('name', $member->get('name')); } // Update session if email is changing if ($member->get('email') != $user->get('email')) { $user->set('email', $member->get('email')); // Add item to session to mark that the user changed emails // this way we can serve profile images for these users but not all // unconfirmed users App::get('session')->set('userchangedemail', 1); } App::get('session')->set('user', $user); } // Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address if ($email != $oldemail) { $this->_sendConfirmationCode($member->get('username'), $email, $confirm); } // If were declinging the terms we want to logout user and tell the javascript if ($declineTOU) { App::get('auth')->logout(); echo json_encode(array('loggedout' => true)); return; } if ($no_html) { // Output JSON echo json_encode(array('success' => true)); exit; } // Redirect App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : ''))); }
/** * View the profile page * * @return string */ private function display() { //get member params $rparams = new \Hubzero\Config\Registry($this->member->get('params')); //get profile plugin's params $params = $this->params; $params->merge($rparams); $xreg = null; $fields = Components\Members\Models\Profile\Field::all()->including(['options', function ($option) { $option->select('*')->ordered(); }])->where('action_edit', '!=', Components\Members\Models\Profile\Field::STATE_HIDDEN)->ordered()->rows(); if (App::get('session')->get('registration.incomplete')) { $xreg = new \Components\Members\Models\Registration(); $xreg->loadProfile($this->member); $check = $xreg->check('update'); // Validate profile data // @TODO Move this to central validation model (e.g., registraiton)? // Compile profile data $profile = array(); foreach ($fields as $field) { $profile[$field->get('name')] = $this->member->get($field->get('name')); } // Validate profile fields $form = new Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(Components\Members\Models\Profile\Field::toXml($fields, 'edit', $profile)); $form->bind(new Hubzero\Config\Registry($profile)); if (!$form->validate($profile)) { $check = false; foreach ($form->getErrors() as $key => $error) { if ($error instanceof Hubzero\Form\Exception\MissingData) { $xreg->_missing[$key] = (string) $error; } $xreg->_invalid[$key] = (string) $error; } } // If no errors, redirect to where they were going if ($check) { App::get('session')->set('registration.incomplete', 0); App::redirect($_SERVER['REQUEST_URI']); } } $view = $this->view('default', 'index')->set('params', $params)->set('option', 'com_members')->set('profile', $this->member)->set('fields', $fields)->set('completeness', $this->getProfileCompleteness($fields, $this->member))->set('registration_update', $xreg); return $view->setErrors($this->getErrors())->loadTemplate(); }
/** * Check Data integrity * * @return $this Current object */ public function check() { // Run save check method /*if (!$this->record->entry->check()) { array_push($this->record->errors, $this->record->entry->getError()); return $this; }*/ $xregistration = new \Components\Members\Models\Registration(); $xregistration->loadProfile($this->record->entry); // Check that required fields were filled in properly if (!$xregistration->check('edit', $this->record->entry->get('id'), array())) { $skip = array(); if (!empty($xregistration->_missing)) { foreach ($xregistration->_missing as $key => $missing) { if ($this->_mode == 'PATCH') { $skip[] = $key; continue; } array_push($this->record->errors, $missing); } } if (!empty($xregistration->_invalid)) { foreach ($xregistration->_invalid as $key => $invalid) { if (in_array($key, $skip)) { continue; } array_push($this->record->errors, $invalid); } } } // Validate profile data $fields = \Components\Members\Models\Profile\Field::all()->including(['options', function ($option) { $option->select('*'); }])->where('action_edit', '!=', \Components\Members\Models\Profile\Field::STATE_HIDDEN)->ordered()->rows(); $form = new \Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(\Components\Members\Models\Profile\Field::toXml($fields, 'edit')); $form->bind(new \Hubzero\Config\Registry($this->_profile)); if (!$form->validate($this->_profile)) { foreach ($form->getErrors() as $key => $error) { array_push($this->record->errors, (string) $error); } } return $this; }