public function index()
{
$session = Session::instance();
$this->template->header->this_body = 'crowdmap-home';
$beta_session_thing = $session->get('real_deal');
if ($beta_session_thing == 2) {
$this->template->content = new View('mhi/beta_signup');
} else {
$this->template->content = new View('mhi/mhi');
}
$this->template->header->js .= new View('mhi/mhi_js');
$this->template->header->js_files = array(html::script('media/js/mhi/jquery.cycle.min'));
$mhi_user_id = $session->get('mhi_user_id');
$form = array('username' => '', 'password' => '');
// Copy the form as errors, so the errors will be stored with keys corresponding to the form field names
$errors = $form;
$form_error = FALSE;
// Set up the validation object
$_POST = Validation::factory($_POST)->pre_filter('trim')->add_rules('username', 'required')->add_rules('password', 'required');
if ($_POST->validate() or $mhi_user_id != FALSE) {
// Sanitize $_POST data removing all inputs without rules
$postdata_array = $_POST->safe_array();
// MHI user not already logged in, so do it
if ($mhi_user_id == FALSE) {
$mhi_user = new Mhi_User_Model();
$mhi_user_id = $mhi_user->login($postdata_array['username'], $postdata_array['password']);
}
// If success (already logged in or login successful), move on
if ($mhi_user_id != FALSE) {
url::redirect('mhi/manage');
} else {
$_POST->add_error('username', 'Login Error');
// Repopulate the form fields
$form = arr::overwrite($form, $_POST->as_array());
// Populate the error fields, if any
// We need to already have created an error message file, for Kohana to use
// Pass the error message file name to the errors() method
$errors = arr::overwrite($errors, $_POST->errors('auth'));
$form_error = TRUE;
}
}
$this->template->header->errors = $errors;
$this->template->header->form = $form;
$this->template->header->form_error = $form_error;
}
static function save_user($a)
{
// Check if MHI user already exists
$count = ORM::factory('mhi_user')->where('email', $a['email'])->count_all();
if ($count != 0) {
throw new Kohana_User_Exception('DB Entry Error', "Email address for MHI user already exists. Pole sana.");
}
$salt = Kohana::config('auth.salt_pattern');
$mhi_user = ORM::factory('mhi_user');
$mhi_user->firstname = $a['firstname'];
$mhi_user->lastname = $a['lastname'];
$mhi_user->email = $a['email'];
$mhi_user->password = sha1($a['password'] . $salt);
$mhi_user->save();
// Log the new user in so they will be authenticated after creation
Mhi_User_Model::login($a['email'], sha1($a['password'] . $salt));
$result = ORM::factory('mhi_user')->where('email', $a['email'])->find_all();
$id = 0;
foreach ($result as $res) {
$id = $res->id;
}
return $id;
}
public function processcreation()
{
// Used to populate form fields. Will assign values on error
$errors = array();
$form = array('signup_first_name' => '', 'signup_last_name' => '', 'signup_email' => '', 'signup_password' => '', 'signup_subdomain' => '', 'signup_instance_name' => '', 'signup_instance_tagline' => '');
$form_error = array();
// Process Form
if ($_POST) {
$sfn = isset($_POST['signup_first_name']) ? $_POST['signup_first_name'] : '';
$sln = isset($_POST['signup_last_name']) ? $_POST['signup_last_name'] : '';
$sem = isset($_POST['signup_email']) ? $_POST['signup_email'] : '';
$spw = isset($_POST['signup_password']) ? $_POST['signup_password'] : '';
$form = array('signup_first_name' => $sfn, 'signup_last_name' => $sln, 'signup_email' => $sem, 'signup_password' => $spw, 'signup_subdomain' => strtolower($_POST['signup_subdomain']), 'signup_instance_name' => $_POST['signup_instance_name'], 'signup_instance_tagline' => $_POST['signup_instance_tagline']);
$post = Validation::factory($_POST);
// Trim whitespaces
$post->pre_filter('trim');
$session = Session::instance();
$mhi_user_id = $session->get('mhi_user_id');
$blocked_subdomains = Kohana::config('mhi.blocked_subdomains');
// These rules are only required if we aren't already logged in
if ($mhi_user_id == FALSE) {
$post->add_rules('signup_first_name', 'required');
$post->add_rules('signup_last_name', 'required');
$post->add_rules('signup_email', 'required', 'email');
$post->add_rules('signup_password', 'required');
} else {
$post->add_rules('verify_password', 'required');
}
$post->add_rules('signup_subdomain', 'required', 'alpha_dash');
$post->add_rules('signup_instance_name', 'required');
$post->add_rules('signup_instance_tagline', 'required');
// If we pass validation AND it's not one of the blocked subdomains
if ($post->validate()) {
$mhi_user = new Mhi_User_Model();
$db_genesis = new DBGenesis();
$mhi_site_database = new Mhi_Site_Database_Model();
$mhi_site = new Mhi_Site_Model();
// Setup DB name variable
$base_db = $db_genesis->current_db();
$new_db_name = $base_db . '_' . strtolower($post->signup_subdomain);
// Do some graceful validation
if (!isset($post->signup_tos)) {
return array('errors' => $errors, 'form' => $form, 'form_error' => array('signup_tos' => 'You must accept the Website Terms of Use.'));
}
if (strlen($post->signup_subdomain) < 4 or strlen($post->signup_subdomain) > 32) {
// ERROR: subdomain length falls outside the char length bounds allowed.
return array('errors' => $errors, 'form' => $form, 'form_error' => array('signup_subdomain' => 'Subdomain must be between at least 4 characters and no more than 32 characters long. Please try again.'));
}
if ($mhi_site->domain_exists($post->signup_subdomain)) {
// ERROR: Domain already assigned in MHI DB.
return array('errors' => $errors, 'form' => $form, 'form_error' => array('signup_subdomain' => 'This subdomain has already been taken. Please try again.'));
}
if ($mhi_site_database->db_assigned($new_db_name) or $db_genesis->db_exists($new_db_name)) {
// ERROR: Database already exists and/or is already assigned in the MHI DB
return array('errors' => $errors, 'form' => $form, 'form_error' => array('signup_subdomain' => 'This subdomain is not allowed. Please try again.'));
}
if (in_array(strtolower($post->signup_subdomain), $blocked_subdomains)) {
// ERROR: Blocked Subdomain
return array('errors' => $errors, 'form' => $form, 'form_error' => array('signup_subdomain' => 'This subdomain is not allowed. Please try again.'));
}
// Check passwords if logged in and create user if not
if ($mhi_user_id != FALSE) {
// Get user info
$user = $mhi_user->get($mhi_user_id);
$salt = Kohana::config('auth.salt_pattern');
$verify_password = sha1($post->verify_password . $salt);
if ($verify_password != $user->password) {
// ERROR: Passwords do not match.
return array('errors' => $errors, 'form' => $form, 'form_error' => array('password' => 'Password doesn\'t match. Please try again.'));
}
$user_id = $mhi_user_id;
$email = $user->email;
$name = $user->firstname . ' ' . $user->lastname;
$password = $post->verify_password;
} else {
// Save new user
$user_id = $mhi_user->save_user(array('firstname' => $post->signup_first_name, 'lastname' => $post->signup_last_name, 'email' => $post->signup_email, 'password' => $post->signup_password));
$email = $post->signup_email;
$name = $post->signup_first_name . ' ' . $post->signup_last_name;
$password = $post->signup_password;
// Log new user in
$mhi_user_id = $mhi_user->login($email, $password);
Mhi_Log_Model::log($mhi_user_id, 6);
}
// Set up DB and Site
// Create site
$site_id = $mhi_site->save_site(array('user_id' => $user_id, 'site_domain' => strtolower($post->signup_subdomain), 'site_privacy' => 1, 'site_active' => 1));
// Set up database and save details to MHI DB
$db_genesis->create_db($new_db_name);
$mhi_site_database->assign_db($new_db_name, $site_id);
$db_genesis->populate_db($new_db_name, array('username' => $email, 'name' => $name, 'password' => $password, 'email' => $email), array('site_name' => $post->signup_instance_name, 'site_tagline' => $post->signup_instance_tagline, 'site_domain' => strtolower($post->signup_subdomain)));
// Congrats, everything has been set up. Send an email confirmation.
$settings = kohana::config('settings');
$new_site_url = 'http://' . strtolower($post->signup_subdomain) . '.' . $_SERVER['HTTP_HOST'] . Kohana::config('config.site_domain');
if ($settings['site_email'] != NULL) {
$to = $email;
$from = $settings['site_email'];
$subject = 'Your deployment at ' . $settings['site_name'];
$message = 'Your new site, ' . $post->signup_instance_name . ' has been set up.' . "\n";
$message .= 'Admin URL: ' . $new_site_url . 'admin' . "\n";
$message .= 'Username: '******'Password: (hidden)' . "\n";
email::send($to, $from, $subject, $message, FALSE);
}
Mhi_Log_Model::log($user_id, 3, 'Deployment Created: ' . strtolower($post->signup_subdomain));
} else {
if (isset($_POST['signup_password'])) {
unset($_POST['signup_password']);
}
if (isset($_POST['signup_confirm_password'])) {
unset($_POST['signup_confirm_password']);
}
if (isset($_POST['verify_password'])) {
unset($_POST['verify_password']);
}
Mhi_Log_Model::log($mhi_user_id, 8, 'Variables: ' . print_r($_POST, true) . ' * ' . print_r($post->errors('form_error_messages'), true));
throw new Kohana_User_Exception('Validation Error', "Form not validating. Please go back and try again.");
}
} else {
// If the form was never posted, we need to complain about it.
throw new Kohana_User_Exception('Incomplete Form', "Form not posted.");
}
return array('errors' => $errors, 'form' => $form, 'form_error' => $form_error);
}
