/** * Returns the group of the user and put the user's data in the session * @param $login * @return string */ private function getGroupName($login) { if (!isset($this->userNamespace->user)) { $users = new Users(); $select = $users->select()->setIntegrityCheck(false)->from($users, array('users_id' => 'users.id', 'login' => 'users.login', 'usersgroups_name' => 'usersgroups.name', 'usersgroups_id' => 'usersgroups.id', 'fname' => 'users.fname', 'lname' => 'users.lname', 'email' => 'users.email', 'usersgroups_id' => 'users.usersgroups_id'))->where(' users.login LIKE ?', $login)->join('usersgroups', 'users.usersgroups_id = usersgroups.id'); $rows = $users->fetchAll($select); $row = $rows->current(); // save the last login time $usrDB = new Users(); $urow = $usrDB->fetchRow("id = '" . $row->users_id . "'"); $urow->lastlogindate = Sydney_Tools::getMySQLFormatedDate(); $urow->save(); $this->userNamespace->user = $row->toArray(); // define all the groups this user is part of $groupsDB = new Usersgroups(); $this->userNamespace->user['member_of_groups'] = $groupsDB->getParentsIds($this->userNamespace->user['usersgroups_id']); $this->userNamespace->lock(); return $row->usersgroups_name; } else { return $this->userNamespace->user['usersgroups_name']; } }
/** * * @return void */ public function lostpasswordAction() { $form = $this->getLostpassForm(); $request = $this->getRequest(); $this->view->showform = true; // Check if we have a POST request if ($request->isPost() && !$form->isValid($request->getPost())) { // Invalid entries $this->view->form = $form; } if ($request->isPost() && $form->isValid($request->getPost())) { $this->view->showform = false; $usrDB = new Users(); $user = $usrDB->fetchRow("login LIKE '" . addslashes($request->username) . "' AND safinstances_id = '" . $this->safinstancesId . "' "); if ($user) { $strl = 'qwertyuiopasdfghjklzxcvbnm12345678902@#$!'; $strll = strlen($strl); $npwd = ''; for ($i = 0; $i <= 8; $i++) { $rdd = rand(0, $strll - 1); $npwd .= $strl[$rdd]; } $user->password = md5($npwd); $user->lastpwdchanges = Sydney_Tools::getMySQLFormatedDate(); $user->save(); // send the email $tmsg = "Dear user,\n\nYour password has been modified as requested.\nYou will now be able to use the following credentials:\n\nlogin: "******"\npassword: "******"\n\nWe suggest you change your password as soon as possible for security reason.\nIf you did not request a password change, please contact our support.\n\nRegards,\n" . $this->_config->general->siteTitle . " team.\n\n"; $mail = new Zend_Mail(); $mail->setBodyText($tmsg); $mail->setFrom($this->_config->general->siteEmail, $this->_config->general->siteTitle); $mail->addTo($user->login, $user->login); $mail->setSubject($this->_config->general->siteTitle . ' new password.'); $mail->send(); $this->view->mmsg = 'Thank you! Your new password has been sent to your email. Please check your email and use this new password for authentication.'; } else { $this->view->mmsg = 'We could not find this user in our database for this website... Are you sure you are registered?'; } } $this->view->form = $form; }
private function saveRow($data, $modeEdit, $isPublicModule) { try { $usersDb = new Users(); if ($modeEdit) { $rows = $usersDb->fetchAll(" id = '" . $data['id'] . "' AND login = '******'login']) . "' "); $row = $rows[0]; } else { $row = $usersDb->createRow(); } // Store row $this->set($row); foreach ($data as $k => $v) { if (isset($data[$k]) && isset($row->{$k})) { switch ($k) { case 'password': if (!empty($data[$k])) { if (!$this->isValidPassword($data[$k], $data['id'])) { Sydney_Messages::getInstance()->addMessage(Sydney_Tools::_('Please use another password!')); return false; } $row->lastpwdhistory = $this->getUpdatedHistoryForDb($row->lastpwdhistory, $data[$k]); $row->{$k} = md5($data[$k]); $row->lastpwdchanges = Sydney_Tools::getMySQLFormatedDate(); $row->timeValidityPassword = 0; } break; case 'valid': if ($row->{$k} != $data[$k]) { $row->laststatuschange = Sydney_Tools::getMySQLFormatedDate(); if ($row->{$k} == 1) { $row->unsubscribedate = Sydney_Tools::getMySQLFormatedDate(); } } $row->{$k} = $data[$k]; break; case 'active': if ($row->{$k} != $data[$k]) { $row->laststatuschange = Sydney_Tools::getMySQLFormatedDate(); if ($row->{$k} == 1) { $row->unsubscribedate = Sydney_Tools::getMySQLFormatedDate(); } } $row->{$k} = $data[$k]; break; default: $row->{$k} = $data[$k]; break; } } } $creation = !($row->id > 0); // Store row $this->set($row); if (!$creation) { // in case we are editing $row->modifieddate = Sydney_Tools::getMySQLFormatedDate(); } else { // fixed values if public creation if ($isPublicModule) { $row->usersgroups_id = 2; // User is added to group 'auth' $row->active = 0; // User is not active } // in case we are creating $usersData = Sydney_Tools::getUserdata(); $row->subscribedate = Sydney_Tools::getMySQLFormatedDate(); $row->modifieddate = Sydney_Tools::getMySQLFormatedDate(); $row->safinstances_id = Sydney_Tools::getSafinstancesId(); $row->creatoridentity = $usersData ? $usersData['users_id'] : 0; $row->ip = $_SERVER['REMOTE_ADDR']; } if ($newId = $row->save()) { Sydney_Messages::getInstance()->addMessage('Success! The data is valid.'); $row->id = $newId; // Store row $this->set($row); if ($creation) { // create the link to cor table $corDb = new SafinstancesUsers(); $corRow = $corDb->createRow(); $corRow->safinstances_id = Sydney_Tools::getSafinstancesId(); $corRow->users_id = $row->id; $corRow->save(); } return $row; } else { Sydney_Messages::getInstance()->addMessage('Error...'); return false; } } catch (Exception $e) { Sydney_Messages::getInstance()->addMessage('UsersOp::save::Exception! ' . $e->getMessage()); return false; } }