/** * Post-AuthView process: create new accounts for new users */ public function signup() { global $countrylist; $this->view = null; $success = false; $msg = ''; try { $access_token = isset($_POST["access_token"]) ? trim($_POST["access_token"]) : ""; $country = isset($_POST["country"]) ? trim($_POST["country"]) : ""; $username = isset($_POST["username"]) ? trim($_POST["username"]) : ""; $password = isset($_POST["password"]) ? $_POST["password"] : ""; $pass2 = isset($_POST["password2"]) ? $_POST["password2"] : ""; $usernameTestUser = new User(); $tokenTestUser = new User(); $usernameTestUser->findUserByUsername($username); $tokenTestUser->findUserByAuthToken($access_token); if (empty($access_token)) { throw new Exception("Access token not provided."); } else { if (empty($country) || !array_key_exists($country, $countrylist)) { throw new Exception("Invalid country." . $country); } else { if (empty($username) || !filter_var($username, FILTER_VALIDATE_EMAIL)) { throw new Exception("Invalid username."); } else { if (empty($password) || $password != $pass2) { throw new Exception("Invalid passwords."); } else { if ($usernameTestUser->getId()) { throw new Exception("Username already taken."); } else { if ($tokenTestUser->getId()) { throw new Exception("Access token already in use."); } } } } } } $this->access_token = $access_token; $gh_user = $this->apiRequest(GITHUB_API_URL . 'user'); if (!$gh_user) { throw new Exception("Unable to read user credentials from github."); } $nicknameTestUser = new User(); $nickname = $gh_user->login; if ($nicknameTestUser->findUserByNickname($nickname)) { $nickname = preg_replace('/[^a-zA-Z0-9]/', '', $gh_user->name); } while ($nicknameTestUser->findUserByNickname($nickname)) { $rand = mt_rand(1, 99999); $nickname = $gh_user->login . $rand; if ($nicknameTestUser->findUserByNickname($nickname)) { $nickname = preg_replace('/[^a-zA-Z0-9]/', '', $gh_user->name) . $rand; } } $user = User::signup($username, $nickname, $password, $access_token, $country); $success = true; $this->sync($user, $gh_user); // Email user $subject = "Registration"; $link = SECURE_SERVER_URL . "confirmation?cs=" . $user->getConfirm_string() . "&str=" . base64_encode($user->getUsername()); $body = '<p>' . $user->getNickname() . ': </p>' . '<p>You are one click away from an account on Worklist:</p>' . '<p><a href="' . $link . '">Click to verify your email address</a> and activate your account.</p>' . '<p>Welcome aboard, <br /> Worklist / High Fidelity</p>'; $plain = $user->getNickname() . "\n\n" . "You are one click away from an account on Worklist: \n\n" . 'Click/copy following URL to verify your email address activate your account:' . $link . "\n\n" . "Welcome aboard, \n Worklist / High Fidelity\n"; $msg = "An email containing a confirmation link was sent to your email address. " . "Please click on that link to verify your email address and activate your account."; if (!Utils::send_email($user->getUsername(), $subject, $body, $plain)) { error_log("SignupController: Utils::send_email failed"); $msg = 'There was an issue sending email. Please try again or notify admin@lovemachineinc.com'; } } catch (Exception $e) { $msg = $e->getMessage(); } echo json_encode(array('success' => $success, 'msg' => $msg)); }
public function reports() { if (empty($_SESSION['is_runner']) && empty($_SESSION['is_payer']) && isset($_POST['paid'])) { $this->view = null; Utils::redirect("jobs"); return; } $this->view = new ReportsView(); if (!empty($_REQUEST['payee'])) { $payee = new User(); $payee->findUserByNickname($_REQUEST['payee']); $_REQUEST['user'] = $payee->getId(); } $showTab = 0; if (!empty($_REQUEST['view'])) { if ($_REQUEST['view'] == 'chart') { $showTab = 1; } if ($_REQUEST['view'] == 'payee') { $showTab = 2; } } $this->write('showTab', $showTab); $w2_only = 0; if (!empty($_REQUEST['w2_only'])) { if ($_REQUEST['w2_only'] == 1) { $w2_only = 1; } } $this->write('w2_only', $w2_only); $_REQUEST['name'] = '.reports'; if (isset($_POST['paid']) && !empty($_POST['paidList']) && !empty($_SESSION['is_payer'])) { // we need to decide if we are dealing with a fee or bonus and call appropriate routine $fees_id = explode(',', trim($_POST['paidList'], ',')); foreach ($fees_id as $id) { $query = "SELECT `id`, `bonus` FROM `" . FEES . "` WHERE `id` = {$id} "; $result = mysql_query($query); $row = mysql_fetch_assoc($result); if ($row['bonus']) { Bonus::markPaidById($id, $user_paid = 0, $paid = 1, true, $fund_id = false); } else { Fee::markPaidById($id, $user_paid = 0, $paid_notes = '', $paid = 1, true, $fund_id = false); } } } parent::run(); }