public function sendEmailVerify(User $user)
{
$this->addAddress($user->getEmail(), $user->getFirstName() . ' ' . $user->getLastName());
$this->Subject = "Unisales : Thanks for registering";
$this->Body = '<h4>Hello ' . $user->getFirstName() . '!</h4></br><p>You successfully registered to Unisales. Before you can login, you need to confim your email addess, by clicking the following link:</br>
<a href="http://www.unisales.co.uk/confirm?confirm=' . $user->getEmailChecker() . '">Click here to confirm</a></br>
</br>You can also copy and paste this link: http://www.unisales.co.uk/confirm?confirm=' . $user->getEmailChecker() . ' </p></br>
<p>See you soon on Unisales!</p>';
$this->AltBody = "This is the plain text version of the email content";
if ($this->send()) {
return true;
} else {
return false;
}
}
public static function validate(User $User)
{
$errors = array();
if (!trim($User->getFirstName())) {
$errors[] = new Error('first_name', 'Name cannot be empty.');
}
return $errors;
}
public function createResetToken(User $user)
{
ResultHelper::whenEmpty($user->getEmail(), AppLabelUtil::$ERROR_USER_NO_EMAIL, HttpStatusCode::internalServerError());
$tokenHash = Hash::create("sha256", mcrypt_create_iv(64, MCRYPT_DEV_URANDOM), HASH_GENERAL_KEY);
$this->mailService->setMailHeading(array($user->getEmail() => $user->getFirstName() . " " . $user->getLastName()));
$this->mailService->setBody("Instellen van uw wachtwoord", "Beste gebruiker, gelieve de volgende link te gebruiken om uw wachtwoord in te stellen: " . URL . "#/reset/token/" . $tokenHash);
$this->mailService->sendMail();
$resetToken = $this->resetTokenFactory->createResetToken($user->getId(), $tokenHash);
$this->resetTokenDao->create($resetToken);
}
public function update(User $object)
{
$q = "UPDATE " . self::TABLE . " SET `firstName`='" . Singleton::create("NullConverter")->fromDOMtoDB($object->getFirstName()) . "', `lastName`='" . Singleton::create("NullConverter")->fromDOMtoDB($object->getLastName()) . "', `createDate`='" . Singleton::create("DateConverter")->fromDOMtoDB($object->getCreateDate()) . "', `default`='" . Singleton::create("BooleanConverter")->fromDOMtoDB($object->isDefault()) . "' WHERE id='" . addslashes($object->getId()) . "'";
$pk = $object->getId();
if ($object->isNew()) {
if (empty($pk)) {
$q = "INSERT INTO " . self::TABLE . " (`firstName`, `lastName`, `createDate`, `default`) VALUES ('" . Singleton::create("NullConverter")->fromDOMtoDB($object->getFirstName()) . "', '" . Singleton::create("NullConverter")->fromDOMtoDB($object->getLastName()) . "', '" . Singleton::create("DateConverter")->fromDOMtoDB($object->getCreateDate()) . "', '" . Singleton::create("BooleanConverter")->fromDOMtoDB($object->isDefault()) . "')";
} else {
$q = "INSERT INTO " . self::TABLE . " (`firstName`, `lastName`, `createDate`, `default`) VALUES ('" . Singleton::create("NullConverter")->fromDOMtoDB($object->getId()) . "', '" . Singleton::create("NullConverter")->fromDOMtoDB($object->getFirstName()) . "', '" . Singleton::create("NullConverter")->fromDOMtoDB($object->getLastName()) . "', '" . Singleton::create("DateConverter")->fromDOMtoDB($object->getCreateDate()) . "', '" . Singleton::create("BooleanConverter")->fromDOMtoDB($object->isDefault()) . "')";
}
}
$this->db->updateQuery($q);
if (empty($pk)) {
$pk = $this->db->selectQuery("SELECT id from " . self::TABLE . " ORDER BY id DESC limit 1")->getSingleton();
}
$result = $this->findByPrimaryKey($pk);
parent::$dbCache->resetEntity("User");
parent::$dbCache->setSingle("User", $pk, $result);
return $result;
}
public function completeRegistration(User $user, $addressId)
{
$user->setAddressId($addressId);
$sql = '
UPDATE users_tb SET
id=:id,
first_name = :first_name,
last_name = :last_name,
address_id = :address_id
WHERE
id = :id';
$params = array(':id' => $user->getId(), ':first_name' => $user->getFirstName(), ':last_name' => $user->getLastName(), 'address_id' => $user->getAddressId());
return $this->execute($sql, $user, $params);
}
public function create(User $u)
{
$q = $this->_db->prepare('INSERT INTO users (email,firstName,lastName,phone,password) VALUES(:em,:fn,:ln,:ph,:pass) ');
$q->bindValue(':fn', $u->getFirstName(), PDO::PARAM_STR);
$q->bindValue(':ln', $u->getLastName(), PDO::PARAM_STR);
$q->bindValue(':em', $u->getEmail(), PDO::PARAM_STR);
$q->bindValue(':ph', $u->getPhone(), PDO::PARAM_STR);
$q->bindValue(':pass', $u->getPassword(), PDO::PARAM_STR);
try {
$q->execute();
} catch (Exception $e) {
echo "Error at user creation";
}
}
/**
* @param user User
* @param $token Token
* @return UserDto
*/
public function mapUserToDto(User $user, $token = null)
{
$userDto = new UserDto();
$userDto->setId($user->getId());
$userDto->setUserName($user->getUsername());
$userDto->setEmail($user->getEmail());
$userDto->setFirstName($user->getFirstName());
$userDto->setLastName($user->getLastName());
$userDto->setPicture($user->getPicture());
$userDto->setFile($user->getFile());
$userDto->setDisplay($user->getDisplay());
$userDto->setRole($this->roleMapper->mapUserRoleToDto($user->getRole()));
$userDto->setToken($token);
return $userDto;
}
function RegisterMember(User $newUser, $RegDate, $name, $image)
{
global $connection;
// if (!find_member($Lname,$DOB)) {
$query = "INSERT INTO members(id,Lname,Fname,Title,Gender,DOB,MemberImageName,MemberImage,Phone,Email,Program,Year,Hall,Parish,Subgroups,RegDate) \n\tVALUES(\n\t\t'',\n\t\t'{$newUser->getLastName()}',\n\t\t'{$newUser->getFirstName()}',\n\t\t'{$newUser->getTitle()}',\n\t\t'{$newUser->getGender()}',\n\t\t'{$newUser->getDateOfBirth()}',\n\t\t'{$name}',\n\t\t'{$image}',\n\t\t'{$newUser->getPhoneNumber()}',\n\t\t'{$newUser->getEmail()}',\n\t\t'{$newUser->getProgram()}',\n\t\t'{$newUser->getYear()}',\n\t\t'{$newUser->getHall()}',\n\t\t'{$newUser->getParish()}',\n\t\t'{$newUser->getSubGroup()}',\n\t\t'{$RegDate}'\n\t\t)";
// mysql_query($query,$connection);
// // confirm_query($result_set);
// if (mysql_affected_rows() == 1) {
// echo "success";
// }
// else {
// echo "err2";
// }
$mysqli = new Mysqli('localhost', 'root', 'PASSword1', 'paxromanadata');
return $mysqli->query($query);
}
/**
* Show the last comment by user and date of the object
*
* Parameters:
*
* - object - object
*
* @param array $params
* @param Smarty $smarty
* @return string
*/
function smarty_function_object_last_comment($params, &$smarty)
{
$object = array_var($params, 'object');
if (!instance_of($object, 'ProjectObject')) {
return new InvalidParamError('object', $object, '$object is not valid instance of ProjectObject class', true);
}
// if
$resp = '';
$link = mysql_connect(DB_HOST, DB_USER, DB_PASS);
mysql_select_db(DB_NAME);
//BOF:mod 20111104
/*
//EOF:mod 20111104
$query = "select created_by_id, created_on from healingcrystals_project_objects where parent_id='" . $object->getId() . "' and type='Comment' order by created_on desc limit 0, 1";
//BOF:mod 20111104
*/
$query = "select created_by_id, created_on from healingcrystals_project_objects where parent_id='" . $object->getId() . "' and type='Comment' and state='" . STATE_VISIBLE . "' order by created_on desc limit 0, 1";
//EOF:mod 20111104
$result = mysql_query($query, $link);
if (mysql_num_rows($result)) {
$info = mysql_fetch_assoc($result);
if (!empty($info['created_by_id'])) {
$created_on = strtotime($info['created_on']);
//BOF:mod 20111215
$offset = get_system_gmt_offset();
$created_on += $offset;
//EOF:mod 20111215
$user_obj = new User($info['created_by_id']);
//BOF:mod 20111215
/*
//EOF:mod 20111215
$resp = ' <a href="' . $user_obj->getViewUrl() . '">' . $user_obj->getFirstName() . '</a> ' . date('m-d', strtotime($created_on)) . ' ';
//BOF:mod 20111215
*/
$resp = ' <a href="' . $user_obj->getViewUrl() . '">' . $user_obj->getFirstName() . '</a> ' . date('m-d', $created_on) . ' ';
//EOF:mod 20111215
unset($user_obj);
} else {
$resp = '--';
}
} else {
$resp = '--';
}
mysql_close($link);
return $resp;
}
public function get_passwordreset($hash)
{
//Pull our user based on the hash
$user = User::where('fptoken', '=', $hash)->first();
if (empty($user)) {
//Ouch, bad hash
return Redirect::route('index')->with('topmessage', 'Sorry, that password reset link is either invalid or already used. Please request another link.');
} else {
//Ok, it is a good hash. Let's log the user in.
Auth::user()->login($user);
//Remove the hash from the database
$user->fptoken = "";
$user->save();
$fname = User::getFirstName($user->cid);
Session::put('fname', $fname);
//Alright now we need to redirect them to their manager and advise them to change their password
return Redirect::to('va#editva')->with('topmessage', 'The reset link was valid and you were logged in. Please change your password below.');
}
}
public function testCreate()
{
$user = new User();
$user->setId(1);
$user->setEmail('*****@*****.**');
$user->setPassword('xxxx');
$user->setFirstName('John');
$user->setLastName('Doe');
$user->addRole(new UserRole());
$user->addVehicle(new Vehicle());
$this->assertSame(null, $user->getUpdated());
$user->setUpdated();
$user->preUpdate();
$this->assertSame(1, $user->getId());
$this->assertTrue($user->getCreated() instanceof \DateTime);
$this->assertTrue($user->getUpdated() instanceof \DateTime);
$this->assertSame('*****@*****.**', $user->getEmail());
$this->assertSame('John', $user->getFirstName());
$this->assertSame('Doe', $user->getLastName());
$this->assertTrue($user->getRoles()[0] instanceof UserRole);
$this->assertTrue($user->getVehicles()[0] instanceof Vehicle);
}
public function post_login()
{
$postStr = Input::get('data');
parse_str($postStr, $post);
$email = $post['inputEmail'];
$password = $post['inputPassword'];
$user = User::where('email', '=', $email)->first();
if (!empty($user)) {
if (Hash::check($password, $user->password)) {
Auth::user()->loginUsingId($user->cid);
//Update the database with their last IP
$user->ip = Request::getClientIp();
$user->save();
$fname = User::getFirstName(Auth::user()->get()->cid);
Session::put('fname', $fname);
echo $fname;
} else {
echo "/errorBadPassword";
}
} else {
echo "/errorBadEmail";
}
}
public function UpdateUser(User $user = null)
{
if ($user == null || $user->getUID() == null) {
return false;
}
$props = array("UName" => $user->getUserName(), "UPass" => $user->getPassword(), "UEmail" => $user->getEmail(), "Session" => $user->getSession(), "FirstName" => $user->getFirstName(), "LastName" => $user->getLastName(), "Phone" => $user->getPhoneNumber(), "LastCheckInLocation" => $user->getLocation(), "Department" => $user->getDeparment(), "PayRate" => $user->getPayRate(), "Online" => $user->getActive(), "AccType" => $user->getAccountType(), "StatusID" => $user->getCurrentStatus(), "LastCheckIn" => $user->getLastActive(), "ManagerID" => $user->getManagerID(), "AccountVerified" => $user->getVerifStatus(), "IsManager" => $user->getIsManager());
foreach ($props as $k => $v) {
if ($v != null) {
if ($k == "IsManager") {
$_props[$k] = "{$v}";
} else {
if (gettype($v) == "string") {
$_props[$k] = "'" . $v . "', ";
} else {
$_props[$k] = "{$v}, ";
}
}
}
}
$cond = array("UID = " => $user->getUID());
$this->_dbAdapt->UStatement(DB_TBL_USER, $_props, $cond);
$tmp = $this->_dbAdapt->getLnk();
$tmp->query($this->_dbAdapt->getQry());
unset($tmp);
return true;
}
public function testLoad()
{
$user = new User(1);
$user->setFirstName('');
$user->load();
$this->assertEquals('Will', $user->getFirstName());
}
*activate the account. If the user doesn't exist then create it and put the activated field in the DB
*in 0 and send activation email to the user's email account and redirect it to the screen that tells that an email has been sent to his/her account
*to activate the account.
*If the account already exists and is activated then redirect the user to the dashboard.
*/
//execute query to see if the user exist
$email = $connObj->escapeMe($userObj->getEmail());
$result = $connObj->executeQuery($q->getUserByEmail() . "'{$email}'");
$usersCount = $connObj->getNumRows();
//echo "You selected ".$usersCount." users<br>"."select * from `user` where `email`=".$userObj->getEmail();
if ($usersCount <= 0) {
/*First case: a new user needs to be created
*We need to create the user in the DB with the user_activated flag with 0 and send an email
*with a url like this: localhost/validate_user?userID=id&hash_email=hash&userActivated=1;
*/
$query_str = sprintf($q->insInsertNewUser(), $userObj->getFirstName(), $userObj->getLastName(), $userObj->getEmail(), $userObj->getPassword(), $userObj->getUserActivated());
//echo "This is the formatted string:<br>";
//echo $query_str;
$result = $connObj->executeQuery($query_str);
$lastId = $connObj->getLastId();
$connObj->commit();
//echo "This is my last id inserted: ". $lastId;
//Send email to the user
/*This part will have to be emulated with only an echo in this very same page
*because I need to set a mail server for this.
*/
/*
$msg = "New user account created for usefulapps!\n
username: "******"\n".
"password: "******"\n".
"To activate your account go to this <a href='http://localhost/validate.php?userId='.$lastId>link</a>.";
private function addForgotPasswordToDatabase(User $user)
{
$forgotPasswordEngine = ForgotPasswordEngine::getInstance();
$exists = $forgotPasswordEngine->getForgotPasswordByUserID($user->getUserID());
if (is_object($exists)) {
if ($forgotPasswordEngine->forgotPasswordIsOfValidAge($exists)) {
return;
}
$forgotPasswordEngine->removeForgotPassword($exists);
}
$forgotPassword = $forgotPasswordEngine->generateNewForgotPassword($user->getUserID());
if ($forgotPassword === false) {
$this->showErrorMessageForForgotPassword();
return;
}
$mailTemplateEngine = MailTemplateEngine::getInstance();
$mail = $mailTemplateEngine->loadTemplate("forgotPassword");
if ($mail === false) {
$this->showErrorMessageForForgotPassword();
return;
}
$mail->addRecipient($user->getEmail());
$mail->setBulkMail(false);
$mail->addReplacementValue("[[name]]", $user->getEmail(), $user->getFirstName());
$passwordTokenLink = new Link("users/forgotPassword/{$forgotPassword->getToken()}", false, false, false, true);
$mail->addReplacementValue("[[passwordToken]]", $user->getEmail(), $passwordTokenLink->getHref());
if (!$mail->sendMail()) {
$this->showErrorMessageForForgotPassword();
return;
}
}
global $user;
$title = 'Welcome';
include_once 'php/xcp-head.php';
?>
<body>
<div class="wrap" style="display:none;">
<div class="main">
<h1 id="xpc-title">Expense Calc Pro</h1>
<?php
if (!checkLogin()) {
include 'templates/forms/form-login.php';
} else {
$user = new User($_SESSION['user_id'], $_SESSION['login_string']);
?>
<h2 id="xpc-welcome">Welcome Back <?php
echo $user->getFirstName();
?>
</h2>
<?php
include 'templates/dashboard.php';
?>
<?php
}
?>
</div>
<div class="dialog"></div>
</div>
</body>
<style type="text/css">
.main {
});
$app->post('/users/', function () use($app) {
$body = $app->request->getBody();
$nu = json_decode($body);
if ($uid = User::create($nu->firstName, $nu->lastName, $nu->email)) {
$app->response()->status("201");
$token = App::generateToken($uid);
echo json_encode(array('token' => "{$token}"));
} else {
$app->response()->status("401");
}
});
$app->get('/users/:hash_id/', function ($hash_id) use($app) {
try {
$u = new User(Tools::decodeHashID("user", $hash_id));
echo json_encode(["user_id" => $u->getID(), "hash_id" => $u->getHashID(), "first_name" => $u->getFirstName(), "last_name" => $u->getLastName(), "email" => $u->getEmail(), "avatar" => $u->getProfilePictureURL()]);
} catch (Exception $e) {
$app->response->status(404);
echo json_encode(["status" => "User not found"]);
}
});
$app->get('/users/:hash_id/posts', function ($hash_id) use($app) {
$req = $app->request;
$prms = [];
if ($req->get("limit")) {
$prms['limit'] = $req->get("limit");
}
if ($req->get("offset") && $req->get("direction")) {
$prms['offset'] = $req->get("offset");
$prms['direction'] = $req->get("direction");
}
public function getJSON()
{
$returnVal = array('FirstName' => parent::getFirstName(), 'LastName' => parent::getLastName(), 'Password' => parent::getPassword(), 'E-mail' => parent::getEmail(), 'Phone' => parent::getPhoneNum(), 'Permission' => $this->permissionsLevel, 'ID' => parent::getID());
return json_encode($returnVal);
}
/**
* @param User $inUser
* @param $password
* @return bool | int returns new user ID on success
*/
public function addUser(User $inUser, $password)
{
if (!PermissionEngine::getInstance()->currentUserCanDo('userCanAddUsers')) {
return false;
}
$db = Database::getInstance();
if (!$db->isConnected()) {
return false;
}
$pass = Hasher::generateHash($password);
$roleID = $db->escapeString($inUser->getRoleID());
$firstName = $db->escapeString($inUser->getFirstName());
$lastName = $db->escapeString($inUser->getLastName());
$userName = $db->escapeString($inUser->getUserName());
$email = $db->escapeString($inUser->getEmail());
$givenID = $db->escapeString($inUser->getGivenIdentifier());
$birthday = $inUser->getBirthday();
$birthday = $db->escapeString($birthday->format("Y-m-d H:i:s"));
$picture = $db->escapeString($inUser->getProfilePictureLocation()->getRawHref());
$password = $db->escapeString($pass);
$results = $db->insertData('user', 'roleID, firstName,lastName, userName, email, givenIdentifier, birthday, profilePictureLocation, password', "{$roleID}, '{$firstName}','{$lastName}', '{$userName}','{$email}', '{$givenID}', '{$birthday}', '{$picture}', '{$password}'");
if (!$results) {
return false;
}
return true;
}
function ShowURL($params)
{
$tempUser = new User($params['CustomerID']);
//Customer Information from CE
$params['userID'] = "CE" . $tempUser->getId();
$params['userEmail'] = $tempUser->getEmail();
$params['userFirstName'] = $tempUser->getFirstName();
$params['userLastName'] = $tempUser->getLastName();
$params['userOrganization'] = $tempUser->getOrganization();
$params['userAddress'] = $tempUser->getAddress();
$params['userCity'] = $tempUser->getCity();
$params['userState'] = $tempUser->getState();
$params['userZipcode'] = $tempUser->getZipCode();
$params['userCountry'] = $tempUser->getCountry();
$params['userPhone'] = $tempUser->getPhone();
// Get customer Authnet CIM profile
$customerProfile = $this->getCustomerProfile($params);
if ($customerProfile['error']) {
return '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>' . $customerProfile['detail'] . '</body>
</html>';
}
//Authorize.net CIM Credentials from CE plugin
$myapilogin = $this->settings->get('plugin_authnetcim_Authorize.Net CIM API Login ID');
$mYtRaNsaCTiOnKEy = $this->settings->get('plugin_authnetcim_Authorize.Net CIM Transaction Key');
$sandbox = $this->settings->get('plugin_authnetcim_Authorize.Net CIM Test Mode');
$USE_DEVELOPMENT_SERVER = $sandbox ? AuthnetCIM::USE_DEVELOPMENT_SERVER : AuthnetCIM::USE_PRODUCTION_SERVER;
//Need to check to see if user is coming from signup
if ($params['isSignup']) {
// Actually handle the signup URL setting
if ($this->settings->get('Signup Completion URL') != '') {
$returnURL = $this->settings->get('Signup Completion URL') . '?success=1';
} else {
$returnURL = $params["clientExecURL"] . "/order.php?step=complete&pass=1";
}
$hosted_Profile_Page_Border_Visible = 'true';
} else {
$hosted_Profile_Page_Border_Visible = 'false';
$returnURL = $params['returnURL'];
}
// Get the Hosted Profile Page
$hosted_Profile_Return_Url_Text = 'Continue to confirmation page.';
$hosted_Profile_Card_Code_Required = 'true';
$hosted_Profile_Billing_Address_Required = 'true';
try {
$cim = new AuthnetCIM($myapilogin, $mYtRaNsaCTiOnKEy, $USE_DEVELOPMENT_SERVER);
$cim->setParameter('customerProfileId', $customerProfile['profile_id']);
if ($params['isSignup']) {
$cim->setParameter('hostedProfileReturnUrl', $returnURL);
} else {
$cim->setParameter('hostedProfileIFrameCommunicatorUrl', $returnURL);
}
$cim->setParameter('hostedProfileReturnUrlText', $hosted_Profile_Return_Url_Text);
$cim->setParameter('hostedProfilePageBorderVisible', $hosted_Profile_Page_Border_Visible);
$cim->setParameter('hostedProfileCardCodeRequired', $hosted_Profile_Card_Code_Required);
$cim->setParameter('hostedProfileBillingAddressRequired', $hosted_Profile_Billing_Address_Required);
$cim->getHostedProfilePage();
// Get the token for the profile
if ($cim->isSuccessful()) {
$profile_token = $cim->getProfileToken();
return '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<body>
<form id="formAuthorizeNetPage" method="post" action="https://' . ($sandbox ? 'test' : 'secure') . '.authorize.net/profile/manage">
<input type="hidden" name="token" value="' . $profile_token . '"/>
</form>
<script type="text/javascript">
document.getElementById("formAuthorizeNetPage").submit();
</script>
</body>
</html>';
} else {
return '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>' . $cim->getResponseSummary() . '</body>
</html>';
}
} catch (AuthnetCIMException $e) {
return '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>' . $e . '</body>
</html>';
}
}
private function getParams(User $user)
{
$params = array(':id' => $user->getId(), ':first_name' => $user->getFirstName(), ':last_name' => $user->getLastName(), ':email' => $user->getEmail(), ':user_password' => $user->getPassword());
return $params;
}
protected function update(User $user)
{
$q = $this->db->prepare('UPDATE users SET userType = :userType, userStatus = :userStatus, email = :email, university = :university,firstName =:firstName, lastName = :lastName, passWord = :passWord WHERE id = :id');
$q->execute(array('userType' => $user->getUserType(), 'userStatus' => $user->getUserStatus(), 'email' => $user->getEmail(), 'university' => $user->getUniversity(), 'firstName' => $user->getFirstName(), 'lastName' => $user->getLastName(), 'passWord' => $user->getPassWord(), 'id' => $user->getId()));
}
private function getParams(User $user)
{
$params = array(':id' => $user->getId(), ':first_name' => $user->getFirstName(), ':user_password' => $user->getUserpassword(), ':status' => $user->getStatus());
return $params;
}
function addUser(User $user)
{
global $config_db;
// Check for Admin User
if (!$user->getSystemAdmin) {
return false;
}
// Check email is not already used
foreach ($config_db->query("SELECT " . "* " . "FROM " . "users " . "WHERE " . "userEmail = '" . $user->getEmail() . "'") as $row) {
return false;
}
// Add users
$sql = "INSERT INTO users (" . "userFirstName," . "userLastName," . "userEmail," . "userPassword," . "systemAdmin," . "createDate," . "createdBy," . "updateDate," . "updatedBy" . ") VALUES (" . "'" . $user->getFirstName() . "', " . "'" . $user->getLastName() . "', " . "'" . $user->getEmail() . "', " . "'" . $user->getPassword() . "', " . "" . $user->getSystemAdmin() . ", " . "'" . date("Y-m-d") . "', " . "'" . $user->getEmail() . "', " . "'" . date("Y-m-d") . "', " . "'" . $user->getEmail() . "')";
$config_db->exec($sql);
return true;
}
private function passwordContainsUserDetails(User $user, string $password) : bool
{
return $this->passwordContainsNeedle($password, $user->getFirstName()) || $this->passwordContainsNeedle($password, $user->getLastName());
}
/**
*
* @param User $user
* @return int id of the User inserted in base. False if it didn't work.
*/
public static function flush($user)
{
$userId = $user->getId();
$login = $user->getLogin();
$password = $user->getPassword();
$mail = $user->getMail();
$inscriptionDate = $user->getInscriptionDate();
$firstName = $user->getFirstName();
$lastName = $user->getLastName();
$birthDate = $user->getBirthDate();
$address = $user->getAddress();
$phoneNumber = $user->getPhoneNumber();
$avatar = $user->getAvatar();
$role = $user->getRole()->getId();
if ($userId > 0) {
$sql = 'UPDATE user u SET ' . 'u.login = ?, ' . 'u.passwd = ?, ' . 'u.mail = ?, ' . 'u.inscription_date = ?, ' . 'u.first_name = ?, ' . 'u.last_name = ?, ' . 'u.birth_date = ?, ' . 'u.address = ?, ' . 'u.phone_number = ?, ' . 'u.avatar = ?, ' . 'u.ROLE_id_role = ? ' . 'WHERE u.id_user = ?';
$params = array('ssssssssssii', &$login, &$password, &$mail, &$inscriptionDate, &$firstName, &$lastName, &$birthDate, &$address, &$phoneNumber, &$avatar, &$role, &$userId);
} else {
$sql = 'INSERT INTO user ' . '(login, passwd, mail, inscription_date, first_name, ' . 'last_name, birth_date, address, phone_number, avatar, ROLE_id_role) ' . 'VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
$params = array('ssssssssssi', &$login, &$password, &$mail, &$inscriptionDate, &$firstName, &$lastName, &$birthDate, &$address, &$phoneNumber, &$avatar, &$role);
}
$idInsert = BaseSingleton::insertOrEdit($sql, $params);
if ($idInsert !== false && $userId > 0) {
$idInsert = $userId;
}
return $idInsert;
}
/**
* @param User $user
*/
public function signIn(User $user)
{
$this->setAuthenticated(true);
$this->setAttribute('uid', $user->getId());
$this->setAttribute('username', $user->getUsername());
$this->setAttribute('firstname', $user->getFirstName());
$this->setAttribute('lastname', $user->getLastName());
$this->setAttribute('email', $user->getEmail());
$this->setAttribute('theme', $user->Setting->theme);
$this->setAttribute('account_id', $user->Account->id);
$this->setAttribute('account_name', $user->Account->name);
if ($user->administrator == true) {
$this->addCredential('admin');
}
if ($user->boss_mode == true) {
$this->setAttribute('overlord', 1);
} else {
$this->setAttribute('overlord', 0);
}
if ($user->Setting->culture != "") {
$this->setCulture($user->Setting->culture);
}
}
/**
* Create a session and store information in cookies.
*
* @param User $user
* @param bool $student true if this is a student object. False if it is an adin
* @return string, session create success.
*/
private function createSession($user, $student = true)
{
session_start();
$_SESSION['userId'] = $user->getId();
$_SESSION['userName'] = $user->getUserName();
$_SESSION['firstName'] = $user->getFirstName();
$_SESSION['lastName'] = $user->getLastName();
/* $_SESSION['logicLayer'] = $this->logicLayer;
$_SESSION['objectLayer'] = $this->objectLayer;
$_SESSION['persistenceLayer'] = $this->persistenceLayer;
$_SESSION['dbConnection'] = $this->dbConnection;*/
if ($student == true) {
$_SESSION['userType'] = 0;
} else {
//admin
$_SESSION['userType'] = 1;
}
//die(var_dump($_SESSION));
return "Login created, session started";
}
/**
* Edit Profile
*
* @param void
* @return null
*/
function edit_profile()
{
$this->wireframe->print_button = false;
if ($this->active_user->isNew()) {
$this->httpError(HTTP_ERR_NOT_FOUND);
}
// if
if (!$this->active_user->canEdit($this->logged_user)) {
$this->httpError(HTTP_ERR_FORBIDDEN);
}
// if
$config_options = array('title', 'phone_work', 'phone_mobile', 'im_type', 'im_value');
$user_data = $this->request->post('user');
if (!is_array($user_data)) {
$user_data = array_merge(array('first_name' => $this->active_user->getFirstName(), 'last_name' => $this->active_user->getLastName(), 'email' => $this->active_user->getEmail()), UserConfigOptions::getValues($config_options, $this->active_user));
}
// if
$this->smarty->assign('user_data', $user_data);
if ($this->request->isSubmitted()) {
db_begin_work();
$display = $this->active_user->getDisplayName();
$user_data['role_id'] = $this->active_user->getRoleId();
// role cannot be changed
$this->active_user->setAttributes($user_data);
$save = $this->active_user->save();
if ($save && !is_error($save)) {
foreach ($config_options as $config_option) {
$value = trim(array_var($user_data, $config_option));
if ($value === '') {
UserConfigOptions::removeValue($config_option, $this->active_user);
} else {
UserConfigOptions::setValue($config_option, $value, $this->active_user);
}
// if
}
// foreach
db_commit();
if ($this->request->isApiCall()) {
$this->serveData($this->active_user, 'user');
} else {
flash_success(":display's profile has been updated", array('display' => $display));
$this->redirectToUrl($this->active_user->getViewUrl());
}
// if
} else {
db_rollback();
if ($this->request->isApiCall()) {
$this->serveData($save);
} else {
$this->smarty->assign('errors', $save);
}
// if
}
// if
} else {
if ($this->request->isApiCall()) {
$this->httpError(HTTP_ERR_BAD_REQUEST, null, true, true);
}
// if
}
// if
}
