/**
* Start a new conversation.
*
* @since 2.0.0
* @access public
*
* @param string $Recipient Username of the recipient.
*/
public function add($Recipient = '')
{
$this->permission('Conversations.Conversations.Add');
$this->Form->setModel($this->ConversationModel);
// Set recipient limit
if (!checkPermission('Garden.Moderation.Manage') && c('Conversations.MaxRecipients')) {
$this->addDefinition('MaxRecipients', c('Conversations.MaxRecipients'));
$this->setData('MaxRecipients', c('Conversations.MaxRecipients'));
}
if ($this->Form->authenticatedPostBack()) {
$RecipientUserIDs = array();
$To = explode(',', $this->Form->getFormValue('To', ''));
$UserModel = new UserModel();
foreach ($To as $Name) {
if (trim($Name) != '') {
$User = $UserModel->getByUsername(trim($Name));
if (is_object($User)) {
$RecipientUserIDs[] = $User->UserID;
}
}
}
// Enforce MaxRecipients
if (!$this->ConversationModel->addUserAllowed(0, count($RecipientUserIDs))) {
// Reuse the Info message now as an error.
$this->Form->addError(sprintf(plural($this->data('MaxRecipients'), "You are limited to %s recipient.", "You are limited to %s recipients."), c('Conversations.MaxRecipients')));
}
$this->EventArguments['Recipients'] = $RecipientUserIDs;
$this->fireEvent('BeforeAddConversation');
$this->Form->setFormValue('RecipientUserID', $RecipientUserIDs);
$ConversationID = $this->Form->save($this->ConversationMessageModel);
if ($ConversationID !== false) {
$Target = $this->Form->getFormValue('Target', 'messages/' . $ConversationID);
$this->RedirectUrl = url($Target);
$Conversation = $this->ConversationModel->getID($ConversationID, Gdn::session()->UserID);
$NewMessageID = val('FirstMessageID', $Conversation);
$this->EventArguments['MessageID'] = $NewMessageID;
$this->fireEvent('AfterConversationSave');
}
} else {
if ($Recipient != '') {
$this->Form->setValue('To', $Recipient);
}
}
if ($Target = Gdn::request()->get('Target')) {
$this->Form->addHidden('Target', $Target);
}
Gdn_Theme::section('PostConversation');
$this->title(t('New Conversation'));
$this->setData('Breadcrumbs', array(array('Name' => t('Inbox'), 'Url' => '/messages/inbox'), array('Name' => $this->data('Title'), 'Url' => 'messages/add')));
$this->CssClass = 'NoPanel';
$this->render();
}
/**
* 验证用户名,密码是否正确并存入SESSION中
*/
function check()
{
//得到用户名,密码,验证码
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$verify = trim($_POST['verify']);
if ($_SESSION['verify'] != strtoupper($verify)) {
$this->error('验证码出错');
}
//实例化用户模型
$user = new UserModel();
$userinfo = $user->getByUsername($username);
if (count($userinfo) > 0) {
if ($userinfo['password'] != md5($password)) {
$this->error('密码错误,请重试');
} else {
if ($userinfo['active'] != 1) {
$this->error('账户未激活,请联系管理员');
} else {
//得到当前时间
$current_time = date('Y-m-d H:i:s', time());
//判断用户写入
$where['username'] = $username;
//如果用户登录进来了,把登录时间写进数据库login_record中。
$log_record = new LoginRecordModel();
$log['login_date'] = $current_time;
$log['email'] = $userinfo['email'];
$log['username'] = $userinfo['username'];
$return_id = $log_record->where($where)->add($log);
//将插入返回的主键ID 保存在SESSION中,以便在用户退出的时候更新退出时间
$_SESSION['record_id'] = $return_id;
//将用户放进SESSION里面,并且更新用户最后登陆时间
$_SESSION['username'] = trim($username);
$data['last_login_date'] = $current_time;
$user->where($where)->save($data);
$this->redirect('Manage/index');
}
}
} else {
$this->error('您输入的用户名不存在');
}
}
/**
* Handle discussion option menu Change Author action.
*/
public function discussionController_author_create($Sender)
{
$DiscussionID = $Sender->Request->get('discussionid');
$Discussion = $Sender->DiscussionModel->getID($DiscussionID);
if (!$Discussion) {
throw NotFoundException('Discussion');
}
// Check edit permission
$Sender->permission('Vanilla.Discussions.Edit', true, 'Category', $Discussion->PermissionCategoryID);
if ($Sender->Form->authenticatedPostBack()) {
// Change the author
$Name = $Sender->Form->getFormValue('Author', '');
$UserModel = new UserModel();
if (trim($Name) != '') {
$User = $UserModel->getByUsername(trim($Name));
if (is_object($User)) {
if ($Discussion->InsertUserID == $User->UserID) {
$Sender->Form->addError('That user is already the discussion author.');
} else {
// Change discussion InsertUserID
$Sender->DiscussionModel->setField($DiscussionID, 'InsertUserID', $User->UserID);
// Update users' discussion counts
$Sender->DiscussionModel->updateUserDiscussionCount($Discussion->InsertUserID);
$Sender->DiscussionModel->updateUserDiscussionCount($User->UserID, true);
// Increment
// Go to the updated discussion
redirect(discussionUrl($Discussion));
}
} else {
$Sender->Form->addError('No user with that name was found.');
}
}
} else {
// Form to change the author
$Sender->setData('Title', $Discussion->Name);
}
$Sender->render('changeauthor', '', 'plugins/AuthorSelector');
}
public function authenticate()
{
if (!$this->Request->isPostBack()) {
throw forbiddenException($this->Request->requestMethod());
}
$Args = array_change_key_case($this->Form->formValues());
$UserModel = new UserModel();
// Look up the user.
$User = null;
if ($Email = val('email', $Args)) {
$User = $UserModel->getByEmail($Email);
} elseif ($Name = val('name', $Args)) {
$User = $UserModel->getByUsername($Name);
} else {
throw new Gdn_UserException("One of the following parameters required: Email, Name.", 400);
}
if (!$User) {
throw notFoundException('User');
}
// Check the password.
$PasswordHash = new Gdn_PasswordHash();
$Password = val('password', $Args);
try {
$PasswordChecked = $PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User));
// Rate limiting
Gdn::userModel()->RateLimit($User, $PasswordChecked);
if ($PasswordChecked) {
$this->setData('User', arrayTranslate((array) $User, array('UserID', 'Name', 'Email', 'PhotoUrl')));
if (val('session', $Args)) {
Gdn::session()->start($this->data('User.UserID'));
$this->setData('Cookie', array(c('Garden.Cookie.Name') => $_COOKIE[C('Garden.Cookie.Name')]));
}
} else {
throw new Exception(t('Invalid password.'), 401);
// Can't be a user exception.
}
} catch (Gdn_UserException $Ex) {
$this->Form->addError($Ex);
}
$this->render();
}
/**
* 更新 个人资料
*/
function update_profile()
{
$user = new UserModel();
$username = $_SESSION['username'];
$userinfo = $user->getByUsername($username);
//如果旧密码正确
if (md5($_POST['old_password']) == $userinfo['password']) {
if (!!($data = $user->create())) {
if ($user->save() !== false) {
$this->assign('jumpUrl', __APP__ . '/Manage/index');
$this->success('修改个人资料成功');
} else {
$this->assign('jumpUrl', __URL__ . '/profile');
$this->error('更新失败' . $user->getDbError());
}
} else {
$this->assign('jumpUrl', __URL__ . '/profile');
$this->error('更新失败' . $user->getError());
}
} else {
$this->assign('jumpUrl', __URL__ . '/profile');
$this->error('您输入的旧密码不正确');
}
}
/**
* Get a user ID using either a username or an email
*
* Note: If both a username and an email are specified, only the username
* will be used. This is to prevent abusing of the function by passing two
* parameters at a time and hoping to get a User ID.
*
* Based on initial work by Diego Zanella
* @link http://careers.stackoverflow.com/diegozanella
*
* @since 0.1.0
* @access public
* @param bool|string $username Username of the user whose ID we wish to get
* @param bool|string $email Email of the user whose ID we wish to get
* @return bool|int User ID if a username or an email has been
* specified, otherwise false
* @static
*/
public static function getUserID($username, $email)
{
$userModel = new UserModel();
// Look up the user ID using a username if one has been specified
if ($username) {
return $userModel->getByUsername($username)->UserID;
}
// Look up the user ID using an email if one has been specified
if ($email) {
return $userModel->getByEmail($email)->UserID;
}
return false;
}
