function Users_user_validate()
{
if (isset($_REQUEST['userIds']) or isset($_REQUEST['batch'])) {
return;
}
$type = isset($_REQUEST['identifierType']) ? $_REQUEST['identifierType'] : Q_Config::get("Users", "login", "identifierType", "email,mobile");
$parts = explode(',', $type);
$accept_mobile = true;
$expected = 'email address or mobile number';
$fields = array('emailAddress', 'mobileNumber', 'identifier');
if (count($parts) === 1) {
if ($parts[0] === 'email') {
$expected = 'email address';
$fields = array('emailAddress', 'identifier');
$accept_mobile = false;
} else {
if ($parts[0] === 'mobile') {
$expected = 'mobile number';
$fields = array('mobileNumber', 'identifier');
}
}
}
if (!isset($_REQUEST['identifier'])) {
throw new Q_Exception("a valid {$expected} is required", $fields);
}
if (!Q_Valid::email($_REQUEST['identifier'])) {
if (!$accept_mobile) {
throw new Q_Exception("a valid {$expected} is required", $fields);
}
if (!Q_Valid::phone($_REQUEST['identifier'])) {
throw new Q_Exception("a valid {$expected} is required", $fields);
}
}
$identifier = Users::requestedIdentifier($type);
// check our db
if ($user = Users::userFromContactInfo($type, $identifier)) {
$verified = !!Users::identify($type, $identifier);
return array('exists' => $user->id, 'verified' => $verified, 'username' => $user->username, 'icon' => $user->icon, 'passphrase_set' => !empty($user->passphraseHash), 'fb_uid' => $user->fb_uid ? $user->fb_uid : null);
}
if ($type === 'email') {
$email = new Users_Email();
Q_Valid::email($identifier, $normalized);
$email->address = $normalized;
$exists = $email->retrieve();
} else {
if ($type === 'mobile') {
$mobile = new Users_Mobile();
Q_Valid::phone($identifier, $normalized);
$mobile->number = $normalized;
$exists = $mobile->retrieve();
}
}
if (empty($exists) and Q_Config::get('Users', 'login', 'noRegister', false)) {
$nicetype = $type === 'email' ? 'email address' : 'mobile number';
throw new Q_Exception("This {$nicetype} was not registered", array('identifier'));
}
}
function Users_user_response_data($params)
{
$identifier = Users::requestedIdentifier($type);
// check our db
if ($user = Users::userFromContactInfo($type, $identifier)) {
$verified = !!Users::identify($type, $identifier);
return array('exists' => $user->id, 'verified' => $verified, 'username' => $user->username, 'icon' => $user->icon, 'passphrase_set' => !empty($user->passphraseHash), 'fb_uid' => $user->fb_uid ? $user->fb_uid : null);
}
if ($type === 'email') {
$email = new Users_Email();
Q_Valid::email($identifier, $normalized);
$email->address = $normalized;
$exists = $email->retrieve();
} else {
if ($type === 'mobile') {
$mobile = new Users_Mobile();
Q_Valid::phone($identifier, $normalized);
$mobile->number = $normalized;
$exists = $mobile->retrieve();
}
}
if (empty($exists) and Q_Config::get('Users', 'login', 'noRegister', false)) {
$nicetype = $type === 'email' ? 'email address' : 'mobile number';
throw new Q_Exception("This {$nicetype} was not registered", array('identifier'));
}
// Get Gravatar info
// WARNING: INTERNET_REQUEST
$hash = md5(strtolower(trim($identifier)));
$thumbnailUrl = Q_Request::baseUrl() . "/action.php/Users/thumbnail?hash={$hash}&size=80&type=" . Q_Config::get('Users', 'login', 'iconType', 'wavatar');
$json = @file_get_contents("http://www.gravatar.com/{$hash}.json");
$result = json_decode($json, true);
if ($result) {
if ($type === 'email') {
$result['emailExists'] = !empty($exists);
} else {
if ($type === 'mobile') {
$result['mobileExists'] = !empty($exists);
}
}
return $result;
}
// otherwise, return default
$email_parts = explode('@', $identifier, 2);
$result = array("entry" => array(array("id" => "571", "hash" => "357a20e8c56e69d6f9734d23ef9517e8", "requestHash" => "357a20e8c56e69d6f9734d23ef9517e8", "profileUrl" => "http://gravatar.com/test", "preferredUsername" => ucfirst($email_parts[0]), "thumbnailUrl" => $thumbnailUrl, "photos" => array(), "displayName" => "", "urls" => array())));
if ($type === 'email') {
$result['emailExists'] = !empty($exists);
} else {
$result['mobileExists'] = !empty($exists);
}
if ($terms_label = Users::termsLabel('register')) {
$result['termsLabel'] = $terms_label;
}
return $result;
}
function users_activate_post()
{
$email_address = Pie_Dispatcher::uri()->email_address;
$mobile_number = Pie_Dispatcher::uri()->mobile_number;
$email = null;
$mobile = null;
if ($email_address) {
$email = new Users_Email();
$email->address = $email_address;
// NOTE: not sharded by user_id
if (!$email->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'email', 'criteria' => "address = {$email_address}"));
}
$user = new Users_User();
$user->id = $email->user_id;
if (!$user->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'user', 'criteria' => 'id = ' . $user->id));
}
if ($email->activation_code != $_REQUEST['code']) {
throw new Pie_Exception("The activation code does not match.", 'code');
}
$user->setEmailAddress($email->address);
// may throw exception
$type = "email address";
}
if ($mobile_number) {
$mobile = new Users_Mobile();
$mobile->number = $mobile_number;
// NOTE: not sharded by user_id
if (!$mobile->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'mobile phone', 'criteria' => "number = {$mobile_number}"));
}
$user = new Users_User();
$user->id = $mobile->user_id;
if (!$user->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'user', 'criteria' => 'id = ' . $user->id));
}
if ($mobile->activation_code != $_REQUEST['code']) {
throw new Pie_Exception("The activation code does not match.", 'code');
}
$user->setMobileNumber($mobile->number);
// may throw exception
$type = "mobile number";
}
if ($type) {
Pie_Response::addNotice("users/activate", "Your {$type} has been activated.");
}
Users::$cache['user'] = $user;
}
function Users_resend_post()
{
$identifier = Users::requestedIdentifier($type);
if ($type !== 'email' and $type !== 'mobile') {
throw new Q_Exception("Expecting a valid email or mobile number", array('identifier', 'emailAddress', 'mobileNumber'));
}
if ($type === 'email') {
$thing = 'email address';
$field = 'emailAddress';
$row = new Users_Email();
$row->address = $identifier;
} else {
if ($type === 'mobile') {
$thing = 'mobile number';
$field = 'mobileNumber';
$row = new Users_Mobile();
$row->number = $identifier;
} else {
throw new Q_Exception("Expecting a valid email or mobile number", array('identifier', 'emailAddress', 'mobileNumber'));
}
}
if ($row->retrieve()) {
$userId = $row->userId;
} else {
if ($ui = Users::identify($type, $identifier, 'future')) {
$userId = $ui->userId;
} else {
throw new Q_Exception("That {$thing} was not found in the system", array('identifier', $field));
}
}
$user = new Users_User();
$user->id = $userId;
if (!$user->retrieve()) {
throw new Q_Exception("No user corresponds to that {$thing}", array('identifier', $field));
}
if ($logged_in_user = Users::loggedInUser() and $logged_in_user->id != $user->id) {
throw new Q_Exception("That {$thing} belongs to someone else", array('identifier', $field));
}
if ($type === 'email') {
$existing = $user->addEmail($identifier);
} else {
$existing = $user->addMobile($identifier);
}
if ($existing) {
$existing->resendActivationMessage();
}
Users::$cache['user'] = $user;
}
function Streams_user_response_data($params)
{
$identifier = Users::requestedIdentifier($type);
$hash = md5(strtolower(trim($identifier)));
$icon = Q_Config::get('Users', 'register', 'icon', 'leaveDefault', false) ? $url = "plugins/Users/img/icons/default/80.png" : Q_Request::baseUrl() . "/action.php/Users/thumbnail?hash={$hash}&size=80&type=" . Q_Config::get('Users', 'login', 'iconType', 'wavatar');
// check our db
if ($user = Users::userFromContactInfo($type, $identifier)) {
$displayname = Streams::displayName($user);
$verified = !!Users::identify($type, $identifier);
return array('exists' => $user->id, 'verified' => $verified, 'username' => $user->username, 'displayName' => $displayname, 'icon' => $verified ? $icon : $user->icon, 'passphrase_set' => !empty($user->passphraseHash), 'fb_uid' => $user->fb_uid ? $user->fb_uid : null);
}
if ($type === 'email') {
$email = new Users_Email();
Q_Valid::email($identifier, $normalized);
$email->address = $normalized;
$exists = $email->retrieve();
} else {
if ($type === 'mobile') {
$mobile = new Users_Mobile();
Q_Valid::phone($identifier, $normalized);
$mobile->number = $normalized;
$exists = $mobile->retrieve();
}
}
if (empty($exists) and Q_Config::get('Users', 'login', 'noRegister', false)) {
$nicetype = $type === 'email' ? 'email address' : 'mobile number';
throw new Q_Exception("This {$nicetype} was not registered", array('identifier'));
}
$result = array("entry" => array(array("thumbnailUrl" => $icon)));
if ($type === 'email') {
$result['emailExists'] = !empty($exists);
} else {
$result['mobileExists'] = !empty($exists);
}
if ($terms_label = Users::termsLabel('register')) {
$result['termsLabel'] = $terms_label;
}
return $result;
}
function Users_activate_objects_mobile($mobileNumber, &$mobile)
{
Q_Response::removeNotice('Users/activate/objects');
$mobile = new Users_Mobile();
if (!Q_Valid::phone($mobileNumber, $normalized)) {
return;
}
$mobile->number = $normalized;
if (!$mobile->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'mobile phone', 'criteria' => "number {$normalized}"));
}
$user = Users::loggedInUser();
if ($user) {
if ($user->id != $mobile->userId) {
throw new Q_Exception("You are logged in as a different user. Please log out and click the link again.");
}
} else {
$user = new Users_User();
$user->id = $mobile->userId;
if (!$user->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'user', 'criteria' => 'id = ' . $user->id));
}
}
if ($mobile->activationCode != $_REQUEST['code']) {
throw new Q_Exception("The activation code does not match. Did you get a newer message?", 'code');
}
$timestamp = Users_Mobile::db()->getCurrentTimestamp();
if ($timestamp > Users_Mobile::db()->fromDateTime($mobile->activationCodeExpires)) {
throw new Q_Exception("Activation code expired");
}
if (Q_Request::method() !== 'POST' and empty($_REQUEST['p']) and isset($user->mobileNumber) and $user->mobileNumber == $mobile->number) {
$displayName = Streams::displayName($user);
Q_Response::setNotice('Users/activate/objects', "{$normalized} has already been activated for {$displayName}", true);
return $user;
}
return $user;
}
/**
* Subscription tool
* @param array $options
* "publisherId" => the id of the user who is publishing the stream
* "streamName" => the name of the stream for which to edit access levels
*/
function Streams_subscription_tool($options)
{
$subscribed = 'no';
extract($options);
$user = Users::loggedInUser(true);
if (!isset($publisherId)) {
$publisherId = Streams::requestedPublisherId(true);
}
if (!isset($streamName)) {
$streamName = Streams::requestedName();
}
$stream = Streams::fetchOne($user->id, $publisherId, $streamName);
if (!$stream) {
throw new Q_Exception_MissingRow(array('table' => 'stream', 'criteria' => compact('publisherId', 'streamName')));
}
$streams_participant = new Streams_Participant();
$streams_participant->publisherId = $publisherId;
$streams_participant->streamName = $streamName;
$streams_participant->userId = $user->id;
if ($streams_participant->retrieve()) {
$subscribed = $streams_participant->subscribed;
}
$types = Q_Config::get('Streams', 'types', $stream->type, 'messages', array());
$messageTypes = array();
foreach ($types as $type => $msg) {
$name = Q::ifset($msg, 'title', $type);
/*
* group by name
*/
foreach ($messageTypes as $msgType) {
if ($msgType['name'] == $name) {
continue 2;
}
}
$messageTypes[] = array('value' => $type, 'name' => $name);
}
$usersFetch = array('userId' => $user->id, 'state' => 'active');
$devices = array();
$emails = Users_Email::select('address')->where($usersFetch)->fetchAll(PDO::FETCH_COLUMN);
$mobiles = Users_Mobile::select('number')->where($usersFetch)->fetchAll(PDO::FETCH_COLUMN);
foreach ($emails as $email) {
$devices[] = array('value' => Q::json_encode(array('email' => $email)), 'name' => 'my email');
}
foreach ($mobiles as $mobile) {
$devices[] = array('value' => Q::json_encode(array('mobile' => $mobile)), 'name' => 'my mobile');
}
$items = array();
$rules = Streams_Rule::select('deliver, filter')->where(array('ofUserId' => $user->id, 'publisherId' => $publisherId, 'streamName' => $streamName))->fetchAll(PDO::FETCH_ASSOC);
while ($rule = array_pop($rules)) {
$filter = json_decode($rule['filter']);
/*
* group by name
*/
foreach ($rules as $val) {
if (json_decode($val['filter'])->labels == $filter->labels) {
continue 2;
}
}
$items[] = array('deliver' => json_decode($rule['deliver']), 'filter' => $filter);
}
Q_Response::addScript("plugins/Streams/js/Streams.js");
Q_Response::addScript("plugins/Streams/js/tools/subscription.js");
Q_Response::setToolOptions(compact('items', 'subscribed', 'messageTypes', 'devices', 'publisherId', 'streamName'));
}
/**
* @method setMobileNumber
* @param {string} $mobileNumber
* @param {boolean} [$verified=false]
* @throws {Q_Exception_MissingRow}
* If mobile number is missing
* @throws {Users_Exception_AlreadyVerified}
* If user was already verified
* @throws {Users_Exception_WrongState}
* If verification state is wrong
*/
function setMobileNumber($mobileNumber, $verified = false)
{
Q_Valid::phone($mobileNumber, $normalized);
$mobile = new Users_Mobile();
$mobile->number = $normalized;
$retrieved = $mobile->retrieve('*', array('ignoreCache' => true));
if (empty($mobile->activationCode)) {
$mobile->activationCode = '';
$mobile->activationCodeExpires = '0000-00-00 00:00:00';
}
$mobile->authCode = md5(microtime() + mt_rand());
if ($verified) {
$mobile->userId = $this->id;
} else {
if (!$retrieved) {
throw new Q_Exception_MissingRow(array('table' => "a mobile phone", 'criteria' => "number {$normalized}"), 'mobileNumber');
}
if ($mobile->userId != $this->id) {
// We're going to tell them it's verified for someone else,
// even though it may not have been verified yet.
// In the future, might throw a more accurate exception.
throw new Users_Exception_AlreadyVerified(array('key' => 'mobile number', 'userId' => $mobile->userId));
}
if (!in_array($mobile->state, array('unverified', 'active'))) {
throw new Users_Exception_WrongState(array('key' => $mobile->number, 'state' => $mobile->state), 'mobileNumber');
}
}
// Everything is okay. Assign it!
$mobile->state = 'active';
$mobile->save();
$ui = new Users_Identify();
$ui->identifier = "mobile_hashed:" . Q_Utils::hash($normalized);
$ui->state = 'verified';
$ui->userId = $this->id;
$ui->save(true);
$this->mobileNumberPending = '';
$this->mobileNumber = $normalized;
$this->save();
$user = $this;
/**
* @event Users/setMobileNumber {after}
* @param {string} user
* @param {string} mobile
*/
Q::event('Users/setMobileNumber', compact('user', 'mobile'), 'after');
return true;
}
function setMobileNumber($mobile_number)
{
// TODO: implement Users_Mobile::sendMessage
$m = new Users_Mobile();
$m->number = $mobile_number;
if (!$m->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => "a mobile phone", 'criteria' => "number {$mobile_number}"), 'mobile_number');
}
if ($m->user_id != $this->id) {
// We're going to tell them it's verified for someone else,
// even though it may not have been verified yet.
// In the future, might throw a more accurate exception.
throw new Users_Exception_AlreadyVerified(array('key' => $m->number, 'user_id' => $m->user_id));
}
if ($m->state != 'unverified') {
throw new Users_Exception_WrongState(array('key' => $m->number, 'state' => $m->state), 'mobile_number');
}
// Everything is okay. Assign it!
$this->mobile_number = $mobile_number;
$m->state = 'active';
$m->save();
Pie::event('users/setMobileNumber', compact('mobile_number'), 'after');
return true;
}
function Assets_after_Assets_charge($params)
{
$user = $payments = $amount = $currency = $charge = $adapter = $options = null;
extract($params, EXTR_OVERWRITE);
$description = 'a product or service';
$stream = Q::ifset($options, 'stream', null);
if ($stream) {
$publisherId = $stream->publisherId;
$publisher = Users_User::fetch($publisherId, true);
if ($stream->type === 'Assets/subscription') {
$plan = Streams::fetchOne($stream->getAttribute('planPublisherId'), $stream->getAttribute('planPublisherId'), $stream->getAttribute('planStreamName'), true);
$months = $stream->getAttribute('months');
$startDate = $stream->getAttribute('startDate');
$endDate = $stream->getAttribute('endDate');
}
$description = $stream->title;
} else {
$publisherId = Users::communityId();
$publisher = Users_User::fetch($publisherId, true);
}
if (isset($options['description'])) {
$description = $options['description'];
}
$currencies = Q::json_decode(file_get_contents(ASSETS_PLUGIN_CONFIG_DIR . DS . 'currencies.json'), true);
if (!isset($currencies['symbols'][$currency])) {
throw new Q_Exception_BadValue(array('internal' => 'currency', 'problem' => 'no symbol found'), 'currency');
}
if (!isset($currencies['names'][$currency])) {
throw new Q_Exception_BadValue(array('internal' => 'currency', 'problem' => 'no name found'), 'currency');
}
$symbol = $currencies['symbols'][$currency];
$currencyName = $currencies['names'][$currency];
$communityId = Users::communityId();
$communityName = Users::communityName();
$communitySuffix = Users::communitySuffix();
$link = Q_Request::baseUrl('action.php') . "/Assets/payment?publisherId={$publisherId}&userId=" . $user->id;
$fields = compact('user', 'publisher', 'publisherId', 'communityId', 'communityName', 'communitySuffix', 'description', 'subscription', 'stream', 'plan', 'currency', 'name', 'symbol', 'currencyName', 'amount', 'months', 'startDate', 'endDate', 'link');
if ($user->emailAddress) {
$email = new Users_Email();
$email->address = $user->emailAddress;
$email->retrieve(true);
$emailSubject = Q_Config::get('Assets', 'transactional', 'charged', 'subject', false);
$emailView = Q_Config::get('Assets', 'transactional', 'charged', 'body', false);
if ($emailSubject !== false and $emailView) {
$email->sendMessage($emailSubject, $emailView, $fields);
}
} else {
if ($user->mobileNumber) {
$mobile = new Users_Mobile();
$mobile->number = $user->mobileNumber;
$mobile->retrieve(true);
if ($mobileView = Q_Config::get('Assets', 'transactional', 'charged', 'sms', false)) {
$mobile->sendMessage($mobileView, $fields);
}
}
}
if ($publisher->emailAddress) {
$email = new Users_Email();
$email->address = $publisher->emailAddress;
$email->retrieve(true);
$emailSubject = Q_Config::get('Assets', 'transactional', 'charge', 'subject', false);
$emailView = Q_Config::get('Assets', 'transactional', 'charge', 'body', false);
if ($emailSubject !== false and $emailView) {
$email->sendMessage($emailSubject, $emailView, $fields);
}
} else {
if ($publisher->mobileNumber) {
$mobile = new Users_Mobile();
$mobile->number = $publisher->mobileNumber;
$mobile->retrieve(true);
if ($mobileView = Q_Config::get('Assets', 'transactional', 'charge', 'sms', false)) {
$mobile->sendMessage($mobileView, $fields);
}
}
}
}