/** * Updating user * * @param sfWebRequest $request * @return string - json * @author Sergey Startsev */ public function executeUpdate(sfWebRequest $request) { $response = afResponseHelper::create(); $sUsername = $request->getParameter('username'); $aUser = json_decode($request->getParameter('user'), true); // Will be passed if user - admin or he trying update his own profile if (!afStudioUser::getInstance()->isAdmin() && afStudioUser::getInstance()->getUsername() != $sUsername) { $this->forward404("You have no rights to execute this action"); } // Retrieve user via username $user = afStudioUser::retrieve($sUsername); $errors = array(); if (!$user) { return $this->renderJson($response->success(false)->message("This user doesn't exists")->asArray()); } $aUserCheck = afStudioUser::retrieveByEmail($aUser['email']); if ($aUserCheck && $aUserCheck['username'] != $aUser['username']) { $aErrors['email'] = "User with this `email` already exists"; } $aUpdate = array(afStudioUser::FIRST_NAME => $aUser['first_name'], afStudioUser::LAST_NAME => $aUser['last_name'], afStudioUser::EMAIL => $aUser['email']); if (isset($aUser['role'])) { $aUpdate[afStudioUser::ROLE] = $aUser['role']; } if (!empty($aUser['password'])) { $aUpdate[afStudioUser::PASSWORD] = $aUser['password']; } // Validate user data $validate = afStudioUser::validate($aUpdate); if (is_bool($validate) && $validate === true && empty($aErrors)) { // if password has been setted encoding using rule if (!empty($aUser['password'])) { $aUpdate[afStudioUser::PASSWORD] = afStudioUser::passwordRule($aUser['password']); } // Update processing afStudioUser::update($sUsername, $aUpdate); afsNotificationPeer::log('User has been successfully updated', 'afStudioUser'); // if changes applied for current user if (afStudioUser::getInstance()->getUsername() == $sUsername) { if (!empty($aUser['password'])) { afStudioUser::set($sUsername, $aUser['password'], false); } // update role of current user - with redirect processing if (afStudioUser::getInstance()->getRole() != $aUser['role']) { return $this->renderJson($response->redirect('afsAuthorize/signout')->asArray()); } } $response->success(true)->message('User has been successfully updated'); } else { if (is_array($validate)) { $aErrors = afsUserManagerHelper::mergeErrors($aErrors, $validate); } $aErrors = afsUserManagerHelper::prepareErrors($aErrors); $response->success(false)->message($aErrors); } return $this->renderJson($response->asArray()); }
/** * Password request controller */ public function executePasswordRequest(sfWebRequest $request) { if ($request->getMethod() != sfRequest::POST) { // display the form return sfView::SUCCESS; } $email = $request->getParameter('email'); // Retrieve user via email $user = afStudioUser::getInstance()->retrieveByEmail($email); if ($user) { // set new random password $password = substr(md5(rand(100000, 999999)), 0, 6); // updating password afStudioUser::update($user['username'], array(afStudioUser::PASSWORD => afStudioUser::passwordRule($password))); // getting current domain $domain = ''; if (sfConfig::get('app_domain')) { $domain = sfConfig::get('app_domain'); } else { $domain = sfContext::getInstance()->getRequest()->getHost(); } // parameters for partial -> recovering mail $aParameters = array('user' => $user, 'password' => $password); sfProjectConfiguration::getActive()->loadHelpers(array("Url", "Tag")); $message = Swift_Message::newInstance()->setFrom("no-reply@{$domain}", 'Studio')->setTo($user['email'])->setSubject('Studio password recovery')->setBody($this->getPartial('recovery', $aParameters))->setContentType('text/html'); // Sending mail if ($this->getMailer()->send($message) > 0) { $result = array('success' => true, 'message' => 'Your login information was sent to ' . $email . '. <br>You should receive it shortly, so you can proceed to the ' . link_to('login page', 'afsAuthorize/index') . '.'); } else { $result = array('success' => false, 'message' => 'There is no user with this email address. Please try again!'); } } else { $result = array('success' => false, 'message' => 'There is no user with this email address. Please try again!'); } return $this->renderJson($result); }