/**
* Validates input from user registration form
*
* @param eZHTTPTool $http
*
* @return array
*/
public static function validateUserInput($http)
{
if ($http->hasPostVariable('data_user_login') && $http->hasPostVariable('data_user_email') && $http->hasPostVariable('data_user_password') && $http->hasPostVariable('data_user_password_confirm')) {
$loginName = $http->postVariable('data_user_login');
$email = $http->postVariable('data_user_email');
$password = $http->postVariable('data_user_password');
$passwordConfirm = $http->postVariable('data_user_password_confirm');
if (trim($loginName) == '') {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.'));
} else {
$existUser = eZUser::fetchByName($loginName);
if ($existUser != null) {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.'));
}
// validate user email
$isValidate = eZMail::validate($email);
if (!$isValidate) {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.'));
}
$authenticationMatch = eZUser::authenticationMatch();
if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) {
if (eZUser::requireUniqueEmail()) {
$userByEmail = eZUser::fetchByEmail($email);
if ($userByEmail != null) {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.'));
}
}
}
// validate user name
if (!eZUser::validateLoginName($loginName, $errorText)) {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', $errorText));
}
// validate user password
$ini = eZINI::instance();
$generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true';
if (!$generatePasswordIfEmpty || $password != "") {
if ($password == "") {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType'));
}
if ($password != $passwordConfirm) {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType'));
}
if (!eZUser::validatePassword($password)) {
$minPasswordLength = $ini->hasVariable('UserSettings', 'MinPasswordLength') ? $ini->variable('UserSettings', 'MinPasswordLength') : 3;
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength)));
}
if (strtolower($password) == 'password') {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".'));
}
}
}
} else {
return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'Input required.'));
}
return array('status' => 'success');
}
/**
* Populates the user_account datatype with the correct values
* based upon the string passed in $string.
*
* The string that must be passed looks like the following :
* login|email|password_hash|hash_identifier|is_enabled
*
* Example:
* <code>
* foo|foo@ez.no|1234|md5_password|0
* </code>
*
* @param object $contentObjectAttribute A contentobject attribute of type user_account.
* @param string $string The string as described in the example.
* @return object The newly created eZUser object
*/
function fromString($contentObjectAttribute, $string)
{
if ($string == '') {
return true;
}
$userData = explode('|', $string);
if (count($userData) < 2) {
return false;
}
$login = $userData[0];
$email = $userData[1];
$userByUsername = eZUser::fetchByName($login);
if ($userByUsername && $userByUsername->attribute('contentobject_id') != $contentObjectAttribute->attribute('contentobject_id')) {
return false;
}
if (eZUser::requireUniqueEmail()) {
$userByEmail = eZUser::fetchByEmail($email);
if ($userByEmail && $userByEmail->attribute('contentobject_id') != $contentObjectAttribute->attribute('contentobject_id')) {
return false;
}
}
$user = eZUser::create($contentObjectAttribute->attribute('contentobject_id'));
$user->setAttribute('login', $login);
$user->setAttribute('email', $email);
if (isset($userData[2])) {
$user->setAttribute('password_hash', $userData[2]);
}
if (isset($userData[3])) {
$user->setAttribute('password_hash_type', eZUser::passwordHashTypeID($userData[3]));
}
if (isset($userData[4])) {
$userSetting = eZUserSetting::fetch($contentObjectAttribute->attribute('contentobject_id'));
$userSetting->setAttribute("is_enabled", (int) (bool) $userData[4]);
$userSetting->store();
}
$user->store();
return $user;
}
function validateObjectAttributeHTTPInput($http, $base, $contentObjectAttribute)
{
if ($http->hasPostVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id"))) {
$classAttribute = $contentObjectAttribute->contentClassAttribute();
$loginName = $http->postVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id"));
$email = $http->postVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id"));
$password = $http->postVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id"));
$passwordConfirm = $http->postVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id"));
if (trim($loginName) == '') {
if ($contentObjectAttribute->validateIsRequired() || trim($email) != '') {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.'));
return eZInputValidator::STATE_INVALID;
}
} else {
$existUser = eZUser::fetchByName($loginName);
if ($existUser != null) {
$userID = $existUser->attribute('contentobject_id');
if ($userID != $contentObjectAttribute->attribute("contentobject_id")) {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.'));
return eZInputValidator::STATE_INVALID;
}
}
// validate user email
$isValidate = eZMail::validate($email);
if (!$isValidate) {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.'));
return eZInputValidator::STATE_INVALID;
}
$authenticationMatch = eZUser::authenticationMatch();
if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) {
if (eZUser::requireUniqueEmail()) {
$userByEmail = eZUser::fetchByEmail($email);
if ($userByEmail != null) {
$userID = $userByEmail->attribute('contentobject_id');
if ($userID != $contentObjectAttribute->attribute("contentobject_id")) {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.'));
return eZInputValidator::STATE_INVALID;
}
}
}
}
// validate user name
if (!eZUser::validateLoginName($loginName, $errorText)) {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', $errorText));
return eZInputValidator::STATE_INVALID;
}
// validate user password
$ini = eZINI::instance();
$generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true';
if (!$generatePasswordIfEmpty || $password != "") {
if ($password == "") {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType'));
return eZInputValidator::STATE_INVALID;
}
if ($password != $passwordConfirm) {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType'));
return eZInputValidator::STATE_INVALID;
}
if (!eZUser::validatePassword($password)) {
$minPasswordLength = $ini->hasVariable('UserSettings', 'MinPasswordLength') ? $ini->variable('UserSettings', 'MinPasswordLength') : 3;
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength)));
return eZInputValidator::STATE_INVALID;
}
if (strtolower($password) == 'password') {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".'));
return eZInputValidator::STATE_INVALID;
}
}
}
} else {
if ($contentObjectAttribute->validateIsRequired()) {
$contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'Input required.'));
return eZInputValidator::STATE_INVALID;
}
}
return eZInputValidator::STATE_ACCEPTED;
}
/** @var array $Params */
/** @var eZModule $module */
$module = $Params['Module'];
$http = eZHTTPTool::instance();
$siteINI = eZINI::instance();
$ngConnectINI = eZINI::instance('ngconnect.ini');
$regularRegistration = trim($ngConnectINI->variable('ngconnect', 'RegularRegistration')) == 'enabled';
$forcedRedirect = $http->hasSessionVariable('NGConnectForceRedirect');
if ($http->hasSessionVariable('NGConnectAuthResult') && ($regularRegistration || $forcedRedirect)) {
$authResult = $http->sessionVariable('NGConnectAuthResult');
if ($http->hasPostVariable('SkipButton') && !$forcedRedirect && $ngConnectINI->variable('ProfileGenerationSettings', 'Skip') == 'enabled') {
// user wants to skip connecting accounts
// again, who are we to say no? so just create the user and bail out
// however, we need to force email uniqueness, if set so by the system
$userExists = false;
if (eZUser::requireUniqueEmail()) {
$userExists = eZUser::fetchByEmail($authResult['email']) instanceof eZUser;
}
if (!$userExists) {
$user = ngConnectFunctions::createUser($authResult);
if ($user instanceof eZUser && $user->canLoginToSiteAccess($GLOBALS['eZCurrentAccess'])) {
$user->loginCurrent();
} else {
eZUser::logoutCurrent();
}
redirect($http, $module);
} else {
$validationError = ezpI18n::tr('extension/ngconnect/ngconnect/profile', 'User with an email address supplied by your social network already exists. Try logging in instead.');
}
} else {
if ($http->hasPostVariable('LoginButton') && ($ngConnectINI->variable('ProfileGenerationSettings', 'LoginUser') == 'enabled' || $forcedRedirect)) {
}
} else {
// no previously connected accounts, try to find existing social network account
$user = eZUser::fetchByName('ngconnect_' . $result['login_method'] . '_' . $result['id']);
if ($user instanceof eZUser) {
if ($user->isEnabled() && $user->canLoginToSiteAccess($GLOBALS['eZCurrentAccess'])) {
ngConnectFunctions::updateUser($user, $result);
$user->loginCurrent();
} else {
eZUser::logoutCurrent();
}
} else {
// we didn't find any social network accounts, create new account
// redirect to ngconnect/profile if enabled
$forceRedirect = false;
if (eZUser::requireUniqueEmail() && eZUser::fetchByEmail($result['email']) instanceof eZUser && trim($ngConnectINI->variable('ngconnect', 'DuplicateEmailForceRedirect')) == 'enabled') {
$forceRedirect = true;
}
if ($regularRegistration || $forceRedirect) {
if (!$regularRegistration && $forceRedirect) {
$http->setSessionVariable('NGConnectForceRedirect', 'true');
}
$http->setSessionVariable('NGConnectAuthResult', $result);
if ($loginWindowType == 'page') {
return $module->redirectToView('profile');
} else {
$http->setSessionVariable('NGConnectRedirectToProfile', 'true');
}
} else {
$user = ngConnectFunctions::createUser($result);
if ($user instanceof eZUser && $user->canLoginToSiteAccess($GLOBALS['eZCurrentAccess'])) {
/**
* Updates user with provided auth data
*
* @param eZUser $user
* @param array $authResult
*
* @return bool
*/
public static function updateUser($user, $authResult)
{
$currentTimeStamp = eZDateTime::currentTimeStamp();
$contentObject = $user->contentObject();
if (!$contentObject instanceof eZContentObject) {
return false;
}
/** @var eZContentObjectVersion $version */
$version = $contentObject->currentVersion();
$db = eZDB::instance();
$db->begin();
$version->setAttribute('modified', $currentTimeStamp);
$version->store();
self::fillUserObject($version->dataMap(), $authResult);
if ($authResult['email'] != $user->Email) {
$userExists = false;
if (eZUser::requireUniqueEmail()) {
$userExists = eZUser::fetchByEmail($authResult['email']) instanceof eZUser;
}
if (empty($authResult['email']) || $userExists) {
$email = md5('ngconnect_' . $authResult['login_method'] . '_' . $authResult['id']) . '@localhost.local';
} else {
$email = $authResult['email'];
}
$user->setAttribute('email', $email);
$user->store();
}
$contentObject->setName($contentObject->contentClass()->contentObjectName($contentObject));
$contentObject->store();
$db->commit();
return $user;
}
