public function postEditAccount(array $params) { $this->cmsController->abortIfUserHasNotRights('MOD_USERS_EDIT_USER'); $userID = isset($params[0]) ? $params[0] : null; if (($userData = $this->loginModel->getLoginByID($userID)) === null) { $userData = new Login(); } $this->prepareEditAccountForm($userData); if (!$this->form->isSent() || !$this->form->validate()) { return $this->getEditAccount($params); } try { $userData->setUsername($this->form->getField('name')->getValue()); $userData->setEmail($this->form->getField('email')->getValue()); $userData->setActive($this->form->getField('active')->getValue() == 1); if (isset($params[0]) === false) { $userData->setSalt($this->cmsController->getAuth()->generateSalt()); $userData->setRegisteredBy($this->cmsController->getAuth()->getUserID()); $userID = $this->loginModel->storeLogin($userData); $securityToken = $this->cmsController->getAuth()->generateToken($userID); // Send mail $mailer = MailFactory::getMailer(); $loginControllerSettings = $this->cmsController->getCore()->getSettings()->logincontroller; // Create a message $message = \Swift_Message::newInstance('Your new metanet.ch account'); $message->setFrom(array($loginControllerSettings->sender_email => $loginControllerSettings->sender_name)); $message->setTo(array($userData->getEmail())); $message->setBody(sprintf($this->translator->_d('backend', "Hi,\n\nYou've gotten a new account to scatter stuff at this website in all directions.\n\nTo log you in you have to choose a strong password for your new account.\n\nPlease visit this link for that: %s"), "https://" . $this->cmsController->getHttpRequest()->getHost() . '/backend/restore-pw/' . $securityToken . $userID)); // Send the message $result = $mailer->send($message); if (!$result) { $this->setMessageForNextPage(new CmsBackendMessage($this->translator->_d('backend', 'The link to reset your password could not been sent to you. Sorry!'), CmsBackendMessage::MSG_TYPE_ERROR)); return $this->getEditAccount($params); } $this->setMessageForNextPage(new CmsBackendMessage($this->translator->_d('backend', 'The user has been created successfully'), CmsBackendMessage::MSG_TYPE_SUCCESS)); } else { $this->loginModel->storeLogin($userData); $this->setMessageForNextPage(new CmsBackendMessage($this->translator->_d('backend', 'The user information has been updated successfully'), CmsBackendMessage::MSG_TYPE_SUCCESS)); } } catch (\Exception $e) { $this->setMessageForNextPage(new CmsBackendMessage($this->translator->_d('backend', 'Could not save user to database. Reason: ' . $e->getMessage()), CmsBackendMessage::MSG_TYPE_ERROR)); return $this->getEditAccount($params); } RequestHandler::redirect($this->getBaseURI()); }
/** * Process the password restore request and shows the "Restore password" site afterwards * @return HttpResponse */ public function processRestorePw() { $this->formHelper = new FormHelper(FormHelper::METHOD_POST); $this->formHelper->addField('email', null, FormHelper::TYPE_EMAIL, true, array('missingError' => 'Please fill in your login e-mail address', 'invalidError' => 'Please fill in your correct login e-mail address')); if (!$this->formHelper->sent()) { return $this->getRestorePwSite(); } if (!$this->formHelper->validate() || $this->formHelper->hasErrors()) { return $this->getRestorePwSite(); } /* do something funky here */ $emailAddress = $this->formHelper->getFieldValue('email'); if (($userID = $this->auth->accountExists($emailAddress)) === false) { $this->formHelper->addError('email', 'The e-mail address you\'ve entered is not registered!'); return $this->getRestorePwSite(); } $token = $this->auth->generateToken($userID); $mailer = MailFactory::getMailer(); // Create a message $message = \Swift_Message::newInstance('Password restore link'); $message->setFrom(array($this->core->getSettings()->logincontroller->sender_email => $this->core->getSettings()->logincontroller->sender_name)); $message->setTo(array($emailAddress)); $message->setBody("To choose a new password please visit this link: https://" . $this->httpRequest->getHost() . '/backend/restore-pw/' . $token . $userID); // Send the message $result = $mailer->send($message); if (!$result) { $this->formHelper->addError(null, 'The link to reset your password could not been sent to you. Sorry!'); } return $this->getRestorePwSite('<div class="msg-success">Check your mailbox. An email has been sent to <b>' . $emailAddress . '</b> with a link to set a new password for your account.</div>'); }
public function processEditUser() { $this->abortIfUserHasNotRights('BACKEND_USERS_EDIT'); $rightgroupModel = new RightGroupModel($this->db); $rightgroups = array(); foreach ($rightgroupModel->getRightGroups() as $rg) { $rightgroups[$rg->ID] = $rg->groupname; } $this->formHelper = new FormHelper(FormHelper::METHOD_POST); $this->formHelper->addField('name', null, FormHelper::TYPE_STRING, true, array('missingError' => 'Please insert an username')); $this->formHelper->addField('email', null, FormHelper::TYPE_EMAIL, true, array('missingError' => 'Please insert an e-mail address', 'invalidError' => 'Please insert a valid e-mail address')); $this->formHelper->addField('active', null, FormHelper::TYPE_CHECKBOX, false); $this->formHelper->addField('rightgroups', null, FormHelper::TYPE_MULTIOPTIONS, true, array('missingError' => 'Please choose at least one rightgroup', 'options' => $rightgroups)); if (!$this->formHelper->sent() || !$this->formHelper->validate()) { return $this->getEditUser(); } try { if ($this->route->getParam(0) === null) { // Create $login = new \stdClass(); $login->username = $this->formHelper->getFieldValue('name'); $login->email = $this->formHelper->getFieldValue('email'); $login->active = $this->formHelper->getFieldValue('active'); $login->token = uniqid(); $login->registeredBy = $this->auth->getUserID(); $userID = $this->auth->signUp($login); // Send mail $mailer = MailFactory::getMailer(); // Create a message $message = \Swift_Message::newInstance('Your new metanet.ch account'); $message->setFrom(array($this->core->getSettings()->logincontroller->sender_email => $this->core->getSettings()->logincontroller->sender_name)); $message->setTo(array($this->formHelper->getFieldValue('email'))); $message->setBody("Hi,\n\nYou've gotten a new account to scatter stuff at this website in all directions.\n\nTo log you in you have to choose a strong password for your new account.\n\nPlease visit this link for that: https://" . $this->httpRequest->getHost() . '/backend/restore-pw/' . $login->token . $userID); // Send the message $result = $mailer->send($message); if (!$result) { $this->formHelper->addError(null, 'The link to reset your password could not been sent to you. Sorry!'); return $this->getEditUser(); } } else { $userID = $this->route->getParam(0); $stmntLogin = $this->db->prepare("\n\t\t\t\t\tUPDATE login SET name = ?, email = ?, active = ? WHERE ID = ?\n\t\t\t\t"); $this->db->update($stmntLogin, array($this->formHelper->getFieldValue('name'), $this->formHelper->getFieldValue('email'), $this->formHelper->getFieldValue('active'), $userID)); } $removeRights = $this->db->prepare("DELETE FROM login_has_rightgroup WHERE loginIDFK = ?"); $this->db->delete($removeRights, array($userID)); $stmntInsertRight = $this->db->prepare("\n\t\t\t\tINSERT INTO login_has_rightgroup\n\t\t\t\tSET loginIDFK = ?, rightgroupIDFK = ?, datefrom = NOW()\n\t\t\t"); foreach ($this->formHelper->getFieldValue('rightgroups') as $r) { $this->db->insert($stmntInsertRight, array($userID, $r)); } } catch (\Exception $e) { $this->formHelper->addError(null, 'Could not save user to database. Reason: ' . $e->getMessage()); return $this->getEditUser(); } RequestHandler::redirect('/backend/users'); }