/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
$passwordHasher = new PasswordHash(8, false);
if (Schema::hasTable('user')) {
DB::table('user')->delete();
}
DB::table('user')->insert(array('username' => 'test', 'password' => $passwordHasher->HashPassword('test'), 'rights' => 0));
DB::table('user')->insert(array('username' => 'admin', 'password' => $passwordHasher->HashPassword('admin'), 'rights' => 100));
DB::table('user')->insert(array('username' => 'test2', 'password' => $passwordHasher->HashPassword('test2'), 'rights' => 0));
}
/**
* Run the database seeds.
*
* @return void
*/
public function run()
{
if (Schema::hasTable('cluster')) {
DB::table('cluster')->delete();
}
$passwordHasher = new PasswordHash(8, false);
if (Schema::hasTable('cluster')) {
DB::table('cluster')->delete();
}
$test_user = DB::table('user')->where('username', '=', 'test')->first();
DB::table('cluster')->insert(array('clustername' => 'test', 'password' => $passwordHasher->HashPassword('test'), 'user_id' => $test_user->id));
$admin_user = DB::table('user')->where('username', '=', 'admin')->first();
DB::table('cluster')->insert(array('clustername' => 'admin', 'password' => $passwordHasher->HashPassword('admin'), 'user_id' => $admin_user->id));
}
public function testCheckPassword()
{
$hasher = new PasswordHash(8, false);
$password = $hasher->HashPassword('test');
$person = new Person(['password' => $password]);
$this->assertTrue($person->checkPassword('test'));
$this->assertFalse($person->checkPassword('test2'));
}
public function testWeakHashes()
{
$hasher = new PasswordHash(8, true);
$correct = 'test12345';
$hash = $hasher->HashPassword($correct);
$wrong = 'test12346';
$this->assertTrue($hasher->CheckPassword($correct, $hash));
$this->assertFalse($hasher->CheckPassword($wrong, $hash));
}
/**
* Hash user passwords on save.
*
* Hashstrength has a default of '10', don't allow less than '8'.
*
* @param Entity\Users $usersEntity
*/
protected function passwordHash(Entity\Users $usersEntity)
{
if ($usersEntity->getShadowSave()) {
return;
} elseif ($usersEntity->getPassword() && $usersEntity->getPassword() !== '**dontchange**') {
$hasher = new PasswordHash($this->hashStrength, true);
$usersEntity->setPassword($hasher->HashPassword($usersEntity->getPassword()));
} else {
unset($usersEntity->password);
}
}
/**
* @param array $data
* @return UserInfo|false|null
*/
public function create($data)
{
$uae = new AddUser($data);
$uae = \Events::dispatch('on_before_user_add', $uae);
if (!$uae->proceed()) {
return false;
}
$db = $this->connection;
$dh = $this->application->make('date');
$uDateAdded = $dh->getOverridableNow();
$config = $this->application->make('config');
$hasher = new PasswordHash($config->get('concrete.user.password.hash_cost_log2'), $config->get('concrete.user.password.hash_portable'));
if (isset($data['uIsValidated']) && $data['uIsValidated'] == 1) {
$uIsValidated = 1;
} elseif (isset($data['uIsValidated']) && $data['uIsValidated'] == 0) {
$uIsValidated = 0;
} else {
$uIsValidated = -1;
}
if (isset($data['uIsFullRecord']) && $data['uIsFullRecord'] == 0) {
$uIsFullRecord = 0;
} else {
$uIsFullRecord = 1;
}
$password_to_insert = isset($data['uPassword']) ? $data['uPassword'] : null;
$hash = $hasher->HashPassword($password_to_insert);
$uDefaultLanguage = null;
if (isset($data['uDefaultLanguage']) && $data['uDefaultLanguage'] != '') {
$uDefaultLanguage = $data['uDefaultLanguage'];
}
$v = array($data['uName'], $data['uEmail'], $hash, $uIsValidated, $uDateAdded, $uDateAdded, $uIsFullRecord, $uDefaultLanguage, 1);
$r = $db->prepare("insert into Users (uName, uEmail, uPassword, uIsValidated, uDateAdded, uLastPasswordChange, uIsFullRecord, uDefaultLanguage, uIsActive) values (?, ?, ?, ?, ?, ?, ?, ?, ?)");
$res = $r->execute($v);
if ($res) {
$newUID = $db->Insert_ID();
$ui = $this->userInfoFactory->getByID($newUID);
if (is_object($ui)) {
$uo = $ui->getUserObject();
$groupControllers = \Group::getAutomatedOnRegisterGroupControllers($uo);
foreach ($groupControllers as $ga) {
if ($ga->check($uo)) {
$uo->enterGroup($ga->getGroupObject());
}
}
// run any internal event we have for user add
$ue = new UserInfoWithPassword($ui);
$ue->setUserPassword($password_to_insert);
\Events::dispatch('on_user_add', $ue);
}
return $ui;
}
}
/**
* @see \Symfony\Component\Console\Command\Command::execute()
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$resourceOwnerId = $input->getOption('login');
$password = $input->getOption('password');
$hasher = new PasswordHash(12, true);
$passwordHash = $hasher->HashPassword($password);
if ($this->app['clientlogin.records']->setAccountPassword($resourceOwnerId, $passwordHash)) {
$this->auditLog(__CLASS__, 'ClientLogin admin command set password for account: ' . $resourceOwnerId);
$output->writeln("\n<info>Set password for account: {$resourceOwnerId}</info>");
} else {
$output->writeln("\n<error>Unable to set password for account: {$resourceOwnerId}</error>");
}
}
/**
* @see \Symfony\Component\Console\Command\Command::execute()
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$resourceOwnerId = $input->getOption('login');
$password = $input->getOption('password');
$emailAddress = $input->getOption('email');
$hasher = new PasswordHash(12, true);
$passwordHash = $hasher->HashPassword($password);
try {
$this->app['clientlogin.records']->insertAccount(null, $resourceOwnerId, $passwordHash, $emailAddress);
$this->auditLog(__CLASS__, 'ClientLogin admin command created account: ' . $resourceOwnerId);
$output->writeln("\n<info>Created account: {$resourceOwnerId}</info>");
} catch (UniqueConstraintViolationException $e) {
$output->writeln("\n<error>Account already exists!</error>");
}
}
/**
* Execute the console command
*
* @return void
*/
public function fire()
{
$hasher = new PasswordHash(8, false);
$password = $hasher->HashPassword($this->argument('password'));
$rights = $this->option('admin') != null ? 100 : 0;
// check if the provided user exists
$user = User::where('username', '=', $this->argument('username'))->first();
if (isset($user)) {
// user exists, let's update it
$user->password = $password;
$user->rights = $rights;
$user->save();
$this->info("User '{$user->username}' has been updated.");
} else {
// user do not exists, let's create it
$user = new User();
$user->username = $this->argument('username');
$user->password = $password;
$user->rights = $rights;
$user->save();
$this->info("User '{$user->username}' has been updated.");
}
}
public function hash($password)
{
$hasher = new PasswordHash(8, false);
return $hasher->HashPassword($password);
}
/**
* Sends email with password request. Accepts email or username
*
* @param string $username
*
* @return boolean
*/
public function resetPasswordRequest($username)
{
$user = $this->getUser($username);
$recipients = false;
if (!empty($user)) {
$shadowpassword = $this->app['randomgenerator']->generateString(12);
$shadowtoken = $this->app['randomgenerator']->generateString(32);
$hasher = new PasswordHash($this->hashStrength, true);
$shadowhashed = $hasher->HashPassword($shadowpassword);
$shadowlink = sprintf('%s%sresetpassword?token=%s', $this->app['paths']['hosturl'], $this->app['paths']['bolt'], urlencode($shadowtoken));
// Set the shadow password and related stuff in the database.
$update = array('shadowpassword' => $shadowhashed, 'shadowtoken' => $shadowtoken . '-' . str_replace('.', '-', $this->remoteIP), 'shadowvalidity' => date('Y-m-d H:i:s', strtotime('+2 hours')));
$this->db->update($this->usertable, $update, array('id' => $user['id']));
// Compile the email with the shadow password and reset link.
$mailhtml = $this->app['render']->render('mail/passwordreset.twig', array('user' => $user, 'shadowpassword' => $shadowpassword, 'shadowtoken' => $shadowtoken, 'shadowvalidity' => date('Y-m-d H:i:s', strtotime('+2 hours')), 'shadowlink' => $shadowlink));
$subject = sprintf('[ Bolt / %s ] Password reset.', $this->app['config']->get('general/sitename'));
$message = $this->app['mailer']->createMessage('message')->setSubject($subject)->setFrom(array($this->app['config']->get('general/mailoptions/senderMail', $user['email']) => $this->app['config']->get('general/mailoptions/senderName', $this->app['config']->get('general/sitename'))))->setTo(array($user['email'] => $user['displayname']))->setBody(strip_tags($mailhtml))->addPart($mailhtml, 'text/html');
$recipients = $this->app['mailer']->send($message);
if ($recipients) {
$this->app['logger.system']->info("Password request sent to '" . $user['displayname'] . "'.", array('event' => 'authentication'));
} else {
$this->app['logger.system']->error("Failed to send password request sent to '" . $user['displayname'] . "'.", array('event' => 'authentication'));
$this->session->getFlashBag()->add('error', Trans::__("Failed to send password request. Please check the email settings."));
}
}
// For safety, this is the message we display, regardless of whether $user exists.
if ($recipients === false || $recipients > 0) {
$this->session->getFlashBag()->add('info', Trans::__("A password reset link has been sent to '%user%'.", array('%user%' => $username)));
}
return true;
}
/**
* Sends email with password request. Accepts email or username.
*
* @param string $username
* @param string $remoteIP
*
* @return boolean
*/
public function resetPasswordRequest($username, $remoteIP)
{
$userEntity = $this->app['storage']->getRepository('Bolt\\Storage\\Entity\\Users')->getUser($username);
if (!$userEntity) {
// For safety, this is the message we display, regardless of whether user exists.
$this->app['logger.flash']->info(Trans::__("A password reset link has been sent to '%user%'.", ['%user%' => $username]));
return false;
}
$validity = new \DateTime();
$delay = new \DateInterval('PT2H');
// Generate shadow password and hash
$hasher = new PasswordHash($this->app['access_control.hash.strength'], true);
$shadowPassword = $this->app['randomgenerator']->generateString(12);
$shadowPasswordHash = $hasher->HashPassword($shadowPassword);
// Generate shadow token and hash
$shadowToken = $this->app['randomgenerator']->generateString(32);
$shadowTokenHash = md5($shadowToken . '-' . str_replace('.', '-', $remoteIP));
// Set the shadow password and related stuff in the database.
$userEntity->setShadowpassword($shadowPasswordHash);
$userEntity->setShadowtoken($shadowTokenHash);
$userEntity->setShadowvalidity($validity->add($delay));
$this->app['storage']->getRepository('Bolt\\Storage\\Entity\\Users')->save($userEntity);
$mailoptions = $this->app['config']->get('general/mailoptions');
// PHP 5.4 compatibility
if (empty($mailoptions)) {
$this->app['logger.flash']->error(Trans::__("The email configuration setting 'mailoptions' hasn't been set. Bolt may be unable to send password reset."));
}
// Sent the password reset notification
$this->resetPasswordNotification($userEntity, $shadowPassword, $shadowToken);
return true;
}
/**
* Encrypts a user password using the Blowfish algo
*
* @param string $password The plaintext password
*
* @return string The hashed password string
*/
public static function encrypt_password($password)
{
$hasher = new PasswordHash(8, false);
return $hasher->HashPassword($password);
}
/**
* @param array $data
* @param array | false $options
* @return UserInfo
*/
public static function add($data, $options = false)
{
$options = is_array($options) ? $options : array();
$db = Loader::db();
$dh = Loader::helper('date');
$uDateAdded = $dh->getOverridableNow();
$hasher = new PasswordHash(\Config::get('concrete.user.password.hash_cost_log2'), \Config::get('concrete.user.password.hash_portable'));
if ($data['uIsValidated'] == 1) {
$uIsValidated = 1;
} elseif (isset($data['uIsValidated']) && $data['uIsValidated'] == 0) {
$uIsValidated = 0;
} else {
$uIsValidated = -1;
}
if (isset($data['uIsFullRecord']) && $data['uIsFullRecord'] == 0) {
$uIsFullRecord = 0;
} else {
$uIsFullRecord = 1;
}
$password_to_insert = $data['uPassword'];
$hash = $hasher->HashPassword($password_to_insert);
if (isset($data['uDefaultLanguage']) && $data['uDefaultLanguage'] != '') {
$uDefaultLanguage = $data['uDefaultLanguage'];
}
$v = array($data['uName'], $data['uEmail'], $hash, $uIsValidated, $uDateAdded, $uDateAdded, $uIsFullRecord, $uDefaultLanguage, 1);
$r = $db->prepare("insert into Users (uName, uEmail, uPassword, uIsValidated, uDateAdded, uLastPasswordChange, uIsFullRecord, uDefaultLanguage, uIsActive) values (?, ?, ?, ?, ?, ?, ?, ?, ?)");
$res = $db->execute($r, $v);
if ($res) {
$newUID = $db->Insert_ID();
$ui = UserInfo::getByID($newUID);
if (is_object($ui)) {
// run any internal event we have for user add
$ue = new \Concrete\Core\User\Event\UserInfoWithPassword($ui);
$ue->setUserPassword($data['uPassword']);
Events::dispatch('on_user_add', $ue);
}
$uo = $ui->getUserObject();
$groupControllers = \Group::getAutomatedOnRegisterGroupControllers($uo);
foreach ($groupControllers as $ga) {
if ($ga->check($uo)) {
$uo->enterGroup($ga->getGroupObject());
}
}
return $ui;
}
}
public function make($value, array $options = [])
{
return $this->hasher->HashPassword($value);
}
public function add_users()
{
// Firstly, install the core authentication types
$cba = AuthenticationType::add('concrete', 'Standard');
$coa = AuthenticationType::add('community', 'concrete5.org');
$fba = AuthenticationType::add('facebook', 'Facebook');
$twa = AuthenticationType::add('twitter', 'Twitter');
$gat = AuthenticationType::add('google', 'Google');
$fba->disable();
$twa->disable();
$coa->disable();
$gat->disable();
\Concrete\Core\Tree\TreeType::add('group');
\Concrete\Core\Tree\Node\NodeType::add('group');
$tree = GroupTree::get();
$tree = GroupTree::add();
// insert the default groups
// create the groups our site users
// specify the ID's since auto increment may not always be +1
$g1 = Group::add(tc("GroupName", "Guest"), tc("GroupDescription", "The guest group represents unregistered visitors to your site."), false, false, GUEST_GROUP_ID);
$g2 = Group::add(tc("GroupName", "Registered Users"), tc("GroupDescription", "The registered users group represents all user accounts."), false, false, REGISTERED_GROUP_ID);
$g3 = Group::add(tc("GroupName", "Administrators"), "", false, false, ADMIN_GROUP_ID);
// insert admin user into the user table
if (defined('INSTALL_USER_PASSWORD')) {
$hasher = new PasswordHash(Config::get('concrete.user.password.hash_cost_log2'), Config::get('concrete.user.password.hash_portable'));
$uPassword = INSTALL_USER_PASSWORD;
$uPasswordEncrypted = $hasher->HashPassword($uPassword);
} else {
$uPasswordEncrypted = INSTALL_USER_PASSWORD_HASH;
}
$uEmail = INSTALL_USER_EMAIL;
$superuser = UserInfo::addSuperUser($uPasswordEncrypted, $uEmail);
$u = User::getByUserID(USER_SUPER_ID, true, false);
MailImporter::add(array('miHandle' => 'private_message'));
UserPointAction::add('won_badge', t('Won a Badge'), 5, false, true);
// Install conversation default email
\Conversation::setDefaultSubscribedUsers(array($superuser));
}
/**
* @return \Concrete\Core\Error\Error
*/
public function configure()
{
$error = $this->app->make('helper/validation/error');
/* @var $error \Concrete\Core\Error\ErrorList\ErrorList */
try {
$val = $this->app->make('helper/validation/form');
/* @var \Concrete\Core\Form\Service\Validation $val */
$val->setData($this->post());
$val->addRequired("SITE", t("Please specify your site's name"));
$val->addRequiredEmail("uEmail", t('Please specify a valid email address'));
$val->addRequired("DB_DATABASE", t('You must specify a valid database name'));
$val->addRequired("DB_SERVER", t('You must specify a valid database server'));
$password = $_POST['uPassword'];
$passwordConfirm = $_POST['uPasswordConfirm'];
$this->app->make('validator/password')->isValid($password, $error);
if ($password) {
if ($password != $passwordConfirm) {
$error->add(t('The two passwords provided do not match.'));
}
}
if (is_object($this->fileWriteErrors)) {
foreach ($this->fileWriteErrors->getList() as $msg) {
$error->add($msg);
}
}
$error = $this->validateDatabase($error);
$error = $this->validateSampleContent($error);
if ($this->post('canonicalUrlChecked') === '1') {
try {
$url = UrlImmutable::createFromUrl($this->post('canonicalUrl'));
if (strcasecmp('http', $url->getScheme()) !== 0) {
throw new Exception('The HTTP canonical URL must have the http:// scheme');
}
$canonicalUrl = (string) $url;
} catch (Exception $x) {
$error->add($x);
}
} else {
$canonicalUrl = '';
}
if ($this->post('canonicalSSLUrlChecked') === '1') {
$url = UrlImmutable::createFromUrl($this->post('canonicalSSLUrl'));
if (strcasecmp('https', $url->getScheme()) !== 0) {
throw new Exception('The SSL canonical URL must have the https:// scheme');
}
$canonicalSSLUrl = (string) $url;
} else {
$canonicalSSLUrl = '';
}
if ($val->test() && !$error->has()) {
// write the config file
$vh = $this->app->make('helper/validation/identifier');
$this->fp = @fopen(DIR_CONFIG_SITE . '/site_install.php', 'w+');
$this->fpu = @fopen(DIR_CONFIG_SITE . '/site_install_user.php', 'w+');
if ($this->fp) {
$config = isset($_POST['SITE_CONFIG']) ? (array) $_POST['SITE_CONFIG'] : [];
$config['database'] = ['default-connection' => 'concrete', 'connections' => ['concrete' => ['driver' => 'c5_pdo_mysql', 'server' => $_POST['DB_SERVER'], 'database' => $_POST['DB_DATABASE'], 'username' => $_POST['DB_USERNAME'], 'password' => $_POST['DB_PASSWORD'], 'charset' => 'utf8']]];
$config['canonical-url'] = $canonicalUrl;
$config['canonical-ssl-url'] = $canonicalSSLUrl;
$config['session-handler'] = $_POST['sessionHandler'];
$renderer = new Renderer($config);
fwrite($this->fp, $renderer->render());
fclose($this->fp);
chmod(DIR_CONFIG_SITE . '/site_install.php', 0700);
} else {
throw new Exception(t('Unable to open config/app.php for writing.'));
}
if ($this->fpu) {
$config = $this->app->make('config');
$hasher = new PasswordHash($config->get('concrete.user.password.hash_cost_log2'), $config->get('concrete.user.password.hash_portable'));
$configuration = "<?php\n";
$configuration .= "define('INSTALL_USER_EMAIL', " . var_export((string) $_POST['uEmail'], true) . ");\n";
$configuration .= "define('INSTALL_USER_PASSWORD_HASH', " . var_export((string) $hasher->HashPassword($_POST['uPassword']), true) . ");\n";
$configuration .= "define('INSTALL_STARTING_POINT', " . var_export((string) $this->post('SAMPLE_CONTENT'), true) . ");\n";
$configuration .= "define('SITE', " . var_export((string) $_POST['SITE'], true) . ");\n";
$locale = $this->post('siteLocaleLanguage') . '_' . $this->post('siteLocaleCountry');
$configuration .= "define('SITE_INSTALL_LOCALE', " . var_export($locale, true) . ");\n";
$configuration .= "define('APP_INSTALL_LANGUAGE', " . var_export($this->post('locale'), true) . ");\n";
$res = fwrite($this->fpu, $configuration);
fclose($this->fpu);
chmod(DIR_CONFIG_SITE . '/site_install_user.php', 0700);
if (PHP_SAPI != 'cli') {
$this->redirect('/');
}
} else {
throw new Exception(t('Unable to open config/site_user.php for writing.'));
}
} else {
if ($error->has()) {
$this->set('error', $error);
} else {
$error = $val->getError();
$this->set('error', $val->getError());
}
}
} catch (Exception $ex) {
$this->reset();
$this->set('error', $ex);
$error->add($ex);
}
$this->setup();
return $error;
}
function it_hashes_a_string_password(PasswordHash $hasher)
{
$hasher->HashPassword('password')->shouldBeCalled()->willReturn('hashed');
$this->make('password')->shouldReturn('hashed');
}
public function generatepasswords()
{
if (!$this->app['users']->isAllowed('dashboard')) {
die('You do not have the right privileges to view this page.');
}
// Set up the form.
$form = $this->app['form.factory']->createBuilder('form');
$form->add('password', 'text');
$form = $form->getForm();
$password = false;
if ($this->app['request']->getMethod() == 'POST') {
$form->bind($this->app['request']);
$data = $form->getData();
if ($form->isValid()) {
$hasher = new PasswordHash(12, true);
$password = $hasher->HashPassword($data['password']);
}
}
// Render the form, and show it it the visitor.
$this->app['twig.loader.filesystem']->addPath(__DIR__);
$html = $this->app['twig']->render('assets/passwordgenerate.twig', array('form' => $form->createView(), 'password' => $password));
return new \Twig_Markup($html, 'UTF-8');
}
/**
* @return \Concrete\Core\Error\Error
*/
public function configure()
{
$error = \Core::make('helper/validation/error');
/* @var $error \Concrete\Core\Error\Error */
try {
$val = Core::make('helper/validation/form');
$val->setData($this->post());
$val->addRequired("SITE", t("Please specify your site's name"));
$val->addRequiredEmail("uEmail", t('Please specify a valid email address'));
$val->addRequired("DB_DATABASE", t('You must specify a valid database name'));
$val->addRequired("DB_SERVER", t('You must specify a valid database server'));
$password = $_POST['uPassword'];
$passwordConfirm = $_POST['uPasswordConfirm'];
$uh = Core::make('helper/concrete/user');
$uh->validNewPassword($password, $error);
if ($password) {
if ($password != $passwordConfirm) {
$error->add(t('The two passwords provided do not match.'));
}
}
if (is_object($this->fileWriteErrors)) {
$error = $this->fileWriteErrors;
}
$error = $this->validateDatabase($error);
$error = $this->validateSampleContent($error);
if ($val->test() && !$error->has()) {
// write the config file
$vh = Core::make('helper/validation/identifier');
$this->fp = @fopen(DIR_CONFIG_SITE . '/site_install.php', 'w+');
$this->fpu = @fopen(DIR_CONFIG_SITE . '/site_install_user.php', 'w+');
if ($this->fp) {
$config = isset($_POST['SITE_CONFIG']) ? (array) $_POST['SITE_CONFIG'] : array();
$config['database'] = array('default-connection' => 'concrete', 'connections' => array('concrete' => array('driver' => 'c5_pdo_mysql', 'server' => $_POST['DB_SERVER'], 'database' => $_POST['DB_DATABASE'], 'username' => $_POST['DB_USERNAME'], 'password' => $_POST['DB_PASSWORD'], 'charset' => 'utf8')));
$renderer = new Renderer($config);
fwrite($this->fp, $renderer->render());
fclose($this->fp);
chmod(DIR_CONFIG_SITE . '/site_install.php', 0700);
} else {
throw new Exception(t('Unable to open config/app.php for writing.'));
}
if ($this->fpu) {
$hasher = new PasswordHash(Config::get('concrete.user.password.hash_cost_log2'), Config::get('concrete.user.password.hash_portable'));
$configuration = "<?php\n";
$configuration .= "define('INSTALL_USER_EMAIL', '" . $_POST['uEmail'] . "');\n";
$configuration .= "define('INSTALL_USER_PASSWORD_HASH', '" . $hasher->HashPassword($_POST['uPassword']) . "');\n";
$configuration .= "define('INSTALL_STARTING_POINT', '" . $this->post('SAMPLE_CONTENT') . "');\n";
$configuration .= "define('SITE', '" . addslashes($_POST['SITE']) . "');\n";
if (Localization::activeLocale() != '' && Localization::activeLocale() != 'en_US') {
$configuration .= "define('SITE_INSTALL_LOCALE', '" . Localization::activeLocale() . "');\n";
}
$res = fwrite($this->fpu, $configuration);
fclose($this->fpu);
chmod(DIR_CONFIG_SITE . '/site_install_user.php', 0700);
if (PHP_SAPI != 'cli') {
$this->redirect('/');
}
} else {
throw new Exception(t('Unable to open config/site_user.php for writing.'));
}
} else {
if ($error->has()) {
$this->set('error', $error);
} else {
$error = $val->getError();
$this->set('error', $val->getError());
}
}
} catch (Exception $ex) {
$this->reset();
$this->set('error', $ex);
$error->add($ex);
}
return $error;
}
$cliconfig = array_merge($_defaults, $cliArguments);
// Configurations
require $cliconfig['core'] . "/bootstrap/configure.php";
// Autoloader
require $cliconfig['core'] . "/bootstrap/autoload.php";
// CMS
$cms = (require $cliconfig['core'] . "/bootstrap/start.php");
// Database connection
\Database::extend('install', function () use($cliconfig) {
return \Database::getFactory()->createConnection(array('host' => $cliconfig['db-server'], 'user' => $cliconfig['db-username'], 'password' => $cliconfig['db-password'], 'database' => $cliconfig['db-database']));
});
\Database::setDefaultConnection('install');
$cms['config']['database.connections.install'] = array();
// Disable all caches
Cache::disableAll();
// Install data setup
$passHash = new PasswordHash(Config::get('concrete.user.password.hash_cost_log2'), Config::get('concrete.user.password.hash_portable'));
define('INSTALL_USER_EMAIL', $cliconfig['admin-email']);
define('INSTALL_USER_PASSWORD_HASH', $passHash->HashPassword($cliconfig['admin-password']));
define('INSTALL_STARTING_POINT', $cliconfig['starting-point']);
define('SITE', $cliconfig['site']);
$startingPoint = StartingPointPackage::getClass(INSTALL_STARTING_POINT);
$routines = $startingPoint->getInstallRoutines();
// Redefine the error handlers, overriding any registered by C5
set_error_handler('customErrorHandler');
foreach ($routines as $r) {
fwrite(STDOUT, sprintf("%s: %s \n", $r->getProgress(), $r->getText()));
call_user_func(array($startingPoint, $r->getMethod()));
}
fwrite(STDOUT, "!!!!!! Installation Complete: OK !!!!!!\n");
exit(0);
/**
* Create a hash (encrypt) of a plain text password.
*
* For integration with other applications, this function can be overwritten to
* instead use the other package password checking algorithm.
*
* @uses PasswordHash::HashPassword
*
* @param string $password Plain text user password to hash
*
* @return string The hash string of the password
*/
public function make($password)
{
return $this->wp_hasher->HashPassword(trim($password));
}
/**
* @param array $data
*
* @return UserInfo|false|null
*/
public function create($data)
{
$uae = new AddUser($data);
$uae = \Events::dispatch('on_before_user_add', $uae);
if (!$uae->proceed()) {
return false;
}
$config = $this->application->make('config');
$hasher = new PasswordHash($config->get('concrete.user.password.hash_cost_log2'), $config->get('concrete.user.password.hash_portable'));
if (isset($data['uIsValidated']) && $data['uIsValidated'] == 1) {
$uIsValidated = 1;
} elseif (isset($data['uIsValidated']) && $data['uIsValidated'] == 0) {
$uIsValidated = 0;
} else {
$uIsValidated = -1;
}
if (isset($data['uIsFullRecord']) && $data['uIsFullRecord'] == 0) {
$uIsFullRecord = 0;
} else {
$uIsFullRecord = 1;
}
$password_to_insert = isset($data['uPassword']) ? $data['uPassword'] : null;
$hash = $hasher->HashPassword($password_to_insert);
$uDefaultLanguage = null;
if (isset($data['uDefaultLanguage']) && $data['uDefaultLanguage'] != '') {
$uDefaultLanguage = $data['uDefaultLanguage'];
}
$entity = new UserEntity();
$entity->setUserName($data['uName']);
$entity->setUserEmail($data['uEmail']);
$entity->setUserPassword($hash);
$entity->setUserIsValidated($uIsValidated);
$entity->setUserIsFullRecord($uIsFullRecord);
$entity->setUserDefaultLanguage($uDefaultLanguage);
$entity->setUserIsActive(true);
$this->entityManager->persist($entity);
$this->entityManager->flush();
$newUID = $entity->getUserID();
$ui = $this->userInfoRepository->getByID($newUID);
if (is_object($ui)) {
$uo = $ui->getUserObject();
$groupControllers = \Group::getAutomatedOnRegisterGroupControllers($uo);
foreach ($groupControllers as $ga) {
if ($ga->check($uo)) {
$uo->enterGroup($ga->getGroupObject());
}
}
// run any internal event we have for user add
$ue = new UserInfoWithPassword($ui);
$ue->setUserPassword($password_to_insert);
\Events::dispatch('on_user_add', $ue);
// Now we notify any relevant users.
/**
* @var $type UserSignupType
*/
$type = $this->application->make('manager/notification/types')->driver('user_signup');
$u = new User();
$createdBy = null;
if (is_object($u)) {
$creator = $u->getUserInfoObject();
if (is_object($creator)) {
$createdBy = $creator->getEntityObject();
}
}
$signup = new UserSignup($ui->getEntityObject(), $createdBy);
$notifier = $type->getNotifier();
$subscription = $type->getSubscription($signup);
$notified = $notifier->getUsersToNotify($subscription, $signup);
$notification = $type->createNotification($signup);
$notifier->notify($notified, $notification);
}
return $ui;
}
