/**
* @param $param
* @return string
* @throws EntityValidationException
*/
public function email($param)
{
if (!v::email()->validate($param)) {
throw new EntityValidationException('User', 'email', $param, 'Invalid email');
}
return $param;
}
public function validate($data)
{
$validator = V::key('name', V::string()->length(0, 100), true)->key('email', V::email()->length(0, 200), true)->key('password', V::string()->length(0, 100), true);
try {
$validator->assert($data);
switch ($data['userable_type']) {
case 'Designer':
$this->designerCreationValidator->validate($data);
$data['userable_type'] = DesignerModel::class;
break;
case 'Administrator':
$this->adminCreationValidator->validate($data);
$data['userable_type'] = AdministratorModel::class;
break;
case 'Buyer':
$this->buyerCreationValidator->validate($data);
$data['userable_type'] = BuyerModel::class;
break;
default:
break;
}
} catch (AbstractNestedException $e) {
$errors = $e->findMessages(['email', 'length', 'in']);
throw new ValidationException('Could not create user.', $errors);
}
return true;
}
/**
* 检查密码是否正确
*
* @param string $field
* @param string $password
* @param bool $secretly
* @return array
* @throws UserException
*/
public function checkPasswordCredential($field, $password, $secretly = false)
{
if (Validator::email()->validate($field)) {
$user = UserUtil::getUserObjectByEmail($field);
} else {
$user = UserUtil::getUserObjectByUsername($field);
}
if (!UserUtil::isUserObjectValid($user)) {
if (!$secretly) {
Application::emit('user.login.failed.user_invalid', [VJ::LOGIN_TYPE_FAILED_USER_INVALID, $field]);
Application::info('credential.login.not_found', ['login' => $field]);
}
throw new UserException('UserCredential.checkPasswordCredential.user_not_valid');
}
$verified = $this->password_encoder->verify($password, $user['salt'], $user['hash']);
if (!$verified) {
if (!$secretly) {
Application::emit('user.login.failed.wrong_password', [VJ::LOGIN_TYPE_FAILED_WRONG_PASSWORD, $user]);
Application::info('credential.login.wrong_password', ['uid' => $user['uid']]);
}
throw new UserException('UserCredential.checkPasswordCredential.wrong_password');
}
if (!$secretly) {
Application::emit('user.login.succeeded', [VJ::LOGIN_TYPE_INTERACTIVE, $user, $field, $password]);
Application::info('credential.login.ok', ['uid' => $user['uid']]);
}
return $user;
}
public function isValid($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
if (isset($_REQUEST[$name])) {
$rules = explode("|", $value);
foreach ($rules as $rule) {
$exploded = explode(":", $rule);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::stringType()->length($min)->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " must be at least " . $min . " characters long";
}
break;
case 'email':
if (Valid::email()->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " must be a valid email ";
}
break;
case 'equalTo':
if (Valid::equals($_REQUEST[$name])->Validate($_REQUEST[$exploded[1]]) == false) {
$errors[] = "Values do not match";
}
break;
default:
//do nothing
}
}
} else {
$errors = "No value found";
}
}
return $errors;
}
/**
* init valid rule
*/
protected function initRule()
{
$this->validRule['id'] = v::numeric();
$this->validRule['name'] = v::stringType()->length(1, 10);
$this->validRule['email'] = v::email();
$this->validRule['sex'] = v::intVal()->between(0, 1);
}
public function validatePasswordResetRequest($email, $token)
{
Auth::restrictAccess('anonymous');
$passwordResets = new PasswordResets();
// This needs to go into base functions and return some kind of json message
if (!v::email()->validate($email)) {
return 'email dont comply';
}
if (!v::xdigit()->length(32, 32)->validate($token)) {
return 'token dont comply';
}
$passwordReset = $passwordResets->show($email);
// Not going to reveal whether the user account was found...
if (empty($passwordReset['token']) || empty($passwordReset['created'])) {
echo 'password reset request not found. forward. please submit a password reset request first';
die;
}
$created = strtotime($passwordReset['created']);
$now = strtotime(date('Y-m-d H:i:s'));
$diff = round(($now - $created) / 60, 2);
if (intval($diff) > 60) {
echo 'password reset has expired. 60 minutes max. submit another reset request';
die;
}
if (password_verify($token, $passwordReset['token'])) {
// probably shouldnt disclose this. just send json success
echo 'password matches. proceed to reset.';
}
return $passwordReset;
}
public function validate($prop, $label)
{
$value = $this->getValue($prop);
if (!v::email()->validate($value)) {
$this->addException("O campo {$label} não contém um e-mail válido");
}
}
public function setAlternativeEmail($value)
{
if (!v::email()->validate($value)) {
throw new FieldRequiredException("E-mail alternativo inválido");
}
$this->_email .= "," . $value;
}
public function isValid($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
$exploded = explode(":", $value);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::stringType()->length($min, null)->Validate($_REQUEST[$name]) == false) {
$errors[] = $exploded[2] . " must be at least " . $min . " characters long ";
}
break;
case 'email':
if (Valid::email()->Validate($_REQUEST[$name]) == false) {
$errors[] = "Please enter a valid email";
}
break;
case 'equalTo':
if (Valid::equals($_REQUEST[$name])->Validate($_REQUEST[$exploded[1]]) == false) {
$errors[] = $exploded[2] . " value does not match " . $exploded[3] . " value";
}
break;
default:
//do nothing
$errors[] = "No values found";
}
}
return $errors;
}
public function isValid($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
$rules = explode("|", $value);
foreach ($rules as $rule) {
$exploded = explode(":", $rule);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::stringType()->length($min, null)->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " must be at least " . $min . " characters long!";
}
break;
case 'email':
if (Valid::email()->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " must be a valid email address!";
}
break;
case 'equalTo':
if (Valid::equals($_REQUEST[$name])->Validate($_REQUEST[$exploded[1]]) == false) {
$errors[] = "Value does not match verification value!";
}
break;
default:
$errors[] = "No value found!";
}
}
}
return $errors;
}
public function isValid($validation_data)
{
$errors = "";
foreach ($validation_data as $name => $value) {
$rules = explode("|", $value);
foreach ($rules as $rule) {
$exploded = explode(":", $rule);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::alpha()->length($min)->Validate($_POST[$name]) == false) {
$errors[] = $name . " must be at least " . $exploded[1] . " characters long!";
}
break;
case 'email':
if (Valid::email()->validate($_POST[$name]) == false) {
$errors[] = $name . " must be a valid email address!";
}
break;
case 'equalTo':
if (Valid::equals($_POST[$name])->validate($_POST[$exploded[1]]) == false) {
$errors[] = $name . "'s don't match!";
}
break;
default:
$errors[] = "No value found!";
break;
}
}
}
return $errors;
}
private function send($type, array $to, $subject, $template, $params)
{
if (!Validator::arr()->each(Validator::email())->validate($to)) {
throw new InvalidArgumentException('to', 'format_invalid');
}
$html = Application::get('templating')->render($template, array_merge(['SUBJECT' => $subject], $params));
$this->provider->send($type, $to, $subject, $html);
}
public function setData($data)
{
if (!is_string($data) || !v::email()->validate($data)) {
throw new \RuntimeException('EmailField data must be a valid representation of an email address ');
}
$this->data = $data;
return $this;
}
protected function validateEmail()
{
$value = v::email()->notEmpty()->validate($this->getEmail());
if (!$value) {
msg::showMsg('O campo E-mail deve ser preenchido corretamente.' . '<script>focusOn("email");</script>', 'danger');
}
$this->criptoVar('email', $this->getEmail());
return $this;
}
/**
* Creates a profile.
*
* @param string $uniqueness
* @param string $email
*
* @throws InvalidEmailException
*
* @return string
*/
public function create($uniqueness, $email)
{
if (!Validator::email()->validate($email)) {
throw new InvalidEmailException();
}
$uniqueness = $uniqueness ?: uniqid();
$this->connectToStorage->connect()->insertOne(new Profile($uniqueness, $email));
return $uniqueness;
}
/**
* Initialise rules
*/
public function init()
{
// name validator
$this->rules['name'] = Validator::stringType()->setName('Your full name')->notEmpty()->length(1, 32);
// email validator
$this->rules['email'] = Validator::email()->setName('Email');
// comment validator
$this->rules['comment'] = Validator::stringType()->setName('Comment')->notEmpty();
}
private static function validateParameters($app, $post)
{
if (v::key('email', v::email())->validate($post)) {
return $app->render(400, array('msg' => 'Invalid email. Check your parameters and try again.'));
} else {
if (!v::key('name', v::stringType())->validate($post) || !v::key('subject', v::stringType())->validate($post) || !v::key('message', v::stringType())->validate($post)) {
return $app->render(400, array('msg' => 'Invalid subject or message. Check your parameters and try again.'));
}
}
return true;
}
public function validatePostVars($vars)
{
$validations = [v::stringType()->length(2)->validate($vars['nome']), v::stringType()->length(2)->validate($vars['sobrenome']), v::cpf()->validate($vars['cpf']), v::email()->validate($vars['email']), v::intVal()->validate($vars['clube']), v::intVal()->validate($vars['plano'])];
if ($vars['nascimento']) {
$validations[] = v::date()->validate($vars['nascimento']);
}
if ($vars['titular']) {
$validations[] = v::intVal()->validate($vars['titular']);
}
return $validations;
}
function emailValidate(&$errors, $email)
{
$emailBlankError = "Вы не заполнили поле Email";
$emailNotValid = "Укажите правильный Email";
if ($email != "") {
$email = filter_var(trim(strip_tags($email)), FILTER_SANITIZE_EMAIL);
if (!v::string()->notEmpty()->validate($email) || !v::email()->validate($email)) {
$errors[] = $emailNotValid;
}
} else {
$errors[] = $emailBlankError;
}
return $email;
}
public function isValid($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
$rules = explode("|", $value);
foreach ($rules as $rule) {
$exploded = explode(":", $rule);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::string()->length($min, null)->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " must be at least " . $min . " characters long.";
}
break;
case 'max':
$max = $exploded[1];
if (Valid::string()->length(null, $max)->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " cannot be more than " . $max . " characters long.";
}
break;
case 'email':
if (Valid::email()->Validate($_REQUEST[$name]) == false) {
$errors[] = "Must be a valid email address.";
}
break;
case 'equalTo':
if (Valid::equals($_REQUEST[$name])->Validate($_REQUEST[$exploded[1]]) == false) {
$errors[] = "Values do not match.";
}
break;
// check to see if already exists in database
// check to see if already exists in database
case 'unique':
$model = "Acme\\models\\" . $exploded[1];
$table = new $model();
$results = $table::where($name, '=', $_REQUEST[$name])->get();
foreach ($results as $item) {
$errors[] = $_REQUEST[$name] . " already exists in this system.";
}
break;
default:
$errors[] = "No value found.";
}
}
}
return $errors;
}
/**
* Creates a profile.
*
* @param string $uniqueness
* @param string $email
*
* @throws InvalidEmailSharedException
* @throws ExistentEmailSharedException
* @throws ExistentUniquenessSharedException
* @throws \MongoCursorException
*/
public function create($uniqueness, $email)
{
if (!Validator::email()->validate($email)) {
throw new InvalidEmailSharedException();
}
try {
$this->connectToStorageInternalWorker->connect()->insert(['uniqueness' => $uniqueness, 'email' => $email]);
} catch (\MongoCursorException $e) {
if (11000 == $e->getCode()) {
if (strpos($e->getMessage(), '$email_1') !== false) {
throw new ExistentEmailSharedException();
}
throw new ExistentUniquenessSharedException();
}
throw $e;
}
}
public static function filter($emails)
{
$emails = str_replace(PHP_EOL, ',', $emails);
$emails = str_replace(';', ',', $emails);
$emails = str_replace(' ', '', $emails);
$explode = explode(',', $emails);
$arrayEmail = array();
foreach ($explode as $email) {
if (v::email()->validate($email)) {
$arrayEmail[] = $email;
}
}
if (!count($arrayEmail)) {
throw new Exception('Nenhum e-mail válido');
}
$emails = implode(',', $arrayEmail);
return $emails;
}
public function login(Request $request)
{
if (Auth::check()) {
// If the user is already logged in then redirect to landing page.
return redirect($this->landingPage());
}
$p = ['email' => '', 'password' => ''];
$data = [];
view()->share(['title' => 'Log In', 'CB_PAGE_JS' => [url('/js/mods/Cb.Notify.js')]]);
if ($request->isMethod('post') && $request->has('submit')) {
$p = $request->all();
// See: https://github.com/Respect/Validation/blob/master/docs/README.md
$checks = [];
$checks['email'] = Valid::email()->notEmpty()->validate($p['email']);
$checks['password'] = Valid::string()->notEmpty()->validate($p['password']);
try {
if (in_array(false, $checks)) {
throw new Exception('Some required field have invalid values');
}
$auth_response = App\Cb\Users::authenticate($p['email'], $p['password']);
if (!is_object($auth_response)) {
if (is_numeric($auth_response)) {
// $auth_response <-- is user id in this context
$resend_link = route('resend_signup_confirmation', ['uid' => App\Crypt::urlencode($auth_response)]);
throw new Exception('Please verify your account. Click <a href="' . $resend_link . '">here</a> to resend the confirmation email');
}
throw new Exception('Invalid email or password');
}
// Successfully authenticated, save some details to session for faster access //
$request->session()->put('current_user', $auth_response);
$request->session()->put('current_user_type', $auth_response->type);
App\Cb\Users\Presence::setOnline($auth_response->id);
// Set presence as online
return redirect($this->landingPage($auth_response->type));
} catch (Exception $err) {
cb_set_message($err->getMessage(), 0);
}
}
$data['post'] = $p;
return View::make('user_login', $data)->render();
}
public function post($request, $response, $service, $app)
{
Auth::restrictAccess('anonymous');
$app->users = new Users();
$app->passwordResets = new PasswordResets();
$body = json_decode($request->body());
$email = $body->email;
if (!v::email()->validate($email)) {
return 'email dont comply';
}
$user = $app->users->showFromEmail($email);
// Maybe add some limit on request frequency here
if ($user) {
$token = bin2hex(openssl_random_pseudo_bytes(16));
$app->passwordResets->update($user['id'], $token);
echo 'password reset request submitted with email: ' . $email . ' and token: ' . $token;
} else {
// dont disclose that the user wasnt found? or do? do or do not. there is no try
echo 'account not found';
}
}
static function sendTeamInviteEmail($app)
{
$post = $app->request->post();
if (!v::key('email', v::email())->validate($post) && !v::key('userId', v::intVal())->validate($post) || !v::key('teamId', v::intVal())->validate($post) || !v::key('teamName', v::stringType())->validate($post) || !v::key('invitedById', v::intVal())->validate($post)) {
return $app->render(400, array('msg' => 'Invalid email. Check your parameters and try again.'));
}
// Try to set the players user id if the email exists in the DB
$foundId = v::key('userId', v::intVal())->validate($post) ? $post['userId'] : EmailData::selectUserIdByEmail($post['email']);
$userId = !$foundId ? NULL : $foundId;
$first = !v::key('nameFirst', v::stringType())->validate($post) ? NULL : $post['nameFirst'];
$last = !v::key('nameLast', v::stringType())->validate($post) ? NULL : $post['nameLast'];
$phone = !v::key('phone', v::stringType())->validate($post) ? NULL : $post['phone'];
$token = self::makeInviteToken();
$saved = EmailData::insertTeamInvite(array(":token" => $token, ":team_id" => $post['teamId'], ":user_id" => $userId, ":name_first" => $first, ":name_last" => $last, ":email" => $post['email'], ":phone" => $phone, ":created_user_id" => $post['invitedById']));
if (!$saved) {
return $app->render(400, array('msg' => 'Could not create invite. Check your parameters and try again.'));
}
$playerName = is_null($first) || is_null($last) ? '' : "{$first} {$last}";
$result = is_null($userId) ? ApiMailer::sendTeamInviteNewUser($token, $post['teamName'], $post['email'], $playerName) : ApiMailer::sendTeamInviteRegisteredUser($token, $post['teamName'], $post['email'], $playerName);
return $result['error'] ? $app->render(400, $result) : $app->render(200, $result);
}
public function isValid($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
$rules = explode('|', $value);
foreach ($rules as $rule) {
$exploded = explode(':', $rule);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::stringType()->length($min)->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . ' must be at least ' . $min . ' characters long!';
}
break;
case 'email':
if (Valid::email()->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . ' must be a valid email address!';
}
break;
case 'equalTo':
if (Valid::equals($_REQUEST[$name])->Validate($_REQUEST[$exploded[1]]) == false) {
$errors[] = 'Value does not match the verification value';
}
break;
case 'unique':
$model = "Acme\\models\\" . $exploded[1];
$table = new $model();
$results = $table->where($name, '=', $_REQUEST[$name])->get();
foreach ($results as $result) {
$errors[] = $_REQUEST[$name] . " already exists in this system!";
}
break;
default:
$errors = 'No value found';
break;
}
}
}
return $errors;
}
static function updateUser($app, $userId)
{
$post = $app->request->post();
if (!v::intVal()->validate($userId) || !v::key('nameFirst', v::stringType()->length(0, 255))->validate($post) || !v::key('nameLast', v::stringType()->length(0, 255), false)->validate($post) || !v::key('phone', v::stringType()->length(0, 20), false)->validate($post) || !v::key('email', v::email())->validate($post)) {
return $app->render(400, array('msg' => 'Invalid user. Check your parameters and try again.'));
}
$found = UserData::selectOtherUsersWithEmail($post['email'], $userId);
if ($found && count($found) > 0) {
return $app->render(400, array('msg' => 'An account with that email already exists. No two users may have the same email address.'));
}
$data = array(':id' => $userId, ':name_first' => $post['nameFirst'], ':name_last' => $post['nameLast'], ':email' => $post['email'], ':phone' => $post['phone']);
UserData::updateUser($data);
if (v::key('disabled', v::stringType()->length(1, 5))->validate($post) && ($post['disabled'] === true || $post['disabled'] === 'true')) {
UserData::disableUser($userId);
} else {
if (v::key('disabled', v::stringType()->length(1, 5))->validate($post) && ($post['disabled'] === false || $post['disabled'] === 'false')) {
UserData::enableUser($userId);
}
}
$user = UserData::selectUserById($userId);
return $app->render(200, array('user' => $user));
}
/**
* @param $validation_data
* @return array
*/
public function check($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
$rules = explode("|", $value);
foreach ($rules as $rule) {
$exploded = explode(":", $rule);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::stringType()->length($min)->Validate($this->request->input($name)) == false) {
$errors[] = $name . " must be at least " . $min . " characters long!";
}
break;
case 'email':
if (Valid::email()->Validate($this->request->input($name)) == false) {
$errors[] = $name . " must be a valid email!";
}
break;
case 'equalTo':
if (Valid::equals($this->request->input($name))->Validate($this->request->input($exploded[1])) == false) {
$errors[] = "Value does not match verification value!";
}
break;
case 'unique':
$model = "Acme\\models\\" . $exploded[1];
$table = new $model();
$results = $this->getRows($table, $name);
foreach ($results as $item) {
$errors[] = $this->request->input($name) . " already exists in this system!";
}
break;
default:
$errors[] = "No value found!";
}
}
}
return $errors;
}
public function isValid($validation_data)
{
$errors = [];
foreach ($validation_data as $name => $value) {
$exploded = explode(":", $value);
switch ($exploded[0]) {
case 'min':
$min = $exploded[1];
if (Valid::stringType()->length($min)->Validate($_REQUEST[$name]) == false) {
$errors[] = $name . " must be at leat" . $min . " chearacters long";
}
break;
case 'email':
if (Valid::email()->Validate($_REQUEST[$name]) == false) {
$errors[] = "Email address is invalid!";
}
break;
default:
$errors[] = "No value found!";
}
}
return $errors;
}
public function processSignupAction()
{
try {
v::email()->check($_POST['email']);
v::length(6)->check($_POST['password']);
} catch (ValidationException $e) {
$this->flasher->error('Please make sure your password is longer than 6 characters, and that your username is a valid email address!');
}
if ($_POST['password'] !== $_POST['password_confirm']) {
$this->flasher->error('Passwords need to be identical');
}
if ($this->flasher->hasMessages('error')) {
$this->redirect('/auth');
}
$this->initGroups();
// Create an account if none exists
$user = Gatekeeper::register(['first_name' => '-', 'last_name' => '-', 'username' => $_POST['email'], 'email' => $_POST['email'], 'password' => $_POST['password'], 'groups' => Gatekeeper::countUser() ? ['users'] : ['admin', 'users']]);
if ($user) {
$this->flasher->success('Account successfully registered! Please log in!');
} else {
$this->flasher->error('Error #GK01: Account creation failed!' . Gatekeeper::getDatasource()->getLastError());
}
$this->redirect('/auth');
}
