protected function _load()
{
if (empty($this->_options)) {
throw new Exceptions_SeotoasterWidgetException('No options provided');
}
if (is_numeric(reset($this->_options))) {
$userId = array_shift($this->_options);
$this->_user = Application_Model_Mappers_UserMapper::getInstance()->find($userId);
if (is_null($this->_user)) {
return '';
}
} elseif ($this->_sessionHelper->getCurrentUser()->getRoleId() === Tools_Security_Acl::ROLE_GUEST) {
return '';
} else {
$this->_user = $this->_sessionHelper->getCurrentUser();
}
$this->_user->loadAttributes();
if (Tools_Security_Acl::isAllowed(Tools_Security_Acl::RESOURCE_USERS) || $this->_user->getId() === $this->_sessionHelper->getCurrentUser()->getId()) {
$this->_editableMode = true;
Zend_Layout::getMvcInstance()->getView()->headScript()->appendFile($this->_websiteHelper->getUrl() . 'system/js/internal/user-attributes.js');
}
$method = strtolower(array_shift($this->_options));
try {
return $this->{'_render' . ucfirst($method)}();
} catch (Exception $e) {
return '<b>Method ' . $method . ' doesn\'t exist</b>';
}
}
/**
* The put action handles PUT requests and receives an 'id' parameter; it
* should update the server resource state of the resource identified by
* the 'id' value.
*/
public function putAction()
{
$id = intval(filter_var($this->_request->getParam('id'), FILTER_VALIDATE_INT));
$data = json_decode($this->_request->getRawBody(), true);
if ($id && !empty($data)) {
if (!Tools_Security_Acl::isAllowed(Tools_Security_Acl::RESOURCE_USERS) && $id !== $this->_sessionHelper->getCurrentUser()->getId()) {
$this->_error(self::REST_STATUS_FORBIDDEN);
}
$user = Application_Model_Mappers_UserMapper::getInstance()->find($id);
if ($user instanceof Application_Model_Models_User) {
Application_Model_Mappers_UserMapper::getInstance()->loadUserAttributes($user);
foreach ($data as $attribute => $value) {
$setter = 'set' . ucfirst(strtolower($attribute));
if (method_exists($user, $setter)) {
$user->{$setter}($value);
} else {
$user->setAttribute($attribute, $value);
}
}
$user->setPassword(false);
Application_Model_Mappers_UserMapper::getInstance()->save($user);
return array('status' => 'ok');
}
}
}
public function signupAction()
{
$this->_helper->viewRenderer->setNoRender(true);
if ($this->getRequest()->isPost()) {
$signupForm = new Application_Form_Signup();
if ($signupForm->isValid($this->getRequest()->getParams())) {
//save new user
$user = new Application_Model_Models_User($signupForm->getValues());
$user->registerObserver(new Tools_Mail_Watchdog(array('trigger' => Tools_Mail_SystemMailWatchdog::TRIGGER_SIGNUP)));
$user->setRoleId(Tools_Security_Acl::ROLE_MEMBER);
if (isset($this->_helper->session->refererUrl)) {
$user->setReferer($this->_helper->session->refererUrl);
}
$signupResult = Application_Model_Mappers_UserMapper::getInstance()->save($user);
if (!$user->getId()) {
$user->setId($signupResult);
}
//send mails by notifying mail observer about successful sign-up,
$user->notifyObservers();
//redirect to signup landing page
$signupLandingPage = Tools_Page_Tools::getLandingPage(Application_Model_Models_Page::OPT_SIGNUPLAND);
if ($signupLandingPage instanceof Application_Model_Models_Page) {
$this->_redirect($this->_helper->website->getUrl() . $signupLandingPage->getUrl());
exit;
} else {
$this->_redirect($this->_helper->website->getUrl());
}
} else {
$this->_helper->flashMessenger->addMessage(Tools_Content_Tools::proccessFormMessagesIntoHtml($signupForm->getMessages(), get_class($signupForm)));
$signupPageUrl = $this->_helper->session->signupPageUrl;
unset($this->_helper->session->signupPageUrl);
$this->_redirect($this->_helper->website->getUrl() . ($signupPageUrl ? $signupPageUrl : ''));
}
}
}
public function findByTokenAndMail($token, $email)
{
$user = Application_Model_Mappers_UserMapper::getInstance()->findByEmail($email);
if (!$user) {
return null;
}
$where = $this->getDbTable()->getAdapter()->quoteInto("token_hash = ?", $token);
$where .= $this->getDbTable()->getAdapter()->quoteInto(" AND user_id = ?", $user->getId());
$row = $this->getDbTable()->fetchAll($where)->current();
if (!$row) {
return null;
}
return new $this->_model($row->toArray());
}
protected function _generateResetUrl()
{
$websiteHelper = Zend_Controller_Action_HelperBroker::getStaticHelper('website');
$user = Application_Model_Mappers_UserMapper::getInstance()->find($this->_userId);
return sprintf(self::RESET_URL_TEMPLATE, $websiteHelper->getUrl(), $user->getEmail(), $this->_tokenHash);
}
public function exportAction()
{
if ($this->getRequest()->isPost()) {
if (Tools_Security_Acl::isAllowed(Tools_Security_Acl::RESOURCE_USERS)) {
$users = Application_Model_Mappers_UserMapper::getInstance()->fetchAll();
$dataToExport = array();
foreach ($users as $user) {
$usrData = $user->toArray();
unset($usrData['password']);
unset($usrData['id']);
unset($usrData['attributes']);
$dataToExport[] = $usrData;
}
$exportResult = Tools_System_Tools::arrayToCsv($dataToExport, array($this->_helper->language->translate('E-mail'), $this->_helper->language->translate('Role'), $this->_helper->language->translate('Full name'), $this->_helper->language->translate('Last login date'), $this->_helper->language->translate('Registration date'), $this->_helper->language->translate('IP address')));
if ($exportResult) {
$usersArchive = Tools_System_Tools::zip($exportResult);
$this->getResponse()->setHeader('Content-Disposition', 'attachment; filename=' . Tools_Filesystem_Tools::basename($usersArchive))->setHeader('Content-type', 'application/force-download');
readfile($usersArchive);
$this->getResponse()->sendResponse();
}
exit;
}
}
}
protected function _sendTmembersignupMail(Application_Model_Models_User $user)
{
switch ($this->_options['recipient']) {
case self::RECIPIENT_MEMBER:
$this->_mailer->setMailToLabel($user->getFullName())->setMailTo($user->getEmail())->setSubject(isset($this->_options['subject']) ? $this->_options['subject'] : $this->_translator->translate('Welcome!'));
break;
case self::RECIPIENT_SUPERADMIN:
$superAdmin = Application_Model_Mappers_UserMapper::getInstance()->findByRole(Tools_Security_Acl::ROLE_SUPERADMIN);
$this->_mailer->setMailToLabel($superAdmin->getFullName())->setMailTo($superAdmin->getEmail())->setSubject(isset($this->_options['subject']) ? $this->_options['subject'] : $this->_translator->translate('New user is registered!'));
break;
}
if (($mailBody = $this->_prepareEmailBody()) == false) {
$mailBody = $this->_options['message'];
}
$this->_entityParser->objectToDictionary($user);
if (!isset($this->_options['from'])) {
$this->_options['from'] = Application_Model_Mappers_UserMapper::getInstance()->findByRole(Tools_Security_Acl::ROLE_SUPERADMIN)->getEmail();
}
return $this->_mailer->setMailFrom($this->_options['from'])->setBody($this->_entityParser->parse($mailBody))->send();
}
public function passwordresetAction()
{
//check the get string for the tokens http://mytoaster.com/login/reset/email/myemail@mytoaster.com/token/adadajqwek123klajdlkasdlkq2e3
$error = false;
$form = new Application_Form_PasswordReset();
$email = filter_var($this->getRequest()->getParam('email', false), FILTER_SANITIZE_EMAIL);
$token = filter_var($this->getRequest()->getParam('key', false), FILTER_SANITIZE_STRING);
if (!$email || !$token) {
$error = true;
}
$resetToken = Application_Model_Mappers_PasswordRecoveryMapper::getInstance()->findByTokenAndMail($token, $email);
if (!$resetToken || $resetToken->getStatus() != Application_Model_Models_PasswordRecoveryToken::STATUS_NEW || $this->_isTokenExpired($resetToken)) {
$error = true;
}
if ($error) {
$error = false;
$this->_helper->flashMessenger->addMessage('Token is incorrect. Please, enter your e-mail one more time.');
return $this->redirect($this->_helper->website->getUrl() . 'login/retrieve/');
}
if ($this->getRequest()->isPost()) {
if ($form->isValid($this->getRequest()->getParams())) {
$resetToken->registerObserver(new Tools_Mail_Watchdog(array('trigger' => Tools_Mail_SystemMailWatchdog::TRIGGER_PASSWORDCHANGE)));
$resetData = $form->getValues();
$mapper = Application_Model_Mappers_UserMapper::getInstance();
$user = $mapper->find($resetToken->getUserId());
$user->setPassword($resetData['password']);
$mapper->save($user);
$resetToken->setStatus(Application_Model_Models_PasswordRecoveryToken::STATUS_USED);
Application_Model_Mappers_PasswordRecoveryMapper::getInstance()->save($resetToken);
$this->_helper->flashMessenger->addMessage($this->_helper->language->translate('Your password was reset.'));
$roleId = $user->getRoleId();
if ($roleId != Tools_Security_Acl::ROLE_ADMIN && $roleId != Tools_Security_Acl::ROLE_SUPERADMIN) {
return $this->redirect($this->_helper->website->getUrl());
}
return $this->redirect($this->_helper->website->getUrl() . 'go');
} else {
$this->_helper->flashMessenger->addMessage($this->_helper->language->translate('Passwords should match'));
return $this->redirect($resetToken->getResetUrl());
}
}
$this->view->messages = $this->_helper->flashMessenger->getMessages();
$this->view->form = $form;
}
/**
* Loads extended attributes to user model
* @return Application_Model_Models_User
*/
public function loadAttributes()
{
return Application_Model_Mappers_UserMapper::getInstance()->loadUserAttributes($this);
}
public function configAction()
{
$configForm = new Application_Form_Config();
$configForm->setAction($this->_helper->url->url());
$languageSelect = $configForm->getElement('language');
$languageSelect->setMultiOptions($this->_helper->language->getLanguages(false));
$loggedUser = $this->_helper->session->getCurrentUser();
$isSuperAdminLogged = $loggedUser->getRoleId() === Tools_Security_Acl::ROLE_SUPERADMIN;
$this->view->isSuperAdmin = $isSuperAdminLogged;
if ($this->getRequest()->isPost()) {
if (!$isSuperAdminLogged) {
$configForm->removeElement('suLogin');
$configForm->removeElement('suPassword');
$configForm->removeElement('canonicalScheme');
$configForm->removeElement('recapthaPublicKey');
$configForm->removeElement('recapthaPrivateKey');
} else {
//initializing current superadmin user
$userTable = new Application_Model_DbTable_User();
$userMapper = Application_Model_Mappers_UserMapper::getInstance();
}
if ($configForm->isValid($this->getRequest()->getParams())) {
//proccessing language changing
$selectedLang = $languageSelect->getValue();
if ($selectedLang != $this->_helper->language->getCurrentLanguage()) {
$this->_helper->language->setLanguage($selectedLang);
$languageSelect->setMultiOptions($this->_helper->language->getLanguages(false));
}
if ($isSuperAdminLogged) {
$newPass = $configForm->getElement('suPassword')->getValue();
$newLogin = $configForm->getElement('suLogin')->getValue();
$adminDataModified = false;
// checking if there is new su password
if (!empty($newPass) && md5($newPass) !== $loggedUser->getPassword()) {
$loggedUser->setPassword($newPass);
$adminDataModified = true;
}
// checking if su email has been changed
if ($newLogin != $loggedUser->getEmail()) {
$usersWithSuchEmail = $userTable->fetchAll($userTable->getAdapter()->quoteInto('email = ?', $newLogin));
if (!$usersWithSuchEmail->count()) {
$loggedUser->setEmail($newLogin);
$adminDataModified = true;
}
}
if ($adminDataModified === true) {
if (!$userMapper->save($loggedUser)) {
unset($newLogin);
}
}
}
//$showMemberOnlyPages = intval($configForm->getElement('memPagesInMenu')->getValue());
//proccessing form to db
$config = $configForm->getValues();
if (isset($newLogin)) {
$config['adminEmail'] = $newLogin;
}
if ($config['smtpPassword'] === null && null === $this->getRequest()->getParam('smtpPassword', null)) {
unset($config['smtpPassword']);
}
if ($config['inlineEditor'] !== $this->_helper->config->getConfig('inlineEditor')) {
$this->_helper->cache->clean(false, false, array('Widgets_AbstractContent'));
}
$this->_configMapper->save($config);
$this->_helper->flashMessenger->addMessage('Setting saved');
} else {
if ($configForm->proccessErrors()) {
$this->_helper->flashMessenger->addMessage('Some fields are wrong');
}
}
if (false !== ($actions = $this->_request->getParam('actions', false))) {
$removeActions = array();
foreach ($actions as $action) {
if (isset($action['delete']) && $action['delete'] === "true") {
array_push($removeActions, $action['id']);
continue;
}
Application_Model_Mappers_EmailTriggersMapper::getInstance()->save($action);
}
if (!empty($removeActions)) {
Application_Model_Mappers_EmailTriggersMapper::getInstance()->delete($removeActions);
}
}
} else {
// loading config from db
$currentConfig = $this->_configMapper->getConfig();
if (!isset($currentConfig['language'])) {
$currentConfig['language'] = $this->_helper->language->getCurrentLanguage();
}
if (is_array($currentConfig) && !empty($currentConfig)) {
$configForm->setOptions($currentConfig);
}
}
if ($isSuperAdminLogged) {
$suadmin = Application_Model_Mappers_UserMapper::getInstance()->findByRole(Tools_Security_Acl::ROLE_SUPERADMIN);
$suadminEmail = $suadmin->getEmail();
$suPassword = $suadmin->getPassword();
$configForm->getElement('suLogin')->setValue($suadminEmail);
$configForm->getElement('suPassword')->setValue($suPassword);
}
$this->view->messages = $this->_helper->flashMessenger->getMessages();
$this->view->configForm = $configForm;
}