public function executeCreate(sfWebRequest $request)
{
global $CFG;
// GC_NOTE 2: At this time, we are not allowing anyone outside of GC to create new platforms
// If this should change, remove this security check. All code to support user creation is in place
if (!$CFG->current_app->hasPrivilege('GCUser')) {
$CFG->current_app->gcError('Non GCUser attempted access to institution/create', 'gcpageaccessdenied');
}
// END GC_NOTE 2
$form = $request->getPostParameters();
$this->setTrialApplicationToVerify($form['aid']);
if (!$form['verify'] == $this->application->getVerifyHash()) {
global $CFG;
$CFG->current_app->gcError('Incorrect Verify Hash ' . $form['verify'] . ' for application id ' . $form['aid']);
}
$this->institution_form = new GcrInstitutionForm();
if (!$this->formErrors) {
$this->formErrors = array();
}
// validate form values
$this->validateInstitutionShortName($form['short_name']);
if ($form['short_name'] == $form['default_eschool_id']) {
$this->formErrors['short_nameUnique'] = 'Short Name Home and Short Name Courses cannot be identical';
}
$this->validateEschoolShortName($form['default_eschool_id']);
$this->validateInstitutionType($form['institution_type']);
// make a person object to insert in to the person table for contact 2
$person2Object = new GcrPerson();
$person2Object->setFirstName($form['first_name_2']);
$person2Object->setLastName($form['last_name_2']);
$person2Object->setAddress($this->application->getAddress());
$person2Object->setPhone1($form['phone1_2']);
$person2Object->setPhone2($form['phone2_2']);
$person2Object->setEmail($form['email_2']);
// try to add the contact 2 to the person table
$person2Object->save();
// make an array of values to validate as the institution form
$institutionFields = array('id' => '', 'full_name' => $form['full_name'], 'short_name' => strtolower($form['short_name']), 'default_eschool_id' => strtolower($form['default_eschool_id']), 'external_url' => $form['external_url'], 'suspended' => '', 'contact1' => $this->application->getContact(), 'contact2' => $person2Object->getId(), 'address' => $this->application->getAddress(), 'institution_type' => $form['institution_type'], 'creator_id' => -1, 'admin_password' => '', 'verify' => $form['verify'], 'creation_date' => time(), 'visible' => '1', 'first_name_2' => $form['first_name_2'], 'last_name_2' => $form['last_name_2'], 'phone1_2' => $form['phone1_2'], 'phone2_2' => $form['phone2_2'], 'email_2' => $form['email_2'], 'aid' => $form['aid'], 'admin_password_user' => $form['admin_password_user'], 'admin_password_verify' => $form['admin_password_verify'], 'admin_username' => $form['admin_username'], '_csrf_token' => $form['_csrf_token']);
// try to add the eschool data to the eschool table
if ($trial_application_record = $this->processForm($institutionFields, $this->institution_form, $request->getFiles())) {
$this->institution = $trial_application_record;
} else {
$this->formErrors['institutionRecord'] = 'Some Field(s) Have Missing or Incorrect Data';
}
if (!($this->formErrors['admin_username'] = GcrInstitutionTable::verifyUsername($form['admin_username']))) {
unset($this->formErrors['admin_username']);
}
if ($form['admin_password_user'] != $form['admin_password_verify']) {
$this->formErrors['admin_password_user'] = '******';
} else {
if (!($this->formErrors['admin_password_user'] = GcrInstitutionTable::verifyPassword($form['admin_password_user']))) {
unset($this->formErrors['admin_password_user']);
}
}
// If the institution record was saved, we send an email to verify the user before creating the new institution
if (count($this->formErrors) == 0) {
$this->institution->create(array('username' => $form['admin_username'], 'password' => $form['admin_password_user']));
if ($CFG->current_app->hasPrivilege('GCUser')) {
$current_user = $CFG->current_app->getCurrentUser();
if ($form['admin_username'] == $current_user->getObject()->username) {
$owner_person = $this->institution->getPersonObject();
if ($owner_person->getEmail() == $current_user->getObject()->email) {
// give a logged in site admin the same privileges on the new mahara
if ($mhr_user_obj = $this->institution->selectFromMhrTable('usr', 'username', $form['admin_username'], true)) {
$admin_user = new GcrMhrUser($mhr_user_obj, $this->institution);
$admin_user->setAdminRole();
}
}
}
}
// make a trial object to save this new eschool trial
$eschool = $this->institution->getDefaultEschool();
$this->institution->createNewTrial();
// send emails to new eschool owner and to us
$this->emailNewEschoolOwner();
$this->emailNewEschoolGC($owner_credentials);
$this->application->delete();
if (!$CFG->current_app->hasPrivilege('GCUser') || isset($owner_person)) {
// Send user to the newly created institution, auto-logging them in.
$this->redirect($this->institution->setupAutoLogin($form['admin_username'], $form['admin_password_user'], 600));
} else {
// send GC User to new platform via the gotoplatform tool.
$this->redirect($CFG->current_app->getAppUrl() . 'local/platform_access.php?id=' . $this->institution->getShortName());
}
} else {
if ($this->institution) {
$this->institution->delete();
}
$person2Object->delete();
$this->getResponse()->setTitle('Create a Trial Platform');
$this->setTemplate('newInstitutionForm');
}
}