function saveWorkerPeekAction() { $translate = DevblocksPlatform::getTranslationService(); $active_worker = PortSensorApplication::getActiveWorker(); if (!$active_worker || !$active_worker->is_superuser) { return; } @($id = DevblocksPlatform::importGPC($_POST['id'], 'integer')); @($view_id = DevblocksPlatform::importGPC($_POST['view_id'], 'string')); @($first_name = DevblocksPlatform::importGPC($_POST['first_name'], 'string')); @($last_name = DevblocksPlatform::importGPC($_POST['last_name'], 'string')); @($title = DevblocksPlatform::importGPC($_POST['title'], 'string')); @($email = DevblocksPlatform::importGPC($_POST['email'], 'string')); @($password = DevblocksPlatform::importGPC($_POST['password'], 'string')); @($is_superuser = DevblocksPlatform::importGPC($_POST['is_superuser'], 'integer', 0)); @($disabled = DevblocksPlatform::importGPC($_POST['is_disabled'], 'integer', 0)); // @$group_ids = DevblocksPlatform::importGPC($_POST['group_ids'],'array'); // @$group_roles = DevblocksPlatform::importGPC($_POST['group_roles'],'array'); @($delete = DevblocksPlatform::importGPC($_POST['do_delete'], 'integer', 0)); // [TODO] The superuser set bit here needs to be protected by ACL if (empty($first_name)) { $first_name = "Anonymous"; } if (!empty($id) && !empty($delete)) { // Can't delete or disable self if ($active_worker->id != $id) { DAO_Worker::delete($id); } } else { if (empty($id) && null == DAO_Worker::getWhere(sprintf("%s=%s", DAO_Worker::EMAIL, Ps_ORMHelper::qstr($email)))) { $workers = DAO_Worker::getAll(); $license = PortSensorLicense::getInstance(); if (!empty($license) && !empty($license['serial']) || count($workers) < 3) { // Creating new worker. If password is empty, email it to them if (empty($password)) { $settings = DevblocksPlatform::getPluginSettingsService(); $replyFrom = $settings->get('portsensor.core', PortSensorSettings::DEFAULT_REPLY_FROM); $replyPersonal = $settings->get('portsensor.core', PortSensorSettings::DEFAULT_REPLY_PERSONAL, ''); $url = DevblocksPlatform::getUrlService(); $password = PortSensorApplication::generatePassword(8); // try { // $mail_service = DevblocksPlatform::getMailService(); // $mailer = $mail_service->getMailer(CerberusMail::getMailerDefaults()); // $mail = $mail_service->createMessage(); // // $mail->setTo(array($email => $first_name . ' ' . $last_name)); // $mail->setFrom(array($replyFrom => $replyPersonal)); // $mail->setSubject('Your new helpdesk login information!'); // $mail->generateId(); // // $headers = $mail->getHeaders(); // // $headers->addTextHeader('X-Mailer','Cerberus Helpdesk (Build '.APP_BUILD.')'); // // $body = sprintf("Your new helpdesk login information is below:\r\n". // "\r\n". // "URL: %s\r\n". // "Login: %s\r\n". // "Password: %s\r\n". // "\r\n". // "You should change your password from Preferences after logging in for the first time.\r\n". // "\r\n", // $url->write('',true), // $email, // $password // ); // // $mail->setBody($body); // // if(!$mailer->send($mail)) { // throw new Exception('Password notification email failed to send.'); // } // } catch (Exception $e) { // // [TODO] need to report to the admin when the password email doesn't send. The try->catch // // will keep it from killing php, but the password will be empty and the user will never get an email. // } } $fields = array(DAO_Worker::EMAIL => $email, DAO_Worker::PASS => $password); $id = DAO_Worker::create($fields); } } // end create worker // Update $fields = array(DAO_Worker::FIRST_NAME => $first_name, DAO_Worker::LAST_NAME => $last_name, DAO_Worker::TITLE => $title, DAO_Worker::EMAIL => $email, DAO_Worker::IS_SUPERUSER => $is_superuser, DAO_Worker::IS_DISABLED => $disabled); // if we're resetting the password if (!empty($password)) { $fields[DAO_Worker::PASS] = md5($password); } // Update worker DAO_Worker::update($id, $fields); // Update group memberships // if(is_array($group_ids) && is_array($group_roles)) // foreach($group_ids as $idx => $group_id) { // if(empty($group_roles[$idx])) { // DAO_Group::unsetTeamMember($group_id, $id); // } else { // DAO_Group::setTeamMember($group_id, $id, (2==$group_roles[$idx])); // } // } // Add the worker e-mail to the addresses table // if(!empty($email)) // DAO_Address::lookupAddress($email, true); // Addresses // if(null == DAO_AddressToWorker::getByAddress($email)) { // DAO_AddressToWorker::assign($email, $id); // DAO_AddressToWorker::update($email, array( // DAO_AddressToWorker::IS_CONFIRMED => 1 // )); // } // Custom field saves @($field_ids = DevblocksPlatform::importGPC($_POST['field_ids'], 'array', array())); DAO_CustomFieldValue::handleFormPost(PsCustomFieldSource_Worker::ID, $id, $field_ids); } if (!empty($view_id)) { $view = Ps_AbstractViewLoader::getView($view_id); $view->render(); } //DevblocksPlatform::setHttpResponse(new DevblocksHttpResponse(array('setup','workers'))); }
function doRecoverStep1Action() { $translate = DevblocksPlatform::getTranslationService(); @($email = DevblocksPlatform::importGPC($_REQUEST['email'], 'string')); $worker = null; $results = DAO_Worker::getWhere(sprintf("%s = %s", DAO_Worker::EMAIL, Ps_ORMHelper::qstr($email))); if (!empty($results)) { $worker = array_shift($results); } if (empty($email) || empty($worker)) { return; } $_SESSION[self::KEY_FORGOT_EMAIL] = $email; try { $code = PortSensorApplication::generatePassword(10); $_SESSION[self::KEY_FORGOT_SENTCODE] = $code; $to = $email; $subject = $translate->_('login.forgot.mail.subject'); $body = vsprintf($translate->_('login.forgot.mail.body'), $code); PortSensorMail::quickSend($to, $subject, $body); } catch (Exception $e) { DevblocksPlatform::redirect(new DevblocksHttpResponse(array('login', 'forgot', 'step1', 'failed'))); } DevblocksPlatform::redirect(new DevblocksHttpResponse(array('login', 'forgot', 'step2'))); }