예제 #1
0
 public function execute()
 {
     $tp = SJB_System::getTemplateProcessor();
     $errors = array();
     $activated = SJB_Request::getVar('account_activated', '') == 'yes';
     if (SJB_Request::getVar('returnToShoppingCart', false)) {
         SJB_Session::setValue('fromAnonymousShoppingCart', 1);
     }
     if (!$activated) {
         if (!isset($_REQUEST['username'], $_REQUEST['activation_key'])) {
             $errors['PARAMETERS_MISSED'] = 1;
         } elseif (!($userInfo = SJB_UserManager::getUserInfoByUserName($_REQUEST['username']))) {
             $errors['USER_NOT_FOUND'] = 1;
         } elseif ($userInfo['activation_key'] != $_REQUEST['activation_key']) {
             $errors['INVALID_ACTIVATION_KEY'] = true;
         } elseif ($userInfo['approval'] == 'Rejected') {
             SJB_UserDBManager::deleteActivationKeyByUsername($_REQUEST['username']);
             SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/system/users/activate_account/?account_activated=no&approval_status=Rejected');
         } else {
             if (SJB_UserManager::activateUserByUserName($_REQUEST['username'])) {
                 SJB_UserDBManager::deleteActivationKeyByUsername($_REQUEST['username']);
                 if (!SJB_Authorization::isUserLoggedIn()) {
                     SJB_Authorization::login($_REQUEST['username'], false, false, $errors, true, true);
                     if (!SJB_SocialPlugin::getProfileSocialID($userInfo['sid'])) {
                         SJB_Notifications::sendUserWelcomeLetter($userInfo['sid']);
                     }
                     $requireApprove = SJB_UserGroupManager::isApproveByAdmin($userInfo['user_group_sid']);
                     if ($requireApprove && !empty($userInfo['approval'])) {
                         $approvalStatus = $userInfo['approval'];
                     } else {
                         $userGroupInfo = SJB_UserGroupManager::getUserGroupInfoBySID($userInfo['user_group_sid']);
                         $pageId = !empty($userGroupInfo['after_registration_redirect_to']) ? $userGroupInfo['after_registration_redirect_to'] : '';
                         $redirectUrl = SJB_UserGroupManager::getRedirectUrlByPageID($pageId);
                         SJB_HelperFunctions::redirect($redirectUrl . 'account_activated=yes');
                     }
                 }
                 $activated = 1;
             } else {
                 $errors['CANNOT_ACTIVATE'] = TRUE;
             }
         }
     }
     $tp->assign('activated', $activated);
     $tp->assign('errors', $errors);
     $tp->assign('approvalStatus', !empty($approvalStatus) ? $approvalStatus : SJB_Request::getVar('approval_status', ''));
     $tp->assign('isLoggedIn', SJB_Authorization::isUserLoggedIn());
     $tp->display('activate_account.tpl');
 }
예제 #2
0
function login_sjb(&$username, &$user_data)
{
    global $phpbb_root_path, $db, $user, $config, $cache, $phpEx;
    define('LOGIN_PHPBB', true);
    //set define to allow to check for recursivity
    $password = is_array($user_data) ? $user_data['password'] : $user_data;
    $status = null;
    if (!$password) {
        return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', 'user_row' => array('user_id' => ANONYMOUS));
    }
    if (!$username) {
        return array('status' => LOGIN_ERROR_USERNAME, 'error_msg' => 'LOGIN_ERROR_USERNAME', 'user_row' => array('user_id' => ANONYMOUS));
    }
    $sql = 'DESCRIBE ' . USERS_TABLE . ' login_name';
    $result = $db->sql_query($sql);
    $has_login_name = $db->sql_fetchrow();
    $db->sql_freeresult($result);
    if (!empty($has_login_name)) {
        $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type, login_name
			FROM ' . USERS_TABLE . "\n\t\t\tWHERE login_name = '" . $db->sql_escape($username) . "'";
    } else {
        $sql = 'SELECT user_id, username, user_password, user_passchg, user_email, user_type
			FROM ' . USERS_TABLE . "\n\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
    }
    $result = $db->sql_query($sql);
    $row = $db->sql_fetchrow($result);
    $db->sql_freeresult($result);
    if ($row) {
        // User inactive...
        if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) {
            return array('status' => LOGIN_ERROR_ACTIVE, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
        }
        $status = LOGIN_SUCCESS;
    }
    $dir = getcwd();
    loadSJB();
    //get the sjb user
    $errors = array();
    $logged_in = SJB_Authorization::login($username, $password, false, $errors, false);
    // user not in phpbb3 db, but is in sjb
    $userInfo = SJB_UserDBManager::getUserInfoByUserName($username);
    chdir($dir);
    if ($row && $userInfo) {
        if (!$logged_in && phpbb_check_hash($password, $row['user_password'])) {
            if (SJB_UserManager::changeUserPassword($userInfo['sid'], $password)) {
                $errors = array();
            }
            $logged_in = SJB_Authorization::login($username, $password, false, $errors, false);
        } elseif ($logged_in && !phpbb_check_hash($password, $row['user_password'])) {
            $sql_ary = array('user_actkey' => '', 'user_password' => phpbb_hash($password), 'user_newpasswd' => '', 'user_pass_convert' => 0, 'user_login_attempts' => 0);
            $sql = 'UPDATE ' . USERS_TABLE . '
				SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
				WHERE user_id = ' . $row['user_id'];
            $db->sql_query($sql);
        }
    } elseif (!$row && $userInfo) {
        // retrieve default group id
        $sql = 'SELECT group_id
				FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_name = '" . $db->sql_escape('REGISTERED') . "'\n\t\t\t\tAND group_type = " . GROUP_SPECIAL;
        $result = $db->sql_query($sql);
        $group = $db->sql_fetchrow($result);
        $db->sql_freeresult($result);
        if (!$group) {
            trigger_error('NO_GROUP');
        }
        // generate user account data
        $row = array('username' => $username, 'user_password' => phpbb_hash($password), 'user_email' => $userInfo['email'], 'group_id' => $group['group_id'], 'user_type' => (string) USER_NORMAL);
        if (!empty($has_login_name)) {
            $row['username'] = $userInfo['username'];
            $row['login_name'] = $username;
        }
        $status = LOGIN_SUCCESS_CREATE_PROFILE;
    } elseif ($row && !$userInfo && isset($errors['NO_SUCH_USER'])) {
        if (phpbb_check_hash($password, $row['user_password'])) {
            $errors = array();
        }
    }
    if (isset($errors['INVALID_PASSWORD'])) {
        return array('status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'LOGIN_ERROR_PASSWORD', 'user_row' => array('user_id' => ANONYMOUS));
    } elseif (isset($errors['USER_NOT_ACTIVE'])) {
        return array('status' => LOGIN_ERROR_ACTIVE, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
    } elseif (isset($errors['BANNED_USER'])) {
        define('IN_CHECK_BAN', 1);
        return array('status' => BAN_TRIGGERED_BY_IP, 'error_msg' => 'BAN_TRIGGERED_BY_IP', 'user_row' => $row);
    } elseif ($errors) {
        return array('status' => $errors, 'error_msg' => 'ACTIVE_ERROR', 'user_row' => $row);
    }
    // Successful login... set user_login_attempts to zero...
    return array('status' => $status, 'error_msg' => false, 'user_row' => $row);
}
예제 #3
0
 public static function getUserSIDsLikeFirstNameOrLastName($name)
 {
     return SJB_UserDBManager::getUserSidsLikeFirstNameOrLastName($name);
 }
예제 #4
0
파일: users.php 프로젝트: Maxlander/shixi
 public function execute()
 {
     $tp = SJB_System::getTemplateProcessor();
     $template = SJB_Request::getVar('template', 'users.tpl');
     $searchTemplate = SJB_Request::getVar('search_template', 'user_search_form.tpl');
     $passedParametersViaUri = SJB_UrlParamProvider::getParams();
     $userGroupID = $passedParametersViaUri ? array_shift($passedParametersViaUri) : false;
     $userGroupSID = $userGroupID ? SJB_UserGroupManager::getUserGroupSIDByID($userGroupID) : null;
     $errors = array();
     /********** A C T I O N S   W I T H   U S E R S **********/
     $action = SJB_Request::getVar('action_name');
     if (!empty($action)) {
         $users_sids = SJB_Request::getVar('users', array());
         $_REQUEST['restore'] = 1;
         switch ($action) {
             case 'approve':
                 foreach ($users_sids as $user_sid => $value) {
                     $username = SJB_UserManager::getUserNameByUserSID($user_sid);
                     SJB_UserManager::setApprovalStatusByUserName($username, 'Approved');
                     SJB_UserManager::activateUserByUserName($username);
                     SJB_UserDBManager::deleteActivationKeyByUsername($username);
                     if (!SJB_SocialPlugin::getProfileSocialID($user_sid)) {
                         SJB_Notifications::sendUserWelcomeLetter($user_sid);
                     } else {
                         SJB_Notifications::sendUserApprovedLetter($user_sid);
                     }
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'reject':
                 $rejection_reason = SJB_Request::getVar('rejection_reason', '');
                 foreach ($users_sids as $user_sid => $value) {
                     $username = SJB_UserManager::getUserNameByUserSID($user_sid);
                     SJB_UserManager::setApprovalStatusByUserName($username, 'Rejected', $rejection_reason);
                     SJB_UserManager::deactivateUserByUserName($username);
                     SJB_Notifications::sendUserRejectedLetter($user_sid);
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'activate':
                 foreach ($users_sids as $user_sid => $value) {
                     $username = SJB_UserManager::getUserNameByUserSID($user_sid);
                     $userinfo = SJB_UserManager::getUserInfoByUserName($username);
                     SJB_UserManager::activateUserByUserName($username);
                     if ($userinfo['approval'] == 'Approved') {
                         SJB_UserDBManager::deleteActivationKeyByUsername($username);
                         SJB_Notifications::sendUserApprovedLetter($user_sid);
                     }
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'deactivate':
                 foreach ($users_sids as $user_sid => $value) {
                     $username = SJB_UserManager::getUserNameByUserSID($user_sid);
                     SJB_UserManager::deactivateUserByUserName($username);
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'delete':
                 foreach (array_keys($users_sids) as $user_sid) {
                     try {
                         SJB_UserManager::deleteUserById($user_sid);
                     } catch (Exception $e) {
                         $errors[] = $e->getMessage();
                     }
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'send_activation_letter':
                 foreach ($users_sids as $user_sid => $value) {
                     SJB_Notifications::sendUserActivationLetter($user_sid);
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'change_product':
                 $productToChange = SJB_Request::getVar('product_to_change');
                 if (empty($productToChange)) {
                     $productToChange = 0;
                 }
                 foreach ($users_sids as $user_sid => $value) {
                     $user = SJB_UserManager::getObjectBySID($user_sid);
                     // UNSUBSCRIBE selected
                     if ($productToChange == 0) {
                         SJB_ContractManager::deleteAllContractsByUserSID($user_sid);
                     } else {
                         $productInfo = SJB_ProductsManager::getProductInfoBySID($productToChange);
                         $listingNumber = SJB_Request::getVar('number_of_listings', null);
                         if (is_null($listingNumber) && !empty($productInfo['number_of_listings'])) {
                             $listingNumber = $productInfo['number_of_listings'];
                         }
                         $contract = new SJB_Contract(array('product_sid' => $productToChange, 'numberOfListings' => $listingNumber, 'is_recurring' => 0));
                         $contract->setUserSID($user_sid);
                         $contract->saveInDB();
                         if ($contract->isFeaturedProfile()) {
                             SJB_UserManager::makeFeaturedBySID($user_sid);
                         }
                     }
                 }
                 SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 break;
             case 'ban_ip':
                 $cantBanUsers = array();
                 foreach ($users_sids as $user_sid => $value) {
                     $user = SJB_UserManager::getUserInfoBySID($user_sid);
                     if ($user['ip'] && !SJB_IPManager::getBannedIPByValue($user['ip'])) {
                         SJB_IPManager::makeIPBanned($user['ip']);
                     } else {
                         $cantBanUsers[] = $user['username'];
                     }
                 }
                 if ($cantBanUsers) {
                     $tp->assign('cantBanUsers', $cantBanUsers);
                 } else {
                     SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 }
                 break;
             case 'unban_ip':
                 $cantUnbanIPs = array();
                 foreach ($users_sids as $user_sid => $value) {
                     $user = SJB_UserManager::getUserInfoBySID($user_sid);
                     if ($user['ip'] !== '') {
                         if (SJB_IPManager::getBannedIPByValue($user['ip'])) {
                             SJB_IPManager::makeIPEnabledByValue($user['ip']);
                         } elseif (SJB_UserManager::checkBan($errors, $user['ip'])) {
                             $cantUnbanIPs[] = $user['ip'];
                         }
                     }
                 }
                 if ($cantUnbanIPs) {
                     $tp->assign('rangeIPs', $cantUnbanIPs);
                 } else {
                     SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
                 }
                 break;
             default:
                 unset($_REQUEST['restore']);
                 break;
         }
         if (empty($errors)) {
             SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . SJB_Navigator::getURI());
         }
     }
     /***************************************************************/
     $_REQUEST['action'] = 'search';
     $user = new SJB_User(array(), $userGroupSID);
     $user->addProperty(array('id' => 'user_group', 'type' => 'list', 'value' => '', 'is_system' => true, 'list_values' => SJB_UserGroupManager::getAllUserGroupsIDsAndCaptions()));
     $user->addProperty(array('id' => 'registration_date', 'type' => 'date', 'value' => '', 'is_system' => true));
     $user->addProperty(array('id' => 'approval', 'caption' => 'Approval', 'type' => 'list', 'list_values' => array(array('id' => 'Pending', 'caption' => 'Pending'), array('id' => 'Approved', 'caption' => 'Approved'), array('id' => 'Rejected', 'caption' => 'Rejected')), 'length' => '10', 'is_required' => false, 'is_system' => true));
     // get array of accessible products
     $productsSIDs = SJB_ProductsManager::getProductsIDsByUserGroupSID($userGroupSID);
     $products = array();
     foreach ($productsSIDs as $key => $productSID) {
         $product = SJB_ProductsManager::getProductInfoBySID($productSID);
         $products[$key] = $product;
         if (!empty($product['pricing_type']) && $product['pricing_type'] == 'volume_based' && !empty($product['volume_based_pricing'])) {
             $volumeBasedPricing = $product['volume_based_pricing'];
             $minListings = min($volumeBasedPricing['listings_range_from']);
             $maxListings = max($volumeBasedPricing['listings_range_to']);
             $countListings = array();
             for ($i = $minListings; $i <= $maxListings; $i++) {
                 $countListings[] = $i;
             }
             $products[$key]['count_listings'] = $countListings;
         }
     }
     $user->addProperty(array('id' => 'product', 'type' => 'list', 'value' => '', 'list_values' => $products, 'is_system' => true));
     $aliases = new SJB_PropertyAliases();
     $aliases->addAlias(array('id' => 'user_group', 'real_id' => 'user_group_sid', 'transform_function' => 'SJB_UserGroupManager::getUserGroupSIDByID'));
     $aliases->addAlias(array('id' => 'product', 'real_id' => 'product_sid'));
     $_REQUEST['user_group']['equal'] = $userGroupSID;
     $search_form_builder = new SJB_SearchFormBuilder($user);
     $criteria_saver = new SJB_UserCriteriaSaver();
     if (isset($_REQUEST['restore'])) {
         $_REQUEST = array_merge($_REQUEST, $criteria_saver->getCriteria());
     }
     $criteria = $search_form_builder->extractCriteriaFromRequestData($_REQUEST, $user);
     $search_form_builder->setCriteria($criteria);
     $search_form_builder->registerTags($tp);
     $userGroupInfo = SJB_UserGroupManager::getUserGroupInfoBySID($userGroupSID);
     if (SJB_Request::getVar('online', '') == '1') {
         $tp->assign("online", true);
     }
     $tp->assign('userGroupInfo', $userGroupInfo);
     $tp->assign('products', $products);
     $tp->assign('selectedProduct', isset($_REQUEST['product']['simple_equal']) ? $_REQUEST['product']['simple_equal'] : '');
     $tp->display($searchTemplate);
     /********************** S O R T I N G *********************/
     $paginator = new SJB_UsersPagination($userGroupInfo, SJB_Request::getVar('online', ''), $template);
     $firstLastName = '';
     if (!empty($_REQUEST['FirstName']['equal'])) {
         $name['FirstName']['any_words'] = $name['LastName']['any_words'] = $_REQUEST['FirstName']['equal'];
         $firstLastName = $_REQUEST['FirstName'];
         unset($_REQUEST['FirstName']);
         $_REQUEST['FirstName']['fields_or'] = $name;
     }
     $criteria = $search_form_builder->extractCriteriaFromRequestData($_REQUEST, $user);
     $inner_join = false;
     // if search by product field
     if (isset($_REQUEST['product']['simple_equal']) && $_REQUEST['product']['simple_equal'] != '') {
         $inner_join = array('contracts' => array('join_field' => 'user_sid', 'join_field2' => 'sid', 'join' => 'INNER JOIN'));
     }
     if (SJB_Request::getVar('online', '') == '1') {
         $maxLifeTime = ini_get("session.gc_maxlifetime");
         $currentTime = time();
         $innerJoinOnline = array('user_session_data_storage' => array('join_field' => 'user_sid', 'join_field2' => 'sid', 'select_field' => 'session_id', 'join' => 'INNER JOIN', 'where' => "AND unix_timestamp(`user_session_data_storage`.`last_activity`) + {$maxLifeTime} > {$currentTime}"));
         if ($inner_join) {
             $inner_join = array_merge($inner_join, $innerJoinOnline);
         } else {
             $inner_join = $innerJoinOnline;
         }
     }
     $searcher = new SJB_UserSearcher(array('limit' => ($paginator->currentPage - 1) * $paginator->itemsPerPage, 'num_rows' => $paginator->itemsPerPage), $paginator->sortingField, $paginator->sortingOrder, $inner_join);
     $found_users = array();
     $found_users_sids = array();
     if (SJB_Request::getVar('action', '') == 'search') {
         $found_users = $searcher->getObjectsSIDsByCriteria($criteria, $aliases);
         $criteria_saver->setSession($_REQUEST, $searcher->getFoundObjectSIDs());
     } elseif (isset($_REQUEST['restore'])) {
         $found_users = $criteria_saver->getObjectsFromSession();
     }
     foreach ($found_users as $id => $userID) {
         $user_info = SJB_UserManager::getUserInfoBySID($userID);
         $contractInfo = SJB_ContractManager::getAllContractsInfoByUserSID($user_info['sid']);
         $user_info['products'] = count($contractInfo);
         $found_users[$id] = $user_info;
     }
     $paginator->setItemsCount($searcher->getAffectedRows());
     $sorted_found_users_sids = $found_users_sids;
     /****************************************************************/
     $tp->assign("userGroupInfo", $userGroupInfo);
     $tp->assign("found_users", $found_users);
     $searchFields = '';
     foreach ($_REQUEST as $key => $val) {
         if (is_array($val)) {
             foreach ($val as $fieldName => $fieldValue) {
                 if (is_array($fieldValue)) {
                     foreach ($fieldValue as $fieldSubName => $fieldSubValue) {
                         $searchFields .= "&{$key}[{$fieldSubName}]=" . array_pop($fieldSubValue);
                     }
                 } else {
                     $searchFields .= "&{$key}[{$fieldName}]={$fieldValue}";
                 }
             }
         }
     }
     $tp->assign('paginationInfo', $paginator->getPaginationInfo());
     $tp->assign("searchFields", $searchFields);
     $tp->assign("found_users_sids", $sorted_found_users_sids);
     $tp->assign('errors', $errors);
     $tp->display($template);
 }